/// <summary>Create a reference to a X509Crl</summary>
/// <param name="crl"></param>
/// <returns></returns>
/// <exception cref="Sharpen.NoSuchAlgorithmException">Sharpen.NoSuchAlgorithmException
/// </exception>
/// <exception cref="Sharpen.CrlException">Sharpen.CrlException</exception>
private CrlValidatedID MakeCrlValidatedID(X509Crl crl)
{
OtherHash hash = new OtherHash(DigestUtilities.CalculateDigest
(X509ObjectIdentifiers.IdSha1, crl.GetEncoded()));
BigInteger crlnumber;
CrlIdentifier crlid;
DerObjectIdentifier crlExt = new DerObjectIdentifier("2.5.29.20");
if (crl.GetExtensionValue(crlExt) != null)
{
//crlnumber = new DerInteger(crl.GetExtensionValue(crlExt)).GetPositiveValue();
crlnumber = new DerInteger(crl.GetExtensionValue(crlExt).GetDerEncoded()).PositiveValue;
//crlid = new CrlIdentifier(new X509Name(crl.IssuerDN.GetName()), new
crlid = new CrlIdentifier(crl.IssuerDN,
//new DerUtcTime(crl.ThisUpdate), crlnumber);
crl.ThisUpdate, crlnumber);
}
else
{
//crlid = new CrlIdentifier(new X509Name(crl.IssuerDN.GetName()),
crlid = new CrlIdentifier(crl.IssuerDN,
//new DerUtcTime(crl.ThisUpdate));
crl.ThisUpdate);
}
CrlValidatedID crlvid = new CrlValidatedID(hash, crlid);
return(crlvid);
}
public CRLRef(CrlValidatedID cmsRef)
{
crlIssuer = cmsRef.CrlIdentifier.CrlIssuer;
crlIssuedTime = cmsRef.CrlIdentifier.CrlIssuedTime;
crlNumber = cmsRef.CrlIdentifier.CrlNumber;
algorithm = cmsRef.CrlHash.HashAlgorithm.Algorithm.Id;
digestValue = cmsRef.CrlHash.GetHashValue();
}
public CrlValidatedID[] GetCrls()
{
CrlValidatedID[] array = new CrlValidatedID[crls.Count];
for (int i = 0; i < crls.Count; i++)
{
array[i] = CrlValidatedID.GetInstance(crls[i].ToAsn1Object());
}
return(array);
}
/// <summary>The default constructor for CRLRef.</summary>
/// <remarks>The default constructor for CRLRef.</remarks>
/// <param name="cmsRef"></param>
/// <exception cref="Sharpen.ParseException">Sharpen.ParseException</exception>
public CRLRef(CrlValidatedID cmsRef)
{
try
{
crlIssuer = cmsRef.CrlIdentifier.CrlIssuer;
crlIssuedTime = cmsRef.CrlIdentifier.CrlIssuedTime;
crlNumber = cmsRef.CrlIdentifier.CrlNumber;
algorithm = cmsRef.CrlHash.HashAlgorithm.ObjectID.Id;
digestValue = cmsRef.CrlHash.GetHashValue();
}
catch (ParseException ex)
{
throw new RuntimeException(ex);
}
}
private CrlListID(Asn1Sequence seq)
{
if (seq == null)
{
throw new ArgumentNullException("seq");
}
if (seq.Count != 1)
{
throw new ArgumentException("Bad sequence size: " + seq.Count, "seq");
}
crls = (Asn1Sequence)seq[0].ToAsn1Object();
foreach (Asn1Encodable crl in crls)
{
CrlValidatedID.GetInstance(crl.ToAsn1Object());
}
}
/// <exception cref="System.IO.IOException"></exception>
//private IDictionary<DerObjectIdentifier, Asn1Encodable> ExtendUnsignedAttributes(IDictionary
// <DerObjectIdentifier, Asn1Encodable> unsignedAttrs, X509Certificate signingCertificate
// , SignatureParameters parameters, DateTime signingTime, CertificateSource optionalCertificateSource
// )
private IDictionary ExtendUnsignedAttributes(IDictionary unsignedAttrs, X509Certificate signingCertificate
, SignatureParameters parameters, DateTime signingTime, CertificateSource optionalCertificateSource
)
{
ValidationContext validationContext = certificateVerifier.ValidateCertificate(signingCertificate
, signingTime, new CompositeCertificateSource(new ListCertificateSource(parameters
.CertificateChain), optionalCertificateSource), null, null);
try
{
AList <OtherCertID> completeCertificateRefs = new AList <OtherCertID>();
AList <CrlOcspRef> completeRevocationRefs = new AList <CrlOcspRef>();
foreach (CertificateAndContext c in validationContext.GetNeededCertificates())
{
if (!c.Equals(signingCertificate))
{
completeCertificateRefs.AddItem(MakeOtherCertID(c.GetCertificate()));
}
// certificateValues.add(new X509CertificateStructure((Asn1Sequence) Asn1Object.fromByteArray(c
// .getCertificate().getEncoded())));
AList <CrlValidatedID> crlListIdValues = new AList <CrlValidatedID>();
AList <OcspResponsesID> ocspListIDValues = new AList <OcspResponsesID>();
foreach (X509Crl relatedcrl in validationContext.GetRelatedCRLs(c))
{
crlListIdValues.AddItem(MakeCrlValidatedID((X509Crl)relatedcrl));
}
foreach (BasicOcspResp relatedocspresp in validationContext.GetRelatedOCSPResp(c))
{
ocspListIDValues.AddItem(MakeOcspResponsesID(relatedocspresp));
}
CrlValidatedID[] crlListIdArray = new CrlValidatedID[crlListIdValues.Count];
OcspResponsesID[] ocspListIDArray = new OcspResponsesID[ocspListIDValues.Count];
completeRevocationRefs.AddItem(new CrlOcspRef(new CrlListID(Sharpen.Collections.ToArray
(crlListIdValues, crlListIdArray)), new OcspListID(Sharpen.Collections.ToArray(ocspListIDValues
, ocspListIDArray)), null));
}
OtherCertID[] otherCertIDArray = new OtherCertID[completeCertificateRefs.Count];
CrlOcspRef[] crlOcspRefArray = new CrlOcspRef[completeRevocationRefs.Count];
//unsignedAttrs.Put(PkcsObjectIdentifiers.IdAAEtsCertificateRefs, new Attribute(
unsignedAttrs.Add(PkcsObjectIdentifiers.IdAAEtsCertificateRefs, new BcCms.Attribute(
PkcsObjectIdentifiers.IdAAEtsCertificateRefs, new DerSet(new DerSequence(Sharpen.Collections.ToArray
(completeCertificateRefs, otherCertIDArray)))));
//unsignedAttrs.Put(PkcsObjectIdentifiers.IdAAEtsRevocationRefs, new Attribute(PkcsObjectIdentifiers.IdAAEtsRevocationRefs, new DerSet(new DerSequence(Sharpen.Collections.ToArray
unsignedAttrs.Add(PkcsObjectIdentifiers.IdAAEtsRevocationRefs, new BcCms.Attribute(PkcsObjectIdentifiers.IdAAEtsRevocationRefs, new DerSet(new DerSequence(Sharpen.Collections.ToArray
(completeRevocationRefs, crlOcspRefArray)))));
}
catch (NoSuchAlgorithmException e)
{
throw new RuntimeException(e);
}
catch (CertificateEncodingException e)
{
throw new RuntimeException(e);
}
catch (OcspException e)
{
throw new RuntimeException(e);
}
catch (IOException e)
{
throw new RuntimeException(e);
}
catch (CrlException e)
{
throw new RuntimeException(e);
}
return(unsignedAttrs);
}