public void CreateSigningCertificateV2_WithValidInput_ReturnsAttribute(Common.HashAlgorithmName hashAlgorithmName)
        {
            using (var certificate = _fixture.GetDefaultCertificate())
            {
                var attribute = AttributeUtility.CreateSigningCertificateV2(certificate, hashAlgorithmName);

                Assert.Equal(Oids.SigningCertificateV2, attribute.Oid.Value);
                Assert.Equal(1, attribute.Values.Count);

                var signingCertificateV2 = SigningCertificateV2.Read(attribute.Values[0].RawData);

                Assert.Equal(1, signingCertificateV2.Certificates.Count);

                var essCertIdV2  = signingCertificateV2.Certificates[0];
                var expectedHash = SignTestUtility.GetHash(certificate, hashAlgorithmName);

                SignTestUtility.VerifyByteArrays(expectedHash, essCertIdV2.CertificateHash);
                Assert.Equal(
                    hashAlgorithmName,
                    CryptoHashUtility.OidToHashAlgorithmName(essCertIdV2.HashAlgorithm.Algorithm.Value));
                Assert.Equal(certificate.IssuerName.Name, essCertIdV2.IssuerSerial.GeneralNames[0].DirectoryName.Name);

                var serialNumber = certificate.GetSerialNumber();

                // Convert from little endian to big endian.
                Array.Reverse(serialNumber);

                SignTestUtility.VerifyByteArrays(
                    serialNumber,
                    essCertIdV2.IssuerSerial.SerialNumber);
            }
        }
Beispiel #2
0
        private static void VerifyAttributes(
            CryptographicAttributeObjectCollection attributes,
            SignPackageRequest request)
        {
            var pkcs9SigningTimeAttributeFound         = false;
            var commitmentTypeIndicationAttributeFound = false;
            var signingCertificateV2AttributeFound     = false;

            foreach (var attribute in attributes)
            {
                Assert.Equal(1, attribute.Values.Count);

                switch (attribute.Oid.Value)
                {
                case "1.2.840.113549.1.9.5":     // PKCS #9 signing time
                    Assert.IsType <Pkcs9SigningTime>(attribute.Values[0]);

                    pkcs9SigningTimeAttributeFound = true;
                    break;

                case Oids.CommitmentTypeIndication:
                    var qualifier = CommitmentTypeQualifier.Read(attribute.Values[0].RawData);
                    var expectedCommitmentType = AttributeUtility.GetSignatureTypeOid(request.SignatureType);

                    Assert.Equal(expectedCommitmentType, qualifier.CommitmentTypeIdentifier.Value);

                    commitmentTypeIndicationAttributeFound = true;
                    break;

                case Oids.SigningCertificateV2:
                    var signingCertificateV2 = SigningCertificateV2.Read(attribute.Values[0].RawData);

                    Assert.Equal(1, signingCertificateV2.Certificates.Count);

                    var essCertIdV2 = signingCertificateV2.Certificates[0];

                    Assert.Equal(SignTestUtility.GetHash(request.Certificate, request.SignatureHashAlgorithm), essCertIdV2.CertificateHash);
                    Assert.Equal(request.SignatureHashAlgorithm.ConvertToOidString(), essCertIdV2.HashAlgorithm.Algorithm.Value);
                    Assert.Equal(request.Certificate.IssuerName.Name, essCertIdV2.IssuerSerial.GeneralNames[0].DirectoryName.Name);
                    SignTestUtility.VerifySerialNumber(request.Certificate, essCertIdV2.IssuerSerial);
                    Assert.Null(signingCertificateV2.Policies);

                    signingCertificateV2AttributeFound = true;
                    break;
                }
            }

            Assert.True(pkcs9SigningTimeAttributeFound);
            Assert.True(commitmentTypeIndicationAttributeFound);
            Assert.True(signingCertificateV2AttributeFound);
        }