private static void AddObsoleteAlgorithm()
{
const int id = 0x7d;
if (HashAlgorithm.GetById(id) != null)
{
return;
}
Type type = typeof(HashAlgorithm);
FieldInfo info = type.GetField("Values", BindingFlags.NonPublic | BindingFlags.Static);
if (info == null)
{
throw new Exception("Cannot get static variable Values from HashAlgorithm.");
}
Type[] paramTypes = new Type[] { typeof(string), typeof(byte), typeof(int), typeof(HashAlgorithm.AlgorithmStatus), typeof(string[]), typeof(ulong?), typeof(ulong?) };
ConstructorInfo ci = typeof(HashAlgorithm).GetConstructor(BindingFlags.Instance | BindingFlags.NonPublic, null, paramTypes, null);
if (ci == null)
{
throw new Exception("Cannot get HashAlgorithm constuctor.");
}
HashAlgorithm[] values = (HashAlgorithm[])info.GetValue(null);
object[] paramValues = new object[] { "TEST_ALGO", (byte)id, 10, HashAlgorithm.AlgorithmStatus.Normal, null, (ulong?)1467331200, (ulong?)1467331200 };
HashAlgorithm testHashAlgorithm = (HashAlgorithm)ci.Invoke(paramValues);
List <HashAlgorithm> list = new List <HashAlgorithm>(values)
{
testHashAlgorithm
};
info.SetValue(null, list.ToArray());
}
/// <summary>
/// Parse child tag
/// </summary>
protected override ITlvTag ParseChild(ITlvTag childTag)
{
switch (childTag.Type)
{
case Constants.AggregationHashChain.AggregationTimeTagType:
return(_aggregationTime = GetIntegerTag(childTag));
case Constants.AggregationHashChain.ChainIndexTagType:
IntegerTag chainIndexTag = GetIntegerTag(childTag);
_chainIndex.Add(chainIndexTag);
return(chainIndexTag);
case Constants.AggregationHashChain.InputDataTagType:
return(_inputData = GetRawTag(childTag));
case Constants.AggregationHashChain.InputHashTagType:
return(_inputHash = GetImprintTag(childTag));
case Constants.AggregationHashChain.AggregationAlgorithmIdTagType:
IntegerTag aggrAlgorithmTag = GetIntegerTag(childTag);
_aggrAlgorithm = HashAlgorithm.GetById((byte)aggrAlgorithmTag.Value);
return(aggrAlgorithmTag);
case (uint)LinkDirection.Left:
case (uint)LinkDirection.Right:
Link linkTag = childTag as Link ?? new Link(childTag);
_links.Add(linkTag);
return(linkTag);
default:
return(base.ParseChild(childTag));
}
}
public void TestAlgorithmGetById()
{
HashAlgorithm algorithm = HashAlgorithm.GetById(1);
Assert.AreEqual(1u, algorithm.Id, "Hash algorithm id should be correct");
Assert.AreEqual("SHA-256", algorithm.Name, "Hash algorithm name should be correct");
Assert.AreEqual(HashAlgorithm.AlgorithmStatus.Normal, algorithm.Status, "Hash algorithm status should be correct");
Assert.AreEqual(32, algorithm.Length, "Hash algorithm length should be correct");
Assert.AreEqual(HashAlgorithm.Sha2256, algorithm);
}
public void TestAlgorithmGetByIdInvalid()
{
Assert.That(delegate
{
HashAlgorithm.GetById(3);
}, Throws.TypeOf <HashingException>().With.Message.StartWith("Invalid hash algorithm"), "Id 3 should be invalid");
Assert.That(delegate
{
HashAlgorithm.GetById(0x7E);
}, Throws.TypeOf <HashingException>().With.Message.StartWith("Invalid hash algorithm"), "Id 7E should be invalid");
}
/// <summary>
/// Parse child tag
/// </summary>
protected override ITlvTag ParseChild(ITlvTag childTag)
{
switch (childTag.Type)
{
case Constants.Rfc3161Record.AggregationTimeTagType:
return(_aggregationTime = GetIntegerTag(childTag));
case Constants.Rfc3161Record.ChainIndexTagType:
IntegerTag chainTag = GetIntegerTag(childTag);
_chainIndex.Add(chainTag);
return(chainTag);
case Constants.Rfc3161Record.InputHashTagType:
return(_inputHash = GetImprintTag(childTag));
case Constants.Rfc3161Record.TstInfoPrefixTagType:
return(_tstInfoPrefix = GetRawTag(childTag));
case Constants.Rfc3161Record.TstInfoSuffixTagType:
return(_tstInfoSuffix = GetRawTag(childTag));
case Constants.Rfc3161Record.TstInfoAlgorithmTagType:
IntegerTag tstInfoAlgorithmTag = GetIntegerTag(childTag);
_tstInfoAlgorithm = HashAlgorithm.GetById((byte)tstInfoAlgorithmTag.Value);
return(tstInfoAlgorithmTag);
case Constants.Rfc3161Record.SignedAttributesPrefixTagType:
return(_signedAttributesPrefix = GetRawTag(childTag));
case Constants.Rfc3161Record.SignedAttributesSuffixTagType:
return(_signedAttributesSuffix = GetRawTag(childTag));
case Constants.Rfc3161Record.SignedAttributesAlgorithmTagType:
IntegerTag signedAttributesAlgorithmTag = GetIntegerTag(childTag);
_signedAttributesAlgorithm = HashAlgorithm.GetById((byte)signedAttributesAlgorithmTag.Value);
return(signedAttributesAlgorithmTag);
default:
return(base.ParseChild(childTag));
}
}
public void TestAlgorithmGetByIdWithInvalidId()
{
HashAlgorithm algorithm = HashAlgorithm.GetById(255);
Assert.IsNull(algorithm, "Algorithm should not be found with given id");
}
/// <see cref="VerificationRule.Verify" />
public override VerificationResult Verify(IVerificationContext context)
{
ReadOnlyCollection <AggregationHashChain> aggregationHashChains = GetAggregationHashChains(GetSignature(context), true);
foreach (AggregationHashChain aggregationHashChain in aggregationHashChains)
{
foreach (AggregationHashChain.Link link in aggregationHashChain.GetChainLinks())
{
if (link.Metadata == null)
{
continue;
}
AggregationHashChain.Metadata.PaddingTag paddingTag = link.Metadata.Padding;
if (paddingTag != null)
{
bool isValid = true;
string message = null;
if (paddingTag.Index != 0)
{
isValid = false;
message = "Padding is not the first element.";
}
if (isValid && paddingTag.IsReadAsTlv16 != false)
{
isValid = false;
message = "Padding is not tlv8.";
}
if (isValid && (!paddingTag.NonCritical || !paddingTag.Forward))
{
isValid = false;
message = "Non-critical and forward flags must be set.";
}
if (isValid && !paddingTag.HasKnownValue())
{
isValid = false;
message = "Unknown padding value.";
}
if (isValid && Util.GetTlvLength(link.Metadata) % 2 != 0)
{
isValid = false;
message = "Invalid padding value.";
}
if (!isValid)
{
Logger.Debug("Metadata with padding may not be trusted. " + message + " Metadata: " + link.Metadata);
return(new VerificationResult(GetRuleName(), VerificationResultCode.Fail, VerificationError.Int11));
}
}
else
{
byte[] metadata = link.Metadata.EncodeValue();
if (metadata.Length == 0)
{
continue;
}
byte hashAlgorithmId = metadata[0];
if (HashAlgorithm.IsInvalidAlgorithm(hashAlgorithmId))
{
continue;
}
HashAlgorithm hashAlgorithm = HashAlgorithm.GetById(hashAlgorithmId);
if (hashAlgorithm != null && hashAlgorithm.Length == metadata.Length - 1)
{
Logger.Debug("Metadata without padding may not be trusted. Metadata: " + link.Metadata);
return(new VerificationResult(GetRuleName(), VerificationResultCode.Fail, VerificationError.Int11));
}
}
}
}
return(new VerificationResult(GetRuleName(), VerificationResultCode.Ok));
}
