init commit
This commit is contained in:
@@ -0,0 +1,167 @@
|
||||
using System;
|
||||
using System.Collections;
|
||||
using System.IO;
|
||||
using Org.BouncyCastle.Asn1;
|
||||
using Org.BouncyCastle.Asn1.X509;
|
||||
using Org.BouncyCastle.Crypto;
|
||||
using Org.BouncyCastle.Crypto.Operators;
|
||||
using Org.BouncyCastle.Math;
|
||||
using Org.BouncyCastle.Security;
|
||||
using Org.BouncyCastle.Security.Certificates;
|
||||
using Org.BouncyCastle.Utilities;
|
||||
using Org.BouncyCastle.Utilities.Collections;
|
||||
|
||||
namespace Org.BouncyCastle.X509;
|
||||
|
||||
public class X509V2CrlGenerator
|
||||
{
|
||||
private readonly X509ExtensionsGenerator extGenerator = new X509ExtensionsGenerator();
|
||||
|
||||
private V2TbsCertListGenerator tbsGen;
|
||||
|
||||
private DerObjectIdentifier sigOID;
|
||||
|
||||
private AlgorithmIdentifier sigAlgId;
|
||||
|
||||
private string signatureAlgorithm;
|
||||
|
||||
public IEnumerable SignatureAlgNames => X509Utilities.GetAlgNames();
|
||||
|
||||
public X509V2CrlGenerator()
|
||||
{
|
||||
tbsGen = new V2TbsCertListGenerator();
|
||||
}
|
||||
|
||||
public void Reset()
|
||||
{
|
||||
tbsGen = new V2TbsCertListGenerator();
|
||||
extGenerator.Reset();
|
||||
}
|
||||
|
||||
public void SetIssuerDN(X509Name issuer)
|
||||
{
|
||||
tbsGen.SetIssuer(issuer);
|
||||
}
|
||||
|
||||
public void SetThisUpdate(DateTime date)
|
||||
{
|
||||
tbsGen.SetThisUpdate(new Time(date));
|
||||
}
|
||||
|
||||
public void SetNextUpdate(DateTime date)
|
||||
{
|
||||
tbsGen.SetNextUpdate(new Time(date));
|
||||
}
|
||||
|
||||
public void AddCrlEntry(BigInteger userCertificate, DateTime revocationDate, int reason)
|
||||
{
|
||||
tbsGen.AddCrlEntry(new DerInteger(userCertificate), new Time(revocationDate), reason);
|
||||
}
|
||||
|
||||
public void AddCrlEntry(BigInteger userCertificate, DateTime revocationDate, int reason, DateTime invalidityDate)
|
||||
{
|
||||
tbsGen.AddCrlEntry(new DerInteger(userCertificate), new Time(revocationDate), reason, new DerGeneralizedTime(invalidityDate));
|
||||
}
|
||||
|
||||
public void AddCrlEntry(BigInteger userCertificate, DateTime revocationDate, X509Extensions extensions)
|
||||
{
|
||||
tbsGen.AddCrlEntry(new DerInteger(userCertificate), new Time(revocationDate), extensions);
|
||||
}
|
||||
|
||||
public void AddCrl(X509Crl other)
|
||||
{
|
||||
if (other == null)
|
||||
{
|
||||
throw new ArgumentNullException("other");
|
||||
}
|
||||
ISet revokedCertificates = other.GetRevokedCertificates();
|
||||
if (revokedCertificates == null)
|
||||
{
|
||||
return;
|
||||
}
|
||||
foreach (X509CrlEntry item in revokedCertificates)
|
||||
{
|
||||
try
|
||||
{
|
||||
tbsGen.AddCrlEntry(Asn1Sequence.GetInstance(Asn1Object.FromByteArray(item.GetEncoded())));
|
||||
}
|
||||
catch (IOException e)
|
||||
{
|
||||
throw new CrlException("exception processing encoding of CRL", e);
|
||||
}
|
||||
}
|
||||
}
|
||||
|
||||
[Obsolete("Not needed if Generate used with an ISignatureFactory")]
|
||||
public void SetSignatureAlgorithm(string signatureAlgorithm)
|
||||
{
|
||||
this.signatureAlgorithm = signatureAlgorithm;
|
||||
try
|
||||
{
|
||||
sigOID = X509Utilities.GetAlgorithmOid(signatureAlgorithm);
|
||||
}
|
||||
catch (Exception innerException)
|
||||
{
|
||||
throw new ArgumentException("Unknown signature type requested", innerException);
|
||||
}
|
||||
sigAlgId = X509Utilities.GetSigAlgID(sigOID, signatureAlgorithm);
|
||||
tbsGen.SetSignature(sigAlgId);
|
||||
}
|
||||
|
||||
public void AddExtension(string oid, bool critical, Asn1Encodable extensionValue)
|
||||
{
|
||||
extGenerator.AddExtension(new DerObjectIdentifier(oid), critical, extensionValue);
|
||||
}
|
||||
|
||||
public void AddExtension(DerObjectIdentifier oid, bool critical, Asn1Encodable extensionValue)
|
||||
{
|
||||
extGenerator.AddExtension(oid, critical, extensionValue);
|
||||
}
|
||||
|
||||
public void AddExtension(string oid, bool critical, byte[] extensionValue)
|
||||
{
|
||||
extGenerator.AddExtension(new DerObjectIdentifier(oid), critical, new DerOctetString(extensionValue));
|
||||
}
|
||||
|
||||
public void AddExtension(DerObjectIdentifier oid, bool critical, byte[] extensionValue)
|
||||
{
|
||||
extGenerator.AddExtension(oid, critical, new DerOctetString(extensionValue));
|
||||
}
|
||||
|
||||
[Obsolete("Use Generate with an ISignatureFactory")]
|
||||
public X509Crl Generate(AsymmetricKeyParameter privateKey)
|
||||
{
|
||||
return Generate(privateKey, null);
|
||||
}
|
||||
|
||||
[Obsolete("Use Generate with an ISignatureFactory")]
|
||||
public X509Crl Generate(AsymmetricKeyParameter privateKey, SecureRandom random)
|
||||
{
|
||||
return Generate(new Asn1SignatureFactory(signatureAlgorithm, privateKey, random));
|
||||
}
|
||||
|
||||
public X509Crl Generate(ISignatureFactory signatureCalculatorFactory)
|
||||
{
|
||||
tbsGen.SetSignature((AlgorithmIdentifier)signatureCalculatorFactory.AlgorithmDetails);
|
||||
TbsCertificateList tbsCertificateList = GenerateCertList();
|
||||
IStreamCalculator streamCalculator = signatureCalculatorFactory.CreateCalculator();
|
||||
byte[] derEncoded = tbsCertificateList.GetDerEncoded();
|
||||
streamCalculator.Stream.Write(derEncoded, 0, derEncoded.Length);
|
||||
Platform.Dispose(streamCalculator.Stream);
|
||||
return GenerateJcaObject(tbsCertificateList, (AlgorithmIdentifier)signatureCalculatorFactory.AlgorithmDetails, ((IBlockResult)streamCalculator.GetResult()).Collect());
|
||||
}
|
||||
|
||||
private TbsCertificateList GenerateCertList()
|
||||
{
|
||||
if (!extGenerator.IsEmpty)
|
||||
{
|
||||
tbsGen.SetExtensions(extGenerator.Generate());
|
||||
}
|
||||
return tbsGen.GenerateTbsCertList();
|
||||
}
|
||||
|
||||
private X509Crl GenerateJcaObject(TbsCertificateList tbsCrl, AlgorithmIdentifier algId, byte[] signature)
|
||||
{
|
||||
return new X509Crl(CertificateList.GetInstance(new DerSequence(tbsCrl, algId, new DerBitString(signature))));
|
||||
}
|
||||
}
|
||||
Reference in New Issue
Block a user