Пример #1
0
        public X509Crl(
            CertificateList c)
        {
            this.c = c;

            try
            {
                this.sigAlgName = X509SignatureUtilities.GetSignatureName(c.SignatureAlgorithm);

                if (c.SignatureAlgorithm.Parameters != null)
                {
                    this.sigAlgParams = ((Asn1Encodable)c.SignatureAlgorithm.Parameters).GetDerEncoded();
                }
                else
                {
                    this.sigAlgParams = null;
                }

                this.isIndirect = IsIndirectCrl;
            }
            catch (Exception e)
            {
                throw new CrlException("CRL contents invalid: " + e);
            }
        }
Пример #2
0
        public virtual void Verify(AsymmetricKeyParameter key)
        {
            string  signatureName = X509SignatureUtilities.GetSignatureName(c.SignatureAlgorithm);
            ISigner signer        = SignerUtilities.GetSigner(signatureName);

            CheckSignature(key, signer);
        }
Пример #3
0
        protected virtual void CheckSignature(AsymmetricKeyParameter publicKey, ISigner signature)
        {
            if (!IsAlgIDEqual(c.SignatureAlgorithm, c.TbsCertificate.Signature))
            {
                throw new CertificateException("signature algorithm in TBS cert not same as outer cert");
            }
            Asn1Encodable parameters = c.SignatureAlgorithm.Parameters;

            X509SignatureUtilities.SetSignatureParameters(signature, parameters);
            signature.Init(forSigning: false, publicKey);
            byte[] tbsCertificate = GetTbsCertificate();
            signature.BlockUpdate(tbsCertificate, 0, tbsCertificate.Length);
            byte[] signature2 = GetSignature();
            if (!signature.VerifySignature(signature2))
            {
                throw new InvalidKeyException("Public key presented not for certificate signature");
            }
        }
Пример #4
0
        internal static string GetSignatureName(AlgorithmIdentifier sigAlgId)
        {
            Asn1Encodable parameters = sigAlgId.Parameters;

            if (parameters != null && !X509SignatureUtilities.derNull.Equals(parameters))
            {
                if (sigAlgId.ObjectID.Equals(PkcsObjectIdentifiers.IdRsassaPss))
                {
                    RsassaPssParameters instance = RsassaPssParameters.GetInstance(parameters);
                    return(X509SignatureUtilities.GetDigestAlgName(instance.HashAlgorithm.ObjectID) + "withRSAandMGF1");
                }
                if (sigAlgId.ObjectID.Equals(X9ObjectIdentifiers.ECDsaWithSha2))
                {
                    Asn1Sequence instance2 = Asn1Sequence.GetInstance(parameters);
                    return(X509SignatureUtilities.GetDigestAlgName((DerObjectIdentifier)instance2[0]) + "withECDSA");
                }
            }
            return(sigAlgId.ObjectID.Id);
        }
        public X509Crl(
            CertificateList c)
        {
            this.c = c;

            try
            {
                this.sigAlgName = X509SignatureUtilities.GetSignatureName(c.SignatureAlgorithm);

                Asn1Encodable parameters = c.SignatureAlgorithm.Parameters;
                this.sigAlgParams = (null == parameters) ? null : parameters.GetEncoded(Asn1Encodable.Der);

                this.isIndirect = IsIndirectCrl;
            }
            catch (Exception e)
            {
                throw new CrlException("CRL contents invalid: " + e);
            }
        }
Пример #6
0
 public X509Crl(CertificateList c)
 {
     this.c = c;
     try
     {
         sigAlgName = X509SignatureUtilities.GetSignatureName(c.SignatureAlgorithm);
         if (c.SignatureAlgorithm.Parameters != null)
         {
             sigAlgParams = c.SignatureAlgorithm.Parameters.GetDerEncoded();
         }
         else
         {
             sigAlgParams = null;
         }
         isIndirect = IsIndirectCrl;
     }
     catch (global::System.Exception ex)
     {
         throw new CrlException(string.Concat((object)"CRL contents invalid: ", (object)ex));
     }
 }
Пример #7
0
 public X509Crl(CertificateList c)
 {
     this.c = c;
     try
     {
         sigAlgName = X509SignatureUtilities.GetSignatureName(c.SignatureAlgorithm);
         if (c.SignatureAlgorithm.Parameters != null)
         {
             sigAlgParams = c.SignatureAlgorithm.Parameters.GetDerEncoded();
         }
         else
         {
             sigAlgParams = null;
         }
         isIndirect = IsIndirectCrl;
     }
     catch (Exception arg)
     {
         throw new CrlException("CRL contents invalid: " + arg);
         IL_0073 :;
     }
 }
Пример #8
0
        public X509Certificate(
            X509CertificateStructure c)
        {
            this.c = c;

            try
            {
                this.sigAlgName = X509SignatureUtilities.GetSignatureName(c.SignatureAlgorithm);

                Asn1Encodable parameters = c.SignatureAlgorithm.Parameters;
                this.sigAlgParams = (null == parameters) ? null : parameters.GetEncoded(Asn1Encodable.Der);
            }
            catch (Exception e)
            {
                throw new CrlException("Certificate contents invalid: " + e);
            }

            try
            {
                Asn1OctetString str = this.GetExtensionValue(new DerObjectIdentifier("2.5.29.19"));

                if (str != null)
                {
                    basicConstraints = BasicConstraints.GetInstance(
                        X509ExtensionUtilities.FromExtensionValue(str));
                }
            }
            catch (Exception e)
            {
                throw new CertificateParsingException("cannot construct BasicConstraints: " + e);
            }

            try
            {
                Asn1OctetString str = this.GetExtensionValue(new DerObjectIdentifier("2.5.29.15"));

                if (str != null)
                {
                    DerBitString bits = DerBitString.GetInstance(
                        X509ExtensionUtilities.FromExtensionValue(str));

                    byte[] bytes  = bits.GetBytes();
                    int    length = (bytes.Length * 8) - bits.PadBits;

                    keyUsage = new bool[(length < 9) ? 9 : length];

                    for (int i = 0; i != length; i++)
                    {
//						keyUsage[i] = (bytes[i / 8] & (0x80 >>> (i % 8))) != 0;
                        keyUsage[i] = (bytes[i / 8] & (0x80 >> (i % 8))) != 0;
                    }
                }
                else
                {
                    keyUsage = null;
                }
            }
            catch (Exception e)
            {
                throw new CertificateParsingException("cannot construct KeyUsage: " + e);
            }
        }