- switch (nameType) {
- case X509NameType.SimpleName:
- if (_cert == null)
- throw new CryptographicException (empty_error);
- // return CN= or, if missing, the first part of the DN
- ASN1 sn = forIssuer ? _cert.GetIssuerName () : _cert.GetSubjectName ();
- ASN1 dn = Find (commonName, sn);
- if (dn != null)
- return GetValueAsString (dn);
- if (sn.Count == 0)
- return String.Empty;
- ASN1 last_entry = sn [sn.Count - 1];
- if (last_entry.Count == 0)
- return String.Empty;
- return GetValueAsString (last_entry [0]);
- case X509NameType.EmailName:
- // return the E= part of the DN (if present)
- ASN1 e = Find (email, forIssuer ? _cert.GetIssuerName () : _cert.GetSubjectName ());
- if (e != null)
- return GetValueAsString (e);
- return String.Empty;
- case X509NameType.UpnName:
- // FIXME - must find/create test case
- return String.Empty;
- case X509NameType.DnsName:
- // return the CN= part of the DN (if present)
- ASN1 cn = Find (commonName, forIssuer ? _cert.GetIssuerName () : _cert.GetSubjectName ());
- if (cn != null)
- return GetValueAsString (cn);
- return String.Empty;
- case X509NameType.DnsFromAlternativeName:
- // FIXME - must find/create test case
- return String.Empty;
- case X509NameType.UrlName:
- // FIXME - must find/create test case
- return String.Empty;
- default:
- throw new ArgumentException ("nameType");
- }
- }
-
- static byte[] commonName = { 0x55, 0x04, 0x03 };
- static byte[] email = { 0x2a, 0x86, 0x48, 0x86, 0xf7, 0x0d, 0x01, 0x09, 0x01 };
-
- private ASN1 Find (byte[] oid, ASN1 dn)
- {
- if (dn.Count == 0)
- return null;
-
- // process SET
- for (int i = 0; i < dn.Count; i++) {
- ASN1 set = dn [i];
- for (int j = 0; j < set.Count; j++) {
- ASN1 pair = set [j];
- if (pair.Count != 2)
- continue;
-
- ASN1 poid = pair [0];
- if (poid == null)
- continue;
-
- if (poid.CompareValue (oid))
- return pair;
- }
- }
- return null;
- }
-
- private string GetValueAsString (ASN1 pair)
- {
- if (pair.Count != 2)
- return String.Empty;
-
- ASN1 value = pair [1];
- if ((value.Value == null) || (value.Length == 0))
- return String.Empty;
-
- if (value.Tag == 0x1E) {
- // BMPSTRING
- StringBuilder sb = new StringBuilder ();
- for (int j = 1; j < value.Value.Length; j += 2)
- sb.Append ((char)value.Value [j]);
- return sb.ToString ();
- } else {
- return Encoding.UTF8.GetString (value.Value);
- }
- }
-
- private MX.X509Certificate ImportPkcs12 (byte[] rawData, string password)
- {
- MX.PKCS12 pfx = (password == null) ? new MX.PKCS12 (rawData) : new MX.PKCS12 (rawData, password);
- if (pfx.Certificates.Count == 0) {
- // no certificate was found
- return null;
- } else if (pfx.Keys.Count == 0) {
- // no key were found - pick the first certificate
- return pfx.Certificates [0];
- } else {
- // find the certificate that match the first key
- MX.X509Certificate cert = null;
- var keypair = (pfx.Keys [0] as AsymmetricAlgorithm);
- string pubkey = keypair.ToXmlString (false);
- foreach (var c in pfx.Certificates) {
- if (((c.RSA != null) && (pubkey == c.RSA.ToXmlString (false))) ||
- ((c.DSA != null) && (pubkey == c.DSA.ToXmlString (false)))) {
- cert = c;
- break;
- }
- }
- if (cert == null) {
- cert = pfx.Certificates [0]; // no match, pick first certificate without keys
- } else {
- cert.RSA = (keypair as RSA);
- cert.DSA = (keypair as DSA);
- }
- return cert;
- }