add all
This commit is contained in:
214
Packages/com.tivadar.best.http/Runtime/3rdParty/BouncyCastle/x509/X509V2CRLGenerator.cs
vendored
Normal file
214
Packages/com.tivadar.best.http/Runtime/3rdParty/BouncyCastle/x509/X509V2CRLGenerator.cs
vendored
Normal file
@@ -0,0 +1,214 @@
|
||||
#if !BESTHTTP_DISABLE_ALTERNATE_SSL && (!UNITY_WEBGL || UNITY_EDITOR)
|
||||
#pragma warning disable
|
||||
using System;
|
||||
using System.Collections.Generic;
|
||||
using System.IO;
|
||||
|
||||
using Best.HTTP.SecureProtocol.Org.BouncyCastle.Asn1;
|
||||
using Best.HTTP.SecureProtocol.Org.BouncyCastle.Asn1.X509;
|
||||
using Best.HTTP.SecureProtocol.Org.BouncyCastle.Crypto;
|
||||
using Best.HTTP.SecureProtocol.Org.BouncyCastle.Math;
|
||||
using Best.HTTP.SecureProtocol.Org.BouncyCastle.Security.Certificates;
|
||||
using Best.HTTP.SecureProtocol.Org.BouncyCastle.Utilities;
|
||||
|
||||
namespace Best.HTTP.SecureProtocol.Org.BouncyCastle.X509
|
||||
{
|
||||
/**
|
||||
* class to produce an X.509 Version 2 CRL.
|
||||
*/
|
||||
public class X509V2CrlGenerator
|
||||
{
|
||||
private readonly X509ExtensionsGenerator extGenerator = new X509ExtensionsGenerator();
|
||||
|
||||
private V2TbsCertListGenerator tbsGen;
|
||||
|
||||
public X509V2CrlGenerator()
|
||||
{
|
||||
tbsGen = new V2TbsCertListGenerator();
|
||||
}
|
||||
|
||||
/**
|
||||
* reset the generator
|
||||
*/
|
||||
public void Reset()
|
||||
{
|
||||
tbsGen = new V2TbsCertListGenerator();
|
||||
extGenerator.Reset();
|
||||
}
|
||||
|
||||
/**
|
||||
* Set the issuer distinguished name - the issuer is the entity whose private key is used to sign the
|
||||
* certificate.
|
||||
*/
|
||||
public void SetIssuerDN(
|
||||
X509Name issuer)
|
||||
{
|
||||
tbsGen.SetIssuer(issuer);
|
||||
}
|
||||
|
||||
public void SetThisUpdate(
|
||||
DateTime date)
|
||||
{
|
||||
tbsGen.SetThisUpdate(new Time(date));
|
||||
}
|
||||
|
||||
public void SetNextUpdate(
|
||||
DateTime date)
|
||||
{
|
||||
tbsGen.SetNextUpdate(new Time(date));
|
||||
}
|
||||
|
||||
/**
|
||||
* Reason being as indicated by CrlReason, i.e. CrlReason.KeyCompromise
|
||||
* or 0 if CrlReason is not to be used
|
||||
**/
|
||||
public void AddCrlEntry(
|
||||
BigInteger userCertificate,
|
||||
DateTime revocationDate,
|
||||
int reason)
|
||||
{
|
||||
tbsGen.AddCrlEntry(new DerInteger(userCertificate), new Time(revocationDate), reason);
|
||||
}
|
||||
|
||||
/**
|
||||
* Add a CRL entry with an Invalidity Date extension as well as a CrlReason extension.
|
||||
* Reason being as indicated by CrlReason, i.e. CrlReason.KeyCompromise
|
||||
* or 0 if CrlReason is not to be used
|
||||
**/
|
||||
public void AddCrlEntry(
|
||||
BigInteger userCertificate,
|
||||
DateTime revocationDate,
|
||||
int reason,
|
||||
DateTime invalidityDate)
|
||||
{
|
||||
tbsGen.AddCrlEntry(new DerInteger(userCertificate), new Time(revocationDate), reason,
|
||||
new Asn1GeneralizedTime(invalidityDate));
|
||||
}
|
||||
|
||||
/**
|
||||
* Add a CRL entry with extensions.
|
||||
**/
|
||||
public void AddCrlEntry(
|
||||
BigInteger userCertificate,
|
||||
DateTime revocationDate,
|
||||
X509Extensions extensions)
|
||||
{
|
||||
tbsGen.AddCrlEntry(new DerInteger(userCertificate), new Time(revocationDate), extensions);
|
||||
}
|
||||
|
||||
/**
|
||||
* Add the CRLEntry objects contained in a previous CRL.
|
||||
*
|
||||
* @param other the X509Crl to source the other entries from.
|
||||
*/
|
||||
public void AddCrl(X509Crl other)
|
||||
{
|
||||
if (other == null)
|
||||
throw new ArgumentNullException("other");
|
||||
|
||||
var revocations = other.GetRevokedCertificates();
|
||||
|
||||
if (revocations != null)
|
||||
{
|
||||
foreach (X509CrlEntry entry in revocations)
|
||||
{
|
||||
try
|
||||
{
|
||||
tbsGen.AddCrlEntry(
|
||||
Asn1Sequence.GetInstance(
|
||||
Asn1Object.FromByteArray(entry.GetEncoded())));
|
||||
}
|
||||
catch (IOException e)
|
||||
{
|
||||
throw new CrlException("exception processing encoding of CRL", e);
|
||||
}
|
||||
}
|
||||
}
|
||||
}
|
||||
|
||||
/**
|
||||
* add a given extension field for the standard extensions tag (tag 0)
|
||||
*/
|
||||
public void AddExtension(
|
||||
string oid,
|
||||
bool critical,
|
||||
Asn1Encodable extensionValue)
|
||||
{
|
||||
extGenerator.AddExtension(new DerObjectIdentifier(oid), critical, extensionValue);
|
||||
}
|
||||
|
||||
/**
|
||||
* add a given extension field for the standard extensions tag (tag 0)
|
||||
*/
|
||||
public void AddExtension(
|
||||
DerObjectIdentifier oid,
|
||||
bool critical,
|
||||
Asn1Encodable extensionValue)
|
||||
{
|
||||
extGenerator.AddExtension(oid, critical, extensionValue);
|
||||
}
|
||||
|
||||
/**
|
||||
* add a given extension field for the standard extensions tag (tag 0)
|
||||
*/
|
||||
public void AddExtension(
|
||||
string oid,
|
||||
bool critical,
|
||||
byte[] extensionValue)
|
||||
{
|
||||
extGenerator.AddExtension(new DerObjectIdentifier(oid), critical, new DerOctetString(extensionValue));
|
||||
}
|
||||
|
||||
/**
|
||||
* add a given extension field for the standard extensions tag (tag 0)
|
||||
*/
|
||||
public void AddExtension(
|
||||
DerObjectIdentifier oid,
|
||||
bool critical,
|
||||
byte[] extensionValue)
|
||||
{
|
||||
extGenerator.AddExtension(oid, critical, new DerOctetString(extensionValue));
|
||||
}
|
||||
|
||||
/// <summary>
|
||||
/// Generate a new <see cref="X509Crl"/> using the provided <see cref="ISignatureFactory"/>.
|
||||
/// </summary>
|
||||
/// <param name="signatureFactory">A <see cref="ISignatureFactory">signature factory</see> with the necessary
|
||||
/// algorithm details.</param>
|
||||
/// <returns>An <see cref="X509Crl"/>.</returns>
|
||||
public X509Crl Generate(ISignatureFactory signatureFactory)
|
||||
{
|
||||
var sigAlgID = (AlgorithmIdentifier)signatureFactory.AlgorithmDetails;
|
||||
|
||||
tbsGen.SetSignature(sigAlgID);
|
||||
|
||||
if (!extGenerator.IsEmpty)
|
||||
{
|
||||
tbsGen.SetExtensions(extGenerator.Generate());
|
||||
}
|
||||
|
||||
TbsCertificateList tbsCertList = tbsGen.GenerateTbsCertList();
|
||||
|
||||
IStreamCalculator<IBlockResult> streamCalculator = signatureFactory.CreateCalculator();
|
||||
using (Stream sigStream = streamCalculator.Stream)
|
||||
{
|
||||
tbsCertList.EncodeTo(sigStream, Asn1Encodable.Der);
|
||||
}
|
||||
|
||||
var signature = streamCalculator.GetResult().Collect();
|
||||
|
||||
return new X509Crl(
|
||||
CertificateList.GetInstance(new DerSequence(tbsCertList, sigAlgID, new DerBitString(signature))));
|
||||
}
|
||||
|
||||
/// <summary>
|
||||
/// Allows enumeration of the signature names supported by the generator.
|
||||
/// </summary>
|
||||
public IEnumerable<string> SignatureAlgNames
|
||||
{
|
||||
get { return X509Utilities.GetAlgNames(); }
|
||||
}
|
||||
}
|
||||
}
|
||||
#pragma warning restore
|
||||
#endif
|
||||
Reference in New Issue
Block a user