public static void CreateIssuerAndNegativeSerial(bool fromArray) { X509AuthorityKeyIdentifierExtension akid; X500DistinguishedName issuerName = new X500DistinguishedName("CN=Negative"); ReadOnlySpan <byte> serial = new byte[] { 0x80, 0x02 }; if (fromArray) { akid = X509AuthorityKeyIdentifierExtension.CreateFromIssuerNameAndSerialNumber( issuerName, serial.ToArray()); } else { akid = X509AuthorityKeyIdentifierExtension.CreateFromIssuerNameAndSerialNumber( issuerName, serial); } Assert.False(akid.Critical, "akid.Critical"); Assert.NotNull(akid.NamedIssuer); AssertExtensions.SequenceEqual(issuerName.RawData, akid.NamedIssuer.RawData); Assert.True(akid.SerialNumber.HasValue, "akid.SerialNumber.HasValue"); AssertExtensions.SequenceEqual(serial, akid.SerialNumber.GetValueOrDefault().Span); Assert.False(akid.KeyIdentifier.HasValue, "akid.KeyIdentifier.HasValue"); const string ExpectedHex = "301DA117A41530133111300F060355040313084E6567617469766582028002"; Assert.Equal(ExpectedHex, akid.RawData.ByteArrayToHex()); }
public static void CreateWithInvalidSerialNumber() { // This value has 9 leading zero bits, making it an invalid encoding for a BER/DER INTEGER. byte[] tooManyZeros = { 0x00, 0x7F }; byte[] invalidValue = tooManyZeros; X500DistinguishedName dn = new X500DistinguishedName("CN=Bad Serial"); // Array Assert.Throws <ArgumentException>( "serialNumber", () => X509AuthorityKeyIdentifierExtension.Create(invalidValue, dn, invalidValue)); // Span Assert.Throws <ArgumentException>( "serialNumber", () => X509AuthorityKeyIdentifierExtension.Create( new ReadOnlySpan <byte>(invalidValue), dn, new ReadOnlySpan <byte>(invalidValue))); // Array Assert.Throws <ArgumentException>( "serialNumber", () => X509AuthorityKeyIdentifierExtension.CreateFromIssuerNameAndSerialNumber(dn, invalidValue)); // Span Assert.Throws <ArgumentException>( "serialNumber", () => X509AuthorityKeyIdentifierExtension.CreateFromIssuerNameAndSerialNumber( dn, new ReadOnlySpan <byte>(invalidValue))); // The leading 9 bits are all one, also invalid. byte[] tooManyOnes = { 0xFF, 0x80 }; invalidValue = tooManyOnes; // Array Assert.Throws <ArgumentException>( "serialNumber", () => X509AuthorityKeyIdentifierExtension.Create(invalidValue, dn, invalidValue)); // Span Assert.Throws <ArgumentException>( "serialNumber", () => X509AuthorityKeyIdentifierExtension.Create( new ReadOnlySpan <byte>(invalidValue), dn, new ReadOnlySpan <byte>(invalidValue))); // Array Assert.Throws <ArgumentException>( "serialNumber", () => X509AuthorityKeyIdentifierExtension.CreateFromIssuerNameAndSerialNumber(dn, invalidValue)); // Span Assert.Throws <ArgumentException>( "serialNumber", () => X509AuthorityKeyIdentifierExtension.CreateFromIssuerNameAndSerialNumber( dn, new ReadOnlySpan <byte>(invalidValue))); }
public static void CreateIssuerAndSerial(bool fromArray) { X509AuthorityKeyIdentifierExtension akid; X500DistinguishedName issuerName; ReadOnlyMemory <byte> serial; using (X509Certificate2 cert = new X509Certificate2(TestData.MicrosoftDotComIssuerBytes)) { issuerName = cert.IssuerName; serial = cert.SerialNumberBytes; } if (fromArray) { akid = X509AuthorityKeyIdentifierExtension.CreateFromIssuerNameAndSerialNumber( issuerName, serial.Span.ToArray()); } else { akid = X509AuthorityKeyIdentifierExtension.CreateFromIssuerNameAndSerialNumber( issuerName, serial.Span); } Assert.False(akid.Critical, "akid.Critical"); Assert.NotNull(akid.NamedIssuer); AssertExtensions.SequenceEqual(issuerName.RawData, akid.NamedIssuer.RawData); Assert.True(akid.SerialNumber.HasValue, "akid.SerialNumber.HasValue"); AssertExtensions.SequenceEqual(serial.Span, akid.SerialNumber.GetValueOrDefault().Span); Assert.False(akid.KeyIdentifier.HasValue, "akid.KeyIdentifier.HasValue"); const string ExpectedHex = "3072A15EA45C305A310B300906035504061302494531123010060355040A1309" + "42616C74696D6F726531133011060355040B130A437962657254727573743122" + "30200603550403131942616C74696D6F7265204379626572547275737420526F" + "6F7482100F14965F202069994FD5C7AC788941E2"; Assert.Equal(ExpectedHex, akid.RawData.ByteArrayToHex()); }
public static void CreateFromIssuerAndSerial_Validation() { Assert.Throws <ArgumentNullException>( "issuerName", () => X509AuthorityKeyIdentifierExtension.CreateFromIssuerNameAndSerialNumber( null, Array.Empty <byte>())); Assert.Throws <ArgumentNullException>( "issuerName", () => X509AuthorityKeyIdentifierExtension.CreateFromIssuerNameAndSerialNumber( null, ReadOnlySpan <byte> .Empty)); X500DistinguishedName dn = new X500DistinguishedName("CN=Hi"); Assert.Throws <ArgumentNullException>( "serialNumber", () => X509AuthorityKeyIdentifierExtension.CreateFromIssuerNameAndSerialNumber( dn, (byte[])null)); }