X509CrlParser.cs 4.3 KB

123456789101112131415161718192021222324252627282930313233343536373839404142434445464748495051525354555657585960616263646566676869707172737475767778798081828384858687888990919293949596979899100101102103104105106107108109110111112113114115116117118119120121122123124125126127128129130131132133134135136137138139140141142143144145146147148149150151152153154155156157158159160161162163164165166167168169170171172173174175176177178179180181182183184185186187188189190191192193194195196197198199
  1. #if !BESTHTTP_DISABLE_ALTERNATE_SSL && (!UNITY_WEBGL || UNITY_EDITOR)
  2. using System;
  3. using System.Collections;
  4. using System.IO;
  5. using System.Text;
  6. using Org.BouncyCastle.Asn1;
  7. using Org.BouncyCastle.Asn1.Pkcs;
  8. using Org.BouncyCastle.Asn1.X509;
  9. using Org.BouncyCastle.Security.Certificates;
  10. using Org.BouncyCastle.Utilities;
  11. using Org.BouncyCastle.Utilities.Encoders;
  12. using Org.BouncyCastle.Utilities.IO;
  13. namespace Org.BouncyCastle.X509
  14. {
  15. public class X509CrlParser
  16. {
  17. private static readonly PemParser PemCrlParser = new PemParser("CRL");
  18. private readonly bool lazyAsn1;
  19. private Asn1Set sCrlData;
  20. private int sCrlDataObjectCount;
  21. private Stream currentCrlStream;
  22. public X509CrlParser()
  23. : this(false)
  24. {
  25. }
  26. public X509CrlParser(
  27. bool lazyAsn1)
  28. {
  29. this.lazyAsn1 = lazyAsn1;
  30. }
  31. private X509Crl ReadPemCrl(
  32. Stream inStream)
  33. {
  34. Asn1Sequence seq = PemCrlParser.ReadPemObject(inStream);
  35. return seq == null
  36. ? null
  37. : CreateX509Crl(CertificateList.GetInstance(seq));
  38. }
  39. private X509Crl ReadDerCrl(
  40. Asn1InputStream dIn)
  41. {
  42. Asn1Sequence seq = (Asn1Sequence)dIn.ReadObject();
  43. if (seq.Count > 1 && seq[0] is DerObjectIdentifier)
  44. {
  45. if (seq[0].Equals(PkcsObjectIdentifiers.SignedData))
  46. {
  47. sCrlData = SignedData.GetInstance(
  48. Asn1Sequence.GetInstance((Asn1TaggedObject) seq[1], true)).Crls;
  49. return GetCrl();
  50. }
  51. }
  52. return CreateX509Crl(CertificateList.GetInstance(seq));
  53. }
  54. private X509Crl GetCrl()
  55. {
  56. if (sCrlData == null || sCrlDataObjectCount >= sCrlData.Count)
  57. {
  58. return null;
  59. }
  60. return CreateX509Crl(
  61. CertificateList.GetInstance(
  62. sCrlData[sCrlDataObjectCount++]));
  63. }
  64. protected virtual X509Crl CreateX509Crl(
  65. CertificateList c)
  66. {
  67. return new X509Crl(c);
  68. }
  69. /// <summary>
  70. /// Create loading data from byte array.
  71. /// </summary>
  72. /// <param name="input"></param>
  73. public X509Crl ReadCrl(
  74. byte[] input)
  75. {
  76. return ReadCrl(new MemoryStream(input, false));
  77. }
  78. /// <summary>
  79. /// Create loading data from byte array.
  80. /// </summary>
  81. /// <param name="input"></param>
  82. public ICollection ReadCrls(
  83. byte[] input)
  84. {
  85. return ReadCrls(new MemoryStream(input, false));
  86. }
  87. /**
  88. * Generates a certificate revocation list (CRL) object and initializes
  89. * it with the data read from the input stream inStream.
  90. */
  91. public X509Crl ReadCrl(
  92. Stream inStream)
  93. {
  94. if (inStream == null)
  95. throw new ArgumentNullException("inStream");
  96. if (!inStream.CanRead)
  97. throw new ArgumentException("inStream must be read-able", "inStream");
  98. if (currentCrlStream == null)
  99. {
  100. currentCrlStream = inStream;
  101. sCrlData = null;
  102. sCrlDataObjectCount = 0;
  103. }
  104. else if (currentCrlStream != inStream) // reset if input stream has changed
  105. {
  106. currentCrlStream = inStream;
  107. sCrlData = null;
  108. sCrlDataObjectCount = 0;
  109. }
  110. try
  111. {
  112. if (sCrlData != null)
  113. {
  114. if (sCrlDataObjectCount != sCrlData.Count)
  115. {
  116. return GetCrl();
  117. }
  118. sCrlData = null;
  119. sCrlDataObjectCount = 0;
  120. return null;
  121. }
  122. PushbackStream pis = new PushbackStream(inStream);
  123. int tag = pis.ReadByte();
  124. if (tag < 0)
  125. return null;
  126. pis.Unread(tag);
  127. if (tag != 0x30) // assume ascii PEM encoded.
  128. {
  129. return ReadPemCrl(pis);
  130. }
  131. Asn1InputStream asn1 = lazyAsn1
  132. ? new LazyAsn1InputStream(pis)
  133. : new Asn1InputStream(pis);
  134. return ReadDerCrl(asn1);
  135. }
  136. catch (CrlException e)
  137. {
  138. throw e;
  139. }
  140. catch (Exception e)
  141. {
  142. throw new CrlException(e.ToString());
  143. }
  144. }
  145. /**
  146. * Returns a (possibly empty) collection view of the CRLs read from
  147. * the given input stream inStream.
  148. *
  149. * The inStream may contain a sequence of DER-encoded CRLs, or
  150. * a PKCS#7 CRL set. This is a PKCS#7 SignedData object, with the
  151. * only significant field being crls. In particular the signature
  152. * and the contents are ignored.
  153. */
  154. public ICollection ReadCrls(
  155. Stream inStream)
  156. {
  157. X509Crl crl;
  158. IList crls = Org.BouncyCastle.Utilities.Platform.CreateArrayList();
  159. while ((crl = ReadCrl(inStream)) != null)
  160. {
  161. crls.Add(crl);
  162. }
  163. return crls;
  164. }
  165. }
  166. }
  167. #endif