public override void PerformTest()
{
AlgorithmIdentifier algId = new AlgorithmIdentifier(new DerObjectIdentifier("1.2.2.3"));
byte[] digest = new byte[20];
OtherHash otherHash = new OtherHash(
new OtherHashAlgAndValue(algId, digest));
OtherCertID otherCertID = new OtherCertID(otherHash);
OtherSigningCertificate otherCert = new OtherSigningCertificate(otherCertID);
checkConstruction(otherCert, otherCertID);
otherCert = OtherSigningCertificate.GetInstance(null);
if (otherCert != null)
{
Fail("null GetInstance() failed.");
}
try
{
OtherCertID.GetInstance(new Object());
Fail("GetInstance() failed to detect bad object.");
}
catch (ArgumentException)
{
// expected
}
}
public override void PerformTest()
{
AlgorithmIdentifier algId = new AlgorithmIdentifier(new DerObjectIdentifier("1.2.2.3"));
byte[] digest = new byte[20];
OtherHash otherHash = new OtherHash(new OtherHashAlgAndValue(algId, digest));
IssuerSerial issuerSerial = new IssuerSerial(new GeneralNames(new GeneralName(new X509Name("CN=test"))), new DerInteger(1));
OtherCertID certID = new OtherCertID(otherHash);
checkConstruction(certID, algId, digest, null);
certID = new OtherCertID(otherHash, issuerSerial);
checkConstruction(certID, algId, digest, issuerSerial);
certID = OtherCertID.GetInstance(null);
if (certID != null)
{
Fail("null GetInstance() failed.");
}
try
{
OtherCertID.GetInstance(new Object());
Fail("GetInstance() failed to detect bad object.");
}
catch (ArgumentException)
{
// expected
}
}
public OtherCertID[] GetCerts()
{
OtherCertID[] array = new OtherCertID[certs.Count];
for (int i = 0; i < certs.Count; i++)
{
array[i] = OtherCertID.GetInstance(certs[i].ToAsn1Object());
}
return(array);
}
/// <summary>
/// Create a reference to a X509Certificate
/// </summary>
private static OtherCertID MakeOtherCertID(X509Certificate cert)
{
byte[] d = DigestUtilities.CalculateDigest(X509ObjectIdentifiers.IdSha1, cert.GetEncoded());
logger.Info(new DerOctetString(d).ToString());
OtherHash hash = new OtherHash(d);
OtherCertID othercertid = new OtherCertID(hash);
return(othercertid);
}
private void checkValues(
OtherSigningCertificate otherCert,
OtherCertID otherCertID)
{
if (otherCert.GetCerts().Length != 1)
{
Fail("GetCerts() length wrong");
}
checkMandatoryField("GetCerts()[0]", otherCertID, otherCert.GetCerts()[0]);
}
private void checkValues(
OtherCertID certID,
AlgorithmIdentifier algId,
byte[] digest,
IssuerSerial issuerSerial)
{
checkMandatoryField("hashAlgorithm", algId, certID.OtherCertHash.HashAlgorithm);
checkMandatoryField("hashValue", digest, certID.OtherCertHash.GetHashValue());
checkOptionalField("issuerSerial", issuerSerial, certID.IssuerSerial);
}
/// <summary>Create a reference to a X509Certificate</summary>
/// <param name="cert"></param>
/// <returns></returns>
/// <exception cref="Sharpen.NoSuchAlgorithmException">Sharpen.NoSuchAlgorithmException
/// </exception>
/// <exception cref="Sharpen.CertificateEncodingException">Sharpen.CertificateEncodingException
/// </exception>
private OtherCertID MakeOtherCertID(X509Certificate cert)
{
byte[] d = DigestUtilities.CalculateDigest
(X509ObjectIdentifiers.IdSha1, cert.GetEncoded());
//LOG.Info(new DerOctetString(d).ToString());
OtherHash hash = new OtherHash(d);
//OtherCertID othercertid = new OtherCertID(new DerSequence(hash.ToAsn1Object()));
OtherCertID othercertid = new OtherCertID(hash);
return(othercertid);
}
private CompleteCertificateRefs(Asn1Sequence seq)
{
if (seq == null)
{
throw new ArgumentNullException("seq");
}
foreach (Asn1Encodable item in seq)
{
OtherCertID.GetInstance(item.ToAsn1Object());
}
otherCertIDs = seq;
}
private void checkConstruction(
OtherSigningCertificate otherCert,
OtherCertID otherCertID)
{
checkValues(otherCert, otherCertID);
otherCert = OtherSigningCertificate.GetInstance(otherCert);
checkValues(otherCert, otherCertID);
Asn1InputStream aIn = new Asn1InputStream(otherCert.ToAsn1Object().GetEncoded());
Asn1Sequence seq = (Asn1Sequence)aIn.ReadObject();
otherCert = OtherSigningCertificate.GetInstance(seq);
checkValues(otherCert, otherCertID);
}
private void checkConstruction(
OtherCertID certID,
AlgorithmIdentifier algId,
byte[] digest,
IssuerSerial issuerSerial)
{
checkValues(certID, algId, digest, issuerSerial);
certID = OtherCertID.GetInstance(certID);
checkValues(certID, algId, digest, issuerSerial);
Asn1InputStream aIn = new Asn1InputStream(certID.ToAsn1Object().GetEncoded());
Asn1Sequence seq = (Asn1Sequence)aIn.ReadObject();
certID = OtherCertID.GetInstance(seq);
checkValues(certID, algId, digest, issuerSerial);
}
public virtual IList <CertificateRef> GetCertificateRefs()
{
IList <CertificateRef> list = new List <CertificateRef>();
if (signerInformation.UnsignedAttributes != null)
{
BcCms.Attribute completeCertRefsAttr = signerInformation.UnsignedAttributes[PkcsObjectIdentifiers.IdAAEtsCertificateRefs];
if (completeCertRefsAttr != null && completeCertRefsAttr.AttrValues.Count >
0)
{
DerSequence completeCertificateRefs = (DerSequence)completeCertRefsAttr.AttrValues[0];
for (int i1 = 0; i1 < completeCertificateRefs.Count; i1++)
{
OtherCertID otherCertId = OtherCertID.GetInstance(completeCertificateRefs[i1]);
CertificateRef certId = new CertificateRef();
certId.SetDigestAlgorithm(otherCertId.OtherCertHash.HashAlgorithm.ObjectID.Id);
otherCertId.OtherCertHash.GetHashValue();
certId.SetDigestValue(otherCertId.OtherCertHash.GetHashValue());
if (otherCertId.IssuerSerial != null)
{
if (otherCertId.IssuerSerial.Issuer != null)
{
certId.SetIssuerName(otherCertId.IssuerSerial.Issuer.ToString());
}
if (otherCertId.IssuerSerial.Serial != null)
{
certId.SetIssuerSerial(otherCertId.IssuerSerial.Serial.ToString());
}
}
list.Add(certId);
}
}
}
return(list);
}
/// <exception cref="System.IO.IOException"></exception>
//private IDictionary<DerObjectIdentifier, Asn1Encodable> ExtendUnsignedAttributes(IDictionary
// <DerObjectIdentifier, Asn1Encodable> unsignedAttrs, X509Certificate signingCertificate
// , SignatureParameters parameters, DateTime signingTime, CertificateSource optionalCertificateSource
// )
private IDictionary ExtendUnsignedAttributes(IDictionary unsignedAttrs, X509Certificate signingCertificate
, SignatureParameters parameters, DateTime signingTime, CertificateSource optionalCertificateSource
)
{
ValidationContext validationContext = certificateVerifier.ValidateCertificate(signingCertificate
, signingTime, new CompositeCertificateSource(new ListCertificateSource(parameters
.CertificateChain), optionalCertificateSource), null, null);
try
{
AList <OtherCertID> completeCertificateRefs = new AList <OtherCertID>();
AList <CrlOcspRef> completeRevocationRefs = new AList <CrlOcspRef>();
foreach (CertificateAndContext c in validationContext.GetNeededCertificates())
{
if (!c.Equals(signingCertificate))
{
completeCertificateRefs.AddItem(MakeOtherCertID(c.GetCertificate()));
}
// certificateValues.add(new X509CertificateStructure((Asn1Sequence) Asn1Object.fromByteArray(c
// .getCertificate().getEncoded())));
AList <CrlValidatedID> crlListIdValues = new AList <CrlValidatedID>();
AList <OcspResponsesID> ocspListIDValues = new AList <OcspResponsesID>();
foreach (X509Crl relatedcrl in validationContext.GetRelatedCRLs(c))
{
crlListIdValues.AddItem(MakeCrlValidatedID((X509Crl)relatedcrl));
}
foreach (BasicOcspResp relatedocspresp in validationContext.GetRelatedOCSPResp(c))
{
ocspListIDValues.AddItem(MakeOcspResponsesID(relatedocspresp));
}
CrlValidatedID[] crlListIdArray = new CrlValidatedID[crlListIdValues.Count];
OcspResponsesID[] ocspListIDArray = new OcspResponsesID[ocspListIDValues.Count];
completeRevocationRefs.AddItem(new CrlOcspRef(new CrlListID(Sharpen.Collections.ToArray
(crlListIdValues, crlListIdArray)), new OcspListID(Sharpen.Collections.ToArray(ocspListIDValues
, ocspListIDArray)), null));
}
OtherCertID[] otherCertIDArray = new OtherCertID[completeCertificateRefs.Count];
CrlOcspRef[] crlOcspRefArray = new CrlOcspRef[completeRevocationRefs.Count];
//unsignedAttrs.Put(PkcsObjectIdentifiers.IdAAEtsCertificateRefs, new Attribute(
unsignedAttrs.Add(PkcsObjectIdentifiers.IdAAEtsCertificateRefs, new BcCms.Attribute(
PkcsObjectIdentifiers.IdAAEtsCertificateRefs, new DerSet(new DerSequence(Sharpen.Collections.ToArray
(completeCertificateRefs, otherCertIDArray)))));
//unsignedAttrs.Put(PkcsObjectIdentifiers.IdAAEtsRevocationRefs, new Attribute(PkcsObjectIdentifiers.IdAAEtsRevocationRefs, new DerSet(new DerSequence(Sharpen.Collections.ToArray
unsignedAttrs.Add(PkcsObjectIdentifiers.IdAAEtsRevocationRefs, new BcCms.Attribute(PkcsObjectIdentifiers.IdAAEtsRevocationRefs, new DerSet(new DerSequence(Sharpen.Collections.ToArray
(completeRevocationRefs, crlOcspRefArray)))));
}
catch (NoSuchAlgorithmException e)
{
throw new RuntimeException(e);
}
catch (CertificateEncodingException e)
{
throw new RuntimeException(e);
}
catch (OcspException e)
{
throw new RuntimeException(e);
}
catch (IOException e)
{
throw new RuntimeException(e);
}
catch (CrlException e)
{
throw new RuntimeException(e);
}
return(unsignedAttrs);
}
public OtherSigningCertificate(OtherCertID otherCertID)
{
certs = new DerSequence(otherCertID);
}
