GetNameInfo() public method

public GetNameInfo ( System nameType, bool forIssuer ) : string
nameType System
forIssuer bool
return string
Example #1
1
        public void SubTest()
        {
            X509Certificate2 x509 = new X509Certificate2(@"C:\Users\bxu.CHINA\Desktop\HYD-801\1234\cert\ABCFR_ABCFRALMMACC1.crt");
            //X509Certificate2 x509 = new X509Certificate2(@"..\..\..\ApacheQpidClient\certificates\LiquidCapital\LCMLO_ABCFRALMMACC1.crt");

            byte[] rawdata = x509.RawData;
            Console.WriteLine("Content Type: {0}{1}", X509Certificate2.GetCertContentType(rawdata), Environment.NewLine);
            Console.WriteLine("Friendly Name: {0}{1}", x509.FriendlyName, Environment.NewLine);
            Console.WriteLine("Certificate Verified?: {0}{1}", x509.Verify(), Environment.NewLine);
            Console.WriteLine("Simple Name: {0}{1}", x509.GetNameInfo(X509NameType.SimpleName, true), Environment.NewLine);
            Console.WriteLine("Signature Algorithm: {0}{1}", x509.SignatureAlgorithm.FriendlyName, Environment.NewLine);
            //    Console.WriteLine("Private Key: {0}{1}", x509.PrivateKey.ToXmlString(false), Environment.NewLine);  // cer里面并没有私钥信息
            Console.WriteLine("Public Key: {0}{1}", x509.PublicKey.Key.ToXmlString(false), Environment.NewLine);
            Console.WriteLine("Certificate Archived?: {0}{1}", x509.Archived, Environment.NewLine);
            Console.WriteLine("Length of Raw Data: {0}{1}", x509.RawData.Length, Environment.NewLine);

            Console.WriteLine("SubjectName: {0}{1}", x509.SubjectName, Environment.NewLine);
            Console.WriteLine("Subject: {0}{1}", x509.Subject, Environment.NewLine);

        }
Example #2
0
        // Helper methods

        private static void IndexFolder(string folderName, StringBuilder sb, bool noProgress, bool verify)
        {
            // Process all file in folder
            foreach (var fileName in Directory.GetFiles(folderName))
            {
                if (!_certExts.Contains(Path.GetExtension(fileName).ToLowerInvariant()))
                {
                    continue;
                }

                // Get basic cert properties
                var cert            = new System.Security.Cryptography.X509Certificates.X509Certificate2(fileName);
                var serialNumberHex = "0x" + cert.GetSerialNumberString();
                var serialNumberDec = uint.Parse(cert.GetSerialNumberString(), System.Globalization.NumberStyles.HexNumber);
                var email           = cert.GetNameInfo(System.Security.Cryptography.X509Certificates.X509NameType.EmailName, false);
                var domain          = email.Substring(email.IndexOf('@') + 1);
                var name            = cert.GetNameInfo(System.Security.Cryptography.X509Certificates.X509NameType.SimpleName, false);
                if (!noProgress)
                {
                    Console.Write($"0x{serialNumberHex,-8} {email,-40} {name,-30} ");
                }

                // Verify certificate
                var status = "Unknown";
                if (verify)
                {
                    var certValid = ValidateCertificate(cert);
                    status = certValid ? "OK" : "Revoked";
                }
                if (!noProgress)
                {
                    Console.WriteLine(status);
                }

                // Add line to index
                sb.AppendLine(string.Join(CSV_SEPARATOR,
                                          serialNumberHex,
                                          serialNumberDec,
                                          cert.GetCertHashString(),
                                          cert.NotBefore.ToString("yyyy-MM-dd"),
                                          cert.NotAfter.ToString("yyyy-MM-dd"),
                                          cert.PublicKey.Key.KeySize,
                                          status,
                                          domain,
                                          name,
                                          email,
                                          cert.Issuer,
                                          cert.Subject));
            }

            // Crafl subfolders
            foreach (var subFolderName in Directory.GetDirectories(folderName))
            {
                IndexFolder(subFolderName, sb, noProgress, verify);
            }
        }
Example #3
0
        static string find_certificate_name(X509Certificate2 cert)
        {
            string cert_name = cert.GetNameInfo(X509NameType.SimpleName, false);

            if (cert_name.Count() == 0) {
                cert_name = cert.GetNameInfo(X509NameType.DnsName, false);
            }

            if (cert_name.Count() == 0) {
                cert_name = cert.GetNameInfo(X509NameType.DnsFromAlternativeName, false);
            }

            return cert_name;
        }
Example #4
0
        public static void Main(string[] args)
        {
            Console.WriteLine("Starting...");
            X509Certificate2 serverCertificate = new X509Certificate2("certificate.pfx"); // Any valid certificate with private key will work fine.
            TcpListener listener = new TcpListener(IPAddress.Any, 4567);
            TcpClient client = new TcpClient();
            listener.Start();

            Task clientConnectTask = client.ConnectAsync(IPAddress.Loopback, 4567);
            Task<TcpClient> listenerAcceptTask = listener.AcceptTcpClientAsync();
            Task.WaitAll(clientConnectTask, listenerAcceptTask);

            TcpClient server = listenerAcceptTask.Result;
            SslStream clientStream = new SslStream(client.GetStream(), false, new RemoteCertificateValidationCallback(ValidateServerCertificate), null, EncryptionPolicy.RequireEncryption);
            SslStream serverStream = new SslStream(server.GetStream(), false, null, null, EncryptionPolicy.RequireEncryption);

            Task clientAuthenticationTask = clientStream.AuthenticateAsClientAsync(serverCertificate.GetNameInfo(X509NameType.SimpleName, false), null, SslProtocols.Tls12, false);
            Task serverAuthenticationTask = serverStream.AuthenticateAsServerAsync(serverCertificate, false, SslProtocols.Tls12, false);
            Task.WaitAll(clientAuthenticationTask, serverAuthenticationTask);
            
            byte[] readBuffer = new byte[256];
            Task<int> readTask = clientStream.ReadAsync(readBuffer, 0, readBuffer.Length); // Create a pending ReadAsync, which will wait for data that will never come (for testing purposes).
            byte[] writeBuffer = new byte[256];
            Task writeTask = clientStream.WriteAsync(writeBuffer, 0, writeBuffer.Length); // The main thread actually blocks here (not asychronously waits) on .NET Core making this call.
            bool result = Task.WaitAll(new Task[1] { writeTask }, 5000); // This code won't even be reached on .NET Core. Works fine on .NET Framework.

            if (result)
            {
                Console.WriteLine("WriteAsync completed successfully while ReadAsync was pending... nothing locked up.");
            }
            else
            {
                Console.WriteLine("WriteAsync failed to complete after 5 seconds.");
            }
        }
Example #5
0
 public string DisplayIssuerName(X509Certificate2 cert)
 {
     string str = "";
     if (cert == null)
     {
         return str;
     }
     return cert.GetNameInfo(X509NameType.SimpleName, true);
 }
Example #6
0
        public async void EchoServerAndClient()
        {
            var testPromise = new TaskCompletionSource();
            var tlsCertificate = new X509Certificate2("dotnetty.com.pfx", "password");
            Func<Task> closeServerFunc = await this.StartServerAsync(true, ch =>
            {
                ch.Pipeline.AddLast("server logger", new LoggingHandler("SERVER"));
                ch.Pipeline.AddLast("server tls", TlsHandler.Server(tlsCertificate));
                ch.Pipeline.AddLast("server logger2", new LoggingHandler("SER***"));
                ch.Pipeline.AddLast("server prepender", new LengthFieldPrepender(2));
                ch.Pipeline.AddLast("server decoder", new LengthFieldBasedFrameDecoder(ushort.MaxValue, 0, 2, 0, 2));
                ch.Pipeline.AddLast(new EchoChannelHandler());
            }, testPromise);

            var group = new MultithreadEventLoopGroup();
            Bootstrap b = new Bootstrap()
                .Group(group)
                .Channel<TcpSocketChannel>()
                .Option(ChannelOption.TcpNodelay, true)
                .Handler(new ActionChannelInitializer<ISocketChannel>(ch =>
                {
                    string targetHost = tlsCertificate.GetNameInfo(X509NameType.DnsName, false);
                    var clientTlsSettings = new ClientTlsSettings(targetHost);
                    ch.Pipeline.AddLast("client logger", new LoggingHandler("CLIENT"));
                    ch.Pipeline.AddLast("client tls", new TlsHandler(stream => new SslStream(stream, true, (sender, certificate, chain, errors) => true), clientTlsSettings));
                    ch.Pipeline.AddLast("client logger2", new LoggingHandler("CLI***"));
                    ch.Pipeline.AddLast("client prepender", new LengthFieldPrepender(2));
                    ch.Pipeline.AddLast("client decoder", new LengthFieldBasedFrameDecoder(ushort.MaxValue, 0, 2, 0, 2));
                    ch.Pipeline.AddLast(new TestScenarioRunner(this.GetEchoClientScenario, testPromise));
                }));

            this.Output.WriteLine("Configured Bootstrap: {0}", b);

            IChannel clientChannel = null;
            try
            {
                clientChannel = await b.ConnectAsync(IPAddress.Loopback, Port);

                this.Output.WriteLine("Connected channel: {0}", clientChannel);

                await Task.WhenAny(testPromise.Task, Task.Delay(TimeSpan.FromSeconds(30)));
                Assert.True(testPromise.Task.IsCompleted, "timed out");
                testPromise.Task.Wait();
            }
            finally
            {
                Task serverCloseTask = closeServerFunc();
                clientChannel?.CloseAsync().Wait(TimeSpan.FromSeconds(5));
                group.ShutdownGracefullyAsync();
                if (!serverCloseTask.Wait(ShutdownTimeout))
                {
                    this.Output.WriteLine("Didn't stop in time.");
                }
            }
        }
Example #7
0
        public SysX509.X509Certificate2 Certificadop12(string rutaCertificado, string claveDelCertificado = null)
        {
            SysX509.X509Certificate2 certificado = new SysX509.X509Certificate2(rutaCertificado, claveDelCertificado);
            Entidad = certificado.GetNameInfo(System.Security.Cryptography.X509Certificates.X509NameType.DnsName, true);


            String[] DatosSujeto = certificado.SubjectName.Decode(SysX509.X500DistinguishedNameFlags.None).Split('=');
            NameSujeto       = DatosSujeto[DatosSujeto.Length - 1];
            this.certificado = certificado;
            return(certificado);
        }
Example #8
0
        public List <string> CertificadoVerificar(string rutaCertificado, string claveDelCertificado = null)
        {
            SysX509.X509Certificate2 certificado = new SysX509.X509Certificate2(rutaCertificado, claveDelCertificado);

            List <string> datos = new List <string>();

            datos.Add(certificado.GetNameInfo(System.Security.Cryptography.X509Certificates.X509NameType.DnsName, true));


            String[] DatosSujeto = certificado.SubjectName.Decode(SysX509.X500DistinguishedNameFlags.None).Split('=');
            datos.Add(DatosSujeto[DatosSujeto.Length - 1]);

            return(datos);
        }
Example #9
0
        public async void EchoServerAndClient()
        {
            var testPromise = new TaskCompletionSource();
            var tlsCertificate = new X509Certificate2("dotnetty.com.pfx", "password");
            Func<Task> closeServerFunc = await this.StartServerAsync(true, ch =>
            {
                ch.Pipeline.AddLast(TlsHandler.Server(tlsCertificate));
                ch.Pipeline.AddLast(new EchoChannelHandler());
            }, testPromise);

            var group = new MultithreadEventLoopGroup();
            Bootstrap b = new Bootstrap()
                .Group(group)
                .Channel<TcpSocketChannel>()
                .Option(ChannelOption.TcpNodelay, true)
                .Handler(new ActionChannelInitializer<ISocketChannel>(ch =>
                {
                    string targetHost = tlsCertificate.GetNameInfo(X509NameType.DnsName, false);
                    ch.Pipeline.AddLast(TlsHandler.Client(targetHost, null, (sender, certificate, chain, errors) => true));
                    ch.Pipeline.AddLast(new TestScenarioRunner(this.GetEchoClientScenario, testPromise));
                }));

            this.Output.WriteLine("Configured Bootstrap: {0}", b);

            IChannel clientChannel = null;
            try
            {
                clientChannel = await b.ConnectAsync(IPAddress.Loopback, Port);

                this.Output.WriteLine("Connected channel: {0}", clientChannel);

                await Task.WhenAny(testPromise.Task, Task.Delay(TimeSpan.FromMinutes(1)));
                Assert.True(testPromise.Task.IsCompleted);
                testPromise.Task.Wait();
            }
            finally
            {
                Task serverCloseTask = closeServerFunc();
                if (clientChannel != null)
                {
                    clientChannel.CloseAsync().Wait(TimeSpan.FromSeconds(5));
                }
                group.ShutdownGracefullyAsync();
                if (!serverCloseTask.Wait(ShutdownTimeout))
                {
                    this.Output.WriteLine("Didn't stop in time.");
                }
            }
        }
Example #10
0
        static async Task RunClientAsync()
        {
            var eventListener = new ObservableEventListener();
            eventListener.LogToConsole();
            eventListener.EnableEvents(DefaultEventSource.Log, EventLevel.Verbose);

            var group = new MultithreadEventLoopGroup();

            X509Certificate2 cert = null;
            string targetHost = null;
            if (EchoClientSettings.IsSsl)
            {
                cert = new X509Certificate2("dotnetty.com.pfx", "password");
                targetHost = cert.GetNameInfo(X509NameType.DnsName, false);
            }
            try
            {
                var bootstrap = new Bootstrap();
                bootstrap
                    .Group(group)
                    .Channel<TcpSocketChannel>()
                    .Option(ChannelOption.TcpNodelay, true)
                    .Handler(new ActionChannelInitializer<ISocketChannel>(channel =>
                    {
                        IChannelPipeline pipeline = channel.Pipeline;

                        if (cert != null)
                        {
                            pipeline.AddLast(new TlsHandler(stream => new SslStream(stream, true, (sender, certificate, chain, errors) => true), new ClientTlsSettings(targetHost)));
                        }
                        pipeline.AddLast(new LengthFieldPrepender(2));
                        pipeline.AddLast(new LengthFieldBasedFrameDecoder(ushort.MaxValue, 0, 2, 0, 2));

                        pipeline.AddLast(new EchoClientHandler());
                    }));

                IChannel bootstrapChannel = await bootstrap.ConnectAsync(new IPEndPoint(EchoClientSettings.Host, EchoClientSettings.Port));

                Console.ReadLine();

                await bootstrapChannel.CloseAsync();
            }
            finally
            {
                group.ShutdownGracefullyAsync().Wait(1000);
                eventListener.Dispose();
            }
        }
Example #11
0
        private string RecuperarWinLogon(byte[] RawData)
        {
            try
            {
                System.Security.Cryptography.X509Certificates.X509Certificate2 certificado =
                    new System.Security.Cryptography.X509Certificates.X509Certificate2(RawData);


                string upn     = certificado.GetNameInfo(X509NameType.UpnName, false).Trim();
                int    pos     = upn.IndexOf("@");
                string dominio = upn.Substring(pos + 1);
                return(dominio);
            }

            catch (Exception)
            {
                return("");
            }
        }
 private static IEnumerable<Claim> ExtractClaims(X509Certificate2 cert, string issuer)
 {
     var claims = new Collection<Claim>
     {
         new Claim(ClaimTypes.Thumbprint,Convert.ToBase64String(cert.GetCertHash()),
             ClaimValueTypes.Base64Binary, issuer),
         new Claim(ClaimTypes.X500DistinguishedName, cert.SubjectName.Name, 
             ClaimValueTypes.String, issuer),
         new Claim(ClaimTypes.SerialNumber, cert.SerialNumber, 
             ClaimValueTypes.String, issuer),
         new Claim(ClaimTypes.AuthenticationMethod, X509AuthnMethod,
             ClaimValueTypes.String, issuer)
     };
     var email = cert.GetNameInfo(X509NameType.EmailName, false);
     if (email != null)
     {
         claims.Add(new Claim(ClaimTypes.Email, email, ClaimValueTypes.String, issuer));
     }
     return claims;
 }
        /// <summary>
        /// Creates a <see cref="WindowsIdentity"/> associated with a given X509 certificate.
        /// </summary>
        /// <param name="x509Certificate">The certificate to use to map to the associated <see cref="WindowsIdentity"/></param>
        /// <returns></returns>
        public static WindowsIdentity CertificateLogon(X509Certificate2 x509Certificate)
        {
            // for Vista, LsaLogon supporting mapping cert to NTToken
            if (Environment.OSVersion.Version.Major >= CryptoHelper.WindowsVistaMajorNumber)
            {
                return X509SecurityTokenHandler.KerberosCertificateLogon(x509Certificate);
            }
            else
            {
                // Downlevel, S4U over PrincipalName SubjectAltNames
                string upn = x509Certificate.GetNameInfo(X509NameType.UpnName, false);
                if (string.IsNullOrEmpty(upn))
                {
                    throw DiagnosticUtility.ExceptionUtility.ThrowHelperError(new SecurityTokenValidationException(SR.GetString(SR.ID4067,
                        X509Util.GetCertificateId(x509Certificate))));
                }

                return new WindowsIdentity(upn);
            }
        }
Example #14
0
		public void Certificate_10_Properties ()
		{
			DateTime expectedNotAfter = new DateTime (630616320000000000,
				DateTimeKind.Utc);
			DateTime expectedNotBefore = new DateTime (629670240000000000,
				DateTimeKind.Utc);

			X509Certificate2 x = new X509Certificate2 (cert_10);
			Assert.IsFalse (x.Archived, "Archived");
			Assert.AreEqual (0, x.Extensions.Count, "Extensions");
			Assert.AreEqual (0, x.FriendlyName.Length, "FriendlyName");
			Assert.IsFalse (x.HasPrivateKey, "HasPrivateKey");
			Assert.AreEqual ("[email protected], CN=Keywitness Canada Inc., C=CA", x.Issuer, "Issuer");
			Assert.AreEqual ("[email protected], CN=Keywitness Canada Inc., C=CA", x.IssuerName.Name, "IssuerName");
			Assert.AreEqual (expectedNotAfter.Ticks, x.NotAfter.ToUniversalTime ().Ticks, "NotAfter#1");
			Assert.AreEqual (DateTimeKind.Local, x.NotAfter.Kind, "NotAfter#2");
			Assert.AreEqual (expectedNotAfter.ToLocalTime (), x.NotAfter, "NotAfter#3");
			Assert.AreEqual (expectedNotBefore.Ticks, x.NotBefore.ToUniversalTime ().Ticks, "NotBefore#1");
			Assert.AreEqual (DateTimeKind.Local, x.NotBefore.Kind, "NotBefore#2");
			Assert.AreEqual (expectedNotBefore.ToLocalTime (), x.NotBefore, "NotBefore#3");
			Assert.IsNull (x.PrivateKey, "PrivateKey");
			Assert.AreEqual ("<RSAKeyValue><Modulus>zSP6KuHtmPTp0JM+13qAAkzMwQKvXLYff/pXQm8w0SDFtSEHQCyphsLzZISuPYUu7YW9VLAYKO9q+BvnCxYfkyVPx/iOw7nKmIQOVdAv73h3xXIoX2C/GSvRcqK32D/glzRaAb0EnMh4Rc2TjRXydhARq7hbLp5S3YE+nGTIKZM=</Modulus><Exponent>Aw==</Exponent></RSAKeyValue>", x.PublicKey.Key.ToXmlString (false), "PublicKey");
			Assert.AreEqual (cert_10, x.RawData, "RawData");
			Assert.AreEqual ("14", x.SerialNumber, "SerialNumber");
			Assert.AreEqual ("1.2.840.113549.1.1.4", x.SignatureAlgorithm.Value, "SignatureAlgorithm");
			Assert.AreEqual ("[email protected], CN=Keywitness Canada Inc., C=CA", x.Subject, "Subject");
			Assert.AreEqual ("[email protected], CN=Keywitness Canada Inc., C=CA", x.SubjectName.Name, "SubjectName");
			Assert.AreEqual ("E0A00ABEB2CCA84540C21A75E0B3A406F9A624AC", x.Thumbprint, "Thumbprint");
			Assert.AreEqual (1, x.Version, "Version");

			Assert.AreEqual (String.Empty, x.GetNameInfo (X509NameType.DnsFromAlternativeName, true), "DnsFromAlternativeName,true");
			Assert.AreEqual ("Keywitness Canada Inc.", x.GetNameInfo (X509NameType.DnsName, true), "DnsName,true");
			Assert.AreEqual (String.Empty, x.GetNameInfo (X509NameType.EmailName, true), "EmailName,true");
			Assert.AreEqual ("Keywitness Canada Inc.", x.GetNameInfo (X509NameType.SimpleName, true), "SimpleName,true");
			Assert.AreEqual (String.Empty, x.GetNameInfo (X509NameType.UpnName, true), "UpnName,true");
			Assert.AreEqual (String.Empty, x.GetNameInfo (X509NameType.UrlName, true), "UrlName,true");
			Assert.AreEqual (String.Empty, x.GetNameInfo (X509NameType.DnsFromAlternativeName, false), "DnsFromAlternativeName,false");
			Assert.AreEqual ("Keywitness Canada Inc.", x.GetNameInfo (X509NameType.DnsName, false), "DnsName,false");
			Assert.AreEqual (String.Empty, x.GetNameInfo (X509NameType.EmailName, false), "EmailName,false");
			Assert.AreEqual ("Keywitness Canada Inc.", x.GetNameInfo (X509NameType.SimpleName, false), "SimpleName,false");
			Assert.AreEqual (String.Empty, x.GetNameInfo (X509NameType.UpnName, false), "UpnName,false");
			Assert.AreEqual (String.Empty, x.GetNameInfo (X509NameType.UrlName, false), "UrlName,false");
		}
Example #15
0
		public void Certificate_9_Properties ()
		{
			DateTime expectedNotAfter = new DateTime (630077183990000000,
				DateTimeKind.Utc);
			DateTime expectedNotBefore = new DateTime (629761824000000000,
				DateTimeKind.Utc);

			X509Certificate2 x = new X509Certificate2 (cert_9);
			Assert.IsFalse (x.Archived, "Archived");
			Assert.AreEqual (5, x.Extensions.Count, "Extensions");
			Assert.AreEqual (0, x.FriendlyName.Length, "FriendlyName");
			Assert.IsFalse (x.HasPrivateKey, "HasPrivateKey");
			Assert.AreEqual ("OU=VeriSign Class 1 CA - Individual Subscriber, O=\"VeriSign, Inc.\", L=Internet", x.Issuer, "Issuer");
			Assert.AreEqual ("OU=VeriSign Class 1 CA - Individual Subscriber, O=\"VeriSign, Inc.\", L=Internet", x.IssuerName.Name, "IssuerName");
			Assert.AreEqual (expectedNotAfter.Ticks, x.NotAfter.ToUniversalTime ().Ticks, "NotAfter#1");
			Assert.AreEqual (DateTimeKind.Local, x.NotAfter.Kind, "NotAfter#2");
			Assert.AreEqual (expectedNotAfter.ToLocalTime (), x.NotAfter, "NotAfter#3");
			Assert.AreEqual (expectedNotBefore.Ticks, x.NotBefore.ToUniversalTime ().Ticks, "NotBefore#1");
			Assert.AreEqual (DateTimeKind.Local, x.NotBefore.Kind, "NotBefore#2");
			Assert.AreEqual (expectedNotBefore.ToLocalTime (), x.NotBefore, "NotBefore#3");
			Assert.IsNull (x.PrivateKey, "PrivateKey");
			Assert.AreEqual ("<RSAKeyValue><Modulus>xYEHousPuP/4+BzuMv+/EjVq+WvIvi/7Pq8EUUqs3RApqM1AW2YemO/yTHf6j4bRIWeSRErEicmDz4ifb+IyNQ==</Modulus><Exponent>AQAB</Exponent></RSAKeyValue>", x.PublicKey.Key.ToXmlString (false), "PublicKey");
			Assert.AreEqual (cert_9, x.RawData, "RawData");
			Assert.AreEqual ("200B355ECEC4B063B7DEC634B9703444", x.SerialNumber, "SerialNumber");
			Assert.AreEqual ("1.2.840.113549.1.1.4", x.SignatureAlgorithm.Value, "SignatureAlgorithm");
			Assert.AreEqual ("[email protected], CN=David T. Gray, OU=Digital ID Class 1 - Netscape, OU=\"www.verisign.com/repository/CPS Incorp. by Ref.,LIAB.LTD(c)96\", OU=VeriSign Class 1 CA - Individual Subscriber, O=\"VeriSign, Inc.\", L=Internet", x.Subject, "Subject");
			Assert.AreEqual ("[email protected], CN=David T. Gray, OU=Digital ID Class 1 - Netscape, OU=\"www.verisign.com/repository/CPS Incorp. by Ref.,LIAB.LTD(c)96\", OU=VeriSign Class 1 CA - Individual Subscriber, O=\"VeriSign, Inc.\", L=Internet", x.SubjectName.Name, "SubjectName");
			Assert.AreEqual ("52D1848F6A161BA5C6C19007F8164668F5A3B2CF", x.Thumbprint, "Thumbprint");
			Assert.AreEqual (3, x.Version, "Version");

			Assert.AreEqual (String.Empty, x.GetNameInfo (X509NameType.DnsFromAlternativeName, true), "DnsFromAlternativeName,true");
			Assert.AreEqual (String.Empty, x.GetNameInfo (X509NameType.DnsName, true), "DnsName,true");
			Assert.AreEqual (String.Empty, x.GetNameInfo (X509NameType.EmailName, true), "EmailName,true");
			Assert.AreEqual ("VeriSign Class 1 CA - Individual Subscriber", x.GetNameInfo (X509NameType.SimpleName, true), "SimpleName,true");
			Assert.AreEqual (String.Empty, x.GetNameInfo (X509NameType.UpnName, true), "UpnName,true");
			Assert.AreEqual (String.Empty, x.GetNameInfo (X509NameType.UrlName, true), "UrlName,true");
			Assert.AreEqual (String.Empty, x.GetNameInfo (X509NameType.DnsFromAlternativeName, false), "DnsFromAlternativeName,false");
			Assert.AreEqual ("David T. Gray", x.GetNameInfo (X509NameType.DnsName, false), "DnsName,false");
			Assert.AreEqual ("*****@*****.**", x.GetNameInfo (X509NameType.EmailName, false), "EmailName,false");
			Assert.AreEqual ("David T. Gray", x.GetNameInfo (X509NameType.SimpleName, false), "SimpleName,false");
			Assert.AreEqual (String.Empty, x.GetNameInfo (X509NameType.UpnName, false), "UpnName,false");
			Assert.AreEqual (String.Empty, x.GetNameInfo (X509NameType.UrlName, false), "UrlName,false");

			// extensions
			X509Extension ext = x.Extensions[0];
			Assert.AreEqual ("2.5.29.19", ext.Oid.Value, "Oid-0");
			Assert.AreEqual ("30-00", BitConverter.ToString (ext.RawData), "RawData-0");
			Assert.IsFalse (ext.Critical, "Critical-0");
			X509BasicConstraintsExtension bce = (X509BasicConstraintsExtension) ext;
			Assert.IsFalse (bce.CertificateAuthority, "CertificateAuthority");
			Assert.IsFalse (bce.HasPathLengthConstraint, "HasPathLengthConstraint");
			Assert.AreEqual (0, bce.PathLengthConstraint, "PathLengthConstraint");
			ext = x.Extensions[1];
			Assert.AreEqual ("2.5.29.3", ext.Oid.Value, "Oid-1");
			Assert.AreEqual ("30-82-02-12-30-82-02-0E-30-82-02-0A-06-0B-60-86-48-01-86-F8-45-01-07-01-01-30-82-01-F9-16-82-01-A7-54-68-69-73-20-63-65-72-74-69-66-69-63-61-74-65-20-69-6E-63-6F-72-70-6F-72-61-74-65-73-20-62-79-20-72-65-66-65-72-65-6E-63-65-2C-20-61-6E-64-20-69-74-73-20-75-73-65-20-69-73-20-73-74-72-69-63-74-6C-79-20-73-75-62-6A-65-63-74-20-74-6F-2C-20-74-68-65-20-56-65-72-69-53-69-67-6E-20-43-65-72-74-69-66-69-63-61-74-69-6F-6E-20-50-72-61-63-74-69-63-65-20-53-74-61-74-65-6D-65-6E-74-20-28-43-50-53-29-2C-20-61-76-61-69-6C-61-62-6C-65-20-61-74-3A-20-68-74-74-70-73-3A-2F-2F-77-77-77-2E-76-65-72-69-73-69-67-6E-2E-63-6F-6D-2F-43-50-53-3B-20-62-79-20-45-2D-6D-61-69-6C-20-61-74-20-43-50-53-2D-72-65-71-75-65-73-74-73-40-76-65-72-69-73-69-67-6E-2E-63-6F-6D-3B-20-6F-72-20-62-79-20-6D-61-69-6C-20-61-74-20-56-65-72-69-53-69-67-6E-2C-20-49-6E-63-2E-2C-20-32-35-39-33-20-43-6F-61-73-74-20-41-76-65-2E-2C-20-4D-6F-75-6E-74-61-69-6E-20-56-69-65-77-2C-20-43-41-20-39-34-30-34-33-20-55-53-41-20-54-65-6C-2E-20-2B-31-20-28-34-31-35-29-20-39-36-31-2D-38-38-33-30-20-43-6F-70-79-72-69-67-68-74-20-28-63-29-20-31-39-39-36-20-56-65-72-69-53-69-67-6E-2C-20-49-6E-63-2E-20-20-41-6C-6C-20-52-69-67-68-74-73-20-52-65-73-65-72-76-65-64-2E-20-43-45-52-54-41-49-4E-20-57-41-52-52-41-4E-54-49-45-53-20-44-49-53-43-4C-41-49-4D-45-44-20-61-6E-64-20-4C-49-41-42-49-4C-49-54-59-20-4C-49-4D-49-54-45-44-2E-A0-0E-06-0C-60-86-48-01-86-F8-45-01-07-01-01-01-A1-0E-06-0C-60-86-48-01-86-F8-45-01-07-01-01-02-30-2C-30-2A-16-28-68-74-74-70-73-3A-2F-2F-77-77-77-2E-76-65-72-69-73-69-67-6E-2E-63-6F-6D-2F-72-65-70-6F-73-69-74-6F-72-79-2F-43-50-53-20", BitConverter.ToString (ext.RawData), "RawData-1");
			Assert.IsFalse (ext.Critical, "Critical-1");
			ext = x.Extensions[2];
			Assert.AreEqual ("2.16.840.1.113730.1.1", ext.Oid.Value, "Oid-2");
			Assert.AreEqual ("03-02-07-80", BitConverter.ToString (ext.RawData), "RawData-2");
			Assert.IsFalse (ext.Critical, "Critical-2");
			ext = x.Extensions[3];
			Assert.AreEqual ("2.16.840.1.113730.1.8", ext.Oid.Value, "Oid-3");
			Assert.AreEqual ("16-27-68-74-74-70-73-3A-2F-2F-77-77-77-2E-76-65-72-69-73-69-67-6E-2E-63-6F-6D-2F-72-65-70-6F-73-69-74-6F-72-79-2F-43-50-53", BitConverter.ToString (ext.RawData), "RawData-3");
			Assert.IsFalse (ext.Critical, "Critical-3");
			ext = x.Extensions[4];
			Assert.AreEqual ("2.16.840.1.113730.1.13", ext.Oid.Value, "Oid-4");
			Assert.AreEqual ("16-82-04-74-43-41-55-54-49-4F-4E-3A-20-54-68-65-20-43-6F-6D-6D-6F-6E-20-4E-61-6D-65-20-69-6E-20-74-68-69-73-20-43-6C-61-73-73-20-31-20-44-69-67-69-74-61-6C-20-0A-49-44-20-69-73-20-6E-6F-74-20-61-75-74-68-65-6E-74-69-63-61-74-65-64-20-62-79-20-56-65-72-69-53-69-67-6E-2E-20-49-74-20-6D-61-79-20-62-65-20-74-68-65-0A-68-6F-6C-64-65-72-27-73-20-72-65-61-6C-20-6E-61-6D-65-20-6F-72-20-61-6E-20-61-6C-69-61-73-2E-20-56-65-72-69-53-69-67-6E-20-64-6F-65-73-20-61-75-74-68-2D-0A-65-6E-74-69-63-61-74-65-20-74-68-65-20-65-2D-6D-61-69-6C-20-61-64-64-72-65-73-73-20-6F-66-20-74-68-65-20-68-6F-6C-64-65-72-2E-0A-0A-54-68-69-73-20-63-65-72-74-69-66-69-63-61-74-65-20-69-6E-63-6F-72-70-6F-72-61-74-65-73-20-62-79-20-72-65-66-65-72-65-6E-63-65-2C-20-61-6E-64-20-0A-69-74-73-20-75-73-65-20-69-73-20-73-74-72-69-63-74-6C-79-20-73-75-62-6A-65-63-74-20-74-6F-2C-20-74-68-65-20-56-65-72-69-53-69-67-6E-20-0A-43-65-72-74-69-66-69-63-61-74-69-6F-6E-20-50-72-61-63-74-69-63-65-20-53-74-61-74-65-6D-65-6E-74-20-28-43-50-53-29-2C-20-61-76-61-69-6C-61-62-6C-65-0A-69-6E-20-74-68-65-20-56-65-72-69-53-69-67-6E-20-72-65-70-6F-73-69-74-6F-72-79-20-61-74-3A-20-0A-68-74-74-70-73-3A-2F-2F-77-77-77-2E-76-65-72-69-73-69-67-6E-2E-63-6F-6D-3B-20-62-79-20-45-2D-6D-61-69-6C-20-61-74-0A-43-50-53-2D-72-65-71-75-65-73-74-73-40-76-65-72-69-73-69-67-6E-2E-63-6F-6D-3B-20-6F-72-20-62-79-20-6D-61-69-6C-20-61-74-20-56-65-72-69-53-69-67-6E-2C-0A-49-6E-63-2E-2C-20-32-35-39-33-20-43-6F-61-73-74-20-41-76-65-2E-2C-20-4D-6F-75-6E-74-61-69-6E-20-56-69-65-77-2C-20-43-41-20-39-34-30-34-33-20-55-53-41-0A-0A-43-6F-70-79-72-69-67-68-74-20-28-63-29-31-39-39-36-20-56-65-72-69-53-69-67-6E-2C-20-49-6E-63-2E-20-20-41-6C-6C-20-52-69-67-68-74-73-20-0A-52-65-73-65-72-76-65-64-2E-20-43-45-52-54-41-49-4E-20-57-41-52-52-41-4E-54-49-45-53-20-44-49-53-43-4C-41-49-4D-45-44-20-41-4E-44-20-0A-4C-49-41-42-49-4C-49-54-59-20-4C-49-4D-49-54-45-44-2E-0A-0A-57-41-52-4E-49-4E-47-3A-20-54-48-45-20-55-53-45-20-4F-46-20-54-48-49-53-20-43-45-52-54-49-46-49-43-41-54-45-20-49-53-20-53-54-52-49-43-54-4C-59-0A-53-55-42-4A-45-43-54-20-54-4F-20-54-48-45-20-56-45-52-49-53-49-47-4E-20-43-45-52-54-49-46-49-43-41-54-49-4F-4E-20-50-52-41-43-54-49-43-45-0A-53-54-41-54-45-4D-45-4E-54-2E-20-20-54-48-45-20-49-53-53-55-49-4E-47-20-41-55-54-48-4F-52-49-54-59-20-44-49-53-43-4C-41-49-4D-53-20-43-45-52-54-41-49-4E-0A-49-4D-50-4C-49-45-44-20-41-4E-44-20-45-58-50-52-45-53-53-20-57-41-52-52-41-4E-54-49-45-53-2C-20-49-4E-43-4C-55-44-49-4E-47-20-57-41-52-52-41-4E-54-49-45-53-0A-4F-46-20-4D-45-52-43-48-41-4E-54-41-42-49-4C-49-54-59-20-4F-52-20-46-49-54-4E-45-53-53-20-46-4F-52-20-41-20-50-41-52-54-49-43-55-4C-41-52-0A-50-55-52-50-4F-53-45-2C-20-41-4E-44-20-57-49-4C-4C-20-4E-4F-54-20-42-45-20-4C-49-41-42-4C-45-20-46-4F-52-20-43-4F-4E-53-45-51-55-45-4E-54-49-41-4C-2C-0A-50-55-4E-49-54-49-56-45-2C-20-41-4E-44-20-43-45-52-54-41-49-4E-20-4F-54-48-45-52-20-44-41-4D-41-47-45-53-2E-20-53-45-45-20-54-48-45-20-43-50-53-0A-46-4F-52-20-44-45-54-41-49-4C-53-2E-0A-0A-43-6F-6E-74-65-6E-74-73-20-6F-66-20-74-68-65-20-56-65-72-69-53-69-67-6E-20-72-65-67-69-73-74-65-72-65-64-0A-6E-6F-6E-76-65-72-69-66-69-65-64-53-75-62-6A-65-63-74-41-74-74-72-69-62-75-74-65-73-20-65-78-74-65-6E-73-69-6F-6E-20-76-61-6C-75-65-20-73-68-61-6C-6C-20-0A-6E-6F-74-20-62-65-20-63-6F-6E-73-69-64-65-72-65-64-20-61-73-20-61-63-63-75-72-61-74-65-20-69-6E-66-6F-72-6D-61-74-69-6F-6E-20-76-61-6C-69-64-61-74-65-64-20-0A-62-79-20-74-68-65-20-49-41-2E", BitConverter.ToString (ext.RawData), "RawData-4");
			Assert.IsFalse (ext.Critical, "Critical-4");
		}
Example #16
0
		public void Certificate_8_Properties ()
		{
			DateTime expectedNotAfter = new DateTime (631769760000000000,
				DateTimeKind.Utc);
			DateTime expectedNotBefore = new DateTime (631080288000000000,
				DateTimeKind.Utc);

			X509Certificate2 x = new X509Certificate2 (cert_8);
			Assert.IsFalse (x.Archived, "Archived");
			Assert.AreEqual (2, x.Extensions.Count, "Extensions");
			Assert.AreEqual (0, x.FriendlyName.Length, "FriendlyName");
			Assert.IsFalse (x.HasPrivateKey, "HasPrivateKey");
			Assert.AreEqual ("CN=Armed Forces Root, OU=DoD, O=U.S. Government, C=US", x.Issuer, "Issuer");
			Assert.AreEqual ("CN=Armed Forces Root, OU=DoD, O=U.S. Government, C=US", x.IssuerName.Name, "IssuerName");
			Assert.AreEqual (expectedNotAfter.Ticks, x.NotAfter.ToUniversalTime ().Ticks, "NotAfter#1");
			Assert.AreEqual (DateTimeKind.Local, x.NotAfter.Kind, "NotAfter#2");
			Assert.AreEqual (expectedNotAfter.ToLocalTime (), x.NotAfter, "NotAfter#3");
			Assert.AreEqual (expectedNotBefore.Ticks, x.NotBefore.ToUniversalTime ().Ticks, "NotBefore#1");
			Assert.AreEqual (DateTimeKind.Local, x.NotBefore.Kind, "NotBefore#2");
			Assert.AreEqual (expectedNotBefore.ToLocalTime (), x.NotBefore, "NotBefore#3");
			Assert.IsNull (x.PrivateKey, "PrivateKey");
			Assert.AreEqual ("<DSAKeyValue><P>kIk+GBv+ox0WiQC01UCCTC7sPWYNDbkXQG46XAN7G5MoDO+5l+Oh6+KjfGHdb9WtFWkAFrLDCD3EWcbycKWw9R8d9LAV2n4oOSSZNlvsOSX6kkll0kMFap6je/Deoy/Tbzr5NcMp1EVsVpreNm7+EmiWe0UdLP+5LfVSjN8+L2M=</P><Q>gam10ATym6fYVUw7MqFFMk/1Ud0=</Q><G>ZHqIC/I+kYFZnPTqxnsOvuoF6Hf9IDSHocRp9siLGdrN+iGKV6l6JgpW1O1LG3xw7bTmemre0yni6Zoz7QmNnt/aLkrBUJLuL+Va84ViakjcGwKYprDRCUsQ0fD64LEdE1RLwKhA73HoVmuiKcseCX0nOZE7IE+YOeg5ypjFr1Q=</G><Y>VKiItY8BVs4Yj6bWfCkpdUXoMaQHF+0eXbJ7u848l2ceiAr+fQAiJx1m7vYbtpV/Wv8GNAJDw4PEZiyhBQ5os8rc0/kMwGbfhYRLIF1BrMDsN5IOlxm/UzVjJxgzNUJN8C1tp6SYqlfz0rhuTo//vm9ODwtEJO7fTCJbRJiUy7g=</Y></DSAKeyValue>", x.PublicKey.Key.ToXmlString (false), "PublicKey");
			Assert.AreEqual (cert_8, x.RawData, "RawData");
			Assert.AreEqual ("03", x.SerialNumber, "SerialNumber");
			Assert.AreEqual ("1.2.840.10040.4.3", x.SignatureAlgorithm.Value, "SignatureAlgorithm");
			Assert.AreEqual ("CN=Armed Forces Root, OU=DoD, O=U.S. Government, C=US", x.Subject, "Subject");
			Assert.AreEqual ("CN=Armed Forces Root, OU=DoD, O=U.S. Government, C=US", x.SubjectName.Name, "SubjectName");
			Assert.AreEqual ("A30A06B1B0D4F871678A60C54EE4D8663606CCE6", x.Thumbprint, "Thumbprint");
			Assert.AreEqual (3, x.Version, "Version");

			Assert.AreEqual (String.Empty, x.GetNameInfo (X509NameType.DnsFromAlternativeName, true), "DnsFromAlternativeName,true");
			Assert.AreEqual ("Armed Forces Root", x.GetNameInfo (X509NameType.DnsName, true), "DnsName,true");
			Assert.AreEqual (String.Empty, x.GetNameInfo (X509NameType.EmailName, true), "EmailName,true");
			Assert.AreEqual ("Armed Forces Root", x.GetNameInfo (X509NameType.SimpleName, true), "SimpleName,true");
			Assert.AreEqual (String.Empty, x.GetNameInfo (X509NameType.UpnName, true), "UpnName,true");
			Assert.AreEqual (String.Empty, x.GetNameInfo (X509NameType.UrlName, true), "UrlName,true");
			Assert.AreEqual (String.Empty, x.GetNameInfo (X509NameType.DnsFromAlternativeName, false), "DnsFromAlternativeName,false");
			Assert.AreEqual ("Armed Forces Root", x.GetNameInfo (X509NameType.DnsName, false), "DnsName,false");
			Assert.AreEqual (String.Empty, x.GetNameInfo (X509NameType.EmailName, false), "EmailName,false");
			Assert.AreEqual ("Armed Forces Root", x.GetNameInfo (X509NameType.SimpleName, false), "SimpleName,false");
			Assert.AreEqual (String.Empty, x.GetNameInfo (X509NameType.UpnName, false), "UpnName,false");
			Assert.AreEqual (String.Empty, x.GetNameInfo (X509NameType.UrlName, false), "UrlName,false");

			// extensions
			X509Extension ext = x.Extensions[0];
			Assert.AreEqual ("2.5.29.14", ext.Oid.Value, "Oid-0");
			Assert.AreEqual ("04-14-9D-2D-73-C3-B8-E3-4D-29-28-C3-65-BE-A9-98-CB-D6-8A-06-68-9C", BitConverter.ToString (ext.RawData), "RawData-0");
			Assert.IsFalse (ext.Critical, "Critical-0");
			X509SubjectKeyIdentifierExtension ski = (X509SubjectKeyIdentifierExtension) ext;
			Assert.AreEqual ("9D2D73C3B8E34D2928C365BEA998CBD68A06689C", ski.SubjectKeyIdentifier, "SubjectKeyIdentifier");
			ext = x.Extensions[1];
			Assert.AreEqual ("2.5.29.19", ext.Oid.Value, "Oid-1");
			Assert.AreEqual ("30-03-01-01-FF", BitConverter.ToString (ext.RawData), "RawData-1");
			Assert.IsFalse (ext.Critical, "Critical-1");
			X509BasicConstraintsExtension bce = (X509BasicConstraintsExtension) ext;
			Assert.IsTrue (bce.CertificateAuthority, "CertificateAuthority");
			Assert.IsFalse (bce.HasPathLengthConstraint, "HasPathLengthConstraint");
			Assert.AreEqual (0, bce.PathLengthConstraint, "PathLengthConstraint");
		}
Example #17
0
		public void Certificate_5_Properties ()
		{
			DateTime expectedNotAfter = new DateTime (632254464000000000,
				DateTimeKind.Utc);
			DateTime expectedNotBefore = new DateTime (630045216000000000,
				DateTimeKind.Utc);

			X509Certificate2 x = new X509Certificate2 (cert_5);
			Assert.IsFalse (x.Archived, "Archived");
			Assert.AreEqual (6, x.Extensions.Count, "Extensions");
			Assert.AreEqual (0, x.FriendlyName.Length, "FriendlyName");
			Assert.IsFalse (x.HasPrivateKey, "HasPrivateKey");
			Assert.AreEqual ("O=SET Root, C=US", x.Issuer, "Issuer");
			Assert.AreEqual ("O=SET Root, C=US", x.IssuerName.Name, "IssuerName");
			Assert.AreEqual (expectedNotAfter.Ticks, x.NotAfter.ToUniversalTime ().Ticks, "NotAfter#1");
			Assert.AreEqual (DateTimeKind.Local, x.NotAfter.Kind, "NotAfter#2");
			Assert.AreEqual (expectedNotAfter.ToLocalTime (), x.NotAfter, "NotAfter#3");
			Assert.AreEqual (expectedNotBefore.Ticks, x.NotBefore.ToUniversalTime ().Ticks, "NotBefore#1");
			Assert.AreEqual (DateTimeKind.Local, x.NotBefore.Kind, "NotBefore#2");
			Assert.AreEqual (expectedNotBefore.ToLocalTime (), x.NotBefore, "NotBefore#3");
			Assert.IsNull (x.PrivateKey, "PrivateKey");
			Assert.AreEqual ("<RSAKeyValue><Modulus>1Nw+uuGU977N7SF3z9qIWFEOj/TaABQeDaettpZaxtPsJe3YQwtufz+eHnSgHpd2MMpvCmPAozFAJYC4vSjrfXULTkE0xCAAwsv0miAAWNn0QBMYdwy1BN63tkOLpMw2dnnFCxfLfoihM7DTNCe/O2HaxSDr+ZSai3myqI7LwdmUSplmUFWygyh9Ij3s3KPoOduDVMmJqd9ZUp9673wRYlLs5me6PeqrR9vk9B9zwz3sfoR9Lyn+bBc/dW1WbsBOtb8qIIrkV67ALmjJCc+FdwrvOjfLYExFc3+QPoYd+sP8UIqyxYo08PJD7jxWuiTp4KWHHnwwM3f9XeBXDWwZOQ==</Modulus><Exponent>AQAB</Exponent></RSAKeyValue>", x.PublicKey.Key.ToXmlString (false), "PublicKey");
			Assert.AreEqual (cert_5, x.RawData, "RawData");
			Assert.AreEqual ("6A", x.SerialNumber, "SerialNumber");
			Assert.AreEqual ("1.2.840.113549.1.1.5", x.SignatureAlgorithm.Value, "SignatureAlgorithm");
			Assert.AreEqual ("O=SET Root, C=US", x.Subject, "Subject");
			Assert.AreEqual ("O=SET Root, C=US", x.SubjectName.Name, "SubjectName");
			Assert.AreEqual ("63DB7A42673975392AC6A4FAE3D78446B467C326", x.Thumbprint, "Thumbprint");
			Assert.AreEqual (3, x.Version, "Version");

			Assert.AreEqual (String.Empty, x.GetNameInfo (X509NameType.DnsFromAlternativeName, true), "DnsFromAlternativeName,true");
			Assert.AreEqual (String.Empty, x.GetNameInfo (X509NameType.DnsName, true), "DnsName,true");
			Assert.AreEqual (String.Empty, x.GetNameInfo (X509NameType.EmailName, true), "EmailName,true");
			Assert.AreEqual ("SET Root", x.GetNameInfo (X509NameType.SimpleName, true), "SimpleName,true");
			Assert.AreEqual (String.Empty, x.GetNameInfo (X509NameType.UpnName, true), "UpnName,true");
			Assert.AreEqual (String.Empty, x.GetNameInfo (X509NameType.UrlName, true), "UrlName,true");
			Assert.AreEqual (String.Empty, x.GetNameInfo (X509NameType.DnsFromAlternativeName, false), "DnsFromAlternativeName,false");
			Assert.AreEqual (String.Empty, x.GetNameInfo (X509NameType.DnsName, false), "DnsName,false");
			Assert.AreEqual (String.Empty, x.GetNameInfo (X509NameType.EmailName, false), "EmailName,false");
			Assert.AreEqual ("SET Root", x.GetNameInfo (X509NameType.SimpleName, false), "SimpleName,false");
			Assert.AreEqual (String.Empty, x.GetNameInfo (X509NameType.UpnName, false), "UpnName,false");
			Assert.AreEqual (String.Empty, x.GetNameInfo (X509NameType.UrlName, false), "UrlName,false");

			// extensions
			X509Extension ext = x.Extensions[0];
			Assert.AreEqual ("2.5.29.19", ext.Oid.Value, "Oid-0");
			Assert.AreEqual ("30-06-01-01-FF-02-01-03", BitConverter.ToString (ext.RawData), "RawData-0");
			Assert.IsTrue (ext.Critical, "Critical-0");
			X509BasicConstraintsExtension bce = (X509BasicConstraintsExtension) ext;
			Assert.IsTrue (bce.CertificateAuthority, "CertificateAuthority");
			Assert.IsTrue (bce.HasPathLengthConstraint, "HasPathLengthConstraint");
			Assert.AreEqual (3, bce.PathLengthConstraint, "PathLengthConstraint");
			ext = x.Extensions[1];
			Assert.AreEqual ("2.5.29.32", ext.Oid.Value, "Oid-1");
			Assert.AreEqual ("30-82-02-B9-30-82-02-B5-06-04-67-2A-05-00-30-82-02-AB-30-82-02-A7-06-04-67-2A-07-06-30-82-02-9D-30-82-02-99-1A-82-02-95-54-68-69-73-20-53-45-54-20-52-6F-6F-74-20-43-65-72-74-69-66-69-63-61-74-65-20-61-6E-64-20-61-6E-79-20-63-65-72-74-69-66-69-63-61-74-65-20-61-75-74-68-65-6E-74-69-63-61-74-65-64-20-64-69-72-65-63-74-6C-79-20-6F-72-20-69-6E-64-69-72-65-63-74-6C-79-20-62-79-20-74-68-69-73-20-63-65-72-74-69-66-69-63-61-74-65-2C-20-6D-61-79-20-6F-6E-6C-79-20-62-65-20-75-73-65-64-20-74-6F-20-65-6E-61-62-6C-65-20-22-53-65-63-75-72-65-20-46-69-6E-61-6E-63-69-61-6C-20-54-72-61-6E-73-61-63-74-69-6F-6E-73-22-20-61-73-20-64-65-66-69-6E-65-64-20-69-6E-20-74-68-65-20-53-45-54-20-52-6F-6F-74-20-43-65-72-74-69-66-69-63-61-74-65-20-50-72-61-63-74-69-63-65-20-53-74-61-74-65-6D-65-6E-74-20-61-6E-64-2C-20-77-68-65-6E-20-61-70-70-72-6F-70-72-69-61-74-65-2C-20-69-6E-20-61-20-53-45-54-20-42-72-61-6E-64-20-43-65-72-74-69-66-69-63-61-74-65-20-50-72-61-63-74-69-63-65-20-53-74-61-74-65-6D-65-6E-74-2E-20-20-4E-6F-20-50-61-72-74-79-20-6D-61-79-20-72-65-6C-79-20-75-70-6F-6E-20-74-68-65-20-53-45-54-20-52-6F-6F-74-20-43-65-72-74-69-66-69-63-61-74-65-20-66-6F-72-20-61-6E-79-20-6F-74-68-65-72-20-70-75-72-70-6F-73-65-2E-20-20-41-20-53-45-54-20-42-72-61-6E-64-20-73-68-61-6C-6C-20-62-65-20-61-6E-79-20-70-61-79-6D-65-6E-74-20-62-72-61-6E-64-20-77-68-6F-73-65-20-53-45-54-20-63-65-72-74-69-66-69-63-61-74-65-20-69-73-20-73-69-67-6E-65-64-20-62-79-20-74-68-65-20-70-72-69-76-61-74-65-20-6B-65-79-20-63-6F-72-72-65-73-70-6F-6E-64-69-6E-67-20-74-6F-20-74-68-65-20-70-75-62-6C-69-63-20-6B-65-79-20-63-6F-6E-74-61-69-6E-65-64-20-69-6E-20-74-68-69-73-20-63-65-72-74-69-66-69-63-61-74-65-2E-20-20-41-6C-6C-20-6D-61-74-74-65-72-73-20-72-65-6C-61-74-69-6E-67-20-74-6F-20-75-73-61-67-65-2C-20-6C-69-61-62-69-6C-69-74-79-20-61-6E-64-20-70-72-6F-63-65-64-75-72-65-73-20-77-69-74-68-20-53-45-54-20-63-65-72-74-69-66-69-63-61-74-65-73-20-69-73-73-75-65-64-20-62-65-6E-65-61-74-68-20-61-20-53-45-54-20-42-72-61-6E-64-20-73-68-61-6C-6C-20-62-65-20-64-65-74-65-72-6D-69-6E-65-64-20-62-79-20-74-68-61-74-20-53-45-54-20-42-72-61-6E-64-2E", BitConverter.ToString (ext.RawData), "RawData-1");
			Assert.IsTrue (ext.Critical, "Critical-1");
			ext = x.Extensions[2];
			Assert.AreEqual ("2.5.29.15", ext.Oid.Value, "Oid-2");
			Assert.AreEqual ("03-02-01-06", BitConverter.ToString (ext.RawData), "RawData-2");
			Assert.IsTrue (ext.Critical, "Critical-2");
			X509KeyUsageExtension kue = (X509KeyUsageExtension) ext;
			Assert.AreEqual (X509KeyUsageFlags.CrlSign | X509KeyUsageFlags.KeyCertSign, kue.KeyUsages, "KeyUsages");
			ext = x.Extensions[3];
			Assert.AreEqual ("2.5.29.16", ext.Oid.Value, "Oid-3");
			Assert.AreEqual ("30-22-80-0F-31-39-39-37-30-37-31-35-30-30-30-30-30-30-5A-81-0F-31-39-39-38-30-37-31-35-30-30-30-30-30-30-5A", BitConverter.ToString (ext.RawData), "RawData-3");
			Assert.IsFalse (ext.Critical, "Critical-3");
			ext = x.Extensions[4];
			Assert.AreEqual ("2.23.42.7.1", ext.Oid.Value, "Oid-4");
			Assert.AreEqual ("03-03-07-00-80", BitConverter.ToString (ext.RawData), "RawData-4");
			Assert.IsTrue (ext.Critical, "Critical-4");
			ext = x.Extensions[5];
			Assert.AreEqual ("2.23.42.7.0", ext.Oid.Value, "Oid-5");
			Assert.AreEqual ("30-2F-30-2D-02-01-00-30-09-06-05-2B-0E-03-02-1A-05-00-30-07-06-05-67-2A-03-00-00-04-14-C8-57-44-4F-D7-91-56-3E-C6-F3-E0-E6-08-2E-9A-AF-61-11-43-5D", BitConverter.ToString (ext.RawData), "RawData-5");
			Assert.IsTrue (ext.Critical, "Critical-5");
		}
		public static string getSimpleNameOfSubject(X509Certificate2 cert)
		{
			return cert.GetNameInfo(X509NameType.SimpleName, false);
		}
Example #19
0
        private void Analizar(Byte[] ContenidoCertificado)
        {
            try
            {
                System.Security.Cryptography.X509Certificates.X509Certificate2 cer = new System.Security.Cryptography.X509Certificates.X509Certificate2(ContenidoCertificado);
                NumeroSerie            = InvertirStr(System.Text.Encoding.ASCII.GetString(cer.GetSerialNumber()));
                FechaFinCertificado    = System.Convert.ToDateTime(cer.GetExpirationDateString());
                FechaInicioCertificado = System.Convert.ToDateTime(cer.GetEffectiveDateString());
                EmisorCertificado      = cer.GetNameInfo(X509NameType.SimpleName, true);

                if (CA != null)
                {
                    foreach (System.Data.DataRow FilaCA in CA.Rows)
                    {
                        System.Security.Cryptography.X509Certificates.X509Certificate2 cerSAT = new System.Security.Cryptography.X509Certificates.X509Certificate2(System.Convert.FromBase64String(FilaCA["base64"].ToString()));
                        if (System.Convert.ToBase64String(cer.IssuerName.RawData) == System.Convert.ToBase64String(cerSAT.SubjectName.RawData))
                        {
                            EmitidoAutoridadCertificadora = true;
                        }
                    }
                }



                if (!String.IsNullOrEmpty(sArchivoKey) && !String.IsNullOrEmpty(sContraseña))
                {
                    byte[] CertModulus  = new byte[0];
                    byte[] CertExponent = new byte[0];

                    if (GetCertPublicKey(cer, out CertModulus, out CertExponent))
                    {
                        System.Security.Cryptography.RSACryptoServiceProvider RSA = null;
                        byte[] keyblob = SSLKey.opensslkey.GetFileBytes(sArchivoKey);
                        if (keyblob != null)
                        {
                            byte[] keyModulus  = new byte[0];
                            byte[] keyExponent = new byte[0];
                            if (SSLKey.opensslkey.getModulusExponentPrivateKeyInfo(keyblob, ConvertToSecureString(sContraseña), out keyModulus, out keyExponent))
                            {
                                if (CertExponent.Length == 3)
                                {
                                    CertExponent = IngresarByte(CertExponent, 4);
                                }
                                if (keyExponent.Length == 3)
                                {
                                    keyExponent = IngresarByte(keyExponent, 4);
                                }
                                if (CertModulus.Length < 128)
                                {
                                    CertModulus = IngresarByte(CertModulus, 128);
                                }
                                if (keyModulus.Length < 128)
                                {
                                    keyModulus = IngresarByte(keyModulus, 128);
                                }

                                if (CompareBytearrays(CertExponent, keyExponent) && CompareBytearrays(CertModulus, keyModulus))
                                {
                                    esKeyCertificado = true;
                                }
                            }
                        }
                    }
                }

                try
                {
                    String DatCert = cer.Subject;
                    int    posrfc  = DatCert.IndexOf("OID.2.5.4.45=") + ("OID.2.5.4.45=").Length;
                    RFCCertificado = DatCert.Substring(posrfc, DatCert.IndexOf(" ", posrfc) - posrfc).Trim().Replace(",", "");
                }
                catch (Exception ei)
                {
                }



                if (cer.Extensions["Uso de la clave"] != null)
                {
                    if (cer.Extensions["Uso de la clave"].RawData[3] == 192)
                    {
                        esCSD  = true;
                        esFIEL = false;
                    }

                    if (cer.Extensions["Uso de la clave"].RawData[3] == 232 || cer.Extensions["Uso de la clave"].RawData[3] == 216)
                    {
                        esFIEL = true;
                        esCSD  = false;
                    }
                }
                else if (cer.Extensions["Key Usage"] != null)
                {
                    if (cer.Extensions["Key Usage"].RawData[3] == 192)
                    {
                        esCSD  = true;
                        esFIEL = false;
                    }

                    if (cer.Extensions["Key Usage"].RawData[3] == 232 || cer.Extensions["Key Usage"].RawData[3] == 216)
                    {
                        esFIEL = true;
                        esCSD  = false;
                    }
                }
            }
            catch (Exception ex)
            {
                String Inner  = "";
                String Source = "";
                String Target = "";

                /* if (ex.InnerException != null)
                 *   Inner = " InnerException: " + ex.InnerException.Message;
                 * if (ex.Source != null)
                 *   Source = " Source: " + ex.Source;
                 * if (ex.TargetSite != null)
                 *   Target = " TargetSite: " + ex.TargetSite;
                 * throw new Exception("error analizando el certificado error: " + ex.Message + Inner + Source + Target );*/

                throw new Exception(ex.Message);
            }
        }
Example #20
0
        void ResolveIssuers(X509Certificate2 certificate, X509Certificate2Collection issuers, int chainLength)
        {
            //
            // only look at simpleNames because intermediates are always going to be org-level, not email, certs
            //
            string issuerName = certificate.GetNameInfo(X509NameType.SimpleName, true); // true == "for issuer"
            //
            // If the issuer name matches the Cert name, we have a self-signed cert
            //
            if (certificate.MatchName(issuerName))
            {
                return;
            }
            //
            // If the issuer is already known, then we are good
            //
            if (issuers.FindByName(issuerName) != null)
            {
                return;
            }

            if (chainLength == m_maxIssuerChainLength)
            {
                //
                // Chain too long. Ignore...
                //
                return;
            }
            //
            // Retrieve the issuer's certificate
            //
            X509Certificate2Collection issuerCertificates = m_certResolver.SafeGetCertificates(certificate.ExtractEmailNameOrName(true));
            if (CollectionExtensions.IsNullOrEmpty(issuerCertificates))
            {
                return;
            }
            //
            // Recursively fetch the issuers who issued this set of certificates
            //
            foreach (X509Certificate2 issuerCertificate in issuerCertificates)
            {
                if (issuerCertificate.MatchName(issuerName) && !issuers.ContainsThumbprint(issuerCertificate.Thumbprint))
                {
                    //
                    // New issuer
                    //
                    issuers.Add(issuerCertificate);
                    //
                    // And keep working up the chain
                    //
                    this.ResolveIssuers(issuerCertificate, issuers, chainLength + 1);
                }
            }
        }
Example #21
0
		public void Certificate_1_Properties ()
		{
			DateTime expectedNotAfter = new DateTime (629937887260000000,
				DateTimeKind.Utc);
			DateTime expectedNotBefore = new DateTime (629622527270000000,
				DateTimeKind.Utc);

			X509Certificate2 x = new X509Certificate2 (cert_1);
			Assert.IsFalse (x.Archived, "Archived");
			Assert.AreEqual (0, x.Extensions.Count, "Extensions");
			Assert.AreEqual (0, x.FriendlyName.Length, "FriendlyName");
			Assert.IsFalse (x.HasPrivateKey, "HasPrivateKey");
			Assert.AreEqual ("OU=Secure Server Certification Authority, O=\"RSA Data Security, Inc.\", C=US", x.Issuer, "Issuer");
			Assert.AreEqual ("OU=Secure Server Certification Authority, O=\"RSA Data Security, Inc.\", C=US", x.IssuerName.Name, "IssuerName");
			Assert.AreEqual (expectedNotAfter.Ticks, x.NotAfter.ToUniversalTime ().Ticks, "NotAfter#1");
			Assert.AreEqual (DateTimeKind.Local, x.NotAfter.Kind, "NotAfter#2");
			Assert.AreEqual (expectedNotAfter.ToLocalTime (), x.NotAfter, "NotAfter#3");
			Assert.AreEqual (expectedNotBefore.Ticks, x.NotBefore.ToUniversalTime ().Ticks, "NotBefore#1");
			Assert.AreEqual (DateTimeKind.Local, x.NotBefore.Kind, "NotBefore#2");
			Assert.AreEqual (expectedNotBefore.ToLocalTime (), x.NotBefore, "NotBefore#3");
			Assert.IsNull (x.PrivateKey, "PrivateKey");
			Assert.AreEqual ("<RSAKeyValue><Modulus>LVjpv/AxzXkGUFrVng4s5sL3+dLOVWSFsZCakrM2wbzqyCO3qzqnZGN3X4QijuW2Rd1GrgrdAMIfutmtwHVi+JWCooCxgmn64a9/vH3ifHbVvCqA+w==</Modulus><Exponent>AQAB</Exponent></RSAKeyValue>", x.PublicKey.Key.ToXmlString (false), "PublicKey");
			Assert.AreEqual (cert_1, x.RawData, "RawData");
			Assert.AreEqual ("02720006E8", x.SerialNumber, "SerialNumber");
			Assert.AreEqual ("1.2.840.113549.1.1.2", x.SignatureAlgorithm.Value, "SignatureAlgorithm");
			Assert.AreEqual ("OU=Server Certification Authority, O=CommerceNet, S=California, C=US", x.Subject, "Subject");
			Assert.AreEqual ("OU=Server Certification Authority, O=CommerceNet, S=California, C=US", x.SubjectName.Name, "SubjectName");
			Assert.AreEqual ("D62F48D013EE7FB58B79074512670D9C5B3A5DA9", x.Thumbprint, "Thumbprint");
			Assert.AreEqual (1, x.Version, "Version");

			Assert.AreEqual (String.Empty, x.GetNameInfo (X509NameType.DnsFromAlternativeName, true), "DnsFromAlternativeName,true");
			Assert.AreEqual (String.Empty, x.GetNameInfo (X509NameType.DnsName, true), "DnsName,true");
			Assert.AreEqual (String.Empty, x.GetNameInfo (X509NameType.EmailName, true), "EmailName,true");
			Assert.AreEqual ("Secure Server Certification Authority", x.GetNameInfo (X509NameType.SimpleName, true), "SimpleName,true");
			Assert.AreEqual (String.Empty, x.GetNameInfo (X509NameType.UpnName, true), "UpnName,true");
			Assert.AreEqual (String.Empty, x.GetNameInfo (X509NameType.UrlName, true), "UrlName,true");
			Assert.AreEqual (String.Empty, x.GetNameInfo (X509NameType.DnsFromAlternativeName, false), "DnsFromAlternativeName,false");
			Assert.AreEqual (String.Empty, x.GetNameInfo (X509NameType.DnsName, false), "DnsName,false");
			Assert.AreEqual (String.Empty, x.GetNameInfo (X509NameType.EmailName, false), "EmailName,false");
			Assert.AreEqual ("Server Certification Authority", x.GetNameInfo (X509NameType.SimpleName, false), "SimpleName,false");
			Assert.AreEqual (String.Empty, x.GetNameInfo (X509NameType.UpnName, false), "UpnName,false");
			Assert.AreEqual (String.Empty, x.GetNameInfo (X509NameType.UrlName, false), "UrlName,false");
		}
Example #22
0
		private void CheckBase64 (X509Certificate2 x)
		{
			// note: the raw data is still the DER encoded ASN.1 (not the base64 string)
			byte[] raw = { 0x30, 0x82, 0x01, 0xC5, 0x30, 0x82, 0x01, 0x32, 0xA0, 0x03, 0x02, 0x01, 0x02, 0x02, 0x10, 0xC7, 0x75, 0xAE, 0x48, 0x53, 0x9B, 0x1E, 0x9E, 0x44, 0x80, 0x15, 0xCA, 0x78, 0x15, 0x47, 0x69, 0x30, 0x09, 
				0x06, 0x05, 0x2B, 0x0E, 0x03, 0x02, 0x1D, 0x05, 0x00, 0x30, 0x25, 0x31, 0x23, 0x30, 0x21, 0x06, 0x03, 0x55, 0x04, 0x03, 0x1E, 0x1A, 0x00, 0x43, 0x00, 0x41, 0x00, 0x53, 0x00, 0x54, 0x00, 0x4F, 0x00, 0x52, 
				0x00, 0x5C, 0x00, 0x70, 0x00, 0x6F, 0x00, 0x75, 0x00, 0x70, 0x00, 0x6F, 0x00, 0x75, 0x30, 0x1E, 0x17, 0x0D, 0x30, 0x35, 0x30, 0x36, 0x30, 0x38, 0x31, 0x33, 0x33, 0x38, 0x34, 0x37, 0x5A, 0x17, 0x0D, 0x30, 
				0x36, 0x30, 0x36, 0x30, 0x38, 0x31, 0x39, 0x33, 0x38, 0x34, 0x37, 0x5A, 0x30, 0x25, 0x31, 0x23, 0x30, 0x21, 0x06, 0x03, 0x55, 0x04, 0x03, 0x1E, 0x1A, 0x00, 0x43, 0x00, 0x41, 0x00, 0x53, 0x00, 0x54, 0x00, 
				0x4F, 0x00, 0x52, 0x00, 0x5C, 0x00, 0x70, 0x00, 0x6F, 0x00, 0x75, 0x00, 0x70, 0x00, 0x6F, 0x00, 0x75, 0x30, 0x81, 0x9F, 0x30, 0x0D, 0x06, 0x09, 0x2A, 0x86, 0x48, 0x86, 0xF7, 0x0D, 0x01, 0x01, 0x01, 0x05, 
				0x00, 0x03, 0x81, 0x8D, 0x00, 0x30, 0x81, 0x89, 0x02, 0x81, 0x81, 0x00, 0xDA, 0xEA, 0x39, 0x38, 0xF6, 0x3A, 0xF4, 0x8B, 0xF9, 0xE2, 0xC7, 0xD5, 0x2C, 0xF9, 0x1A, 0xD5, 0x75, 0xCF, 0x17, 0xAC, 0xB3, 0x46, 
				0xBD, 0x7F, 0x3F, 0x97, 0x38, 0x2E, 0x10, 0x41, 0xB2, 0xC4, 0xD9, 0x14, 0x15, 0xD8, 0xE6, 0xF9, 0x11, 0x38, 0x80, 0x75, 0xE3, 0xD7, 0x1F, 0xC0, 0x86, 0xA7, 0x3E, 0x02, 0x11, 0x04, 0xE9, 0x57, 0xB5, 0xD8, 
				0x57, 0x65, 0x27, 0x7B, 0x8F, 0xBA, 0xB9, 0xEF, 0xA0, 0x8F, 0x15, 0x9C, 0xEC, 0x2F, 0x85, 0x63, 0x4E, 0x52, 0x6B, 0xA6, 0xE3, 0x33, 0xCA, 0x86, 0x22, 0xBA, 0xF9, 0x06, 0xE8, 0xEC, 0xCB, 0xA7, 0xA5, 0xA8, 
				0xE2, 0x3E, 0xC7, 0x21, 0x74, 0x4E, 0xC9, 0xE9, 0x05, 0x5F, 0xAE, 0x78, 0x12, 0x51, 0x2F, 0xFA, 0x6A, 0x8F, 0x7C, 0xB0, 0x64, 0x2A, 0xFB, 0xB7, 0xB2, 0x40, 0x91, 0x20, 0xE7, 0x32, 0x53, 0x3F, 0x58, 0xCA, 
				0x80, 0xA2, 0x41, 0xC5, 0x02, 0x03, 0x01, 0x00, 0x01, 0x30, 0x09, 0x06, 0x05, 0x2B, 0x0E, 0x03, 0x02, 0x1D, 0x05, 0x00, 0x03, 0x81, 0x81, 0x00, 0x9D, 0x57, 0xB0, 0x25, 0x97, 0x81, 0x22, 0x3C, 0xC4, 0x61, 
				0x9D, 0xC9, 0xDB, 0xD8, 0xC7, 0xC1, 0xED, 0xFB, 0x1C, 0xDD, 0x35, 0x98, 0xD7, 0x40, 0x58, 0xA4, 0x43, 0x86, 0x54, 0xF9, 0x68, 0x96, 0x85, 0xB5, 0x91, 0xBC, 0xB7, 0x82, 0xB2, 0x7E, 0x7B, 0x58, 0xBD, 0x80, 
				0xCE, 0x34, 0x7E, 0x22, 0x87, 0x62, 0x31, 0xB5, 0x03, 0x16, 0xA0, 0x20, 0x17, 0x9D, 0xE7, 0x5D, 0xAA, 0x12, 0xF5, 0x92, 0xDF, 0x94, 0xE6, 0x69, 0xCD, 0xF6, 0xFC, 0x82, 0x9B, 0xDC, 0xD3, 0x30, 0x40, 0xB1, 
				0x71, 0x4F, 0x4A, 0x64, 0xCB, 0xDC, 0x14, 0xC8, 0xC1, 0x7F, 0x6F, 0x23, 0xCE, 0xDD, 0x19, 0x22, 0x4F, 0x24, 0x1E, 0x27, 0x18, 0x66, 0x88, 0x7A, 0x9A, 0x9A, 0x09, 0x37, 0x6D, 0x65, 0x15, 0xE8, 0x28, 0x5E, 
				0x82, 0xEB, 0x5B, 0x82, 0xE8, 0x8A, 0xAC, 0x8F, 0xC3, 0x6C, 0xEE, 0xF0, 0x3E, 0x20, 0xCB, 0xC7 };

			DateTime expectedNotAfter = new DateTime (632853923270000000,
				DateTimeKind.Utc);
			DateTime expectedNotBefore = new DateTime (632538347270000000,
				DateTimeKind.Utc);

			Assert.IsFalse (x.Archived, "Archived");
			Assert.AreEqual (0, x.Extensions.Count, "Extensions");
			Assert.AreEqual (0, x.FriendlyName.Length, "FriendlyName");
			Assert.IsFalse (x.HasPrivateKey, "HasPrivateKey");
			Assert.AreEqual ("CN=CASTOR\\poupou", x.Issuer, "Issuer");
			Assert.AreEqual ("CN=CASTOR\\poupou", x.IssuerName.Name, "IssuerName");
			Assert.AreEqual (expectedNotAfter.Ticks, x.NotAfter.ToUniversalTime ().Ticks, "NotAfter#1");
			Assert.AreEqual (DateTimeKind.Local, x.NotAfter.Kind, "NotAfter#2");
			Assert.AreEqual (expectedNotAfter.ToLocalTime (), x.NotAfter, "NotAfter#3");
			Assert.AreEqual (expectedNotBefore.Ticks, x.NotBefore.ToUniversalTime ().Ticks, "NotBefore#1");
			Assert.AreEqual (DateTimeKind.Local, x.NotBefore.Kind, "NotBefore#2");
			Assert.AreEqual (expectedNotBefore.ToLocalTime (), x.NotBefore, "NotBefore#3");
			Assert.IsNull (x.PrivateKey, "PrivateKey");
			Assert.AreEqual ("<RSAKeyValue><Modulus>2uo5OPY69Iv54sfVLPka1XXPF6yzRr1/P5c4LhBBssTZFBXY5vkROIB149cfwIanPgIRBOlXtdhXZSd7j7q576CPFZzsL4VjTlJrpuMzyoYiuvkG6OzLp6Wo4j7HIXROyekFX654ElEv+mqPfLBkKvu3skCRIOcyUz9YyoCiQcU=</Modulus><Exponent>AQAB</Exponent></RSAKeyValue>", x.PublicKey.Key.ToXmlString (false), "PublicKey");
			Assert.AreEqual (raw, x.RawData, "RawData");
			Assert.AreEqual ("C775AE48539B1E9E448015CA78154769", x.SerialNumber, "SerialNumber");
			Assert.AreEqual ("1.3.14.3.2.29", x.SignatureAlgorithm.Value, "SignatureAlgorithm");
			Assert.AreEqual ("CN=CASTOR\\poupou", x.Subject, "Subject");
			Assert.AreEqual ("CN=CASTOR\\poupou", x.SubjectName.Name, "SubjectName");
			Assert.AreEqual ("1D53CC89D09F114A487F7F529ECBD186A3D58529", x.Thumbprint, "Thumbprint");
			Assert.AreEqual (3, x.Version, "Version");

			Assert.AreEqual (String.Empty, x.GetNameInfo (X509NameType.DnsFromAlternativeName, true), "DnsFromAlternativeName,true");
			Assert.AreEqual ("CASTOR\\poupou", x.GetNameInfo (X509NameType.DnsName, true), "DnsName,true");
			Assert.AreEqual (String.Empty, x.GetNameInfo (X509NameType.EmailName, true), "EmailName,true");
			Assert.AreEqual ("CASTOR\\poupou", x.GetNameInfo (X509NameType.SimpleName, true), "SimpleName,true");
			Assert.AreEqual (String.Empty, x.GetNameInfo (X509NameType.UpnName, true), "UpnName,true");
			Assert.AreEqual (String.Empty, x.GetNameInfo (X509NameType.UrlName, true), "UrlName,true");
			Assert.AreEqual (String.Empty, x.GetNameInfo (X509NameType.DnsFromAlternativeName, false), "DnsFromAlternativeName,false");
			Assert.AreEqual ("CASTOR\\poupou", x.GetNameInfo (X509NameType.DnsName, false), "DnsName,false");
			Assert.AreEqual (String.Empty, x.GetNameInfo (X509NameType.EmailName, false), "EmailName,false");
			Assert.AreEqual ("CASTOR\\poupou", x.GetNameInfo (X509NameType.SimpleName, false), "SimpleName,false");
			Assert.AreEqual (String.Empty, x.GetNameInfo (X509NameType.UpnName, false), "UpnName,false");
			Assert.AreEqual (String.Empty, x.GetNameInfo (X509NameType.UrlName, false), "UrlName,false");
		}
        public X509Certificate2Collection Find(X509FindType findType, object findValue, bool validOnly)
        {
            if (findValue == null)
            {
                throw new ArgumentNullException("findValue");
            }
            string            text              = string.Empty;
            string            text2             = string.Empty;
            X509KeyUsageFlags x509KeyUsageFlags = X509KeyUsageFlags.None;
            DateTime          t = DateTime.MinValue;

            switch (findType)
            {
            case X509FindType.FindByThumbprint:
            case X509FindType.FindBySubjectName:
            case X509FindType.FindBySubjectDistinguishedName:
            case X509FindType.FindByIssuerName:
            case X509FindType.FindByIssuerDistinguishedName:
            case X509FindType.FindBySerialNumber:
            case X509FindType.FindByTemplateName:
            case X509FindType.FindBySubjectKeyIdentifier:
                try
                {
                    text = (string)findValue;
                }
                catch (Exception inner)
                {
                    string text3 = Locale.GetText("Invalid find value type '{0}', expected '{1}'.", new object[]
                    {
                        findValue.GetType(),
                        "string"
                    });
                    throw new CryptographicException(text3, inner);
                }
                break;

            case X509FindType.FindByTimeValid:
            case X509FindType.FindByTimeNotYetValid:
            case X509FindType.FindByTimeExpired:
                try
                {
                    t = (DateTime)findValue;
                }
                catch (Exception inner2)
                {
                    string text4 = Locale.GetText("Invalid find value type '{0}', expected '{1}'.", new object[]
                    {
                        findValue.GetType(),
                        "X509DateTime"
                    });
                    throw new CryptographicException(text4, inner2);
                }
                break;

            case X509FindType.FindByApplicationPolicy:
            case X509FindType.FindByCertificatePolicy:
            case X509FindType.FindByExtension:
                try
                {
                    text2 = (string)findValue;
                }
                catch (Exception inner3)
                {
                    string text5 = Locale.GetText("Invalid find value type '{0}', expected '{1}'.", new object[]
                    {
                        findValue.GetType(),
                        "X509KeyUsageFlags"
                    });
                    throw new CryptographicException(text5, inner3);
                }
                try
                {
                    CryptoConfig.EncodeOID(text2);
                }
                catch (CryptographicUnexpectedOperationException)
                {
                    string text6 = Locale.GetText("Invalid OID value '{0}'.", new object[]
                    {
                        text2
                    });
                    throw new ArgumentException("findValue", text6);
                }
                break;

            case X509FindType.FindByKeyUsage:
                try
                {
                    x509KeyUsageFlags = (X509KeyUsageFlags)((int)findValue);
                }
                catch (Exception inner4)
                {
                    string text7 = Locale.GetText("Invalid find value type '{0}', expected '{1}'.", new object[]
                    {
                        findValue.GetType(),
                        "X509KeyUsageFlags"
                    });
                    throw new CryptographicException(text7, inner4);
                }
                break;

            default:
            {
                string text8 = Locale.GetText("Invalid find type '{0}'.", new object[]
                    {
                        findType
                    });
                throw new CryptographicException(text8);
            }
            }
            CultureInfo invariantCulture = CultureInfo.InvariantCulture;
            X509Certificate2Collection x509Certificate2Collection = new X509Certificate2Collection();

            foreach (object obj in base.InnerList)
            {
                X509Certificate2 x509Certificate = (X509Certificate2)obj;
                bool             flag            = false;
                switch (findType)
                {
                case X509FindType.FindByThumbprint:
                    flag = (string.Compare(text, x509Certificate.Thumbprint, true, invariantCulture) == 0 || string.Compare(text, x509Certificate.GetCertHashString(), true, invariantCulture) == 0);
                    break;

                case X509FindType.FindBySubjectName:
                {
                    string nameInfo = x509Certificate.GetNameInfo(X509NameType.SimpleName, false);
                    flag = (nameInfo.IndexOf(text, StringComparison.InvariantCultureIgnoreCase) >= 0);
                    break;
                }

                case X509FindType.FindBySubjectDistinguishedName:
                    flag = (string.Compare(text, x509Certificate.Subject, true, invariantCulture) == 0);
                    break;

                case X509FindType.FindByIssuerName:
                {
                    string nameInfo2 = x509Certificate.GetNameInfo(X509NameType.SimpleName, true);
                    flag = (nameInfo2.IndexOf(text, StringComparison.InvariantCultureIgnoreCase) >= 0);
                    break;
                }

                case X509FindType.FindByIssuerDistinguishedName:
                    flag = (string.Compare(text, x509Certificate.Issuer, true, invariantCulture) == 0);
                    break;

                case X509FindType.FindBySerialNumber:
                    flag = (string.Compare(text, x509Certificate.SerialNumber, true, invariantCulture) == 0);
                    break;

                case X509FindType.FindByTimeValid:
                    flag = (t >= x509Certificate.NotBefore && t <= x509Certificate.NotAfter);
                    break;

                case X509FindType.FindByTimeNotYetValid:
                    flag = (t < x509Certificate.NotBefore);
                    break;

                case X509FindType.FindByTimeExpired:
                    flag = (t > x509Certificate.NotAfter);
                    break;

                case X509FindType.FindByApplicationPolicy:
                    flag = (x509Certificate.Extensions.Count == 0);
                    break;

                case X509FindType.FindByExtension:
                    flag = (x509Certificate.Extensions[text2] != null);
                    break;

                case X509FindType.FindByKeyUsage:
                {
                    X509KeyUsageExtension x509KeyUsageExtension = x509Certificate.Extensions["2.5.29.15"] as X509KeyUsageExtension;
                    flag = (x509KeyUsageExtension == null || (x509KeyUsageExtension.KeyUsages & x509KeyUsageFlags) == x509KeyUsageFlags);
                    break;
                }

                case X509FindType.FindBySubjectKeyIdentifier:
                {
                    X509SubjectKeyIdentifierExtension x509SubjectKeyIdentifierExtension = x509Certificate.Extensions["2.5.29.14"] as X509SubjectKeyIdentifierExtension;
                    if (x509SubjectKeyIdentifierExtension != null)
                    {
                        flag = (string.Compare(text, x509SubjectKeyIdentifierExtension.SubjectKeyIdentifier, true, invariantCulture) == 0);
                    }
                    break;
                }
                }
                if (flag)
                {
                    if (validOnly)
                    {
                        try
                        {
                            if (x509Certificate.Verify())
                            {
                                x509Certificate2Collection.Add(x509Certificate);
                            }
                        }
                        catch
                        {
                        }
                    }
                    else
                    {
                        x509Certificate2Collection.Add(x509Certificate);
                    }
                }
            }
            return(x509Certificate2Collection);
        }
		/*
		SslPolicyErrors:
			RemoteCertificateNotAvailable = 1, // 証明書が利用できません.
			RemoteCertificateNameMismatch = 2, // 証明書名が不一致です.
			RemoteCertificateChainErrors  = 4, // ChainStatus が空でない配列を返しました.
		*/

		//
		//
		//
		public bool ValidateServerCertificate(object obj, X509Certificate certificate, X509Chain chain, SslPolicyErrors sslPolicyErrors)
		{
			m_log.InfoFormat("[NSL CERT VERIFY]: ValidateServerCertificate: Policy is ({0})", sslPolicyErrors);

			if (obj is HttpWebRequest) {
				//
				HttpWebRequest Request = (HttpWebRequest)obj;
				string noVerify = Request.Headers.Get("NoVerifyCert");
				if (noVerify!=null && noVerify.ToLower()=="true") {
					return true;
				}
			}

			X509Certificate2 certificate2 = new X509Certificate2(certificate);
			string simplename = certificate2.GetNameInfo(X509NameType.SimpleName, false);

			// None, ChainErrors 以外は全てエラーとする.
			if (sslPolicyErrors!=SslPolicyErrors.None && sslPolicyErrors!=SslPolicyErrors.RemoteCertificateChainErrors) {
				m_log.InfoFormat("[NSL CERT VERIFY]: ValidateServerCertificate: Simple Name is \"{0}\"", simplename);
				m_log.InfoFormat("[NSL CERT VERIFY]: ValidateServerCertificate: Policy Error!", sslPolicyErrors);
				return false;
			}

			bool valid = CheckPrivateChain(certificate2);
			if (valid) {
				m_log.InfoFormat("[NSL CERT VERIFY]: Valid Server Certification for \"{0}\"", simplename);
			}
			else {
				m_log.InfoFormat("[NSL CERT VERIFY]: Failed to Verify Server Certification for \"{0}\"", simplename);
			}
			return valid;
		}
Example #25
0
		public void Certificate_13_Properties ()
		{
			DateTime expectedNotAfter = new DateTime (634388218400000000,
				DateTimeKind.Utc);
			DateTime expectedNotBefore = new DateTime (631232890400000000,
				DateTimeKind.Utc);

			// DSA without parameters
			X509Certificate2 x = new X509Certificate2 (cert_13);
			Assert.IsFalse (x.Archived, "Archived");
			Assert.AreEqual (5, x.Extensions.Count, "Extensions");
			Assert.AreEqual (0, x.FriendlyName.Length, "FriendlyName");
			Assert.IsFalse (x.HasPrivateKey, "HasPrivateKey");
			Assert.AreEqual ("CN=DSA CA, O=Test Certificates, C=US", x.Issuer, "Issuer");
			Assert.AreEqual ("CN=DSA CA, O=Test Certificates, C=US", x.IssuerName.Name, "IssuerName");
			Assert.AreEqual (expectedNotAfter.Ticks, x.NotAfter.ToUniversalTime ().Ticks, "NotAfter#1");
			Assert.AreEqual (DateTimeKind.Local, x.NotAfter.Kind, "NotAfter#2");
			Assert.AreEqual (expectedNotAfter.ToLocalTime (), x.NotAfter, "NotAfter#3");
			Assert.AreEqual (expectedNotBefore.Ticks, x.NotBefore.ToUniversalTime ().Ticks, "NotBefore#1");
			Assert.AreEqual (DateTimeKind.Local, x.NotBefore.Kind, "NotBefore#2");
			Assert.AreEqual (expectedNotBefore.ToLocalTime (), x.NotBefore, "NotBefore#3");
			Assert.IsNull (x.PrivateKey, "PrivateKey");
			// note: this test will work if PKITS data is installed
			// Assert.AreEqual ("<DSAKeyValue><P>3+URPtrptm4Q1uqd4p06sEe9RADHVsjMbtAzhFZHNT32VMjjwq27unXzLzMMpvkx7Gfj5Zlt/CluqleIcjTijgCQ4KOsZI7A9jwdj7TISkgwXn+qnHYmC9sTczODl8DFs+Y39T7/FQ3UoS66Mfirh9gLzHeYQm6sk5jCvS57NAs=</P><Q>zwYE2P+L6wDp9lwHlnP9lmU6Lwc=</Q><G>zOF8sM6SX2PsOLtEut2SNLZevmV72HF3BJ3sZnw7BM6281L+D5JVAu9OEqtdmi4vblbzcOxq7ZsiuKgTywycFurBCo4hJkSlDPmg7GLgcDHMaPULhaRKG2559MH5Nlo4b07vhFPfZ/3M91lij5yczRCPXKQPnLcH7GDzvq9+OZg=</G><Y>Z4xH2gw2gWQ5+Bo3C/C71BP9Zz1AyJyS4TqJVLDyl6Vw0GQXpKd8qeknCWXfoKUc/ATaPt1ia/AM7YFXT10pyAhZGQxfjYjw/4y26HUBvhAKZN9Xe4tsVvBTzkOIuQmZCDyQrwHo2TJd7VYCz2DSATrjCiuekUH2x3zebJljAA4=</Y></DSAKeyValue>", x.PublicKey.Key.ToXmlString (false), "PublicKey");
			Assert.AreEqual (cert_13, x.RawData, "RawData");
			Assert.AreEqual ("02", x.SerialNumber, "SerialNumber");
			Assert.AreEqual ("1.2.840.10040.4.3", x.SignatureAlgorithm.Value, "SignatureAlgorithm");
			Assert.AreEqual ("CN=DSA Parameters Inherited CA, O=Test Certificates, C=US", x.Subject, "Subject");
			Assert.AreEqual ("CN=DSA Parameters Inherited CA, O=Test Certificates, C=US", x.SubjectName.Name, "SubjectName");
			Assert.AreEqual ("0E29CDDCA5E732A20DCED87B3D002446853EBBD1", x.Thumbprint, "Thumbprint");
			Assert.AreEqual (3, x.Version, "Version");

			Assert.AreEqual (String.Empty, x.GetNameInfo (X509NameType.DnsFromAlternativeName, true), "DnsFromAlternativeName,true");
			Assert.AreEqual ("DSA CA", x.GetNameInfo (X509NameType.DnsName, true), "DnsName,true");
			Assert.AreEqual (String.Empty, x.GetNameInfo (X509NameType.EmailName, true), "EmailName,true");
			Assert.AreEqual ("DSA CA", x.GetNameInfo (X509NameType.SimpleName, true), "SimpleName,true");
			Assert.AreEqual (String.Empty, x.GetNameInfo (X509NameType.UpnName, true), "UpnName,true");
			Assert.AreEqual (String.Empty, x.GetNameInfo (X509NameType.UrlName, true), "UrlName,true");
			Assert.AreEqual (String.Empty, x.GetNameInfo (X509NameType.DnsFromAlternativeName, false), "DnsFromAlternativeName,false");
			Assert.AreEqual ("DSA Parameters Inherited CA", x.GetNameInfo (X509NameType.DnsName, false), "DnsName,false");
			Assert.AreEqual (String.Empty, x.GetNameInfo (X509NameType.EmailName, false), "EmailName,false");
			Assert.AreEqual ("DSA Parameters Inherited CA", x.GetNameInfo (X509NameType.SimpleName, false), "SimpleName,false");
			Assert.AreEqual (String.Empty, x.GetNameInfo (X509NameType.UpnName, false), "UpnName,false");
			Assert.AreEqual (String.Empty, x.GetNameInfo (X509NameType.UrlName, false), "UrlName,false");

			// extensions
			X509Extension ext = x.Extensions[0];
			Assert.AreEqual ("2.5.29.14", ext.Oid.Value, "Oid-0");
			Assert.AreEqual ("04-14-5D-24-EE-8A-55-1A-F2-C6-C9-B2-C2-BF-8A-F0-B2-49-4F-3A-B3-1B", BitConverter.ToString (ext.RawData), "RawData-0");
			Assert.IsFalse (ext.Critical, "Critical-0");
			X509SubjectKeyIdentifierExtension ski = (X509SubjectKeyIdentifierExtension) ext;
			Assert.AreEqual ("5D24EE8A551AF2C6C9B2C2BF8AF0B2494F3AB31B", ski.SubjectKeyIdentifier, "SubjectKeyIdentifier");
			ext = x.Extensions[1];
			Assert.AreEqual ("2.5.29.35", ext.Oid.Value, "Oid-1");
			Assert.AreEqual ("30-16-80-14-74-15-D5-24-1C-BD-5E-65-88-1F-E1-8B-09-7E-7F-EA-19-48-4E-61", BitConverter.ToString (ext.RawData), "RawData-1");
			Assert.IsFalse (ext.Critical, "Critical-1");
			ext = x.Extensions[2];
			Assert.AreEqual ("2.5.29.32", ext.Oid.Value, "Oid-2");
			Assert.AreEqual ("30-0E-30-0C-06-0A-60-86-48-01-65-03-02-01-30-01", BitConverter.ToString (ext.RawData), "RawData-2");
			Assert.IsFalse (ext.Critical, "Critical-2");
			ext = x.Extensions[3];
			Assert.AreEqual ("2.5.29.15", ext.Oid.Value, "Oid-3");
			Assert.AreEqual ("03-02-01-06", BitConverter.ToString (ext.RawData), "RawData-3");
			Assert.IsTrue (ext.Critical, "Critical-3");
			X509KeyUsageExtension kue = (X509KeyUsageExtension) ext;
			Assert.AreEqual (X509KeyUsageFlags.CrlSign | X509KeyUsageFlags.KeyCertSign, kue.KeyUsages, "KeyUsages");
			ext = x.Extensions[4];
			Assert.AreEqual ("2.5.29.19", ext.Oid.Value, "Oid-4");
			Assert.AreEqual ("30-03-01-01-FF", BitConverter.ToString (ext.RawData), "RawData-4");
			Assert.IsTrue (ext.Critical, "Critical-4");
			X509BasicConstraintsExtension bce = (X509BasicConstraintsExtension) ext;
			Assert.IsTrue (bce.CertificateAuthority, "CertificateAuthority");
			Assert.IsFalse (bce.HasPathLengthConstraint, "HasPathLengthConstraint");
			Assert.AreEqual (0, bce.PathLengthConstraint, "PathLengthConstraint");
		}
Example #26
0
        void Process(string ou, DirectoryEntry de)
        {
            string name = de.Name.StripCNFromName();

              try
              {
            if (de.SchemaClassName.Equals("user") || de.SchemaClassName.Equals("computer"))
            {
              #region Get the data out of the Directory Entry
              ADInfo info = new ADInfo();
              info.name = name;
              info.sAMAccountName = ad.GetStringProperty(de, "sAMAccountName");
              info.mail = ad.GetStringProperty(de, "mail");
              info.displayName = ad.GetStringProperty(de, "displayName");
              info.mailNickname = ad.GetStringProperty(de, "mailNickName");
              info.company = ad.GetStringProperty(de, "company");
              info.c = ad.GetStringProperty(de, "c");
              info.department = ad.GetStringProperty(de, "department");
              info.facsimileTelephoneNumber = ad.GetStringProperty(de, "facsimileTelephoneNumber");
              info.givenName = ad.GetStringProperty(de, "givenName");
              info.initials = ad.GetStringProperty(de, "initials");
              info.sn = ad.GetStringProperty(de, "sn");
              info.adminDescription = ad.GetStringProperty(de, "adminDescription");
              info.physicalDeliveryOfficeName = ad.GetStringProperty(de, "physicalDeliveryOfficeName");
              info.telephoneNumber = ad.GetStringProperty(de, "telephoneNumber");
              info.title = ad.GetStringProperty(de, "title");
              info.homeMTA = ad.GetStringProperty(de, "homeMTA");
              info.homeMDB = ad.GetStringProperty(de, "homeMDB");
              info.whenCreated = ad.GetStringProperty(de, "whenCreated");
              info.whenChanged = ad.GetStringProperty(de, "whenChanged");
              info.msExchHideFromAddressLists = ad.GetStringProperty(de, "msExchHideFromAddressLists");
              info.publicDelegatesBL = null;

              #region publicDelegatesBL
              if ((de.Properties["publicDelegatesBL"] as PropertyValueCollection).Count > 0)
              {
            StringBuilder pd = new StringBuilder();

            PropertyValueCollection pvc = (de.Properties["publicDelegatesBL"] as PropertyValueCollection);

            for (int i = 0; i < pvc.Count; i++)
            {
              string delim = String.Empty;

              if (i < (pvc.Count - 1)) delim = ";";

              pd.Append(String.Format("{0}{1}", pvc[i].ToString(), delim));
            }

            if (pd.Length > 0) info.publicDelegatesBL = pd.ToString();
              }
              #endregion

              #region userSMIMECertificate and userCertificate
              if (de.SchemaClassName.Equals("user"))
              {
            if (de.Properties.Contains("userSMIMECertificate"))
            {
              info.userSMIMECertificate = "True";

              X509Certificate2 x509 = new X509Certificate2(de.Properties["userSMIMECertificate"].Value as byte[]);

              info.certificateValidFromDate = x509.NotBefore.ToString();
              info.certificateExpirationDate = x509.NotAfter.ToString();
              info.certificateEmailAddress = x509.GetNameInfo(X509NameType.EmailName, false);

              x509 = null;
            }
            else
            {
              info.userSMIMECertificate = "False";

              if (de.Properties.Contains("userCertificate"))
              {
                info.userCertificate = "True";

                try
                {
                  X509Certificate2 x509 = new X509Certificate2(de.Properties["userCertificate"].Value as byte[]);

                  info.certificateValidFromDate = x509.NotBefore.ToString();
                  info.certificateExpirationDate = x509.NotAfter.ToString();
                  info.certificateEmailAddress = x509.GetNameInfo(X509NameType.EmailName, false);

                  x509 = null;
                }
                catch { }
              }
              else
                info.userCertificate = "False";
            }
              }
              #endregion

              info.altRecipient = ad.GetStringProperty(de, "altRecipient");
              info.legacyExchangeDN = ad.GetStringProperty(de, "legacyExchangeDN");
              info.MSExchangeMailboxGUID = ad.GetStringProperty(de, "MSExchangeMailboxGUID");
              info.userPrincipalName = ad.GetStringProperty(de, "userPrincipalName");
              info.distinguishedName = ad.GetStringProperty(de, "distinguishedName");
              info.homeDirectory = ad.GetStringProperty(de, "homeDirectory");
              info.scriptPath = ad.GetStringProperty(de, "scriptPath");
              info.objectCategory = ad.GetStringProperty(de, "objectCategory");
              info.msExchHomeServerName = ad.GetStringProperty(de, "msExchHomeServerName");
              info.mDBStorageQuota = ad.GetStringProperty(de, "mDBStorageQuota");
              info.mDBOverQuotaLimit = ad.GetStringProperty(de, "mDBOverQuotaLimit");
              info.mDBOverHardQuotaLimit = ad.GetStringProperty(de, "mDBOverHardQuotaLimit");
              info.objectClass = de.SchemaClassName;
              info.extensionAttribute1 = ad.GetStringProperty(de, "extensionAttribute1");
              info.extensionAttribute2 = ad.GetStringProperty(de, "extensionAttribute2");
              info.extensionAttribute3 = ad.GetStringProperty(de, "extensionAttribute3");
              info.extensionAttribute4 = ad.GetStringProperty(de, "extensionAttribute4");
              info.extensionAttribute5 = ad.GetStringProperty(de, "extensionAttribute5");
              info.extensionAttribute6 = ad.GetStringProperty(de, "extensionAttribute6");
              info.extensionAttribute7 = ad.GetStringProperty(de, "extensionAttribute7");
              info.extensionAttribute8 = ad.GetStringProperty(de, "extensionAttribute8");
              info.extensionAttribute9 = ad.GetStringProperty(de, "extensionAttribute9");
              info.extensionAttribute10 = ad.GetStringProperty(de, "extensionAttribute10");
              info.extensionAttribute11 = ad.GetStringProperty(de, "extensionAttribute11");
              info.extensionAttribute12 = ad.GetStringProperty(de, "extensionAttribute12");
              info.extensionAttribute13 = ad.GetStringProperty(de, "extensionAttribute13");
              info.extensionAttribute14 = ad.GetStringProperty(de, "extensionAttribute14");
              info.extensionAttribute15 = ad.GetStringProperty(de, "extensionAttribute15");

              info.lastLogonTimeStamp = ad.GetLastLogonTimeStamp(de);

              #region proxyAddresses
              info.proxyAddresses = null;

              if (de.SchemaClassName.Equals("user"))
              {
            StringBuilder pb = new StringBuilder();
            List<string> proxies = ad.GetProxyAddresses(de);

            for (int i = 0; i < proxies.Count; i++)
            {
              string delim = String.Empty;

              if (i < (proxies.Count - 1)) delim = ";";

              pb.Append(String.Format("{0}{1}", proxies[i].Trim(), delim));
            }

            if (pb.Length > 0) info.proxyAddresses = pb.ToString();
              }
              #endregion

              #region showInAddressBook
              info.showInAddressBook = null;

              if (de.SchemaClassName.Equals("user"))
              {
            StringBuilder ab = new StringBuilder();
            List<string> addr = ad.GetShowInAddressBook(de);

            for (int i = 0; i < addr.Count; i++)
            {
              string delim = String.Empty;

              if (i < (addr.Count - 1)) delim = ";";

              ab.Append(String.Format("{0}{1}", addr[i].Trim(), delim));
            }

            if (ab.Length > 0) info.showInAddressBook = ab.ToString();
              }
              #endregion

              #region memberOf
              StringBuilder mb = new StringBuilder();
              List<string> members = ad.GetMemberOf(de);

              for (int i = 0; i < members.Count; i++)
              {
            string delim = String.Empty;

            if (i < (members.Count - 1)) delim = ";";

            mb.Append(String.Format("{0}{1}", members[i].Trim(), delim));

            if (mb.Length > 0) info.memberOf = mb.ToString();
              }
              #endregion

              info.disabled = ad.IsDisabled(de).ToString();
              info.canonicalName = null;
              info.objectSID = new SecurityIdentifier(de.Properties["ObjectSid"].Value as byte[], 0).ToString();
              info.description = ad.GetStringProperty(de, "description");
              info.mDBUseDefaults = ad.GetStringProperty(de, "mDBUseDefaults");

              if (de.Properties.Contains("userAccountControl"))
            info.userAccountControl = de.Properties["userAccountControl"].Value.ToString();

              if (de.Properties.Contains("msExchMailboxGuid"))
            info.msExchMailboxGuid = new Guid(de.Properties["msExchMailboxGuid"].Value as byte[]).ToString();

              info.personalTitle = ad.GetStringProperty(de, "personalTitle");
              info.employeeType = ad.GetStringProperty(de, "employeeType");
              info.l = ad.GetStringProperty(de, "l");
              info.streetAddress = ad.GetStringProperty(de, "streetAddress");
              info.postalCode = ad.GetStringProperty(de, "postalCode");
              info.st = ad.GetStringProperty(de, "st");

              info.primarySMTP = ad.GetPrimarySMTP(de);

              infoList.Add(info);
              #endregion

              Console.Write("+");
            }
            else
              Console.Write("-");
              }
              catch { } // If there is a problem with an account, just move on silently.
        }
Example #27
0
		public void Certificate_11_Properties ()
		{
			DateTime expectedNotAfter = new DateTime (630822815400000000,
				DateTimeKind.Utc);
			DateTime expectedNotBefore = new DateTime (629606997000000000,
				DateTimeKind.Utc);

			X509Certificate2 x = new X509Certificate2 (cert_11);
			Assert.IsFalse (x.Archived, "Archived");
			Assert.AreEqual (0, x.Extensions.Count, "Extensions");
			Assert.AreEqual (0, x.FriendlyName.Length, "FriendlyName");
			Assert.IsFalse (x.HasPrivateKey, "HasPrivateKey");
			Assert.AreEqual ("CN=GTE CyberTrust Root, O=GTE Corporation, C=US", x.Issuer, "Issuer");
			Assert.AreEqual ("CN=GTE CyberTrust Root, O=GTE Corporation, C=US", x.IssuerName.Name, "IssuerName");
			Assert.AreEqual (expectedNotAfter.Ticks, x.NotAfter.ToUniversalTime ().Ticks, "NotAfter#1");
			Assert.AreEqual (DateTimeKind.Local, x.NotAfter.Kind, "NotAfter#2");
			Assert.AreEqual (expectedNotAfter.ToLocalTime (), x.NotAfter, "NotAfter#3");
			Assert.AreEqual (expectedNotBefore.Ticks, x.NotBefore.ToUniversalTime ().Ticks, "NotBefore#1");
			Assert.AreEqual (DateTimeKind.Local, x.NotBefore.Kind, "NotBefore#2");
			Assert.AreEqual (expectedNotBefore.ToLocalTime (), x.NotBefore, "NotBefore#3");
			Assert.IsNull (x.PrivateKey, "PrivateKey");
			Assert.AreEqual ("<RSAKeyValue><Modulus>uOZPutuYfHF8r0S30w9G2WTlk8FCjse6SY01LXrni73lBTFZxrEvCgz7n6c/oglmhFYeNykbh+l+DMqan6V/9RWUo9WiRoLYaEzRNxUGaK+9+LCz8Cn1lVoJFmF3CiIl1E9Fqse95Zbf+dSojkLMJMAekSdKtW0GgGM5xKJeOAM=</Modulus><Exponent>AQAB</Exponent></RSAKeyValue>", x.PublicKey.Key.ToXmlString (false), "PublicKey");
			Assert.AreEqual (cert_11, x.RawData, "RawData");
			Assert.AreEqual ("00", x.SerialNumber, "SerialNumber");
			Assert.AreEqual ("1.2.840.113549.1.1.4", x.SignatureAlgorithm.Value, "SignatureAlgorithm");
			Assert.AreEqual ("CN=GTE CyberTrust Root, O=GTE Corporation, C=US", x.Subject, "Subject");
			Assert.AreEqual ("CN=GTE CyberTrust Root, O=GTE Corporation, C=US", x.SubjectName.Name, "SubjectName");
			Assert.AreEqual ("A275E026ACD854794A4AA2CB53F66233129C55B6", x.Thumbprint, "Thumbprint");
			Assert.AreEqual (1, x.Version, "Version");

			Assert.AreEqual (String.Empty, x.GetNameInfo (X509NameType.DnsFromAlternativeName, true), "DnsFromAlternativeName,true");
			Assert.AreEqual ("GTE CyberTrust Root", x.GetNameInfo (X509NameType.DnsName, true), "DnsName,true");
			Assert.AreEqual (String.Empty, x.GetNameInfo (X509NameType.EmailName, true), "EmailName,true");
			Assert.AreEqual ("GTE CyberTrust Root", x.GetNameInfo (X509NameType.SimpleName, true), "SimpleName,true");
			Assert.AreEqual (String.Empty, x.GetNameInfo (X509NameType.UpnName, true), "UpnName,true");
			Assert.AreEqual (String.Empty, x.GetNameInfo (X509NameType.UrlName, true), "UrlName,true");
			Assert.AreEqual (String.Empty, x.GetNameInfo (X509NameType.DnsFromAlternativeName, false), "DnsFromAlternativeName,false");
			Assert.AreEqual ("GTE CyberTrust Root", x.GetNameInfo (X509NameType.DnsName, false), "DnsName,false");
			Assert.AreEqual (String.Empty, x.GetNameInfo (X509NameType.EmailName, false), "EmailName,false");
			Assert.AreEqual ("GTE CyberTrust Root", x.GetNameInfo (X509NameType.SimpleName, false), "SimpleName,false");
			Assert.AreEqual (String.Empty, x.GetNameInfo (X509NameType.UpnName, false), "UpnName,false");
			Assert.AreEqual (String.Empty, x.GetNameInfo (X509NameType.UrlName, false), "UrlName,false");
		}
Example #28
0
		public void Certificate_2_Properties ()
		{
			DateTime expectedNotAfter = new DateTime (631152758320000000,
				DateTimeKind.Utc);
			DateTime expectedNotBefore = new DateTime (629575958320000000,
				DateTimeKind.Utc);

			X509Certificate2 x = new X509Certificate2 (cert_2);
			Assert.IsFalse (x.Archived, "Archived");
			Assert.AreEqual (0, x.Extensions.Count, "Extensions");
			Assert.AreEqual (0, x.FriendlyName.Length, "FriendlyName");
			Assert.IsFalse (x.HasPrivateKey, "HasPrivateKey");
			Assert.AreEqual ("OU=Directory Services, O=AT&T, C=US", x.Issuer, "Issuer");
			Assert.AreEqual ("OU=Directory Services, O=AT&T, C=US", x.IssuerName.Name, "IssuerName");
			Assert.AreEqual (expectedNotAfter.Ticks, x.NotAfter.ToUniversalTime ().Ticks, "NotAfter#1");
			Assert.AreEqual (DateTimeKind.Local, x.NotAfter.Kind, "NotAfter#2");
			Assert.AreEqual (expectedNotAfter.ToLocalTime (), x.NotAfter, "NotAfter#3");
			Assert.AreEqual (expectedNotBefore.Ticks, x.NotBefore.ToUniversalTime ().Ticks, "NotBefore#1");
			Assert.AreEqual (DateTimeKind.Local, x.NotBefore.Kind, "NotBefore#2");
			Assert.AreEqual (expectedNotBefore.ToLocalTime (), x.NotBefore, "NotBefore#3");
			Assert.IsNull (x.PrivateKey, "PrivateKey");
			Assert.AreEqual ("<RSAKeyValue><Modulus>h2RyiQsgj4cnrMYi/gBAaUivxobNIzPjEcUxGh9+npITtqKs47AfKgdsttTeS/rxoqB9zku+viZICYyFEd7LIufC7kRR/mfVW1rgFjdUBLg7MhKUg56xTYBspKl2rLikl/erC2ylQ7puT8VOADAWPD+ZFNqiIAiLuu12rJcA1W0=</Modulus><Exponent>Dw==</Exponent></RSAKeyValue>", x.PublicKey.Key.ToXmlString (false), "PublicKey");
			Assert.AreEqual (cert_2, x.RawData, "RawData");
			Assert.AreEqual ("00", x.SerialNumber, "SerialNumber");
			Assert.AreEqual ("1.2.840.113549.1.1.4", x.SignatureAlgorithm.Value, "SignatureAlgorithm");
			Assert.AreEqual ("OU=Directory Services, O=AT&T, C=US", x.Subject, "Subject");
			Assert.AreEqual ("OU=Directory Services, O=AT&T, C=US", x.SubjectName.Name, "SubjectName");
			Assert.AreEqual ("9E87803EC5689AEFE77F92F91ABFA7467C76ED02", x.Thumbprint, "Thumbprint");
			Assert.AreEqual (1, x.Version, "Version");

			Assert.AreEqual (String.Empty, x.GetNameInfo (X509NameType.DnsFromAlternativeName, true), "DnsFromAlternativeName,true");
			Assert.AreEqual (String.Empty, x.GetNameInfo (X509NameType.DnsName, true), "DnsName,true");
			Assert.AreEqual (String.Empty, x.GetNameInfo (X509NameType.EmailName, true), "EmailName,true");
			Assert.AreEqual ("Directory Services", x.GetNameInfo (X509NameType.SimpleName, true), "SimpleName,true");
			Assert.AreEqual (String.Empty, x.GetNameInfo (X509NameType.UpnName, true), "UpnName,true");
			Assert.AreEqual (String.Empty, x.GetNameInfo (X509NameType.UrlName, true), "UrlName,true");
			Assert.AreEqual (String.Empty, x.GetNameInfo (X509NameType.DnsFromAlternativeName, false), "DnsFromAlternativeName,false");
			Assert.AreEqual (String.Empty, x.GetNameInfo (X509NameType.DnsName, false), "DnsName,false");
			Assert.AreEqual (String.Empty, x.GetNameInfo (X509NameType.EmailName, false), "EmailName,false");
			Assert.AreEqual ("Directory Services", x.GetNameInfo (X509NameType.SimpleName, false), "SimpleName,false");
			Assert.AreEqual (String.Empty, x.GetNameInfo (X509NameType.UpnName, false), "UpnName,false");
			Assert.AreEqual (String.Empty, x.GetNameInfo (X509NameType.UrlName, false), "UrlName,false");
		}
Example #29
0
		public void Certificate_12_Properties ()
		{
			DateTime expectedNotAfter = new DateTime (632053191480000000,
				DateTimeKind.Utc);
			DateTime expectedNotBefore = new DateTime (631578849480000000,
				DateTimeKind.Utc);

			X509Certificate2 x = new X509Certificate2 (cert_12);
			Assert.IsFalse (x.Archived, "Archived");
			Assert.AreEqual (5, x.Extensions.Count, "Extensions");
			Assert.AreEqual (0, x.FriendlyName.Length, "FriendlyName");
			Assert.IsFalse (x.HasPrivateKey, "HasPrivateKey");
			Assert.AreEqual ("CN=Microsoft Code Signing PCA, OU=Copyright (c) 2000 Microsoft Corp., O=Microsoft Corporation, L=Redmond, S=Washington, C=US", x.Issuer, "Issuer");
			Assert.AreEqual ("CN=Microsoft Code Signing PCA, OU=Copyright (c) 2000 Microsoft Corp., O=Microsoft Corporation, L=Redmond, S=Washington, C=US", x.IssuerName.Name, "IssuerName");
			Assert.AreEqual (expectedNotAfter.Ticks, x.NotAfter.ToUniversalTime ().Ticks, "NotAfter#1");
			Assert.AreEqual (DateTimeKind.Local, x.NotAfter.Kind, "NotAfter#2");
			Assert.AreEqual (expectedNotAfter.ToLocalTime (), x.NotAfter, "NotAfter#3");
			Assert.AreEqual (expectedNotBefore.Ticks, x.NotBefore.ToUniversalTime ().Ticks, "NotBefore#1");
			Assert.AreEqual (DateTimeKind.Local, x.NotBefore.Kind, "NotBefore#2");
			Assert.AreEqual (expectedNotBefore.ToLocalTime (), x.NotBefore, "NotBefore#3");
			Assert.IsNull (x.PrivateKey, "PrivateKey");
			Assert.AreEqual ("<RSAKeyValue><Modulus>qpm9OagYJ/QrPQtMP3x3LqfLtdGMDcI6dNeTteCgSz9ZXs5FT5p5KfFJzBpH7lXCCD4SIPhV8u5f0+DKlrww3v5YyCcy0IVU6PCRELvzK74Z5QObC4Yd87A5jLj9Cx08cyasVyvKKaIVkIIV4nejQFIDi53CcLof6TT28zWSTlWD+NowtiDeVwa1WkIG3lnL8t+mvRVHcRklI9LLb5sZed9qW/F2BXkp/MNWyo9ECIVVisvID0ZLVcuMlndKh+ipQQbH/w3paFdjcsNpV7RDzzI6MNwb6dVDJip5/pXbImckyS/QNOPm+1FJhrg80CVf1uyeA2GHqWhAx/jiA+bPBQ==</Modulus><Exponent>AQAB</Exponent></RSAKeyValue>", x.PublicKey.Key.ToXmlString (false), "PublicKey");
			Assert.AreEqual (cert_12, x.RawData, "RawData");
			Assert.AreEqual ("61071143000000000034", x.SerialNumber, "SerialNumber");
			Assert.AreEqual ("1.2.840.113549.1.1.5", x.SignatureAlgorithm.Value, "SignatureAlgorithm");
			Assert.AreEqual ("CN=Microsoft Corporation, OU=Copyright (c) 2002 Microsoft Corp., O=Microsoft Corporation, L=Redmond, S=Washington, C=US", x.Subject, "Subject");
			Assert.AreEqual ("CN=Microsoft Corporation, OU=Copyright (c) 2002 Microsoft Corp., O=Microsoft Corporation, L=Redmond, S=Washington, C=US", x.SubjectName.Name, "SubjectName");
			Assert.AreEqual ("282D9806C3DF7345929F64F5895EF2EA4AC29302", x.Thumbprint, "Thumbprint");
			Assert.AreEqual (3, x.Version, "Version");

			Assert.AreEqual (String.Empty, x.GetNameInfo (X509NameType.DnsFromAlternativeName, true), "DnsFromAlternativeName,true");
			Assert.AreEqual ("Microsoft Code Signing PCA", x.GetNameInfo (X509NameType.DnsName, true), "DnsName,true");
			Assert.AreEqual (String.Empty, x.GetNameInfo (X509NameType.EmailName, true), "EmailName,true");
			Assert.AreEqual ("Microsoft Code Signing PCA", x.GetNameInfo (X509NameType.SimpleName, true), "SimpleName,true");
			Assert.AreEqual (String.Empty, x.GetNameInfo (X509NameType.UpnName, true), "UpnName,true");
			Assert.AreEqual (String.Empty, x.GetNameInfo (X509NameType.UrlName, true), "UrlName,true");
			Assert.AreEqual (String.Empty, x.GetNameInfo (X509NameType.DnsFromAlternativeName, false), "DnsFromAlternativeName,false");
			Assert.AreEqual ("Microsoft Corporation", x.GetNameInfo (X509NameType.DnsName, false), "DnsName,false");
			Assert.AreEqual (String.Empty, x.GetNameInfo (X509NameType.EmailName, false), "EmailName,false");
			Assert.AreEqual ("Microsoft Corporation", x.GetNameInfo (X509NameType.SimpleName, false), "SimpleName,false");
			Assert.AreEqual (String.Empty, x.GetNameInfo (X509NameType.UpnName, false), "UpnName,false");
			Assert.AreEqual (String.Empty, x.GetNameInfo (X509NameType.UrlName, false), "UrlName,false");

			// extensions
			X509Extension ext = x.Extensions[0];
			Assert.AreEqual ("2.5.29.15", ext.Oid.Value, "Oid-0");
			Assert.AreEqual ("03-02-06-C0", BitConverter.ToString (ext.RawData), "RawData-0");
			Assert.IsTrue (ext.Critical, "Critical-0");
			X509KeyUsageExtension kue = (X509KeyUsageExtension) ext;
			Assert.AreEqual (X509KeyUsageFlags.DigitalSignature | X509KeyUsageFlags.NonRepudiation, kue.KeyUsages, "KeyUsages");
			ext = x.Extensions[1];
			Assert.AreEqual ("2.5.29.37", ext.Oid.Value, "Oid-1");
			Assert.AreEqual ("30-0A-06-08-2B-06-01-05-05-07-03-03", BitConverter.ToString (ext.RawData), "RawData-1");
			Assert.IsFalse (ext.Critical, "Critical-1");
			X509EnhancedKeyUsageExtension eku = (X509EnhancedKeyUsageExtension) ext;
			Assert.AreEqual (1, eku.EnhancedKeyUsages.Count, "EnhancedKeyUsages.Count");
			Assert.AreEqual ("1.3.6.1.5.5.7.3.3", eku.EnhancedKeyUsages[0].Value, "EnhancedKeyUsages[0]");
			ext = x.Extensions[2];
			Assert.AreEqual ("2.5.29.14", ext.Oid.Value, "Oid-2");
			Assert.AreEqual ("04-14-6B-C8-C6-51-20-F0-B4-2F-D3-A0-B6-AE-7F-5E-26-B2-B8-87-52-29", BitConverter.ToString (ext.RawData), "RawData-2");
			Assert.IsFalse (ext.Critical, "Critical-2");
			X509SubjectKeyIdentifierExtension ski = (X509SubjectKeyIdentifierExtension) ext;
			Assert.AreEqual ("6BC8C65120F0B42FD3A0B6AE7F5E26B2B8875229", ski.SubjectKeyIdentifier, "SubjectKeyIdentifier");
			ext = x.Extensions[3];
			Assert.AreEqual ("2.5.29.35", ext.Oid.Value, "Oid-3");
			Assert.AreEqual ("30-81-9E-80-14-29-5C-B9-1B-B6-CD-33-EE-BB-9E-59-7D-F7-E5-CA-2E-C4-0D-34-28-A1-74-A4-72-30-70-31-2B-30-29-06-03-55-04-0B-13-22-43-6F-70-79-72-69-67-68-74-20-28-63-29-20-31-39-39-37-20-4D-69-63-72-6F-73-6F-66-74-20-43-6F-72-70-2E-31-1E-30-1C-06-03-55-04-0B-13-15-4D-69-63-72-6F-73-6F-66-74-20-43-6F-72-70-6F-72-61-74-69-6F-6E-31-21-30-1F-06-03-55-04-03-13-18-4D-69-63-72-6F-73-6F-66-74-20-52-6F-6F-74-20-41-75-74-68-6F-72-69-74-79-82-10-6A-0B-99-4F-C0-00-DE-AA-11-D4-D8-40-9A-A8-BE-E6", BitConverter.ToString (ext.RawData), "RawData-3");
			Assert.IsFalse (ext.Critical, "Critical-3");
			ext = x.Extensions[4];
			Assert.AreEqual ("2.5.29.31", ext.Oid.Value, "Oid-4");
			Assert.AreEqual ("30-41-30-3F-A0-3D-A0-3B-86-39-68-74-74-70-3A-2F-2F-63-72-6C-2E-6D-69-63-72-6F-73-6F-66-74-2E-63-6F-6D-2F-70-6B-69-2F-63-72-6C-2F-70-72-6F-64-75-63-74-73-2F-43-6F-64-65-53-69-67-6E-50-43-41-2E-63-72-6C", BitConverter.ToString (ext.RawData), "RawData-4");
			Assert.IsFalse (ext.Critical, "Critical-4");
		}
Example #30
0
		public void Certificate_3_Properties ()
		{
			DateTime expectedNotAfter = new DateTime (629771327990000000,
				DateTimeKind.Utc);
			DateTime expectedNotBefore = new DateTime (629749728000000000,
				DateTimeKind.Utc);

			X509Certificate2 x = new X509Certificate2 (cert_3);
			Assert.IsFalse (x.Archived, "Archived");
			Assert.AreEqual (7, x.Extensions.Count, "Extensions");
			Assert.AreEqual (0, x.FriendlyName.Length, "FriendlyName");
			Assert.IsFalse (x.HasPrivateKey, "HasPrivateKey");
			Assert.AreEqual ("CN=Brand Name:Product Type, O=CCA - Unique ID, C=US", x.Issuer, "Issuer");
			Assert.AreEqual ("CN=Brand Name:Product Type, O=CCA - Unique ID, C=US", x.IssuerName.Name, "IssuerName");
			Assert.AreEqual (expectedNotAfter.Ticks, x.NotAfter.ToUniversalTime ().Ticks, "NotAfter#1");
			Assert.AreEqual (DateTimeKind.Local, x.NotAfter.Kind, "NotAfter#2");
			Assert.AreEqual (expectedNotAfter.ToLocalTime (), x.NotAfter, "NotAfter#3");
			Assert.AreEqual (expectedNotBefore.Ticks, x.NotBefore.ToUniversalTime ().Ticks, "NotBefore#1");
			Assert.AreEqual (DateTimeKind.Local, x.NotBefore.Kind, "NotBefore#2");
			Assert.AreEqual (expectedNotBefore.ToLocalTime (), x.NotBefore, "NotBefore#3");
			Assert.IsNull (x.PrivateKey, "PrivateKey");
			Assert.AreEqual ("<RSAKeyValue><Modulus>rMQOBSW86u8MIn/EDEppMQD5P+nhbFSXd04YxkqV4NRYKVwXXR0eVrxJPeD5n7sB+Ya2ppXd4QQyAVJOj4Yw9w==</Modulus><Exponent>AQAB</Exponent></RSAKeyValue>", x.PublicKey.Key.ToXmlString (false), "PublicKey");
			Assert.AreEqual (cert_3, x.RawData, "RawData");
			Assert.AreEqual ("0353D78BDB3E16158055C4054002734D0C20F80D88005F657AACBA86BD1CD7E4", x.SerialNumber, "SerialNumber");
			Assert.AreEqual ("1.2.840.113549.1.1.5", x.SignatureAlgorithm.Value, "SignatureAlgorithm");
			Assert.AreEqual ("CN=\"0+WKJx+wYEZabSSPVX9kLsnx92s=\", OU=Issuing Financial Institution, O=BrandID, C=US", x.Subject, "Subject");
			Assert.AreEqual ("CN=\"0+WKJx+wYEZabSSPVX9kLsnx92s=\", OU=Issuing Financial Institution, O=BrandID, C=US", x.SubjectName.Name, "SubjectName");
			Assert.AreEqual ("395FBBFC148933277689B7593A7D1CFFF156F162", x.Thumbprint, "Thumbprint");
			Assert.AreEqual (3, x.Version, "Version");

			Assert.AreEqual (String.Empty, x.GetNameInfo (X509NameType.DnsFromAlternativeName, true), "DnsFromAlternativeName,true");
			Assert.AreEqual ("Brand Name:Product Type", x.GetNameInfo (X509NameType.DnsName, true), "DnsName,true");
			Assert.AreEqual (String.Empty, x.GetNameInfo (X509NameType.EmailName, true), "EmailName,true");
			Assert.AreEqual ("Brand Name:Product Type", x.GetNameInfo (X509NameType.SimpleName, true), "SimpleName,true");
			Assert.AreEqual (String.Empty, x.GetNameInfo (X509NameType.UpnName, true), "UpnName,true");
			Assert.AreEqual (String.Empty, x.GetNameInfo (X509NameType.UrlName, true), "UrlName,true");
			Assert.AreEqual (String.Empty, x.GetNameInfo (X509NameType.DnsFromAlternativeName, false), "DnsFromAlternativeName,false");
			Assert.AreEqual ("0+WKJx+wYEZabSSPVX9kLsnx92s=", x.GetNameInfo (X509NameType.DnsName, false), "DnsName,false");
			Assert.AreEqual (String.Empty, x.GetNameInfo (X509NameType.EmailName, false), "EmailName,false");
			Assert.AreEqual ("0+WKJx+wYEZabSSPVX9kLsnx92s=", x.GetNameInfo (X509NameType.SimpleName, false), "SimpleName,false");
			Assert.AreEqual (String.Empty, x.GetNameInfo (X509NameType.UpnName, false), "UpnName,false");
			Assert.AreEqual (String.Empty, x.GetNameInfo (X509NameType.UrlName, false), "UrlName,false");

			// extensions
			X509Extension ext = x.Extensions[0];
			Assert.AreEqual ("2.5.29.35", ext.Oid.Value, "Oid-0");
			Assert.AreEqual ("30-53-81-4B-84-49-31-0B-30-09-06-03-55-04-06-13-02-55-53-31-18-30-16-06-03-55-04-0A-13-0F-43-43-41-20-2D-20-55-6E-69-71-75-65-20-49-44-31-20-30-1E-06-03-55-04-03-13-17-42-72-61-6E-64-20-4E-61-6D-65-3A-50-72-6F-64-75-63-74-20-54-79-70-65-82-04-32-06-AC-10", BitConverter.ToString (ext.RawData), "RawData-0");
			Assert.IsFalse (ext.Critical, "Critical-0");
			ext = x.Extensions[1];
			Assert.AreEqual ("2.5.29.15", ext.Oid.Value, "Oid-1");
			Assert.AreEqual ("03-02-07-80", BitConverter.ToString (ext.RawData), "RawData-1");
			Assert.IsTrue (ext.Critical, "Critical-1");
			X509KeyUsageExtension kue = (X509KeyUsageExtension) ext;
			Assert.AreEqual (X509KeyUsageFlags.DigitalSignature, kue.KeyUsages, "KeyUsages");
			ext = x.Extensions[2];
			Assert.AreEqual ("2.5.29.16", ext.Oid.Value, "Oid-2");
			Assert.AreEqual ("30-22-80-0F-31-39-39-36-30-38-30-37-30-37-34-39-30-30-5A-81-0F-31-39-39-36-30-39-30-37-30-37-34-39-30-30-5A", BitConverter.ToString (ext.RawData), "RawData-2");
			Assert.IsTrue (ext.Critical, "Critical-2");
			ext = x.Extensions[3];
			Assert.AreEqual ("2.5.29.32", ext.Oid.Value, "Oid-3");
			Assert.AreEqual ("30-0F-30-0D-06-0B-60-86-48-01-86-F8-45-01-07-01-01", BitConverter.ToString (ext.RawData), "RawData-3");
			Assert.IsFalse (ext.Critical, "Critical-3");
			ext = x.Extensions[4];
			Assert.AreEqual ("2.5.29.19", ext.Oid.Value, "Oid-4");
			Assert.AreEqual ("30-00", BitConverter.ToString (ext.RawData), "RawData-4");
			Assert.IsTrue (ext.Critical, "Critical-4");
			X509BasicConstraintsExtension bce = (X509BasicConstraintsExtension) ext;
			Assert.IsFalse (bce.CertificateAuthority, "CertificateAuthority");
			Assert.IsFalse (bce.HasPathLengthConstraint, "HasPathLengthConstraint");
			Assert.AreEqual (0, bce.PathLengthConstraint, "PathLengthConstraint");
			ext = x.Extensions[5];
			Assert.AreEqual ("2.16.840.1.113733.2.3", ext.Oid.Value, "Oid-5");
			Assert.AreEqual ("03-02-07-80", BitConverter.ToString (ext.RawData), "RawData-5");
			Assert.IsTrue (ext.Critical, "Critical-5");
			ext = x.Extensions[6];
			Assert.AreEqual ("2.16.840.1.113733.2.7", ext.Oid.Value, "Oid");
			Assert.AreEqual ("30-50-04-14-33-39-38-32-33-39-38-37-32-33-37-38-39-31-33-34-39-37-38-32-30-09-06-05-2B-0D-03-02-1A-05-00-16-0F-74-65-72-73-65-20-73-74-61-74-65-6D-65-6E-74-1D-00-16-1A-67-65-74-73-65-74-2D-63-65-6E-74-65-72-40-76-65-72-69-73-69-67-6E-2E-63-6F-6D", BitConverter.ToString (ext.RawData), "RawData-6");
			Assert.IsTrue (ext.Critical, "Critical");
		}
 string GetCommonName(X509Certificate2 cert)
 {
     return cert.GetNameInfo(X509NameType.SimpleName, false);
 }
Example #32
0
		public void Certificate_4_Properties ()
		{
			DateTime expectedNotAfter = new DateTime (630822812570000000,
				DateTimeKind.Utc);
			DateTime expectedNotBefore = new DateTime (629200220570000000,
				DateTimeKind.Utc);

			X509Certificate2 x = new X509Certificate2 (cert_4);
			Assert.IsFalse (x.Archived, "Archived");
			Assert.AreEqual (0, x.Extensions.Count, "Extensions");
			Assert.AreEqual (0, x.FriendlyName.Length, "FriendlyName");
			Assert.IsFalse (x.HasPrivateKey, "HasPrivateKey");
			Assert.AreEqual ("OU=Secure Server Certification Authority, O=\"RSA Data Security, Inc.\", C=US", x.Issuer, "Issuer");
			Assert.AreEqual ("OU=Secure Server Certification Authority, O=\"RSA Data Security, Inc.\", C=US", x.IssuerName.Name, "IssuerName");
			Assert.AreEqual (expectedNotAfter.Ticks, x.NotAfter.ToUniversalTime ().Ticks, "NotAfter#1");
			Assert.AreEqual (DateTimeKind.Local, x.NotAfter.Kind, "NotAfter#2");
			Assert.AreEqual (expectedNotAfter.ToLocalTime (), x.NotAfter, "NotAfter#3");
			Assert.AreEqual (expectedNotBefore.Ticks, x.NotBefore.ToUniversalTime ().Ticks, "NotBefore#1");
			Assert.AreEqual (DateTimeKind.Local, x.NotBefore.Kind, "NotBefore#2");
			Assert.AreEqual (expectedNotBefore.ToLocalTime (), x.NotBefore, "NotBefore#3");
			Assert.IsNull (x.PrivateKey, "PrivateKey");
			Assert.AreEqual ("<RSAKeyValue><Modulus>ks56wa6DPlqqiYNXrCUBdgytro4sN87rNXhkVAPlhEBRyb+PCOKKggjSFoY3VemxIQKtdmiBmgWiS8lLJWYiVmyIB4/3gVlthAdlcBNxdj6bd0zjUIlWmEi5HacpGhMuShFZnB4V1UlULHM6aYKxlzmcbXBnSOXdLdbIHns=</Modulus><Exponent>AQAB</Exponent></RSAKeyValue>", x.PublicKey.Key.ToXmlString (false), "PublicKey");
			Assert.AreEqual (cert_4, x.RawData, "RawData");
			Assert.AreEqual ("0241000001", x.SerialNumber, "SerialNumber");
			Assert.AreEqual ("1.2.840.113549.1.1.2", x.SignatureAlgorithm.Value, "SignatureAlgorithm");
			Assert.AreEqual ("OU=Secure Server Certification Authority, O=\"RSA Data Security, Inc.\", C=US", x.Subject, "Subject");
			Assert.AreEqual ("OU=Secure Server Certification Authority, O=\"RSA Data Security, Inc.\", C=US", x.SubjectName.Name, "SubjectName");
			Assert.AreEqual ("0D974461703713CB74932D2A75ACBC714B281266", x.Thumbprint, "Thumbprint");
			Assert.AreEqual (1, x.Version, "Version");

			Assert.AreEqual (String.Empty, x.GetNameInfo (X509NameType.DnsFromAlternativeName, true), "DnsFromAlternativeName,true");
			Assert.AreEqual (String.Empty, x.GetNameInfo (X509NameType.DnsName, true), "DnsName,true");
			Assert.AreEqual (String.Empty, x.GetNameInfo (X509NameType.EmailName, true), "EmailName,true");
			Assert.AreEqual ("Secure Server Certification Authority", x.GetNameInfo (X509NameType.SimpleName, true), "SimpleName,true");
			Assert.AreEqual (String.Empty, x.GetNameInfo (X509NameType.UpnName, true), "UpnName,true");
			Assert.AreEqual (String.Empty, x.GetNameInfo (X509NameType.UrlName, true), "UrlName,true");
			Assert.AreEqual (String.Empty, x.GetNameInfo (X509NameType.DnsFromAlternativeName, false), "DnsFromAlternativeName,false");
			Assert.AreEqual (String.Empty, x.GetNameInfo (X509NameType.DnsName, false), "DnsName,false");
			Assert.AreEqual (String.Empty, x.GetNameInfo (X509NameType.EmailName, false), "EmailName,false");
			Assert.AreEqual ("Secure Server Certification Authority", x.GetNameInfo (X509NameType.SimpleName, false), "SimpleName,false");
			Assert.AreEqual (String.Empty, x.GetNameInfo (X509NameType.UpnName, false), "UpnName,false");
			Assert.AreEqual (String.Empty, x.GetNameInfo (X509NameType.UrlName, false), "UrlName,false");
		}
Example #33
0
		public void Certificate_14_Properties ()
		{
			DateTime expectedNotAfter = new DateTime (633912839400000000,
				DateTimeKind.Utc);
			DateTime expectedNotBefore = new DateTime (630663336000000000,
				DateTimeKind.Utc);

			X509Certificate2 x = new X509Certificate2 (cert_14);
			Assert.IsFalse (x.Archived, "Archived");
			Assert.AreEqual (0, x.Extensions.Count, "Extensions");
			Assert.AreEqual (0, x.FriendlyName.Length, "FriendlyName");
			Assert.IsFalse (x.HasPrivateKey, "HasPrivateKey");
			Assert.AreEqual ("O=C&W HKT SecureNet CA Class A, C=hk", x.Issuer, "Issuer");
			Assert.AreEqual ("O=C&W HKT SecureNet CA Class A, C=hk", x.IssuerName.Name, "IssuerName");
			Assert.AreEqual (expectedNotAfter.Ticks, x.NotAfter.ToUniversalTime ().Ticks, "NotAfter#1");
			Assert.AreEqual (DateTimeKind.Local, x.NotAfter.Kind, "NotAfter#2");
			Assert.AreEqual (expectedNotAfter.ToLocalTime (), x.NotAfter, "NotAfter#3");
			Assert.AreEqual (expectedNotBefore.Ticks, x.NotBefore.ToUniversalTime ().Ticks, "NotBefore#1");
			Assert.AreEqual (DateTimeKind.Local, x.NotBefore.Kind, "NotBefore#2");
			Assert.AreEqual (expectedNotBefore.ToLocalTime (), x.NotBefore, "NotBefore#3");
			Assert.IsNull (x.PrivateKey, "PrivateKey");
			Assert.AreEqual ("<RSAKeyValue><Modulus>tBuiCqVMc2NGUUh0Y6i0jBbb9Mhn3qFIAv/Lo8+n39mxMeDjLihxBKZkWsZc/tCnuOo+Ctr7EX9/JCheyIqsbniqyKIYOZ5MUNHwmLXvpLIbYGu/+XO0C3X5Irvp5YGgldJ2THzTp/5dlRXtB9TH3mAwAO7yLpTxhjLlWVHo34CiKgDvPIhdEeMAX1TkDEcQbLD1+DN2HDRmW9S7NGM502aUOuzNIinz9hK71CEpN6VETd+JDAQMfUF7h/MWwUMpZLTWRWerhkxljwG36mOMTnhUREcaU4aMaxgnIQvFVmYOJfbgeaxoAHTpmmQ8SU6e4B3IiBtQBvddCfiNixP9XQ==</Modulus><Exponent>AQAB</Exponent></RSAKeyValue>", x.PublicKey.Key.ToXmlString (false), "PublicKey");
			Assert.AreEqual (cert_14, x.RawData, "RawData");
			Assert.AreEqual ("00", x.SerialNumber, "SerialNumber");
			Assert.AreEqual ("1.2.840.113549.1.1.4", x.SignatureAlgorithm.Value, "SignatureAlgorithm");
			Assert.AreEqual ("O=C&W HKT SecureNet CA Class A, C=hk", x.Subject, "Subject");
			Assert.AreEqual ("O=C&W HKT SecureNet CA Class A, C=hk", x.SubjectName.Name, "SubjectName");
			Assert.AreEqual ("9BACF3B664EAC5A17BED08437C72E4ACDA12F7E7", x.Thumbprint, "Thumbprint");
			Assert.AreEqual (1, x.Version, "Version");

			Assert.AreEqual (String.Empty, x.GetNameInfo (X509NameType.DnsFromAlternativeName, true), "DnsFromAlternativeName,true");
			Assert.AreEqual (String.Empty, x.GetNameInfo (X509NameType.DnsName, true), "DnsName,true");
			Assert.AreEqual (String.Empty, x.GetNameInfo (X509NameType.EmailName, true), "EmailName,true");
			Assert.AreEqual ("C&W HKT SecureNet CA Class A", x.GetNameInfo (X509NameType.SimpleName, true), "SimpleName,true");
			Assert.AreEqual (String.Empty, x.GetNameInfo (X509NameType.UpnName, true), "UpnName,true");
			Assert.AreEqual (String.Empty, x.GetNameInfo (X509NameType.UrlName, true), "UrlName,true");
			Assert.AreEqual (String.Empty, x.GetNameInfo (X509NameType.DnsFromAlternativeName, false), "DnsFromAlternativeName,false");
			Assert.AreEqual (String.Empty, x.GetNameInfo (X509NameType.DnsName, false), "DnsName,false");
			Assert.AreEqual (String.Empty, x.GetNameInfo (X509NameType.EmailName, false), "EmailName,false");
			Assert.AreEqual ("C&W HKT SecureNet CA Class A", x.GetNameInfo (X509NameType.SimpleName, false), "SimpleName,false");
			Assert.AreEqual (String.Empty, x.GetNameInfo (X509NameType.UpnName, false), "UpnName,false");
			Assert.AreEqual (String.Empty, x.GetNameInfo (X509NameType.UrlName, false), "UrlName,false");
		}
        public void SetUp(BenchmarkContext context)
        {
            TaskScheduler.UnobservedTaskException += (sender, args) => Console.WriteLine(args.Exception);

            this.ClientGroup = new MultithreadEventLoopGroup(1);
            this.ServerGroup = new MultithreadEventLoopGroup(1);
            this.WorkerGroup = new MultithreadEventLoopGroup();

            Encoding iso = Encoding.GetEncoding("ISO-8859-1");
            this.message = iso.GetBytes("ABC");

            this.inboundThroughputCounter = context.GetCounter(InboundThroughputCounterName);
            this.outboundThroughputCounter = context.GetCounter(OutboundThroughputCounterName);
            var counterHandler = new CounterHandlerInbound(this.inboundThroughputCounter);
            this.signal = new ManualResetEventSlimReadFinishedSignal(this.ResetEvent);

            // reserve up to 10mb of 16kb buffers on both client and server; we're only sending about 700k worth of messages
            this.serverBufferAllocator = new PooledByteBufferAllocator();
            this.clientBufferAllocator = new PooledByteBufferAllocator();

            Assembly assembly = typeof(TcpChannelPerfSpecs).Assembly;
            byte[] certificateData;
            using (Stream sourceStream = assembly.GetManifestResourceStream(assembly.GetManifestResourceNames()[0]))
            using (var tempStream = new MemoryStream())
            {
                sourceStream.CopyTo(tempStream);
                certificateData = tempStream.ToArray();
            }
            var tlsCertificate = new X509Certificate2(certificateData, "password");
            string targetHost = tlsCertificate.GetNameInfo(X509NameType.DnsName, false);

            ServerBootstrap sb = new ServerBootstrap()
                .Group(this.ServerGroup, this.WorkerGroup)
                .Channel<TcpServerSocketChannel>()
                .ChildOption(ChannelOption.Allocator, this.serverBufferAllocator)
                .ChildHandler(new ActionChannelInitializer<TcpSocketChannel>(channel =>
                {
                    channel.Pipeline
                        //.AddLast(TlsHandler.Server(tlsCertificate))
                        .AddLast(this.GetEncoder())
                        .AddLast(this.GetDecoder())
                        .AddLast(counterHandler)
                        .AddLast(new CounterHandlerOutbound(this.outboundThroughputCounter))
                        .AddLast(new ReadFinishedHandler(this.signal, WriteCount));
                }));

            Bootstrap cb = new Bootstrap()
                .Group(this.ClientGroup)
                .Channel<TcpSocketChannel>()
                .Option(ChannelOption.Allocator, this.clientBufferAllocator)
                .Handler(new ActionChannelInitializer<TcpSocketChannel>(
                    channel =>
                    {
                        channel.Pipeline
                            //.AddLast(TlsHandler.Client(targetHost, null, (sender, certificate, chain, errors) => true))
                            .AddLast(this.GetEncoder())
                            .AddLast(this.GetDecoder())
                            .AddLast(counterHandler)
                            .AddLast(new CounterHandlerOutbound(this.outboundThroughputCounter));
                    }));

            // start server
            this.serverChannel = sb.BindAsync(TEST_ADDRESS).Result;

            // connect to server
            this.clientChannel = cb.ConnectAsync(this.serverChannel.LocalAddress).Result;
        }
		//
		//
		// obj is SslStream
		public bool ValidateClientCertificate(object obj, X509Certificate certificate, X509Chain chain, SslPolicyErrors sslPolicyErrors)
		{
			m_log.InfoFormat("[NSL CERT VERIFY]: ValidateClientCertificate: Policy is ({0})", sslPolicyErrors);

			X509Certificate2 certificate2 = new X509Certificate2(certificate);
			string simplename = certificate2.GetNameInfo(X509NameType.SimpleName, false);

			// None, ChainErrors 以外は全てエラーとする.
			if (sslPolicyErrors!=SslPolicyErrors.None && sslPolicyErrors!=SslPolicyErrors.RemoteCertificateChainErrors) {
				m_log.InfoFormat("[NSL CERT VERIFY]: ValidateClientCertificate: Simple Name is \"{0}\"", simplename);
				m_log.InfoFormat("[NSL CERT VERIFY]: ValidateClientCertificate: Policy Error!");
				return false;
			}

			// check CRL
			if (m_clientcrl!=null) {
				Mono.Security.X509.X509Certificate monocert = new Mono.Security.X509.X509Certificate(certificate.GetRawCertData());
				Mono.Security.X509.X509Crl.X509CrlEntry entry = m_clientcrl.GetCrlEntry(monocert);
				if (entry!=null) {
					m_log.InfoFormat("[NSL CERT VERIFY]: Common Name \"{0}\" was revoked at {1}", simplename, entry.RevocationDate.ToString());
					return false;
				}
			}

			bool valid = CheckPrivateChain(certificate2);
			if (valid) {
				m_log.InfoFormat("[NSL CERT VERIFY]: Valid Client Certification for \"{0}\"", simplename);
 			}
			else {
				m_log.InfoFormat("[NSL CERT VERIFY]: Failed to Verify Client Certification for \"{0}\"", simplename);
			}
			return valid;
		}
Example #36
0
		private void CheckPkcs12 (X509Certificate2 x)
		{
			byte[] raw = new byte[] { 0x30, 0x82, 0x02, 0x1E, 0x30, 0x82, 0x01, 0x8B, 0xA0, 0x03, 0x02, 0x01, 0x02, 0x02, 0x10, 0x74, 0x8B, 0xCD, 0xD9, 0x86, 0x99, 0x9A, 0x91, 0x4A, 0x0C, 0xC3, 0xF4, 0xE1, 0x2F, 0xF5, 0x95, 0x30, 0x09, 0x06, 0x05, 0x2B, 0x0E, 0x03, 0x02, 0x1D, 0x05, 0x00, 0x30, 0x23, 0x31, 0x21, 0x30, 0x1F, 0x06, 0x03, 0x55, 0x04, 0x03, 0x13, 0x18, 0x4D, 0x6F, 0x6E, 0x6F, 0x20, 0x53, 0x53, 0x4C, 0x20, 0x49, 0x6E, 0x74, 0x65, 0x72, 0x6D, 0x65, 0x64, 0x69, 0x61, 0x74, 0x65, 0x20, 
				0x43, 0x41, 0x30, 0x1E, 0x17, 0x0D, 0x30, 0x33, 0x31, 0x31, 0x32, 0x37, 0x30, 0x32, 0x35, 0x37, 0x34, 0x32, 0x5A, 0x17, 0x0D, 0x33, 0x39, 0x31, 0x32, 0x33, 0x31, 0x32, 0x33, 0x35, 0x39, 0x35, 0x39, 0x5A, 0x30, 0x13, 0x31, 0x11, 0x30, 0x0F, 0x06, 0x03, 0x55, 0x04, 0x03, 0x13, 0x08, 0x46, 0x41, 0x52, 0x53, 0x43, 0x41, 0x50, 0x45, 0x30, 0x81, 0x9F, 0x30, 0x0D, 0x06, 0x09, 0x2A, 0x86, 0x48, 0x86, 0xF7, 0x0D, 0x01, 0x01, 0x01, 0x05, 0x00, 0x03, 0x81, 0x8D, 0x00, 0x30, 0x81, 0x89, 
				0x02, 0x81, 0x81, 0x00, 0xC4, 0x26, 0x3B, 0xE9, 0x49, 0x07, 0x39, 0x8C, 0x51, 0x34, 0x3B, 0x84, 0x4C, 0x27, 0x98, 0x70, 0x15, 0x79, 0xF1, 0xF4, 0x2A, 0x32, 0x82, 0xC3, 0xFA, 0xCF, 0x6E, 0x72, 0x37, 0xCE, 0x37, 0x55, 0x1F, 0xFA, 0x8F, 0x78, 0x4A, 0xA0, 0x0C, 0x9D, 0x44, 0x29, 0xF2, 0x81, 0xD9, 0x87, 0xD5, 0x94, 0x1A, 0xFC, 0x8D, 0xF8, 0x9D, 0xE0, 0xC5, 0xD2, 0x4A, 0x4F, 0x68, 0xD3, 0xAD, 0x65, 0x23, 0xB2, 0x4F, 0x48, 0x35, 0xB9, 0xFE, 0xE1, 0xDB, 0x6B, 0xE7, 0x41, 0x76, 0xEC, 
				0x0C, 0x5B, 0x3A, 0xE3, 0x07, 0xC9, 0x3D, 0x94, 0x48, 0xF2, 0xCF, 0x71, 0xAC, 0x2F, 0x71, 0x60, 0x15, 0x0E, 0xD5, 0x9A, 0xF8, 0x6C, 0x7F, 0xE9, 0xC0, 0x19, 0x18, 0x72, 0x09, 0xA1, 0xD6, 0xB8, 0xA9, 0x60, 0xD1, 0xC3, 0x18, 0x91, 0x98, 0xCE, 0x9A, 0x44, 0x3D, 0xCF, 0x63, 0x79, 0x41, 0x27, 0x18, 0xB3, 0x8E, 0x05, 0x02, 0x03, 0x01, 0x00, 0x01, 0xA3, 0x6B, 0x30, 0x69, 0x30, 0x13, 0x06, 0x03, 0x55, 0x1D, 0x25, 0x04, 0x0C, 0x30, 0x0A, 0x06, 0x08, 0x2B, 0x06, 0x01, 0x05, 0x05, 0x07, 
				0x03, 0x01, 0x30, 0x52, 0x06, 0x03, 0x55, 0x1D, 0x01, 0x04, 0x4B, 0x30, 0x49, 0x80, 0x10, 0x7C, 0x13, 0x05, 0xC9, 0xB9, 0x5A, 0xA3, 0x19, 0x3E, 0x7C, 0x0D, 0x7C, 0xE3, 0xF2, 0xD3, 0x36, 0xA1, 0x23, 0x30, 0x21, 0x31, 0x1F, 0x30, 0x1D, 0x06, 0x03, 0x55, 0x04, 0x03, 0x13, 0x16, 0x4D, 0x6F, 0x6E, 0x6F, 0x20, 0x55, 0x6E, 0x69, 0x74, 0x20, 0x54, 0x65, 0x73, 0x74, 0x20, 0x52, 0x6F, 0x6F, 0x74, 0x20, 0x43, 0x41, 0x82, 0x10, 0x1B, 0xFC, 0x61, 0x41, 0xD0, 0xCF, 0x41, 0xB9, 0x47, 0xEF, 
				0x21, 0x7D, 0x6A, 0x53, 0x32, 0x76, 0x30, 0x09, 0x06, 0x05, 0x2B, 0x0E, 0x03, 0x02, 0x1D, 0x05, 0x00, 0x03, 0x81, 0x81, 0x00, 0x94, 0xF8, 0xDA, 0xEF, 0x93, 0x6A, 0x23, 0x04, 0x6B, 0x2D, 0xC3, 0x1E, 0x57, 0xC9, 0x7E, 0xE1, 0xF6, 0x6C, 0x55, 0xB6, 0xAC, 0xAB, 0xA8, 0x67, 0x19, 0xCD, 0x1D, 0x32, 0x1C, 0xD7, 0x63, 0x13, 0x4F, 0x41, 0x85, 0xB0, 0x62, 0xB8, 0x04, 0x38, 0xD0, 0xD8, 0x18, 0x36, 0x80, 0xE2, 0x70, 0xE7, 0x11, 0x05, 0x7A, 0x2D, 0x5D, 0xC8, 0xAD, 0x29, 0x2E, 0x05, 0x54, 
				0x66, 0xE2, 0x8E, 0xCC, 0xDA, 0xEE, 0x19, 0x10, 0xB9, 0x37, 0x30, 0x83, 0x62, 0x9A, 0x10, 0xDB, 0x19, 0x41, 0x57, 0x37, 0x1A, 0x39, 0x54, 0x59, 0xE6, 0x6D, 0xDF, 0x1B, 0xCE, 0x6E, 0x78, 0x6A, 0x5F, 0x06, 0x26, 0x8D, 0xE0, 0x94, 0x52, 0xF4, 0x86, 0x9C, 0x42, 0x58, 0xF0, 0xEB, 0x71, 0xEB, 0xB8, 0x8E, 0xC9, 0x20, 0x84, 0xD5, 0x11, 0x58, 0x40, 0x4A, 0xE9, 0xD1, 0x8E, 0x2F, 0x9D, 0xD9, 0x8B, 0xD0, 0x55, 0xB8, 0x96 };
			Assert.IsFalse (x.Archived, "Archived");
			Assert.AreEqual (2, x.Extensions.Count, "Extensions");
			Assert.AreEqual (0, x.FriendlyName.Length, "FriendlyName");
			Assert.IsTrue (x.HasPrivateKey, "HasPrivateKey");
			Assert.AreEqual ("CN=Mono SSL Intermediate CA", x.Issuer, "Issuer");
			Assert.AreEqual ("CN=Mono SSL Intermediate CA", x.IssuerName.Name, "IssuerName");
			Assert.AreEqual (643445855990000000, x.NotAfter.ToUniversalTime ().Ticks, "NotAfter");
			Assert.AreEqual (632054986620000000, x.NotBefore.ToUniversalTime ().Ticks, "NotBefore");
			//Assert.IsNull (x.PrivateKey, "PrivateKey");
			Assert.AreEqual ("<RSAKeyValue><Modulus>xCY76UkHOYxRNDuETCeYcBV58fQqMoLD+s9ucjfON1Uf+o94SqAMnUQp8oHZh9WUGvyN+J3gxdJKT2jTrWUjsk9INbn+4dtr50F27AxbOuMHyT2USPLPcawvcWAVDtWa+Gx/6cAZGHIJoda4qWDRwxiRmM6aRD3PY3lBJxizjgU=</Modulus><Exponent>AQAB</Exponent></RSAKeyValue>", x.PublicKey.Key.ToXmlString (false), "PublicKey");
			Assert.AreEqual (raw, x.RawData, "RawData");
			Assert.AreEqual ("748BCDD986999A914A0CC3F4E12FF595", x.SerialNumber, "SerialNumber");
			Assert.AreEqual ("1.3.14.3.2.29", x.SignatureAlgorithm.Value, "SignatureAlgorithm");
			Assert.AreEqual ("CN=FARSCAPE", x.Subject, "Subject");
			Assert.AreEqual ("CN=FARSCAPE", x.SubjectName.Name, "SubjectName");
			Assert.AreEqual ("3029694B22B2EE6AEC9B78449E510F7C348DBA33", x.Thumbprint, "Thumbprint");
			Assert.AreEqual (3, x.Version, "Version");

			Assert.AreEqual (String.Empty, x.GetNameInfo (X509NameType.DnsFromAlternativeName, true), "DnsFromAlternativeName,true");
			Assert.AreEqual ("Mono SSL Intermediate CA", x.GetNameInfo (X509NameType.DnsName, true), "DnsName,true");
			Assert.AreEqual (String.Empty, x.GetNameInfo (X509NameType.EmailName, true), "EmailName,true");
			Assert.AreEqual ("Mono SSL Intermediate CA", x.GetNameInfo (X509NameType.SimpleName, true), "SimpleName,true");
			Assert.AreEqual (String.Empty, x.GetNameInfo (X509NameType.UpnName, true), "UpnName,true");
			Assert.AreEqual (String.Empty, x.GetNameInfo (X509NameType.UrlName, true), "UrlName,true");
			Assert.AreEqual (String.Empty, x.GetNameInfo (X509NameType.DnsFromAlternativeName, false), "DnsFromAlternativeName,false");
			Assert.AreEqual ("FARSCAPE", x.GetNameInfo (X509NameType.DnsName, false), "DnsName,false");
			Assert.AreEqual (String.Empty, x.GetNameInfo (X509NameType.EmailName, false), "EmailName,false");
			Assert.AreEqual ("FARSCAPE", x.GetNameInfo (X509NameType.SimpleName, false), "SimpleName,false");
			Assert.AreEqual (String.Empty, x.GetNameInfo (X509NameType.UpnName, false), "UpnName,false");
			Assert.AreEqual (String.Empty, x.GetNameInfo (X509NameType.UrlName, false), "UrlName,false");

			// extensions
			X509Extension ext = x.Extensions[0];
			Assert.AreEqual ("2.5.29.37", ext.Oid.Value, "Oid-0");
			Assert.AreEqual ("30-0A-06-08-2B-06-01-05-05-07-03-01", BitConverter.ToString (ext.RawData), "RawData-0");
			Assert.IsFalse (ext.Critical, "Critical-0");
			X509EnhancedKeyUsageExtension eku = (X509EnhancedKeyUsageExtension) ext;
			Assert.AreEqual (1, eku.EnhancedKeyUsages.Count, "EnhancedKeyUsages.Count");
			Assert.AreEqual ("1.3.6.1.5.5.7.3.1", eku.EnhancedKeyUsages[0].Value, "EnhancedKeyUsages[0]");
			ext = x.Extensions[1];
			Assert.AreEqual ("2.5.29.1", ext.Oid.Value, "Oid-1");
			Assert.AreEqual ("30-49-80-10-7C-13-05-C9-B9-5A-A3-19-3E-7C-0D-7C-E3-F2-D3-36-A1-23-30-21-31-1F-30-1D-06-03-55-04-03-13-16-4D-6F-6E-6F-20-55-6E-69-74-20-54-65-73-74-20-52-6F-6F-74-20-43-41-82-10-1B-FC-61-41-D0-CF-41-B9-47-EF-21-7D-6A-53-32-76", BitConverter.ToString (ext.RawData), "RawData-1");
			Assert.IsFalse (ext.Critical, "Critical-1");
		}