public static AbandonRequest Extract(ICollection <byte> buffer)
{
var abandonRequest = new AbandonRequest();
abandonRequest.MessageId = DEROctetString.Extract(buffer);
return(abandonRequest);
}
/// <summary>
/// Generate a CertificateID.
/// </summary>
/// <param name="hashAlgorithm"></param>
/// <param name="issuerCert"></param>
/// <param name="number"></param>
/// <param name="provider"></param>
public CertificateID(string hashAlgorithm, X509Certificate issuerCert, BigInteger number, string provider)
{
try
{
Digest digest = TransformationByName.DigestByName(hashAlgorithm);
AlgorithmIdentifier hashAlg = new AlgorithmIdentifier(new DERObjectIdentifier(hashAlgorithm), new DERNull());
X509Name issuerName = issuerCert.getSubjectDN();
byte[] b = issuerName.getEncoded();
digest.update(b, 0, b.Length);
b = new byte[digest.getDigestSize()];
digest.doFinal(b, 0);
ASN1OctetString issuerNameHash = new DEROctetString(b);
AsymmetricKeyParameter issuerKey = issuerCert.getPublicKey();
SubjectPublicKeyInfo info = SubjectPublicKeyInfoFactory.CreateSubjectPublicKeyInfo(issuerKey);
b = info.getEncoded();
digest.update(b, 0, b.Length);
b = new byte[digest.getDigestSize()];
digest.doFinal(b, 0);
ASN1OctetString issuerKeyHash = new DEROctetString(b);
DERInteger serialNumber = new DERInteger(number);
this.id = new CertID(hashAlg, issuerNameHash, issuerKeyHash, serialNumber);
}
catch (Exception e)
{
throw new OCSPException("problem creating ID: " + e, e);
}
}
public static SimpleAuthChoice Extract(ICollection <byte> buffer)
{
var result = new SimpleAuthChoice();
result.Value = DEROctetString.Extract(buffer);
return(result);
}
public static CompareRequest Extract(ICollection <byte> buffer)
{
var result = new CompareRequest();
result.Entry = DEROctetString.Extract(buffer);
result.Ava = AttributeValueAssertion.Extract(buffer, true);
return(result);
}
public static SASLAuthChoice Extract(ICollection <byte> buffer)
{
var result = new SASLAuthChoice();
result.ExtractTagAndLength(buffer);
result.Mechanism = DEROctetString.Extract(buffer);
result.Credentials = DEROctetString.Extract(buffer);
return(result);
}
public static AddRequest Extract(ICollection <byte> buffer)
{
var addRequest = new AddRequest();
addRequest.Entry = DEROctetString.Extract(buffer);
addRequest.Attributes = DERSequence <PartialAttribute> .Extract(buffer);
return(addRequest);
}
public static RealSearchControlValue Extract(ICollection <byte> buffer)
{
var result = new RealSearchControlValue();
result.ExtractTagAndLength(buffer);
result.Size = DERInteger.Extract(buffer);
result.Cookie = DEROctetString.Extract(buffer);
return(result);
}
public static SearchResultEntry Extract(ICollection <byte> payload)
{
var result = new SearchResultEntry();
result.ObjectName = DEROctetString.Extract(payload);
result.PartialAttributes = DERSequence <PartialAttribute> .Extract(payload);
return(result);
}
public static ModifyRequest Extract(ICollection <byte> buffer)
{
var modifyRequest = new ModifyRequest();
modifyRequest.Object = DEROctetString.Extract(buffer);
modifyRequest.Changes = DERSequence <ModifyRequestChange> .Extract(buffer);
return(modifyRequest);
}
public static LDAPResult Extract(ICollection <byte> buffer)
{
var ldapResult = new LDAPResult();
ldapResult.ResultCode = DEREnumerated <LDAPResultCodes> .Extract(buffer);
ldapResult.MatchedDN = DEROctetString.Extract(buffer);
ldapResult.DiagnosticMessage = DEROctetString.Extract(buffer);
return(ldapResult);
}
public static SimplePagedResultsControl ExtractControl(ICollection <byte> buffer)
{
var result = new SimplePagedResultsControl();
result.Criticality = DERBoolean.Extract(buffer);
var controlValue = DEROctetString.Extract(buffer);
result.ControlValue = RealSearchControlValue.Extract(controlValue.Payload);
return(result);
}
public static PartialAttribute Extract(ICollection <byte> buffer)
{
var result = new PartialAttribute();
result.ExtractTagAndLength(buffer);
result.Type = DEROctetString.Extract(buffer);
result.Vals = DERSet <DEROctetString> .Extract(buffer);
return(result);
}
public static BindResponse Extract(ICollection <byte> buffer)
{
var result = new BindResponse();
result.Result.ResultCode = DEREnumerated <LDAPResultCodes> .Extract(buffer);
result.Result.MatchedDN = DEROctetString.Extract(buffer);
result.Result.DiagnosticMessage = DEROctetString.Extract(buffer);
return(result);
}
public static AttributeValueAssertion Extract(ICollection <byte> buffer, bool isTagIncluded = false)
{
var result = new AttributeValueAssertion();
if (isTagIncluded)
{
result.ExtractTagAndLength(buffer);
}
result.AttributeDescription = DEROctetString.Extract(buffer);
result.AssertionValue = DEROctetString.Extract(buffer);
return(result);
}
/// <summary>
/// Create using an public Asymmetric Key.
/// </summary>
/// <param name="key">A public Asymmetric key.</param>
public RespID(AsymmetricKeyParameter key)
{
SubjectPublicKeyInfo info = SubjectPublicKeyInfoFactory.CreateSubjectPublicKeyInfo(key);
byte[] b = info.getEncoded();
SHA1Digest sha1 = new SHA1Digest();
sha1.update(b, 0, b.Length);
b = new byte[sha1.getDigestSize()];
sha1.doFinal(b, 0);
ASN1OctetString keyHash = new DEROctetString(b);
this.id = new ResponderID(keyHash);
}
public static SearchRequest Extract(ICollection <byte> buffer)
{
var searchRequest = new SearchRequest();
searchRequest.BaseObject = DEROctetString.Extract(buffer);
searchRequest.Scope = DEREnumerated <SearchRequestScopes> .Extract(buffer);
searchRequest.DeferAlias = DEREnumerated <SearchRequestDeferAliases> .Extract(buffer);
searchRequest.SizeLimit = DERInteger.Extract(buffer);
searchRequest.TimeLimit = DERInteger.Extract(buffer);
searchRequest.TypesOnly = DERBoolean.Extract(buffer);
searchRequest.Filter = SearchRequestFilter.Extract(buffer);
searchRequest.Attributes = DERSequence <DEROctetString> .Extract(buffer);
return(searchRequest);
}
public static DERControl Extract(ICollection <byte> buffer)
{
DERControl result = new DERControl();
result.ExtractTagAndLength(buffer);
if (result.Tag == null || result.Tag.UniversalClassType != UniversalClassTypes.Sequence)
{
return(null);
}
result.ControlType = DEROctetString.Extract(buffer);
if (result.ControlType.Value == "1.2.840.113556.1.4.319")
{
result = SimplePagedResultsControl.ExtractControl(buffer);
}
return(result);
}
public static ModifyDNRequest Extract(ICollection <byte> buffer)
{
var result = new ModifyDNRequest();
result.Entry = DEROctetString.Extract(buffer);
result.NewRDN = DEROctetString.Extract(buffer);
result.DeleteOldRDN = DERBoolean.Extract(buffer);
var newSuperior = new DEROctetString();
newSuperior.ExtractTagAndLength(buffer);
if (newSuperior.Length > 0)
{
var valueBuffer = buffer.Dequeue(newSuperior.Length);
newSuperior.Value = Encoding.ASCII.GetString(valueBuffer.ToArray());
result.NewSuperior = newSuperior;
}
return(result);
}
public override ICollection <byte> SerializeControl()
{
var content = new List <byte>();
var controlValue = ControlValue.Serialize();
var serialized = new DEROctetString
{
Payload = controlValue.ToList()
};
content.AddRange(ControlType.Serialize());
content.AddRange(Criticality.Serialize());
content.AddRange(serialized.Serialize());
Length = content.Count;
var result = new List <byte>();
result.AddRange(SerializeDerStructure());
result.AddRange(content);
return(result);
}
public SignerInfo(
ASN1Sequence seq)
{
IEnumerator e = seq.getObjects();
e.MoveNext();
version = (DERInteger)e.Current;
e.MoveNext();
issuerAndSerialNumber = IssuerAndSerialNumber.getInstance(e.Current);
e.MoveNext();
digAlgorithm = AlgorithmIdentifier.getInstance(e.Current);
e.MoveNext();
object obj = e.Current;
if (obj is ASN1TaggedObject)
{
authenticatedAttributes = ASN1Set.getInstance((ASN1TaggedObject)obj, false);
e.MoveNext();
digEncryptionAlgorithm = AlgorithmIdentifier.getInstance(e.Current);
}
else
{
authenticatedAttributes = null;
digEncryptionAlgorithm = AlgorithmIdentifier.getInstance(obj);
}
e.MoveNext();
encryptedDigest = DEROctetString.getInstance(e.Current);
if (e.MoveNext())
{
unauthenticatedAttributes = ASN1Set.getInstance((ASN1TaggedObject)e.Current, false);
}
else
{
unauthenticatedAttributes = null;
}
}
public static BindRequest Extract(ICollection <byte> buffer)
{
var result = new BindRequest();
result.Version = DERInteger.Extract(buffer);
result.Name = DEROctetString.Extract(buffer);
var cloneBuffer = buffer.ToList();
var tag = DERTag.Extract(cloneBuffer);
var authMethod = (BindRequestAuthenticationChoices)tag.TagNumber;
switch (authMethod)
{
case BindRequestAuthenticationChoices.SASL:
result.Authentication = SASLAuthChoice.Extract(buffer);
break;
case BindRequestAuthenticationChoices.SIMPLE:
result.Authentication = SimpleAuthChoice.Extract(buffer);
break;
}
return(result);
}
public SimplePagedResultsControl()
{
ControlType = new DEROctetString("1.2.840.113556.1.4.319");
}
public static AsymmetricKeyParameter CreateKey(SubjectPublicKeyInfo keyInfo)
{
AlgorithmIdentifier algId = keyInfo.getAlgorithmId();
if (algId.getObjectId().Equals(PKCSObjectIdentifiers.rsaEncryption) ||
algId.getObjectId().Equals(X509ObjectIdentifiers.id_ea_rsa))
{
RSAPublicKeyStructure pubKey = new RSAPublicKeyStructure((ASN1Sequence)keyInfo.getPublicKey());
return(new RSAKeyParameters(false, pubKey.getModulus(), pubKey.getPublicExponent()));
}
else if (algId.getObjectId().Equals(PKCSObjectIdentifiers.dhKeyAgreement) ||
algId.getObjectId().Equals(X9ObjectIdentifiers.dhpublicnumber))
{
DHParameter para = new DHParameter((ASN1Sequence)keyInfo.getAlgorithmId().getParameters());
DERInteger derY = (DERInteger)keyInfo.getPublicKey();
return(new DHPublicKeyParameters(derY.getValue(), new DHParameters(para.getP(), para.getG())));
}
else if (algId.getObjectId().Equals(OIWObjectIdentifiers.elGamalAlgorithm))
{
ElGamalParameter para = new ElGamalParameter((ASN1Sequence)keyInfo.getAlgorithmId().getParameters());
DERInteger derY = (DERInteger)keyInfo.getPublicKey();
return(new ElGamalPublicKeyParameters(derY.getValue(), new ElGamalParameters(para.getP(), para.getG())));
}
else if (algId.getObjectId().Equals(X9ObjectIdentifiers.id_dsa) ||
algId.getObjectId().Equals(OIWObjectIdentifiers.dsaWithSHA1))
{
DSAParameter para = new DSAParameter((ASN1Sequence)keyInfo.getAlgorithmId().getParameters());
DERInteger derY = (DERInteger)keyInfo.getPublicKey();
return(new DSAPublicKeyParameters(derY.getValue(), new DSAParameters(para.getP(), para.getQ(), para.getG())));
}
else if (algId.getObjectId().Equals(X9ObjectIdentifiers.id_ecPublicKey))
{
X962Parameters para = new X962Parameters((ASN1Object)keyInfo.getAlgorithmId().getParameters());
ECDomainParameters dParams = null;
if (para.isNamedCurve())
{
DERObjectIdentifier oid = (DERObjectIdentifier)para.getParameters();
X9ECParameters ecP = X962NamedCurves.getByOID(oid);
dParams = new ECDomainParameters(
ecP.getCurve(),
ecP.getG(),
ecP.getN(),
ecP.getH(),
ecP.getSeed());
}
else
{
X9ECParameters ecP = new X9ECParameters((ASN1Sequence)para.getParameters().toASN1Object());
dParams = new ECDomainParameters(
ecP.getCurve(),
ecP.getG(),
ecP.getN(),
ecP.getH(),
ecP.getSeed());
}
DERBitString bits = keyInfo.getPublicKeyData();
byte[] data = bits.getBytes();
ASN1OctetString key = new DEROctetString(data);
X9ECPoint derQ = new X9ECPoint(dParams.getCurve(), key);
return(new ECPublicKeyParameters(derQ.getPoint(), dParams));
}
else
{
throw new Exception("algorithm identifier in key not recognised");
}
}
/**
* Verifies a signature using the sub-filter adbe.pkcs7.detached or
* adbe.pkcs7.sha1.
* @param contentsKey the /Contents key
* @param provider the provider or <code>null</code> for the default provider
* @throws SecurityException on error
* @throws CRLException on error
* @throws InvalidKeyException on error
* @throws CertificateException on error
* @throws NoSuchProviderException on error
* @throws NoSuchAlgorithmException on error
*/
public PdfPKCS7(byte[] contentsKey)
{
ASN1InputStream din = new ASN1InputStream(new MemoryStream(contentsKey));
//
// Basic checks to make sure it's a PKCS#7 SignedData Object
//
ASN1Object pkcs;
try {
pkcs = din.readObject();
}
catch {
throw new ArgumentException("can't decode PKCS7SignedData object");
}
if (!(pkcs is ASN1Sequence))
{
throw new ArgumentException("Not a valid PKCS#7 object - not a sequence");
}
ASN1Sequence signedData = (ASN1Sequence)pkcs;
DERObjectIdentifier objId = (DERObjectIdentifier)signedData.getObjectAt(0);
if (!objId.getId().Equals(ID_PKCS7_SIGNED_DATA))
{
throw new ArgumentException("Not a valid PKCS#7 object - not signed data");
}
ASN1Sequence content = (ASN1Sequence)((DERTaggedObject)signedData.getObjectAt(1)).getObject();
// the positions that we care are:
// 0 - version
// 1 - digestAlgorithms
// 2 - possible ID_PKCS7_DATA
// (the certificates and crls are taken out by other means)
// last - signerInfos
// the version
version = ((DERInteger)content.getObjectAt(0)).getValue().intValue();
// the digestAlgorithms
digestalgos = new Hashtable();
IEnumerator e = ((ASN1Set)content.getObjectAt(1)).getObjects();
while (e.MoveNext())
{
ASN1Sequence s = (ASN1Sequence)e.Current;
DERObjectIdentifier o = (DERObjectIdentifier)s.getObjectAt(0);
digestalgos[o.getId()] = null;
}
// the certificates and crls
X509CertificateParser cf = new X509CertificateParser(contentsKey);
certs = new ArrayList();
while (true)
{
X509Certificate cc = cf.ReadCertificate();
if (cc == null)
{
break;
}
certs.Add(cc);
}
crls = new ArrayList();
// the possible ID_PKCS7_DATA
ASN1Sequence rsaData = (ASN1Sequence)content.getObjectAt(2);
if (rsaData.size() > 1)
{
DEROctetString rsaDataContent = (DEROctetString)((DERTaggedObject)rsaData.getObjectAt(1)).getObject();
RSAdata = rsaDataContent.getOctets();
}
// the signerInfos
int next = 3;
while (content.getObjectAt(next) is DERTaggedObject)
{
++next;
}
ASN1Set signerInfos = (ASN1Set)content.getObjectAt(next);
if (signerInfos.size() != 1)
{
throw new ArgumentException("This PKCS#7 object has multiple SignerInfos - only one is supported at this time");
}
ASN1Sequence signerInfo = (ASN1Sequence)signerInfos.getObjectAt(0);
// the positions that we care are
// 0 - version
// 1 - the signing certificate serial number
// 2 - the digest algorithm
// 3 or 4 - digestEncryptionAlgorithm
// 4 or 5 - encryptedDigest
signerversion = ((DERInteger)signerInfo.getObjectAt(0)).getValue().intValue();
// Get the signing certificate
ASN1Sequence issuerAndSerialNumber = (ASN1Sequence)signerInfo.getObjectAt(1);
BigInteger serialNumber = ((DERInteger)issuerAndSerialNumber.getObjectAt(1)).getValue();
foreach (X509Certificate cert in certs)
{
if (serialNumber.Equals(cert.getSerialNumber()))
{
signCert = cert;
break;
}
}
if (signCert == null)
{
throw new ArgumentException("Can't find signing certificate with serial " + serialNumber.ToString(16));
}
digestAlgorithm = ((DERObjectIdentifier)((ASN1Sequence)signerInfo.getObjectAt(2)).getObjectAt(0)).getId();
next = 3;
if (signerInfo.getObjectAt(next) is ASN1TaggedObject)
{
ASN1TaggedObject tagsig = (ASN1TaggedObject)signerInfo.getObjectAt(next);
ASN1Sequence sseq = (ASN1Sequence)tagsig.getObject();
MemoryStream bOut = new MemoryStream();
ASN1OutputStream dout = new ASN1OutputStream(bOut);
try {
ASN1EncodableVector attribute = new ASN1EncodableVector();
for (int k = 0; k < sseq.size(); ++k)
{
attribute.add(sseq.getObjectAt(k));
}
dout.writeObject(new DERSet(attribute));
dout.Close();
}
catch (IOException) {}
sigAttr = bOut.ToArray();
for (int k = 0; k < sseq.size(); ++k)
{
ASN1Sequence seq2 = (ASN1Sequence)sseq.getObjectAt(k);
if (((DERObjectIdentifier)seq2.getObjectAt(0)).getId().Equals(ID_MESSAGE_DIGEST))
{
ASN1Set sset = (ASN1Set)seq2.getObjectAt(1);
digestAttr = ((DEROctetString)sset.getObjectAt(0)).getOctets();
break;
}
}
if (digestAttr == null)
{
throw new ArgumentException("Authenticated attribute is missing the digest.");
}
++next;
}
digestEncryptionAlgorithm = ((DERObjectIdentifier)((ASN1Sequence)signerInfo.getObjectAt(next++)).getObjectAt(0)).getId();
digest = ((DEROctetString)signerInfo.getObjectAt(next)).getOctets();
if (RSAdata != null || digestAttr != null)
{
messageDigest = GetHashClass();
}
sig = SignerUtil.getSigner(GetDigestAlgorithm());
sig.init(false, signCert.getPublicKey());
}
