summary refs log tree commit diff
path: root/crypto/src/asn1/cmp/CertStatus.cs
diff options
context:
space:
mode:
Diffstat (limited to 'crypto/src/asn1/cmp/CertStatus.cs')
-rw-r--r--crypto/src/asn1/cmp/CertStatus.cs122
1 files changed, 70 insertions, 52 deletions
diff --git a/crypto/src/asn1/cmp/CertStatus.cs b/crypto/src/asn1/cmp/CertStatus.cs
index d437b57b2..6eb36c6fb 100644
--- a/crypto/src/asn1/cmp/CertStatus.cs
+++ b/crypto/src/asn1/cmp/CertStatus.cs
@@ -1,84 +1,102 @@
 using System;
 
+using Org.BouncyCastle.Asn1.X509;
 using Org.BouncyCastle.Math;
-using Org.BouncyCastle.Utilities;
 
 namespace Org.BouncyCastle.Asn1.Cmp
 {
 	public class CertStatus
 		: Asn1Encodable
 	{
-		private readonly Asn1OctetString certHash;
-		private readonly DerInteger certReqId;
-		private readonly PkiStatusInfo statusInfo;
+        public static CertStatus GetInstance(object obj)
+        {
+			if (obj is CertStatus certStatus)
+				return certStatus;
 
-		private CertStatus(Asn1Sequence seq)
+			if (obj != null)
+				return new CertStatus(Asn1Sequence.GetInstance(obj));
+
+			return null;
+        }
+
+        private readonly Asn1OctetString m_certHash;
+		private readonly DerInteger m_certReqID;
+		private readonly PkiStatusInfo m_statusInfo;
+        private readonly AlgorithmIdentifier m_hashAlg;
+
+        private CertStatus(Asn1Sequence seq)
 		{
-			certHash = Asn1OctetString.GetInstance(seq[0]);
-			certReqId = DerInteger.GetInstance(seq[1]);
+			m_certHash = Asn1OctetString.GetInstance(seq[0]);
+			m_certReqID = DerInteger.GetInstance(seq[1]);
 
 			if (seq.Count > 2)
 			{
-				statusInfo = PkiStatusInfo.GetInstance(seq[2]);
+				for (int t = 2; t < seq.Count; t++)
+				{
+					Asn1Object p = seq[t].ToAsn1Object();
+					if (p is Asn1Sequence s)
+					{
+						m_statusInfo = PkiStatusInfo.GetInstance(s);
+					}
+					if (p is Asn1TaggedObject dto)
+					{
+						if (dto.TagNo != 0)
+							throw new ArgumentException("unknown tag " + dto.TagNo);
+
+						m_hashAlg = AlgorithmIdentifier.GetInstance(dto, true);
+					}
+				}
 			}
 		}
 
-		public CertStatus(byte[] certHash, BigInteger certReqId)
+		public CertStatus(byte[] certHash, BigInteger certReqID)
 		{
-			this.certHash = new DerOctetString(certHash);
-			this.certReqId = new DerInteger(certReqId);
+			m_certHash = new DerOctetString(certHash);
+			m_certReqID = new DerInteger(certReqID);
 		}
 
-		public CertStatus(byte[] certHash, BigInteger certReqId, PkiStatusInfo statusInfo)
+		public CertStatus(byte[] certHash, BigInteger certReqID, PkiStatusInfo statusInfo)
 		{
-			this.certHash = new DerOctetString(certHash);
-			this.certReqId = new DerInteger(certReqId);
-			this.statusInfo = statusInfo;
+            m_certHash = new DerOctetString(certHash);
+            m_certReqID = new DerInteger(certReqID);
+            m_statusInfo = statusInfo;
 		}
 
-		public static CertStatus GetInstance(object obj)
-		{
-			if (obj is CertStatus)
-				return (CertStatus)obj;
+        public CertStatus(byte[] certHash, BigInteger certReqID, PkiStatusInfo statusInfo, AlgorithmIdentifier hashAlg)
+        {
+            m_certHash = new DerOctetString(certHash);
+            m_certReqID = new DerInteger(certReqID);
+            m_statusInfo = statusInfo;
+            m_hashAlg = hashAlg;
+        }
 
-			if (obj is Asn1Sequence)
-				return new CertStatus((Asn1Sequence)obj);
+        public virtual Asn1OctetString CertHash => m_certHash;
 
-            throw new ArgumentException("Invalid object: " + Platform.GetTypeName(obj), "obj");
-		}
+		public virtual DerInteger CertReqID => m_certReqID;
 
-		public virtual Asn1OctetString CertHash
-		{
-			get { return certHash; }
-		}
-
-		public virtual DerInteger CertReqID
-		{
-			get { return certReqId; }
-		}
+		public virtual PkiStatusInfo StatusInfo => m_statusInfo;
 
-		public virtual PkiStatusInfo StatusInfo
-		{
-			get { return statusInfo; }
-		}
+		public virtual AlgorithmIdentifier HashAlg => m_hashAlg;
 
-		/**
-		 * <pre>
-		 * CertStatus ::= SEQUENCE {
-		 *                   certHash    OCTET STRING,
-		 *                   -- the hash of the certificate, using the same hash algorithm
-		 *                   -- as is used to create and verify the certificate signature
-		 *                   certReqId   INTEGER,
-		 *                   -- to match this confirmation with the corresponding req/rep
-		 *                   statusInfo  PKIStatusInfo OPTIONAL
-		 * }
-		 * </pre>
-		 * @return a basic ASN.1 object representation.
-		 */
-		public override Asn1Object ToAsn1Object()
+        /**
+         * <pre>
+         *
+         *  CertStatus ::= SEQUENCE {
+         *     certHash    OCTET STRING,
+         *     certReqId   INTEGER,
+         *     statusInfo  PKIStatusInfo OPTIONAL,
+         *     hashAlg [0] AlgorithmIdentifier{DIGEST-ALGORITHM, {...}} OPTIONAL
+         *   }
+         *
+         * </pre>
+         *
+         * @return a basic ASN.1 object representation.
+         */
+        public override Asn1Object ToAsn1Object()
 		{
-			Asn1EncodableVector v = new Asn1EncodableVector(certHash, certReqId);
-			v.AddOptional(statusInfo);
+			Asn1EncodableVector v = new Asn1EncodableVector(m_certHash, m_certReqID);
+			v.AddOptional(m_statusInfo);
+			v.AddOptionalTagged(true, 0, m_hashAlg);
 			return new DerSequence(v);
 		}
 	}
generated by cgit-pink 1.4.1 (git 2.36.1) at 2024-11-10 09:12:53 +0000