public static void CreateFromCertificate_Validation() { Assert.Throws <ArgumentNullException>( "certificate", () => X509AuthorityKeyIdentifierExtension.CreateFromCertificate( null, false, false)); Assert.Throws <ArgumentNullException>( "certificate", () => X509AuthorityKeyIdentifierExtension.CreateFromCertificate( null, false, true)); Assert.Throws <ArgumentNullException>( "certificate", () => X509AuthorityKeyIdentifierExtension.CreateFromCertificate( null, true, false)); Assert.Throws <ArgumentNullException>( "certificate", () => X509AuthorityKeyIdentifierExtension.CreateFromCertificate( null, true, true)); }
public static void CreateFromCertificateWithNoSki() { using (ECDsa key = ECDsa.Create()) { CertificateRequest req = new CertificateRequest("CN=Hi", key, HashAlgorithmName.SHA256); DateTimeOffset now = DateTimeOffset.UnixEpoch; using (X509Certificate2 cert = req.CreateSelfSigned(now.AddMinutes(-5), now.AddMinutes(5))) { Assert.Throws <CryptographicException>( () => X509AuthorityKeyIdentifierExtension.CreateFromCertificate( cert, includeKeyIdentifier: true, includeIssuerAndSerial: false)); Assert.Throws <CryptographicException>( () => X509AuthorityKeyIdentifierExtension.CreateFromCertificate( cert, includeKeyIdentifier: true, includeIssuerAndSerial: true)); // Assert.NoThrow X509AuthorityKeyIdentifierExtension.CreateFromCertificate( cert, includeKeyIdentifier: false, includeIssuerAndSerial: true); X509AuthorityKeyIdentifierExtension.CreateFromCertificate( cert, includeKeyIdentifier: false, includeIssuerAndSerial: false); } } }
public static void CreateIssuerAndSerialFromCertificate() { X509AuthorityKeyIdentifierExtension akid; X500DistinguishedName issuerName; ReadOnlyMemory <byte> serial; using (X509Certificate2 cert = new X509Certificate2(TestData.MicrosoftDotComIssuerBytes)) { issuerName = cert.IssuerName; serial = cert.SerialNumberBytes; akid = X509AuthorityKeyIdentifierExtension.CreateFromCertificate( cert, includeKeyIdentifier: false, includeIssuerAndSerial: true); } Assert.False(akid.Critical, "akid.Critical"); Assert.NotNull(akid.NamedIssuer); AssertExtensions.SequenceEqual(issuerName.RawData, akid.NamedIssuer.RawData); Assert.True(akid.SerialNumber.HasValue, "akid.SerialNumber.HasValue"); AssertExtensions.SequenceEqual(serial.Span, akid.SerialNumber.GetValueOrDefault().Span); Assert.False(akid.KeyIdentifier.HasValue, "akid.KeyIdentifier.HasValue"); const string ExpectedHex = "3072A15EA45C305A310B300906035504061302494531123010060355040A1309" + "42616C74696D6F726531133011060355040B130A437962657254727573743122" + "30200603550403131942616C74696D6F7265204379626572547275737420526F" + "6F7482100F14965F202069994FD5C7AC788941E2"; Assert.Equal(ExpectedHex, akid.RawData.ByteArrayToHex()); }
public static void CreateEmptyFromCertificate() { X509AuthorityKeyIdentifierExtension akid; using (X509Certificate2 cert = new X509Certificate2(TestData.MicrosoftDotComIssuerBytes)) { akid = X509AuthorityKeyIdentifierExtension.CreateFromCertificate( cert, includeKeyIdentifier: false, includeIssuerAndSerial: false); } Assert.False(akid.Critical, "akid.Critical"); Assert.Equal("3000", akid.RawData.ByteArrayToHex()); }
public static void CreateKeyIdOnlyFromCertificate() { X509AuthorityKeyIdentifierExtension akid; using (X509Certificate2 cert = new X509Certificate2(TestData.MicrosoftDotComIssuerBytes)) { akid = X509AuthorityKeyIdentifierExtension.CreateFromCertificate( cert, includeKeyIdentifier: true, includeIssuerAndSerial: false); } Assert.False(akid.Critical, "akid.Critical"); Assert.Equal("30168014B5760C3011CEC792424D4CC75C2CC8A90CE80B64", akid.RawData.ByteArrayToHex()); Assert.False(akid.RawIssuer.HasValue, "akid.RawIssuer.HasValue"); Assert.Null(akid.NamedIssuer); Assert.False(akid.SerialNumber.HasValue, "akid.SerialNumber.HasValue"); Assert.True(akid.KeyIdentifier.HasValue, "akid.KeyIdentifier.HasValue"); Assert.Equal( "B5760C3011CEC792424D4CC75C2CC8A90CE80B64", akid.KeyIdentifier.GetValueOrDefault().ByteArrayToHex()); }