Volian/3rdPartyLibraries
8
0
Fork 0
Code Issues Pull Requests Projects Releases Wiki Activity

Initial Commit

Browse Source
This commit is contained in:
Devin Jankowski
2023-06-21 12:46:23 -04:00
commit c70248a520
1352 changed files with 336780 additions and 0 deletions
Download Patch File Download Diff File Expand all files Collapse all files

10
iTechSharp/srcbc/x509/store/IX509Selector.cs Normal file
View File

@@ -0,0 +1,10 @@
using System;
namespace Org.BouncyCastle.X509.Store
{
public interface IX509Selector
: ICloneable
{
bool Match(object obj);
}
}

11
iTechSharp/srcbc/x509/store/IX509Store.cs Normal file
View File

@@ -0,0 +1,11 @@
using System;
using System.Collections;
namespace Org.BouncyCastle.X509.Store
{
public interface IX509Store
{
// void Init(IX509StoreParameters parameters);
ICollection GetMatches(IX509Selector selector);
}
}

8
iTechSharp/srcbc/x509/store/IX509StoreParameters.cs Normal file
View File

@@ -0,0 +1,8 @@
using System;
namespace Org.BouncyCastle.X509.Store
{
public interface IX509StoreParameters
{
}
}

25
iTechSharp/srcbc/x509/store/NoSuchStoreException.cs Normal file
View File

@@ -0,0 +1,25 @@
using System;
namespace Org.BouncyCastle.X509.Store
{
public class NoSuchStoreException
: X509StoreException
{
public NoSuchStoreException()
{
}
public NoSuchStoreException(
string message)
: base(message)
{
}
public NoSuchStoreException(
string message,
Exception e)
: base(message, e)
{
}
}
}

376
iTechSharp/srcbc/x509/store/X509AttrCertStoreSelector.cs Normal file
View File

@@ -0,0 +1,376 @@
using System;
using System.Collections;
using System.IO;
using Org.BouncyCastle.Asn1;
using Org.BouncyCastle.Asn1.X509;
using Org.BouncyCastle.Math;
using Org.BouncyCastle.Utilities.Collections;
using Org.BouncyCastle.Utilities.Date;
using Org.BouncyCastle.X509.Extension;
namespace Org.BouncyCastle.X509.Store
{
/**
* This class is an <code>Selector</code> like implementation to select
* attribute certificates from a given set of criteria.
*
* @see org.bouncycastle.x509.X509AttributeCertificate
* @see org.bouncycastle.x509.X509Store
*/
public class X509AttrCertStoreSelector
: IX509Selector
{
// TODO: name constraints???
private IX509AttributeCertificate attributeCert;
private DateTimeObject attributeCertificateValid;
private AttributeCertificateHolder holder;
private AttributeCertificateIssuer issuer;
private BigInteger serialNumber;
private ISet targetNames = new HashSet();
private ISet targetGroups = new HashSet();
public X509AttrCertStoreSelector()
{
}
private X509AttrCertStoreSelector(
X509AttrCertStoreSelector o)
{
this.attributeCert = o.attributeCert;
this.attributeCertificateValid = o.attributeCertificateValid;
this.holder = o.holder;
this.issuer = o.issuer;
this.serialNumber = o.serialNumber;
this.targetGroups = new HashSet(o.targetGroups);
this.targetNames = new HashSet(o.targetNames);
}
/// <summary>
/// Decides if the given attribute certificate should be selected.
/// </summary>
/// <param name="obj">The attribute certificate to be checked.</param>
/// <returns><code>true</code> if the object matches this selector.</returns>
public bool Match(
object obj)
{
if (obj == null)
throw new ArgumentNullException("obj");
IX509AttributeCertificate attrCert = obj as IX509AttributeCertificate;
if (attrCert == null)
return false;
if (this.attributeCert != null && !this.attributeCert.Equals(attrCert))
return false;
if (serialNumber != null && !attrCert.SerialNumber.Equals(serialNumber))
return false;
if (holder != null && !attrCert.Holder.Equals(holder))
return false;
if (issuer != null && !attrCert.Issuer.Equals(issuer))
return false;
if (attributeCertificateValid != null && !attrCert.IsValid(attributeCertificateValid.Value))
return false;
if (targetNames.Count > 0 || targetGroups.Count > 0)
{
Asn1OctetString targetInfoExt = attrCert.GetExtensionValue(
X509Extensions.TargetInformation);
if (targetInfoExt != null)
{
TargetInformation targetinfo;
try
{
targetinfo = TargetInformation.GetInstance(
X509ExtensionUtilities.FromExtensionValue(targetInfoExt));
}
catch (Exception)
{
return false;
}
Targets[] targetss = targetinfo.GetTargetsObjects();
if (targetNames.Count > 0)
{
bool found = false;
for (int i = 0; i < targetss.Length && !found; i++)
{
Target[] targets = targetss[i].GetTargets();
for (int j = 0; j < targets.Length; j++)
{
GeneralName targetName = targets[j].TargetName;
if (targetName != null && targetNames.Contains(targetName))
{
found = true;
break;
}
}
}
if (!found)
{
return false;
}
}
if (targetGroups.Count > 0)
{
bool found = false;
for (int i = 0; i < targetss.Length && !found; i++)
{
Target[] targets = targetss[i].GetTargets();
for (int j = 0; j < targets.Length; j++)
{
GeneralName targetGroup = targets[j].TargetGroup;
if (targetGroup != null && targetGroups.Contains(targetGroup))
{
found = true;
break;
}
}
}
if (!found)
{
return false;
}
}
}
}
return true;
}
public object Clone()
{
return new X509AttrCertStoreSelector(this);
}
/// <summary>The attribute certificate which must be matched.</summary>
/// <remarks>If <c>null</c> is given, any will do.</remarks>
public IX509AttributeCertificate AttributeCert
{
get { return attributeCert; }
set { this.attributeCert = value; }
}
[Obsolete("Use AttributeCertificateValid instead")]
public DateTimeObject AttribueCertificateValid
{
get { return attributeCertificateValid; }
set { this.attributeCertificateValid = value; }
}
/// <summary>The criteria for validity</summary>
/// <remarks>If <c>null</c> is given any will do.</remarks>
public DateTimeObject AttributeCertificateValid
{
get { return attributeCertificateValid; }
set { this.attributeCertificateValid = value; }
}
/// <summary>The holder.</summary>
/// <remarks>If <c>null</c> is given any will do.</remarks>
public AttributeCertificateHolder Holder
{
get { return holder; }
set { this.holder = value; }
}
/// <summary>The issuer.</summary>
/// <remarks>If <c>null</c> is given any will do.</remarks>
public AttributeCertificateIssuer Issuer
{
get { return issuer; }
set { this.issuer = value; }
}
/// <summary>The serial number.</summary>
/// <remarks>If <c>null</c> is given any will do.</remarks>
public BigInteger SerialNumber
{
get { return serialNumber; }
set { this.serialNumber = value; }
}
/**
* Adds a target name criterion for the attribute certificate to the target
* information extension criteria. The <code>X509AttributeCertificate</code>
* must contain at least one of the specified target names.
* <p>
* Each attribute certificate may contain a target information extension
* limiting the servers where this attribute certificate can be used. If
* this extension is not present, the attribute certificate is not targeted
* and may be accepted by any server.
* </p>
*
* @param name The name as a GeneralName (not <code>null</code>)
*/
public void AddTargetName(
GeneralName name)
{
targetNames.Add(name);
}
/**
* Adds a target name criterion for the attribute certificate to the target
* information extension criteria. The <code>X509AttributeCertificate</code>
* must contain at least one of the specified target names.
* <p>
* Each attribute certificate may contain a target information extension
* limiting the servers where this attribute certificate can be used. If
* this extension is not present, the attribute certificate is not targeted
* and may be accepted by any server.
* </p>
*
* @param name a byte array containing the name in ASN.1 DER encoded form of a GeneralName
* @throws IOException if a parsing error occurs.
*/
public void AddTargetName(
byte[] name)
{
AddTargetName(GeneralName.GetInstance(Asn1Object.FromByteArray(name)));
}
/**
* Adds a collection with target names criteria. If <code>null</code> is
* given any will do.
* <p>
* The collection consists of either GeneralName objects or byte[] arrays representing
* DER encoded GeneralName structures.
* </p>
*
* @param names A collection of target names.
* @throws IOException if a parsing error occurs.
* @see #AddTargetName(byte[])
* @see #AddTargetName(GeneralName)
*/
public void SetTargetNames(
IEnumerable names)
{
targetNames = ExtractGeneralNames(names);
}
/**
* Gets the target names. The collection consists of <code>List</code>s
* made up of an <code>Integer</code> in the first entry and a DER encoded
* byte array or a <code>String</code> in the second entry.
* <p>The returned collection is immutable.</p>
*
* @return The collection of target names
* @see #setTargetNames(Collection)
*/
public IEnumerable GetTargetNames()
{
return new EnumerableProxy(targetNames);
}
/**
* Adds a target group criterion for the attribute certificate to the target
* information extension criteria. The <code>X509AttributeCertificate</code>
* must contain at least one of the specified target groups.
* <p>
* Each attribute certificate may contain a target information extension
* limiting the servers where this attribute certificate can be used. If
* this extension is not present, the attribute certificate is not targeted
* and may be accepted by any server.
* </p>
*
* @param group The group as GeneralName form (not <code>null</code>)
*/
public void AddTargetGroup(
GeneralName group)
{
targetGroups.Add(group);
}
/**
* Adds a target group criterion for the attribute certificate to the target
* information extension criteria. The <code>X509AttributeCertificate</code>
* must contain at least one of the specified target groups.
* <p>
* Each attribute certificate may contain a target information extension
* limiting the servers where this attribute certificate can be used. If
* this extension is not present, the attribute certificate is not targeted
* and may be accepted by any server.
* </p>
*
* @param name a byte array containing the group in ASN.1 DER encoded form of a GeneralName
* @throws IOException if a parsing error occurs.
*/
public void AddTargetGroup(
byte[] name)
{
AddTargetGroup(GeneralName.GetInstance(Asn1Object.FromByteArray(name)));
}
/**
* Adds a collection with target groups criteria. If <code>null</code> is
* given any will do.
* <p>
* The collection consists of <code>GeneralName</code> objects or <code>byte[]</code>
* representing DER encoded GeneralNames.
* </p>
*
* @param names A collection of target groups.
* @throws IOException if a parsing error occurs.
* @see #AddTargetGroup(byte[])
* @see #AddTargetGroup(GeneralName)
*/
public void SetTargetGroups(
IEnumerable names)
{
targetGroups = ExtractGeneralNames(names);
}
/**
* Gets the target groups. The collection consists of <code>List</code>s
* made up of an <code>Integer</code> in the first entry and a DER encoded
* byte array or a <code>String</code> in the second entry.
* <p>The returned collection is immutable.</p>
*
* @return The collection of target groups.
* @see #setTargetGroups(Collection)
*/
public IEnumerable GetTargetGroups()
{
return new EnumerableProxy(targetGroups);
}
private ISet ExtractGeneralNames(
IEnumerable names)
{
ISet result = new HashSet();
if (names != null)
{
foreach (object o in names)
{
if (o is GeneralName)
{
result.Add(o);
}
else
{
result.Add(GeneralName.GetInstance(Asn1Object.FromByteArray((byte[]) o)));
}
}
}
return result;
}
}
}

92
iTechSharp/srcbc/x509/store/X509CertPairStoreSelector.cs Normal file
View File

@@ -0,0 +1,92 @@
using System;
namespace Org.BouncyCastle.X509.Store
{
/// <remarks>
/// This class is an <code>IX509Selector</code> implementation to select
/// certificate pairs, which are e.g. used for cross certificates. The set of
/// criteria is given from two <code>X509CertStoreSelector</code> objects,
/// each of which, if present, must match the respective component of a pair.
/// </remarks>
public class X509CertPairStoreSelector
: IX509Selector
{
private static X509CertStoreSelector CloneSelector(
X509CertStoreSelector s)
{
return s == null ? null : (X509CertStoreSelector) s.Clone();
}
private X509CertificatePair certPair;
private X509CertStoreSelector forwardSelector;
private X509CertStoreSelector reverseSelector;
public X509CertPairStoreSelector()
{
}
private X509CertPairStoreSelector(
X509CertPairStoreSelector o)
{
this.certPair = o.CertPair;
this.forwardSelector = o.ForwardSelector;
this.reverseSelector = o.ReverseSelector;
}
/// <summary>The certificate pair which is used for testing on equality.</summary>
public X509CertificatePair CertPair
{
get { return certPair; }
set { this.certPair = value; }
}
/// <summary>The certificate selector for the forward part.</summary>
public X509CertStoreSelector ForwardSelector
{
get { return CloneSelector(forwardSelector); }
set { this.forwardSelector = CloneSelector(value); }
}
/// <summary>The certificate selector for the reverse part.</summary>
public X509CertStoreSelector ReverseSelector
{
get { return CloneSelector(reverseSelector); }
set { this.reverseSelector = CloneSelector(value); }
}
/// <summary>
/// Decides if the given certificate pair should be selected. If
/// <c>obj</c> is not a <code>X509CertificatePair</code>, this method
/// returns <code>false</code>.
/// </summary>
/// <param name="obj">The <code>X509CertificatePair</code> to be tested.</param>
/// <returns><code>true</code> if the object matches this selector.</returns>
public bool Match(
object obj)
{
if (obj == null)
throw new ArgumentNullException("obj");
X509CertificatePair pair = obj as X509CertificatePair;
if (pair == null)
return false;
if (certPair != null && !certPair.Equals(pair))
return false;
if (forwardSelector != null && !forwardSelector.Match(pair.Forward))
return false;
if (reverseSelector != null && !reverseSelector.Match(pair.Reverse))
return false;
return true;
}
public object Clone()
{
return new X509CertPairStoreSelector(this);
}
}
}

329
iTechSharp/srcbc/x509/store/X509CertStoreSelector.cs Normal file
View File

@@ -0,0 +1,329 @@
using System;
using System.Collections;
using Org.BouncyCastle.Asn1;
using Org.BouncyCastle.Asn1.X509;
using Org.BouncyCastle.Math;
using Org.BouncyCastle.Utilities;
using Org.BouncyCastle.Utilities.Collections;
using Org.BouncyCastle.Utilities.Date;
using Org.BouncyCastle.X509.Extension;
namespace Org.BouncyCastle.X509.Store
{
public class X509CertStoreSelector
: IX509Selector
{
// TODO Missing criteria?
private byte[] authorityKeyIdentifier;
private int basicConstraints = -1;
private X509Certificate certificate;
private DateTimeObject certificateValid;
private ISet extendedKeyUsage;
private X509Name issuer;
private bool[] keyUsage;
private ISet policy;
private DateTimeObject privateKeyValid;
private BigInteger serialNumber;
private X509Name subject;
private byte[] subjectKeyIdentifier;
private SubjectPublicKeyInfo subjectPublicKey;
private DerObjectIdentifier subjectPublicKeyAlgID;
public X509CertStoreSelector()
{
}
public X509CertStoreSelector(
X509CertStoreSelector o)
{
this.authorityKeyIdentifier = o.AuthorityKeyIdentifier;
this.basicConstraints = o.BasicConstraints;
this.certificate = o.Certificate;
this.certificateValid = o.CertificateValid;
this.extendedKeyUsage = o.ExtendedKeyUsage;
this.issuer = o.Issuer;
this.keyUsage = o.KeyUsage;
this.policy = o.Policy;
this.privateKeyValid = o.PrivateKeyValid;
this.serialNumber = o.SerialNumber;
this.subject = o.Subject;
this.subjectKeyIdentifier = o.SubjectKeyIdentifier;
this.subjectPublicKey = o.SubjectPublicKey;
this.subjectPublicKeyAlgID = o.SubjectPublicKeyAlgID;
}
public virtual object Clone()
{
return new X509CertStoreSelector(this);
}
public byte[] AuthorityKeyIdentifier
{
get { return Arrays.Clone(authorityKeyIdentifier); }
set { authorityKeyIdentifier = Arrays.Clone(value); }
}
public int BasicConstraints
{
get { return basicConstraints; }
set
{
if (value < -2)
throw new ArgumentException("value can't be less than -2", "value");
basicConstraints = value;
}
}
public X509Certificate Certificate
{
get { return certificate; }
set { this.certificate = value; }
}
public DateTimeObject CertificateValid
{
get { return certificateValid; }
set { certificateValid = value; }
}
public ISet ExtendedKeyUsage
{
get { return CopySet(extendedKeyUsage); }
set { extendedKeyUsage = CopySet(value); }
}
public X509Name Issuer
{
get { return issuer; }
set { issuer = value; }
}
public string IssuerAsString
{
get { return issuer != null ? issuer.ToString() : null; }
}
public bool[] KeyUsage
{
get { return CopyBoolArray(keyUsage); }
set { keyUsage = CopyBoolArray(value); }
}
/// <summary>
/// An <code>ISet</code> of <code>DerObjectIdentifier</code> objects.
/// </summary>
public ISet Policy
{
get { return CopySet(policy); }
set { policy = CopySet(value); }
}
public DateTimeObject PrivateKeyValid
{
get { return privateKeyValid; }
set { privateKeyValid = value; }
}
public BigInteger SerialNumber
{
get { return serialNumber; }
set { serialNumber = value; }
}
public X509Name Subject
{
get { return subject; }
set { subject = value; }
}
public string SubjectAsString
{
get { return subject != null ? subject.ToString() : null; }
}
public byte[] SubjectKeyIdentifier
{
get { return Arrays.Clone(subjectKeyIdentifier); }
set { subjectKeyIdentifier = Arrays.Clone(value); }
}
public SubjectPublicKeyInfo SubjectPublicKey
{
get { return subjectPublicKey; }
set { subjectPublicKey = value; }
}
public DerObjectIdentifier SubjectPublicKeyAlgID
{
get { return subjectPublicKeyAlgID; }
set { subjectPublicKeyAlgID = value; }
}
public virtual bool Match(
object obj)
{
X509Certificate c = obj as X509Certificate;
if (c == null)
return false;
if (!MatchExtension(authorityKeyIdentifier, c, X509Extensions.AuthorityKeyIdentifier))
return false;
if (basicConstraints != -1)
{
int bc = c.GetBasicConstraints();
if (basicConstraints == -2)
{
if (bc != -1)
return false;
}
else
{
if (bc < basicConstraints)
return false;
}
}
if (certificate != null && !certificate.Equals(c))
return false;
if (certificateValid != null && !c.IsValid(certificateValid.Value))
return false;
if (extendedKeyUsage != null)
{
IList eku = c.GetExtendedKeyUsage();
// Note: if no extended key usage set, all key purposes are implicitly allowed
if (eku != null)
{
foreach (DerObjectIdentifier oid in extendedKeyUsage)
{
if (!eku.Contains(oid.Id))
return false;
}
}
}
if (issuer != null && !issuer.Equivalent(c.IssuerDN))
return false;
if (keyUsage != null)
{
bool[] ku = c.GetKeyUsage();
// Note: if no key usage set, all key purposes are implicitly allowed
if (ku != null)
{
for (int i = 0; i < 9; ++i)
{
if (keyUsage[i] && !ku[i])
return false;
}
}
}
if (policy != null)
{
Asn1OctetString extVal = c.GetExtensionValue(X509Extensions.CertificatePolicies);
if (extVal == null)
return false;
Asn1Sequence certPolicies = Asn1Sequence.GetInstance(
X509ExtensionUtilities.FromExtensionValue(extVal));
if (policy.Count < 1 && certPolicies.Count < 1)
return false;
bool found = false;
foreach (PolicyInformation pi in certPolicies)
{
if (policy.Contains(pi.PolicyIdentifier))
{
found = true;
break;
}
}
if (!found)
return false;
}
if (privateKeyValid != null)
{
Asn1OctetString extVal = c.GetExtensionValue(X509Extensions.PrivateKeyUsagePeriod);
if (extVal == null)
return false;
PrivateKeyUsagePeriod pkup = PrivateKeyUsagePeriod.GetInstance(
X509ExtensionUtilities.FromExtensionValue(extVal));
DateTime dt = privateKeyValid.Value;
DateTime notAfter = pkup.NotAfter.ToDateTime();
DateTime notBefore = pkup.NotBefore.ToDateTime();
if (dt.CompareTo(notAfter) > 0 || dt.CompareTo(notBefore) < 0)
return false;
}
if (serialNumber != null && !serialNumber.Equals(c.SerialNumber))
return false;
if (subject != null && !subject.Equivalent(c.SubjectDN))
return false;
if (!MatchExtension(subjectKeyIdentifier, c, X509Extensions.SubjectKeyIdentifier))
return false;
if (subjectPublicKey != null && !subjectPublicKey.Equals(GetSubjectPublicKey(c)))
return false;
if (subjectPublicKeyAlgID != null
&& !subjectPublicKeyAlgID.Equals(GetSubjectPublicKey(c).AlgorithmID))
return false;
return true;
}
private bool[] CopyBoolArray(
bool[] b)
{
return b == null ? null : (bool[]) b.Clone();
}
private ISet CopySet(
ISet s)
{
return s == null ? null : new HashSet(s);
}
private SubjectPublicKeyInfo GetSubjectPublicKey(
X509Certificate c)
{
return SubjectPublicKeyInfoFactory.CreateSubjectPublicKeyInfo(c.GetPublicKey());
}
private bool MatchExtension(
byte[] b,
X509Certificate c,
DerObjectIdentifier oid)
{
if (b == null)
return true;
Asn1OctetString extVal = c.GetExtensionValue(oid);
if (extVal == null)
return false;
return extVal != null && Arrays.AreEqual(b, extVal.GetEncoded());
}
}
}

49
iTechSharp/srcbc/x509/store/X509CollectionStore.cs Normal file
View File

@@ -0,0 +1,49 @@
using System;
using System.Collections;
namespace Org.BouncyCastle.X509.Store
{
/**
* A simple collection backed store.
*/
internal class X509CollectionStore
: IX509Store
{
private ICollection _local;
/**
* Basic constructor.
*
* @param collection - initial contents for the store, this is copied.
*/
internal X509CollectionStore(
ICollection collection)
{
_local = new ArrayList(collection);
}
/**
* Return the matches in the collection for the passed in selector.
*
* @param selector the selector to match against.
* @return a possibly empty collection of matching objects.
*/
public ICollection GetMatches(
IX509Selector selector)
{
if (selector == null)
{
return new ArrayList(_local);
}
IList result = new ArrayList();
foreach (object obj in _local)
{
if (selector.Match(obj))
result.Add(obj);
}
return result;
}
}
}

58
iTechSharp/srcbc/x509/store/X509CollectionStoreParameters.cs Normal file
View File

@@ -0,0 +1,58 @@
using System;
using System.Collections;
using System.Text;
namespace Org.BouncyCastle.X509.Store
{
/// <remarks>This class contains a collection for collection based <code>X509Store</code>s.</remarks>
public class X509CollectionStoreParameters
: IX509StoreParameters
{
private readonly ArrayList collection;
/// <summary>
/// Constructor.
/// <p>
/// The collection is copied.
/// </p>
/// </summary>
/// <param name="collection">The collection containing X.509 object types.</param>
/// <exception cref="ArgumentNullException">If collection is null.</exception>
public X509CollectionStoreParameters(
ICollection collection)
{
if (collection == null)
throw new ArgumentNullException("collection");
this.collection = new ArrayList(collection);
}
// TODO Do we need to be able to Clone() these, and should it really be shallow?
// /**
// * Returns a shallow clone. The returned contents are not copied, so adding
// * or removing objects will effect this.
// *
// * @return a shallow clone.
// */
// public object Clone()
// {
// return new X509CollectionStoreParameters(collection);
// }
/// <summary>Returns a copy of the <code>ICollection</code>.</summary>
public ICollection GetCollection()
{
return new ArrayList(collection);
}
/// <summary>Returns a formatted string describing the parameters.</summary>
public override string ToString()
{
StringBuilder sb = new StringBuilder();
sb.Append("X509CollectionStoreParameters: [\n");
sb.Append(" collection: " + collection + "\n");
sb.Append("]");
return sb.ToString();
}
}
}

283
iTechSharp/srcbc/x509/store/X509CrlStoreSelector.cs Normal file
View File

@@ -0,0 +1,283 @@
using System;
using System.Collections;
using Org.BouncyCastle.Asn1;
using Org.BouncyCastle.Asn1.X509;
using Org.BouncyCastle.Math;
using Org.BouncyCastle.Utilities;
using Org.BouncyCastle.Utilities.Date;
using Org.BouncyCastle.X509;
using Org.BouncyCastle.X509.Extension;
namespace Org.BouncyCastle.X509.Store
{
public class X509CrlStoreSelector
: IX509Selector
{
// TODO Missing criteria?
private X509Certificate certificateChecking;
private DateTimeObject dateAndTime;
private ICollection issuers;
private BigInteger maxCrlNumber;
private BigInteger minCrlNumber;
private IX509AttributeCertificate attrCertChecking;
private bool completeCrlEnabled;
private bool deltaCrlIndicatorEnabled;
private byte[] issuingDistributionPoint;
private bool issuingDistributionPointEnabled;
private BigInteger maxBaseCrlNumber;
public X509CrlStoreSelector()
{
}
public X509CrlStoreSelector(
X509CrlStoreSelector o)
{
this.certificateChecking = o.CertificateChecking;
this.dateAndTime = o.DateAndTime;
this.issuers = o.Issuers;
this.maxCrlNumber = o.MaxCrlNumber;
this.minCrlNumber = o.MinCrlNumber;
this.deltaCrlIndicatorEnabled = o.DeltaCrlIndicatorEnabled;
this.completeCrlEnabled = o.CompleteCrlEnabled;
this.maxBaseCrlNumber = o.MaxBaseCrlNumber;
this.attrCertChecking = o.AttrCertChecking;
this.issuingDistributionPointEnabled = o.IssuingDistributionPointEnabled;
this.issuingDistributionPoint = o.IssuingDistributionPoint;
}
public virtual object Clone()
{
return new X509CrlStoreSelector(this);
}
public X509Certificate CertificateChecking
{
get { return certificateChecking; }
set { certificateChecking = value; }
}
public DateTimeObject DateAndTime
{
get { return dateAndTime; }
set { dateAndTime = value; }
}
/// <summary>
/// An <code>ICollection</code> of <code>X509Name</code> objects
/// </summary>
public ICollection Issuers
{
get { return new ArrayList(issuers); }
set { issuers = new ArrayList(value); }
}
public BigInteger MaxCrlNumber
{
get { return maxCrlNumber; }
set { maxCrlNumber = value; }
}
public BigInteger MinCrlNumber
{
get { return minCrlNumber; }
set { minCrlNumber = value; }
}
/**
* The attribute certificate being checked. This is not a criterion.
* Rather, it is optional information that may help a {@link X509Store} find
* CRLs that would be relevant when checking revocation for the specified
* attribute certificate. If <code>null</code> is specified, then no such
* optional information is provided.
*
* @param attrCert the <code>IX509AttributeCertificate</code> being checked (or
* <code>null</code>)
* @see #getAttrCertificateChecking()
*/
public IX509AttributeCertificate AttrCertChecking
{
get { return attrCertChecking; }
set { this.attrCertChecking = value; }
}
/**
* If <code>true</code> only complete CRLs are returned. Defaults to
* <code>false</code>.
*
* @return <code>true</code> if only complete CRLs are returned.
*/
public bool CompleteCrlEnabled
{
get { return completeCrlEnabled; }
set { this.completeCrlEnabled = value; }
}
/**
* Returns if this selector must match CRLs with the delta CRL indicator
* extension set. Defaults to <code>false</code>.
*
* @return Returns <code>true</code> if only CRLs with the delta CRL
* indicator extension are selected.
*/
public bool DeltaCrlIndicatorEnabled
{
get { return deltaCrlIndicatorEnabled; }
set { this.deltaCrlIndicatorEnabled = value; }
}
/**
* The issuing distribution point.
* <p>
* The issuing distribution point extension is a CRL extension which
* identifies the scope and the distribution point of a CRL. The scope
* contains among others information about revocation reasons contained in
* the CRL. Delta CRLs and complete CRLs must have matching issuing
* distribution points.</p>
* <p>
* The byte array is cloned to protect against subsequent modifications.</p>
* <p>
* You must also enable or disable this criteria with
* {@link #setIssuingDistributionPointEnabled(bool)}.</p>
*
* @param issuingDistributionPoint The issuing distribution point to set.
* This is the DER encoded OCTET STRING extension value.
* @see #getIssuingDistributionPoint()
*/
public byte[] IssuingDistributionPoint
{
get { return Arrays.Clone(issuingDistributionPoint); }
set { this.issuingDistributionPoint = Arrays.Clone(value); }
}
/**
* Whether the issuing distribution point criteria should be applied.
* Defaults to <code>false</code>.
* <p>
* You may also set the issuing distribution point criteria if not a missing
* issuing distribution point should be assumed.</p>
*
* @return Returns if the issuing distribution point check is enabled.
*/
public bool IssuingDistributionPointEnabled
{
get { return issuingDistributionPointEnabled; }
set { this.issuingDistributionPointEnabled = value; }
}
/**
* The maximum base CRL number. Defaults to <code>null</code>.
*
* @return Returns the maximum base CRL number.
* @see #setMaxBaseCRLNumber(BigInteger)
*/
public BigInteger MaxBaseCrlNumber
{
get { return maxBaseCrlNumber; }
set { this.maxBaseCrlNumber = value; }
}
public virtual bool Match(
object obj)
{
X509Crl c = obj as X509Crl;
if (c == null)
return false;
if (dateAndTime != null)
{
DateTime dt = dateAndTime.Value;
DateTime tu = c.ThisUpdate;
DateTimeObject nu = c.NextUpdate;
if (dt.CompareTo(tu) < 0 || nu == null || dt.CompareTo(nu.Value) >= 0)
return false;
}
if (issuers != null)
{
X509Name i = c.IssuerDN;
bool found = false;
foreach (X509Name issuer in issuers)
{
if (issuer.Equivalent(i))
{
found = true;
break;
}
}
if (!found)
return false;
}
if (maxCrlNumber != null || minCrlNumber != null)
{
Asn1OctetString extVal = c.GetExtensionValue(X509Extensions.CrlNumber);
if (extVal == null)
return false;
BigInteger cn = CrlNumber.GetInstance(
X509ExtensionUtilities.FromExtensionValue(extVal)).PositiveValue;
if (maxCrlNumber != null && cn.CompareTo(maxCrlNumber) > 0)
return false;
if (minCrlNumber != null && cn.CompareTo(minCrlNumber) < 0)
return false;
}
DerInteger dci = null;
try
{
Asn1OctetString bytes = c.GetExtensionValue(X509Extensions.DeltaCrlIndicator);
if (bytes != null)
{
dci = DerInteger.GetInstance(X509ExtensionUtilities.FromExtensionValue(bytes));
}
}
catch (Exception)
{
return false;
}
if (dci == null)
{
if (DeltaCrlIndicatorEnabled)
return false;
}
else
{
if (CompleteCrlEnabled)
return false;
if (maxBaseCrlNumber != null && dci.PositiveValue.CompareTo(maxBaseCrlNumber) > 0)
return false;
}
if (issuingDistributionPointEnabled)
{
Asn1OctetString idp = c.GetExtensionValue(X509Extensions.IssuingDistributionPoint);
if (issuingDistributionPoint == null)
{
if (idp != null)
return false;
}
else
{
if (!Arrays.AreEqual(idp.GetOctets(), issuingDistributionPoint))
return false;
}
}
return true;
}
}
}

25
iTechSharp/srcbc/x509/store/X509StoreException.cs Normal file
View File

@@ -0,0 +1,25 @@
using System;
namespace Org.BouncyCastle.X509.Store
{
public class X509StoreException
: Exception
{
public X509StoreException()
{
}
public X509StoreException(
string message)
: base(message)
{
}
public X509StoreException(
string message,
Exception e)
: base(message, e)
{
}
}
}

44
iTechSharp/srcbc/x509/store/X509StoreFactory.cs Normal file
View File

@@ -0,0 +1,44 @@
using System;
using System.Globalization;
namespace Org.BouncyCastle.X509.Store
{
public sealed class X509StoreFactory
{
private X509StoreFactory()
{
}
public static IX509Store Create(
string type,
IX509StoreParameters parameters)
{
if (type == null)
throw new ArgumentNullException("type");
string[] parts = type.ToUpper(CultureInfo.InvariantCulture).Split('/');
if (parts.Length < 2)
throw new ArgumentException("type");
switch (parts[0])
{
case "ATTRIBUTECERTIFICATE":
case "CERTIFICATE":
case "CERTIFICATEPAIR":
case "CRL":
{
if (parts[1] == "COLLECTION")
{
X509CollectionStoreParameters p = (X509CollectionStoreParameters) parameters;
return new X509CollectionStore(p.GetCollection());
}
break;
}
}
throw new NoSuchStoreException("X.509 store type '" + type + "' not available.");
}
}
}