/** Reads * keyInfo{ * deprecated{ * kh{"true"} * vt{"true"} * } * valueType{ * ca{"incremental"} * h0{"single"} * kr{"multiple"} * vt{"multiple"} * x0{"any"} * } * } */ private static void GetKeyInfo(UResourceBundle keyInfoRes) { ISet <string> _deprecatedKeys = new JCG.HashSet <string>(); IDictionary <string, KeyTypeDataValueType> _valueTypes = new JCG.LinkedDictionary <string, KeyTypeDataValueType>(); foreach (var keyInfoEntry in keyInfoRes) { string key = keyInfoEntry.Key; KeyInfoType keyInfo = (KeyInfoType)Enum.Parse(typeof(KeyInfoType), key, true); foreach (var keyInfoEntry2 in keyInfoEntry) { string key2 = keyInfoEntry2.Key; string value2 = keyInfoEntry2.GetString(); switch (keyInfo) { case KeyInfoType.deprecated: _deprecatedKeys.Add(key2); break; case KeyInfoType.valueType: _valueTypes[key2] = (KeyTypeDataValueType)Enum.Parse(typeof(KeyTypeDataValueType), value2, true); break; } } } DEPRECATED_KEYS = _deprecatedKeys.AsReadOnly(); VALUE_TYPES = _valueTypes.AsReadOnly(); }
/** Reads * keyInfo{ * deprecated{ * kh{"true"} * vt{"true"} * } * valueType{ * ca{"incremental"} * h0{"single"} * kr{"multiple"} * vt{"multiple"} * x0{"any"} * } * } */ private static void GetKeyInfo(UResourceBundle keyInfoRes) { ISet <string> _deprecatedKeys = new HashSet <string>(); IDictionary <string, ValueType> _valueTypes = new Dictionary <string, ValueType>(); // ICU4N NOTE: As long as we don't delete, Dictionary keeps insertion order the same as LinkedHashMap foreach (var keyInfoEntry in keyInfoRes) { string key = keyInfoEntry.Key; KeyInfoType keyInfo = (KeyInfoType)Enum.Parse(typeof(KeyInfoType), key, true); foreach (var keyInfoEntry2 in keyInfoEntry) { string key2 = keyInfoEntry2.Key; string value2 = keyInfoEntry2.GetString(); switch (keyInfo) { case KeyInfoType.deprecated: _deprecatedKeys.Add(key2); break; case KeyInfoType.valueType: _valueTypes[key2] = (ValueType)Enum.Parse(typeof(ValueType), value2, true); break; } } } DEPRECATED_KEYS = _deprecatedKeys.ToUnmodifiableSet(); VALUE_TYPES = _valueTypes.ToUnmodifiableDictionary(); }
private KeyInfo createKeyInfo(CertificateX509 certificate, string keyInfoType) { KeyInfo keyInfo = new KeyInfo(); KeyInfoType kinfo = KeyInfoTypeUtils.getKeyInfoType(keyInfoType, this.error); switch (kinfo) { case KeyInfoType.KeyValue: if (SecurityUtils.compareStrings(certificate.getPublicKeyAlgorithm(), "RSA")) { keyInfo.AddClause(new RSAKeyValue((RSA)certificate.getPublicKeyXML())); } else { keyInfo.AddClause(new DSAKeyValue((DSA)certificate.getPublicKeyXML())); } break; case KeyInfoType.X509Certificate: KeyInfoX509Data keyInfoX509Data = new KeyInfoX509Data(); keyInfoX509Data.AddCertificate((X509Certificate)certificate.Cert); keyInfoX509Data.AddSubjectName(certificate.Cert.SubjectName.Name); keyInfoX509Data.AddIssuerSerial(certificate.Cert.IssuerName.Name, certificate.Cert.SerialNumber); keyInfo.AddClause((KeyInfoClause)keyInfoX509Data); break; case KeyInfoType.NONE: keyInfo = null; break; } return(keyInfo); }
public void xr_KeyInfoType() { Console.Out.WriteLine("serialization KeyInfoType"); KeyInfoType r = new KeyInfoType(); XmlSerializer xr = new XmlSerializer(typeof(KeyInfoType)); StringWriter sw = new StringWriter(); xr.Serialize(sw, r); System.Console.Out.WriteLine(sw.ToString()); }
private void bulkTestWithKeyInfoID(CertificateX509 certificate, PrivateKeyManager key, string pathSigned) { XmlDSigSigner signer = new XmlDSigSigner(); string pathSignedID = pathSigned + "_id"; for (int c = 0; c < arrayCanonicalization.Length; c++) { /**** TEST FILES ****/ optionsID.DSigSignatureType = dSigType; optionsID.Canonicalization = arrayCanonicalization[c]; optionsID.XmlSchemaPath = xmlIDSchemaPath; bool signedFile = signer.DoSignFileElement(xmlUnsignedIDPathFile, id, key, certificate, Path.Combine(xmlSignedPathRoot, pathSignedID + ".xml"), optionsID); Assert.IsTrue(signedFile); True(signedFile, signer); bool verifyFile = false; optionsID.XmlSchemaPath = ""; KeyInfoType keyInfo = KeyInfoTypeUtils.getKeyInfoType(optionsID.KeyInfoType, error); if (keyInfo != KeyInfoType.NONE) { verifyFile = signer.DoVerifyFile(Path.Combine(xmlSignedPathRoot, pathSignedID + ".xml"), optionsID); } else { verifyFile = signer.DoVerifyFileWithCert(Path.Combine(xmlSignedPathRoot, pathSignedID + ".xml"), certificate, optionsID); } True(verifyFile, signer); /**** TEST STRINGS ****/ optionsID.XmlSchemaPath = xmlIDSchemaPath; string signedString = signer.DoSignElement(xmlUnsignedID, id, key, certificate, optionsID); bool resultSignString = false; optionsID.XmlSchemaPath = ""; if (keyInfo != KeyInfoType.NONE) { resultSignString = signer.DoVerify(signedString, optionsID); } else { resultSignString = signer.DoVerifyWithCert(signedString, certificate, optionsID); } Assert.IsTrue(resultSignString); True(resultSignString, signer); } }
private void bulkTestWithKeyInfoXPath(CertificateX509 certificate, PrivateKeyManager key, string pathSigned) { #if NETCORE //******Net Core no tiene habilitado usar la transform xpath******// Assert.IsTrue(true); #else XmlDSigSigner signer = new XmlDSigSigner(); string pathSignedXPath = pathSigned + "_xPAth"; for (int c = 0; c < arrayCanonicalization.Length; c++) { /**** TEST FILES ****/ optionsXPath.DSigSignatureType = dSigType; optionsXPath.Canonicalization = arrayCanonicalization[c]; bool signedFile = signer.DoSignFileElement(xmlUnsignedXPathFile, xPath, key, certificate, Path.Combine(xmlSignedPathRoot, pathSignedXPath + ".xml"), optionsXPath); Assert.IsTrue(signedFile); True(signedFile, signer); bool verifyFile = false; KeyInfoType keyInfo = KeyInfoTypeUtils.getKeyInfoType(optionsXPath.KeyInfoType, error); if (keyInfo != KeyInfoType.NONE) { verifyFile = signer.DoVerifyFile(Path.Combine(xmlSignedPathRoot, pathSignedXPath + ".xml"), optionsXPath); } else { verifyFile = signer.DoVerifyFileWithCert(Path.Combine(xmlSignedPathRoot, pathSignedXPath + ".xml"), certificate, optionsXPath); } //True(verifyFile, signer); /**** TEST STRINGS ****/ string signedString = signer.DoSignElement(xmlUnsignedXPath, xPath, key, certificate, optionsXPath); bool resultSignString = false; if (keyInfo != KeyInfoType.NONE) { resultSignString = signer.DoVerify(signedString, optionsXPath); } else { resultSignString = signer.DoVerifyWithCert(signedString, certificate, optionsXPath); } //True(resultSignString, signer); } #endif }
public static string valueOf(KeyInfoType keyInfoType, Error error) { switch (keyInfoType) { case KeyInfoType.NONE: return("NONE"); case KeyInfoType.KeyValue: return("KeyValue"); case KeyInfoType.X509Certificate: return("X509Certificate"); default: error.setError("KI002", "Unrecognized KeyInfoType"); return(""); } }
/// <summary> /// קבלת מידע על שורה אחת מסויימת מתוך הקובץ הנוכחי. /// </summary> /// <param name="t">סוג המידע להחזרה</param> /// <param name="findByKey">מציאת המידע לפי מפתח</param> /// <param name="findByValue">מציאת המידע לפי ערך</param> /// <param name="findByLine">מציאת המידע לפי מספר שורה</param> /// <returns>המידע שהתבקש, או כלום אם הפעולה לא הצליחה</returns> public object GetKeyInfo(KeyInfoType t, string findByKey = "", string findByValue = "", int findByLine = 0) { try { if (findByKey.Length > 0) { switch (t) { case KeyInfoType.Key: return(findByKey); case KeyInfoType.Value: return(GetKey(findByKey)); case KeyInfoType.Line: { string[] lines = File.ReadAllLines(path); for (int i = 0; i < lines.Length; i++) { if (NoticeThisLine(lines[i]) && SplitThisLine(lines[i], LineSplitMode.GetKey) == findByKey) { return(i + 1); } } return(0); } default: return(null); } } else if (findByValue.Length > 0) { switch (t) { case KeyInfoType.Key: { string[] lines = File.ReadAllLines(path); for (int i = 0; i < lines.Length; i++) { if (NoticeThisLine(lines[i]) && SplitThisLine(lines[i], LineSplitMode.GetValue) == findByValue) { return(SplitThisLine(lines[i], LineSplitMode.GetKey)); } } return(string.Empty); } case KeyInfoType.Value: return(findByValue); case KeyInfoType.Line: { string[] lines = File.ReadAllLines(path); for (int i = 0; i < lines.Length; i++) { if (NoticeThisLine(lines[i]) && SplitThisLine(lines[i], LineSplitMode.GetValue) == findByValue) { return(i + 1); } } return(0); } default: return(null); } } else if (findByLine > 0) { switch (t) { case KeyInfoType.Key: return(SplitThisLine(File.ReadAllLines(path)[findByLine], LineSplitMode.GetKey)); case KeyInfoType.Value: return(SplitThisLine(File.ReadAllLines(path)[findByLine], LineSplitMode.GetValue)); case KeyInfoType.Line: return(findByLine); default: return(null); } } } catch { return(null); } return(null); }
/* * Validation */ private void validate(List<Org.BouncyCastle.X509.X509Certificate> certificateChain, string trustDomain, bool returnRevocationData, DateTime validationDate, List<OcspResp> ocspResponses, List<X509Crl> crls, RevocationValuesType revocationValues, TimeStampToken timeStampToken, EncapsulatedPKIDataType[] attributeCertificates) { // setup the client setupClient(); // validate ValidateRequestType validateRequest = new ValidateRequestType(); QueryKeyBindingType queryKeyBinding = new QueryKeyBindingType(); KeyInfoType keyInfo = new KeyInfoType(); X509DataType x509Data = new X509DataType(); x509Data.Items = new object[certificateChain.Count]; x509Data.ItemsElementName = new ItemsChoiceType[certificateChain.Count]; int idx = 0; foreach (Org.BouncyCastle.X509.X509Certificate certificate in certificateChain) { x509Data.Items[idx] = certificate.GetEncoded(); x509Data.ItemsElementName[idx] = ItemsChoiceType.X509Certificate; idx++; } keyInfo.Items = new object[] { x509Data }; keyInfo.ItemsElementName = new ItemsChoiceType2[] { ItemsChoiceType2.X509Data }; queryKeyBinding.KeyInfo = keyInfo; validateRequest.QueryKeyBinding = queryKeyBinding; /* * Set optional trust domain */ if (null != trustDomain) { UseKeyWithType useKeyWith = new UseKeyWithType(); useKeyWith.Application = XkmsConstants.TRUST_DOMAIN_APPLICATION_URI; useKeyWith.Identifier = trustDomain; queryKeyBinding.UseKeyWith = new UseKeyWithType[] { useKeyWith }; } /* * Add timestamp token for TSA validation */ if (null != timeStampToken) { addTimeStampToken(validateRequest, timeStampToken); } /* * Add attribute certificates */ if (null != attributeCertificates) { addAttributeCertificates(validateRequest, attributeCertificates); } /* * Set if used revocation data should be returned or not */ if (returnRevocationData) { validateRequest.RespondWith = new string[] { XkmsConstants.RETURN_REVOCATION_DATA_URI }; } /* * Historical validation, add the revocation data to the request */ if (!validationDate.Equals(DateTime.MinValue)) { TimeInstantType timeInstant = new TimeInstantType(); timeInstant.Time = validationDate; queryKeyBinding.TimeInstant = timeInstant; addRevocationData(validateRequest, ocspResponses, crls, revocationValues); } /* * Validate */ ValidateResultType validateResult = client.Validate(validateRequest); /* * Check result */ checkResponse(validateResult); /* * Set the optionally requested revocation data */ if (returnRevocationData) { foreach (MessageExtensionAbstractType messageExtension in validateResult.MessageExtension) { if (messageExtension is RevocationDataMessageExtensionType) { this.revocationValues = ((RevocationDataMessageExtensionType)messageExtension).RevocationValues; } } if (null == this.revocationValues) { throw new RevocationDataNotFoundException(); } } /* * Store reason URIs */ foreach (KeyBindingType keyBinding in validateResult.KeyBinding) { if (KeyBindingEnum.httpwwww3org200203xkmsValid.Equals(keyBinding.Status.StatusValue)) { return; } foreach (string reason in keyBinding.Status.InvalidReason) { this.invalidReasonURIs.AddLast(reason); } throw new ValidationFailedException(this.invalidReasonURIs); } }
/* * Validation */ private void validate(List <Org.BouncyCastle.X509.X509Certificate> certificateChain, string trustDomain, bool returnRevocationData, DateTime validationDate, List <OcspResp> ocspResponses, List <X509Crl> crls, RevocationValuesType revocationValues, TimeStampToken timeStampToken, EncapsulatedPKIDataType[] attributeCertificates) { // setup the client setupClient(); // validate ValidateRequestType validateRequest = new ValidateRequestType(); QueryKeyBindingType queryKeyBinding = new QueryKeyBindingType(); KeyInfoType keyInfo = new KeyInfoType(); X509DataType x509Data = new X509DataType(); x509Data.Items = new object[certificateChain.Count]; x509Data.ItemsElementName = new ItemsChoiceType[certificateChain.Count]; int idx = 0; foreach (Org.BouncyCastle.X509.X509Certificate certificate in certificateChain) { x509Data.Items[idx] = certificate.GetEncoded(); x509Data.ItemsElementName[idx] = ItemsChoiceType.X509Certificate; idx++; } keyInfo.Items = new object[] { x509Data }; keyInfo.ItemsElementName = new ItemsChoiceType2[] { ItemsChoiceType2.X509Data }; queryKeyBinding.KeyInfo = keyInfo; validateRequest.QueryKeyBinding = queryKeyBinding; /* * Set optional trust domain */ if (null != trustDomain) { UseKeyWithType useKeyWith = new UseKeyWithType(); useKeyWith.Application = XkmsConstants.TRUST_DOMAIN_APPLICATION_URI; useKeyWith.Identifier = trustDomain; queryKeyBinding.UseKeyWith = new UseKeyWithType[] { useKeyWith }; } /* * Add timestamp token for TSA validation */ if (null != timeStampToken) { addTimeStampToken(validateRequest, timeStampToken); } /* * Add attribute certificates */ if (null != attributeCertificates) { addAttributeCertificates(validateRequest, attributeCertificates); } /* * Set if used revocation data should be returned or not */ if (returnRevocationData) { validateRequest.RespondWith = new string[] { XkmsConstants.RETURN_REVOCATION_DATA_URI }; } /* * Historical validation, add the revocation data to the request */ if (!validationDate.Equals(DateTime.MinValue)) { TimeInstantType timeInstant = new TimeInstantType(); timeInstant.Time = validationDate; queryKeyBinding.TimeInstant = timeInstant; addRevocationData(validateRequest, ocspResponses, crls, revocationValues); } /* * Validate */ ValidateResultType validateResult = client.Validate(validateRequest); /* * Check result */ checkResponse(validateResult); /* * Set the optionally requested revocation data */ if (returnRevocationData) { foreach (MessageExtensionAbstractType messageExtension in validateResult.MessageExtension) { if (messageExtension is RevocationDataMessageExtensionType) { this.revocationValues = ((RevocationDataMessageExtensionType)messageExtension).RevocationValues; } } if (null == this.revocationValues) { throw new RevocationDataNotFoundException(); } } /* * Store reason URIs */ foreach (KeyBindingType keyBinding in validateResult.KeyBinding) { if (KeyBindingEnum.httpwwww3org200203xkmsValid.Equals(keyBinding.Status.StatusValue)) { return; } foreach (string reason in keyBinding.Status.InvalidReason) { this.invalidReasonURIs.AddLast(reason); } throw new ValidationFailedException(this.invalidReasonURIs); } }