using Org.BouncyCastle.Asn1; using Org.BouncyCastle.Asn1.Cms; using Org.BouncyCastle.Asn1.CryptoPro; using Org.BouncyCastle.Asn1.Ocsp; using Org.BouncyCastle.Asn1.Rosstandart; using Org.BouncyCastle.Asn1.Sec; using Org.BouncyCastle.Asn1.X509; using Org.BouncyCastle.Asn1.X9; using Org.BouncyCastle.Utilities.Collections; using Org.BouncyCastle.Utilities.IO; using Org.BouncyCastle.X509; using System; using System.Collections.Generic; using System.IO; namespace Org.BouncyCastle.Cms { internal static class CmsUtilities { private static readonly HashSet<DerObjectIdentifier> ECAlgorithms; private static readonly HashSet<DerObjectIdentifier> GostAlgorithms; private static readonly HashSet<DerObjectIdentifier> MqvAlgorithms; internal static int MaximumMemory { get { long num = 2147483647; if (num > 2147483647) return 2147483647; return (int)num; } } static CmsUtilities() { ECAlgorithms = new HashSet<DerObjectIdentifier>(); GostAlgorithms = new HashSet<DerObjectIdentifier>(); MqvAlgorithms = new HashSet<DerObjectIdentifier>(); ECAlgorithms.Add(X9ObjectIdentifiers.DHSinglePassStdDHSha1KdfScheme); ECAlgorithms.Add(SecObjectIdentifiers.dhSinglePass_stdDH_sha224kdf_scheme); ECAlgorithms.Add(SecObjectIdentifiers.dhSinglePass_stdDH_sha256kdf_scheme); ECAlgorithms.Add(SecObjectIdentifiers.dhSinglePass_stdDH_sha384kdf_scheme); ECAlgorithms.Add(SecObjectIdentifiers.dhSinglePass_stdDH_sha512kdf_scheme); ECAlgorithms.Add(X9ObjectIdentifiers.DHSinglePassCofactorDHSha1KdfScheme); ECAlgorithms.Add(SecObjectIdentifiers.dhSinglePass_cofactorDH_sha224kdf_scheme); ECAlgorithms.Add(SecObjectIdentifiers.dhSinglePass_cofactorDH_sha256kdf_scheme); ECAlgorithms.Add(SecObjectIdentifiers.dhSinglePass_cofactorDH_sha384kdf_scheme); ECAlgorithms.Add(SecObjectIdentifiers.dhSinglePass_cofactorDH_sha512kdf_scheme); GostAlgorithms.Add(CryptoProObjectIdentifiers.GostR3410x2001CryptoProESDH); GostAlgorithms.Add(RosstandartObjectIdentifiers.id_tc26_agreement_gost_3410_12_256); GostAlgorithms.Add(RosstandartObjectIdentifiers.id_tc26_agreement_gost_3410_12_512); MqvAlgorithms.Add(X9ObjectIdentifiers.MqvSinglePassSha1KdfScheme); MqvAlgorithms.Add(SecObjectIdentifiers.mqvSinglePass_sha224kdf_scheme); MqvAlgorithms.Add(SecObjectIdentifiers.mqvSinglePass_sha256kdf_scheme); MqvAlgorithms.Add(SecObjectIdentifiers.mqvSinglePass_sha384kdf_scheme); MqvAlgorithms.Add(SecObjectIdentifiers.mqvSinglePass_sha512kdf_scheme); } internal static byte[] GetByteArray(CmsProcessable content) { if (content == null) return Array.Empty<byte>(); CmsProcessableByteArray cmsProcessableByteArray = content as CmsProcessableByteArray; if (cmsProcessableByteArray != null) return cmsProcessableByteArray.GetByteArray(); using (MemoryStream memoryStream = new MemoryStream()) { content.Write(memoryStream); return memoryStream.ToArray(); } } internal static bool IsEC(DerObjectIdentifier oid) { return ECAlgorithms.Contains(oid); } internal static bool IsGost(DerObjectIdentifier oid) { return GostAlgorithms.Contains(oid); } internal static bool IsMqv(DerObjectIdentifier oid) { return MqvAlgorithms.Contains(oid); } internal static ContentInfo ReadContentInfo(byte[] input) { using (Asn1InputStream asn1In = new Asn1InputStream(input)) return ReadContentInfo(asn1In); } internal static ContentInfo ReadContentInfo(Stream input) { using (Asn1InputStream asn1In = new Asn1InputStream(input, MaximumMemory, true)) return ReadContentInfo(asn1In); } private static ContentInfo ReadContentInfo(Asn1InputStream asn1In) { try { return ContentInfo.GetInstance(asn1In.ReadObject()); } catch (IOException innerException) { throw new CmsException("IOException reading content.", innerException); } catch (InvalidCastException innerException2) { throw new CmsException("Malformed content.", innerException2); } catch (ArgumentException innerException3) { throw new CmsException("Malformed content.", innerException3); } } internal static byte[] StreamToByteArray(Stream inStream) { return Streams.ReadAll(inStream); } internal static byte[] StreamToByteArray(Stream inStream, int limit) { return Streams.ReadAllLimited(inStream, limit); } internal static void AddDigestAlgorithms(DigestAlgorithmsBuilder builder, SignerInformation signer) { builder.Add(signer.DigestAlgorithmID); foreach (SignerInformation counterSignature in signer.GetCounterSignatures()) { builder.Add(counterSignature.DigestAlgorithmID); } } internal static IssuerAndSerialNumber GetIssuerAndSerialNumber(TbsCertificateStructure c) { return new IssuerAndSerialNumber(c.Issuer, c.SerialNumber); } internal static IssuerAndSerialNumber GetIssuerAndSerialNumber(X509CertificateStructure c) { return GetIssuerAndSerialNumber(c.TbsCertificate); } internal static IssuerAndSerialNumber GetIssuerAndSerialNumber(X509Certificate c) { return GetIssuerAndSerialNumber(c.TbsCertificate); } internal static SignerIdentifier GetSignerIdentifier(X509Certificate c) { return new SignerIdentifier(GetIssuerAndSerialNumber(c)); } internal static SignerIdentifier GetSignerIdentifier(byte[] subjectKeyIdentifier) { return new SignerIdentifier(new SubjectKeyIdentifier(subjectKeyIdentifier)); } internal static Org.BouncyCastle.Asn1.Cms.AttributeTable ParseAttributeTable(Asn1SetParser parser) { Asn1EncodableVector asn1EncodableVector = new Asn1EncodableVector(); IAsn1Convertible asn1Convertible; while ((asn1Convertible = parser.ReadObject()) != null) { Asn1SequenceParser asn1SequenceParser = (Asn1SequenceParser)asn1Convertible; asn1EncodableVector.Add(asn1SequenceParser.ToAsn1Object()); } return new Org.BouncyCastle.Asn1.Cms.AttributeTable(asn1EncodableVector); } internal static void CollectAttributeCertificate(List<Asn1Encodable> result, X509V2AttributeCertificate attrCert) { result.Add(new DerTaggedObject(false, 2, attrCert.AttributeCertificate)); } internal static void CollectAttributeCertificates(List<Asn1Encodable> result, IStore<X509V2AttributeCertificate> attrCertStore) { if (attrCertStore != null) { foreach (X509V2AttributeCertificate item in attrCertStore.EnumerateMatches(null)) { CollectAttributeCertificate(result, item); } } } internal static void CollectCertificate(List<Asn1Encodable> result, X509Certificate cert) { result.Add(cert.CertificateStructure); } internal static void CollectCertificates(List<Asn1Encodable> result, IStore<X509Certificate> certStore) { if (certStore != null) { foreach (X509Certificate item in certStore.EnumerateMatches(null)) { CollectCertificate(result, item); } } } internal static void CollectCrl(List<Asn1Encodable> result, X509Crl crl) { result.Add(crl.CertificateList); } internal static void CollectCrls(List<Asn1Encodable> result, IStore<X509Crl> crlStore) { if (crlStore != null) { foreach (X509Crl item in crlStore.EnumerateMatches(null)) { CollectCrl(result, item); } } } internal static void CollectOtherRevocationInfo(List<Asn1Encodable> result, OtherRevocationInfoFormat otherRevocationInfo) { ValidateOtherRevocationInfo(otherRevocationInfo); result.Add(new DerTaggedObject(false, 1, otherRevocationInfo)); } internal static void CollectOtherRevocationInfo(List<Asn1Encodable> result, DerObjectIdentifier otherRevInfoFormat, Asn1Encodable otherRevInfo) { CollectOtherRevocationInfo(result, new OtherRevocationInfoFormat(otherRevInfoFormat, otherRevInfo)); } internal static void CollectOtherRevocationInfos(List<Asn1Encodable> result, IStore<OtherRevocationInfoFormat> otherRevocationInfoStore) { if (otherRevocationInfoStore != null) { foreach (OtherRevocationInfoFormat item in otherRevocationInfoStore.EnumerateMatches(null)) { CollectOtherRevocationInfo(result, item); } } } internal static void CollectOtherRevocationInfos(List<Asn1Encodable> result, DerObjectIdentifier otherRevInfoFormat, IStore<Asn1Encodable> otherRevInfoStore) { if (otherRevInfoStore != null && otherRevInfoFormat != null) { foreach (Asn1Encodable item in otherRevInfoStore.EnumerateMatches(null)) { CollectOtherRevocationInfo(result, otherRevInfoFormat, item); } } } internal static Asn1Set ToAsn1Set(this IReadOnlyCollection<Asn1Encodable> elements, bool useDer, bool useDL) { if (!useDer) { if (!useDL) return elements.ToBerSet(); return elements.ToDLSet(); } return elements.ToDerSet(); } internal static Asn1Set ToAsn1SetOptional(this IReadOnlyCollection<Asn1Encodable> elements, bool useDer, bool useDL) { if (elements.Count >= 1) return elements.ToAsn1Set(useDer, useDL); return null; } internal static Asn1Set ToBerSet(this IReadOnlyCollection<Asn1Encodable> elements) { return BerSet.FromCollection(elements); } internal static Asn1Set ToDerSet(this IReadOnlyCollection<Asn1Encodable> elements) { return DerSet.FromCollection(elements); } internal static Asn1Set ToDLSet(this IReadOnlyCollection<Asn1Encodable> elements) { return DLSet.FromCollection(elements); } internal static void ValidateOtherRevocationInfo(OtherRevocationInfoFormat otherRevocationInfo) { if (CmsObjectIdentifiers.id_ri_ocsp_response.Equals(otherRevocationInfo.InfoFormat) && !OcspResponse.GetInstance(otherRevocationInfo.Info).ResponseStatus.HasValue(0)) throw new ArgumentException("cannot add unsuccessful OCSP response to CMS SignedData"); } } }