1 //
2 // X509ChainElement.cs - System.Security.Cryptography.X509Certificates.X509ChainElement
3 //
4 // Author:
5 //	Sebastien Pouliot  <sebastien@ximian.com>
6 //
7 // (C) 2003 Motus Technologies Inc. (http://www.motus.com)
8 // Copyright (C) 2005-2006 Novell Inc. (http://www.novell.com)
9 //
10 // Permission is hereby granted, free of charge, to any person obtaining
11 // a copy of this software and associated documentation files (the
12 // "Software"), to deal in the Software without restriction, including
13 // without limitation the rights to use, copy, modify, merge, publish,
14 // distribute, sublicense, and/or sell copies of the Software, and to
15 // permit persons to whom the Software is furnished to do so, subject to
16 // the following conditions:
17 //
18 // The above copyright notice and this permission notice shall be
19 // included in all copies or substantial portions of the Software.
20 //
21 // THE SOFTWARE IS PROVIDED "AS IS", WITHOUT WARRANTY OF ANY KIND,
22 // EXPRESS OR IMPLIED, INCLUDING BUT NOT LIMITED TO THE WARRANTIES OF
23 // MERCHANTABILITY, FITNESS FOR A PARTICULAR PURPOSE AND
24 // NONINFRINGEMENT. IN NO EVENT SHALL THE AUTHORS OR COPYRIGHT HOLDERS BE
25 // LIABLE FOR ANY CLAIM, DAMAGES OR OTHER LIABILITY, WHETHER IN AN ACTION
26 // OF CONTRACT, TORT OR OTHERWISE, ARISING FROM, OUT OF OR IN CONNECTION
27 // WITH THE SOFTWARE OR THE USE OR OTHER DEALINGS IN THE SOFTWARE.
28 //
29 
30 #if SECURITY_DEP
31 
32 using Mono.Security.X509;
33 
34 namespace System.Security.Cryptography.X509Certificates {
35 
36 	public class X509ChainElement {
37 
38 		private X509Certificate2 certificate;
39 		private X509ChainStatus[] status;
40 		private string info;
41 		private X509ChainStatusFlags compressed_status_flags;
42 
43 		// constructors
44 
45 		// only accessible from X509Chain.ChainElements
X509ChainElement(X509Certificate2 certificate)46 		internal X509ChainElement (X509Certificate2 certificate)
47 		{
48 			this.certificate = certificate;
49 			// so far String.Empty is the only thing I've seen.
50 			// The interesting stuff is inside X509ChainStatus.Information
51 			info = String.Empty;
52 		}
53 
54 		// properties
55 
56 		public X509Certificate2 Certificate {
57 			get { return certificate; }
58 		}
59 
60 		public X509ChainStatus[] ChainElementStatus {
61 			get { return status; }
62 		}
63 
64 		public string Information {
65 			get { return info; }
66 		}
67 
68 		// private stuff
69 
70 		internal X509ChainStatusFlags StatusFlags {
71 			get { return compressed_status_flags; }
72 			set { compressed_status_flags = value; }
73 		}
74 
Count(X509ChainStatusFlags flags)75 		private int Count (X509ChainStatusFlags flags)
76 		{
77 			int size = 0;
78 			int n = 0;
79 			int f = (int) flags;
80 			int m = 0x1;
81 			while (n++ < 32) {
82 				if ((f & m) == m)
83 					size++;
84 				m <<= 1;
85 			}
86 			return size;
87 		}
88 
Set(X509ChainStatus[] status, ref int position, X509ChainStatusFlags flags, X509ChainStatusFlags mask)89 		private void Set (X509ChainStatus[] status, ref int position, X509ChainStatusFlags flags, X509ChainStatusFlags mask)
90 		{
91 			if ((flags & mask) != 0) {
92 				status [position].Status = mask;
93 				status [position].StatusInformation = X509ChainStatus.GetInformation (mask);
94 				position++;
95 			}
96 		}
97 
UncompressFlags()98 		internal void UncompressFlags ()
99 		{
100 			if (compressed_status_flags == X509ChainStatusFlags.NoError) {
101 				status = new X509ChainStatus [0];
102 			} else {
103 				int size = Count (compressed_status_flags);
104 				status = new X509ChainStatus [size];
105 
106 				int n = 0;
107 				// process every possible error
108 				Set (status, ref n, compressed_status_flags, X509ChainStatusFlags.UntrustedRoot);
109 				Set (status, ref n, compressed_status_flags, X509ChainStatusFlags.NotTimeValid);
110 				Set (status, ref n, compressed_status_flags, X509ChainStatusFlags.NotTimeNested);
111 				Set (status, ref n, compressed_status_flags, X509ChainStatusFlags.Revoked);
112 				Set (status, ref n, compressed_status_flags, X509ChainStatusFlags.NotSignatureValid);
113 				Set (status, ref n, compressed_status_flags, X509ChainStatusFlags.NotValidForUsage);
114 				Set (status, ref n, compressed_status_flags, X509ChainStatusFlags.RevocationStatusUnknown);
115 				Set (status, ref n, compressed_status_flags, X509ChainStatusFlags.Cyclic);
116 				Set (status, ref n, compressed_status_flags, X509ChainStatusFlags.InvalidExtension);
117 				Set (status, ref n, compressed_status_flags, X509ChainStatusFlags.InvalidPolicyConstraints);
118 				Set (status, ref n, compressed_status_flags, X509ChainStatusFlags.InvalidBasicConstraints);
119 				Set (status, ref n, compressed_status_flags, X509ChainStatusFlags.InvalidNameConstraints);
120 				Set (status, ref n, compressed_status_flags, X509ChainStatusFlags.HasNotSupportedNameConstraint);
121 				Set (status, ref n, compressed_status_flags, X509ChainStatusFlags.HasNotDefinedNameConstraint);
122 				Set (status, ref n, compressed_status_flags, X509ChainStatusFlags.HasNotPermittedNameConstraint);
123 				Set (status, ref n, compressed_status_flags, X509ChainStatusFlags.HasExcludedNameConstraint);
124 				Set (status, ref n, compressed_status_flags, X509ChainStatusFlags.PartialChain);
125 				Set (status, ref n, compressed_status_flags, X509ChainStatusFlags.CtlNotTimeValid);
126 				Set (status, ref n, compressed_status_flags, X509ChainStatusFlags.CtlNotSignatureValid);
127 				Set (status, ref n, compressed_status_flags, X509ChainStatusFlags.CtlNotValidForUsage);
128 				Set (status, ref n, compressed_status_flags, X509ChainStatusFlags.OfflineRevocation);
129 				Set (status, ref n, compressed_status_flags, X509ChainStatusFlags.NoIssuanceChainPolicy);
130 			}
131 		}
132 	}
133 }
134 
135 #endif
136