using Org.BouncyCastle.Asn1; using Org.BouncyCastle.Asn1.Oiw; using Org.BouncyCastle.Asn1.X509; using Org.BouncyCastle.Crypto; using Org.BouncyCastle.Math; using Org.BouncyCastle.Security; using Org.BouncyCastle.Utilities; using System; namespace Org.BouncyCastle.X509.Extension { public class X509ExtensionUtilities { internal static Asn1OctetString CalculateKeyIdentifier(AsymmetricKeyParameter publicKey) { return CalculateKeyIdentifier(SubjectPublicKeyInfoFactory.CreateSubjectPublicKeyInfo(publicKey)); } internal static Asn1OctetString CalculateKeyIdentifier(SubjectPublicKeyInfo spki) { return new DerOctetString(CalculateSha1(spki)); } internal static Asn1OctetString CalculateKeyIdentifier(X509Certificate certificate) { return CalculateKeyIdentifier(certificate.CertificateStructure.SubjectPublicKeyInfo); } private static byte[] CalculateSha1(SubjectPublicKeyInfo spki) { DerBitString publicKey = spki.PublicKey; if (publicKey.IsOctetAligned()) return CalculateSha1(publicKey.GetOctetsSpan()); return CalculateSha1(publicKey.GetBytes()); } private static byte[] CalculateSha1(byte[] data) { return DigestUtilities.CalculateDigest(OiwObjectIdentifiers.IdSha1, data); } private static byte[] CalculateSha1(ReadOnlySpan<byte> data) { return DigestUtilities.CalculateDigest(OiwObjectIdentifiers.IdSha1, data); } public static AuthorityKeyIdentifier CreateAuthorityKeyIdentifier(AsymmetricKeyParameter publicKey) { return CreateAuthorityKeyIdentifier(SubjectPublicKeyInfoFactory.CreateSubjectPublicKeyInfo(publicKey)); } public static AuthorityKeyIdentifier CreateAuthorityKeyIdentifier(AsymmetricKeyParameter publicKey, GeneralNames issuer, BigInteger serialNumber) { return CreateAuthorityKeyIdentifier(SubjectPublicKeyInfoFactory.CreateSubjectPublicKeyInfo(publicKey), issuer, new DerInteger(serialNumber)); } public static AuthorityKeyIdentifier CreateAuthorityKeyIdentifier(SubjectPublicKeyInfo spki) { return new AuthorityKeyIdentifier(CalculateKeyIdentifier(spki)); } public static AuthorityKeyIdentifier CreateAuthorityKeyIdentifier(SubjectPublicKeyInfo spki, GeneralNames issuer, DerInteger serialNumber) { return new AuthorityKeyIdentifier(CalculateKeyIdentifier(spki), issuer, serialNumber); } public static AuthorityKeyIdentifier CreateAuthorityKeyIdentifier(X509Certificate certificate) { Asn1OctetString keyIdentifier = DeriveAuthCertKeyID(certificate); GeneralNames authorityCertIssuer = new GeneralNames(new GeneralName(certificate.IssuerDN)); DerInteger serialNumber = certificate.CertificateStructure.SerialNumber; return new AuthorityKeyIdentifier(keyIdentifier, authorityCertIssuer, serialNumber); } public static SubjectKeyIdentifier CreateSubjectKeyIdentifier(AsymmetricKeyParameter publicKey) { return CreateSubjectKeyIdentifier(SubjectPublicKeyInfoFactory.CreateSubjectPublicKeyInfo(publicKey)); } public static SubjectKeyIdentifier CreateSubjectKeyIdentifier(SubjectPublicKeyInfo spki) { return new SubjectKeyIdentifier(CalculateKeyIdentifier(spki)); } public static SubjectKeyIdentifier CreateTruncatedSubjectKeyIdentifier(SubjectPublicKeyInfo spki) { byte[] array = CalculateSha1(spki); byte[] array2 = Arrays.CopyOfRange(array, array.Length - 8, array.Length); array2[0] &= 15; array2[0] |= 64; return new SubjectKeyIdentifier(array2); } internal static Asn1OctetString DeriveAuthCertKeyID(X509Certificate authorityCert) { SubjectKeyIdentifier subjectKeyIdentifier = GetSubjectKeyIdentifier(authorityCert); if (subjectKeyIdentifier != null) return DerOctetString.WithContents(subjectKeyIdentifier.GetKeyIdentifier()); return CalculateKeyIdentifier(authorityCert); } public static Asn1Object FromExtensionValue(Asn1OctetString extensionValue) { return Asn1Object.FromByteArray(extensionValue.GetOctets()); } public static Asn1Object FromExtensionValue(IX509Extension extensions, DerObjectIdentifier oid) { Asn1OctetString extensionValue = extensions.GetExtensionValue(oid); if (extensionValue != null) return FromExtensionValue(extensionValue); return null; } public static AuthorityKeyIdentifier GetAuthorityKeyIdentifier(IX509Extension extension) { Asn1OctetString extensionValue = extension.GetExtensionValue(X509Extensions.AuthorityKeyIdentifier); if (extensionValue != null) return AuthorityKeyIdentifier.GetInstance(extensionValue.GetOctets()); return null; } public static SubjectKeyIdentifier GetSubjectKeyIdentifier(IX509Extension extension) { Asn1OctetString extensionValue = extension.GetExtensionValue(X509Extensions.SubjectKeyIdentifier); if (extensionValue != null) return SubjectKeyIdentifier.GetInstance(extensionValue.GetOctets()); return null; } } }