/// <summary>
/// Test is x509 file certified by the certifier.
/// </summary>
/// <param name="certifier">Public key of the certifier.</param>
/// <returns>True, if certifier has certified the certificate.</returns>
public bool IsCertified(GXPublicKey certifier)
{
if (certifier == null)
{
throw new ArgumentNullException(nameof(certifier));
}
//Get raw data
GXByteBuffer tmp2 = new GXByteBuffer();
tmp2.Set(Encoded);
GXAsn1Converter.GetNext(tmp2);
tmp2.Size = tmp2.Position;
tmp2.Position = 1;
GXCommon.GetObjectCount(tmp2);
GXEcdsa e = new GXEcdsa(certifier);
GXAsn1Sequence tmp3 = (GXAsn1Sequence)GXAsn1Converter.FromByteArray(Signature);
GXByteBuffer bb = new GXByteBuffer();
int size = SignatureAlgorithm == HashAlgorithm.Sha256WithEcdsa ? 32 : 48;
//Some implementations might add extra byte. It must removed.
bb.Set(((GXAsn1Integer)tmp3[0]).Value, ((GXAsn1Integer)tmp3[0]).Value.Length == size ? 0 : 1, size);
bb.Set(((GXAsn1Integer)tmp3[1]).Value, ((GXAsn1Integer)tmp3[1]).Value.Length == size ? 0 : 1, size);
return(e.Verify(bb.Array(), tmp2.SubArray(tmp2.Position, tmp2.Available)));
}
private void Init(byte[] data)
{
rawData = data;
Attributes = new List <KeyValuePair <PkcsObjectIdentifier, object[]> >();
GXAsn1Sequence seq = (GXAsn1Sequence)GXAsn1Converter.FromByteArray(data);
if (seq.Count < 3)
{
throw new System.ArgumentException("Wrong number of elements in sequence.");
}
if (!(seq[0] is GXAsn1Sequence))
{
PkcsType type = GXAsn1Converter.GetCertificateType(data, seq);
switch (type)
{
case PkcsType.Pkcs8:
throw new GXDLMSCertificateException("Invalid Certificate. This is PKCS 8, not PKCS 10.");
case PkcsType.x509Certificate:
throw new GXDLMSCertificateException("Invalid Certificate. This is PKCS x509 certificate, not PKCS 10.");
}
throw new GXDLMSCertificateException("Invalid Certificate Version.");
}
/////////////////////////////
// CertificationRequestInfo ::= SEQUENCE {
// version INTEGER { v1(0) } (v1,...),
// subject Name,
// subjectPKInfo SubjectPublicKeyInfo{{ PKInfoAlgorithms }},
// attributes [0] Attributes{{ CRIAttributes }}
// }
GXAsn1Sequence reqInfo = (GXAsn1Sequence)seq[0];
Version = (CertificateVersion)(sbyte)reqInfo[0];
Subject = GXAsn1Converter.GetSubject((GXAsn1Sequence)reqInfo[1]);
// subject Public key info.
GXAsn1Sequence subjectPKInfo = (GXAsn1Sequence)reqInfo[2];
if (reqInfo.Count > 3)
{
//PkcsObjectIdentifier
foreach (GXAsn1Sequence it in (GXAsn1Context)reqInfo[3])
{
List <object> values = new List <object>();
foreach (object v in (List <object>)((KeyValuePair <object, object>)it[1]).Key)
{
values.Add(v);
}
Attributes.Add(new KeyValuePair <PkcsObjectIdentifier, object[]>(PkcsObjectIdentifierConverter.FromString(it[0].ToString()), values.ToArray()));
}
}
GXAsn1Sequence tmp = (GXAsn1Sequence)subjectPKInfo[0];
Algorithm = X9ObjectIdentifierConverter.FromString(tmp[0].ToString());
if (Algorithm != X9ObjectIdentifier.IdECPublicKey)
{
object algorithm = Algorithm;
if (Algorithm == X9ObjectIdentifier.None)
{
algorithm = PkcsObjectIdentifierConverter.FromString(tmp[0].ToString());
if ((PkcsObjectIdentifier)algorithm == PkcsObjectIdentifier.None)
{
algorithm = tmp[0].ToString();
}
}
throw new Exception("Invalid PKCS #10 certificate algorithm. " + algorithm);
}
PublicKey = GXPublicKey.FromRawBytes(((GXAsn1BitString)subjectPKInfo[1]).Value);
GXEcdsa.Validate(PublicKey);
/////////////////////////////
// signatureAlgorithm
GXAsn1Sequence sign = (GXAsn1Sequence)seq[1];
SignatureAlgorithm = HashAlgorithmConverter.FromString(sign[0].ToString());
if (SignatureAlgorithm != HashAlgorithm.Sha256WithEcdsa && SignatureAlgorithm != HashAlgorithm.Sha384WithEcdsa)
{
throw new GXDLMSCertificateException("Invalid signature algorithm. " + sign[0].ToString());
}
if (sign.Count != 1)
{
SignatureParameters = sign[1];
}
/////////////////////////////
// signature
//Get raw data
GXByteBuffer tmp2 = new GXByteBuffer();
tmp2.Set(data);
GXAsn1Converter.GetNext(tmp2);
tmp2.Size = tmp2.Position;
tmp2.Position = 1;
GXCommon.GetObjectCount(tmp2);
//Get signature.
Signature = ((GXAsn1BitString)seq[2]).Value;
GXEcdsa e = new GXEcdsa(PublicKey);
GXAsn1Sequence tmp3 = (GXAsn1Sequence)GXAsn1Converter.FromByteArray(Signature);
GXByteBuffer bb = new GXByteBuffer();
int size = SignatureAlgorithm == HashAlgorithm.Sha256WithEcdsa ? 32 : 48;
//Some implementations might add extra byte. It must removed.
bb.Set(((GXAsn1Integer)tmp3[0]).Value, ((GXAsn1Integer)tmp3[0]).Value.Length == size ? 0 : 1, size);
bb.Set(((GXAsn1Integer)tmp3[1]).Value, ((GXAsn1Integer)tmp3[1]).Value.Length == size ? 0 : 1, size);
if (!e.Verify(bb.Array(), tmp2.SubArray(tmp2.Position, tmp2.Available)))
{
throw new ArgumentException("Invalid Signature.");
}
}