Пример #1
0
        public OcspReq Generate(
            string signingAlgorithm,
            AsymmetricKeyParameter privateKey,
            X509Certificate[]               chain,
            SecureRandom random)
        {
            if (signingAlgorithm == null)
            {
                throw new ArgumentException("no signing algorithm specified");
            }

            try
            {
                DerObjectIdentifier oid = OcspUtilities.GetAlgorithmOid(signingAlgorithm);

                return(GenerateRequest(oid, privateKey, chain, random));
            }
            catch (ArgumentException)
            {
                throw new ArgumentException("unknown signing algorithm specified: " + signingAlgorithm);
            }
        }
Пример #2
0
        private BasicOcspResp GenerateResponse(
            string signatureName,
            AsymmetricKeyParameter privateKey,
            X509Certificate[]               chain,
            DateTime producedAt,
            SecureRandom random)
        {
            DerObjectIdentifier signingAlgorithm;

            try
            {
                signingAlgorithm = OcspUtilities.GetAlgorithmOid(signatureName);
            }
            catch (Exception e)
            {
                throw new ArgumentException("unknown signing algorithm specified", e);
            }

            Asn1EncodableVector responses = new Asn1EncodableVector();

            foreach (ResponseObject respObj in list)
            {
                try
                {
                    responses.Add(respObj.ToResponse());
                }
                catch (Exception e)
                {
                    throw new OcspException("exception creating Request", e);
                }
            }

            ResponseData tbsResp = new ResponseData(responderID.ToAsn1Object(), new DerGeneralizedTime(producedAt), new DerSequence(responses), responseExtensions);

            ISigner sig = null;

            try
            {
                sig = SignerUtilities.GetSigner(signatureName);

                if (random != null)
                {
                    sig.Init(true, new ParametersWithRandom(privateKey, random));
                }
                else
                {
                    sig.Init(true, privateKey);
                }
            }
            catch (Exception e)
            {
                throw new OcspException("exception creating signature: " + e, e);
            }

            DerBitString bitSig = null;

            try
            {
                byte[] encoded = tbsResp.GetDerEncoded();
                sig.BlockUpdate(encoded, 0, encoded.Length);

                bitSig = new DerBitString(sig.GenerateSignature());
            }
            catch (Exception e)
            {
                throw new OcspException("exception processing TBSRequest: " + e, e);
            }

            AlgorithmIdentifier sigAlgId = OcspUtilities.GetSigAlgID(signingAlgorithm);

            DerSequence chainSeq = null;

            if (chain != null && chain.Length > 0)
            {
                Asn1EncodableVector v = new Asn1EncodableVector();
                try
                {
                    for (int i = 0; i != chain.Length; i++)
                    {
                        v.Add(
                            X509CertificateStructure.GetInstance(
                                Asn1Object.FromByteArray(chain[i].GetEncoded())));
                    }
                }
                catch (IOException e)
                {
                    throw new OcspException("error processing certs", e);
                }
                catch (CertificateEncodingException e)
                {
                    throw new OcspException("error encoding certs", e);
                }

                chainSeq = new DerSequence(v);
            }

            return(new BasicOcspResp(new BasicOcspResponse(tbsResp, sigAlgId, bitSig, chainSeq)));
        }