trevor/SuperVPN
1
0
Fork 0
Code Issues Pull Requests Actions Packages Projects Releases Wiki Activity

init commit

Browse Source
This commit is contained in:
Andrey K. Choi
2025-10-09 09:57:24 +09:00
commit 4d551bd74f
6636 changed files with 1218703 additions and 0 deletions
Download Patch File Download Diff File Expand all files Collapse all files

168
output/Libraries/BouncyCastle.Crypto/Org/BouncyCastle/Ocsp/BasicOcspResp.cs Normal file
View File

@@ -0,0 +1,168 @@
using System;
using System.Collections;
using System.IO;
using Org.BouncyCastle.Asn1;
using Org.BouncyCastle.Asn1.Ocsp;
using Org.BouncyCastle.Asn1.X509;
using Org.BouncyCastle.Crypto;
using Org.BouncyCastle.Security;
using Org.BouncyCastle.Security.Certificates;
using Org.BouncyCastle.Utilities;
using Org.BouncyCastle.X509;
using Org.BouncyCastle.X509.Store;
namespace Org.BouncyCastle.Ocsp;
public class BasicOcspResp : X509ExtensionBase
{
private readonly BasicOcspResponse resp;
private readonly ResponseData data;
public int Version => data.Version.Value.IntValue + 1;
public RespID ResponderId => new RespID(data.ResponderID);
public DateTime ProducedAt => data.ProducedAt.ToDateTime();
public SingleResp[] Responses
{
get
{
Asn1Sequence responses = data.Responses;
SingleResp[] array = new SingleResp[responses.Count];
for (int i = 0; i != array.Length; i++)
{
array[i] = new SingleResp(SingleResponse.GetInstance(responses[i]));
}
return array;
}
}
public X509Extensions ResponseExtensions => data.ResponseExtensions;
public string SignatureAlgName => OcspUtilities.GetAlgorithmName(resp.SignatureAlgorithm.Algorithm);
public string SignatureAlgOid => resp.SignatureAlgorithm.Algorithm.Id;
public BasicOcspResp(BasicOcspResponse resp)
{
this.resp = resp;
data = resp.TbsResponseData;
}
public byte[] GetTbsResponseData()
{
try
{
return data.GetDerEncoded();
}
catch (IOException e)
{
throw new OcspException("problem encoding tbsResponseData", e);
}
}
protected override X509Extensions GetX509Extensions()
{
return ResponseExtensions;
}
[Obsolete("RespData class is no longer required as all functionality is available on this class")]
public RespData GetResponseData()
{
return new RespData(data);
}
public byte[] GetSignature()
{
return resp.GetSignatureOctets();
}
private IList GetCertList()
{
IList list = Platform.CreateArrayList();
Asn1Sequence certs = resp.Certs;
if (certs != null)
{
foreach (Asn1Encodable item in certs)
{
try
{
list.Add(new X509CertificateParser().ReadCertificate(item.GetEncoded()));
}
catch (IOException e)
{
throw new OcspException("can't re-encode certificate!", e);
}
catch (CertificateException e2)
{
throw new OcspException("can't re-encode certificate!", e2);
}
}
}
return list;
}
public X509Certificate[] GetCerts()
{
IList certList = GetCertList();
X509Certificate[] array = new X509Certificate[certList.Count];
for (int i = 0; i < certList.Count; i++)
{
array[i] = (X509Certificate)certList[i];
}
return array;
}
public IX509Store GetCertificates(string type)
{
try
{
return X509StoreFactory.Create("Certificate/" + type, new X509CollectionStoreParameters(GetCertList()));
}
catch (Exception e)
{
throw new OcspException("can't setup the CertStore", e);
}
}
public bool Verify(AsymmetricKeyParameter publicKey)
{
try
{
ISigner signer = SignerUtilities.GetSigner(SignatureAlgName);
signer.Init(forSigning: false, publicKey);
byte[] derEncoded = data.GetDerEncoded();
signer.BlockUpdate(derEncoded, 0, derEncoded.Length);
return signer.VerifySignature(GetSignature());
}
catch (Exception ex)
{
throw new OcspException("exception processing sig: " + ex, ex);
}
}
public byte[] GetEncoded()
{
return resp.GetEncoded();
}
public override bool Equals(object obj)
{
if (obj == this)
{
return true;
}
if (!(obj is BasicOcspResp basicOcspResp))
{
return false;
}
return resp.Equals(basicOcspResp.resp);
}
public override int GetHashCode()
{
return resp.GetHashCode();
}
}

188
output/Libraries/BouncyCastle.Crypto/Org/BouncyCastle/Ocsp/BasicOcspRespGenerator.cs Normal file
View File

@@ -0,0 +1,188 @@
using System;
using System.Collections;
using System.IO;
using Org.BouncyCastle.Asn1;
using Org.BouncyCastle.Asn1.Ocsp;
using Org.BouncyCastle.Asn1.X509;
using Org.BouncyCastle.Crypto;
using Org.BouncyCastle.Crypto.Operators;
using Org.BouncyCastle.Security;
using Org.BouncyCastle.Security.Certificates;
using Org.BouncyCastle.Utilities;
using Org.BouncyCastle.X509;
namespace Org.BouncyCastle.Ocsp;
public class BasicOcspRespGenerator
{
private class ResponseObject
{
internal CertificateID certId;
internal CertStatus certStatus;
internal DerGeneralizedTime thisUpdate;
internal DerGeneralizedTime nextUpdate;
internal X509Extensions extensions;
public ResponseObject(CertificateID certId, CertificateStatus certStatus, DateTime thisUpdate, X509Extensions extensions)
: this(certId, certStatus, new DerGeneralizedTime(thisUpdate), null, extensions)
{
}
public ResponseObject(CertificateID certId, CertificateStatus certStatus, DateTime thisUpdate, DateTime nextUpdate, X509Extensions extensions)
: this(certId, certStatus, new DerGeneralizedTime(thisUpdate), new DerGeneralizedTime(nextUpdate), extensions)
{
}
private ResponseObject(CertificateID certId, CertificateStatus certStatus, DerGeneralizedTime thisUpdate, DerGeneralizedTime nextUpdate, X509Extensions extensions)
{
this.certId = certId;
if (certStatus == null)
{
this.certStatus = new CertStatus();
}
else if (certStatus is UnknownStatus)
{
this.certStatus = new CertStatus(2, DerNull.Instance);
}
else
{
RevokedStatus revokedStatus = (RevokedStatus)certStatus;
CrlReason revocationReason = (revokedStatus.HasRevocationReason ? new CrlReason(revokedStatus.RevocationReason) : null);
this.certStatus = new CertStatus(new RevokedInfo(new DerGeneralizedTime(revokedStatus.RevocationTime), revocationReason));
}
this.thisUpdate = thisUpdate;
this.nextUpdate = nextUpdate;
this.extensions = extensions;
}
public SingleResponse ToResponse()
{
return new SingleResponse(certId.ToAsn1Object(), certStatus, thisUpdate, nextUpdate, extensions);
}
}
private readonly IList list = Platform.CreateArrayList();
private X509Extensions responseExtensions;
private RespID responderID;
public IEnumerable SignatureAlgNames => OcspUtilities.AlgNames;
public BasicOcspRespGenerator(RespID responderID)
{
this.responderID = responderID;
}
public BasicOcspRespGenerator(AsymmetricKeyParameter publicKey)
{
responderID = new RespID(publicKey);
}
public void AddResponse(CertificateID certID, CertificateStatus certStatus)
{
list.Add(new ResponseObject(certID, certStatus, DateTime.UtcNow, null));
}
public void AddResponse(CertificateID certID, CertificateStatus certStatus, X509Extensions singleExtensions)
{
list.Add(new ResponseObject(certID, certStatus, DateTime.UtcNow, singleExtensions));
}
public void AddResponse(CertificateID certID, CertificateStatus certStatus, DateTime nextUpdate, X509Extensions singleExtensions)
{
list.Add(new ResponseObject(certID, certStatus, DateTime.UtcNow, nextUpdate, singleExtensions));
}
public void AddResponse(CertificateID certID, CertificateStatus certStatus, DateTime thisUpdate, DateTime nextUpdate, X509Extensions singleExtensions)
{
list.Add(new ResponseObject(certID, certStatus, thisUpdate, nextUpdate, singleExtensions));
}
public void SetResponseExtensions(X509Extensions responseExtensions)
{
this.responseExtensions = responseExtensions;
}
private BasicOcspResp GenerateResponse(ISignatureFactory signatureCalculator, X509Certificate[] chain, DateTime producedAt)
{
AlgorithmIdentifier algorithmIdentifier = (AlgorithmIdentifier)signatureCalculator.AlgorithmDetails;
DerObjectIdentifier algorithm = algorithmIdentifier.Algorithm;
Asn1EncodableVector asn1EncodableVector = new Asn1EncodableVector();
foreach (ResponseObject item in list)
{
try
{
asn1EncodableVector.Add(item.ToResponse());
}
catch (Exception e)
{
throw new OcspException("exception creating Request", e);
}
}
ResponseData responseData = new ResponseData(responderID.ToAsn1Object(), new DerGeneralizedTime(producedAt), new DerSequence(asn1EncodableVector), responseExtensions);
DerBitString derBitString = null;
try
{
IStreamCalculator streamCalculator = signatureCalculator.CreateCalculator();
byte[] derEncoded = responseData.GetDerEncoded();
streamCalculator.Stream.Write(derEncoded, 0, derEncoded.Length);
Platform.Dispose(streamCalculator.Stream);
derBitString = new DerBitString(((IBlockResult)streamCalculator.GetResult()).Collect());
}
catch (Exception ex)
{
throw new OcspException("exception processing TBSRequest: " + ex, ex);
}
AlgorithmIdentifier sigAlgID = OcspUtilities.GetSigAlgID(algorithm);
DerSequence certs = null;
if (chain != null && chain.Length > 0)
{
Asn1EncodableVector asn1EncodableVector2 = new Asn1EncodableVector();
try
{
for (int i = 0; i != chain.Length; i++)
{
asn1EncodableVector2.Add(X509CertificateStructure.GetInstance(Asn1Object.FromByteArray(chain[i].GetEncoded())));
}
}
catch (IOException e2)
{
throw new OcspException("error processing certs", e2);
}
catch (CertificateEncodingException e3)
{
throw new OcspException("error encoding certs", e3);
}
certs = new DerSequence(asn1EncodableVector2);
}
return new BasicOcspResp(new BasicOcspResponse(responseData, sigAlgID, derBitString, certs));
}
public BasicOcspResp Generate(string signingAlgorithm, AsymmetricKeyParameter privateKey, X509Certificate[] chain, DateTime thisUpdate)
{
return Generate(signingAlgorithm, privateKey, chain, thisUpdate, null);
}
public BasicOcspResp Generate(string signingAlgorithm, AsymmetricKeyParameter privateKey, X509Certificate[] chain, DateTime producedAt, SecureRandom random)
{
if (signingAlgorithm == null)
{
throw new ArgumentException("no signing algorithm specified");
}
return GenerateResponse(new Asn1SignatureFactory(signingAlgorithm, privateKey, random), chain, producedAt);
}
public BasicOcspResp Generate(ISignatureFactory signatureCalculatorFactory, X509Certificate[] chain, DateTime producedAt)
{
if (signatureCalculatorFactory == null)
{
throw new ArgumentException("no signature calculator specified");
}
return GenerateResponse(signatureCalculatorFactory, chain, producedAt);
}
}

97
output/Libraries/BouncyCastle.Crypto/Org/BouncyCastle/Ocsp/CertificateID.cs Normal file
View File

@@ -0,0 +1,97 @@
using System;
using Org.BouncyCastle.Asn1;
using Org.BouncyCastle.Asn1.Ocsp;
using Org.BouncyCastle.Asn1.X509;
using Org.BouncyCastle.Crypto;
using Org.BouncyCastle.Math;
using Org.BouncyCastle.Security;
using Org.BouncyCastle.X509;
namespace Org.BouncyCastle.Ocsp;
public class CertificateID
{
public const string HashSha1 = "1.3.14.3.2.26";
private readonly CertID id;
public string HashAlgOid => id.HashAlgorithm.Algorithm.Id;
public BigInteger SerialNumber => id.SerialNumber.Value;
public CertificateID(CertID id)
{
if (id == null)
{
throw new ArgumentNullException("id");
}
this.id = id;
}
public CertificateID(string hashAlgorithm, X509Certificate issuerCert, BigInteger serialNumber)
{
AlgorithmIdentifier hashAlg = new AlgorithmIdentifier(new DerObjectIdentifier(hashAlgorithm), DerNull.Instance);
id = CreateCertID(hashAlg, issuerCert, new DerInteger(serialNumber));
}
public byte[] GetIssuerNameHash()
{
return id.IssuerNameHash.GetOctets();
}
public byte[] GetIssuerKeyHash()
{
return id.IssuerKeyHash.GetOctets();
}
public bool MatchesIssuer(X509Certificate issuerCert)
{
return CreateCertID(id.HashAlgorithm, issuerCert, id.SerialNumber).Equals(id);
}
public CertID ToAsn1Object()
{
return id;
}
public override bool Equals(object obj)
{
if (obj == this)
{
return true;
}
if (!(obj is CertificateID certificateID))
{
return false;
}
return id.ToAsn1Object().Equals(certificateID.id.ToAsn1Object());
}
public override int GetHashCode()
{
return id.ToAsn1Object().GetHashCode();
}
public static CertificateID DeriveCertificateID(CertificateID original, BigInteger newSerialNumber)
{
return new CertificateID(new CertID(original.id.HashAlgorithm, original.id.IssuerNameHash, original.id.IssuerKeyHash, new DerInteger(newSerialNumber)));
}
private static CertID CreateCertID(AlgorithmIdentifier hashAlg, X509Certificate issuerCert, DerInteger serialNumber)
{
try
{
string algorithm = hashAlg.Algorithm.Id;
X509Name subjectX509Principal = PrincipalUtilities.GetSubjectX509Principal(issuerCert);
byte[] str = DigestUtilities.CalculateDigest(algorithm, subjectX509Principal.GetEncoded());
AsymmetricKeyParameter publicKey = issuerCert.GetPublicKey();
SubjectPublicKeyInfo subjectPublicKeyInfo = SubjectPublicKeyInfoFactory.CreateSubjectPublicKeyInfo(publicKey);
byte[] str2 = DigestUtilities.CalculateDigest(algorithm, subjectPublicKeyInfo.PublicKeyData.GetBytes());
return new CertID(hashAlg, new DerOctetString(str), new DerOctetString(str2), serialNumber);
}
catch (Exception ex)
{
throw new OcspException("problem creating ID: " + ex, ex);
}
}
}

6
output/Libraries/BouncyCastle.Crypto/Org/BouncyCastle/Ocsp/CertificateStatus.cs Normal file
View File

@@ -0,0 +1,6 @@
namespace Org.BouncyCastle.Ocsp;
public abstract class CertificateStatus
{
public static readonly CertificateStatus Good = null;
}

44
output/Libraries/BouncyCastle.Crypto/Org/BouncyCastle/Ocsp/OCSPRespGenerator.cs Normal file
View File

@@ -0,0 +1,44 @@
using System;
using Org.BouncyCastle.Asn1;
using Org.BouncyCastle.Asn1.Ocsp;
namespace Org.BouncyCastle.Ocsp;
public class OCSPRespGenerator
{
public const int Successful = 0;
public const int MalformedRequest = 1;
public const int InternalError = 2;
public const int TryLater = 3;
public const int SigRequired = 5;
public const int Unauthorized = 6;
public OcspResp Generate(int status, object response)
{
if (response == null)
{
return new OcspResp(new OcspResponse(new OcspResponseStatus(status), null));
}
if (response is BasicOcspResp)
{
BasicOcspResp basicOcspResp = (BasicOcspResp)response;
Asn1OctetString response2;
try
{
response2 = new DerOctetString(basicOcspResp.GetEncoded());
}
catch (Exception e)
{
throw new OcspException("can't encode object.", e);
}
ResponseBytes responseBytes = new ResponseBytes(OcspObjectIdentifiers.PkixOcspBasic, response2);
return new OcspResp(new OcspResponse(new OcspResponseStatus(status), responseBytes));
}
throw new OcspException("unknown response object");
}
}

8
output/Libraries/BouncyCastle.Crypto/Org/BouncyCastle/Ocsp/OcscpRespStatus.cs Normal file
View File

@@ -0,0 +1,8 @@
using System;
namespace Org.BouncyCastle.Ocsp;
[Obsolete("Use version with correct spelling 'OcspRespStatus'")]
public abstract class OcscpRespStatus : OcspRespStatus
{
}

21
output/Libraries/BouncyCastle.Crypto/Org/BouncyCastle/Ocsp/OcspException.cs Normal file
View File

@@ -0,0 +1,21 @@
using System;
namespace Org.BouncyCastle.Ocsp;
[Serializable]
public class OcspException : Exception
{
public OcspException()
{
}
public OcspException(string message)
: base(message)
{
}
public OcspException(string message, Exception e)
: base(message, e)
{
}
}

183
output/Libraries/BouncyCastle.Crypto/Org/BouncyCastle/Ocsp/OcspReq.cs Normal file
View File

@@ -0,0 +1,183 @@
using System;
using System.Collections;
using System.IO;
using Org.BouncyCastle.Asn1;
using Org.BouncyCastle.Asn1.Ocsp;
using Org.BouncyCastle.Asn1.X509;
using Org.BouncyCastle.Crypto;
using Org.BouncyCastle.Security;
using Org.BouncyCastle.Utilities;
using Org.BouncyCastle.X509;
using Org.BouncyCastle.X509.Store;
namespace Org.BouncyCastle.Ocsp;
public class OcspReq : X509ExtensionBase
{
private OcspRequest req;
public int Version => req.TbsRequest.Version.Value.IntValue + 1;
public GeneralName RequestorName => GeneralName.GetInstance(req.TbsRequest.RequestorName);
public X509Extensions RequestExtensions => X509Extensions.GetInstance(req.TbsRequest.RequestExtensions);
public string SignatureAlgOid
{
get
{
if (!IsSigned)
{
return null;
}
return req.OptionalSignature.SignatureAlgorithm.Algorithm.Id;
}
}
public bool IsSigned => req.OptionalSignature != null;
public OcspReq(OcspRequest req)
{
this.req = req;
}
public OcspReq(byte[] req)
: this(new Asn1InputStream(req))
{
}
public OcspReq(Stream inStr)
: this(new Asn1InputStream(inStr))
{
}
private OcspReq(Asn1InputStream aIn)
{
try
{
req = OcspRequest.GetInstance(aIn.ReadObject());
}
catch (ArgumentException ex)
{
throw new IOException("malformed request: " + ex.Message);
}
catch (InvalidCastException ex2)
{
throw new IOException("malformed request: " + ex2.Message);
}
}
public byte[] GetTbsRequest()
{
try
{
return req.TbsRequest.GetEncoded();
}
catch (IOException e)
{
throw new OcspException("problem encoding tbsRequest", e);
}
}
public Req[] GetRequestList()
{
Asn1Sequence requestList = req.TbsRequest.RequestList;
Req[] array = new Req[requestList.Count];
for (int i = 0; i != array.Length; i++)
{
array[i] = new Req(Request.GetInstance(requestList[i]));
}
return array;
}
protected override X509Extensions GetX509Extensions()
{
return RequestExtensions;
}
public byte[] GetSignature()
{
if (!IsSigned)
{
return null;
}
return req.OptionalSignature.GetSignatureOctets();
}
private IList GetCertList()
{
IList list = Platform.CreateArrayList();
Asn1Sequence certs = req.OptionalSignature.Certs;
if (certs != null)
{
foreach (Asn1Encodable item in certs)
{
try
{
list.Add(new X509CertificateParser().ReadCertificate(item.GetEncoded()));
}
catch (Exception e)
{
throw new OcspException("can't re-encode certificate!", e);
}
}
}
return list;
}
public X509Certificate[] GetCerts()
{
if (!IsSigned)
{
return null;
}
IList certList = GetCertList();
X509Certificate[] array = new X509Certificate[certList.Count];
for (int i = 0; i < certList.Count; i++)
{
array[i] = (X509Certificate)certList[i];
}
return array;
}
public IX509Store GetCertificates(string type)
{
if (!IsSigned)
{
return null;
}
try
{
return X509StoreFactory.Create("Certificate/" + type, new X509CollectionStoreParameters(GetCertList()));
}
catch (Exception e)
{
throw new OcspException("can't setup the CertStore", e);
}
}
public bool Verify(AsymmetricKeyParameter publicKey)
{
if (!IsSigned)
{
throw new OcspException("attempt to Verify signature on unsigned object");
}
try
{
ISigner signer = SignerUtilities.GetSigner(SignatureAlgOid);
signer.Init(forSigning: false, publicKey);
byte[] encoded = req.TbsRequest.GetEncoded();
signer.BlockUpdate(encoded, 0, encoded.Length);
return signer.VerifySignature(GetSignature());
}
catch (Exception ex)
{
throw new OcspException("exception processing sig: " + ex, ex);
}
}
public byte[] GetEncoded()
{
return req.GetEncoded();
}
}

181
output/Libraries/BouncyCastle.Crypto/Org/BouncyCastle/Ocsp/OcspReqGenerator.cs Normal file
View File

@@ -0,0 +1,181 @@
using System;
using System.Collections;
using System.IO;
using Org.BouncyCastle.Asn1;
using Org.BouncyCastle.Asn1.Ocsp;
using Org.BouncyCastle.Asn1.X509;
using Org.BouncyCastle.Crypto;
using Org.BouncyCastle.Crypto.Parameters;
using Org.BouncyCastle.Security;
using Org.BouncyCastle.Security.Certificates;
using Org.BouncyCastle.Utilities;
using Org.BouncyCastle.X509;
namespace Org.BouncyCastle.Ocsp;
public class OcspReqGenerator
{
private class RequestObject
{
internal CertificateID certId;
internal X509Extensions extensions;
public RequestObject(CertificateID certId, X509Extensions extensions)
{
this.certId = certId;
this.extensions = extensions;
}
public Request ToRequest()
{
return new Request(certId.ToAsn1Object(), extensions);
}
}
private IList list = Platform.CreateArrayList();
private GeneralName requestorName = null;
private X509Extensions requestExtensions = null;
public IEnumerable SignatureAlgNames => OcspUtilities.AlgNames;
public void AddRequest(CertificateID certId)
{
list.Add(new RequestObject(certId, null));
}
public void AddRequest(CertificateID certId, X509Extensions singleRequestExtensions)
{
list.Add(new RequestObject(certId, singleRequestExtensions));
}
public void SetRequestorName(X509Name requestorName)
{
try
{
this.requestorName = new GeneralName(4, requestorName);
}
catch (Exception innerException)
{
throw new ArgumentException("cannot encode principal", innerException);
}
}
public void SetRequestorName(GeneralName requestorName)
{
this.requestorName = requestorName;
}
public void SetRequestExtensions(X509Extensions requestExtensions)
{
this.requestExtensions = requestExtensions;
}
private OcspReq GenerateRequest(DerObjectIdentifier signingAlgorithm, AsymmetricKeyParameter privateKey, X509Certificate[] chain, SecureRandom random)
{
Asn1EncodableVector asn1EncodableVector = new Asn1EncodableVector();
foreach (RequestObject item in list)
{
try
{
asn1EncodableVector.Add(item.ToRequest());
}
catch (Exception e)
{
throw new OcspException("exception creating Request", e);
}
}
TbsRequest tbsRequest = new TbsRequest(requestorName, new DerSequence(asn1EncodableVector), requestExtensions);
ISigner signer = null;
Signature optionalSignature = null;
if (signingAlgorithm != null)
{
if (requestorName == null)
{
throw new OcspException("requestorName must be specified if request is signed.");
}
try
{
signer = SignerUtilities.GetSigner(signingAlgorithm.Id);
if (random != null)
{
signer.Init(forSigning: true, new ParametersWithRandom(privateKey, random));
}
else
{
signer.Init(forSigning: true, privateKey);
}
}
catch (Exception ex)
{
throw new OcspException("exception creating signature: " + ex, ex);
}
DerBitString derBitString = null;
try
{
byte[] encoded = tbsRequest.GetEncoded();
signer.BlockUpdate(encoded, 0, encoded.Length);
derBitString = new DerBitString(signer.GenerateSignature());
}
catch (Exception ex2)
{
throw new OcspException("exception processing TBSRequest: " + ex2, ex2);
}
AlgorithmIdentifier signatureAlgorithm = new AlgorithmIdentifier(signingAlgorithm, DerNull.Instance);
if (chain != null && chain.Length > 0)
{
Asn1EncodableVector asn1EncodableVector2 = new Asn1EncodableVector();
try
{
for (int i = 0; i != chain.Length; i++)
{
asn1EncodableVector2.Add(X509CertificateStructure.GetInstance(Asn1Object.FromByteArray(chain[i].GetEncoded())));
}
}
catch (IOException e2)
{
throw new OcspException("error processing certs", e2);
}
catch (CertificateEncodingException e3)
{
throw new OcspException("error encoding certs", e3);
}
optionalSignature = new Signature(signatureAlgorithm, derBitString, new DerSequence(asn1EncodableVector2));
}
else
{
optionalSignature = new Signature(signatureAlgorithm, derBitString);
}
}
return new OcspReq(new OcspRequest(tbsRequest, optionalSignature));
}
public OcspReq Generate()
{
return GenerateRequest(null, null, null, null);
}
public OcspReq Generate(string signingAlgorithm, AsymmetricKeyParameter privateKey, X509Certificate[] chain)
{
return Generate(signingAlgorithm, privateKey, chain, null);
}
public OcspReq Generate(string signingAlgorithm, AsymmetricKeyParameter privateKey, X509Certificate[] chain, SecureRandom random)
{
if (signingAlgorithm == null)
{
throw new ArgumentException("no signing algorithm specified");
}
try
{
DerObjectIdentifier algorithmOid = OcspUtilities.GetAlgorithmOid(signingAlgorithm);
return GenerateRequest(algorithmOid, privateKey, chain, random);
}
catch (ArgumentException)
{
throw new ArgumentException("unknown signing algorithm specified: " + signingAlgorithm);
}
}
}

84
output/Libraries/BouncyCastle.Crypto/Org/BouncyCastle/Ocsp/OcspResp.cs Normal file
View File

@@ -0,0 +1,84 @@
using System;
using System.IO;
using Org.BouncyCastle.Asn1;
using Org.BouncyCastle.Asn1.Ocsp;
namespace Org.BouncyCastle.Ocsp;
public class OcspResp
{
private OcspResponse resp;
public int Status => resp.ResponseStatus.Value.IntValue;
public OcspResp(OcspResponse resp)
{
this.resp = resp;
}
public OcspResp(byte[] resp)
: this(new Asn1InputStream(resp))
{
}
public OcspResp(Stream inStr)
: this(new Asn1InputStream(inStr))
{
}
private OcspResp(Asn1InputStream aIn)
{
try
{
resp = OcspResponse.GetInstance(aIn.ReadObject());
}
catch (Exception ex)
{
throw new IOException("malformed response: " + ex.Message, ex);
}
}
public object GetResponseObject()
{
ResponseBytes responseBytes = resp.ResponseBytes;
if (responseBytes == null)
{
return null;
}
if (responseBytes.ResponseType.Equals(OcspObjectIdentifiers.PkixOcspBasic))
{
try
{
return new BasicOcspResp(BasicOcspResponse.GetInstance(Asn1Object.FromByteArray(responseBytes.Response.GetOctets())));
}
catch (Exception ex)
{
throw new OcspException("problem decoding object: " + ex, ex);
}
}
return responseBytes.Response;
}
public byte[] GetEncoded()
{
return resp.GetEncoded();
}
public override bool Equals(object obj)
{
if (obj == this)
{
return true;
}
if (!(obj is OcspResp ocspResp))
{
return false;
}
return resp.Equals(ocspResp.resp);
}
public override int GetHashCode()
{
return resp.GetHashCode();
}
}

16
output/Libraries/BouncyCastle.Crypto/Org/BouncyCastle/Ocsp/OcspRespStatus.cs Normal file
View File

@@ -0,0 +1,16 @@
namespace Org.BouncyCastle.Ocsp;
public abstract class OcspRespStatus
{
public const int Successful = 0;
public const int MalformedRequest = 1;
public const int InternalError = 2;
public const int TryLater = 3;
public const int SigRequired = 5;
public const int Unauthorized = 6;
}

121
output/Libraries/BouncyCastle.Crypto/Org/BouncyCastle/Ocsp/OcspUtilities.cs Normal file
View File

@@ -0,0 +1,121 @@
using System.Collections;
using Org.BouncyCastle.Asn1;
using Org.BouncyCastle.Asn1.CryptoPro;
using Org.BouncyCastle.Asn1.Nist;
using Org.BouncyCastle.Asn1.Oiw;
using Org.BouncyCastle.Asn1.Pkcs;
using Org.BouncyCastle.Asn1.TeleTrust;
using Org.BouncyCastle.Asn1.X509;
using Org.BouncyCastle.Asn1.X9;
using Org.BouncyCastle.Utilities;
using Org.BouncyCastle.Utilities.Collections;
namespace Org.BouncyCastle.Ocsp;
internal class OcspUtilities
{
private static readonly IDictionary algorithms;
private static readonly IDictionary oids;
private static readonly ISet noParams;
internal static IEnumerable AlgNames => new EnumerableProxy(algorithms.Keys);
static OcspUtilities()
{
algorithms = Platform.CreateHashtable();
oids = Platform.CreateHashtable();
noParams = new HashSet();
algorithms.Add("MD2WITHRSAENCRYPTION", PkcsObjectIdentifiers.MD2WithRsaEncryption);
algorithms.Add("MD2WITHRSA", PkcsObjectIdentifiers.MD2WithRsaEncryption);
algorithms.Add("MD5WITHRSAENCRYPTION", PkcsObjectIdentifiers.MD5WithRsaEncryption);
algorithms.Add("MD5WITHRSA", PkcsObjectIdentifiers.MD5WithRsaEncryption);
algorithms.Add("SHA1WITHRSAENCRYPTION", PkcsObjectIdentifiers.Sha1WithRsaEncryption);
algorithms.Add("SHA1WITHRSA", PkcsObjectIdentifiers.Sha1WithRsaEncryption);
algorithms.Add("SHA224WITHRSAENCRYPTION", PkcsObjectIdentifiers.Sha224WithRsaEncryption);
algorithms.Add("SHA224WITHRSA", PkcsObjectIdentifiers.Sha224WithRsaEncryption);
algorithms.Add("SHA256WITHRSAENCRYPTION", PkcsObjectIdentifiers.Sha256WithRsaEncryption);
algorithms.Add("SHA256WITHRSA", PkcsObjectIdentifiers.Sha256WithRsaEncryption);
algorithms.Add("SHA384WITHRSAENCRYPTION", PkcsObjectIdentifiers.Sha384WithRsaEncryption);
algorithms.Add("SHA384WITHRSA", PkcsObjectIdentifiers.Sha384WithRsaEncryption);
algorithms.Add("SHA512WITHRSAENCRYPTION", PkcsObjectIdentifiers.Sha512WithRsaEncryption);
algorithms.Add("SHA512WITHRSA", PkcsObjectIdentifiers.Sha512WithRsaEncryption);
algorithms.Add("RIPEMD160WITHRSAENCRYPTION", TeleTrusTObjectIdentifiers.RsaSignatureWithRipeMD160);
algorithms.Add("RIPEMD160WITHRSA", TeleTrusTObjectIdentifiers.RsaSignatureWithRipeMD160);
algorithms.Add("RIPEMD128WITHRSAENCRYPTION", TeleTrusTObjectIdentifiers.RsaSignatureWithRipeMD128);
algorithms.Add("RIPEMD128WITHRSA", TeleTrusTObjectIdentifiers.RsaSignatureWithRipeMD128);
algorithms.Add("RIPEMD256WITHRSAENCRYPTION", TeleTrusTObjectIdentifiers.RsaSignatureWithRipeMD256);
algorithms.Add("RIPEMD256WITHRSA", TeleTrusTObjectIdentifiers.RsaSignatureWithRipeMD256);
algorithms.Add("SHA1WITHDSA", X9ObjectIdentifiers.IdDsaWithSha1);
algorithms.Add("DSAWITHSHA1", X9ObjectIdentifiers.IdDsaWithSha1);
algorithms.Add("SHA224WITHDSA", NistObjectIdentifiers.DsaWithSha224);
algorithms.Add("SHA256WITHDSA", NistObjectIdentifiers.DsaWithSha256);
algorithms.Add("SHA1WITHECDSA", X9ObjectIdentifiers.ECDsaWithSha1);
algorithms.Add("ECDSAWITHSHA1", X9ObjectIdentifiers.ECDsaWithSha1);
algorithms.Add("SHA224WITHECDSA", X9ObjectIdentifiers.ECDsaWithSha224);
algorithms.Add("SHA256WITHECDSA", X9ObjectIdentifiers.ECDsaWithSha256);
algorithms.Add("SHA384WITHECDSA", X9ObjectIdentifiers.ECDsaWithSha384);
algorithms.Add("SHA512WITHECDSA", X9ObjectIdentifiers.ECDsaWithSha512);
algorithms.Add("GOST3411WITHGOST3410", CryptoProObjectIdentifiers.GostR3411x94WithGostR3410x94);
algorithms.Add("GOST3411WITHGOST3410-94", CryptoProObjectIdentifiers.GostR3411x94WithGostR3410x94);
oids.Add(PkcsObjectIdentifiers.MD2WithRsaEncryption, "MD2WITHRSA");
oids.Add(PkcsObjectIdentifiers.MD5WithRsaEncryption, "MD5WITHRSA");
oids.Add(PkcsObjectIdentifiers.Sha1WithRsaEncryption, "SHA1WITHRSA");
oids.Add(PkcsObjectIdentifiers.Sha224WithRsaEncryption, "SHA224WITHRSA");
oids.Add(PkcsObjectIdentifiers.Sha256WithRsaEncryption, "SHA256WITHRSA");
oids.Add(PkcsObjectIdentifiers.Sha384WithRsaEncryption, "SHA384WITHRSA");
oids.Add(PkcsObjectIdentifiers.Sha512WithRsaEncryption, "SHA512WITHRSA");
oids.Add(TeleTrusTObjectIdentifiers.RsaSignatureWithRipeMD160, "RIPEMD160WITHRSA");
oids.Add(TeleTrusTObjectIdentifiers.RsaSignatureWithRipeMD128, "RIPEMD128WITHRSA");
oids.Add(TeleTrusTObjectIdentifiers.RsaSignatureWithRipeMD256, "RIPEMD256WITHRSA");
oids.Add(X9ObjectIdentifiers.IdDsaWithSha1, "SHA1WITHDSA");
oids.Add(NistObjectIdentifiers.DsaWithSha224, "SHA224WITHDSA");
oids.Add(NistObjectIdentifiers.DsaWithSha256, "SHA256WITHDSA");
oids.Add(X9ObjectIdentifiers.ECDsaWithSha1, "SHA1WITHECDSA");
oids.Add(X9ObjectIdentifiers.ECDsaWithSha224, "SHA224WITHECDSA");
oids.Add(X9ObjectIdentifiers.ECDsaWithSha256, "SHA256WITHECDSA");
oids.Add(X9ObjectIdentifiers.ECDsaWithSha384, "SHA384WITHECDSA");
oids.Add(X9ObjectIdentifiers.ECDsaWithSha512, "SHA512WITHECDSA");
oids.Add(CryptoProObjectIdentifiers.GostR3411x94WithGostR3410x94, "GOST3411WITHGOST3410");
oids.Add(OiwObjectIdentifiers.MD5WithRsa, "MD5WITHRSA");
oids.Add(OiwObjectIdentifiers.Sha1WithRsa, "SHA1WITHRSA");
oids.Add(OiwObjectIdentifiers.DsaWithSha1, "SHA1WITHDSA");
noParams.Add(X9ObjectIdentifiers.ECDsaWithSha1);
noParams.Add(X9ObjectIdentifiers.ECDsaWithSha224);
noParams.Add(X9ObjectIdentifiers.ECDsaWithSha256);
noParams.Add(X9ObjectIdentifiers.ECDsaWithSha384);
noParams.Add(X9ObjectIdentifiers.ECDsaWithSha512);
noParams.Add(X9ObjectIdentifiers.IdDsaWithSha1);
noParams.Add(NistObjectIdentifiers.DsaWithSha224);
noParams.Add(NistObjectIdentifiers.DsaWithSha256);
}
internal static DerObjectIdentifier GetAlgorithmOid(string algorithmName)
{
algorithmName = Platform.ToUpperInvariant(algorithmName);
if (algorithms.Contains(algorithmName))
{
return (DerObjectIdentifier)algorithms[algorithmName];
}
return new DerObjectIdentifier(algorithmName);
}
internal static string GetAlgorithmName(DerObjectIdentifier oid)
{
if (oids.Contains(oid))
{
return (string)oids[oid];
}
return oid.Id;
}
internal static AlgorithmIdentifier GetSigAlgID(DerObjectIdentifier sigOid)
{
if (noParams.Contains(sigOid))
{
return new AlgorithmIdentifier(sigOid);
}
return new AlgorithmIdentifier(sigOid, DerNull.Instance);
}
}

27
output/Libraries/BouncyCastle.Crypto/Org/BouncyCastle/Ocsp/Req.cs Normal file
View File

@@ -0,0 +1,27 @@
using Org.BouncyCastle.Asn1.Ocsp;
using Org.BouncyCastle.Asn1.X509;
using Org.BouncyCastle.X509;
namespace Org.BouncyCastle.Ocsp;
public class Req : X509ExtensionBase
{
private Request req;
public X509Extensions SingleRequestExtensions => req.SingleRequestExtensions;
public Req(Request req)
{
this.req = req;
}
public CertificateID GetCertID()
{
return new CertificateID(req.ReqCert);
}
protected override X509Extensions GetX509Extensions()
{
return SingleRequestExtensions;
}
}

44
output/Libraries/BouncyCastle.Crypto/Org/BouncyCastle/Ocsp/RespData.cs Normal file
View File

@@ -0,0 +1,44 @@
using System;
using Org.BouncyCastle.Asn1;
using Org.BouncyCastle.Asn1.Ocsp;
using Org.BouncyCastle.Asn1.X509;
using Org.BouncyCastle.X509;
namespace Org.BouncyCastle.Ocsp;
public class RespData : X509ExtensionBase
{
internal readonly ResponseData data;
public int Version => data.Version.Value.IntValue + 1;
public DateTime ProducedAt => data.ProducedAt.ToDateTime();
public X509Extensions ResponseExtensions => data.ResponseExtensions;
public RespData(ResponseData data)
{
this.data = data;
}
public RespID GetResponderId()
{
return new RespID(data.ResponderID);
}
public SingleResp[] GetResponses()
{
Asn1Sequence responses = data.Responses;
SingleResp[] array = new SingleResp[responses.Count];
for (int i = 0; i != array.Length; i++)
{
array[i] = new SingleResp(SingleResponse.GetInstance(responses[i]));
}
return array;
}
protected override X509Extensions GetX509Extensions()
{
return ResponseExtensions;
}
}

61
output/Libraries/BouncyCastle.Crypto/Org/BouncyCastle/Ocsp/RespID.cs Normal file
View File

@@ -0,0 +1,61 @@
using System;
using Org.BouncyCastle.Asn1;
using Org.BouncyCastle.Asn1.Ocsp;
using Org.BouncyCastle.Asn1.X509;
using Org.BouncyCastle.Crypto;
using Org.BouncyCastle.Security;
using Org.BouncyCastle.X509;
namespace Org.BouncyCastle.Ocsp;
public class RespID
{
internal readonly ResponderID id;
public RespID(ResponderID id)
{
this.id = id;
}
public RespID(X509Name name)
{
id = new ResponderID(name);
}
public RespID(AsymmetricKeyParameter publicKey)
{
try
{
SubjectPublicKeyInfo subjectPublicKeyInfo = SubjectPublicKeyInfoFactory.CreateSubjectPublicKeyInfo(publicKey);
byte[] str = DigestUtilities.CalculateDigest("SHA1", subjectPublicKeyInfo.PublicKeyData.GetBytes());
id = new ResponderID(new DerOctetString(str));
}
catch (Exception ex)
{
throw new OcspException("problem creating ID: " + ex, ex);
}
}
public ResponderID ToAsn1Object()
{
return id;
}
public override bool Equals(object obj)
{
if (obj == this)
{
return true;
}
if (!(obj is RespID respID))
{
return false;
}
return id.Equals(respID.id);
}
public override int GetHashCode()
{
return id.GetHashCode();
}
}

37
output/Libraries/BouncyCastle.Crypto/Org/BouncyCastle/Ocsp/RevokedStatus.cs Normal file
View File

@@ -0,0 +1,37 @@
using System;
using Org.BouncyCastle.Asn1;
using Org.BouncyCastle.Asn1.Ocsp;
using Org.BouncyCastle.Asn1.X509;
namespace Org.BouncyCastle.Ocsp;
public class RevokedStatus : CertificateStatus
{
internal readonly RevokedInfo info;
public DateTime RevocationTime => info.RevocationTime.ToDateTime();
public bool HasRevocationReason => info.RevocationReason != null;
public int RevocationReason
{
get
{
if (info.RevocationReason == null)
{
throw new InvalidOperationException("attempt to get a reason where none is available");
}
return info.RevocationReason.Value.IntValue;
}
}
public RevokedStatus(RevokedInfo info)
{
this.info = info;
}
public RevokedStatus(DateTime revocationDate, int reason)
{
info = new RevokedInfo(new DerGeneralizedTime(revocationDate), new CrlReason(reason));
}
}

57
output/Libraries/BouncyCastle.Crypto/Org/BouncyCastle/Ocsp/SingleResp.cs Normal file
View File

@@ -0,0 +1,57 @@
using System;
using Org.BouncyCastle.Asn1.Ocsp;
using Org.BouncyCastle.Asn1.X509;
using Org.BouncyCastle.Utilities.Date;
using Org.BouncyCastle.X509;
namespace Org.BouncyCastle.Ocsp;
public class SingleResp : X509ExtensionBase
{
internal readonly SingleResponse resp;
public DateTime ThisUpdate => resp.ThisUpdate.ToDateTime();
public DateTimeObject NextUpdate
{
get
{
if (resp.NextUpdate != null)
{
return new DateTimeObject(resp.NextUpdate.ToDateTime());
}
return null;
}
}
public X509Extensions SingleExtensions => resp.SingleExtensions;
public SingleResp(SingleResponse resp)
{
this.resp = resp;
}
public CertificateID GetCertID()
{
return new CertificateID(resp.CertId);
}
public object GetCertStatus()
{
CertStatus certStatus = resp.CertStatus;
if (certStatus.TagNo == 0)
{
return null;
}
if (certStatus.TagNo == 1)
{
return new RevokedStatus(RevokedInfo.GetInstance(certStatus.Status));
}
return new UnknownStatus();
}
protected override X509Extensions GetX509Extensions()
{
return SingleExtensions;
}
}

5
output/Libraries/BouncyCastle.Crypto/Org/BouncyCastle/Ocsp/UnknownStatus.cs Normal file
View File

@@ -0,0 +1,5 @@
namespace Org.BouncyCastle.Ocsp;
public class UnknownStatus : CertificateStatus
{
}