From 95a0975ad79d357a0dc797afa68e6b33ad0aa3ec Mon Sep 17 00:00:00 2001 From: Frank Lehmann Date: Mon, 30 Jan 2023 14:23:05 +0100 Subject: [PATCH 1/3] Expose signature field which differs from signature Value --- ASN1Decoder/X509Certificate.swift | 8 +++++++- 1 file changed, 7 insertions(+), 1 deletion(-) diff --git a/ASN1Decoder/X509Certificate.swift b/ASN1Decoder/X509Certificate.swift index 5c5fdea..ac8e449 100644 --- a/ASN1Decoder/X509Certificate.swift +++ b/ASN1Decoder/X509Certificate.swift @@ -194,8 +194,14 @@ public class X509Certificate: CustomStringConvertible { return block1[X509BlockPosition.dateValidity]?.sub(1)?.value as? Date } + /// Gets the signature field, which should contain the same OID as in sigAlgOID + /// - See: RFC 5280 4.1.2.3 + public var signature: String? { + return block1[X509BlockPosition.signatureAlg]?.sub(0)?.value as? String + } + /// Gets the signature value (the raw signature bits) from the certificate. - public var signature: Data? { + public var signatureValue: Data? { return asn1[0].sub(2)?.value as? Data } From dfefe3c67299c05f3d14bfafcba580dde2139897 Mon Sep 17 00:00:00 2001 From: Frank Lehmann Date: Mon, 20 Feb 2023 15:03:35 +0100 Subject: [PATCH 2/3] Adapt to extract correct inner and outer signature algorithm information --- ASN1Decoder/X509Certificate.swift | 41 ++++++++++++++++++++----------- 1 file changed, 27 insertions(+), 14 deletions(-) diff --git a/ASN1Decoder/X509Certificate.swift b/ASN1Decoder/X509Certificate.swift index ac8e449..e760111 100644 --- a/ASN1Decoder/X509Certificate.swift +++ b/ASN1Decoder/X509Certificate.swift @@ -194,10 +194,22 @@ public class X509Certificate: CustomStringConvertible { return block1[X509BlockPosition.dateValidity]?.sub(1)?.value as? Date } - /// Gets the signature field, which should contain the same OID as in sigAlgOID - /// - See: RFC 5280 4.1.2.3 - public var signature: String? { - return block1[X509BlockPosition.signatureAlg]?.sub(0)?.value as? String + /// Gets the signature algorithm OID, which should contain the same OID as in + /// - See: RFC 5280 4.1.1.2 + public var signatureAlgorithmOID: String? { + return asn1[0].sub(1)?.sub(0)?.value as? String + } + + /// Gets the signature algorithm name, which should contain the same OID as in + /// - See: RFC 5280 4.1.1.2 + public var signatureAlgorithmName: String? { + return OID.description(of: signatureAlgorithmOID ?? "") + } + + /// Gets the signature algorithm parameters + /// - See: RFC 5280 4.1.1.2 + public var signatureAlgorithmParams: Data? { + return asn1[0].sub(1)?.sub(1)?.rawValue } /// Gets the signature value (the raw signature bits) from the certificate. @@ -205,19 +217,20 @@ public class X509Certificate: CustomStringConvertible { return asn1[0].sub(2)?.value as? Data } - /// Gets the signature algorithm name for the certificate signature algorithm. - public var sigAlgName: String? { - return OID.description(of: sigAlgOID ?? "") + /// Gets the signature algorithm OID string from the inner tbs Certificate. + /// - See: RFC 5280 4.1.2.3 + public var innerSignatureAlgorithmOID: String? { + return block1[X509BlockPosition.signatureAlg]?.sub(0)?.value as? String } - - /// Gets the signature algorithm OID string from the certificate. - public var sigAlgOID: String? { - return block1.sub(2)?.sub(0)?.value as? String + + /// Gets the signature algorithm name for the inner tbs certificate signature algorithm. + public var innerSignatureAlgorithmName: String? { + return OID.description(of: sigAlgOID ?? "") } - /// Gets the DER-encoded signature algorithm parameters from this certificate's signature algorithm. - public var sigAlgParams: Data? { - return nil + /// Gets the DER-encoded signature algorithm parameters from this inner tbs certificate's signature algorithm. + public var innerSignatureAlgorithmParameters: Data? { + return block1[X509BlockPosition.signatureAlg]?.sub(1)?.rawValue } /** From 08ca61deb1578ce78d79f57a76a8ba51ff6c3333 Mon Sep 17 00:00:00 2001 From: Frank Lehmann Date: Mon, 20 Feb 2023 15:05:16 +0100 Subject: [PATCH 3/3] Fix build error --- ASN1Decoder/X509Certificate.swift | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/ASN1Decoder/X509Certificate.swift b/ASN1Decoder/X509Certificate.swift index e760111..15f8ef3 100644 --- a/ASN1Decoder/X509Certificate.swift +++ b/ASN1Decoder/X509Certificate.swift @@ -225,7 +225,7 @@ public class X509Certificate: CustomStringConvertible { /// Gets the signature algorithm name for the inner tbs certificate signature algorithm. public var innerSignatureAlgorithmName: String? { - return OID.description(of: sigAlgOID ?? "") + return OID.description(of: innerSignatureAlgorithmOID ?? "") } /// Gets the DER-encoded signature algorithm parameters from this inner tbs certificate's signature algorithm.