void m_decode(Byte[] rawData)
{
Asn1Reader asn = new Asn1Reader(rawData);
if (asn.Tag != 48)
{
throw new Asn1InvalidTagException(asn.Offset);
}
asn.MoveNext();
IncludedComponents = AuthorityKeyIdentifierFlags.None;
do
{
switch (asn.Tag)
{
case 0x80:
KeyIdentifier = AsnFormatter.BinaryToString(asn.GetPayload(), EncodingType.HexRaw, EncodingFormat.NOCRLF);
IncludedComponents |= AuthorityKeyIdentifierFlags.KeyIdentifier;
break;
case 0xa1:
IssuerNames = new X509AlternativeNameCollection();
var bytes = Asn1Utils.Encode(asn.GetPayload(), 48);
IssuerNames.Decode(bytes);
IssuerNames.Close();
IncludedComponents |= AuthorityKeyIdentifierFlags.AlternativeNames;
break;
case 0x82:
SerialNumber = AsnFormatter.BinaryToString(asn.GetPayload());
IncludedComponents |= AuthorityKeyIdentifierFlags.SerialNumber;
break;
}
} while (asn.MoveNextCurrentLevel());
}
void initializeAsn1(Byte[] bytes)
{
switch (PropertyName)
{
case X509CertificatePropertyType.EnhancedKeyUsage:
UnderlyingType = typeof(X509EnhancedKeyUsageExtension);
AsnEncodedData asn = new AsnEncodedData(bytes);
PropertyValue = new X509EnhancedKeyUsageExtension(asn, false);
break;
case X509CertificatePropertyType.RootProgramCertificatePolicies:
UnderlyingType = typeof(X509CertificatePoliciesExtension);
PropertyValue = new X509CertificatePoliciesExtension(bytes, false);
break;
case X509CertificatePropertyType.OcspResponse:
UnderlyingType = typeof(OCSPResponse);
PropertyValue = new OCSPResponse(bytes);
break;
case X509CertificatePropertyType.CrossCertificateDistributionPoints:
case X509CertificatePropertyType.CTLNextUpdateLocation:
UnderlyingType = typeof(X509AlternativeNameCollection);
PropertyValue = new X509AlternativeNameCollection();
((X509AlternativeNameCollection)PropertyValue).Decode(bytes);
((X509AlternativeNameCollection)PropertyValue).Close();
break;
}
}
void m_decode(Byte[] rawData)
{
CrossCertDistributionPoints = new X509AlternativeNameCollection();
Asn1Reader asn = new Asn1Reader(rawData);
if (asn.Tag != 48)
{
throw new ArgumentException("The data is invalid");
}
asn.MoveNext();
if (asn.Tag == (Byte)Asn1Type.INTEGER)
{
DeltaSyncTimeInSeconds = (Int32)Asn1Utils.DecodeInteger(asn.GetTagRawData());
asn.MoveNext();
}
asn.MoveNext();
do
{
var altNames = new X509AlternativeNameCollection();
altNames.Decode(asn.GetTagRawData());
CrossCertDistributionPoints.AddRange(altNames);
} while (asn.MoveNextCurrentLevel());
CrossCertDistributionPoints.Close();
}
/// <summary>
/// Intitializes a new instance of <strong>X509NameConstraintsExtension</strong> class from
/// a collection of explicitly permitted and excluded subtrees. Name Constraints extension is
/// always marked critical.
/// </summary>
/// <exception cref="ArgumentException">
/// <strong>permittedSubtree</strong> and <strong>excludedSubtree</strong> parameters are null;
/// </exception>
/// <param name="permittedSubtree">A collection of explicitly permitted names and name patterns.</param>
/// <param name="excludedSubtree">A collection of explicitly disallowed names and name patterns.</param>
/// <remarks>Each subtree alone is optional. However, at least one subtree must be provided.</remarks>
public X509NameConstraintsExtension(X509AlternativeNameCollection permittedSubtree, X509AlternativeNameCollection excludedSubtree)
{
if (permittedSubtree == null && excludedSubtree == null)
{
throw new ArgumentException("Both, 'permittedSubtree' and 'excludedSubtree' cannot be null.");
}
m_initialize(permittedSubtree, excludedSubtree);
}
/// <summary>
/// Initializes a new instance of the <strong>X509SubjectAlternativeNamesExtension</strong> class using a
/// collection of alternative names and a value that identifies whether the extension is critical.
/// </summary>
/// <param name="altNames">A collection of alternative name objects.</param>
/// <param name="critical">
/// <strong>True</strong> if the extension is critical; otherwise, <strong>False</strong>.
/// </param>
public X509SubjectAlternativeNamesExtension(X509AlternativeNameCollection altNames, Boolean critical)
{
if (altNames.Count == 0)
{
throw new ArgumentException("Empty arrays are not supported.");
}
m_initizlize(altNames, critical);
}
static X509AlternativeNameCollection decodeNamesFromAsn(Byte[] rawData)
{
X509AlternativeNameCollection altNames = new X509AlternativeNameCollection();
Asn1Reader asn = new Asn1Reader(rawData);
asn.MoveNext();
do
{
altNames.Add(new X509AlternativeName(asn.GetPayload()));
} while (asn.MoveNextCurrentLevel());
altNames.Close();
return(altNames);
}
void m_encode(Uri[] uris)
{
X509AlternativeNameCollection altnames = new X509AlternativeNameCollection();
foreach (Uri uri in uris)
{
altnames.Add(new X509AlternativeName(X509AlternativeNamesEnum.URL, uri.AbsoluteUri));
}
FullName = altnames;
Asn1Reader asn = new Asn1Reader(altnames.Encode());
RawData = Asn1Utils.Encode(asn.GetPayload(), 160);
}
void m_initizlize(X509AlternativeNameCollection altNames, Boolean critical)
{
foreach (X509AlternativeName altName in altNames)
{
if (String.IsNullOrEmpty(altName.Value))
{
throw new ArgumentException($"Empty value for {altName.Type} is not allowed.");
}
}
Critical = critical;
Oid = _oid;
RawData = altNames.Encode();
alternativeNames = altNames;
}
void m_decode(Byte[] rawData)
{
Asn1Reader asn = new Asn1Reader(rawData);
asn.MoveNext();
do
{
switch (asn.Tag)
{
case 0xa0: PermittedSubtree = decodeNamesFromAsn(asn.GetTagRawData()); break;
case 0xa1: ExcludedSubtree = decodeNamesFromAsn(asn.GetTagRawData()); break;
}
} while (asn.MoveNextCurrentLevel());
}
static X509AlternativeNameCollection encodeAltNames(X509AlternativeNameCollection permittedSubtree, List <Byte> rawData, Byte tag)
{
X509AlternativeNameCollection altNames = new X509AlternativeNameCollection();
List <Byte> tempRawData = new List <Byte>();
foreach (X509AlternativeName name in permittedSubtree
.Where(x => x.Type != X509AlternativeNamesEnum.RegisteredId))
{
altNames.Add(name);
tempRawData.AddRange(Asn1Utils.Encode(name.RawData, 48));
}
rawData.AddRange(Asn1Utils.Encode(tempRawData.ToArray(), tag));
altNames.Close();
return(altNames);
}
void m_initialize(X509AlternativeNameCollection permittedSubtree, X509AlternativeNameCollection excludedSubtree)
{
Oid = _oid;
Critical = true;
List <Byte> rawData = new List <Byte>();
if (permittedSubtree != null)
{
PermittedSubtree = encodeAltNames(permittedSubtree, rawData, 0xa0);
}
if (excludedSubtree != null)
{
ExcludedSubtree = encodeAltNames(excludedSubtree, rawData, 0xa1);
}
RawData = Asn1Utils.Encode(rawData.ToArray(), 48);
}
void m_initialize(IEnumerable <String> urls, Int32?syncDeltaTime, Boolean critical)
{
Oid = _oid;
Critical = critical;
DeltaSyncTimeInSeconds = syncDeltaTime;
List <Byte> rawData = new List <Byte>();
if (DeltaSyncTimeInSeconds != null)
{
rawData.AddRange(new Asn1Integer(DeltaSyncTimeInSeconds.Value).RawData);
}
Uri[] uris = urls.Select(url => new Uri(url)).ToArray();
CrossCertDistributionPoints = new X509AlternativeNameCollection();
foreach (Uri url in uris)
{
CrossCertDistributionPoints.Add(new X509AlternativeName(X509AlternativeNamesEnum.URL, url));
}
CrossCertDistributionPoints.Close();
rawData.AddRange(Asn1Utils.Encode(CrossCertDistributionPoints.Encode(), 48));
RawData = rawData.ToArray();
}
void m_decode(Byte[] rawData)
{
Asn1Reader asn = new Asn1Reader(rawData);
asn.MoveNext();
if (asn.PayloadLength == 0)
{
return;
}
do
{
Byte[] altNames;
switch (asn.Tag)
{
case 0xA0:
Asn1Reader distName = new Asn1Reader(asn.GetPayload());
do
{
switch (distName.Tag)
{
case 0xA0:
// full name
altNames = Asn1Utils.Encode(distName.GetPayload(), 48);
FullName = new X509AlternativeNameCollection();
FullName.Decode(altNames);
break;
case 0xA1:
// relative to issuer name
Byte[] relativeName = Asn1Utils.Encode(distName.GetPayload(), 48);
RelativeToIssuerName = new X500DistinguishedName(relativeName);
break;
default:
throw new InvalidDataException("The data is invalid");
}
} while (distName.MoveNextCurrentLevel());
break;
case 0xA1:
// reasons
Asn1BitString bs = new Asn1BitString(asn.GetPayload());
if (bs.Value[0] == 0)
{
Reasons = X509RevocationReasons.Unspecified;
break;
}
Byte mask = 1;
do
{
if ((bs.Value[0] & mask) > 0)
{
switch (mask)
{
case 1: Reasons += (Int32)X509RevocationReasons.AACompromise; break;
case 2: Reasons += (Int32)X509RevocationReasons.PrivilegeWithdrawn; break;
case 4: Reasons += (Int32)X509RevocationReasons.CertificateHold; break;
case 8: Reasons += (Int32)X509RevocationReasons.CeaseOfOperation; break;
case 16: Reasons += (Int32)X509RevocationReasons.Superseded; break;
case 32: Reasons += (Int32)X509RevocationReasons.ChangeOfAffiliation; break;
case 64: Reasons += (Int32)X509RevocationReasons.CACompromise; break;
case 128: Reasons += (Int32)X509RevocationReasons.KeyCompromise; break;
}
}
mask <<= 1;
} while (mask != 128);
break;
case 0xA2:
// crl issuer
altNames = Asn1Utils.Encode(asn.GetPayload(), 48);
CRLIssuer = new X509AlternativeNameCollection();
CRLIssuer.Decode(altNames);
break;
default:
throw new InvalidDataException("The data is invalid.");
}
} while (asn.MoveNextCurrentLevel());
RawData = rawData;
}
internal X509AlternativeNameCollectionEnumerator(X509AlternativeNameCollection entries)
{
_entries = entries;
m_current = -1;
}
