X509CrlParser.cs
4.02 KB
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
76
77
78
79
80
81
82
83
84
85
86
87
88
89
90
91
92
93
94
95
96
97
98
99
100
101
102
103
104
105
106
107
108
109
110
111
112
113
114
115
116
117
118
119
120
121
122
123
124
125
126
127
128
129
130
131
132
133
134
135
136
137
138
139
140
141
142
143
144
145
146
147
148
149
150
151
152
153
154
155
156
157
158
159
160
161
162
163
164
165
166
167
168
169
170
171
172
173
174
175
176
177
178
179
180
181
182
183
184
185
186
187
188
189
190
191
192
193
194
195
using System;
using System.Collections;
using System.IO;
using System.Text;
using Org.BouncyCastle.Asn1;
using Org.BouncyCastle.Asn1.Pkcs;
using Org.BouncyCastle.Asn1.X509;
using Org.BouncyCastle.Security.Certificates;
using Org.BouncyCastle.Utilities;
using Org.BouncyCastle.Utilities.Encoders;
using Org.BouncyCastle.Utilities.IO;
namespace Org.BouncyCastle.X509
{
public class X509CrlParser
{
private static readonly PemParser PemCrlParser = new PemParser("CRL");
private readonly bool lazyAsn1;
private Asn1Set sCrlData;
private int sCrlDataObjectCount;
private Stream currentCrlStream;
public X509CrlParser()
: this(false)
{
}
public X509CrlParser(
bool lazyAsn1)
{
this.lazyAsn1 = lazyAsn1;
}
private X509Crl ReadPemCrl(
Stream inStream)
{
Asn1Sequence seq = PemCrlParser.ReadPemObject(inStream);
return seq == null
? null
: CreateX509Crl(CertificateList.GetInstance(seq));
}
private X509Crl ReadDerCrl(
Asn1InputStream dIn)
{
Asn1Sequence seq = (Asn1Sequence)dIn.ReadObject();
if (seq.Count > 1 && seq[0] is DerObjectIdentifier)
{
if (seq[0].Equals(PkcsObjectIdentifiers.SignedData))
{
sCrlData = SignedData.GetInstance(
Asn1Sequence.GetInstance((Asn1TaggedObject) seq[1], true)).Crls;
return GetCrl();
}
}
return CreateX509Crl(CertificateList.GetInstance(seq));
}
private X509Crl GetCrl()
{
if (sCrlData == null || sCrlDataObjectCount >= sCrlData.Count)
{
return null;
}
return CreateX509Crl(
CertificateList.GetInstance(
sCrlData[sCrlDataObjectCount++]));
}
protected virtual X509Crl CreateX509Crl(
CertificateList c)
{
return new X509Crl(c);
}
/// <summary>
/// Create loading data from byte array.
/// </summary>
/// <param name="input"></param>
public X509Crl ReadCrl(
byte[] input)
{
return ReadCrl(new MemoryStream(input, false));
}
/// <summary>
/// Create loading data from byte array.
/// </summary>
/// <param name="input"></param>
public ICollection ReadCrls(
byte[] input)
{
return ReadCrls(new MemoryStream(input, false));
}
/**
* Generates a certificate revocation list (CRL) object and initializes
* it with the data read from the input stream inStream.
*/
public X509Crl ReadCrl(
Stream inStream)
{
if (inStream == null)
throw new ArgumentNullException("inStream");
if (!inStream.CanRead)
throw new ArgumentException("inStream must be read-able", "inStream");
if (currentCrlStream == null)
{
currentCrlStream = inStream;
sCrlData = null;
sCrlDataObjectCount = 0;
}
else if (currentCrlStream != inStream) // reset if input stream has changed
{
currentCrlStream = inStream;
sCrlData = null;
sCrlDataObjectCount = 0;
}
try
{
if (sCrlData != null)
{
if (sCrlDataObjectCount != sCrlData.Count)
{
return GetCrl();
}
sCrlData = null;
sCrlDataObjectCount = 0;
return null;
}
PushbackStream pis = new PushbackStream(inStream);
int tag = pis.ReadByte();
if (tag < 0)
return null;
pis.Unread(tag);
if (tag != 0x30) // assume ascii PEM encoded.
{
return ReadPemCrl(pis);
}
Asn1InputStream asn1 = lazyAsn1
? new LazyAsn1InputStream(pis)
: new Asn1InputStream(pis);
return ReadDerCrl(asn1);
}
catch (CrlException e)
{
throw e;
}
catch (Exception e)
{
throw new CrlException(e.ToString());
}
}
/**
* Returns a (possibly empty) collection view of the CRLs read from
* the given input stream inStream.
*
* The inStream may contain a sequence of DER-encoded CRLs, or
* a PKCS#7 CRL set. This is a PKCS#7 SignedData object, with the
* only significant field being crls. In particular the signature
* and the contents are ignored.
*/
public ICollection ReadCrls(
Stream inStream)
{
X509Crl crl;
IList crls = Platform.CreateArrayList();
while ((crl = ReadCrl(inStream)) != null)
{
crls.Add(crl);
}
return crls;
}
}
}