diff --git a/crypto/src/asn1/cmp/CAKeyUpdAnnContent.cs b/crypto/src/asn1/cmp/CAKeyUpdAnnContent.cs
index b74bac87a..a3ec5e4df 100644
--- a/crypto/src/asn1/cmp/CAKeyUpdAnnContent.cs
+++ b/crypto/src/asn1/cmp/CAKeyUpdAnnContent.cs
@@ -7,42 +7,33 @@ namespace Org.BouncyCastle.Asn1.Cmp
public class CAKeyUpdAnnContent
: Asn1Encodable
{
- private readonly CmpCertificate oldWithNew;
- private readonly CmpCertificate newWithOld;
- private readonly CmpCertificate newWithNew;
+ public static CAKeyUpdAnnContent GetInstance(object obj)
+ {
+ if (obj is CAKeyUpdAnnContent content)
+ return content;
- private CAKeyUpdAnnContent(Asn1Sequence seq)
- {
- oldWithNew = CmpCertificate.GetInstance(seq[0]);
- newWithOld = CmpCertificate.GetInstance(seq[1]);
- newWithNew = CmpCertificate.GetInstance(seq[2]);
- }
+ if (obj is Asn1Sequence seq)
+ return new CAKeyUpdAnnContent(seq);
- public static CAKeyUpdAnnContent GetInstance(object obj)
- {
- if (obj is CAKeyUpdAnnContent)
- return (CAKeyUpdAnnContent)obj;
+ throw new ArgumentException("Invalid object: " + Platform.GetTypeName(obj), nameof(obj));
+ }
- if (obj is Asn1Sequence)
- return new CAKeyUpdAnnContent((Asn1Sequence)obj);
+ private readonly CmpCertificate m_oldWithNew;
+ private readonly CmpCertificate m_newWithOld;
+ private readonly CmpCertificate m_newWithNew;
- throw new ArgumentException("Invalid object: " + Platform.GetTypeName(obj), "obj");
- }
-
- public virtual CmpCertificate OldWithNew
- {
- get { return oldWithNew; }
- }
-
- public virtual CmpCertificate NewWithOld
+ private CAKeyUpdAnnContent(Asn1Sequence seq)
{
- get { return newWithOld; }
+ m_oldWithNew = CmpCertificate.GetInstance(seq[0]);
+ m_newWithOld = CmpCertificate.GetInstance(seq[1]);
+ m_newWithNew = CmpCertificate.GetInstance(seq[2]);
}
- public virtual CmpCertificate NewWithNew
- {
- get { return newWithNew; }
- }
+ public virtual CmpCertificate OldWithNew => m_oldWithNew;
+
+ public virtual CmpCertificate NewWithOld => m_newWithOld;
+
+ public virtual CmpCertificate NewWithNew => m_newWithNew;
/**
* <pre>
@@ -56,7 +47,7 @@ namespace Org.BouncyCastle.Asn1.Cmp
*/
public override Asn1Object ToAsn1Object()
{
- return new DerSequence(oldWithNew, newWithOld, newWithNew);
+ return new DerSequence(m_oldWithNew, m_newWithOld, m_newWithNew);
}
}
}
diff --git a/crypto/src/asn1/cmp/CertAnnContent.cs b/crypto/src/asn1/cmp/CertAnnContent.cs
new file mode 100644
index 000000000..df0188746
--- /dev/null
+++ b/crypto/src/asn1/cmp/CertAnnContent.cs
@@ -0,0 +1,72 @@
+using System;
+using System.IO;
+
+using Org.BouncyCastle.Asn1.X509;
+using Org.BouncyCastle.Utilities;
+
+namespace Org.BouncyCastle.Asn1.Cmp
+{
+ /**
+ * CertAnnContent ::= CMPCertificate
+ */
+ public class CertAnnContent
+ : CmpCertificate
+ {
+ public static CertAnnContent GetInstance(object obj)
+ {
+ // TODO[cmp]
+ if (obj == null)
+ return null;
+
+ if (obj is CertAnnContent content)
+ return content;
+
+ if (obj is CmpCertificate cmpCertificate)
+ return GetInstance(cmpCertificate.GetEncoded());
+
+ if (obj is byte[] bs)
+ {
+ try
+ {
+ obj = Asn1Object.FromByteArray(bs);
+ }
+ catch (IOException)
+ {
+ throw new ArgumentException("Invalid encoding in CertAnnContent");
+ }
+ }
+
+ if (obj is Asn1Sequence)
+ return new CertAnnContent(X509CertificateStructure.GetInstance(obj));
+
+ // TODO[cmp]
+ if (obj is Asn1TaggedObject taggedObject)
+ return new CertAnnContent(taggedObject.TagNo, taggedObject.GetObject());
+
+ throw new ArgumentException("Invalid object: " + Platform.GetTypeName(obj), nameof(obj));
+ }
+
+ public static CertAnnContent GetInstance(Asn1TaggedObject taggedObject, bool declaredExplicit)
+ {
+ // TODO[cmp]
+ if (taggedObject == null)
+ return null;
+
+ if (!declaredExplicit)
+ throw new ArgumentException("tag must be explicit");
+
+ // TODO[cmp]
+ return GetInstance(taggedObject.GetObject());
+ }
+
+ public CertAnnContent(int type, Asn1Object otherCert)
+ : base(type, otherCert)
+ {
+ }
+
+ public CertAnnContent(X509CertificateStructure x509v3PKCert)
+ : base(x509v3PKCert)
+ {
+ }
+ }
+}
diff --git a/crypto/src/asn1/cmp/CertConfirmContent.cs b/crypto/src/asn1/cmp/CertConfirmContent.cs
index 370a9e7d6..8e75dfbd0 100644
--- a/crypto/src/asn1/cmp/CertConfirmContent.cs
+++ b/crypto/src/asn1/cmp/CertConfirmContent.cs
@@ -7,32 +7,27 @@ namespace Org.BouncyCastle.Asn1.Cmp
public class CertConfirmContent
: Asn1Encodable
{
- private readonly Asn1Sequence content;
-
- private CertConfirmContent(Asn1Sequence seq)
- {
- content = seq;
- }
-
public static CertConfirmContent GetInstance(object obj)
{
- if (obj is CertConfirmContent)
- return (CertConfirmContent)obj;
+ if (obj is CertConfirmContent content)
+ return content;
- if (obj is Asn1Sequence)
- return new CertConfirmContent((Asn1Sequence)obj);
+ if (obj is Asn1Sequence seq)
+ return new CertConfirmContent(seq);
- throw new ArgumentException("Invalid object: " + Platform.GetTypeName(obj), "obj");
+ throw new ArgumentException("Invalid object: " + Platform.GetTypeName(obj), nameof(obj));
}
- public virtual CertStatus[] ToCertStatusArray()
+ private readonly Asn1Sequence m_content;
+
+ private CertConfirmContent(Asn1Sequence seq)
+ {
+ m_content = seq;
+ }
+
+ public virtual CertStatus[] ToCertStatusArray()
{
- CertStatus[] result = new CertStatus[content.Count];
- for (int i = 0; i != result.Length; i++)
- {
- result[i] = CertStatus.GetInstance(content[i]);
- }
- return result;
+ return m_content.MapElements(CertStatus.GetInstance);
}
/**
@@ -43,7 +38,7 @@ namespace Org.BouncyCastle.Asn1.Cmp
*/
public override Asn1Object ToAsn1Object()
{
- return content;
+ return m_content;
}
}
}
diff --git a/crypto/src/asn1/cmp/CertOrEncCert.cs b/crypto/src/asn1/cmp/CertOrEncCert.cs
index eb200e1e8..e517b66ce 100644
--- a/crypto/src/asn1/cmp/CertOrEncCert.cs
+++ b/crypto/src/asn1/cmp/CertOrEncCert.cs
@@ -8,79 +8,79 @@ namespace Org.BouncyCastle.Asn1.Cmp
public class CertOrEncCert
: Asn1Encodable, IAsn1Choice
{
- private readonly CmpCertificate certificate;
- private readonly EncryptedValue encryptedCert;
+ public static CertOrEncCert GetInstance(object obj)
+ {
+ if (obj is CertOrEncCert certOrEncCert)
+ return certOrEncCert;
- private CertOrEncCert(Asn1TaggedObject tagged)
+ if (obj is Asn1TaggedObject taggedObject)
+ return new CertOrEncCert(taggedObject);
+
+ throw new ArgumentException("Invalid object: " + Platform.GetTypeName(obj), nameof(obj));
+ }
+
+ private readonly CmpCertificate m_certificate;
+ private readonly EncryptedKey m_encryptedCert;
+
+ private CertOrEncCert(Asn1TaggedObject taggedObject)
{
- if (tagged.TagNo == 0)
+ if (taggedObject.TagNo == 0)
{
- certificate = CmpCertificate.GetInstance(tagged.GetObject());
+ m_certificate = CmpCertificate.GetInstance(taggedObject.GetObject());
}
- else if (tagged.TagNo == 1)
+ else if (taggedObject.TagNo == 1)
{
- encryptedCert = EncryptedValue.GetInstance(tagged.GetObject());
+ m_encryptedCert = EncryptedKey.GetInstance(taggedObject.GetObject());
}
else
{
- throw new ArgumentException("unknown tag: " + tagged.TagNo, "tagged");
- }
- }
-
- public static CertOrEncCert GetInstance(object obj)
- {
- if (obj is CertOrEncCert)
- return (CertOrEncCert)obj;
-
- if (obj is Asn1TaggedObject)
- return new CertOrEncCert((Asn1TaggedObject)obj);
-
- throw new ArgumentException("Invalid object: " + Platform.GetTypeName(obj), "obj");
- }
+ throw new ArgumentException("unknown tag: " + taggedObject.TagNo, nameof(taggedObject));
+ }
+ }
public CertOrEncCert(CmpCertificate certificate)
{
if (certificate == null)
- throw new ArgumentNullException("certificate");
+ throw new ArgumentNullException(nameof(certificate));
- this.certificate = certificate;
+ m_certificate = certificate;
}
- public CertOrEncCert(EncryptedValue encryptedCert)
+ public CertOrEncCert(EncryptedValue encryptedValue)
{
- if (encryptedCert == null)
- throw new ArgumentNullException("encryptedCert");
+ if (encryptedValue == null)
+ throw new ArgumentNullException(nameof(encryptedValue));
- this.encryptedCert = encryptedCert;
+ m_encryptedCert = new EncryptedKey(encryptedValue);
}
- public virtual CmpCertificate Certificate
- {
- get { return certificate; }
- }
+ public CertOrEncCert(EncryptedKey encryptedKey)
+ {
+ if (encryptedKey == null)
+ throw new ArgumentNullException(nameof(encryptedKey));
- public virtual EncryptedValue EncryptedCert
- {
- get { return encryptedCert; }
- }
+ m_encryptedCert = encryptedKey;
+ }
- /**
+ public virtual CmpCertificate Certificate => m_certificate;
+
+ public virtual EncryptedKey EncryptedCert => m_encryptedCert;
+
+ /**
* <pre>
* CertOrEncCert ::= CHOICE {
* certificate [0] CMPCertificate,
- * encryptedCert [1] EncryptedValue
+ * encryptedCert [1] EncryptedKey
* }
* </pre>
* @return a basic ASN.1 object representation.
*/
- public override Asn1Object ToAsn1Object()
+ public override Asn1Object ToAsn1Object()
{
- if (certificate != null)
- {
- return new DerTaggedObject(true, 0, certificate);
- }
+ if (m_certificate != null)
+ return new DerTaggedObject(true, 0, m_certificate);
- return new DerTaggedObject(true, 1, encryptedCert);
+ return new DerTaggedObject(true, 1, m_encryptedCert);
}
}
}
diff --git a/crypto/src/asn1/cmp/CertRepMessage.cs b/crypto/src/asn1/cmp/CertRepMessage.cs
index d24dd963b..696cfde47 100644
--- a/crypto/src/asn1/cmp/CertRepMessage.cs
+++ b/crypto/src/asn1/cmp/CertRepMessage.cs
@@ -7,8 +7,19 @@ namespace Org.BouncyCastle.Asn1.Cmp
public class CertRepMessage
: Asn1Encodable
{
- private readonly Asn1Sequence caPubs;
- private readonly Asn1Sequence response;
+ public static CertRepMessage GetInstance(object obj)
+ {
+ if (obj is CertRepMessage certRepMessage)
+ return certRepMessage;
+
+ if (obj != null)
+ return new CertRepMessage(Asn1Sequence.GetInstance(obj));
+
+ return null;
+ }
+
+ private readonly Asn1Sequence m_caPubs;
+ private readonly Asn1Sequence m_response;
private CertRepMessage(Asn1Sequence seq)
{
@@ -16,57 +27,33 @@ namespace Org.BouncyCastle.Asn1.Cmp
if (seq.Count > 1)
{
- caPubs = Asn1Sequence.GetInstance((Asn1TaggedObject)seq[index++], true);
+ m_caPubs = Asn1Sequence.GetInstance((Asn1TaggedObject)seq[index++], true);
}
- response = Asn1Sequence.GetInstance(seq[index]);
- }
-
- public static CertRepMessage GetInstance(object obj)
- {
- if (obj is CertRepMessage)
- return (CertRepMessage)obj;
-
- if (obj is Asn1Sequence)
- return new CertRepMessage((Asn1Sequence)obj);
-
- throw new ArgumentException("Invalid object: " + Platform.GetTypeName(obj), "obj");
+ m_response = Asn1Sequence.GetInstance(seq[index]);
}
public CertRepMessage(CmpCertificate[] caPubs, CertResponse[] response)
{
if (response == null)
- throw new ArgumentNullException("response");
+ throw new ArgumentNullException(nameof(response));
if (caPubs != null)
{
- this.caPubs = new DerSequence(caPubs);
+ m_caPubs = new DerSequence(caPubs);
}
- this.response = new DerSequence(response);
+ m_response = new DerSequence(response);
}
public virtual CmpCertificate[] GetCAPubs()
{
- if (caPubs == null)
- return null;
-
- CmpCertificate[] results = new CmpCertificate[caPubs.Count];
- for (int i = 0; i != results.Length; ++i)
- {
- results[i] = CmpCertificate.GetInstance(caPubs[i]);
- }
- return results;
+ return m_caPubs == null ? null : m_caPubs.MapElements(CmpCertificate.GetInstance);
}
public virtual CertResponse[] GetResponse()
{
- CertResponse[] results = new CertResponse[response.Count];
- for (int i = 0; i != results.Length; ++i)
- {
- results[i] = CertResponse.GetInstance(response[i]);
- }
- return results;
+ return m_response.MapElements(CertResponse.GetInstance);
}
/**
@@ -81,9 +68,9 @@ namespace Org.BouncyCastle.Asn1.Cmp
*/
public override Asn1Object ToAsn1Object()
{
- Asn1EncodableVector v = new Asn1EncodableVector();
- v.AddOptionalTagged(true, 1, caPubs);
- v.Add(response);
+ Asn1EncodableVector v = new Asn1EncodableVector(2);
+ v.AddOptionalTagged(true, 1, m_caPubs);
+ v.Add(m_response);
return new DerSequence(v);
}
}
diff --git a/crypto/src/asn1/cmp/CertReqTemplateContent.cs b/crypto/src/asn1/cmp/CertReqTemplateContent.cs
new file mode 100644
index 000000000..b229cd28b
--- /dev/null
+++ b/crypto/src/asn1/cmp/CertReqTemplateContent.cs
@@ -0,0 +1,66 @@
+using System;
+
+using Org.BouncyCastle.Asn1.Crmf;
+
+namespace Org.BouncyCastle.Asn1.Cmp
+{
+ /**
+ * GenMsg: {id-it 19}, < absent >
+ * GenRep: {id-it 19}, CertReqTemplateContent | < absent >
+ * <p>
+ * CertReqTemplateValue ::= CertReqTemplateContent
+ * <p>
+ * CertReqTemplateContent ::= SEQUENCE {
+ * certTemplate CertTemplate,
+ * keySpec Controls OPTIONAL }
+ * <p>
+ * Controls ::= SEQUENCE SIZE (1..MAX) OF AttributeTypeAndValue
+ */
+ public class CertReqTemplateContent
+ : Asn1Encodable
+ {
+ public static CertReqTemplateContent GetInstance(object obj)
+ {
+ if (obj is CertReqTemplateContent certReqTemplateContent)
+ return certReqTemplateContent;
+
+ if (obj != null)
+ return new CertReqTemplateContent(Asn1Sequence.GetInstance(obj));
+
+ return null;
+ }
+
+ private readonly CertTemplate m_certTemplate;
+ private readonly Asn1Sequence m_keySpec;
+
+ private CertReqTemplateContent(Asn1Sequence seq)
+ {
+ if (seq.Count != 1 && seq.Count != 2)
+ throw new ArgumentException("expected sequence size of 1 or 2");
+
+ m_certTemplate = CertTemplate.GetInstance(seq[0]);
+
+ if (seq.Count > 1)
+ {
+ m_keySpec = Asn1Sequence.GetInstance(seq[1]);
+ }
+ }
+
+ public CertReqTemplateContent(CertTemplate certTemplate, Asn1Sequence keySpec)
+ {
+ m_certTemplate = certTemplate;
+ m_keySpec = keySpec;
+ }
+
+ public virtual CertTemplate CertTemplate => m_certTemplate;
+
+ public virtual Asn1Sequence KeySpec => m_keySpec;
+
+ public override Asn1Object ToAsn1Object()
+ {
+ Asn1EncodableVector v = new Asn1EncodableVector(m_certTemplate);
+ v.AddOptional(m_keySpec);
+ return new DerSequence(v);
+ }
+ }
+}
diff --git a/crypto/src/asn1/cmp/CertResponse.cs b/crypto/src/asn1/cmp/CertResponse.cs
index 843fd9299..72a44c93e 100644
--- a/crypto/src/asn1/cmp/CertResponse.cs
+++ b/crypto/src/asn1/cmp/CertResponse.cs
@@ -1,21 +1,30 @@
using System;
-using Org.BouncyCastle.Utilities;
-
namespace Org.BouncyCastle.Asn1.Cmp
{
public class CertResponse
: Asn1Encodable
{
- private readonly DerInteger certReqId;
- private readonly PkiStatusInfo status;
- private readonly CertifiedKeyPair certifiedKeyPair;
- private readonly Asn1OctetString rspInfo;
+ public static CertResponse GetInstance(object obj)
+ {
+ if (obj is CertResponse certResponse)
+ return certResponse;
+
+ if (obj != null)
+ return new CertResponse(Asn1Sequence.GetInstance(obj));
+
+ return null;
+ }
+
+ private readonly DerInteger m_certReqId;
+ private readonly PkiStatusInfo m_status;
+ private readonly CertifiedKeyPair m_certifiedKeyPair;
+ private readonly Asn1OctetString m_rspInfo;
private CertResponse(Asn1Sequence seq)
{
- certReqId = DerInteger.GetInstance(seq[0]);
- status = PkiStatusInfo.GetInstance(seq[1]);
+ m_certReqId = DerInteger.GetInstance(seq[0]);
+ m_status = PkiStatusInfo.GetInstance(seq[1]);
if (seq.Count >= 3)
{
@@ -24,71 +33,46 @@ namespace Org.BouncyCastle.Asn1.Cmp
Asn1Encodable o = seq[2];
if (o is Asn1OctetString)
{
- rspInfo = Asn1OctetString.GetInstance(o);
+ m_rspInfo = Asn1OctetString.GetInstance(o);
}
else
{
- certifiedKeyPair = CertifiedKeyPair.GetInstance(o);
+ m_certifiedKeyPair = CertifiedKeyPair.GetInstance(o);
}
}
else
{
- certifiedKeyPair = CertifiedKeyPair.GetInstance(seq[2]);
- rspInfo = Asn1OctetString.GetInstance(seq[3]);
+ m_certifiedKeyPair = CertifiedKeyPair.GetInstance(seq[2]);
+ m_rspInfo = Asn1OctetString.GetInstance(seq[3]);
}
}
}
- public static CertResponse GetInstance(object obj)
- {
- if (obj is CertResponse)
- return (CertResponse)obj;
-
- if (obj is Asn1Sequence)
- return new CertResponse((Asn1Sequence)obj);
-
- throw new ArgumentException("Invalid object: " + Platform.GetTypeName(obj), "obj");
- }
-
- public CertResponse(
- DerInteger certReqId,
- PkiStatusInfo status)
+ public CertResponse(DerInteger certReqId, PkiStatusInfo status)
: this(certReqId, status, null, null)
{
}
- public CertResponse(
- DerInteger certReqId,
- PkiStatusInfo status,
- CertifiedKeyPair certifiedKeyPair,
- Asn1OctetString rspInfo)
- {
- if (certReqId == null)
- throw new ArgumentNullException("certReqId");
+ public CertResponse(DerInteger certReqId, PkiStatusInfo status, CertifiedKeyPair certifiedKeyPair,
+ Asn1OctetString rspInfo)
+ {
+ if (certReqId == null)
+ throw new ArgumentNullException(nameof(certReqId));
if (status == null)
- throw new ArgumentNullException("status");
+ throw new ArgumentNullException(nameof(status));
- this.certReqId = certReqId;
- this.status = status;
- this.certifiedKeyPair = certifiedKeyPair;
- this.rspInfo = rspInfo;
+ m_certReqId = certReqId;
+ m_status = status;
+ m_certifiedKeyPair = certifiedKeyPair;
+ m_rspInfo = rspInfo;
}
- public virtual DerInteger CertReqID
- {
- get { return certReqId; }
- }
+ public virtual DerInteger CertReqID => m_certReqId;
- public virtual PkiStatusInfo Status
- {
- get { return status; }
- }
+ public virtual PkiStatusInfo Status => m_status;
- public virtual CertifiedKeyPair CertifiedKeyPair
- {
- get { return certifiedKeyPair; }
- }
+ public virtual CertifiedKeyPair CertifiedKeyPair => m_certifiedKeyPair;
/**
* <pre>
@@ -108,8 +92,8 @@ namespace Org.BouncyCastle.Asn1.Cmp
*/
public override Asn1Object ToAsn1Object()
{
- Asn1EncodableVector v = new Asn1EncodableVector(certReqId, status);
- v.AddOptional(certifiedKeyPair, rspInfo);
+ Asn1EncodableVector v = new Asn1EncodableVector(m_certReqId, m_status);
+ v.AddOptional(m_certifiedKeyPair, m_rspInfo);
return new DerSequence(v);
}
}
diff --git a/crypto/src/asn1/cmp/CertStatus.cs b/crypto/src/asn1/cmp/CertStatus.cs
index d437b57b2..6eb36c6fb 100644
--- a/crypto/src/asn1/cmp/CertStatus.cs
+++ b/crypto/src/asn1/cmp/CertStatus.cs
@@ -1,84 +1,102 @@
using System;
+using Org.BouncyCastle.Asn1.X509;
using Org.BouncyCastle.Math;
-using Org.BouncyCastle.Utilities;
namespace Org.BouncyCastle.Asn1.Cmp
{
public class CertStatus
: Asn1Encodable
{
- private readonly Asn1OctetString certHash;
- private readonly DerInteger certReqId;
- private readonly PkiStatusInfo statusInfo;
+ public static CertStatus GetInstance(object obj)
+ {
+ if (obj is CertStatus certStatus)
+ return certStatus;
- private CertStatus(Asn1Sequence seq)
+ if (obj != null)
+ return new CertStatus(Asn1Sequence.GetInstance(obj));
+
+ return null;
+ }
+
+ private readonly Asn1OctetString m_certHash;
+ private readonly DerInteger m_certReqID;
+ private readonly PkiStatusInfo m_statusInfo;
+ private readonly AlgorithmIdentifier m_hashAlg;
+
+ private CertStatus(Asn1Sequence seq)
{
- certHash = Asn1OctetString.GetInstance(seq[0]);
- certReqId = DerInteger.GetInstance(seq[1]);
+ m_certHash = Asn1OctetString.GetInstance(seq[0]);
+ m_certReqID = DerInteger.GetInstance(seq[1]);
if (seq.Count > 2)
{
- statusInfo = PkiStatusInfo.GetInstance(seq[2]);
+ for (int t = 2; t < seq.Count; t++)
+ {
+ Asn1Object p = seq[t].ToAsn1Object();
+ if (p is Asn1Sequence s)
+ {
+ m_statusInfo = PkiStatusInfo.GetInstance(s);
+ }
+ if (p is Asn1TaggedObject dto)
+ {
+ if (dto.TagNo != 0)
+ throw new ArgumentException("unknown tag " + dto.TagNo);
+
+ m_hashAlg = AlgorithmIdentifier.GetInstance(dto, true);
+ }
+ }
}
}
- public CertStatus(byte[] certHash, BigInteger certReqId)
+ public CertStatus(byte[] certHash, BigInteger certReqID)
{
- this.certHash = new DerOctetString(certHash);
- this.certReqId = new DerInteger(certReqId);
+ m_certHash = new DerOctetString(certHash);
+ m_certReqID = new DerInteger(certReqID);
}
- public CertStatus(byte[] certHash, BigInteger certReqId, PkiStatusInfo statusInfo)
+ public CertStatus(byte[] certHash, BigInteger certReqID, PkiStatusInfo statusInfo)
{
- this.certHash = new DerOctetString(certHash);
- this.certReqId = new DerInteger(certReqId);
- this.statusInfo = statusInfo;
+ m_certHash = new DerOctetString(certHash);
+ m_certReqID = new DerInteger(certReqID);
+ m_statusInfo = statusInfo;
}
- public static CertStatus GetInstance(object obj)
- {
- if (obj is CertStatus)
- return (CertStatus)obj;
+ public CertStatus(byte[] certHash, BigInteger certReqID, PkiStatusInfo statusInfo, AlgorithmIdentifier hashAlg)
+ {
+ m_certHash = new DerOctetString(certHash);
+ m_certReqID = new DerInteger(certReqID);
+ m_statusInfo = statusInfo;
+ m_hashAlg = hashAlg;
+ }
- if (obj is Asn1Sequence)
- return new CertStatus((Asn1Sequence)obj);
+ public virtual Asn1OctetString CertHash => m_certHash;
- throw new ArgumentException("Invalid object: " + Platform.GetTypeName(obj), "obj");
- }
+ public virtual DerInteger CertReqID => m_certReqID;
- public virtual Asn1OctetString CertHash
- {
- get { return certHash; }
- }
-
- public virtual DerInteger CertReqID
- {
- get { return certReqId; }
- }
+ public virtual PkiStatusInfo StatusInfo => m_statusInfo;
- public virtual PkiStatusInfo StatusInfo
- {
- get { return statusInfo; }
- }
+ public virtual AlgorithmIdentifier HashAlg => m_hashAlg;
- /**
- * <pre>
- * CertStatus ::= SEQUENCE {
- * certHash OCTET STRING,
- * -- the hash of the certificate, using the same hash algorithm
- * -- as is used to create and verify the certificate signature
- * certReqId INTEGER,
- * -- to match this confirmation with the corresponding req/rep
- * statusInfo PKIStatusInfo OPTIONAL
- * }
- * </pre>
- * @return a basic ASN.1 object representation.
- */
- public override Asn1Object ToAsn1Object()
+ /**
+ * <pre>
+ *
+ * CertStatus ::= SEQUENCE {
+ * certHash OCTET STRING,
+ * certReqId INTEGER,
+ * statusInfo PKIStatusInfo OPTIONAL,
+ * hashAlg [0] AlgorithmIdentifier{DIGEST-ALGORITHM, {...}} OPTIONAL
+ * }
+ *
+ * </pre>
+ *
+ * @return a basic ASN.1 object representation.
+ */
+ public override Asn1Object ToAsn1Object()
{
- Asn1EncodableVector v = new Asn1EncodableVector(certHash, certReqId);
- v.AddOptional(statusInfo);
+ Asn1EncodableVector v = new Asn1EncodableVector(m_certHash, m_certReqID);
+ v.AddOptional(m_statusInfo);
+ v.AddOptionalTagged(true, 0, m_hashAlg);
return new DerSequence(v);
}
}
diff --git a/crypto/src/asn1/cmp/CertifiedKeyPair.cs b/crypto/src/asn1/cmp/CertifiedKeyPair.cs
index 0b1c5d44d..a40a2730a 100644
--- a/crypto/src/asn1/cmp/CertifiedKeyPair.cs
+++ b/crypto/src/asn1/cmp/CertifiedKeyPair.cs
@@ -1,20 +1,30 @@
using System;
using Org.BouncyCastle.Asn1.Crmf;
-using Org.BouncyCastle.Utilities;
namespace Org.BouncyCastle.Asn1.Cmp
{
public class CertifiedKeyPair
: Asn1Encodable
{
- private readonly CertOrEncCert certOrEncCert;
- private readonly EncryptedValue privateKey;
- private readonly PkiPublicationInfo publicationInfo;
+ public static CertifiedKeyPair GetInstance(object obj)
+ {
+ if (obj is CertifiedKeyPair certifiedKeyPair)
+ return certifiedKeyPair;
- private CertifiedKeyPair(Asn1Sequence seq)
+ if (obj != null)
+ return new CertifiedKeyPair(Asn1Sequence.GetInstance(obj));
+
+ return null;
+ }
+
+ private readonly CertOrEncCert m_certOrEncCert;
+ private readonly EncryptedKey m_privateKey;
+ private readonly PkiPublicationInfo m_publicationInfo;
+
+ private CertifiedKeyPair(Asn1Sequence seq)
{
- certOrEncCert = CertOrEncCert.GetInstance(seq[0]);
+ m_certOrEncCert = CertOrEncCert.GetInstance(seq[0]);
if (seq.Count >= 2)
{
@@ -23,66 +33,48 @@ namespace Org.BouncyCastle.Asn1.Cmp
Asn1TaggedObject tagged = Asn1TaggedObject.GetInstance(seq[1]);
if (tagged.TagNo == 0)
{
- privateKey = EncryptedValue.GetInstance(tagged.GetObject());
+ m_privateKey = EncryptedKey.GetInstance(tagged.GetObject());
}
else
{
- publicationInfo = PkiPublicationInfo.GetInstance(tagged.GetObject());
+ m_publicationInfo = PkiPublicationInfo.GetInstance(tagged.GetObject());
}
}
else
{
- privateKey = EncryptedValue.GetInstance(Asn1TaggedObject.GetInstance(seq[1]));
- publicationInfo = PkiPublicationInfo.GetInstance(Asn1TaggedObject.GetInstance(seq[2]));
+ m_privateKey = EncryptedKey.GetInstance(Asn1TaggedObject.GetInstance(seq[1]));
+ m_publicationInfo = PkiPublicationInfo.GetInstance(Asn1TaggedObject.GetInstance(seq[2]));
}
}
}
- public static CertifiedKeyPair GetInstance(object obj)
+ public CertifiedKeyPair(CertOrEncCert certOrEncCert)
+ : this(certOrEncCert, (EncryptedKey)null, null)
{
- if (obj is CertifiedKeyPair)
- return (CertifiedKeyPair)obj;
-
- if (obj is Asn1Sequence)
- return new CertifiedKeyPair((Asn1Sequence)obj);
-
- throw new ArgumentException("Invalid object: " + Platform.GetTypeName(obj), "obj");
}
- public CertifiedKeyPair(
- CertOrEncCert certOrEncCert)
- : this(certOrEncCert, null, null)
- {
- }
+ public CertifiedKeyPair(CertOrEncCert certOrEncCert, EncryptedValue privateKey,
+ PkiPublicationInfo publicationInfo)
+ : this(certOrEncCert, privateKey == null ? null : new EncryptedKey(privateKey), publicationInfo)
+ {
+ }
- public CertifiedKeyPair(
- CertOrEncCert certOrEncCert,
- EncryptedValue privateKey,
- PkiPublicationInfo publicationInfo
- )
- {
+ public CertifiedKeyPair(CertOrEncCert certOrEncCert, EncryptedKey privateKey,
+ PkiPublicationInfo publicationInfo)
+ {
if (certOrEncCert == null)
- throw new ArgumentNullException("certOrEncCert");
+ throw new ArgumentNullException(nameof(certOrEncCert));
- this.certOrEncCert = certOrEncCert;
- this.privateKey = privateKey;
- this.publicationInfo = publicationInfo;
- }
+ m_certOrEncCert = certOrEncCert;
+ m_privateKey = privateKey;
+ m_publicationInfo = publicationInfo;
+ }
- public virtual CertOrEncCert CertOrEncCert
- {
- get { return certOrEncCert; }
- }
+ public virtual CertOrEncCert CertOrEncCert => m_certOrEncCert;
- public virtual EncryptedValue PrivateKey
- {
- get { return privateKey; }
- }
+ public virtual EncryptedKey PrivateKey => m_privateKey;
- public virtual PkiPublicationInfo PublicationInfo
- {
- get { return publicationInfo; }
- }
+ public virtual PkiPublicationInfo PublicationInfo => m_publicationInfo;
/**
* <pre>
@@ -97,9 +89,9 @@ namespace Org.BouncyCastle.Asn1.Cmp
*/
public override Asn1Object ToAsn1Object()
{
- Asn1EncodableVector v = new Asn1EncodableVector(certOrEncCert);
- v.AddOptionalTagged(true, 0, privateKey);
- v.AddOptionalTagged(true, 1, publicationInfo);
+ Asn1EncodableVector v = new Asn1EncodableVector(m_certOrEncCert);
+ v.AddOptionalTagged(true, 0, m_privateKey);
+ v.AddOptionalTagged(true, 1, m_publicationInfo);
return new DerSequence(v);
}
}
diff --git a/crypto/src/asn1/cmp/Challenge.cs b/crypto/src/asn1/cmp/Challenge.cs
index 016c082e2..ca3d06339 100644
--- a/crypto/src/asn1/cmp/Challenge.cs
+++ b/crypto/src/asn1/cmp/Challenge.cs
@@ -1,16 +1,52 @@
using System;
using Org.BouncyCastle.Asn1.X509;
-using Org.BouncyCastle.Utilities;
namespace Org.BouncyCastle.Asn1.Cmp
{
- public class Challenge
+ /**
+ * <pre>
+ * Challenge ::= SEQUENCE {
+ * owf AlgorithmIdentifier OPTIONAL,
+ *
+ * -- MUST be present in the first Challenge; MAY be omitted in
+ * -- any subsequent Challenge in POPODecKeyChallContent (if
+ * -- omitted, then the owf used in the immediately preceding
+ * -- Challenge is to be used).
+ *
+ * witness OCTET STRING,
+ * -- the result of applying the one-way function (owf) to a
+ * -- randomly-generated INTEGER, A. [Note that a different
+ * -- INTEGER MUST be used for each Challenge.]
+ * challenge OCTET STRING
+ * -- the encryption (under the public key for which the cert.
+ * -- request is being made) of Rand, where Rand is specified as
+ * -- Rand ::= SEQUENCE {
+ * -- int INTEGER,
+ * -- - the randomly-generated INTEGER A (above)
+ * -- sender GeneralName
+ * -- - the sender's name (as included in PKIHeader)
+ * -- }
+ * }
+ * </pre>
+ */
+ public class Challenge
: Asn1Encodable
{
- private readonly AlgorithmIdentifier owf;
- private readonly Asn1OctetString witness;
- private readonly Asn1OctetString challenge;
+ public static Challenge GetInstance(object obj)
+ {
+ if (obj is Challenge challenge)
+ return challenge;
+
+ if (obj != null)
+ return new Challenge(Asn1Sequence.GetInstance(obj));
+
+ return null;
+ }
+
+ private readonly AlgorithmIdentifier m_owf;
+ private readonly Asn1OctetString m_witness;
+ private readonly Asn1OctetString m_challenge;
private Challenge(Asn1Sequence seq)
{
@@ -18,30 +54,32 @@ namespace Org.BouncyCastle.Asn1.Cmp
if (seq.Count == 3)
{
- owf = AlgorithmIdentifier.GetInstance(seq[index++]);
+ m_owf = AlgorithmIdentifier.GetInstance(seq[index++]);
}
- witness = Asn1OctetString.GetInstance(seq[index++]);
- challenge = Asn1OctetString.GetInstance(seq[index]);
+ m_witness = Asn1OctetString.GetInstance(seq[index++]);
+ m_challenge = Asn1OctetString.GetInstance(seq[index]);
}
- public static Challenge GetInstance(object obj)
- {
- if (obj is Challenge)
- return (Challenge)obj;
+ public Challenge(byte[] witness, byte[] challenge)
+ : this(null, witness, challenge)
+ {
+ }
- if (obj is Asn1Sequence)
- return new Challenge((Asn1Sequence)obj);
+ public Challenge(AlgorithmIdentifier owf, byte[] witness, byte[] challenge)
+ {
+ m_owf = owf;
+ m_witness = new DerOctetString(witness);
+ m_challenge = new DerOctetString(challenge);
+ }
- throw new ArgumentException("Invalid object: " + Platform.GetTypeName(obj), "obj");
- }
+ public virtual AlgorithmIdentifier Owf => m_owf;
- public virtual AlgorithmIdentifier Owf
- {
- get { return owf; }
- }
+ public virtual Asn1OctetString Witness => m_witness;
+
+ public virtual Asn1OctetString ChallengeValue => m_challenge;
- /**
+ /**
* <pre>
* Challenge ::= SEQUENCE {
* owf AlgorithmIdentifier OPTIONAL,
@@ -68,12 +106,57 @@ namespace Org.BouncyCastle.Asn1.Cmp
* </pre>
* @return a basic ASN.1 object representation.
*/
- public override Asn1Object ToAsn1Object()
+ public override Asn1Object ToAsn1Object()
{
Asn1EncodableVector v = new Asn1EncodableVector();
- v.AddOptional(owf);
- v.Add(witness, challenge);
+ v.AddOptional(m_owf);
+ v.Add(m_witness, m_challenge);
return new DerSequence(v);
}
+
+ /**
+ * Rand is the inner type
+ */
+ public class Rand
+ : Asn1Encodable
+ {
+ public static Rand GetInstance(object obj)
+ {
+ if (obj is Rand rand)
+ return rand;
+
+ if (obj != null)
+ return new Rand(Asn1Sequence.GetInstance(obj));
+
+ return null;
+ }
+
+ private readonly DerInteger m_intVal;
+ private readonly GeneralName m_sender;
+
+ public Rand(DerInteger intVal, GeneralName sender)
+ {
+ m_intVal = intVal;
+ m_sender = sender;
+ }
+
+ public Rand(Asn1Sequence seq)
+ {
+ if (seq.Count != 2)
+ throw new ArgumentException("expected sequence size of 2");
+
+ m_intVal = DerInteger.GetInstance(seq[0]);
+ m_sender = GeneralName.GetInstance(seq[1]);
+ }
+
+ public virtual DerInteger IntVal => m_intVal;
+
+ public virtual GeneralName Sender => m_sender;
+
+ public override Asn1Object ToAsn1Object()
+ {
+ return new DerSequence(m_intVal, m_sender);
+ }
+ }
}
}
diff --git a/crypto/src/asn1/cmp/CmpCertificate.cs b/crypto/src/asn1/cmp/CmpCertificate.cs
index 33356b486..af433ec4d 100644
--- a/crypto/src/asn1/cmp/CmpCertificate.cs
+++ b/crypto/src/asn1/cmp/CmpCertificate.cs
@@ -1,4 +1,5 @@
using System;
+using System.IO;
using Org.BouncyCastle.Asn1.X509;
using Org.BouncyCastle.Utilities;
@@ -8,54 +9,84 @@ namespace Org.BouncyCastle.Asn1.Cmp
public class CmpCertificate
: Asn1Encodable, IAsn1Choice
{
- private readonly X509CertificateStructure x509v3PKCert;
- private readonly AttributeCertificate x509v2AttrCert;
-
- /**
- * Note: the addition of attribute certificates is a BC extension.
- */
- public CmpCertificate(AttributeCertificate x509v2AttrCert)
+ public static CmpCertificate GetInstance(object obj)
{
- this.x509v2AttrCert = x509v2AttrCert;
- }
+ // TODO[cmp] Review this whole metho
- public CmpCertificate(X509CertificateStructure x509v3PKCert)
- {
- if (x509v3PKCert.Version != 3)
- throw new ArgumentException("only version 3 certificates allowed", "x509v3PKCert");
+ if (obj == null)
+ return null;
- this.x509v3PKCert = x509v3PKCert;
- }
+ if (obj is CmpCertificate cmpCertificate)
+ return cmpCertificate;
- public static CmpCertificate GetInstance(object obj)
- {
- if (obj is CmpCertificate)
- return (CmpCertificate)obj;
+ if (obj is byte[] bs)
+ {
+ try
+ {
+ obj = Asn1Object.FromByteArray(bs);
+ }
+ catch (IOException)
+ {
+ throw new ArgumentException("Invalid encoding in CmpCertificate");
+ }
+ }
if (obj is Asn1Sequence)
return new CmpCertificate(X509CertificateStructure.GetInstance(obj));
- if (obj is Asn1TaggedObject)
- return new CmpCertificate(AttributeCertificate.GetInstance(((Asn1TaggedObject)obj).GetObject()));
+ if (obj is Asn1TaggedObject taggedObject)
+ return new CmpCertificate(taggedObject.TagNo, taggedObject.GetObject());
- throw new ArgumentException("Invalid object: " + Platform.GetTypeName(obj), "obj");
+ throw new ArgumentException("Invalid object: " + Platform.GetTypeName(obj), nameof(obj));
}
- public virtual bool IsX509v3PKCert
+ public static CmpCertificate GetInstance(Asn1TaggedObject taggedObject, bool declaredExplicit)
{
- get { return x509v3PKCert != null; }
+ // TODO[cmp]
+ if (taggedObject == null)
+ return null;
+
+ if (!declaredExplicit)
+ throw new ArgumentException("tag must be explicit");
+
+ // TODO[cmp]
+ return GetInstance(taggedObject.GetObject());
}
- public virtual X509CertificateStructure X509v3PKCert
+ private readonly X509CertificateStructure m_x509v3PKCert;
+
+ private readonly int m_otherTagValue;
+ private readonly Asn1Encodable m_otherCert;
+
+ /**
+ * Note: the addition of other certificates is a BC extension. If you use this constructor they
+ * will be added with an explicit tag value of type.
+ *
+ * @param type the type of the certificate (used as a tag value).
+ * @param otherCert the object representing the certificate
+ */
+ public CmpCertificate(int type, Asn1Encodable otherCert)
{
- get { return x509v3PKCert; }
+ m_otherTagValue = type;
+ m_otherCert = otherCert;
}
- public virtual AttributeCertificate X509v2AttrCert
+ public CmpCertificate(X509CertificateStructure x509v3PKCert)
{
- get { return x509v2AttrCert; }
+ if (x509v3PKCert.Version != 3)
+ throw new ArgumentException("only version 3 certificates allowed", nameof(x509v3PKCert));
+
+ m_x509v3PKCert = x509v3PKCert;
}
+ public virtual bool IsX509v3PKCert => m_x509v3PKCert != null;
+
+ public virtual X509CertificateStructure X509v3PKCert => m_x509v3PKCert;
+
+ public virtual int OtherCertTag => m_otherTagValue;
+
+ public virtual Asn1Encodable OtherCert => m_otherCert;
+
/**
* <pre>
* CMPCertificate ::= CHOICE {
@@ -69,13 +100,13 @@ namespace Org.BouncyCastle.Asn1.Cmp
*/
public override Asn1Object ToAsn1Object()
{
- if (x509v2AttrCert != null)
+ if (m_otherCert != null)
{
// explicit following CMP conventions
- return new DerTaggedObject(true, 1, x509v2AttrCert);
+ return new DerTaggedObject(true, m_otherTagValue, m_otherCert);
}
- return x509v3PKCert.ToAsn1Object();
+ return m_x509v3PKCert.ToAsn1Object();
}
}
}
diff --git a/crypto/src/asn1/cmp/CmpObjectIdentifiers.cs b/crypto/src/asn1/cmp/CmpObjectIdentifiers.cs
index 7e8274175..fa83841a4 100644
--- a/crypto/src/asn1/cmp/CmpObjectIdentifiers.cs
+++ b/crypto/src/asn1/cmp/CmpObjectIdentifiers.cs
@@ -2,105 +2,256 @@ using System;
namespace Org.BouncyCastle.Asn1.Cmp
{
- public abstract class CmpObjectIdentifiers
+ public static class CmpObjectIdentifiers
{
- // RFC 4210
-
- // id-PasswordBasedMac OBJECT IDENTIFIER ::= {1 2 840 113533 7 66 13}
- public static readonly DerObjectIdentifier passwordBasedMac = new DerObjectIdentifier("1.2.840.113533.7.66.13");
-
- // id-DHBasedMac OBJECT IDENTIFIER ::= {1 2 840 113533 7 66 30}
- public static readonly DerObjectIdentifier dhBasedMac = new DerObjectIdentifier("1.2.840.113533.7.66.30");
-
- // Example InfoTypeAndValue contents include, but are not limited
- // to, the following (un-comment in this ASN.1 module and use as
- // appropriate for a given environment):
- //
- // id-it-caProtEncCert OBJECT IDENTIFIER ::= {id-it 1}
- // CAProtEncCertValue ::= CMPCertificate
- // id-it-signKeyPairTypes OBJECT IDENTIFIER ::= {id-it 2}
- // SignKeyPairTypesValue ::= SEQUENCE OF AlgorithmIdentifier
- // id-it-encKeyPairTypes OBJECT IDENTIFIER ::= {id-it 3}
- // EncKeyPairTypesValue ::= SEQUENCE OF AlgorithmIdentifier
- // id-it-preferredSymmAlg OBJECT IDENTIFIER ::= {id-it 4}
- // PreferredSymmAlgValue ::= AlgorithmIdentifier
- // id-it-caKeyUpdateInfo OBJECT IDENTIFIER ::= {id-it 5}
- // CAKeyUpdateInfoValue ::= CAKeyUpdAnnContent
- // id-it-currentCRL OBJECT IDENTIFIER ::= {id-it 6}
- // CurrentCRLValue ::= CertificateList
- // id-it-unsupportedOIDs OBJECT IDENTIFIER ::= {id-it 7}
- // UnsupportedOIDsValue ::= SEQUENCE OF OBJECT IDENTIFIER
- // id-it-keyPairParamReq OBJECT IDENTIFIER ::= {id-it 10}
- // KeyPairParamReqValue ::= OBJECT IDENTIFIER
- // id-it-keyPairParamRep OBJECT IDENTIFIER ::= {id-it 11}
- // KeyPairParamRepValue ::= AlgorithmIdentifer
- // id-it-revPassphrase OBJECT IDENTIFIER ::= {id-it 12}
- // RevPassphraseValue ::= EncryptedValue
- // id-it-implicitConfirm OBJECT IDENTIFIER ::= {id-it 13}
- // ImplicitConfirmValue ::= NULL
- // id-it-confirmWaitTime OBJECT IDENTIFIER ::= {id-it 14}
- // ConfirmWaitTimeValue ::= GeneralizedTime
- // id-it-origPKIMessage OBJECT IDENTIFIER ::= {id-it 15}
- // OrigPKIMessageValue ::= PKIMessages
- // id-it-suppLangTags OBJECT IDENTIFIER ::= {id-it 16}
- // SuppLangTagsValue ::= SEQUENCE OF UTF8String
- //
- // where
- //
- // id-pkix OBJECT IDENTIFIER ::= {
- // iso(1) identified-organization(3)
- // dod(6) internet(1) security(5) mechanisms(5) pkix(7)}
- // and
- // id-it OBJECT IDENTIFIER ::= {id-pkix 4}
- public static readonly DerObjectIdentifier it_caProtEncCert = new DerObjectIdentifier("1.3.6.1.5.5.7.4.1");
- public static readonly DerObjectIdentifier it_signKeyPairTypes = new DerObjectIdentifier("1.3.6.1.5.5.7.4.2");
- public static readonly DerObjectIdentifier it_encKeyPairTypes = new DerObjectIdentifier("1.3.6.1.5.5.7.4.3");
- public static readonly DerObjectIdentifier it_preferredSymAlg = new DerObjectIdentifier("1.3.6.1.5.5.7.4.4");
- public static readonly DerObjectIdentifier it_caKeyUpdateInfo = new DerObjectIdentifier("1.3.6.1.5.5.7.4.5");
- public static readonly DerObjectIdentifier it_currentCRL = new DerObjectIdentifier("1.3.6.1.5.5.7.4.6");
- public static readonly DerObjectIdentifier it_unsupportedOIDs = new DerObjectIdentifier("1.3.6.1.5.5.7.4.7");
- public static readonly DerObjectIdentifier it_keyPairParamReq = new DerObjectIdentifier("1.3.6.1.5.5.7.4.10");
- public static readonly DerObjectIdentifier it_keyPairParamRep = new DerObjectIdentifier("1.3.6.1.5.5.7.4.11");
- public static readonly DerObjectIdentifier it_revPassphrase = new DerObjectIdentifier("1.3.6.1.5.5.7.4.12");
- public static readonly DerObjectIdentifier it_implicitConfirm = new DerObjectIdentifier("1.3.6.1.5.5.7.4.13");
- public static readonly DerObjectIdentifier it_confirmWaitTime = new DerObjectIdentifier("1.3.6.1.5.5.7.4.14");
- public static readonly DerObjectIdentifier it_origPKIMessage = new DerObjectIdentifier("1.3.6.1.5.5.7.4.15");
- public static readonly DerObjectIdentifier it_suppLangTags = new DerObjectIdentifier("1.3.6.1.5.5.7.4.16");
-
- // RFC 4211
-
- // id-pkix OBJECT IDENTIFIER ::= { iso(1) identified-organization(3)
- // dod(6) internet(1) security(5) mechanisms(5) pkix(7) }
- //
- // arc for Internet X.509 PKI protocols and their components
- // id-pkip OBJECT IDENTIFIER :: { id-pkix pkip(5) }
- //
- // arc for Registration Controls in CRMF
- // id-regCtrl OBJECT IDENTIFIER ::= { id-pkip regCtrl(1) }
- //
- // arc for Registration Info in CRMF
- // id-regInfo OBJECT IDENTIFIER ::= { id-pkip id-regInfo(2) }
-
- public static readonly DerObjectIdentifier regCtrl_regToken = new DerObjectIdentifier("1.3.6.1.5.5.7.5.1.1");
- public static readonly DerObjectIdentifier regCtrl_authenticator = new DerObjectIdentifier("1.3.6.1.5.5.7.5.1.2");
- public static readonly DerObjectIdentifier regCtrl_pkiPublicationInfo = new DerObjectIdentifier("1.3.6.1.5.5.7.5.1.3");
- public static readonly DerObjectIdentifier regCtrl_pkiArchiveOptions = new DerObjectIdentifier("1.3.6.1.5.5.7.5.1.4");
- public static readonly DerObjectIdentifier regCtrl_oldCertID = new DerObjectIdentifier("1.3.6.1.5.5.7.5.1.5");
- public static readonly DerObjectIdentifier regCtrl_protocolEncrKey = new DerObjectIdentifier("1.3.6.1.5.5.7.5.1.6");
-
- // From RFC4210:
- // id-regCtrl-altCertTemplate OBJECT IDENTIFIER ::= {id-regCtrl 7}
- public static readonly DerObjectIdentifier regCtrl_altCertTemplate = new DerObjectIdentifier("1.3.6.1.5.5.7.5.1.7");
-
- public static readonly DerObjectIdentifier regInfo_utf8Pairs = new DerObjectIdentifier("1.3.6.1.5.5.7.5.2.1");
- public static readonly DerObjectIdentifier regInfo_certReq = new DerObjectIdentifier("1.3.6.1.5.5.7.5.2.2");
-
- // id-smime OBJECT IDENTIFIER ::= { iso(1) member-body(2)
- // us(840) rsadsi(113549) pkcs(1) pkcs9(9) 16 }
- //
- // id-ct OBJECT IDENTIFIER ::= { id-smime 1 } -- content types
- //
- // id-ct-encKeyWithID OBJECT IDENTIFIER ::= {id-ct 21}
- public static readonly DerObjectIdentifier ct_encKeyWithID = new DerObjectIdentifier("1.2.840.113549.1.9.16.1.21");
+ // RFC 4210
+
+ /**
+ * id-PasswordBasedMac OBJECT IDENTIFIER ::= {1 2 840 113533 7 66 13}
+ */
+ public static readonly DerObjectIdentifier passwordBasedMac = new DerObjectIdentifier("1.2.840.113533.7.66.13");
+
+ /**
+ * id-DHBasedMac OBJECT IDENTIFIER ::= {1 2 840 113533 7 66 30}
+ */
+ public static readonly DerObjectIdentifier dhBasedMac = new DerObjectIdentifier("1.2.840.113533.7.66.30");
+
+ // Example InfoTypeAndValue contents include, but are not limited
+ // to, the following (un-comment in this ASN.1 module and use as
+ // appropriate for a given environment):
+ //
+ // id-it-caProtEncCert OBJECT IDENTIFIER ::= {id-it 1}
+ // CAProtEncCertValue ::= CMPCertificate
+ // id-it-signKeyPairTypes OBJECT IDENTIFIER ::= {id-it 2}
+ // SignKeyPairTypesValue ::= SEQUENCE OF AlgorithmIdentifier
+ // id-it-encKeyPairTypes OBJECT IDENTIFIER ::= {id-it 3}
+ // EncKeyPairTypesValue ::= SEQUENCE OF AlgorithmIdentifier
+ // id-it-preferredSymmAlg OBJECT IDENTIFIER ::= {id-it 4}
+ // PreferredSymmAlgValue ::= AlgorithmIdentifier
+ // id-it-caKeyUpdateInfo OBJECT IDENTIFIER ::= {id-it 5}
+ // CAKeyUpdateInfoValue ::= CAKeyUpdAnnContent
+ // id-it-currentCRL OBJECT IDENTIFIER ::= {id-it 6}
+ // CurrentCRLValue ::= CertificateList
+ // id-it-unsupportedOIDs OBJECT IDENTIFIER ::= {id-it 7}
+ // UnsupportedOIDsValue ::= SEQUENCE OF OBJECT IDENTIFIER
+ // id-it-keyPairParamReq OBJECT IDENTIFIER ::= {id-it 10}
+ // KeyPairParamReqValue ::= OBJECT IDENTIFIER
+ // id-it-keyPairParamRep OBJECT IDENTIFIER ::= {id-it 11}
+ // KeyPairParamRepValue ::= AlgorithmIdentifer
+ // id-it-revPassphrase OBJECT IDENTIFIER ::= {id-it 12}
+ // RevPassphraseValue ::= EncryptedValue
+ // id-it-implicitConfirm OBJECT IDENTIFIER ::= {id-it 13}
+ // ImplicitConfirmValue ::= NULL
+ // id-it-confirmWaitTime OBJECT IDENTIFIER ::= {id-it 14}
+ // ConfirmWaitTimeValue ::= GeneralizedTime
+ // id-it-origPKIMessage OBJECT IDENTIFIER ::= {id-it 15}
+ // OrigPKIMessageValue ::= PKIMessages
+ // id-it-suppLangTags OBJECT IDENTIFIER ::= {id-it 16}
+ // SuppLangTagsValue ::= SEQUENCE OF UTF8String
+ // id-it-certProfile OBJECT IDENTIFIER ::= {id-it 21}
+ // CertProfileValue ::= SEQUENCE SIZE (1..MAX) OF UTF8String
+ // where
+ //
+ // id-pkix OBJECT IDENTIFIER ::= {
+ // iso(1) identified-organization(3)
+ // dod(6) internet(1) security(5) mechanisms(5) pkix(7)}
+ // and
+ // id-it OBJECT IDENTIFIER ::= {id-pkix 4}
+
+ /** RFC 4120: it-id: PKIX.4 = 1.3.6.1.5.5.7.4 */
+
+
+ /**
+ * RFC 4120: 1.3.6.1.5.5.7.4.1
+ */
+ public static readonly DerObjectIdentifier it_caProtEncCert = new DerObjectIdentifier("1.3.6.1.5.5.7.4.1");
+ /**
+ * RFC 4120: 1.3.6.1.5.5.7.4.2
+ */
+ public static readonly DerObjectIdentifier it_signKeyPairTypes = new DerObjectIdentifier("1.3.6.1.5.5.7.4.2");
+ /**
+ * RFC 4120: 1.3.6.1.5.5.7.4.3
+ */
+ public static readonly DerObjectIdentifier it_encKeyPairTypes = new DerObjectIdentifier("1.3.6.1.5.5.7.4.3");
+ /**
+ * RFC 4120: 1.3.6.1.5.5.7.4.4
+ */
+ public static readonly DerObjectIdentifier it_preferredSymAlg = new DerObjectIdentifier("1.3.6.1.5.5.7.4.4");
+ /**
+ * RFC 4120: 1.3.6.1.5.5.7.4.5
+ */
+ public static readonly DerObjectIdentifier it_caKeyUpdateInfo = new DerObjectIdentifier("1.3.6.1.5.5.7.4.5");
+ /**
+ * RFC 4120: 1.3.6.1.5.5.7.4.6
+ */
+ public static readonly DerObjectIdentifier it_currentCRL = new DerObjectIdentifier("1.3.6.1.5.5.7.4.6");
+ /**
+ * RFC 4120: 1.3.6.1.5.5.7.4.7
+ */
+ public static readonly DerObjectIdentifier it_unsupportedOIDs = new DerObjectIdentifier("1.3.6.1.5.5.7.4.7");
+ /**
+ * RFC 4120: 1.3.6.1.5.5.7.4.10
+ */
+ public static readonly DerObjectIdentifier it_keyPairParamReq = new DerObjectIdentifier("1.3.6.1.5.5.7.4.10");
+ /**
+ * RFC 4120: 1.3.6.1.5.5.7.4.11
+ */
+ public static readonly DerObjectIdentifier it_keyPairParamRep = new DerObjectIdentifier("1.3.6.1.5.5.7.4.11");
+ /**
+ * RFC 4120: 1.3.6.1.5.5.7.4.12
+ */
+ public static readonly DerObjectIdentifier it_revPassphrase = new DerObjectIdentifier("1.3.6.1.5.5.7.4.12");
+ /**
+ * RFC 4120: 1.3.6.1.5.5.7.4.13
+ */
+ public static readonly DerObjectIdentifier it_implicitConfirm = new DerObjectIdentifier("1.3.6.1.5.5.7.4.13");
+ /**
+ * RFC 4120: 1.3.6.1.5.5.7.4.14
+ */
+ public static readonly DerObjectIdentifier it_confirmWaitTime = new DerObjectIdentifier("1.3.6.1.5.5.7.4.14");
+ /**
+ * RFC 4120: 1.3.6.1.5.5.7.4.15
+ */
+ public static readonly DerObjectIdentifier it_origPKIMessage = new DerObjectIdentifier("1.3.6.1.5.5.7.4.15");
+ /**
+ * RFC 4120: 1.3.6.1.5.5.7.4.16
+ */
+ public static readonly DerObjectIdentifier it_suppLangTags = new DerObjectIdentifier("1.3.6.1.5.5.7.4.16");
+
+ /**
+ * Update 16, RFC 4210
+ * {id-it 17}
+ */
+ public static readonly DerObjectIdentifier id_it_caCerts = new DerObjectIdentifier("1.3.6.1.5.5.7.4.17");
+
+
+ /**
+ * Update 16, RFC 4210
+ * GenRep: {id-it 18}, RootCaKeyUpdateContent
+ */
+ public static readonly DerObjectIdentifier id_it_rootCaKeyUpdate = new DerObjectIdentifier("1.3.6.1.5.5.7.4.18");
+
+
+ /**
+ * Update 16, RFC 4210
+ * {id-it 19}
+ */
+ public static readonly DerObjectIdentifier id_it_certReqTemplate = new DerObjectIdentifier("1.3.6.1.5.5.7.4.19");
+
+
+ /**
+ * Update 16, RFC 4210
+ * GenMsg: {id-it 20}, RootCaCertValue
+ */
+ public static readonly DerObjectIdentifier id_it_rootCaCert = new DerObjectIdentifier("1.3.6.1.5.5.7.4.20");
+
+ /**
+ * Update-16 to RFC 4210
+ * id-it-certProfile OBJECT IDENTIFIER ::= {id-it 21}
+ */
+ public static readonly DerObjectIdentifier id_it_certProfile = new DerObjectIdentifier("1.3.6.1.5.5.7.4.21");
+
+ public static readonly DerObjectIdentifier id_it_crlStatusList = new DerObjectIdentifier("1.3.6.1.5.5.7.4.22");
+
+ public static readonly DerObjectIdentifier id_it_crls = new DerObjectIdentifier("1.3.6.1.5.5.7.4.23");
+
+ // Not yet formally defined.
+
+ //public static readonly DerObjectIdentifier id_it_crlStatusList = null;
+ //public static readonly DerObjectIdentifier id_it_crls = null;
+
+
+ // RFC 4211
+
+ // id-pkix OBJECT IDENTIFIER ::= { iso(1) identified-organization(3)
+ // dod(6) internet(1) security(5) mechanisms(5) pkix(7) }
+ //
+ // arc for Internet X.509 PKI protocols and their components
+ // id-pkip OBJECT IDENTIFIER :: { id-pkix pkip(5) }
+ //
+ // arc for Registration Controls in CRMF
+ // id-regCtrl OBJECT IDENTIFIER ::= { id-pkip regCtrl(1) }
+ //
+ // arc for Registration Info in CRMF
+ // id-regInfo OBJECT IDENTIFIER ::= { id-pkip id-regInfo(2) }
+
+ /**
+ * RFC 4211: it-pkip: PKIX.5 = 1.3.6.1.5.5.7.5
+ */
+ public static readonly DerObjectIdentifier id_pkip = new DerObjectIdentifier("1.3.6.1.5.5.7.5");
+
+ /**
+ * RFC 4211: it-regCtrl: 1.3.6.1.5.5.7.5.1
+ */
+ public static readonly DerObjectIdentifier id_regCtrl = new DerObjectIdentifier("1.3.6.1.5.5.7.5.1");
+ /**
+ * RFC 4211: it-regInfo: 1.3.6.1.5.5.7.5.2
+ */
+ public static readonly DerObjectIdentifier id_regInfo = new DerObjectIdentifier("1.3.6.1.5.5.7.5.2");
+
+
+ /**
+ * 1.3.6.1.5.5.7.5.1.1
+ */
+ public static readonly DerObjectIdentifier regCtrl_regToken = new DerObjectIdentifier("1.3.6.1.5.5.7.5.1.1");
+ /**
+ * 1.3.6.1.5.5.7.5.1.2
+ */
+ public static readonly DerObjectIdentifier regCtrl_authenticator = new DerObjectIdentifier("1.3.6.1.5.5.7.5.1.2");
+ /**
+ * 1.3.6.1.5.5.7.5.1.3
+ */
+ public static readonly DerObjectIdentifier regCtrl_pkiPublicationInfo = new DerObjectIdentifier("1.3.6.1.5.5.7.5.1.3");
+ /**
+ * 1.3.6.1.5.5.7.5.1.4
+ */
+ public static readonly DerObjectIdentifier regCtrl_pkiArchiveOptions = new DerObjectIdentifier("1.3.6.1.5.5.7.5.1.4");
+ /**
+ * 1.3.6.1.5.5.7.5.1.5
+ */
+ public static readonly DerObjectIdentifier regCtrl_oldCertID = new DerObjectIdentifier("1.3.6.1.5.5.7.5.1.5");
+ /**
+ * 1.3.6.1.5.5.7.5.1.6
+ */
+ public static readonly DerObjectIdentifier regCtrl_protocolEncrKey = new DerObjectIdentifier("1.3.6.1.5.5.7.5.1.6");
+
+ /**
+ * From RFC4210:
+ * id-regCtrl-altCertTemplate OBJECT IDENTIFIER ::= {id-regCtrl 7}; 1.3.6.1.5.5.7.1.7
+ */
+ public static readonly DerObjectIdentifier regCtrl_altCertTemplate = new DerObjectIdentifier("1.3.6.1.5.5.7.5.1.7");
+
+ /**
+ * RFC 4211: it-regInfo-utf8Pairs: 1.3.6.1.5.5.7.5.2.1
+ */
+ public static readonly DerObjectIdentifier regInfo_utf8Pairs = new DerObjectIdentifier("1.3.6.1.5.5.7.5.2.1");
+ /**
+ * RFC 4211: it-regInfo-certReq: 1.3.6.1.5.5.7.5.2.1
+ */
+ public static readonly DerObjectIdentifier regInfo_certReq = new DerObjectIdentifier("1.3.6.1.5.5.7.5.2.2");
+
+ /**
+ * 1.2.840.113549.1.9.16.1.21
+ * <p>
+ * id-ct OBJECT IDENTIFIER ::= { id-smime 1 } -- content types
+ * <p>
+ * id-ct-encKeyWithID OBJECT IDENTIFIER ::= {id-ct 21}
+ */
+ public static readonly DerObjectIdentifier ct_encKeyWithID = new DerObjectIdentifier("1.2.840.113549.1.9.16.1.21");
+
+
+ /**
+ * id-regCtrl-algId OBJECT IDENTIFIER ::= { iso(1)
+ * identified-organization(3) dod(6) internet(1) security(5)
+ * mechanisms(5) pkix(7) pkip(5) regCtrl(1) 11 }
+ */
+ public static readonly DerObjectIdentifier id_regCtrl_algId = id_pkip.Branch("1.11");
+
+ /**
+ * id-regCtrl-rsaKeyLen OBJECT IDENTIFIER ::= { iso(1)
+ * identified-organization(3) dod(6) internet(1) security(5)
+ * mechanisms(5) pkix(7) pkip(5) regCtrl(1) 12 }
+ */
+ public static readonly DerObjectIdentifier id_regCtrl_rsaKeyLen = id_pkip.Branch("1.12");
}
}
diff --git a/crypto/src/asn1/cmp/CrlAnnContent.cs b/crypto/src/asn1/cmp/CrlAnnContent.cs
index db8ecfa40..0da25cd0e 100644
--- a/crypto/src/asn1/cmp/CrlAnnContent.cs
+++ b/crypto/src/asn1/cmp/CrlAnnContent.cs
@@ -1,39 +1,36 @@
-using System;
-
using Org.BouncyCastle.Asn1.X509;
-using Org.BouncyCastle.Utilities;
namespace Org.BouncyCastle.Asn1.Cmp
{
public class CrlAnnContent
: Asn1Encodable
{
- private readonly Asn1Sequence content;
+ public static CrlAnnContent GetInstance(object obj)
+ {
+ if (obj is CrlAnnContent crlAnnContent)
+ return crlAnnContent;
- private CrlAnnContent(Asn1Sequence seq)
- {
- content = seq;
- }
+ if (obj != null)
+ return new CrlAnnContent(Asn1Sequence.GetInstance(obj));
- public static CrlAnnContent GetInstance(object obj)
- {
- if (obj is CrlAnnContent)
- return (CrlAnnContent)obj;
+ return null;
+ }
- if (obj is Asn1Sequence)
- return new CrlAnnContent((Asn1Sequence)obj);
+ private readonly Asn1Sequence m_content;
- throw new ArgumentException("Invalid object: " + Platform.GetTypeName(obj), "obj");
+ private CrlAnnContent(Asn1Sequence seq)
+ {
+ m_content = seq;
}
- public virtual CertificateList[] ToCertificateListArray()
+ public CrlAnnContent(CertificateList crl)
+ {
+ m_content = new DerSequence(crl);
+ }
+
+ public virtual CertificateList[] ToCertificateListArray()
{
- CertificateList[] result = new CertificateList[content.Count];
- for (int i = 0; i != result.Length; ++ i)
- {
- result[i] = CertificateList.GetInstance(content[i]);
- }
- return result;
+ return m_content.MapElements(CertificateList.GetInstance);
}
/**
@@ -44,7 +41,7 @@ namespace Org.BouncyCastle.Asn1.Cmp
*/
public override Asn1Object ToAsn1Object()
{
- return content;
+ return m_content;
}
}
}
diff --git a/crypto/src/asn1/cmp/CrlSource.cs b/crypto/src/asn1/cmp/CrlSource.cs
new file mode 100644
index 000000000..13aaa526a
--- /dev/null
+++ b/crypto/src/asn1/cmp/CrlSource.cs
@@ -0,0 +1,72 @@
+using System;
+
+using Org.BouncyCastle.Asn1.X509;
+
+namespace Org.BouncyCastle.Asn1.Cmp
+{
+ /**
+ * GenMsg: {id-it TBD1}, SEQUENCE SIZE (1..MAX) OF CRLStatus
+ * GenRep: {id-it TBD2}, SEQUENCE SIZE (1..MAX) OF
+ * CertificateList | < absent >
+ * <p>
+ * CRLSource ::= CHOICE {
+ * dpn [0] DistributionPointName,
+ * issuer [1] GeneralNames }
+ * <p>
+ */
+ public class CrlSource
+ : Asn1Encodable, IAsn1Choice
+ {
+ public static CrlSource GetInstance(object obj)
+ {
+ if (obj is CrlSource crlSource)
+ return crlSource;
+
+ if (obj != null)
+ return new CrlSource(Asn1TaggedObject.GetInstance(obj));
+
+ return null;
+ }
+
+ private readonly DistributionPointName m_dpn;
+ private readonly GeneralNames m_issuer;
+
+ private CrlSource(Asn1TaggedObject taggedObject)
+ {
+ switch (taggedObject.TagNo)
+ {
+ case 0:
+ m_dpn = DistributionPointName.GetInstance(taggedObject, true);
+ m_issuer = null;
+ break;
+ case 1:
+ m_dpn = null;
+ m_issuer = GeneralNames.GetInstance(taggedObject, true);
+ break;
+ default:
+ throw new ArgumentException("unknown tag: " + Asn1Utilities.GetTagText(taggedObject));
+ }
+ }
+
+ public CrlSource(DistributionPointName dpn, GeneralNames issuer)
+ {
+ if ((dpn == null) == (issuer == null))
+ throw new ArgumentException("either dpn or issuer must be set");
+
+ m_dpn = dpn;
+ m_issuer = issuer;
+ }
+
+ public virtual DistributionPointName Dpn => m_dpn;
+
+ public virtual GeneralNames Issuer => m_issuer;
+
+ public override Asn1Object ToAsn1Object()
+ {
+ if (m_dpn != null)
+ return new DerTaggedObject(true, 0, m_dpn);
+
+ return new DerTaggedObject(true, 1, m_issuer);
+ }
+ }
+}
diff --git a/crypto/src/asn1/cmp/CrlStatus.cs b/crypto/src/asn1/cmp/CrlStatus.cs
new file mode 100644
index 000000000..5bacbbbcc
--- /dev/null
+++ b/crypto/src/asn1/cmp/CrlStatus.cs
@@ -0,0 +1,61 @@
+using System;
+
+using Org.BouncyCastle.Asn1.X509;
+
+namespace Org.BouncyCastle.Asn1.Cmp
+{
+ /**
+ * CRLStatus ::= SEQUENCE {
+ * source CRLSource,
+ * thisUpdate Time OPTIONAL }
+ */
+ public class CrlStatus
+ : Asn1Encodable
+ {
+ public static CrlStatus GetInstance(object obj)
+ {
+ if (obj is CrlStatus crlStatus)
+ return crlStatus;
+
+ if (obj != null)
+ return new CrlStatus(Asn1Sequence.GetInstance(obj));
+
+ return null;
+ }
+
+ private readonly CrlSource m_source;
+ private readonly Time m_thisUpdate;
+
+ private CrlStatus(Asn1Sequence sequence)
+ {
+ int count = sequence.Count;
+ if (count < 1 || count > 2)
+ throw new ArgumentException("expected sequence size of 1 or 2, got " + count);
+
+ m_source = CrlSource.GetInstance(sequence[0]);
+
+ if (sequence.Count == 2)
+ {
+ m_thisUpdate = Time.GetInstance(sequence[1]);
+ }
+ }
+
+ public CrlStatus(CrlSource source, Time thisUpdate)
+ {
+ m_source = source;
+ m_thisUpdate = thisUpdate;
+ }
+
+ public virtual CrlSource Source => m_source;
+
+ public virtual Time ThisUpdate => m_thisUpdate;
+
+ public override Asn1Object ToAsn1Object()
+ {
+ if (m_thisUpdate == null)
+ return new DerSequence(m_source);
+
+ return new DerSequence(m_source, m_thisUpdate);
+ }
+ }
+}
diff --git a/crypto/src/asn1/cmp/DhbmParameter.cs b/crypto/src/asn1/cmp/DhbmParameter.cs
new file mode 100644
index 000000000..aaf71f70e
--- /dev/null
+++ b/crypto/src/asn1/cmp/DhbmParameter.cs
@@ -0,0 +1,56 @@
+using System;
+
+using Org.BouncyCastle.Asn1.X509;
+
+namespace Org.BouncyCastle.Asn1.Cmp
+{
+ /**
+ * DHBMParameter ::= SEQUENCE {
+ * owf AlgorithmIdentifier,
+ * -- AlgId for a One-Way Function (SHA-1 recommended)
+ * mac AlgorithmIdentifier
+ * -- the MAC AlgId (e.g., DES-MAC, Triple-DES-MAC [PKCS11],
+ * } -- or HMAC [RFC2104, RFC2202])
+ */
+ public class DhbmParameter
+ : Asn1Encodable
+ {
+ public static DhbmParameter GetInstance(object obj)
+ {
+ if (obj is DhbmParameter dhbmParameter)
+ return dhbmParameter;
+
+ if (obj != null)
+ return new DhbmParameter(Asn1Sequence.GetInstance(obj));
+
+ return null;
+ }
+
+ private readonly AlgorithmIdentifier m_owf;
+ private readonly AlgorithmIdentifier m_mac;
+
+ private DhbmParameter(Asn1Sequence sequence)
+ {
+ if (sequence.Count != 2)
+ throw new ArgumentException("expecting sequence size of 2");
+
+ m_owf = AlgorithmIdentifier.GetInstance(sequence[0]);
+ m_mac = AlgorithmIdentifier.GetInstance(sequence[1]);
+ }
+
+ public DhbmParameter(AlgorithmIdentifier owf, AlgorithmIdentifier mac)
+ {
+ m_owf = owf;
+ m_mac = mac;
+ }
+
+ public virtual AlgorithmIdentifier Owf => m_owf;
+
+ public virtual AlgorithmIdentifier Mac => m_mac;
+
+ public override Asn1Object ToAsn1Object()
+ {
+ return new DerSequence(m_owf, m_mac);
+ }
+ }
+}
diff --git a/crypto/src/asn1/cmp/ErrorMsgContent.cs b/crypto/src/asn1/cmp/ErrorMsgContent.cs
index 5d2132bb8..fe8318aab 100644
--- a/crypto/src/asn1/cmp/ErrorMsgContent.cs
+++ b/crypto/src/asn1/cmp/ErrorMsgContent.cs
@@ -1,45 +1,54 @@
using System;
-using Org.BouncyCastle.Utilities;
-
namespace Org.BouncyCastle.Asn1.Cmp
{
- public class ErrorMsgContent
+ /**
+ * <pre>
+ * ErrorMsgContent ::= SEQUENCE {
+ * pKIStatusInfo PKIStatusInfo,
+ * errorCode INTEGER OPTIONAL,
+ * -- implementation-specific error codes
+ * errorDetails PKIFreeText OPTIONAL
+ * -- implementation-specific error details
+ * }
+ * </pre>
+ */
+ public class ErrorMsgContent
: Asn1Encodable
{
- private readonly PkiStatusInfo pkiStatusInfo;
- private readonly DerInteger errorCode;
- private readonly PkiFreeText errorDetails;
+ public static ErrorMsgContent GetInstance(object obj)
+ {
+ if (obj is ErrorMsgContent errorMsgContent)
+ return errorMsgContent;
+
+ if (obj != null)
+ return new ErrorMsgContent(Asn1Sequence.GetInstance(obj));
+
+ return null;
+ }
+
+ private readonly PkiStatusInfo m_pkiStatusInfo;
+ private readonly DerInteger m_errorCode;
+ private readonly PkiFreeText m_errorDetails;
private ErrorMsgContent(Asn1Sequence seq)
{
- pkiStatusInfo = PkiStatusInfo.GetInstance(seq[0]);
+ m_pkiStatusInfo = PkiStatusInfo.GetInstance(seq[0]);
for (int pos = 1; pos < seq.Count; ++pos)
{
Asn1Encodable ae = seq[pos];
if (ae is DerInteger)
{
- errorCode = DerInteger.GetInstance(ae);
+ m_errorCode = DerInteger.GetInstance(ae);
}
else
{
- errorDetails = PkiFreeText.GetInstance(ae);
+ m_errorDetails = PkiFreeText.GetInstance(ae);
}
}
}
- public static ErrorMsgContent GetInstance(object obj)
- {
- if (obj is ErrorMsgContent)
- return (ErrorMsgContent)obj;
-
- if (obj is Asn1Sequence)
- return new ErrorMsgContent((Asn1Sequence)obj);
-
- throw new ArgumentException("Invalid object: " + Platform.GetTypeName(obj), "obj");
- }
-
public ErrorMsgContent(PkiStatusInfo pkiStatusInfo)
: this(pkiStatusInfo, null, null)
{
@@ -51,27 +60,18 @@ namespace Org.BouncyCastle.Asn1.Cmp
PkiFreeText errorDetails)
{
if (pkiStatusInfo == null)
- throw new ArgumentNullException("pkiStatusInfo");
+ throw new ArgumentNullException(nameof(pkiStatusInfo));
- this.pkiStatusInfo = pkiStatusInfo;
- this.errorCode = errorCode;
- this.errorDetails = errorDetails;
- }
-
- public virtual PkiStatusInfo PkiStatusInfo
- {
- get { return pkiStatusInfo; }
+ m_pkiStatusInfo = pkiStatusInfo;
+ m_errorCode = errorCode;
+ m_errorDetails = errorDetails;
}
- public virtual DerInteger ErrorCode
- {
- get { return errorCode; }
- }
+ public virtual PkiStatusInfo PkiStatusInfo => m_pkiStatusInfo;
- public virtual PkiFreeText ErrorDetails
- {
- get { return errorDetails; }
- }
+ public virtual DerInteger ErrorCode => m_errorCode;
+
+ public virtual PkiFreeText ErrorDetails => m_errorDetails;
/**
* <pre>
@@ -87,8 +87,8 @@ namespace Org.BouncyCastle.Asn1.Cmp
*/
public override Asn1Object ToAsn1Object()
{
- Asn1EncodableVector v = new Asn1EncodableVector(pkiStatusInfo);
- v.AddOptional(errorCode, errorDetails);
+ Asn1EncodableVector v = new Asn1EncodableVector(m_pkiStatusInfo);
+ v.AddOptional(m_errorCode, m_errorDetails);
return new DerSequence(v);
}
}
diff --git a/crypto/src/asn1/cmp/GenMsgContent.cs b/crypto/src/asn1/cmp/GenMsgContent.cs
index f3142b5c6..b4673b76a 100644
--- a/crypto/src/asn1/cmp/GenMsgContent.cs
+++ b/crypto/src/asn1/cmp/GenMsgContent.cs
@@ -1,43 +1,42 @@
-using System;
-
-using Org.BouncyCastle.Utilities;
-
namespace Org.BouncyCastle.Asn1.Cmp
{
- public class GenMsgContent
+ /**
+ * <pre>GenMsgContent ::= SEQUENCE OF InfoTypeAndValue</pre>
+ */
+ public class GenMsgContent
: Asn1Encodable
{
- private readonly Asn1Sequence content;
+ public static GenMsgContent GetInstance(object obj)
+ {
+ if (obj is GenMsgContent genMsgContent)
+ return genMsgContent;
- private GenMsgContent(Asn1Sequence seq)
- {
- content = seq;
- }
+ if (obj != null)
+ return new GenMsgContent(Asn1Sequence.GetInstance(obj));
- public static GenMsgContent GetInstance(object obj)
- {
- if (obj is GenMsgContent)
- return (GenMsgContent)obj;
+ return null;
+ }
- if (obj is Asn1Sequence)
- return new GenMsgContent((Asn1Sequence)obj);
+ private readonly Asn1Sequence m_content;
- throw new ArgumentException("Invalid object: " + Platform.GetTypeName(obj), "obj");
+ private GenMsgContent(Asn1Sequence seq)
+ {
+ m_content = seq;
}
- public GenMsgContent(params InfoTypeAndValue[] itv)
+ public GenMsgContent(InfoTypeAndValue itv)
+ {
+ m_content = new DerSequence(itv);
+ }
+
+ public GenMsgContent(params InfoTypeAndValue[] itvs)
{
- content = new DerSequence(itv);
+ m_content = new DerSequence(itvs);
}
public virtual InfoTypeAndValue[] ToInfoTypeAndValueArray()
{
- InfoTypeAndValue[] result = new InfoTypeAndValue[content.Count];
- for (int i = 0; i != result.Length; ++i)
- {
- result[i] = InfoTypeAndValue.GetInstance(content[i]);
- }
- return result;
+ return m_content.MapElements(InfoTypeAndValue.GetInstance);
}
/**
@@ -48,7 +47,7 @@ namespace Org.BouncyCastle.Asn1.Cmp
*/
public override Asn1Object ToAsn1Object()
{
- return content;
+ return m_content;
}
}
}
diff --git a/crypto/src/asn1/cmp/GenRepContent.cs b/crypto/src/asn1/cmp/GenRepContent.cs
index 3c3573e37..38f91061c 100644
--- a/crypto/src/asn1/cmp/GenRepContent.cs
+++ b/crypto/src/asn1/cmp/GenRepContent.cs
@@ -1,43 +1,39 @@
-using System;
-
-using Org.BouncyCastle.Utilities;
-
namespace Org.BouncyCastle.Asn1.Cmp
{
public class GenRepContent
: Asn1Encodable
{
- private readonly Asn1Sequence content;
+ public static GenRepContent GetInstance(object obj)
+ {
+ if (obj is GenRepContent genRepContent)
+ return genRepContent;
- private GenRepContent(Asn1Sequence seq)
- {
- content = seq;
- }
+ if (obj != null)
+ return new GenRepContent(Asn1Sequence.GetInstance(obj));
- public static GenRepContent GetInstance(object obj)
- {
- if (obj is GenRepContent)
- return (GenRepContent)obj;
+ return null;
+ }
- if (obj is Asn1Sequence)
- return new GenRepContent((Asn1Sequence)obj);
+ private readonly Asn1Sequence m_content;
- throw new ArgumentException("Invalid object: " + Platform.GetTypeName(obj), "obj");
+ private GenRepContent(Asn1Sequence seq)
+ {
+ m_content = seq;
}
- public GenRepContent(params InfoTypeAndValue[] itv)
+ public GenRepContent(InfoTypeAndValue itv)
+ {
+ m_content = new DerSequence(itv);
+ }
+
+ public GenRepContent(params InfoTypeAndValue[] itvs)
{
- content = new DerSequence(itv);
+ m_content = new DerSequence(itvs);
}
public virtual InfoTypeAndValue[] ToInfoTypeAndValueArray()
{
- InfoTypeAndValue[] result = new InfoTypeAndValue[content.Count];
- for (int i = 0; i != result.Length; ++i)
- {
- result[i] = InfoTypeAndValue.GetInstance(content[i]);
- }
- return result;
+ return m_content.MapElements(InfoTypeAndValue.GetInstance);
}
/**
@@ -48,7 +44,7 @@ namespace Org.BouncyCastle.Asn1.Cmp
*/
public override Asn1Object ToAsn1Object()
{
- return content;
+ return m_content;
}
}
}
diff --git a/crypto/src/asn1/cmp/InfoTypeAndValue.cs b/crypto/src/asn1/cmp/InfoTypeAndValue.cs
index 305d6e5e7..08ad68a42 100644
--- a/crypto/src/asn1/cmp/InfoTypeAndValue.cs
+++ b/crypto/src/asn1/cmp/InfoTypeAndValue.cs
@@ -50,54 +50,47 @@ namespace Org.BouncyCastle.Asn1.Cmp
public class InfoTypeAndValue
: Asn1Encodable
{
- private readonly DerObjectIdentifier infoType;
- private readonly Asn1Encodable infoValue;
+ private readonly DerObjectIdentifier m_infoType;
+ private readonly Asn1Encodable m_infoValue;
private InfoTypeAndValue(Asn1Sequence seq)
{
- infoType = DerObjectIdentifier.GetInstance(seq[0]);
+ m_infoType = DerObjectIdentifier.GetInstance(seq[0]);
if (seq.Count > 1)
{
- infoValue = (Asn1Encodable)seq[1];
+ m_infoValue = seq[1];
}
}
public static InfoTypeAndValue GetInstance(object obj)
{
- if (obj is InfoTypeAndValue)
- return (InfoTypeAndValue)obj;
+ if (obj is InfoTypeAndValue infoTypeAndValue)
+ return infoTypeAndValue;
- if (obj is Asn1Sequence)
- return new InfoTypeAndValue((Asn1Sequence)obj);
+ if (obj != null)
+ return new InfoTypeAndValue(Asn1Sequence.GetInstance(obj));
- throw new ArgumentException("Invalid object: " + Platform.GetTypeName(obj), "obj");
+ return null;
}
- public InfoTypeAndValue(
- DerObjectIdentifier infoType)
+ public InfoTypeAndValue(DerObjectIdentifier infoType)
+ : this(infoType, null)
{
- this.infoType = infoType;
- this.infoValue = null;
}
- public InfoTypeAndValue(
- DerObjectIdentifier infoType,
- Asn1Encodable optionalValue)
+ public InfoTypeAndValue(DerObjectIdentifier infoType, Asn1Encodable infoValue)
{
- this.infoType = infoType;
- this.infoValue = optionalValue;
- }
+ if (infoType == null)
+ throw new ArgumentNullException(nameof(infoType));
- public virtual DerObjectIdentifier InfoType
- {
- get { return infoType; }
+ m_infoType = infoType;
+ m_infoValue = infoValue;
}
- public virtual Asn1Encodable InfoValue
- {
- get { return infoValue; }
- }
+ public virtual DerObjectIdentifier InfoType => m_infoType;
+
+ public virtual Asn1Encodable InfoValue => m_infoValue;
/**
* <pre>
@@ -110,9 +103,10 @@ namespace Org.BouncyCastle.Asn1.Cmp
*/
public override Asn1Object ToAsn1Object()
{
- Asn1EncodableVector v = new Asn1EncodableVector(infoType);
- v.AddOptional(infoValue);
- return new DerSequence(v);
+ if (m_infoValue == null)
+ return new DerSequence(m_infoType);
+
+ return new DerSequence(m_infoType, m_infoValue);
}
}
}
diff --git a/crypto/src/asn1/cmp/KeyRecRepContent.cs b/crypto/src/asn1/cmp/KeyRecRepContent.cs
index e35c0e351..6c5ef62f2 100644
--- a/crypto/src/asn1/cmp/KeyRecRepContent.cs
+++ b/crypto/src/asn1/cmp/KeyRecRepContent.cs
@@ -1,20 +1,29 @@
using System;
-using Org.BouncyCastle.Utilities;
-
namespace Org.BouncyCastle.Asn1.Cmp
{
public class KeyRecRepContent
: Asn1Encodable
{
- private readonly PkiStatusInfo status;
- private readonly CmpCertificate newSigCert;
- private readonly Asn1Sequence caCerts;
- private readonly Asn1Sequence keyPairHist;
+ public static KeyRecRepContent GetInstance(object obj)
+ {
+ if (obj is KeyRecRepContent keyRecRepContent)
+ return keyRecRepContent;
+
+ if (obj != null)
+ return new KeyRecRepContent(Asn1Sequence.GetInstance(obj));
+
+ return null;
+ }
+
+ private readonly PkiStatusInfo m_status;
+ private readonly CmpCertificate m_newSigCert;
+ private readonly Asn1Sequence m_caCerts;
+ private readonly Asn1Sequence m_keyPairHist;
private KeyRecRepContent(Asn1Sequence seq)
{
- status = PkiStatusInfo.GetInstance(seq[0]);
+ m_status = PkiStatusInfo.GetInstance(seq[0]);
for (int pos = 1; pos < seq.Count; ++pos)
{
@@ -22,66 +31,39 @@ namespace Org.BouncyCastle.Asn1.Cmp
switch (tObj.TagNo)
{
- case 0:
- newSigCert = CmpCertificate.GetInstance(tObj.GetObject());
- break;
- case 1:
- caCerts = Asn1Sequence.GetInstance(tObj.GetObject());
- break;
- case 2:
- keyPairHist = Asn1Sequence.GetInstance(tObj.GetObject());
- break;
- default:
- throw new ArgumentException("unknown tag number: " + tObj.TagNo, "seq");
+ case 0:
+ m_newSigCert = CmpCertificate.GetInstance(tObj.GetObject());
+ break;
+ case 1:
+ m_caCerts = Asn1Sequence.GetInstance(tObj.GetObject());
+ break;
+ case 2:
+ m_keyPairHist = Asn1Sequence.GetInstance(tObj.GetObject());
+ break;
+ default:
+ throw new ArgumentException("unknown tag number: " + tObj.TagNo, "seq");
}
}
}
- public static KeyRecRepContent GetInstance(object obj)
- {
- if (obj is KeyRecRepContent)
- return (KeyRecRepContent)obj;
+ public virtual PkiStatusInfo Status => m_status;
- if (obj is Asn1Sequence)
- return new KeyRecRepContent((Asn1Sequence)obj);
-
- throw new ArgumentException("Invalid object: " + Platform.GetTypeName(obj), "obj");
- }
-
- public virtual PkiStatusInfo Status
- {
- get { return status; }
- }
-
- public virtual CmpCertificate NewSigCert
- {
- get { return newSigCert; }
- }
+ public virtual CmpCertificate NewSigCert => m_newSigCert;
public virtual CmpCertificate[] GetCACerts()
{
- if (caCerts == null)
+ if (m_caCerts == null)
return null;
- CmpCertificate[] results = new CmpCertificate[caCerts.Count];
- for (int i = 0; i != results.Length; ++i)
- {
- results[i] = CmpCertificate.GetInstance(caCerts[i]);
- }
- return results;
+ return m_caCerts.MapElements(CmpCertificate.GetInstance);
}
public virtual CertifiedKeyPair[] GetKeyPairHist()
{
- if (keyPairHist == null)
+ if (m_keyPairHist == null)
return null;
- CertifiedKeyPair[] results = new CertifiedKeyPair[keyPairHist.Count];
- for (int i = 0; i != results.Length; ++i)
- {
- results[i] = CertifiedKeyPair.GetInstance(keyPairHist[i]);
- }
- return results;
+ return m_keyPairHist.MapElements(CertifiedKeyPair.GetInstance);
}
/**
@@ -99,10 +81,10 @@ namespace Org.BouncyCastle.Asn1.Cmp
*/
public override Asn1Object ToAsn1Object()
{
- Asn1EncodableVector v = new Asn1EncodableVector(status);
- v.AddOptionalTagged(true, 0, newSigCert);
- v.AddOptionalTagged(true, 1, caCerts);
- v.AddOptionalTagged(true, 2, keyPairHist);
+ Asn1EncodableVector v = new Asn1EncodableVector(m_status);
+ v.AddOptionalTagged(true, 0, m_newSigCert);
+ v.AddOptionalTagged(true, 1, m_caCerts);
+ v.AddOptionalTagged(true, 2, m_keyPairHist);
return new DerSequence(v);
}
}
diff --git a/crypto/src/asn1/cmp/NestedMessageContent.cs b/crypto/src/asn1/cmp/NestedMessageContent.cs
new file mode 100644
index 000000000..907fc7135
--- /dev/null
+++ b/crypto/src/asn1/cmp/NestedMessageContent.cs
@@ -0,0 +1,35 @@
+namespace Org.BouncyCastle.Asn1.Cmp
+{
+ /**
+ * NestedMessageContent ::= PKIMessages
+ */
+ public class NestedMessageContent
+ : PkiMessages
+ {
+ public static NestedMessageContent GetInstance(object obj)
+ {
+ if (obj is NestedMessageContent nestedMessageContent)
+ return nestedMessageContent;
+
+ if (obj != null)
+ return new NestedMessageContent(Asn1Sequence.GetInstance(obj));
+
+ return null;
+ }
+
+ public NestedMessageContent(PkiMessage msg)
+ : base(msg)
+ {
+ }
+
+ public NestedMessageContent(PkiMessage[] msgs)
+ : base(msgs)
+ {
+ }
+
+ public NestedMessageContent(Asn1Sequence seq)
+ : base(seq)
+ {
+ }
+ }
+}
diff --git a/crypto/src/asn1/cmp/OobCert.cs b/crypto/src/asn1/cmp/OobCert.cs
new file mode 100644
index 000000000..d47b87215
--- /dev/null
+++ b/crypto/src/asn1/cmp/OobCert.cs
@@ -0,0 +1,68 @@
+using System;
+using System.IO;
+
+using Org.BouncyCastle.Asn1.X509;
+using Org.BouncyCastle.Utilities;
+
+namespace Org.BouncyCastle.Asn1.Cmp
+{
+ /**
+ * OOBCert ::= CMPCertificate
+ */
+ public class OobCert
+ : CmpCertificate
+ {
+ public static OobCert GetInstance(object obj)
+ {
+ if (obj == null)
+ return null;
+
+ if (obj is OobCert oobCert)
+ return oobCert;
+
+ if (obj is CmpCertificate cmpCertificate)
+ return GetInstance(cmpCertificate.GetEncoded());
+
+ if (obj is byte[] bs)
+ {
+ try
+ {
+ obj = Asn1Object.FromByteArray(bs);
+ }
+ catch (IOException)
+ {
+ throw new ArgumentException("Invalid encoding in OobCert");
+ }
+ }
+
+ if (obj is Asn1Sequence seq)
+ return new OobCert(X509CertificateStructure.GetInstance(obj));
+
+ if (obj is Asn1TaggedObject taggedObject)
+ return new OobCert(taggedObject.TagNo, taggedObject.GetObject());
+
+ throw new ArgumentException("Invalid object: " + Platform.GetTypeName(obj), nameof(obj));
+ }
+
+ public static OobCert GetInstance(Asn1TaggedObject taggedObject, bool declaredExplicit)
+ {
+ if (taggedObject == null)
+ return null;
+
+ if (!declaredExplicit)
+ throw new ArgumentException("tag must be explicit");
+
+ return GetInstance(taggedObject.GetObject());
+ }
+
+ public OobCert(int type, Asn1Encodable otherCert)
+ : base(type, otherCert)
+ {
+ }
+
+ public OobCert(X509CertificateStructure x509v3PKCert)
+ : base(x509v3PKCert)
+ {
+ }
+ }
+}
diff --git a/crypto/src/asn1/cmp/OobCertHash.cs b/crypto/src/asn1/cmp/OobCertHash.cs
index 434939c0e..a18ff300d 100644
--- a/crypto/src/asn1/cmp/OobCertHash.cs
+++ b/crypto/src/asn1/cmp/OobCertHash.cs
@@ -6,18 +6,40 @@ using Org.BouncyCastle.Utilities;
namespace Org.BouncyCastle.Asn1.Cmp
{
- public class OobCertHash
+ /**
+ * <pre>
+ * OOBCertHash ::= SEQUENCE {
+ * hashAlg [0] AlgorithmIdentifier OPTIONAL,
+ * certId [1] CertId OPTIONAL,
+ * hashVal BIT STRING
+ * -- hashVal is calculated over the DER encoding of the
+ * -- self-signed certificate with the identifier certID.
+ * }
+ * </pre>
+ */
+ public class OobCertHash
: Asn1Encodable
{
- private readonly AlgorithmIdentifier hashAlg;
- private readonly CertId certId;
- private readonly DerBitString hashVal;
+ public static OobCertHash GetInstance(object obj)
+ {
+ if (obj is OobCertHash oobCertHash)
+ return oobCertHash;
+
+ if (obj != null)
+ return new OobCertHash(Asn1Sequence.GetInstance(obj));
+
+ return null;
+ }
+
+ private readonly AlgorithmIdentifier m_hashAlg;
+ private readonly CertId m_certId;
+ private readonly DerBitString m_hashVal;
private OobCertHash(Asn1Sequence seq)
{
int index = seq.Count - 1;
- hashVal = DerBitString.GetInstance(seq[index--]);
+ m_hashVal = DerBitString.GetInstance(seq[index--]);
for (int i = index; i >= 0; i--)
{
@@ -25,36 +47,21 @@ namespace Org.BouncyCastle.Asn1.Cmp
if (tObj.TagNo == 0)
{
- hashAlg = AlgorithmIdentifier.GetInstance(tObj, true);
+ m_hashAlg = AlgorithmIdentifier.GetInstance(tObj, true);
}
else
{
- certId = CertId.GetInstance(tObj, true);
+ m_certId = CertId.GetInstance(tObj, true);
}
}
}
- public static OobCertHash GetInstance(object obj)
- {
- if (obj is OobCertHash)
- return (OobCertHash)obj;
+ public virtual CertId CertID => m_certId;
- if (obj is Asn1Sequence)
- return new OobCertHash((Asn1Sequence)obj);
+ public virtual AlgorithmIdentifier HashAlg => m_hashAlg;
+
+ public virtual DerBitString HashVal => m_hashVal;
- throw new ArgumentException("Invalid object: " + Platform.GetTypeName(obj), "obj");
- }
-
- public virtual AlgorithmIdentifier HashAlg
- {
- get { return hashAlg; }
- }
-
- public virtual CertId CertID
- {
- get { return certId; }
- }
-
/**
* <pre>
* OobCertHash ::= SEQUENCE {
@@ -70,9 +77,9 @@ namespace Org.BouncyCastle.Asn1.Cmp
public override Asn1Object ToAsn1Object()
{
Asn1EncodableVector v = new Asn1EncodableVector();
- v.AddOptionalTagged(true, 0, hashAlg);
- v.AddOptionalTagged(true, 1, certId);
- v.Add(hashVal);
+ v.AddOptionalTagged(true, 0, m_hashAlg);
+ v.AddOptionalTagged(true, 1, m_certId);
+ v.Add(m_hashVal);
return new DerSequence(v);
}
}
diff --git a/crypto/src/asn1/cmp/PKIBody.cs b/crypto/src/asn1/cmp/PKIBody.cs
index f17eed64d..68f63ab0b 100644
--- a/crypto/src/asn1/cmp/PKIBody.cs
+++ b/crypto/src/asn1/cmp/PKIBody.cs
@@ -6,6 +6,37 @@ using Org.BouncyCastle.Utilities;
namespace Org.BouncyCastle.Asn1.Cmp
{
+ /**
+ * PKIBody ::= CHOICE { -- message-specific body elements
+ * ir [0] CertReqMessages, --Initialization Request
+ * ip [1] CertRepMessage, --Initialization Response
+ * cr [2] CertReqMessages, --Certification Request
+ * cp [3] CertRepMessage, --Certification Response
+ * p10cr [4] CertificationRequest, --imported from [PKCS10]
+ * popdecc [5] POPODecKeyChallContent, --pop Challenge
+ * popdecr [6] POPODecKeyRespContent, --pop Response
+ * kur [7] CertReqMessages, --Key Update Request
+ * kup [8] CertRepMessage, --Key Update Response
+ * krr [9] CertReqMessages, --Key Recovery Request
+ * krp [10] KeyRecRepContent, --Key Recovery Response
+ * rr [11] RevReqContent, --Revocation Request
+ * rp [12] RevRepContent, --Revocation Response
+ * ccr [13] CertReqMessages, --Cross-Cert. Request
+ * ccp [14] CertRepMessage, --Cross-Cert. Response
+ * ckuann [15] CAKeyUpdAnnContent, --CA Key Update Ann.
+ * cann [16] CertAnnContent, --Certificate Ann.
+ * rann [17] RevAnnContent, --Revocation Ann.
+ * crlann [18] CRLAnnContent, --CRL Announcement
+ * pkiconf [19] PKIConfirmContent, --Confirmation
+ * nested [20] NestedMessageContent, --Nested Message
+ * genm [21] GenMsgContent, --General Message
+ * genp [22] GenRepContent, --General Response
+ * error [23] ErrorMsgContent, --Error Message
+ * certConf [24] CertConfirmContent, --Certificate confirm
+ * pollReq [25] PollReqContent, --Polling request
+ * pollRep [26] PollRepContent --Polling response
+ * }
+ */
public class PkiBody
: Asn1Encodable, IAsn1Choice
{
@@ -37,24 +68,27 @@ namespace Org.BouncyCastle.Asn1.Cmp
public const int TYPE_POLL_REQ = 25;
public const int TYPE_POLL_REP = 26;
- private int tagNo;
- private Asn1Encodable body;
-
public static PkiBody GetInstance(object obj)
{
- if (obj is PkiBody)
- return (PkiBody)obj;
+ if (obj == null)
+ return null;
+
+ if (obj is PkiBody pkiBody)
+ return pkiBody;
- if (obj is Asn1TaggedObject)
- return new PkiBody((Asn1TaggedObject)obj);
+ if (obj is Asn1TaggedObject taggedObject)
+ return new PkiBody(taggedObject);
- throw new ArgumentException("Invalid object: " + Platform.GetTypeName(obj), "obj");
+ throw new ArgumentException("Invalid object: " + Platform.GetTypeName(obj), nameof(obj));
}
- private PkiBody(Asn1TaggedObject tagged)
+ private readonly int m_tagNo;
+ private readonly Asn1Encodable m_body;
+
+ private PkiBody(Asn1TaggedObject taggedObject)
{
- tagNo = tagged.TagNo;
- body = GetBodyForType(tagNo, tagged.GetObject());
+ m_tagNo = taggedObject.TagNo;
+ m_body = GetBodyForType(m_tagNo, taggedObject.GetObject());
}
/**
@@ -62,88 +96,78 @@ namespace Org.BouncyCastle.Asn1.Cmp
* @param type one of the TYPE_* constants
* @param content message content
*/
- public PkiBody(
- int type,
- Asn1Encodable content)
+ public PkiBody(int type, Asn1Encodable content)
{
- tagNo = type;
- body = GetBodyForType(type, content);
+ m_tagNo = type;
+ m_body = GetBodyForType(type, content);
}
- private static Asn1Encodable GetBodyForType(
- int type,
- Asn1Encodable o)
+ private static Asn1Encodable GetBodyForType(int type, Asn1Encodable o)
{
switch (type)
{
- case TYPE_INIT_REQ:
- return CertReqMessages.GetInstance(o);
- case TYPE_INIT_REP:
- return CertRepMessage.GetInstance(o);
- case TYPE_CERT_REQ:
- return CertReqMessages.GetInstance(o);
- case TYPE_CERT_REP:
- return CertRepMessage.GetInstance(o);
- case TYPE_P10_CERT_REQ:
- return CertificationRequest.GetInstance(o);
- case TYPE_POPO_CHALL:
- return PopoDecKeyChallContent.GetInstance(o);
- case TYPE_POPO_REP:
- return PopoDecKeyRespContent.GetInstance(o);
- case TYPE_KEY_UPDATE_REQ:
- return CertReqMessages.GetInstance(o);
- case TYPE_KEY_UPDATE_REP:
- return CertRepMessage.GetInstance(o);
- case TYPE_KEY_RECOVERY_REQ:
- return CertReqMessages.GetInstance(o);
- case TYPE_KEY_RECOVERY_REP:
- return KeyRecRepContent.GetInstance(o);
- case TYPE_REVOCATION_REQ:
- return RevReqContent.GetInstance(o);
- case TYPE_REVOCATION_REP:
- return RevRepContent.GetInstance(o);
- case TYPE_CROSS_CERT_REQ:
- return CertReqMessages.GetInstance(o);
- case TYPE_CROSS_CERT_REP:
- return CertRepMessage.GetInstance(o);
- case TYPE_CA_KEY_UPDATE_ANN:
- return CAKeyUpdAnnContent.GetInstance(o);
- case TYPE_CERT_ANN:
- return CmpCertificate.GetInstance(o);
- case TYPE_REVOCATION_ANN:
- return RevAnnContent.GetInstance(o);
- case TYPE_CRL_ANN:
- return CrlAnnContent.GetInstance(o);
- case TYPE_CONFIRM:
- return PkiConfirmContent.GetInstance(o);
- case TYPE_NESTED:
- return PkiMessages.GetInstance(o);
- case TYPE_GEN_MSG:
- return GenMsgContent.GetInstance(o);
- case TYPE_GEN_REP:
- return GenRepContent.GetInstance(o);
- case TYPE_ERROR:
- return ErrorMsgContent.GetInstance(o);
- case TYPE_CERT_CONFIRM:
- return CertConfirmContent.GetInstance(o);
- case TYPE_POLL_REQ:
- return PollReqContent.GetInstance(o);
- case TYPE_POLL_REP:
- return PollRepContent.GetInstance(o);
- default:
- throw new ArgumentException("unknown tag number: " + type, "type");
+ case TYPE_INIT_REQ:
+ return CertReqMessages.GetInstance(o);
+ case TYPE_INIT_REP:
+ return CertRepMessage.GetInstance(o);
+ case TYPE_CERT_REQ:
+ return CertReqMessages.GetInstance(o);
+ case TYPE_CERT_REP:
+ return CertRepMessage.GetInstance(o);
+ case TYPE_P10_CERT_REQ:
+ return CertificationRequest.GetInstance(o);
+ case TYPE_POPO_CHALL:
+ return PopoDecKeyChallContent.GetInstance(o);
+ case TYPE_POPO_REP:
+ return PopoDecKeyRespContent.GetInstance(o);
+ case TYPE_KEY_UPDATE_REQ:
+ return CertReqMessages.GetInstance(o);
+ case TYPE_KEY_UPDATE_REP:
+ return CertRepMessage.GetInstance(o);
+ case TYPE_KEY_RECOVERY_REQ:
+ return CertReqMessages.GetInstance(o);
+ case TYPE_KEY_RECOVERY_REP:
+ return KeyRecRepContent.GetInstance(o);
+ case TYPE_REVOCATION_REQ:
+ return RevReqContent.GetInstance(o);
+ case TYPE_REVOCATION_REP:
+ return RevRepContent.GetInstance(o);
+ case TYPE_CROSS_CERT_REQ:
+ return CertReqMessages.GetInstance(o);
+ case TYPE_CROSS_CERT_REP:
+ return CertRepMessage.GetInstance(o);
+ case TYPE_CA_KEY_UPDATE_ANN:
+ return CAKeyUpdAnnContent.GetInstance(o);
+ case TYPE_CERT_ANN:
+ return CmpCertificate.GetInstance(o);
+ case TYPE_REVOCATION_ANN:
+ return RevAnnContent.GetInstance(o);
+ case TYPE_CRL_ANN:
+ return CrlAnnContent.GetInstance(o);
+ case TYPE_CONFIRM:
+ return PkiConfirmContent.GetInstance(o);
+ case TYPE_NESTED:
+ return PkiMessages.GetInstance(o);
+ case TYPE_GEN_MSG:
+ return GenMsgContent.GetInstance(o);
+ case TYPE_GEN_REP:
+ return GenRepContent.GetInstance(o);
+ case TYPE_ERROR:
+ return ErrorMsgContent.GetInstance(o);
+ case TYPE_CERT_CONFIRM:
+ return CertConfirmContent.GetInstance(o);
+ case TYPE_POLL_REQ:
+ return PollReqContent.GetInstance(o);
+ case TYPE_POLL_REP:
+ return PollRepContent.GetInstance(o);
+ default:
+ throw new ArgumentException("unknown tag number: " + type, nameof(type));
}
}
- public virtual int Type
- {
- get { return tagNo; }
- }
+ public virtual Asn1Encodable Content => m_body;
- public virtual Asn1Encodable Content
- {
- get { return body; }
- }
+ public virtual int Type => m_tagNo;
/**
* <pre>
@@ -181,7 +205,7 @@ namespace Org.BouncyCastle.Asn1.Cmp
*/
public override Asn1Object ToAsn1Object()
{
- return new DerTaggedObject(true, tagNo, body);
+ return new DerTaggedObject(true, m_tagNo, m_body);
}
}
}
diff --git a/crypto/src/asn1/cmp/PKIConfirmContent.cs b/crypto/src/asn1/cmp/PKIConfirmContent.cs
index d154427a4..ecebb22a8 100644
--- a/crypto/src/asn1/cmp/PKIConfirmContent.cs
+++ b/crypto/src/asn1/cmp/PKIConfirmContent.cs
@@ -4,24 +4,38 @@ using Org.BouncyCastle.Utilities;
namespace Org.BouncyCastle.Asn1.Cmp
{
- public class PkiConfirmContent
+ /**
+ * PKIConfirmContent ::= NULL
+ */
+ public class PkiConfirmContent
: Asn1Encodable
{
public static PkiConfirmContent GetInstance(object obj)
{
- if (obj is PkiConfirmContent)
- return (PkiConfirmContent)obj;
+ if (obj == null)
+ return null;
- if (obj is Asn1Null)
- return new PkiConfirmContent();
+ if (obj is PkiConfirmContent pkiConfirmContent)
+ return pkiConfirmContent;
- throw new ArgumentException("Invalid object: " + Platform.GetTypeName(obj), "obj");
- }
+ if (obj is Asn1Null asn1Null)
+ return new PkiConfirmContent(asn1Null);
- public PkiConfirmContent()
- {
+ throw new ArgumentException("Invalid object: " + Platform.GetTypeName(obj), nameof(obj));
}
+ private readonly Asn1Null m_val;
+
+ public PkiConfirmContent()
+ : this(DerNull.Instance)
+ {
+ }
+
+ private PkiConfirmContent(Asn1Null val)
+ {
+ m_val = val;
+ }
+
/**
* <pre>
* PkiConfirmContent ::= NULL
@@ -30,7 +44,7 @@ namespace Org.BouncyCastle.Asn1.Cmp
*/
public override Asn1Object ToAsn1Object()
{
- return DerNull.Instance;
+ return m_val;
}
}
}
diff --git a/crypto/src/asn1/cmp/PKIFailureInfo.cs b/crypto/src/asn1/cmp/PKIFailureInfo.cs
index 75a3ff0d7..fd37665b9 100644
--- a/crypto/src/asn1/cmp/PKIFailureInfo.cs
+++ b/crypto/src/asn1/cmp/PKIFailureInfo.cs
@@ -21,7 +21,7 @@ namespace Org.BouncyCastle.Asn1.Cmp
* certRevoked (10),
* certConfirmed (11),
* wrongIntegrity (12),
- * badRecipientNonce (13),
+ * badRecipientNonce (13),
* timeNotAvailable (14),
* -- the TSA's time source is not available
* unacceptedPolicy (15),
@@ -37,13 +37,13 @@ namespace Org.BouncyCastle.Asn1.Cmp
* transactionIdInUse (21),
* unsupportedVersion (22),
* notAuthorized (23),
- * systemUnavail (24),
+ * systemUnavail (24),
* systemFailure (25),
* -- the request cannot be handled due to system failure
- * duplicateCertReq (26)
+ * duplicateCertReq (26)
* </pre>
*/
- public class PkiFailureInfo
+ public class PkiFailureInfo
: DerBitString
{
public const int BadAlg = (1 << 7); // unrecognized or unsupported Algorithm Identifier
diff --git a/crypto/src/asn1/cmp/PKIFreeText.cs b/crypto/src/asn1/cmp/PKIFreeText.cs
index 006930320..f3a4b8a81 100644
--- a/crypto/src/asn1/cmp/PKIFreeText.cs
+++ b/crypto/src/asn1/cmp/PKIFreeText.cs
@@ -1,61 +1,66 @@
using System;
-using Org.BouncyCastle.Utilities;
-
namespace Org.BouncyCastle.Asn1.Cmp
{
public class PkiFreeText
: Asn1Encodable
{
- internal Asn1Sequence strings;
-
- public static PkiFreeText GetInstance(
- Asn1TaggedObject obj,
- bool isExplicit)
+ public static PkiFreeText GetInstance(object obj)
{
- return GetInstance(Asn1Sequence.GetInstance(obj, isExplicit));
+ if (obj is PkiFreeText pkiFreeText)
+ return pkiFreeText;
+
+ if (obj != null)
+ return new PkiFreeText(Asn1Sequence.GetInstance(obj));
+
+ return null;
}
- public static PkiFreeText GetInstance(
- object obj)
+ public static PkiFreeText GetInstance(Asn1TaggedObject taggedObject, bool declaredExplicit)
+ {
+ return GetInstance(Asn1Sequence.GetInstance(taggedObject, declaredExplicit));
+ }
+
+ internal Asn1Sequence m_strings;
+
+ internal PkiFreeText(Asn1Sequence seq)
{
- if (obj is PkiFreeText)
- {
- return (PkiFreeText)obj;
- }
- else if (obj is Asn1Sequence)
+ foreach (var element in seq)
{
- return new PkiFreeText((Asn1Sequence)obj);
+ if (!(element is DerUtf8String))
+ throw new ArgumentException("attempt to insert non UTF8 STRING into PkiFreeText");
}
- throw new ArgumentException("Unknown object in factory: " + Platform.GetTypeName(obj), "obj");
+ m_strings = seq;
}
- public PkiFreeText(
- Asn1Sequence seq)
+ public PkiFreeText(DerUtf8String p)
{
- foreach (object o in seq)
- {
- if (!(o is DerUtf8String))
- {
- throw new ArgumentException("attempt to insert non UTF8 STRING into PkiFreeText");
- }
- }
+ m_strings = new DerSequence(p);
+ }
- this.strings = seq;
+ public PkiFreeText(string p)
+ : this(new DerUtf8String(p))
+ {
}
- public PkiFreeText(
- DerUtf8String p)
+ public PkiFreeText(DerUtf8String[] strs)
{
- strings = new DerSequence(p);
+ m_strings = new DerSequence(strs);
}
- public int Count
+ public PkiFreeText(string[] strs)
{
- get { return strings.Count; }
+ Asn1EncodableVector v = new Asn1EncodableVector(strs.Length);
+ for (int i = 0; i < strs.Length; i++)
+ {
+ v.Add(new DerUtf8String(strs[i]));
+ }
+ m_strings = new DerSequence(v);
}
+ public virtual int Count => m_strings.Count;
+
/**
* Return the UTF8STRING at index.
*
@@ -64,7 +69,7 @@ namespace Org.BouncyCastle.Asn1.Cmp
*/
public DerUtf8String this[int index]
{
- get { return (DerUtf8String) strings[index]; }
+ get { return (DerUtf8String)m_strings[index]; }
}
/**
@@ -74,7 +79,7 @@ namespace Org.BouncyCastle.Asn1.Cmp
*/
public override Asn1Object ToAsn1Object()
{
- return strings;
+ return m_strings;
}
}
}
diff --git a/crypto/src/asn1/cmp/PKIHeader.cs b/crypto/src/asn1/cmp/PKIHeader.cs
index 7b6296279..553a81bc0 100644
--- a/crypto/src/asn1/cmp/PKIHeader.cs
+++ b/crypto/src/asn1/cmp/PKIHeader.cs
@@ -41,35 +41,35 @@ namespace Org.BouncyCastle.Asn1.Cmp
switch (tObj.TagNo)
{
- case 0:
- messageTime = DerGeneralizedTime.GetInstance(tObj, true);
- break;
- case 1:
- protectionAlg = AlgorithmIdentifier.GetInstance(tObj, true);
- break;
- case 2:
- senderKID = Asn1OctetString.GetInstance(tObj, true);
- break;
- case 3:
- recipKID = Asn1OctetString.GetInstance(tObj, true);
- break;
- case 4:
- transactionID = Asn1OctetString.GetInstance(tObj, true);
- break;
- case 5:
- senderNonce = Asn1OctetString.GetInstance(tObj, true);
- break;
- case 6:
- recipNonce = Asn1OctetString.GetInstance(tObj, true);
- break;
- case 7:
- freeText = PkiFreeText.GetInstance(tObj, true);
- break;
- case 8:
- generalInfo = Asn1Sequence.GetInstance(tObj, true);
- break;
- default:
- throw new ArgumentException("unknown tag number: " + tObj.TagNo, "seq");
+ case 0:
+ messageTime = DerGeneralizedTime.GetInstance(tObj, true);
+ break;
+ case 1:
+ protectionAlg = AlgorithmIdentifier.GetInstance(tObj, true);
+ break;
+ case 2:
+ senderKID = Asn1OctetString.GetInstance(tObj, true);
+ break;
+ case 3:
+ recipKID = Asn1OctetString.GetInstance(tObj, true);
+ break;
+ case 4:
+ transactionID = Asn1OctetString.GetInstance(tObj, true);
+ break;
+ case 5:
+ senderNonce = Asn1OctetString.GetInstance(tObj, true);
+ break;
+ case 6:
+ recipNonce = Asn1OctetString.GetInstance(tObj, true);
+ break;
+ case 7:
+ freeText = PkiFreeText.GetInstance(tObj, true);
+ break;
+ case 8:
+ generalInfo = Asn1Sequence.GetInstance(tObj, true);
+ break;
+ default:
+ throw new ArgumentException("unknown tag number: " + tObj.TagNo, nameof(seq));
}
}
}
diff --git a/crypto/src/asn1/cmp/PKIMessages.cs b/crypto/src/asn1/cmp/PKIMessages.cs
index eb01e544a..0008f476a 100644
--- a/crypto/src/asn1/cmp/PKIMessages.cs
+++ b/crypto/src/asn1/cmp/PKIMessages.cs
@@ -9,7 +9,7 @@ namespace Org.BouncyCastle.Asn1.Cmp
{
private Asn1Sequence content;
- private PkiMessages(Asn1Sequence seq)
+ internal PkiMessages(Asn1Sequence seq)
{
content = seq;
}
diff --git a/crypto/src/asn1/cmp/PbmParameter.cs b/crypto/src/asn1/cmp/PbmParameter.cs
index 206b89ba1..f4b702ed5 100644
--- a/crypto/src/asn1/cmp/PbmParameter.cs
+++ b/crypto/src/asn1/cmp/PbmParameter.cs
@@ -1,77 +1,74 @@
using System;
using Org.BouncyCastle.Asn1.X509;
-using Org.BouncyCastle.Utilities;
namespace Org.BouncyCastle.Asn1.Cmp
{
+ /**
+ * PBMParameter ::= SEQUENCE {
+ * salt OCTET STRING,
+ * -- note: implementations MAY wish to limit acceptable sizes
+ * -- of this string to values appropriate for their environment
+ * -- in order to reduce the risk of denial-of-service attacks
+ * owf AlgorithmIdentifier,
+ * -- AlgId for a One-Way Function (SHA-1 recommended)
+ * iterationCount INTEGER,
+ * -- number of times the OWF is applied
+ * -- note: implementations MAY wish to limit acceptable sizes
+ * -- of this integer to values appropriate for their environment
+ * -- in order to reduce the risk of denial-of-service attacks
+ * mac AlgorithmIdentifier
+ * -- the MAC AlgId (e.g., DES-MAC, Triple-DES-MAC [PKCS11],
+ * } -- or HMAC [RFC2104, RFC2202])
+ */
public class PbmParameter
: Asn1Encodable
{
- private Asn1OctetString salt;
- private AlgorithmIdentifier owf;
- private DerInteger iterationCount;
- private AlgorithmIdentifier mac;
-
- private PbmParameter(Asn1Sequence seq)
- {
- salt = Asn1OctetString.GetInstance(seq[0]);
- owf = AlgorithmIdentifier.GetInstance(seq[1]);
- iterationCount = DerInteger.GetInstance(seq[2]);
- mac = AlgorithmIdentifier.GetInstance(seq[3]);
- }
-
public static PbmParameter GetInstance(object obj)
{
- if (obj is PbmParameter)
- return (PbmParameter)obj;
+ if (obj is PbmParameter pbmParameter)
+ return pbmParameter;
- if (obj is Asn1Sequence)
- return new PbmParameter((Asn1Sequence)obj);
+ if (obj != null)
+ return new PbmParameter(Asn1Sequence.GetInstance(obj));
- throw new ArgumentException("Invalid object: " + Platform.GetTypeName(obj), "obj");
+ return null;
}
- public PbmParameter(
- byte[] salt,
- AlgorithmIdentifier owf,
- int iterationCount,
- AlgorithmIdentifier mac)
- : this(new DerOctetString(salt), owf, new DerInteger(iterationCount), mac)
- {
- }
+ private readonly Asn1OctetString m_salt;
+ private readonly AlgorithmIdentifier m_owf;
+ private readonly DerInteger m_iterationCount;
+ private readonly AlgorithmIdentifier m_mac;
- public PbmParameter(
- Asn1OctetString salt,
- AlgorithmIdentifier owf,
- DerInteger iterationCount,
- AlgorithmIdentifier mac)
+ private PbmParameter(Asn1Sequence seq)
{
- this.salt = salt;
- this.owf = owf;
- this.iterationCount = iterationCount;
- this.mac = mac;
+ m_salt = Asn1OctetString.GetInstance(seq[0]);
+ m_owf = AlgorithmIdentifier.GetInstance(seq[1]);
+ m_iterationCount = DerInteger.GetInstance(seq[2]);
+ m_mac = AlgorithmIdentifier.GetInstance(seq[3]);
}
- public virtual Asn1OctetString Salt
+ public PbmParameter(byte[] salt, AlgorithmIdentifier owf, int iterationCount, AlgorithmIdentifier mac)
+ : this(new DerOctetString(salt), owf, new DerInteger(iterationCount), mac)
{
- get { return salt; }
}
- public virtual AlgorithmIdentifier Owf
+ public PbmParameter(Asn1OctetString salt, AlgorithmIdentifier owf, DerInteger iterationCount,
+ AlgorithmIdentifier mac)
{
- get { return owf; }
+ m_salt = salt;
+ m_owf = owf;
+ m_iterationCount = iterationCount;
+ m_mac = mac;
}
- public virtual DerInteger IterationCount
- {
- get { return iterationCount; }
- }
+ public virtual DerInteger IterationCount => m_iterationCount;
- public virtual AlgorithmIdentifier Mac
- {
- get { return mac; }
- }
+ public virtual AlgorithmIdentifier Mac => m_mac;
+
+ public virtual AlgorithmIdentifier Owf => m_owf;
+
+ public virtual Asn1OctetString Salt => m_salt;
/**
* <pre>
@@ -95,7 +92,7 @@ namespace Org.BouncyCastle.Asn1.Cmp
*/
public override Asn1Object ToAsn1Object()
{
- return new DerSequence(salt, owf, iterationCount, mac);
+ return new DerSequence(m_salt, m_owf, m_iterationCount, m_mac);
}
}
}
diff --git a/crypto/src/asn1/cmp/PollRepContent.cs b/crypto/src/asn1/cmp/PollRepContent.cs
index ff75d7d6d..15f153a5d 100644
--- a/crypto/src/asn1/cmp/PollRepContent.cs
+++ b/crypto/src/asn1/cmp/PollRepContent.cs
@@ -1,71 +1,69 @@
-using System;
-
-using Org.BouncyCastle.Utilities;
-
namespace Org.BouncyCastle.Asn1.Cmp
{
- public class PollRepContent
+ /**
+ * PollRepContent ::= SEQUENCE OF SEQUENCE {
+ * certReqId INTEGER,
+ * checkAfter INTEGER, -- time in seconds
+ * reason PKIFreeText OPTIONAL }
+ */
+ public class PollRepContent
: Asn1Encodable
{
- private readonly DerInteger certReqId;
- private readonly DerInteger checkAfter;
- private readonly PkiFreeText reason;
+ public static PollRepContent GetInstance(object obj)
+ {
+ if (obj is PollRepContent pollRepContent)
+ return pollRepContent;
+
+ if (obj != null)
+ return new PollRepContent(Asn1Sequence.GetInstance(obj));
+
+ return null;
+ }
+
+ private readonly DerInteger[] m_certReqID;
+ private readonly DerInteger[] m_checkAfter;
+ private readonly PkiFreeText[] m_reason;
private PollRepContent(Asn1Sequence seq)
{
- certReqId = DerInteger.GetInstance(seq[0]);
- checkAfter = DerInteger.GetInstance(seq[1]);
+ int count = seq.Count;
+ m_certReqID = new DerInteger[count];
+ m_checkAfter = new DerInteger[count];
+ m_reason = new PkiFreeText[count];
- if (seq.Count > 2)
+ for (int i = 0; i != count; i++)
{
- reason = PkiFreeText.GetInstance(seq[2]);
- }
- }
-
- public static PollRepContent GetInstance(object obj)
- {
- if (obj is PollRepContent)
- return (PollRepContent)obj;
+ Asn1Sequence s = Asn1Sequence.GetInstance(seq[i]);
- if (obj is Asn1Sequence)
- return new PollRepContent((Asn1Sequence)obj);
+ m_certReqID[i] = DerInteger.GetInstance(s[0]);
+ m_checkAfter[i] = DerInteger.GetInstance(s[1]);
- throw new ArgumentException("Invalid object: " + Platform.GetTypeName(obj), "obj");
+ if (s.Count > 2)
+ {
+ m_reason[i] = PkiFreeText.GetInstance(s[2]);
+ }
+ }
}
- public PollRepContent(
- DerInteger certReqId,
- DerInteger checkAfter)
+ public PollRepContent(DerInteger certReqID, DerInteger checkAfter)
+ : this(certReqID, checkAfter, null)
{
- this.certReqId = certReqId;
- this.checkAfter = checkAfter;
- this.reason = null;
}
- public PollRepContent(
- DerInteger certReqId,
- DerInteger checkAfter,
- PkiFreeText reason)
+ public PollRepContent(DerInteger certReqID, DerInteger checkAfter, PkiFreeText reason)
{
- this.certReqId = certReqId;
- this.checkAfter = checkAfter;
- this.reason = reason;
- }
+ m_certReqID = new DerInteger[1]{ certReqID };
+ m_checkAfter = new DerInteger[1]{ checkAfter };
+ m_reason = new PkiFreeText[1]{ reason };
+ }
- public virtual DerInteger CertReqID
- {
- get { return certReqId; }
- }
+ public virtual int Count => m_certReqID.Length;
- public virtual DerInteger CheckAfter
- {
- get { return checkAfter; }
- }
+ public virtual DerInteger GetCertReqID(int index) => m_certReqID[index];
- public virtual PkiFreeText Reason
- {
- get { return reason; }
- }
+ public virtual DerInteger GetCheckAfter(int index) => m_checkAfter[index];
+
+ public virtual PkiFreeText GetReason(int index) => m_reason[index];
/**
* <pre>
@@ -79,9 +77,20 @@ namespace Org.BouncyCastle.Asn1.Cmp
*/
public override Asn1Object ToAsn1Object()
{
- Asn1EncodableVector v = new Asn1EncodableVector(certReqId, checkAfter);
- v.AddOptional(reason);
- return new DerSequence(v);
+ Asn1EncodableVector outer = new Asn1EncodableVector(m_certReqID.Length);
+
+ for (int i = 0; i != m_certReqID.Length; i++)
+ {
+ Asn1EncodableVector v = new Asn1EncodableVector(3);
+
+ v.Add(m_certReqID[i]);
+ v.Add(m_checkAfter[i]);
+ v.AddOptional(m_reason[i]);
+
+ outer.Add(new DerSequence(v));
+ }
+
+ return new DerSequence(outer);
}
}
}
diff --git a/crypto/src/asn1/cmp/PollReqContent.cs b/crypto/src/asn1/cmp/PollReqContent.cs
index dd9b0c352..80a39348a 100644
--- a/crypto/src/asn1/cmp/PollReqContent.cs
+++ b/crypto/src/asn1/cmp/PollReqContent.cs
@@ -1,51 +1,91 @@
-using System;
-
-using Org.BouncyCastle.Utilities;
+using Org.BouncyCastle.Math;
namespace Org.BouncyCastle.Asn1.Cmp
{
public class PollReqContent
: Asn1Encodable
{
- private readonly Asn1Sequence content;
+ public static PollReqContent GetInstance(object obj)
+ {
+ if (obj is PollReqContent pollReqContent)
+ return pollReqContent;
+
+ if (obj != null)
+ return new PollReqContent(Asn1Sequence.GetInstance(obj));
+
+ return null;
+ }
+
+ private readonly Asn1Sequence m_content;
private PollReqContent(Asn1Sequence seq)
{
- content = seq;
+ m_content = seq;
}
- public static PollReqContent GetInstance(object obj)
+ /**
+ * Create a pollReqContent for a single certReqId.
+ *
+ * @param certReqId the certificate request ID.
+ */
+ public PollReqContent(DerInteger certReqId)
+ : this(new DerSequence(new DerSequence(certReqId)))
{
- if (obj is PollReqContent)
- return (PollReqContent)obj;
+ }
- if (obj is Asn1Sequence)
- return new PollReqContent((Asn1Sequence)obj);
+ /**
+ * Create a pollReqContent for a multiple certReqIds.
+ *
+ * @param certReqIds the certificate request IDs.
+ */
+ public PollReqContent(DerInteger[] certReqIds)
+ : this(new DerSequence(IntsToSequence(certReqIds)))
+ {
+ }
- throw new ArgumentException("Invalid object: " + Platform.GetTypeName(obj), "obj");
+ /**
+ * Create a pollReqContent for a single certReqId.
+ *
+ * @param certReqId the certificate request ID.
+ */
+ public PollReqContent(BigInteger certReqId)
+ : this(new DerInteger(certReqId))
+ {
}
- public virtual DerInteger[][] GetCertReqIDs()
+ /**
+ * Create a pollReqContent for a multiple certReqIds.
+ *
+ * @param certReqIds the certificate request IDs.
+ */
+ public PollReqContent(BigInteger[] certReqIds)
+ : this(IntsToAsn1(certReqIds))
{
- DerInteger[][] result = new DerInteger[content.Count][];
- for (int i = 0; i != result.Length; ++i)
- {
- result[i] = SequenceToDerIntegerArray((Asn1Sequence)content[i]);
- }
- return result;
}
- private static DerInteger[] SequenceToDerIntegerArray(Asn1Sequence seq)
+ public virtual DerInteger[][] GetCertReqIDs()
{
- DerInteger[] result = new DerInteger[seq.Count];
+ DerInteger[][] result = new DerInteger[m_content.Count][];
for (int i = 0; i != result.Length; ++i)
{
- result[i] = DerInteger.GetInstance(seq[i]);
+ result[i] = SequenceToDerIntegerArray((Asn1Sequence)m_content[i]);
}
return result;
}
- /**
+ public virtual BigInteger[] GetCertReqIDValues()
+ {
+ BigInteger[] result = new BigInteger[m_content.Count];
+
+ for (int i = 0; i != result.Length; i++)
+ {
+ result[i] = DerInteger.GetInstance(Asn1Sequence.GetInstance(m_content[i])[0]).Value;
+ }
+
+ return result;
+ }
+
+ /**
* <pre>
* PollReqContent ::= SEQUENCE OF SEQUENCE {
* certReqId INTEGER
@@ -53,9 +93,38 @@ namespace Org.BouncyCastle.Asn1.Cmp
* </pre>
* @return a basic ASN.1 object representation.
*/
- public override Asn1Object ToAsn1Object()
+ public override Asn1Object ToAsn1Object()
+ {
+ return m_content;
+ }
+
+ private static DerInteger[] SequenceToDerIntegerArray(Asn1Sequence seq)
+ {
+ return seq.MapElements(DerInteger.GetInstance);
+ }
+
+ private static DerSequence[] IntsToSequence(DerInteger[] ids)
{
- return content;
+ DerSequence[] result = new DerSequence[ids.Length];
+
+ for (int i = 0; i != result.Length; i++)
+ {
+ result[i] = new DerSequence(ids[i]);
+ }
+
+ return result;
+ }
+
+ private static DerInteger[] IntsToAsn1(BigInteger[] ids)
+ {
+ DerInteger[] result = new DerInteger[ids.Length];
+
+ for (int i = 0; i != result.Length; i++)
+ {
+ result[i] = new DerInteger(ids[i]);
+ }
+
+ return result;
}
}
}
diff --git a/crypto/src/asn1/cmp/PopoDecKeyChallContent.cs b/crypto/src/asn1/cmp/PopoDecKeyChallContent.cs
index 03a13a5d5..0bd1597c8 100644
--- a/crypto/src/asn1/cmp/PopoDecKeyChallContent.cs
+++ b/crypto/src/asn1/cmp/PopoDecKeyChallContent.cs
@@ -1,38 +1,31 @@
using System;
-using Org.BouncyCastle.Utilities;
-
namespace Org.BouncyCastle.Asn1.Cmp
{
public class PopoDecKeyChallContent
: Asn1Encodable
{
- private readonly Asn1Sequence content;
+ public static PopoDecKeyChallContent GetInstance(object obj)
+ {
+ if (obj is PopoDecKeyChallContent popoDecKeyChallContent)
+ return popoDecKeyChallContent;
- private PopoDecKeyChallContent(Asn1Sequence seq)
- {
- content = seq;
- }
+ if (obj != null)
+ return new PopoDecKeyChallContent(Asn1Sequence.GetInstance(obj));
- public static PopoDecKeyChallContent GetInstance(object obj)
- {
- if (obj is PopoDecKeyChallContent)
- return (PopoDecKeyChallContent)obj;
+ return null;
+ }
- if (obj is Asn1Sequence)
- return new PopoDecKeyChallContent((Asn1Sequence)obj);
+ private readonly Asn1Sequence m_content;
- throw new ArgumentException("Invalid object: " + Platform.GetTypeName(obj), "obj");
+ private PopoDecKeyChallContent(Asn1Sequence seq)
+ {
+ m_content = seq;
}
public virtual Challenge[] ToChallengeArray()
{
- Challenge[] result = new Challenge[content.Count];
- for (int i = 0; i != result.Length; ++i)
- {
- result[i] = Challenge.GetInstance(content[i]);
- }
- return result;
+ return m_content.MapElements(Challenge.GetInstance);
}
/**
@@ -43,7 +36,7 @@ namespace Org.BouncyCastle.Asn1.Cmp
*/
public override Asn1Object ToAsn1Object()
{
- return content;
+ return m_content;
}
}
}
diff --git a/crypto/src/asn1/cmp/PopoDecKeyRespContent.cs b/crypto/src/asn1/cmp/PopoDecKeyRespContent.cs
index 73f59b7c1..77d720271 100644
--- a/crypto/src/asn1/cmp/PopoDecKeyRespContent.cs
+++ b/crypto/src/asn1/cmp/PopoDecKeyRespContent.cs
@@ -1,38 +1,29 @@
-using System;
-
-using Org.BouncyCastle.Utilities;
-
namespace Org.BouncyCastle.Asn1.Cmp
{
public class PopoDecKeyRespContent
: Asn1Encodable
{
- private readonly Asn1Sequence content;
+ public static PopoDecKeyRespContent GetInstance(object obj)
+ {
+ if (obj is PopoDecKeyRespContent popoDecKeyRespContent)
+ return popoDecKeyRespContent;
- private PopoDecKeyRespContent(Asn1Sequence seq)
- {
- content = seq;
- }
+ if (obj != null)
+ return new PopoDecKeyRespContent(Asn1Sequence.GetInstance(obj));
- public static PopoDecKeyRespContent GetInstance(object obj)
- {
- if (obj is PopoDecKeyRespContent)
- return (PopoDecKeyRespContent)obj;
+ return null;
+ }
- if (obj is Asn1Sequence)
- return new PopoDecKeyRespContent((Asn1Sequence)obj);
+ private readonly Asn1Sequence m_content;
- throw new ArgumentException("Invalid object: " + Platform.GetTypeName(obj), "obj");
+ private PopoDecKeyRespContent(Asn1Sequence seq)
+ {
+ m_content = seq;
}
- public virtual DerInteger[] ToDerIntegerArray()
+ public virtual DerInteger[] ToIntegerArray()
{
- DerInteger[] result = new DerInteger[content.Count];
- for (int i = 0; i != result.Length; ++i)
- {
- result[i] = DerInteger.GetInstance(content[i]);
- }
- return result;
+ return m_content.MapElements(DerInteger.GetInstance);
}
/**
@@ -43,7 +34,7 @@ namespace Org.BouncyCastle.Asn1.Cmp
*/
public override Asn1Object ToAsn1Object()
{
- return content;
+ return m_content;
}
}
}
diff --git a/crypto/src/asn1/cmp/ProtectedPart.cs b/crypto/src/asn1/cmp/ProtectedPart.cs
index ed90708f9..fc83ac6c6 100644
--- a/crypto/src/asn1/cmp/ProtectedPart.cs
+++ b/crypto/src/asn1/cmp/ProtectedPart.cs
@@ -1,47 +1,37 @@
-using System;
-
-using Org.BouncyCastle.Utilities;
-
namespace Org.BouncyCastle.Asn1.Cmp
{
public class ProtectedPart
: Asn1Encodable
{
- private readonly PkiHeader header;
- private readonly PkiBody body;
-
- private ProtectedPart(Asn1Sequence seq)
- {
- header = PkiHeader.GetInstance(seq[0]);
- body = PkiBody.GetInstance(seq[1]);
- }
+ public static ProtectedPart GetInstance(object obj)
+ {
+ if (obj is ProtectedPart protectedPart)
+ return protectedPart;
- public static ProtectedPart GetInstance(object obj)
- {
- if (obj is ProtectedPart)
- return (ProtectedPart)obj;
+ if (obj != null)
+ return new ProtectedPart(Asn1Sequence.GetInstance(obj));
- if (obj is Asn1Sequence)
- return new ProtectedPart((Asn1Sequence)obj);
+ return null;
+ }
- throw new ArgumentException("Invalid object: " + Platform.GetTypeName(obj), "obj");
- }
+ private readonly PkiHeader m_header;
+ private readonly PkiBody m_body;
- public ProtectedPart(PkiHeader header, PkiBody body)
+ private ProtectedPart(Asn1Sequence seq)
{
- this.header = header;
- this.body = body;
+ m_header = PkiHeader.GetInstance(seq[0]);
+ m_body = PkiBody.GetInstance(seq[1]);
}
- public virtual PkiHeader Header
+ public ProtectedPart(PkiHeader header, PkiBody body)
{
- get { return header; }
+ m_header = header;
+ m_body = body;
}
- public virtual PkiBody Body
- {
- get { return body; }
- }
+ public virtual PkiHeader Header => m_header;
+
+ public virtual PkiBody Body => m_body;
/**
* <pre>
@@ -54,7 +44,7 @@ namespace Org.BouncyCastle.Asn1.Cmp
*/
public override Asn1Object ToAsn1Object()
{
- return new DerSequence(header, body);
+ return new DerSequence(m_header, m_body);
}
}
}
diff --git a/crypto/src/asn1/cmp/RevAnnContent.cs b/crypto/src/asn1/cmp/RevAnnContent.cs
index d5d42625c..4ef6fdbf7 100644
--- a/crypto/src/asn1/cmp/RevAnnContent.cs
+++ b/crypto/src/asn1/cmp/RevAnnContent.cs
@@ -1,68 +1,66 @@
-using System;
-
using Org.BouncyCastle.Asn1.Crmf;
using Org.BouncyCastle.Asn1.X509;
-using Org.BouncyCastle.Utilities;
namespace Org.BouncyCastle.Asn1.Cmp
{
public class RevAnnContent
: Asn1Encodable
{
- private readonly PkiStatusEncodable status;
- private readonly CertId certId;
- private readonly DerGeneralizedTime willBeRevokedAt;
- private readonly DerGeneralizedTime badSinceDate;
- private readonly X509Extensions crlDetails;
+ public static RevAnnContent GetInstance(object obj)
+ {
+ if (obj is RevAnnContent revAnnContent)
+ return revAnnContent;
- private RevAnnContent(Asn1Sequence seq)
- {
- status = PkiStatusEncodable.GetInstance(seq[0]);
- certId = CertId.GetInstance(seq[1]);
- willBeRevokedAt = DerGeneralizedTime.GetInstance(seq[2]);
- badSinceDate = DerGeneralizedTime.GetInstance(seq[3]);
+ if (obj != null)
+ return new RevAnnContent(Asn1Sequence.GetInstance(obj));
- if (seq.Count > 4)
- {
- crlDetails = X509Extensions.GetInstance(seq[4]);
- }
- }
+ return null;
+ }
- public static RevAnnContent GetInstance(object obj)
- {
- if (obj is RevAnnContent)
- return (RevAnnContent)obj;
-
- if (obj is Asn1Sequence)
- return new RevAnnContent((Asn1Sequence)obj);
+ private readonly PkiStatusEncodable m_status;
+ private readonly CertId m_certID;
+ private readonly DerGeneralizedTime m_willBeRevokedAt;
+ private readonly DerGeneralizedTime m_badSinceDate;
+ private readonly X509Extensions m_crlDetails;
- throw new ArgumentException("Invalid object: " + Platform.GetTypeName(obj), "obj");
+ public RevAnnContent(PkiStatusEncodable status, CertId certID, DerGeneralizedTime willBeRevokedAt,
+ DerGeneralizedTime badSinceDate)
+ : this(status, certID, willBeRevokedAt, badSinceDate, null)
+ {
}
- public virtual PkiStatusEncodable Status
- {
- get { return status; }
- }
+ public RevAnnContent(PkiStatusEncodable status, CertId certID, DerGeneralizedTime willBeRevokedAt,
+ DerGeneralizedTime badSinceDate, X509Extensions crlDetails)
+ {
+ m_status = status;
+ m_certID = certID;
+ m_willBeRevokedAt = willBeRevokedAt;
+ m_badSinceDate = badSinceDate;
+ m_crlDetails = crlDetails;
+ }
- public virtual CertId CertID
+ private RevAnnContent(Asn1Sequence seq)
{
- get { return certId; }
- }
+ m_status = PkiStatusEncodable.GetInstance(seq[0]);
+ m_certID = CertId.GetInstance(seq[1]);
+ m_willBeRevokedAt = DerGeneralizedTime.GetInstance(seq[2]);
+ m_badSinceDate = DerGeneralizedTime.GetInstance(seq[3]);
- public virtual DerGeneralizedTime WillBeRevokedAt
- {
- get { return willBeRevokedAt; }
+ if (seq.Count > 4)
+ {
+ m_crlDetails = X509Extensions.GetInstance(seq[4]);
+ }
}
- public virtual DerGeneralizedTime BadSinceDate
- {
- get { return badSinceDate; }
- }
+ public virtual PkiStatusEncodable Status => m_status;
- public virtual X509Extensions CrlDetails
- {
- get { return crlDetails; }
- }
+ public virtual CertId CertID => m_certID;
+
+ public virtual DerGeneralizedTime WillBeRevokedAt => m_willBeRevokedAt;
+
+ public virtual DerGeneralizedTime BadSinceDate => m_badSinceDate;
+
+ public virtual X509Extensions CrlDetails => m_crlDetails;
/**
* <pre>
@@ -79,8 +77,8 @@ namespace Org.BouncyCastle.Asn1.Cmp
*/
public override Asn1Object ToAsn1Object()
{
- Asn1EncodableVector v = new Asn1EncodableVector(status, certId, willBeRevokedAt, badSinceDate);
- v.AddOptional(crlDetails);
+ Asn1EncodableVector v = new Asn1EncodableVector(m_status, m_certID, m_willBeRevokedAt, m_badSinceDate);
+ v.AddOptional(m_crlDetails);
return new DerSequence(v);
}
}
diff --git a/crypto/src/asn1/cmp/RevDetails.cs b/crypto/src/asn1/cmp/RevDetails.cs
index 7d2a65ab9..9472d7775 100644
--- a/crypto/src/asn1/cmp/RevDetails.cs
+++ b/crypto/src/asn1/cmp/RevDetails.cs
@@ -1,56 +1,61 @@
-using System;
-
using Org.BouncyCastle.Asn1.Crmf;
using Org.BouncyCastle.Asn1.X509;
-using Org.BouncyCastle.Utilities;
namespace Org.BouncyCastle.Asn1.Cmp
{
- public class RevDetails
+ /**
+ * <pre>
+ * RevDetails ::= SEQUENCE {
+ * certDetails CertTemplate,
+ * -- allows requester to specify as much as they can about
+ * -- the cert. for which revocation is requested
+ * -- (e.g., for cases in which serialNumber is not available)
+ * crlEntryDetails Extensions OPTIONAL
+ * -- requested crlEntryExtensions
+ * }
+ * </pre>
+ */
+ public class RevDetails
: Asn1Encodable
{
- private readonly CertTemplate certDetails;
- private readonly X509Extensions crlEntryDetails;
+ public static RevDetails GetInstance(object obj)
+ {
+ if (obj is RevDetails revDetails)
+ return revDetails;
- private RevDetails(Asn1Sequence seq)
- {
- certDetails = CertTemplate.GetInstance(seq[0]);
- crlEntryDetails = seq.Count <= 1
- ? null
- : X509Extensions.GetInstance(seq[1]);
- }
+ if (obj != null)
+ return new RevDetails(Asn1Sequence.GetInstance(obj));
- public static RevDetails GetInstance(object obj)
- {
- if (obj is RevDetails)
- return (RevDetails)obj;
+ return null;
+ }
- if (obj is Asn1Sequence)
- return new RevDetails((Asn1Sequence)obj);
+ private readonly CertTemplate m_certDetails;
+ private readonly X509Extensions m_crlEntryDetails;
- throw new ArgumentException("Invalid object: " + Platform.GetTypeName(obj), "obj");
+ private RevDetails(Asn1Sequence seq)
+ {
+ m_certDetails = CertTemplate.GetInstance(seq[0]);
+
+ if (seq.Count > 1)
+ {
+ m_crlEntryDetails = X509Extensions.GetInstance(seq[1]);
+ }
}
public RevDetails(CertTemplate certDetails)
- : this(certDetails, null)
+ : this(certDetails, null)
{
}
public RevDetails(CertTemplate certDetails, X509Extensions crlEntryDetails)
{
- this.certDetails = certDetails;
- this.crlEntryDetails = crlEntryDetails;
+ m_certDetails = certDetails;
+ m_crlEntryDetails = crlEntryDetails;
}
- public virtual CertTemplate CertDetails
- {
- get { return certDetails; }
- }
+ public virtual CertTemplate CertDetails => m_certDetails;
- public virtual X509Extensions CrlEntryDetails
- {
- get { return crlEntryDetails; }
- }
+ public virtual X509Extensions CrlEntryDetails => m_crlEntryDetails;
/**
* <pre>
@@ -67,8 +72,8 @@ namespace Org.BouncyCastle.Asn1.Cmp
*/
public override Asn1Object ToAsn1Object()
{
- Asn1EncodableVector v = new Asn1EncodableVector(certDetails);
- v.AddOptional(crlEntryDetails);
+ Asn1EncodableVector v = new Asn1EncodableVector(m_certDetails);
+ v.AddOptional(m_crlEntryDetails);
return new DerSequence(v);
}
}
diff --git a/crypto/src/asn1/cmp/RevRepContent.cs b/crypto/src/asn1/cmp/RevRepContent.cs
index 4b3f82b96..841b3cf94 100644
--- a/crypto/src/asn1/cmp/RevRepContent.cs
+++ b/crypto/src/asn1/cmp/RevRepContent.cs
@@ -1,21 +1,43 @@
-using System;
-
using Org.BouncyCastle.Asn1.Crmf;
using Org.BouncyCastle.Asn1.X509;
-using Org.BouncyCastle.Utilities;
namespace Org.BouncyCastle.Asn1.Cmp
{
- public class RevRepContent
+ /**
+ * <pre>
+ * RevRepContent ::= SEQUENCE {
+ * status SEQUENCE SIZE (1..MAX) OF PKIStatusInfo,
+ * -- in same order as was sent in RevReqContent
+ * revCerts [0] SEQUENCE SIZE (1..MAX) OF CertId
+ * OPTIONAL,
+ * -- IDs for which revocation was requested
+ * -- (same order as status)
+ * crls [1] SEQUENCE SIZE (1..MAX) OF CertificateList OPTIONAL
+ * -- the resulting CRLs (there may be more than one)
+ * }
+ *</pre>
+ */
+ public class RevRepContent
: Asn1Encodable
{
- private readonly Asn1Sequence status;
- private readonly Asn1Sequence revCerts;
- private readonly Asn1Sequence crls;
+ public static RevRepContent GetInstance(object obj)
+ {
+ if (obj is RevRepContent revRepContent)
+ return revRepContent;
+
+ if (obj != null)
+ return new RevRepContent(Asn1Sequence.GetInstance(obj));
+
+ return null;
+ }
+
+ private readonly Asn1Sequence m_status;
+ private readonly Asn1Sequence m_revCerts;
+ private readonly Asn1Sequence m_crls;
private RevRepContent(Asn1Sequence seq)
{
- status = Asn1Sequence.GetInstance(seq[0]);
+ m_status = Asn1Sequence.GetInstance(seq[0]);
for (int pos = 1; pos < seq.Count; ++pos)
{
@@ -23,60 +45,34 @@ namespace Org.BouncyCastle.Asn1.Cmp
if (tObj.TagNo == 0)
{
- revCerts = Asn1Sequence.GetInstance(tObj, true);
+ m_revCerts = Asn1Sequence.GetInstance(tObj, true);
}
else
{
- crls = Asn1Sequence.GetInstance(tObj, true);
+ m_crls = Asn1Sequence.GetInstance(tObj, true);
}
}
}
- public static RevRepContent GetInstance(object obj)
- {
- if (obj is RevRepContent)
- return (RevRepContent)obj;
-
- if (obj is Asn1Sequence)
- return new RevRepContent((Asn1Sequence)obj);
-
- throw new ArgumentException("Invalid object: " + Platform.GetTypeName(obj), "obj");
- }
-
public virtual PkiStatusInfo[] GetStatus()
{
- PkiStatusInfo[] results = new PkiStatusInfo[status.Count];
- for (int i = 0; i != results.Length; ++i)
- {
- results[i] = PkiStatusInfo.GetInstance(status[i]);
- }
- return results;
+ return m_status.MapElements(PkiStatusInfo.GetInstance);
}
public virtual CertId[] GetRevCerts()
{
- if (revCerts == null)
+ if (m_revCerts == null)
return null;
- CertId[] results = new CertId[revCerts.Count];
- for (int i = 0; i != results.Length; ++i)
- {
- results[i] = CertId.GetInstance(revCerts[i]);
- }
- return results;
+ return m_revCerts.MapElements(CertId.GetInstance);
}
public virtual CertificateList[] GetCrls()
{
- if (crls == null)
+ if (m_crls == null)
return null;
- CertificateList[] results = new CertificateList[crls.Count];
- for (int i = 0; i != results.Length; ++i)
- {
- results[i] = CertificateList.GetInstance(crls[i]);
- }
- return results;
+ return m_crls.MapElements(CertificateList.GetInstance);
}
/**
@@ -95,9 +91,9 @@ namespace Org.BouncyCastle.Asn1.Cmp
*/
public override Asn1Object ToAsn1Object()
{
- Asn1EncodableVector v = new Asn1EncodableVector(status);
- v.AddOptionalTagged(true, 0, revCerts);
- v.AddOptionalTagged(true, 1, crls);
+ Asn1EncodableVector v = new Asn1EncodableVector(m_status);
+ v.AddOptionalTagged(true, 0, m_revCerts);
+ v.AddOptionalTagged(true, 1, m_crls);
return new DerSequence(v);
}
}
diff --git a/crypto/src/asn1/cmp/RevRepContentBuilder.cs b/crypto/src/asn1/cmp/RevRepContentBuilder.cs
index cc17d1d4c..f23bed8b5 100644
--- a/crypto/src/asn1/cmp/RevRepContentBuilder.cs
+++ b/crypto/src/asn1/cmp/RevRepContentBuilder.cs
@@ -7,29 +7,29 @@ namespace Org.BouncyCastle.Asn1.Cmp
{
public class RevRepContentBuilder
{
- private readonly Asn1EncodableVector status = new Asn1EncodableVector();
- private readonly Asn1EncodableVector revCerts = new Asn1EncodableVector();
- private readonly Asn1EncodableVector crls = new Asn1EncodableVector();
+ private readonly Asn1EncodableVector m_status = new Asn1EncodableVector();
+ private readonly Asn1EncodableVector m_revCerts = new Asn1EncodableVector();
+ private readonly Asn1EncodableVector m_crls = new Asn1EncodableVector();
public virtual RevRepContentBuilder Add(PkiStatusInfo status)
{
- this.status.Add(status);
+ m_status.Add(status);
return this;
}
public virtual RevRepContentBuilder Add(PkiStatusInfo status, CertId certId)
{
- if (this.status.Count != this.revCerts.Count)
+ if (m_status.Count != m_revCerts.Count)
throw new InvalidOperationException("status and revCerts sequence must be in common order");
- this.status.Add(status);
- this.revCerts.Add(certId);
+ m_status.Add(status);
+ m_revCerts.Add(certId);
return this;
}
public virtual RevRepContentBuilder AddCrl(CertificateList crl)
{
- this.crls.Add(crl);
+ m_crls.Add(crl);
return this;
}
@@ -37,16 +37,16 @@ namespace Org.BouncyCastle.Asn1.Cmp
{
Asn1EncodableVector v = new Asn1EncodableVector();
- v.Add(new DerSequence(status));
+ v.Add(new DerSequence(m_status));
- if (revCerts.Count != 0)
+ if (m_revCerts.Count != 0)
{
- v.Add(new DerTaggedObject(true, 0, new DerSequence(revCerts)));
+ v.Add(new DerTaggedObject(true, 0, new DerSequence(m_revCerts)));
}
- if (crls.Count != 0)
+ if (m_crls.Count != 0)
{
- v.Add(new DerTaggedObject(true, 1, new DerSequence(crls)));
+ v.Add(new DerTaggedObject(true, 1, new DerSequence(m_crls)));
}
return RevRepContent.GetInstance(new DerSequence(v));
diff --git a/crypto/src/asn1/cmp/RevReqContent.cs b/crypto/src/asn1/cmp/RevReqContent.cs
index 1522d3789..c390530a8 100644
--- a/crypto/src/asn1/cmp/RevReqContent.cs
+++ b/crypto/src/asn1/cmp/RevReqContent.cs
@@ -7,37 +7,37 @@ namespace Org.BouncyCastle.Asn1.Cmp
public class RevReqContent
: Asn1Encodable
{
- private readonly Asn1Sequence content;
-
- private RevReqContent(Asn1Sequence seq)
- {
- content = seq;
- }
+ public static RevReqContent GetInstance(object obj)
+ {
+ if (obj is RevReqContent revReqContent)
+ return revReqContent;
- public static RevReqContent GetInstance(object obj)
- {
- if (obj is RevReqContent)
- return (RevReqContent)obj;
+ if (obj != null)
+ return new RevReqContent(Asn1Sequence.GetInstance(obj));
- if (obj is Asn1Sequence)
- return new RevReqContent((Asn1Sequence)obj);
+ return null;
+ }
- throw new ArgumentException("Invalid object: " + Platform.GetTypeName(obj), "obj");
+ private readonly Asn1Sequence m_content;
+
+ private RevReqContent(Asn1Sequence seq)
+ {
+ m_content = seq;
}
- public RevReqContent(params RevDetails[] revDetails)
+ public RevReqContent(RevDetails revDetails)
+ {
+ m_content = new DerSequence(revDetails);
+ }
+
+ public RevReqContent(params RevDetails[] revDetailsArray)
{
- this.content = new DerSequence(revDetails);
+ m_content = new DerSequence(revDetailsArray);
}
public virtual RevDetails[] ToRevDetailsArray()
{
- RevDetails[] result = new RevDetails[content.Count];
- for (int i = 0; i != result.Length; ++i)
- {
- result[i] = RevDetails.GetInstance(content[i]);
- }
- return result;
+ return m_content.MapElements(RevDetails.GetInstance);
}
/**
@@ -48,7 +48,7 @@ namespace Org.BouncyCastle.Asn1.Cmp
*/
public override Asn1Object ToAsn1Object()
{
- return content;
+ return m_content;
}
}
}
diff --git a/crypto/src/asn1/cmp/RootCaKeyUpdateContent.cs b/crypto/src/asn1/cmp/RootCaKeyUpdateContent.cs
new file mode 100644
index 000000000..b1eaf616d
--- /dev/null
+++ b/crypto/src/asn1/cmp/RootCaKeyUpdateContent.cs
@@ -0,0 +1,90 @@
+using System;
+
+namespace Org.BouncyCastle.Asn1.Cmp
+{
+ /**
+ * GenMsg: {id-it 20}, RootCaCertValue | < absent >
+ * GenRep: {id-it 18}, RootCaKeyUpdateContent | < absent >
+ * <p>
+ * RootCaCertValue ::= CMPCertificate
+ * <p>
+ * RootCaKeyUpdateValue ::= RootCaKeyUpdateContent
+ * <p>
+ * RootCaKeyUpdateContent ::= SEQUENCE {
+ * newWithNew CMPCertificate,
+ * newWithOld [0] CMPCertificate OPTIONAL,
+ * oldWithNew [1] CMPCertificate OPTIONAL
+ * }
+ */
+ public class RootCaKeyUpdateContent
+ : Asn1Encodable
+ {
+ public static RootCaKeyUpdateContent GetInstance(object obj)
+ {
+ if (obj is RootCaKeyUpdateContent rootCaKeyUpdateContent)
+ return rootCaKeyUpdateContent;
+
+ if (obj != null)
+ return new RootCaKeyUpdateContent(Asn1Sequence.GetInstance(obj));
+
+ return null;
+ }
+
+ private readonly CmpCertificate m_newWithNew;
+ private readonly CmpCertificate m_newWithOld;
+ private readonly CmpCertificate m_oldWithNew;
+
+ public RootCaKeyUpdateContent(CmpCertificate newWithNew, CmpCertificate newWithOld, CmpCertificate oldWithNew)
+ {
+ if (newWithNew == null)
+ throw new ArgumentNullException(nameof(newWithNew));
+
+ m_newWithNew = newWithNew;
+ m_newWithOld = newWithOld;
+ m_oldWithNew = oldWithNew;
+ }
+
+ private RootCaKeyUpdateContent(Asn1Sequence seq)
+ {
+ if (seq.Count < 1 || seq.Count > 3)
+ throw new ArgumentException("expected sequence of 1 to 3 elements only");
+
+ CmpCertificate newWithNew;
+ CmpCertificate newWithOld = null;
+ CmpCertificate oldWithNew = null;
+
+ newWithNew = CmpCertificate.GetInstance(seq[0]);
+
+ for (int pos = 1; pos < seq.Count; ++pos)
+ {
+ Asn1TaggedObject ato = Asn1TaggedObject.GetInstance(seq[pos]);
+ if (ato.TagNo == 0)
+ {
+ newWithOld = CmpCertificate.GetInstance(ato, true);
+ }
+ else if (ato.TagNo == 1)
+ {
+ oldWithNew = CmpCertificate.GetInstance(ato, true);
+ }
+ }
+
+ m_newWithNew = newWithNew;
+ m_newWithOld = newWithOld;
+ m_oldWithNew = oldWithNew;
+ }
+
+ public virtual CmpCertificate NewWithNew => m_newWithNew;
+
+ public virtual CmpCertificate NewWithOld => m_newWithOld;
+
+ public virtual CmpCertificate OldWithNew => m_oldWithNew;
+
+ public override Asn1Object ToAsn1Object()
+ {
+ Asn1EncodableVector v = new Asn1EncodableVector(m_newWithNew);
+ v.AddOptionalTagged(true, 0, m_newWithOld);
+ v.AddOptionalTagged(true, 1, m_oldWithNew);
+ return new DerSequence(v);
+ }
+ }
+}
diff --git a/crypto/src/asn1/crmf/EncryptedKey.cs b/crypto/src/asn1/crmf/EncryptedKey.cs
index 850fbd219..d4ff250c5 100644
--- a/crypto/src/asn1/crmf/EncryptedKey.cs
+++ b/crypto/src/asn1/crmf/EncryptedKey.cs
@@ -1,58 +1,44 @@
-using System;
-
-using Org.BouncyCastle.Asn1.Cms;
+using Org.BouncyCastle.Asn1.Cms;
namespace Org.BouncyCastle.Asn1.Crmf
{
public class EncryptedKey
: Asn1Encodable, IAsn1Choice
{
- private readonly EnvelopedData envelopedData;
- private readonly EncryptedValue encryptedValue;
-
- public static EncryptedKey GetInstance(object o)
+ public static EncryptedKey GetInstance(object obj)
{
- if (o is EncryptedKey)
- {
- return (EncryptedKey)o;
- }
- else if (o is Asn1TaggedObject)
- {
- return new EncryptedKey(EnvelopedData.GetInstance((Asn1TaggedObject)o, false));
- }
- else if (o is EncryptedValue)
- {
- return new EncryptedKey((EncryptedValue)o);
- }
- else
- {
- return new EncryptedKey(EncryptedValue.GetInstance(o));
- }
+ if (obj is EncryptedKey encryptedKey)
+ return encryptedKey;
+
+ if (obj is Asn1TaggedObject taggedObject)
+ return new EncryptedKey(EnvelopedData.GetInstance(taggedObject, false));
+
+ return new EncryptedKey(EncryptedValue.GetInstance(obj));
}
+ private readonly EnvelopedData m_envelopedData;
+ private readonly EncryptedValue m_encryptedValue;
+
public EncryptedKey(EnvelopedData envelopedData)
{
- this.envelopedData = envelopedData;
+ m_envelopedData = envelopedData;
}
public EncryptedKey(EncryptedValue encryptedValue)
{
- this.encryptedValue = encryptedValue;
+ m_encryptedValue = encryptedValue;
}
- public virtual bool IsEncryptedValue
- {
- get { return encryptedValue != null; }
- }
+ public virtual bool IsEncryptedValue => m_encryptedValue != null;
public virtual Asn1Encodable Value
{
get
{
- if (encryptedValue != null)
- return encryptedValue;
+ if (m_encryptedValue != null)
+ return m_encryptedValue;
- return envelopedData;
+ return m_envelopedData;
}
}
@@ -67,12 +53,10 @@ namespace Org.BouncyCastle.Asn1.Crmf
*/
public override Asn1Object ToAsn1Object()
{
- if (encryptedValue != null)
- {
- return encryptedValue.ToAsn1Object();
- }
+ if (m_encryptedValue != null)
+ return m_encryptedValue.ToAsn1Object();
- return new DerTaggedObject(false, 0, envelopedData);
+ return new DerTaggedObject(false, 0, m_envelopedData);
}
}
}
diff --git a/crypto/src/asn1/crmf/EncryptedValue.cs b/crypto/src/asn1/crmf/EncryptedValue.cs
index 7c5cf18b4..ad3a4c3f7 100644
--- a/crypto/src/asn1/crmf/EncryptedValue.cs
+++ b/crypto/src/asn1/crmf/EncryptedValue.cs
@@ -7,6 +7,17 @@ namespace Org.BouncyCastle.Asn1.Crmf
public class EncryptedValue
: Asn1Encodable
{
+ public static EncryptedValue GetInstance(object obj)
+ {
+ if (obj is EncryptedValue)
+ return (EncryptedValue)obj;
+
+ if (obj != null)
+ return new EncryptedValue(Asn1Sequence.GetInstance(obj));
+
+ return null;
+ }
+
private readonly AlgorithmIdentifier intendedAlg;
private readonly AlgorithmIdentifier symmAlg;
private readonly DerBitString encSymmKey;
@@ -17,45 +28,31 @@ namespace Org.BouncyCastle.Asn1.Crmf
private EncryptedValue(Asn1Sequence seq)
{
int index = 0;
- while (seq[index] is Asn1TaggedObject)
+ while (seq[index++] is Asn1TaggedObject tObj)
{
- Asn1TaggedObject tObj = (Asn1TaggedObject)seq[index];
-
switch (tObj.TagNo)
{
- case 0:
- intendedAlg = AlgorithmIdentifier.GetInstance(tObj, false);
- break;
- case 1:
- symmAlg = AlgorithmIdentifier.GetInstance(tObj, false);
- break;
- case 2:
- encSymmKey = DerBitString.GetInstance(tObj, false);
- break;
- case 3:
- keyAlg = AlgorithmIdentifier.GetInstance(tObj, false);
- break;
- case 4:
- valueHint = Asn1OctetString.GetInstance(tObj, false);
- break;
+ case 0:
+ intendedAlg = AlgorithmIdentifier.GetInstance(tObj, false);
+ break;
+ case 1:
+ symmAlg = AlgorithmIdentifier.GetInstance(tObj, false);
+ break;
+ case 2:
+ encSymmKey = DerBitString.GetInstance(tObj, false);
+ break;
+ case 3:
+ keyAlg = AlgorithmIdentifier.GetInstance(tObj, false);
+ break;
+ case 4:
+ valueHint = Asn1OctetString.GetInstance(tObj, false);
+ break;
}
- ++index;
}
encValue = DerBitString.GetInstance(seq[index]);
}
- public static EncryptedValue GetInstance(object obj)
- {
- if (obj is EncryptedValue)
- return (EncryptedValue)obj;
-
- if (obj != null)
- return new EncryptedValue(Asn1Sequence.GetInstance(obj));
-
- return null;
- }
-
public EncryptedValue(
AlgorithmIdentifier intendedAlg,
AlgorithmIdentifier symmAlg,
@@ -65,9 +62,7 @@ namespace Org.BouncyCastle.Asn1.Crmf
DerBitString encValue)
{
if (encValue == null)
- {
- throw new ArgumentNullException("encValue");
- }
+ throw new ArgumentNullException(nameof(encValue));
this.intendedAlg = intendedAlg;
this.symmAlg = symmAlg;
@@ -109,6 +104,7 @@ namespace Org.BouncyCastle.Asn1.Crmf
/**
* <pre>
+ * (IMPLICIT TAGS)
* EncryptedValue ::= SEQUENCE {
* intendedAlg [0] AlgorithmIdentifier OPTIONAL,
* -- the intended algorithm for which the value will be used
|
