mirrored from https://www.bouncycastle.org/repositories/bc-csharp
-
Notifications
You must be signed in to change notification settings - Fork 602
Expand file tree
/
Copy pathBasicOCSPResp.cs
More file actions
130 lines (104 loc) · 4.23 KB
/
Copy pathBasicOCSPResp.cs
File metadata and controls
130 lines (104 loc) · 4.23 KB
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
76
77
78
79
80
81
82
83
84
85
86
87
88
89
90
91
92
93
94
95
96
97
98
99
100
101
102
103
104
105
106
107
108
109
110
111
112
113
114
115
116
117
118
119
120
121
122
123
124
125
126
127
128
129
130
using System;
using System.Collections.Generic;
using System.IO;
using Org.BouncyCastle.Asn1;
using Org.BouncyCastle.Asn1.Ocsp;
using Org.BouncyCastle.Asn1.X509;
using Org.BouncyCastle.Crypto;
using Org.BouncyCastle.Crypto.Operators;
using Org.BouncyCastle.Utilities.Collections;
using Org.BouncyCastle.X509;
namespace Org.BouncyCastle.Ocsp
{
/// <remarks>
/// <code>
/// BasicOcspResponse ::= SEQUENCE {
/// tbsResponseData ResponseData,
/// signatureAlgorithm AlgorithmIdentifier,
/// signature BIT STRING,
/// certs [0] EXPLICIT SEQUENCE OF Certificate OPTIONAL
/// }
/// </code>
/// </remarks>
public class BasicOcspResp
: X509ExtensionBase
{
private readonly BasicOcspResponse resp;
private readonly ResponseData data;
//private readonly X509Certificate[] chain;
public BasicOcspResp(BasicOcspResponse resp)
{
this.resp = resp;
this.data = resp.TbsResponseData;
}
/// <returns>The DER encoding of the tbsResponseData field.</returns>
/// <exception cref="OcspException">In the event of an encoding error.</exception>
public byte[] GetTbsResponseData()
{
try
{
return data.GetEncoded(Asn1Encodable.Der);
}
catch (IOException e)
{
throw new OcspException("problem encoding tbsResponseData", e);
}
}
public int Version => data.Version.IntValueExact + 1;
public RespID ResponderId => new RespID(data.ResponderID);
public DateTime ProducedAt => data.ProducedAt.ToDateTime();
public SingleResp[] Responses =>
data.Responses.MapElements(element => new SingleResp(SingleResponse.GetInstance(element)));
public X509Extensions ResponseExtensions => data.ResponseExtensions;
protected override X509Extensions GetX509Extensions() => ResponseExtensions;
[Obsolete("Will be removed")]
public string SignatureAlgName => X509SignatureUtilities.GetSignatureName(SignatureAlgorithm);
public AlgorithmIdentifier SignatureAlgorithm => resp.SignatureAlgorithm;
[Obsolete("Will be removed")]
public string SignatureAlgOid => resp.SignatureAlgorithm.Algorithm.GetID();
public byte[] GetSignature() => resp.GetSignatureOctets();
private List<X509Certificate> GetCertList()
{
// load the certificates if we have any
var result = new List<X509Certificate>();
Asn1Sequence certs = resp.Certs;
if (certs != null)
{
foreach (Asn1Encodable element in certs)
{
result.Add(new X509Certificate(X509CertificateStructure.GetInstance(element)));
}
}
return result;
}
public X509Certificate[] GetCerts() => GetCertList().ToArray();
/// <returns>The certificates, if any, associated with the response.</returns>
/// <exception cref="OcspException">In the event of an encoding error.</exception>
public IStore<X509Certificate> GetCertificates() => CollectionUtilities.CreateStore(GetCertList());
/// <summary>
/// Verify the signature against the tbsResponseData object we contain.
/// </summary>
public bool Verify(AsymmetricKeyParameter publicKey)
{
try
{
var verifierFactory = new Asn1VerifierFactory(resp.SignatureAlgorithm, publicKey);
return X509.X509Utilities.VerifySignature(verifierFactory, data, resp.Signature);
}
catch (Exception e)
{
throw new OcspException("exception processing sig", e);
}
}
/// <returns>The ASN.1 encoded representation of this object.</returns>
public byte[] GetEncoded() => resp.GetEncoded();
public override bool Equals(object obj)
{
if (obj == this)
return true;
return obj is BasicOcspResp that
&& this.resp.Equals(that.resp);
}
public override int GetHashCode() => resp.GetHashCode();
}
}