[pgsqlclient-checkins] pgsqlclient_10/Mono.Security/Mono.Security/Mono.Security.X509 ITrustAnchors.c
Status: Inactive
Brought to you by:
carlosga_fb
Menu
▾
▴
[pgsqlclient-checkins] pgsqlclient_10/Mono.Security/Mono.Security/Mono.Security.X509 ITrustAnchors.cs,1.1,1.2 PKCS12.cs,1.1,1.2 TrustAnchors.cs,1.2,1.3 X501Name.cs,1.1,1.2 X509Builder.cs,1.1,1.2 X509Certificate.cs,1.2,1.3 X509CertificateBuilder.cs,1.1,1.2 X509CertificateCollection.cs,1.2,1.3 X509Chain.cs,1.2,1.3 X509ChainStatusFlags.cs,1.1,1.2 X509CRL.cs,1.1,1.2 X509Extension.cs,1.1,1.2 X509Extensions.cs,1.1,1.2 X509Store.cs,1.1,1.2 X509StoreManager.cs,1.1,1.2 X509Stores.cs,1.1,1.2 X520Attributes.cs,1.2,1.3
|
From: Carlos Guzm?n ?l. <car...@us...> - 2004-05-09 12:06:30
|
Update of /cvsroot/pgsqlclient/pgsqlclient_10/Mono.Security/Mono.Security/Mono.Security.X509 In directory sc8-pr-cvs1.sourceforge.net:/tmp/cvs-serv30177 Modified Files: ITrustAnchors.cs PKCS12.cs TrustAnchors.cs X501Name.cs X509Builder.cs X509Certificate.cs X509CertificateBuilder.cs X509CertificateCollection.cs X509Chain.cs X509ChainStatusFlags.cs X509CRL.cs X509Extension.cs X509Extensions.cs X509Store.cs X509StoreManager.cs X509Stores.cs X520Attributes.cs Log Message: Sync Mono.Security stuff wit Mono Beta 1 sources Index: X509Extension.cs =================================================================== RCS file: /cvsroot/pgsqlclient/pgsqlclient_10/Mono.Security/Mono.Security/Mono.Security.X509/X509Extension.cs,v retrieving revision 1.1 retrieving revision 1.2 diff -C2 -d -r1.1 -r1.2 *** X509Extension.cs 10 Feb 2004 09:46:25 -0000 1.1 --- X509Extension.cs 9 May 2004 12:06:15 -0000 1.2 *************** *** 3,12 **** // // Author: ! // Sebastien Pouliot (spo...@mo...) // // (C) 2003 Motus Technologies Inc. (http://www.motus.com) // using System; using System.Text; --- 3,14 ---- // // Author: ! // Sebastien Pouliot <seb...@xi...> // // (C) 2003 Motus Technologies Inc. (http://www.motus.com) + // (C) 2004 Novell (http://www.novell.com) // using System; + using System.Globalization; using System.Text; *************** *** 21,25 **** * } */ ! internal class X509Extension { protected string extnOid; --- 23,32 ---- * } */ ! #if INSIDE_CORLIB ! internal ! #else ! public ! #endif ! class X509Extension { protected string extnOid; *************** *** 38,42 **** if (asn1[0].Tag != 0x06) throw new ArgumentException ("Invalid X.509 extension"); ! extnOid = ASN1Convert.ToOID (asn1 [0]); extnCritical = ((asn1[1].Tag == 0x01) && (asn1[1].Value[0] == 0xFF)); extnValue = asn1 [asn1.Count - 1]; // last element --- 45,49 ---- if (asn1[0].Tag != 0x06) throw new ArgumentException ("Invalid X.509 extension"); ! extnOid = ASN1Convert.ToOid (asn1 [0]); extnCritical = ((asn1[1].Tag == 0x01) && (asn1[1].Value[0] == 0xFF)); extnValue = asn1 [asn1.Count - 1]; // last element *************** *** 50,54 **** if ((extension.Value.Tag != 0x04) || (extension.Value.Count != 0)) throw new ArgumentException ("Invalid extension"); ! extnOid = extension.OID; extnCritical = extension.Critical; extnValue = extension.Value; --- 57,61 ---- if ((extension.Value.Tag != 0x04) || (extension.Value.Count != 0)) throw new ArgumentException ("Invalid extension"); ! extnOid = extension.Oid; extnCritical = extension.Critical; extnValue = extension.Value; *************** *** 56,67 **** } ! protected virtual void Decode () {} ! protected virtual void Encode () {} public ASN1 ASN1 { get { ASN1 extension = new ASN1 (0x30); ! extension.Add (ASN1Convert.FromOID (extnOid)); if (extnCritical) extension.Add (new ASN1 (0x01, new byte [1] { 0x01 })); --- 63,78 ---- } ! protected virtual void Decode () ! { ! } ! protected virtual void Encode () ! { ! } public ASN1 ASN1 { get { ASN1 extension = new ASN1 (0x30); ! extension.Add (ASN1Convert.FromOid (extnOid)); if (extnCritical) extension.Add (new ASN1 (0x01, new byte [1] { 0x01 })); *************** *** 73,77 **** } ! public string OID { get { return extnOid; } } --- 84,88 ---- } ! public string Oid { get { return extnOid; } } *************** *** 90,93 **** --- 101,127 ---- } + public override bool Equals (object obj) + { + if (obj == null) + return false; + + X509Extension ex = (obj as X509Extension); + if (ex == null) + return false; + + if (extnCritical != ex.extnCritical) + return false; + if (extnOid != ex.extnOid) + return false; + if (extnValue.Length != ex.extnValue.Length) + return false; + + for (int i=0; i < extnValue.Length; i++) { + if (extnValue [i] != ex.extnValue [i]) + return false; + } + return true; + } + public byte[] GetBytes () { *************** *** 95,98 **** --- 129,138 ---- } + public override int GetHashCode () + { + // OID should be unique in a collection of extensions + return extnOid.GetHashCode (); + } + private void WriteLine (StringBuilder sb, int n, int pos) { *************** *** 102,106 **** for (int j=0; j < 8; j++) { if (j < n) { ! sb.Append (value [p++].ToString ("X2")); sb.Append (" "); } --- 142,146 ---- for (int j=0; j < 8; j++) { if (j < n) { ! sb.Append (value [p++].ToString ("X2", CultureInfo.InvariantCulture)); sb.Append (" "); } Index: ITrustAnchors.cs =================================================================== RCS file: /cvsroot/pgsqlclient/pgsqlclient_10/Mono.Security/Mono.Security/Mono.Security.X509/ITrustAnchors.cs,v retrieving revision 1.1 retrieving revision 1.2 diff -C2 -d -r1.1 -r1.2 *** ITrustAnchors.cs 10 Feb 2004 09:46:25 -0000 1.1 --- ITrustAnchors.cs 9 May 2004 12:06:15 -0000 1.2 *************** *** 12,16 **** namespace Mono.Security.X509 { ! internal interface ITrustAnchors { X509CertificateCollection Anchors { get; } --- 12,16 ---- namespace Mono.Security.X509 { ! public interface ITrustAnchors { X509CertificateCollection Anchors { get; } Index: X509Stores.cs =================================================================== RCS file: /cvsroot/pgsqlclient/pgsqlclient_10/Mono.Security/Mono.Security/Mono.Security.X509/X509Stores.cs,v retrieving revision 1.1 retrieving revision 1.2 diff -C2 -d -r1.1 -r1.2 *** X509Stores.cs 5 Mar 2004 23:18:17 -0000 1.1 --- X509Stores.cs 9 May 2004 12:06:15 -0000 1.2 *************** *** 16,20 **** namespace Mono.Security.X509 { ! internal class X509Stores { private string _storePath; --- 16,25 ---- namespace Mono.Security.X509 { ! #if INSIDE_CORLIB ! internal ! #else ! public ! #endif ! class X509Stores { private string _storePath; *************** *** 106,110 **** // names ! internal class Names { // do not translate --- 111,115 ---- // names ! public class Names { // do not translate Index: X509Certificate.cs =================================================================== RCS file: /cvsroot/pgsqlclient/pgsqlclient_10/Mono.Security/Mono.Security/Mono.Security.X509/X509Certificate.cs,v retrieving revision 1.2 retrieving revision 1.3 diff -C2 -d -r1.2 -r1.3 *** X509Certificate.cs 5 Mar 2004 23:18:17 -0000 1.2 --- X509Certificate.cs 9 May 2004 12:06:15 -0000 1.3 *************** *** 3,9 **** // // Author: ! // Sebastien Pouliot (spo...@mo...) // // (C) 2002, 2003 Motus Technologies Inc. (http://www.motus.com) // --- 3,10 ---- // // Author: ! // Sebastien Pouliot <seb...@xi...> // // (C) 2002, 2003 Motus Technologies Inc. (http://www.motus.com) + // (C) 2004 Novell (http://www.novell.com) // *************** *** 21,25 **** // http://www.itu.int/ITU-T/studygroups/com17/languages/ ! internal class X509Certificate { private ASN1 decoder; --- 22,31 ---- // http://www.itu.int/ITU-T/studygroups/com17/languages/ ! #if INSIDE_CORLIB ! internal ! #else ! public ! #endif ! class X509Certificate { private ASN1 decoder; *************** *** 36,39 **** --- 42,46 ---- private string m_signaturealgo; private byte[] m_signaturealgoparams; + private byte[] certhash; // from http://www.ietf.org/rfc/rfc2459.txt *************** *** 63,67 **** private byte[] issuerUniqueID; private byte[] subjectUniqueID; ! private X509Extensions extensions; // that's were the real job is! --- 70,74 ---- private byte[] issuerUniqueID; private byte[] subjectUniqueID; ! private X509ExtensionCollection extensions; // that's were the real job is! *************** *** 116,120 **** ASN1 algorithm = subjectPublicKeyInfo.Element (0, 0x30); ASN1 algo = algorithm.Element (0, 0x06); ! m_keyalgo = ASN1Convert.ToOID (algo); // parameters ANY DEFINED BY algorithm OPTIONAL // so we dont ask for a specific (Element) type and return DER --- 123,127 ---- ASN1 algorithm = subjectPublicKeyInfo.Element (0, 0x30); ASN1 algo = algorithm.Element (0, 0x06); ! m_keyalgo = ASN1Convert.ToOid (algo); // parameters ANY DEFINED BY algorithm OPTIONAL // so we dont ask for a specific (Element) type and return DER *************** *** 127,131 **** int n = subjectPublicKey.Length - 1; m_publickey = new byte [n]; ! Array.Copy (subjectPublicKey.Value, 1, m_publickey, 0, n); // signature processing --- 134,138 ---- int n = subjectPublicKey.Length - 1; m_publickey = new byte [n]; ! Buffer.BlockCopy (subjectPublicKey.Value, 1, m_publickey, 0, n); // signature processing *************** *** 133,141 **** // first byte contains unused bits in first byte signature = new byte [bitstring.Length - 1]; ! Array.Copy (bitstring, 1, signature, 0, signature.Length); algorithm = decoder [1]; algo = algorithm.Element (0, 0x06); ! m_signaturealgo = ASN1Convert.ToOID (algo); parameters = algorithm [1]; if (parameters != null) --- 140,148 ---- // first byte contains unused bits in first byte signature = new byte [bitstring.Length - 1]; ! Buffer.BlockCopy (bitstring, 1, signature, 0, signature.Length); algorithm = decoder [1]; algo = algorithm.Element (0, 0x06); ! m_signaturealgo = ASN1Convert.ToOid (algo); parameters = algorithm [1]; if (parameters != null) *************** *** 161,167 **** ASN1 extns = tbsCertificate.Element (tbs, 0xA3); if ((extns != null) && (extns.Count == 1)) ! extensions = new X509Extensions (extns [0]); else ! extensions = new X509Extensions (null); // keep a copy of the original data --- 168,174 ---- ASN1 extns = tbsCertificate.Element (tbs, 0xA3); if ((extns != null) && (extns.Count == 1)) ! extensions = new X509ExtensionCollection (extns [0]); else ! extensions = new X509ExtensionCollection (null); // keep a copy of the original data *************** *** 188,192 **** int length = integer.Length - 1; byte[] uinteger = new byte [length]; ! Array.Copy (integer, 1, uinteger, 0, length); return uinteger; } --- 195,199 ---- int length = integer.Length - 1; byte[] uinteger = new byte [length]; ! Buffer.BlockCopy (integer, 1, uinteger, 0, length); return uinteger; } *************** *** 224,228 **** } ! public X509Extensions Extensions { get { return extensions; } } --- 231,235 ---- } ! public X509ExtensionCollection Extensions { get { return extensions; } } *************** *** 230,257 **** public byte[] Hash { get { ! HashAlgorithm hash = null; ! switch (m_signaturealgo) { ! case "1.2.840.113549.1.1.2": // MD2 with RSA encryption ! // maybe someone installed MD2 ? ! hash = HashAlgorithm.Create ("MD2"); ! break; ! case "1.2.840.113549.1.1.4": // MD5 with RSA encryption ! hash = MD5.Create (); ! break; ! case "1.2.840.113549.1.1.5": // SHA-1 with RSA Encryption ! case "1.3.14.3.2.29": // SHA1 with RSA signature ! case "1.2.840.10040.4.3": // SHA1-1 with DSA ! hash = SHA1.Create (); ! break; ! default: return null; - } - try { byte[] toBeSigned = decoder [0].GetBytes (); ! return hash.ComputeHash (toBeSigned, 0, toBeSigned.Length); ! } ! catch { ! return null; } } } --- 237,264 ---- public byte[] Hash { get { ! if (certhash == null) { ! HashAlgorithm hash = null; ! switch (m_signaturealgo) { ! case "1.2.840.113549.1.1.2": // MD2 with RSA encryption ! // maybe someone installed MD2 ? ! hash = HashAlgorithm.Create ("MD2"); ! break; ! case "1.2.840.113549.1.1.4": // MD5 with RSA encryption ! hash = MD5.Create (); ! break; ! case "1.2.840.113549.1.1.5": // SHA-1 with RSA Encryption ! case "1.3.14.3.2.29": // SHA1 with RSA signature ! case "1.2.840.10040.4.3": // SHA1-1 with DSA ! hash = SHA1.Create (); ! break; ! default: ! return null; ! } ! if ((decoder == null) || (decoder.Count < 1)) return null; byte[] toBeSigned = decoder [0].GetBytes (); ! certhash = hash.ComputeHash (toBeSigned, 0, toBeSigned.Length); } + return (byte[]) certhash.Clone (); } } *************** *** 266,274 **** public virtual byte[] KeyAlgorithmParameters { ! get { return m_keyalgoparams; } } public virtual byte[] PublicKey { ! get { return m_publickey; } } --- 273,289 ---- public virtual byte[] KeyAlgorithmParameters { ! get { ! if (m_keyalgoparams == null) ! return null; ! return (byte[]) m_keyalgoparams.Clone (); ! } } public virtual byte[] PublicKey { ! get { ! if (m_publickey == null) ! return null; ! return (byte[]) m_publickey.Clone (); ! } } *************** *** 304,312 **** public virtual byte[] SerialNumber { ! get { return serialnumber; } } public virtual byte[] Signature { get { switch (m_signaturealgo) { case "1.2.840.113549.1.1.2": // MD2 with RSA encryption --- 319,334 ---- public virtual byte[] SerialNumber { ! get { ! if (serialnumber == null) ! return null; ! return (byte[]) serialnumber.Clone (); ! } } public virtual byte[] Signature { get { + if (signature == null) + return null; + switch (m_signaturealgo) { case "1.2.840.113549.1.1.2": // MD2 with RSA encryption *************** *** 314,318 **** case "1.2.840.113549.1.1.5": // SHA-1 with RSA Encryption case "1.3.14.3.2.29": // SHA1 with RSA signature ! return signature; case "1.2.840.10040.4.3": // SHA-1 with DSA ASN1 sign = new ASN1 (signature); --- 336,341 ---- case "1.2.840.113549.1.1.5": // SHA-1 with RSA Encryption case "1.3.14.3.2.29": // SHA1 with RSA signature ! return (byte[]) signature.Clone (); ! case "1.2.840.10040.4.3": // SHA-1 with DSA ASN1 sign = new ASN1 (signature); *************** *** 323,329 **** byte[] part2 = sign [1].Value; byte[] sig = new byte [40]; ! Array.Copy (part1, 0, sig, (20 - part1.Length), part1.Length); ! Array.Copy (part2, 0, sig, (40 - part2.Length), part2.Length); return sig; default: throw new CryptographicException ("Unsupported hash algorithm: " + m_signaturealgo); --- 346,353 ---- byte[] part2 = sign [1].Value; byte[] sig = new byte [40]; ! Buffer.BlockCopy (part1, 0, sig, (20 - part1.Length), part1.Length); ! Buffer.BlockCopy (part2, 0, sig, (40 - part2.Length), part2.Length); return sig; + default: throw new CryptographicException ("Unsupported hash algorithm: " + m_signaturealgo); *************** *** 337,341 **** public virtual byte[] SignatureAlgorithmParameters { ! get { return m_signaturealgoparams; } } --- 361,369 ---- public virtual byte[] SignatureAlgorithmParameters { ! get { ! if (m_signaturealgoparams == null) ! return m_signaturealgoparams; ! return (byte[]) m_signaturealgoparams.Clone (); ! } } *************** *** 360,376 **** } ! public bool WasCurrent (DateTime date) ! { ! return ((date > ValidFrom) && (date <= ValidUntil)); ! } ! ! private byte[] GetHash (string hashName) { ! byte[] toBeSigned = decoder [0].GetBytes (); ! HashAlgorithm ha = HashAlgorithm.Create (hashName); ! return ha.ComputeHash (toBeSigned); } ! public bool VerifySignature (DSA dsa) { // signatureOID is check by both this.Hash and this.Signature --- 388,397 ---- } ! public bool WasCurrent (DateTime instant) { ! return ((instant > ValidFrom) && (instant <= ValidUntil)); } ! internal bool VerifySignature (DSA dsa) { // signatureOID is check by both this.Hash and this.Signature *************** *** 407,410 **** --- 428,434 ---- public bool VerifySignature (AsymmetricAlgorithm aa) { + if (aa == null) + throw new ArgumentNullException ("aa"); + if (aa is RSA) return VerifySignature (aa as RSA); Index: X509Chain.cs =================================================================== RCS file: /cvsroot/pgsqlclient/pgsqlclient_10/Mono.Security/Mono.Security/Mono.Security.X509/X509Chain.cs,v retrieving revision 1.2 retrieving revision 1.3 diff -C2 -d -r1.2 -r1.3 *** X509Chain.cs 5 Mar 2004 23:18:17 -0000 1.2 --- X509Chain.cs 9 May 2004 12:06:15 -0000 1.3 *************** *** 14,18 **** --- 14,23 ---- using System; + using System.Security; + using System.Security.Permissions; + + #if !INSIDE_CORLIB using System.Net; + #endif using Mono.Security.X509.Extensions; *************** *** 20,24 **** namespace Mono.Security.X509 { ! internal class X509Chain { private X509CertificateCollection roots; --- 25,34 ---- namespace Mono.Security.X509 { ! #if INSIDE_CORLIB ! internal ! #else ! public ! #endif ! class X509Chain { private X509CertificateCollection roots; *************** *** 63,73 **** roots = new X509CertificateCollection (); roots.AddRange (X509StoreManager.TrustedRootCertificates); - // TEMP (old method) - ITrustAnchors trust = (ITrustAnchors) new TrustAnchors (); - roots.AddRange (trust.Anchors); return roots; } return roots; } set { roots = value; } } --- 73,81 ---- roots = new X509CertificateCollection (); roots.AddRange (X509StoreManager.TrustedRootCertificates); return roots; } return roots; } + [SecurityPermission (SecurityAction.Demand, Flags=SecurityPermissionFlag.ControlPolicy)] set { roots = value; } } *************** *** 80,86 **** } ! public void LoadCertificates (X509CertificateCollection coll) { ! certs.AddRange (coll); } --- 88,94 ---- } ! public void LoadCertificates (X509CertificateCollection collection) { ! certs.AddRange (collection); } *************** *** 176,183 **** } - #warning "Mono Service point implementation differes from MS one" - /* // TODO - we should check for CRITICAL but unknown extensions // X509ChainStatusFlags.InvalidExtension if (ServicePointManager.CheckCertificateRevocationList) { // TODO - check revocation (CRL, OCSP ...) --- 184,191 ---- } // TODO - we should check for CRITICAL but unknown extensions // X509ChainStatusFlags.InvalidExtension + /* + #if (!NET_1_0 && !INSIDE_CORLIB) if (ServicePointManager.CheckCertificateRevocationList) { // TODO - check revocation (CRL, OCSP ...) *************** *** 185,190 **** // X509ChainStatusFlags.Revoked } ! */ ! return true; } --- 193,198 ---- // X509ChainStatusFlags.Revoked } ! #endif ! */ return true; } Index: X509Extensions.cs =================================================================== RCS file: /cvsroot/pgsqlclient/pgsqlclient_10/Mono.Security/Mono.Security/Mono.Security.X509/X509Extensions.cs,v retrieving revision 1.1 retrieving revision 1.2 diff -C2 -d -r1.1 -r1.2 *** X509Extensions.cs 10 Feb 2004 09:46:25 -0000 1.1 --- X509Extensions.cs 9 May 2004 12:06:15 -0000 1.2 *************** *** 3,9 **** // // Author: ! // Sebastien Pouliot (spo...@mo...) // // (C) 2003 Motus Technologies Inc. (http://www.motus.com) // --- 3,10 ---- // // Author: ! // Sebastien Pouliot <seb...@xi...> // // (C) 2003 Motus Technologies Inc. (http://www.motus.com) + // (C) 2004 Novell (http://www.novell.com) // *************** *** 19,33 **** * Note: 1..MAX -> There shouldn't be 0 Extensions in the ASN1 structure */ ! internal class X509Extensions : ICollection, IEnumerable { - private ArrayList extensions; private bool readOnly; ! public X509Extensions () { - extensions = new ArrayList (); } ! public X509Extensions (ASN1 asn1) : this () { readOnly = true; --- 20,37 ---- * Note: 1..MAX -> There shouldn't be 0 Extensions in the ASN1 structure */ ! #if INSIDE_CORLIB ! internal ! #else ! public ! #endif ! sealed class X509ExtensionCollection : CollectionBase, IEnumerable { private bool readOnly; ! public X509ExtensionCollection () : base () { } ! public X509ExtensionCollection (ASN1 asn1) : this () { readOnly = true; *************** *** 38,101 **** for (int i=0; i < asn1.Count; i++) { X509Extension extension = new X509Extension (asn1 [i]); ! extensions.Add (extension); } } ! // ICollection ! public int Count { ! get { return extensions.Count; } } ! // ICollection ! public bool IsSynchronized { ! get { return extensions.IsSynchronized; } } ! // ICollection ! public object SyncRoot { ! get { return extensions.SyncRoot; } } ! // ICollection ! public void CopyTo (Array array, int index) { ! extensions.CopyTo (array, index); } ! // IEnumerable ! public IEnumerator GetEnumerator () { ! return extensions.GetEnumerator (); } ! public X509Extension this [int index] { ! get { return (X509Extension) extensions [index]; } } ! public X509Extension this [string index] { ! get { ! for (int i=0; i < extensions.Count; i++) { ! X509Extension extension = (X509Extension) extensions [i]; ! if (extension.OID == index) ! return extension; ! } ! return null; } } ! public void Add (X509Extension extension) { ! if (readOnly) ! throw new NotSupportedException ("Extensions are read only"); ! extensions.Add (extension); } public byte[] GetBytes () { ! if (extensions.Count < 1) return null; ASN1 sequence = new ASN1 (0x30); ! for (int i=0; i < extensions.Count; i++) { ! X509Extension x = (X509Extension) extensions [i]; sequence.Add (x.ASN1); } --- 42,176 ---- for (int i=0; i < asn1.Count; i++) { X509Extension extension = new X509Extension (asn1 [i]); ! InnerList.Add (extension); } } ! public int Add (X509Extension extension) ! { ! if (extension == null) ! throw new ArgumentNullException ("extension"); ! if (readOnly) ! throw new NotSupportedException ("Extensions are read only"); ! ! return InnerList.Add (extension); } ! public void AddRange (X509Extension[] extension) ! { ! if (extension == null) ! throw new ArgumentNullException ("extension"); ! if (readOnly) ! throw new NotSupportedException ("Extensions are read only"); ! ! for (int i = 0; i < extension.Length; i++) ! InnerList.Add (extension [i]); } + + public void AddRange (X509ExtensionCollection collection) + { + if (collection == null) + throw new ArgumentNullException ("collection"); + if (readOnly) + throw new NotSupportedException ("Extensions are read only"); ! for (int i = 0; i < collection.InnerList.Count; i++) ! InnerList.Add (collection [i]); } ! public bool Contains (X509Extension extension) { ! return (IndexOf (extension) != -1); } ! public bool Contains (string oid) { ! return (IndexOf (oid) != -1); } ! public void CopyTo (X509Extension[] extensions, int index) ! { ! if (extensions == null) ! throw new ArgumentNullException ("extensions"); ! ! InnerList.CopyTo (extensions, index); } ! public int IndexOf (X509Extension extension) ! { ! if (extension == null) ! throw new ArgumentNullException ("extension"); ! ! for (int i=0; i < InnerList.Count; i++) { ! X509Extension ex = (X509Extension) InnerList [i]; ! if (ex.Equals (extension)) ! return i; } + return -1; } ! public int IndexOf (string oid) { ! if (oid == null) ! throw new ArgumentNullException ("oid"); ! ! for (int i=0; i < InnerList.Count; i++) { ! X509Extension ex = (X509Extension) InnerList [i]; ! if (ex.Oid == oid) ! return i; ! } ! return -1; ! } ! ! public void Insert (int index, X509Extension extension) ! { ! if (extension == null) ! throw new ArgumentNullException ("extension"); ! ! InnerList.Insert (index, extension); ! } ! ! public void Remove (X509Extension extension) ! { ! if (extension == null) ! throw new ArgumentNullException ("extension"); ! ! InnerList.Remove (extension); ! } ! ! public void Remove (string oid) ! { ! if (oid == null) ! throw new ArgumentNullException ("oid"); ! ! int index = IndexOf (oid); ! if (index != -1) ! InnerList.RemoveAt (index); ! } ! ! IEnumerator IEnumerable.GetEnumerator () ! { ! return InnerList.GetEnumerator (); ! } ! ! public X509Extension this [int index] { ! get { return (X509Extension) InnerList [index]; } ! } ! ! public X509Extension this [string oid] { ! get { ! int index = IndexOf (oid); ! if (index == -1) ! return null; ! return (X509Extension) InnerList [index]; ! } } public byte[] GetBytes () { ! if (InnerList.Count < 1) return null; ASN1 sequence = new ASN1 (0x30); ! for (int i=0; i < InnerList.Count; i++) { ! X509Extension x = (X509Extension) InnerList [i]; sequence.Add (x.ASN1); } Index: X509ChainStatusFlags.cs =================================================================== RCS file: /cvsroot/pgsqlclient/pgsqlclient_10/Mono.Security/Mono.Security/Mono.Security.X509/X509ChainStatusFlags.cs,v retrieving revision 1.1 retrieving revision 1.2 diff -C2 -d -r1.1 -r1.2 *** X509ChainStatusFlags.cs 5 Mar 2004 23:18:17 -0000 1.1 --- X509ChainStatusFlags.cs 9 May 2004 12:06:15 -0000 1.2 *************** *** 16,20 **** [Serializable] ! internal enum X509ChainStatusFlags { // CtlNotSignatureValid = 262144, // CtlNotTimeValid = 131072, --- 16,26 ---- [Serializable] ! [Flags] ! #if INSIDE_CORLIB ! internal ! #else ! public ! #endif ! enum X509ChainStatusFlags { // CtlNotSignatureValid = 262144, // CtlNotTimeValid = 131072, Index: X520Attributes.cs =================================================================== RCS file: /cvsroot/pgsqlclient/pgsqlclient_10/Mono.Security/Mono.Security/Mono.Security.X509/X520Attributes.cs,v retrieving revision 1.2 retrieving revision 1.3 diff -C2 -d -r1.2 -r1.3 *** X520Attributes.cs 5 Mar 2004 23:18:17 -0000 1.2 --- X520Attributes.cs 9 May 2004 12:06:15 -0000 1.3 *************** *** 3,9 **** // // Author: ! // Sebastien Pouliot (spo...@mo...) // // (C) 2002, 2003 Motus Technologies Inc. (http://www.motus.com) // --- 3,10 ---- // // Author: ! // Sebastien Pouliot <seb...@xi...> // // (C) 2002, 2003 Motus Technologies Inc. (http://www.motus.com) + // (C) 2004 Novell (http://www.novell.com) // *************** *** 31,49 **** * AttributeValue ::= ANY DEFINED BY AttributeType */ ! internal class X520 { ! internal abstract class AttributeTypeAndValue { ! protected string oid; ! protected string attrValue; private int upperBound; ! private byte inputEncoding; ! protected byte defaultEncoding; ! public AttributeTypeAndValue (string oid, int upperBound) { - inputEncoding = 0xFF; - defaultEncoding = 0xFF; this.oid = oid; this.upperBound = upperBound; } --- 32,60 ---- * AttributeValue ::= ANY DEFINED BY AttributeType */ ! #if INSIDE_CORLIB ! internal ! #else ! public ! #endif ! class X520 { ! public abstract class AttributeTypeAndValue { ! private string oid; ! private string attrValue; private int upperBound; ! private byte encoding; ! protected AttributeTypeAndValue (string oid, int upperBound) { this.oid = oid; this.upperBound = upperBound; + this.encoding = 0xFF; + } + + protected AttributeTypeAndValue (string oid, int upperBound, byte encoding) + { + this.oid = oid; + this.upperBound = upperBound; + this.encoding = encoding; } *************** *** 57,65 **** } ! public ASN1 GetASN1 (byte encoding) { ASN1 asn1 = new ASN1 (0x30); ! asn1.Add (ASN1Convert.FromOID (oid)); ! switch (encoding) { case 0x13: // PRINTABLESTRING --- 68,80 ---- } ! internal ASN1 GetASN1 (byte encoding) { + byte encode = encoding; + if (encode == 0xFF) + encode = SelectBestEncoding (); + ASN1 asn1 = new ASN1 (0x30); ! asn1.Add (ASN1Convert.FromOid (oid)); ! switch (encode) { case 0x13: // PRINTABLESTRING *************** *** 74,84 **** } ! public ASN1 GetASN1 () { - byte encoding = inputEncoding; - if (encoding == 0xFF) - encoding = defaultEncoding; - if (encoding == 0xFF) - encoding = SelectBestEncoding (); return GetASN1 (encoding); } --- 89,94 ---- } ! internal ASN1 GetASN1 () { return GetASN1 (encoding); } *************** *** 104,135 **** } ! internal class Name : AttributeTypeAndValue { ! public Name () : base ("2.5.4.41", 32768) {} } ! internal class CommonName : AttributeTypeAndValue { ! public CommonName () : base ("2.5.4.3", 64) {} } ! internal class LocalityName : AttributeTypeAndValue { ! public LocalityName () : base ("2.5.4.7", 128) {} } ! internal class StateOrProvinceName : AttributeTypeAndValue { ! public StateOrProvinceName () : base ("2.5.4.8", 128) {} } ! internal class OrganizationName : AttributeTypeAndValue { ! public OrganizationName () : base ("2.5.4.10", 64) {} } ! internal class OrganizationalUnitName : AttributeTypeAndValue { ! public OrganizationalUnitName () : base ("2.5.4.11", 64) {} } --- 114,157 ---- } ! public class Name : AttributeTypeAndValue { ! public Name () : base ("2.5.4.41", 32768) ! { ! } } ! public class CommonName : AttributeTypeAndValue { ! public CommonName () : base ("2.5.4.3", 64) ! { ! } } ! public class LocalityName : AttributeTypeAndValue { ! public LocalityName () : base ("2.5.4.7", 128) ! { ! } } ! public class StateOrProvinceName : AttributeTypeAndValue { ! public StateOrProvinceName () : base ("2.5.4.8", 128) ! { ! } } ! public class OrganizationName : AttributeTypeAndValue { ! public OrganizationName () : base ("2.5.4.10", 64) ! { ! } } ! public class OrganizationalUnitName : AttributeTypeAndValue { ! public OrganizationalUnitName () : base ("2.5.4.11", 64) ! { ! } } *************** *** 145,158 **** * } */ ! internal class Title : AttributeTypeAndValue { public Title () : base ("2.5.4.12", 64) {} } ! internal class CountryName : AttributeTypeAndValue { ! public CountryName () : base ("2.5.4.6", 2) { - defaultEncoding = 0x13; // PRINTABLESTRING } } --- 167,180 ---- * } */ ! public class Title : AttributeTypeAndValue { public Title () : base ("2.5.4.12", 64) {} } ! public class CountryName : AttributeTypeAndValue { ! // (0x13) PRINTABLESTRING ! public CountryName () : base ("2.5.4.6", 2, 0x13) { } } Index: X501Name.cs =================================================================== RCS file: /cvsroot/pgsqlclient/pgsqlclient_10/Mono.Security/Mono.Security/Mono.Security.X509/X501Name.cs,v retrieving revision 1.1 retrieving revision 1.2 diff -C2 -d -r1.1 -r1.2 *** X501Name.cs 10 Feb 2004 09:46:25 -0000 1.1 --- X501Name.cs 9 May 2004 12:06:15 -0000 1.2 *************** *** 3,12 **** // // Author: ! // Sebastien Pouliot (spo...@mo...) // // (C) 2002, 2003 Motus Technologies Inc. (http://www.motus.com) // using System; using System.Text; --- 3,14 ---- // // Author: ! // Sebastien Pouliot <seb...@xi...> // // (C) 2002, 2003 Motus Technologies Inc. (http://www.motus.com) + // (C) 2004 Novell (http://www.novell.com) // using System; + using System.Globalization; using System.Text; *************** *** 28,32 **** * RelativeDistinguishedName ::= SET OF AttributeTypeAndValue */ ! internal class X501 { static byte[] countryName = { 0x55, 0x04, 0x06 }; --- 30,39 ---- * RelativeDistinguishedName ::= SET OF AttributeTypeAndValue */ ! #if INSIDE_CORLIB ! internal ! #else ! public ! #endif ! sealed class X501 { static byte[] countryName = { 0x55, 0x04, 0x06 }; *************** *** 42,45 **** --- 49,56 ---- static byte[] email = { 0x2a, 0x86, 0x48, 0x86, 0xf7, 0x0d, 0x01, 0x09, 0x01 }; + private X501 () + { + } + static public string ToString (ASN1 seq) { *************** *** 80,84 **** // unknown OID sb.Append ("OID."); // NOTE: Not present as RFC2253 ! sb.Append (ASN1Convert.ToOID (poid)); sb.Append ("="); } --- 91,95 ---- // unknown OID sb.Append ("OID."); // NOTE: Not present as RFC2253 ! sb.Append (ASN1Convert.ToOid (poid)); sb.Append ("="); } *************** *** 115,121 **** } ! static private X520.AttributeTypeAndValue GetAttributeFromOID (string attributeType) { ! switch (attributeType.ToUpper ().Trim ()) { case "C": return new X520.CountryName (); --- 126,132 ---- } ! static private X520.AttributeTypeAndValue GetAttributeFromOid (string attributeType) { ! switch (attributeType.ToUpper (CultureInfo.InvariantCulture).Trim ()) { case "C": return new X520.CountryName (); *************** *** 160,164 **** string attributeValue = av.Substring (equal + 1); ! X520.AttributeTypeAndValue atv = GetAttributeFromOID (attributeType); atv.Value = attributeValue; asn1.Add (new ASN1 (0x31, atv.GetBytes ())); --- 171,175 ---- string attributeValue = av.Substring (equal + 1); ! X520.AttributeTypeAndValue atv = GetAttributeFromOid (attributeType); atv.Value = attributeValue; asn1.Add (new ASN1 (0x31, atv.GetBytes ())); Index: X509CertificateCollection.cs =================================================================== RCS file: /cvsroot/pgsqlclient/pgsqlclient_10/Mono.Security/Mono.Security/Mono.Security.X509/X509CertificateCollection.cs,v retrieving revision 1.2 retrieving revision 1.3 diff -C2 -d -r1.2 -r1.3 *** X509CertificateCollection.cs 5 Mar 2004 23:18:17 -0000 1.2 --- X509CertificateCollection.cs 9 May 2004 12:06:15 -0000 1.3 *************** *** 14,20 **** [Serializable] ! internal class X509CertificateCollection : CollectionBase, IEnumerable { ! public X509CertificateCollection () {} public X509CertificateCollection (X509Certificate [] value) --- 14,27 ---- [Serializable] ! #if INSIDE_CORLIB ! internal ! #else ! public ! #endif ! class X509CertificateCollection : CollectionBase, IEnumerable { ! public X509CertificateCollection () ! { ! } public X509CertificateCollection (X509Certificate [] value) *************** *** 131,135 **** // Inner Class ! internal class X509CertificateEnumerator : IEnumerator { private IEnumerator enumerator; --- 138,142 ---- // Inner Class ! public class X509CertificateEnumerator : IEnumerator { private IEnumerator enumerator; *************** *** 176,178 **** } } - --- 183,184 ---- Index: X509CertificateBuilder.cs =================================================================== RCS file: /cvsroot/pgsqlclient/pgsqlclient_10/Mono.Security/Mono.Security/Mono.Security.X509/X509CertificateBuilder.cs,v retrieving revision 1.1 retrieving revision 1.2 diff -C2 -d -r1.1 -r1.2 *** X509CertificateBuilder.cs 5 Mar 2004 23:18:17 -0000 1.1 --- X509CertificateBuilder.cs 9 May 2004 12:06:15 -0000 1.2 *************** *** 3,9 **** // // Author: ! // Sebastien Pouliot (spo...@mo...) // // (C) 2003 Motus Technologies Inc. (http://www.motus.com) using System; --- 3,11 ---- // // Author: ! // Sebastien Pouliot <seb...@xi...> // // (C) 2003 Motus Technologies Inc. (http://www.motus.com) + // (C) 2004 Novell (http://www.novell.com) + // using System; *************** *** 44,48 **** * } */ ! internal class X509CertificateBuilder : X509Builder { private byte version; --- 46,50 ---- * } */ ! public class X509CertificateBuilder : X509Builder { private byte version; *************** *** 55,59 **** private byte[] issuerUniqueID; private byte[] subjectUniqueID; ! private X509Extensions extensions; public X509CertificateBuilder () : this (3) {} --- 57,61 ---- private byte[] issuerUniqueID; private byte[] subjectUniqueID; ! private X509ExtensionCollection extensions; public X509CertificateBuilder () : this (3) {} *************** *** 64,68 **** throw new ArgumentException ("Invalid certificate version"); this.version = version; ! extensions = new X509Extensions (); } --- 66,70 ---- throw new ArgumentException ("Invalid certificate version"); this.version = version; ! extensions = new X509ExtensionCollection (); } *************** *** 102,116 **** } ! public byte[] IssuerUniqueID { get { return issuerUniqueID; } set { issuerUniqueID = value; } } ! public byte[] SubjectUniqueID { get { return subjectUniqueID; } set { subjectUniqueID = value; } } ! public X509Extensions Extensions { get { return extensions; } } --- 104,118 ---- } ! public byte[] IssuerUniqueId { get { return issuerUniqueID; } set { issuerUniqueID = value; } } ! public byte[] SubjectUniqueId { get { return subjectUniqueID; } set { subjectUniqueID = value; } } ! public X509ExtensionCollection Extensions { get { return extensions; } } *************** *** 163,167 **** // first byte in a BITSTRING is the number of unused bits in the first byte byte[] v = new byte [id.Length + 1]; ! Array.Copy (id, 0, v, 1, id.Length); uid.Value = v; return uid.GetBytes (); --- 165,169 ---- // first byte in a BITSTRING is the number of unused bits in the first byte byte[] v = new byte [id.Length + 1]; ! Buffer.BlockCopy (id, 0, v, 1, id.Length); uid.Value = v; return uid.GetBytes (); Index: PKCS12.cs =================================================================== RCS file: /cvsroot/pgsqlclient/pgsqlclient_10/Mono.Security/Mono.Security/Mono.Security.X509/PKCS12.cs,v retrieving revision 1.1 retrieving revision 1.2 diff -C2 -d -r1.1 -r1.2 *** PKCS12.cs 5 Mar 2004 23:18:17 -0000 1.1 --- PKCS12.cs 9 May 2004 12:06:15 -0000 1.2 *************** *** 3,9 **** // // Author: ! // Sebastien Pouliot (spo...@mo...) // // (C) 2003 Motus Technologies Inc. (http://www.motus.com) // // Key derivation translated from Bouncy Castle JCE (http://www.bouncycastle.org/) --- 3,10 ---- // // Author: ! // Sebastien Pouliot <seb...@xi...> // // (C) 2003 Motus Technologies Inc. (http://www.motus.com) + // (C) 2004 Novell (http://www.novell.com) // // Key derivation translated from Bouncy Castle JCE (http://www.bouncycastle.org/) *************** *** 22,26 **** namespace Mono.Security.X509 { ! internal class PKCS5 { public const string pbeWithMD2AndDESCBC = "1.2.840.113549.1.5.1"; --- 23,32 ---- namespace Mono.Security.X509 { ! #if INSIDE_CORLIB ! internal ! #else ! public ! #endif ! class PKCS5 { public const string pbeWithMD2AndDESCBC = "1.2.840.113549.1.5.1"; *************** *** 34,38 **** } ! internal class PKCS12 { public const string pbeWithSHAAnd128BitRC4 = "1.2.840.113549.1.12.1.1"; --- 40,49 ---- } ! #if INSIDE_CORLIB ! internal ! #else ! public ! #endif ! class PKCS12 { public const string pbeWithSHAAnd128BitRC4 = "1.2.840.113549.1.12.1.1"; *************** *** 203,210 **** --- 214,225 ---- } + static private int recommendedIterationCount = 2000; + private int _version; private byte[] _password; private ArrayList _keyBags; private X509CertificateCollection _certs; + private int _iterations; + private RandomNumberGenerator _rng; // constructors *************** *** 212,215 **** --- 227,231 ---- public PKCS12 () { + _iterations = recommendedIterationCount; _keyBags = new ArrayList (); _certs = new X509CertificateCollection (); *************** *** 255,259 **** PKCS7.ContentInfo authSafe = new PKCS7.ContentInfo (pfx [1]); ! if (authSafe.ContentType != PKCS7.data) throw new ArgumentException ("invalid authenticated safe"); --- 271,275 ---- PKCS7.ContentInfo authSafe = new PKCS7.ContentInfo (pfx [1]); ! if (authSafe.ContentType != PKCS7.Oid.data) throw new ArgumentException ("invalid authenticated safe"); *************** *** 269,273 **** throw new ArgumentException ("invalid MAC"); ASN1 macAlgorithm = mac [0]; ! string macOid = ASN1Convert.ToOID (macAlgorithm [0]); if (macOid != "1.3.14.3.2.26") throw new ArgumentException ("unsupported HMAC"); --- 285,289 ---- throw new ArgumentException ("invalid MAC"); ASN1 macAlgorithm = mac [0]; ! string macOid = ASN1Convert.ToOid (macAlgorithm [0]); if (macOid != "1.3.14.3.2.26") throw new ArgumentException ("unsupported HMAC"); *************** *** 278,299 **** throw new ArgumentException ("missing MAC salt"); ! int iterations = 1; // default value if (macData.Count > 2) { ASN1 iters = macData [2]; if (iters.Tag != 0x02) throw new ArgumentException ("invalid MAC iteration"); ! iterations = ASN1Convert.ToInt32 (iters); } - PKCS12.DeriveBytes pd = new PKCS12.DeriveBytes (); - pd.HashName = "SHA1"; - pd.Password = _password; - pd.Salt = macSalt.Value; - pd.IterationCount = iterations; - - HMACSHA1 hmac = (HMACSHA1) HMACSHA1.Create (); - hmac.Key = pd.DeriveMAC (20); byte[] authSafeData = authSafe.Content [0].Value; ! byte[] calculatedMac = hmac.ComputeHash (authSafeData, 0, authSafeData.Length); if (!Compare (macValue, calculatedMac)) throw new CryptographicException ("Invalid MAC - file may have been tampered!"); --- 294,307 ---- throw new ArgumentException ("missing MAC salt"); ! _iterations = 1; // default value if (macData.Count > 2) { ASN1 iters = macData [2]; if (iters.Tag != 0x02) throw new ArgumentException ("invalid MAC iteration"); ! _iterations = ASN1Convert.ToInt32 (iters); } byte[] authSafeData = authSafe.Content [0].Value; ! byte[] calculatedMac = MAC (_password, macSalt.Value, _iterations, authSafeData); if (!Compare (macValue, calculatedMac)) throw new CryptographicException ("Invalid MAC - file may have been tampered!"); *************** *** 305,309 **** PKCS7.ContentInfo ci = new PKCS7.ContentInfo (authenticatedSafe [i]); switch (ci.ContentType) { ! case PKCS7.data: // unencrypted (by PKCS#12) ASN1 safeContents = new ASN1 (ci.Content [0].Value); --- 313,317 ---- PKCS7.ContentInfo ci = new PKCS7.ContentInfo (authenticatedSafe [i]); switch (ci.ContentType) { ! case PKCS7.Oid.data: // unencrypted (by PKCS#12) ASN1 safeContents = new ASN1 (ci.Content [0].Value); *************** *** 313,317 **** } break; ! case PKCS7.encryptedData: // password encrypted PKCS7.EncryptedData ed = new PKCS7.EncryptedData (ci.Content [0]); --- 321,325 ---- } break; ! case PKCS7.Oid.encryptedData: // password encrypted PKCS7.EncryptedData ed = new PKCS7.EncryptedData (ci.Content [0]); *************** *** 322,326 **** } break; ! case PKCS7.envelopedData: // public key encrypted throw new NotImplementedException ("public key encrypted"); --- 330,334 ---- } break; ! case PKCS7.Oid.envelopedData: // public key encrypted throw new NotImplementedException ("public key encrypted"); *************** *** 353,356 **** --- 361,369 ---- } + public int IterationCount { + get { return _iterations; } + set { _iterations = value; } + } + public ArrayList Keys { get { return _keyBags; } *************** *** 361,364 **** --- 374,385 ---- } + internal RandomNumberGenerator RNG { + get { + if (_rng == null) + _rng = RandomNumberGenerator.Create (); + return _rng; + } + } + // private methods *************** *** 376,380 **** } ! public byte[] Decrypt (string algorithmOid, byte[] salt, int iterationCount, byte[] encryptedData) { string algorithm = null; --- 397,401 ---- } ! private SymmetricAlgorithm GetSymmetricAlgorithm (string algorithmOid, byte[] salt, int iterationCount) { string algorithm = null; *************** *** 464,469 **** sa.Mode = CipherMode.CBC; } ! ICryptoTransform ct = sa.CreateDecryptor (); ! return ct.TransformFinalBlock (encryptedData, 0, encryptedData.Length); } --- 485,505 ---- sa.Mode = CipherMode.CBC; } ! return sa; ! } ! ! public byte[] Decrypt (string algorithmOid, byte[] salt, int iterationCount, byte[] encryptedData) ! { ! SymmetricAlgorithm sa = null; ! byte[] result = null; ! try { ! sa = GetSymmetricAlgorithm (algorithmOid, salt, iterationCount); ! ICryptoTransform ct = sa.CreateDecryptor (); ! result = ct.TransformFinalBlock (encryptedData, 0, encryptedData.Length); ! } ! finally { ! if (sa != null) ! sa.Clear (); ! } ! return result; } *************** *** 476,479 **** --- 512,525 ---- } + public byte[] Encrypt (string algorithmOid, byte[] salt, int iterationCount, byte[] data) + { + byte[] result = null; + using (SymmetricAlgorithm sa = GetSymmetricAlgorithm (algorithmOid, salt, iterationCount)) { + ICryptoTransform ct = sa.CreateEncryptor (); + result = ct.TransformFinalBlock (data, 0, data.Length); + } + return result; + } + private void AddPrivateKey (PKCS8.PrivateKeyInfo pki) { *************** *** 504,508 **** ASN1 bagValue = safeBag [1]; ! string oid = ASN1Convert.ToOID (bagId); switch (oid) { case keyBag: --- 550,554 ---- ASN1 bagValue = safeBag [1]; ! string oid = ASN1Convert.ToOid (bagId); switch (oid) { case keyBag: *************** *** 537,543 **** } ! static private int recommendedIterationCount = 2000; ! /* * SafeContents ::= SEQUENCE OF SafeBag * --- 583,640 ---- } ! private ASN1 Pkcs8ShroudedKeyBag (AsymmetricAlgorithm aa) ! { ! PKCS8.PrivateKeyInfo pki = new PKCS8.PrivateKeyInfo (); ! if (aa is RSA) { ! pki.Algorithm = "1.2.840.113549.1.1.1"; ! pki.PrivateKey = PKCS8.PrivateKeyInfo.Encode ((RSA)aa); ! } ! else if (aa is DSA) { ! pki.Algorithm = null; ! pki.PrivateKey = PKCS8.PrivateKeyInfo.Encode ((DSA)aa); ! } ! else ! throw new CryptographicException ("Unknown asymmetric algorithm {0}", aa.ToString ()); ! PKCS8.EncryptedPrivateKeyInfo epki = new PKCS8.EncryptedPrivateKeyInfo (); ! epki.Algorithm = pbeWithSHAAnd3KeyTripleDESCBC; ! epki.IterationCount = _iterations; ! epki.EncryptedData = Encrypt (pbeWithSHAAnd3KeyTripleDESCBC, epki.Salt, _iterations, pki.GetBytes ()); ! ! return new ASN1 (epki.GetBytes ()); ! } ! ! private ASN1 CertificateSafeBag (X509Certificate x509) ! { ! ASN1 encapsulatedCertificate = new ASN1 (0x04, x509.RawData); ! ! PKCS7.ContentInfo ci = new PKCS7.ContentInfo (); ! ci.ContentType = x509Certificate; ! ci.Content.Add (encapsulatedCertificate); ! ! ASN1 bagValue = new ASN1 (0xA0); ! bagValue.Add (ci.ASN1); ! ! ASN1 safeBag = new ASN1 (0x30); ! safeBag.Add (ASN1Convert.FromOid (certBag)); ! safeBag.Add (bagValue); ! ! return safeBag; ! } ! ! private byte[] MAC (byte[] password, byte[] salt, int iterations, byte[] data) ! { ! PKCS12.DeriveBytes pd = new PKCS12.DeriveBytes (); ! pd.HashName = "SHA1"; ! pd.Password = password; ! pd.Salt = salt; ! pd.IterationCount = iterations; ! ! HMACSHA1 hmac = (HMACSHA1) HMACSHA1.Create (); ! hmac.Key = pd.DeriveMAC (20); ! return hmac.ComputeHash (data, 0, data.Length); ! } ! ! /* * SafeContents ::= SEQUENCE OF SafeBag * *************** *** 550,572 **** public byte[] GetBytes () { - PKCS7.ContentInfo authSafe = new PKCS7.ContentInfo (PKCS7.data); - // TODO (incomplete) byte[] salt = new byte [20]; ! RandomNumberGenerator rng = RandomNumberGenerator.Create (); ! rng.GetBytes (salt); ASN1 macData = new ASN1 (0x30); ! byte[] macValue = null; if (macValue != null) { // only for password based encryption ASN1 mac = new ASN1 (0x30); ! mac.Add (ASN1Convert.FromOID ("1.3.14.3.2.26")); // SHA1 mac.Add (new ASN1 (0x04, macValue)); macData.Add (mac); macData.Add (new ASN1 (0x04, salt)); ! macData.Add (ASN1Convert.FromInt32 (recommendedIterationCount)); } --- 647,734 ---- public byte[] GetBytes () { // TODO (incomplete) + ASN1 safeBagSequence = new ASN1 (0x30); + + if (_certs.Count > 0) { + byte[] certsSalt = new byte [8]; + RNG.GetBytes (certsSalt); + + ASN1 seqParams = new ASN1 (0x30); + seqParams.Add (new ASN1 (0x04, certsSalt)); + seqParams.Add (ASN1Convert.FromInt32 (_iterations)); + + ASN1 seqPbe = new ASN1 (0x30); + seqPbe.Add (ASN1Convert.FromOid (pbeWithSHAAnd3KeyTripleDESCBC)); + seqPbe.Add (seqParams); + + ASN1 certsSafeBag = new ASN1 (0x30); + foreach (X509Certificate x in _certs) { + ASN1 certSafeBag = CertificateSafeBag (x); + certsSafeBag.Add (certSafeBag); + } + byte[] encrypted = Encrypt (pbeWithSHAAnd3KeyTripleDESCBC, certsSalt, _iterations, certsSafeBag.GetBytes ()); + ASN1 encryptedCerts = new ASN1 (0x80, encrypted); + ASN1 seq = new ASN1 (0x30); + seq.Add (ASN1Convert.FromOid (PKCS7.Oid.data)); + seq.Add (seqPbe); + seq.Add (encryptedCerts); + + ASN1 certsVersion = new ASN1 (0x02, new byte [1] { 0x00 }); + ASN1 encData = new ASN1 (0x30); + encData.Add (certsVersion); + encData.Add (seq); + + ASN1 certsContent = new ASN1 (0xA0); + certsContent.Add (encData); + + PKCS7.ContentInfo bag = new PKCS7.ContentInfo (PKCS7.Oid.encryptedData); + bag.Content = certsContent; + safeBagSequence.Add (bag.ASN1); + } + + if (_keyBags.Count > 0) { + ASN1 safeContents = new ASN1 (0x30); + foreach (AsymmetricAlgorithm key in _keyBags) { + ASN1 safeBag = new ASN1 (0x30); + safeBag.Add (ASN1Convert.FromOid (pkcs8ShroudedKeyBag)); + ASN1 safeBagValue = new ASN1 (0xA0); + safeBagValue.Add (Pkcs8ShroudedKeyBag (key)); + safeBag.Add (safeBagValue); + safeContents.Add (safeBag); + } + + ASN1 content = new ASN1 (0xA0); + content.Add (new ASN1 (0x04, safeContents.GetBytes ())); + + PKCS7.ContentInfo keyBag = new PKCS7.ContentInfo (PKCS7.Oid.data); + keyBag.Content = content; + safeBagSequence.Add (keyBag.ASN1); + } + + ASN1 encapsulates = new ASN1 (0x04, safeBagSequence.GetBytes ()); + ASN1 ci = new ASN1 (0xA0); + ci.Add (encapsulates); + PKCS7.ContentInfo authSafe = new PKCS7.ContentInfo (PKCS7.Oid.data); + authSafe.Content = ci; + byte[] salt = new byte [20]; ! RNG.GetBytes (salt); ASN1 macData = new ASN1 (0x30); ! byte[] macValue = MAC (_password, salt, _iterations, authSafe.Content [0].Value); if (macValue != null) { // only for password based encryption + ASN1 oidSeq = new ASN1 (0x30); + oidSeq.Add (ASN1Convert.FromOid ("1.3.14.3.2.26")); // SHA1 + oidSeq.Add (new ASN1 (0x05)); + ASN1 mac = new ASN1 (0x30); ! mac.Add (oidSeq); mac.Add (new ASN1 (0x04, macValue)); macData.Add (mac); macData.Add (new ASN1 (0x04, salt)); ! macData.Add (ASN1Convert.FromInt32 (_iterations)); } *************** *** 584,587 **** --- 746,759 ---- } + public void SaveToFile (string filename) + { + using (FileStream fs = File.OpenWrite (filename)) { + byte[] data = GetBytes (); + fs.Write (data, 0, data.Length); + fs.Flush (); + fs.Close (); + } + } + // static methods *************** *** 609,614 **** if (filename == null) throw new ArgumentNullException ("filename"); - if (password == null) - throw new ArgumentNullException ("password"); return new PKCS12 (LoadFile (filename), password); --- 781,784 ---- Index: X509Store.cs =================================================================== RCS file: /cvsroot/pgsqlclient/pgsqlclient_10/Mono.Security/Mono.Security/Mono.Security.X509/X509Store.cs,v retrieving revision 1.1 retrieving revision 1.2 diff -C2 -d -r1.1 -r1.2 *** X509Store.cs 5 Mar 2004 23:18:17 -0000 1.1 --- X509Store.cs 9 May 2004 12:06:15 -0000 1.2 *************** *** 10,13 **** --- 10,14 ---- using System; using System.Collections; + using System.Globalization; using System.IO; using System.Text; *************** *** 17,21 **** namespace Mono.Security.X509 { ! internal class X509Store { private string _storePath; --- 18,27 ---- namespace Mono.Security.X509 { ! #if INSIDE_CORLIB ! internal ! #else ! public ! #endif ! class X509Store { private string _storePath; *************** *** 42,46 **** } ! public ArrayList CRLs { get { // CRL aren't applicable to all stores --- 48,52 ---- } ! public ArrayList Crls { get { // CRL aren't applicable to all stores *************** *** 50,54 **** } if (_crls == null) { ! _crls = BuildCRLsCollection (_storePath); } return _crls; --- 56,60 ---- } if (_crls == null) { ! _crls = BuildCrlsCollection (_storePath); } return _crls; *************** *** 125,129 **** sb.Append ("-"); foreach (byte b in name) { ! sb.Append (b.ToString ("X2")); } sb.Append (".cer"); --- 131,135 ---- sb.Append ("-"); foreach (byte b in name) { ! sb.Append (b.ToString ("X2", CultureInfo.InvariantCulture)); } sb.Append (".cer"); *************** *** 150,157 **** } ! private X509CRL LoadCRL (string filename) { byte[] data = Load (filename); ! X509CRL crl = new X509CRL (data); return crl; } --- 156,163 ---- } ! private X509Crl LoadCrl (string filename) { byte[] data = Load (filename); ! X509Crl crl = new X509Crl (data); return crl; } *************** *** 183,187 **** } ! private ArrayList BuildCRLsCollection (string storeName) { ArrayList list = new ArrayList (); --- 189,193 ---- } ! private ArrayList BuildCrlsCollection (string storeName) { ArrayList list = new ArrayList (); *************** *** 191,195 **** foreach (string file in files) { try { ! X509CRL crl = LoadCRL (file); list.Add (crl); } --- 197,201 ---- foreach (string file in files) { try { ! X509Crl crl = LoadCrl (file); list.Add (crl); } Index: X509Builder.cs =================================================================== RCS file: /cvsroot/pgsqlclient/pgsqlclient_10/Mono.Security/Mono.Security/Mono.Security.X509/X509Builder.cs,v retrieving revision 1.1 retrieving revision 1.2 diff -C2 -d -r1.1 -r1.2 *** X509Builder.cs 5 Mar 2004 23:18:17 -0000 1.1 --- X509Builder.cs 9 May 2004 12:06:15 -0000 1.2 *************** *** 1,3 **** --- 1,14 ---- + // + // X509Builder.cs: Abstract builder class for X509 objects + // + // Author: + // Sebastien Pouliot <seb...@xi...> + // + // (C) 2002, 2003 Motus Technologies Inc. (http://www.motus.com) + // (C) 2004 Novell (http://www.novell.com) + // + using System; + using System.Globalization; using System.Security.Cryptography; *************** *** 6,15 **** namespace Mono.Security.X509 { ! internal abstract class X509Builder { private const string defaultHash = "SHA1"; private string hashName; ! public X509Builder () { hashName = defaultHash; --- 17,26 ---- namespace Mono.Security.X509 { ! public abstract class X509Builder { private const string defaultHash = "SHA1"; private string hashName; ! protected X509Builder () { hashName = defaultHash; *************** *** 19,25 **** // move to PKCS1 ! protected string GetOID (string hashName) { ! switch (hashName.ToLower ()) { case "md2": // md2withRSAEncryption (1 2 840 113549 1 1 2) --- 30,36 ---- // move to PKCS1 ! protected string GetOid (string hashName) { ! switch (hashName.ToLower (CultureInfo.InvariantCulture)) { case "md2": // md2withRSAEncryption (1 2 840 113549 1 1 2) *************** *** 75,79 **** // first byte of BITSTRING is the number of unused bits in the first byte byte[] bitstring = new byte [signature.Length + 1]; ! Array.Copy (signature, 0, bitstring, 1, signature.Length); builder.Add (new ASN1 (0x03, bitstring)); return builder.GetBytes (); --- 86,90 ---- // first byte of BITSTRING is the number of unused bits in the first byte byte[] bitstring = new byte [signature.Length + 1]; ! Buffer.BlockCopy (signature, 0, bitstring, 1, signature.Length); builder.Add (new ASN1 (0x03, bitstring)); return builder.GetBytes (); *************** *** 82,86 **** public virtual byte[] Sign (RSA key) { ! string oid = GetOID (hashName); ASN1 tbs = ToBeSigned (oid); HashAlgorithm ha = HashAlgorithm.Create (hashName); --- 93,97 ---- public virtual byte[] Sign (RSA key) { ! string oid = GetOid (hashName); ASN1 tbs = ToBeSigned (oid); HashAlgorithm ha = HashAlgorithm.Create (hashName); *************** *** 109,115 **** // split R and S byte[] r = new byte [20]; ! Array.Copy (rs, 0, r, 0, 20); byte[] s = new byte [20]; ! Array.Copy (rs, 20, s, 0, 20); ASN1 signature = new ASN1 (0x30); signature.Add (new ASN1 (0x02, r)); --- 120,126 ---- // split R and S byte[] r = new byte [20]; ! Buffer.BlockCopy (rs, 0, r, 0, 20); byte[] s = new byte [20]; ! Buffer.BlockCopy (rs, 20, s, 0, 20); ASN1 signature = new ASN1 (0x30); signature.Add (new ASN1 (0x02, r)); Index: TrustAnchors.cs =================================================================== RCS file: /cvsroot/pgsqlclient/pgsqlclient_10/Mono.Security/Mono.Security/Mono.Security.X509/TrustAnchors.cs,v retrieving revision 1.2 retrieving revision 1.3 diff -C2 -d -r1.2 -r1.3 *** TrustAnchors.cs 5 Mar 2004 23:18:17 -0000 1.2 --- TrustAnchors.cs 9 May 2004 12:06:15 -0000 1.3 *************** *** 12,16 **** namespace Mono.Security.X509 { ! internal class TrustAnchors : ITrustAnchors { static byte[] msroot = { --- 12,21 ---- namespace Mono.Security.X509 { ! #if INSIDE_CORLIB ! internal ! #else ! public ! #endif ! class TrustAnchors : ITrustAnchors { static byte[] msroot = { Index: X509CRL.cs =================================================================== RCS file: /cvsroot/pgsqlclient/pgsqlclient_10/Mono.Security/Mono.Security/Mono.Security.X509/X509CRL.cs,v retrieving revision 1.1 retrieving revision 1.2 diff -C2 -d -r1.1 -r1.2 *** X509CRL.cs 5 Mar 2004 23:18:17 -0000 1.1 --- X509CRL.cs 9 May 2004 12:06:15 -0000 1.2 *************** *** 10,13 **** --- 10... [truncated message content] |
