private X509CertificatePair ReadDerCrossCertificatePair( Stream inStream) { Asn1InputStream dIn = new Asn1InputStream(inStream);//, ProviderUtil.getReadLimit(in)); Asn1Sequence seq = (Asn1Sequence)dIn.ReadObject(); CertificatePair pair = CertificatePair.GetInstance(seq); return new X509CertificatePair(pair); }
private OcspResp( Asn1InputStream aIn) { try { this.resp = OcspResponse.GetInstance(aIn.ReadObject()); } catch (Exception e) { throw new IOException("malformed response: " + e.Message, e); } }
private OcspReq( Asn1InputStream aIn) { try { this.req = OcspRequest.GetInstance(aIn.ReadObject()); } catch (ArgumentException e) { throw new IOException("malformed request: " + e.Message); } catch (InvalidCastException e) { throw new IOException("malformed request: " + e.Message); } }
private static TimeStampResp readTimeStampResp( Asn1InputStream input) { try { return TimeStampResp.GetInstance(input.ReadObject()); } catch (ArgumentException e) { throw new TspException("malformed timestamp response: " + e, e); } catch (InvalidCastException e) { throw new TspException("malformed timestamp response: " + e, e); } }
private TimeStampRequest( Asn1InputStream str) { try { this.req = TimeStampReq.GetInstance(str.ReadObject()); } catch (InvalidCastException e) { throw new IOException("malformed request: " + e); } catch (ArgumentException e) { throw new IOException("malformed request: " + e); } }
private X509Crl ReadDerCrl( Asn1InputStream dIn) { Asn1Sequence seq = (Asn1Sequence)dIn.ReadObject(); if (seq.Count > 1 && seq[0] is DerObjectIdentifier) { if (seq[0].Equals(PkcsObjectIdentifiers.SignedData)) { sCrlData = SignedData.GetInstance( Asn1Sequence.GetInstance((Asn1TaggedObject) seq[1], true)).Crls; return GetCrl(); } } return CreateX509Crl(CertificateList.GetInstance(seq)); }
private IX509AttributeCertificate ReadDerCertificate( Asn1InputStream dIn) { Asn1Sequence seq = (Asn1Sequence)dIn.ReadObject(); if (seq.Count > 1 && seq[0] is DerObjectIdentifier) { if (seq[0].Equals(PkcsObjectIdentifiers.SignedData)) { sData = SignedData.GetInstance( Asn1Sequence.GetInstance((Asn1TaggedObject) seq[1], true)).Certificates; return GetCertificate(); } } // return new X509V2AttributeCertificate(seq.getEncoded()); return new X509V2AttributeCertificate(AttributeCertificate.GetInstance(seq)); }
private static ContentInfo ReadContentInfo( Asn1InputStream aIn) { try { return ContentInfo.GetInstance(aIn.ReadObject()); } catch (IOException e) { throw new CmsException("IOException reading content.", e); } catch (InvalidCastException e) { throw new CmsException("Malformed content.", e); } catch (ArgumentException e) { throw new CmsException("Malformed content.", e); } }
internal static void ProcessCertBC( PkixCertPath certPath, int index, PkixNameConstraintValidator nameConstraintValidator) //throws CertPathValidatorException { IList certs = certPath.Certificates; X509Certificate cert = (X509Certificate)certs[index]; int n = certs.Count; // i as defined in the algorithm description int i = n - index; // // (b), (c) permitted and excluded subtree checking. // if (!(PkixCertPathValidatorUtilities.IsSelfIssued(cert) && (i < n))) { X509Name principal = cert.SubjectDN; Asn1InputStream aIn = new Asn1InputStream(principal.GetEncoded()); Asn1Sequence dns; try { dns = DerSequence.GetInstance(aIn.ReadObject()); } catch (Exception e) { throw new PkixCertPathValidatorException( "Exception extracting subject name when checking subtrees.", e, certPath, index); } try { nameConstraintValidator.CheckPermittedDN(dns); nameConstraintValidator.CheckExcludedDN(dns); } catch (PkixNameConstraintValidatorException e) { throw new PkixCertPathValidatorException( "Subtree check for certificate subject failed.", e, certPath, index); } GeneralNames altName = null; try { altName = GeneralNames.GetInstance( PkixCertPathValidatorUtilities.GetExtensionValue(cert, X509Extensions.SubjectAlternativeName)); } catch (Exception e) { throw new PkixCertPathValidatorException( "Subject alternative name extension could not be decoded.", e, certPath, index); } IList emails = X509Name.GetInstance(dns).GetValueList(X509Name.EmailAddress); foreach (string email in emails) { GeneralName emailAsGeneralName = new GeneralName(GeneralName.Rfc822Name, email); try { nameConstraintValidator.checkPermitted(emailAsGeneralName); nameConstraintValidator.checkExcluded(emailAsGeneralName); } catch (PkixNameConstraintValidatorException ex) { throw new PkixCertPathValidatorException( "Subtree check for certificate subject alternative email failed.", ex, certPath, index); } } if (altName != null) { GeneralName[] genNames = null; try { genNames = altName.GetNames(); } catch (Exception e) { throw new PkixCertPathValidatorException( "Subject alternative name contents could not be decoded.", e, certPath, index); } foreach (GeneralName genName in genNames) { try { nameConstraintValidator.checkPermitted(genName); nameConstraintValidator.checkExcluded(genName); } catch (PkixNameConstraintValidatorException e) { throw new PkixCertPathValidatorException( "Subtree check for certificate subject alternative name failed.", e, certPath, index); } } } } }
/** * Creates a CertPath of the specified type. * This constructor is protected because most users should use * a CertificateFactory to create CertPaths. * * @param type the standard name of the type of Certificatesin this path **/ public PkixCertPath( Stream inStream, string encoding) // : base("X.509") { string upper = encoding.ToUpper(); IList certs; try { if (upper.Equals("PkiPath".ToUpper())) { Asn1InputStream derInStream = new Asn1InputStream(inStream); Asn1Object derObject = derInStream.ReadObject(); if (!(derObject is Asn1Sequence)) { throw new CertificateException( "input stream does not contain a ASN1 SEQUENCE while reading PkiPath encoded data to load CertPath"); } certs = Platform.CreateArrayList(); foreach (Asn1Encodable ae in (Asn1Sequence)derObject) { byte[] derBytes = ae.GetEncoded(Asn1Encodable.Der); Stream certInStream = new MemoryStream(derBytes, false); // TODO Is inserting at the front important (list will be sorted later anyway)? certs.Insert(0, new X509CertificateParser().ReadCertificate(certInStream)); } } else if (upper.Equals("PKCS7") || upper.Equals("PEM")) { certs = Platform.CreateArrayList(new X509CertificateParser().ReadCertificates(inStream)); } else { throw new CertificateException("unsupported encoding: " + encoding); } } catch (IOException ex) { throw new CertificateException( "IOException throw while decoding CertPath:\n" + ex.ToString()); } this.certificates = SortCerts(certs); }