public void Create_WithCertificate_InitializesFields()
{
using (var certificate = _fixture.GetDefaultCertificate())
{
var issuerSerial = IssuerSerial.Create(certificate);
Assert.Equal(1, issuerSerial.GeneralNames.Count);
Assert.Equal(certificate.IssuerName.Name, issuerSerial.GeneralNames[0].DirectoryName.Name);
SignTestUtility.VerifySerialNumber(certificate, issuerSerial);
}
}
public void Create_WithLargePositiveSerialNumber_ReturnsIssuerSerial()
{
using (var certificate = SigningTestUtility.GenerateCertificate("test", generator =>
{
generator.SetSerialNumber(BigInteger.ValueOf(long.MaxValue));
}))
{
var issuerSerial = IssuerSerial.Create(certificate);
SignTestUtility.VerifySerialNumber(certificate, issuerSerial);
}
}
public void Create_WithSmallSerialNumber_ReturnsIssuerSerial()
{
using (var certificate = SigningTestUtility.GenerateCertificate("test", generator =>
{
generator.SetSerialNumber(BigInteger.One);
}))
{
var issuerSerial = IssuerSerial.Create(certificate);
SignTestUtility.VerifySerialNumber(certificate, issuerSerial);
}
}
private static void VerifyAttributes(
CryptographicAttributeObjectCollection attributes,
SignPackageRequest request)
{
var pkcs9SigningTimeAttributeFound = false;
var commitmentTypeIndicationAttributeFound = false;
var signingCertificateV2AttributeFound = false;
foreach (var attribute in attributes)
{
Assert.Equal(1, attribute.Values.Count);
switch (attribute.Oid.Value)
{
case "1.2.840.113549.1.9.5": // PKCS #9 signing time
Assert.IsType <Pkcs9SigningTime>(attribute.Values[0]);
pkcs9SigningTimeAttributeFound = true;
break;
case Oids.CommitmentTypeIndication:
var qualifier = CommitmentTypeQualifier.Read(attribute.Values[0].RawData);
var expectedCommitmentType = AttributeUtility.GetSignatureTypeOid(request.SignatureType);
Assert.Equal(expectedCommitmentType, qualifier.CommitmentTypeIdentifier.Value);
commitmentTypeIndicationAttributeFound = true;
break;
case Oids.SigningCertificateV2:
var signingCertificateV2 = SigningCertificateV2.Read(attribute.Values[0].RawData);
Assert.Equal(1, signingCertificateV2.Certificates.Count);
var essCertIdV2 = signingCertificateV2.Certificates[0];
Assert.Equal(SignTestUtility.GetHash(request.Certificate, request.SignatureHashAlgorithm), essCertIdV2.CertificateHash);
Assert.Equal(request.SignatureHashAlgorithm.ConvertToOidString(), essCertIdV2.HashAlgorithm.Algorithm.Value);
Assert.Equal(request.Certificate.IssuerName.Name, essCertIdV2.IssuerSerial.GeneralNames[0].DirectoryName.Name);
SignTestUtility.VerifySerialNumber(request.Certificate, essCertIdV2.IssuerSerial);
Assert.Null(signingCertificateV2.Policies);
signingCertificateV2AttributeFound = true;
break;
}
}
Assert.True(pkcs9SigningTimeAttributeFound);
Assert.True(commitmentTypeIndicationAttributeFound);
Assert.True(signingCertificateV2AttributeFound);
}
public void Create_WithSha512_ReturnsEssCertIdV2()
{
var hashAlgorithmName = HashAlgorithmName.SHA512;
using (var certificate = _fixture.GetDefaultCertificate())
{
var essCertIdV2 = EssCertIdV2.Create(certificate, hashAlgorithmName);
Assert.Equal(SignTestUtility.GetHash(certificate, hashAlgorithmName), essCertIdV2.CertificateHash);
Assert.Equal(Oids.Sha512, essCertIdV2.HashAlgorithm.Algorithm.Value);
Assert.Equal(1, essCertIdV2.IssuerSerial.GeneralNames.Count);
Assert.Equal(certificate.IssuerName.Name, essCertIdV2.IssuerSerial.GeneralNames[0].DirectoryName.Name);
SignTestUtility.VerifySerialNumber(certificate, essCertIdV2.IssuerSerial);
}
}
public void Create_WithValidInput_ReturnsSigningCertificateV2(HashAlgorithmName hashAlgorithmName)
{
using (var certificate = _fixture.GetDefaultCertificate())
{
var signingCertificateV2 = SigningCertificateV2.Create(certificate, hashAlgorithmName);
Assert.Equal(1, signingCertificateV2.Certificates.Count);
var essCertIdV2 = signingCertificateV2.Certificates[0];
Assert.Equal(hashAlgorithmName, CryptoHashUtility.OidToHashAlgorithmName(essCertIdV2.HashAlgorithm.Algorithm.Value));
Assert.Equal(SignTestUtility.GetHash(certificate, hashAlgorithmName), essCertIdV2.CertificateHash);
Assert.Equal(1, essCertIdV2.IssuerSerial.GeneralNames.Count);
Assert.Equal(certificate.IssuerName.Name, essCertIdV2.IssuerSerial.GeneralNames[0].DirectoryName.Name);
SignTestUtility.VerifySerialNumber(certificate, essCertIdV2.IssuerSerial);
Assert.Null(signingCertificateV2.Policies);
}
}