pgsqlclient-checkins Mailing List for PostgreSqlClient (Page 34)
Status: Inactive
Brought to you by:
carlosga_fb
Menu
▾
▴
pgsqlclient-checkins — Mailing list for CVS commit messages.
You can subscribe to this list here.
| 2003 |
Jan
|
Feb
|
Mar
|
Apr
|
May
|
Jun
|
Jul
(120) |
Aug
(95) |
Sep
(95) |
Oct
(213) |
Nov
(114) |
Dec
(64) |
|---|---|---|---|---|---|---|---|---|---|---|---|---|
| 2004 |
Jan
(6) |
Feb
(134) |
Mar
(88) |
Apr
(28) |
May
(22) |
Jun
(15) |
Jul
(23) |
Aug
(2) |
Sep
(15) |
Oct
(2) |
Nov
(6) |
Dec
|
| 2005 |
Jan
(8) |
Feb
(6) |
Mar
|
Apr
(42) |
May
(3) |
Jun
|
Jul
|
Aug
|
Sep
(84) |
Oct
|
Nov
|
Dec
|
| 2006 |
Jan
|
Feb
|
Mar
(84) |
Apr
(46) |
May
(40) |
Jun
(8) |
Jul
|
Aug
|
Sep
|
Oct
|
Nov
|
Dec
|
|
From: <car...@us...> - 2003-11-03 16:21:57
|
Update of /cvsroot/pgsqlclient/pgsqlclient_10/Mono.Security.Protocol.Tls/Mono.Security.Protocol.Tls/Mono.Security/Mono.Security.Cryptography
In directory sc8-pr-cvs1:/tmp/cvs-serv4363
Modified Files:
MD5SHA1CryptoServiceProvider.cs
Log Message:
Added methods for create and verify a signature ( not finished )
Index: MD5SHA1CryptoServiceProvider.cs
===================================================================
RCS file: /cvsroot/pgsqlclient/pgsqlclient_10/Mono.Security.Protocol.Tls/Mono.Security.Protocol.Tls/Mono.Security/Mono.Security.Cryptography/MD5SHA1CryptoServiceProvider.cs,v
retrieving revision 1.1
retrieving revision 1.2
diff -C2 -d -r1.1 -r1.2
*** MD5SHA1CryptoServiceProvider.cs 3 Nov 2003 08:54:00 -0000 1.1
--- MD5SHA1CryptoServiceProvider.cs 3 Nov 2003 16:21:54 -0000 1.2
***************
*** 91,94 ****
--- 91,126 ----
}
+ public byte[] CreateSignature(RSA rsa)
+ {
+ if (rsa == null)
+ {
+ throw new CryptographicUnexpectedOperationException ("missing key");
+ }
+
+ #warning "MD5SHA1 hash is not supported by .NET"
+ RSAPKCS1SignatureFormatter f = new RSAPKCS1SignatureFormatter(rsa);
+ f.SetHashAlgorithm("MD5SHA1");
+
+ return f.CreateSignature(this.Hash);
+ }
+
+ public bool VerifySignature(RSA rsa, byte[] rgbSignature)
+ {
+ if (rsa == null)
+ {
+ throw new CryptographicUnexpectedOperationException ("missing key");
+ }
+ if (rgbSignature == null)
+ {
+ throw new ArgumentNullException ("rgbSignature");
+ }
+
+ #warning "MD5SHA1 hash is not supported by .NET"
+ RSAPKCS1SignatureDeformatter d = new RSAPKCS1SignatureDeformatter(rsa);
+ d.SetHashAlgorithm("MD5SHA1");
+
+ return d.VerifySignature(this.Hash, rgbSignature);
+ }
+
#endregion
}
|
|
From: <car...@us...> - 2003-11-03 16:21:28
|
Update of /cvsroot/pgsqlclient/pgsqlclient_10/Mono.Security.Protocol.Tls/Mono.Security.Protocol.Tls/Mono.Security.Protocol.Tls.Handshake/Mono.Security.Protocol.Tls.Handshake.Client
In directory sc8-pr-cvs1:/tmp/cvs-serv4208
Modified Files:
TlsClientCertificate.cs TlsClientCertificateVerify.cs
TlsServerKeyExchange.cs
Log Message:
Added changes to signatures handling code (not finished)
Index: TlsClientCertificate.cs
===================================================================
RCS file: /cvsroot/pgsqlclient/pgsqlclient_10/Mono.Security.Protocol.Tls/Mono.Security.Protocol.Tls/Mono.Security.Protocol.Tls.Handshake/Mono.Security.Protocol.Tls.Handshake.Client/TlsClientCertificate.cs,v
retrieving revision 1.8
retrieving revision 1.9
diff -C2 -d -r1.8 -r1.9
*** TlsClientCertificate.cs 3 Nov 2003 12:35:56 -0000 1.8
--- TlsClientCertificate.cs 3 Nov 2003 16:21:25 -0000 1.9
***************
*** 59,64 ****
protected override void ProcessAsTls1()
{
- #warning "Send only the appropiate type of certificate"
-
if (Session.Settings.Certificates == null ||
Session.Settings.Certificates.Count == 0)
--- 59,62 ----
Index: TlsClientCertificateVerify.cs
===================================================================
RCS file: /cvsroot/pgsqlclient/pgsqlclient_10/Mono.Security.Protocol.Tls/Mono.Security.Protocol.Tls/Mono.Security.Protocol.Tls.Handshake/Mono.Security.Protocol.Tls.Handshake.Client/TlsClientCertificateVerify.cs,v
retrieving revision 1.8
retrieving revision 1.9
diff -C2 -d -r1.8 -r1.9
*** TlsClientCertificateVerify.cs 3 Nov 2003 12:35:56 -0000 1.8
--- TlsClientCertificateVerify.cs 3 Nov 2003 16:21:25 -0000 1.9
***************
*** 63,67 ****
foreach (X509Certificate cert in Session.Settings.Certificates)
{
! HashAlgorithm hash = new MD5SHA1CryptoServiceProvider();
X509.X509Certificate c = new X509.X509Certificate(cert.GetRawCertData());
RSA rsa = c.RSA;
--- 63,67 ----
foreach (X509Certificate cert in Session.Settings.Certificates)
{
! MD5SHA1CryptoServiceProvider hash = new MD5SHA1CryptoServiceProvider();
X509.X509Certificate c = new X509.X509Certificate(cert.GetRawCertData());
RSA rsa = c.RSA;
***************
*** 80,108 ****
// Write the signature
! RSAPKCS1SignatureFormatter sf = new RSAPKCS1SignatureFormatter(rsa);
! switch (c.SignatureAlgorithm)
! {
! // MD2 with RSA encryption
! case "1.2.840.113549.1.1.2":
! // maybe someone installed MD2 ?
! sf.SetHashAlgorithm("MD2");
! break;
!
! // MD5 with RSA encryption
! case "1.2.840.113549.1.1.4":
! sf.SetHashAlgorithm("MD5");
! break;
!
! // SHA-1 with RSA Encryption
! case "1.2.840.113549.1.1.5":
! sf.SetHashAlgorithm("SHA1");
! break;
!
! default:
! throw this.Session.CreateException("Unsupported hash algorithm: " + c.SignatureAlgorithm);
! }
!
! #warning "Seems that for this we need the private key"
! Write(sf.CreateSignature(hash.Hash));
}
}
--- 80,84 ----
// Write the signature
! Write(hash.CreateSignature(rsa));
}
}
Index: TlsServerKeyExchange.cs
===================================================================
RCS file: /cvsroot/pgsqlclient/pgsqlclient_10/Mono.Security.Protocol.Tls/Mono.Security.Protocol.Tls/Mono.Security.Protocol.Tls.Handshake/Mono.Security.Protocol.Tls.Handshake.Client/TlsServerKeyExchange.cs,v
retrieving revision 1.9
retrieving revision 1.10
diff -C2 -d -r1.9 -r1.10
*** TlsServerKeyExchange.cs 3 Nov 2003 10:33:50 -0000 1.9
--- TlsServerKeyExchange.cs 3 Nov 2003 16:21:25 -0000 1.10
***************
*** 90,94 ****
private void verifySignature()
{
! HashAlgorithm hash = new MD5SHA1CryptoServiceProvider();
// Create server params array
--- 90,94 ----
private void verifySignature()
{
! MD5SHA1CryptoServiceProvider hash = new MD5SHA1CryptoServiceProvider();
// Create server params array
***************
*** 106,114 ****
// Verify Signature
- RSA rsa = new RSACryptoServiceProvider(rsaParams.Modulus.Length << 3);
- rsa.ImportParameters(rsaParams);
-
X509Certificate certificate = this.Session.Context.ServerSettings.ServerCertificates[0];
! certificate.CheckSignature(hash.Hash, "SHA1", this.signedParams);
}
--- 106,116 ----
// Verify Signature
X509Certificate certificate = this.Session.Context.ServerSettings.ServerCertificates[0];
!
! RSACryptoServiceProvider rsa = new RSACryptoServiceProvider(rsaParams.Modulus.Length << 3);
! rsa.ImportParameters(rsaParams);
!
! byte[] sign = hash.CreateSignature(rsa);
! hash.VerifySignature(rsa, this.signedParams);
}
|
|
From: <car...@us...> - 2003-11-03 12:35:59
|
Update of /cvsroot/pgsqlclient/pgsqlclient_10/Mono.Security.Protocol.Tls/Mono.Security.Protocol.Tls/Mono.Security.Protocol.Tls.Handshake/Mono.Security.Protocol.Tls.Handshake.Client
In directory sc8-pr-cvs1:/tmp/cvs-serv23255
Modified Files:
TlsClientCertificate.cs TlsClientCertificateVerify.cs
TlsServerCertificateRequest.cs
Log Message:
Fixed some minor issues
Index: TlsClientCertificate.cs
===================================================================
RCS file: /cvsroot/pgsqlclient/pgsqlclient_10/Mono.Security.Protocol.Tls/Mono.Security.Protocol.Tls/Mono.Security.Protocol.Tls.Handshake/Mono.Security.Protocol.Tls.Handshake.Client/TlsClientCertificate.cs,v
retrieving revision 1.7
retrieving revision 1.8
diff -C2 -d -r1.7 -r1.8
*** TlsClientCertificate.cs 3 Nov 2003 10:45:30 -0000 1.7
--- TlsClientCertificate.cs 3 Nov 2003 12:35:56 -0000 1.8
***************
*** 34,38 ****
public TlsClientCertificate(TlsSession session)
! : base(session, TlsHandshakeType.Finished, TlsContentType.Handshake)
{
}
--- 34,38 ----
public TlsClientCertificate(TlsSession session)
! : base(session, TlsHandshakeType.Certificate, TlsContentType.Handshake)
{
}
***************
*** 60,63 ****
--- 60,69 ----
{
#warning "Send only the appropiate type of certificate"
+
+ if (Session.Settings.Certificates == null ||
+ Session.Settings.Certificates.Count == 0)
+ {
+ throw this.Session.CreateException("Client certificate requested by the server and no client certificate specified.");
+ }
// Write client certificates information to a stream
Index: TlsClientCertificateVerify.cs
===================================================================
RCS file: /cvsroot/pgsqlclient/pgsqlclient_10/Mono.Security.Protocol.Tls/Mono.Security.Protocol.Tls/Mono.Security.Protocol.Tls.Handshake/Mono.Security.Protocol.Tls.Handshake.Client/TlsClientCertificateVerify.cs,v
retrieving revision 1.7
retrieving revision 1.8
diff -C2 -d -r1.7 -r1.8
*** TlsClientCertificateVerify.cs 3 Nov 2003 11:50:27 -0000 1.7
--- TlsClientCertificateVerify.cs 3 Nov 2003 12:35:56 -0000 1.8
***************
*** 103,106 ****
--- 103,107 ----
}
+ #warning "Seems that for this we need the private key"
Write(sf.CreateSignature(hash.Hash));
}
Index: TlsServerCertificateRequest.cs
===================================================================
RCS file: /cvsroot/pgsqlclient/pgsqlclient_10/Mono.Security.Protocol.Tls/Mono.Security.Protocol.Tls/Mono.Security.Protocol.Tls.Handshake/Mono.Security.Protocol.Tls.Handshake.Client/TlsServerCertificateRequest.cs,v
retrieving revision 1.5
retrieving revision 1.6
diff -C2 -d -r1.5 -r1.6
*** TlsServerCertificateRequest.cs 22 Oct 2003 11:48:08 -0000 1.5
--- TlsServerCertificateRequest.cs 3 Nov 2003 12:35:56 -0000 1.6
***************
*** 72,80 ****
int typesCount = this.ReadByte();
! certificateTypes = new TlsClientCertificateType[typesCount];
for (int i = 0; i < typesCount; i++)
{
! certificateTypes[i] = (TlsClientCertificateType)this.ReadByte();
}
--- 72,80 ----
int typesCount = this.ReadByte();
! this.certificateTypes = new TlsClientCertificateType[typesCount];
for (int i = 0; i < typesCount; i++)
{
! this.certificateTypes[i] = (TlsClientCertificateType)this.ReadByte();
}
***************
*** 90,106 ****
* attributeValue ANY }
*/
! int tmp = this.ReadInt16();
! ASN1 rdn = new ASN1(this.ReadBytes(this.ReadInt16()));
! distinguisedNames = new string[rdn.Count];
! #warning "needs testing"
! for (int i = 0; i < rdn.Count; i++)
! {
! // element[0] = attributeType
! // element[1] = attributeValue
! ASN1 element = new ASN1(rdn[i].Value);
! distinguisedNames[i] = Encoding.UTF8.GetString(element[1].Value);
}
}
--- 90,108 ----
* attributeValue ANY }
*/
! if (this.ReadInt16() != 0)
! {
! ASN1 rdn = new ASN1(this.ReadBytes(this.ReadInt16()));
! distinguisedNames = new string[rdn.Count];
! #warning "needs testing"
! for (int i = 0; i < rdn.Count; i++)
! {
! // element[0] = attributeType
! // element[1] = attributeValue
! ASN1 element = new ASN1(rdn[i].Value);
! distinguisedNames[i] = Encoding.UTF8.GetString(element[1].Value);
! }
}
}
|
Update of /cvsroot/pgsqlclient/pgsqlclient_10/Mono.Security.Protocol.Tls/Mono.Security.Protocol.Tls/Mono.Security.Protocol.Tls.Handshake/Mono.Security.Protocol.Tls.Handshake.Client
In directory sc8-pr-cvs1:/tmp/cvs-serv15654
Modified Files:
TlsServerCertificate.cs
Log Message:
Minor change on server certificate date validation
Index: TlsServerCertificate.cs
===================================================================
RCS file: /cvsroot/pgsqlclient/pgsqlclient_10/Mono.Security.Protocol.Tls/Mono.Security.Protocol.Tls/Mono.Security.Protocol.Tls.Handshake/Mono.Security.Protocol.Tls.Handshake.Client/TlsServerCertificate.cs,v
retrieving revision 1.7
retrieving revision 1.8
diff -C2 -d -r1.7 -r1.8
*** TlsServerCertificate.cs 28 Oct 2003 16:12:30 -0000 1.7
--- TlsServerCertificate.cs 3 Nov 2003 11:51:03 -0000 1.8
***************
*** 111,115 ****
// 1 step : Validate dates
! if (!certificate.WasCurrent(System.DateTime.Now))
{
throw Session.CreateException("Certificate received from the server expired.");
--- 111,115 ----
// 1 step : Validate dates
! if (!certificate.IsCurrent)
{
throw Session.CreateException("Certificate received from the server expired.");
|
Update of /cvsroot/pgsqlclient/pgsqlclient_10/Mono.Security.Protocol.Tls/Mono.Security.Protocol.Tls/Mono.Security.Protocol.Tls.Handshake/Mono.Security.Protocol.Tls.Handshake.Client
In directory sc8-pr-cvs1:/tmp/cvs-serv15516
Modified Files:
TlsClientCertificateVerify.cs
Log Message:
Change on signature generation
Index: TlsClientCertificateVerify.cs
===================================================================
RCS file: /cvsroot/pgsqlclient/pgsqlclient_10/Mono.Security.Protocol.Tls/Mono.Security.Protocol.Tls/Mono.Security.Protocol.Tls.Handshake/Mono.Security.Protocol.Tls.Handshake.Client/TlsClientCertificateVerify.cs,v
retrieving revision 1.6
retrieving revision 1.7
diff -C2 -d -r1.6 -r1.7
*** TlsClientCertificateVerify.cs 3 Nov 2003 10:45:30 -0000 1.6
--- TlsClientCertificateVerify.cs 3 Nov 2003 11:50:27 -0000 1.7
***************
*** 80,85 ****
// Write the signature
! RSAPKCS1SignatureFormatter sf = new RSAPKCS1SignatureFormatter(rsa);
! sf.SetHashAlgorithm(c.SignatureAlgorithm);
Write(sf.CreateSignature(hash.Hash));
--- 80,105 ----
// Write the signature
! RSAPKCS1SignatureFormatter sf = new RSAPKCS1SignatureFormatter(rsa);
! switch (c.SignatureAlgorithm)
! {
! // MD2 with RSA encryption
! case "1.2.840.113549.1.1.2":
! // maybe someone installed MD2 ?
! sf.SetHashAlgorithm("MD2");
! break;
!
! // MD5 with RSA encryption
! case "1.2.840.113549.1.1.4":
! sf.SetHashAlgorithm("MD5");
! break;
!
! // SHA-1 with RSA Encryption
! case "1.2.840.113549.1.1.5":
! sf.SetHashAlgorithm("SHA1");
! break;
!
! default:
! throw this.Session.CreateException("Unsupported hash algorithm: " + c.SignatureAlgorithm);
! }
Write(sf.CreateSignature(hash.Hash));
|
Update of /cvsroot/pgsqlclient/pgsqlclient_10/Mono.Security.Protocol.Tls/Mono.Security.Protocol.Tls/Mono.Security.Protocol.Tls.Handshake/Mono.Security.Protocol.Tls.Handshake.Client
In directory sc8-pr-cvs1:/tmp/cvs-serv5961
Modified Files:
TlsClientCertificate.cs TlsClientCertificateVerify.cs
Log Message:
Fixed typos with latest commits
Index: TlsClientCertificate.cs
===================================================================
RCS file: /cvsroot/pgsqlclient/pgsqlclient_10/Mono.Security.Protocol.Tls/Mono.Security.Protocol.Tls/Mono.Security.Protocol.Tls.Handshake/Mono.Security.Protocol.Tls.Handshake.Client/TlsClientCertificate.cs,v
retrieving revision 1.6
retrieving revision 1.7
diff -C2 -d -r1.6 -r1.7
*** TlsClientCertificate.cs 3 Nov 2003 10:33:50 -0000 1.6
--- TlsClientCertificate.cs 3 Nov 2003 10:45:30 -0000 1.7
***************
*** 59,63 ****
protected override void ProcessAsTls1()
{
! #region "Send only the appropiate type of certificate"
// Write client certificates information to a stream
--- 59,63 ----
protected override void ProcessAsTls1()
{
! #warning "Send only the appropiate type of certificate"
// Write client certificates information to a stream
Index: TlsClientCertificateVerify.cs
===================================================================
RCS file: /cvsroot/pgsqlclient/pgsqlclient_10/Mono.Security.Protocol.Tls/Mono.Security.Protocol.Tls/Mono.Security.Protocol.Tls.Handshake/Mono.Security.Protocol.Tls.Handshake.Client/TlsClientCertificateVerify.cs,v
retrieving revision 1.5
retrieving revision 1.6
diff -C2 -d -r1.5 -r1.6
*** TlsClientCertificateVerify.cs 3 Nov 2003 10:33:50 -0000 1.5
--- TlsClientCertificateVerify.cs 3 Nov 2003 10:45:30 -0000 1.6
***************
*** 28,32 ****
using System.Security.Cryptography;
using Mono.Security.Cryptography;
- using Mono.Security.Cryptography.X509Certificates as X509;
namespace Mono.Security.Protocol.Tls.Handshake.Client
--- 28,31 ----
***************
*** 64,69 ****
foreach (X509Certificate cert in Session.Settings.Certificates)
{
! HashAlgorithm hash = new MD5SHa1CryptoServiceProvider();
! X509.X509Certificate c = new X509.X509Certificate(cert.GetRawCertData);
RSA rsa = c.RSA;
RSAParameters p = rsa.ExportParameters(false);
--- 63,68 ----
foreach (X509Certificate cert in Session.Settings.Certificates)
{
! HashAlgorithm hash = new MD5SHA1CryptoServiceProvider();
! X509.X509Certificate c = new X509.X509Certificate(cert.GetRawCertData());
RSA rsa = c.RSA;
RSAParameters p = rsa.ExportParameters(false);
***************
*** 76,85 ****
data.Write(p.Exponent);
! hash.ComputeHash(data.ToArray(), 0, data.Length);
data.Reset();
// Write the signature
! RSAPKCS1SignatureFormatter sf = RSAPKCS1SignatureFormatter(rsa);
sf.SetHashAlgorithm(c.SignatureAlgorithm);
--- 75,84 ----
data.Write(p.Exponent);
! hash.ComputeHash(data.ToArray(), 0, (int)data.Length);
data.Reset();
// Write the signature
! RSAPKCS1SignatureFormatter sf = new RSAPKCS1SignatureFormatter(rsa);
sf.SetHashAlgorithm(c.SignatureAlgorithm);
|
|
From: <car...@us...> - 2003-11-03 10:34:22
|
Update of /cvsroot/pgsqlclient/pgsqlclient_10/Mono.Security.Protocol.Tls In directory sc8-pr-cvs1:/tmp/cvs-serv4311 Modified Files: changelog.txt Log Message: Updated changelog.txt Index: changelog.txt =================================================================== RCS file: /cvsroot/pgsqlclient/pgsqlclient_10/Mono.Security.Protocol.Tls/changelog.txt,v retrieving revision 1.4 retrieving revision 1.5 diff -C2 -d -r1.4 -r1.5 *** changelog.txt 3 Nov 2003 08:57:05 -0000 1.4 --- changelog.txt 3 Nov 2003 10:34:19 -0000 1.5 *************** *** 6,14 **** * TlsHandshakeMessages.cs: ! - Removed file. * Mono.Security.Cryptography/MD5SHA1CryptoServiceProvider.cs: ! - New class for md5-sha hash calculation. * Mono.Security.Protocol.Tls.Handshake.Client/TlsClientFinished.cs: --- 6,14 ---- * TlsHandshakeMessages.cs: ! - Removed file. * Mono.Security.Cryptography/MD5SHA1CryptoServiceProvider.cs: ! - New class for md5-sha hash calculation. * Mono.Security.Protocol.Tls.Handshake.Client/TlsClientFinished.cs: *************** *** 17,25 **** * Mono.Security.Protocol.Tls.Handshake.Client/TlsHandshakeMessage.cs: ! - Make use of new MD5SHA1CryptoServiceProvider class. * TlsSessionContext.cs: ! - Changed handshakeHashes member to be an TlsStream. 2003-10-28 Carlos Guzmán Álvarez <car...@te...> --- 17,35 ---- * Mono.Security.Protocol.Tls.Handshake.Client/TlsHandshakeMessage.cs: ! - Make use of new MD5SHA1CryptoServiceProvider class. ! ! * Mono.Security.Protocol.Tls.Handshake.Client/TlsClientCertificateVerify.cs: ! ! - Added initial implementation (not finished). ! ! * Mono.Security.Protocol.Tls.Handshake.Client/TlsServerKeyExchange.cs: ! ! - Minor change to message processing. ! ! - Changed verify method name to verifySignature. * TlsSessionContext.cs: ! - Changed handshakeHashes member to be an TlsStream. 2003-10-28 Carlos Guzmán Álvarez <car...@te...> |
|
From: <car...@us...> - 2003-11-03 10:33:53
|
Update of /cvsroot/pgsqlclient/pgsqlclient_10/Mono.Security.Protocol.Tls/Mono.Security.Protocol.Tls/Mono.Security.Protocol.Tls.Handshake/Mono.Security.Protocol.Tls.Handshake.Client
In directory sc8-pr-cvs1:/tmp/cvs-serv4215
Modified Files:
TlsClientCertificate.cs TlsClientCertificateVerify.cs
TlsClientFinished.cs TlsServerKeyExchange.cs
Log Message:
* Mono.Security.Protocol.Tls.Handshake.Client/TlsClientCertificateVerify.cs:
- Added initial implementation (not finished).
* Mono.Security.Protocol.Tls.Handshake.Client/TlsServerKeyExchange.cs:
- Minor change to message processing.
- Changed verify method name to verifySignature.
Index: TlsClientCertificate.cs
===================================================================
RCS file: /cvsroot/pgsqlclient/pgsqlclient_10/Mono.Security.Protocol.Tls/Mono.Security.Protocol.Tls/Mono.Security.Protocol.Tls.Handshake/Mono.Security.Protocol.Tls.Handshake.Client/TlsClientCertificate.cs,v
retrieving revision 1.5
retrieving revision 1.6
diff -C2 -d -r1.5 -r1.6
*** TlsClientCertificate.cs 22 Oct 2003 11:48:08 -0000 1.5
--- TlsClientCertificate.cs 3 Nov 2003 10:33:50 -0000 1.6
***************
*** 54,64 ****
protected override void ProcessAsSsl3()
{
! throw new NotSupportedException();
}
protected override void ProcessAsTls1()
{
! #warning "Check which type of certificates has been requested by the server"
!
// Write client certificates information to a stream
TlsStream stream = new TlsStream();
--- 54,64 ----
protected override void ProcessAsSsl3()
{
! this.ProcessAsTls1();
}
protected override void ProcessAsTls1()
{
! #region "Send only the appropiate type of certificate"
!
// Write client certificates information to a stream
TlsStream stream = new TlsStream();
Index: TlsClientCertificateVerify.cs
===================================================================
RCS file: /cvsroot/pgsqlclient/pgsqlclient_10/Mono.Security.Protocol.Tls/Mono.Security.Protocol.Tls/Mono.Security.Protocol.Tls.Handshake/Mono.Security.Protocol.Tls.Handshake.Client/TlsClientCertificateVerify.cs,v
retrieving revision 1.4
retrieving revision 1.5
diff -C2 -d -r1.4 -r1.5
*** TlsClientCertificateVerify.cs 3 Nov 2003 08:53:20 -0000 1.4
--- TlsClientCertificateVerify.cs 3 Nov 2003 10:33:50 -0000 1.5
***************
*** 26,29 ****
--- 26,33 ----
using System.Security.Cryptography.X509Certificates;
+ using System.Security.Cryptography;
+ using Mono.Security.Cryptography;
+ using Mono.Security.Cryptography.X509Certificates as X509;
+
namespace Mono.Security.Protocol.Tls.Handshake.Client
{
***************
*** 58,62 ****
protected override void ProcessAsTls1()
{
! throw new NotSupportedException();
}
--- 62,89 ----
protected override void ProcessAsTls1()
{
! foreach (X509Certificate cert in Session.Settings.Certificates)
! {
! HashAlgorithm hash = new MD5SHa1CryptoServiceProvider();
! X509.X509Certificate c = new X509.X509Certificate(cert.GetRawCertData);
! RSA rsa = c.RSA;
! RSAParameters p = rsa.ExportParameters(false);
! TlsStream data = new TlsStream();
!
! data.Write(this.Session.Context.RandomCS);
! data.Write((short)p.Modulus.Length);
! data.Write(p.Modulus);
! data.Write((short)p.Exponent.Length);
! data.Write(p.Exponent);
!
! hash.ComputeHash(data.ToArray(), 0, data.Length);
!
! data.Reset();
!
! // Write the signature
! RSAPKCS1SignatureFormatter sf = RSAPKCS1SignatureFormatter(rsa);
! sf.SetHashAlgorithm(c.SignatureAlgorithm);
!
! Write(sf.CreateSignature(hash.Hash));
! }
}
Index: TlsClientFinished.cs
===================================================================
RCS file: /cvsroot/pgsqlclient/pgsqlclient_10/Mono.Security.Protocol.Tls/Mono.Security.Protocol.Tls/Mono.Security.Protocol.Tls.Handshake/Mono.Security.Protocol.Tls.Handshake.Client/TlsClientFinished.cs,v
retrieving revision 1.8
retrieving revision 1.9
diff -C2 -d -r1.8 -r1.9
*** TlsClientFinished.cs 3 Nov 2003 08:53:20 -0000 1.8
--- TlsClientFinished.cs 3 Nov 2003 10:33:50 -0000 1.9
***************
*** 53,56 ****
--- 53,79 ----
#region PROTECTED_METHODS
+ protected override void ProcessAsSsl3()
+ {
+ this.Write(computeSslHash("MD5", Session.Context.HandshakeHashes.ToArray(), 0x434C4E54));
+ this.Write(computeSslHash("SHA1", Session.Context.HandshakeHashes.ToArray(), 0x434C4E54));
+ }
+
+ protected override void ProcessAsTls1()
+ {
+ // Compute handshake messages hash
+ HashAlgorithm hash = new MD5SHA1CryptoServiceProvider();
+ hash.ComputeHash(
+ Session.Context.HandshakeHashes.ToArray(),
+ 0,
+ (int)Session.Context.HandshakeHashes.Length);
+
+ // Write message
+ Write(Session.Context.Cipher.PRF(Session.Context.MasterSecret, "client finished", hash.Hash, 12));
+ }
+
+ #endregion
+
+ #region PRIVATE_METHODS
+
private byte[] computeSslHash(string hashName, byte[] hashes, int sender)
{
***************
*** 81,102 ****
return blockHash;
- }
-
- protected override void ProcessAsSsl3()
- {
- this.Write(computeSslHash("MD5", Session.Context.HandshakeHashes.ToArray(), 0x434C4E54));
- this.Write(computeSslHash("SHA1", Session.Context.HandshakeHashes.ToArray(), 0x434C4E54));
- }
-
- protected override void ProcessAsTls1()
- {
- HashAlgorithm hash = new MD5SHA1CryptoServiceProvider();
- hash.ComputeHash(
- Session.Context.HandshakeHashes.ToArray(),
- 0,
- (int)Session.Context.HandshakeHashes.Length);
-
- // Write message contents
- Write(Session.Context.Cipher.PRF(Session.Context.MasterSecret, "client finished", hash.Hash, 12));
}
--- 104,107 ----
Index: TlsServerKeyExchange.cs
===================================================================
RCS file: /cvsroot/pgsqlclient/pgsqlclient_10/Mono.Security.Protocol.Tls/Mono.Security.Protocol.Tls/Mono.Security.Protocol.Tls.Handshake/Mono.Security.Protocol.Tls.Handshake.Client/TlsServerKeyExchange.cs,v
retrieving revision 1.8
retrieving revision 1.9
diff -C2 -d -r1.8 -r1.9
*** TlsServerKeyExchange.cs 3 Nov 2003 08:53:20 -0000 1.8
--- TlsServerKeyExchange.cs 3 Nov 2003 10:33:50 -0000 1.9
***************
*** 45,49 ****
: base(session, TlsHandshakeType.ServerKeyExchange, buffer)
{
! verify();
}
--- 45,49 ----
: base(session, TlsHandshakeType.ServerKeyExchange, buffer)
{
! this.verifySignature();
}
***************
*** 67,71 ****
protected override void ProcessAsSsl3()
{
! throw new NotSupportedException();
}
--- 67,71 ----
protected override void ProcessAsSsl3()
{
! this.ProcessAsTls1();
}
***************
*** 75,88 ****
// Read modulus
! short length = this.ReadInt16();
! rsaParams.Modulus = this.ReadBytes(length);
// Read exponent
! length = this.ReadInt16();
! rsaParams.Exponent = this.ReadBytes(length);
// Read signed params
! length = this.ReadInt16();
! signedParams = this.ReadBytes(length);
}
--- 75,85 ----
// Read modulus
! rsaParams.Modulus = this.ReadBytes(this.ReadInt16());
// Read exponent
! rsaParams.Exponent = this.ReadBytes(this.ReadInt16());
// Read signed params
! signedParams = this.ReadBytes(this.ReadInt16());
}
***************
*** 91,95 ****
#region PRIVATE_METHODS
! private void verify()
{
HashAlgorithm hash = new MD5SHA1CryptoServiceProvider();
--- 88,92 ----
#region PRIVATE_METHODS
! private void verifySignature()
{
HashAlgorithm hash = new MD5SHA1CryptoServiceProvider();
***************
*** 108,116 ****
stream.Reset();
! // Calculate signature
RSA rsa = new RSACryptoServiceProvider(rsaParams.Modulus.Length << 3);
rsa.ImportParameters(rsaParams);
!
! // Verify Signature
X509Certificate certificate = this.Session.Context.ServerSettings.ServerCertificates[0];
certificate.CheckSignature(hash.Hash, "SHA1", this.signedParams);
--- 105,112 ----
stream.Reset();
! // Verify Signature
RSA rsa = new RSACryptoServiceProvider(rsaParams.Modulus.Length << 3);
rsa.ImportParameters(rsaParams);
!
X509Certificate certificate = this.Session.Context.ServerSettings.ServerCertificates[0];
certificate.CheckSignature(hash.Hash, "SHA1", this.signedParams);
|
|
From: <car...@us...> - 2003-11-03 08:57:08
|
Update of /cvsroot/pgsqlclient/pgsqlclient_10/Mono.Security.Protocol.Tls In directory sc8-pr-cvs1:/tmp/cvs-serv18348 Modified Files: changelog.txt Log Message: 2003-11-03 Carlos Guzmán Álvarez <car...@te...> * TlsHandshakeMessages.cs: - Removed file. * Mono.Security.Cryptography/MD5SHA1CryptoServiceProvider.cs: - New class for md5-sha hash calculation. * Mono.Security.Protocol.Tls.Handshake.Client/TlsClientFinished.cs: * Mono.Security.Protocol.Tls.Handshake.Client/TlsServerFinished.cs: * Mono.Security.Protocol.Tls.Handshake.Client/TlsServerKeyExchange.cs: * Mono.Security.Protocol.Tls.Handshake.Client/TlsHandshakeMessage.cs: - Make use of new MD5SHA1CryptoServiceProvider class. * TlsSessionContext.cs: - Changed handshakeHashes member to be an TlsStream. Index: changelog.txt =================================================================== RCS file: /cvsroot/pgsqlclient/pgsqlclient_10/Mono.Security.Protocol.Tls/changelog.txt,v retrieving revision 1.3 retrieving revision 1.4 diff -C2 -d -r1.3 -r1.4 *** changelog.txt 28 Oct 2003 16:41:25 -0000 1.3 --- changelog.txt 3 Nov 2003 08:57:05 -0000 1.4 *************** *** 2,5 **** --- 2,26 ---- --------------- ----------- ----------------------------------------- + 2003-11-03 Carlos Guzmán Álvarez <car...@te...> + + * TlsHandshakeMessages.cs: + + - Removed file. + + * Mono.Security.Cryptography/MD5SHA1CryptoServiceProvider.cs: + + - New class for md5-sha hash calculation. + + * Mono.Security.Protocol.Tls.Handshake.Client/TlsClientFinished.cs: + * Mono.Security.Protocol.Tls.Handshake.Client/TlsServerFinished.cs: + * Mono.Security.Protocol.Tls.Handshake.Client/TlsServerKeyExchange.cs: + * Mono.Security.Protocol.Tls.Handshake.Client/TlsHandshakeMessage.cs: + + - Make use of new MD5SHA1CryptoServiceProvider class. + + * TlsSessionContext.cs: + + - Changed handshakeHashes member to be an TlsStream. + 2003-10-28 Carlos Guzmán Álvarez <car...@te...> |
|
From: <car...@us...> - 2003-11-03 08:56:49
|
Update of /cvsroot/pgsqlclient/pgsqlclient_10/Mono.Security.Protocol.Tls/Mono.Security.Protocol.Tls
In directory sc8-pr-cvs1:/tmp/cvs-serv18233
Modified Files:
TlsSessionContext.cs TlsSocket.cs
Log Message:
2003-11-03 Carlos Guzmán Álvarez <car...@te...>
* TlsHandshakeMessages.cs:
- Removed file.
* Mono.Security.Cryptography/MD5SHA1CryptoServiceProvider.cs:
- New class for md5-sha hash calculation.
* Mono.Security.Protocol.Tls.Handshake.Client/TlsClientFinished.cs:
* Mono.Security.Protocol.Tls.Handshake.Client/TlsServerFinished.cs:
* Mono.Security.Protocol.Tls.Handshake.Client/TlsServerKeyExchange.cs:
* Mono.Security.Protocol.Tls.Handshake.Client/TlsHandshakeMessage.cs:
- Make use of new MD5SHA1CryptoServiceProvider class.
* TlsSessionContext.cs:
- Changed handshakeHashes member to be an TlsStream.
Index: TlsSessionContext.cs
===================================================================
RCS file: /cvsroot/pgsqlclient/pgsqlclient_10/Mono.Security.Protocol.Tls/Mono.Security.Protocol.Tls/TlsSessionContext.cs,v
retrieving revision 1.9
retrieving revision 1.10
diff -C2 -d -r1.9 -r1.10
*** TlsSessionContext.cs 21 Oct 2003 20:04:10 -0000 1.9
--- TlsSessionContext.cs 3 Nov 2003 08:56:46 -0000 1.10
***************
*** 75,79 ****
// Handshake hashes
! private TlsHandshakeHashes handshakeHashes;
#endregion
--- 75,79 ----
// Handshake hashes
! private TlsStream handshakeHashes;
#endregion
***************
*** 141,145 ****
}
! public TlsHandshakeHashes HandshakeHashes
{
get { return this.handshakeHashes; }
--- 141,145 ----
}
! public TlsStream HandshakeHashes
{
get { return this.handshakeHashes; }
***************
*** 233,237 ****
this.compressionMethod = TlsCompressionMethod.None;
this.serverSettings = new TlsServerSettings();
! this.handshakeHashes = new TlsHandshakeHashes();
}
--- 233,237 ----
this.compressionMethod = TlsCompressionMethod.None;
this.serverSettings = new TlsServerSettings();
! this.handshakeHashes = new TlsStream();
}
Index: TlsSocket.cs
===================================================================
RCS file: /cvsroot/pgsqlclient/pgsqlclient_10/Mono.Security.Protocol.Tls/Mono.Security.Protocol.Tls/TlsSocket.cs,v
retrieving revision 1.10
retrieving revision 1.11
diff -C2 -d -r1.10 -r1.11
*** TlsSocket.cs 24 Oct 2003 09:39:21 -0000 1.10
--- TlsSocket.cs 3 Nov 2003 08:56:46 -0000 1.11
***************
*** 252,256 ****
}
// Update handshakes of current messages
! this.session.Context.HandshakeHashes.Update(message.ToArray());
break;
--- 252,256 ----
}
// Update handshakes of current messages
! this.session.Context.HandshakeHashes.Write(message.ToArray());
break;
|
Update of /cvsroot/pgsqlclient/pgsqlclient_10/Mono.Security.Protocol.Tls/Mono.Security.Protocol.Tls/Mono.Security/Mono.Security.Cryptography In directory sc8-pr-cvs1:/tmp/cvs-serv17820 Added Files: MD5SHA1CryptoServiceProvider.cs Log Message: 2003-11-03 Carlos Guzmán Álvarez <car...@te...> * TlsHandshakeMessages.cs: - Removed file. * Mono.Security.Cryptography/MD5SHA1CryptoServiceProvider.cs: - New class for md5-sha hash calculation. * Mono.Security.Protocol.Tls.Handshake.Client/TlsClientFinished.cs: * Mono.Security.Protocol.Tls.Handshake.Client/TlsServerFinished.cs: * Mono.Security.Protocol.Tls.Handshake.Client/TlsServerKeyExchange.cs: * Mono.Security.Protocol.Tls.Handshake.Client/TlsHandshakeMessage.cs: - Make use of new MD5SHA1CryptoServiceProvider class. * TlsSessionContext.cs: - Changed handshakeHashes member to be an TlsStream. --- NEW FILE: MD5SHA1CryptoServiceProvider.cs --- (This appears to be a binary file; contents omitted.) |
|
From: <car...@us...> - 2003-11-03 08:53:23
|
Update of /cvsroot/pgsqlclient/pgsqlclient_10/Mono.Security.Protocol.Tls/Mono.Security.Protocol.Tls/Mono.Security.Protocol.Tls.Handshake/Mono.Security.Protocol.Tls.Handshake.Client
In directory sc8-pr-cvs1:/tmp/cvs-serv17711/Mono.Security.Protocol.Tls.Handshake.Client
Modified Files:
TlsClientCertificateVerify.cs TlsClientFinished.cs
TlsServerFinished.cs TlsServerKeyExchange.cs
Log Message:
2003-11-03 Carlos Guzmán Álvarez <car...@te...>
* TlsHandshakeMessages.cs:
- Removed file.
* Mono.Security.Cryptography/MD5SHA1CryptoServiceProvider.cs:
- New class for md5-sha hash calculation.
* Mono.Security.Protocol.Tls.Handshake.Client/TlsClientFinished.cs:
* Mono.Security.Protocol.Tls.Handshake.Client/TlsServerFinished.cs:
* Mono.Security.Protocol.Tls.Handshake.Client/TlsServerKeyExchange.cs:
* Mono.Security.Protocol.Tls.Handshake.Client/TlsHandshakeMessage.cs:
- Make use of new MD5SHA1CryptoServiceProvider class.
* TlsSessionContext.cs:
- Changed handshakeHashes member to be an TlsStream.
Index: TlsClientCertificateVerify.cs
===================================================================
RCS file: /cvsroot/pgsqlclient/pgsqlclient_10/Mono.Security.Protocol.Tls/Mono.Security.Protocol.Tls/Mono.Security.Protocol.Tls.Handshake/Mono.Security.Protocol.Tls.Handshake.Client/TlsClientCertificateVerify.cs,v
retrieving revision 1.3
retrieving revision 1.4
diff -C2 -d -r1.3 -r1.4
*** TlsClientCertificateVerify.cs 28 Oct 2003 16:12:30 -0000 1.3
--- TlsClientCertificateVerify.cs 3 Nov 2003 08:53:20 -0000 1.4
***************
*** 53,62 ****
protected override void ProcessAsSsl3()
{
! this.ProcessAsTls1();
}
protected override void ProcessAsTls1()
{
- #warning "Process message here"
throw new NotSupportedException();
}
--- 53,61 ----
protected override void ProcessAsSsl3()
{
! throw new NotSupportedException();
}
protected override void ProcessAsTls1()
{
throw new NotSupportedException();
}
Index: TlsClientFinished.cs
===================================================================
RCS file: /cvsroot/pgsqlclient/pgsqlclient_10/Mono.Security.Protocol.Tls/Mono.Security.Protocol.Tls/Mono.Security.Protocol.Tls.Handshake/Mono.Security.Protocol.Tls.Handshake.Client/TlsClientFinished.cs,v
retrieving revision 1.7
retrieving revision 1.8
diff -C2 -d -r1.7 -r1.8
*** TlsClientFinished.cs 22 Oct 2003 11:48:08 -0000 1.7
--- TlsClientFinished.cs 3 Nov 2003 08:53:20 -0000 1.8
***************
*** 26,29 ****
--- 26,31 ----
using System.Security.Cryptography;
+ using Mono.Security.Cryptography;
+
namespace Mono.Security.Protocol.Tls.Handshake.Client
{
***************
*** 83,106 ****
protected override void ProcessAsSsl3()
{
! this.Write(computeSslHash("MD5", Session.Context.HandshakeHashes.Messages, 0x434C4E54));
! this.Write(computeSslHash("SHA1", Session.Context.HandshakeHashes.Messages, 0x434C4E54));
!
! Session.Context.HandshakeHashes.Reset();
}
protected override void ProcessAsTls1()
{
! // Get hashes of handshake messages
! TlsStream hashes = new TlsStream();
!
! hashes.Write(Session.Context.HandshakeHashes.GetMD5Hash());
! hashes.Write(Session.Context.HandshakeHashes.GetSHAHash());
// Write message contents
! Write(Session.Context.Cipher.PRF(Session.Context.MasterSecret, "client finished", hashes.ToArray(), 12));
!
! // Reset data
! hashes.Reset();
! Session.Context.HandshakeHashes.Reset();
}
--- 85,102 ----
protected override void ProcessAsSsl3()
{
! this.Write(computeSslHash("MD5", Session.Context.HandshakeHashes.ToArray(), 0x434C4E54));
! this.Write(computeSslHash("SHA1", Session.Context.HandshakeHashes.ToArray(), 0x434C4E54));
}
protected override void ProcessAsTls1()
{
! HashAlgorithm hash = new MD5SHA1CryptoServiceProvider();
! hash.ComputeHash(
! Session.Context.HandshakeHashes.ToArray(),
! 0,
! (int)Session.Context.HandshakeHashes.Length);
// Write message contents
! Write(Session.Context.Cipher.PRF(Session.Context.MasterSecret, "client finished", hash.Hash, 12));
}
Index: TlsServerFinished.cs
===================================================================
RCS file: /cvsroot/pgsqlclient/pgsqlclient_10/Mono.Security.Protocol.Tls/Mono.Security.Protocol.Tls/Mono.Security.Protocol.Tls.Handshake/Mono.Security.Protocol.Tls.Handshake.Client/TlsServerFinished.cs,v
retrieving revision 1.8
retrieving revision 1.9
diff -C2 -d -r1.8 -r1.9
*** TlsServerFinished.cs 22 Oct 2003 11:48:08 -0000 1.8
--- TlsServerFinished.cs 3 Nov 2003 08:53:20 -0000 1.9
***************
*** 26,29 ****
--- 26,31 ----
using System.Security.Cryptography;
+ using Mono.Security.Cryptography;
+
namespace Mono.Security.Protocol.Tls.Handshake.Client
{
***************
*** 59,71 ****
protected override void ProcessAsTls1()
{
! byte[] serverPRF = this.ReadBytes((int)Length);
! TlsStream hashes = new TlsStream();
!
! hashes.Write(this.Session.Context.HandshakeHashes.GetMD5Hash());
! hashes.Write(this.Session.Context.HandshakeHashes.GetSHAHash());
! byte[] clientPRF = this.Session.Context.Cipher.PRF(this.Session.Context.MasterSecret, "server finished", hashes.ToArray(), 12);
! hashes.Reset();
// Check server prf against client prf
--- 61,73 ----
protected override void ProcessAsTls1()
{
! byte[] serverPRF = this.ReadBytes((int)Length);
! HashAlgorithm hash = new MD5SHA1CryptoServiceProvider();
! hash.ComputeHash(
! Session.Context.HandshakeHashes.ToArray(),
! 0,
! (int)Session.Context.HandshakeHashes.Length);
! byte[] clientPRF = this.Session.Context.Cipher.PRF(this.Session.Context.MasterSecret, "server finished", hash.Hash, 12);
// Check server prf against client prf
***************
*** 82,86 ****
}
! this.Session.Context.HandshakeHashes.Clear();
}
--- 84,89 ----
}
! // Reset Hahdshake messages information
! this.Session.Context.HandshakeHashes.Reset();
}
Index: TlsServerKeyExchange.cs
===================================================================
RCS file: /cvsroot/pgsqlclient/pgsqlclient_10/Mono.Security.Protocol.Tls/Mono.Security.Protocol.Tls/Mono.Security.Protocol.Tls.Handshake/Mono.Security.Protocol.Tls.Handshake.Client/TlsServerKeyExchange.cs,v
retrieving revision 1.7
retrieving revision 1.8
diff -C2 -d -r1.7 -r1.8
*** TlsServerKeyExchange.cs 28 Oct 2003 16:12:30 -0000 1.7
--- TlsServerKeyExchange.cs 3 Nov 2003 08:53:20 -0000 1.8
***************
*** 26,29 ****
--- 26,30 ----
using System.Security.Cryptography;
+ using Mono.Security.Cryptography;
using Mono.Security.X509;
***************
*** 92,97 ****
private void verify()
{
! HashAlgorithm md5 = new MD5CryptoServiceProvider();
! HashAlgorithm sha = new SHA1CryptoServiceProvider();
// Create server params array
--- 93,97 ----
private void verify()
{
! HashAlgorithm hash = new MD5SHA1CryptoServiceProvider();
// Create server params array
***************
*** 103,114 ****
stream.Write(rsaParams.Exponent.Length);
stream.Write(rsaParams.Exponent);
- byte[] serverParams = stream.ToArray();
- stream.Reset();
! // Compute md5 and sha hashes
! TlsStream hash = new TlsStream();
! hash.Write(md5.ComputeHash(serverParams, 0, serverParams.Length));
! hash.Write(sha.ComputeHash(serverParams, 0, serverParams.Length));
// Calculate signature
--- 103,110 ----
stream.Write(rsaParams.Exponent.Length);
stream.Write(rsaParams.Exponent);
! hash.ComputeHash(stream.ToArray());
! stream.Reset();
// Calculate signature
***************
*** 118,122 ****
// Verify Signature
X509Certificate certificate = this.Session.Context.ServerSettings.ServerCertificates[0];
! certificate.CheckSignature(hash.ToArray(), "SHA1", this.signedParams);
}
--- 114,118 ----
// Verify Signature
X509Certificate certificate = this.Session.Context.ServerSettings.ServerCertificates[0];
! certificate.CheckSignature(hash.Hash, "SHA1", this.signedParams);
}
|
Update of /cvsroot/pgsqlclient/pgsqlclient_10/Mono.Security.Protocol.Tls/Mono.Security.Protocol.Tls/Mono.Security.Protocol.Tls.Handshake
In directory sc8-pr-cvs1:/tmp/cvs-serv17711
Modified Files:
TlsHandshakeMessage.cs
Removed Files:
TlsHandshakeHashes.cs
Log Message:
2003-11-03 Carlos Guzmán Álvarez <car...@te...>
* TlsHandshakeMessages.cs:
- Removed file.
* Mono.Security.Cryptography/MD5SHA1CryptoServiceProvider.cs:
- New class for md5-sha hash calculation.
* Mono.Security.Protocol.Tls.Handshake.Client/TlsClientFinished.cs:
* Mono.Security.Protocol.Tls.Handshake.Client/TlsServerFinished.cs:
* Mono.Security.Protocol.Tls.Handshake.Client/TlsServerKeyExchange.cs:
* Mono.Security.Protocol.Tls.Handshake.Client/TlsHandshakeMessage.cs:
- Make use of new MD5SHA1CryptoServiceProvider class.
* TlsSessionContext.cs:
- Changed handshakeHashes member to be an TlsStream.
Index: TlsHandshakeMessage.cs
===================================================================
RCS file: /cvsroot/pgsqlclient/pgsqlclient_10/Mono.Security.Protocol.Tls/Mono.Security.Protocol.Tls/Mono.Security.Protocol.Tls.Handshake/TlsHandshakeMessage.cs,v
retrieving revision 1.7
retrieving revision 1.8
diff -C2 -d -r1.7 -r1.8
*** TlsHandshakeMessage.cs 20 Oct 2003 10:00:35 -0000 1.7
--- TlsHandshakeMessage.cs 3 Nov 2003 08:53:20 -0000 1.8
***************
*** 111,115 ****
if (CanWrite)
{
! this.session.Context.HandshakeHashes.Update(this.EncodeMessage());
this.Reset();
}
--- 111,115 ----
if (CanWrite)
{
! this.session.Context.HandshakeHashes.Write(this.EncodeMessage());
this.Reset();
}
--- TlsHandshakeHashes.cs DELETED ---
|
|
From: <car...@us...> - 2003-11-01 10:31:32
|
Update of /cvsroot/pgsqlclient/pgsqlclient_10 In directory sc8-pr-cvs1:/tmp/cvs-serv16495 Modified Files: changelog.txt Log Message: 2003-11-01 Alban Colley <albancolley at users.sourceforge.net> * source/NPgClient/PgStatement.cs: * source/NPgClient/PgDbClient.cs: - Ref Cursor + Fetch Patch ( Patch #832503 ) Index: changelog.txt =================================================================== RCS file: /cvsroot/pgsqlclient/pgsqlclient_10/changelog.txt,v retrieving revision 1.67 retrieving revision 1.68 diff -C2 -d -r1.67 -r1.68 *** changelog.txt 28 Oct 2003 16:41:14 -0000 1.67 --- changelog.txt 1 Nov 2003 10:31:29 -0000 1.68 *************** *** 3,6 **** --- 3,15 ---- + 2003-11-01 Alban Colley <albancolley at users.sourceforge.net> + + + * source/NPgClient/PgStatement.cs: + * source/NPgClient/PgDbClient.cs: + + - Ref Cursor + Fetch Patch ( Patch #832503 ) + + 2003-10-28 Carlos Guzmán Álvarez <car...@te...> |
|
From: <car...@us...> - 2003-11-01 10:31:08
|
Update of /cvsroot/pgsqlclient/pgsqlclient_10/PostgreSql.Data.PgSqlClient/source/NPgClient In directory sc8-pr-cvs1:/tmp/cvs-serv16429 Modified Files: PgDbClient.cs PgStatement.cs Log Message: 2003-11-01 Alban Colley <albancolley at users.sourceforge.net> * source/NPgClient/PgStatement.cs: * source/NPgClient/PgDbClient.cs: - Ref Cursor + Fetch Patch ( Patch #832503 ) Index: PgDbClient.cs =================================================================== RCS file: /cvsroot/pgsqlclient/pgsqlclient_10/PostgreSql.Data.PgSqlClient/source/NPgClient/PgDbClient.cs,v retrieving revision 1.29 retrieving revision 1.30 diff -C2 -d -r1.29 -r1.30 *** PgDbClient.cs 26 Oct 2003 11:32:33 -0000 1.29 --- PgDbClient.cs 1 Nov 2003 10:31:05 -0000 1.30 *************** *** 702,705 **** --- 702,706 ---- types.Add(1562 , "varbit" , PgDataType.Byte , 0, 1, 0); types.Add(1700 , "numeric" , PgDataType.Decimal , 0, 0, 8); + types.Add(1790 , "refcursor" , PgDataType.VarChar , 0, 0, 0); types.Add(2277 , "anyarray" , PgDataType.Array , 0, 1, 8); } Index: PgStatement.cs =================================================================== RCS file: /cvsroot/pgsqlclient/pgsqlclient_10/PostgreSql.Data.PgSqlClient/source/NPgClient/PgStatement.cs,v retrieving revision 1.8 retrieving revision 1.9 diff -C2 -d -r1.8 -r1.9 *** PgStatement.cs 21 Sep 2003 22:35:21 -0000 1.8 --- PgStatement.cs 1 Nov 2003 10:31:05 -0000 1.9 *************** *** 660,663 **** --- 660,664 ---- switch (elements[0]) { + case "FETCH": case "SELECT": recordsAffected = -1; *************** *** 671,675 **** case "DELETE": case "MOVE": - case "FETCH": recordsAffected = Int32.Parse(elements[1]); break; --- 672,675 ---- |
|
From: <car...@us...> - 2003-10-28 16:41:37
|
Update of /cvsroot/pgsqlclient/pgsqlclient_10/Mono.Security.Protocol.Tls In directory sc8-pr-cvs1:/tmp/cvs-serv15456 Modified Files: changelog.txt Log Message: Updated changelog.txt Index: changelog.txt =================================================================== RCS file: /cvsroot/pgsqlclient/pgsqlclient_10/Mono.Security.Protocol.Tls/changelog.txt,v retrieving revision 1.2 retrieving revision 1.3 diff -C2 -d -r1.2 -r1.3 *** changelog.txt 24 Oct 2003 09:39:57 -0000 1.2 --- changelog.txt 28 Oct 2003 16:41:25 -0000 1.3 *************** *** 2,5 **** --- 2,23 ---- --------------- ----------- ----------------------------------------- + 2003-10-28 Carlos Guzmán Álvarez <car...@te...> + + * CipherSuite.cs: + * TlsSessionSettings.cs: + * TlsServerSettings.cs: + * Mono.Security.Protocol.Tls.Handshake.Client/TlsClientCertificateVerify.cs: + * Mono.Security.Protocol.Tls.Handshake.Client/TlsClientKeyExchange.cs: + * Mono.Security.Protocol.Tls.Handshake.Client/TlsServerCertificate.cs: + * Mono.Security.Protocol.Tls.Handshake.Client/TlsServerKeyExchange.cs: + + - Added changes for make use of X509 classes from mono. + + * Mono.Security/ASN1Convert.cs: + * Mono.Security.X509/*.*: + + - New files from mono for allow basic certificate validation. + + 2003-10-21 Carlos Guzmán Álvarez <car...@te...> |
|
From: <car...@us...> - 2003-10-28 16:41:18
|
Update of /cvsroot/pgsqlclient/pgsqlclient_10 In directory sc8-pr-cvs1:/tmp/cvs-serv15422 Modified Files: changelog.txt Log Message: Updated changelog.txt Index: changelog.txt =================================================================== RCS file: /cvsroot/pgsqlclient/pgsqlclient_10/changelog.txt,v retrieving revision 1.66 retrieving revision 1.67 diff -C2 -d -r1.66 -r1.67 *** changelog.txt 27 Oct 2003 18:47:15 -0000 1.66 --- changelog.txt 28 Oct 2003 16:41:14 -0000 1.67 *************** *** 3,6 **** --- 3,14 ---- + 2003-10-28 Carlos Guzmán Álvarez <car...@te...> + + * source/NPgClient/PgOutputPacket.cs: + * source/NPgClient/PgResponsePacket.cs: + + - Added fix for correct handling of timetz type. + + 2003-10-27 Carlos Guzmán Álvarez <car...@te...> |
|
From: <car...@us...> - 2003-10-28 16:13:27
|
Update of /cvsroot/pgsqlclient/pgsqlclient_10/Mono.Security.Protocol.Tls/Mono.Security.Protocol.Tls
In directory sc8-pr-cvs1:/tmp/cvs-serv10323
Modified Files:
CipherSuite.cs TlsServerSettings.cs
Log Message:
2003-10-28 Carlos Guzmán Álvarez <car...@te...>
* CipherSuite.cs:
* TlsSessionSettings.cs:
* TlsServerSettings.cs:
* Mono.Security.Protocol.Tls.Handshake.Client/TlsClientCertificateVerify.cs:
* Mono.Security.Protocol.Tls.Handshake.Client/TlsClientKeyExchange.cs:
* Mono.Security.Protocol.Tls.Handshake.Client/TlsServerCertificate.cs:
* Mono.Security.Protocol.Tls.Handshake.Client/TlsServerKeyExchange.cs:
- Added changes for make use of X509 classes from mono.
* Mono.Security/ASN1Convert.cs:
* Mono.Security.X509/*.*:
- New files from mono for allow basic certificate validation.
Index: CipherSuite.cs
===================================================================
RCS file: /cvsroot/pgsqlclient/pgsqlclient_10/Mono.Security.Protocol.Tls/Mono.Security.Protocol.Tls/CipherSuite.cs,v
retrieving revision 1.3
retrieving revision 1.4
diff -C2 -d -r1.3 -r1.4
*** CipherSuite.cs 24 Oct 2003 09:39:21 -0000 1.3
--- CipherSuite.cs 28 Oct 2003 16:13:16 -0000 1.4
***************
*** 27,34 ****
using System.Text;
using System.Security.Cryptography;
- using System.Security.Cryptography.X509Certificates;
using Mono.Security;
using Mono.Security.Cryptography;
namespace Mono.Security.Protocol.Tls
--- 27,34 ----
using System.Text;
using System.Security.Cryptography;
using Mono.Security;
using Mono.Security.Cryptography;
+ using Mono.Security.X509;
namespace Mono.Security.Protocol.Tls
***************
*** 186,211 ****
}
! public RSACryptoServiceProvider CreateRSA(X509Certificate certificate)
{
! RSAParameters rsaParams = new RSAParameters();
!
! // for RSA m_publickey contains 2 ASN.1 integers
! // the modulus and the public exponent
! ASN1 pubkey = new ASN1(certificate.GetPublicKey());
! ASN1 modulus = pubkey [0];
! if ((modulus == null) || (modulus.Tag != 0x02))
{
! return null;
}
! ASN1 exponent = pubkey [1];
! if (exponent.Tag != 0x02)
{
! return null;
}
!
! rsaParams.Modulus = getUnsignedBigInteger(modulus.Value);
! rsaParams.Exponent = exponent.Value;
!
! return CreateRSA(rsaParams);
}
--- 186,203 ----
}
! public RSA CreateRSA()
{
! RSA rsa;
! if (this.Context.ServerSettings.ServerKeyExchange)
{
! rsa = new RSACryptoServiceProvider();
! rsa.ImportParameters(this.Context.ServerSettings.RsaParameters);
}
! else
{
! rsa = this.Context.ServerSettings.ServerCertificates[0].RSA;
}
!
! return rsa;
}
Index: TlsServerSettings.cs
===================================================================
RCS file: /cvsroot/pgsqlclient/pgsqlclient_10/Mono.Security.Protocol.Tls/Mono.Security.Protocol.Tls/TlsServerSettings.cs,v
retrieving revision 1.1
retrieving revision 1.2
diff -C2 -d -r1.1 -r1.2
*** TlsServerSettings.cs 11 Oct 2003 10:04:20 -0000 1.1
--- TlsServerSettings.cs 28 Oct 2003 16:13:16 -0000 1.2
***************
*** 25,30 ****
using System;
using System.Security.Cryptography;
- using System.Security.Cryptography.X509Certificates;
using Mono.Security.Protocol.Tls.Handshake;
--- 25,30 ----
using System;
using System.Security.Cryptography;
+ using Mono.Security.X509;
using Mono.Security.Protocol.Tls.Handshake;
|
|
From: <car...@us...> - 2003-10-28 16:12:45
|
Update of /cvsroot/pgsqlclient/pgsqlclient_10/Mono.Security.Protocol.Tls/Mono.Security.Protocol.Tls/Mono.Security.Protocol.Tls.Handshake/Mono.Security.Protocol.Tls.Handshake.Client
In directory sc8-pr-cvs1:/tmp/cvs-serv9838
Modified Files:
TlsClientCertificateVerify.cs TlsClientKeyExchange.cs
TlsServerCertificate.cs TlsServerKeyExchange.cs
Log Message:
2003-10-28 Carlos Guzmán Álvarez <car...@te...>
* CipherSuite.cs:
* TlsSessionSettings.cs:
* TlsServerSettings.cs:
* Mono.Security.Protocol.Tls.Handshake.Client/TlsClientCertificateVerify.cs:
* Mono.Security.Protocol.Tls.Handshake.Client/TlsClientKeyExchange.cs:
* Mono.Security.Protocol.Tls.Handshake.Client/TlsServerCertificate.cs:
* Mono.Security.Protocol.Tls.Handshake.Client/TlsServerKeyExchange.cs:
- Added changes for make use of X509 classes from mono.
* Mono.Security/ASN1Convert.cs:
* Mono.Security.X509/*.*:
- New files from mono for allow basic certificate validation.
Index: TlsClientCertificateVerify.cs
===================================================================
RCS file: /cvsroot/pgsqlclient/pgsqlclient_10/Mono.Security.Protocol.Tls/Mono.Security.Protocol.Tls/Mono.Security.Protocol.Tls.Handshake/Mono.Security.Protocol.Tls.Handshake.Client/TlsClientCertificateVerify.cs,v
retrieving revision 1.2
retrieving revision 1.3
diff -C2 -d -r1.2 -r1.3
*** TlsClientCertificateVerify.cs 16 Oct 2003 14:25:57 -0000 1.2
--- TlsClientCertificateVerify.cs 28 Oct 2003 16:12:30 -0000 1.3
***************
*** 53,57 ****
protected override void ProcessAsSsl3()
{
! throw new NotSupportedException();
}
--- 53,57 ----
protected override void ProcessAsSsl3()
{
! this.ProcessAsTls1();
}
***************
*** 59,62 ****
--- 59,63 ----
{
#warning "Process message here"
+ throw new NotSupportedException();
}
Index: TlsClientKeyExchange.cs
===================================================================
RCS file: /cvsroot/pgsqlclient/pgsqlclient_10/Mono.Security.Protocol.Tls/Mono.Security.Protocol.Tls/Mono.Security.Protocol.Tls.Handshake/Mono.Security.Protocol.Tls.Handshake.Client/TlsClientKeyExchange.cs,v
retrieving revision 1.8
retrieving revision 1.9
diff -C2 -d -r1.8 -r1.9
*** TlsClientKeyExchange.cs 24 Oct 2003 09:39:21 -0000 1.8
--- TlsClientKeyExchange.cs 28 Oct 2003 16:12:30 -0000 1.9
***************
*** 50,62 ****
// Create a new RSA key
! RSACryptoServiceProvider rsa = null;
! if (this.Session.Context.ServerSettings.ServerKeyExchange)
! {
! rsa = this.Session.Context.Cipher.CreateRSA(this.Session.Context.ServerSettings.RsaParameters);
! }
! else
! {
! rsa = this.Session.Context.Cipher.CreateRSA(this.Session.Context.ServerSettings.ServerCertificates[0]);
! }
// Encrypt premaster_sercret
--- 50,54 ----
// Create a new RSA key
! RSA rsa = this.Session.Context.Cipher.CreateRSA();
// Encrypt premaster_sercret
***************
*** 83,95 ****
// Create a new RSA key
! RSACryptoServiceProvider rsa = null;
! if (this.Session.Context.ServerSettings.ServerKeyExchange)
! {
! rsa = this.Session.Context.Cipher.CreateRSA(this.Session.Context.ServerSettings.RsaParameters);
! }
! else
! {
! rsa = this.Session.Context.Cipher.CreateRSA(this.Session.Context.ServerSettings.ServerCertificates[0]);
! }
// Encrypt premaster_sercret
--- 75,79 ----
// Create a new RSA key
! RSA rsa = this.Session.Context.Cipher.CreateRSA();
// Encrypt premaster_sercret
Index: TlsServerCertificate.cs
===================================================================
RCS file: /cvsroot/pgsqlclient/pgsqlclient_10/Mono.Security.Protocol.Tls/Mono.Security.Protocol.Tls/Mono.Security.Protocol.Tls.Handshake/Mono.Security.Protocol.Tls.Handshake.Client/TlsServerCertificate.cs,v
retrieving revision 1.6
retrieving revision 1.7
diff -C2 -d -r1.6 -r1.7
*** TlsServerCertificate.cs 22 Oct 2003 11:48:08 -0000 1.6
--- TlsServerCertificate.cs 28 Oct 2003 16:12:30 -0000 1.7
***************
*** 25,31 ****
using System;
using System.Security.Cryptography;
- using System.Security.Cryptography.X509Certificates;
using Mono.Security.Protocol.Tls.Alerts;
namespace Mono.Security.Protocol.Tls.Handshake.Client
--- 25,31 ----
using System;
using System.Security.Cryptography;
using Mono.Security.Protocol.Tls.Alerts;
+ using Mono.Security.X509;
namespace Mono.Security.Protocol.Tls.Handshake.Client
***************
*** 111,125 ****
// 1 step : Validate dates
! DateTime effectiveDate = DateTime.Parse(certificate.GetEffectiveDateString());
! DateTime expirationDate = DateTime.Parse(certificate.GetExpirationDateString());
! if (System.DateTime.Now < effectiveDate ||
! System.DateTime.Now > expirationDate)
{
! throw Session.CreateException("Certificate received FromBase64Transform the server expired.");
}
// 2 step: Validate CA
// 3 step: Validate digital sign
// 4 step: Validate domain name
--- 111,127 ----
// 1 step : Validate dates
! if (!certificate.WasCurrent(System.DateTime.Now))
{
! throw Session.CreateException("Certificate received from the server expired.");
}
// 2 step: Validate CA
+
// 3 step: Validate digital sign
+ if (!certificate.VerifySignature(certificate.RSA))
+ {
+ throw Session.CreateException("Certificate received from the server has invalid signature.");
+ }
// 4 step: Validate domain name
Index: TlsServerKeyExchange.cs
===================================================================
RCS file: /cvsroot/pgsqlclient/pgsqlclient_10/Mono.Security.Protocol.Tls/Mono.Security.Protocol.Tls/Mono.Security.Protocol.Tls.Handshake/Mono.Security.Protocol.Tls.Handshake.Client/TlsServerKeyExchange.cs,v
retrieving revision 1.6
retrieving revision 1.7
diff -C2 -d -r1.6 -r1.7
*** TlsServerKeyExchange.cs 22 Oct 2003 11:48:08 -0000 1.6
--- TlsServerKeyExchange.cs 28 Oct 2003 16:12:30 -0000 1.7
***************
*** 26,29 ****
--- 26,30 ----
using System.Security.Cryptography;
+ using Mono.Security.X509;
namespace Mono.Security.Protocol.Tls.Handshake.Client
***************
*** 54,58 ****
base.UpdateSession();
! this.Session.Context.ServerSettings.ServerKeyExchange = true;
this.Session.Context.ServerSettings.RsaParameters = this.rsaParams;
this.Session.Context.ServerSettings.SignedParams = this.signedParams;
--- 55,59 ----
base.UpdateSession();
! this.Session.Context.ServerSettings.ServerKeyExchange = true;
this.Session.Context.ServerSettings.RsaParameters = this.rsaParams;
this.Session.Context.ServerSettings.SignedParams = this.signedParams;
***************
*** 91,96 ****
private void verify()
{
! MD5CryptoServiceProvider md5 = new MD5CryptoServiceProvider();
! SHA1CryptoServiceProvider sha = new SHA1CryptoServiceProvider();
// Create server params array
--- 92,97 ----
private void verify()
{
! HashAlgorithm md5 = new MD5CryptoServiceProvider();
! HashAlgorithm sha = new SHA1CryptoServiceProvider();
// Create server params array
***************
*** 106,119 ****
// Compute md5 and sha hashes
! byte[] md5Hash = md5.ComputeHash(serverParams, 0, serverParams.Length);
! byte[] shaHash = sha.ComputeHash(serverParams, 0, serverParams.Length);
// Calculate signature
! RSACryptoServiceProvider rsa = new RSACryptoServiceProvider(rsaParams.Modulus.Length << 3);
rsa.ImportParameters(rsaParams);
! #warning "Verify Signature here"
!
! // RSAPKCS1SignatureDeformatter rsaDeformatter = new RSAPKCS1SignatureDeformatter(rsa);
}
--- 107,122 ----
// Compute md5 and sha hashes
! TlsStream hash = new TlsStream();
!
! hash.Write(md5.ComputeHash(serverParams, 0, serverParams.Length));
! hash.Write(sha.ComputeHash(serverParams, 0, serverParams.Length));
// Calculate signature
! RSA rsa = new RSACryptoServiceProvider(rsaParams.Modulus.Length << 3);
rsa.ImportParameters(rsaParams);
! // Verify Signature
! X509Certificate certificate = this.Session.Context.ServerSettings.ServerCertificates[0];
! certificate.CheckSignature(hash.ToArray(), "SHA1", this.signedParams);
}
|
Update of /cvsroot/pgsqlclient/pgsqlclient_10/Mono.Security.Protocol.Tls/Mono.Security.Protocol.Tls/Mono.Security/Mono.Security.X509 In directory sc8-pr-cvs1:/tmp/cvs-serv9611 Added Files: ITrustAnchors.cs TrustAnchors.cs X501Name.cs X509Builder.cs X509Certificate.cs X509CertificateBuilder.cs X509CertificateCollection.cs X509Chain.cs X509Extension.cs X509Extensions.cs X520Attributes.cs Log Message: 2003-10-28 Carlos Guzmán Álvarez <car...@te...> * CipherSuite.cs: * TlsSessionSettings.cs: * TlsServerSettings.cs: * Mono.Security.Protocol.Tls.Handshake.Client/TlsClientCertificateVerify.cs: * Mono.Security.Protocol.Tls.Handshake.Client/TlsClientKeyExchange.cs: * Mono.Security.Protocol.Tls.Handshake.Client/TlsServerCertificate.cs: * Mono.Security.Protocol.Tls.Handshake.Client/TlsServerKeyExchange.cs: - Added changes for make use of X509 classes from mono. * Mono.Security/ASN1Convert.cs: * Mono.Security.X509/*.*: - New files from mono for allow basic certificate validation. --- NEW FILE: ITrustAnchors.cs --- // // ITrustAnchors.cs: Trust Anchors Interface // // Author: // Sebastien Pouliot (spo...@mo...) // // (C) 2003 Motus Technologies Inc. (http://www.motus.com) // using System; namespace Mono.Security.X509 { internal interface ITrustAnchors { X509CertificateCollection Anchors { get; } } } --- NEW FILE: TrustAnchors.cs --- // // TrustAnchors.cs: "Official" default Trust Anchors for Mono // // Author: // Sebastien Pouliot (spo...@mo...) // // (C) 2003 Motus Technologies Inc. (http://www.motus.com) // using System; namespace Mono.Security.X509 { internal class TrustAnchors : ITrustAnchors { static byte[] msroot = { 0x30, 0x82, 0x04, 0x12, 0x30, 0x82, 0x02, 0xFA, 0xA0, 0x03, 0x02, 0x01, 0x02, 0x02, 0x0F, 0x00, 0xC1, 0x00, 0x8B, 0x3C, 0x3C, 0x88, 0x11, 0xD1, 0x3E, 0xF6, 0x63, 0xEC, 0xDF, 0x40, 0x30, 0x0D, 0x06, 0x09, 0x2A, 0x86, 0x48, 0x86, 0xF7, 0x0D, 0x01, 0x01, 0x04, 0x05, 0x00, 0x30, 0x70, 0x31, 0x2B, 0x30, 0x29, 0x06, 0x03, 0x55, 0x04, 0x0B, 0x13, 0x22, 0x43, 0x6F, 0x70, 0x79, 0x72, 0x69, 0x67, 0x68, 0x74, 0x20, 0x28, 0x63, 0x29, 0x20, 0x31, 0x39, 0x39, 0x37, 0x20, 0x4D, 0x69, 0x63, 0x72, 0x6F, 0x73, 0x6F, 0x66, 0x74, 0x20, 0x43, 0x6F, 0x72, 0x70, 0x2E, 0x31, 0x1E, 0x30, 0x1C, 0x06, 0x03, 0x55, 0x04, 0x0B, 0x13, 0x15, 0x4D, 0x69, 0x63, 0x72, 0x6F, 0x73, 0x6F, 0x66, 0x74, 0x20, 0x43, 0x6F, 0x72, 0x70, 0x6F, 0x72, 0x61, 0x74, 0x69, 0x6F, 0x6E, 0x31, 0x21, 0x30, 0x1F, 0x06, 0x03, 0x55, 0x04, 0x03, 0x13, 0x18, 0x4D, 0x69, 0x63, 0x72, 0x6F, 0x73, 0x6F, 0x66, 0x74, 0x20, 0x52, 0x6F, 0x6F, 0x74, 0x20, 0x41, 0x75, 0x74, 0x68, 0x6F, 0x72, 0x69, 0x74, 0x79, 0x30, 0x1E, 0x17, 0x0D, 0x39, 0x37, 0x30, 0x31, 0x31, 0x30, 0x30, 0x37, 0x30, 0x30, 0x30, 0x30, 0x5A, 0x17, 0x0D, 0x32, 0x30, 0x31, 0x32, 0x33, 0x31, 0x30, 0x37, 0x30, 0x30, 0x30, 0x30, 0x5A, 0x30, 0x70, 0x31, 0x2B, 0x30, 0x29, 0x06, 0x03, 0x55, 0x04, 0x0B, 0x13, 0x22, 0x43, 0x6F, 0x70, 0x79, 0x72, 0x69, 0x67, 0x68, 0x74, 0x20, 0x28, 0x63, 0x29, 0x20, 0x31, 0x39, 0x39, 0x37, 0x20, 0x4D, 0x69, 0x63, 0x72, 0x6F, 0x73, 0x6F, 0x66, 0x74, 0x20, 0x43, 0x6F, 0x72, 0x70, 0x2E, 0x31, 0x1E, 0x30, 0x1C, 0x06, 0x03, 0x55, 0x04, 0x0B, 0x13, 0x15, 0x4D, 0x69, 0x63, 0x72, 0x6F, 0x73, 0x6F, 0x66, 0x74, 0x20, 0x43, 0x6F, 0x72, 0x70, 0x6F, 0x72, 0x61, 0x74, 0x69, 0x6F, 0x6E, 0x31, 0x21, 0x30, 0x1F, 0x06, 0x03, 0x55, 0x04, 0x03, 0x13, 0x18, 0x4D, 0x69, 0x63, 0x72, 0x6F, 0x73, 0x6F, 0x66, 0x74, 0x20, 0x52, 0x6F, 0x6F, 0x74, 0x20, 0x41, 0x75, 0x74, 0x68, 0x6F, 0x72, 0x69, 0x74, 0x79, 0x30, 0x82, 0x01, 0x22, 0x30, 0x0D, 0x06, 0x09, 0x2A, 0x86, 0x48, 0x86, 0xF7, 0x0D, 0x01, 0x01, 0x01, 0x05, 0x00, 0x03, 0x82, 0x01, 0x0F, 0x00, 0x30, 0x82, 0x01, 0x0A, 0x02, 0x82, 0x01, 0x01, 0x00, 0xA9, 0x02, 0xBD, 0xC1, 0x70, 0xE6, 0x3B, 0xF2, 0x4E, 0x1B, 0x28, 0x9F, 0x97, 0x78, 0x5E, 0x30, 0xEA, 0xA2, 0xA9, 0x8D, 0x25, 0x5F, 0xF8, 0xFE, 0x95, 0x4C, 0xA3, 0xB7, 0xFE, 0x9D, 0xA2, 0x20, 0x3E, 0x7C, 0x51, 0xA2, 0x9B, 0xA2, 0x8F, 0x60, 0x32, 0x6B, 0xD1, 0x42, 0x64, 0x79, 0xEE, 0xAC, 0x76, 0xC9, 0x54, 0xDA, 0xF2, 0xEB, 0x9C, 0x86, 0x1C, 0x8F, 0x9F, 0x84, 0x66, 0xB3, 0xC5, 0x6B, 0x7A, 0x62, 0x23, 0xD6, 0x1D, 0x3C, 0xDE, 0x0F, 0x01, 0x92, 0xE8, 0x96, 0xC4, 0xBF, 0x2D, 0x66, 0x9A, 0x9A, 0x68, 0x26, 0x99, 0xD0, 0x3A, 0x2C, 0xBF, 0x0C, 0xB5, 0x58, 0x26, 0xC1, 0x46, 0xE7, 0x0A, 0x3E, 0x38, 0x96, 0x2C, 0xA9, 0x28, 0x39, 0xA8, 0xEC, 0x49, 0x83, 0x42, 0xE3, 0x84, 0x0F, 0xBB, 0x9A, 0x6C, 0x55, 0x61, 0xAC, 0x82, 0x7C, 0xA1, 0x60, 0x2D, 0x77, 0x4C, 0xE9, 0x99, 0xB4, 0x64, 0x3B, 0x9A, 0x50, 0x1C, 0x31, 0x08, 0x24, 0x14, 0x9F, 0xA9, 0xE7, 0x91, 0x2B, 0x18, 0xE6, 0x3D, 0x98, 0x63, 0x14, 0x60, 0x58, 0x05, 0x65, 0x9F, 0x1D, 0x37, 0x52, 0x87, 0xF7, 0xA7, 0xEF, 0x94, 0x02, 0xC6, 0x1B, 0xD3, 0xBF, 0x55, 0x45, 0xB3, 0x89, 0x80, 0xBF, 0x3A, 0xEC, 0x54, 0x94, 0x4E, 0xAE, 0xFD, 0xA7, 0x7A, 0x6D, 0x74, 0x4E, 0xAF, 0x18, 0xCC, 0x96, 0x09, 0x28, 0x21, 0x00, 0x57, 0x90, 0x60, 0x69, 0x37, 0xBB, 0x4B, 0x12, 0x07, 0x3C, 0x56, 0xFF, 0x5B, 0xFB, 0xA4, 0x66, 0x0A, 0x08, 0xA6, 0xD2, 0x81, 0x56, 0x57, 0xEF, 0xB6, 0x3B, 0x5E, 0x16, 0x81, 0x77, 0x04, 0xDA, 0xF6, 0xBE, 0xAE, 0x80, 0x95, 0xFE, 0xB0, 0xCD, 0x7F, 0xD6, 0xA7, 0x1A, 0x72, 0x5C, 0x3C, 0xCA, 0xBC, 0xF0, 0x08, 0xA3, 0x22, 0x30, 0xB3, 0x06, 0x85, 0xC9, 0xB3, 0x20, 0x77, 0x13, 0x85, 0xDF, 0x02, 0x03, 0x01, 0x00, 0x01, 0xA3, 0x81, 0xA8, 0x30, 0x81, 0xA5, 0x30, 0x81, 0xA2, 0x06, 0x03, 0x55, 0x1D, 0x01, 0x04, 0x81, 0x9A, 0x30, 0x81, 0x97, 0x80, 0x10, 0x5B, 0xD0, 0x70, 0xEF, 0x69, 0x72, 0x9E, 0x23, 0x51, 0x7E, 0x14, 0xB2, 0x4D, 0x8E, 0xFF, 0xCB, 0xA1, 0x72, 0x30, 0x70, 0x31, 0x2B, 0x30, 0x29, 0x06, 0x03, 0x55, 0x04, 0x0B, 0x13, 0x22, 0x43, 0x6F, 0x70, 0x79, 0x72, 0x69, 0x67, 0x68, 0x74, 0x20, 0x28, 0x63, 0x29, 0x20, 0x31, 0x39, 0x39, 0x37, 0x20, 0x4D, 0x69, 0x63, 0x72, 0x6F, 0x73, 0x6F, 0x66, 0x74, 0x20, 0x43, 0x6F, 0x72, 0x70, 0x2E, 0x31, 0x1E, 0x30, 0x1C, 0x06, 0x03, 0x55, 0x04, 0x0B, 0x13, 0x15, 0x4D, 0x69, 0x63, 0x72, 0x6F, 0x73, 0x6F, 0x66, 0x74, 0x20, 0x43, 0x6F, 0x72, 0x70, 0x6F, 0x72, 0x61, 0x74, 0x69, 0x6F, 0x6E, 0x31, 0x21, 0x30, 0x1F, 0x06, 0x03, 0x55, 0x04, 0x03, 0x13, 0x18, 0x4D, 0x69, 0x63, 0x72, 0x6F, 0x73, 0x6F, 0x66, 0x74, 0x20, 0x52, 0x6F, 0x6F, 0x74, 0x20, 0x41, 0x75, 0x74, 0x68, 0x6F, 0x72, 0x69, 0x74, 0x79, 0x82, 0x0F, 0x00, 0xC1, 0x00, 0x8B, 0x3C, 0x3C, 0x88, 0x11, 0xD1, 0x3E, 0xF6, 0x63, 0xEC, 0xDF, 0x40, 0x30, 0x0D, 0x06, 0x09, 0x2A, 0x86, 0x48, 0x86, 0xF7, 0x0D, 0x01, 0x01, 0x04, 0x05, 0x00, 0x03, 0x82, 0x01, 0x01, 0x00, 0x95, 0xE8, 0x0B, 0xC0, 0x8D, 0xF3, 0x97, 0x18, 0x35, 0xED, 0xB8, 0x01, 0x24, 0xD8, 0x77, 0x11, 0xF3, 0x5C, 0x60, 0x32, 0x9F, 0x9E, 0x0B, 0xCB, 0x3E, 0x05, 0x91, 0x88, 0x8F, 0xC9, 0x3A, 0xE6, 0x21, 0xF2, 0xF0, 0x57, 0x93, 0x2C, 0xB5, 0xA0, 0x47, 0xC8, 0x62, 0xEF, 0xFC, 0xD7, 0xCC, 0x3B, 0x3B, 0x5A, 0xA9, 0x36, 0x54, 0x69, 0xFE, 0x24, 0x6D, 0x3F, 0xC9, 0xCC, 0xAA, 0xDE, 0x05, 0x7C, 0xDD, 0x31, 0x8D, 0x3D, 0x9F, 0x10, 0x70, 0x6A, 0xBB, 0xFE, 0x12, 0x4F, 0x18, 0x69, 0xC0, 0xFC, 0xD0, 0x43, 0xE3, 0x11, 0x5A, 0x20, 0x4F, 0xEA, 0x62, 0x7B, 0xAF, 0xAA, 0x19, 0xC8, 0x2B, 0x37, 0x25, 0x2D, 0xBE, 0x65, 0xA1, 0x12, 0x8A, 0x25, 0x0F, 0x63, 0xA3, 0xF7, 0x54, 0x1C, 0xF9, 0x21, 0xC9, 0xD6, 0x15, 0xF3, 0x52, 0xAC, 0x6E, 0x43, 0x32, 0x07, 0xFD, 0x82, 0x17, 0xF8, 0xE5, 0x67, 0x6C, 0x0D, 0x51, 0xF6, 0xBD, 0xF1, 0x52, 0xC7, 0xBD, 0xE7, 0xC4, 0x30, 0xFC, 0x20, 0x31, 0x09, 0x88, 0x1D, 0x95, 0x29, 0x1A, 0x4D, 0xD5, 0x1D, 0x02, 0xA5, 0xF1, 0x80, 0xE0, 0x03, 0xB4, 0x5B, 0xF4, 0xB1, 0xDD, 0xC8, 0x57, 0xEE, 0x65, 0x49, 0xC7, 0x52, 0x54, 0xB6, 0xB4, 0x03, 0x28, 0x12, 0xFF, 0x90, 0xD6, 0xF0, 0x08, 0x8F, 0x7E, 0xB8, 0x97, 0xC5, 0xAB, 0x37, 0x2C, 0xE4, 0x7A, 0xE4, 0xA8, 0x77, 0xE3, 0x76, 0xA0, 0x00, 0xD0, 0x6A, 0x3F, 0xC1, 0xD2, 0x36, 0x8A, 0xE0, 0x41, 0x12, 0xA8, 0x35, 0x6A, 0x1B, 0x6A, 0xDB, 0x35, 0xE1, 0xD4, 0x1C, 0x04, 0xE4, 0xA8, 0x45, 0x04, 0xC8, 0x5A, 0x33, 0x38, 0x6E, 0x4D, 0x1C, 0x0D, 0x62, 0xB7, 0x0A, 0xA2, 0x8C, 0xD3, 0xD5, 0x54, 0x3F, 0x46, 0xCD, 0x1C, 0x55, 0xA6, 0x70, 0xDB, 0x12, 0x3A, 0x87, 0x93, 0x75, 0x9F, 0xA7, 0xD2, 0xA0 }; static byte[] verisign = { 0x30, 0x82, 0x02, 0x40, 0x30, 0x82, 0x01, 0xA9, 0x02, 0x10, 0x03, 0xC7, 0x8F, 0x37, 0xDB, 0x92, 0x28, 0xDF, 0x3C, 0xBB, 0x1A, 0xAD, 0x82, 0xFA, 0x67, 0x10, 0x30, 0x0D, 0x06, 0x09, 0x2A, 0x86, 0x48, 0x86, 0xF7, 0x0D, 0x01, 0x01, 0x02, 0x05, 0x00, 0x30, 0x61, 0x31, 0x11, 0x30, 0x0F, 0x06, 0x03, 0x55, 0x04, 0x07, 0x13, 0x08, 0x49, 0x6E, 0x74, 0x65, 0x72, 0x6E, 0x65, 0x74, 0x31, 0x17, 0x30, 0x15, 0x06, 0x03, 0x55, 0x04, 0x0A, 0x13, 0x0E, 0x56, 0x65, 0x72, 0x69, 0x53, 0x69, 0x67, 0x6E, 0x2C, 0x20, 0x49, 0x6E, 0x63, 0x2E, 0x31, 0x33, 0x30, 0x31, 0x06, 0x03, 0x55, 0x04, 0x0B, 0x13, 0x2A, 0x56, 0x65, 0x72, 0x69, 0x53, 0x69, 0x67, 0x6E, 0x20, 0x43, 0x6F, 0x6D, 0x6D, 0x65, 0x72, 0x63, 0x69, 0x61, 0x6C, 0x20, 0x53, 0x6F, 0x66, 0x74, 0x77, 0x61, 0x72, 0x65, 0x20, 0x50, 0x75, 0x62, 0x6C, 0x69, 0x73, 0x68, 0x65, 0x72, 0x73, 0x20, 0x43, 0x41, 0x30, 0x1E, 0x17, 0x0D, 0x39, 0x36, 0x30, 0x34, 0x30, 0x39, 0x30, 0x30, 0x30, 0x30, 0x30, 0x30, 0x5A, 0x17, 0x0D, 0x30, 0x34, 0x30, 0x31, 0x30, 0x37, 0x32, 0x33, 0x35, 0x39, 0x35, 0x39, 0x5A, 0x30, 0x61, 0x31, 0x11, 0x30, 0x0F, 0x06, 0x03, 0x55, 0x04, 0x07, 0x13, 0x08, 0x49, 0x6E, 0x74, 0x65, 0x72, 0x6E, 0x65, 0x74, 0x31, 0x17, 0x30, 0x15, 0x06, 0x03, 0x55, 0x04, 0x0A, 0x13, 0x0E, 0x56, 0x65, 0x72, 0x69, 0x53, 0x69, 0x67, 0x6E, 0x2C, 0x20, 0x49, 0x6E, 0x63, 0x2E, 0x31, 0x33, 0x30, 0x31, 0x06, 0x03, 0x55, 0x04, 0x0B, 0x13, 0x2A, 0x56, 0x65, 0x72, 0x69, 0x53, 0x69, 0x67, 0x6E, 0x20, 0x43, 0x6F, 0x6D, 0x6D, 0x65, 0x72, 0x63, 0x69, 0x61, 0x6C, 0x20, 0x53, 0x6F, 0x66, 0x74, 0x77, 0x61, 0x72, 0x65, 0x20, 0x50, 0x75, 0x62, 0x6C, 0x69, 0x73, 0x68, 0x65, 0x72, 0x73, 0x20, 0x43, 0x41, 0x30, 0x81, 0x9F, 0x30, 0x0D, 0x06, 0x09, 0x2A, 0x86, 0x48, 0x86, 0xF7, 0x0D, 0x01, 0x01, 0x01, 0x05, 0x00, 0x03, 0x81, 0x8D, 0x00, 0x30, 0x81, 0x89, 0x02, 0x81, 0x81, 0x00, 0xC3, 0xD3, 0x69, 0x65, 0x52, 0x01, 0x94, 0x54, 0xAB, 0x28, 0xC6, 0x62, 0x18, 0xB3, 0x54, 0x55, 0xC5, 0x44, 0x87, 0x45, 0x4A, 0x3B, 0xC2, 0x7E, 0xD8, 0xD3, 0xD7, 0xC8, 0x80, 0x86, 0x8D, 0xD8, 0x0C, 0xF1, 0x16, 0x9C, 0xCC, 0x6B, 0xA9, 0x29, 0xB2, 0x8F, 0x76, 0x73, 0x92, 0xC8, 0xC5, 0x62, 0xA6, 0x3C, 0xED, 0x1E, 0x05, 0x75, 0xF0, 0x13, 0x00, 0x6C, 0x14, 0x4D, 0xD4, 0x98, 0x90, 0x07, 0xBE, 0x69, 0x73, 0x81, 0xB8, 0x62, 0x4E, 0x31, 0x1E, 0xD1, 0xFC, 0xC9, 0x0C, 0xEB, 0x7D, 0x90, 0xBF, 0xAE, 0xB4, 0x47, 0x51, 0xEC, 0x6F, 0xCE, 0x64, 0x35, 0x02, 0xD6, 0x7D, 0x67, 0x05, 0x77, 0xE2, 0x8F, 0xD9, 0x51, 0xD7, 0xFB, 0x97, 0x19, 0xBC, 0x3E, 0xD7, 0x77, 0x81, 0xC6, 0x43, 0xDD, 0xF2, 0xDD, 0xDF, 0xCA, 0xA3, 0x83, 0x8B, 0xCB, 0x41, 0xC1, 0x3D, 0x22, 0x48, 0x48, 0xA6, 0x19, 0x02, 0x03, 0x01, 0x00, 0x01, 0x30, 0x0D, 0x06, 0x09, 0x2A, 0x86, 0x48, 0x86, 0xF7, 0x0D, 0x01, 0x01, 0x02, 0x05, 0x00, 0x03, 0x81, 0x81, 0x00, 0xB5, 0xBC, 0xB0, 0x75, 0x6A, 0x89, 0xA2, 0x86, 0xBD, 0x64, 0x78, 0xC3, 0xA7, 0x32, 0x75, 0x72, 0x11, 0xAA, 0x26, 0x02, 0x17, 0x60, 0x30, 0x4C, 0xE3, 0x48, 0x34, 0x19, 0xB9, 0x52, 0x4A, 0x51, 0x18, 0x80, 0xFE, 0x53, 0x2D, 0x7B, 0xD5, 0x31, 0x8C, 0xC5, 0x65, 0x99, 0x41, 0x41, 0x2F, 0xF2, 0xAE, 0x63, 0x7A, 0xE8, 0x73, 0x99, 0x15, 0x90, 0x1A, 0x1F, 0x7A, 0x8B, 0x41, 0xD0, 0x8E, 0x3A, 0xD0, 0xCD, 0x38, 0x34, 0x44, 0xD0, 0x75, 0xF8, 0xEA, 0x71, 0xC4, 0x81, 0x19, 0x38, 0x17, 0x35, 0x4A, 0xAE, 0xC5, 0x3E, 0x32, 0xE6, 0x21, 0xB8, 0x05, 0xC0, 0x93, 0xE1, 0xC7, 0x38, 0x5C, 0xD8, 0xF7, 0x93, 0x38, 0x64, 0x90, 0xED, 0x54, 0xCE, 0xCA, 0xD3, 0xD3, 0xD0, 0x5F, 0xEF, 0x04, 0x9B, 0xDE, 0x02, 0x82, 0xDD, 0x88, 0x29, 0xB1, 0xC3, 0x4F, 0xA5, 0xCD, 0x71, 0x64, 0x31, 0x3C, 0x3C }; static byte[] verisign_ts_root = { 0x30, 0x82, 0x02, 0xBC, 0x30, 0x82, 0x02, 0x25, 0x02, 0x10, 0x4A, 0x19, 0xD2, 0x38, 0x8C, 0x82, 0x59, 0x1C, 0xA5, 0x5D, 0x73, 0x5F, 0x15, 0x5D, 0xDC, 0xA3, 0x30, 0x0D, 0x06, 0x09, 0x2A, 0x86, 0x48, 0x86, 0xF7, 0x0D, 0x01, 0x01, 0x04, 0x05, 0x00, 0x30, 0x81, 0x9E, 0x31, 0x1F, 0x30, 0x1D, 0x06, 0x03, 0x55, 0x04, 0x0A, 0x13, 0x16, 0x56, 0x65, 0x72, 0x69, 0x53, 0x69, 0x67, 0x6E, 0x20, 0x54, 0x72, 0x75, 0x73, 0x74, 0x20, 0x4E, 0x65, 0x74, 0x77, 0x6F, 0x72, 0x6B, 0x31, 0x17, 0x30, 0x15, 0x06, 0x03, 0x55, 0x04, 0x0B, 0x13, 0x0E, 0x56, 0x65, 0x72, 0x69, 0x53, 0x69, 0x67, 0x6E, 0x2C, 0x20, 0x49, 0x6E, 0x63, 0x2E, 0x31, 0x2C, 0x30, 0x2A, 0x06, 0x03, 0x55, 0x04, 0x0B, 0x13, 0x23, 0x56, 0x65, 0x72, 0x69, 0x53, 0x69, 0x67, 0x6E, 0x20, 0x54, 0x69, 0x6D, 0x65, 0x20, 0x53, 0x74, 0x61, 0x6D, 0x70, 0x69, 0x6E, 0x67, 0x20, 0x53, 0x65, 0x72, 0x76, 0x69, 0x63, 0x65, 0x20, 0x52, 0x6F, 0x6F, 0x74, 0x31, 0x34, 0x30, 0x32, 0x06, 0x03, 0x55, 0x04, 0x0B, 0x13, 0x2B, 0x4E, 0x4F, 0x20, 0x4C, 0x49, 0x41, 0x42, 0x49, 0x4C, 0x49, 0x54, 0x59, 0x20, 0x41, 0x43, 0x43, 0x45, 0x50, 0x54, 0x45, 0x44, 0x2C, 0x20, 0x28, 0x63, 0x29, 0x39, 0x37, 0x20, 0x56, 0x65, 0x72, 0x69, 0x53, 0x69, 0x67, 0x6E, 0x2C, 0x20, 0x49, 0x6E, 0x63, 0x2E, 0x30, 0x1E, 0x17, 0x0D, 0x39, 0x37, 0x30, 0x35, 0x31, 0x32, 0x30, 0x30, 0x30, 0x30, 0x30, 0x30, 0x5A, 0x17, 0x0D, 0x30, 0x34, 0x30, 0x31, 0x30, 0x37, 0x32, 0x33, 0x35, 0x39, 0x35, 0x39, 0x5A, 0x30, 0x81, 0x9E, 0x31, 0x1F, 0x30, 0x1D, 0x06, 0x03, 0x55, 0x04, 0x0A, 0x13, 0x16, 0x56, 0x65, 0x72, 0x69, 0x53, 0x69, 0x67, 0x6E, 0x20, 0x54, 0x72, 0x75, 0x73, 0x74, 0x20, 0x4E, 0x65, 0x74, 0x77, 0x6F, 0x72, 0x6B, 0x31, 0x17, 0x30, 0x15, 0x06, 0x03, 0x55, 0x04, 0x0B, 0x13, 0x0E, 0x56, 0x65, 0x72, 0x69, 0x53, 0x69, 0x67, 0x6E, 0x2C, 0x20, 0x49, 0x6E, 0x63, 0x2E, 0x31, 0x2C, 0x30, 0x2A, 0x06, 0x03, 0x55, 0x04, 0x0B, 0x13, 0x23, 0x56, 0x65, 0x72, 0x69, 0x53, 0x69, 0x67, 0x6E, 0x20, 0x54, 0x69, 0x6D, 0x65, 0x20, 0x53, 0x74, 0x61, 0x6D, 0x70, 0x69, 0x6E, 0x67, 0x20, 0x53, 0x65, 0x72, 0x76, 0x69, 0x63, 0x65, 0x20, 0x52, 0x6F, 0x6F, 0x74, 0x31, 0x34, 0x30, 0x32, 0x06, 0x03, 0x55, 0x04, 0x0B, 0x13, 0x2B, 0x4E, 0x4F, 0x20, 0x4C, 0x49, 0x41, 0x42, 0x49, 0x4C, 0x49, 0x54, 0x59, 0x20, 0x41, 0x43, 0x43, 0x45, 0x50, 0x54, 0x45, 0x44, 0x2C, 0x20, 0x28, 0x63, 0x29, 0x39, 0x37, 0x20, 0x56, 0x65, 0x72, 0x69, 0x53, 0x69, 0x67, 0x6E, 0x2C, 0x20, 0x49, 0x6E, 0x63, 0x2E, 0x30, 0x81, 0x9F, 0x30, 0x0D, 0x06, 0x09, 0x2A, 0x86, 0x48, 0x86, 0xF7, 0x0D, 0x01, 0x01, 0x01, 0x05, 0x00, 0x03, 0x81, 0x8D, 0x00, 0x30, 0x81, 0x89, 0x02, 0x81, 0x81, 0x00, 0xD3, 0x2E, 0x20, 0xF0, 0x68, 0x7C, 0x2C, 0x2D, 0x2E, 0x81, 0x1C, 0xB1, 0x06, 0xB2, 0xA7, 0x0B, 0xB7, 0x11, 0x0D, 0x57, 0xDA, 0x53, 0xD8, 0x75, 0xE3, 0xC9, 0x33, 0x2A, 0xB2, 0xD4, 0xF6, 0x09, 0x5B, 0x34, 0xF3, 0xE9, 0x90, 0xFE, 0x09, 0x0C, 0xD0, 0xDB, 0x1B, 0x5A, 0xB9, 0xCD, 0xE7, 0xF6, 0x88, 0xB1, 0x9D, 0xC0, 0x87, 0x25, 0xEB, 0x7D, 0x58, 0x10, 0x73, 0x6A, 0x78, 0xCB, 0x71, 0x15, 0xFD, 0xC6, 0x58, 0xF6, 0x29, 0xAB, 0x58, 0x5E, 0x96, 0x04, 0xFD, 0x2D, 0x62, 0x11, 0x58, 0x81, 0x1C, 0xCA, 0x71, 0x94, 0xD5, 0x22, 0x58, 0x2F, 0xD5, 0xCC, 0x14, 0x05, 0x84, 0x36, 0xBA, 0x94, 0xAA, 0xB4, 0x4D, 0x4A, 0xE9, 0xEE, 0x3B, 0x22, 0xAD, 0x56, 0x99, 0x7E, 0x21, 0x9C, 0x6C, 0x86, 0xC0, 0x4A, 0x47, 0x97, 0x6A, 0xB4, 0xA6, 0x36, 0xD5, 0xFC, 0x09, 0x2D, 0xD3, 0xB4, 0x39, 0x9B, 0x02, 0x03, 0x01, 0x00, 0x01, 0x30, 0x0D, 0x06, 0x09, 0x2A, 0x86, 0x48, 0x86, 0xF7, 0x0D, 0x01, 0x01, 0x04, 0x05, 0x00, 0x03, 0x81, 0x81, 0x00, 0x61, 0x55, 0x0E, 0x3E, 0x7B, 0xC7, 0x92, 0x12, 0x7E, 0x11, 0x10, 0x8E, 0x22, 0xCC, 0xD4, 0xB3, 0x13, 0x2B, 0x5B, 0xE8, 0x44, 0xE4, 0x0B, 0x78, 0x9E, 0xA4, 0x7E, 0xF3, 0xA7, 0x07, 0x72, 0x1E, 0xE2, 0x59, 0xEF, 0xCC, 0x84, 0xE3, 0x89, 0x94, 0x4C, 0xDB, 0x4E, 0x61, 0xEF, 0xB3, 0xA4, 0xFB, 0x46, 0x3D, 0x50, 0x34, 0x0B, 0x9F, 0x70, 0x56, 0xF6, 0x8E, 0x2A, 0x7F, 0x17, 0xCE, 0xE5, 0x63, 0xBF, 0x79, 0x69, 0x07, 0x73, 0x2E, 0xB0, 0x95, 0x28, 0x8A, 0xF5, 0xED, 0xAA, 0xA9, 0xD2, 0x5D, 0xCD, 0x0A, 0xCA, 0x10, 0x09, 0x8F, 0xCE, 0xB3, 0xAF, 0x28, 0x96, 0xC4, 0x79, 0x29, 0x84, 0x92, 0xDC, 0xFF, 0xBA, 0x67, 0x42, 0x48, 0xA6, 0x90, 0x10, 0xE4, 0xBF, 0x61, 0xF8, 0x9C, 0x53, 0xE5, 0x93, 0xD1, 0x73, 0x3F, 0xF8, 0xFD, 0x9D, 0x4F, 0x84, 0xAC, 0x55, 0xD1, 0xFD, 0x11, 0x63, 0x63 }; // old verisign code signing certificate (96-99) using MD2 // still valid because of the timestamps static byte[] oldverisign = { 0x30, 0x82, 0x02, 0x35, 0x30, 0x82, 0x01, 0x9E, 0x02, 0x05, 0x02, 0xB4, 0x00, 0x00, 0x01, 0x30, 0x0D, 0x06, 0x09, 0x2A, 0x86, 0x48, 0x86, 0xF7, 0x0D, 0x01, 0x01, 0x02, 0x05, 0x00, 0x30, 0x61, 0x31, 0x11, 0x30, 0x0F, 0x06, 0x03, 0x55, 0x04, 0x07, 0x13, 0x08, 0x49, 0x6E, 0x74, 0x65, 0x72, 0x6E, 0x65, 0x74, 0x31, 0x17, 0x30, 0x15, 0x06, 0x03, 0x55, 0x04, 0x0A, 0x13, 0x0E, 0x56, 0x65, 0x72, 0x69, 0x53, 0x69, 0x67, 0x6E, 0x2C, 0x20, 0x49, 0x6E, 0x63, 0x2E, 0x31, 0x33, 0x30, 0x31, 0x06, 0x03, 0x55, 0x04, 0x0B, 0x13, 0x2A, 0x56, 0x65, 0x72, 0x69, 0x53, 0x69, 0x67, 0x6E, 0x20, 0x43, 0x6F, 0x6D, 0x6D, 0x65, 0x72, 0x63, 0x69, 0x61, 0x6C, 0x20, 0x53, 0x6F, 0x66, 0x74, 0x77, 0x61, 0x72, 0x65, 0x20, 0x50, 0x75, 0x62, 0x6C, 0x69, 0x73, 0x68, 0x65, 0x72, 0x73, 0x20, 0x43, 0x41, 0x30, 0x1E, 0x17, 0x0D, 0x39, 0x36, 0x30, 0x34, 0x30, 0x39, 0x30, 0x39, 0x33, 0x35, 0x35, 0x39, 0x5A, 0x17, 0x0D, 0x39, 0x39, 0x31, 0x32, 0x33, 0x31, 0x30, 0x39, 0x33, 0x35, 0x35, 0x38, 0x5A, 0x30, 0x61, 0x31, 0x11, 0x30, 0x0F, 0x06, 0x03, 0x55, 0x04, 0x07, 0x13, 0x08, 0x49, 0x6E, 0x74, 0x65, 0x72, 0x6E, 0x65, 0x74, 0x31, 0x17, 0x30, 0x15, 0x06, 0x03, 0x55, 0x04, 0x0A, 0x13, 0x0E, 0x56, 0x65, 0x72, 0x69, 0x53, 0x69, 0x67, 0x6E, 0x2C, 0x20, 0x49, 0x6E, 0x63, 0x2E, 0x31, 0x33, 0x30, 0x31, 0x06, 0x03, 0x55, 0x04, 0x0B, 0x13, 0x2A, 0x56, 0x65, 0x72, 0x69, 0x53, 0x69, 0x67, 0x6E, 0x20, 0x43, 0x6F, 0x6D, 0x6D, 0x65, 0x72, 0x63, 0x69, 0x61, 0x6C, 0x20, 0x53, 0x6F, 0x66, 0x74, 0x77, 0x61, 0x72, 0x65, 0x20, 0x50, 0x75, 0x62, 0x6C, 0x69, 0x73, 0x68, 0x65, 0x72, 0x73, 0x20, 0x43, 0x41, 0x30, 0x81, 0x9F, 0x30, 0x0D, 0x06, 0x09, 0x2A, 0x86, 0x48, 0x86, 0xF7, 0x0D, 0x01, 0x01, 0x01, 0x05, 0x00, 0x03, 0x81, 0x8D, 0x00, 0x30, 0x81, 0x89, 0x02, 0x81, 0x81, 0x00, 0xC3, 0xD3, 0x69, 0x65, 0x52, 0x01, 0x94, 0x54, 0xAB, 0x28, 0xC6, 0x62, 0x18, 0xB3, 0x54, 0x55, 0xC5, 0x44, 0x87, 0x45, 0x4A, 0x3B, 0xC2, 0x7E, 0xD8, 0xD3, 0xD7, 0xC8, 0x80, 0x86, 0x8D, 0xD8, 0x0C, 0xF1, 0x16, 0x9C, 0xCC, 0x6B, 0xA9, 0x29, 0xB2, 0x8F, 0x76, 0x73, 0x92, 0xC8, 0xC5, 0x62, 0xA6, 0x3C, 0xED, 0x1E, 0x05, 0x75, 0xF0, 0x13, 0x00, 0x6C, 0x14, 0x4D, 0xD4, 0x98, 0x90, 0x07, 0xBE, 0x69, 0x73, 0x81, 0xB8, 0x62, 0x4E, 0x31, 0x1E, 0xD1, 0xFC, 0xC9, 0x0C, 0xEB, 0x7D, 0x90, 0xBF, 0xAE, 0xB4, 0x47, 0x51, 0xEC, 0x6F, 0xCE, 0x64, 0x35, 0x02, 0xD6, 0x7D, 0x67, 0x05, 0x77, 0xE2, 0x8F, 0xD9, 0x51, 0xD7, 0xFB, 0x97, 0x19, 0xBC, 0x3E, 0xD7, 0x77, 0x81, 0xC6, 0x43, 0xDD, 0xF2, 0xDD, 0xDF, 0xCA, 0xA3, 0x83, 0x8B, 0xCB, 0x41, 0xC1, 0x3D, 0x22, 0x48, 0x48, 0xA6, 0x19, 0x02, 0x03, 0x01, 0x00, 0x01, 0x30, 0x0D, 0x06, 0x09, 0x2A, 0x86, 0x48, 0x86, 0xF7, 0x0D, 0x01, 0x01, 0x02, 0x05, 0x00, 0x03, 0x81, 0x81, 0x00, 0x31, 0xBB, 0x30, 0xC5, 0x6F, 0xA7, 0xBE, 0x23, 0x26, 0x6D, 0xA5, 0x99, 0x76, 0x68, 0xC5, 0x2A, 0x03, 0x28, 0x4B, 0xF3, 0x89, 0xB0, 0x99, 0x03, 0x32, 0x5B, 0x94, 0xA1, 0x7B, 0xC1, 0xC8, 0x19, 0xD7, 0xF4, 0x95, 0x6C, 0xAC, 0x73, 0x24, 0x0A, 0xCB, 0x44, 0x05, 0x7D, 0x78, 0xEE, 0xFA, 0xF6, 0xA7, 0x9F, 0x87, 0xA4, 0x7F, 0xE8, 0xF3, 0x4B, 0x4F, 0x32, 0x30, 0x30, 0x15, 0x08, 0x17, 0x01, 0xB2, 0x80, 0xFC, 0xA1, 0xD9, 0x24, 0x87, 0xA5, 0x00, 0x5F, 0xCD, 0xDD, 0x29, 0xC8, 0xA1, 0xA5, 0xCA, 0x58, 0x75, 0x39, 0x60, 0x45, 0x1F, 0xDE, 0x8D, 0xD6, 0x57, 0x08, 0xD3, 0xC0, 0x1B, 0x81, 0xC2, 0xD9, 0xE2, 0x00, 0x8C, 0xEC, 0x0A, 0x91, 0x02, 0xC6, 0x9D, 0x36, 0x74, 0x9A, 0x83, 0x6B, 0xEF, 0x7C, 0x8C, 0xD2, 0xA5, 0x2A, 0x6A, 0xC9, 0x7E, 0xDB, 0xA9, 0xBD, 0x2B, 0x22, 0xFF, 0x1C }; static internal X509CertificateCollection coll; static TrustAnchors () { coll = new X509CertificateCollection (); coll.Add (new X509Certificate (msroot)); coll.Add (new X509Certificate (verisign)); coll.Add (new X509Certificate (verisign_ts_root)); } public X509CertificateCollection Anchors { get { return coll; } } } } --- NEW FILE: X501Name.cs --- // // X501Name.cs: X.501 Distinguished Names stuff // // Author: // Sebastien Pouliot (spo...@mo...) // // (C) 2002, 2003 Motus Technologies Inc. (http://www.motus.com) // using System; using System.Text; using Mono.Security; namespace Mono.Security.X509 { // References: // 1. Information technology - Open Systems Interconnection - The Directory: Models // http://www.itu.int/rec/recommendation.asp?type=items&lang=e&parent=T-REC-X.501-200102-I // 2. RFC2253: Lightweight Directory Access Protocol (v3): UTF-8 String Representation of Distinguished Names // http://www.ietf.org/rfc/rfc2253.txt /* * Name ::= CHOICE { RDNSequence } * * RDNSequence ::= SEQUENCE OF RelativeDistinguishedName * * RelativeDistinguishedName ::= SET OF AttributeTypeAndValue */ internal class X501 { static byte[] countryName = { 0x55, 0x04, 0x06 }; static byte[] organizationName = { 0x55, 0x04, 0x0A }; static byte[] organizationalUnitName = { 0x55, 0x04, 0x0B }; static byte[] commonName = { 0x55, 0x04, 0x03 }; static byte[] localityName = { 0x55, 0x04, 0x07 }; static byte[] stateOrProvinceName = { 0x55, 0x04, 0x08 }; static byte[] streetAddress = { 0x55, 0x04, 0x09 }; static byte[] serialNumber = { 0x55, 0x04, 0x05 }; static byte[] domainComponent = { 0x09, 0x92, 0x26, 0x89, 0x93, 0xF2, 0x2C, 0x64, 0x01, 0x19 }; static byte[] userid = { 0x09, 0x92, 0x26, 0x89, 0x93, 0xF2, 0x2C, 0x64, 0x01, 0x01 }; static byte[] email = { 0x2a, 0x86, 0x48, 0x86, 0xf7, 0x0d, 0x01, 0x09, 0x01 }; static public string ToString (ASN1 seq) { StringBuilder sb = new StringBuilder (); for (int i = 0; i < seq.Count; i++) { ASN1 entry = seq [i]; ASN1 pair = entry [0]; ASN1 s = pair [1]; if (s == null) continue; ASN1 poid = pair [0]; if (poid == null) continue; if (poid.CompareValue (countryName)) sb.Append ("C="); else if (poid.CompareValue (organizationName)) sb.Append ("O="); else if (poid.CompareValue (organizationalUnitName)) sb.Append ("OU="); else if (poid.CompareValue (commonName)) sb.Append ("CN="); else if (poid.CompareValue (localityName)) sb.Append ("L="); else if (poid.CompareValue (stateOrProvinceName)) sb.Append ("S="); // NOTE: RFC2253 uses ST= else if (poid.CompareValue (streetAddress)) sb.Append ("STREET="); else if (poid.CompareValue (domainComponent)) sb.Append ("DC="); else if (poid.CompareValue (userid)) sb.Append ("UID="); else if (poid.CompareValue (email)) sb.Append ("E="); // NOTE: Not part of RFC2253 else { // unknown OID sb.Append ("OID."); // NOTE: Not present as RFC2253 sb.Append (ASN1Convert.ToOID (poid)); sb.Append ("="); } string sValue = null; // 16bits or 8bits string ? TODO not complete (+special chars!) if (s.Tag == 0x1E) { // BMPSTRING StringBuilder sb2 = new StringBuilder (); for (int j = 1; j < s.Value.Length; j+=2) sb2.Append ((char) s.Value[j]); sValue = sb2.ToString (); } else { sValue = System.Text.Encoding.UTF8.GetString (s.Value); // in some cases we must quote (") the value // Note: this doesn't seems to conform to RFC2253 char[] specials = { ',', '+', '"', '\\', '<', '>', ';' }; if (sValue.IndexOfAny(specials, 0, sValue.Length) > 0) sValue = "\"" + sValue + "\""; else if (sValue.StartsWith (" ")) sValue = "\"" + sValue + "\""; else if (sValue.EndsWith (" ")) sValue = "\"" + sValue + "\""; } sb.Append (sValue); // separator (not on last iteration) if (i < seq.Count - 1) sb.Append (", "); } return sb.ToString (); } static private X520.AttributeTypeAndValue GetAttributeFromOID (string attributeType) { switch (attributeType.ToUpper ().Trim ()) { case "C": return new X520.CountryName (); case "O": return new X520.OrganizationName (); case "OU": return new X520.OrganizationalUnitName (); case "CN": return new X520.CommonName (); case "L": return new X520.LocalityName (); case "S": // Microsoft case "ST": // RFC2253 return new X520.StateOrProvinceName (); case "DC": // return streetAddress; case "UID": // return domainComponent; default: return null; } } static public ASN1 FromString (string rdn) { if (rdn == null) throw new ArgumentNullException ("rdn"); // get string from here to ',' or end of string int start = 0; int end = 0; ASN1 asn1 = new ASN1 (0x30); while (start < rdn.Length) { end = rdn.IndexOf (',', end) + 1; if (end == 0) end = rdn.Length + 1; string av = rdn.Substring (start, end - start - 1); // get '=' position in substring int equal = av.IndexOf ('='); // get AttributeType string attributeType = av.Substring (0, equal); // get value string attributeValue = av.Substring (equal + 1); X520.AttributeTypeAndValue atv = GetAttributeFromOID (attributeType); atv.Value = attributeValue; asn1.Add (new ASN1 (0x31, atv.GetBytes ())); // next part start = end; if (start != - 1) { if (end > rdn.Length) break; } } return asn1; } } } --- NEW FILE: X509Builder.cs --- using System; using System.Security.Cryptography; using Mono.Security; namespace Mono.Security.X509 { public abstract class X509Builder { private const string defaultHash = "SHA1"; private string hashName; public X509Builder () { hashName = defaultHash; } protected abstract ASN1 ToBeSigned (string hashName); // move to PKCS1 protected string GetOID (string hashName) { switch (hashName.ToLower ()) { case "md2": // md2withRSAEncryption (1 2 840 113549 1 1 2) return "1.2.840.113549.1.1.2"; case "md4": // md4withRSAEncryption (1 2 840 113549 1 1 3) return "1.2.840.113549.1.1.3"; case "md5": // md5withRSAEncryption (1 2 840 113549 1 1 4) return "1.2.840.113549.1.1.4"; case "sha1": // sha1withRSAEncryption (1 2 840 113549 1 1 5) return "1.2.840.113549.1.1.5"; case "sha256": // sha256WithRSAEncryption OBJECT IDENTIFIER ::= { pkcs-1 11 } return "1.2.840.113549.1.1.11"; case "sha384": // sha384WithRSAEncryption OBJECT IDENTIFIER ::= { pkcs-1 12 } return "1.2.840.113549.1.1.12"; case "sha512": // sha512WithRSAEncryption OBJECT IDENTIFIER ::= { pkcs-1 13 } return "1.2.840.113549.1.1.13"; default: throw new NotSupportedException ("Unknown hash algorithm " + hashName); } } public string Hash { get { return hashName; } set { if (hashName == null) hashName = defaultHash; else hashName = value; } } public virtual byte[] Sign (AsymmetricAlgorithm aa) { if (aa is RSA) return Sign (aa as RSA); else if (aa is DSA) return Sign (aa as DSA); else throw new NotSupportedException ("Unknown Asymmetric Algorithm " + aa.ToString()); } private byte[] Build (ASN1 tbs, string hashoid, byte[] signature) { ASN1 builder = new ASN1 (0x30); builder.Add (tbs); builder.Add (PKCS7.AlgorithmIdentifier (hashoid)); // first byte of BITSTRING is the number of unused bits in the first byte byte[] bitstring = new byte [signature.Length + 1]; Array.Copy (signature, 0, bitstring, 1, signature.Length); builder.Add (new ASN1 (0x03, bitstring)); return builder.GetBytes (); } public virtual byte[] Sign (RSA key) { string oid = GetOID (hashName); ASN1 tbs = ToBeSigned (oid); HashAlgorithm ha = HashAlgorithm.Create (hashName); byte[] hash = ha.ComputeHash (tbs.GetBytes ()); RSAPKCS1SignatureFormatter pkcs1 = new RSAPKCS1SignatureFormatter (key); pkcs1.SetHashAlgorithm (hashName); byte[] signature = pkcs1.CreateSignature (hash); return Build (tbs, oid, signature); } public virtual byte[] Sign (DSA key) { string oid = "1.2.840.10040.4.3"; ASN1 tbs = ToBeSigned (oid); HashAlgorithm ha = HashAlgorithm.Create (hashName); if (!(ha is SHA1)) throw new NotSupportedException ("Only SHA-1 is supported for DSA"); byte[] hash = ha.ComputeHash (tbs.GetBytes ()); DSASignatureFormatter dsa = new DSASignatureFormatter (key); dsa.SetHashAlgorithm (hashName); byte[] rs = dsa.CreateSignature (hash); // split R and S byte[] r = new byte [20]; Array.Copy (rs, 0, r, 0, 20); byte[] s = new byte [20]; Array.Copy (rs, 20, s, 0, 20); ASN1 signature = new ASN1 (0x30); signature.Add (new ASN1 (0x02, r)); signature.Add (new ASN1 (0x02, s)); // dsaWithSha1 (1 2 840 10040 4 3) return Build (tbs, oid, signature.GetBytes ()); } } } --- NEW FILE: X509Certificate.cs --- // // X509Certificates.cs: Handles X.509 certificates. // // Author: // Sebastien Pouliot (spo...@mo...) // // (C) 2002, 2003 Motus Technologies Inc. (http://www.motus.com) // using System; using System.Security.Cryptography; using SSCX = System.Security.Cryptography.X509Certificates; using System.Text; namespace Mono.Security.X509 { // References: // a. Internet X.509 Public Key Infrastructure Certificate and CRL Profile // http://www.ietf.org/rfc/rfc3280.txt // b. ITU ASN.1 standards (free download) // http://www.itu.int/ITU-T/studygroups/com17/languages/ internal class X509Certificate { private ASN1 decoder; private byte[] m_encodedcert; private DateTime m_from; private DateTime m_until; private string m_issuername; private string m_keyalgo; private byte[] m_keyalgoparams; private string m_subject; private byte[] m_publickey; private byte[] signature; private string m_signaturealgo; private byte[] m_signaturealgoparams; // from http://www.ietf.org/rfc/rfc2459.txt // //Certificate ::= SEQUENCE { // tbsCertificate TBSCertificate, // signatureAlgorithm AlgorithmIdentifier, // signature BIT STRING } // //TBSCertificate ::= SEQUENCE { // version [0] Version DEFAULT v1, // serialNumber CertificateSerialNumber, // signature AlgorithmIdentifier, // issuer Name, // validity Validity, // subject Name, // subjectPublicKeyInfo SubjectPublicKeyInfo, // issuerUniqueID [1] IMPLICIT UniqueIdentifier OPTIONAL, // -- If present, version shall be v2 or v3 // subjectUniqueID [2] IMPLICIT UniqueIdentifier OPTIONAL, // -- If present, version shall be v2 or v3 // extensions [3] Extensions OPTIONAL // -- If present, version shall be v3 -- } private int version; private byte[] serialnumber; private byte[] issuerUniqueID; private byte[] subjectUniqueID; private X509Extensions extensions; // that's were the real job is! private void Parse (byte[] data) { string e = "Input data cannot be coded as a valid certificate."; try { decoder = new ASN1 (data); // Certificate if (decoder.Tag != 0x30) throw new CryptographicException (e); // Certificate / TBSCertificate if (decoder [0].Tag != 0x30) throw new CryptographicException (e); ASN1 tbsCertificate = decoder [0]; int tbs = 0; // Certificate / TBSCertificate / Version ASN1 v = decoder [0][tbs]; version = 1; // DEFAULT v1 if (v.Tag == 0xA0) { // version (optional) is present only in v2+ certs version += v.Value [0]; // zero based tbs++; } // Certificate / TBSCertificate / CertificateSerialNumber ASN1 sn = decoder [0][tbs++]; if (sn.Tag != 0x02) throw new CryptographicException (e); serialnumber = sn.Value; Array.Reverse (serialnumber, 0, serialnumber.Length); // Certificate / TBSCertificate / AlgorithmIdentifier ASN1 signatureAlgo = tbsCertificate.Element (tbs++, 0x30); ASN1 issuer = tbsCertificate.Element (tbs++, 0x30); m_issuername = X501.ToString (issuer); ASN1 validity = tbsCertificate.Element (tbs++, 0x30); ASN1 notBefore = validity [0]; m_from = ASN1Convert.ToDateTime (notBefore); ASN1 notAfter = validity [1]; m_until = ASN1Convert.ToDateTime (notAfter); ASN1 subject = tbsCertificate.Element (tbs++, 0x30); m_subject = X501.ToString (subject); ASN1 subjectPublicKeyInfo = tbsCertificate.Element (tbs++, 0x30); ASN1 algorithm = subjectPublicKeyInfo.Element (0, 0x30); ASN1 algo = algorithm.Element (0, 0x06); m_keyalgo = ASN1Convert.ToOID (algo); // parameters ANY DEFINED BY algorithm OPTIONAL // so we dont ask for a specific (Element) type and return DER ASN1 parameters = algorithm [1]; m_keyalgoparams = parameters.GetBytes (); ASN1 subjectPublicKey = subjectPublicKeyInfo.Element (1, 0x03); // we must drop th first byte (which is the number of unused bits // in the BITSTRING) int n = subjectPublicKey.Length - 1; m_publickey = new byte [n]; Array.Copy (subjectPublicKey.Value, 1, m_publickey, 0, n); // signature processing byte[] bitstring = decoder [2].Value; // first byte contains unused bits in first byte signature = new byte [bitstring.Length - 1]; Array.Copy (bitstring, 1, signature, 0, signature.Length); algorithm = decoder [1]; algo = algorithm.Element (0, 0x06); m_signaturealgo = ASN1Convert.ToOID (algo); parameters = algorithm [1]; if (parameters != null) m_signaturealgoparams = parameters.GetBytes (); else m_signaturealgoparams = null; // Certificate / TBSCertificate / issuerUniqueID ASN1 issuerUID = tbsCertificate.Element (tbs, 0xA1); if (issuerUID != null) { tbs++; issuerUniqueID = issuerUID.Value; } // Certificate / TBSCertificate / subjectUniqueID ASN1 subjectUID = tbsCertificate.Element (tbs, 0xA2); if (subjectUID != null) { tbs++; subjectUniqueID = subjectUID.Value; } // Certificate / TBSCertificate / Extensions ASN1 extns = tbsCertificate.Element (tbs, 0xA3); if ((extns != null) && (extns.Count == 1)) extensions = new X509Extensions (extns [0]); else extensions = new X509Extensions (null); // keep a copy of the original data m_encodedcert = (byte[]) data.Clone (); } catch { throw new CryptographicException (e); } } // constructors public X509Certificate (byte[] data) { if (data != null) Parse (data); } private byte[] GetUnsignedBigInteger (byte[] integer) { if (integer [0] == 0x00) { // this first byte is added so we're sure it's an unsigned integer // however we can't feed it into RSAParameters or DSAParameters int length = integer.Length - 1; byte[] uinteger = new byte [length]; Array.Copy (integer, 1, uinteger, 0, length); return uinteger; } else return integer; } // public methods public DSA DSA { get { DSAParameters dsaParams = new DSAParameters (); // for DSA m_publickey contains 1 ASN.1 integer - Y ASN1 pubkey = new ASN1 (m_publickey); if ((pubkey == null) || (pubkey.Tag != 0x02)) return null; dsaParams.Y = GetUnsignedBigInteger (pubkey.Value); ASN1 param = new ASN1 (m_keyalgoparams); if ((param == null) || (param.Tag != 0x30) || (param.Count < 3)) return null; if ((param [0].Tag != 0x02) || (param [1].Tag != 0x02) || (param [2].Tag != 0x02)) return null; dsaParams.P = GetUnsignedBigInteger (param [0].Value); dsaParams.Q = GetUnsignedBigInteger (param [1].Value); dsaParams.G = GetUnsignedBigInteger (param [2].Value); // BUG: MS BCL 1.0 can't import a key which // isn't the same size as the one present in // the container. DSACryptoServiceProvider dsa = new DSACryptoServiceProvider (dsaParams.Y.Length << 3); dsa.ImportParameters (dsaParams); return (DSA) dsa; } } public X509Extensions Extensions { get { return extensions; } } public byte[] Hash { get { HashAlgorithm hash = null; switch (m_signaturealgo) { case "1.2.840.113549.1.1.2": // MD2 with RSA encryption // maybe someone installed MD2 ? hash = HashAlgorithm.Create ("MD2"); break; case "1.2.840.113549.1.1.4": // MD5 with RSA encryption hash = MD5.Create (); break; case "1.2.840.113549.1.1.5": // SHA-1 with RSA Encryption case "1.2.840.10040.4.3": // SHA1-1 with DSA hash = SHA1.Create (); break; default: return null; } try { byte[] toBeSigned = decoder [0].GetBytes (); return hash.ComputeHash (toBeSigned, 0, toBeSigned.Length); } catch { return null; } } } public virtual string IssuerName { get { return m_issuername; } } public virtual string KeyAlgorithm { get { return m_keyalgo; } } public virtual byte[] KeyAlgorithmParameters { get { return m_keyalgoparams; } } public virtual byte[] PublicKey { get { return m_publickey; } } public virtual RSA RSA { get { RSAParameters rsaParams = new RSAParameters (); // for RSA m_publickey contains 2 ASN.1 integers // the modulus and the public exponent ASN1 pubkey = new ASN1 (m_publickey); ASN1 modulus = pubkey [0]; if ((modulus == null) || (modulus.Tag != 0x02)) return null; ASN1 exponent = pubkey [1]; if (exponent.Tag != 0x02) return null; rsaParams.Modulus = GetUnsignedBigInteger (modulus.Value); rsaParams.Exponent = exponent.Value; // BUG: MS BCL 1.0 can't import a key which // isn't the same size as the one present in // the container. int keySize = (rsaParams.Modulus.Length << 3); RSACryptoServiceProvider rsa = new RSACryptoServiceProvider (keySize); rsa.ImportParameters (rsaParams); return (RSA)rsa; } } public virtual byte[] RawData { get { return (byte[]) m_encodedcert.Clone (); } } public virtual byte[] SerialNumber { get { return serialnumber; } } public virtual byte[] Signature { get { switch (m_signaturealgo) { case "1.2.840.113549.1.1.2": // MD2 with RSA encryption case "1.2.840.113549.1.1.4": // MD5 with RSA encryption case "1.2.840.113549.1.1.5": // SHA-1 with RSA Encryption return signature; case "1.2.840.10040.4.3": // SHA-1 with DSA ASN1 sign = new ASN1 (signature); if ((sign == null) || (sign.Count != 2)) return null; // parts may be less than 20 bytes (i.e. first bytes were 0x00) byte[] part1 = sign [0].Value; byte[] part2 = sign [1].Value; byte[] sig = new byte [40]; Array.Copy (part1, 0, sig, (20 - part1.Length), part1.Length); Array.Copy (part2, 0, sig, (40 - part2.Length), part2.Length); return sig; default: throw new CryptographicException ("Unsupported hash algorithm: " + m_signaturealgo); } } } public virtual string SignatureAlgorithm { get { return m_signaturealgo; } } public virtual byte[] SignatureAlgorithmParameters { get { return m_signaturealgoparams; } } public virtual string SubjectName { get { return m_subject; } } public virtual DateTime ValidFrom { get { return m_from; } } public virtual DateTime ValidUntil { get { return m_until; } } public int Version { get { return version; } } public bool IsCurrent { get { return WasCurrent (DateTime.UtcNow); } } public bool WasCurrent (DateTime date) { return ((date > ValidFrom) && (date <= ValidUntil)); } private byte[] GetHash (string hashName) { byte[] toBeSigned = decoder [0].GetBytes (); HashAlgorithm ha = HashAlgorithm.Create (hashName); return ha.ComputeHash (toBeSigned); } public bool VerifySignature (DSA dsa) { // signatureOID is check by both this.Hash and this.Signature DSASignatureDeformatter v = new DSASignatureDeformatter (dsa); // only SHA-1 is supported v.SetHashAlgorithm ("SHA1"); return v.VerifySignature (this.Hash, this.Signature); } internal bool VerifySignature (RSA rsa) { RSAPKCS1SignatureDeformatter v = new RSAPKCS1SignatureDeformatter (rsa); switch (m_signaturealgo) { // MD2 with RSA encryption case "1.2.840.113549.1.1.2": // maybe someone installed MD2 ? v.SetHashAlgorithm ("MD2"); break; // MD5 with RSA encryption case "1.2.840.113549.1.1.4": v.SetHashAlgorithm ("MD5"); break; // SHA-1 with RSA Encryption case "1.2.840.113549.1.1.5": v.SetHashAlgorithm ("SHA1"); break; default: throw new CryptographicException ("Unsupported hash algorithm: " + m_signaturealgo); } return v.VerifySignature (this.Hash, this.Signature); } public bool VerifySignature (AsymmetricAlgorithm aa) { if (aa is RSA) return VerifySignature (aa as RSA); else if (aa is DSA) return VerifySignature (aa as DSA); else throw new NotSupportedException ("Unknown Asymmetric Algorithm " + aa.ToString ()); } public bool CheckSignature (byte[] hash, string hashAlgorithm, byte[] signature) { RSACryptoServiceProvider r = (RSACryptoServiceProvider) RSA; return r.VerifyHash (hash, hashAlgorithm, signature); } public bool IsSelfSigned { get { if (m_issuername == m_subject) return VerifySignature (RSA); else return false; } } } } --- NEW FILE: X509CertificateBuilder.cs --- // // X509CertificateBuilder.cs: Handles building of X.509 certificates. // // Author: // Sebastien Pouliot (spo...@mo...) // // (C) 2003 Motus Technologies Inc. (http://www.motus.com) using System; using System.Security.Cryptography; namespace Mono.Security.X509 { // From RFC3280 /* * Certificate ::= SEQUENCE { * tbsCertificate TBSCertificate, * signatureAlgorithm AlgorithmIdentifier, * signature BIT STRING * } * TBSCertificate ::= SEQUENCE { * version [0] Version DEFAULT v1, * serialNumber CertificateSerialNumber, * signature AlgorithmIdentifier, * issuer Name, * validity Validity, * subject Name, * subjectPublicKeyInfo SubjectPublicKeyInfo, * issuerUniqueID [1] IMPLICIT UniqueIdentifier OPTIONAL, * -- If present, version MUST be v2 or v3 * subjectUniqueID [2] IMPLICIT UniqueIdentifier OPTIONAL, * -- If present, version MUST be v2 or v3 * extensions [3] Extensions OPTIONAL * -- If present, version MUST be v3 -- * } * Version ::= INTEGER { v1(0), v2(1), v3(2) } * CertificateSerialNumber ::= INTEGER * Validity ::= SEQUENCE { * notBefore Time, * notAfter Time * } * Time ::= CHOICE { * utcTime UTCTime, * generalTime GeneralizedTime * } */ public class X509CertificateBuilder : X509Builder { private byte version; private byte[] sn; private string issuer; private DateTime notBefore; private DateTime notAfter; private string subject; private AsymmetricAlgorithm aa; private byte[] issuerUniqueID; private byte[] subjectUniqueID; private X509Extensions extensions; public X509CertificateBuilder () : this (3) {} public X509CertificateBuilder (byte version) { if (version > 3) throw new ArgumentException ("Invalid certificate version"); this.version = version; extensions = new X509Extensions (); } public byte Version { get { return version; } set { version = value; } } public byte[] SerialNumber { get { return sn; } set { sn = value; } } public string IssuerName { get { return issuer; } set { issuer = value; } } public DateTime NotBefore { get { return notBefore; } set { notBefore = value; } } public DateTime NotAfter { get { return notAfter; } set { notAfter = value; } } public string SubjectName { get { return subject; } set { subject = value; } } public AsymmetricAlgorithm SubjectPublicKey { get { return aa; } set { aa = value; } } public byte[] IssuerUniqueID { get { return issuerUniqueID; } set { issuerUniqueID = value; } } public byte[] SubjectUniqueID { get { return subjectUniqueID; } set { subjectUniqueID = value; } } public X509Extensions Extensions { get { return extensions; } } /* SubjectPublicKeyInfo ::= SEQUENCE { * algorithm AlgorithmIdentifier, * subjectPublicKey BIT STRING } */ private ASN1 SubjectPublicKeyInfo () { ASN1 keyInfo = new ASN1 (0x30); if (aa is RSA) { keyInfo.Add (PKCS7.AlgorithmIdentifier ("1.2.840.113549.1.1.1")); RSAParameters p = (aa as RSA).ExportParameters (false); /* RSAPublicKey ::= SEQUENCE { * modulus INTEGER, -- n * publicExponent INTEGER } -- e */ ASN1 key = new ASN1 (0x30); key.Add (ASN1Convert.FromUnsignedBigInteger (p.Modulus)); key.Add (ASN1Convert.FromUnsignedBigInteger (p.Exponent)); keyInfo.Add (new ASN1 (UniqueIdentifier (key.GetBytes ()))); } else if (aa is DSA) { DSAParameters p = (aa as DSA).ExportParameters (false); /* Dss-Parms ::= SEQUENCE { * p INTEGER, * q INTEGER, * g INTEGER } */ ASN1 param = new ASN1 (0x30); param.Add (ASN1Convert.FromUnsignedBigInteger (p.P)); param.Add (ASN1Convert.FromUnsignedBigInteger (p.Q)); param.Add (ASN1Convert.FromUnsignedBigInteger (p.G)); keyInfo.Add (PKCS7.AlgorithmIdentifier ("1.2.840.10040.4.1", param)); ASN1 key = keyInfo.Add (new ASN1 (0x03)); // DSAPublicKey ::= INTEGER -- public key, y key.Add (ASN1Convert.FromUnsignedBigInteger (p.Y)); } else throw new NotSupportedException ("Unknown Asymmetric Algorithm " + aa.ToString ()); return keyInfo; } private byte[] UniqueIdentifier (byte[] id) { // UniqueIdentifier ::= BIT STRING ASN1 uid = new ASN1 (0x03); // first byte in a BITSTRING is the number of unused bits in the first byte byte[] v = new byte [id.Length + 1]; Array.Copy (id, 0, v, 1, id.Length); uid.Value = v; return uid.GetBytes (); } protected override ASN1 ToBeSigned (string oid) { // TBSCertificate ASN1 tbsCert = new ASN1 (0x30); if (version > 1) { // TBSCertificate / [0] Version DEFAULT v1, byte[] ver = { (byte)(version - 1) }; ASN1 v = tbsCert.Add (new ASN1 (0xA0)); v.Add (new ASN1 (0x02, ver)); } // TBSCertificate / CertificateSerialNumber, tbsCert.Add (new ASN1 (0x02, sn)); // TBSCertificate / AlgorithmIdentifier, tbsCert.Add (PKCS7.AlgorithmIdentifier (oid)); // TBSCertificate / Name tbsCert.Add (X501.FromString (issuer)); // TBSCertificate / Validity ASN1 validity = tbsCert.Add (new ASN1 (0x30)); // TBSCertificate / Validity / Time validity.Add (ASN1Convert.FromDateTime (notBefore)); // TBSCertificate / Validity / Time validity.Add (ASN1Convert.FromDateTime (notAfter)); // TBSCertificate / Name tbsCert.Add (X501.FromString (subject)); // TBSCertificate / SubjectPublicKeyInfo ASN1 keyInfo = tbsCert.Add (SubjectPublicKeyInfo ()); if (version > 1) { // TBSCertificate / [1] IMPLICIT UniqueIdentifier OPTIONAL if (issuerUniqueID != null) tbsCert.Add (new ASN1 (0xA1, UniqueIdentifier (issuerUniqueID))); // TBSCertificate / [2] IMPLICIT UniqueIdentifier OPTIONAL if (subjectUniqueID != null) tbsCert.Add (new ASN1 (0xA1, UniqueIdentifier (subjectUniqueID))); // TBSCertificate / [3] Extensions OPTIONAL if ((version > 2) && (extensions.Count > 0)) tbsCert.Add (new ASN1 (0xA3, extensions.GetBytes ())); } return tbsCert; } } } --- NEW FILE: X509CertificateCollection.cs --- // // Based on System.Security.Cryptography.X509Certificates.X509CertificateCollection // in System assembly // // Authors: // Lawrence Pit (lo...@ca...) // Sebastien Pouliot (spo...@mo...) // using System; using System.Collections; namespace Mono.Security.X509 { [Serializable] internal class X509CertificateCollection : CollectionBase, IEnumerable { public X509CertificateCollection () {} public X509CertificateCollection (X509Certificate [] value) { AddRange (value); } public X509CertificateCollection (X509CertificateCollection value) { AddRange (value); } // Properties public X509Certificate this [int index] { get { return (X509Certificate) InnerList [index]; } set { InnerList [index] = value; } } // Methods public int Add (X509Certificate value) { if (value == null) throw new ArgumentNullException ("value"); return InnerList.Add (value); } public void AddRange (X509Certificate [] value) { if (value == null) throw new ArgumentNullException ("value"); for (int i = 0; i < value.Length; i++) InnerList.Add (value [i]); } public void AddRange (X509CertificateCollection value) { if (value == null) throw new ArgumentNullException ("value"); for (int i = 0; i < value.InnerList.Count; i++) InnerList.Add (value [i]); } public bool Contains (X509Certificate value) { return InnerList.Contains (value); } public void CopyTo (X509Certificate[] array, int index) { InnerList.CopyTo (array, index); } public new X509CertificateEnumerator GetEnumerator () { return new X509CertificateEnumerator (this); } IEnumerator IEnumerable.GetEnumerator () { return InnerList.GetEnumerator (); } public override int GetHashCode () { return InnerList.GetHashCode (); } public int IndexOf (X509Certificate value) { return InnerList.IndexOf (value); } public void Insert (int index, X509Certificate value) { InnerList.Insert (index, value); } public void Remove (X509Certificate value) { InnerList.Remove (value); } // Inner Class public class X509CertificateEnumerator : IEnumerator { private IEnumerator enumerator; // Constructors public X509CertificateEnumerator (X509CertificateCollection mappings) { enumerator = ((IEnumerable) mappings).GetEnumerator (); } // Properties public X509Certificate Current { get { return (X509Certificate) enumerator.Current; } } object IEnumerator.Current { get { return enumerator.Current; } } // Methods bool IEnumerator.MoveNext () { return enumerator.MoveNext (); } void IEnumerator.Reset () { enumerator.Reset (); } public bool MoveNext () { return enumerator.MoveNext (); } public void Reset () { enumerator.Reset (); } } } } --- NEW FILE: X509Chain.cs --- // // X509Chain.cs: X.509 Certificate Path // This is a VERY simplified and minimal version (for Authenticode support) // // Author: // Sebastien Pouliot (spo...@mo...) // // (C) 2003 Motus Technologies Inc. (http://www.motus.com) // using System; namespace Mono.Security.X509 { public class X509Chain { private X509CertificateCollection roots; private X509CertificateCollection certs; private X509Certificate root; public X509Chain () { certs = new X509CertificateCollection (); } public void LoadCertificate (X509Certificate x509) { certs.Add (x509); } public void LoadCertificates (X509CertificateCollection coll) { certs.AddRange (coll); } public X509Certificate FindByIssuerName (string issuerName) { foreach (X509Certificate x in certs) { if (x.IssuerName == issuerName) return x; } return null; } public X509CertificateCollection GetChain (X509Certificate x509) { X509CertificateCollection path = new X509CertificateCollection (); X509Certificate x = FindCertificateParent (x509); if (x != null) { while (x != null) { x509 = x; path.Add (x509); x = FindCertificateParent (x509); if ((x != null) && (x.IsSelfSigned)) x = null; } } // find a trusted root x = FindCertificateRoot (x509); if (x == null) return null; root = x; return path; } private X509CertificateCollection GetTrustAnchors () { // TODO - Load from machine.config ITrustAnchors trust = (ITrustAnchors) new TestAnchors (); return trust.Anchors; } public X509CertificateCollection TrustAnchors { get { return ((roots == null) ? GetTrustAnchors () : roots); } set { roots = value; } } public X509Certificate Root { get { return root; } } public void Reset () { // this force a reload roots = null; certs.Clear (); } private X509Certificate FindCertificateParent (X509Certificate child) { foreach (X509Certificate potentialParent in certs) { if (IsParent (child, potentialParent)) return potentialParent; } return null; } private X509Certificate FindCertificateRoot (X509Certificate x509) { // if the trusted root is in the path if (TrustAnchors.Contains (x509)) return x509; foreach (X509Certificate root in TrustAnchors) { if (IsParent (x509, root)) return root; } return null; } private bool IsParent (X509Certificate child, X509Certificate parent) { if (child.IssuerName != parent.SubjectName) return false; return (child.VerifySignature (parent.RSA)); } } } --- NEW FILE: X509Extension.cs --- // // X509Extension.cs: Base class for all X.509 extensions. // // Author: // Sebastien Pouliot (spo...@mo...) // // (C) 2003 Motus Technologies Inc. (http://www.motus.com) // using System; using System.Text; using Mono.Security; namespace Mono.Security.X509 { /* * Extension ::= SEQUENCE { * extnID OBJECT IDENTIFIER, * critical BOOLEAN DEFAULT FALSE, * extnValue OCTET STRING * } */ internal class X509Extension { protected string extnOid; protected bool extnCritical; protected ASN1 extnValue; internal X509Extension () { extnCritical = false; } public X509Extension (ASN1 asn1) { if ((asn1.Tag != 0x30) || (asn1.Count < 2)) throw new ArgumentException ("Invalid X.509 extension"); if (asn1[0].Tag != 0x06) throw new ArgumentException ("Invalid X.509 extension"); extnOid = ASN1Convert.ToOID (asn1 [0]); extnCritical = ((asn1[1].Tag == 0x01) && (asn1[1].Value[0] == 0xFF)); extnValue = asn1 [asn1.Count - 1]; // last element Decode (); } public X509Extension (X509Extension extension) : this () { if (extension == null) throw new ArgumentNullException ("extension"); if ((extension.Value.Tag != 0x04) || (extension.Value.Count != 0)) throw new ArgumentException ("Invalid extension"); extnOid = extension.OID; extnCritical = extension.Critical; extnValue = extension.Value; Decode (); } protected virtual void Decode () {} protected virtual void Encode () {} public ASN1 ASN1 { get { ASN1 extension = new ASN1 (0x30); extension.Add (ASN1Convert.FromOID (extnOid)); if (extnCritical) extension.Add (new ASN1 (0x01, new byte [1] { 0x01 })); ASN1 os = extension.Add (new ASN1 (0x04)); Encode (); os.Add (extnValue); return extension; } } public string OID { get { return extnOid; } } public bool Critical { get { return extnCritical; } } // this gets overrided with more meaningful names public virtual string Name { get { return extnOid; } } public ASN1 Value { get { return extnValue; } } public byte[] GetBytes () { return ASN1.GetBytes (); } private void WriteLine (StringBuilder sb, int n, int pos) { byte[] value = extnValue.Value; int p = pos; StringBuilder preview = new StringBuilder (); for (int j=0; j < 8; j++) { if (j < n) { sb.Append (value [p++].ToString ("X2")); sb.Append (" "); } else sb.Append (" "); } sb.Append (" "); p = pos; for (int j=0; j < n; j++) { byte b = value [p++]; if (b < 0x20) sb.Append ("."); else sb.Append (Convert.ToChar (b)); } sb.Append (Environment.NewLine); } public override string ToString () { StringBuilder sb = new StringBuilder (); int div = (extnValue.Length >> 3); int rem = (extnValue.Length - (div << 3)); int x = 0; for (int i=0; i < div; i++) { WriteLine (sb, 8, x); x += 8; } WriteLine (sb, rem, x); return sb.ToString (); } } } --- NEW FILE: X509Extensions.cs --- // // X509Extensions.cs: Handles X.509 extensions. // // Author: // Sebastien Pouliot (spo...@mo...) // // (C) 2003 Motus Technologies Inc. (http://www.motus.com) // using System; using System.Collections; using Mono.Security; namespace Mono.Security.X509 { /* * Extensions ::= SEQUENCE SIZE (1..MAX) OF Extension * * Note: 1..MAX -> There shouldn't be 0 Extensions in the ASN1 structure */ internal class X509Extensions : ICollection, IEnumerable { private ArrayList extensions; private bool readOnly; public X509Extensions () { extensions = new ArrayList (); } public X509Extensions (ASN1 asn1) : this () { readOnly = true; if (asn1 == null) return; if (asn1.Tag != 0x30) throw new Exception ("Invalid extensions format"); for (int i=0; i < asn1.Count; i++) { X509Extension extension = new X509Extension (asn1 [i]); extensions.Add (extension); } } // ICollection public int Count { get { return extensions.Count; } } // ICollection public bool IsSynchronized { get { return extensions.IsSynchronized; } } // ICollection public object SyncRoot { get { return extensions.SyncRoot; } } // ICollection public void CopyTo (Array array, int index) { extensions.CopyTo (array, index); } // IEnumerable public IEnumerator GetEnumerator () { return extensions.GetEnumerator (); } public X509Extension this [int index] { get { return (X509Extension) extensions [index]; } } public X509Extension this [string index] { get { for (int i=0; i < extensions.Count; i++) { X509Extension extension = (X509Extension) extensions [i]; if (extension.OID == index) return extension; } return null; } } public void Add (X509Extension extension) { if (readOnly) throw new NotSupportedException ("Extensions are read only"); extensions.Add (extension); } public byte[] GetBytes () { if (extensions.Count < 1) return null; ASN1 sequence = new ASN1 (0x30); for (int i=0; i < extensions.Count; i++) { X509Extension x = (X509Extension) extensions [i]; sequence.Add (x.ASN1); } return sequence.GetBytes (); } } } --- NEW FILE: X520Attributes.cs --- // // X520.cs: X.520 related stuff (attributes, RDN) // // Author: // Sebastien Pouliot (spo...@mo...) // // (C) 2002, 2003 Motus Technologies Inc. (http://www.motus.com) // using System; using System.Text; using Mono.Security; namespace Mono.Security.X509 { // References: // 1. Information technology - Open Systems Interconnection - The Directory: Selected attribute types // http://www.itu.int/rec/recommendation.asp?type=folders&lang=e&parent=T-REC-X.520 // 2. Internet X.509 Public Key Infrastructure Certificate and CRL Profile // http://www.ietf.org/rfc/rfc3280.txt /* * AttributeTypeAndValue ::= SEQUENCE { * type AttributeType, * value AttributeValue * } * * AttributeType ::= OBJECT IDENTIFIER * * AttributeValue ::= ANY DEFINED BY AttributeType */ internal class X520 { public abstract class AttributeTypeAndValue { protected string oid; protected string attrValue; private int upperBound; priva... [truncated message content] |
|
From: <car...@us...> - 2003-10-28 16:11:10
|
Update of /cvsroot/pgsqlclient/pgsqlclient_10/Mono.Security.Protocol.Tls/Mono.Security.Protocol.Tls/Mono.Security/Mono.Security.X509 In directory sc8-pr-cvs1:/tmp/cvs-serv9412/Mono.Security.X509 Log Message: Directory /cvsroot/pgsqlclient/pgsqlclient_10/Mono.Security.Protocol.Tls/Mono.Security.Protocol.Tls/Mono.Security/Mono.Security.X509 added to the repository |
|
From: <car...@us...> - 2003-10-28 16:10:49
|
Update of /cvsroot/pgsqlclient/pgsqlclient_10/Mono.Security.Protocol.Tls/Mono.Security.Protocol.Tls/Mono.Security In directory sc8-pr-cvs1:/tmp/cvs-serv9370 Added Files: ASN1Convert.cs Log Message: 2003-10-28 Carlos Guzmán Álvarez <car...@te...> * CipherSuite.cs: * TlsSessionSettings.cs: * TlsServerSettings.cs: * Mono.Security.Protocol.Tls.Handshake.Client/TlsClientCertificateVerify.cs: * Mono.Security.Protocol.Tls.Handshake.Client/TlsClientKeyExchange.cs: * Mono.Security.Protocol.Tls.Handshake.Client/TlsServerCertificate.cs: * Mono.Security.Protocol.Tls.Handshake.Client/TlsServerKeyExchange.cs: - Added changes for make use of X509 classes from mono. * Mono.Security/ASN1Convert.cs: * Mono.Security.X509/*.*: - New files from mono for allow basic certificate validation. --- NEW FILE: ASN1Convert.cs --- // // ASN1Convert.cs: Abstract Syntax Notation 1 convertion routines // // Author: // Sebastien Pouliot (spo...@mo...) // // (C) 2003 Motus Technologies Inc. (http://www.motus.com) // using System; using System.Collections; using System.Security.Cryptography; using System.Text; namespace Mono.Security { // References: // a. ITU ASN.1 standards (free download) // http://www.itu.int/ITU-T/studygroups/com17/languages/ internal class ASN1Convert { // RFC3280, section 4.2.1.5 // CAs conforming to this profile MUST always encode certificate // validity dates through the year 2049 as UTCTime; certificate validity // dates in 2050 or later MUST be encoded as GeneralizedTime. static public ASN1 FromDateTime (DateTime dt) { if (dt.Year < 2050) { // UTCTIME return new ASN1 (0x17, Encoding.ASCII.GetBytes (dt.ToString ("yyMMddHHmmss") + "Z")); } else { // GENERALIZEDTIME return new ASN1 (0x18, Encoding.ASCII.GetBytes (dt.ToString ("yyyyMMddHHmmss") + "Z")); } } static public ASN1 FromInt32 (Int32 value) { byte[] integer = BitConverter.GetBytes (value); int x = 3; while (integer [x] == 0x00) x--; ASN1 asn1 = new ASN1 (0x02); if (x == 3) asn1.Value = integer; else { byte[] smallerInt = new byte [x + 1]; Array.Copy (integer, 0, smallerInt, 0, smallerInt.Length); asn1.Value = smallerInt; } return asn1; } static public ASN1 FromOID (string oid) { return new ASN1 (CryptoConfig.EncodeOID (oid)); } static public ASN1 FromUnsignedBigInteger (byte[] integer) { if (integer [0] == 0x00) { // this first byte is added so we're sure it's an unsigned integer // however we can't feed it into RSAParameters or DSAParameters int length = integer.Length + 1; byte[] uinteger = new byte [length]; Array.Copy (integer, 0, uinteger, 1, length); integer = uinteger; } return new ASN1 (0x02, integer); } static public int ToInt32 (ASN1 asn1) { if (asn1.Tag != 0x02) throw new NotSupportedException ("Only integer can be converted"); int x = 0; for (int i=0; i < asn1.Value.Length; i++) x = (x << 8) + asn1.Value [i]; return x; } // Convert a binary encoded OID to human readable string representation of // an OID (IETF style). Based on DUMPASN1.C from Peter Gutmann. static public string ToOID (ASN1 asn1) { byte[] aOID = asn1.Value; StringBuilder sb = new StringBuilder (); // Pick apart the OID byte x = (byte) (aOID[0] / 40); byte y = (byte) (aOID[0] % 40); if (x > 2) { // Handle special case for large y if x = 2 y += (byte) ((x - 2) * 40); x = 2; } sb.Append (x.ToString ()); sb.Append ("."); sb.Append (y.ToString ()); ulong val = 0; for (x = 1; x < aOID.Length; x++) { val = ((val << 7) | ((byte) (aOID [x] & 0x7F))); if ( !((aOID [x] & 0x80) == 0x80)) { sb.Append ("."); sb.Append (val.ToString ()); val = 0; } } return sb.ToString (); } static public DateTime ToDateTime (ASN1 time) { string t = Encoding.ASCII.GetString (time.Value); // to support both UTCTime and GeneralizedTime (and not so common format) string mask = null; switch (t.Length) { case 11: mask = "yyMMddHHmmZ"; // illegal I think ... must check break; case 13: // RFC3280: 4.1.2.5.1 UTCTime int year = Convert.ToInt16 (t.Substring (0, 2)); // Where YY is greater than or equal to 50, the // year SHALL be interpreted as 19YY; and // Where YY is less than 50, the year SHALL be // interpreted as 20YY. if (year >= 50) t = "19" + t; else t = "20" + t; mask = "yyyyMMddHHmmssZ"; break; case 15: mask = "yyyyMMddHHmmssZ"; // GeneralizedTime break; } return DateTime.ParseExact (t, mask, null); } } } |
|
From: <car...@us...> - 2003-10-28 10:46:23
|
Update of /cvsroot/pgsqlclient/pgsqlclient_10/PostgreSql.Data.PgSqlClient/source/NPgClient
In directory sc8-pr-cvs1:/tmp/cvs-serv17199
Modified Files:
PgOutputPacket.cs PgResponsePacket.cs
Log Message:
2003-10-28 Carlos Guzmán Álvarez <car...@te...>
* source/NPgClient/PgOutputPacket.cs:
* source/NPgClient/PgResponsePacket.cs:
- Added fix for correct handling of timetz type.
Index: PgOutputPacket.cs
===================================================================
RCS file: /cvsroot/pgsqlclient/pgsqlclient_10/PostgreSql.Data.PgSqlClient/source/NPgClient/PgOutputPacket.cs,v
retrieving revision 1.16
retrieving revision 1.17
diff -C2 -d -r1.16 -r1.17
*** PgOutputPacket.cs 27 Oct 2003 12:25:21 -0000 1.16
--- PgOutputPacket.cs 28 Oct 2003 10:44:55 -0000 1.17
***************
*** 167,171 ****
this.WriteDouble(seconds.TotalSeconds);
! this.WriteInt(0);
}
--- 167,171 ----
this.WriteDouble(seconds.TotalSeconds);
! this.WriteInt((-1)*Int32.Parse(time.ToString("zz"))*3600);
}
***************
*** 179,185 ****
public void WriteTimestampWithTZ(DateTime timestamp)
{
! TimeSpan days = timestamp.Subtract(PgCodes.BASE_DATE);
!
! this.WriteDouble(days.TotalSeconds);
}
--- 179,183 ----
public void WriteTimestampWithTZ(DateTime timestamp)
{
! this.WriteTimestamp(timestamp);
}
Index: PgResponsePacket.cs
===================================================================
RCS file: /cvsroot/pgsqlclient/pgsqlclient_10/PostgreSql.Data.PgSqlClient/source/NPgClient/PgResponsePacket.cs,v
retrieving revision 1.17
retrieving revision 1.18
diff -C2 -d -r1.17 -r1.18
*** PgResponsePacket.cs 27 Oct 2003 18:46:49 -0000 1.17
--- PgResponsePacket.cs 28 Oct 2003 10:44:55 -0000 1.18
***************
*** 240,252 ****
int timezone = (-1)*(this.ReadInt()/3600);
! string format = "{0:D2}{1}{2:D2}{3}{4:D2}{5}";
! if (timezone > 0)
{
! format = "{0:D2}{1}{2:D2}{3}{4:D2}+{5}";
}
StringBuilder timeWithTZ = new StringBuilder();
timeWithTZ.AppendFormat(
! format,
time.Hour,
CultureInfo.CurrentCulture.DateTimeFormat.TimeSeparator,
--- 240,252 ----
int timezone = (-1)*(this.ReadInt()/3600);
! string sbFormat = "{0:D2}{1}{2:D2}{3}{4:D2}{5:D2}";
! if (timezone >= 0)
{
! sbFormat = "{0:D2}{1}{2:D2}{3}{4:D2}+{5:D2}";
}
StringBuilder timeWithTZ = new StringBuilder();
timeWithTZ.AppendFormat(
! sbFormat,
time.Hour,
CultureInfo.CurrentCulture.DateTimeFormat.TimeSeparator,
***************
*** 256,261 ****
timezone);
! return DateTime.Parse(
timeWithTZ.ToString(),
CultureInfo.CurrentCulture.DateTimeFormat,
DateTimeStyles.NoCurrentDateDefault |
--- 256,272 ----
timezone);
! StringBuilder format = new StringBuilder();
! format.AppendFormat(
! "{0}{1}{2}{3}{4}{5}",
! "HH",
! CultureInfo.CurrentCulture.DateTimeFormat.TimeSeparator,
! "mm",
! CultureInfo.CurrentCulture.DateTimeFormat.TimeSeparator,
! "ss",
! "zz");
!
! return DateTime.ParseExact(
timeWithTZ.ToString(),
+ format.ToString(),
CultureInfo.CurrentCulture.DateTimeFormat,
DateTimeStyles.NoCurrentDateDefault |
|
|
From: <car...@us...> - 2003-10-27 18:54:39
|
Update of /cvsroot/pgsqlclient/pgsqlclient_10/PostgreSql.Data.PgSqlClient/source/PgTypes
In directory sc8-pr-cvs1:/tmp/cvs-serv22967
Modified Files:
PgBox.cs
Log Message:
* source/NPgClient/PgOutputPacket.cs:
* source/NPgClient/PgResponsePacket.cs:
- Added fix for correct handling of box type.
- Added some changes to interval datatype handling.
* source/PgTypes/PgBox.cs:
- Added fix for correct handling of box type.
Index: PgBox.cs
===================================================================
RCS file: /cvsroot/pgsqlclient/pgsqlclient_10/PostgreSql.Data.PgSqlClient/source/PgTypes/PgBox.cs,v
retrieving revision 1.4
retrieving revision 1.5
diff -C2 -d -r1.4 -r1.5
*** PgBox.cs 26 Oct 2003 14:56:59 -0000 1.4
--- PgBox.cs 27 Oct 2003 18:46:29 -0000 1.5
***************
*** 46,53 ****
#region CONSTRUCTORS
! public PgBox(PgPoint upperRight, PgPoint lowerLeft)
{
- this.upperRight = upperRight;
this.lowerLeft = lowerLeft;
}
--- 46,53 ----
#region CONSTRUCTORS
! public PgBox(PgPoint lowerLeft, PgPoint upperRight)
{
this.lowerLeft = lowerLeft;
+ this.upperRight = upperRight;
}
***************
*** 89,95 ****
{
System.Text.StringBuilder b = new System.Text.StringBuilder();
! b.AppendFormat("(({0},{1}),({2},{3}))",
! this.upperRight.X , this.upperRight.Y,
! this.lowerLeft.X , this.lowerLeft.Y);
return b.ToString();
--- 89,95 ----
{
System.Text.StringBuilder b = new System.Text.StringBuilder();
! b.AppendFormat("(({0},{1}),({2},{3}))",
! this.lowerLeft.X , this.lowerLeft.Y,
! this.upperRight.X , this.upperRight.Y);
return b.ToString();
|
|
From: <car...@us...> - 2003-10-27 18:53:52
|
Update of /cvsroot/pgsqlclient/pgsqlclient_10/PostgreSql.Data.PgSqlClient/source/NPgClient
In directory sc8-pr-cvs1:/tmp/cvs-serv23036
Modified Files:
PgResponsePacket.cs
Log Message:
* source/NPgClient/PgOutputPacket.cs:
* source/NPgClient/PgResponsePacket.cs:
- Added fix for correct handling of box type.
- Added some changes to interval datatype handling.
* source/PgTypes/PgBox.cs:
- Added fix for correct handling of box type.
Index: PgResponsePacket.cs
===================================================================
RCS file: /cvsroot/pgsqlclient/pgsqlclient_10/PostgreSql.Data.PgSqlClient/source/NPgClient/PgResponsePacket.cs,v
retrieving revision 1.16
retrieving revision 1.17
diff -C2 -d -r1.16 -r1.17
*** PgResponsePacket.cs 27 Oct 2003 12:25:21 -0000 1.16
--- PgResponsePacket.cs 27 Oct 2003 18:46:49 -0000 1.17
***************
*** 373,377 ****
public PgBox ReadBox()
{
! return new PgBox(this.ReadPoint(), this.ReadPoint());
}
--- 373,380 ----
public PgBox ReadBox()
{
! PgPoint upperRight = this.ReadPoint();
! PgPoint lowerLeft = this.ReadPoint();
!
! return new PgBox(lowerLeft, upperRight);
}
|
