public static void TagMustBeCorrect_Universal(AsnEncodingRules ruleSet)
{
byte[] inputData = { 3, 2, 1, 0x7E };
AsnReader reader = new AsnReader(inputData, ruleSet);
AssertExtensions.Throws <ArgumentException>(
"expectedTag",
() => reader.TryReadPrimitiveBitString(out _, out _, Asn1Tag.Null));
Assert.True(reader.HasData, "HasData after bad universal tag");
Assert.Throws <AsnContentException>(
() => reader.TryReadPrimitiveBitString(out _, out _, new Asn1Tag(TagClass.ContextSpecific, 0)));
Assert.True(reader.HasData, "HasData after wrong tag");
Assert.True(reader.TryReadPrimitiveBitString(out int unusedBitCount, out ReadOnlyMemory <byte> contents));
Assert.Equal("7E", contents.ByteArrayToHex());
Assert.Equal(1, unusedBitCount);
Assert.False(reader.HasData, "HasData after read");
}
private static void ReadEcPublicKey(AsnEncodingRules ruleSet, byte[] inputData)
{
AsnReader mainReader = new AsnReader(inputData, ruleSet);
AsnReader spkiReader = mainReader.ReadSequence();
Assert.False(mainReader.HasData, "mainReader.HasData after reading SPKI");
AsnReader algorithmReader = spkiReader.ReadSequence();
Assert.True(spkiReader.HasData, "spkiReader.HasData after reading algorithm");
ReadOnlyMemory <byte> publicKeyValue;
int unusedBitCount;
if (!spkiReader.TryReadPrimitiveBitString(out unusedBitCount, out publicKeyValue))
{
// The correct answer is 65 bytes.
for (int i = 10; ; i *= 2)
{
byte[] buf = new byte[i];
if (spkiReader.TryReadBitString(buf, out unusedBitCount, out int bytesWritten))
{
publicKeyValue = new ReadOnlyMemory <byte>(buf, 0, bytesWritten);
break;
}
}
}
Assert.False(spkiReader.HasData, "spkiReader.HasData after reading subjectPublicKey");
Assert.True(algorithmReader.HasData, "algorithmReader.HasData before reading");
string algorithmOid = algorithmReader.ReadObjectIdentifier();
Assert.True(algorithmReader.HasData, "algorithmReader.HasData after reading first OID");
Assert.Equal("1.2.840.10045.2.1", algorithmOid);
string curveOid = algorithmReader.ReadObjectIdentifier();
Assert.False(algorithmReader.HasData, "algorithmReader.HasData after reading second OID");
Assert.Equal("1.2.840.10045.3.1.7", curveOid);
const string PublicKeyValue =
"04" +
"2363DD131DA65E899A2E63E9E05E50C830D4994662FFE883DB2B9A767DCCABA2" +
"F07081B5711BE1DEE90DFC8DE17970C2D937A16CD34581F52B8D59C9E9532D13";
Assert.Equal(PublicKeyValue, publicKeyValue.ByteArrayToHex());
Assert.Equal(0, unusedBitCount);
}
public static void ReadMicrosoftComCert()
{
byte[] bytes = MicrosoftDotComSslCertBytes;
AsnReader fileReader = new AsnReader(bytes, AsnEncodingRules.DER);
AsnReader certReader = fileReader.ReadSequence();
Assert.False(fileReader.HasData, "fileReader.HasData");
AsnReader tbsCertReader = certReader.ReadSequence();
AsnReader sigAlgReader = certReader.ReadSequence();
Assert.True(
certReader.TryReadPrimitiveBitString(
out int unusedBitCount,
out ReadOnlyMemory <byte> signature),
"certReader.TryReadPrimitiveBitStringValue");
Assert.Equal(0, unusedBitCount);
AssertRefSame(signature, ref bytes[1176], "Signature is a ref to bytes[1176]");
Assert.False(certReader.HasData, "certReader.HasData");
AsnReader versionExplicitWrapper = tbsCertReader.ReadSequence(new Asn1Tag(TagClass.ContextSpecific, 0));
Assert.True(versionExplicitWrapper.TryReadInt32(out int certVersion));
Assert.Equal(2, certVersion);
Assert.False(versionExplicitWrapper.HasData, "versionExplicitWrapper.HasData");
ReadOnlyMemory <byte> serialBytes = tbsCertReader.ReadIntegerBytes();
AssertRefSame(serialBytes, ref bytes[15], "Serial number starts at bytes[15]");
AsnReader tbsSigAlgReader = tbsCertReader.ReadSequence();
Assert.Equal("1.2.840.113549.1.1.11", tbsSigAlgReader.ReadObjectIdentifier());
Assert.True(tbsSigAlgReader.HasData, "tbsSigAlgReader.HasData before ReadNull");
tbsSigAlgReader.ReadNull();
Assert.False(tbsSigAlgReader.HasData, "tbsSigAlgReader.HasData after ReadNull");
AsnReader issuerReader = tbsCertReader.ReadSequence();
Asn1Tag printableString = new Asn1Tag(UniversalTagNumber.PrintableString);
AssertRdn(issuerReader, "2.5.4.6", 57, printableString, bytes, "issuer[C]");
AssertRdn(issuerReader, "2.5.4.10", 70, printableString, bytes, "issuer[O]");
AssertRdn(issuerReader, "2.5.4.11", 101, printableString, bytes, "issuer[OU]");
AssertRdn(issuerReader, "2.5.4.3", 134, printableString, bytes, "issuer[CN]");
Assert.False(issuerReader.HasData, "issuerReader.HasData");
AsnReader validityReader = tbsCertReader.ReadSequence();
Assert.Equal(new DateTimeOffset(2014, 10, 15, 0, 0, 0, TimeSpan.Zero), validityReader.ReadUtcTime());
Assert.Equal(new DateTimeOffset(2016, 10, 15, 23, 59, 59, TimeSpan.Zero), validityReader.ReadUtcTime());
Assert.False(validityReader.HasData, "validityReader.HasData");
AsnReader subjectReader = tbsCertReader.ReadSequence();
Asn1Tag utf8String = new Asn1Tag(UniversalTagNumber.UTF8String);
AssertRdn(subjectReader, "1.3.6.1.4.1.311.60.2.1.3", 220, printableString, bytes, "subject[EV Country]");
AssertRdn(subjectReader, "1.3.6.1.4.1.311.60.2.1.2", 241, utf8String, bytes, "subject[EV State]", "Washington");
AssertRdn(subjectReader, "2.5.4.15", 262, printableString, bytes, "subject[Business Category]");
AssertRdn(subjectReader, "2.5.4.5", 293, printableString, bytes, "subject[Serial Number]");
AssertRdn(subjectReader, "2.5.4.6", 313, printableString, bytes, "subject[C]");
AssertRdn(subjectReader, "2.5.4.17", 326, utf8String, bytes, "subject[Postal Code]", "98052");
AssertRdn(subjectReader, "2.5.4.8", 342, utf8String, bytes, "subject[ST]", "Washington");
AssertRdn(subjectReader, "2.5.4.7", 363, utf8String, bytes, "subject[L]", "Redmond");
AssertRdn(subjectReader, "2.5.4.9", 381, utf8String, bytes, "subject[Street Address]", "1 Microsoft Way");
AssertRdn(subjectReader, "2.5.4.10", 407, utf8String, bytes, "subject[O]", "Microsoft Corporation");
AssertRdn(subjectReader, "2.5.4.11", 439, utf8String, bytes, "subject[OU]", "MSCOM");
AssertRdn(subjectReader, "2.5.4.3", 455, utf8String, bytes, "subject[CN]", "www.microsoft.com");
Assert.False(subjectReader.HasData, "subjectReader.HasData");
AsnReader subjectPublicKeyInfo = tbsCertReader.ReadSequence();
AsnReader spkiAlgorithm = subjectPublicKeyInfo.ReadSequence();
Assert.Equal("1.2.840.113549.1.1.1", spkiAlgorithm.ReadObjectIdentifier());
spkiAlgorithm.ReadNull();
Assert.False(spkiAlgorithm.HasData, "spkiAlgorithm.HasData");
Assert.True(
subjectPublicKeyInfo.TryReadPrimitiveBitString(
out unusedBitCount,
out ReadOnlyMemory <byte> encodedPublicKey),
"subjectPublicKeyInfo.TryReadBitStringBytes");
Assert.Equal(0, unusedBitCount);
AssertRefSame(encodedPublicKey, ref bytes[498], "Encoded public key starts at byte 498");
Assert.False(subjectPublicKeyInfo.HasData, "subjectPublicKeyInfo.HasData");
AsnReader publicKeyReader = new AsnReader(encodedPublicKey, AsnEncodingRules.DER);
AsnReader rsaPublicKeyReader = publicKeyReader.ReadSequence();
AssertRefSame(rsaPublicKeyReader.ReadIntegerBytes(), ref bytes[506], "RSA Modulus is at bytes[502]");
Assert.True(rsaPublicKeyReader.TryReadInt32(out int rsaExponent));
Assert.Equal(65537, rsaExponent);
Assert.False(rsaPublicKeyReader.HasData, "rsaPublicKeyReader.HasData");
Assert.False(publicKeyReader.HasData, "publicKeyReader.HasData");
AsnReader extensionsContainer = tbsCertReader.ReadSequence(new Asn1Tag(TagClass.ContextSpecific, 3));
AsnReader extensions = extensionsContainer.ReadSequence();
Assert.False(extensionsContainer.HasData, "extensionsContainer.HasData");
AsnReader sanExtension = extensions.ReadSequence();
Assert.Equal("2.5.29.17", sanExtension.ReadObjectIdentifier());
Assert.True(sanExtension.TryReadPrimitiveOctetString(out ReadOnlyMemory <byte> sanExtensionBytes));
Assert.False(sanExtension.HasData, "sanExtension.HasData");
AsnReader sanExtensionPayload = new AsnReader(sanExtensionBytes, AsnEncodingRules.DER);
AsnReader sanExtensionValue = sanExtensionPayload.ReadSequence();
Assert.False(sanExtensionPayload.HasData, "sanExtensionPayload.HasData");
Asn1Tag dnsName = new Asn1Tag(TagClass.ContextSpecific, 2);
Assert.Equal("www.microsoft.com", sanExtensionValue.ReadCharacterString(UniversalTagNumber.IA5String, dnsName));
Assert.Equal("wwwqa.microsoft.com", sanExtensionValue.ReadCharacterString(UniversalTagNumber.IA5String, dnsName));
Assert.False(sanExtensionValue.HasData, "sanExtensionValue.HasData");
AsnReader basicConstraints = extensions.ReadSequence();
Assert.Equal("2.5.29.19", basicConstraints.ReadObjectIdentifier());
Assert.True(basicConstraints.TryReadPrimitiveOctetString(out ReadOnlyMemory <byte> basicConstraintsBytes));
AsnReader basicConstraintsPayload = new AsnReader(basicConstraintsBytes, AsnEncodingRules.DER);
AsnReader basicConstraintsValue = basicConstraintsPayload.ReadSequence();
Assert.False(basicConstraintsValue.HasData, "basicConstraintsValue.HasData");
Assert.False(basicConstraintsPayload.HasData, "basicConstraintsPayload.HasData");
AsnReader keyUsageExtension = extensions.ReadSequence();
Assert.Equal("2.5.29.15", keyUsageExtension.ReadObjectIdentifier());
Assert.True(keyUsageExtension.ReadBoolean(), "keyUsageExtension.ReadBoolean() (IsCritical)");
Assert.True(keyUsageExtension.TryReadPrimitiveOctetString(out ReadOnlyMemory <byte> keyUsageBytes));
AsnReader keyUsagePayload = new AsnReader(keyUsageBytes, AsnEncodingRules.DER);
Assert.Equal(
X509KeyUsageCSharpStyle.DigitalSignature | X509KeyUsageCSharpStyle.KeyEncipherment,
keyUsagePayload.ReadNamedBitListValue <X509KeyUsageCSharpStyle>());
Assert.False(keyUsagePayload.HasData, "keyUsagePayload.HasData");
AssertExtension(extensions, "2.5.29.37", false, 863, bytes);
AssertExtension(extensions, "2.5.29.32", false, 894, bytes);
AssertExtension(extensions, "2.5.29.35", false, 998, bytes);
AssertExtension(extensions, "2.5.29.31", false, 1031, bytes);
AssertExtension(extensions, "1.3.6.1.5.5.7.1.1", false, 1081, bytes);
Assert.False(extensions.HasData, "extensions.HasData");
Assert.Equal("1.2.840.113549.1.1.11", sigAlgReader.ReadObjectIdentifier());
sigAlgReader.ReadNull();
Assert.False(sigAlgReader.HasData);
}
public static void TagMustBeCorrect_Custom(AsnEncodingRules ruleSet)
{
byte[] inputData = { 0x87, 2, 0, 0x80 };
byte[] output = new byte[inputData.Length];
AsnReader reader = new AsnReader(inputData, ruleSet);
Asn1Tag wrongTag1 = new Asn1Tag(TagClass.Application, 0);
Asn1Tag wrongTag2 = new Asn1Tag(TagClass.ContextSpecific, 1);
Asn1Tag correctTag = new Asn1Tag(TagClass.ContextSpecific, 7);
AssertExtensions.Throws <ArgumentException>(
"expectedTag",
() => reader.TryReadPrimitiveBitString(out _, out _, Asn1Tag.Null));
AssertExtensions.Throws <ArgumentException>(
"expectedTag",
() => reader.TryReadBitString(output, out _, out _, Asn1Tag.Null));
AssertExtensions.Throws <ArgumentException>(
"expectedTag",
() => reader.ReadBitString(out _, Asn1Tag.Null));
Assert.True(reader.HasData, "HasData after bad universal tag");
Assert.Throws <AsnContentException>(() => reader.TryReadPrimitiveBitString(out _, out _));
Assert.Throws <AsnContentException>(() => reader.TryReadBitString(output, out _, out _));
Assert.Throws <AsnContentException>(() => reader.ReadBitString(out _));
Assert.True(reader.HasData, "HasData after default tag");
Assert.Throws <AsnContentException>(() => reader.TryReadPrimitiveBitString(out _, out _, wrongTag1));
Assert.Throws <AsnContentException>(() => reader.TryReadBitString(output, out _, out _, wrongTag1));
Assert.Throws <AsnContentException>(() => reader.ReadBitString(out _, wrongTag1));
Assert.True(reader.HasData, "HasData after wrong custom class");
Assert.Throws <AsnContentException>(() => reader.TryReadPrimitiveBitString(out _, out _, wrongTag2));
Assert.Throws <AsnContentException>(() => reader.TryReadBitString(output, out _, out _, wrongTag2));
Assert.Throws <AsnContentException>(() => reader.ReadBitString(out _, wrongTag2));
Assert.True(reader.HasData, "HasData after wrong custom tag value");
Assert.True(
reader.TryReadPrimitiveBitString(
out int unusedBitCount,
out ReadOnlyMemory <byte> contents,
correctTag));
Assert.Equal("80", contents.ByteArrayToHex());
Assert.Equal(0, unusedBitCount);
Assert.False(reader.HasData, "HasData after reading value");
reader = new AsnReader(inputData, ruleSet);
Assert.True(
reader.TryReadBitString(
output.AsSpan(1),
out unusedBitCount,
out int written,
correctTag));
Assert.Equal("80", output.AsSpan(1, written).ByteArrayToHex());
Assert.Equal(0, unusedBitCount);
Assert.False(reader.HasData, "HasData after reading value");
reader = new AsnReader(inputData, ruleSet);
byte[] output2 = reader.ReadBitString(out unusedBitCount, correctTag);
Assert.Equal("80", output2.ByteArrayToHex());
Assert.Equal(0, unusedBitCount);
Assert.False(reader.HasData, "HasData after reading value");
}
