public TimeStampRequest Generate( string digestAlgorithmOid, byte[] digest, IBigInteger nonce) { if (digestAlgorithmOid == null) { throw new ArgumentException("No digest algorithm specified"); } DerObjectIdentifier digestAlgOid = new DerObjectIdentifier(digestAlgorithmOid); AlgorithmIdentifier algID = new AlgorithmIdentifier(digestAlgOid, DerNull.Instance); MessageImprint messageImprint = new MessageImprint(algID, digest); X509Extensions ext = null; if (extOrdering.Count != 0) { ext = new X509Extensions(extOrdering, extensions); } DerInteger derNonce = nonce == null ? null : new DerInteger(nonce); return new TimeStampRequest( new TimeStampReq(messageImprint, reqPolicy, derNonce, certReq, ext)); }
private ResponseObject( CertificateID certId, CertificateStatus certStatus, DerGeneralizedTime thisUpdate, DerGeneralizedTime nextUpdate, X509Extensions extensions) { this.certId = certId; if (certStatus == null) { this.certStatus = new CertStatus(); } else if (certStatus is UnknownStatus) { this.certStatus = new CertStatus(2, DerNull.Instance); } else { RevokedStatus rs = (RevokedStatus) certStatus; CrlReason revocationReason = rs.HasRevocationReason ? new CrlReason(rs.RevocationReason) : null; this.certStatus = new CertStatus( new RevokedInfo(new DerGeneralizedTime(rs.RevocationTime), revocationReason)); } this.thisUpdate = thisUpdate; this.nextUpdate = nextUpdate; this.extensions = extensions; }
private RevDetails(Asn1Sequence seq) { certDetails = CertTemplate.GetInstance(seq[0]); crlEntryDetails = seq.Count <= 1 ? null : X509Extensions.GetInstance(seq[1]); }
public RequestObject( CertificateID certId, X509Extensions extensions) { this.certId = certId; this.extensions = extensions; }
private AttributeCertificateInfo( Asn1Sequence seq) { if (seq.Count < 7 || seq.Count > 9) { throw new ArgumentException("Bad sequence size: " + seq.Count); } this.version = DerInteger.GetInstance(seq[0]); this.holder = Holder.GetInstance(seq[1]); this.issuer = AttCertIssuer.GetInstance(seq[2]); this.signature = AlgorithmIdentifier.GetInstance(seq[3]); this.serialNumber = DerInteger.GetInstance(seq[4]); this.attrCertValidityPeriod = AttCertValidityPeriod.GetInstance(seq[5]); this.attributes = Asn1Sequence.GetInstance(seq[6]); for (int i = 7; i < seq.Count; i++) { Asn1Encodable obj = (Asn1Encodable) seq[i]; if (obj is DerBitString) { this.issuerUniqueID = DerBitString.GetInstance(seq[i]); } else if (obj is Asn1Sequence || obj is X509Extensions) { this.extensions = X509Extensions.GetInstance(seq[i]); } } }
/* public X509Certificate2 FindRootCertificate(X509Certificate2 serverX509Certificate2, IDictionary<string, X509Certificate2> rootCertificateDirectory) * { * bool rootCertificateFound = false; * X509Certificate2 desiredRootX509Certificate2 = null; * // Find the desired root certificate * X509Chain x509Chain = new X509Chain(); * x509Chain.ChainPolicy.RevocationMode = X509RevocationMode.NoCheck; * x509Chain.Build(serverX509Certificate2); * * // Iterate though the chain, to validate if it contain a valid root vertificate * X509ChainElementCollection x509ChainElementCollection = x509Chain.ChainElements; * X509ChainElementEnumerator enumerator = x509ChainElementCollection.GetEnumerator(); * X509ChainElement x509ChainElement; * X509Certificate2 x509Certificate2 = null; * string x509CertificateThumbprint; * // At this point, the certificate is not valid, until a * // it is proved that it has a valid root certificate * while (rootCertificateFound == false && enumerator.MoveNext()) * { * x509ChainElement = enumerator.Current; * x509Certificate2 = x509ChainElement.Certificate; * x509CertificateThumbprint = x509Certificate2.Thumbprint.ToLowerInvariant(); * if (rootCertificateDirectory.ContainsKey(x509CertificateThumbprint)) * { * // The current chain element is in the trusted rootCertificateDirectory * rootCertificateFound = true; * * // now the loop will break, as we have found a trusted root certificate * } * } * * if (rootCertificateFound) * { * // root certificate is found * desiredRootX509Certificate2 = x509Certificate2; * } * * return desiredRootX509Certificate2; * }*/ public List <string> GetAuthorityInformationAccessOcspUrl(X509Certificate2 x509Certificate2) { List <string> ocspUrls = new List <string>(); try { // DanID test code shows how to do it Org.BouncyCastle.Asn1.X509.X509Extensions x509Extensions = this.GetX509Extensions(x509Certificate2); Org.BouncyCastle.Asn1.X509.X509Extension x509Extension = x509Extensions.GetExtension(Org.BouncyCastle.Asn1.X509.X509Extensions.AuthorityInfoAccess); if (x509Extension == null) { // The desired info does not exist // Meaning the certificate does not contain ocsp urls } else { Org.BouncyCastle.Asn1.X509.AuthorityInformationAccess authorityInformationAccess = Org.BouncyCastle.Asn1.X509.AuthorityInformationAccess.GetInstance(x509Extension.GetParsedValue()); Org.BouncyCastle.Asn1.X509.AccessDescription[] accessDescription = authorityInformationAccess.GetAccessDescriptions(); string ocspUrl = this.GetAccessDescriptionUrlForOid(AccessDescription.IdADOcsp, accessDescription); ocspUrls.Add(ocspUrl); } } catch (Exception e) { throw new Exception("Error parsing AIA.", e); } return(ocspUrls); }
public SingleResponse( Asn1Sequence seq) { this.certID = CertID.GetInstance(seq[0]); this.certStatus = CertStatus.GetInstance(seq[1]); this.thisUpdate = (DerGeneralizedTime)seq[2]; if (seq.Count > 4) { this.nextUpdate = DerGeneralizedTime.GetInstance( (Asn1TaggedObject) seq[3], true); this.singleExtensions = X509Extensions.GetInstance( (Asn1TaggedObject) seq[4], true); } else if (seq.Count > 3) { Asn1TaggedObject o = (Asn1TaggedObject) seq[3]; if (o.TagNo == 0) { this.nextUpdate = DerGeneralizedTime.GetInstance(o, true); } else { this.singleExtensions = X509Extensions.GetInstance(o, true); } } }
public ResponseData( ResponderID responderID, DerGeneralizedTime producedAt, Asn1Sequence responses, X509Extensions responseExtensions) : this(V1, responderID, producedAt, responses, responseExtensions) { }
public ResponseObject( CertificateID certId, CertificateStatus certStatus, DateTime thisUpdate, X509Extensions extensions) : this(certId, certStatus, new DerGeneralizedTime(thisUpdate), null, extensions) { }
private RevDetails(Asn1Sequence seq) { certDetails = CertTemplate.GetInstance(seq[0]); if (seq.Count > 1) { crlEntryDetails = X509Extensions.GetInstance(seq[1]); } }
public Request( CertID reqCert, X509Extensions singleRequestExtensions) { if (reqCert == null) throw new ArgumentNullException("reqCert"); this.reqCert = reqCert; this.singleRequestExtensions = singleRequestExtensions; }
public TbsRequest( GeneralName requestorName, Asn1Sequence requestList, X509Extensions requestExtensions) { this.version = V1; this.requestorName = requestorName; this.requestList = requestList; this.requestExtensions = requestExtensions; }
private Request( Asn1Sequence seq) { reqCert = CertID.GetInstance(seq[0]); if (seq.Count == 2) { singleRequestExtensions = X509Extensions.GetInstance( (Asn1TaggedObject)seq[1], true); } }
private RevAnnContent(Asn1Sequence seq) { status = PkiStatusEncodable.GetInstance(seq[0]); certId = CertId.GetInstance(seq[1]); willBeRevokedAt = DerGeneralizedTime.GetInstance(seq[2]); badSinceDate = DerGeneralizedTime.GetInstance(seq[3]); if (seq.Count > 4) { crlDetails = X509Extensions.GetInstance(seq[4]); } }
public SingleResponse( CertID certID, CertStatus certStatus, DerGeneralizedTime thisUpdate, DerGeneralizedTime nextUpdate, X509Extensions singleExtensions) { this.certID = certID; this.certStatus = certStatus; this.thisUpdate = thisUpdate; this.nextUpdate = nextUpdate; this.singleExtensions = singleExtensions; }
public ResponseData( DerInteger version, ResponderID responderID, DerGeneralizedTime producedAt, Asn1Sequence responses, X509Extensions responseExtensions) { this.version = version; this.responderID = responderID; this.producedAt = producedAt; this.responses = responses; this.responseExtensions = responseExtensions; }
public TimeStampReq( MessageImprint messageImprint, DerObjectIdentifier tsaPolicy, DerInteger nonce, DerBoolean certReq, X509Extensions extensions) { // default this.version = new DerInteger(1); this.messageImprint = messageImprint; this.tsaPolicy = tsaPolicy; this.nonce = nonce; this.certReq = certReq; this.extensions = extensions; }
public CrlEntry( Asn1Sequence seq) { if (seq.Count < 2 || seq.Count > 3) { throw new ArgumentException("Bad sequence size: " + seq.Count); } this.seq = seq; userCertificate = DerInteger.GetInstance(seq[0]); revocationDate = Time.GetInstance(seq[1]); if (seq.Count == 3) { crlEntryExtensions = X509Extensions.GetInstance(seq[2]); } }
private CertTemplate(Asn1Sequence seq) { this.seq = seq; foreach (Asn1TaggedObject tObj in seq) { switch (tObj.TagNo) { case 0: version = DerInteger.GetInstance(tObj, false); break; case 1: serialNumber = DerInteger.GetInstance(tObj, false); break; case 2: signingAlg = AlgorithmIdentifier.GetInstance(tObj, false); break; case 3: issuer = X509Name.GetInstance(tObj, true); // CHOICE break; case 4: validity = OptionalValidity.GetInstance(Asn1Sequence.GetInstance(tObj, false)); break; case 5: subject = X509Name.GetInstance(tObj, true); // CHOICE break; case 6: publicKey = SubjectPublicKeyInfo.GetInstance(tObj, false); break; case 7: issuerUID = DerBitString.GetInstance(tObj, false); break; case 8: subjectUID = DerBitString.GetInstance(tObj, false); break; case 9: extensions = X509Extensions.GetInstance(tObj, false); break; default: throw new ArgumentException("unknown tag: " + tObj.TagNo, "seq"); } } }
private TimeStampReq( Asn1Sequence seq) { int nbObjects = seq.Count; int seqStart = 0; // version version = DerInteger.GetInstance(seq[seqStart++]); // messageImprint messageImprint = MessageImprint.GetInstance(seq[seqStart++]); for (int opt = seqStart; opt < nbObjects; opt++) { // tsaPolicy if (seq[opt] is DerObjectIdentifier) { tsaPolicy = DerObjectIdentifier.GetInstance(seq[opt]); } // nonce else if (seq[opt] is DerInteger) { nonce = DerInteger.GetInstance(seq[opt]); } // certReq else if (seq[opt] is DerBoolean) { certReq = DerBoolean.GetInstance(seq[opt]); } // extensions else if (seq[opt] is Asn1TaggedObject) { Asn1TaggedObject tagged = (Asn1TaggedObject) seq[opt]; if (tagged.TagNo == 0) { extensions = X509Extensions.GetInstance(tagged, false); } } } }
private TbsRequest( Asn1Sequence seq) { int index = 0; Asn1Encodable enc = seq[0]; if (enc is Asn1TaggedObject) { Asn1TaggedObject o = (Asn1TaggedObject) enc; if (o.TagNo == 0) { version = DerInteger.GetInstance(o, true); index++; } else { version = V1; } } else { version = V1; } if (seq[index] is Asn1TaggedObject) { requestorName = GeneralName.GetInstance((Asn1TaggedObject) seq[index++], true); } requestList = (Asn1Sequence) seq[index++]; if (seq.Count == (index + 1)) { requestExtensions = X509Extensions.GetInstance((Asn1TaggedObject) seq[index], true); } }
public RevDetails(CertTemplate certDetails, X509Extensions crlEntryDetails) { this.crlEntryDetails = crlEntryDetails; }
/** * @param responderIDList * an {@link IList} of {@link ResponderID}, specifying the list of trusted OCSP * responders. An empty list has the special meaning that the responders are * implicitly known to the server - e.g., by prior arrangement. * @param requestExtensions * OCSP request extensions. A null value means that there are no extensions. */ public OcspStatusRequest(IList responderIDList, X509Extensions requestExtensions) { this.mResponderIDList = responderIDList; this.mRequestExtensions = requestExtensions; }
/** * Add a CRL entry with extensions. **/ public void AddCrlEntry( IBigInteger userCertificate, DateTime revocationDate, X509Extensions extensions) { tbsGen.AddCrlEntry(new DerInteger(userCertificate), new Time(revocationDate), extensions); }
public static AuthorityKeyIdentifier FromExtensions(X509Extensions extensions) { return(GetInstance(X509Extensions.GetExtensionParsedValue(extensions, X509Extensions.AuthorityKeyIdentifier))); }
public static X509Extension GetExtension(X509Extensions extensions, DerObjectIdentifier oid) { return(null == extensions ? null : extensions.GetExtension(oid)); }
internal TbsCertificateList( Asn1Sequence seq) { if (seq.Count < 3 || seq.Count > 7) { throw new ArgumentException("Bad sequence size: " + seq.Count); } int seqPos = 0; this.seq = seq; if (seq[seqPos] is DerInteger) { version = DerInteger.GetInstance(seq[seqPos++]); } else { version = new DerInteger(0); } signature = AlgorithmIdentifier.GetInstance(seq[seqPos++]); issuer = X509Name.GetInstance(seq[seqPos++]); thisUpdate = Time.GetInstance(seq[seqPos++]); if (seqPos < seq.Count && (seq[seqPos] is DerUtcTime || seq[seqPos] is DerGeneralizedTime || seq[seqPos] is Time)) { nextUpdate = Time.GetInstance(seq[seqPos++]); } if (seqPos < seq.Count && !(seq[seqPos] is DerTaggedObject)) { revokedCertificates = Asn1Sequence.GetInstance(seq[seqPos++]); } if (seqPos < seq.Count && seq[seqPos] is DerTaggedObject) { crlExtensions = X509Extensions.GetInstance(seq[seqPos]); } }
private ResponseData( Asn1Sequence seq) { int index = 0; Asn1Encodable enc = seq[0]; if (enc is Asn1TaggedObject) { Asn1TaggedObject o = (Asn1TaggedObject)enc; if (o.TagNo == 0) { this.versionPresent = true; this.version = DerInteger.GetInstance(o, true); index++; } else { this.version = V1; } } else { this.version = V1; } this.responderID = ResponderID.GetInstance(seq[index++]); this.producedAt = (DerGeneralizedTime)seq[index++]; this.responses = (Asn1Sequence)seq[index++]; if (seq.Count > index) { this.responseExtensions = X509Extensions.GetInstance( (Asn1TaggedObject)seq[index], true); } }
private void checkCrlCreation3() { IAsymmetricCipherKeyPairGenerator kpGen = GeneratorUtilities.GetKeyPairGenerator("RSA"); kpGen.Init( new RsaKeyGenerationParameters( BigInteger.ValueOf(0x10001), new SecureRandom(), 768, 25)); X509V2CrlGenerator crlGen = new X509V2CrlGenerator(); DateTime now = DateTime.UtcNow; AsymmetricCipherKeyPair pair = kpGen.GenerateKeyPair(); crlGen.SetIssuerDN(new X509Name("CN=Test CA")); crlGen.SetThisUpdate(now); crlGen.SetNextUpdate(now.AddSeconds(100)); crlGen.SetSignatureAlgorithm("SHA256WithRSAEncryption"); IList extOids = new ArrayList(); IList extValues = new ArrayList(); CrlReason crlReason = new CrlReason(CrlReason.PrivilegeWithdrawn); try { extOids.Add(X509Extensions.ReasonCode); extValues.Add(new X509Extension(false, new DerOctetString(crlReason.GetEncoded()))); } catch (IOException e) { throw new ArgumentException("error encoding reason: " + e); } X509Extensions entryExtensions = new X509Extensions(extOids, extValues); crlGen.AddCrlEntry(BigInteger.One, now, entryExtensions); crlGen.AddExtension(X509Extensions.AuthorityKeyIdentifier, false, new AuthorityKeyIdentifierStructure(pair.Public)); X509Crl crl = crlGen.Generate(pair.Private); if (!crl.IssuerDN.Equivalent(new X509Name("CN=Test CA"), true)) { Fail("failed CRL issuer test"); } Asn1OctetString authExt = crl.GetExtensionValue(X509Extensions.AuthorityKeyIdentifier); if (authExt == null) { Fail("failed to find CRL extension"); } AuthorityKeyIdentifier authId = new AuthorityKeyIdentifierStructure(authExt); X509CrlEntry entry = crl.GetRevokedCertificate(BigInteger.One); if (entry == null) { Fail("failed to find CRL entry"); } if (!entry.SerialNumber.Equals(BigInteger.One)) { Fail("CRL cert serial number does not match"); } if (!entry.HasExtensions) { Fail("CRL entry extension not found"); } Asn1OctetString ext = entry.GetExtensionValue(X509Extensions.ReasonCode); if (ext != null) { DerEnumerated reasonCode = (DerEnumerated)X509ExtensionUtilities.FromExtensionValue(ext); if (reasonCode.Value.IntValue != CrlReason.PrivilegeWithdrawn) { Fail("CRL entry reasonCode wrong"); } } else { Fail("CRL entry reasonCode not found"); } // // check loading of existing CRL // crlGen = new X509V2CrlGenerator(); now = DateTime.UtcNow; crlGen.SetIssuerDN(new X509Name("CN=Test CA")); crlGen.SetThisUpdate(now); crlGen.SetNextUpdate(now.AddSeconds(100)); crlGen.SetSignatureAlgorithm("SHA256WithRSAEncryption"); crlGen.AddCrl(crl); crlGen.AddCrlEntry(BigInteger.Two, now, entryExtensions); crlGen.AddExtension(X509Extensions.AuthorityKeyIdentifier, false, new AuthorityKeyIdentifierStructure(pair.Public)); X509Crl newCrl = crlGen.Generate(pair.Private); int count = 0; bool oneFound = false; bool twoFound = false; foreach (X509CrlEntry crlEnt in newCrl.GetRevokedCertificates()) { if (crlEnt.SerialNumber.IntValue == 1) { oneFound = true; } else if (crlEnt.SerialNumber.IntValue == 2) { twoFound = true; } count++; } if (count != 2) { Fail("wrong number of CRLs found"); } if (!oneFound || !twoFound) { Fail("wrong CRLs found in copied list"); } // // check factory read back // X509Crl readCrl = new X509CrlParser().ReadCrl(newCrl.GetEncoded()); if (readCrl == null) { Fail("crl not returned!"); } // ICollection col = cFact.generateCRLs(new ByteArrayInputStream(newCrl.getEncoded())); ICollection col = new X509CrlParser().ReadCrls(newCrl.GetEncoded()); if (col.Count != 1) { Fail("wrong number of CRLs found in collection"); } }
public static GeneralNames FromExtensions(X509Extensions extensions, DerObjectIdentifier extOid) { return(GetInstance(X509Extensions.GetExtensionParsedValue(extensions, extOid))); }
public static Asn1Encodable GetExtensionParsedValue(X509Extensions extensions, DerObjectIdentifier oid) { return(null == extensions ? null : extensions.GetExtensionParsedValue(oid)); }
public void SetExtensions(X509Extensions extensions) { this.extensions = extensions; }
public static CrlDistPoint FromExtensions(X509Extensions extensions) { return(GetInstance(X509Extensions.GetExtensionParsedValue(extensions, X509Extensions.CrlDistributionPoints))); }
public static AuthorityInformationAccess FromExtensions(X509Extensions extensions) { return(GetInstance(X509Extensions.GetExtensionParsedValue(extensions, X509Extensions.AuthorityInfoAccess))); }
public void SetExtensions( X509Extensions extensions) { this.extensions = extensions; }
public bool Equivalent( X509Extensions other) { if (extensions.Count != other.extensions.Count) return false; foreach (DerObjectIdentifier oid in extensions.Keys) { if (!extensions[oid].Equals(other.extensions[oid])) return false; } return true; }
private void checkCrlCreation2() { IAsymmetricCipherKeyPairGenerator kpGen = GeneratorUtilities.GetKeyPairGenerator("RSA"); kpGen.Init( new RsaKeyGenerationParameters( BigInteger.ValueOf(0x10001), new SecureRandom(), 768, 25)); X509V2CrlGenerator crlGen = new X509V2CrlGenerator(); DateTime now = DateTime.UtcNow; AsymmetricCipherKeyPair pair = kpGen.GenerateKeyPair(); crlGen.SetIssuerDN(new X509Name("CN=Test CA")); crlGen.SetThisUpdate(now); crlGen.SetNextUpdate(now.AddSeconds(100)); crlGen.SetSignatureAlgorithm("SHA256WithRSAEncryption"); IList extOids = new ArrayList(); IList extValues = new ArrayList(); CrlReason crlReason = new CrlReason(CrlReason.PrivilegeWithdrawn); try { extOids.Add(X509Extensions.ReasonCode); extValues.Add(new X509Extension(false, new DerOctetString(crlReason.GetEncoded()))); } catch (IOException e) { throw new ArgumentException("error encoding reason: " + e); } X509Extensions entryExtensions = new X509Extensions(extOids, extValues); crlGen.AddCrlEntry(BigInteger.One, now, entryExtensions); crlGen.AddExtension(X509Extensions.AuthorityKeyIdentifier, false, new AuthorityKeyIdentifierStructure(pair.Public)); X509Crl crl = crlGen.Generate(pair.Private); if (!crl.IssuerDN.Equivalent(new X509Name("CN=Test CA"), true)) { Fail("failed CRL issuer test"); } Asn1OctetString authExt = crl.GetExtensionValue(X509Extensions.AuthorityKeyIdentifier); if (authExt == null) { Fail("failed to find CRL extension"); } AuthorityKeyIdentifier authId = new AuthorityKeyIdentifierStructure(authExt); X509CrlEntry entry = crl.GetRevokedCertificate(BigInteger.One); if (entry == null) { Fail("failed to find CRL entry"); } if (!entry.SerialNumber.Equals(BigInteger.One)) { Fail("CRL cert serial number does not match"); } if (!entry.HasExtensions) { Fail("CRL entry extension not found"); } Asn1OctetString ext = entry.GetExtensionValue(X509Extensions.ReasonCode); if (ext != null) { DerEnumerated reasonCode = (DerEnumerated)X509ExtensionUtilities.FromExtensionValue(ext); if (reasonCode.Value.IntValue != CrlReason.PrivilegeWithdrawn) { Fail("CRL entry reasonCode wrong"); } } else { Fail("CRL entry reasonCode not found"); } }
internal TbsCertificateStructure( Asn1Sequence seq) { int seqStart = 0; this.seq = seq; // // some certficates don't include a version number - we assume v1 // if (seq[0] is DerTaggedObject) { version = DerInteger.GetInstance((Asn1TaggedObject)seq[0], true); } else { seqStart = -1; // field 0 is missing! version = new DerInteger(0); } bool isV1 = false; bool isV2 = false; if (version.Value.Equals(BigInteger.Zero)) { isV1 = true; } else if (version.Value.Equals(BigInteger.One)) { isV2 = true; } else if (!version.Value.Equals(BigInteger.Two)) { throw new ArgumentException("version number not recognised"); } serialNumber = DerInteger.GetInstance(seq[seqStart + 1]); signature = AlgorithmIdentifier.GetInstance(seq[seqStart + 2]); issuer = X509Name.GetInstance(seq[seqStart + 3]); // // before and after dates // Asn1Sequence dates = (Asn1Sequence)seq[seqStart + 4]; startDate = Time.GetInstance(dates[0]); endDate = Time.GetInstance(dates[1]); subject = X509Name.GetInstance(seq[seqStart + 5]); // // public key info. // subjectPublicKeyInfo = SubjectPublicKeyInfo.GetInstance(seq[seqStart + 6]); int extras = seq.Count - (seqStart + 6) - 1; if (extras != 0 && isV1) { throw new ArgumentException("version 1 certificate contains extra data"); } while (extras > 0) { DerTaggedObject extra = (DerTaggedObject)seq[seqStart + 6 + extras]; switch (extra.TagNo) { case 1: { issuerUniqueID = DerBitString.GetInstance(extra, false); break; } case 2: { subjectUniqueID = DerBitString.GetInstance(extra, false); break; } case 3: { if (isV2) { throw new ArgumentException("version 2 certificate cannot contain extensions"); } extensions = X509Extensions.GetInstance(Asn1Sequence.GetInstance(extra, true)); break; } default: { throw new ArgumentException("Unknown tag encountered in structure: " + extra.TagNo); } } extras--; } }
internal TbsCertificateStructure( Asn1Sequence seq) { int seqStart = 0; this.seq = seq; // // some certficates don't include a version number - we assume v1 // if (seq[0] is DerTaggedObject) { version = DerInteger.GetInstance((Asn1TaggedObject)seq[0], true); } else { seqStart = -1; // field 0 is missing! version = new DerInteger(0); } serialNumber = DerInteger.GetInstance(seq[seqStart + 1]); signature = AlgorithmIdentifier.GetInstance(seq[seqStart + 2]); issuer = X509Name.GetInstance(seq[seqStart + 3]); // // before and after dates // Asn1Sequence dates = (Asn1Sequence)seq[seqStart + 4]; startDate = Time.GetInstance(dates[0]); endDate = Time.GetInstance(dates[1]); subject = X509Name.GetInstance(seq[seqStart + 5]); // // public key info. // subjectPublicKeyInfo = SubjectPublicKeyInfo.GetInstance(seq[seqStart + 6]); for (int extras = seq.Count - (seqStart + 6) - 1; extras > 0; extras--) { DerTaggedObject extra = (DerTaggedObject) seq[seqStart + 6 + extras]; switch (extra.TagNo) { case 1: issuerUniqueID = DerBitString.GetInstance(extra, false); break; case 2: subjectUniqueID = DerBitString.GetInstance(extra, false); break; case 3: extensions = X509Extensions.GetInstance(extra); break; } } }
public static SubjectKeyIdentifier FromExtensions(X509Extensions extensions) { return(GetInstance(X509Extensions.GetExtensionParsedValue(extensions, X509Extensions.SubjectKeyIdentifier))); }