Home Esplora Aiuto
Registrati Accedi
wartheking
/
WaterFlush
1
0
Forka 0
File Problemi 0 Pull Requests 0 Wiki
Albero (Tree): 26b9e86ba4
Rami (Branch) Tag
WaterFlush
/
Packages
/
com.tivadar.best.http
/
Runtime
/
3rdParty
/
BouncyCastle
/
pkcs
/
Pkcs10CertificationRequestDelaySigned.cs

Pkcs10CertificationRequestDelaySigned.cs 4.9 KB
Cronologia Originale

123456789101112131415161718192021222324252627282930313233343536373839404142434445464748495051525354555657585960616263646566676869707172737475767778798081828384858687888990919293949596979899100101102103104105106107108109110111112113114115116117118119120121122123124125126127128129130131132133134135136137138139140141142143144145 
  1. #if !BESTHTTP_DISABLE_ALTERNATE_SSL && (!UNITY_WEBGL || UNITY_EDITOR)
    2. 

  2. #pragma warning disable
    3. 

  3. using System;
    4. 

  4. using System.IO;
    5. 

  5. 

  6. using Best.HTTP.SecureProtocol.Org.BouncyCastle.Asn1;
    7. 

  7. using Best.HTTP.SecureProtocol.Org.BouncyCastle.Asn1.Pkcs;
    8. 

  8. using Best.HTTP.SecureProtocol.Org.BouncyCastle.Asn1.X509;
    9. 

  9. using Best.HTTP.SecureProtocol.Org.BouncyCastle.Crypto;
    10. 

  10. using Best.HTTP.SecureProtocol.Org.BouncyCastle.Utilities.Collections;
    11. 

  11. using Best.HTTP.SecureProtocol.Org.BouncyCastle.X509;
    12. 

  12. 

  13. namespace Best.HTTP.SecureProtocol.Org.BouncyCastle.Pkcs
    14. 

  14. {
    15. 

  15. 	/// <remarks>
    16. 

  16. 	/// A class for creating and verifying Pkcs10 Certification requests (this is an extension on <see cref="Pkcs10CertificationRequest"/>).
    17. 

  17. 	/// The requests are made using delay signing. This is useful for situations where
    18. 

  18. 	/// the private key is in another environment and not directly accessible (e.g. HSM)
    19. 

  19. 	/// So the first step creates the request, then the signing is done outside this
    20. 

  20. 	/// object and the signature is then used to complete the request.
    21. 

  21. 	/// </remarks>
    22. 

  22. 	/// <code>
    23. 

  23. 	/// CertificationRequest ::= Sequence {
    24. 

  24. 	///   certificationRequestInfo  CertificationRequestInfo,
    25. 

  25. 	///   signatureAlgorithm        AlgorithmIdentifier{{ SignatureAlgorithms }},
    26. 

  26. 	///   signature                 BIT STRING
    27. 

  27. 	/// }
    28. 

  28. 	///
    29. 

  29. 	/// CertificationRequestInfo ::= Sequence {
    30. 

  30. 	///   version             Integer { v1(0) } (v1,...),
    31. 

  31. 	///   subject             Name,
    32. 

  32. 	///   subjectPKInfo   SubjectPublicKeyInfo{{ PKInfoAlgorithms }},
    33. 

  33. 	///   attributes          [0] Attributes{{ CRIAttributes }}
    34. 

  34. 	///  }
    35. 

  35. 	///
    36. 

  36. 	///  Attributes { ATTRIBUTE:IOSet } ::= Set OF Attr{{ IOSet }}
    37. 

  37. 	///
    38. 

  38. 	///  Attr { ATTRIBUTE:IOSet } ::= Sequence {
    39. 

  39. 	///    type    ATTRIBUTE.&amp;id({IOSet}),
    40. 

  40. 	///    values  Set SIZE(1..MAX) OF ATTRIBUTE.&amp;Type({IOSet}{\@type})
    41. 

  41. 	///  }
    42. 

  42. 	/// </code>
    43. 

  43. 	/// see <a href="http://www.rsasecurity.com/rsalabs/node.asp?id=2132"/>
    44. 

  44. 	public class Pkcs10CertificationRequestDelaySigned : Pkcs10CertificationRequest
    45. 

  45. 	{
    46. 

  46. 		protected Pkcs10CertificationRequestDelaySigned()
    47. 

  47. 			: base()
    48. 

  48. 		{
    49. 

  49. 		}
    50. 

  50. 		public Pkcs10CertificationRequestDelaySigned(
    51. 

  51. 			byte[] encoded)
    52. 

  52. 			: base(encoded)
    53. 

  53. 		{
    54. 

  54. 		}
    55. 

  55. 		public Pkcs10CertificationRequestDelaySigned(
    56. 

  56. 			Asn1Sequence seq)
    57. 

  57. 			: base(seq)
    58. 

  58. 		{
    59. 

  59. 		}
    60. 

  60. 		public Pkcs10CertificationRequestDelaySigned(
    61. 

  61. 			Stream input)
    62. 

  62. 			: base(input)
    63. 

  63. 		{
    64. 

  64. 		}
    65. 

  65. 		public Pkcs10CertificationRequestDelaySigned(
    66. 

  66. 			string					signatureAlgorithm,
    67. 

  67. 			X509Name				subject,
    68. 

  68. 			AsymmetricKeyParameter	publicKey,
    69. 

  69. 			Asn1Set					attributes,
    70. 

  70. 			AsymmetricKeyParameter	signingKey)
    71. 

  71. 			: base(signatureAlgorithm, subject, publicKey, attributes, signingKey)
    72. 

  72. 		{
    73. 

  73. 		}
    74. 

  74. 		/// <summary>
    75. 

  75. 		/// Instantiate a Pkcs10CertificationRequest object with the necessary credentials.
    76. 

  76. 		/// </summary>
    77. 

  77. 		/// <param name="signatureAlgorithm">Name of Sig Alg.</param>
    78. 

  78. 		/// <param name="subject">X509Name of subject eg OU="My unit." O="My Organisatioin" C="au" </param>
    79. 

  79. 		/// <param name="publicKey">Public Key to be included in cert reqest.</param>
    80. 

  80. 		/// <param name="attributes">ASN1Set of Attributes.</param>
    81. 

  81. 		/// <remarks>
    82. 

  82.         /// After the object is constructed use the <see cref="GetDataToSign"/> and finally the
    83. 

  83.         /// SignRequest methods to finalize the request.
    84. 

  84. 		/// </remarks>
    85. 

  85. 		public Pkcs10CertificationRequestDelaySigned(
    86. 

  86. 			string					signatureAlgorithm,
    87. 

  87. 			X509Name				subject,
    88. 

  88. 			AsymmetricKeyParameter	publicKey,
    89. 

  89. 			Asn1Set					attributes)
    90. 

  90. 		{
    91. 

  91. 			if (signatureAlgorithm == null)
    92. 

  92. 				throw new ArgumentNullException("signatureAlgorithm");
    93. 

  93. 			if (subject == null)
    94. 

  94. 				throw new ArgumentNullException("subject");
    95. 

  95. 			if (publicKey == null)
    96. 

  96. 				throw new ArgumentNullException("publicKey");
    97. 

  97. 			if (publicKey.IsPrivate)
    98. 

  98. 				throw new ArgumentException("expected public key", "publicKey");
    99. 

  99. 

  100. 			DerObjectIdentifier sigOid = CollectionUtilities.GetValueOrNull(m_algorithms, signatureAlgorithm);
    101. 

  101. 			if (sigOid == null)
    102. 

  102. 			{
    103. 

  103. 				try
    104. 

  104. 				{
    105. 

  105. 					sigOid = new DerObjectIdentifier(signatureAlgorithm);
    106. 

  106. 				}
    107. 

  107. 				catch (Exception e)
    108. 

  108. 				{
    109. 

  109. 					throw new ArgumentException("Unknown signature type requested", e);
    110. 

  110. 				}
    111. 

  111. 			}
    112. 

  112. 			if (m_noParams.Contains(sigOid))
    113. 

  113. 			{
    114. 

  114. 				this.sigAlgId = new AlgorithmIdentifier(sigOid);
    115. 

  115. 			}
    116. 

  116. 			else if (m_exParams.TryGetValue(signatureAlgorithm, out var explicitParameters))
    117. 

  117. 			{
    118. 

  118. 				this.sigAlgId = new AlgorithmIdentifier(sigOid, explicitParameters);
    119. 

  119. 			}
    120. 

  120. 			else
    121. 

  121. 			{
    122. 

  122. 				this.sigAlgId = new AlgorithmIdentifier(sigOid, DerNull.Instance);
    123. 

  123. 			}
    124. 

  124. 			SubjectPublicKeyInfo pubInfo = SubjectPublicKeyInfoFactory.CreateSubjectPublicKeyInfo(publicKey);
    125. 

  125. 			this.reqInfo = new CertificationRequestInfo(subject, pubInfo, attributes);
    126. 

  126. 		}
    127. 

  127. 

  128. 		public byte[] GetDataToSign()
    129. 

  129. 		{
    130. 

  130. 			return reqInfo.GetDerEncoded();
    131. 

  131. 		}
    132. 

  132. 		public void SignRequest(byte[] signedData)
    133. 

  133. 		{
    134. 

  134. 			//build the signature from the signed data
    135. 

  135. 			sigBits = new DerBitString(signedData);
    136. 

  136. 		}
    137. 

  137. 		public void SignRequest(DerBitString signedData)
    138. 

  138. 		{
    139. 

  139. 			//build the signature from the signed data
    140. 

  140. 			sigBits = signedData;
    141. 

  141. 		}
    142. 

  142. 	}
    143. 

  143. }
    144. 

  144. #pragma warning restore
    145. 

  145. #endif
    146.