| 123456789101112131415161718192021222324252627282930313233343536373839404142434445464748495051525354555657585960616263646566676869707172737475767778798081828384858687888990919293949596979899100101102103104105106107108109110111112113114115116117118119120121122123124125126127128129130131132133134135136137138139140141142143144145 |
- #if !BESTHTTP_DISABLE_ALTERNATE_SSL && (!UNITY_WEBGL || UNITY_EDITOR)
- #pragma warning disable
- using System;
- using BestHTTP.SecureProtocol.Org.BouncyCastle.Asn1;
- using BestHTTP.SecureProtocol.Org.BouncyCastle.Asn1.Ocsp;
- using BestHTTP.SecureProtocol.Org.BouncyCastle.Asn1.X509;
- using BestHTTP.SecureProtocol.Org.BouncyCastle.Crypto;
- using BestHTTP.SecureProtocol.Org.BouncyCastle.Math;
- using BestHTTP.SecureProtocol.Org.BouncyCastle.Security;
- using BestHTTP.SecureProtocol.Org.BouncyCastle.X509;
- namespace BestHTTP.SecureProtocol.Org.BouncyCastle.Ocsp
- {
- public class CertificateID
- {
- public const string HashSha1 = "1.3.14.3.2.26";
- private readonly CertID id;
- public CertificateID(
- CertID id)
- {
- if (id == null)
- throw new ArgumentNullException("id");
- this.id = id;
- }
- /**
- * create from an issuer certificate and the serial number of the
- * certificate it signed.
- * @exception OcspException if any problems occur creating the id fields.
- */
- public CertificateID(
- string hashAlgorithm,
- X509Certificate issuerCert,
- BigInteger serialNumber)
- {
- AlgorithmIdentifier hashAlg = new AlgorithmIdentifier(
- new DerObjectIdentifier(hashAlgorithm), DerNull.Instance);
- this.id = CreateCertID(hashAlg, issuerCert, new DerInteger(serialNumber));
- }
- public string HashAlgOid
- {
- get { return id.HashAlgorithm.Algorithm.Id; }
- }
- public byte[] GetIssuerNameHash()
- {
- return id.IssuerNameHash.GetOctets();
- }
- public byte[] GetIssuerKeyHash()
- {
- return id.IssuerKeyHash.GetOctets();
- }
- /**
- * return the serial number for the certificate associated
- * with this request.
- */
- public BigInteger SerialNumber
- {
- get { return id.SerialNumber.Value; }
- }
- public bool MatchesIssuer(
- X509Certificate issuerCert)
- {
- return CreateCertID(id.HashAlgorithm, issuerCert, id.SerialNumber).Equals(id);
- }
- public CertID ToAsn1Object()
- {
- return id;
- }
- public override bool Equals(
- object obj)
- {
- if (obj == this)
- return true;
- CertificateID other = obj as CertificateID;
- if (other == null)
- return false;
- return id.ToAsn1Object().Equals(other.id.ToAsn1Object());
- }
- public override int GetHashCode()
- {
- return id.ToAsn1Object().GetHashCode();
- }
- /**
- * Create a new CertificateID for a new serial number derived from a previous one
- * calculated for the same CA certificate.
- *
- * @param original the previously calculated CertificateID for the CA.
- * @param newSerialNumber the serial number for the new certificate of interest.
- *
- * @return a new CertificateID for newSerialNumber
- */
- public static CertificateID DeriveCertificateID(CertificateID original, BigInteger newSerialNumber)
- {
- return new CertificateID(new CertID(original.id.HashAlgorithm, original.id.IssuerNameHash,
- original.id.IssuerKeyHash, new DerInteger(newSerialNumber)));
- }
- private static CertID CreateCertID(
- AlgorithmIdentifier hashAlg,
- X509Certificate issuerCert,
- DerInteger serialNumber)
- {
- try
- {
- String hashAlgorithm = hashAlg.Algorithm.Id;
- X509Name issuerName = PrincipalUtilities.GetSubjectX509Principal(issuerCert);
- byte[] issuerNameHash = DigestUtilities.CalculateDigest(
- hashAlgorithm, issuerName.GetEncoded());
- AsymmetricKeyParameter issuerKey = issuerCert.GetPublicKey();
- SubjectPublicKeyInfo info = SubjectPublicKeyInfoFactory.CreateSubjectPublicKeyInfo(issuerKey);
- byte[] issuerKeyHash = DigestUtilities.CalculateDigest(
- hashAlgorithm, info.PublicKeyData.GetBytes());
- return new CertID(hashAlg, new DerOctetString(issuerNameHash),
- new DerOctetString(issuerKeyHash), serialNumber);
- }
- catch (Exception e)
- {
- throw new OcspException("problem creating ID: " + e, e);
- }
- }
- }
- }
- #pragma warning restore
- #endif
|
