public IList <CertificateAndContext> GetCertificateBySubjectName(X509Name subjectName
)
{
IList <CertificateAndContext> list = new AList <CertificateAndContext>();
foreach (X509Certificate cert in GetCertificates())
{
if (subjectName.Equals(cert.SubjectDN))
{
CertificateAndContext cc = new CertificateAndContext(cert);
cc.SetCertificateSource(sourceType);
list.AddItem(cc);
}
}
return(list);
}
public override void PerformTest()
{
doTestEncodingPrintableString(X509Name.C, "AU");
doTestEncodingPrintableString(X509Name.SerialNumber, "123456");
doTestEncodingPrintableString(X509Name.DnQualifier, "123456");
doTestEncodingIA5String(X509Name.EmailAddress, "*****@*****.**");
doTestEncodingIA5String(X509Name.DC, "test");
// correct encoding
doTestEncodingGeneralizedTime(X509Name.DateOfBirth, "#180F32303032303132323132323232305A");
// compatability encoding
doTestEncodingGeneralizedTime(X509Name.DateOfBirth, "20020122122220Z");
//
// composite
//
IDictionary attrs = new Hashtable();
attrs.Add(X509Name.C, "AU");
attrs.Add(X509Name.O, "The Legion of the Bouncy Castle");
attrs.Add(X509Name.L, "Melbourne");
attrs.Add(X509Name.ST, "Victoria");
attrs.Add(X509Name.E, "*****@*****.**");
IList order = new ArrayList();
order.Add(X509Name.C);
order.Add(X509Name.O);
order.Add(X509Name.L);
order.Add(X509Name.ST);
order.Add(X509Name.E);
X509Name name1 = new X509Name(order, attrs);
if (!name1.Equivalent(name1))
{
Fail("Failed same object test");
}
if (!name1.Equivalent(name1, true))
{
Fail("Failed same object test - in Order");
}
X509Name name2 = new X509Name(order, attrs);
if (!name1.Equivalent(name2))
{
Fail("Failed same name test");
}
if (!name1.Equivalent(name2, true))
{
Fail("Failed same name test - in Order");
}
if (name1.GetHashCode() != name2.GetHashCode())
{
Fail("Failed same name test - in Order");
}
IList ord1 = new ArrayList();
ord1.Add(X509Name.C);
ord1.Add(X509Name.O);
ord1.Add(X509Name.L);
ord1.Add(X509Name.ST);
ord1.Add(X509Name.E);
IList ord2 = new ArrayList();
ord2.Add(X509Name.E);
ord2.Add(X509Name.ST);
ord2.Add(X509Name.L);
ord2.Add(X509Name.O);
ord2.Add(X509Name.C);
name1 = new X509Name(ord1, attrs);
name2 = new X509Name(ord2, attrs);
if (!name1.Equivalent(name2))
{
Fail("Failed reverse name test");
}
// FIXME Sort out X509Name hashcode problem
// if (name1.GetHashCode() != name2.GetHashCode())
// {
// Fail("Failed reverse name test GetHashCode");
// }
if (name1.Equivalent(name2, true))
{
Fail("Failed reverse name test - in Order");
}
if (!name1.Equivalent(name2, false))
{
Fail("Failed reverse name test - in Order false");
}
IList oids = name1.GetOidList();
if (!CompareVectors(oids, ord1))
{
Fail("oid comparison test");
}
IList val1 = new ArrayList();
val1.Add("AU");
val1.Add("The Legion of the Bouncy Castle");
val1.Add("Melbourne");
val1.Add("Victoria");
val1.Add("*****@*****.**");
name1 = new X509Name(ord1, val1);
IList values = name1.GetValueList();
if (!CompareVectors(values, val1))
{
Fail("value comparison test");
}
ord2 = new ArrayList();
ord2.Add(X509Name.ST);
ord2.Add(X509Name.ST);
ord2.Add(X509Name.L);
ord2.Add(X509Name.O);
ord2.Add(X509Name.C);
name1 = new X509Name(ord1, attrs);
name2 = new X509Name(ord2, attrs);
if (name1.Equivalent(name2))
{
Fail("Failed different name test");
}
ord2 = new ArrayList();
ord2.Add(X509Name.ST);
ord2.Add(X509Name.L);
ord2.Add(X509Name.O);
ord2.Add(X509Name.C);
name1 = new X509Name(ord1, attrs);
name2 = new X509Name(ord2, attrs);
if (name1.Equivalent(name2))
{
Fail("Failed subset name test");
}
compositeTest();
//
// getValues test
//
IList v1 = name1.GetValueList(X509Name.O);
if (v1.Count != 1 || !v1[0].Equals("The Legion of the Bouncy Castle"))
{
Fail("O test failed");
}
IList v2 = name1.GetValueList(X509Name.L);
if (v2.Count != 1 || !v2[0].Equals("Melbourne"))
{
Fail("L test failed");
}
//
// general subjects test
//
for (int i = 0; i != subjects.Length; i++)
{
X509Name name = new X509Name(subjects[i]);
byte[] encodedName = name.GetEncoded();
name = X509Name.GetInstance(Asn1Object.FromByteArray(encodedName));
if (!name.ToString().Equals(subjects[i]))
{
Fail("Failed regeneration test " + i);
}
}
//
// sort test
//
X509Name unsorted = new X509Name("SERIALNUMBER=BBB + CN=AA");
if (!FromBytes(unsorted.GetEncoded()).ToString().Equals("CN=AA+SERIALNUMBER=BBB"))
{
Fail("Failed sort test 1");
}
unsorted = new X509Name("CN=AA + SERIALNUMBER=BBB");
if (!FromBytes(unsorted.GetEncoded()).ToString().Equals("CN=AA+SERIALNUMBER=BBB"))
{
Fail("Failed sort test 2");
}
unsorted = new X509Name("SERIALNUMBER=B + CN=AA");
if (!FromBytes(unsorted.GetEncoded()).ToString().Equals("SERIALNUMBER=B+CN=AA"))
{
Fail("Failed sort test 3");
}
unsorted = new X509Name("CN=AA + SERIALNUMBER=B");
if (!FromBytes(unsorted.GetEncoded()).ToString().Equals("SERIALNUMBER=B+CN=AA"))
{
Fail("Failed sort test 4");
}
//
// equality tests
//
equalityTest(new X509Name("CN=The Legion"), new X509Name("CN=The Legion"));
equalityTest(new X509Name("CN= The Legion"), new X509Name("CN=The Legion"));
equalityTest(new X509Name("CN=The Legion "), new X509Name("CN=The Legion"));
equalityTest(new X509Name("CN= The Legion "), new X509Name("CN=The Legion"));
equalityTest(new X509Name("CN= the legion "), new X509Name("CN=The Legion"));
// # test
X509Name n1 = new X509Name("SERIALNUMBER=8,O=ABC,CN=ABC Class 3 CA,C=LT");
X509Name n2 = new X509Name("2.5.4.5=8,O=ABC,CN=ABC Class 3 CA,C=LT");
X509Name n3 = new X509Name("2.5.4.5=#130138,O=ABC,CN=ABC Class 3 CA,C=LT");
equalityTest(n1, n2);
equalityTest(n2, n3);
equalityTest(n3, n1);
n1 = new X509Name(true, "2.5.4.5=#130138,CN=SSC Class 3 CA,O=UAB Skaitmeninio sertifikavimo centras,C=LT");
n2 = new X509Name(true, "SERIALNUMBER=#130138,CN=SSC Class 3 CA,O=UAB Skaitmeninio sertifikavimo centras,C=LT");
n3 = X509Name.GetInstance(Asn1Object.FromByteArray(Hex.Decode("3063310b3009060355040613024c54312f302d060355040a1326"
+ "55414220536b6169746d656e696e696f20736572746966696b6176696d6f2063656e74726173311730150603550403130e53534320436c6173732033204341310a30080603550405130138")));
equalityTest(n1, n2);
equalityTest(n2, n3);
equalityTest(n3, n1);
n1 = new X509Name("SERIALNUMBER=8,O=XX,CN=ABC Class 3 CA,C=LT");
n2 = new X509Name("2.5.4.5=8,O=,CN=ABC Class 3 CA,C=LT");
if (n1.Equivalent(n2))
{
Fail("empty inequality check failed");
}
n1 = new X509Name("SERIALNUMBER=8,O=,CN=ABC Class 3 CA,C=LT");
n2 = new X509Name("2.5.4.5=8,O=,CN=ABC Class 3 CA,C=LT");
equalityTest(n1, n2);
//
// inequality to sequences
//
name1 = new X509Name("CN=The Legion");
if (name1.Equals(DerSequence.Empty))
{
Fail("inequality test with sequence");
}
if (name1.Equals(new DerSequence(DerSet.Empty)))
{
Fail("inequality test with sequence and set");
}
Asn1EncodableVector v = new Asn1EncodableVector(
new DerObjectIdentifier("1.1"),
new DerObjectIdentifier("1.1"));
if (name1.Equals(new DerSequence(new DerSet(new DerSet(v)))))
{
Fail("inequality test with sequence and bad set");
}
// if (name1.Equals(new DerSequence(new DerSet(new DerSet(v))), true))
// {
// Fail("inequality test with sequence and bad set");
// }
try
{
X509Name.GetInstance(new DerSequence(new DerSet(new DerSet(v))));
Fail("GetInstance should reject bad sequence");
}
catch (ArgumentException)
{
//expected
}
if (name1.Equals(new DerSequence(new DerSet(DerSequence.Empty))))
{
Fail("inequality test with sequence and short sequence");
}
// if (name1.Equals(new DerSequence(new DerSet(DerSequence.Empty)), true))
// {
// Fail("inequality test with sequence and short sequence");
// }
try
{
X509Name.GetInstance(new DerSequence(new DerSet(DerSequence.Empty)));
Fail("GetInstance should reject short sequence");
}
catch (ArgumentException)
{
//expected
}
v = new Asn1EncodableVector(
new DerObjectIdentifier("1.1"),
DerSequence.Empty);
if (name1.Equals(new DerSequence(new DerSet(new DerSequence(v)))))
{
Fail("inequality test with sequence and bad sequence");
}
if (name1.Equivalent(null))
{
Fail("inequality test with null");
}
if (name1.Equivalent(null, true))
{
Fail("inequality test with null");
}
//
// this is contrived but it checks sorting of sets with equal elements
//
unsorted = new X509Name("CN=AA + CN=AA + CN=AA");
//
// tagging test - only works if CHOICE implemented
//
/*
* ASN1TaggedObject tag = new DERTaggedObject(false, 1, new X509Name("CN=AA"));
*
* if (!tag.isExplicit())
* {
* Fail("failed to explicitly tag CHOICE object");
* }
*
* X509Name name = X509Name.getInstance(tag, false);
*
* if (!name.equals(new X509Name("CN=AA")))
* {
* Fail("failed to recover tagged name");
* }
*/
DerUtf8String testString = new DerUtf8String("The Legion of the Bouncy Castle");
byte[] encodedBytes = testString.GetEncoded();
string hexEncodedString = "#" + Hex.ToHexString(encodedBytes);
DerUtf8String converted = (DerUtf8String)
new X509DefaultEntryConverter().GetConvertedValue(
X509Name.L, hexEncodedString);
if (!converted.Equals(testString))
{
Fail("Failed X509DefaultEntryConverter test");
}
//
// try escaped.
//
converted = (DerUtf8String) new X509DefaultEntryConverter().GetConvertedValue(
X509Name.L, "\\" + hexEncodedString);
if (!converted.Equals(new DerUtf8String(hexEncodedString)))
{
Fail("Failed X509DefaultEntryConverter test got " + converted + " expected: " + hexEncodedString);
}
//
// try a weird value
//
X509Name n = new X509Name("CN=\\#nothex#string");
if (!n.ToString().Equals("CN=\\#nothex#string"))
{
Fail("# string not properly escaped.");
}
IList vls = n.GetValueList(X509Name.CN);
if (vls.Count != 1 || !vls[0].Equals("#nothex#string"))
{
Fail("Escaped # not reduced properly");
}
n = new X509Name("CN=\"a+b\"");
vls = n.GetValueList(X509Name.CN);
if (vls.Count != 1 || !vls[0].Equals("a+b"))
{
Fail("Escaped + not reduced properly");
}
n = new X509Name("CN=a\\+b");
vls = n.GetValueList(X509Name.CN);
if (vls.Count != 1 || !vls[0].Equals("a+b"))
{
Fail("Escaped + not reduced properly");
}
if (!n.ToString().Equals("CN=a\\+b"))
{
Fail("+ in string not properly escaped.");
}
n = new X509Name("CN=a\\=b");
vls = n.GetValueList(X509Name.CN);
if (vls.Count != 1 || !vls[0].Equals("a=b"))
{
Fail("Escaped = not reduced properly");
}
if (!n.ToString().Equals("CN=a\\=b"))
{
Fail("= in string not properly escaped.");
}
n = new X509Name("TELEPHONENUMBER=\"+61999999999\"");
vls = n.GetValueList(X509Name.TelephoneNumber);
if (vls.Count != 1 || !vls[0].Equals("+61999999999"))
{
Fail("telephonenumber escaped + not reduced properly");
}
n = new X509Name("TELEPHONENUMBER=\\+61999999999");
vls = n.GetValueList(X509Name.TelephoneNumber);
if (vls.Count != 1 || !vls[0].Equals("+61999999999"))
{
Fail("telephonenumber escaped + not reduced properly");
}
n = new X509Name(@"TELEPHONENUMBER=\+61999999999");
vls = n.GetValueList(X509Name.TelephoneNumber);
if (vls.Count != 1 || !vls[0].Equals("+61999999999"))
{
Fail("telephonenumber escaped + not reduced properly");
}
}
public X509CertificateEntry[] getCertificateChain(
String alias)
{
if (alias == null)
{
throw new ArgumentException("null alias passed to getCertificateChain.");
}
X509CertificateEntry c = getCertificate(alias);
if (c != null)
{
ArrayList cs = new ArrayList();
while (c != null)
{
X509Certificate x509c = c.getCertificate();
X509CertificateEntry nextC = null;
X509Extension ext = x509c.getExtensionValue(X509Extensions.AuthorityKeyIdentifier.getId());
if (ext != null)
{
ASN1InputStream aIn = new ASN1InputStream(new MemoryStream(ext.getValue().getOctets()));
AuthorityKeyIdentifier id = new AuthorityKeyIdentifier((ASN1Sequence)aIn.readObject());
if (id.getKeyIdentifier() != null)
{
nextC = (X509CertificateEntry)chainCerts[new CertId(id.getKeyIdentifier())];
}
}
if (nextC == null)
{
//
// no authority key id, try the Issuer DN
//
X509Name i = x509c.getIssuerDN();
X509Name s = x509c.getSubjectDN();
if (!i.Equals(s))
{
IEnumerator e = chainCerts.Keys.GetEnumerator();
while (e.MoveNext())
{
X509Certificate crt = ((X509CertificateEntry)chainCerts[e.Current]).getCertificate();
X509Name sub = crt.getSubjectDN();
if (sub.Equals(i))
{
try
{
x509c.verify(crt.getPublicKey());
nextC = ((X509CertificateEntry)chainCerts[e.Current]);
break;
}
catch
{
// continue
}
}
}
}
}
cs.Add(c);
if (nextC != c) // self signed - end of the chain
{
c = nextC;
}
else
{
c = null;
}
}
X509CertificateEntry[] certChain = new X509CertificateEntry[cs.Count];
for (int i = 0; i != certChain.Length; i++)
{
certChain[i] = (X509CertificateEntry)cs[i];
}
return(certChain);
}
return(null);
}
