/// <inheritdoc />
public override Byte[] Encode()
{
var builder = new Asn1Builder()
.AddInteger(Version)
.AddDerData(RequestMessage.Encode());
if (PolicyID != null)
{
builder.AddObjectIdentifier(PolicyID);
}
if (UseNonce)
{
nonce = Guid.NewGuid().ToByteArray();
builder.AddInteger(new BigInteger(nonce));
}
else
{
nonce = default;
}
if (RequestCertificates)
{
builder.AddBoolean(RequestCertificates);
}
if (_extensions.Any())
{
builder.AddExplicit(0, Extensions.Encode(), false);
}
return(builder.GetEncoded());
}
/// <summary>
/// Encodes and signs the content using the signer object used in
/// </summary>
/// <returns>
/// An instance of <see cref="PkcsSignerInfo"/> class.
/// </returns>
/// <remarks>
/// Before signing, the method adds two authenticated attributes: content type and message digest. Authenticated attributes are then
/// signed with signer's private key.
/// </remarks>
public PkcsSignerInfo Encode()
{
if (_authAttributes.All(x => x.Oid.Value != MESSAGE_DIGEST))
{
throw new InvalidOperationException();
}
// version
var builder = new Asn1Builder().AddInteger(Version);
// signerIdentifier
builder.AddDerData(signerCert.Encode());
// digestAlgorithm
builder.AddDerData(hashAlgId.RawData);
// authenticatedAttributes
if (_authAttributes.Any())
{
builder.AddExplicit(0, _authAttributes.Encode(), false);
}
// digestEncryptionAlgorithm
builder.AddDerData(pubKeyAlgId.RawData);
// encryptedDigest
builder.AddOctetString(hashValue);
// unauthenticatedAttributes
if (_unauthAttributes.Any())
{
builder.AddExplicit(1, UnauthenticatedAttributes.Encode(), false);
}
// wrap
return(new PkcsSignerInfo(builder.GetEncoded()));
}
Byte[] encodeSignedData()
{
var builder = new Asn1Builder()
.AddInteger(Version)
.AddDerData(DigestAlgorithms.Encode())
.AddDerData(encodeContentInfo());
// certificates
if (Certificates.Count > 0)
{
builder.AddExplicit(0, Certificates.Encode(), false);
}
// CRLs
if (RevocationLists.Count > 0)
{
var crlBytes = new List <Byte>();
foreach (X509CRL2 crl in RevocationLists)
{
crlBytes.AddRange(crl.RawData);
}
builder.AddExplicit(1, crlBytes.ToArray(), false);
}
builder.AddDerData(SignerInfos.Encode());
return(builder.GetEncoded());
}
/// <summary>
/// Encodes current object to a ASN.1-encoded byte array.
/// </summary>
/// <returns>ASN.1-encoded byte array.</returns>
/// <remarks>
/// Explicit notice text is always encoded as a <strong>BMPString</strong>.
/// <para>Notice reference is encoded in the following sequence: attempts to encode a string as a
/// <strong>VisibleString</strong> and then as a <strong>BMPString</strong> if <strong>VisibleString</strong> fails.</para>
/// </remarks>
public Byte[] Encode()
{
switch (Type)
{
case X509PolicyQualifierType.CpsUrl:
if (String.IsNullOrEmpty(PolicyUrl.AbsoluteUri))
{
throw new UninitializedObjectException();
}
return(new Asn1Builder()
.AddObjectIdentifier(new Oid("1.3.6.1.5.5.7.2.1"))
.AddIA5String(PolicyUrl.AbsoluteUri)
.GetEncoded());
case X509PolicyQualifierType.UserNotice:
var refBuilder = new Asn1Builder();
if (!String.IsNullOrEmpty(NoticeReference))
{
refBuilder.AddDerData(EncodeString(NoticeReference).ToArray())
.AddSequence(x => x.AddInteger(NoticeNumber))
.Encode();
}
if (!String.IsNullOrEmpty(NoticeText))
{
refBuilder.AddUTF8String(NoticeText);
}
return(new Asn1Builder()
.AddObjectIdentifier(new Oid("1.3.6.1.5.5.7.2.2"))
.AddSequence(refBuilder.GetEncoded())
.GetEncoded());
default: throw new UninitializedObjectException();
}
}
void initialize(IdentityReference sid)
{
SecurityIdentifier = sid.Value;
Byte[] sidBytes = Encoding.ASCII.GetBytes(SecurityIdentifier);
RawData = Asn1Builder.Create()
.AddExplicit(0, x => {
x.AddObjectIdentifier(new Oid("1.3.6.1.4.1.311.25.2.1"));
return(x.AddExplicit(0, y => y.AddOctetString(sidBytes)));
}).GetEncoded();
}
/// <summary>
/// Encodes request to RFC3161 request format.
/// </summary>
/// <returns>ASN.1-encoded byte array.</returns>
public override Byte[] Encode()
{
var builder = new Asn1Builder()
.AddObjectIdentifier(new Oid(SPC_TIME_STAMP_REQUEST_OBJID))
.AddSequence(x => {
return(x.AddObjectIdentifier(new Oid(PKCS_7_DATA))
.AddExplicit(0, y => y.AddOctetString(_data)));
});
return(builder.GetEncoded());
}
Byte[] encodeContentInfo()
{
var builder = new Asn1Builder()
.AddObjectIdentifier(_contentType);
if (_content != null)
{
switch (ContentType.Value)
{
case CMC_DATA: // CMC Data. For CMC: content [0] EXPLICIT OCTET STRING OPTIONAL
builder.AddExplicit(0, x => x.AddOctetString(_content));
break;
default: // everything else. Suggested: content [0] EXPLICIT SEQUENCE OF ANY OPTIONAL
builder.AddExplicit(0, x => x.AddSequence(_content));
break;
}
}
return(builder.GetEncoded());
}
void encode(X509DistributionPoint distributionPoint, Boolean indirect, X509RevocationReasonFlag reasons, IssuingDistributionPointScope scope)
{
Oid = _oid;
Critical = true;
var builder = Asn1Builder.Create();
if (distributionPoint != null)
{
DistributionPoint = distributionPoint;
builder.AddExplicit(0, distributionPoint.RawData, true);
}
if (scope == IssuingDistributionPointScope.OnlyUserCerts)
{
OnlyUserCerts = true;
builder.AddImplicit(1, new Asn1Boolean(true).RawData, false);
}
else if (scope == IssuingDistributionPointScope.OnlyCaCerts)
{
OnlyCaCerts = true;
builder.AddImplicit(2, new Asn1Boolean(true).RawData, false);
}
if (reasons != X509RevocationReasonFlag.None)
{
Reasons = reasons;
// do encoding trick since encoding matches the Key Usage extension encoding
builder.AddExplicit(3, x => x.AddDerData(new X509KeyUsageExtension((X509KeyUsageFlags)reasons, false).RawData));
}
if (indirect)
{
IndirectCRL = true;
builder.AddImplicit(4, new Asn1Boolean(true).RawData, false);
}
if (scope == IssuingDistributionPointScope.OnlyAttributeCerts)
{
OnlyAttributeCerts = true;
builder.AddImplicit(5, new Asn1Boolean(true).RawData, false);
}
RawData = builder.GetEncoded();
}
/// <summary>
/// Encodes revocation entry to a ASN.1-encoded byte array.
/// </summary>
/// <returns>ASN.1-encoded byte array</returns>
public Byte[] Encode()
{
if (String.IsNullOrEmpty(SerialNumber))
{
throw new UninitializedObjectException();
}
// TODO: verify this
Asn1Builder builder = Asn1Builder.Create()
.AddInteger(BigInteger.Parse(SerialNumber, NumberStyles.AllowHexSpecifier))
.AddRfcDateTime(RevocationDate);
if (ReasonCode > 0)
{
builder.AddSequence(x =>
x.AddSequence(y => {
y.AddObjectIdentifier(new Oid(X509ExtensionOid.CRLReasonCode));
return(y.AddOctetString(z => z.AddEnumerated((UInt64)ReasonCode)));
}));
}
return(builder.GetEncoded());
}
Byte[] encodeCTL()
{
var builder = new Asn1Builder()
.AddDerData(new X509EnhancedKeyUsageExtension(SubjectUsages, false).RawData);
var rawData = new List <Byte>(new X509EnhancedKeyUsageExtension(SubjectUsages, false).RawData);
if (!String.IsNullOrEmpty(ListIdentifier))
{
builder.AddOctetString(Encoding.Unicode.GetBytes(ListIdentifier + "\0"));
}
if (SequenceNumber != null)
{
builder.AddInteger(SequenceNumber.Value);
}
builder.AddDerData(Asn1Utils.EncodeDateTime(ThisUpdate.ToUniversalTime()));
if (NextUpdate != null)
{
builder.AddDerData(Asn1Utils.EncodeDateTime(NextUpdate.Value.ToUniversalTime()));
}
return(builder.AddDerData(new AlgorithmIdentifier(HashAlgorithm, new Byte[0]).RawData)
.AddDerData(Entries.Encode())
.GetRawData());
}
