using Org.BouncyCastle.Asn1; using Org.BouncyCastle.Asn1.X509; using Org.BouncyCastle.Math; using Org.BouncyCastle.Utilities.Collections; using Org.BouncyCastle.X509.Extension; using System; using System.Collections.Generic; namespace Org.BouncyCastle.X509.Store { public class X509AttrCertStoreSelector : ISelector<X509V2AttributeCertificate>, ICloneable { private X509V2AttributeCertificate attributeCert; private DateTime? attributeCertificateValid; private AttributeCertificateHolder holder; private AttributeCertificateIssuer issuer; private BigInteger serialNumber; private ISet<GeneralName> targetNames = new HashSet<GeneralName>(); private ISet<GeneralName> targetGroups = new HashSet<GeneralName>(); public X509V2AttributeCertificate AttributeCert { get { return attributeCert; } set { attributeCert = value; } } public DateTime? AttributeCertificateValid { get { return attributeCertificateValid; } set { attributeCertificateValid = value; } } public AttributeCertificateHolder Holder { get { return holder; } set { holder = value; } } public AttributeCertificateIssuer Issuer { get { return issuer; } set { issuer = value; } } public BigInteger SerialNumber { get { return serialNumber; } set { serialNumber = value; } } public X509AttrCertStoreSelector() { } private X509AttrCertStoreSelector(X509AttrCertStoreSelector o) { attributeCert = o.attributeCert; attributeCertificateValid = o.attributeCertificateValid; holder = o.holder; issuer = o.issuer; serialNumber = o.serialNumber; targetGroups = new HashSet<GeneralName>(o.targetGroups); targetNames = new HashSet<GeneralName>(o.targetNames); } public bool Match(X509V2AttributeCertificate attrCert) { if (attrCert == null) return false; if (attributeCert != null && !attributeCert.Equals(attrCert)) return false; if (serialNumber != null && !attrCert.SerialNumber.Equals(serialNumber)) return false; if (holder != null && !attrCert.Holder.Equals(holder)) return false; if (issuer != null && !attrCert.Issuer.Equals(issuer)) return false; if (attributeCertificateValid.HasValue && !attrCert.IsValid(attributeCertificateValid.Value)) return false; if (targetNames.Count > 0 || targetGroups.Count > 0) { TargetInformation extension; try { extension = attrCert.GetExtension(X509Extensions.TargetInformation, TargetInformation.GetInstance); } catch (Exception) { return false; } if (extension != null) { Targets[] targetsObjects = extension.GetTargetsObjects(); if (targetNames.Count > 0 && !MatchTargetNames(targetsObjects, targetNames)) return false; if (targetGroups.Count > 0 && !MatchTargetGroups(targetsObjects, targetGroups)) return false; } } return true; } public object Clone() { return new X509AttrCertStoreSelector(this); } public void AddTargetName(GeneralName name) { targetNames.Add(name); } public void AddTargetName(byte[] name) { AddTargetName(GeneralName.GetInstance(Asn1Object.FromByteArray(name))); } public void SetTargetNames(IEnumerable<object> names) { targetNames = ExtractGeneralNames(names); } public IEnumerable<GeneralName> GetTargetNames() { return CollectionUtilities.Proxy(targetNames); } public void AddTargetGroup(GeneralName group) { targetGroups.Add(group); } public void AddTargetGroup(byte[] name) { AddTargetGroup(GeneralName.GetInstance(Asn1Object.FromByteArray(name))); } public void SetTargetGroups(IEnumerable<object> names) { targetGroups = ExtractGeneralNames(names); } public IEnumerable<GeneralName> GetTargetGroups() { return CollectionUtilities.Proxy(targetGroups); } private ISet<GeneralName> ExtractGeneralNames(IEnumerable<object> names) { HashSet<GeneralName> hashSet = new HashSet<GeneralName>(); if (names != null) { foreach (object name in names) { hashSet.Add(GeneralName.GetInstance(name)); } return hashSet; } return hashSet; } private static bool MatchTargetGroups(Targets[] targetss, ISet<GeneralName> targetGroups) { for (int i = 0; i < targetss.Length; i++) { Target[] targets = targetss[i].GetTargets(); for (int j = 0; j < targets.Length; j++) { GeneralName targetGroup = targets[j].TargetGroup; if (targetGroup != null && targetGroups.Contains(targetGroup)) return true; } } return false; } private static bool MatchTargetNames(Targets[] targetss, ISet<GeneralName> targetNames) { for (int i = 0; i < targetss.Length; i++) { Target[] targets = targetss[i].GetTargets(); for (int j = 0; j < targets.Length; j++) { GeneralName targetName = targets[j].TargetName; if (targetName != null && targetNames.Contains(targetName)) return true; } } return false; } } }