diff --git a/crypto/src/asn1/Asn1Object.cs b/crypto/src/asn1/Asn1Object.cs
index a86fdbb4a..4faa81ac8 100644
--- a/crypto/src/asn1/Asn1Object.cs
+++ b/crypto/src/asn1/Asn1Object.cs
@@ -6,11 +6,13 @@ namespace Org.BouncyCastle.Asn1
public abstract class Asn1Object
: Asn1Encodable
{
- /// <summary>Create a base ASN.1 object from a byte array.</summary>
- /// <param name="data">The byte array to parse.</param>
- /// <returns>The base ASN.1 object represented by the byte array.</returns>
- /// <exception cref="IOException">If there is a problem parsing the data.</exception>
- public static Asn1Object FromByteArray(
+ /// <summary>Create a base ASN.1 object from a byte array.</summary>
+ /// <param name="data">The byte array to parse.</param>
+ /// <returns>The base ASN.1 object represented by the byte array.</returns>
+ /// <exception cref="IOException">
+ /// If there is a problem parsing the data, or parsing an object did not exhaust the available data.
+ /// </exception>
+ public static Asn1Object FromByteArray(
byte[] data)
{
try
diff --git a/crypto/src/asn1/crmf/CertReqMsg.cs b/crypto/src/asn1/crmf/CertReqMsg.cs
index 20fd4179a..03ce32d99 100644
--- a/crypto/src/asn1/crmf/CertReqMsg.cs
+++ b/crypto/src/asn1/crmf/CertReqMsg.cs
@@ -39,6 +39,13 @@ namespace Org.BouncyCastle.Asn1.Crmf
return null;
}
+ public static CertReqMsg GetInstance(
+ Asn1TaggedObject obj,
+ bool isExplicit)
+ {
+ return GetInstance(Asn1Sequence.GetInstance(obj, isExplicit));
+ }
+
/**
* Creates a new CertReqMsg.
* @param certReq CertRequest
diff --git a/crypto/src/asn1/gnu/GNUObjectIdentifiers.cs b/crypto/src/asn1/gnu/GNUObjectIdentifiers.cs
index 9311a3ac1..b322ef233 100644
--- a/crypto/src/asn1/gnu/GNUObjectIdentifiers.cs
+++ b/crypto/src/asn1/gnu/GNUObjectIdentifiers.cs
@@ -27,5 +27,10 @@ namespace Org.BouncyCastle.Asn1.Gnu
public static readonly DerObjectIdentifier Serpent256Cfb = new DerObjectIdentifier("1.3.6.1.4.1.11591.13.2.44"); // Serpent-256-CFB
public static readonly DerObjectIdentifier Crc = new DerObjectIdentifier("1.3.6.1.4.1.11591.14"); // CRC algorithms
public static readonly DerObjectIdentifier Crc32 = new DerObjectIdentifier("1.3.6.1.4.1.11591.14.1"); // CRC 32
+
+ /** 1.3.6.1.4.1.11591.15 - ellipticCurve */
+ public static readonly DerObjectIdentifier EllipticCurve = new DerObjectIdentifier("1.3.6.1.4.1.11591.15");
+
+ public static readonly DerObjectIdentifier Ed25519 = EllipticCurve.Branch("1");
}
}
diff --git a/crypto/src/asn1/pkcs/CertificationRequest.cs b/crypto/src/asn1/pkcs/CertificationRequest.cs
index 35bdd56eb..98caa2268 100644
--- a/crypto/src/asn1/pkcs/CertificationRequest.cs
+++ b/crypto/src/asn1/pkcs/CertificationRequest.cs
@@ -47,7 +47,8 @@ namespace Org.BouncyCastle.Asn1.Pkcs
this.sigBits = signature;
}
- public CertificationRequest(
+ [Obsolete("Use 'GetInstance' instead")]
+ public CertificationRequest(
Asn1Sequence seq)
{
if (seq.Count != 3)
diff --git a/crypto/src/asn1/pkcs/CertificationRequestInfo.cs b/crypto/src/asn1/pkcs/CertificationRequestInfo.cs
index d57753235..6d980131e 100644
--- a/crypto/src/asn1/pkcs/CertificationRequestInfo.cs
+++ b/crypto/src/asn1/pkcs/CertificationRequestInfo.cs
@@ -1,7 +1,6 @@
using System;
using Org.BouncyCastle.Asn1.X509;
-using Org.BouncyCastle.Utilities;
namespace Org.BouncyCastle.Asn1.Pkcs
{
@@ -31,20 +30,13 @@ namespace Org.BouncyCastle.Asn1.Pkcs
internal SubjectPublicKeyInfo subjectPKInfo;
internal Asn1Set attributes;
- public static CertificationRequestInfo GetInstance(
- object obj)
+ public static CertificationRequestInfo GetInstance(object obj)
{
if (obj is CertificationRequestInfo)
- {
- return (CertificationRequestInfo) obj;
- }
-
- if (obj is Asn1Sequence)
- {
- return new CertificationRequestInfo((Asn1Sequence) obj);
- }
-
- throw new ArgumentException("Unknown object in factory: " + Platform.GetTypeName(obj), "obj");
+ return (CertificationRequestInfo)obj;
+ if (obj != null)
+ return new CertificationRequestInfo(Asn1Sequence.GetInstance(obj));
+ return null;
}
public CertificationRequestInfo(
@@ -56,7 +48,9 @@ namespace Org.BouncyCastle.Asn1.Pkcs
this.subjectPKInfo = pkInfo;
this.attributes = attributes;
- if (subject == null || version == null || subjectPKInfo == null)
+ ValidateAttributes(attributes);
+
+ if (subject == null || version == null || subjectPKInfo == null)
{
throw new ArgumentException(
"Not all mandatory fields set in CertificationRequestInfo generator.");
@@ -81,7 +75,9 @@ namespace Org.BouncyCastle.Asn1.Pkcs
attributes = Asn1Set.GetInstance(tagobj, false);
}
- if (subject == null || version == null || subjectPKInfo == null)
+ ValidateAttributes(attributes);
+
+ if (subject == null || version == null || subjectPKInfo == null)
{
throw new ArgumentException(
"Not all mandatory fields set in CertificationRequestInfo generator.");
@@ -120,5 +116,22 @@ namespace Org.BouncyCastle.Asn1.Pkcs
return new DerSequence(v);
}
+
+ private static void ValidateAttributes(Asn1Set attributes)
+ {
+ if (attributes == null)
+ return;
+
+ foreach (Asn1Encodable ae in attributes)
+ {
+ Asn1Object obj = ae.ToAsn1Object();
+ AttributePkcs attr = AttributePkcs.GetInstance(obj);
+ if (attr.AttrType.Equals(PkcsObjectIdentifiers.Pkcs9AtChallengePassword))
+ {
+ if (attr.AttrValues.Count != 1)
+ throw new ArgumentException("challengePassword attribute must have one value");
+ }
+ }
+ }
}
}
diff --git a/crypto/src/asn1/pkcs/PKCSObjectIdentifiers.cs b/crypto/src/asn1/pkcs/PKCSObjectIdentifiers.cs
index 042911a06..1a9a03e9f 100644
--- a/crypto/src/asn1/pkcs/PKCSObjectIdentifiers.cs
+++ b/crypto/src/asn1/pkcs/PKCSObjectIdentifiers.cs
@@ -9,23 +9,28 @@ namespace Org.BouncyCastle.Asn1.Pkcs
// iso(1) member-body(2) us(840) rsadsi(113549) pkcs(1) 1 }
//
public const string Pkcs1 = "1.2.840.113549.1.1";
+ internal static readonly DerObjectIdentifier Pkcs1Oid = new DerObjectIdentifier(Pkcs1);
+
+ public static readonly DerObjectIdentifier RsaEncryption = Pkcs1Oid.Branch("1");
+ public static readonly DerObjectIdentifier MD2WithRsaEncryption = Pkcs1Oid.Branch("2");
+ public static readonly DerObjectIdentifier MD4WithRsaEncryption = Pkcs1Oid.Branch("3");
+ public static readonly DerObjectIdentifier MD5WithRsaEncryption = Pkcs1Oid.Branch("4");
+ public static readonly DerObjectIdentifier Sha1WithRsaEncryption = Pkcs1Oid.Branch("5");
+ public static readonly DerObjectIdentifier SrsaOaepEncryptionSet = Pkcs1Oid.Branch("6");
+ public static readonly DerObjectIdentifier IdRsaesOaep = Pkcs1Oid.Branch("7");
+ public static readonly DerObjectIdentifier IdMgf1 = Pkcs1Oid.Branch("8");
+ public static readonly DerObjectIdentifier IdPSpecified = Pkcs1Oid.Branch("9");
+ public static readonly DerObjectIdentifier IdRsassaPss = Pkcs1Oid.Branch("10");
+ public static readonly DerObjectIdentifier Sha256WithRsaEncryption = Pkcs1Oid.Branch("11");
+ public static readonly DerObjectIdentifier Sha384WithRsaEncryption = Pkcs1Oid.Branch("12");
+ public static readonly DerObjectIdentifier Sha512WithRsaEncryption = Pkcs1Oid.Branch("13");
+ public static readonly DerObjectIdentifier Sha224WithRsaEncryption = Pkcs1Oid.Branch("14");
+ /** PKCS#1: 1.2.840.113549.1.1.15 */
+ public static readonly DerObjectIdentifier Sha512_224WithRSAEncryption = Pkcs1Oid.Branch("15");
+ /** PKCS#1: 1.2.840.113549.1.1.16 */
+ public static readonly DerObjectIdentifier Sha512_256WithRSAEncryption = Pkcs1Oid.Branch("16");
- public static readonly DerObjectIdentifier RsaEncryption = new DerObjectIdentifier(Pkcs1 + ".1");
- public static readonly DerObjectIdentifier MD2WithRsaEncryption = new DerObjectIdentifier(Pkcs1 + ".2");
- public static readonly DerObjectIdentifier MD4WithRsaEncryption = new DerObjectIdentifier(Pkcs1 + ".3");
- public static readonly DerObjectIdentifier MD5WithRsaEncryption = new DerObjectIdentifier(Pkcs1 + ".4");
- public static readonly DerObjectIdentifier Sha1WithRsaEncryption = new DerObjectIdentifier(Pkcs1 + ".5");
- public static readonly DerObjectIdentifier SrsaOaepEncryptionSet = new DerObjectIdentifier(Pkcs1 + ".6");
- public static readonly DerObjectIdentifier IdRsaesOaep = new DerObjectIdentifier(Pkcs1 + ".7");
- public static readonly DerObjectIdentifier IdMgf1 = new DerObjectIdentifier(Pkcs1 + ".8");
- public static readonly DerObjectIdentifier IdPSpecified = new DerObjectIdentifier(Pkcs1 + ".9");
- public static readonly DerObjectIdentifier IdRsassaPss = new DerObjectIdentifier(Pkcs1 + ".10");
- public static readonly DerObjectIdentifier Sha256WithRsaEncryption = new DerObjectIdentifier(Pkcs1 + ".11");
- public static readonly DerObjectIdentifier Sha384WithRsaEncryption = new DerObjectIdentifier(Pkcs1 + ".12");
- public static readonly DerObjectIdentifier Sha512WithRsaEncryption = new DerObjectIdentifier(Pkcs1 + ".13");
- public static readonly DerObjectIdentifier Sha224WithRsaEncryption = new DerObjectIdentifier(Pkcs1 + ".14");
-
- //
+ //
// pkcs-3 OBJECT IDENTIFIER ::= {
// iso(1) member-body(2) us(840) rsadsi(113549) pkcs(1) 3 }
//
@@ -195,6 +200,7 @@ namespace Org.BouncyCastle.Asn1.Pkcs
// rsadsi(113549) pkcs(1) pkcs-9(9) smime(16) attributes(2)}
//
public const string IdAA = "1.2.840.113549.1.9.16.2";
+ public static readonly DerObjectIdentifier IdAAOid = new DerObjectIdentifier(IdAA);
public static readonly DerObjectIdentifier IdAAContentHint = new DerObjectIdentifier(IdAA + ".4"); // See RFC 2634
public static readonly DerObjectIdentifier IdAAMsgSigDigest = new DerObjectIdentifier(IdAA + ".5");
@@ -229,6 +235,20 @@ namespace Org.BouncyCastle.Asn1.Pkcs
public static readonly DerObjectIdentifier IdAAEtsCertCrlTimestamp = new DerObjectIdentifier(IdAA + ".26");
public static readonly DerObjectIdentifier IdAAEtsArchiveTimestamp = new DerObjectIdentifier(IdAA + ".27");
+ /** PKCS#9: 1.2.840.113549.1.9.16.6.2.37 - <a href="https://tools.ietf.org/html/rfc4108#section-2.2.5">RFC 4108</a> */
+ public static readonly DerObjectIdentifier IdAADecryptKeyID = IdAAOid.Branch("37");
+
+ /** PKCS#9: 1.2.840.113549.1.9.16.6.2.38 - <a href="https://tools.ietf.org/html/rfc4108#section-2.2.6">RFC 4108</a> */
+ public static readonly DerObjectIdentifier IdAAImplCryptoAlgs = IdAAOid.Branch("38");
+
+ /** PKCS#9: 1.2.840.113549.1.9.16.2.54 <a href="https://tools.ietf.org/html/rfc7030">RFC7030</a>*/
+ public static readonly DerObjectIdentifier IdAAAsymmDecryptKeyID = IdAAOid.Branch("54");
+
+ /** PKCS#9: 1.2.840.113549.1.9.16.2.43 <a href="https://tools.ietf.org/html/rfc7030">RFC7030</a>*/
+ public static readonly DerObjectIdentifier IdAAImplCompressAlgs = IdAAOid.Branch("43");
+ /** PKCS#9: 1.2.840.113549.1.9.16.2.40 <a href="https://tools.ietf.org/html/rfc7030">RFC7030</a>*/
+ public static readonly DerObjectIdentifier IdAACommunityIdentifiers = IdAAOid.Branch("40");
+
[Obsolete("Use 'IdAAEtsSigPolicyID' instead")]
public static readonly DerObjectIdentifier IdAASigPolicyID = IdAAEtsSigPolicyID;
[Obsolete("Use 'IdAAEtsCommitmentType' instead")]
diff --git a/crypto/src/asn1/x509/KeyPurposeId.cs b/crypto/src/asn1/x509/KeyPurposeId.cs
index 4b48a9b51..1a564b97a 100644
--- a/crypto/src/asn1/x509/KeyPurposeId.cs
+++ b/crypto/src/asn1/x509/KeyPurposeId.cs
@@ -32,5 +32,7 @@ namespace Org.BouncyCastle.Asn1.X509
// microsoft key purpose ids
//
public static readonly KeyPurposeID IdKPSmartCardLogon = new KeyPurposeID("1.3.6.1.4.1.311.20.2.2");
+
+ public static readonly KeyPurposeID IdKPMacAddress = new KeyPurposeID("1.3.6.1.1.1.1.22");
}
}
diff --git a/crypto/src/asn1/x509/X509Extensions.cs b/crypto/src/asn1/x509/X509Extensions.cs
index 2ef73f629..049d728bb 100644
--- a/crypto/src/asn1/x509/X509Extensions.cs
+++ b/crypto/src/asn1/x509/X509Extensions.cs
@@ -164,6 +164,11 @@ namespace Org.BouncyCastle.Asn1.X509
*/
public static readonly DerObjectIdentifier TargetInformation = new DerObjectIdentifier("2.5.29.55");
+ /**
+ * Expired Certificates on CRL extension
+ */
+ public static readonly DerObjectIdentifier ExpiredCertsOnCrl = new DerObjectIdentifier("2.5.29.60");
+
private readonly IDictionary extensions = Platform.CreateHashtable();
private readonly IList ordering;
|
