| 123456789101112131415161718192021222324252627282930313233343536373839404142434445464748495051525354555657585960616263646566676869707172737475767778798081828384858687888990919293949596979899100101102103104105106107108109110111112113114115116117118119120121122123124125126127128129130131132133134135136 |
- #if !BESTHTTP_DISABLE_ALTERNATE_SSL && (!UNITY_WEBGL || UNITY_EDITOR)
- #pragma warning disable
- using System;
- using BestHTTP.SecureProtocol.Org.BouncyCastle.Crypto;
- using BestHTTP.SecureProtocol.Org.BouncyCastle.Crypto.Digests;
- using BestHTTP.SecureProtocol.Org.BouncyCastle.Utilities;
- namespace BestHTTP.SecureProtocol.Org.BouncyCastle.Asn1.X509
- {
- /**
- * The SubjectKeyIdentifier object.
- * <pre>
- * SubjectKeyIdentifier::= OCTET STRING
- * </pre>
- */
- public class SubjectKeyIdentifier
- : Asn1Encodable
- {
- public static SubjectKeyIdentifier GetInstance(Asn1TaggedObject obj, bool explicitly)
- {
- return GetInstance(Asn1OctetString.GetInstance(obj, explicitly));
- }
- public static SubjectKeyIdentifier GetInstance(object obj)
- {
- if (obj is SubjectKeyIdentifier)
- return (SubjectKeyIdentifier)obj;
- if (obj is SubjectPublicKeyInfo)
- return new SubjectKeyIdentifier((SubjectPublicKeyInfo)obj);
- if (obj is X509Extension)
- return GetInstance(X509Extension.ConvertValueToObject((X509Extension)obj));
- if (obj == null)
- return null;
- return new SubjectKeyIdentifier(Asn1OctetString.GetInstance(obj));
- }
- public static SubjectKeyIdentifier FromExtensions(X509Extensions extensions)
- {
- return GetInstance(X509Extensions.GetExtensionParsedValue(extensions, X509Extensions.SubjectKeyIdentifier));
- }
- private readonly byte[] keyIdentifier;
- public SubjectKeyIdentifier(
- byte[] keyID)
- {
- if (keyID == null)
- throw new ArgumentNullException("keyID");
- this.keyIdentifier = Arrays.Clone(keyID);
- }
- public SubjectKeyIdentifier(
- Asn1OctetString keyID)
- : this(keyID.GetOctets())
- {
- }
- /**
- * Calculates the keyIdentifier using a SHA1 hash over the BIT STRING
- * from SubjectPublicKeyInfo as defined in RFC3280.
- *
- * @param spki the subject public key info.
- */
- public SubjectKeyIdentifier(
- SubjectPublicKeyInfo spki)
- {
- this.keyIdentifier = GetDigest(spki);
- }
- public byte[] GetKeyIdentifier()
- {
- return Arrays.Clone(keyIdentifier);
- }
- public override Asn1Object ToAsn1Object()
- {
- return new DerOctetString(GetKeyIdentifier());
- }
- /**
- * Return a RFC 3280 type 1 key identifier. As in:
- * <pre>
- * (1) The keyIdentifier is composed of the 160-bit SHA-1 hash of the
- * value of the BIT STRING subjectPublicKey (excluding the tag,
- * length, and number of unused bits).
- * </pre>
- * @param keyInfo the key info object containing the subjectPublicKey field.
- * @return the key identifier.
- */
- public static SubjectKeyIdentifier CreateSha1KeyIdentifier(
- SubjectPublicKeyInfo keyInfo)
- {
- return new SubjectKeyIdentifier(keyInfo);
- }
- /**
- * Return a RFC 3280 type 2 key identifier. As in:
- * <pre>
- * (2) The keyIdentifier is composed of a four bit type field with
- * the value 0100 followed by the least significant 60 bits of the
- * SHA-1 hash of the value of the BIT STRING subjectPublicKey.
- * </pre>
- * @param keyInfo the key info object containing the subjectPublicKey field.
- * @return the key identifier.
- */
- public static SubjectKeyIdentifier CreateTruncatedSha1KeyIdentifier(
- SubjectPublicKeyInfo keyInfo)
- {
- byte[] dig = GetDigest(keyInfo);
- byte[] id = new byte[8];
- Array.Copy(dig, dig.Length - 8, id, 0, id.Length);
- id[0] &= 0x0f;
- id[0] |= 0x40;
- return new SubjectKeyIdentifier(id);
- }
- private static byte[] GetDigest(
- SubjectPublicKeyInfo spki)
- {
- IDigest digest = new Sha1Digest();
- byte[] resBuf = new byte[digest.GetDigestSize()];
- byte[] bytes = spki.PublicKeyData.GetBytes();
- digest.BlockUpdate(bytes, 0, bytes.Length);
- digest.DoFinal(resBuf, 0);
- return resBuf;
- }
- }
- }
- #pragma warning restore
- #endif
|
