mono/linux-packaging-mono
0
0
Fork 0
Code Issues Pull Requests Packages Projects Releases Wiki Activity

Imported Upstream version 3.6.0

Browse Source 
Former-commit-id: da6be194a6b1221998fc28233f2503bd61dd9d14
This commit is contained in:
Jo Shields
2014-08-13 10:39:27 +01:00
commit a575963da9
50588 changed files with 8155799 additions and 0 deletions
Download Patch File Download Diff File Expand all files Collapse all files

136
mcs/class/Mono.Security/Mono.Security.X509.Extensions/AuthorityKeyIdentifierExtension.cs Normal file
View File

@@ -0,0 +1,136 @@
//
// AuthorityKeyIdentifierExtension.cs: Handles X.509 AuthorityKeyIdentifier extensions.
//
// Author:
// Sebastien Pouliot <sebastien@ximian.com>
//
// Copyright (C) 2004-2005,2007 Novell, Inc (http://www.novell.com)
//
// Permission is hereby granted, free of charge, to any person obtaining
// a copy of this software and associated documentation files (the
// "Software"), to deal in the Software without restriction, including
// without limitation the rights to use, copy, modify, merge, publish,
// distribute, sublicense, and/or sell copies of the Software, and to
// permit persons to whom the Software is furnished to do so, subject to
// the following conditions:
//
// The above copyright notice and this permission notice shall be
// included in all copies or substantial portions of the Software.
//
// THE SOFTWARE IS PROVIDED "AS IS", WITHOUT WARRANTY OF ANY KIND,
// EXPRESS OR IMPLIED, INCLUDING BUT NOT LIMITED TO THE WARRANTIES OF
// MERCHANTABILITY, FITNESS FOR A PARTICULAR PURPOSE AND
// NONINFRINGEMENT. IN NO EVENT SHALL THE AUTHORS OR COPYRIGHT HOLDERS BE
// LIABLE FOR ANY CLAIM, DAMAGES OR OTHER LIABILITY, WHETHER IN AN ACTION
// OF CONTRACT, TORT OR OTHERWISE, ARISING FROM, OUT OF OR IN CONNECTION
// WITH THE SOFTWARE OR THE USE OR OTHER DEALINGS IN THE SOFTWARE.
//
using System;
using System.Globalization;
using System.Text;
using Mono.Security;
using Mono.Security.X509;
namespace Mono.Security.X509.Extensions {
/*
* id-ce-authorityKeyIdentifier OBJECT IDENTIFIER ::= { id-ce 35 }
*
* AuthorityKeyIdentifier ::= SEQUENCE {
* keyIdentifier [0] KeyIdentifier OPTIONAL,
* authorityCertIssuer [1] GeneralNames OPTIONAL,
* authorityCertSerialNumber [2] CertificateSerialNumber OPTIONAL }
*
* KeyIdentifier ::= OCTET STRING
*/
#if INSIDE_SYSTEM
internal
#else
public
#endif
class AuthorityKeyIdentifierExtension : X509Extension {
private byte[] aki;
public AuthorityKeyIdentifierExtension () : base ()
{
extnOid = "2.5.29.35";
}
public AuthorityKeyIdentifierExtension (ASN1 asn1) : base (asn1)
{
}
public AuthorityKeyIdentifierExtension (X509Extension extension) : base (extension)
{
}
protected override void Decode ()
{
ASN1 sequence = new ASN1 (extnValue.Value);
if (sequence.Tag != 0x30)
throw new ArgumentException ("Invalid AuthorityKeyIdentifier extension");
for (int i=0; i < sequence.Count; i++) {
ASN1 el = sequence [i];
switch (el.Tag) {
case 0x80:
aki = el.Value;
break;
default:
// don't throw on stuff we don't yet support
// e.g. authorityCertIssuer/authorityCertSerialNumber
break;
}
}
}
protected override void Encode ()
{
ASN1 seq = new ASN1 (0x30);
if (aki == null) {
throw new InvalidOperationException ("Invalid AuthorityKeyIdentifier extension");
}
seq.Add (new ASN1 (0x80, aki));
extnValue = new ASN1 (0x04);
extnValue.Add (seq);
}
public override string Name {
get { return "Authority Key Identifier"; }
}
public byte[] Identifier {
get {
if (aki == null)
return null;
return (byte[]) aki.Clone ();
}
set { aki = value; }
}
public override string ToString ()
{
StringBuilder sb = new StringBuilder ();
if (aki != null) {
// [0] KeyIdentifier
int x = 0;
sb.Append ("KeyID=");
while (x < aki.Length) {
sb.Append (aki [x].ToString ("X2", CultureInfo.InvariantCulture));
if (x % 2 == 1)
sb.Append (" ");
x++;
}
// [1] GeneralNames
// TODO
// [2] CertificateSerialNumber
// TODO
}
return sb.ToString ();
}
}
}

139
mcs/class/Mono.Security/Mono.Security.X509.Extensions/BasicConstraintsExtension.cs Normal file
View File

@@ -0,0 +1,139 @@
//
// BasicConstraintsExtension.cs: Handles X.509 BasicConstrains extensions.
//
// Author:
// Sebastien Pouliot <sebastien@ximian.com>
//
// (C) 2003 Motus Technologies Inc. (http://www.motus.com)
// Copyright (C) 2004-2005 Novell, Inc (http://www.novell.com)
//
// Permission is hereby granted, free of charge, to any person obtaining
// a copy of this software and associated documentation files (the
// "Software"), to deal in the Software without restriction, including
// without limitation the rights to use, copy, modify, merge, publish,
// distribute, sublicense, and/or sell copies of the Software, and to
// permit persons to whom the Software is furnished to do so, subject to
// the following conditions:
//
// The above copyright notice and this permission notice shall be
// included in all copies or substantial portions of the Software.
//
// THE SOFTWARE IS PROVIDED "AS IS", WITHOUT WARRANTY OF ANY KIND,
// EXPRESS OR IMPLIED, INCLUDING BUT NOT LIMITED TO THE WARRANTIES OF
// MERCHANTABILITY, FITNESS FOR A PARTICULAR PURPOSE AND
// NONINFRINGEMENT. IN NO EVENT SHALL THE AUTHORS OR COPYRIGHT HOLDERS BE
// LIABLE FOR ANY CLAIM, DAMAGES OR OTHER LIABILITY, WHETHER IN AN ACTION
// OF CONTRACT, TORT OR OTHERWISE, ARISING FROM, OUT OF OR IN CONNECTION
// WITH THE SOFTWARE OR THE USE OR OTHER DEALINGS IN THE SOFTWARE.
//
using System;
using System.Globalization;
using System.Text;
using Mono.Security;
using Mono.Security.X509;
namespace Mono.Security.X509.Extensions {
// References:
// 1. RFC 3280: Internet X.509 Public Key Infrastructure, Section 4.2.1.10
// http://www.ietf.org/rfc/rfc3280.txt
/* id-ce-basicConstraints OBJECT IDENTIFIER ::= { id-ce 19 }
*
* BasicConstraints ::= SEQUENCE {
* cA BOOLEAN DEFAULT FALSE,
* pathLenConstraint INTEGER (0..MAX) OPTIONAL
* }
*/
#if INSIDE_CORLIB
internal
#else
public
#endif
class BasicConstraintsExtension : X509Extension {
public const int NoPathLengthConstraint = -1;
private bool cA;
private int pathLenConstraint;
public BasicConstraintsExtension () : base ()
{
extnOid = "2.5.29.19";
pathLenConstraint = NoPathLengthConstraint;
}
public BasicConstraintsExtension (ASN1 asn1) : base (asn1) {}
public BasicConstraintsExtension (X509Extension extension) : base (extension) {}
protected override void Decode ()
{
// default values
cA = false;
pathLenConstraint = NoPathLengthConstraint;
ASN1 sequence = new ASN1 (extnValue.Value);
if (sequence.Tag != 0x30)
throw new ArgumentException ("Invalid BasicConstraints extension");
int n = 0;
ASN1 a = sequence [n++];
if ((a != null) && (a.Tag == 0x01)) {
cA = (a.Value [0] == 0xFF);
a = sequence [n++];
}
if ((a != null) && (a.Tag == 0x02))
pathLenConstraint = ASN1Convert.ToInt32 (a);
}
protected override void Encode ()
{
ASN1 seq = new ASN1 (0x30);
if (cA)
seq.Add (new ASN1 (0x01, new byte[] { 0xFF }));
// CAs MUST NOT include the pathLenConstraint field unless the cA boolean is asserted
if (cA && (pathLenConstraint >= 0))
seq.Add (ASN1Convert.FromInt32 (pathLenConstraint));
extnValue = new ASN1 (0x04);
extnValue.Add (seq);
}
public bool CertificateAuthority {
get { return cA; }
set { cA = value; }
}
public override string Name {
get { return "Basic Constraints"; }
}
public int PathLenConstraint {
get { return pathLenConstraint; }
set {
if (value < NoPathLengthConstraint) {
string msg = Locale.GetText ("PathLenConstraint must be positive or -1 for none ({0}).", value);
throw new ArgumentOutOfRangeException (msg);
}
pathLenConstraint = value;
}
}
public override string ToString ()
{
StringBuilder sb = new StringBuilder ();
sb.Append ("Subject Type=");
sb.Append ((cA) ? "CA" : "End Entity");
sb.Append (Environment.NewLine);
sb.Append ("Path Length Constraint=");
if (pathLenConstraint == NoPathLengthConstraint)
sb.Append ("None");
else
sb.Append (pathLenConstraint.ToString (CultureInfo.InvariantCulture));
sb.Append (Environment.NewLine);
return sb.ToString ();
}
}
}

181
mcs/class/Mono.Security/Mono.Security.X509.Extensions/CRLDistributionPointsExtension.cs Normal file
View File

@@ -0,0 +1,181 @@
//
// CRLDistributionPointsExtension.cs: Handles X.509 CRLDistributionPoints extensions.
//
// Author:
// Sebastien Pouliot <sebastien@ximian.com>
//
// (C) 2004 Novell (http://www.novell.com)
//
//
// Permission is hereby granted, free of charge, to any person obtaining
// a copy of this software and associated documentation files (the
// "Software"), to deal in the Software without restriction, including
// without limitation the rights to use, copy, modify, merge, publish,
// distribute, sublicense, and/or sell copies of the Software, and to
// permit persons to whom the Software is furnished to do so, subject to
// the following conditions:
//
// The above copyright notice and this permission notice shall be
// included in all copies or substantial portions of the Software.
//
// THE SOFTWARE IS PROVIDED "AS IS", WITHOUT WARRANTY OF ANY KIND,
// EXPRESS OR IMPLIED, INCLUDING BUT NOT LIMITED TO THE WARRANTIES OF
// MERCHANTABILITY, FITNESS FOR A PARTICULAR PURPOSE AND
// NONINFRINGEMENT. IN NO EVENT SHALL THE AUTHORS OR COPYRIGHT HOLDERS BE
// LIABLE FOR ANY CLAIM, DAMAGES OR OTHER LIABILITY, WHETHER IN AN ACTION
// OF CONTRACT, TORT OR OTHERWISE, ARISING FROM, OUT OF OR IN CONNECTION
// WITH THE SOFTWARE OR THE USE OR OTHER DEALINGS IN THE SOFTWARE.
//
using System;
using System.Collections.Generic;
using System.Text;
using Mono.Security;
using Mono.Security.X509;
namespace Mono.Security.X509.Extensions {
// References:
// a. Internet X.509 Public Key Infrastructure Certificate and Certificate Revocation List (CRL) Profile
// http://www.ietf.org/rfc/rfc3280.txt
// b. 2.5.29.31 - CRL Distribution Points
// http://www.alvestrand.no/objectid/2.5.29.31.html
/*
* id-ce-cRLDistributionPoints OBJECT IDENTIFIER ::= { id-ce 31 }
*
* CRLDistributionPoints ::= SEQUENCE SIZE (1..MAX) OF DistributionPoint
*
* DistributionPoint ::= SEQUENCE {
* distributionPoint [0] DistributionPointName OPTIONAL,
* reasons [1] ReasonFlags OPTIONAL,
* cRLIssuer [2] GeneralNames OPTIONAL
* }
*
* DistributionPointName ::= CHOICE {
* fullName [0] GeneralNames,
* nameRelativeToCRLIssuer [1] RelativeDistinguishedName
* }
*
* ReasonFlags ::= BIT STRING {
* unused (0),
* keyCompromise (1),
* cACompromise (2),
* affiliationChanged (3),
* superseded (4),
* cessationOfOperation (5),
* certificateHold (6),
* privilegeWithdrawn (7),
* aACompromise (8) }
*/
public class CRLDistributionPointsExtension : X509Extension {
public class DistributionPoint {
public string Name { get; private set; }
public ReasonFlags Reasons { get; private set; }
public string CRLIssuer { get; private set; }
public DistributionPoint (string dp, ReasonFlags reasons, string issuer)
{
Name = dp;
Reasons = reasons;
CRLIssuer = issuer;
}
public DistributionPoint (ASN1 dp)
{
for (int i = 0; i < dp.Count; i++) {
ASN1 el = dp[i];
switch (el.Tag) {
case 0xA0: // DistributionPointName OPTIONAL
for (int j = 0; j < el.Count; j++) {
ASN1 dpn = el [j];
if (dpn.Tag == 0xA0) {
Name = new GeneralNames (dpn).ToString ();
}
}
break;
case 0xA1: // ReasonFlags OPTIONAL
break;
case 0xA2: // RelativeDistinguishedName
break;
}
}
}
}
[Flags]
public enum ReasonFlags
{
Unused = 0,
KeyCompromise = 1,
CACompromise = 2,
AffiliationChanged = 3,
Superseded = 4,
CessationOfOperation = 5,
CertificateHold = 6,
PrivilegeWithdrawn = 7,
AACompromise = 8
}
private List<DistributionPoint> dps;
public CRLDistributionPointsExtension () : base ()
{
extnOid = "2.5.29.31";
dps = new List<DistributionPoint> ();
}
public CRLDistributionPointsExtension (ASN1 asn1)
: base (asn1)
{
}
public CRLDistributionPointsExtension (X509Extension extension)
: base (extension)
{
}
protected override void Decode ()
{
dps = new List<DistributionPoint> ();
ASN1 sequence = new ASN1 (extnValue.Value);
if (sequence.Tag != 0x30)
throw new ArgumentException ("Invalid CRLDistributionPoints extension");
// for every distribution point
for (int i=0; i < sequence.Count; i++) {
dps.Add (new DistributionPoint (sequence [i]));
}
}
public override string Name {
get { return "CRL Distribution Points"; }
}
public IEnumerable<DistributionPoint> DistributionPoints {
get { return dps; }
}
public override string ToString ()
{
StringBuilder sb = new StringBuilder ();
int i = 1;
foreach (DistributionPoint dp in dps) {
sb.Append ("[");
sb.Append (i++);
sb.Append ("]CRL Distribution Point");
sb.Append (Environment.NewLine);
sb.Append ("\tDistribution Point Name:");
sb.Append ("\t\tFull Name:");
sb.Append (Environment.NewLine);
sb.Append ("\t\t\t");
sb.Append (dp.Name);
sb.Append (Environment.NewLine);
}
return sb.ToString ();
}
}
}

142
mcs/class/Mono.Security/Mono.Security.X509.Extensions/CertificatePoliciesExtension.cs Normal file
View File

@@ -0,0 +1,142 @@
//
// CertificatePoliciesExtension.cs: Handles X.509 CertificatePolicies extensions.
//
// Author:
// Sebastien Pouliot <sebastien@ximian.com>
//
// (C) 2004 Novell (http://www.novell.com)
//
//
// Permission is hereby granted, free of charge, to any person obtaining
// a copy of this software and associated documentation files (the
// "Software"), to deal in the Software without restriction, including
// without limitation the rights to use, copy, modify, merge, publish,
// distribute, sublicense, and/or sell copies of the Software, and to
// permit persons to whom the Software is furnished to do so, subject to
// the following conditions:
//
// The above copyright notice and this permission notice shall be
// included in all copies or substantial portions of the Software.
//
// THE SOFTWARE IS PROVIDED "AS IS", WITHOUT WARRANTY OF ANY KIND,
// EXPRESS OR IMPLIED, INCLUDING BUT NOT LIMITED TO THE WARRANTIES OF
// MERCHANTABILITY, FITNESS FOR A PARTICULAR PURPOSE AND
// NONINFRINGEMENT. IN NO EVENT SHALL THE AUTHORS OR COPYRIGHT HOLDERS BE
// LIABLE FOR ANY CLAIM, DAMAGES OR OTHER LIABILITY, WHETHER IN AN ACTION
// OF CONTRACT, TORT OR OTHERWISE, ARISING FROM, OUT OF OR IN CONNECTION
// WITH THE SOFTWARE OR THE USE OR OTHER DEALINGS IN THE SOFTWARE.
//
using System;
using System.Collections;
using System.Text;
using Mono.Security;
using Mono.Security.X509;
namespace Mono.Security.X509.Extensions {
/*
* id-ce-certificatePolicies OBJECT IDENTIFIER ::= { id-ce 32 }
*
* anyPolicy OBJECT IDENTIFIER ::= { id-ce-certificate-policies 0 }
*
* certificatePolicies ::= SEQUENCE SIZE (1..MAX) OF PolicyInformation
*
* PolicyInformation ::= SEQUENCE {
* policyIdentifier CertPolicyId,
* policyQualifiers SEQUENCE SIZE (1..MAX) OF PolicyQualifierInfo OPTIONAL
* }
*
* CertPolicyId ::= OBJECT IDENTIFIER
*
* PolicyQualifierInfo ::= SEQUENCE {
* policyQualifierId PolicyQualifierId,
* qualifier ANY DEFINED BY policyQualifierId
* }
*
* -- policyQualifierIds for Internet policy qualifiers
* id-qt OBJECT IDENTIFIER ::= { id-pkix 2 }
* id-qt-cps OBJECT IDENTIFIER ::= { id-qt 1 }
* id-qt-unotice OBJECT IDENTIFIER ::= { id-qt 2 }
*
* PolicyQualifierId ::= OBJECT IDENTIFIER ( id-qt-cps | id-qt-unotice )
*
* Qualifier ::= CHOICE {
* cPSuri CPSuri,
* userNotice UserNotice
* }
*
* CPSuri ::= IA5String
*
* UserNotice ::= SEQUENCE {
* noticeRef NoticeReference OPTIONAL,
* explicitText DisplayText OPTIONAL
* }
*
* NoticeReference ::= SEQUENCE {
* organization DisplayText,
* noticeNumbers SEQUENCE OF INTEGER
* }
*
* DisplayText ::= CHOICE {
* ia5String IA5String (SIZE (1..200)),
* visibleString VisibleString (SIZE (1..200)),
* bmpString BMPString (SIZE (1..200)),
* utf8String UTF8String (SIZE (1..200))
* }
*/
// note: partial implementation (only policyIdentifier OID are supported)
public class CertificatePoliciesExtension : X509Extension {
private Hashtable policies;
public CertificatePoliciesExtension () : base ()
{
extnOid = "2.5.29.32";
policies = new Hashtable ();
}
public CertificatePoliciesExtension (ASN1 asn1) : base (asn1)
{
}
public CertificatePoliciesExtension (X509Extension extension) : base (extension)
{
}
protected override void Decode ()
{
policies = new Hashtable ();
ASN1 sequence = new ASN1 (extnValue.Value);
if (sequence.Tag != 0x30)
throw new ArgumentException ("Invalid CertificatePolicies extension");
// for every policy OID
for (int i=0; i < sequence.Count; i++) {
policies.Add (ASN1Convert.ToOid (sequence [i][0]), null);
}
}
public override string Name {
get { return "Certificate Policies"; }
}
public override string ToString ()
{
StringBuilder sb = new StringBuilder ();
int n = 1;
foreach (DictionaryEntry policy in policies) {
sb.Append ("[");
sb.Append (n++);
sb.Append ("]Certificate Policy:");
sb.Append (Environment.NewLine);
sb.Append ("\tPolicyIdentifier=");
sb.Append ((string)policy.Key);
sb.Append (Environment.NewLine);
}
return sb.ToString ();
}
}
}

104
mcs/class/Mono.Security/Mono.Security.X509.Extensions/ChangeLog Normal file
View File

@@ -0,0 +1,104 @@
2010-05-10 Sebastien Pouliot <sebastien@ximian.com>
* ExtendedKeyUsageExtension.cs:
* NetscapeCertTypeExtension.cs:
* SubjectAltNameExtension.cs:
Keep them public for Moonlight. Other types in other
assemblies needs it and the linker will eventually
internalize everything.
2008-06-26 David Wolinsky <davidiw@ufl.edu>
* SubjectAltNameExtension.cs: IP Addresses are handled and now
this class can be generated via the constructor from arrays.
* GeneralNames.cs: Added support to generate GeneralNames from
an arrays of strings.
2007-12-14 Sebastien Pouliot <sebastien@ximian.com>
* AuthorityKeyIdentifierExtension.cs: Don't throw on what we don't
yet support (e.g. authorityCertIssuer/authorityCertSerialNumber).
It's possible that a chain of certificate can be build without this
information. Fix #346821
2006-01-04 Sebastien Pouliot <sebastien@ximian.com>
* AuthorityKeyIdentifierExtension.cs: Added property to publish the
identifier. Fix bug #77155.
* BasicConstraintsExtension.cs: Fix encoding to include the octet
string (#75781). Fix encoding when the key usage > 255.
* ExtendedKeyUsageExtension.cs: Fix encoding to include the octet
string (#75781).
* KeyUsageExtension.cs: Fix encoding to include the octet string
(#75781). Added NoPathLengthConstraint (-1) as it is different than
0. Throw if PathLenConstraint is negative (unless it's -1). Do not
encode PathLenConstraint if CA isn't set.
2005-02-25 Sebastien Pouliot <sebastien@ximian.com>
* CRLDistributionPointsExtension.cs: Added more decoding code (but
it's still incomplete).
* GeneralNames.cs: New. Share code between multiple extensions when
dealing with names.
* SubjectAltNameExtension.cs: Reworked to use GeneralNames.
2004-07-15 Sebastien Pouliot <sebastien@ximian.com>
* KeyUsageExtension.cs: Added Encode to extension so it can be used
by makecert. Fix bug # 61240. Patch provided by Ianier Munoz.
2004-04-28 Sebastien Pouliot <sebastien@ximian.com>
* KeyUsageExtension.cs: Added missing INSIDE_CORLIB to enum.
2004-04-22 Sebastien Pouliot <sebastien@ximian.com>
* AuthorityKeyIdentifierExtension.cs: FxCop-ized.
* BasicConstraintsExtension.cs: FxCop-ized. Added INSIDE_CORLIB.
* CRLDistributionPointsExtension.cs: Added constructor for DP to
remove compilation warnings.
* CertificatePoliciesExtension.cs: Ajusted for changes in ASN1Convert.
* ExtendedKeyUsageExtension.cs: Ajusted for changes in ASN1Convert.
Added missing OID strings in ToString ().
* KeyAttributesExtension.cs: FxCop-ized.
* KeyUsageExtension.cs: FxCop-ized. Added INSIDE_CORLIB.
* NetscapeCertTypeExtension.cs: FxCop-ized.
* PrivateKeyUsagePeriodExtension.cs: FxCop-ized.
* SubjectAltNameExtension.cs: FxCop-ized.
* SubjectKeyIdentifierExtension.cs: FxCop-ized. Added INSIDE_CORLIB.
2004-02-23 Sebastien Pouliot <sebastien@ximian.com>
* CRLDistributionPointsExtension.cs: Fix some warnings.
* SubjectKeyIdentifierExtension.cs: Added new Identifier property.
2004-02-20 Sebastien Pouliot <sebastien@ximian.com>
* AuthorityKeyIdentifierExtension.cs: New. Added for certview.
* CRLDistributionPointsExtension.cs: New. Added for certview.
* CertificatePoliciesExtension.cs: New. Added for certview.
* KeyUsageExtension.cs: Added none as a possible (empty) usage.
* NetscapeCertTypeExtension.cs: New. Required for verifying older SSL
certificates.
* PrivateKeyUsagePeriodExtension.cs: New. Added for certview.
* SubjectAltNameExtension.cs: Added support for dNSName.
* SubjectKeyIdentifierExtension.cs: New. Added for certview.
2003-09-05 Sebastien Pouliot <spouliot@videotron.ca>
* KeyAttributesExtension.cs: New. Added for WSE.
2003-07-30 Sebastien Pouliot <spouliot@videotron.ca>
* ExtendedKeyUsageExtension.cs: New. Added for makecert.
2003-06-14 Sebastien Pouliot <spouliot@videotron.ca>
* SubjectAltNameExtension.cs: New. Added for certview.
2003-03-15 Sebastien Pouliot <spouliot@videotron.ca>
* BasicConstraintsExtension.cs: New. Handle X.509 Basic
Constaints extension.
* KeyUsageExtension.cs: New. Handle X.509 Key Usage
extension.

138
mcs/class/Mono.Security/Mono.Security.X509.Extensions/ExtendedKeyUsageExtension.cs Normal file
View File

@@ -0,0 +1,138 @@
//
// ExtendedKeyUsageExtension.cs: Handles X.509 ExtendedKeyUsage extensions.
//
// Author:
// Sebastien Pouliot <sebastien@ximian.com>
//
// (C) 2003 Motus Technologies Inc. (http://www.motus.com)
// Copyright (C) 2004-2005 Novell, Inc (http://www.novell.com)
//
// Permission is hereby granted, free of charge, to any person obtaining
// a copy of this software and associated documentation files (the
// "Software"), to deal in the Software without restriction, including
// without limitation the rights to use, copy, modify, merge, publish,
// distribute, sublicense, and/or sell copies of the Software, and to
// permit persons to whom the Software is furnished to do so, subject to
// the following conditions:
//
// The above copyright notice and this permission notice shall be
// included in all copies or substantial portions of the Software.
//
// THE SOFTWARE IS PROVIDED "AS IS", WITHOUT WARRANTY OF ANY KIND,
// EXPRESS OR IMPLIED, INCLUDING BUT NOT LIMITED TO THE WARRANTIES OF
// MERCHANTABILITY, FITNESS FOR A PARTICULAR PURPOSE AND
// NONINFRINGEMENT. IN NO EVENT SHALL THE AUTHORS OR COPYRIGHT HOLDERS BE
// LIABLE FOR ANY CLAIM, DAMAGES OR OTHER LIABILITY, WHETHER IN AN ACTION
// OF CONTRACT, TORT OR OTHERWISE, ARISING FROM, OUT OF OR IN CONNECTION
// WITH THE SOFTWARE OR THE USE OR OTHER DEALINGS IN THE SOFTWARE.
//
using System;
using System.Collections;
using System.Text;
using Mono.Security;
using Mono.Security.X509;
namespace Mono.Security.X509.Extensions {
/*
* id-ce-extKeyUsage OBJECT IDENTIFIER ::= { id-ce 37 }
*
* ExtKeyUsageSyntax ::= SEQUENCE SIZE (1..MAX) OF KeyPurposeId
*
* KeyPurposeId ::= OBJECT IDENTIFIER
*/
#if INSIDE_SYSTEM
internal
#else
public
#endif
class ExtendedKeyUsageExtension : X509Extension {
private ArrayList keyPurpose;
public ExtendedKeyUsageExtension () : base ()
{
extnOid = "2.5.29.37";
keyPurpose = new ArrayList ();
}
public ExtendedKeyUsageExtension (ASN1 asn1) : base (asn1)
{
}
public ExtendedKeyUsageExtension (X509Extension extension) : base (extension)
{
}
protected override void Decode ()
{
keyPurpose = new ArrayList ();
ASN1 sequence = new ASN1 (extnValue.Value);
if (sequence.Tag != 0x30)
throw new ArgumentException ("Invalid ExtendedKeyUsage extension");
// for every policy OID
for (int i=0; i < sequence.Count; i++)
keyPurpose.Add (ASN1Convert.ToOid (sequence [i]));
}
protected override void Encode ()
{
ASN1 seq = new ASN1 (0x30);
foreach (string oid in keyPurpose) {
seq.Add (ASN1Convert.FromOid (oid));
}
extnValue = new ASN1 (0x04);
extnValue.Add (seq);
}
public ArrayList KeyPurpose {
get { return keyPurpose; }
}
public override string Name {
get { return "Extended Key Usage"; }
}
// serverAuth 1.3.6.1.5.5.7.3.1
// clientAuth 1.3.6.1.5.5.7.3.2
// codeSigning 1.3.6.1.5.5.7.3.3
// emailProtection 1.3.6.1.5.5.7.3.4
// timeStamping 1.3.6.1.5.5.7.3.8
// OCSPSigning 1.3.6.1.5.5.7.3.9
public override string ToString ()
{
StringBuilder sb = new StringBuilder ();
foreach (string s in keyPurpose) {
switch (s) {
case "1.3.6.1.5.5.7.3.1":
sb.Append ("Server Authentication");
break;
case "1.3.6.1.5.5.7.3.2":
sb.Append ("Client Authentication");
break;
case "1.3.6.1.5.5.7.3.3":
sb.Append ("Code Signing");
break;
case "1.3.6.1.5.5.7.3.4":
sb.Append ("Email Protection");
break;
case "1.3.6.1.5.5.7.3.8":
sb.Append ("Time Stamping");
break;
case "1.3.6.1.5.5.7.3.9":
sb.Append ("OCSP Signing");
break;
default:
sb.Append ("unknown");
break;
}
sb.AppendFormat (" ({0}){1}", s, Environment.NewLine);
}
return sb.ToString ();
}
}
}

256
mcs/class/Mono.Security/Mono.Security.X509.Extensions/GeneralNames.cs Normal file
View File

@@ -0,0 +1,256 @@
//
// GeneralNames.cs: Handles GeneralNames for SubjectAltNameExtension and
// CRLDistributionPointsExtension
//
// Author:
// Sebastien Pouliot <sebastien@ximian.com>
//
// (C) 2003 Motus Technologies Inc. (http://www.motus.com)
// Copyright (C) 2004-2005 Novell, Inc (http://www.novell.com)
//
// Permission is hereby granted, free of charge, to any person obtaining
// a copy of this software and associated documentation files (the
// "Software"), to deal in the Software without restriction, including
// without limitation the rights to use, copy, modify, merge, publish,
// distribute, sublicense, and/or sell copies of the Software, and to
// permit persons to whom the Software is furnished to do so, subject to
// the following conditions:
//
// The above copyright notice and this permission notice shall be
// included in all copies or substantial portions of the Software.
//
// THE SOFTWARE IS PROVIDED "AS IS", WITHOUT WARRANTY OF ANY KIND,
// EXPRESS OR IMPLIED, INCLUDING BUT NOT LIMITED TO THE WARRANTIES OF
// MERCHANTABILITY, FITNESS FOR A PARTICULAR PURPOSE AND
// NONINFRINGEMENT. IN NO EVENT SHALL THE AUTHORS OR COPYRIGHT HOLDERS BE
// LIABLE FOR ANY CLAIM, DAMAGES OR OTHER LIABILITY, WHETHER IN AN ACTION
// OF CONTRACT, TORT OR OTHERWISE, ARISING FROM, OUT OF OR IN CONNECTION
// WITH THE SOFTWARE OR THE USE OR OTHER DEALINGS IN THE SOFTWARE.
//
using System;
using System.Net;
using System.Collections;
using System.Text;
using Mono.Security;
using Mono.Security.X509;
namespace Mono.Security.X509.Extensions {
/*
* GeneralNames ::= SEQUENCE SIZE (1..MAX) OF GeneralName
*
* GeneralName ::= CHOICE {
* otherName [0] OtherName,
* rfc822Name [1] IA5String,
* dNSName [2] IA5String,
* x400Address [3] ORAddress,
* directoryName [4] Name,
* ediPartyName [5] EDIPartyName,
* uniformResourceIdentifier [6] IA5String,
* iPAddress [7] OCTET STRING,
* registeredID [8] OBJECT IDENTIFIER
* }
*
* OtherName ::= SEQUENCE {
* type-id OBJECT IDENTIFIER,
* value [0] EXPLICIT ANY DEFINED BY type-id
* }
*
* EDIPartyName ::= SEQUENCE {
* nameAssigner [0] DirectoryString OPTIONAL,
* partyName [1] DirectoryString
* }
*/
// TODO - incomplete (only rfc822Name, dNSName are supported)
internal class GeneralNames {
private ArrayList rfc822Name;
private ArrayList dnsName;
private ArrayList directoryNames;
private ArrayList uris;
private ArrayList ipAddr;
private ASN1 asn;
public GeneralNames ()
{
}
public GeneralNames (string[] rfc822s, string[] dnsNames, string[] ipAddresses, string[] uris)
{
// This is an extension
asn = new ASN1 (0x30);
if (rfc822s != null) {
rfc822Name = new ArrayList ();
foreach (string rfc822 in rfc822s) {
asn.Add (new ASN1 (0x81, Encoding.ASCII.GetBytes (rfc822)));
rfc822Name.Add (rfc822s);
}
}
if (dnsNames != null) {
dnsName = new ArrayList ();
foreach (string dnsname in dnsNames) {
asn.Add (new ASN1 (0x82, Encoding.ASCII.GetBytes (dnsname)));
dnsName.Add(dnsname);
}
}
if (ipAddresses != null) {
ipAddr = new ArrayList ();
foreach (string ipaddress in ipAddresses) {
string[] parts = ipaddress.Split ('.', ':');
byte[] bytes = new byte[parts.Length];
for (int i = 0; i < parts.Length; i++) {
bytes[i] = Byte.Parse (parts[i]);
}
asn.Add (new ASN1 (0x87, bytes));
ipAddr.Add (ipaddress);
}
}
if (uris != null) {
this.uris = new ArrayList();
foreach (string uri in uris) {
asn.Add (new ASN1 (0x86, Encoding.ASCII.GetBytes (uri)));
this.uris.Add (uri);
}
}
}
public GeneralNames (ASN1 sequence)
{
for (int i = 0; i < sequence.Count; i++) {
switch (sequence[i].Tag) {
case 0x81: // rfc822Name [1] IA5String
if (rfc822Name == null)
rfc822Name = new ArrayList ();
rfc822Name.Add (Encoding.ASCII.GetString (sequence[i].Value));
break;
case 0x82: // dNSName [2] IA5String
if (dnsName == null)
dnsName = new ArrayList ();
dnsName.Add (Encoding.ASCII.GetString (sequence[i].Value));
break;
case 0x84: // directoryName [4] Name
case 0xA4:
if (directoryNames == null)
directoryNames = new ArrayList ();
directoryNames.Add (X501.ToString (sequence[i][0]));
break;
case 0x86: // uniformResourceIdentifier [6] IA5String
if (uris == null)
uris = new ArrayList ();
uris.Add (Encoding.ASCII.GetString (sequence[i].Value));
break;
case 0x87: // iPAddress [7] OCTET STRING
if (ipAddr == null)
ipAddr = new ArrayList ();
byte[] bytes = sequence[i].Value;
string space = (bytes.Length == 4) ? "." : ":";
StringBuilder sb = new StringBuilder();
for (int j = 0; j < bytes.Length; j++) {
sb.Append (bytes[j].ToString ());
if (j < bytes.Length - 1)
sb.Append (space);
}
ipAddr.Add (sb.ToString());
if (ipAddr == null)
ipAddr = new ArrayList ();
break;
default:
break;
}
}
}
public string[] RFC822 {
get {
if (rfc822Name == null)
return new string[0];
return (string[])rfc822Name.ToArray (typeof (string));
}
}
public string[] DirectoryNames {
get {
if (directoryNames == null)
return new string[0];
return (string[])directoryNames.ToArray (typeof (string));
}
}
public string[] DNSNames {
get {
if (dnsName == null)
return new string[0];
return (string[])dnsName.ToArray (typeof (string));
}
}
public string[] UniformResourceIdentifiers {
get {
if (uris == null)
return new string[0];
return (string[])uris.ToArray (typeof (string));
}
}
public string[] IPAddresses {
get {
if (ipAddr == null)
return new string[0];
return (string[])ipAddr.ToArray (typeof (string));
}
}
public byte[] GetBytes ()
{
return asn.GetBytes ();
}
public override string ToString ()
{
StringBuilder sb = new StringBuilder ();
if (rfc822Name != null) {
foreach (string s in rfc822Name) {
sb.Append ("RFC822 Name=");
sb.Append (s);
sb.Append (Environment.NewLine);
}
}
if (dnsName != null) {
foreach (string s in dnsName) {
sb.Append ("DNS Name=");
sb.Append (s);
sb.Append (Environment.NewLine);
}
}
if (directoryNames != null) {
foreach (string s in directoryNames) {
sb.Append ("Directory Address: ");
sb.Append (s);
sb.Append (Environment.NewLine);
}
}
if (uris != null) {
foreach (string s in uris) {
sb.Append ("URL=");
sb.Append (s);
sb.Append (Environment.NewLine);
}
}
if (ipAddr != null) {
foreach (string s in ipAddr) {
sb.Append ("IP Address=");
sb.Append (s);
sb.Append (Environment.NewLine);
}
}
return sb.ToString ();
}
}
}

210
mcs/class/Mono.Security/Mono.Security.X509.Extensions/KeyAttributesExtension.cs Normal file
View File

@@ -0,0 +1,210 @@
//
// KeyAttributesExtension.cs: Handles X.509 *DEPRECATED* KeyAttributes extensions.
//
// Author:
// Sebastien Pouliot <sebastien@ximian.com>
//
// (C) 2003 Motus Technologies Inc. (http://www.motus.com)
// (C) 2004 Novell (http://www.novell.com)
//
//
// Permission is hereby granted, free of charge, to any person obtaining
// a copy of this software and associated documentation files (the
// "Software"), to deal in the Software without restriction, including
// without limitation the rights to use, copy, modify, merge, publish,
// distribute, sublicense, and/or sell copies of the Software, and to
// permit persons to whom the Software is furnished to do so, subject to
// the following conditions:
//
// The above copyright notice and this permission notice shall be
// included in all copies or substantial portions of the Software.
//
// THE SOFTWARE IS PROVIDED "AS IS", WITHOUT WARRANTY OF ANY KIND,
// EXPRESS OR IMPLIED, INCLUDING BUT NOT LIMITED TO THE WARRANTIES OF
// MERCHANTABILITY, FITNESS FOR A PARTICULAR PURPOSE AND
// NONINFRINGEMENT. IN NO EVENT SHALL THE AUTHORS OR COPYRIGHT HOLDERS BE
// LIABLE FOR ANY CLAIM, DAMAGES OR OTHER LIABILITY, WHETHER IN AN ACTION
// OF CONTRACT, TORT OR OTHERWISE, ARISING FROM, OUT OF OR IN CONNECTION
// WITH THE SOFTWARE OR THE USE OR OTHER DEALINGS IN THE SOFTWARE.
//
using System;
using System.Globalization;
using System.Text;
using Mono.Security;
using Mono.Security.X509;
namespace Mono.Security.X509.Extensions {
public class KeyAttributesExtension : X509Extension {
private byte[] keyId;
private int kubits;
private DateTime notBefore;
private DateTime notAfter;
public KeyAttributesExtension () : base ()
{
extnOid = "2.5.29.2";
}
public KeyAttributesExtension (ASN1 asn1) : base (asn1)
{
}
public KeyAttributesExtension (X509Extension extension) : base (extension)
{
}
protected override void Decode ()
{
ASN1 seq = new ASN1 (extnValue.Value);
if (seq.Tag != 0x30)
throw new ArgumentException ("Invalid KeyAttributesExtension extension");
int n = 0;
// check for KeyIdentifier
if (n < seq.Count) {
ASN1 item = seq [n];
if (item.Tag == 0x04) {
n++;
keyId = item.Value;
}
}
// check for KeyUsage
if (n < seq.Count) {
ASN1 item = seq [n];
if (item.Tag == 0x03) {
n++;
int i = 1; // byte zero has the number of unused bits (ASN1's BITSTRING)
while (i < item.Value.Length)
kubits = (kubits << 8) + item.Value [i++];
}
}
// check for PrivateKeyValidity
if (n < seq.Count) {
ASN1 item = seq [n];
if (item.Tag == 0x30) {
int i = 0;
if (i < item.Count) {
ASN1 dt = item [i];
if (dt.Tag == 0x81) {
i++;
notBefore = ASN1Convert.ToDateTime (dt);
}
}
if (i < item.Count) {
ASN1 dt = item [i];
if (dt.Tag == 0x82)
notAfter = ASN1Convert.ToDateTime (dt);
}
}
}
}
public byte[] KeyIdentifier {
get {
if (keyId == null)
return null;
return (byte[]) keyId.Clone ();
}
}
public override string Name {
get { return "Key Attributes"; }
}
public DateTime NotAfter {
get { return notAfter; }
}
public DateTime NotBefore {
get { return notBefore; }
}
public bool Support (KeyUsages usage)
{
int x = Convert.ToInt32 (usage, CultureInfo.InvariantCulture);
return ((x & kubits) == x);
}
public override string ToString ()
{
StringBuilder sb = new StringBuilder ();
if (keyId != null) {
sb.Append ("KeyID=");
int x = 0;
while (x < keyId.Length) {
sb.Append (keyId [x].ToString ("X2", CultureInfo.InvariantCulture));
if (x % 2 == 1)
sb.Append (" ");
x++;
}
sb.Append (Environment.NewLine);
}
if (kubits != 0) {
sb.Append ("Key Usage=");
const string separator = " , ";
if (Support (KeyUsages.digitalSignature))
sb.Append ("Digital Signature");
if (Support (KeyUsages.nonRepudiation)) {
if (sb.Length > 0)
sb.Append (separator);
sb.Append ("Non-Repudiation");
}
if (Support (KeyUsages.keyEncipherment)) {
if (sb.Length > 0)
sb.Append (separator);
sb.Append ("Key Encipherment");
}
if (Support (KeyUsages.dataEncipherment)) {
if (sb.Length > 0)
sb.Append (separator);
sb.Append ("Data Encipherment");
}
if (Support (KeyUsages.keyAgreement)) {
if (sb.Length > 0)
sb.Append (separator);
sb.Append ("Key Agreement");
}
if (Support (KeyUsages.keyCertSign)) {
if (sb.Length > 0)
sb.Append (separator);
sb.Append ("Certificate Signing");
}
if (Support (KeyUsages.cRLSign)) {
if (sb.Length > 0)
sb.Append (separator);
sb.Append ("CRL Signing");
}
if (Support (KeyUsages.encipherOnly)) {
if (sb.Length > 0)
sb.Append (separator);
sb.Append ("Encipher Only "); // ???
}
if (Support (KeyUsages.decipherOnly)) {
if (sb.Length > 0)
sb.Append (separator);
sb.Append ("Decipher Only"); // ???
}
sb.Append ("(");
sb.Append (kubits.ToString ("X2", CultureInfo.InvariantCulture));
sb.Append (")");
sb.Append (Environment.NewLine);
}
if (notBefore != DateTime.MinValue) {
sb.Append ("Not Before=");
sb.Append (notBefore.ToString (CultureInfo.CurrentUICulture));
sb.Append (Environment.NewLine);
}
if (notAfter != DateTime.MinValue) {
sb.Append ("Not After=");
sb.Append (notAfter.ToString (CultureInfo.CurrentUICulture));
sb.Append (Environment.NewLine);
}
return sb.ToString ();
}
}
}

197
mcs/class/Mono.Security/Mono.Security.X509.Extensions/KeyUsageExtension.cs Normal file
View File

@@ -0,0 +1,197 @@
//
// KeyUsageExtension.cs: Handles X.509 KeyUsage extensions.
//
// Author:
// Sebastien Pouliot <sebastien@ximian.com>
//
// (C) 2003 Motus Technologies Inc. (http://www.motus.com)
// Copyright (C) 2004-2005 Novell, Inc (http://www.novell.com)
//
// Permission is hereby granted, free of charge, to any person obtaining
// a copy of this software and associated documentation files (the
// "Software"), to deal in the Software without restriction, including
// without limitation the rights to use, copy, modify, merge, publish,
// distribute, sublicense, and/or sell copies of the Software, and to
// permit persons to whom the Software is furnished to do so, subject to
// the following conditions:
//
// The above copyright notice and this permission notice shall be
// included in all copies or substantial portions of the Software.
//
// THE SOFTWARE IS PROVIDED "AS IS", WITHOUT WARRANTY OF ANY KIND,
// EXPRESS OR IMPLIED, INCLUDING BUT NOT LIMITED TO THE WARRANTIES OF
// MERCHANTABILITY, FITNESS FOR A PARTICULAR PURPOSE AND
// NONINFRINGEMENT. IN NO EVENT SHALL THE AUTHORS OR COPYRIGHT HOLDERS BE
// LIABLE FOR ANY CLAIM, DAMAGES OR OTHER LIABILITY, WHETHER IN AN ACTION
// OF CONTRACT, TORT OR OTHERWISE, ARISING FROM, OUT OF OR IN CONNECTION
// WITH THE SOFTWARE OR THE USE OR OTHER DEALINGS IN THE SOFTWARE.
//
using System;
using System.Globalization;
using System.Text;
using Mono.Security;
using Mono.Security.X509;
namespace Mono.Security.X509.Extensions {
/*
* id-ce-keyUsage OBJECT IDENTIFIER ::= { id-ce 15 }
*
* KeyUsage ::= BIT STRING {
* digitalSignature (0),
* nonRepudiation (1),
* keyEncipherment (2),
* dataEncipherment (3),
* keyAgreement (4),
* keyCertSign (5),
* cRLSign (6),
* encipherOnly (7),
* decipherOnly (8)
* }
*/
// note: because nothing is simple in ASN.1 bits are reversed
[Flags]
#if INSIDE_CORLIB
internal
#else
public
#endif
enum KeyUsages {
digitalSignature = 0x80,
nonRepudiation = 0x40,
keyEncipherment = 0x20,
dataEncipherment = 0x10,
keyAgreement = 0x08,
keyCertSign = 0x04,
cRLSign = 0x02,
encipherOnly = 0x01,
decipherOnly = 0x800,
none = 0x0
}
#if INSIDE_CORLIB
internal
#else
public
#endif
class KeyUsageExtension : X509Extension {
private int kubits;
public KeyUsageExtension (ASN1 asn1) : base (asn1) {}
public KeyUsageExtension (X509Extension extension) : base (extension) {}
public KeyUsageExtension () : base ()
{
extnOid = "2.5.29.15";
}
protected override void Decode ()
{
ASN1 bitString = new ASN1 (extnValue.Value);
if (bitString.Tag != 0x03)
throw new ArgumentException ("Invalid KeyUsage extension");
int i = 1; // byte zero has the number of unused bits (ASN1's BITSTRING)
while (i < bitString.Value.Length)
kubits = (kubits << 8) + bitString.Value [i++];
}
protected override void Encode ()
{
extnValue = new ASN1 (0x04);
ushort ku = (ushort) kubits;
byte unused = 16;
if (ku > 0) {
// count the unused bits
for (unused = 15; unused > 0; unused--) {
if ((ku & 0x8000) == 0x8000)
break;
ku <<= 1;
}
if (kubits > Byte.MaxValue) {
unused -= 8;
extnValue.Add (new ASN1 (0x03, new byte[] { unused, (byte) kubits, (byte) (kubits >> 8) }));
} else {
extnValue.Add (new ASN1 (0x03, new byte[] { unused, (byte) kubits }));
}
} else {
// note: a BITSTRING with a 0 length is invalid (in ASN.1), so would an
// empty OCTETSTRING (at the parent level) so we're encoding a 0
extnValue.Add (new ASN1 (0x03, new byte[] { 7, 0 }));
}
}
public KeyUsages KeyUsage {
get { return (KeyUsages) kubits; }
set { kubits = Convert.ToInt32 (value, CultureInfo.InvariantCulture); }
}
public override string Name {
get { return "Key Usage"; }
}
public bool Support (KeyUsages usage)
{
int x = Convert.ToInt32 (usage, CultureInfo.InvariantCulture);
return ((x & kubits) == x);
}
public override string ToString ()
{
const string separator = " , ";
StringBuilder sb = new StringBuilder ();
if (Support (KeyUsages.digitalSignature))
sb.Append ("Digital Signature");
if (Support (KeyUsages.nonRepudiation)) {
if (sb.Length > 0)
sb.Append (separator);
sb.Append ("Non-Repudiation");
}
if (Support (KeyUsages.keyEncipherment)) {
if (sb.Length > 0)
sb.Append (separator);
sb.Append ("Key Encipherment");
}
if (Support (KeyUsages.dataEncipherment)) {
if (sb.Length > 0)
sb.Append (separator);
sb.Append ("Data Encipherment");
}
if (Support (KeyUsages.keyAgreement)) {
if (sb.Length > 0)
sb.Append (separator);
sb.Append ("Key Agreement");
}
if (Support (KeyUsages.keyCertSign)) {
if (sb.Length > 0)
sb.Append (separator);
sb.Append ("Certificate Signing");
}
if (Support (KeyUsages.cRLSign)) {
if (sb.Length > 0)
sb.Append (separator);
sb.Append ("CRL Signing");
}
if (Support (KeyUsages.encipherOnly)) {
if (sb.Length > 0)
sb.Append (separator);
sb.Append ("Encipher Only "); // ???
}
if (Support (KeyUsages.decipherOnly)) {
if (sb.Length > 0)
sb.Append (separator);
sb.Append ("Decipher Only"); // ???
}
sb.Append ("(");
sb.Append (kubits.ToString ("X2", CultureInfo.InvariantCulture));
sb.Append (")");
sb.Append (Environment.NewLine);
return sb.ToString ();
}
}
}

161
mcs/class/Mono.Security/Mono.Security.X509.Extensions/NetscapeCertTypeExtension.cs Normal file
View File

@@ -0,0 +1,161 @@
//
// NetscapeCertTypeExtension.cs: Handles Netscape CertType extensions.
//
// Author:
// Sebastien Pouliot <sebastien@ximian.com>
//
// (C) 2004 Novell (http://www.novell.com)
//
//
// Permission is hereby granted, free of charge, to any person obtaining
// a copy of this software and associated documentation files (the
// "Software"), to deal in the Software without restriction, including
// without limitation the rights to use, copy, modify, merge, publish,
// distribute, sublicense, and/or sell copies of the Software, and to
// permit persons to whom the Software is furnished to do so, subject to
// the following conditions:
//
// The above copyright notice and this permission notice shall be
// included in all copies or substantial portions of the Software.
//
// THE SOFTWARE IS PROVIDED "AS IS", WITHOUT WARRANTY OF ANY KIND,
// EXPRESS OR IMPLIED, INCLUDING BUT NOT LIMITED TO THE WARRANTIES OF
// MERCHANTABILITY, FITNESS FOR A PARTICULAR PURPOSE AND
// NONINFRINGEMENT. IN NO EVENT SHALL THE AUTHORS OR COPYRIGHT HOLDERS BE
// LIABLE FOR ANY CLAIM, DAMAGES OR OTHER LIABILITY, WHETHER IN AN ACTION
// OF CONTRACT, TORT OR OTHERWISE, ARISING FROM, OUT OF OR IN CONNECTION
// WITH THE SOFTWARE OR THE USE OR OTHER DEALINGS IN THE SOFTWARE.
//
using System;
using System.Globalization;
using System.Text;
using Mono.Security;
using Mono.Security.X509;
namespace Mono.Security.X509.Extensions {
// References:
// a. Netscape Certificate Extensions Navigator 3.0 Version
// http://wp.netscape.com/eng/security/cert-exts.html
// b. Netscape Certificate Extensions Communicator 4.0 Version
// http://wp.netscape.com/eng/security/comm4-cert-exts.html
// c. 2.16.840.1.113730.1.1 - Netscape certificate type
// http://www.alvestrand.no/objectid/2.16.840.1.113730.1.1.html
#if INSIDE_SYSTEM
internal
#else
public
#endif
class NetscapeCertTypeExtension : X509Extension {
/*
* bit-0 SSL client - this cert is certified for SSL client authentication use
* bit-1 SSL server - this cert is certified for SSL server authentication use
* bit-2 S/MIME - this cert is certified for use by clients(New in PR3)
* bit-3 Object Signing - this cert is certified for signing objects such as Java applets and plugins(New in PR3)
* bit-4 Reserved - this bit is reserved for future use
* bit-5 SSL CA - this cert is certified for issuing certs for SSL use
* bit-6 S/MIME CA - this cert is certified for issuing certs for S/MIME use(New in PR3)
* bit-7 Object Signing CA - this cert is certified for issuing certs for Object Signing(New in PR3)
*/
// note: because nothing is simple in ASN.1 bits are reversed
[Flags]
public enum CertTypes {
SslClient = 0x80,
SslServer = 0x40,
Smime = 0x20,
ObjectSigning = 0x10,
SslCA = 0x04,
SmimeCA = 0x02,
ObjectSigningCA = 0x01
}
private int ctbits;
public NetscapeCertTypeExtension () : base ()
{
extnOid = "2.16.840.1.113730.1.1";
}
public NetscapeCertTypeExtension (ASN1 asn1) : base (asn1)
{
}
public NetscapeCertTypeExtension (X509Extension extension) : base (extension)
{
}
protected override void Decode ()
{
ASN1 bitString = new ASN1 (extnValue.Value);
if (bitString.Tag != 0x03)
throw new ArgumentException ("Invalid NetscapeCertType extension");
int i = 1; // byte zero has the number of unused bits (ASN1's BITSTRING)
while (i < bitString.Value.Length)
ctbits = (ctbits << 8) + bitString.Value [i++];
}
public override string Name {
get { return "NetscapeCertType"; }
}
/* public CertType Type {
get { return ctbits; }
set { ctbits = value; }
}*/
public bool Support (CertTypes usage)
{
int x = Convert.ToInt32 (usage, CultureInfo.InvariantCulture);
return ((x & ctbits) == x);
}
public override string ToString ()
{
const string separator = " , ";
StringBuilder sb = new StringBuilder ();
if (Support (CertTypes.SslClient))
sb.Append ("SSL Client Authentication");
if (Support (CertTypes.SslServer)) {
if (sb.Length > 0)
sb.Append (separator);
sb.Append ("SSL Server Authentication");
}
if (Support (CertTypes.Smime)) {
if (sb.Length > 0)
sb.Append (separator);
sb.Append ("SMIME");
}
if (Support (CertTypes.ObjectSigning)) {
if (sb.Length > 0)
sb.Append (separator);
sb.Append ("Object Signing");
}
if (Support (CertTypes.SslCA)) {
if (sb.Length > 0)
sb.Append (separator);
sb.Append ("SSL CA");
}
if (Support (CertTypes.SmimeCA)) {
if (sb.Length > 0)
sb.Append (separator);
sb.Append ("SMIME CA");
}
if (Support (CertTypes.ObjectSigningCA)) {
if (sb.Length > 0)
sb.Append (separator);
sb.Append ("Object Signing CA");
}
sb.Append ("(");
sb.Append (ctbits.ToString ("X2", CultureInfo.InvariantCulture));
sb.Append (")");
sb.Append (Environment.NewLine);
return sb.ToString ();
}
}
}

105
mcs/class/Mono.Security/Mono.Security.X509.Extensions/PrivateKeyUsagePeriodExtension.cs Normal file
View File

@@ -0,0 +1,105 @@
//
// PrivateKeyUsagePeriodExtension.cs: Handles X.509 PrivateKeyUsagePeriod extensions.
//
// Author:
// Sebastien Pouliot <sebastien@ximian.com>
//
// (C) 2004 Novell (http://www.novell.com)
//
//
// Permission is hereby granted, free of charge, to any person obtaining
// a copy of this software and associated documentation files (the
// "Software"), to deal in the Software without restriction, including
// without limitation the rights to use, copy, modify, merge, publish,
// distribute, sublicense, and/or sell copies of the Software, and to
// permit persons to whom the Software is furnished to do so, subject to
// the following conditions:
//
// The above copyright notice and this permission notice shall be
// included in all copies or substantial portions of the Software.
//
// THE SOFTWARE IS PROVIDED "AS IS", WITHOUT WARRANTY OF ANY KIND,
// EXPRESS OR IMPLIED, INCLUDING BUT NOT LIMITED TO THE WARRANTIES OF
// MERCHANTABILITY, FITNESS FOR A PARTICULAR PURPOSE AND
// NONINFRINGEMENT. IN NO EVENT SHALL THE AUTHORS OR COPYRIGHT HOLDERS BE
// LIABLE FOR ANY CLAIM, DAMAGES OR OTHER LIABILITY, WHETHER IN AN ACTION
// OF CONTRACT, TORT OR OTHERWISE, ARISING FROM, OUT OF OR IN CONNECTION
// WITH THE SOFTWARE OR THE USE OR OTHER DEALINGS IN THE SOFTWARE.
//
using System;
using System.Globalization;
using System.Text;
using Mono.Security;
using Mono.Security.X509;
namespace Mono.Security.X509.Extensions {
/*
* id-ce-privateKeyUsagePeriod OBJECT IDENTIFIER ::= { id-ce 16 }
*
* PrivateKeyUsagePeriod ::= SEQUENCE {
* notBefore [0] GeneralizedTime OPTIONAL,
* notAfter [1] GeneralizedTime OPTIONAL
* }
*/
public class PrivateKeyUsagePeriodExtension : X509Extension {
private DateTime notBefore;
private DateTime notAfter;
public PrivateKeyUsagePeriodExtension () : base ()
{
extnOid = "2.5.29.16";
}
public PrivateKeyUsagePeriodExtension (ASN1 asn1) : base (asn1)
{
}
public PrivateKeyUsagePeriodExtension (X509Extension extension) : base (extension)
{
}
protected override void Decode ()
{
ASN1 sequence = new ASN1 (extnValue.Value);
if (sequence.Tag != 0x30)
throw new ArgumentException ("Invalid PrivateKeyUsagePeriod extension");
for (int i=0; i < sequence.Count; i++) {
switch (sequence [i].Tag) {
case 0x80:
notBefore = ASN1Convert.ToDateTime (sequence [i]);
break;
case 0x81:
notAfter = ASN1Convert.ToDateTime (sequence [i]);
break;
default:
throw new ArgumentException ("Invalid PrivateKeyUsagePeriod extension");
}
}
}
public override string Name {
get { return "Private Key Usage Period"; }
}
public override string ToString ()
{
StringBuilder sb = new StringBuilder ();
if (notBefore != DateTime.MinValue) {
sb.Append ("Not Before: ");
sb.Append (notBefore.ToString (CultureInfo.CurrentUICulture));
sb.Append (Environment.NewLine);
}
if (notAfter != DateTime.MinValue) {
sb.Append ("Not After: ");
sb.Append (notAfter.ToString (CultureInfo.CurrentUICulture));
sb.Append (Environment.NewLine);
}
return sb.ToString ();
}
}
}

139
mcs/class/Mono.Security/Mono.Security.X509.Extensions/SubjectAltNameExtension.cs Normal file
View File

@@ -0,0 +1,139 @@
//
// SubjectAltNameExtension.cs: Handles X.509 SubjectAltName extensions.
//
// Author:
// Sebastien Pouliot <sebastien@ximian.com>
//
// (C) 2003 Motus Technologies Inc. (http://www.motus.com)
// Copyright (C) 2004-2005 Novell, Inc (http://www.novell.com)
//
// Permission is hereby granted, free of charge, to any person obtaining
// a copy of this software and associated documentation files (the
// "Software"), to deal in the Software without restriction, including
// without limitation the rights to use, copy, modify, merge, publish,
// distribute, sublicense, and/or sell copies of the Software, and to
// permit persons to whom the Software is furnished to do so, subject to
// the following conditions:
//
// The above copyright notice and this permission notice shall be
// included in all copies or substantial portions of the Software.
//
// THE SOFTWARE IS PROVIDED "AS IS", WITHOUT WARRANTY OF ANY KIND,
// EXPRESS OR IMPLIED, INCLUDING BUT NOT LIMITED TO THE WARRANTIES OF
// MERCHANTABILITY, FITNESS FOR A PARTICULAR PURPOSE AND
// NONINFRINGEMENT. IN NO EVENT SHALL THE AUTHORS OR COPYRIGHT HOLDERS BE
// LIABLE FOR ANY CLAIM, DAMAGES OR OTHER LIABILITY, WHETHER IN AN ACTION
// OF CONTRACT, TORT OR OTHERWISE, ARISING FROM, OUT OF OR IN CONNECTION
// WITH THE SOFTWARE OR THE USE OR OTHER DEALINGS IN THE SOFTWARE.
//
using System;
using System.Net;
using System.Collections;
using System.Text;
using Mono.Security;
using Mono.Security.X509;
namespace Mono.Security.X509.Extensions {
/*
* id-ce-subjectAltName OBJECT IDENTIFIER ::= { id-ce 17 }
*
* SubjectAltName ::= GeneralNames
*
* GeneralNames ::= SEQUENCE SIZE (1..MAX) OF GeneralName
*
* GeneralName ::= CHOICE {
* otherName [0] OtherName,
* rfc822Name [1] IA5String,
* dNSName [2] IA5String,
* x400Address [3] ORAddress,
* directoryName [4] Name,
* ediPartyName [5] EDIPartyName,
* uniformResourceIdentifier [6] IA5String,
* iPAddress [7] OCTET STRING,
* registeredID [8] OBJECT IDENTIFIER
* }
*
* OtherName ::= SEQUENCE {
* type-id OBJECT IDENTIFIER,
* value [0] EXPLICIT ANY DEFINED BY type-id
* }
*
* EDIPartyName ::= SEQUENCE {
* nameAssigner [0] DirectoryString OPTIONAL,
* partyName [1] DirectoryString
* }
*/
// TODO: Directories not supported
#if INSIDE_SYSTEM
internal
#else
public
#endif
class SubjectAltNameExtension : X509Extension {
private GeneralNames _names;
public SubjectAltNameExtension ()
{
extnOid = "2.5.29.17";
_names = new GeneralNames ();
}
public SubjectAltNameExtension (ASN1 asn1)
: base (asn1)
{
}
public SubjectAltNameExtension (X509Extension extension)
: base (extension)
{
}
public SubjectAltNameExtension (string[] rfc822, string[] dnsNames,
string[] ipAddresses, string[] uris)
{
_names = new GeneralNames(rfc822, dnsNames, ipAddresses, uris);
// 0x04 for string decoding and then the General Names!
extnValue = new ASN1 (0x04, _names.GetBytes());
extnOid = "2.5.29.17";
// extnCritical = true;
}
protected override void Decode ()
{
ASN1 sequence = new ASN1 (extnValue.Value);
if (sequence.Tag != 0x30)
throw new ArgumentException ("Invalid SubjectAltName extension");
_names = new GeneralNames (sequence);
}
public override string Name {
get { return "Subject Alternative Name"; }
}
public string[] RFC822 {
get { return _names.RFC822; }
}
public string[] DNSNames {
get { return _names.DNSNames; }
}
public string[] IPAddresses {
get { return _names.IPAddresses; }
}
public string[] UniformResourceIdentifiers {
get { return _names.UniformResourceIdentifiers; }
}
public override string ToString ()
{
return _names.ToString ();
}
}
}

118
mcs/class/Mono.Security/Mono.Security.X509.Extensions/SubjectKeyIdentifierExtension.cs Normal file
View File

@@ -0,0 +1,118 @@
//
// SubjectKeyIdentifierExtension.cs: Handles X.509 SubjectKeyIdentifier extensions.
//
// Author:
// Sebastien Pouliot <sebastien@ximian.com>
//
// (C) 2004 Novell (http://www.novell.com)
//
//
// Permission is hereby granted, free of charge, to any person obtaining
// a copy of this software and associated documentation files (the
// "Software"), to deal in the Software without restriction, including
// without limitation the rights to use, copy, modify, merge, publish,
// distribute, sublicense, and/or sell copies of the Software, and to
// permit persons to whom the Software is furnished to do so, subject to
// the following conditions:
//
// The above copyright notice and this permission notice shall be
// included in all copies or substantial portions of the Software.
//
// THE SOFTWARE IS PROVIDED "AS IS", WITHOUT WARRANTY OF ANY KIND,
// EXPRESS OR IMPLIED, INCLUDING BUT NOT LIMITED TO THE WARRANTIES OF
// MERCHANTABILITY, FITNESS FOR A PARTICULAR PURPOSE AND
// NONINFRINGEMENT. IN NO EVENT SHALL THE AUTHORS OR COPYRIGHT HOLDERS BE
// LIABLE FOR ANY CLAIM, DAMAGES OR OTHER LIABILITY, WHETHER IN AN ACTION
// OF CONTRACT, TORT OR OTHERWISE, ARISING FROM, OUT OF OR IN CONNECTION
// WITH THE SOFTWARE OR THE USE OR OTHER DEALINGS IN THE SOFTWARE.
//
using System;
using System.Globalization;
using System.Text;
using Mono.Security;
using Mono.Security.X509;
namespace Mono.Security.X509.Extensions {
/*
* id-ce-subjectKeyIdentifier OBJECT IDENTIFIER ::= { id-ce 14 }
*
* SubjectKeyIdentifier ::= KeyIdentifier
*
* KeyIdentifier ::= OCTET STRING
*/
#if INSIDE_CORLIB
internal
#else
public
#endif
class SubjectKeyIdentifierExtension : X509Extension {
private byte[] ski;
public SubjectKeyIdentifierExtension () : base ()
{
extnOid = "2.5.29.14";
}
public SubjectKeyIdentifierExtension (ASN1 asn1) : base (asn1)
{
}
public SubjectKeyIdentifierExtension (X509Extension extension) : base (extension)
{
}
protected override void Decode ()
{
ASN1 sequence = new ASN1 (extnValue.Value);
if (sequence.Tag != 0x04)
throw new ArgumentException ("Invalid SubjectKeyIdentifier extension");
ski = sequence.Value;
}
protected override void Encode ()
{
if (ski == null) {
throw new InvalidOperationException ("Invalid SubjectKeyIdentifier extension");
}
var seq = new ASN1 (0x04, ski);
extnValue = new ASN1 (0x04);
extnValue.Add (seq);
}
public override string Name {
get { return "Subject Key Identifier"; }
}
public byte[] Identifier {
get {
if (ski == null)
return null;
return (byte[]) ski.Clone ();
}
set { ski = value; }
}
public override string ToString ()
{
if (ski == null)
return null;
StringBuilder sb = new StringBuilder ();
int x = 0;
while (x < ski.Length) {
sb.Append (ski [x].ToString ("X2", CultureInfo.InvariantCulture));
if (x % 2 == 1)
sb.Append (" ");
x++;
}
return sb.ToString ();
}
}
}