public static void BuildWithAllOptions()
{
byte[] data = { 1, 9, 7, 5, 0, 4, 0, 4 };
Oid requestedPolicyOid = new Oid("1.2.3", "1.2.3");
byte[] nonce = "0123456789".HexToByteArray();
X509ExtensionCollection extensionsIn = new X509ExtensionCollection
{
new X509Extension("1.2.3.4.5", new byte[] { 0x05, 0x00 }, false),
new X509Extension("0.1.2", new byte[] { 0x04, 0x00 }, false),
};
Rfc3161TimestampRequest req = Rfc3161TimestampRequest.CreateFromData(
data,
HashAlgorithmName.SHA512,
requestedPolicyOid,
nonce,
true,
extensionsIn);
Assert.NotNull(req);
Assert.Equal(512 / 8, req.GetMessageHash().Length);
Assert.Equal(Oids.Sha512, req.HashAlgorithmId.Value);
Assert.NotNull(req.RequestedPolicyId);
Assert.NotSame(requestedPolicyOid, req.RequestedPolicyId);
Assert.Equal(requestedPolicyOid.Value, req.RequestedPolicyId.Value);
Assert.True(req.GetNonce().HasValue, "req.GetNonce().HasValue");
Assert.Equal(nonce.ByteArrayToHex(), req.GetNonce().Value.ByteArrayToHex());
Assert.True(req.RequestSignerCertificate, "req.RequestSignerCertificate");
Assert.True(req.HasExtensions, "req.HasExtensions");
X509ExtensionCollection extensionsOut = req.GetExtensions();
Assert.NotSame(extensionsIn, extensionsOut);
Assert.Equal(extensionsIn.Count, extensionsOut.Count);
Assert.NotSame(extensionsIn[0], extensionsOut[0]);
Assert.NotSame(extensionsIn[0], extensionsOut[1]);
Assert.NotSame(extensionsIn[1], extensionsOut[0]);
Assert.NotSame(extensionsIn[1], extensionsOut[1]);
// Extensions is order-preserving
Assert.Equal(extensionsIn[0].Oid.Value, extensionsOut[0].Oid.Value);
Assert.Equal(extensionsIn[0].RawData, extensionsOut[0].RawData);
Assert.Equal(extensionsIn[1].Oid.Value, extensionsOut[1].Oid.Value);
Assert.Equal(extensionsIn[1].RawData, extensionsOut[1].RawData);
}
public static void EmptyNonce()
{
byte[] sha256 = new byte[256 / 8];
Rfc3161TimestampRequest req = Rfc3161TimestampRequest.CreateFromHash(
sha256,
HashAlgorithmName.SHA256,
nonce: Array.Empty <byte>());
Assert.Equal("00", req.GetNonce().Value.ByteArrayToHex());
}
public static void NoncePaddingZerosIgnored()
{
byte[] sha256 = new byte[256 / 8];
byte[] nonce = { 0x00, 0x00, 0xFE };
Rfc3161TimestampRequest req = Rfc3161TimestampRequest.CreateFromHash(
sha256,
HashAlgorithmName.SHA256,
nonce: nonce);
Assert.Equal("00FE", req.GetNonce().Value.ByteArrayToHex());
}
public static void NegativeNonceIsMadePositive()
{
byte[] sha256 = new byte[256 / 8];
byte[] nonce = { 0xFE };
Rfc3161TimestampRequest req = Rfc3161TimestampRequest.CreateFromHash(
sha256,
HashAlgorithmName.SHA256,
nonce: nonce);
Assert.Equal("00FE", req.GetNonce().Value.ByteArrayToHex());
}
private static void VerifyExpectedRequest(Rfc3161TimestampRequest request, bool viaSpan)
{
// Captured with Fiddler from a CryptRetrieveTimestamp call
const string ExpectedHex =
"30390201013031300D06096086480165030402010500042011806C2441295EA6" +
"97EA96EE4247C0F9C71EE7638863CB8E29CD941A488FCB5A0101FF";
Assert.Equal(1, request.Version);
Assert.Equal(
"11806C2441295EA697EA96EE4247C0F9C71EE7638863CB8E29CD941A488FCB5A",
request.GetMessageHash().ByteArrayToHex());
Assert.False(request.GetNonce().HasValue, "request.GetNonce().HasValue");
Assert.Equal("2.16.840.1.101.3.4.2.1", request.HashAlgorithmId.Value);
Assert.Null(request.RequestedPolicyId);
Assert.True(request.RequestSignerCertificate, "request.RequestSignerCertificate");
Assert.False(request.HasExtensions);
if (viaSpan)
{
// Twice as big as it needs to be.
byte[] buf = new byte[ExpectedHex.Length];
const byte FillByte = 0x55;
buf.AsSpan().Fill(FillByte);
// Too small
Assert.False(request.TryEncode(Span <byte> .Empty, out int bytesWritten));
Assert.Equal(0, bytesWritten);
const int WriteOffset = 7;
// Too small
Span <byte> dest = new Span <byte>(buf, WriteOffset, (ExpectedHex.Length / 2) - 1);
Assert.False(request.TryEncode(dest, out bytesWritten));
Assert.Equal(0, bytesWritten);
Assert.Equal(new string('5', buf.Length * 2), buf.ByteArrayToHex());
// Bigger than needed
dest = new Span <byte>(buf, WriteOffset, buf.Length - WriteOffset);
Assert.True(request.TryEncode(dest, out bytesWritten));
Assert.Equal(ExpectedHex.Length / 2, bytesWritten);
Assert.Equal(ExpectedHex, dest.Slice(0, bytesWritten).ByteArrayToHex());
Assert.Equal(FillByte, buf[WriteOffset - 1]);
Assert.Equal(FillByte, buf[WriteOffset + bytesWritten]);
// Reset
dest.Fill(FillByte);
// Perfectly sized
dest = dest.Slice(0, bytesWritten);
Assert.True(request.TryEncode(dest, out bytesWritten));
Assert.Equal(ExpectedHex.Length / 2, bytesWritten);
Assert.Equal(ExpectedHex, dest.ByteArrayToHex());
Assert.Equal(FillByte, buf[WriteOffset - 1]);
Assert.Equal(FillByte, buf[WriteOffset + bytesWritten]);
}
else
{
byte[] encoded = request.Encode();
Assert.Equal(ExpectedHex, encoded.ByteArrayToHex());
}
}