public void Example_SignDocument()
{
using X509Certificate2 signingCertificate = CertificateGenerator.Create("Signer", X509KeyUsageFlags.NonRepudiation | X509KeyUsageFlags.DigitalSignature);
Assert.IsTrue(signingCertificate.IsForDocumentSigning());
byte[] data = Encoding.UTF8.GetBytes("Hello World!");
ContentInfo content = new ContentInfo(data);
SignedCms signedCms = new SignedCms(content, false);
CmsSigner signer = new CmsSigner(SubjectIdentifierType.IssuerAndSerialNumber, signingCertificate);
signer.DigestAlgorithm = new Oid(Oids.SHA256);
signer.IncludeOption = X509IncludeOption.WholeChain;
signer.SignedAttributes.Add(new AsnEncodedData(new Pkcs9SigningTime(DateTime.Now)));
signer.SignedAttributes.Add(new Pkcs7IdAaContentHint("helloWorld.txt", "text/plain"));
signer.SignedAttributes.Add(new Pkcs7IdAaSigningCertificateV2(signingCertificate));
signer.SignedAttributes.Add(new Pkcs9IdSigningPolicy("1.3.158.36061701.1.2.2", HashAlgorithmName.SHA256, "1A5A86D067512E00DB45FCD8DFB9A0574749D1D1F2A7189ED9F2DFE6ADE82DBD")); // Only for old Slovak format - SK ZEP
signedCms.ComputeSignature(signer, false);
byte[] eidasP7mFileBytes = signedCms.Encode();
Assert.IsNotNull(eidasP7mFileBytes);
}
public async Task Example_SignDocumentWithTs()
{
using X509Certificate2 signingCertificate = CertificateGenerator.Create("Signer", X509KeyUsageFlags.NonRepudiation | X509KeyUsageFlags.DigitalSignature);
Assert.IsTrue(signingCertificate.IsForDocumentSigning());
byte[] data = Encoding.UTF8.GetBytes("Hello World!");
ContentInfo content = new ContentInfo(data);
SignedCms signedCms = new SignedCms(content, false);
CmsSigner signer = new CmsSigner(SubjectIdentifierType.IssuerAndSerialNumber, signingCertificate);
signer.DigestAlgorithm = new Oid(Oids.SHA256);
signer.IncludeOption = X509IncludeOption.WholeChain;
signer.SignedAttributes.Add(new AsnEncodedData(new Pkcs9SigningTime(DateTime.Now)));
signer.SignedAttributes.Add(new Pkcs7IdAaContentHint("helloWorld.txt", "text/plain"));
signer.SignedAttributes.Add(new Pkcs7IdAaSigningCertificateV2(signingCertificate));
// Without Pkcs9IdSigningPolicy
signedCms.ComputeSignature(signer, false);
await this.CreateTimeStamp(signedCms);
byte[] eidasP7mFileBytes = signedCms.Encode();
Assert.IsNotNull(eidasP7mFileBytes);
}
private CertificateGenerator BuildCertGenerator(string name, string password)
{
var generator = new CertificateGenerator(SubscriptionId, ManagementCertificate);
generator.Create(name, DateTime.UtcNow.Subtract(TimeSpan.FromDays(1)), DateTime.UtcNow.AddYears(2), password);
return(generator);
}
public void IsForEncryption(X509KeyUsageFlags flags, bool exceptedResult)
{
X509Certificate2 certificate = CertificateGenerator.Create("X509Certificate2ExtensionsTests", flags);
bool result = certificate.IsForEncryption();
Assert.AreEqual(exceptedResult, result);
}
public void GetEncoded(AsnFormat format)
{
X509Certificate2 certificate = CertificateGenerator.Create("X509Certificate2ExtensionsTests");
byte[] encoded = certificate.GetEncoded(format);
X509Certificate2 result = new X509Certificate2(encoded);
Assert.IsNotNull(result);
}
public void IsForEmailProtection(X509KeyUsageFlags flags, bool exceptedResult)
{
X509Certificate2 certificate = (exceptedResult) ?
CertificateGenerator.Create("X509Certificate2ExtensionsTests", flags, "1.3.6.1.5.5.7.3.4") :
CertificateGenerator.Create("X509Certificate2ExtensionsTests", flags);
bool result = certificate.IsForEmailProtection();
Assert.AreEqual(exceptedResult, result);
}
public void GetNameInfo_ForSubject(string subject, string oid, string values)
{
string[] nameValues = values.Split(new char[] { ',' }, StringSplitOptions.RemoveEmptyEntries);
X509Certificate2 certificate = CertificateGenerator.Create(subject);
IReadOnlyList <string> resultList1 = certificate.GetNameInfo(oid, false);
IReadOnlyList <string> resultList2 = certificate.GetNameInfo(oid, X509NameSource.Subject);
CollectionAssert.AreEquivalent(nameValues, resultList1.ToArray(), "Error with bool variant.");
CollectionAssert.AreEquivalent(nameValues, resultList2.ToArray(), "Error with X509NameSource variant.");
}
public void GetNameInfo_ForIssuer(string subject, string oid, string values)
{
string[] nameValues = values.Split(new char[] { ',' }, StringSplitOptions.RemoveEmptyEntries);
X509Certificate2 issuerCertificate = CertificateGenerator.Create(subject, X509KeyUsageFlags.KeyCertSign);
X509Certificate2 certificate = CertificateGenerator.Create("CN=end", signedCertificate: issuerCertificate);
IReadOnlyList <string> resultList1 = certificate.GetNameInfo(oid, true);
IReadOnlyList <string> resultList2 = certificate.GetNameInfo(oid, X509NameSource.Issuer);
CollectionAssert.AreEquivalent(nameValues, resultList1.ToArray(), "Error with bool variant.");
CollectionAssert.AreEquivalent(nameValues, resultList2.ToArray(), "Error with X509NameSource variant.");
}
public Pkcs7IdAaSigningCertificateV2Tests()
{
this.certficate1 = CertificateGenerator.Create("texter1");
this.certficate2 = CertificateGenerator.Create("texter2");
}
/// <summary>
/// Used to create the Cert
/// </summary>
public X509Certificate2 Create()
{
return(Certificate = CertificateGenerator.Create(Name, ValidFrom, ValidTo, PvkPassword, true));
}
/// <summary>
/// Used to create the Cert
/// </summary>
public X509Certificate2 Create()
{
var generator = new CertificateGenerator();
return(generator.Create(Name, ValidFrom, ValidTo, PvkPassword, true));
}