136 lines
3.9 KiB
C#
136 lines
3.9 KiB
C#
using System;
|
|
using System.Collections;
|
|
using Org.BouncyCastle.Asn1;
|
|
using Org.BouncyCastle.Asn1.X509;
|
|
using Org.BouncyCastle.Crypto;
|
|
using Org.BouncyCastle.Crypto.Operators;
|
|
using Org.BouncyCastle.Math;
|
|
using Org.BouncyCastle.Security;
|
|
using Org.BouncyCastle.Security.Certificates;
|
|
using Org.BouncyCastle.Utilities;
|
|
|
|
namespace Org.BouncyCastle.X509;
|
|
|
|
public class X509V2AttributeCertificateGenerator
|
|
{
|
|
private readonly X509ExtensionsGenerator extGenerator = new X509ExtensionsGenerator();
|
|
|
|
private V2AttributeCertificateInfoGenerator acInfoGen;
|
|
|
|
private DerObjectIdentifier sigOID;
|
|
|
|
private AlgorithmIdentifier sigAlgId;
|
|
|
|
private string signatureAlgorithm;
|
|
|
|
public IEnumerable SignatureAlgNames => X509Utilities.GetAlgNames();
|
|
|
|
public X509V2AttributeCertificateGenerator()
|
|
{
|
|
acInfoGen = new V2AttributeCertificateInfoGenerator();
|
|
}
|
|
|
|
public void Reset()
|
|
{
|
|
acInfoGen = new V2AttributeCertificateInfoGenerator();
|
|
extGenerator.Reset();
|
|
}
|
|
|
|
public void SetHolder(AttributeCertificateHolder holder)
|
|
{
|
|
acInfoGen.SetHolder(holder.holder);
|
|
}
|
|
|
|
public void SetIssuer(AttributeCertificateIssuer issuer)
|
|
{
|
|
acInfoGen.SetIssuer(AttCertIssuer.GetInstance(issuer.form));
|
|
}
|
|
|
|
public void SetSerialNumber(BigInteger serialNumber)
|
|
{
|
|
acInfoGen.SetSerialNumber(new DerInteger(serialNumber));
|
|
}
|
|
|
|
public void SetNotBefore(DateTime date)
|
|
{
|
|
acInfoGen.SetStartDate(new DerGeneralizedTime(date));
|
|
}
|
|
|
|
public void SetNotAfter(DateTime date)
|
|
{
|
|
acInfoGen.SetEndDate(new DerGeneralizedTime(date));
|
|
}
|
|
|
|
[Obsolete("Not needed if Generate used with an ISignatureFactory")]
|
|
public void SetSignatureAlgorithm(string signatureAlgorithm)
|
|
{
|
|
this.signatureAlgorithm = signatureAlgorithm;
|
|
try
|
|
{
|
|
sigOID = X509Utilities.GetAlgorithmOid(signatureAlgorithm);
|
|
}
|
|
catch (Exception)
|
|
{
|
|
throw new ArgumentException("Unknown signature type requested");
|
|
}
|
|
sigAlgId = X509Utilities.GetSigAlgID(sigOID, signatureAlgorithm);
|
|
acInfoGen.SetSignature(sigAlgId);
|
|
}
|
|
|
|
public void AddAttribute(X509Attribute attribute)
|
|
{
|
|
acInfoGen.AddAttribute(AttributeX509.GetInstance(attribute.ToAsn1Object()));
|
|
}
|
|
|
|
public void SetIssuerUniqueId(bool[] iui)
|
|
{
|
|
throw Platform.CreateNotImplementedException("SetIssuerUniqueId()");
|
|
}
|
|
|
|
public void AddExtension(string oid, bool critical, Asn1Encodable extensionValue)
|
|
{
|
|
extGenerator.AddExtension(new DerObjectIdentifier(oid), critical, extensionValue);
|
|
}
|
|
|
|
public void AddExtension(string oid, bool critical, byte[] extensionValue)
|
|
{
|
|
extGenerator.AddExtension(new DerObjectIdentifier(oid), critical, extensionValue);
|
|
}
|
|
|
|
[Obsolete("Use Generate with an ISignatureFactory")]
|
|
public IX509AttributeCertificate Generate(AsymmetricKeyParameter privateKey)
|
|
{
|
|
return Generate(privateKey, null);
|
|
}
|
|
|
|
[Obsolete("Use Generate with an ISignatureFactory")]
|
|
public IX509AttributeCertificate Generate(AsymmetricKeyParameter privateKey, SecureRandom random)
|
|
{
|
|
return Generate(new Asn1SignatureFactory(signatureAlgorithm, privateKey, random));
|
|
}
|
|
|
|
public IX509AttributeCertificate Generate(ISignatureFactory signatureCalculatorFactory)
|
|
{
|
|
if (!extGenerator.IsEmpty)
|
|
{
|
|
acInfoGen.SetExtensions(extGenerator.Generate());
|
|
}
|
|
AlgorithmIdentifier signature = (AlgorithmIdentifier)signatureCalculatorFactory.AlgorithmDetails;
|
|
acInfoGen.SetSignature(signature);
|
|
AttributeCertificateInfo attributeCertificateInfo = acInfoGen.GenerateAttributeCertificateInfo();
|
|
byte[] derEncoded = attributeCertificateInfo.GetDerEncoded();
|
|
IStreamCalculator streamCalculator = signatureCalculatorFactory.CreateCalculator();
|
|
streamCalculator.Stream.Write(derEncoded, 0, derEncoded.Length);
|
|
Platform.Dispose(streamCalculator.Stream);
|
|
try
|
|
{
|
|
DerBitString signatureValue = new DerBitString(((IBlockResult)streamCalculator.GetResult()).Collect());
|
|
return new X509V2AttributeCertificate(new AttributeCertificate(attributeCertificateInfo, signature, signatureValue));
|
|
}
|
|
catch (Exception e)
|
|
{
|
|
throw new CertificateEncodingException("constructed invalid certificate", e);
|
|
}
|
|
}
|
|
}
|