diff options
| author | Peter Dettman <peter.dettman@bouncycastle.org> | 2022-09-20 14:07:11 +0700 |
|---|---|---|
| committer | Peter Dettman <peter.dettman@bouncycastle.org> | 2022-09-20 14:07:11 +0700 |
| commit | c17e29d769cf8a87402ff4d819d334389a7faca4 (patch) | |
| tree | e60811ecfc45b6c229ce2e87d8b4a6db6d9f2da9 /crypto | |
| parent | added randomized signing (diff) | |
| download | BouncyCastle.NET-ed25519-c17e29d769cf8a87402ff4d819d334389a7faca4.tar.xz | |
Update Asn1.Cmp from bc-java
Diffstat (limited to 'crypto')
44 files changed, 2051 insertions, 1253 deletions
diff --git a/crypto/src/asn1/cmp/CAKeyUpdAnnContent.cs b/crypto/src/asn1/cmp/CAKeyUpdAnnContent.cs index b74bac87a..a3ec5e4df 100644 --- a/crypto/src/asn1/cmp/CAKeyUpdAnnContent.cs +++ b/crypto/src/asn1/cmp/CAKeyUpdAnnContent.cs @@ -7,42 +7,33 @@ namespace Org.BouncyCastle.Asn1.Cmp public class CAKeyUpdAnnContent : Asn1Encodable { - private readonly CmpCertificate oldWithNew; - private readonly CmpCertificate newWithOld; - private readonly CmpCertificate newWithNew; + public static CAKeyUpdAnnContent GetInstance(object obj) + { + if (obj is CAKeyUpdAnnContent content) + return content; - private CAKeyUpdAnnContent(Asn1Sequence seq) - { - oldWithNew = CmpCertificate.GetInstance(seq[0]); - newWithOld = CmpCertificate.GetInstance(seq[1]); - newWithNew = CmpCertificate.GetInstance(seq[2]); - } + if (obj is Asn1Sequence seq) + return new CAKeyUpdAnnContent(seq); - public static CAKeyUpdAnnContent GetInstance(object obj) - { - if (obj is CAKeyUpdAnnContent) - return (CAKeyUpdAnnContent)obj; + throw new ArgumentException("Invalid object: " + Platform.GetTypeName(obj), nameof(obj)); + } - if (obj is Asn1Sequence) - return new CAKeyUpdAnnContent((Asn1Sequence)obj); + private readonly CmpCertificate m_oldWithNew; + private readonly CmpCertificate m_newWithOld; + private readonly CmpCertificate m_newWithNew; - throw new ArgumentException("Invalid object: " + Platform.GetTypeName(obj), "obj"); - } - - public virtual CmpCertificate OldWithNew - { - get { return oldWithNew; } - } - - public virtual CmpCertificate NewWithOld + private CAKeyUpdAnnContent(Asn1Sequence seq) { - get { return newWithOld; } + m_oldWithNew = CmpCertificate.GetInstance(seq[0]); + m_newWithOld = CmpCertificate.GetInstance(seq[1]); + m_newWithNew = CmpCertificate.GetInstance(seq[2]); } - public virtual CmpCertificate NewWithNew - { - get { return newWithNew; } - } + public virtual CmpCertificate OldWithNew => m_oldWithNew; + + public virtual CmpCertificate NewWithOld => m_newWithOld; + + public virtual CmpCertificate NewWithNew => m_newWithNew; /** * <pre> @@ -56,7 +47,7 @@ namespace Org.BouncyCastle.Asn1.Cmp */ public override Asn1Object ToAsn1Object() { - return new DerSequence(oldWithNew, newWithOld, newWithNew); + return new DerSequence(m_oldWithNew, m_newWithOld, m_newWithNew); } } } diff --git a/crypto/src/asn1/cmp/CertAnnContent.cs b/crypto/src/asn1/cmp/CertAnnContent.cs new file mode 100644 index 000000000..df0188746 --- /dev/null +++ b/crypto/src/asn1/cmp/CertAnnContent.cs @@ -0,0 +1,72 @@ +using System; +using System.IO; + +using Org.BouncyCastle.Asn1.X509; +using Org.BouncyCastle.Utilities; + +namespace Org.BouncyCastle.Asn1.Cmp +{ + /** + * CertAnnContent ::= CMPCertificate + */ + public class CertAnnContent + : CmpCertificate + { + public static CertAnnContent GetInstance(object obj) + { + // TODO[cmp] + if (obj == null) + return null; + + if (obj is CertAnnContent content) + return content; + + if (obj is CmpCertificate cmpCertificate) + return GetInstance(cmpCertificate.GetEncoded()); + + if (obj is byte[] bs) + { + try + { + obj = Asn1Object.FromByteArray(bs); + } + catch (IOException) + { + throw new ArgumentException("Invalid encoding in CertAnnContent"); + } + } + + if (obj is Asn1Sequence) + return new CertAnnContent(X509CertificateStructure.GetInstance(obj)); + + // TODO[cmp] + if (obj is Asn1TaggedObject taggedObject) + return new CertAnnContent(taggedObject.TagNo, taggedObject.GetObject()); + + throw new ArgumentException("Invalid object: " + Platform.GetTypeName(obj), nameof(obj)); + } + + public static CertAnnContent GetInstance(Asn1TaggedObject taggedObject, bool declaredExplicit) + { + // TODO[cmp] + if (taggedObject == null) + return null; + + if (!declaredExplicit) + throw new ArgumentException("tag must be explicit"); + + // TODO[cmp] + return GetInstance(taggedObject.GetObject()); + } + + public CertAnnContent(int type, Asn1Object otherCert) + : base(type, otherCert) + { + } + + public CertAnnContent(X509CertificateStructure x509v3PKCert) + : base(x509v3PKCert) + { + } + } +} diff --git a/crypto/src/asn1/cmp/CertConfirmContent.cs b/crypto/src/asn1/cmp/CertConfirmContent.cs index 370a9e7d6..8e75dfbd0 100644 --- a/crypto/src/asn1/cmp/CertConfirmContent.cs +++ b/crypto/src/asn1/cmp/CertConfirmContent.cs @@ -7,32 +7,27 @@ namespace Org.BouncyCastle.Asn1.Cmp public class CertConfirmContent : Asn1Encodable { - private readonly Asn1Sequence content; - - private CertConfirmContent(Asn1Sequence seq) - { - content = seq; - } - public static CertConfirmContent GetInstance(object obj) { - if (obj is CertConfirmContent) - return (CertConfirmContent)obj; + if (obj is CertConfirmContent content) + return content; - if (obj is Asn1Sequence) - return new CertConfirmContent((Asn1Sequence)obj); + if (obj is Asn1Sequence seq) + return new CertConfirmContent(seq); - throw new ArgumentException("Invalid object: " + Platform.GetTypeName(obj), "obj"); + throw new ArgumentException("Invalid object: " + Platform.GetTypeName(obj), nameof(obj)); } - public virtual CertStatus[] ToCertStatusArray() + private readonly Asn1Sequence m_content; + + private CertConfirmContent(Asn1Sequence seq) + { + m_content = seq; + } + + public virtual CertStatus[] ToCertStatusArray() { - CertStatus[] result = new CertStatus[content.Count]; - for (int i = 0; i != result.Length; i++) - { - result[i] = CertStatus.GetInstance(content[i]); - } - return result; + return m_content.MapElements(CertStatus.GetInstance); } /** @@ -43,7 +38,7 @@ namespace Org.BouncyCastle.Asn1.Cmp */ public override Asn1Object ToAsn1Object() { - return content; + return m_content; } } } diff --git a/crypto/src/asn1/cmp/CertOrEncCert.cs b/crypto/src/asn1/cmp/CertOrEncCert.cs index eb200e1e8..e517b66ce 100644 --- a/crypto/src/asn1/cmp/CertOrEncCert.cs +++ b/crypto/src/asn1/cmp/CertOrEncCert.cs @@ -8,79 +8,79 @@ namespace Org.BouncyCastle.Asn1.Cmp public class CertOrEncCert : Asn1Encodable, IAsn1Choice { - private readonly CmpCertificate certificate; - private readonly EncryptedValue encryptedCert; + public static CertOrEncCert GetInstance(object obj) + { + if (obj is CertOrEncCert certOrEncCert) + return certOrEncCert; - private CertOrEncCert(Asn1TaggedObject tagged) + if (obj is Asn1TaggedObject taggedObject) + return new CertOrEncCert(taggedObject); + + throw new ArgumentException("Invalid object: " + Platform.GetTypeName(obj), nameof(obj)); + } + + private readonly CmpCertificate m_certificate; + private readonly EncryptedKey m_encryptedCert; + + private CertOrEncCert(Asn1TaggedObject taggedObject) { - if (tagged.TagNo == 0) + if (taggedObject.TagNo == 0) { - certificate = CmpCertificate.GetInstance(tagged.GetObject()); + m_certificate = CmpCertificate.GetInstance(taggedObject.GetObject()); } - else if (tagged.TagNo == 1) + else if (taggedObject.TagNo == 1) { - encryptedCert = EncryptedValue.GetInstance(tagged.GetObject()); + m_encryptedCert = EncryptedKey.GetInstance(taggedObject.GetObject()); } else { - throw new ArgumentException("unknown tag: " + tagged.TagNo, "tagged"); - } - } - - public static CertOrEncCert GetInstance(object obj) - { - if (obj is CertOrEncCert) - return (CertOrEncCert)obj; - - if (obj is Asn1TaggedObject) - return new CertOrEncCert((Asn1TaggedObject)obj); - - throw new ArgumentException("Invalid object: " + Platform.GetTypeName(obj), "obj"); - } + throw new ArgumentException("unknown tag: " + taggedObject.TagNo, nameof(taggedObject)); + } + } public CertOrEncCert(CmpCertificate certificate) { if (certificate == null) - throw new ArgumentNullException("certificate"); + throw new ArgumentNullException(nameof(certificate)); - this.certificate = certificate; + m_certificate = certificate; } - public CertOrEncCert(EncryptedValue encryptedCert) + public CertOrEncCert(EncryptedValue encryptedValue) { - if (encryptedCert == null) - throw new ArgumentNullException("encryptedCert"); + if (encryptedValue == null) + throw new ArgumentNullException(nameof(encryptedValue)); - this.encryptedCert = encryptedCert; + m_encryptedCert = new EncryptedKey(encryptedValue); } - public virtual CmpCertificate Certificate - { - get { return certificate; } - } + public CertOrEncCert(EncryptedKey encryptedKey) + { + if (encryptedKey == null) + throw new ArgumentNullException(nameof(encryptedKey)); - public virtual EncryptedValue EncryptedCert - { - get { return encryptedCert; } - } + m_encryptedCert = encryptedKey; + } - /** + public virtual CmpCertificate Certificate => m_certificate; + + public virtual EncryptedKey EncryptedCert => m_encryptedCert; + + /** * <pre> * CertOrEncCert ::= CHOICE { * certificate [0] CMPCertificate, - * encryptedCert [1] EncryptedValue + * encryptedCert [1] EncryptedKey * } * </pre> * @return a basic ASN.1 object representation. */ - public override Asn1Object ToAsn1Object() + public override Asn1Object ToAsn1Object() { - if (certificate != null) - { - return new DerTaggedObject(true, 0, certificate); - } + if (m_certificate != null) + return new DerTaggedObject(true, 0, m_certificate); - return new DerTaggedObject(true, 1, encryptedCert); + return new DerTaggedObject(true, 1, m_encryptedCert); } } } diff --git a/crypto/src/asn1/cmp/CertRepMessage.cs b/crypto/src/asn1/cmp/CertRepMessage.cs index d24dd963b..696cfde47 100644 --- a/crypto/src/asn1/cmp/CertRepMessage.cs +++ b/crypto/src/asn1/cmp/CertRepMessage.cs @@ -7,8 +7,19 @@ namespace Org.BouncyCastle.Asn1.Cmp public class CertRepMessage : Asn1Encodable { - private readonly Asn1Sequence caPubs; - private readonly Asn1Sequence response; + public static CertRepMessage GetInstance(object obj) + { + if (obj is CertRepMessage certRepMessage) + return certRepMessage; + + if (obj != null) + return new CertRepMessage(Asn1Sequence.GetInstance(obj)); + + return null; + } + + private readonly Asn1Sequence m_caPubs; + private readonly Asn1Sequence m_response; private CertRepMessage(Asn1Sequence seq) { @@ -16,57 +27,33 @@ namespace Org.BouncyCastle.Asn1.Cmp if (seq.Count > 1) { - caPubs = Asn1Sequence.GetInstance((Asn1TaggedObject)seq[index++], true); + m_caPubs = Asn1Sequence.GetInstance((Asn1TaggedObject)seq[index++], true); } - response = Asn1Sequence.GetInstance(seq[index]); - } - - public static CertRepMessage GetInstance(object obj) - { - if (obj is CertRepMessage) - return (CertRepMessage)obj; - - if (obj is Asn1Sequence) - return new CertRepMessage((Asn1Sequence)obj); - - throw new ArgumentException("Invalid object: " + Platform.GetTypeName(obj), "obj"); + m_response = Asn1Sequence.GetInstance(seq[index]); } public CertRepMessage(CmpCertificate[] caPubs, CertResponse[] response) { if (response == null) - throw new ArgumentNullException("response"); + throw new ArgumentNullException(nameof(response)); if (caPubs != null) { - this.caPubs = new DerSequence(caPubs); + m_caPubs = new DerSequence(caPubs); } - this.response = new DerSequence(response); + m_response = new DerSequence(response); } public virtual CmpCertificate[] GetCAPubs() { - if (caPubs == null) - return null; - - CmpCertificate[] results = new CmpCertificate[caPubs.Count]; - for (int i = 0; i != results.Length; ++i) - { - results[i] = CmpCertificate.GetInstance(caPubs[i]); - } - return results; + return m_caPubs == null ? null : m_caPubs.MapElements(CmpCertificate.GetInstance); } public virtual CertResponse[] GetResponse() { - CertResponse[] results = new CertResponse[response.Count]; - for (int i = 0; i != results.Length; ++i) - { - results[i] = CertResponse.GetInstance(response[i]); - } - return results; + return m_response.MapElements(CertResponse.GetInstance); } /** @@ -81,9 +68,9 @@ namespace Org.BouncyCastle.Asn1.Cmp */ public override Asn1Object ToAsn1Object() { - Asn1EncodableVector v = new Asn1EncodableVector(); - v.AddOptionalTagged(true, 1, caPubs); - v.Add(response); + Asn1EncodableVector v = new Asn1EncodableVector(2); + v.AddOptionalTagged(true, 1, m_caPubs); + v.Add(m_response); return new DerSequence(v); } } diff --git a/crypto/src/asn1/cmp/CertReqTemplateContent.cs b/crypto/src/asn1/cmp/CertReqTemplateContent.cs new file mode 100644 index 000000000..b229cd28b --- /dev/null +++ b/crypto/src/asn1/cmp/CertReqTemplateContent.cs @@ -0,0 +1,66 @@ +using System; + +using Org.BouncyCastle.Asn1.Crmf; + +namespace Org.BouncyCastle.Asn1.Cmp +{ + /** + * GenMsg: {id-it 19}, < absent > + * GenRep: {id-it 19}, CertReqTemplateContent | < absent > + * <p> + * CertReqTemplateValue ::= CertReqTemplateContent + * <p> + * CertReqTemplateContent ::= SEQUENCE { + * certTemplate CertTemplate, + * keySpec Controls OPTIONAL } + * <p> + * Controls ::= SEQUENCE SIZE (1..MAX) OF AttributeTypeAndValue + */ + public class CertReqTemplateContent + : Asn1Encodable + { + public static CertReqTemplateContent GetInstance(object obj) + { + if (obj is CertReqTemplateContent certReqTemplateContent) + return certReqTemplateContent; + + if (obj != null) + return new CertReqTemplateContent(Asn1Sequence.GetInstance(obj)); + + return null; + } + + private readonly CertTemplate m_certTemplate; + private readonly Asn1Sequence m_keySpec; + + private CertReqTemplateContent(Asn1Sequence seq) + { + if (seq.Count != 1 && seq.Count != 2) + throw new ArgumentException("expected sequence size of 1 or 2"); + + m_certTemplate = CertTemplate.GetInstance(seq[0]); + + if (seq.Count > 1) + { + m_keySpec = Asn1Sequence.GetInstance(seq[1]); + } + } + + public CertReqTemplateContent(CertTemplate certTemplate, Asn1Sequence keySpec) + { + m_certTemplate = certTemplate; + m_keySpec = keySpec; + } + + public virtual CertTemplate CertTemplate => m_certTemplate; + + public virtual Asn1Sequence KeySpec => m_keySpec; + + public override Asn1Object ToAsn1Object() + { + Asn1EncodableVector v = new Asn1EncodableVector(m_certTemplate); + v.AddOptional(m_keySpec); + return new DerSequence(v); + } + } +} diff --git a/crypto/src/asn1/cmp/CertResponse.cs b/crypto/src/asn1/cmp/CertResponse.cs index 843fd9299..72a44c93e 100644 --- a/crypto/src/asn1/cmp/CertResponse.cs +++ b/crypto/src/asn1/cmp/CertResponse.cs @@ -1,21 +1,30 @@ using System; -using Org.BouncyCastle.Utilities; - namespace Org.BouncyCastle.Asn1.Cmp { public class CertResponse : Asn1Encodable { - private readonly DerInteger certReqId; - private readonly PkiStatusInfo status; - private readonly CertifiedKeyPair certifiedKeyPair; - private readonly Asn1OctetString rspInfo; + public static CertResponse GetInstance(object obj) + { + if (obj is CertResponse certResponse) + return certResponse; + + if (obj != null) + return new CertResponse(Asn1Sequence.GetInstance(obj)); + + return null; + } + + private readonly DerInteger m_certReqId; + private readonly PkiStatusInfo m_status; + private readonly CertifiedKeyPair m_certifiedKeyPair; + private readonly Asn1OctetString m_rspInfo; private CertResponse(Asn1Sequence seq) { - certReqId = DerInteger.GetInstance(seq[0]); - status = PkiStatusInfo.GetInstance(seq[1]); + m_certReqId = DerInteger.GetInstance(seq[0]); + m_status = PkiStatusInfo.GetInstance(seq[1]); if (seq.Count >= 3) { @@ -24,71 +33,46 @@ namespace Org.BouncyCastle.Asn1.Cmp Asn1Encodable o = seq[2]; if (o is Asn1OctetString) { - rspInfo = Asn1OctetString.GetInstance(o); + m_rspInfo = Asn1OctetString.GetInstance(o); } else { - certifiedKeyPair = CertifiedKeyPair.GetInstance(o); + m_certifiedKeyPair = CertifiedKeyPair.GetInstance(o); } } else { - certifiedKeyPair = CertifiedKeyPair.GetInstance(seq[2]); - rspInfo = Asn1OctetString.GetInstance(seq[3]); + m_certifiedKeyPair = CertifiedKeyPair.GetInstance(seq[2]); + m_rspInfo = Asn1OctetString.GetInstance(seq[3]); } } } - public static CertResponse GetInstance(object obj) - { - if (obj is CertResponse) - return (CertResponse)obj; - - if (obj is Asn1Sequence) - return new CertResponse((Asn1Sequence)obj); - - throw new ArgumentException("Invalid object: " + Platform.GetTypeName(obj), "obj"); - } - - public CertResponse( - DerInteger certReqId, - PkiStatusInfo status) + public CertResponse(DerInteger certReqId, PkiStatusInfo status) : this(certReqId, status, null, null) { } - public CertResponse( - DerInteger certReqId, - PkiStatusInfo status, - CertifiedKeyPair certifiedKeyPair, - Asn1OctetString rspInfo) - { - if (certReqId == null) - throw new ArgumentNullException("certReqId"); + public CertResponse(DerInteger certReqId, PkiStatusInfo status, CertifiedKeyPair certifiedKeyPair, + Asn1OctetString rspInfo) + { + if (certReqId == null) + throw new ArgumentNullException(nameof(certReqId)); if (status == null) - throw new ArgumentNullException("status"); + throw new ArgumentNullException(nameof(status)); - this.certReqId = certReqId; - this.status = status; - this.certifiedKeyPair = certifiedKeyPair; - this.rspInfo = rspInfo; + m_certReqId = certReqId; + m_status = status; + m_certifiedKeyPair = certifiedKeyPair; + m_rspInfo = rspInfo; } - public virtual DerInteger CertReqID - { - get { return certReqId; } - } + public virtual DerInteger CertReqID => m_certReqId; - public virtual PkiStatusInfo Status - { - get { return status; } - } + public virtual PkiStatusInfo Status => m_status; - public virtual CertifiedKeyPair CertifiedKeyPair - { - get { return certifiedKeyPair; } - } + public virtual CertifiedKeyPair CertifiedKeyPair => m_certifiedKeyPair; /** * <pre> @@ -108,8 +92,8 @@ namespace Org.BouncyCastle.Asn1.Cmp */ public override Asn1Object ToAsn1Object() { - Asn1EncodableVector v = new Asn1EncodableVector(certReqId, status); - v.AddOptional(certifiedKeyPair, rspInfo); + Asn1EncodableVector v = new Asn1EncodableVector(m_certReqId, m_status); + v.AddOptional(m_certifiedKeyPair, m_rspInfo); return new DerSequence(v); } } diff --git a/crypto/src/asn1/cmp/CertStatus.cs b/crypto/src/asn1/cmp/CertStatus.cs index d437b57b2..6eb36c6fb 100644 --- a/crypto/src/asn1/cmp/CertStatus.cs +++ b/crypto/src/asn1/cmp/CertStatus.cs @@ -1,84 +1,102 @@ using System; +using Org.BouncyCastle.Asn1.X509; using Org.BouncyCastle.Math; -using Org.BouncyCastle.Utilities; namespace Org.BouncyCastle.Asn1.Cmp { public class CertStatus : Asn1Encodable { - private readonly Asn1OctetString certHash; - private readonly DerInteger certReqId; - private readonly PkiStatusInfo statusInfo; + public static CertStatus GetInstance(object obj) + { + if (obj is CertStatus certStatus) + return certStatus; - private CertStatus(Asn1Sequence seq) + if (obj != null) + return new CertStatus(Asn1Sequence.GetInstance(obj)); + + return null; + } + + private readonly Asn1OctetString m_certHash; + private readonly DerInteger m_certReqID; + private readonly PkiStatusInfo m_statusInfo; + private readonly AlgorithmIdentifier m_hashAlg; + + private CertStatus(Asn1Sequence seq) { - certHash = Asn1OctetString.GetInstance(seq[0]); - certReqId = DerInteger.GetInstance(seq[1]); + m_certHash = Asn1OctetString.GetInstance(seq[0]); + m_certReqID = DerInteger.GetInstance(seq[1]); if (seq.Count > 2) { - statusInfo = PkiStatusInfo.GetInstance(seq[2]); + for (int t = 2; t < seq.Count; t++) + { + Asn1Object p = seq[t].ToAsn1Object(); + if (p is Asn1Sequence s) + { + m_statusInfo = PkiStatusInfo.GetInstance(s); + } + if (p is Asn1TaggedObject dto) + { + if (dto.TagNo != 0) + throw new ArgumentException("unknown tag " + dto.TagNo); + + m_hashAlg = AlgorithmIdentifier.GetInstance(dto, true); + } + } } } - public CertStatus(byte[] certHash, BigInteger certReqId) + public CertStatus(byte[] certHash, BigInteger certReqID) { - this.certHash = new DerOctetString(certHash); - this.certReqId = new DerInteger(certReqId); + m_certHash = new DerOctetString(certHash); + m_certReqID = new DerInteger(certReqID); } - public CertStatus(byte[] certHash, BigInteger certReqId, PkiStatusInfo statusInfo) + public CertStatus(byte[] certHash, BigInteger certReqID, PkiStatusInfo statusInfo) { - this.certHash = new DerOctetString(certHash); - this.certReqId = new DerInteger(certReqId); - this.statusInfo = statusInfo; + m_certHash = new DerOctetString(certHash); + m_certReqID = new DerInteger(certReqID); + m_statusInfo = statusInfo; } - public static CertStatus GetInstance(object obj) - { - if (obj is CertStatus) - return (CertStatus)obj; + public CertStatus(byte[] certHash, BigInteger certReqID, PkiStatusInfo statusInfo, AlgorithmIdentifier hashAlg) + { + m_certHash = new DerOctetString(certHash); + m_certReqID = new DerInteger(certReqID); + m_statusInfo = statusInfo; + m_hashAlg = hashAlg; + } - if (obj is Asn1Sequence) - return new CertStatus((Asn1Sequence)obj); + public virtual Asn1OctetString CertHash => m_certHash; - throw new ArgumentException("Invalid object: " + Platform.GetTypeName(obj), "obj"); - } + public virtual DerInteger CertReqID => m_certReqID; - public virtual Asn1OctetString CertHash - { - get { return certHash; } - } - - public virtual DerInteger CertReqID - { - get { return certReqId; } - } + public virtual PkiStatusInfo StatusInfo => m_statusInfo; - public virtual PkiStatusInfo StatusInfo - { - get { return statusInfo; } - } + public virtual AlgorithmIdentifier HashAlg => m_hashAlg; - /** - * <pre> - * CertStatus ::= SEQUENCE { - * certHash OCTET STRING, - * -- the hash of the certificate, using the same hash algorithm - * -- as is used to create and verify the certificate signature - * certReqId INTEGER, - * -- to match this confirmation with the corresponding req/rep - * statusInfo PKIStatusInfo OPTIONAL - * } - * </pre> - * @return a basic ASN.1 object representation. - */ - public override Asn1Object ToAsn1Object() + /** + * <pre> + * + * CertStatus ::= SEQUENCE { + * certHash OCTET STRING, + * certReqId INTEGER, + * statusInfo PKIStatusInfo OPTIONAL, + * hashAlg [0] AlgorithmIdentifier{DIGEST-ALGORITHM, {...}} OPTIONAL + * } + * + * </pre> + * + * @return a basic ASN.1 object representation. + */ + public override Asn1Object ToAsn1Object() { - Asn1EncodableVector v = new Asn1EncodableVector(certHash, certReqId); - v.AddOptional(statusInfo); + Asn1EncodableVector v = new Asn1EncodableVector(m_certHash, m_certReqID); + v.AddOptional(m_statusInfo); + v.AddOptionalTagged(true, 0, m_hashAlg); return new DerSequence(v); } } diff --git a/crypto/src/asn1/cmp/CertifiedKeyPair.cs b/crypto/src/asn1/cmp/CertifiedKeyPair.cs index 0b1c5d44d..a40a2730a 100644 --- a/crypto/src/asn1/cmp/CertifiedKeyPair.cs +++ b/crypto/src/asn1/cmp/CertifiedKeyPair.cs @@ -1,20 +1,30 @@ using System; using Org.BouncyCastle.Asn1.Crmf; -using Org.BouncyCastle.Utilities; namespace Org.BouncyCastle.Asn1.Cmp { public class CertifiedKeyPair : Asn1Encodable { - private readonly CertOrEncCert certOrEncCert; - private readonly EncryptedValue privateKey; - private readonly PkiPublicationInfo publicationInfo; + public static CertifiedKeyPair GetInstance(object obj) + { + if (obj is CertifiedKeyPair certifiedKeyPair) + return certifiedKeyPair; - private CertifiedKeyPair(Asn1Sequence seq) + if (obj != null) + return new CertifiedKeyPair(Asn1Sequence.GetInstance(obj)); + + return null; + } + + private readonly CertOrEncCert m_certOrEncCert; + private readonly EncryptedKey m_privateKey; + private readonly PkiPublicationInfo m_publicationInfo; + + private CertifiedKeyPair(Asn1Sequence seq) { - certOrEncCert = CertOrEncCert.GetInstance(seq[0]); + m_certOrEncCert = CertOrEncCert.GetInstance(seq[0]); if (seq.Count >= 2) { @@ -23,66 +33,48 @@ namespace Org.BouncyCastle.Asn1.Cmp Asn1TaggedObject tagged = Asn1TaggedObject.GetInstance(seq[1]); if (tagged.TagNo == 0) { - privateKey = EncryptedValue.GetInstance(tagged.GetObject()); + m_privateKey = EncryptedKey.GetInstance(tagged.GetObject()); } else { - publicationInfo = PkiPublicationInfo.GetInstance(tagged.GetObject()); + m_publicationInfo = PkiPublicationInfo.GetInstance(tagged.GetObject()); } } else { - privateKey = EncryptedValue.GetInstance(Asn1TaggedObject.GetInstance(seq[1])); - publicationInfo = PkiPublicationInfo.GetInstance(Asn1TaggedObject.GetInstance(seq[2])); + m_privateKey = EncryptedKey.GetInstance(Asn1TaggedObject.GetInstance(seq[1])); + m_publicationInfo = PkiPublicationInfo.GetInstance(Asn1TaggedObject.GetInstance(seq[2])); } } } - public static CertifiedKeyPair GetInstance(object obj) + public CertifiedKeyPair(CertOrEncCert certOrEncCert) + : this(certOrEncCert, (EncryptedKey)null, null) { - if (obj is CertifiedKeyPair) - return (CertifiedKeyPair)obj; - - if (obj is Asn1Sequence) - return new CertifiedKeyPair((Asn1Sequence)obj); - - throw new ArgumentException("Invalid object: " + Platform.GetTypeName(obj), "obj"); } - public CertifiedKeyPair( - CertOrEncCert certOrEncCert) - : this(certOrEncCert, null, null) - { - } + public CertifiedKeyPair(CertOrEncCert certOrEncCert, EncryptedValue privateKey, + PkiPublicationInfo publicationInfo) + : this(certOrEncCert, privateKey == null ? null : new EncryptedKey(privateKey), publicationInfo) + { + } - public CertifiedKeyPair( - CertOrEncCert certOrEncCert, - EncryptedValue privateKey, - PkiPublicationInfo publicationInfo - ) - { + public CertifiedKeyPair(CertOrEncCert certOrEncCert, EncryptedKey privateKey, + PkiPublicationInfo publicationInfo) + { if (certOrEncCert == null) - throw new ArgumentNullException("certOrEncCert"); + throw new ArgumentNullException(nameof(certOrEncCert)); - this.certOrEncCert = certOrEncCert; - this.privateKey = privateKey; - this.publicationInfo = publicationInfo; - } + m_certOrEncCert = certOrEncCert; + m_privateKey = privateKey; + m_publicationInfo = publicationInfo; + } - public virtual CertOrEncCert CertOrEncCert - { - get { return certOrEncCert; } - } + public virtual CertOrEncCert CertOrEncCert => m_certOrEncCert; - public virtual EncryptedValue PrivateKey - { - get { return privateKey; } - } + public virtual EncryptedKey PrivateKey => m_privateKey; - public virtual PkiPublicationInfo PublicationInfo - { - get { return publicationInfo; } - } + public virtual PkiPublicationInfo PublicationInfo => m_publicationInfo; /** * <pre> @@ -97,9 +89,9 @@ namespace Org.BouncyCastle.Asn1.Cmp */ public override Asn1Object ToAsn1Object() { - Asn1EncodableVector v = new Asn1EncodableVector(certOrEncCert); - v.AddOptionalTagged(true, 0, privateKey); - v.AddOptionalTagged(true, 1, publicationInfo); + Asn1EncodableVector v = new Asn1EncodableVector(m_certOrEncCert); + v.AddOptionalTagged(true, 0, m_privateKey); + v.AddOptionalTagged(true, 1, m_publicationInfo); return new DerSequence(v); } } diff --git a/crypto/src/asn1/cmp/Challenge.cs b/crypto/src/asn1/cmp/Challenge.cs index 016c082e2..ca3d06339 100644 --- a/crypto/src/asn1/cmp/Challenge.cs +++ b/crypto/src/asn1/cmp/Challenge.cs @@ -1,16 +1,52 @@ using System; using Org.BouncyCastle.Asn1.X509; -using Org.BouncyCastle.Utilities; namespace Org.BouncyCastle.Asn1.Cmp { - public class Challenge + /** + * <pre> + * Challenge ::= SEQUENCE { + * owf AlgorithmIdentifier OPTIONAL, + * + * -- MUST be present in the first Challenge; MAY be omitted in + * -- any subsequent Challenge in POPODecKeyChallContent (if + * -- omitted, then the owf used in the immediately preceding + * -- Challenge is to be used). + * + * witness OCTET STRING, + * -- the result of applying the one-way function (owf) to a + * -- randomly-generated INTEGER, A. [Note that a different + * -- INTEGER MUST be used for each Challenge.] + * challenge OCTET STRING + * -- the encryption (under the public key for which the cert. + * -- request is being made) of Rand, where Rand is specified as + * -- Rand ::= SEQUENCE { + * -- int INTEGER, + * -- - the randomly-generated INTEGER A (above) + * -- sender GeneralName + * -- - the sender's name (as included in PKIHeader) + * -- } + * } + * </pre> + */ + public class Challenge : Asn1Encodable { - private readonly AlgorithmIdentifier owf; - private readonly Asn1OctetString witness; - private readonly Asn1OctetString challenge; + public static Challenge GetInstance(object obj) + { + if (obj is Challenge challenge) + return challenge; + + if (obj != null) + return new Challenge(Asn1Sequence.GetInstance(obj)); + + return null; + } + + private readonly AlgorithmIdentifier m_owf; + private readonly Asn1OctetString m_witness; + private readonly Asn1OctetString m_challenge; private Challenge(Asn1Sequence seq) { @@ -18,30 +54,32 @@ namespace Org.BouncyCastle.Asn1.Cmp if (seq.Count == 3) { - owf = AlgorithmIdentifier.GetInstance(seq[index++]); + m_owf = AlgorithmIdentifier.GetInstance(seq[index++]); } - witness = Asn1OctetString.GetInstance(seq[index++]); - challenge = Asn1OctetString.GetInstance(seq[index]); + m_witness = Asn1OctetString.GetInstance(seq[index++]); + m_challenge = Asn1OctetString.GetInstance(seq[index]); } - public static Challenge GetInstance(object obj) - { - if (obj is Challenge) - return (Challenge)obj; + public Challenge(byte[] witness, byte[] challenge) + : this(null, witness, challenge) + { + } - if (obj is Asn1Sequence) - return new Challenge((Asn1Sequence)obj); + public Challenge(AlgorithmIdentifier owf, byte[] witness, byte[] challenge) + { + m_owf = owf; + m_witness = new DerOctetString(witness); + m_challenge = new DerOctetString(challenge); + } - throw new ArgumentException("Invalid object: " + Platform.GetTypeName(obj), "obj"); - } + public virtual AlgorithmIdentifier Owf => m_owf; - public virtual AlgorithmIdentifier Owf - { - get { return owf; } - } + public virtual Asn1OctetString Witness => m_witness; + + public virtual Asn1OctetString ChallengeValue => m_challenge; - /** + /** * <pre> * Challenge ::= SEQUENCE { * owf AlgorithmIdentifier OPTIONAL, @@ -68,12 +106,57 @@ namespace Org.BouncyCastle.Asn1.Cmp * </pre> * @return a basic ASN.1 object representation. */ - public override Asn1Object ToAsn1Object() + public override Asn1Object ToAsn1Object() { Asn1EncodableVector v = new Asn1EncodableVector(); - v.AddOptional(owf); - v.Add(witness, challenge); + v.AddOptional(m_owf); + v.Add(m_witness, m_challenge); return new DerSequence(v); } + + /** + * Rand is the inner type + */ + public class Rand + : Asn1Encodable + { + public static Rand GetInstance(object obj) + { + if (obj is Rand rand) + return rand; + + if (obj != null) + return new Rand(Asn1Sequence.GetInstance(obj)); + + return null; + } + + private readonly DerInteger m_intVal; + private readonly GeneralName m_sender; + + public Rand(DerInteger intVal, GeneralName sender) + { + m_intVal = intVal; + m_sender = sender; + } + + public Rand(Asn1Sequence seq) + { + if (seq.Count != 2) + throw new ArgumentException("expected sequence size of 2"); + + m_intVal = DerInteger.GetInstance(seq[0]); + m_sender = GeneralName.GetInstance(seq[1]); + } + + public virtual DerInteger IntVal => m_intVal; + + public virtual GeneralName Sender => m_sender; + + public override Asn1Object ToAsn1Object() + { + return new DerSequence(m_intVal, m_sender); + } + } } } diff --git a/crypto/src/asn1/cmp/CmpCertificate.cs b/crypto/src/asn1/cmp/CmpCertificate.cs index 33356b486..af433ec4d 100644 --- a/crypto/src/asn1/cmp/CmpCertificate.cs +++ b/crypto/src/asn1/cmp/CmpCertificate.cs @@ -1,4 +1,5 @@ using System; +using System.IO; using Org.BouncyCastle.Asn1.X509; using Org.BouncyCastle.Utilities; @@ -8,54 +9,84 @@ namespace Org.BouncyCastle.Asn1.Cmp public class CmpCertificate : Asn1Encodable, IAsn1Choice { - private readonly X509CertificateStructure x509v3PKCert; - private readonly AttributeCertificate x509v2AttrCert; - - /** - * Note: the addition of attribute certificates is a BC extension. - */ - public CmpCertificate(AttributeCertificate x509v2AttrCert) + public static CmpCertificate GetInstance(object obj) { - this.x509v2AttrCert = x509v2AttrCert; - } + // TODO[cmp] Review this whole metho - public CmpCertificate(X509CertificateStructure x509v3PKCert) - { - if (x509v3PKCert.Version != 3) - throw new ArgumentException("only version 3 certificates allowed", "x509v3PKCert"); + if (obj == null) + return null; - this.x509v3PKCert = x509v3PKCert; - } + if (obj is CmpCertificate cmpCertificate) + return cmpCertificate; - public static CmpCertificate GetInstance(object obj) - { - if (obj is CmpCertificate) - return (CmpCertificate)obj; + if (obj is byte[] bs) + { + try + { + obj = Asn1Object.FromByteArray(bs); + } + catch (IOException) + { + throw new ArgumentException("Invalid encoding in CmpCertificate"); + } + } if (obj is Asn1Sequence) return new CmpCertificate(X509CertificateStructure.GetInstance(obj)); - if (obj is Asn1TaggedObject) - return new CmpCertificate(AttributeCertificate.GetInstance(((Asn1TaggedObject)obj).GetObject())); + if (obj is Asn1TaggedObject taggedObject) + return new CmpCertificate(taggedObject.TagNo, taggedObject.GetObject()); - throw new ArgumentException("Invalid object: " + Platform.GetTypeName(obj), "obj"); + throw new ArgumentException("Invalid object: " + Platform.GetTypeName(obj), nameof(obj)); } - public virtual bool IsX509v3PKCert + public static CmpCertificate GetInstance(Asn1TaggedObject taggedObject, bool declaredExplicit) { - get { return x509v3PKCert != null; } + // TODO[cmp] + if (taggedObject == null) + return null; + + if (!declaredExplicit) + throw new ArgumentException("tag must be explicit"); + + // TODO[cmp] + return GetInstance(taggedObject.GetObject()); } - public virtual X509CertificateStructure X509v3PKCert + private readonly X509CertificateStructure m_x509v3PKCert; + + private readonly int m_otherTagValue; + private readonly Asn1Encodable m_otherCert; + + /** + * Note: the addition of other certificates is a BC extension. If you use this constructor they + * will be added with an explicit tag value of type. + * + * @param type the type of the certificate (used as a tag value). + * @param otherCert the object representing the certificate + */ + public CmpCertificate(int type, Asn1Encodable otherCert) { - get { return x509v3PKCert; } + m_otherTagValue = type; + m_otherCert = otherCert; } - public virtual AttributeCertificate X509v2AttrCert + public CmpCertificate(X509CertificateStructure x509v3PKCert) { - get { return x509v2AttrCert; } + if (x509v3PKCert.Version != 3) + throw new ArgumentException("only version 3 certificates allowed", nameof(x509v3PKCert)); + + m_x509v3PKCert = x509v3PKCert; } + public virtual bool IsX509v3PKCert => m_x509v3PKCert != null; + + public virtual X509CertificateStructure X509v3PKCert => m_x509v3PKCert; + + public virtual int OtherCertTag => m_otherTagValue; + + public virtual Asn1Encodable OtherCert => m_otherCert; + /** * <pre> * CMPCertificate ::= CHOICE { @@ -69,13 +100,13 @@ namespace Org.BouncyCastle.Asn1.Cmp */ public override Asn1Object ToAsn1Object() { - if (x509v2AttrCert != null) + if (m_otherCert != null) { // explicit following CMP conventions - return new DerTaggedObject(true, 1, x509v2AttrCert); + return new DerTaggedObject(true, m_otherTagValue, m_otherCert); } - return x509v3PKCert.ToAsn1Object(); + return m_x509v3PKCert.ToAsn1Object(); } } } diff --git a/crypto/src/asn1/cmp/CmpObjectIdentifiers.cs b/crypto/src/asn1/cmp/CmpObjectIdentifiers.cs index 7e8274175..fa83841a4 100644 --- a/crypto/src/asn1/cmp/CmpObjectIdentifiers.cs +++ b/crypto/src/asn1/cmp/CmpObjectIdentifiers.cs @@ -2,105 +2,256 @@ using System; namespace Org.BouncyCastle.Asn1.Cmp { - public abstract class CmpObjectIdentifiers + public static class CmpObjectIdentifiers { - // RFC 4210 - - // id-PasswordBasedMac OBJECT IDENTIFIER ::= {1 2 840 113533 7 66 13} - public static readonly DerObjectIdentifier passwordBasedMac = new DerObjectIdentifier("1.2.840.113533.7.66.13"); - - // id-DHBasedMac OBJECT IDENTIFIER ::= {1 2 840 113533 7 66 30} - public static readonly DerObjectIdentifier dhBasedMac = new DerObjectIdentifier("1.2.840.113533.7.66.30"); - - // Example InfoTypeAndValue contents include, but are not limited - // to, the following (un-comment in this ASN.1 module and use as - // appropriate for a given environment): - // - // id-it-caProtEncCert OBJECT IDENTIFIER ::= {id-it 1} - // CAProtEncCertValue ::= CMPCertificate - // id-it-signKeyPairTypes OBJECT IDENTIFIER ::= {id-it 2} - // SignKeyPairTypesValue ::= SEQUENCE OF AlgorithmIdentifier - // id-it-encKeyPairTypes OBJECT IDENTIFIER ::= {id-it 3} - // EncKeyPairTypesValue ::= SEQUENCE OF AlgorithmIdentifier - // id-it-preferredSymmAlg OBJECT IDENTIFIER ::= {id-it 4} - // PreferredSymmAlgValue ::= AlgorithmIdentifier - // id-it-caKeyUpdateInfo OBJECT IDENTIFIER ::= {id-it 5} - // CAKeyUpdateInfoValue ::= CAKeyUpdAnnContent - // id-it-currentCRL OBJECT IDENTIFIER ::= {id-it 6} - // CurrentCRLValue ::= CertificateList - // id-it-unsupportedOIDs OBJECT IDENTIFIER ::= {id-it 7} - // UnsupportedOIDsValue ::= SEQUENCE OF OBJECT IDENTIFIER - // id-it-keyPairParamReq OBJECT IDENTIFIER ::= {id-it 10} - // KeyPairParamReqValue ::= OBJECT IDENTIFIER - // id-it-keyPairParamRep OBJECT IDENTIFIER ::= {id-it 11} - // KeyPairParamRepValue ::= AlgorithmIdentifer - // id-it-revPassphrase OBJECT IDENTIFIER ::= {id-it 12} - // RevPassphraseValue ::= EncryptedValue - // id-it-implicitConfirm OBJECT IDENTIFIER ::= {id-it 13} - // ImplicitConfirmValue ::= NULL - // id-it-confirmWaitTime OBJECT IDENTIFIER ::= {id-it 14} - // ConfirmWaitTimeValue ::= GeneralizedTime - // id-it-origPKIMessage OBJECT IDENTIFIER ::= {id-it 15} - // OrigPKIMessageValue ::= PKIMessages - // id-it-suppLangTags OBJECT IDENTIFIER ::= {id-it 16} - // SuppLangTagsValue ::= SEQUENCE OF UTF8String - // - // where - // - // id-pkix OBJECT IDENTIFIER ::= { - // iso(1) identified-organization(3) - // dod(6) internet(1) security(5) mechanisms(5) pkix(7)} - // and - // id-it OBJECT IDENTIFIER ::= {id-pkix 4} - public static readonly DerObjectIdentifier it_caProtEncCert = new DerObjectIdentifier("1.3.6.1.5.5.7.4.1"); - public static readonly DerObjectIdentifier it_signKeyPairTypes = new DerObjectIdentifier("1.3.6.1.5.5.7.4.2"); - public static readonly DerObjectIdentifier it_encKeyPairTypes = new DerObjectIdentifier("1.3.6.1.5.5.7.4.3"); - public static readonly DerObjectIdentifier it_preferredSymAlg = new DerObjectIdentifier("1.3.6.1.5.5.7.4.4"); - public static readonly DerObjectIdentifier it_caKeyUpdateInfo = new DerObjectIdentifier("1.3.6.1.5.5.7.4.5"); - public static readonly DerObjectIdentifier it_currentCRL = new DerObjectIdentifier("1.3.6.1.5.5.7.4.6"); - public static readonly DerObjectIdentifier it_unsupportedOIDs = new DerObjectIdentifier("1.3.6.1.5.5.7.4.7"); - public static readonly DerObjectIdentifier it_keyPairParamReq = new DerObjectIdentifier("1.3.6.1.5.5.7.4.10"); - public static readonly DerObjectIdentifier it_keyPairParamRep = new DerObjectIdentifier("1.3.6.1.5.5.7.4.11"); - public static readonly DerObjectIdentifier it_revPassphrase = new DerObjectIdentifier("1.3.6.1.5.5.7.4.12"); - public static readonly DerObjectIdentifier it_implicitConfirm = new DerObjectIdentifier("1.3.6.1.5.5.7.4.13"); - public static readonly DerObjectIdentifier it_confirmWaitTime = new DerObjectIdentifier("1.3.6.1.5.5.7.4.14"); - public static readonly DerObjectIdentifier it_origPKIMessage = new DerObjectIdentifier("1.3.6.1.5.5.7.4.15"); - public static readonly DerObjectIdentifier it_suppLangTags = new DerObjectIdentifier("1.3.6.1.5.5.7.4.16"); - - // RFC 4211 - - // id-pkix OBJECT IDENTIFIER ::= { iso(1) identified-organization(3) - // dod(6) internet(1) security(5) mechanisms(5) pkix(7) } - // - // arc for Internet X.509 PKI protocols and their components - // id-pkip OBJECT IDENTIFIER :: { id-pkix pkip(5) } - // - // arc for Registration Controls in CRMF - // id-regCtrl OBJECT IDENTIFIER ::= { id-pkip regCtrl(1) } - // - // arc for Registration Info in CRMF - // id-regInfo OBJECT IDENTIFIER ::= { id-pkip id-regInfo(2) } - - public static readonly DerObjectIdentifier regCtrl_regToken = new DerObjectIdentifier("1.3.6.1.5.5.7.5.1.1"); - public static readonly DerObjectIdentifier regCtrl_authenticator = new DerObjectIdentifier("1.3.6.1.5.5.7.5.1.2"); - public static readonly DerObjectIdentifier regCtrl_pkiPublicationInfo = new DerObjectIdentifier("1.3.6.1.5.5.7.5.1.3"); - public static readonly DerObjectIdentifier regCtrl_pkiArchiveOptions = new DerObjectIdentifier("1.3.6.1.5.5.7.5.1.4"); - public static readonly DerObjectIdentifier regCtrl_oldCertID = new DerObjectIdentifier("1.3.6.1.5.5.7.5.1.5"); - public static readonly DerObjectIdentifier regCtrl_protocolEncrKey = new DerObjectIdentifier("1.3.6.1.5.5.7.5.1.6"); - - // From RFC4210: - // id-regCtrl-altCertTemplate OBJECT IDENTIFIER ::= {id-regCtrl 7} - public static readonly DerObjectIdentifier regCtrl_altCertTemplate = new DerObjectIdentifier("1.3.6.1.5.5.7.5.1.7"); - - public static readonly DerObjectIdentifier regInfo_utf8Pairs = new DerObjectIdentifier("1.3.6.1.5.5.7.5.2.1"); - public static readonly DerObjectIdentifier regInfo_certReq = new DerObjectIdentifier("1.3.6.1.5.5.7.5.2.2"); - - // id-smime OBJECT IDENTIFIER ::= { iso(1) member-body(2) - // us(840) rsadsi(113549) pkcs(1) pkcs9(9) 16 } - // - // id-ct OBJECT IDENTIFIER ::= { id-smime 1 } -- content types - // - // id-ct-encKeyWithID OBJECT IDENTIFIER ::= {id-ct 21} - public static readonly DerObjectIdentifier ct_encKeyWithID = new DerObjectIdentifier("1.2.840.113549.1.9.16.1.21"); + // RFC 4210 + + /** + * id-PasswordBasedMac OBJECT IDENTIFIER ::= {1 2 840 113533 7 66 13} + */ + public static readonly DerObjectIdentifier passwordBasedMac = new DerObjectIdentifier("1.2.840.113533.7.66.13"); + + /** + * id-DHBasedMac OBJECT IDENTIFIER ::= {1 2 840 113533 7 66 30} + */ + public static readonly DerObjectIdentifier dhBasedMac = new DerObjectIdentifier("1.2.840.113533.7.66.30"); + + // Example InfoTypeAndValue contents include, but are not limited + // to, the following (un-comment in this ASN.1 module and use as + // appropriate for a given environment): + // + // id-it-caProtEncCert OBJECT IDENTIFIER ::= {id-it 1} + // CAProtEncCertValue ::= CMPCertificate + // id-it-signKeyPairTypes OBJECT IDENTIFIER ::= {id-it 2} + // SignKeyPairTypesValue ::= SEQUENCE OF AlgorithmIdentifier + // id-it-encKeyPairTypes OBJECT IDENTIFIER ::= {id-it 3} + // EncKeyPairTypesValue ::= SEQUENCE OF AlgorithmIdentifier + // id-it-preferredSymmAlg OBJECT IDENTIFIER ::= {id-it 4} + // PreferredSymmAlgValue ::= AlgorithmIdentifier + // id-it-caKeyUpdateInfo OBJECT IDENTIFIER ::= {id-it 5} + // CAKeyUpdateInfoValue ::= CAKeyUpdAnnContent + // id-it-currentCRL OBJECT IDENTIFIER ::= {id-it 6} + // CurrentCRLValue ::= CertificateList + // id-it-unsupportedOIDs OBJECT IDENTIFIER ::= {id-it 7} + // UnsupportedOIDsValue ::= SEQUENCE OF OBJECT IDENTIFIER + // id-it-keyPairParamReq OBJECT IDENTIFIER ::= {id-it 10} + // KeyPairParamReqValue ::= OBJECT IDENTIFIER + // id-it-keyPairParamRep OBJECT IDENTIFIER ::= {id-it 11} + // KeyPairParamRepValue ::= AlgorithmIdentifer + // id-it-revPassphrase OBJECT IDENTIFIER ::= {id-it 12} + // RevPassphraseValue ::= EncryptedValue + // id-it-implicitConfirm OBJECT IDENTIFIER ::= {id-it 13} + // ImplicitConfirmValue ::= NULL + // id-it-confirmWaitTime OBJECT IDENTIFIER ::= {id-it 14} + // ConfirmWaitTimeValue ::= GeneralizedTime + // id-it-origPKIMessage OBJECT IDENTIFIER ::= {id-it 15} + // OrigPKIMessageValue ::= PKIMessages + // id-it-suppLangTags OBJECT IDENTIFIER ::= {id-it 16} + // SuppLangTagsValue ::= SEQUENCE OF UTF8String + // id-it-certProfile OBJECT IDENTIFIER ::= {id-it 21} + // CertProfileValue ::= SEQUENCE SIZE (1..MAX) OF UTF8String + // where + // + // id-pkix OBJECT IDENTIFIER ::= { + // iso(1) identified-organization(3) + // dod(6) internet(1) security(5) mechanisms(5) pkix(7)} + // and + // id-it OBJECT IDENTIFIER ::= {id-pkix 4} + + /** RFC 4120: it-id: PKIX.4 = 1.3.6.1.5.5.7.4 */ + + + /** + * RFC 4120: 1.3.6.1.5.5.7.4.1 + */ + public static readonly DerObjectIdentifier it_caProtEncCert = new DerObjectIdentifier("1.3.6.1.5.5.7.4.1"); + /** + * RFC 4120: 1.3.6.1.5.5.7.4.2 + */ + public static readonly DerObjectIdentifier it_signKeyPairTypes = new DerObjectIdentifier("1.3.6.1.5.5.7.4.2"); + /** + * RFC 4120: 1.3.6.1.5.5.7.4.3 + */ + public static readonly DerObjectIdentifier it_encKeyPairTypes = new DerObjectIdentifier("1.3.6.1.5.5.7.4.3"); + /** + * RFC 4120: 1.3.6.1.5.5.7.4.4 + */ + public static readonly DerObjectIdentifier it_preferredSymAlg = new DerObjectIdentifier("1.3.6.1.5.5.7.4.4"); + /** + * RFC 4120: 1.3.6.1.5.5.7.4.5 + */ + public static readonly DerObjectIdentifier it_caKeyUpdateInfo = new DerObjectIdentifier("1.3.6.1.5.5.7.4.5"); + /** + * RFC 4120: 1.3.6.1.5.5.7.4.6 + */ + public static readonly DerObjectIdentifier it_currentCRL = new DerObjectIdentifier("1.3.6.1.5.5.7.4.6"); + /** + * RFC 4120: 1.3.6.1.5.5.7.4.7 + */ + public static readonly DerObjectIdentifier it_unsupportedOIDs = new DerObjectIdentifier("1.3.6.1.5.5.7.4.7"); + /** + * RFC 4120: 1.3.6.1.5.5.7.4.10 + */ + public static readonly DerObjectIdentifier it_keyPairParamReq = new DerObjectIdentifier("1.3.6.1.5.5.7.4.10"); + /** + * RFC 4120: 1.3.6.1.5.5.7.4.11 + */ + public static readonly DerObjectIdentifier it_keyPairParamRep = new DerObjectIdentifier("1.3.6.1.5.5.7.4.11"); + /** + * RFC 4120: 1.3.6.1.5.5.7.4.12 + */ + public static readonly DerObjectIdentifier it_revPassphrase = new DerObjectIdentifier("1.3.6.1.5.5.7.4.12"); + /** + * RFC 4120: 1.3.6.1.5.5.7.4.13 + */ + public static readonly DerObjectIdentifier it_implicitConfirm = new DerObjectIdentifier("1.3.6.1.5.5.7.4.13"); + /** + * RFC 4120: 1.3.6.1.5.5.7.4.14 + */ + public static readonly DerObjectIdentifier it_confirmWaitTime = new DerObjectIdentifier("1.3.6.1.5.5.7.4.14"); + /** + * RFC 4120: 1.3.6.1.5.5.7.4.15 + */ + public static readonly DerObjectIdentifier it_origPKIMessage = new DerObjectIdentifier("1.3.6.1.5.5.7.4.15"); + /** + * RFC 4120: 1.3.6.1.5.5.7.4.16 + */ + public static readonly DerObjectIdentifier it_suppLangTags = new DerObjectIdentifier("1.3.6.1.5.5.7.4.16"); + + /** + * Update 16, RFC 4210 + * {id-it 17} + */ + public static readonly DerObjectIdentifier id_it_caCerts = new DerObjectIdentifier("1.3.6.1.5.5.7.4.17"); + + + /** + * Update 16, RFC 4210 + * GenRep: {id-it 18}, RootCaKeyUpdateContent + */ + public static readonly DerObjectIdentifier id_it_rootCaKeyUpdate = new DerObjectIdentifier("1.3.6.1.5.5.7.4.18"); + + + /** + * Update 16, RFC 4210 + * {id-it 19} + */ + public static readonly DerObjectIdentifier id_it_certReqTemplate = new DerObjectIdentifier("1.3.6.1.5.5.7.4.19"); + + + /** + * Update 16, RFC 4210 + * GenMsg: {id-it 20}, RootCaCertValue + */ + public static readonly DerObjectIdentifier id_it_rootCaCert = new DerObjectIdentifier("1.3.6.1.5.5.7.4.20"); + + /** + * Update-16 to RFC 4210 + * id-it-certProfile OBJECT IDENTIFIER ::= {id-it 21} + */ + public static readonly DerObjectIdentifier id_it_certProfile = new DerObjectIdentifier("1.3.6.1.5.5.7.4.21"); + + public static readonly DerObjectIdentifier id_it_crlStatusList = new DerObjectIdentifier("1.3.6.1.5.5.7.4.22"); + + public static readonly DerObjectIdentifier id_it_crls = new DerObjectIdentifier("1.3.6.1.5.5.7.4.23"); + + // Not yet formally defined. + + //public static readonly DerObjectIdentifier id_it_crlStatusList = null; + //public static readonly DerObjectIdentifier id_it_crls = null; + + + // RFC 4211 + + // id-pkix OBJECT IDENTIFIER ::= { iso(1) identified-organization(3) + // dod(6) internet(1) security(5) mechanisms(5) pkix(7) } + // + // arc for Internet X.509 PKI protocols and their components + // id-pkip OBJECT IDENTIFIER :: { id-pkix pkip(5) } + // + // arc for Registration Controls in CRMF + // id-regCtrl OBJECT IDENTIFIER ::= { id-pkip regCtrl(1) } + // + // arc for Registration Info in CRMF + // id-regInfo OBJECT IDENTIFIER ::= { id-pkip id-regInfo(2) } + + /** + * RFC 4211: it-pkip: PKIX.5 = 1.3.6.1.5.5.7.5 + */ + public static readonly DerObjectIdentifier id_pkip = new DerObjectIdentifier("1.3.6.1.5.5.7.5"); + + /** + * RFC 4211: it-regCtrl: 1.3.6.1.5.5.7.5.1 + */ + public static readonly DerObjectIdentifier id_regCtrl = new DerObjectIdentifier("1.3.6.1.5.5.7.5.1"); + /** + * RFC 4211: it-regInfo: 1.3.6.1.5.5.7.5.2 + */ + public static readonly DerObjectIdentifier id_regInfo = new DerObjectIdentifier("1.3.6.1.5.5.7.5.2"); + + + /** + * 1.3.6.1.5.5.7.5.1.1 + */ + public static readonly DerObjectIdentifier regCtrl_regToken = new DerObjectIdentifier("1.3.6.1.5.5.7.5.1.1"); + /** + * 1.3.6.1.5.5.7.5.1.2 + */ + public static readonly DerObjectIdentifier regCtrl_authenticator = new DerObjectIdentifier("1.3.6.1.5.5.7.5.1.2"); + /** + * 1.3.6.1.5.5.7.5.1.3 + */ + public static readonly DerObjectIdentifier regCtrl_pkiPublicationInfo = new DerObjectIdentifier("1.3.6.1.5.5.7.5.1.3"); + /** + * 1.3.6.1.5.5.7.5.1.4 + */ + public static readonly DerObjectIdentifier regCtrl_pkiArchiveOptions = new DerObjectIdentifier("1.3.6.1.5.5.7.5.1.4"); + /** + * 1.3.6.1.5.5.7.5.1.5 + */ + public static readonly DerObjectIdentifier regCtrl_oldCertID = new DerObjectIdentifier("1.3.6.1.5.5.7.5.1.5"); + /** + * 1.3.6.1.5.5.7.5.1.6 + */ + public static readonly DerObjectIdentifier regCtrl_protocolEncrKey = new DerObjectIdentifier("1.3.6.1.5.5.7.5.1.6"); + + /** + * From RFC4210: + * id-regCtrl-altCertTemplate OBJECT IDENTIFIER ::= {id-regCtrl 7}; 1.3.6.1.5.5.7.1.7 + */ + public static readonly DerObjectIdentifier regCtrl_altCertTemplate = new DerObjectIdentifier("1.3.6.1.5.5.7.5.1.7"); + + /** + * RFC 4211: it-regInfo-utf8Pairs: 1.3.6.1.5.5.7.5.2.1 + */ + public static readonly DerObjectIdentifier regInfo_utf8Pairs = new DerObjectIdentifier("1.3.6.1.5.5.7.5.2.1"); + /** + * RFC 4211: it-regInfo-certReq: 1.3.6.1.5.5.7.5.2.1 + */ + public static readonly DerObjectIdentifier regInfo_certReq = new DerObjectIdentifier("1.3.6.1.5.5.7.5.2.2"); + + /** + * 1.2.840.113549.1.9.16.1.21 + * <p> + * id-ct OBJECT IDENTIFIER ::= { id-smime 1 } -- content types + * <p> + * id-ct-encKeyWithID OBJECT IDENTIFIER ::= {id-ct 21} + */ + public static readonly DerObjectIdentifier ct_encKeyWithID = new DerObjectIdentifier("1.2.840.113549.1.9.16.1.21"); + + + /** + * id-regCtrl-algId OBJECT IDENTIFIER ::= { iso(1) + * identified-organization(3) dod(6) internet(1) security(5) + * mechanisms(5) pkix(7) pkip(5) regCtrl(1) 11 } + */ + public static readonly DerObjectIdentifier id_regCtrl_algId = id_pkip.Branch("1.11"); + + /** + * id-regCtrl-rsaKeyLen OBJECT IDENTIFIER ::= { iso(1) + * identified-organization(3) dod(6) internet(1) security(5) + * mechanisms(5) pkix(7) pkip(5) regCtrl(1) 12 } + */ + public static readonly DerObjectIdentifier id_regCtrl_rsaKeyLen = id_pkip.Branch("1.12"); } } diff --git a/crypto/src/asn1/cmp/CrlAnnContent.cs b/crypto/src/asn1/cmp/CrlAnnContent.cs index db8ecfa40..0da25cd0e 100644 --- a/crypto/src/asn1/cmp/CrlAnnContent.cs +++ b/crypto/src/asn1/cmp/CrlAnnContent.cs @@ -1,39 +1,36 @@ -using System; - using Org.BouncyCastle.Asn1.X509; -using Org.BouncyCastle.Utilities; namespace Org.BouncyCastle.Asn1.Cmp { public class CrlAnnContent : Asn1Encodable { - private readonly Asn1Sequence content; + public static CrlAnnContent GetInstance(object obj) + { + if (obj is CrlAnnContent crlAnnContent) + return crlAnnContent; - private CrlAnnContent(Asn1Sequence seq) - { - content = seq; - } + if (obj != null) + return new CrlAnnContent(Asn1Sequence.GetInstance(obj)); - public static CrlAnnContent GetInstance(object obj) - { - if (obj is CrlAnnContent) - return (CrlAnnContent)obj; + return null; + } - if (obj is Asn1Sequence) - return new CrlAnnContent((Asn1Sequence)obj); + private readonly Asn1Sequence m_content; - throw new ArgumentException("Invalid object: " + Platform.GetTypeName(obj), "obj"); + private CrlAnnContent(Asn1Sequence seq) + { + m_content = seq; } - public virtual CertificateList[] ToCertificateListArray() + public CrlAnnContent(CertificateList crl) + { + m_content = new DerSequence(crl); + } + + public virtual CertificateList[] ToCertificateListArray() { - CertificateList[] result = new CertificateList[content.Count]; - for (int i = 0; i != result.Length; ++ i) - { - result[i] = CertificateList.GetInstance(content[i]); - } - return result; + return m_content.MapElements(CertificateList.GetInstance); } /** @@ -44,7 +41,7 @@ namespace Org.BouncyCastle.Asn1.Cmp */ public override Asn1Object ToAsn1Object() { - return content; + return m_content; } } } diff --git a/crypto/src/asn1/cmp/CrlSource.cs b/crypto/src/asn1/cmp/CrlSource.cs new file mode 100644 index 000000000..13aaa526a --- /dev/null +++ b/crypto/src/asn1/cmp/CrlSource.cs @@ -0,0 +1,72 @@ +using System; + +using Org.BouncyCastle.Asn1.X509; + +namespace Org.BouncyCastle.Asn1.Cmp +{ + /** + * GenMsg: {id-it TBD1}, SEQUENCE SIZE (1..MAX) OF CRLStatus + * GenRep: {id-it TBD2}, SEQUENCE SIZE (1..MAX) OF + * CertificateList | < absent > + * <p> + * CRLSource ::= CHOICE { + * dpn [0] DistributionPointName, + * issuer [1] GeneralNames } + * <p> + */ + public class CrlSource + : Asn1Encodable, IAsn1Choice + { + public static CrlSource GetInstance(object obj) + { + if (obj is CrlSource crlSource) + return crlSource; + + if (obj != null) + return new CrlSource(Asn1TaggedObject.GetInstance(obj)); + + return null; + } + + private readonly DistributionPointName m_dpn; + private readonly GeneralNames m_issuer; + + private CrlSource(Asn1TaggedObject taggedObject) + { + switch (taggedObject.TagNo) + { + case 0: + m_dpn = DistributionPointName.GetInstance(taggedObject, true); + m_issuer = null; + break; + case 1: + m_dpn = null; + m_issuer = GeneralNames.GetInstance(taggedObject, true); + break; + default: + throw new ArgumentException("unknown tag: " + Asn1Utilities.GetTagText(taggedObject)); + } + } + + public CrlSource(DistributionPointName dpn, GeneralNames issuer) + { + if ((dpn == null) == (issuer == null)) + throw new ArgumentException("either dpn or issuer must be set"); + + m_dpn = dpn; + m_issuer = issuer; + } + + public virtual DistributionPointName Dpn => m_dpn; + + public virtual GeneralNames Issuer => m_issuer; + + public override Asn1Object ToAsn1Object() + { + if (m_dpn != null) + return new DerTaggedObject(true, 0, m_dpn); + + return new DerTaggedObject(true, 1, m_issuer); + } + } +} diff --git a/crypto/src/asn1/cmp/CrlStatus.cs b/crypto/src/asn1/cmp/CrlStatus.cs new file mode 100644 index 000000000..5bacbbbcc --- /dev/null +++ b/crypto/src/asn1/cmp/CrlStatus.cs @@ -0,0 +1,61 @@ +using System; + +using Org.BouncyCastle.Asn1.X509; + +namespace Org.BouncyCastle.Asn1.Cmp +{ + /** + * CRLStatus ::= SEQUENCE { + * source CRLSource, + * thisUpdate Time OPTIONAL } + */ + public class CrlStatus + : Asn1Encodable + { + public static CrlStatus GetInstance(object obj) + { + if (obj is CrlStatus crlStatus) + return crlStatus; + + if (obj != null) + return new CrlStatus(Asn1Sequence.GetInstance(obj)); + + return null; + } + + private readonly CrlSource m_source; + private readonly Time m_thisUpdate; + + private CrlStatus(Asn1Sequence sequence) + { + int count = sequence.Count; + if (count < 1 || count > 2) + throw new ArgumentException("expected sequence size of 1 or 2, got " + count); + + m_source = CrlSource.GetInstance(sequence[0]); + + if (sequence.Count == 2) + { + m_thisUpdate = Time.GetInstance(sequence[1]); + } + } + + public CrlStatus(CrlSource source, Time thisUpdate) + { + m_source = source; + m_thisUpdate = thisUpdate; + } + + public virtual CrlSource Source => m_source; + + public virtual Time ThisUpdate => m_thisUpdate; + + public override Asn1Object ToAsn1Object() + { + if (m_thisUpdate == null) + return new DerSequence(m_source); + + return new DerSequence(m_source, m_thisUpdate); + } + } +} diff --git a/crypto/src/asn1/cmp/DhbmParameter.cs b/crypto/src/asn1/cmp/DhbmParameter.cs new file mode 100644 index 000000000..aaf71f70e --- /dev/null +++ b/crypto/src/asn1/cmp/DhbmParameter.cs @@ -0,0 +1,56 @@ +using System; + +using Org.BouncyCastle.Asn1.X509; + +namespace Org.BouncyCastle.Asn1.Cmp +{ + /** + * DHBMParameter ::= SEQUENCE { + * owf AlgorithmIdentifier, + * -- AlgId for a One-Way Function (SHA-1 recommended) + * mac AlgorithmIdentifier + * -- the MAC AlgId (e.g., DES-MAC, Triple-DES-MAC [PKCS11], + * } -- or HMAC [RFC2104, RFC2202]) + */ + public class DhbmParameter + : Asn1Encodable + { + public static DhbmParameter GetInstance(object obj) + { + if (obj is DhbmParameter dhbmParameter) + return dhbmParameter; + + if (obj != null) + return new DhbmParameter(Asn1Sequence.GetInstance(obj)); + + return null; + } + + private readonly AlgorithmIdentifier m_owf; + private readonly AlgorithmIdentifier m_mac; + + private DhbmParameter(Asn1Sequence sequence) + { + if (sequence.Count != 2) + throw new ArgumentException("expecting sequence size of 2"); + + m_owf = AlgorithmIdentifier.GetInstance(sequence[0]); + m_mac = AlgorithmIdentifier.GetInstance(sequence[1]); + } + + public DhbmParameter(AlgorithmIdentifier owf, AlgorithmIdentifier mac) + { + m_owf = owf; + m_mac = mac; + } + + public virtual AlgorithmIdentifier Owf => m_owf; + + public virtual AlgorithmIdentifier Mac => m_mac; + + public override Asn1Object ToAsn1Object() + { + return new DerSequence(m_owf, m_mac); + } + } +} diff --git a/crypto/src/asn1/cmp/ErrorMsgContent.cs b/crypto/src/asn1/cmp/ErrorMsgContent.cs index 5d2132bb8..fe8318aab 100644 --- a/crypto/src/asn1/cmp/ErrorMsgContent.cs +++ b/crypto/src/asn1/cmp/ErrorMsgContent.cs @@ -1,45 +1,54 @@ using System; -using Org.BouncyCastle.Utilities; - namespace Org.BouncyCastle.Asn1.Cmp { - public class ErrorMsgContent + /** + * <pre> + * ErrorMsgContent ::= SEQUENCE { + * pKIStatusInfo PKIStatusInfo, + * errorCode INTEGER OPTIONAL, + * -- implementation-specific error codes + * errorDetails PKIFreeText OPTIONAL + * -- implementation-specific error details + * } + * </pre> + */ + public class ErrorMsgContent : Asn1Encodable { - private readonly PkiStatusInfo pkiStatusInfo; - private readonly DerInteger errorCode; - private readonly PkiFreeText errorDetails; + public static ErrorMsgContent GetInstance(object obj) + { + if (obj is ErrorMsgContent errorMsgContent) + return errorMsgContent; + + if (obj != null) + return new ErrorMsgContent(Asn1Sequence.GetInstance(obj)); + + return null; + } + + private readonly PkiStatusInfo m_pkiStatusInfo; + private readonly DerInteger m_errorCode; + private readonly PkiFreeText m_errorDetails; private ErrorMsgContent(Asn1Sequence seq) { - pkiStatusInfo = PkiStatusInfo.GetInstance(seq[0]); + m_pkiStatusInfo = PkiStatusInfo.GetInstance(seq[0]); for (int pos = 1; pos < seq.Count; ++pos) { Asn1Encodable ae = seq[pos]; if (ae is DerInteger) { - errorCode = DerInteger.GetInstance(ae); + m_errorCode = DerInteger.GetInstance(ae); } else { - errorDetails = PkiFreeText.GetInstance(ae); + m_errorDetails = PkiFreeText.GetInstance(ae); } } } - public static ErrorMsgContent GetInstance(object obj) - { - if (obj is ErrorMsgContent) - return (ErrorMsgContent)obj; - - if (obj is Asn1Sequence) - return new ErrorMsgContent((Asn1Sequence)obj); - - throw new ArgumentException("Invalid object: " + Platform.GetTypeName(obj), "obj"); - } - public ErrorMsgContent(PkiStatusInfo pkiStatusInfo) : this(pkiStatusInfo, null, null) { @@ -51,27 +60,18 @@ namespace Org.BouncyCastle.Asn1.Cmp PkiFreeText errorDetails) { if (pkiStatusInfo == null) - throw new ArgumentNullException("pkiStatusInfo"); + throw new ArgumentNullException(nameof(pkiStatusInfo)); - this.pkiStatusInfo = pkiStatusInfo; - this.errorCode = errorCode; - this.errorDetails = errorDetails; - } - - public virtual PkiStatusInfo PkiStatusInfo - { - get { return pkiStatusInfo; } + m_pkiStatusInfo = pkiStatusInfo; + m_errorCode = errorCode; + m_errorDetails = errorDetails; } - public virtual DerInteger ErrorCode - { - get { return errorCode; } - } + public virtual PkiStatusInfo PkiStatusInfo => m_pkiStatusInfo; - public virtual PkiFreeText ErrorDetails - { - get { return errorDetails; } - } + public virtual DerInteger ErrorCode => m_errorCode; + + public virtual PkiFreeText ErrorDetails => m_errorDetails; /** * <pre> @@ -87,8 +87,8 @@ namespace Org.BouncyCastle.Asn1.Cmp */ public override Asn1Object ToAsn1Object() { - Asn1EncodableVector v = new Asn1EncodableVector(pkiStatusInfo); - v.AddOptional(errorCode, errorDetails); + Asn1EncodableVector v = new Asn1EncodableVector(m_pkiStatusInfo); + v.AddOptional(m_errorCode, m_errorDetails); return new DerSequence(v); } } diff --git a/crypto/src/asn1/cmp/GenMsgContent.cs b/crypto/src/asn1/cmp/GenMsgContent.cs index f3142b5c6..b4673b76a 100644 --- a/crypto/src/asn1/cmp/GenMsgContent.cs +++ b/crypto/src/asn1/cmp/GenMsgContent.cs @@ -1,43 +1,42 @@ -using System; - -using Org.BouncyCastle.Utilities; - namespace Org.BouncyCastle.Asn1.Cmp { - public class GenMsgContent + /** + * <pre>GenMsgContent ::= SEQUENCE OF InfoTypeAndValue</pre> + */ + public class GenMsgContent : Asn1Encodable { - private readonly Asn1Sequence content; + public static GenMsgContent GetInstance(object obj) + { + if (obj is GenMsgContent genMsgContent) + return genMsgContent; - private GenMsgContent(Asn1Sequence seq) - { - content = seq; - } + if (obj != null) + return new GenMsgContent(Asn1Sequence.GetInstance(obj)); - public static GenMsgContent GetInstance(object obj) - { - if (obj is GenMsgContent) - return (GenMsgContent)obj; + return null; + } - if (obj is Asn1Sequence) - return new GenMsgContent((Asn1Sequence)obj); + private readonly Asn1Sequence m_content; - throw new ArgumentException("Invalid object: " + Platform.GetTypeName(obj), "obj"); + private GenMsgContent(Asn1Sequence seq) + { + m_content = seq; } - public GenMsgContent(params InfoTypeAndValue[] itv) + public GenMsgContent(InfoTypeAndValue itv) + { + m_content = new DerSequence(itv); + } + + public GenMsgContent(params InfoTypeAndValue[] itvs) { - content = new DerSequence(itv); + m_content = new DerSequence(itvs); } public virtual InfoTypeAndValue[] ToInfoTypeAndValueArray() { - InfoTypeAndValue[] result = new InfoTypeAndValue[content.Count]; - for (int i = 0; i != result.Length; ++i) - { - result[i] = InfoTypeAndValue.GetInstance(content[i]); - } - return result; + return m_content.MapElements(InfoTypeAndValue.GetInstance); } /** @@ -48,7 +47,7 @@ namespace Org.BouncyCastle.Asn1.Cmp */ public override Asn1Object ToAsn1Object() { - return content; + return m_content; } } } diff --git a/crypto/src/asn1/cmp/GenRepContent.cs b/crypto/src/asn1/cmp/GenRepContent.cs index 3c3573e37..38f91061c 100644 --- a/crypto/src/asn1/cmp/GenRepContent.cs +++ b/crypto/src/asn1/cmp/GenRepContent.cs @@ -1,43 +1,39 @@ -using System; - -using Org.BouncyCastle.Utilities; - namespace Org.BouncyCastle.Asn1.Cmp { public class GenRepContent : Asn1Encodable { - private readonly Asn1Sequence content; + public static GenRepContent GetInstance(object obj) + { + if (obj is GenRepContent genRepContent) + return genRepContent; - private GenRepContent(Asn1Sequence seq) - { - content = seq; - } + if (obj != null) + return new GenRepContent(Asn1Sequence.GetInstance(obj)); - public static GenRepContent GetInstance(object obj) - { - if (obj is GenRepContent) - return (GenRepContent)obj; + return null; + } - if (obj is Asn1Sequence) - return new GenRepContent((Asn1Sequence)obj); + private readonly Asn1Sequence m_content; - throw new ArgumentException("Invalid object: " + Platform.GetTypeName(obj), "obj"); + private GenRepContent(Asn1Sequence seq) + { + m_content = seq; } - public GenRepContent(params InfoTypeAndValue[] itv) + public GenRepContent(InfoTypeAndValue itv) + { + m_content = new DerSequence(itv); + } + + public GenRepContent(params InfoTypeAndValue[] itvs) { - content = new DerSequence(itv); + m_content = new DerSequence(itvs); } public virtual InfoTypeAndValue[] ToInfoTypeAndValueArray() { - InfoTypeAndValue[] result = new InfoTypeAndValue[content.Count]; - for (int i = 0; i != result.Length; ++i) - { - result[i] = InfoTypeAndValue.GetInstance(content[i]); - } - return result; + return m_content.MapElements(InfoTypeAndValue.GetInstance); } /** @@ -48,7 +44,7 @@ namespace Org.BouncyCastle.Asn1.Cmp */ public override Asn1Object ToAsn1Object() { - return content; + return m_content; } } } diff --git a/crypto/src/asn1/cmp/InfoTypeAndValue.cs b/crypto/src/asn1/cmp/InfoTypeAndValue.cs index 305d6e5e7..08ad68a42 100644 --- a/crypto/src/asn1/cmp/InfoTypeAndValue.cs +++ b/crypto/src/asn1/cmp/InfoTypeAndValue.cs @@ -50,54 +50,47 @@ namespace Org.BouncyCastle.Asn1.Cmp public class InfoTypeAndValue : Asn1Encodable { - private readonly DerObjectIdentifier infoType; - private readonly Asn1Encodable infoValue; + private readonly DerObjectIdentifier m_infoType; + private readonly Asn1Encodable m_infoValue; private InfoTypeAndValue(Asn1Sequence seq) { - infoType = DerObjectIdentifier.GetInstance(seq[0]); + m_infoType = DerObjectIdentifier.GetInstance(seq[0]); if (seq.Count > 1) { - infoValue = (Asn1Encodable)seq[1]; + m_infoValue = seq[1]; } } public static InfoTypeAndValue GetInstance(object obj) { - if (obj is InfoTypeAndValue) - return (InfoTypeAndValue)obj; + if (obj is InfoTypeAndValue infoTypeAndValue) + return infoTypeAndValue; - if (obj is Asn1Sequence) - return new InfoTypeAndValue((Asn1Sequence)obj); + if (obj != null) + return new InfoTypeAndValue(Asn1Sequence.GetInstance(obj)); - throw new ArgumentException("Invalid object: " + Platform.GetTypeName(obj), "obj"); + return null; } - public InfoTypeAndValue( - DerObjectIdentifier infoType) + public InfoTypeAndValue(DerObjectIdentifier infoType) + : this(infoType, null) { - this.infoType = infoType; - this.infoValue = null; } - public InfoTypeAndValue( - DerObjectIdentifier infoType, - Asn1Encodable optionalValue) + public InfoTypeAndValue(DerObjectIdentifier infoType, Asn1Encodable infoValue) { - this.infoType = infoType; - this.infoValue = optionalValue; - } + if (infoType == null) + throw new ArgumentNullException(nameof(infoType)); - public virtual DerObjectIdentifier InfoType - { - get { return infoType; } + m_infoType = infoType; + m_infoValue = infoValue; } - public virtual Asn1Encodable InfoValue - { - get { return infoValue; } - } + public virtual DerObjectIdentifier InfoType => m_infoType; + + public virtual Asn1Encodable InfoValue => m_infoValue; /** * <pre> @@ -110,9 +103,10 @@ namespace Org.BouncyCastle.Asn1.Cmp */ public override Asn1Object ToAsn1Object() { - Asn1EncodableVector v = new Asn1EncodableVector(infoType); - v.AddOptional(infoValue); - return new DerSequence(v); + if (m_infoValue == null) + return new DerSequence(m_infoType); + + return new DerSequence(m_infoType, m_infoValue); } } } diff --git a/crypto/src/asn1/cmp/KeyRecRepContent.cs b/crypto/src/asn1/cmp/KeyRecRepContent.cs index e35c0e351..6c5ef62f2 100644 --- a/crypto/src/asn1/cmp/KeyRecRepContent.cs +++ b/crypto/src/asn1/cmp/KeyRecRepContent.cs @@ -1,20 +1,29 @@ using System; -using Org.BouncyCastle.Utilities; - namespace Org.BouncyCastle.Asn1.Cmp { public class KeyRecRepContent : Asn1Encodable { - private readonly PkiStatusInfo status; - private readonly CmpCertificate newSigCert; - private readonly Asn1Sequence caCerts; - private readonly Asn1Sequence keyPairHist; + public static KeyRecRepContent GetInstance(object obj) + { + if (obj is KeyRecRepContent keyRecRepContent) + return keyRecRepContent; + + if (obj != null) + return new KeyRecRepContent(Asn1Sequence.GetInstance(obj)); + + return null; + } + + private readonly PkiStatusInfo m_status; + private readonly CmpCertificate m_newSigCert; + private readonly Asn1Sequence m_caCerts; + private readonly Asn1Sequence m_keyPairHist; private KeyRecRepContent(Asn1Sequence seq) { - status = PkiStatusInfo.GetInstance(seq[0]); + m_status = PkiStatusInfo.GetInstance(seq[0]); for (int pos = 1; pos < seq.Count; ++pos) { @@ -22,66 +31,39 @@ namespace Org.BouncyCastle.Asn1.Cmp switch (tObj.TagNo) { - case 0: - newSigCert = CmpCertificate.GetInstance(tObj.GetObject()); - break; - case 1: - caCerts = Asn1Sequence.GetInstance(tObj.GetObject()); - break; - case 2: - keyPairHist = Asn1Sequence.GetInstance(tObj.GetObject()); - break; - default: - throw new ArgumentException("unknown tag number: " + tObj.TagNo, "seq"); + case 0: + m_newSigCert = CmpCertificate.GetInstance(tObj.GetObject()); + break; + case 1: + m_caCerts = Asn1Sequence.GetInstance(tObj.GetObject()); + break; + case 2: + m_keyPairHist = Asn1Sequence.GetInstance(tObj.GetObject()); + break; + default: + throw new ArgumentException("unknown tag number: " + tObj.TagNo, "seq"); } } } - public static KeyRecRepContent GetInstance(object obj) - { - if (obj is KeyRecRepContent) - return (KeyRecRepContent)obj; + public virtual PkiStatusInfo Status => m_status; - if (obj is Asn1Sequence) - return new KeyRecRepContent((Asn1Sequence)obj); - - throw new ArgumentException("Invalid object: " + Platform.GetTypeName(obj), "obj"); - } - - public virtual PkiStatusInfo Status - { - get { return status; } - } - - public virtual CmpCertificate NewSigCert - { - get { return newSigCert; } - } + public virtual CmpCertificate NewSigCert => m_newSigCert; public virtual CmpCertificate[] GetCACerts() { - if (caCerts == null) + if (m_caCerts == null) return null; - CmpCertificate[] results = new CmpCertificate[caCerts.Count]; - for (int i = 0; i != results.Length; ++i) - { - results[i] = CmpCertificate.GetInstance(caCerts[i]); - } - return results; + return m_caCerts.MapElements(CmpCertificate.GetInstance); } public virtual CertifiedKeyPair[] GetKeyPairHist() { - if (keyPairHist == null) + if (m_keyPairHist == null) return null; - CertifiedKeyPair[] results = new CertifiedKeyPair[keyPairHist.Count]; - for (int i = 0; i != results.Length; ++i) - { - results[i] = CertifiedKeyPair.GetInstance(keyPairHist[i]); - } - return results; + return m_keyPairHist.MapElements(CertifiedKeyPair.GetInstance); } /** @@ -99,10 +81,10 @@ namespace Org.BouncyCastle.Asn1.Cmp */ public override Asn1Object ToAsn1Object() { - Asn1EncodableVector v = new Asn1EncodableVector(status); - v.AddOptionalTagged(true, 0, newSigCert); - v.AddOptionalTagged(true, 1, caCerts); - v.AddOptionalTagged(true, 2, keyPairHist); + Asn1EncodableVector v = new Asn1EncodableVector(m_status); + v.AddOptionalTagged(true, 0, m_newSigCert); + v.AddOptionalTagged(true, 1, m_caCerts); + v.AddOptionalTagged(true, 2, m_keyPairHist); return new DerSequence(v); } } diff --git a/crypto/src/asn1/cmp/NestedMessageContent.cs b/crypto/src/asn1/cmp/NestedMessageContent.cs new file mode 100644 index 000000000..907fc7135 --- /dev/null +++ b/crypto/src/asn1/cmp/NestedMessageContent.cs @@ -0,0 +1,35 @@ +namespace Org.BouncyCastle.Asn1.Cmp +{ + /** + * NestedMessageContent ::= PKIMessages + */ + public class NestedMessageContent + : PkiMessages + { + public static NestedMessageContent GetInstance(object obj) + { + if (obj is NestedMessageContent nestedMessageContent) + return nestedMessageContent; + + if (obj != null) + return new NestedMessageContent(Asn1Sequence.GetInstance(obj)); + + return null; + } + + public NestedMessageContent(PkiMessage msg) + : base(msg) + { + } + + public NestedMessageContent(PkiMessage[] msgs) + : base(msgs) + { + } + + public NestedMessageContent(Asn1Sequence seq) + : base(seq) + { + } + } +} diff --git a/crypto/src/asn1/cmp/OobCert.cs b/crypto/src/asn1/cmp/OobCert.cs new file mode 100644 index 000000000..d47b87215 --- /dev/null +++ b/crypto/src/asn1/cmp/OobCert.cs @@ -0,0 +1,68 @@ +using System; +using System.IO; + +using Org.BouncyCastle.Asn1.X509; +using Org.BouncyCastle.Utilities; + +namespace Org.BouncyCastle.Asn1.Cmp +{ + /** + * OOBCert ::= CMPCertificate + */ + public class OobCert + : CmpCertificate + { + public static OobCert GetInstance(object obj) + { + if (obj == null) + return null; + + if (obj is OobCert oobCert) + return oobCert; + + if (obj is CmpCertificate cmpCertificate) + return GetInstance(cmpCertificate.GetEncoded()); + + if (obj is byte[] bs) + { + try + { + obj = Asn1Object.FromByteArray(bs); + } + catch (IOException) + { + throw new ArgumentException("Invalid encoding in OobCert"); + } + } + + if (obj is Asn1Sequence seq) + return new OobCert(X509CertificateStructure.GetInstance(obj)); + + if (obj is Asn1TaggedObject taggedObject) + return new OobCert(taggedObject.TagNo, taggedObject.GetObject()); + + throw new ArgumentException("Invalid object: " + Platform.GetTypeName(obj), nameof(obj)); + } + + public static OobCert GetInstance(Asn1TaggedObject taggedObject, bool declaredExplicit) + { + if (taggedObject == null) + return null; + + if (!declaredExplicit) + throw new ArgumentException("tag must be explicit"); + + return GetInstance(taggedObject.GetObject()); + } + + public OobCert(int type, Asn1Encodable otherCert) + : base(type, otherCert) + { + } + + public OobCert(X509CertificateStructure x509v3PKCert) + : base(x509v3PKCert) + { + } + } +} diff --git a/crypto/src/asn1/cmp/OobCertHash.cs b/crypto/src/asn1/cmp/OobCertHash.cs index 434939c0e..a18ff300d 100644 --- a/crypto/src/asn1/cmp/OobCertHash.cs +++ b/crypto/src/asn1/cmp/OobCertHash.cs @@ -6,18 +6,40 @@ using Org.BouncyCastle.Utilities; namespace Org.BouncyCastle.Asn1.Cmp { - public class OobCertHash + /** + * <pre> + * OOBCertHash ::= SEQUENCE { + * hashAlg [0] AlgorithmIdentifier OPTIONAL, + * certId [1] CertId OPTIONAL, + * hashVal BIT STRING + * -- hashVal is calculated over the DER encoding of the + * -- self-signed certificate with the identifier certID. + * } + * </pre> + */ + public class OobCertHash : Asn1Encodable { - private readonly AlgorithmIdentifier hashAlg; - private readonly CertId certId; - private readonly DerBitString hashVal; + public static OobCertHash GetInstance(object obj) + { + if (obj is OobCertHash oobCertHash) + return oobCertHash; + + if (obj != null) + return new OobCertHash(Asn1Sequence.GetInstance(obj)); + + return null; + } + + private readonly AlgorithmIdentifier m_hashAlg; + private readonly CertId m_certId; + private readonly DerBitString m_hashVal; private OobCertHash(Asn1Sequence seq) { int index = seq.Count - 1; - hashVal = DerBitString.GetInstance(seq[index--]); + m_hashVal = DerBitString.GetInstance(seq[index--]); for (int i = index; i >= 0; i--) { @@ -25,36 +47,21 @@ namespace Org.BouncyCastle.Asn1.Cmp if (tObj.TagNo == 0) { - hashAlg = AlgorithmIdentifier.GetInstance(tObj, true); + m_hashAlg = AlgorithmIdentifier.GetInstance(tObj, true); } else { - certId = CertId.GetInstance(tObj, true); + m_certId = CertId.GetInstance(tObj, true); } } } - public static OobCertHash GetInstance(object obj) - { - if (obj is OobCertHash) - return (OobCertHash)obj; + public virtual CertId CertID => m_certId; - if (obj is Asn1Sequence) - return new OobCertHash((Asn1Sequence)obj); + public virtual AlgorithmIdentifier HashAlg => m_hashAlg; + + public virtual DerBitString HashVal => m_hashVal; - throw new ArgumentException("Invalid object: " + Platform.GetTypeName(obj), "obj"); - } - - public virtual AlgorithmIdentifier HashAlg - { - get { return hashAlg; } - } - - public virtual CertId CertID - { - get { return certId; } - } - /** * <pre> * OobCertHash ::= SEQUENCE { @@ -70,9 +77,9 @@ namespace Org.BouncyCastle.Asn1.Cmp public override Asn1Object ToAsn1Object() { Asn1EncodableVector v = new Asn1EncodableVector(); - v.AddOptionalTagged(true, 0, hashAlg); - v.AddOptionalTagged(true, 1, certId); - v.Add(hashVal); + v.AddOptionalTagged(true, 0, m_hashAlg); + v.AddOptionalTagged(true, 1, m_certId); + v.Add(m_hashVal); return new DerSequence(v); } } diff --git a/crypto/src/asn1/cmp/PKIBody.cs b/crypto/src/asn1/cmp/PKIBody.cs index f17eed64d..68f63ab0b 100644 --- a/crypto/src/asn1/cmp/PKIBody.cs +++ b/crypto/src/asn1/cmp/PKIBody.cs @@ -6,6 +6,37 @@ using Org.BouncyCastle.Utilities; namespace Org.BouncyCastle.Asn1.Cmp { + /** + * PKIBody ::= CHOICE { -- message-specific body elements + * ir [0] CertReqMessages, --Initialization Request + * ip [1] CertRepMessage, --Initialization Response + * cr [2] CertReqMessages, --Certification Request + * cp [3] CertRepMessage, --Certification Response + * p10cr [4] CertificationRequest, --imported from [PKCS10] + * popdecc [5] POPODecKeyChallContent, --pop Challenge + * popdecr [6] POPODecKeyRespContent, --pop Response + * kur [7] CertReqMessages, --Key Update Request + * kup [8] CertRepMessage, --Key Update Response + * krr [9] CertReqMessages, --Key Recovery Request + * krp [10] KeyRecRepContent, --Key Recovery Response + * rr [11] RevReqContent, --Revocation Request + * rp [12] RevRepContent, --Revocation Response + * ccr [13] CertReqMessages, --Cross-Cert. Request + * ccp [14] CertRepMessage, --Cross-Cert. Response + * ckuann [15] CAKeyUpdAnnContent, --CA Key Update Ann. + * cann [16] CertAnnContent, --Certificate Ann. + * rann [17] RevAnnContent, --Revocation Ann. + * crlann [18] CRLAnnContent, --CRL Announcement + * pkiconf [19] PKIConfirmContent, --Confirmation + * nested [20] NestedMessageContent, --Nested Message + * genm [21] GenMsgContent, --General Message + * genp [22] GenRepContent, --General Response + * error [23] ErrorMsgContent, --Error Message + * certConf [24] CertConfirmContent, --Certificate confirm + * pollReq [25] PollReqContent, --Polling request + * pollRep [26] PollRepContent --Polling response + * } + */ public class PkiBody : Asn1Encodable, IAsn1Choice { @@ -37,24 +68,27 @@ namespace Org.BouncyCastle.Asn1.Cmp public const int TYPE_POLL_REQ = 25; public const int TYPE_POLL_REP = 26; - private int tagNo; - private Asn1Encodable body; - public static PkiBody GetInstance(object obj) { - if (obj is PkiBody) - return (PkiBody)obj; + if (obj == null) + return null; + + if (obj is PkiBody pkiBody) + return pkiBody; - if (obj is Asn1TaggedObject) - return new PkiBody((Asn1TaggedObject)obj); + if (obj is Asn1TaggedObject taggedObject) + return new PkiBody(taggedObject); - throw new ArgumentException("Invalid object: " + Platform.GetTypeName(obj), "obj"); + throw new ArgumentException("Invalid object: " + Platform.GetTypeName(obj), nameof(obj)); } - private PkiBody(Asn1TaggedObject tagged) + private readonly int m_tagNo; + private readonly Asn1Encodable m_body; + + private PkiBody(Asn1TaggedObject taggedObject) { - tagNo = tagged.TagNo; - body = GetBodyForType(tagNo, tagged.GetObject()); + m_tagNo = taggedObject.TagNo; + m_body = GetBodyForType(m_tagNo, taggedObject.GetObject()); } /** @@ -62,88 +96,78 @@ namespace Org.BouncyCastle.Asn1.Cmp * @param type one of the TYPE_* constants * @param content message content */ - public PkiBody( - int type, - Asn1Encodable content) + public PkiBody(int type, Asn1Encodable content) { - tagNo = type; - body = GetBodyForType(type, content); + m_tagNo = type; + m_body = GetBodyForType(type, content); } - private static Asn1Encodable GetBodyForType( - int type, - Asn1Encodable o) + private static Asn1Encodable GetBodyForType(int type, Asn1Encodable o) { switch (type) { - case TYPE_INIT_REQ: - return CertReqMessages.GetInstance(o); - case TYPE_INIT_REP: - return CertRepMessage.GetInstance(o); - case TYPE_CERT_REQ: - return CertReqMessages.GetInstance(o); - case TYPE_CERT_REP: - return CertRepMessage.GetInstance(o); - case TYPE_P10_CERT_REQ: - return CertificationRequest.GetInstance(o); - case TYPE_POPO_CHALL: - return PopoDecKeyChallContent.GetInstance(o); - case TYPE_POPO_REP: - return PopoDecKeyRespContent.GetInstance(o); - case TYPE_KEY_UPDATE_REQ: - return CertReqMessages.GetInstance(o); - case TYPE_KEY_UPDATE_REP: - return CertRepMessage.GetInstance(o); - case TYPE_KEY_RECOVERY_REQ: - return CertReqMessages.GetInstance(o); - case TYPE_KEY_RECOVERY_REP: - return KeyRecRepContent.GetInstance(o); - case TYPE_REVOCATION_REQ: - return RevReqContent.GetInstance(o); - case TYPE_REVOCATION_REP: - return RevRepContent.GetInstance(o); - case TYPE_CROSS_CERT_REQ: - return CertReqMessages.GetInstance(o); - case TYPE_CROSS_CERT_REP: - return CertRepMessage.GetInstance(o); - case TYPE_CA_KEY_UPDATE_ANN: - return CAKeyUpdAnnContent.GetInstance(o); - case TYPE_CERT_ANN: - return CmpCertificate.GetInstance(o); - case TYPE_REVOCATION_ANN: - return RevAnnContent.GetInstance(o); - case TYPE_CRL_ANN: - return CrlAnnContent.GetInstance(o); - case TYPE_CONFIRM: - return PkiConfirmContent.GetInstance(o); - case TYPE_NESTED: - return PkiMessages.GetInstance(o); - case TYPE_GEN_MSG: - return GenMsgContent.GetInstance(o); - case TYPE_GEN_REP: - return GenRepContent.GetInstance(o); - case TYPE_ERROR: - return ErrorMsgContent.GetInstance(o); - case TYPE_CERT_CONFIRM: - return CertConfirmContent.GetInstance(o); - case TYPE_POLL_REQ: - return PollReqContent.GetInstance(o); - case TYPE_POLL_REP: - return PollRepContent.GetInstance(o); - default: - throw new ArgumentException("unknown tag number: " + type, "type"); + case TYPE_INIT_REQ: + return CertReqMessages.GetInstance(o); + case TYPE_INIT_REP: + return CertRepMessage.GetInstance(o); + case TYPE_CERT_REQ: + return CertReqMessages.GetInstance(o); + case TYPE_CERT_REP: + return CertRepMessage.GetInstance(o); + case TYPE_P10_CERT_REQ: + return CertificationRequest.GetInstance(o); + case TYPE_POPO_CHALL: + return PopoDecKeyChallContent.GetInstance(o); + case TYPE_POPO_REP: + return PopoDecKeyRespContent.GetInstance(o); + case TYPE_KEY_UPDATE_REQ: + return CertReqMessages.GetInstance(o); + case TYPE_KEY_UPDATE_REP: + return CertRepMessage.GetInstance(o); + case TYPE_KEY_RECOVERY_REQ: + return CertReqMessages.GetInstance(o); + case TYPE_KEY_RECOVERY_REP: + return KeyRecRepContent.GetInstance(o); + case TYPE_REVOCATION_REQ: + return RevReqContent.GetInstance(o); + case TYPE_REVOCATION_REP: + return RevRepContent.GetInstance(o); + case TYPE_CROSS_CERT_REQ: + return CertReqMessages.GetInstance(o); + case TYPE_CROSS_CERT_REP: + return CertRepMessage.GetInstance(o); + case TYPE_CA_KEY_UPDATE_ANN: + return CAKeyUpdAnnContent.GetInstance(o); + case TYPE_CERT_ANN: + return CmpCertificate.GetInstance(o); + case TYPE_REVOCATION_ANN: + return RevAnnContent.GetInstance(o); + case TYPE_CRL_ANN: + return CrlAnnContent.GetInstance(o); + case TYPE_CONFIRM: + return PkiConfirmContent.GetInstance(o); + case TYPE_NESTED: + return PkiMessages.GetInstance(o); + case TYPE_GEN_MSG: + return GenMsgContent.GetInstance(o); + case TYPE_GEN_REP: + return GenRepContent.GetInstance(o); + case TYPE_ERROR: + return ErrorMsgContent.GetInstance(o); + case TYPE_CERT_CONFIRM: + return CertConfirmContent.GetInstance(o); + case TYPE_POLL_REQ: + return PollReqContent.GetInstance(o); + case TYPE_POLL_REP: + return PollRepContent.GetInstance(o); + default: + throw new ArgumentException("unknown tag number: " + type, nameof(type)); } } - public virtual int Type - { - get { return tagNo; } - } + public virtual Asn1Encodable Content => m_body; - public virtual Asn1Encodable Content - { - get { return body; } - } + public virtual int Type => m_tagNo; /** * <pre> @@ -181,7 +205,7 @@ namespace Org.BouncyCastle.Asn1.Cmp */ public override Asn1Object ToAsn1Object() { - return new DerTaggedObject(true, tagNo, body); + return new DerTaggedObject(true, m_tagNo, m_body); } } } diff --git a/crypto/src/asn1/cmp/PKIConfirmContent.cs b/crypto/src/asn1/cmp/PKIConfirmContent.cs index d154427a4..ecebb22a8 100644 --- a/crypto/src/asn1/cmp/PKIConfirmContent.cs +++ b/crypto/src/asn1/cmp/PKIConfirmContent.cs @@ -4,24 +4,38 @@ using Org.BouncyCastle.Utilities; namespace Org.BouncyCastle.Asn1.Cmp { - public class PkiConfirmContent + /** + * PKIConfirmContent ::= NULL + */ + public class PkiConfirmContent : Asn1Encodable { public static PkiConfirmContent GetInstance(object obj) { - if (obj is PkiConfirmContent) - return (PkiConfirmContent)obj; + if (obj == null) + return null; - if (obj is Asn1Null) - return new PkiConfirmContent(); + if (obj is PkiConfirmContent pkiConfirmContent) + return pkiConfirmContent; - throw new ArgumentException("Invalid object: " + Platform.GetTypeName(obj), "obj"); - } + if (obj is Asn1Null asn1Null) + return new PkiConfirmContent(asn1Null); - public PkiConfirmContent() - { + throw new ArgumentException("Invalid object: " + Platform.GetTypeName(obj), nameof(obj)); } + private readonly Asn1Null m_val; + + public PkiConfirmContent() + : this(DerNull.Instance) + { + } + + private PkiConfirmContent(Asn1Null val) + { + m_val = val; + } + /** * <pre> * PkiConfirmContent ::= NULL @@ -30,7 +44,7 @@ namespace Org.BouncyCastle.Asn1.Cmp */ public override Asn1Object ToAsn1Object() { - return DerNull.Instance; + return m_val; } } } diff --git a/crypto/src/asn1/cmp/PKIFailureInfo.cs b/crypto/src/asn1/cmp/PKIFailureInfo.cs index 75a3ff0d7..fd37665b9 100644 --- a/crypto/src/asn1/cmp/PKIFailureInfo.cs +++ b/crypto/src/asn1/cmp/PKIFailureInfo.cs @@ -21,7 +21,7 @@ namespace Org.BouncyCastle.Asn1.Cmp * certRevoked (10), * certConfirmed (11), * wrongIntegrity (12), - * badRecipientNonce (13), + * badRecipientNonce (13), * timeNotAvailable (14), * -- the TSA's time source is not available * unacceptedPolicy (15), @@ -37,13 +37,13 @@ namespace Org.BouncyCastle.Asn1.Cmp * transactionIdInUse (21), * unsupportedVersion (22), * notAuthorized (23), - * systemUnavail (24), + * systemUnavail (24), * systemFailure (25), * -- the request cannot be handled due to system failure - * duplicateCertReq (26) + * duplicateCertReq (26) * </pre> */ - public class PkiFailureInfo + public class PkiFailureInfo : DerBitString { public const int BadAlg = (1 << 7); // unrecognized or unsupported Algorithm Identifier diff --git a/crypto/src/asn1/cmp/PKIFreeText.cs b/crypto/src/asn1/cmp/PKIFreeText.cs index 006930320..f3a4b8a81 100644 --- a/crypto/src/asn1/cmp/PKIFreeText.cs +++ b/crypto/src/asn1/cmp/PKIFreeText.cs @@ -1,61 +1,66 @@ using System; -using Org.BouncyCastle.Utilities; - namespace Org.BouncyCastle.Asn1.Cmp { public class PkiFreeText : Asn1Encodable { - internal Asn1Sequence strings; - - public static PkiFreeText GetInstance( - Asn1TaggedObject obj, - bool isExplicit) + public static PkiFreeText GetInstance(object obj) { - return GetInstance(Asn1Sequence.GetInstance(obj, isExplicit)); + if (obj is PkiFreeText pkiFreeText) + return pkiFreeText; + + if (obj != null) + return new PkiFreeText(Asn1Sequence.GetInstance(obj)); + + return null; } - public static PkiFreeText GetInstance( - object obj) + public static PkiFreeText GetInstance(Asn1TaggedObject taggedObject, bool declaredExplicit) + { + return GetInstance(Asn1Sequence.GetInstance(taggedObject, declaredExplicit)); + } + + internal Asn1Sequence m_strings; + + internal PkiFreeText(Asn1Sequence seq) { - if (obj is PkiFreeText) - { - return (PkiFreeText)obj; - } - else if (obj is Asn1Sequence) + foreach (var element in seq) { - return new PkiFreeText((Asn1Sequence)obj); + if (!(element is DerUtf8String)) + throw new ArgumentException("attempt to insert non UTF8 STRING into PkiFreeText"); } - throw new ArgumentException("Unknown object in factory: " + Platform.GetTypeName(obj), "obj"); + m_strings = seq; } - public PkiFreeText( - Asn1Sequence seq) + public PkiFreeText(DerUtf8String p) { - foreach (object o in seq) - { - if (!(o is DerUtf8String)) - { - throw new ArgumentException("attempt to insert non UTF8 STRING into PkiFreeText"); - } - } + m_strings = new DerSequence(p); + } - this.strings = seq; + public PkiFreeText(string p) + : this(new DerUtf8String(p)) + { } - public PkiFreeText( - DerUtf8String p) + public PkiFreeText(DerUtf8String[] strs) { - strings = new DerSequence(p); + m_strings = new DerSequence(strs); } - public int Count + public PkiFreeText(string[] strs) { - get { return strings.Count; } + Asn1EncodableVector v = new Asn1EncodableVector(strs.Length); + for (int i = 0; i < strs.Length; i++) + { + v.Add(new DerUtf8String(strs[i])); + } + m_strings = new DerSequence(v); } + public virtual int Count => m_strings.Count; + /** * Return the UTF8STRING at index. * @@ -64,7 +69,7 @@ namespace Org.BouncyCastle.Asn1.Cmp */ public DerUtf8String this[int index] { - get { return (DerUtf8String) strings[index]; } + get { return (DerUtf8String)m_strings[index]; } } /** @@ -74,7 +79,7 @@ namespace Org.BouncyCastle.Asn1.Cmp */ public override Asn1Object ToAsn1Object() { - return strings; + return m_strings; } } } diff --git a/crypto/src/asn1/cmp/PKIHeader.cs b/crypto/src/asn1/cmp/PKIHeader.cs index 7b6296279..553a81bc0 100644 --- a/crypto/src/asn1/cmp/PKIHeader.cs +++ b/crypto/src/asn1/cmp/PKIHeader.cs @@ -41,35 +41,35 @@ namespace Org.BouncyCastle.Asn1.Cmp switch (tObj.TagNo) { - case 0: - messageTime = DerGeneralizedTime.GetInstance(tObj, true); - break; - case 1: - protectionAlg = AlgorithmIdentifier.GetInstance(tObj, true); - break; - case 2: - senderKID = Asn1OctetString.GetInstance(tObj, true); - break; - case 3: - recipKID = Asn1OctetString.GetInstance(tObj, true); - break; - case 4: - transactionID = Asn1OctetString.GetInstance(tObj, true); - break; - case 5: - senderNonce = Asn1OctetString.GetInstance(tObj, true); - break; - case 6: - recipNonce = Asn1OctetString.GetInstance(tObj, true); - break; - case 7: - freeText = PkiFreeText.GetInstance(tObj, true); - break; - case 8: - generalInfo = Asn1Sequence.GetInstance(tObj, true); - break; - default: - throw new ArgumentException("unknown tag number: " + tObj.TagNo, "seq"); + case 0: + messageTime = DerGeneralizedTime.GetInstance(tObj, true); + break; + case 1: + protectionAlg = AlgorithmIdentifier.GetInstance(tObj, true); + break; + case 2: + senderKID = Asn1OctetString.GetInstance(tObj, true); + break; + case 3: + recipKID = Asn1OctetString.GetInstance(tObj, true); + break; + case 4: + transactionID = Asn1OctetString.GetInstance(tObj, true); + break; + case 5: + senderNonce = Asn1OctetString.GetInstance(tObj, true); + break; + case 6: + recipNonce = Asn1OctetString.GetInstance(tObj, true); + break; + case 7: + freeText = PkiFreeText.GetInstance(tObj, true); + break; + case 8: + generalInfo = Asn1Sequence.GetInstance(tObj, true); + break; + default: + throw new ArgumentException("unknown tag number: " + tObj.TagNo, nameof(seq)); } } } diff --git a/crypto/src/asn1/cmp/PKIMessages.cs b/crypto/src/asn1/cmp/PKIMessages.cs index eb01e544a..0008f476a 100644 --- a/crypto/src/asn1/cmp/PKIMessages.cs +++ b/crypto/src/asn1/cmp/PKIMessages.cs @@ -9,7 +9,7 @@ namespace Org.BouncyCastle.Asn1.Cmp { private Asn1Sequence content; - private PkiMessages(Asn1Sequence seq) + internal PkiMessages(Asn1Sequence seq) { content = seq; } diff --git a/crypto/src/asn1/cmp/PbmParameter.cs b/crypto/src/asn1/cmp/PbmParameter.cs index 206b89ba1..f4b702ed5 100644 --- a/crypto/src/asn1/cmp/PbmParameter.cs +++ b/crypto/src/asn1/cmp/PbmParameter.cs @@ -1,77 +1,74 @@ using System; using Org.BouncyCastle.Asn1.X509; -using Org.BouncyCastle.Utilities; namespace Org.BouncyCastle.Asn1.Cmp { + /** + * PBMParameter ::= SEQUENCE { + * salt OCTET STRING, + * -- note: implementations MAY wish to limit acceptable sizes + * -- of this string to values appropriate for their environment + * -- in order to reduce the risk of denial-of-service attacks + * owf AlgorithmIdentifier, + * -- AlgId for a One-Way Function (SHA-1 recommended) + * iterationCount INTEGER, + * -- number of times the OWF is applied + * -- note: implementations MAY wish to limit acceptable sizes + * -- of this integer to values appropriate for their environment + * -- in order to reduce the risk of denial-of-service attacks + * mac AlgorithmIdentifier + * -- the MAC AlgId (e.g., DES-MAC, Triple-DES-MAC [PKCS11], + * } -- or HMAC [RFC2104, RFC2202]) + */ public class PbmParameter : Asn1Encodable { - private Asn1OctetString salt; - private AlgorithmIdentifier owf; - private DerInteger iterationCount; - private AlgorithmIdentifier mac; - - private PbmParameter(Asn1Sequence seq) - { - salt = Asn1OctetString.GetInstance(seq[0]); - owf = AlgorithmIdentifier.GetInstance(seq[1]); - iterationCount = DerInteger.GetInstance(seq[2]); - mac = AlgorithmIdentifier.GetInstance(seq[3]); - } - public static PbmParameter GetInstance(object obj) { - if (obj is PbmParameter) - return (PbmParameter)obj; + if (obj is PbmParameter pbmParameter) + return pbmParameter; - if (obj is Asn1Sequence) - return new PbmParameter((Asn1Sequence)obj); + if (obj != null) + return new PbmParameter(Asn1Sequence.GetInstance(obj)); - throw new ArgumentException("Invalid object: " + Platform.GetTypeName(obj), "obj"); + return null; } - public PbmParameter( - byte[] salt, - AlgorithmIdentifier owf, - int iterationCount, - AlgorithmIdentifier mac) - : this(new DerOctetString(salt), owf, new DerInteger(iterationCount), mac) - { - } + private readonly Asn1OctetString m_salt; + private readonly AlgorithmIdentifier m_owf; + private readonly DerInteger m_iterationCount; + private readonly AlgorithmIdentifier m_mac; - public PbmParameter( - Asn1OctetString salt, - AlgorithmIdentifier owf, - DerInteger iterationCount, - AlgorithmIdentifier mac) + private PbmParameter(Asn1Sequence seq) { - this.salt = salt; - this.owf = owf; - this.iterationCount = iterationCount; - this.mac = mac; + m_salt = Asn1OctetString.GetInstance(seq[0]); + m_owf = AlgorithmIdentifier.GetInstance(seq[1]); + m_iterationCount = DerInteger.GetInstance(seq[2]); + m_mac = AlgorithmIdentifier.GetInstance(seq[3]); } - public virtual Asn1OctetString Salt + public PbmParameter(byte[] salt, AlgorithmIdentifier owf, int iterationCount, AlgorithmIdentifier mac) + : this(new DerOctetString(salt), owf, new DerInteger(iterationCount), mac) { - get { return salt; } } - public virtual AlgorithmIdentifier Owf + public PbmParameter(Asn1OctetString salt, AlgorithmIdentifier owf, DerInteger iterationCount, + AlgorithmIdentifier mac) { - get { return owf; } + m_salt = salt; + m_owf = owf; + m_iterationCount = iterationCount; + m_mac = mac; } - public virtual DerInteger IterationCount - { - get { return iterationCount; } - } + public virtual DerInteger IterationCount => m_iterationCount; - public virtual AlgorithmIdentifier Mac - { - get { return mac; } - } + public virtual AlgorithmIdentifier Mac => m_mac; + + public virtual AlgorithmIdentifier Owf => m_owf; + + public virtual Asn1OctetString Salt => m_salt; /** * <pre> @@ -95,7 +92,7 @@ namespace Org.BouncyCastle.Asn1.Cmp */ public override Asn1Object ToAsn1Object() { - return new DerSequence(salt, owf, iterationCount, mac); + return new DerSequence(m_salt, m_owf, m_iterationCount, m_mac); } } } diff --git a/crypto/src/asn1/cmp/PollRepContent.cs b/crypto/src/asn1/cmp/PollRepContent.cs index ff75d7d6d..15f153a5d 100644 --- a/crypto/src/asn1/cmp/PollRepContent.cs +++ b/crypto/src/asn1/cmp/PollRepContent.cs @@ -1,71 +1,69 @@ -using System; - -using Org.BouncyCastle.Utilities; - namespace Org.BouncyCastle.Asn1.Cmp { - public class PollRepContent + /** + * PollRepContent ::= SEQUENCE OF SEQUENCE { + * certReqId INTEGER, + * checkAfter INTEGER, -- time in seconds + * reason PKIFreeText OPTIONAL } + */ + public class PollRepContent : Asn1Encodable { - private readonly DerInteger certReqId; - private readonly DerInteger checkAfter; - private readonly PkiFreeText reason; + public static PollRepContent GetInstance(object obj) + { + if (obj is PollRepContent pollRepContent) + return pollRepContent; + + if (obj != null) + return new PollRepContent(Asn1Sequence.GetInstance(obj)); + + return null; + } + + private readonly DerInteger[] m_certReqID; + private readonly DerInteger[] m_checkAfter; + private readonly PkiFreeText[] m_reason; private PollRepContent(Asn1Sequence seq) { - certReqId = DerInteger.GetInstance(seq[0]); - checkAfter = DerInteger.GetInstance(seq[1]); + int count = seq.Count; + m_certReqID = new DerInteger[count]; + m_checkAfter = new DerInteger[count]; + m_reason = new PkiFreeText[count]; - if (seq.Count > 2) + for (int i = 0; i != count; i++) { - reason = PkiFreeText.GetInstance(seq[2]); - } - } - - public static PollRepContent GetInstance(object obj) - { - if (obj is PollRepContent) - return (PollRepContent)obj; + Asn1Sequence s = Asn1Sequence.GetInstance(seq[i]); - if (obj is Asn1Sequence) - return new PollRepContent((Asn1Sequence)obj); + m_certReqID[i] = DerInteger.GetInstance(s[0]); + m_checkAfter[i] = DerInteger.GetInstance(s[1]); - throw new ArgumentException("Invalid object: " + Platform.GetTypeName(obj), "obj"); + if (s.Count > 2) + { + m_reason[i] = PkiFreeText.GetInstance(s[2]); + } + } } - public PollRepContent( - DerInteger certReqId, - DerInteger checkAfter) + public PollRepContent(DerInteger certReqID, DerInteger checkAfter) + : this(certReqID, checkAfter, null) { - this.certReqId = certReqId; - this.checkAfter = checkAfter; - this.reason = null; } - public PollRepContent( - DerInteger certReqId, - DerInteger checkAfter, - PkiFreeText reason) + public PollRepContent(DerInteger certReqID, DerInteger checkAfter, PkiFreeText reason) { - this.certReqId = certReqId; - this.checkAfter = checkAfter; - this.reason = reason; - } + m_certReqID = new DerInteger[1]{ certReqID }; + m_checkAfter = new DerInteger[1]{ checkAfter }; + m_reason = new PkiFreeText[1]{ reason }; + } - public virtual DerInteger CertReqID - { - get { return certReqId; } - } + public virtual int Count => m_certReqID.Length; - public virtual DerInteger CheckAfter - { - get { return checkAfter; } - } + public virtual DerInteger GetCertReqID(int index) => m_certReqID[index]; - public virtual PkiFreeText Reason - { - get { return reason; } - } + public virtual DerInteger GetCheckAfter(int index) => m_checkAfter[index]; + + public virtual PkiFreeText GetReason(int index) => m_reason[index]; /** * <pre> @@ -79,9 +77,20 @@ namespace Org.BouncyCastle.Asn1.Cmp */ public override Asn1Object ToAsn1Object() { - Asn1EncodableVector v = new Asn1EncodableVector(certReqId, checkAfter); - v.AddOptional(reason); - return new DerSequence(v); + Asn1EncodableVector outer = new Asn1EncodableVector(m_certReqID.Length); + + for (int i = 0; i != m_certReqID.Length; i++) + { + Asn1EncodableVector v = new Asn1EncodableVector(3); + + v.Add(m_certReqID[i]); + v.Add(m_checkAfter[i]); + v.AddOptional(m_reason[i]); + + outer.Add(new DerSequence(v)); + } + + return new DerSequence(outer); } } } diff --git a/crypto/src/asn1/cmp/PollReqContent.cs b/crypto/src/asn1/cmp/PollReqContent.cs index dd9b0c352..80a39348a 100644 --- a/crypto/src/asn1/cmp/PollReqContent.cs +++ b/crypto/src/asn1/cmp/PollReqContent.cs @@ -1,51 +1,91 @@ -using System; - -using Org.BouncyCastle.Utilities; +using Org.BouncyCastle.Math; namespace Org.BouncyCastle.Asn1.Cmp { public class PollReqContent : Asn1Encodable { - private readonly Asn1Sequence content; + public static PollReqContent GetInstance(object obj) + { + if (obj is PollReqContent pollReqContent) + return pollReqContent; + + if (obj != null) + return new PollReqContent(Asn1Sequence.GetInstance(obj)); + + return null; + } + + private readonly Asn1Sequence m_content; private PollReqContent(Asn1Sequence seq) { - content = seq; + m_content = seq; } - public static PollReqContent GetInstance(object obj) + /** + * Create a pollReqContent for a single certReqId. + * + * @param certReqId the certificate request ID. + */ + public PollReqContent(DerInteger certReqId) + : this(new DerSequence(new DerSequence(certReqId))) { - if (obj is PollReqContent) - return (PollReqContent)obj; + } - if (obj is Asn1Sequence) - return new PollReqContent((Asn1Sequence)obj); + /** + * Create a pollReqContent for a multiple certReqIds. + * + * @param certReqIds the certificate request IDs. + */ + public PollReqContent(DerInteger[] certReqIds) + : this(new DerSequence(IntsToSequence(certReqIds))) + { + } - throw new ArgumentException("Invalid object: " + Platform.GetTypeName(obj), "obj"); + /** + * Create a pollReqContent for a single certReqId. + * + * @param certReqId the certificate request ID. + */ + public PollReqContent(BigInteger certReqId) + : this(new DerInteger(certReqId)) + { } - public virtual DerInteger[][] GetCertReqIDs() + /** + * Create a pollReqContent for a multiple certReqIds. + * + * @param certReqIds the certificate request IDs. + */ + public PollReqContent(BigInteger[] certReqIds) + : this(IntsToAsn1(certReqIds)) { - DerInteger[][] result = new DerInteger[content.Count][]; - for (int i = 0; i != result.Length; ++i) - { - result[i] = SequenceToDerIntegerArray((Asn1Sequence)content[i]); - } - return result; } - private static DerInteger[] SequenceToDerIntegerArray(Asn1Sequence seq) + public virtual DerInteger[][] GetCertReqIDs() { - DerInteger[] result = new DerInteger[seq.Count]; + DerInteger[][] result = new DerInteger[m_content.Count][]; for (int i = 0; i != result.Length; ++i) { - result[i] = DerInteger.GetInstance(seq[i]); + result[i] = SequenceToDerIntegerArray((Asn1Sequence)m_content[i]); } return result; } - /** + public virtual BigInteger[] GetCertReqIDValues() + { + BigInteger[] result = new BigInteger[m_content.Count]; + + for (int i = 0; i != result.Length; i++) + { + result[i] = DerInteger.GetInstance(Asn1Sequence.GetInstance(m_content[i])[0]).Value; + } + + return result; + } + + /** * <pre> * PollReqContent ::= SEQUENCE OF SEQUENCE { * certReqId INTEGER @@ -53,9 +93,38 @@ namespace Org.BouncyCastle.Asn1.Cmp * </pre> * @return a basic ASN.1 object representation. */ - public override Asn1Object ToAsn1Object() + public override Asn1Object ToAsn1Object() + { + return m_content; + } + + private static DerInteger[] SequenceToDerIntegerArray(Asn1Sequence seq) + { + return seq.MapElements(DerInteger.GetInstance); + } + + private static DerSequence[] IntsToSequence(DerInteger[] ids) { - return content; + DerSequence[] result = new DerSequence[ids.Length]; + + for (int i = 0; i != result.Length; i++) + { + result[i] = new DerSequence(ids[i]); + } + + return result; + } + + private static DerInteger[] IntsToAsn1(BigInteger[] ids) + { + DerInteger[] result = new DerInteger[ids.Length]; + + for (int i = 0; i != result.Length; i++) + { + result[i] = new DerInteger(ids[i]); + } + + return result; } } } diff --git a/crypto/src/asn1/cmp/PopoDecKeyChallContent.cs b/crypto/src/asn1/cmp/PopoDecKeyChallContent.cs index 03a13a5d5..0bd1597c8 100644 --- a/crypto/src/asn1/cmp/PopoDecKeyChallContent.cs +++ b/crypto/src/asn1/cmp/PopoDecKeyChallContent.cs @@ -1,38 +1,31 @@ using System; -using Org.BouncyCastle.Utilities; - namespace Org.BouncyCastle.Asn1.Cmp { public class PopoDecKeyChallContent : Asn1Encodable { - private readonly Asn1Sequence content; + public static PopoDecKeyChallContent GetInstance(object obj) + { + if (obj is PopoDecKeyChallContent popoDecKeyChallContent) + return popoDecKeyChallContent; - private PopoDecKeyChallContent(Asn1Sequence seq) - { - content = seq; - } + if (obj != null) + return new PopoDecKeyChallContent(Asn1Sequence.GetInstance(obj)); - public static PopoDecKeyChallContent GetInstance(object obj) - { - if (obj is PopoDecKeyChallContent) - return (PopoDecKeyChallContent)obj; + return null; + } - if (obj is Asn1Sequence) - return new PopoDecKeyChallContent((Asn1Sequence)obj); + private readonly Asn1Sequence m_content; - throw new ArgumentException("Invalid object: " + Platform.GetTypeName(obj), "obj"); + private PopoDecKeyChallContent(Asn1Sequence seq) + { + m_content = seq; } public virtual Challenge[] ToChallengeArray() { - Challenge[] result = new Challenge[content.Count]; - for (int i = 0; i != result.Length; ++i) - { - result[i] = Challenge.GetInstance(content[i]); - } - return result; + return m_content.MapElements(Challenge.GetInstance); } /** @@ -43,7 +36,7 @@ namespace Org.BouncyCastle.Asn1.Cmp */ public override Asn1Object ToAsn1Object() { - return content; + return m_content; } } } diff --git a/crypto/src/asn1/cmp/PopoDecKeyRespContent.cs b/crypto/src/asn1/cmp/PopoDecKeyRespContent.cs index 73f59b7c1..77d720271 100644 --- a/crypto/src/asn1/cmp/PopoDecKeyRespContent.cs +++ b/crypto/src/asn1/cmp/PopoDecKeyRespContent.cs @@ -1,38 +1,29 @@ -using System; - -using Org.BouncyCastle.Utilities; - namespace Org.BouncyCastle.Asn1.Cmp { public class PopoDecKeyRespContent : Asn1Encodable { - private readonly Asn1Sequence content; + public static PopoDecKeyRespContent GetInstance(object obj) + { + if (obj is PopoDecKeyRespContent popoDecKeyRespContent) + return popoDecKeyRespContent; - private PopoDecKeyRespContent(Asn1Sequence seq) - { - content = seq; - } + if (obj != null) + return new PopoDecKeyRespContent(Asn1Sequence.GetInstance(obj)); - public static PopoDecKeyRespContent GetInstance(object obj) - { - if (obj is PopoDecKeyRespContent) - return (PopoDecKeyRespContent)obj; + return null; + } - if (obj is Asn1Sequence) - return new PopoDecKeyRespContent((Asn1Sequence)obj); + private readonly Asn1Sequence m_content; - throw new ArgumentException("Invalid object: " + Platform.GetTypeName(obj), "obj"); + private PopoDecKeyRespContent(Asn1Sequence seq) + { + m_content = seq; } - public virtual DerInteger[] ToDerIntegerArray() + public virtual DerInteger[] ToIntegerArray() { - DerInteger[] result = new DerInteger[content.Count]; - for (int i = 0; i != result.Length; ++i) - { - result[i] = DerInteger.GetInstance(content[i]); - } - return result; + return m_content.MapElements(DerInteger.GetInstance); } /** @@ -43,7 +34,7 @@ namespace Org.BouncyCastle.Asn1.Cmp */ public override Asn1Object ToAsn1Object() { - return content; + return m_content; } } } diff --git a/crypto/src/asn1/cmp/ProtectedPart.cs b/crypto/src/asn1/cmp/ProtectedPart.cs index ed90708f9..fc83ac6c6 100644 --- a/crypto/src/asn1/cmp/ProtectedPart.cs +++ b/crypto/src/asn1/cmp/ProtectedPart.cs @@ -1,47 +1,37 @@ -using System; - -using Org.BouncyCastle.Utilities; - namespace Org.BouncyCastle.Asn1.Cmp { public class ProtectedPart : Asn1Encodable { - private readonly PkiHeader header; - private readonly PkiBody body; - - private ProtectedPart(Asn1Sequence seq) - { - header = PkiHeader.GetInstance(seq[0]); - body = PkiBody.GetInstance(seq[1]); - } + public static ProtectedPart GetInstance(object obj) + { + if (obj is ProtectedPart protectedPart) + return protectedPart; - public static ProtectedPart GetInstance(object obj) - { - if (obj is ProtectedPart) - return (ProtectedPart)obj; + if (obj != null) + return new ProtectedPart(Asn1Sequence.GetInstance(obj)); - if (obj is Asn1Sequence) - return new ProtectedPart((Asn1Sequence)obj); + return null; + } - throw new ArgumentException("Invalid object: " + Platform.GetTypeName(obj), "obj"); - } + private readonly PkiHeader m_header; + private readonly PkiBody m_body; - public ProtectedPart(PkiHeader header, PkiBody body) + private ProtectedPart(Asn1Sequence seq) { - this.header = header; - this.body = body; + m_header = PkiHeader.GetInstance(seq[0]); + m_body = PkiBody.GetInstance(seq[1]); } - public virtual PkiHeader Header + public ProtectedPart(PkiHeader header, PkiBody body) { - get { return header; } + m_header = header; + m_body = body; } - public virtual PkiBody Body - { - get { return body; } - } + public virtual PkiHeader Header => m_header; + + public virtual PkiBody Body => m_body; /** * <pre> @@ -54,7 +44,7 @@ namespace Org.BouncyCastle.Asn1.Cmp */ public override Asn1Object ToAsn1Object() { - return new DerSequence(header, body); + return new DerSequence(m_header, m_body); } } } diff --git a/crypto/src/asn1/cmp/RevAnnContent.cs b/crypto/src/asn1/cmp/RevAnnContent.cs index d5d42625c..4ef6fdbf7 100644 --- a/crypto/src/asn1/cmp/RevAnnContent.cs +++ b/crypto/src/asn1/cmp/RevAnnContent.cs @@ -1,68 +1,66 @@ -using System; - using Org.BouncyCastle.Asn1.Crmf; using Org.BouncyCastle.Asn1.X509; -using Org.BouncyCastle.Utilities; namespace Org.BouncyCastle.Asn1.Cmp { public class RevAnnContent : Asn1Encodable { - private readonly PkiStatusEncodable status; - private readonly CertId certId; - private readonly DerGeneralizedTime willBeRevokedAt; - private readonly DerGeneralizedTime badSinceDate; - private readonly X509Extensions crlDetails; + public static RevAnnContent GetInstance(object obj) + { + if (obj is RevAnnContent revAnnContent) + return revAnnContent; - private RevAnnContent(Asn1Sequence seq) - { - status = PkiStatusEncodable.GetInstance(seq[0]); - certId = CertId.GetInstance(seq[1]); - willBeRevokedAt = DerGeneralizedTime.GetInstance(seq[2]); - badSinceDate = DerGeneralizedTime.GetInstance(seq[3]); + if (obj != null) + return new RevAnnContent(Asn1Sequence.GetInstance(obj)); - if (seq.Count > 4) - { - crlDetails = X509Extensions.GetInstance(seq[4]); - } - } + return null; + } - public static RevAnnContent GetInstance(object obj) - { - if (obj is RevAnnContent) - return (RevAnnContent)obj; - - if (obj is Asn1Sequence) - return new RevAnnContent((Asn1Sequence)obj); + private readonly PkiStatusEncodable m_status; + private readonly CertId m_certID; + private readonly DerGeneralizedTime m_willBeRevokedAt; + private readonly DerGeneralizedTime m_badSinceDate; + private readonly X509Extensions m_crlDetails; - throw new ArgumentException("Invalid object: " + Platform.GetTypeName(obj), "obj"); + public RevAnnContent(PkiStatusEncodable status, CertId certID, DerGeneralizedTime willBeRevokedAt, + DerGeneralizedTime badSinceDate) + : this(status, certID, willBeRevokedAt, badSinceDate, null) + { } - public virtual PkiStatusEncodable Status - { - get { return status; } - } + public RevAnnContent(PkiStatusEncodable status, CertId certID, DerGeneralizedTime willBeRevokedAt, + DerGeneralizedTime badSinceDate, X509Extensions crlDetails) + { + m_status = status; + m_certID = certID; + m_willBeRevokedAt = willBeRevokedAt; + m_badSinceDate = badSinceDate; + m_crlDetails = crlDetails; + } - public virtual CertId CertID + private RevAnnContent(Asn1Sequence seq) { - get { return certId; } - } + m_status = PkiStatusEncodable.GetInstance(seq[0]); + m_certID = CertId.GetInstance(seq[1]); + m_willBeRevokedAt = DerGeneralizedTime.GetInstance(seq[2]); + m_badSinceDate = DerGeneralizedTime.GetInstance(seq[3]); - public virtual DerGeneralizedTime WillBeRevokedAt - { - get { return willBeRevokedAt; } + if (seq.Count > 4) + { + m_crlDetails = X509Extensions.GetInstance(seq[4]); + } } - public virtual DerGeneralizedTime BadSinceDate - { - get { return badSinceDate; } - } + public virtual PkiStatusEncodable Status => m_status; - public virtual X509Extensions CrlDetails - { - get { return crlDetails; } - } + public virtual CertId CertID => m_certID; + + public virtual DerGeneralizedTime WillBeRevokedAt => m_willBeRevokedAt; + + public virtual DerGeneralizedTime BadSinceDate => m_badSinceDate; + + public virtual X509Extensions CrlDetails => m_crlDetails; /** * <pre> @@ -79,8 +77,8 @@ namespace Org.BouncyCastle.Asn1.Cmp */ public override Asn1Object ToAsn1Object() { - Asn1EncodableVector v = new Asn1EncodableVector(status, certId, willBeRevokedAt, badSinceDate); - v.AddOptional(crlDetails); + Asn1EncodableVector v = new Asn1EncodableVector(m_status, m_certID, m_willBeRevokedAt, m_badSinceDate); + v.AddOptional(m_crlDetails); return new DerSequence(v); } } diff --git a/crypto/src/asn1/cmp/RevDetails.cs b/crypto/src/asn1/cmp/RevDetails.cs index 7d2a65ab9..9472d7775 100644 --- a/crypto/src/asn1/cmp/RevDetails.cs +++ b/crypto/src/asn1/cmp/RevDetails.cs @@ -1,56 +1,61 @@ -using System; - using Org.BouncyCastle.Asn1.Crmf; using Org.BouncyCastle.Asn1.X509; -using Org.BouncyCastle.Utilities; namespace Org.BouncyCastle.Asn1.Cmp { - public class RevDetails + /** + * <pre> + * RevDetails ::= SEQUENCE { + * certDetails CertTemplate, + * -- allows requester to specify as much as they can about + * -- the cert. for which revocation is requested + * -- (e.g., for cases in which serialNumber is not available) + * crlEntryDetails Extensions OPTIONAL + * -- requested crlEntryExtensions + * } + * </pre> + */ + public class RevDetails : Asn1Encodable { - private readonly CertTemplate certDetails; - private readonly X509Extensions crlEntryDetails; + public static RevDetails GetInstance(object obj) + { + if (obj is RevDetails revDetails) + return revDetails; - private RevDetails(Asn1Sequence seq) - { - certDetails = CertTemplate.GetInstance(seq[0]); - crlEntryDetails = seq.Count <= 1 - ? null - : X509Extensions.GetInstance(seq[1]); - } + if (obj != null) + return new RevDetails(Asn1Sequence.GetInstance(obj)); - public static RevDetails GetInstance(object obj) - { - if (obj is RevDetails) - return (RevDetails)obj; + return null; + } - if (obj is Asn1Sequence) - return new RevDetails((Asn1Sequence)obj); + private readonly CertTemplate m_certDetails; + private readonly X509Extensions m_crlEntryDetails; - throw new ArgumentException("Invalid object: " + Platform.GetTypeName(obj), "obj"); + private RevDetails(Asn1Sequence seq) + { + m_certDetails = CertTemplate.GetInstance(seq[0]); + + if (seq.Count > 1) + { + m_crlEntryDetails = X509Extensions.GetInstance(seq[1]); + } } public RevDetails(CertTemplate certDetails) - : this(certDetails, null) + : this(certDetails, null) { } public RevDetails(CertTemplate certDetails, X509Extensions crlEntryDetails) { - this.certDetails = certDetails; - this.crlEntryDetails = crlEntryDetails; + m_certDetails = certDetails; + m_crlEntryDetails = crlEntryDetails; } - public virtual CertTemplate CertDetails - { - get { return certDetails; } - } + public virtual CertTemplate CertDetails => m_certDetails; - public virtual X509Extensions CrlEntryDetails - { - get { return crlEntryDetails; } - } + public virtual X509Extensions CrlEntryDetails => m_crlEntryDetails; /** * <pre> @@ -67,8 +72,8 @@ namespace Org.BouncyCastle.Asn1.Cmp */ public override Asn1Object ToAsn1Object() { - Asn1EncodableVector v = new Asn1EncodableVector(certDetails); - v.AddOptional(crlEntryDetails); + Asn1EncodableVector v = new Asn1EncodableVector(m_certDetails); + v.AddOptional(m_crlEntryDetails); return new DerSequence(v); } } diff --git a/crypto/src/asn1/cmp/RevRepContent.cs b/crypto/src/asn1/cmp/RevRepContent.cs index 4b3f82b96..841b3cf94 100644 --- a/crypto/src/asn1/cmp/RevRepContent.cs +++ b/crypto/src/asn1/cmp/RevRepContent.cs @@ -1,21 +1,43 @@ -using System; - using Org.BouncyCastle.Asn1.Crmf; using Org.BouncyCastle.Asn1.X509; -using Org.BouncyCastle.Utilities; namespace Org.BouncyCastle.Asn1.Cmp { - public class RevRepContent + /** + * <pre> + * RevRepContent ::= SEQUENCE { + * status SEQUENCE SIZE (1..MAX) OF PKIStatusInfo, + * -- in same order as was sent in RevReqContent + * revCerts [0] SEQUENCE SIZE (1..MAX) OF CertId + * OPTIONAL, + * -- IDs for which revocation was requested + * -- (same order as status) + * crls [1] SEQUENCE SIZE (1..MAX) OF CertificateList OPTIONAL + * -- the resulting CRLs (there may be more than one) + * } + *</pre> + */ + public class RevRepContent : Asn1Encodable { - private readonly Asn1Sequence status; - private readonly Asn1Sequence revCerts; - private readonly Asn1Sequence crls; + public static RevRepContent GetInstance(object obj) + { + if (obj is RevRepContent revRepContent) + return revRepContent; + + if (obj != null) + return new RevRepContent(Asn1Sequence.GetInstance(obj)); + + return null; + } + + private readonly Asn1Sequence m_status; + private readonly Asn1Sequence m_revCerts; + private readonly Asn1Sequence m_crls; private RevRepContent(Asn1Sequence seq) { - status = Asn1Sequence.GetInstance(seq[0]); + m_status = Asn1Sequence.GetInstance(seq[0]); for (int pos = 1; pos < seq.Count; ++pos) { @@ -23,60 +45,34 @@ namespace Org.BouncyCastle.Asn1.Cmp if (tObj.TagNo == 0) { - revCerts = Asn1Sequence.GetInstance(tObj, true); + m_revCerts = Asn1Sequence.GetInstance(tObj, true); } else { - crls = Asn1Sequence.GetInstance(tObj, true); + m_crls = Asn1Sequence.GetInstance(tObj, true); } } } - public static RevRepContent GetInstance(object obj) - { - if (obj is RevRepContent) - return (RevRepContent)obj; - - if (obj is Asn1Sequence) - return new RevRepContent((Asn1Sequence)obj); - - throw new ArgumentException("Invalid object: " + Platform.GetTypeName(obj), "obj"); - } - public virtual PkiStatusInfo[] GetStatus() { - PkiStatusInfo[] results = new PkiStatusInfo[status.Count]; - for (int i = 0; i != results.Length; ++i) - { - results[i] = PkiStatusInfo.GetInstance(status[i]); - } - return results; + return m_status.MapElements(PkiStatusInfo.GetInstance); } public virtual CertId[] GetRevCerts() { - if (revCerts == null) + if (m_revCerts == null) return null; - CertId[] results = new CertId[revCerts.Count]; - for (int i = 0; i != results.Length; ++i) - { - results[i] = CertId.GetInstance(revCerts[i]); - } - return results; + return m_revCerts.MapElements(CertId.GetInstance); } public virtual CertificateList[] GetCrls() { - if (crls == null) + if (m_crls == null) return null; - CertificateList[] results = new CertificateList[crls.Count]; - for (int i = 0; i != results.Length; ++i) - { - results[i] = CertificateList.GetInstance(crls[i]); - } - return results; + return m_crls.MapElements(CertificateList.GetInstance); } /** @@ -95,9 +91,9 @@ namespace Org.BouncyCastle.Asn1.Cmp */ public override Asn1Object ToAsn1Object() { - Asn1EncodableVector v = new Asn1EncodableVector(status); - v.AddOptionalTagged(true, 0, revCerts); - v.AddOptionalTagged(true, 1, crls); + Asn1EncodableVector v = new Asn1EncodableVector(m_status); + v.AddOptionalTagged(true, 0, m_revCerts); + v.AddOptionalTagged(true, 1, m_crls); return new DerSequence(v); } } diff --git a/crypto/src/asn1/cmp/RevRepContentBuilder.cs b/crypto/src/asn1/cmp/RevRepContentBuilder.cs index cc17d1d4c..f23bed8b5 100644 --- a/crypto/src/asn1/cmp/RevRepContentBuilder.cs +++ b/crypto/src/asn1/cmp/RevRepContentBuilder.cs @@ -7,29 +7,29 @@ namespace Org.BouncyCastle.Asn1.Cmp { public class RevRepContentBuilder { - private readonly Asn1EncodableVector status = new Asn1EncodableVector(); - private readonly Asn1EncodableVector revCerts = new Asn1EncodableVector(); - private readonly Asn1EncodableVector crls = new Asn1EncodableVector(); + private readonly Asn1EncodableVector m_status = new Asn1EncodableVector(); + private readonly Asn1EncodableVector m_revCerts = new Asn1EncodableVector(); + private readonly Asn1EncodableVector m_crls = new Asn1EncodableVector(); public virtual RevRepContentBuilder Add(PkiStatusInfo status) { - this.status.Add(status); + m_status.Add(status); return this; } public virtual RevRepContentBuilder Add(PkiStatusInfo status, CertId certId) { - if (this.status.Count != this.revCerts.Count) + if (m_status.Count != m_revCerts.Count) throw new InvalidOperationException("status and revCerts sequence must be in common order"); - this.status.Add(status); - this.revCerts.Add(certId); + m_status.Add(status); + m_revCerts.Add(certId); return this; } public virtual RevRepContentBuilder AddCrl(CertificateList crl) { - this.crls.Add(crl); + m_crls.Add(crl); return this; } @@ -37,16 +37,16 @@ namespace Org.BouncyCastle.Asn1.Cmp { Asn1EncodableVector v = new Asn1EncodableVector(); - v.Add(new DerSequence(status)); + v.Add(new DerSequence(m_status)); - if (revCerts.Count != 0) + if (m_revCerts.Count != 0) { - v.Add(new DerTaggedObject(true, 0, new DerSequence(revCerts))); + v.Add(new DerTaggedObject(true, 0, new DerSequence(m_revCerts))); } - if (crls.Count != 0) + if (m_crls.Count != 0) { - v.Add(new DerTaggedObject(true, 1, new DerSequence(crls))); + v.Add(new DerTaggedObject(true, 1, new DerSequence(m_crls))); } return RevRepContent.GetInstance(new DerSequence(v)); diff --git a/crypto/src/asn1/cmp/RevReqContent.cs b/crypto/src/asn1/cmp/RevReqContent.cs index 1522d3789..c390530a8 100644 --- a/crypto/src/asn1/cmp/RevReqContent.cs +++ b/crypto/src/asn1/cmp/RevReqContent.cs @@ -7,37 +7,37 @@ namespace Org.BouncyCastle.Asn1.Cmp public class RevReqContent : Asn1Encodable { - private readonly Asn1Sequence content; - - private RevReqContent(Asn1Sequence seq) - { - content = seq; - } + public static RevReqContent GetInstance(object obj) + { + if (obj is RevReqContent revReqContent) + return revReqContent; - public static RevReqContent GetInstance(object obj) - { - if (obj is RevReqContent) - return (RevReqContent)obj; + if (obj != null) + return new RevReqContent(Asn1Sequence.GetInstance(obj)); - if (obj is Asn1Sequence) - return new RevReqContent((Asn1Sequence)obj); + return null; + } - throw new ArgumentException("Invalid object: " + Platform.GetTypeName(obj), "obj"); + private readonly Asn1Sequence m_content; + + private RevReqContent(Asn1Sequence seq) + { + m_content = seq; } - public RevReqContent(params RevDetails[] revDetails) + public RevReqContent(RevDetails revDetails) + { + m_content = new DerSequence(revDetails); + } + + public RevReqContent(params RevDetails[] revDetailsArray) { - this.content = new DerSequence(revDetails); + m_content = new DerSequence(revDetailsArray); } public virtual RevDetails[] ToRevDetailsArray() { - RevDetails[] result = new RevDetails[content.Count]; - for (int i = 0; i != result.Length; ++i) - { - result[i] = RevDetails.GetInstance(content[i]); - } - return result; + return m_content.MapElements(RevDetails.GetInstance); } /** @@ -48,7 +48,7 @@ namespace Org.BouncyCastle.Asn1.Cmp */ public override Asn1Object ToAsn1Object() { - return content; + return m_content; } } } diff --git a/crypto/src/asn1/cmp/RootCaKeyUpdateContent.cs b/crypto/src/asn1/cmp/RootCaKeyUpdateContent.cs new file mode 100644 index 000000000..b1eaf616d --- /dev/null +++ b/crypto/src/asn1/cmp/RootCaKeyUpdateContent.cs @@ -0,0 +1,90 @@ +using System; + +namespace Org.BouncyCastle.Asn1.Cmp +{ + /** + * GenMsg: {id-it 20}, RootCaCertValue | < absent > + * GenRep: {id-it 18}, RootCaKeyUpdateContent | < absent > + * <p> + * RootCaCertValue ::= CMPCertificate + * <p> + * RootCaKeyUpdateValue ::= RootCaKeyUpdateContent + * <p> + * RootCaKeyUpdateContent ::= SEQUENCE { + * newWithNew CMPCertificate, + * newWithOld [0] CMPCertificate OPTIONAL, + * oldWithNew [1] CMPCertificate OPTIONAL + * } + */ + public class RootCaKeyUpdateContent + : Asn1Encodable + { + public static RootCaKeyUpdateContent GetInstance(object obj) + { + if (obj is RootCaKeyUpdateContent rootCaKeyUpdateContent) + return rootCaKeyUpdateContent; + + if (obj != null) + return new RootCaKeyUpdateContent(Asn1Sequence.GetInstance(obj)); + + return null; + } + + private readonly CmpCertificate m_newWithNew; + private readonly CmpCertificate m_newWithOld; + private readonly CmpCertificate m_oldWithNew; + + public RootCaKeyUpdateContent(CmpCertificate newWithNew, CmpCertificate newWithOld, CmpCertificate oldWithNew) + { + if (newWithNew == null) + throw new ArgumentNullException(nameof(newWithNew)); + + m_newWithNew = newWithNew; + m_newWithOld = newWithOld; + m_oldWithNew = oldWithNew; + } + + private RootCaKeyUpdateContent(Asn1Sequence seq) + { + if (seq.Count < 1 || seq.Count > 3) + throw new ArgumentException("expected sequence of 1 to 3 elements only"); + + CmpCertificate newWithNew; + CmpCertificate newWithOld = null; + CmpCertificate oldWithNew = null; + + newWithNew = CmpCertificate.GetInstance(seq[0]); + + for (int pos = 1; pos < seq.Count; ++pos) + { + Asn1TaggedObject ato = Asn1TaggedObject.GetInstance(seq[pos]); + if (ato.TagNo == 0) + { + newWithOld = CmpCertificate.GetInstance(ato, true); + } + else if (ato.TagNo == 1) + { + oldWithNew = CmpCertificate.GetInstance(ato, true); + } + } + + m_newWithNew = newWithNew; + m_newWithOld = newWithOld; + m_oldWithNew = oldWithNew; + } + + public virtual CmpCertificate NewWithNew => m_newWithNew; + + public virtual CmpCertificate NewWithOld => m_newWithOld; + + public virtual CmpCertificate OldWithNew => m_oldWithNew; + + public override Asn1Object ToAsn1Object() + { + Asn1EncodableVector v = new Asn1EncodableVector(m_newWithNew); + v.AddOptionalTagged(true, 0, m_newWithOld); + v.AddOptionalTagged(true, 1, m_oldWithNew); + return new DerSequence(v); + } + } +} diff --git a/crypto/src/asn1/crmf/EncryptedKey.cs b/crypto/src/asn1/crmf/EncryptedKey.cs index 850fbd219..d4ff250c5 100644 --- a/crypto/src/asn1/crmf/EncryptedKey.cs +++ b/crypto/src/asn1/crmf/EncryptedKey.cs @@ -1,58 +1,44 @@ -using System; - -using Org.BouncyCastle.Asn1.Cms; +using Org.BouncyCastle.Asn1.Cms; namespace Org.BouncyCastle.Asn1.Crmf { public class EncryptedKey : Asn1Encodable, IAsn1Choice { - private readonly EnvelopedData envelopedData; - private readonly EncryptedValue encryptedValue; - - public static EncryptedKey GetInstance(object o) + public static EncryptedKey GetInstance(object obj) { - if (o is EncryptedKey) - { - return (EncryptedKey)o; - } - else if (o is Asn1TaggedObject) - { - return new EncryptedKey(EnvelopedData.GetInstance((Asn1TaggedObject)o, false)); - } - else if (o is EncryptedValue) - { - return new EncryptedKey((EncryptedValue)o); - } - else - { - return new EncryptedKey(EncryptedValue.GetInstance(o)); - } + if (obj is EncryptedKey encryptedKey) + return encryptedKey; + + if (obj is Asn1TaggedObject taggedObject) + return new EncryptedKey(EnvelopedData.GetInstance(taggedObject, false)); + + return new EncryptedKey(EncryptedValue.GetInstance(obj)); } + private readonly EnvelopedData m_envelopedData; + private readonly EncryptedValue m_encryptedValue; + public EncryptedKey(EnvelopedData envelopedData) { - this.envelopedData = envelopedData; + m_envelopedData = envelopedData; } public EncryptedKey(EncryptedValue encryptedValue) { - this.encryptedValue = encryptedValue; + m_encryptedValue = encryptedValue; } - public virtual bool IsEncryptedValue - { - get { return encryptedValue != null; } - } + public virtual bool IsEncryptedValue => m_encryptedValue != null; public virtual Asn1Encodable Value { get { - if (encryptedValue != null) - return encryptedValue; + if (m_encryptedValue != null) + return m_encryptedValue; - return envelopedData; + return m_envelopedData; } } @@ -67,12 +53,10 @@ namespace Org.BouncyCastle.Asn1.Crmf */ public override Asn1Object ToAsn1Object() { - if (encryptedValue != null) - { - return encryptedValue.ToAsn1Object(); - } + if (m_encryptedValue != null) + return m_encryptedValue.ToAsn1Object(); - return new DerTaggedObject(false, 0, envelopedData); + return new DerTaggedObject(false, 0, m_envelopedData); } } } diff --git a/crypto/src/asn1/crmf/EncryptedValue.cs b/crypto/src/asn1/crmf/EncryptedValue.cs index 7c5cf18b4..ad3a4c3f7 100644 --- a/crypto/src/asn1/crmf/EncryptedValue.cs +++ b/crypto/src/asn1/crmf/EncryptedValue.cs @@ -7,6 +7,17 @@ namespace Org.BouncyCastle.Asn1.Crmf public class EncryptedValue : Asn1Encodable { + public static EncryptedValue GetInstance(object obj) + { + if (obj is EncryptedValue) + return (EncryptedValue)obj; + + if (obj != null) + return new EncryptedValue(Asn1Sequence.GetInstance(obj)); + + return null; + } + private readonly AlgorithmIdentifier intendedAlg; private readonly AlgorithmIdentifier symmAlg; private readonly DerBitString encSymmKey; @@ -17,45 +28,31 @@ namespace Org.BouncyCastle.Asn1.Crmf private EncryptedValue(Asn1Sequence seq) { int index = 0; - while (seq[index] is Asn1TaggedObject) + while (seq[index++] is Asn1TaggedObject tObj) { - Asn1TaggedObject tObj = (Asn1TaggedObject)seq[index]; - switch (tObj.TagNo) { - case 0: - intendedAlg = AlgorithmIdentifier.GetInstance(tObj, false); - break; - case 1: - symmAlg = AlgorithmIdentifier.GetInstance(tObj, false); - break; - case 2: - encSymmKey = DerBitString.GetInstance(tObj, false); - break; - case 3: - keyAlg = AlgorithmIdentifier.GetInstance(tObj, false); - break; - case 4: - valueHint = Asn1OctetString.GetInstance(tObj, false); - break; + case 0: + intendedAlg = AlgorithmIdentifier.GetInstance(tObj, false); + break; + case 1: + symmAlg = AlgorithmIdentifier.GetInstance(tObj, false); + break; + case 2: + encSymmKey = DerBitString.GetInstance(tObj, false); + break; + case 3: + keyAlg = AlgorithmIdentifier.GetInstance(tObj, false); + break; + case 4: + valueHint = Asn1OctetString.GetInstance(tObj, false); + break; } - ++index; } encValue = DerBitString.GetInstance(seq[index]); } - public static EncryptedValue GetInstance(object obj) - { - if (obj is EncryptedValue) - return (EncryptedValue)obj; - - if (obj != null) - return new EncryptedValue(Asn1Sequence.GetInstance(obj)); - - return null; - } - public EncryptedValue( AlgorithmIdentifier intendedAlg, AlgorithmIdentifier symmAlg, @@ -65,9 +62,7 @@ namespace Org.BouncyCastle.Asn1.Crmf DerBitString encValue) { if (encValue == null) - { - throw new ArgumentNullException("encValue"); - } + throw new ArgumentNullException(nameof(encValue)); this.intendedAlg = intendedAlg; this.symmAlg = symmAlg; @@ -109,6 +104,7 @@ namespace Org.BouncyCastle.Asn1.Crmf /** * <pre> + * (IMPLICIT TAGS) * EncryptedValue ::= SEQUENCE { * intendedAlg [0] AlgorithmIdentifier OPTIONAL, * -- the intended algorithm for which the value will be used |