public void Read_WithExtensions_ReturnsInstance()
{
var extensionsGenerator = new X509ExtensionsGenerator();
extensionsGenerator.AddExtension(
new DerObjectIdentifier("1.2.3.4.5.1"), critical: true, extValue: new byte[1] {
1
});
extensionsGenerator.AddExtension(
new DerObjectIdentifier("1.2.3.4.5.2"), critical: false, extValue: new byte[1] {
2
});
var extensions = extensionsGenerator.Generate();
var test = new Test()
{
Extensions = extensions
};
var bcTstInfo = test.CreateBcTstInfo();
var tstInfo = TstInfo.Read(bcTstInfo.GetDerEncoded());
Verify(test, tstInfo);
Verify(bcTstInfo, tstInfo);
}
public void Read_WithOnlyRequiredFields_ReturnsInstance()
{
var test = new Test();
var bcTstInfo = test.CreateBcTstInfo();
var tstInfo = TstInfo.Read(bcTstInfo.GetDerEncoded());
Verify(test, tstInfo);
Verify(bcTstInfo, tstInfo);
}
public void Read_WithNonce_ReturnsInstance()
{
var test = new Test()
{
Nonce = GetRandomInteger().ToByteArray()
};
var bcTstInfo = test.CreateBcTstInfo();
var tstInfo = TstInfo.Read(bcTstInfo.GetDerEncoded());
Verify(test, tstInfo);
Verify(bcTstInfo, tstInfo);
}
public void Read_WithOrdering_ReturnsInstance(bool?ordering)
{
var test = new Test()
{
Ordering = ordering
};
var bcTstInfo = test.CreateBcTstInfo();
var tstInfo = TstInfo.Read(bcTstInfo.GetDerEncoded());
Verify(test, tstInfo);
Verify(bcTstInfo, tstInfo);
}
public void Read_WithAccuracy_ReturnsInstance(int?seconds, int?milliseconds, int?microseconds)
{
var test = new Test()
{
Accuracy = GetBcAccuracy(seconds, milliseconds, microseconds)
};
var bcTstInfo = test.CreateBcTstInfo();
var tstInfo = TstInfo.Read(bcTstInfo.GetDerEncoded());
Verify(test, tstInfo);
Verify(bcTstInfo, tstInfo);
}
public void Read_WithTsa_ReturnsInstance()
{
var tsa = new BcGeneralName(new X509Name("C=US,ST=WA,L=Redmond,O=NuGet,CN=NuGet Test Certificate"));
var test = new Test()
{
Tsa = tsa
};
var bcTstInfo = test.CreateBcTstInfo();
var tstInfo = TstInfo.Read(bcTstInfo.GetDerEncoded());
Verify(test, tstInfo);
Verify(bcTstInfo, tstInfo);
}
/// <summary>
/// Verify the signature file, e.g. x.SF using the corresponding signature block, e.g. x.RSA
/// </summary>
/// <returns>True if the verification is successful, false otherwise.</returns>
private bool VerifySignatureRsa()
{
Timestamps.Clear();
byte[] signatureBlockBytes = JarUtils.ReadBytes(ArchivePath, SignatureBlockFilePath);
byte[] signatureFileBytes = JarUtils.ReadBytes(ArchivePath, SignatureFilePath);
SHA256Managed sha = new SHA256Managed();
byte[] hash = sha.ComputeHash(signatureFileBytes);
ContentInfo ci = new ContentInfo(signatureFileBytes);
SignedCms cms = new SignedCms(ci, detached: true);
cms.Decode(signatureBlockBytes);
try
{
cms.CheckSignature(verifySignatureOnly: true);
// See if we can retrieve a timestamp
foreach (SignerInfo signerInfo in cms.SignerInfos)
{
foreach (CryptographicAttributeObject unsignedAttribute in signerInfo.UnsignedAttributes)
{
if (String.Equals(unsignedAttribute.Oid.Value, WinCrypt.szOID_SIGNATURE_TIMESTAMP_ATTRIBUTE, StringComparison.OrdinalIgnoreCase))
{
Pkcs9AttributeObject timestampAttribute = new Pkcs9AttributeObject(unsignedAttribute.Values[0]);
SignedCms timestampCms = new SignedCms();
timestampCms.Decode(timestampAttribute.RawData);
TstInfo timestampToken = TstInfo.Read(timestampCms.ContentInfo.Content);
foreach (SignerInfo timestampSigner in timestampCms.SignerInfos)
{
foreach (CryptographicAttributeObject sa in timestampSigner.SignedAttributes)
{
if (String.Equals(sa.Oid.Value, WinCrypt.szOID_RSA_signingTime, StringComparison.OrdinalIgnoreCase))
{
var signingTime = (Pkcs9SigningTime)sa.Values[0];
X509Certificate2 timestampSignerCert = timestampSigner.Certificate;
Timestamps.Add(new Timestamp
{
SignedOn = signingTime.SigningTime.ToLocalTime(),
EffectiveDate = Convert.ToDateTime(timestampSignerCert.GetEffectiveDateString()).ToLocalTime(),
ExpiryDate = Convert.ToDateTime(timestampSignerCert.GetExpirationDateString()).ToLocalTime(),
SignatureAlgorithm = timestampSignerCert.SignatureAlgorithm.FriendlyName
});
}
}
}
}
}
}
}
catch (CryptographicException ce)
{
JarError.AddError(ce.Message);
return(false);
}
// If there were no exceptions logged then signature verification should be good.
return(true);
}
public void Read_WithInvalidAsn1_Throws()
{
Assert.Throws <CryptographicException>(
() => TstInfo.Read(new byte[] { 0x30, 0x0b }));
}