public void SubTest() { X509Certificate2 x509 = new X509Certificate2(@"C:\Users\bxu.CHINA\Desktop\HYD-801\1234\cert\ABCFR_ABCFRALMMACC1.crt"); //X509Certificate2 x509 = new X509Certificate2(@"..\..\..\ApacheQpidClient\certificates\LiquidCapital\LCMLO_ABCFRALMMACC1.crt"); byte[] rawdata = x509.RawData; Console.WriteLine("Content Type: {0}{1}", X509Certificate2.GetCertContentType(rawdata), Environment.NewLine); Console.WriteLine("Friendly Name: {0}{1}", x509.FriendlyName, Environment.NewLine); Console.WriteLine("Certificate Verified?: {0}{1}", x509.Verify(), Environment.NewLine); Console.WriteLine("Simple Name: {0}{1}", x509.GetNameInfo(X509NameType.SimpleName, true), Environment.NewLine); Console.WriteLine("Signature Algorithm: {0}{1}", x509.SignatureAlgorithm.FriendlyName, Environment.NewLine); // Console.WriteLine("Private Key: {0}{1}", x509.PrivateKey.ToXmlString(false), Environment.NewLine); // cer里面并没有私钥信息 Console.WriteLine("Public Key: {0}{1}", x509.PublicKey.Key.ToXmlString(false), Environment.NewLine); Console.WriteLine("Certificate Archived?: {0}{1}", x509.Archived, Environment.NewLine); Console.WriteLine("Length of Raw Data: {0}{1}", x509.RawData.Length, Environment.NewLine); Console.WriteLine("SubjectName: {0}{1}", x509.SubjectName, Environment.NewLine); Console.WriteLine("Subject: {0}{1}", x509.Subject, Environment.NewLine); }
// Helper methods private static void IndexFolder(string folderName, StringBuilder sb, bool noProgress, bool verify) { // Process all file in folder foreach (var fileName in Directory.GetFiles(folderName)) { if (!_certExts.Contains(Path.GetExtension(fileName).ToLowerInvariant())) { continue; } // Get basic cert properties var cert = new System.Security.Cryptography.X509Certificates.X509Certificate2(fileName); var serialNumberHex = "0x" + cert.GetSerialNumberString(); var serialNumberDec = uint.Parse(cert.GetSerialNumberString(), System.Globalization.NumberStyles.HexNumber); var email = cert.GetNameInfo(System.Security.Cryptography.X509Certificates.X509NameType.EmailName, false); var domain = email.Substring(email.IndexOf('@') + 1); var name = cert.GetNameInfo(System.Security.Cryptography.X509Certificates.X509NameType.SimpleName, false); if (!noProgress) { Console.Write($"0x{serialNumberHex,-8} {email,-40} {name,-30} "); } // Verify certificate var status = "Unknown"; if (verify) { var certValid = ValidateCertificate(cert); status = certValid ? "OK" : "Revoked"; } if (!noProgress) { Console.WriteLine(status); } // Add line to index sb.AppendLine(string.Join(CSV_SEPARATOR, serialNumberHex, serialNumberDec, cert.GetCertHashString(), cert.NotBefore.ToString("yyyy-MM-dd"), cert.NotAfter.ToString("yyyy-MM-dd"), cert.PublicKey.Key.KeySize, status, domain, name, email, cert.Issuer, cert.Subject)); } // Crafl subfolders foreach (var subFolderName in Directory.GetDirectories(folderName)) { IndexFolder(subFolderName, sb, noProgress, verify); } }
static string find_certificate_name(X509Certificate2 cert) { string cert_name = cert.GetNameInfo(X509NameType.SimpleName, false); if (cert_name.Count() == 0) { cert_name = cert.GetNameInfo(X509NameType.DnsName, false); } if (cert_name.Count() == 0) { cert_name = cert.GetNameInfo(X509NameType.DnsFromAlternativeName, false); } return cert_name; }
public static void Main(string[] args) { Console.WriteLine("Starting..."); X509Certificate2 serverCertificate = new X509Certificate2("certificate.pfx"); // Any valid certificate with private key will work fine. TcpListener listener = new TcpListener(IPAddress.Any, 4567); TcpClient client = new TcpClient(); listener.Start(); Task clientConnectTask = client.ConnectAsync(IPAddress.Loopback, 4567); Task<TcpClient> listenerAcceptTask = listener.AcceptTcpClientAsync(); Task.WaitAll(clientConnectTask, listenerAcceptTask); TcpClient server = listenerAcceptTask.Result; SslStream clientStream = new SslStream(client.GetStream(), false, new RemoteCertificateValidationCallback(ValidateServerCertificate), null, EncryptionPolicy.RequireEncryption); SslStream serverStream = new SslStream(server.GetStream(), false, null, null, EncryptionPolicy.RequireEncryption); Task clientAuthenticationTask = clientStream.AuthenticateAsClientAsync(serverCertificate.GetNameInfo(X509NameType.SimpleName, false), null, SslProtocols.Tls12, false); Task serverAuthenticationTask = serverStream.AuthenticateAsServerAsync(serverCertificate, false, SslProtocols.Tls12, false); Task.WaitAll(clientAuthenticationTask, serverAuthenticationTask); byte[] readBuffer = new byte[256]; Task<int> readTask = clientStream.ReadAsync(readBuffer, 0, readBuffer.Length); // Create a pending ReadAsync, which will wait for data that will never come (for testing purposes). byte[] writeBuffer = new byte[256]; Task writeTask = clientStream.WriteAsync(writeBuffer, 0, writeBuffer.Length); // The main thread actually blocks here (not asychronously waits) on .NET Core making this call. bool result = Task.WaitAll(new Task[1] { writeTask }, 5000); // This code won't even be reached on .NET Core. Works fine on .NET Framework. if (result) { Console.WriteLine("WriteAsync completed successfully while ReadAsync was pending... nothing locked up."); } else { Console.WriteLine("WriteAsync failed to complete after 5 seconds."); } }
public string DisplayIssuerName(X509Certificate2 cert) { string str = ""; if (cert == null) { return str; } return cert.GetNameInfo(X509NameType.SimpleName, true); }
public async void EchoServerAndClient() { var testPromise = new TaskCompletionSource(); var tlsCertificate = new X509Certificate2("dotnetty.com.pfx", "password"); Func<Task> closeServerFunc = await this.StartServerAsync(true, ch => { ch.Pipeline.AddLast("server logger", new LoggingHandler("SERVER")); ch.Pipeline.AddLast("server tls", TlsHandler.Server(tlsCertificate)); ch.Pipeline.AddLast("server logger2", new LoggingHandler("SER***")); ch.Pipeline.AddLast("server prepender", new LengthFieldPrepender(2)); ch.Pipeline.AddLast("server decoder", new LengthFieldBasedFrameDecoder(ushort.MaxValue, 0, 2, 0, 2)); ch.Pipeline.AddLast(new EchoChannelHandler()); }, testPromise); var group = new MultithreadEventLoopGroup(); Bootstrap b = new Bootstrap() .Group(group) .Channel<TcpSocketChannel>() .Option(ChannelOption.TcpNodelay, true) .Handler(new ActionChannelInitializer<ISocketChannel>(ch => { string targetHost = tlsCertificate.GetNameInfo(X509NameType.DnsName, false); var clientTlsSettings = new ClientTlsSettings(targetHost); ch.Pipeline.AddLast("client logger", new LoggingHandler("CLIENT")); ch.Pipeline.AddLast("client tls", new TlsHandler(stream => new SslStream(stream, true, (sender, certificate, chain, errors) => true), clientTlsSettings)); ch.Pipeline.AddLast("client logger2", new LoggingHandler("CLI***")); ch.Pipeline.AddLast("client prepender", new LengthFieldPrepender(2)); ch.Pipeline.AddLast("client decoder", new LengthFieldBasedFrameDecoder(ushort.MaxValue, 0, 2, 0, 2)); ch.Pipeline.AddLast(new TestScenarioRunner(this.GetEchoClientScenario, testPromise)); })); this.Output.WriteLine("Configured Bootstrap: {0}", b); IChannel clientChannel = null; try { clientChannel = await b.ConnectAsync(IPAddress.Loopback, Port); this.Output.WriteLine("Connected channel: {0}", clientChannel); await Task.WhenAny(testPromise.Task, Task.Delay(TimeSpan.FromSeconds(30))); Assert.True(testPromise.Task.IsCompleted, "timed out"); testPromise.Task.Wait(); } finally { Task serverCloseTask = closeServerFunc(); clientChannel?.CloseAsync().Wait(TimeSpan.FromSeconds(5)); group.ShutdownGracefullyAsync(); if (!serverCloseTask.Wait(ShutdownTimeout)) { this.Output.WriteLine("Didn't stop in time."); } } }
public SysX509.X509Certificate2 Certificadop12(string rutaCertificado, string claveDelCertificado = null) { SysX509.X509Certificate2 certificado = new SysX509.X509Certificate2(rutaCertificado, claveDelCertificado); Entidad = certificado.GetNameInfo(System.Security.Cryptography.X509Certificates.X509NameType.DnsName, true); String[] DatosSujeto = certificado.SubjectName.Decode(SysX509.X500DistinguishedNameFlags.None).Split('='); NameSujeto = DatosSujeto[DatosSujeto.Length - 1]; this.certificado = certificado; return(certificado); }
public List <string> CertificadoVerificar(string rutaCertificado, string claveDelCertificado = null) { SysX509.X509Certificate2 certificado = new SysX509.X509Certificate2(rutaCertificado, claveDelCertificado); List <string> datos = new List <string>(); datos.Add(certificado.GetNameInfo(System.Security.Cryptography.X509Certificates.X509NameType.DnsName, true)); String[] DatosSujeto = certificado.SubjectName.Decode(SysX509.X500DistinguishedNameFlags.None).Split('='); datos.Add(DatosSujeto[DatosSujeto.Length - 1]); return(datos); }
public async void EchoServerAndClient() { var testPromise = new TaskCompletionSource(); var tlsCertificate = new X509Certificate2("dotnetty.com.pfx", "password"); Func<Task> closeServerFunc = await this.StartServerAsync(true, ch => { ch.Pipeline.AddLast(TlsHandler.Server(tlsCertificate)); ch.Pipeline.AddLast(new EchoChannelHandler()); }, testPromise); var group = new MultithreadEventLoopGroup(); Bootstrap b = new Bootstrap() .Group(group) .Channel<TcpSocketChannel>() .Option(ChannelOption.TcpNodelay, true) .Handler(new ActionChannelInitializer<ISocketChannel>(ch => { string targetHost = tlsCertificate.GetNameInfo(X509NameType.DnsName, false); ch.Pipeline.AddLast(TlsHandler.Client(targetHost, null, (sender, certificate, chain, errors) => true)); ch.Pipeline.AddLast(new TestScenarioRunner(this.GetEchoClientScenario, testPromise)); })); this.Output.WriteLine("Configured Bootstrap: {0}", b); IChannel clientChannel = null; try { clientChannel = await b.ConnectAsync(IPAddress.Loopback, Port); this.Output.WriteLine("Connected channel: {0}", clientChannel); await Task.WhenAny(testPromise.Task, Task.Delay(TimeSpan.FromMinutes(1))); Assert.True(testPromise.Task.IsCompleted); testPromise.Task.Wait(); } finally { Task serverCloseTask = closeServerFunc(); if (clientChannel != null) { clientChannel.CloseAsync().Wait(TimeSpan.FromSeconds(5)); } group.ShutdownGracefullyAsync(); if (!serverCloseTask.Wait(ShutdownTimeout)) { this.Output.WriteLine("Didn't stop in time."); } } }
static async Task RunClientAsync() { var eventListener = new ObservableEventListener(); eventListener.LogToConsole(); eventListener.EnableEvents(DefaultEventSource.Log, EventLevel.Verbose); var group = new MultithreadEventLoopGroup(); X509Certificate2 cert = null; string targetHost = null; if (EchoClientSettings.IsSsl) { cert = new X509Certificate2("dotnetty.com.pfx", "password"); targetHost = cert.GetNameInfo(X509NameType.DnsName, false); } try { var bootstrap = new Bootstrap(); bootstrap .Group(group) .Channel<TcpSocketChannel>() .Option(ChannelOption.TcpNodelay, true) .Handler(new ActionChannelInitializer<ISocketChannel>(channel => { IChannelPipeline pipeline = channel.Pipeline; if (cert != null) { pipeline.AddLast(new TlsHandler(stream => new SslStream(stream, true, (sender, certificate, chain, errors) => true), new ClientTlsSettings(targetHost))); } pipeline.AddLast(new LengthFieldPrepender(2)); pipeline.AddLast(new LengthFieldBasedFrameDecoder(ushort.MaxValue, 0, 2, 0, 2)); pipeline.AddLast(new EchoClientHandler()); })); IChannel bootstrapChannel = await bootstrap.ConnectAsync(new IPEndPoint(EchoClientSettings.Host, EchoClientSettings.Port)); Console.ReadLine(); await bootstrapChannel.CloseAsync(); } finally { group.ShutdownGracefullyAsync().Wait(1000); eventListener.Dispose(); } }
private string RecuperarWinLogon(byte[] RawData) { try { System.Security.Cryptography.X509Certificates.X509Certificate2 certificado = new System.Security.Cryptography.X509Certificates.X509Certificate2(RawData); string upn = certificado.GetNameInfo(X509NameType.UpnName, false).Trim(); int pos = upn.IndexOf("@"); string dominio = upn.Substring(pos + 1); return(dominio); } catch (Exception) { return(""); } }
private static IEnumerable<Claim> ExtractClaims(X509Certificate2 cert, string issuer) { var claims = new Collection<Claim> { new Claim(ClaimTypes.Thumbprint,Convert.ToBase64String(cert.GetCertHash()), ClaimValueTypes.Base64Binary, issuer), new Claim(ClaimTypes.X500DistinguishedName, cert.SubjectName.Name, ClaimValueTypes.String, issuer), new Claim(ClaimTypes.SerialNumber, cert.SerialNumber, ClaimValueTypes.String, issuer), new Claim(ClaimTypes.AuthenticationMethod, X509AuthnMethod, ClaimValueTypes.String, issuer) }; var email = cert.GetNameInfo(X509NameType.EmailName, false); if (email != null) { claims.Add(new Claim(ClaimTypes.Email, email, ClaimValueTypes.String, issuer)); } return claims; }
/// <summary> /// Creates a <see cref="WindowsIdentity"/> associated with a given X509 certificate. /// </summary> /// <param name="x509Certificate">The certificate to use to map to the associated <see cref="WindowsIdentity"/></param> /// <returns></returns> public static WindowsIdentity CertificateLogon(X509Certificate2 x509Certificate) { // for Vista, LsaLogon supporting mapping cert to NTToken if (Environment.OSVersion.Version.Major >= CryptoHelper.WindowsVistaMajorNumber) { return X509SecurityTokenHandler.KerberosCertificateLogon(x509Certificate); } else { // Downlevel, S4U over PrincipalName SubjectAltNames string upn = x509Certificate.GetNameInfo(X509NameType.UpnName, false); if (string.IsNullOrEmpty(upn)) { throw DiagnosticUtility.ExceptionUtility.ThrowHelperError(new SecurityTokenValidationException(SR.GetString(SR.ID4067, X509Util.GetCertificateId(x509Certificate)))); } return new WindowsIdentity(upn); } }
public void Certificate_10_Properties () { DateTime expectedNotAfter = new DateTime (630616320000000000, DateTimeKind.Utc); DateTime expectedNotBefore = new DateTime (629670240000000000, DateTimeKind.Utc); X509Certificate2 x = new X509Certificate2 (cert_10); Assert.IsFalse (x.Archived, "Archived"); Assert.AreEqual (0, x.Extensions.Count, "Extensions"); Assert.AreEqual (0, x.FriendlyName.Length, "FriendlyName"); Assert.IsFalse (x.HasPrivateKey, "HasPrivateKey"); Assert.AreEqual ("[email protected], CN=Keywitness Canada Inc., C=CA", x.Issuer, "Issuer"); Assert.AreEqual ("[email protected], CN=Keywitness Canada Inc., C=CA", x.IssuerName.Name, "IssuerName"); Assert.AreEqual (expectedNotAfter.Ticks, x.NotAfter.ToUniversalTime ().Ticks, "NotAfter#1"); Assert.AreEqual (DateTimeKind.Local, x.NotAfter.Kind, "NotAfter#2"); Assert.AreEqual (expectedNotAfter.ToLocalTime (), x.NotAfter, "NotAfter#3"); Assert.AreEqual (expectedNotBefore.Ticks, x.NotBefore.ToUniversalTime ().Ticks, "NotBefore#1"); Assert.AreEqual (DateTimeKind.Local, x.NotBefore.Kind, "NotBefore#2"); Assert.AreEqual (expectedNotBefore.ToLocalTime (), x.NotBefore, "NotBefore#3"); Assert.IsNull (x.PrivateKey, "PrivateKey"); Assert.AreEqual ("<RSAKeyValue><Modulus>zSP6KuHtmPTp0JM+13qAAkzMwQKvXLYff/pXQm8w0SDFtSEHQCyphsLzZISuPYUu7YW9VLAYKO9q+BvnCxYfkyVPx/iOw7nKmIQOVdAv73h3xXIoX2C/GSvRcqK32D/glzRaAb0EnMh4Rc2TjRXydhARq7hbLp5S3YE+nGTIKZM=</Modulus><Exponent>Aw==</Exponent></RSAKeyValue>", x.PublicKey.Key.ToXmlString (false), "PublicKey"); Assert.AreEqual (cert_10, x.RawData, "RawData"); Assert.AreEqual ("14", x.SerialNumber, "SerialNumber"); Assert.AreEqual ("1.2.840.113549.1.1.4", x.SignatureAlgorithm.Value, "SignatureAlgorithm"); Assert.AreEqual ("[email protected], CN=Keywitness Canada Inc., C=CA", x.Subject, "Subject"); Assert.AreEqual ("[email protected], CN=Keywitness Canada Inc., C=CA", x.SubjectName.Name, "SubjectName"); Assert.AreEqual ("E0A00ABEB2CCA84540C21A75E0B3A406F9A624AC", x.Thumbprint, "Thumbprint"); Assert.AreEqual (1, x.Version, "Version"); Assert.AreEqual (String.Empty, x.GetNameInfo (X509NameType.DnsFromAlternativeName, true), "DnsFromAlternativeName,true"); Assert.AreEqual ("Keywitness Canada Inc.", x.GetNameInfo (X509NameType.DnsName, true), "DnsName,true"); Assert.AreEqual (String.Empty, x.GetNameInfo (X509NameType.EmailName, true), "EmailName,true"); Assert.AreEqual ("Keywitness Canada Inc.", x.GetNameInfo (X509NameType.SimpleName, true), "SimpleName,true"); Assert.AreEqual (String.Empty, x.GetNameInfo (X509NameType.UpnName, true), "UpnName,true"); Assert.AreEqual (String.Empty, x.GetNameInfo (X509NameType.UrlName, true), "UrlName,true"); Assert.AreEqual (String.Empty, x.GetNameInfo (X509NameType.DnsFromAlternativeName, false), "DnsFromAlternativeName,false"); Assert.AreEqual ("Keywitness Canada Inc.", x.GetNameInfo (X509NameType.DnsName, false), "DnsName,false"); Assert.AreEqual (String.Empty, x.GetNameInfo (X509NameType.EmailName, false), "EmailName,false"); Assert.AreEqual ("Keywitness Canada Inc.", x.GetNameInfo (X509NameType.SimpleName, false), "SimpleName,false"); Assert.AreEqual (String.Empty, x.GetNameInfo (X509NameType.UpnName, false), "UpnName,false"); Assert.AreEqual (String.Empty, x.GetNameInfo (X509NameType.UrlName, false), "UrlName,false"); }
public void Certificate_9_Properties () { DateTime expectedNotAfter = new DateTime (630077183990000000, DateTimeKind.Utc); DateTime expectedNotBefore = new DateTime (629761824000000000, DateTimeKind.Utc); X509Certificate2 x = new X509Certificate2 (cert_9); Assert.IsFalse (x.Archived, "Archived"); Assert.AreEqual (5, x.Extensions.Count, "Extensions"); Assert.AreEqual (0, x.FriendlyName.Length, "FriendlyName"); Assert.IsFalse (x.HasPrivateKey, "HasPrivateKey"); Assert.AreEqual ("OU=VeriSign Class 1 CA - Individual Subscriber, O=\"VeriSign, Inc.\", L=Internet", x.Issuer, "Issuer"); Assert.AreEqual ("OU=VeriSign Class 1 CA - Individual Subscriber, O=\"VeriSign, Inc.\", L=Internet", x.IssuerName.Name, "IssuerName"); Assert.AreEqual (expectedNotAfter.Ticks, x.NotAfter.ToUniversalTime ().Ticks, "NotAfter#1"); Assert.AreEqual (DateTimeKind.Local, x.NotAfter.Kind, "NotAfter#2"); Assert.AreEqual (expectedNotAfter.ToLocalTime (), x.NotAfter, "NotAfter#3"); Assert.AreEqual (expectedNotBefore.Ticks, x.NotBefore.ToUniversalTime ().Ticks, "NotBefore#1"); Assert.AreEqual (DateTimeKind.Local, x.NotBefore.Kind, "NotBefore#2"); Assert.AreEqual (expectedNotBefore.ToLocalTime (), x.NotBefore, "NotBefore#3"); Assert.IsNull (x.PrivateKey, "PrivateKey"); Assert.AreEqual ("<RSAKeyValue><Modulus>xYEHousPuP/4+BzuMv+/EjVq+WvIvi/7Pq8EUUqs3RApqM1AW2YemO/yTHf6j4bRIWeSRErEicmDz4ifb+IyNQ==</Modulus><Exponent>AQAB</Exponent></RSAKeyValue>", x.PublicKey.Key.ToXmlString (false), "PublicKey"); Assert.AreEqual (cert_9, x.RawData, "RawData"); Assert.AreEqual ("200B355ECEC4B063B7DEC634B9703444", x.SerialNumber, "SerialNumber"); Assert.AreEqual ("1.2.840.113549.1.1.4", x.SignatureAlgorithm.Value, "SignatureAlgorithm"); Assert.AreEqual ("[email protected], CN=David T. Gray, OU=Digital ID Class 1 - Netscape, OU=\"www.verisign.com/repository/CPS Incorp. by Ref.,LIAB.LTD(c)96\", OU=VeriSign Class 1 CA - Individual Subscriber, O=\"VeriSign, Inc.\", L=Internet", x.Subject, "Subject"); Assert.AreEqual ("[email protected], CN=David T. Gray, OU=Digital ID Class 1 - Netscape, OU=\"www.verisign.com/repository/CPS Incorp. by Ref.,LIAB.LTD(c)96\", OU=VeriSign Class 1 CA - Individual Subscriber, O=\"VeriSign, Inc.\", L=Internet", x.SubjectName.Name, "SubjectName"); Assert.AreEqual ("52D1848F6A161BA5C6C19007F8164668F5A3B2CF", x.Thumbprint, "Thumbprint"); Assert.AreEqual (3, x.Version, "Version"); Assert.AreEqual (String.Empty, x.GetNameInfo (X509NameType.DnsFromAlternativeName, true), "DnsFromAlternativeName,true"); Assert.AreEqual (String.Empty, x.GetNameInfo (X509NameType.DnsName, true), "DnsName,true"); Assert.AreEqual (String.Empty, x.GetNameInfo (X509NameType.EmailName, true), "EmailName,true"); Assert.AreEqual ("VeriSign Class 1 CA - Individual Subscriber", x.GetNameInfo (X509NameType.SimpleName, true), "SimpleName,true"); Assert.AreEqual (String.Empty, x.GetNameInfo (X509NameType.UpnName, true), "UpnName,true"); Assert.AreEqual (String.Empty, x.GetNameInfo (X509NameType.UrlName, true), "UrlName,true"); Assert.AreEqual (String.Empty, x.GetNameInfo (X509NameType.DnsFromAlternativeName, false), "DnsFromAlternativeName,false"); Assert.AreEqual ("David T. Gray", x.GetNameInfo (X509NameType.DnsName, false), "DnsName,false"); Assert.AreEqual ("*****@*****.**", x.GetNameInfo (X509NameType.EmailName, false), "EmailName,false"); Assert.AreEqual ("David T. Gray", x.GetNameInfo (X509NameType.SimpleName, false), "SimpleName,false"); Assert.AreEqual (String.Empty, x.GetNameInfo (X509NameType.UpnName, false), "UpnName,false"); Assert.AreEqual (String.Empty, x.GetNameInfo (X509NameType.UrlName, false), "UrlName,false"); // extensions X509Extension ext = x.Extensions[0]; Assert.AreEqual ("2.5.29.19", ext.Oid.Value, "Oid-0"); Assert.AreEqual ("30-00", BitConverter.ToString (ext.RawData), "RawData-0"); Assert.IsFalse (ext.Critical, "Critical-0"); X509BasicConstraintsExtension bce = (X509BasicConstraintsExtension) ext; Assert.IsFalse (bce.CertificateAuthority, "CertificateAuthority"); Assert.IsFalse (bce.HasPathLengthConstraint, "HasPathLengthConstraint"); Assert.AreEqual (0, bce.PathLengthConstraint, "PathLengthConstraint"); ext = x.Extensions[1]; Assert.AreEqual ("2.5.29.3", ext.Oid.Value, "Oid-1"); Assert.AreEqual ("30-82-02-12-30-82-02-0E-30-82-02-0A-06-0B-60-86-48-01-86-F8-45-01-07-01-01-30-82-01-F9-16-82-01-A7-54-68-69-73-20-63-65-72-74-69-66-69-63-61-74-65-20-69-6E-63-6F-72-70-6F-72-61-74-65-73-20-62-79-20-72-65-66-65-72-65-6E-63-65-2C-20-61-6E-64-20-69-74-73-20-75-73-65-20-69-73-20-73-74-72-69-63-74-6C-79-20-73-75-62-6A-65-63-74-20-74-6F-2C-20-74-68-65-20-56-65-72-69-53-69-67-6E-20-43-65-72-74-69-66-69-63-61-74-69-6F-6E-20-50-72-61-63-74-69-63-65-20-53-74-61-74-65-6D-65-6E-74-20-28-43-50-53-29-2C-20-61-76-61-69-6C-61-62-6C-65-20-61-74-3A-20-68-74-74-70-73-3A-2F-2F-77-77-77-2E-76-65-72-69-73-69-67-6E-2E-63-6F-6D-2F-43-50-53-3B-20-62-79-20-45-2D-6D-61-69-6C-20-61-74-20-43-50-53-2D-72-65-71-75-65-73-74-73-40-76-65-72-69-73-69-67-6E-2E-63-6F-6D-3B-20-6F-72-20-62-79-20-6D-61-69-6C-20-61-74-20-56-65-72-69-53-69-67-6E-2C-20-49-6E-63-2E-2C-20-32-35-39-33-20-43-6F-61-73-74-20-41-76-65-2E-2C-20-4D-6F-75-6E-74-61-69-6E-20-56-69-65-77-2C-20-43-41-20-39-34-30-34-33-20-55-53-41-20-54-65-6C-2E-20-2B-31-20-28-34-31-35-29-20-39-36-31-2D-38-38-33-30-20-43-6F-70-79-72-69-67-68-74-20-28-63-29-20-31-39-39-36-20-56-65-72-69-53-69-67-6E-2C-20-49-6E-63-2E-20-20-41-6C-6C-20-52-69-67-68-74-73-20-52-65-73-65-72-76-65-64-2E-20-43-45-52-54-41-49-4E-20-57-41-52-52-41-4E-54-49-45-53-20-44-49-53-43-4C-41-49-4D-45-44-20-61-6E-64-20-4C-49-41-42-49-4C-49-54-59-20-4C-49-4D-49-54-45-44-2E-A0-0E-06-0C-60-86-48-01-86-F8-45-01-07-01-01-01-A1-0E-06-0C-60-86-48-01-86-F8-45-01-07-01-01-02-30-2C-30-2A-16-28-68-74-74-70-73-3A-2F-2F-77-77-77-2E-76-65-72-69-73-69-67-6E-2E-63-6F-6D-2F-72-65-70-6F-73-69-74-6F-72-79-2F-43-50-53-20", BitConverter.ToString (ext.RawData), "RawData-1"); Assert.IsFalse (ext.Critical, "Critical-1"); ext = x.Extensions[2]; Assert.AreEqual ("2.16.840.1.113730.1.1", ext.Oid.Value, "Oid-2"); Assert.AreEqual ("03-02-07-80", BitConverter.ToString (ext.RawData), "RawData-2"); Assert.IsFalse (ext.Critical, "Critical-2"); ext = x.Extensions[3]; Assert.AreEqual ("2.16.840.1.113730.1.8", ext.Oid.Value, "Oid-3"); Assert.AreEqual ("16-27-68-74-74-70-73-3A-2F-2F-77-77-77-2E-76-65-72-69-73-69-67-6E-2E-63-6F-6D-2F-72-65-70-6F-73-69-74-6F-72-79-2F-43-50-53", BitConverter.ToString (ext.RawData), "RawData-3"); Assert.IsFalse (ext.Critical, "Critical-3"); ext = x.Extensions[4]; Assert.AreEqual ("2.16.840.1.113730.1.13", ext.Oid.Value, "Oid-4"); Assert.AreEqual ("16-82-04-74-43-41-55-54-49-4F-4E-3A-20-54-68-65-20-43-6F-6D-6D-6F-6E-20-4E-61-6D-65-20-69-6E-20-74-68-69-73-20-43-6C-61-73-73-20-31-20-44-69-67-69-74-61-6C-20-0A-49-44-20-69-73-20-6E-6F-74-20-61-75-74-68-65-6E-74-69-63-61-74-65-64-20-62-79-20-56-65-72-69-53-69-67-6E-2E-20-49-74-20-6D-61-79-20-62-65-20-74-68-65-0A-68-6F-6C-64-65-72-27-73-20-72-65-61-6C-20-6E-61-6D-65-20-6F-72-20-61-6E-20-61-6C-69-61-73-2E-20-56-65-72-69-53-69-67-6E-20-64-6F-65-73-20-61-75-74-68-2D-0A-65-6E-74-69-63-61-74-65-20-74-68-65-20-65-2D-6D-61-69-6C-20-61-64-64-72-65-73-73-20-6F-66-20-74-68-65-20-68-6F-6C-64-65-72-2E-0A-0A-54-68-69-73-20-63-65-72-74-69-66-69-63-61-74-65-20-69-6E-63-6F-72-70-6F-72-61-74-65-73-20-62-79-20-72-65-66-65-72-65-6E-63-65-2C-20-61-6E-64-20-0A-69-74-73-20-75-73-65-20-69-73-20-73-74-72-69-63-74-6C-79-20-73-75-62-6A-65-63-74-20-74-6F-2C-20-74-68-65-20-56-65-72-69-53-69-67-6E-20-0A-43-65-72-74-69-66-69-63-61-74-69-6F-6E-20-50-72-61-63-74-69-63-65-20-53-74-61-74-65-6D-65-6E-74-20-28-43-50-53-29-2C-20-61-76-61-69-6C-61-62-6C-65-0A-69-6E-20-74-68-65-20-56-65-72-69-53-69-67-6E-20-72-65-70-6F-73-69-74-6F-72-79-20-61-74-3A-20-0A-68-74-74-70-73-3A-2F-2F-77-77-77-2E-76-65-72-69-73-69-67-6E-2E-63-6F-6D-3B-20-62-79-20-45-2D-6D-61-69-6C-20-61-74-0A-43-50-53-2D-72-65-71-75-65-73-74-73-40-76-65-72-69-73-69-67-6E-2E-63-6F-6D-3B-20-6F-72-20-62-79-20-6D-61-69-6C-20-61-74-20-56-65-72-69-53-69-67-6E-2C-0A-49-6E-63-2E-2C-20-32-35-39-33-20-43-6F-61-73-74-20-41-76-65-2E-2C-20-4D-6F-75-6E-74-61-69-6E-20-56-69-65-77-2C-20-43-41-20-39-34-30-34-33-20-55-53-41-0A-0A-43-6F-70-79-72-69-67-68-74-20-28-63-29-31-39-39-36-20-56-65-72-69-53-69-67-6E-2C-20-49-6E-63-2E-20-20-41-6C-6C-20-52-69-67-68-74-73-20-0A-52-65-73-65-72-76-65-64-2E-20-43-45-52-54-41-49-4E-20-57-41-52-52-41-4E-54-49-45-53-20-44-49-53-43-4C-41-49-4D-45-44-20-41-4E-44-20-0A-4C-49-41-42-49-4C-49-54-59-20-4C-49-4D-49-54-45-44-2E-0A-0A-57-41-52-4E-49-4E-47-3A-20-54-48-45-20-55-53-45-20-4F-46-20-54-48-49-53-20-43-45-52-54-49-46-49-43-41-54-45-20-49-53-20-53-54-52-49-43-54-4C-59-0A-53-55-42-4A-45-43-54-20-54-4F-20-54-48-45-20-56-45-52-49-53-49-47-4E-20-43-45-52-54-49-46-49-43-41-54-49-4F-4E-20-50-52-41-43-54-49-43-45-0A-53-54-41-54-45-4D-45-4E-54-2E-20-20-54-48-45-20-49-53-53-55-49-4E-47-20-41-55-54-48-4F-52-49-54-59-20-44-49-53-43-4C-41-49-4D-53-20-43-45-52-54-41-49-4E-0A-49-4D-50-4C-49-45-44-20-41-4E-44-20-45-58-50-52-45-53-53-20-57-41-52-52-41-4E-54-49-45-53-2C-20-49-4E-43-4C-55-44-49-4E-47-20-57-41-52-52-41-4E-54-49-45-53-0A-4F-46-20-4D-45-52-43-48-41-4E-54-41-42-49-4C-49-54-59-20-4F-52-20-46-49-54-4E-45-53-53-20-46-4F-52-20-41-20-50-41-52-54-49-43-55-4C-41-52-0A-50-55-52-50-4F-53-45-2C-20-41-4E-44-20-57-49-4C-4C-20-4E-4F-54-20-42-45-20-4C-49-41-42-4C-45-20-46-4F-52-20-43-4F-4E-53-45-51-55-45-4E-54-49-41-4C-2C-0A-50-55-4E-49-54-49-56-45-2C-20-41-4E-44-20-43-45-52-54-41-49-4E-20-4F-54-48-45-52-20-44-41-4D-41-47-45-53-2E-20-53-45-45-20-54-48-45-20-43-50-53-0A-46-4F-52-20-44-45-54-41-49-4C-53-2E-0A-0A-43-6F-6E-74-65-6E-74-73-20-6F-66-20-74-68-65-20-56-65-72-69-53-69-67-6E-20-72-65-67-69-73-74-65-72-65-64-0A-6E-6F-6E-76-65-72-69-66-69-65-64-53-75-62-6A-65-63-74-41-74-74-72-69-62-75-74-65-73-20-65-78-74-65-6E-73-69-6F-6E-20-76-61-6C-75-65-20-73-68-61-6C-6C-20-0A-6E-6F-74-20-62-65-20-63-6F-6E-73-69-64-65-72-65-64-20-61-73-20-61-63-63-75-72-61-74-65-20-69-6E-66-6F-72-6D-61-74-69-6F-6E-20-76-61-6C-69-64-61-74-65-64-20-0A-62-79-20-74-68-65-20-49-41-2E", BitConverter.ToString (ext.RawData), "RawData-4"); Assert.IsFalse (ext.Critical, "Critical-4"); }
public void Certificate_8_Properties () { DateTime expectedNotAfter = new DateTime (631769760000000000, DateTimeKind.Utc); DateTime expectedNotBefore = new DateTime (631080288000000000, DateTimeKind.Utc); X509Certificate2 x = new X509Certificate2 (cert_8); Assert.IsFalse (x.Archived, "Archived"); Assert.AreEqual (2, x.Extensions.Count, "Extensions"); Assert.AreEqual (0, x.FriendlyName.Length, "FriendlyName"); Assert.IsFalse (x.HasPrivateKey, "HasPrivateKey"); Assert.AreEqual ("CN=Armed Forces Root, OU=DoD, O=U.S. Government, C=US", x.Issuer, "Issuer"); Assert.AreEqual ("CN=Armed Forces Root, OU=DoD, O=U.S. Government, C=US", x.IssuerName.Name, "IssuerName"); Assert.AreEqual (expectedNotAfter.Ticks, x.NotAfter.ToUniversalTime ().Ticks, "NotAfter#1"); Assert.AreEqual (DateTimeKind.Local, x.NotAfter.Kind, "NotAfter#2"); Assert.AreEqual (expectedNotAfter.ToLocalTime (), x.NotAfter, "NotAfter#3"); Assert.AreEqual (expectedNotBefore.Ticks, x.NotBefore.ToUniversalTime ().Ticks, "NotBefore#1"); Assert.AreEqual (DateTimeKind.Local, x.NotBefore.Kind, "NotBefore#2"); Assert.AreEqual (expectedNotBefore.ToLocalTime (), x.NotBefore, "NotBefore#3"); Assert.IsNull (x.PrivateKey, "PrivateKey"); Assert.AreEqual ("<DSAKeyValue><P>kIk+GBv+ox0WiQC01UCCTC7sPWYNDbkXQG46XAN7G5MoDO+5l+Oh6+KjfGHdb9WtFWkAFrLDCD3EWcbycKWw9R8d9LAV2n4oOSSZNlvsOSX6kkll0kMFap6je/Deoy/Tbzr5NcMp1EVsVpreNm7+EmiWe0UdLP+5LfVSjN8+L2M=</P><Q>gam10ATym6fYVUw7MqFFMk/1Ud0=</Q><G>ZHqIC/I+kYFZnPTqxnsOvuoF6Hf9IDSHocRp9siLGdrN+iGKV6l6JgpW1O1LG3xw7bTmemre0yni6Zoz7QmNnt/aLkrBUJLuL+Va84ViakjcGwKYprDRCUsQ0fD64LEdE1RLwKhA73HoVmuiKcseCX0nOZE7IE+YOeg5ypjFr1Q=</G><Y>VKiItY8BVs4Yj6bWfCkpdUXoMaQHF+0eXbJ7u848l2ceiAr+fQAiJx1m7vYbtpV/Wv8GNAJDw4PEZiyhBQ5os8rc0/kMwGbfhYRLIF1BrMDsN5IOlxm/UzVjJxgzNUJN8C1tp6SYqlfz0rhuTo//vm9ODwtEJO7fTCJbRJiUy7g=</Y></DSAKeyValue>", x.PublicKey.Key.ToXmlString (false), "PublicKey"); Assert.AreEqual (cert_8, x.RawData, "RawData"); Assert.AreEqual ("03", x.SerialNumber, "SerialNumber"); Assert.AreEqual ("1.2.840.10040.4.3", x.SignatureAlgorithm.Value, "SignatureAlgorithm"); Assert.AreEqual ("CN=Armed Forces Root, OU=DoD, O=U.S. Government, C=US", x.Subject, "Subject"); Assert.AreEqual ("CN=Armed Forces Root, OU=DoD, O=U.S. Government, C=US", x.SubjectName.Name, "SubjectName"); Assert.AreEqual ("A30A06B1B0D4F871678A60C54EE4D8663606CCE6", x.Thumbprint, "Thumbprint"); Assert.AreEqual (3, x.Version, "Version"); Assert.AreEqual (String.Empty, x.GetNameInfo (X509NameType.DnsFromAlternativeName, true), "DnsFromAlternativeName,true"); Assert.AreEqual ("Armed Forces Root", x.GetNameInfo (X509NameType.DnsName, true), "DnsName,true"); Assert.AreEqual (String.Empty, x.GetNameInfo (X509NameType.EmailName, true), "EmailName,true"); Assert.AreEqual ("Armed Forces Root", x.GetNameInfo (X509NameType.SimpleName, true), "SimpleName,true"); Assert.AreEqual (String.Empty, x.GetNameInfo (X509NameType.UpnName, true), "UpnName,true"); Assert.AreEqual (String.Empty, x.GetNameInfo (X509NameType.UrlName, true), "UrlName,true"); Assert.AreEqual (String.Empty, x.GetNameInfo (X509NameType.DnsFromAlternativeName, false), "DnsFromAlternativeName,false"); Assert.AreEqual ("Armed Forces Root", x.GetNameInfo (X509NameType.DnsName, false), "DnsName,false"); Assert.AreEqual (String.Empty, x.GetNameInfo (X509NameType.EmailName, false), "EmailName,false"); Assert.AreEqual ("Armed Forces Root", x.GetNameInfo (X509NameType.SimpleName, false), "SimpleName,false"); Assert.AreEqual (String.Empty, x.GetNameInfo (X509NameType.UpnName, false), "UpnName,false"); Assert.AreEqual (String.Empty, x.GetNameInfo (X509NameType.UrlName, false), "UrlName,false"); // extensions X509Extension ext = x.Extensions[0]; Assert.AreEqual ("2.5.29.14", ext.Oid.Value, "Oid-0"); Assert.AreEqual ("04-14-9D-2D-73-C3-B8-E3-4D-29-28-C3-65-BE-A9-98-CB-D6-8A-06-68-9C", BitConverter.ToString (ext.RawData), "RawData-0"); Assert.IsFalse (ext.Critical, "Critical-0"); X509SubjectKeyIdentifierExtension ski = (X509SubjectKeyIdentifierExtension) ext; Assert.AreEqual ("9D2D73C3B8E34D2928C365BEA998CBD68A06689C", ski.SubjectKeyIdentifier, "SubjectKeyIdentifier"); ext = x.Extensions[1]; Assert.AreEqual ("2.5.29.19", ext.Oid.Value, "Oid-1"); Assert.AreEqual ("30-03-01-01-FF", BitConverter.ToString (ext.RawData), "RawData-1"); Assert.IsFalse (ext.Critical, "Critical-1"); X509BasicConstraintsExtension bce = (X509BasicConstraintsExtension) ext; Assert.IsTrue (bce.CertificateAuthority, "CertificateAuthority"); Assert.IsFalse (bce.HasPathLengthConstraint, "HasPathLengthConstraint"); Assert.AreEqual (0, bce.PathLengthConstraint, "PathLengthConstraint"); }
public void Certificate_5_Properties () { DateTime expectedNotAfter = new DateTime (632254464000000000, DateTimeKind.Utc); DateTime expectedNotBefore = new DateTime (630045216000000000, DateTimeKind.Utc); X509Certificate2 x = new X509Certificate2 (cert_5); Assert.IsFalse (x.Archived, "Archived"); Assert.AreEqual (6, x.Extensions.Count, "Extensions"); Assert.AreEqual (0, x.FriendlyName.Length, "FriendlyName"); Assert.IsFalse (x.HasPrivateKey, "HasPrivateKey"); Assert.AreEqual ("O=SET Root, C=US", x.Issuer, "Issuer"); Assert.AreEqual ("O=SET Root, C=US", x.IssuerName.Name, "IssuerName"); Assert.AreEqual (expectedNotAfter.Ticks, x.NotAfter.ToUniversalTime ().Ticks, "NotAfter#1"); Assert.AreEqual (DateTimeKind.Local, x.NotAfter.Kind, "NotAfter#2"); Assert.AreEqual (expectedNotAfter.ToLocalTime (), x.NotAfter, "NotAfter#3"); Assert.AreEqual (expectedNotBefore.Ticks, x.NotBefore.ToUniversalTime ().Ticks, "NotBefore#1"); Assert.AreEqual (DateTimeKind.Local, x.NotBefore.Kind, "NotBefore#2"); Assert.AreEqual (expectedNotBefore.ToLocalTime (), x.NotBefore, "NotBefore#3"); Assert.IsNull (x.PrivateKey, "PrivateKey"); Assert.AreEqual ("<RSAKeyValue><Modulus>1Nw+uuGU977N7SF3z9qIWFEOj/TaABQeDaettpZaxtPsJe3YQwtufz+eHnSgHpd2MMpvCmPAozFAJYC4vSjrfXULTkE0xCAAwsv0miAAWNn0QBMYdwy1BN63tkOLpMw2dnnFCxfLfoihM7DTNCe/O2HaxSDr+ZSai3myqI7LwdmUSplmUFWygyh9Ij3s3KPoOduDVMmJqd9ZUp9673wRYlLs5me6PeqrR9vk9B9zwz3sfoR9Lyn+bBc/dW1WbsBOtb8qIIrkV67ALmjJCc+FdwrvOjfLYExFc3+QPoYd+sP8UIqyxYo08PJD7jxWuiTp4KWHHnwwM3f9XeBXDWwZOQ==</Modulus><Exponent>AQAB</Exponent></RSAKeyValue>", x.PublicKey.Key.ToXmlString (false), "PublicKey"); Assert.AreEqual (cert_5, x.RawData, "RawData"); Assert.AreEqual ("6A", x.SerialNumber, "SerialNumber"); Assert.AreEqual ("1.2.840.113549.1.1.5", x.SignatureAlgorithm.Value, "SignatureAlgorithm"); Assert.AreEqual ("O=SET Root, C=US", x.Subject, "Subject"); Assert.AreEqual ("O=SET Root, C=US", x.SubjectName.Name, "SubjectName"); Assert.AreEqual ("63DB7A42673975392AC6A4FAE3D78446B467C326", x.Thumbprint, "Thumbprint"); Assert.AreEqual (3, x.Version, "Version"); Assert.AreEqual (String.Empty, x.GetNameInfo (X509NameType.DnsFromAlternativeName, true), "DnsFromAlternativeName,true"); Assert.AreEqual (String.Empty, x.GetNameInfo (X509NameType.DnsName, true), "DnsName,true"); Assert.AreEqual (String.Empty, x.GetNameInfo (X509NameType.EmailName, true), "EmailName,true"); Assert.AreEqual ("SET Root", x.GetNameInfo (X509NameType.SimpleName, true), "SimpleName,true"); Assert.AreEqual (String.Empty, x.GetNameInfo (X509NameType.UpnName, true), "UpnName,true"); Assert.AreEqual (String.Empty, x.GetNameInfo (X509NameType.UrlName, true), "UrlName,true"); Assert.AreEqual (String.Empty, x.GetNameInfo (X509NameType.DnsFromAlternativeName, false), "DnsFromAlternativeName,false"); Assert.AreEqual (String.Empty, x.GetNameInfo (X509NameType.DnsName, false), "DnsName,false"); Assert.AreEqual (String.Empty, x.GetNameInfo (X509NameType.EmailName, false), "EmailName,false"); Assert.AreEqual ("SET Root", x.GetNameInfo (X509NameType.SimpleName, false), "SimpleName,false"); Assert.AreEqual (String.Empty, x.GetNameInfo (X509NameType.UpnName, false), "UpnName,false"); Assert.AreEqual (String.Empty, x.GetNameInfo (X509NameType.UrlName, false), "UrlName,false"); // extensions X509Extension ext = x.Extensions[0]; Assert.AreEqual ("2.5.29.19", ext.Oid.Value, "Oid-0"); Assert.AreEqual ("30-06-01-01-FF-02-01-03", BitConverter.ToString (ext.RawData), "RawData-0"); Assert.IsTrue (ext.Critical, "Critical-0"); X509BasicConstraintsExtension bce = (X509BasicConstraintsExtension) ext; Assert.IsTrue (bce.CertificateAuthority, "CertificateAuthority"); Assert.IsTrue (bce.HasPathLengthConstraint, "HasPathLengthConstraint"); Assert.AreEqual (3, bce.PathLengthConstraint, "PathLengthConstraint"); ext = x.Extensions[1]; Assert.AreEqual ("2.5.29.32", ext.Oid.Value, "Oid-1"); Assert.AreEqual ("30-82-02-B9-30-82-02-B5-06-04-67-2A-05-00-30-82-02-AB-30-82-02-A7-06-04-67-2A-07-06-30-82-02-9D-30-82-02-99-1A-82-02-95-54-68-69-73-20-53-45-54-20-52-6F-6F-74-20-43-65-72-74-69-66-69-63-61-74-65-20-61-6E-64-20-61-6E-79-20-63-65-72-74-69-66-69-63-61-74-65-20-61-75-74-68-65-6E-74-69-63-61-74-65-64-20-64-69-72-65-63-74-6C-79-20-6F-72-20-69-6E-64-69-72-65-63-74-6C-79-20-62-79-20-74-68-69-73-20-63-65-72-74-69-66-69-63-61-74-65-2C-20-6D-61-79-20-6F-6E-6C-79-20-62-65-20-75-73-65-64-20-74-6F-20-65-6E-61-62-6C-65-20-22-53-65-63-75-72-65-20-46-69-6E-61-6E-63-69-61-6C-20-54-72-61-6E-73-61-63-74-69-6F-6E-73-22-20-61-73-20-64-65-66-69-6E-65-64-20-69-6E-20-74-68-65-20-53-45-54-20-52-6F-6F-74-20-43-65-72-74-69-66-69-63-61-74-65-20-50-72-61-63-74-69-63-65-20-53-74-61-74-65-6D-65-6E-74-20-61-6E-64-2C-20-77-68-65-6E-20-61-70-70-72-6F-70-72-69-61-74-65-2C-20-69-6E-20-61-20-53-45-54-20-42-72-61-6E-64-20-43-65-72-74-69-66-69-63-61-74-65-20-50-72-61-63-74-69-63-65-20-53-74-61-74-65-6D-65-6E-74-2E-20-20-4E-6F-20-50-61-72-74-79-20-6D-61-79-20-72-65-6C-79-20-75-70-6F-6E-20-74-68-65-20-53-45-54-20-52-6F-6F-74-20-43-65-72-74-69-66-69-63-61-74-65-20-66-6F-72-20-61-6E-79-20-6F-74-68-65-72-20-70-75-72-70-6F-73-65-2E-20-20-41-20-53-45-54-20-42-72-61-6E-64-20-73-68-61-6C-6C-20-62-65-20-61-6E-79-20-70-61-79-6D-65-6E-74-20-62-72-61-6E-64-20-77-68-6F-73-65-20-53-45-54-20-63-65-72-74-69-66-69-63-61-74-65-20-69-73-20-73-69-67-6E-65-64-20-62-79-20-74-68-65-20-70-72-69-76-61-74-65-20-6B-65-79-20-63-6F-72-72-65-73-70-6F-6E-64-69-6E-67-20-74-6F-20-74-68-65-20-70-75-62-6C-69-63-20-6B-65-79-20-63-6F-6E-74-61-69-6E-65-64-20-69-6E-20-74-68-69-73-20-63-65-72-74-69-66-69-63-61-74-65-2E-20-20-41-6C-6C-20-6D-61-74-74-65-72-73-20-72-65-6C-61-74-69-6E-67-20-74-6F-20-75-73-61-67-65-2C-20-6C-69-61-62-69-6C-69-74-79-20-61-6E-64-20-70-72-6F-63-65-64-75-72-65-73-20-77-69-74-68-20-53-45-54-20-63-65-72-74-69-66-69-63-61-74-65-73-20-69-73-73-75-65-64-20-62-65-6E-65-61-74-68-20-61-20-53-45-54-20-42-72-61-6E-64-20-73-68-61-6C-6C-20-62-65-20-64-65-74-65-72-6D-69-6E-65-64-20-62-79-20-74-68-61-74-20-53-45-54-20-42-72-61-6E-64-2E", BitConverter.ToString (ext.RawData), "RawData-1"); Assert.IsTrue (ext.Critical, "Critical-1"); ext = x.Extensions[2]; Assert.AreEqual ("2.5.29.15", ext.Oid.Value, "Oid-2"); Assert.AreEqual ("03-02-01-06", BitConverter.ToString (ext.RawData), "RawData-2"); Assert.IsTrue (ext.Critical, "Critical-2"); X509KeyUsageExtension kue = (X509KeyUsageExtension) ext; Assert.AreEqual (X509KeyUsageFlags.CrlSign | X509KeyUsageFlags.KeyCertSign, kue.KeyUsages, "KeyUsages"); ext = x.Extensions[3]; Assert.AreEqual ("2.5.29.16", ext.Oid.Value, "Oid-3"); Assert.AreEqual ("30-22-80-0F-31-39-39-37-30-37-31-35-30-30-30-30-30-30-5A-81-0F-31-39-39-38-30-37-31-35-30-30-30-30-30-30-5A", BitConverter.ToString (ext.RawData), "RawData-3"); Assert.IsFalse (ext.Critical, "Critical-3"); ext = x.Extensions[4]; Assert.AreEqual ("2.23.42.7.1", ext.Oid.Value, "Oid-4"); Assert.AreEqual ("03-03-07-00-80", BitConverter.ToString (ext.RawData), "RawData-4"); Assert.IsTrue (ext.Critical, "Critical-4"); ext = x.Extensions[5]; Assert.AreEqual ("2.23.42.7.0", ext.Oid.Value, "Oid-5"); Assert.AreEqual ("30-2F-30-2D-02-01-00-30-09-06-05-2B-0E-03-02-1A-05-00-30-07-06-05-67-2A-03-00-00-04-14-C8-57-44-4F-D7-91-56-3E-C6-F3-E0-E6-08-2E-9A-AF-61-11-43-5D", BitConverter.ToString (ext.RawData), "RawData-5"); Assert.IsTrue (ext.Critical, "Critical-5"); }
public static string getSimpleNameOfSubject(X509Certificate2 cert) { return cert.GetNameInfo(X509NameType.SimpleName, false); }
private void Analizar(Byte[] ContenidoCertificado) { try { System.Security.Cryptography.X509Certificates.X509Certificate2 cer = new System.Security.Cryptography.X509Certificates.X509Certificate2(ContenidoCertificado); NumeroSerie = InvertirStr(System.Text.Encoding.ASCII.GetString(cer.GetSerialNumber())); FechaFinCertificado = System.Convert.ToDateTime(cer.GetExpirationDateString()); FechaInicioCertificado = System.Convert.ToDateTime(cer.GetEffectiveDateString()); EmisorCertificado = cer.GetNameInfo(X509NameType.SimpleName, true); if (CA != null) { foreach (System.Data.DataRow FilaCA in CA.Rows) { System.Security.Cryptography.X509Certificates.X509Certificate2 cerSAT = new System.Security.Cryptography.X509Certificates.X509Certificate2(System.Convert.FromBase64String(FilaCA["base64"].ToString())); if (System.Convert.ToBase64String(cer.IssuerName.RawData) == System.Convert.ToBase64String(cerSAT.SubjectName.RawData)) { EmitidoAutoridadCertificadora = true; } } } if (!String.IsNullOrEmpty(sArchivoKey) && !String.IsNullOrEmpty(sContraseña)) { byte[] CertModulus = new byte[0]; byte[] CertExponent = new byte[0]; if (GetCertPublicKey(cer, out CertModulus, out CertExponent)) { System.Security.Cryptography.RSACryptoServiceProvider RSA = null; byte[] keyblob = SSLKey.opensslkey.GetFileBytes(sArchivoKey); if (keyblob != null) { byte[] keyModulus = new byte[0]; byte[] keyExponent = new byte[0]; if (SSLKey.opensslkey.getModulusExponentPrivateKeyInfo(keyblob, ConvertToSecureString(sContraseña), out keyModulus, out keyExponent)) { if (CertExponent.Length == 3) { CertExponent = IngresarByte(CertExponent, 4); } if (keyExponent.Length == 3) { keyExponent = IngresarByte(keyExponent, 4); } if (CertModulus.Length < 128) { CertModulus = IngresarByte(CertModulus, 128); } if (keyModulus.Length < 128) { keyModulus = IngresarByte(keyModulus, 128); } if (CompareBytearrays(CertExponent, keyExponent) && CompareBytearrays(CertModulus, keyModulus)) { esKeyCertificado = true; } } } } } try { String DatCert = cer.Subject; int posrfc = DatCert.IndexOf("OID.2.5.4.45=") + ("OID.2.5.4.45=").Length; RFCCertificado = DatCert.Substring(posrfc, DatCert.IndexOf(" ", posrfc) - posrfc).Trim().Replace(",", ""); } catch (Exception ei) { } if (cer.Extensions["Uso de la clave"] != null) { if (cer.Extensions["Uso de la clave"].RawData[3] == 192) { esCSD = true; esFIEL = false; } if (cer.Extensions["Uso de la clave"].RawData[3] == 232 || cer.Extensions["Uso de la clave"].RawData[3] == 216) { esFIEL = true; esCSD = false; } } else if (cer.Extensions["Key Usage"] != null) { if (cer.Extensions["Key Usage"].RawData[3] == 192) { esCSD = true; esFIEL = false; } if (cer.Extensions["Key Usage"].RawData[3] == 232 || cer.Extensions["Key Usage"].RawData[3] == 216) { esFIEL = true; esCSD = false; } } } catch (Exception ex) { String Inner = ""; String Source = ""; String Target = ""; /* if (ex.InnerException != null) * Inner = " InnerException: " + ex.InnerException.Message; * if (ex.Source != null) * Source = " Source: " + ex.Source; * if (ex.TargetSite != null) * Target = " TargetSite: " + ex.TargetSite; * throw new Exception("error analizando el certificado error: " + ex.Message + Inner + Source + Target );*/ throw new Exception(ex.Message); } }
void ResolveIssuers(X509Certificate2 certificate, X509Certificate2Collection issuers, int chainLength) { // // only look at simpleNames because intermediates are always going to be org-level, not email, certs // string issuerName = certificate.GetNameInfo(X509NameType.SimpleName, true); // true == "for issuer" // // If the issuer name matches the Cert name, we have a self-signed cert // if (certificate.MatchName(issuerName)) { return; } // // If the issuer is already known, then we are good // if (issuers.FindByName(issuerName) != null) { return; } if (chainLength == m_maxIssuerChainLength) { // // Chain too long. Ignore... // return; } // // Retrieve the issuer's certificate // X509Certificate2Collection issuerCertificates = m_certResolver.SafeGetCertificates(certificate.ExtractEmailNameOrName(true)); if (CollectionExtensions.IsNullOrEmpty(issuerCertificates)) { return; } // // Recursively fetch the issuers who issued this set of certificates // foreach (X509Certificate2 issuerCertificate in issuerCertificates) { if (issuerCertificate.MatchName(issuerName) && !issuers.ContainsThumbprint(issuerCertificate.Thumbprint)) { // // New issuer // issuers.Add(issuerCertificate); // // And keep working up the chain // this.ResolveIssuers(issuerCertificate, issuers, chainLength + 1); } } }
public void Certificate_1_Properties () { DateTime expectedNotAfter = new DateTime (629937887260000000, DateTimeKind.Utc); DateTime expectedNotBefore = new DateTime (629622527270000000, DateTimeKind.Utc); X509Certificate2 x = new X509Certificate2 (cert_1); Assert.IsFalse (x.Archived, "Archived"); Assert.AreEqual (0, x.Extensions.Count, "Extensions"); Assert.AreEqual (0, x.FriendlyName.Length, "FriendlyName"); Assert.IsFalse (x.HasPrivateKey, "HasPrivateKey"); Assert.AreEqual ("OU=Secure Server Certification Authority, O=\"RSA Data Security, Inc.\", C=US", x.Issuer, "Issuer"); Assert.AreEqual ("OU=Secure Server Certification Authority, O=\"RSA Data Security, Inc.\", C=US", x.IssuerName.Name, "IssuerName"); Assert.AreEqual (expectedNotAfter.Ticks, x.NotAfter.ToUniversalTime ().Ticks, "NotAfter#1"); Assert.AreEqual (DateTimeKind.Local, x.NotAfter.Kind, "NotAfter#2"); Assert.AreEqual (expectedNotAfter.ToLocalTime (), x.NotAfter, "NotAfter#3"); Assert.AreEqual (expectedNotBefore.Ticks, x.NotBefore.ToUniversalTime ().Ticks, "NotBefore#1"); Assert.AreEqual (DateTimeKind.Local, x.NotBefore.Kind, "NotBefore#2"); Assert.AreEqual (expectedNotBefore.ToLocalTime (), x.NotBefore, "NotBefore#3"); Assert.IsNull (x.PrivateKey, "PrivateKey"); Assert.AreEqual ("<RSAKeyValue><Modulus>LVjpv/AxzXkGUFrVng4s5sL3+dLOVWSFsZCakrM2wbzqyCO3qzqnZGN3X4QijuW2Rd1GrgrdAMIfutmtwHVi+JWCooCxgmn64a9/vH3ifHbVvCqA+w==</Modulus><Exponent>AQAB</Exponent></RSAKeyValue>", x.PublicKey.Key.ToXmlString (false), "PublicKey"); Assert.AreEqual (cert_1, x.RawData, "RawData"); Assert.AreEqual ("02720006E8", x.SerialNumber, "SerialNumber"); Assert.AreEqual ("1.2.840.113549.1.1.2", x.SignatureAlgorithm.Value, "SignatureAlgorithm"); Assert.AreEqual ("OU=Server Certification Authority, O=CommerceNet, S=California, C=US", x.Subject, "Subject"); Assert.AreEqual ("OU=Server Certification Authority, O=CommerceNet, S=California, C=US", x.SubjectName.Name, "SubjectName"); Assert.AreEqual ("D62F48D013EE7FB58B79074512670D9C5B3A5DA9", x.Thumbprint, "Thumbprint"); Assert.AreEqual (1, x.Version, "Version"); Assert.AreEqual (String.Empty, x.GetNameInfo (X509NameType.DnsFromAlternativeName, true), "DnsFromAlternativeName,true"); Assert.AreEqual (String.Empty, x.GetNameInfo (X509NameType.DnsName, true), "DnsName,true"); Assert.AreEqual (String.Empty, x.GetNameInfo (X509NameType.EmailName, true), "EmailName,true"); Assert.AreEqual ("Secure Server Certification Authority", x.GetNameInfo (X509NameType.SimpleName, true), "SimpleName,true"); Assert.AreEqual (String.Empty, x.GetNameInfo (X509NameType.UpnName, true), "UpnName,true"); Assert.AreEqual (String.Empty, x.GetNameInfo (X509NameType.UrlName, true), "UrlName,true"); Assert.AreEqual (String.Empty, x.GetNameInfo (X509NameType.DnsFromAlternativeName, false), "DnsFromAlternativeName,false"); Assert.AreEqual (String.Empty, x.GetNameInfo (X509NameType.DnsName, false), "DnsName,false"); Assert.AreEqual (String.Empty, x.GetNameInfo (X509NameType.EmailName, false), "EmailName,false"); Assert.AreEqual ("Server Certification Authority", x.GetNameInfo (X509NameType.SimpleName, false), "SimpleName,false"); Assert.AreEqual (String.Empty, x.GetNameInfo (X509NameType.UpnName, false), "UpnName,false"); Assert.AreEqual (String.Empty, x.GetNameInfo (X509NameType.UrlName, false), "UrlName,false"); }
private void CheckBase64 (X509Certificate2 x) { // note: the raw data is still the DER encoded ASN.1 (not the base64 string) byte[] raw = { 0x30, 0x82, 0x01, 0xC5, 0x30, 0x82, 0x01, 0x32, 0xA0, 0x03, 0x02, 0x01, 0x02, 0x02, 0x10, 0xC7, 0x75, 0xAE, 0x48, 0x53, 0x9B, 0x1E, 0x9E, 0x44, 0x80, 0x15, 0xCA, 0x78, 0x15, 0x47, 0x69, 0x30, 0x09, 0x06, 0x05, 0x2B, 0x0E, 0x03, 0x02, 0x1D, 0x05, 0x00, 0x30, 0x25, 0x31, 0x23, 0x30, 0x21, 0x06, 0x03, 0x55, 0x04, 0x03, 0x1E, 0x1A, 0x00, 0x43, 0x00, 0x41, 0x00, 0x53, 0x00, 0x54, 0x00, 0x4F, 0x00, 0x52, 0x00, 0x5C, 0x00, 0x70, 0x00, 0x6F, 0x00, 0x75, 0x00, 0x70, 0x00, 0x6F, 0x00, 0x75, 0x30, 0x1E, 0x17, 0x0D, 0x30, 0x35, 0x30, 0x36, 0x30, 0x38, 0x31, 0x33, 0x33, 0x38, 0x34, 0x37, 0x5A, 0x17, 0x0D, 0x30, 0x36, 0x30, 0x36, 0x30, 0x38, 0x31, 0x39, 0x33, 0x38, 0x34, 0x37, 0x5A, 0x30, 0x25, 0x31, 0x23, 0x30, 0x21, 0x06, 0x03, 0x55, 0x04, 0x03, 0x1E, 0x1A, 0x00, 0x43, 0x00, 0x41, 0x00, 0x53, 0x00, 0x54, 0x00, 0x4F, 0x00, 0x52, 0x00, 0x5C, 0x00, 0x70, 0x00, 0x6F, 0x00, 0x75, 0x00, 0x70, 0x00, 0x6F, 0x00, 0x75, 0x30, 0x81, 0x9F, 0x30, 0x0D, 0x06, 0x09, 0x2A, 0x86, 0x48, 0x86, 0xF7, 0x0D, 0x01, 0x01, 0x01, 0x05, 0x00, 0x03, 0x81, 0x8D, 0x00, 0x30, 0x81, 0x89, 0x02, 0x81, 0x81, 0x00, 0xDA, 0xEA, 0x39, 0x38, 0xF6, 0x3A, 0xF4, 0x8B, 0xF9, 0xE2, 0xC7, 0xD5, 0x2C, 0xF9, 0x1A, 0xD5, 0x75, 0xCF, 0x17, 0xAC, 0xB3, 0x46, 0xBD, 0x7F, 0x3F, 0x97, 0x38, 0x2E, 0x10, 0x41, 0xB2, 0xC4, 0xD9, 0x14, 0x15, 0xD8, 0xE6, 0xF9, 0x11, 0x38, 0x80, 0x75, 0xE3, 0xD7, 0x1F, 0xC0, 0x86, 0xA7, 0x3E, 0x02, 0x11, 0x04, 0xE9, 0x57, 0xB5, 0xD8, 0x57, 0x65, 0x27, 0x7B, 0x8F, 0xBA, 0xB9, 0xEF, 0xA0, 0x8F, 0x15, 0x9C, 0xEC, 0x2F, 0x85, 0x63, 0x4E, 0x52, 0x6B, 0xA6, 0xE3, 0x33, 0xCA, 0x86, 0x22, 0xBA, 0xF9, 0x06, 0xE8, 0xEC, 0xCB, 0xA7, 0xA5, 0xA8, 0xE2, 0x3E, 0xC7, 0x21, 0x74, 0x4E, 0xC9, 0xE9, 0x05, 0x5F, 0xAE, 0x78, 0x12, 0x51, 0x2F, 0xFA, 0x6A, 0x8F, 0x7C, 0xB0, 0x64, 0x2A, 0xFB, 0xB7, 0xB2, 0x40, 0x91, 0x20, 0xE7, 0x32, 0x53, 0x3F, 0x58, 0xCA, 0x80, 0xA2, 0x41, 0xC5, 0x02, 0x03, 0x01, 0x00, 0x01, 0x30, 0x09, 0x06, 0x05, 0x2B, 0x0E, 0x03, 0x02, 0x1D, 0x05, 0x00, 0x03, 0x81, 0x81, 0x00, 0x9D, 0x57, 0xB0, 0x25, 0x97, 0x81, 0x22, 0x3C, 0xC4, 0x61, 0x9D, 0xC9, 0xDB, 0xD8, 0xC7, 0xC1, 0xED, 0xFB, 0x1C, 0xDD, 0x35, 0x98, 0xD7, 0x40, 0x58, 0xA4, 0x43, 0x86, 0x54, 0xF9, 0x68, 0x96, 0x85, 0xB5, 0x91, 0xBC, 0xB7, 0x82, 0xB2, 0x7E, 0x7B, 0x58, 0xBD, 0x80, 0xCE, 0x34, 0x7E, 0x22, 0x87, 0x62, 0x31, 0xB5, 0x03, 0x16, 0xA0, 0x20, 0x17, 0x9D, 0xE7, 0x5D, 0xAA, 0x12, 0xF5, 0x92, 0xDF, 0x94, 0xE6, 0x69, 0xCD, 0xF6, 0xFC, 0x82, 0x9B, 0xDC, 0xD3, 0x30, 0x40, 0xB1, 0x71, 0x4F, 0x4A, 0x64, 0xCB, 0xDC, 0x14, 0xC8, 0xC1, 0x7F, 0x6F, 0x23, 0xCE, 0xDD, 0x19, 0x22, 0x4F, 0x24, 0x1E, 0x27, 0x18, 0x66, 0x88, 0x7A, 0x9A, 0x9A, 0x09, 0x37, 0x6D, 0x65, 0x15, 0xE8, 0x28, 0x5E, 0x82, 0xEB, 0x5B, 0x82, 0xE8, 0x8A, 0xAC, 0x8F, 0xC3, 0x6C, 0xEE, 0xF0, 0x3E, 0x20, 0xCB, 0xC7 }; DateTime expectedNotAfter = new DateTime (632853923270000000, DateTimeKind.Utc); DateTime expectedNotBefore = new DateTime (632538347270000000, DateTimeKind.Utc); Assert.IsFalse (x.Archived, "Archived"); Assert.AreEqual (0, x.Extensions.Count, "Extensions"); Assert.AreEqual (0, x.FriendlyName.Length, "FriendlyName"); Assert.IsFalse (x.HasPrivateKey, "HasPrivateKey"); Assert.AreEqual ("CN=CASTOR\\poupou", x.Issuer, "Issuer"); Assert.AreEqual ("CN=CASTOR\\poupou", x.IssuerName.Name, "IssuerName"); Assert.AreEqual (expectedNotAfter.Ticks, x.NotAfter.ToUniversalTime ().Ticks, "NotAfter#1"); Assert.AreEqual (DateTimeKind.Local, x.NotAfter.Kind, "NotAfter#2"); Assert.AreEqual (expectedNotAfter.ToLocalTime (), x.NotAfter, "NotAfter#3"); Assert.AreEqual (expectedNotBefore.Ticks, x.NotBefore.ToUniversalTime ().Ticks, "NotBefore#1"); Assert.AreEqual (DateTimeKind.Local, x.NotBefore.Kind, "NotBefore#2"); Assert.AreEqual (expectedNotBefore.ToLocalTime (), x.NotBefore, "NotBefore#3"); Assert.IsNull (x.PrivateKey, "PrivateKey"); Assert.AreEqual ("<RSAKeyValue><Modulus>2uo5OPY69Iv54sfVLPka1XXPF6yzRr1/P5c4LhBBssTZFBXY5vkROIB149cfwIanPgIRBOlXtdhXZSd7j7q576CPFZzsL4VjTlJrpuMzyoYiuvkG6OzLp6Wo4j7HIXROyekFX654ElEv+mqPfLBkKvu3skCRIOcyUz9YyoCiQcU=</Modulus><Exponent>AQAB</Exponent></RSAKeyValue>", x.PublicKey.Key.ToXmlString (false), "PublicKey"); Assert.AreEqual (raw, x.RawData, "RawData"); Assert.AreEqual ("C775AE48539B1E9E448015CA78154769", x.SerialNumber, "SerialNumber"); Assert.AreEqual ("1.3.14.3.2.29", x.SignatureAlgorithm.Value, "SignatureAlgorithm"); Assert.AreEqual ("CN=CASTOR\\poupou", x.Subject, "Subject"); Assert.AreEqual ("CN=CASTOR\\poupou", x.SubjectName.Name, "SubjectName"); Assert.AreEqual ("1D53CC89D09F114A487F7F529ECBD186A3D58529", x.Thumbprint, "Thumbprint"); Assert.AreEqual (3, x.Version, "Version"); Assert.AreEqual (String.Empty, x.GetNameInfo (X509NameType.DnsFromAlternativeName, true), "DnsFromAlternativeName,true"); Assert.AreEqual ("CASTOR\\poupou", x.GetNameInfo (X509NameType.DnsName, true), "DnsName,true"); Assert.AreEqual (String.Empty, x.GetNameInfo (X509NameType.EmailName, true), "EmailName,true"); Assert.AreEqual ("CASTOR\\poupou", x.GetNameInfo (X509NameType.SimpleName, true), "SimpleName,true"); Assert.AreEqual (String.Empty, x.GetNameInfo (X509NameType.UpnName, true), "UpnName,true"); Assert.AreEqual (String.Empty, x.GetNameInfo (X509NameType.UrlName, true), "UrlName,true"); Assert.AreEqual (String.Empty, x.GetNameInfo (X509NameType.DnsFromAlternativeName, false), "DnsFromAlternativeName,false"); Assert.AreEqual ("CASTOR\\poupou", x.GetNameInfo (X509NameType.DnsName, false), "DnsName,false"); Assert.AreEqual (String.Empty, x.GetNameInfo (X509NameType.EmailName, false), "EmailName,false"); Assert.AreEqual ("CASTOR\\poupou", x.GetNameInfo (X509NameType.SimpleName, false), "SimpleName,false"); Assert.AreEqual (String.Empty, x.GetNameInfo (X509NameType.UpnName, false), "UpnName,false"); Assert.AreEqual (String.Empty, x.GetNameInfo (X509NameType.UrlName, false), "UrlName,false"); }
public X509Certificate2Collection Find(X509FindType findType, object findValue, bool validOnly) { if (findValue == null) { throw new ArgumentNullException("findValue"); } string text = string.Empty; string text2 = string.Empty; X509KeyUsageFlags x509KeyUsageFlags = X509KeyUsageFlags.None; DateTime t = DateTime.MinValue; switch (findType) { case X509FindType.FindByThumbprint: case X509FindType.FindBySubjectName: case X509FindType.FindBySubjectDistinguishedName: case X509FindType.FindByIssuerName: case X509FindType.FindByIssuerDistinguishedName: case X509FindType.FindBySerialNumber: case X509FindType.FindByTemplateName: case X509FindType.FindBySubjectKeyIdentifier: try { text = (string)findValue; } catch (Exception inner) { string text3 = Locale.GetText("Invalid find value type '{0}', expected '{1}'.", new object[] { findValue.GetType(), "string" }); throw new CryptographicException(text3, inner); } break; case X509FindType.FindByTimeValid: case X509FindType.FindByTimeNotYetValid: case X509FindType.FindByTimeExpired: try { t = (DateTime)findValue; } catch (Exception inner2) { string text4 = Locale.GetText("Invalid find value type '{0}', expected '{1}'.", new object[] { findValue.GetType(), "X509DateTime" }); throw new CryptographicException(text4, inner2); } break; case X509FindType.FindByApplicationPolicy: case X509FindType.FindByCertificatePolicy: case X509FindType.FindByExtension: try { text2 = (string)findValue; } catch (Exception inner3) { string text5 = Locale.GetText("Invalid find value type '{0}', expected '{1}'.", new object[] { findValue.GetType(), "X509KeyUsageFlags" }); throw new CryptographicException(text5, inner3); } try { CryptoConfig.EncodeOID(text2); } catch (CryptographicUnexpectedOperationException) { string text6 = Locale.GetText("Invalid OID value '{0}'.", new object[] { text2 }); throw new ArgumentException("findValue", text6); } break; case X509FindType.FindByKeyUsage: try { x509KeyUsageFlags = (X509KeyUsageFlags)((int)findValue); } catch (Exception inner4) { string text7 = Locale.GetText("Invalid find value type '{0}', expected '{1}'.", new object[] { findValue.GetType(), "X509KeyUsageFlags" }); throw new CryptographicException(text7, inner4); } break; default: { string text8 = Locale.GetText("Invalid find type '{0}'.", new object[] { findType }); throw new CryptographicException(text8); } } CultureInfo invariantCulture = CultureInfo.InvariantCulture; X509Certificate2Collection x509Certificate2Collection = new X509Certificate2Collection(); foreach (object obj in base.InnerList) { X509Certificate2 x509Certificate = (X509Certificate2)obj; bool flag = false; switch (findType) { case X509FindType.FindByThumbprint: flag = (string.Compare(text, x509Certificate.Thumbprint, true, invariantCulture) == 0 || string.Compare(text, x509Certificate.GetCertHashString(), true, invariantCulture) == 0); break; case X509FindType.FindBySubjectName: { string nameInfo = x509Certificate.GetNameInfo(X509NameType.SimpleName, false); flag = (nameInfo.IndexOf(text, StringComparison.InvariantCultureIgnoreCase) >= 0); break; } case X509FindType.FindBySubjectDistinguishedName: flag = (string.Compare(text, x509Certificate.Subject, true, invariantCulture) == 0); break; case X509FindType.FindByIssuerName: { string nameInfo2 = x509Certificate.GetNameInfo(X509NameType.SimpleName, true); flag = (nameInfo2.IndexOf(text, StringComparison.InvariantCultureIgnoreCase) >= 0); break; } case X509FindType.FindByIssuerDistinguishedName: flag = (string.Compare(text, x509Certificate.Issuer, true, invariantCulture) == 0); break; case X509FindType.FindBySerialNumber: flag = (string.Compare(text, x509Certificate.SerialNumber, true, invariantCulture) == 0); break; case X509FindType.FindByTimeValid: flag = (t >= x509Certificate.NotBefore && t <= x509Certificate.NotAfter); break; case X509FindType.FindByTimeNotYetValid: flag = (t < x509Certificate.NotBefore); break; case X509FindType.FindByTimeExpired: flag = (t > x509Certificate.NotAfter); break; case X509FindType.FindByApplicationPolicy: flag = (x509Certificate.Extensions.Count == 0); break; case X509FindType.FindByExtension: flag = (x509Certificate.Extensions[text2] != null); break; case X509FindType.FindByKeyUsage: { X509KeyUsageExtension x509KeyUsageExtension = x509Certificate.Extensions["2.5.29.15"] as X509KeyUsageExtension; flag = (x509KeyUsageExtension == null || (x509KeyUsageExtension.KeyUsages & x509KeyUsageFlags) == x509KeyUsageFlags); break; } case X509FindType.FindBySubjectKeyIdentifier: { X509SubjectKeyIdentifierExtension x509SubjectKeyIdentifierExtension = x509Certificate.Extensions["2.5.29.14"] as X509SubjectKeyIdentifierExtension; if (x509SubjectKeyIdentifierExtension != null) { flag = (string.Compare(text, x509SubjectKeyIdentifierExtension.SubjectKeyIdentifier, true, invariantCulture) == 0); } break; } } if (flag) { if (validOnly) { try { if (x509Certificate.Verify()) { x509Certificate2Collection.Add(x509Certificate); } } catch { } } else { x509Certificate2Collection.Add(x509Certificate); } } } return(x509Certificate2Collection); }
/* SslPolicyErrors: RemoteCertificateNotAvailable = 1, // 証明書が利用できません. RemoteCertificateNameMismatch = 2, // 証明書名が不一致です. RemoteCertificateChainErrors = 4, // ChainStatus が空でない配列を返しました. */ // // // public bool ValidateServerCertificate(object obj, X509Certificate certificate, X509Chain chain, SslPolicyErrors sslPolicyErrors) { m_log.InfoFormat("[NSL CERT VERIFY]: ValidateServerCertificate: Policy is ({0})", sslPolicyErrors); if (obj is HttpWebRequest) { // HttpWebRequest Request = (HttpWebRequest)obj; string noVerify = Request.Headers.Get("NoVerifyCert"); if (noVerify!=null && noVerify.ToLower()=="true") { return true; } } X509Certificate2 certificate2 = new X509Certificate2(certificate); string simplename = certificate2.GetNameInfo(X509NameType.SimpleName, false); // None, ChainErrors 以外は全てエラーとする. if (sslPolicyErrors!=SslPolicyErrors.None && sslPolicyErrors!=SslPolicyErrors.RemoteCertificateChainErrors) { m_log.InfoFormat("[NSL CERT VERIFY]: ValidateServerCertificate: Simple Name is \"{0}\"", simplename); m_log.InfoFormat("[NSL CERT VERIFY]: ValidateServerCertificate: Policy Error!", sslPolicyErrors); return false; } bool valid = CheckPrivateChain(certificate2); if (valid) { m_log.InfoFormat("[NSL CERT VERIFY]: Valid Server Certification for \"{0}\"", simplename); } else { m_log.InfoFormat("[NSL CERT VERIFY]: Failed to Verify Server Certification for \"{0}\"", simplename); } return valid; }
public void Certificate_13_Properties () { DateTime expectedNotAfter = new DateTime (634388218400000000, DateTimeKind.Utc); DateTime expectedNotBefore = new DateTime (631232890400000000, DateTimeKind.Utc); // DSA without parameters X509Certificate2 x = new X509Certificate2 (cert_13); Assert.IsFalse (x.Archived, "Archived"); Assert.AreEqual (5, x.Extensions.Count, "Extensions"); Assert.AreEqual (0, x.FriendlyName.Length, "FriendlyName"); Assert.IsFalse (x.HasPrivateKey, "HasPrivateKey"); Assert.AreEqual ("CN=DSA CA, O=Test Certificates, C=US", x.Issuer, "Issuer"); Assert.AreEqual ("CN=DSA CA, O=Test Certificates, C=US", x.IssuerName.Name, "IssuerName"); Assert.AreEqual (expectedNotAfter.Ticks, x.NotAfter.ToUniversalTime ().Ticks, "NotAfter#1"); Assert.AreEqual (DateTimeKind.Local, x.NotAfter.Kind, "NotAfter#2"); Assert.AreEqual (expectedNotAfter.ToLocalTime (), x.NotAfter, "NotAfter#3"); Assert.AreEqual (expectedNotBefore.Ticks, x.NotBefore.ToUniversalTime ().Ticks, "NotBefore#1"); Assert.AreEqual (DateTimeKind.Local, x.NotBefore.Kind, "NotBefore#2"); Assert.AreEqual (expectedNotBefore.ToLocalTime (), x.NotBefore, "NotBefore#3"); Assert.IsNull (x.PrivateKey, "PrivateKey"); // note: this test will work if PKITS data is installed // Assert.AreEqual ("<DSAKeyValue><P>3+URPtrptm4Q1uqd4p06sEe9RADHVsjMbtAzhFZHNT32VMjjwq27unXzLzMMpvkx7Gfj5Zlt/CluqleIcjTijgCQ4KOsZI7A9jwdj7TISkgwXn+qnHYmC9sTczODl8DFs+Y39T7/FQ3UoS66Mfirh9gLzHeYQm6sk5jCvS57NAs=</P><Q>zwYE2P+L6wDp9lwHlnP9lmU6Lwc=</Q><G>zOF8sM6SX2PsOLtEut2SNLZevmV72HF3BJ3sZnw7BM6281L+D5JVAu9OEqtdmi4vblbzcOxq7ZsiuKgTywycFurBCo4hJkSlDPmg7GLgcDHMaPULhaRKG2559MH5Nlo4b07vhFPfZ/3M91lij5yczRCPXKQPnLcH7GDzvq9+OZg=</G><Y>Z4xH2gw2gWQ5+Bo3C/C71BP9Zz1AyJyS4TqJVLDyl6Vw0GQXpKd8qeknCWXfoKUc/ATaPt1ia/AM7YFXT10pyAhZGQxfjYjw/4y26HUBvhAKZN9Xe4tsVvBTzkOIuQmZCDyQrwHo2TJd7VYCz2DSATrjCiuekUH2x3zebJljAA4=</Y></DSAKeyValue>", x.PublicKey.Key.ToXmlString (false), "PublicKey"); Assert.AreEqual (cert_13, x.RawData, "RawData"); Assert.AreEqual ("02", x.SerialNumber, "SerialNumber"); Assert.AreEqual ("1.2.840.10040.4.3", x.SignatureAlgorithm.Value, "SignatureAlgorithm"); Assert.AreEqual ("CN=DSA Parameters Inherited CA, O=Test Certificates, C=US", x.Subject, "Subject"); Assert.AreEqual ("CN=DSA Parameters Inherited CA, O=Test Certificates, C=US", x.SubjectName.Name, "SubjectName"); Assert.AreEqual ("0E29CDDCA5E732A20DCED87B3D002446853EBBD1", x.Thumbprint, "Thumbprint"); Assert.AreEqual (3, x.Version, "Version"); Assert.AreEqual (String.Empty, x.GetNameInfo (X509NameType.DnsFromAlternativeName, true), "DnsFromAlternativeName,true"); Assert.AreEqual ("DSA CA", x.GetNameInfo (X509NameType.DnsName, true), "DnsName,true"); Assert.AreEqual (String.Empty, x.GetNameInfo (X509NameType.EmailName, true), "EmailName,true"); Assert.AreEqual ("DSA CA", x.GetNameInfo (X509NameType.SimpleName, true), "SimpleName,true"); Assert.AreEqual (String.Empty, x.GetNameInfo (X509NameType.UpnName, true), "UpnName,true"); Assert.AreEqual (String.Empty, x.GetNameInfo (X509NameType.UrlName, true), "UrlName,true"); Assert.AreEqual (String.Empty, x.GetNameInfo (X509NameType.DnsFromAlternativeName, false), "DnsFromAlternativeName,false"); Assert.AreEqual ("DSA Parameters Inherited CA", x.GetNameInfo (X509NameType.DnsName, false), "DnsName,false"); Assert.AreEqual (String.Empty, x.GetNameInfo (X509NameType.EmailName, false), "EmailName,false"); Assert.AreEqual ("DSA Parameters Inherited CA", x.GetNameInfo (X509NameType.SimpleName, false), "SimpleName,false"); Assert.AreEqual (String.Empty, x.GetNameInfo (X509NameType.UpnName, false), "UpnName,false"); Assert.AreEqual (String.Empty, x.GetNameInfo (X509NameType.UrlName, false), "UrlName,false"); // extensions X509Extension ext = x.Extensions[0]; Assert.AreEqual ("2.5.29.14", ext.Oid.Value, "Oid-0"); Assert.AreEqual ("04-14-5D-24-EE-8A-55-1A-F2-C6-C9-B2-C2-BF-8A-F0-B2-49-4F-3A-B3-1B", BitConverter.ToString (ext.RawData), "RawData-0"); Assert.IsFalse (ext.Critical, "Critical-0"); X509SubjectKeyIdentifierExtension ski = (X509SubjectKeyIdentifierExtension) ext; Assert.AreEqual ("5D24EE8A551AF2C6C9B2C2BF8AF0B2494F3AB31B", ski.SubjectKeyIdentifier, "SubjectKeyIdentifier"); ext = x.Extensions[1]; Assert.AreEqual ("2.5.29.35", ext.Oid.Value, "Oid-1"); Assert.AreEqual ("30-16-80-14-74-15-D5-24-1C-BD-5E-65-88-1F-E1-8B-09-7E-7F-EA-19-48-4E-61", BitConverter.ToString (ext.RawData), "RawData-1"); Assert.IsFalse (ext.Critical, "Critical-1"); ext = x.Extensions[2]; Assert.AreEqual ("2.5.29.32", ext.Oid.Value, "Oid-2"); Assert.AreEqual ("30-0E-30-0C-06-0A-60-86-48-01-65-03-02-01-30-01", BitConverter.ToString (ext.RawData), "RawData-2"); Assert.IsFalse (ext.Critical, "Critical-2"); ext = x.Extensions[3]; Assert.AreEqual ("2.5.29.15", ext.Oid.Value, "Oid-3"); Assert.AreEqual ("03-02-01-06", BitConverter.ToString (ext.RawData), "RawData-3"); Assert.IsTrue (ext.Critical, "Critical-3"); X509KeyUsageExtension kue = (X509KeyUsageExtension) ext; Assert.AreEqual (X509KeyUsageFlags.CrlSign | X509KeyUsageFlags.KeyCertSign, kue.KeyUsages, "KeyUsages"); ext = x.Extensions[4]; Assert.AreEqual ("2.5.29.19", ext.Oid.Value, "Oid-4"); Assert.AreEqual ("30-03-01-01-FF", BitConverter.ToString (ext.RawData), "RawData-4"); Assert.IsTrue (ext.Critical, "Critical-4"); X509BasicConstraintsExtension bce = (X509BasicConstraintsExtension) ext; Assert.IsTrue (bce.CertificateAuthority, "CertificateAuthority"); Assert.IsFalse (bce.HasPathLengthConstraint, "HasPathLengthConstraint"); Assert.AreEqual (0, bce.PathLengthConstraint, "PathLengthConstraint"); }
void Process(string ou, DirectoryEntry de) { string name = de.Name.StripCNFromName(); try { if (de.SchemaClassName.Equals("user") || de.SchemaClassName.Equals("computer")) { #region Get the data out of the Directory Entry ADInfo info = new ADInfo(); info.name = name; info.sAMAccountName = ad.GetStringProperty(de, "sAMAccountName"); info.mail = ad.GetStringProperty(de, "mail"); info.displayName = ad.GetStringProperty(de, "displayName"); info.mailNickname = ad.GetStringProperty(de, "mailNickName"); info.company = ad.GetStringProperty(de, "company"); info.c = ad.GetStringProperty(de, "c"); info.department = ad.GetStringProperty(de, "department"); info.facsimileTelephoneNumber = ad.GetStringProperty(de, "facsimileTelephoneNumber"); info.givenName = ad.GetStringProperty(de, "givenName"); info.initials = ad.GetStringProperty(de, "initials"); info.sn = ad.GetStringProperty(de, "sn"); info.adminDescription = ad.GetStringProperty(de, "adminDescription"); info.physicalDeliveryOfficeName = ad.GetStringProperty(de, "physicalDeliveryOfficeName"); info.telephoneNumber = ad.GetStringProperty(de, "telephoneNumber"); info.title = ad.GetStringProperty(de, "title"); info.homeMTA = ad.GetStringProperty(de, "homeMTA"); info.homeMDB = ad.GetStringProperty(de, "homeMDB"); info.whenCreated = ad.GetStringProperty(de, "whenCreated"); info.whenChanged = ad.GetStringProperty(de, "whenChanged"); info.msExchHideFromAddressLists = ad.GetStringProperty(de, "msExchHideFromAddressLists"); info.publicDelegatesBL = null; #region publicDelegatesBL if ((de.Properties["publicDelegatesBL"] as PropertyValueCollection).Count > 0) { StringBuilder pd = new StringBuilder(); PropertyValueCollection pvc = (de.Properties["publicDelegatesBL"] as PropertyValueCollection); for (int i = 0; i < pvc.Count; i++) { string delim = String.Empty; if (i < (pvc.Count - 1)) delim = ";"; pd.Append(String.Format("{0}{1}", pvc[i].ToString(), delim)); } if (pd.Length > 0) info.publicDelegatesBL = pd.ToString(); } #endregion #region userSMIMECertificate and userCertificate if (de.SchemaClassName.Equals("user")) { if (de.Properties.Contains("userSMIMECertificate")) { info.userSMIMECertificate = "True"; X509Certificate2 x509 = new X509Certificate2(de.Properties["userSMIMECertificate"].Value as byte[]); info.certificateValidFromDate = x509.NotBefore.ToString(); info.certificateExpirationDate = x509.NotAfter.ToString(); info.certificateEmailAddress = x509.GetNameInfo(X509NameType.EmailName, false); x509 = null; } else { info.userSMIMECertificate = "False"; if (de.Properties.Contains("userCertificate")) { info.userCertificate = "True"; try { X509Certificate2 x509 = new X509Certificate2(de.Properties["userCertificate"].Value as byte[]); info.certificateValidFromDate = x509.NotBefore.ToString(); info.certificateExpirationDate = x509.NotAfter.ToString(); info.certificateEmailAddress = x509.GetNameInfo(X509NameType.EmailName, false); x509 = null; } catch { } } else info.userCertificate = "False"; } } #endregion info.altRecipient = ad.GetStringProperty(de, "altRecipient"); info.legacyExchangeDN = ad.GetStringProperty(de, "legacyExchangeDN"); info.MSExchangeMailboxGUID = ad.GetStringProperty(de, "MSExchangeMailboxGUID"); info.userPrincipalName = ad.GetStringProperty(de, "userPrincipalName"); info.distinguishedName = ad.GetStringProperty(de, "distinguishedName"); info.homeDirectory = ad.GetStringProperty(de, "homeDirectory"); info.scriptPath = ad.GetStringProperty(de, "scriptPath"); info.objectCategory = ad.GetStringProperty(de, "objectCategory"); info.msExchHomeServerName = ad.GetStringProperty(de, "msExchHomeServerName"); info.mDBStorageQuota = ad.GetStringProperty(de, "mDBStorageQuota"); info.mDBOverQuotaLimit = ad.GetStringProperty(de, "mDBOverQuotaLimit"); info.mDBOverHardQuotaLimit = ad.GetStringProperty(de, "mDBOverHardQuotaLimit"); info.objectClass = de.SchemaClassName; info.extensionAttribute1 = ad.GetStringProperty(de, "extensionAttribute1"); info.extensionAttribute2 = ad.GetStringProperty(de, "extensionAttribute2"); info.extensionAttribute3 = ad.GetStringProperty(de, "extensionAttribute3"); info.extensionAttribute4 = ad.GetStringProperty(de, "extensionAttribute4"); info.extensionAttribute5 = ad.GetStringProperty(de, "extensionAttribute5"); info.extensionAttribute6 = ad.GetStringProperty(de, "extensionAttribute6"); info.extensionAttribute7 = ad.GetStringProperty(de, "extensionAttribute7"); info.extensionAttribute8 = ad.GetStringProperty(de, "extensionAttribute8"); info.extensionAttribute9 = ad.GetStringProperty(de, "extensionAttribute9"); info.extensionAttribute10 = ad.GetStringProperty(de, "extensionAttribute10"); info.extensionAttribute11 = ad.GetStringProperty(de, "extensionAttribute11"); info.extensionAttribute12 = ad.GetStringProperty(de, "extensionAttribute12"); info.extensionAttribute13 = ad.GetStringProperty(de, "extensionAttribute13"); info.extensionAttribute14 = ad.GetStringProperty(de, "extensionAttribute14"); info.extensionAttribute15 = ad.GetStringProperty(de, "extensionAttribute15"); info.lastLogonTimeStamp = ad.GetLastLogonTimeStamp(de); #region proxyAddresses info.proxyAddresses = null; if (de.SchemaClassName.Equals("user")) { StringBuilder pb = new StringBuilder(); List<string> proxies = ad.GetProxyAddresses(de); for (int i = 0; i < proxies.Count; i++) { string delim = String.Empty; if (i < (proxies.Count - 1)) delim = ";"; pb.Append(String.Format("{0}{1}", proxies[i].Trim(), delim)); } if (pb.Length > 0) info.proxyAddresses = pb.ToString(); } #endregion #region showInAddressBook info.showInAddressBook = null; if (de.SchemaClassName.Equals("user")) { StringBuilder ab = new StringBuilder(); List<string> addr = ad.GetShowInAddressBook(de); for (int i = 0; i < addr.Count; i++) { string delim = String.Empty; if (i < (addr.Count - 1)) delim = ";"; ab.Append(String.Format("{0}{1}", addr[i].Trim(), delim)); } if (ab.Length > 0) info.showInAddressBook = ab.ToString(); } #endregion #region memberOf StringBuilder mb = new StringBuilder(); List<string> members = ad.GetMemberOf(de); for (int i = 0; i < members.Count; i++) { string delim = String.Empty; if (i < (members.Count - 1)) delim = ";"; mb.Append(String.Format("{0}{1}", members[i].Trim(), delim)); if (mb.Length > 0) info.memberOf = mb.ToString(); } #endregion info.disabled = ad.IsDisabled(de).ToString(); info.canonicalName = null; info.objectSID = new SecurityIdentifier(de.Properties["ObjectSid"].Value as byte[], 0).ToString(); info.description = ad.GetStringProperty(de, "description"); info.mDBUseDefaults = ad.GetStringProperty(de, "mDBUseDefaults"); if (de.Properties.Contains("userAccountControl")) info.userAccountControl = de.Properties["userAccountControl"].Value.ToString(); if (de.Properties.Contains("msExchMailboxGuid")) info.msExchMailboxGuid = new Guid(de.Properties["msExchMailboxGuid"].Value as byte[]).ToString(); info.personalTitle = ad.GetStringProperty(de, "personalTitle"); info.employeeType = ad.GetStringProperty(de, "employeeType"); info.l = ad.GetStringProperty(de, "l"); info.streetAddress = ad.GetStringProperty(de, "streetAddress"); info.postalCode = ad.GetStringProperty(de, "postalCode"); info.st = ad.GetStringProperty(de, "st"); info.primarySMTP = ad.GetPrimarySMTP(de); infoList.Add(info); #endregion Console.Write("+"); } else Console.Write("-"); } catch { } // If there is a problem with an account, just move on silently. }
public void Certificate_11_Properties () { DateTime expectedNotAfter = new DateTime (630822815400000000, DateTimeKind.Utc); DateTime expectedNotBefore = new DateTime (629606997000000000, DateTimeKind.Utc); X509Certificate2 x = new X509Certificate2 (cert_11); Assert.IsFalse (x.Archived, "Archived"); Assert.AreEqual (0, x.Extensions.Count, "Extensions"); Assert.AreEqual (0, x.FriendlyName.Length, "FriendlyName"); Assert.IsFalse (x.HasPrivateKey, "HasPrivateKey"); Assert.AreEqual ("CN=GTE CyberTrust Root, O=GTE Corporation, C=US", x.Issuer, "Issuer"); Assert.AreEqual ("CN=GTE CyberTrust Root, O=GTE Corporation, C=US", x.IssuerName.Name, "IssuerName"); Assert.AreEqual (expectedNotAfter.Ticks, x.NotAfter.ToUniversalTime ().Ticks, "NotAfter#1"); Assert.AreEqual (DateTimeKind.Local, x.NotAfter.Kind, "NotAfter#2"); Assert.AreEqual (expectedNotAfter.ToLocalTime (), x.NotAfter, "NotAfter#3"); Assert.AreEqual (expectedNotBefore.Ticks, x.NotBefore.ToUniversalTime ().Ticks, "NotBefore#1"); Assert.AreEqual (DateTimeKind.Local, x.NotBefore.Kind, "NotBefore#2"); Assert.AreEqual (expectedNotBefore.ToLocalTime (), x.NotBefore, "NotBefore#3"); Assert.IsNull (x.PrivateKey, "PrivateKey"); Assert.AreEqual ("<RSAKeyValue><Modulus>uOZPutuYfHF8r0S30w9G2WTlk8FCjse6SY01LXrni73lBTFZxrEvCgz7n6c/oglmhFYeNykbh+l+DMqan6V/9RWUo9WiRoLYaEzRNxUGaK+9+LCz8Cn1lVoJFmF3CiIl1E9Fqse95Zbf+dSojkLMJMAekSdKtW0GgGM5xKJeOAM=</Modulus><Exponent>AQAB</Exponent></RSAKeyValue>", x.PublicKey.Key.ToXmlString (false), "PublicKey"); Assert.AreEqual (cert_11, x.RawData, "RawData"); Assert.AreEqual ("00", x.SerialNumber, "SerialNumber"); Assert.AreEqual ("1.2.840.113549.1.1.4", x.SignatureAlgorithm.Value, "SignatureAlgorithm"); Assert.AreEqual ("CN=GTE CyberTrust Root, O=GTE Corporation, C=US", x.Subject, "Subject"); Assert.AreEqual ("CN=GTE CyberTrust Root, O=GTE Corporation, C=US", x.SubjectName.Name, "SubjectName"); Assert.AreEqual ("A275E026ACD854794A4AA2CB53F66233129C55B6", x.Thumbprint, "Thumbprint"); Assert.AreEqual (1, x.Version, "Version"); Assert.AreEqual (String.Empty, x.GetNameInfo (X509NameType.DnsFromAlternativeName, true), "DnsFromAlternativeName,true"); Assert.AreEqual ("GTE CyberTrust Root", x.GetNameInfo (X509NameType.DnsName, true), "DnsName,true"); Assert.AreEqual (String.Empty, x.GetNameInfo (X509NameType.EmailName, true), "EmailName,true"); Assert.AreEqual ("GTE CyberTrust Root", x.GetNameInfo (X509NameType.SimpleName, true), "SimpleName,true"); Assert.AreEqual (String.Empty, x.GetNameInfo (X509NameType.UpnName, true), "UpnName,true"); Assert.AreEqual (String.Empty, x.GetNameInfo (X509NameType.UrlName, true), "UrlName,true"); Assert.AreEqual (String.Empty, x.GetNameInfo (X509NameType.DnsFromAlternativeName, false), "DnsFromAlternativeName,false"); Assert.AreEqual ("GTE CyberTrust Root", x.GetNameInfo (X509NameType.DnsName, false), "DnsName,false"); Assert.AreEqual (String.Empty, x.GetNameInfo (X509NameType.EmailName, false), "EmailName,false"); Assert.AreEqual ("GTE CyberTrust Root", x.GetNameInfo (X509NameType.SimpleName, false), "SimpleName,false"); Assert.AreEqual (String.Empty, x.GetNameInfo (X509NameType.UpnName, false), "UpnName,false"); Assert.AreEqual (String.Empty, x.GetNameInfo (X509NameType.UrlName, false), "UrlName,false"); }
public void Certificate_2_Properties () { DateTime expectedNotAfter = new DateTime (631152758320000000, DateTimeKind.Utc); DateTime expectedNotBefore = new DateTime (629575958320000000, DateTimeKind.Utc); X509Certificate2 x = new X509Certificate2 (cert_2); Assert.IsFalse (x.Archived, "Archived"); Assert.AreEqual (0, x.Extensions.Count, "Extensions"); Assert.AreEqual (0, x.FriendlyName.Length, "FriendlyName"); Assert.IsFalse (x.HasPrivateKey, "HasPrivateKey"); Assert.AreEqual ("OU=Directory Services, O=AT&T, C=US", x.Issuer, "Issuer"); Assert.AreEqual ("OU=Directory Services, O=AT&T, C=US", x.IssuerName.Name, "IssuerName"); Assert.AreEqual (expectedNotAfter.Ticks, x.NotAfter.ToUniversalTime ().Ticks, "NotAfter#1"); Assert.AreEqual (DateTimeKind.Local, x.NotAfter.Kind, "NotAfter#2"); Assert.AreEqual (expectedNotAfter.ToLocalTime (), x.NotAfter, "NotAfter#3"); Assert.AreEqual (expectedNotBefore.Ticks, x.NotBefore.ToUniversalTime ().Ticks, "NotBefore#1"); Assert.AreEqual (DateTimeKind.Local, x.NotBefore.Kind, "NotBefore#2"); Assert.AreEqual (expectedNotBefore.ToLocalTime (), x.NotBefore, "NotBefore#3"); Assert.IsNull (x.PrivateKey, "PrivateKey"); Assert.AreEqual ("<RSAKeyValue><Modulus>h2RyiQsgj4cnrMYi/gBAaUivxobNIzPjEcUxGh9+npITtqKs47AfKgdsttTeS/rxoqB9zku+viZICYyFEd7LIufC7kRR/mfVW1rgFjdUBLg7MhKUg56xTYBspKl2rLikl/erC2ylQ7puT8VOADAWPD+ZFNqiIAiLuu12rJcA1W0=</Modulus><Exponent>Dw==</Exponent></RSAKeyValue>", x.PublicKey.Key.ToXmlString (false), "PublicKey"); Assert.AreEqual (cert_2, x.RawData, "RawData"); Assert.AreEqual ("00", x.SerialNumber, "SerialNumber"); Assert.AreEqual ("1.2.840.113549.1.1.4", x.SignatureAlgorithm.Value, "SignatureAlgorithm"); Assert.AreEqual ("OU=Directory Services, O=AT&T, C=US", x.Subject, "Subject"); Assert.AreEqual ("OU=Directory Services, O=AT&T, C=US", x.SubjectName.Name, "SubjectName"); Assert.AreEqual ("9E87803EC5689AEFE77F92F91ABFA7467C76ED02", x.Thumbprint, "Thumbprint"); Assert.AreEqual (1, x.Version, "Version"); Assert.AreEqual (String.Empty, x.GetNameInfo (X509NameType.DnsFromAlternativeName, true), "DnsFromAlternativeName,true"); Assert.AreEqual (String.Empty, x.GetNameInfo (X509NameType.DnsName, true), "DnsName,true"); Assert.AreEqual (String.Empty, x.GetNameInfo (X509NameType.EmailName, true), "EmailName,true"); Assert.AreEqual ("Directory Services", x.GetNameInfo (X509NameType.SimpleName, true), "SimpleName,true"); Assert.AreEqual (String.Empty, x.GetNameInfo (X509NameType.UpnName, true), "UpnName,true"); Assert.AreEqual (String.Empty, x.GetNameInfo (X509NameType.UrlName, true), "UrlName,true"); Assert.AreEqual (String.Empty, x.GetNameInfo (X509NameType.DnsFromAlternativeName, false), "DnsFromAlternativeName,false"); Assert.AreEqual (String.Empty, x.GetNameInfo (X509NameType.DnsName, false), "DnsName,false"); Assert.AreEqual (String.Empty, x.GetNameInfo (X509NameType.EmailName, false), "EmailName,false"); Assert.AreEqual ("Directory Services", x.GetNameInfo (X509NameType.SimpleName, false), "SimpleName,false"); Assert.AreEqual (String.Empty, x.GetNameInfo (X509NameType.UpnName, false), "UpnName,false"); Assert.AreEqual (String.Empty, x.GetNameInfo (X509NameType.UrlName, false), "UrlName,false"); }
public void Certificate_12_Properties () { DateTime expectedNotAfter = new DateTime (632053191480000000, DateTimeKind.Utc); DateTime expectedNotBefore = new DateTime (631578849480000000, DateTimeKind.Utc); X509Certificate2 x = new X509Certificate2 (cert_12); Assert.IsFalse (x.Archived, "Archived"); Assert.AreEqual (5, x.Extensions.Count, "Extensions"); Assert.AreEqual (0, x.FriendlyName.Length, "FriendlyName"); Assert.IsFalse (x.HasPrivateKey, "HasPrivateKey"); Assert.AreEqual ("CN=Microsoft Code Signing PCA, OU=Copyright (c) 2000 Microsoft Corp., O=Microsoft Corporation, L=Redmond, S=Washington, C=US", x.Issuer, "Issuer"); Assert.AreEqual ("CN=Microsoft Code Signing PCA, OU=Copyright (c) 2000 Microsoft Corp., O=Microsoft Corporation, L=Redmond, S=Washington, C=US", x.IssuerName.Name, "IssuerName"); Assert.AreEqual (expectedNotAfter.Ticks, x.NotAfter.ToUniversalTime ().Ticks, "NotAfter#1"); Assert.AreEqual (DateTimeKind.Local, x.NotAfter.Kind, "NotAfter#2"); Assert.AreEqual (expectedNotAfter.ToLocalTime (), x.NotAfter, "NotAfter#3"); Assert.AreEqual (expectedNotBefore.Ticks, x.NotBefore.ToUniversalTime ().Ticks, "NotBefore#1"); Assert.AreEqual (DateTimeKind.Local, x.NotBefore.Kind, "NotBefore#2"); Assert.AreEqual (expectedNotBefore.ToLocalTime (), x.NotBefore, "NotBefore#3"); Assert.IsNull (x.PrivateKey, "PrivateKey"); Assert.AreEqual ("<RSAKeyValue><Modulus>qpm9OagYJ/QrPQtMP3x3LqfLtdGMDcI6dNeTteCgSz9ZXs5FT5p5KfFJzBpH7lXCCD4SIPhV8u5f0+DKlrww3v5YyCcy0IVU6PCRELvzK74Z5QObC4Yd87A5jLj9Cx08cyasVyvKKaIVkIIV4nejQFIDi53CcLof6TT28zWSTlWD+NowtiDeVwa1WkIG3lnL8t+mvRVHcRklI9LLb5sZed9qW/F2BXkp/MNWyo9ECIVVisvID0ZLVcuMlndKh+ipQQbH/w3paFdjcsNpV7RDzzI6MNwb6dVDJip5/pXbImckyS/QNOPm+1FJhrg80CVf1uyeA2GHqWhAx/jiA+bPBQ==</Modulus><Exponent>AQAB</Exponent></RSAKeyValue>", x.PublicKey.Key.ToXmlString (false), "PublicKey"); Assert.AreEqual (cert_12, x.RawData, "RawData"); Assert.AreEqual ("61071143000000000034", x.SerialNumber, "SerialNumber"); Assert.AreEqual ("1.2.840.113549.1.1.5", x.SignatureAlgorithm.Value, "SignatureAlgorithm"); Assert.AreEqual ("CN=Microsoft Corporation, OU=Copyright (c) 2002 Microsoft Corp., O=Microsoft Corporation, L=Redmond, S=Washington, C=US", x.Subject, "Subject"); Assert.AreEqual ("CN=Microsoft Corporation, OU=Copyright (c) 2002 Microsoft Corp., O=Microsoft Corporation, L=Redmond, S=Washington, C=US", x.SubjectName.Name, "SubjectName"); Assert.AreEqual ("282D9806C3DF7345929F64F5895EF2EA4AC29302", x.Thumbprint, "Thumbprint"); Assert.AreEqual (3, x.Version, "Version"); Assert.AreEqual (String.Empty, x.GetNameInfo (X509NameType.DnsFromAlternativeName, true), "DnsFromAlternativeName,true"); Assert.AreEqual ("Microsoft Code Signing PCA", x.GetNameInfo (X509NameType.DnsName, true), "DnsName,true"); Assert.AreEqual (String.Empty, x.GetNameInfo (X509NameType.EmailName, true), "EmailName,true"); Assert.AreEqual ("Microsoft Code Signing PCA", x.GetNameInfo (X509NameType.SimpleName, true), "SimpleName,true"); Assert.AreEqual (String.Empty, x.GetNameInfo (X509NameType.UpnName, true), "UpnName,true"); Assert.AreEqual (String.Empty, x.GetNameInfo (X509NameType.UrlName, true), "UrlName,true"); Assert.AreEqual (String.Empty, x.GetNameInfo (X509NameType.DnsFromAlternativeName, false), "DnsFromAlternativeName,false"); Assert.AreEqual ("Microsoft Corporation", x.GetNameInfo (X509NameType.DnsName, false), "DnsName,false"); Assert.AreEqual (String.Empty, x.GetNameInfo (X509NameType.EmailName, false), "EmailName,false"); Assert.AreEqual ("Microsoft Corporation", x.GetNameInfo (X509NameType.SimpleName, false), "SimpleName,false"); Assert.AreEqual (String.Empty, x.GetNameInfo (X509NameType.UpnName, false), "UpnName,false"); Assert.AreEqual (String.Empty, x.GetNameInfo (X509NameType.UrlName, false), "UrlName,false"); // extensions X509Extension ext = x.Extensions[0]; Assert.AreEqual ("2.5.29.15", ext.Oid.Value, "Oid-0"); Assert.AreEqual ("03-02-06-C0", BitConverter.ToString (ext.RawData), "RawData-0"); Assert.IsTrue (ext.Critical, "Critical-0"); X509KeyUsageExtension kue = (X509KeyUsageExtension) ext; Assert.AreEqual (X509KeyUsageFlags.DigitalSignature | X509KeyUsageFlags.NonRepudiation, kue.KeyUsages, "KeyUsages"); ext = x.Extensions[1]; Assert.AreEqual ("2.5.29.37", ext.Oid.Value, "Oid-1"); Assert.AreEqual ("30-0A-06-08-2B-06-01-05-05-07-03-03", BitConverter.ToString (ext.RawData), "RawData-1"); Assert.IsFalse (ext.Critical, "Critical-1"); X509EnhancedKeyUsageExtension eku = (X509EnhancedKeyUsageExtension) ext; Assert.AreEqual (1, eku.EnhancedKeyUsages.Count, "EnhancedKeyUsages.Count"); Assert.AreEqual ("1.3.6.1.5.5.7.3.3", eku.EnhancedKeyUsages[0].Value, "EnhancedKeyUsages[0]"); ext = x.Extensions[2]; Assert.AreEqual ("2.5.29.14", ext.Oid.Value, "Oid-2"); Assert.AreEqual ("04-14-6B-C8-C6-51-20-F0-B4-2F-D3-A0-B6-AE-7F-5E-26-B2-B8-87-52-29", BitConverter.ToString (ext.RawData), "RawData-2"); Assert.IsFalse (ext.Critical, "Critical-2"); X509SubjectKeyIdentifierExtension ski = (X509SubjectKeyIdentifierExtension) ext; Assert.AreEqual ("6BC8C65120F0B42FD3A0B6AE7F5E26B2B8875229", ski.SubjectKeyIdentifier, "SubjectKeyIdentifier"); ext = x.Extensions[3]; Assert.AreEqual ("2.5.29.35", ext.Oid.Value, "Oid-3"); Assert.AreEqual ("30-81-9E-80-14-29-5C-B9-1B-B6-CD-33-EE-BB-9E-59-7D-F7-E5-CA-2E-C4-0D-34-28-A1-74-A4-72-30-70-31-2B-30-29-06-03-55-04-0B-13-22-43-6F-70-79-72-69-67-68-74-20-28-63-29-20-31-39-39-37-20-4D-69-63-72-6F-73-6F-66-74-20-43-6F-72-70-2E-31-1E-30-1C-06-03-55-04-0B-13-15-4D-69-63-72-6F-73-6F-66-74-20-43-6F-72-70-6F-72-61-74-69-6F-6E-31-21-30-1F-06-03-55-04-03-13-18-4D-69-63-72-6F-73-6F-66-74-20-52-6F-6F-74-20-41-75-74-68-6F-72-69-74-79-82-10-6A-0B-99-4F-C0-00-DE-AA-11-D4-D8-40-9A-A8-BE-E6", BitConverter.ToString (ext.RawData), "RawData-3"); Assert.IsFalse (ext.Critical, "Critical-3"); ext = x.Extensions[4]; Assert.AreEqual ("2.5.29.31", ext.Oid.Value, "Oid-4"); Assert.AreEqual ("30-41-30-3F-A0-3D-A0-3B-86-39-68-74-74-70-3A-2F-2F-63-72-6C-2E-6D-69-63-72-6F-73-6F-66-74-2E-63-6F-6D-2F-70-6B-69-2F-63-72-6C-2F-70-72-6F-64-75-63-74-73-2F-43-6F-64-65-53-69-67-6E-50-43-41-2E-63-72-6C", BitConverter.ToString (ext.RawData), "RawData-4"); Assert.IsFalse (ext.Critical, "Critical-4"); }
public void Certificate_3_Properties () { DateTime expectedNotAfter = new DateTime (629771327990000000, DateTimeKind.Utc); DateTime expectedNotBefore = new DateTime (629749728000000000, DateTimeKind.Utc); X509Certificate2 x = new X509Certificate2 (cert_3); Assert.IsFalse (x.Archived, "Archived"); Assert.AreEqual (7, x.Extensions.Count, "Extensions"); Assert.AreEqual (0, x.FriendlyName.Length, "FriendlyName"); Assert.IsFalse (x.HasPrivateKey, "HasPrivateKey"); Assert.AreEqual ("CN=Brand Name:Product Type, O=CCA - Unique ID, C=US", x.Issuer, "Issuer"); Assert.AreEqual ("CN=Brand Name:Product Type, O=CCA - Unique ID, C=US", x.IssuerName.Name, "IssuerName"); Assert.AreEqual (expectedNotAfter.Ticks, x.NotAfter.ToUniversalTime ().Ticks, "NotAfter#1"); Assert.AreEqual (DateTimeKind.Local, x.NotAfter.Kind, "NotAfter#2"); Assert.AreEqual (expectedNotAfter.ToLocalTime (), x.NotAfter, "NotAfter#3"); Assert.AreEqual (expectedNotBefore.Ticks, x.NotBefore.ToUniversalTime ().Ticks, "NotBefore#1"); Assert.AreEqual (DateTimeKind.Local, x.NotBefore.Kind, "NotBefore#2"); Assert.AreEqual (expectedNotBefore.ToLocalTime (), x.NotBefore, "NotBefore#3"); Assert.IsNull (x.PrivateKey, "PrivateKey"); Assert.AreEqual ("<RSAKeyValue><Modulus>rMQOBSW86u8MIn/EDEppMQD5P+nhbFSXd04YxkqV4NRYKVwXXR0eVrxJPeD5n7sB+Ya2ppXd4QQyAVJOj4Yw9w==</Modulus><Exponent>AQAB</Exponent></RSAKeyValue>", x.PublicKey.Key.ToXmlString (false), "PublicKey"); Assert.AreEqual (cert_3, x.RawData, "RawData"); Assert.AreEqual ("0353D78BDB3E16158055C4054002734D0C20F80D88005F657AACBA86BD1CD7E4", x.SerialNumber, "SerialNumber"); Assert.AreEqual ("1.2.840.113549.1.1.5", x.SignatureAlgorithm.Value, "SignatureAlgorithm"); Assert.AreEqual ("CN=\"0+WKJx+wYEZabSSPVX9kLsnx92s=\", OU=Issuing Financial Institution, O=BrandID, C=US", x.Subject, "Subject"); Assert.AreEqual ("CN=\"0+WKJx+wYEZabSSPVX9kLsnx92s=\", OU=Issuing Financial Institution, O=BrandID, C=US", x.SubjectName.Name, "SubjectName"); Assert.AreEqual ("395FBBFC148933277689B7593A7D1CFFF156F162", x.Thumbprint, "Thumbprint"); Assert.AreEqual (3, x.Version, "Version"); Assert.AreEqual (String.Empty, x.GetNameInfo (X509NameType.DnsFromAlternativeName, true), "DnsFromAlternativeName,true"); Assert.AreEqual ("Brand Name:Product Type", x.GetNameInfo (X509NameType.DnsName, true), "DnsName,true"); Assert.AreEqual (String.Empty, x.GetNameInfo (X509NameType.EmailName, true), "EmailName,true"); Assert.AreEqual ("Brand Name:Product Type", x.GetNameInfo (X509NameType.SimpleName, true), "SimpleName,true"); Assert.AreEqual (String.Empty, x.GetNameInfo (X509NameType.UpnName, true), "UpnName,true"); Assert.AreEqual (String.Empty, x.GetNameInfo (X509NameType.UrlName, true), "UrlName,true"); Assert.AreEqual (String.Empty, x.GetNameInfo (X509NameType.DnsFromAlternativeName, false), "DnsFromAlternativeName,false"); Assert.AreEqual ("0+WKJx+wYEZabSSPVX9kLsnx92s=", x.GetNameInfo (X509NameType.DnsName, false), "DnsName,false"); Assert.AreEqual (String.Empty, x.GetNameInfo (X509NameType.EmailName, false), "EmailName,false"); Assert.AreEqual ("0+WKJx+wYEZabSSPVX9kLsnx92s=", x.GetNameInfo (X509NameType.SimpleName, false), "SimpleName,false"); Assert.AreEqual (String.Empty, x.GetNameInfo (X509NameType.UpnName, false), "UpnName,false"); Assert.AreEqual (String.Empty, x.GetNameInfo (X509NameType.UrlName, false), "UrlName,false"); // extensions X509Extension ext = x.Extensions[0]; Assert.AreEqual ("2.5.29.35", ext.Oid.Value, "Oid-0"); Assert.AreEqual ("30-53-81-4B-84-49-31-0B-30-09-06-03-55-04-06-13-02-55-53-31-18-30-16-06-03-55-04-0A-13-0F-43-43-41-20-2D-20-55-6E-69-71-75-65-20-49-44-31-20-30-1E-06-03-55-04-03-13-17-42-72-61-6E-64-20-4E-61-6D-65-3A-50-72-6F-64-75-63-74-20-54-79-70-65-82-04-32-06-AC-10", BitConverter.ToString (ext.RawData), "RawData-0"); Assert.IsFalse (ext.Critical, "Critical-0"); ext = x.Extensions[1]; Assert.AreEqual ("2.5.29.15", ext.Oid.Value, "Oid-1"); Assert.AreEqual ("03-02-07-80", BitConverter.ToString (ext.RawData), "RawData-1"); Assert.IsTrue (ext.Critical, "Critical-1"); X509KeyUsageExtension kue = (X509KeyUsageExtension) ext; Assert.AreEqual (X509KeyUsageFlags.DigitalSignature, kue.KeyUsages, "KeyUsages"); ext = x.Extensions[2]; Assert.AreEqual ("2.5.29.16", ext.Oid.Value, "Oid-2"); Assert.AreEqual ("30-22-80-0F-31-39-39-36-30-38-30-37-30-37-34-39-30-30-5A-81-0F-31-39-39-36-30-39-30-37-30-37-34-39-30-30-5A", BitConverter.ToString (ext.RawData), "RawData-2"); Assert.IsTrue (ext.Critical, "Critical-2"); ext = x.Extensions[3]; Assert.AreEqual ("2.5.29.32", ext.Oid.Value, "Oid-3"); Assert.AreEqual ("30-0F-30-0D-06-0B-60-86-48-01-86-F8-45-01-07-01-01", BitConverter.ToString (ext.RawData), "RawData-3"); Assert.IsFalse (ext.Critical, "Critical-3"); ext = x.Extensions[4]; Assert.AreEqual ("2.5.29.19", ext.Oid.Value, "Oid-4"); Assert.AreEqual ("30-00", BitConverter.ToString (ext.RawData), "RawData-4"); Assert.IsTrue (ext.Critical, "Critical-4"); X509BasicConstraintsExtension bce = (X509BasicConstraintsExtension) ext; Assert.IsFalse (bce.CertificateAuthority, "CertificateAuthority"); Assert.IsFalse (bce.HasPathLengthConstraint, "HasPathLengthConstraint"); Assert.AreEqual (0, bce.PathLengthConstraint, "PathLengthConstraint"); ext = x.Extensions[5]; Assert.AreEqual ("2.16.840.1.113733.2.3", ext.Oid.Value, "Oid-5"); Assert.AreEqual ("03-02-07-80", BitConverter.ToString (ext.RawData), "RawData-5"); Assert.IsTrue (ext.Critical, "Critical-5"); ext = x.Extensions[6]; Assert.AreEqual ("2.16.840.1.113733.2.7", ext.Oid.Value, "Oid"); Assert.AreEqual ("30-50-04-14-33-39-38-32-33-39-38-37-32-33-37-38-39-31-33-34-39-37-38-32-30-09-06-05-2B-0D-03-02-1A-05-00-16-0F-74-65-72-73-65-20-73-74-61-74-65-6D-65-6E-74-1D-00-16-1A-67-65-74-73-65-74-2D-63-65-6E-74-65-72-40-76-65-72-69-73-69-67-6E-2E-63-6F-6D", BitConverter.ToString (ext.RawData), "RawData-6"); Assert.IsTrue (ext.Critical, "Critical"); }
string GetCommonName(X509Certificate2 cert) { return cert.GetNameInfo(X509NameType.SimpleName, false); }
public void Certificate_4_Properties () { DateTime expectedNotAfter = new DateTime (630822812570000000, DateTimeKind.Utc); DateTime expectedNotBefore = new DateTime (629200220570000000, DateTimeKind.Utc); X509Certificate2 x = new X509Certificate2 (cert_4); Assert.IsFalse (x.Archived, "Archived"); Assert.AreEqual (0, x.Extensions.Count, "Extensions"); Assert.AreEqual (0, x.FriendlyName.Length, "FriendlyName"); Assert.IsFalse (x.HasPrivateKey, "HasPrivateKey"); Assert.AreEqual ("OU=Secure Server Certification Authority, O=\"RSA Data Security, Inc.\", C=US", x.Issuer, "Issuer"); Assert.AreEqual ("OU=Secure Server Certification Authority, O=\"RSA Data Security, Inc.\", C=US", x.IssuerName.Name, "IssuerName"); Assert.AreEqual (expectedNotAfter.Ticks, x.NotAfter.ToUniversalTime ().Ticks, "NotAfter#1"); Assert.AreEqual (DateTimeKind.Local, x.NotAfter.Kind, "NotAfter#2"); Assert.AreEqual (expectedNotAfter.ToLocalTime (), x.NotAfter, "NotAfter#3"); Assert.AreEqual (expectedNotBefore.Ticks, x.NotBefore.ToUniversalTime ().Ticks, "NotBefore#1"); Assert.AreEqual (DateTimeKind.Local, x.NotBefore.Kind, "NotBefore#2"); Assert.AreEqual (expectedNotBefore.ToLocalTime (), x.NotBefore, "NotBefore#3"); Assert.IsNull (x.PrivateKey, "PrivateKey"); Assert.AreEqual ("<RSAKeyValue><Modulus>ks56wa6DPlqqiYNXrCUBdgytro4sN87rNXhkVAPlhEBRyb+PCOKKggjSFoY3VemxIQKtdmiBmgWiS8lLJWYiVmyIB4/3gVlthAdlcBNxdj6bd0zjUIlWmEi5HacpGhMuShFZnB4V1UlULHM6aYKxlzmcbXBnSOXdLdbIHns=</Modulus><Exponent>AQAB</Exponent></RSAKeyValue>", x.PublicKey.Key.ToXmlString (false), "PublicKey"); Assert.AreEqual (cert_4, x.RawData, "RawData"); Assert.AreEqual ("0241000001", x.SerialNumber, "SerialNumber"); Assert.AreEqual ("1.2.840.113549.1.1.2", x.SignatureAlgorithm.Value, "SignatureAlgorithm"); Assert.AreEqual ("OU=Secure Server Certification Authority, O=\"RSA Data Security, Inc.\", C=US", x.Subject, "Subject"); Assert.AreEqual ("OU=Secure Server Certification Authority, O=\"RSA Data Security, Inc.\", C=US", x.SubjectName.Name, "SubjectName"); Assert.AreEqual ("0D974461703713CB74932D2A75ACBC714B281266", x.Thumbprint, "Thumbprint"); Assert.AreEqual (1, x.Version, "Version"); Assert.AreEqual (String.Empty, x.GetNameInfo (X509NameType.DnsFromAlternativeName, true), "DnsFromAlternativeName,true"); Assert.AreEqual (String.Empty, x.GetNameInfo (X509NameType.DnsName, true), "DnsName,true"); Assert.AreEqual (String.Empty, x.GetNameInfo (X509NameType.EmailName, true), "EmailName,true"); Assert.AreEqual ("Secure Server Certification Authority", x.GetNameInfo (X509NameType.SimpleName, true), "SimpleName,true"); Assert.AreEqual (String.Empty, x.GetNameInfo (X509NameType.UpnName, true), "UpnName,true"); Assert.AreEqual (String.Empty, x.GetNameInfo (X509NameType.UrlName, true), "UrlName,true"); Assert.AreEqual (String.Empty, x.GetNameInfo (X509NameType.DnsFromAlternativeName, false), "DnsFromAlternativeName,false"); Assert.AreEqual (String.Empty, x.GetNameInfo (X509NameType.DnsName, false), "DnsName,false"); Assert.AreEqual (String.Empty, x.GetNameInfo (X509NameType.EmailName, false), "EmailName,false"); Assert.AreEqual ("Secure Server Certification Authority", x.GetNameInfo (X509NameType.SimpleName, false), "SimpleName,false"); Assert.AreEqual (String.Empty, x.GetNameInfo (X509NameType.UpnName, false), "UpnName,false"); Assert.AreEqual (String.Empty, x.GetNameInfo (X509NameType.UrlName, false), "UrlName,false"); }
public void Certificate_14_Properties () { DateTime expectedNotAfter = new DateTime (633912839400000000, DateTimeKind.Utc); DateTime expectedNotBefore = new DateTime (630663336000000000, DateTimeKind.Utc); X509Certificate2 x = new X509Certificate2 (cert_14); Assert.IsFalse (x.Archived, "Archived"); Assert.AreEqual (0, x.Extensions.Count, "Extensions"); Assert.AreEqual (0, x.FriendlyName.Length, "FriendlyName"); Assert.IsFalse (x.HasPrivateKey, "HasPrivateKey"); Assert.AreEqual ("O=C&W HKT SecureNet CA Class A, C=hk", x.Issuer, "Issuer"); Assert.AreEqual ("O=C&W HKT SecureNet CA Class A, C=hk", x.IssuerName.Name, "IssuerName"); Assert.AreEqual (expectedNotAfter.Ticks, x.NotAfter.ToUniversalTime ().Ticks, "NotAfter#1"); Assert.AreEqual (DateTimeKind.Local, x.NotAfter.Kind, "NotAfter#2"); Assert.AreEqual (expectedNotAfter.ToLocalTime (), x.NotAfter, "NotAfter#3"); Assert.AreEqual (expectedNotBefore.Ticks, x.NotBefore.ToUniversalTime ().Ticks, "NotBefore#1"); Assert.AreEqual (DateTimeKind.Local, x.NotBefore.Kind, "NotBefore#2"); Assert.AreEqual (expectedNotBefore.ToLocalTime (), x.NotBefore, "NotBefore#3"); Assert.IsNull (x.PrivateKey, "PrivateKey"); Assert.AreEqual ("<RSAKeyValue><Modulus>tBuiCqVMc2NGUUh0Y6i0jBbb9Mhn3qFIAv/Lo8+n39mxMeDjLihxBKZkWsZc/tCnuOo+Ctr7EX9/JCheyIqsbniqyKIYOZ5MUNHwmLXvpLIbYGu/+XO0C3X5Irvp5YGgldJ2THzTp/5dlRXtB9TH3mAwAO7yLpTxhjLlWVHo34CiKgDvPIhdEeMAX1TkDEcQbLD1+DN2HDRmW9S7NGM502aUOuzNIinz9hK71CEpN6VETd+JDAQMfUF7h/MWwUMpZLTWRWerhkxljwG36mOMTnhUREcaU4aMaxgnIQvFVmYOJfbgeaxoAHTpmmQ8SU6e4B3IiBtQBvddCfiNixP9XQ==</Modulus><Exponent>AQAB</Exponent></RSAKeyValue>", x.PublicKey.Key.ToXmlString (false), "PublicKey"); Assert.AreEqual (cert_14, x.RawData, "RawData"); Assert.AreEqual ("00", x.SerialNumber, "SerialNumber"); Assert.AreEqual ("1.2.840.113549.1.1.4", x.SignatureAlgorithm.Value, "SignatureAlgorithm"); Assert.AreEqual ("O=C&W HKT SecureNet CA Class A, C=hk", x.Subject, "Subject"); Assert.AreEqual ("O=C&W HKT SecureNet CA Class A, C=hk", x.SubjectName.Name, "SubjectName"); Assert.AreEqual ("9BACF3B664EAC5A17BED08437C72E4ACDA12F7E7", x.Thumbprint, "Thumbprint"); Assert.AreEqual (1, x.Version, "Version"); Assert.AreEqual (String.Empty, x.GetNameInfo (X509NameType.DnsFromAlternativeName, true), "DnsFromAlternativeName,true"); Assert.AreEqual (String.Empty, x.GetNameInfo (X509NameType.DnsName, true), "DnsName,true"); Assert.AreEqual (String.Empty, x.GetNameInfo (X509NameType.EmailName, true), "EmailName,true"); Assert.AreEqual ("C&W HKT SecureNet CA Class A", x.GetNameInfo (X509NameType.SimpleName, true), "SimpleName,true"); Assert.AreEqual (String.Empty, x.GetNameInfo (X509NameType.UpnName, true), "UpnName,true"); Assert.AreEqual (String.Empty, x.GetNameInfo (X509NameType.UrlName, true), "UrlName,true"); Assert.AreEqual (String.Empty, x.GetNameInfo (X509NameType.DnsFromAlternativeName, false), "DnsFromAlternativeName,false"); Assert.AreEqual (String.Empty, x.GetNameInfo (X509NameType.DnsName, false), "DnsName,false"); Assert.AreEqual (String.Empty, x.GetNameInfo (X509NameType.EmailName, false), "EmailName,false"); Assert.AreEqual ("C&W HKT SecureNet CA Class A", x.GetNameInfo (X509NameType.SimpleName, false), "SimpleName,false"); Assert.AreEqual (String.Empty, x.GetNameInfo (X509NameType.UpnName, false), "UpnName,false"); Assert.AreEqual (String.Empty, x.GetNameInfo (X509NameType.UrlName, false), "UrlName,false"); }
public void SetUp(BenchmarkContext context) { TaskScheduler.UnobservedTaskException += (sender, args) => Console.WriteLine(args.Exception); this.ClientGroup = new MultithreadEventLoopGroup(1); this.ServerGroup = new MultithreadEventLoopGroup(1); this.WorkerGroup = new MultithreadEventLoopGroup(); Encoding iso = Encoding.GetEncoding("ISO-8859-1"); this.message = iso.GetBytes("ABC"); this.inboundThroughputCounter = context.GetCounter(InboundThroughputCounterName); this.outboundThroughputCounter = context.GetCounter(OutboundThroughputCounterName); var counterHandler = new CounterHandlerInbound(this.inboundThroughputCounter); this.signal = new ManualResetEventSlimReadFinishedSignal(this.ResetEvent); // reserve up to 10mb of 16kb buffers on both client and server; we're only sending about 700k worth of messages this.serverBufferAllocator = new PooledByteBufferAllocator(); this.clientBufferAllocator = new PooledByteBufferAllocator(); Assembly assembly = typeof(TcpChannelPerfSpecs).Assembly; byte[] certificateData; using (Stream sourceStream = assembly.GetManifestResourceStream(assembly.GetManifestResourceNames()[0])) using (var tempStream = new MemoryStream()) { sourceStream.CopyTo(tempStream); certificateData = tempStream.ToArray(); } var tlsCertificate = new X509Certificate2(certificateData, "password"); string targetHost = tlsCertificate.GetNameInfo(X509NameType.DnsName, false); ServerBootstrap sb = new ServerBootstrap() .Group(this.ServerGroup, this.WorkerGroup) .Channel<TcpServerSocketChannel>() .ChildOption(ChannelOption.Allocator, this.serverBufferAllocator) .ChildHandler(new ActionChannelInitializer<TcpSocketChannel>(channel => { channel.Pipeline //.AddLast(TlsHandler.Server(tlsCertificate)) .AddLast(this.GetEncoder()) .AddLast(this.GetDecoder()) .AddLast(counterHandler) .AddLast(new CounterHandlerOutbound(this.outboundThroughputCounter)) .AddLast(new ReadFinishedHandler(this.signal, WriteCount)); })); Bootstrap cb = new Bootstrap() .Group(this.ClientGroup) .Channel<TcpSocketChannel>() .Option(ChannelOption.Allocator, this.clientBufferAllocator) .Handler(new ActionChannelInitializer<TcpSocketChannel>( channel => { channel.Pipeline //.AddLast(TlsHandler.Client(targetHost, null, (sender, certificate, chain, errors) => true)) .AddLast(this.GetEncoder()) .AddLast(this.GetDecoder()) .AddLast(counterHandler) .AddLast(new CounterHandlerOutbound(this.outboundThroughputCounter)); })); // start server this.serverChannel = sb.BindAsync(TEST_ADDRESS).Result; // connect to server this.clientChannel = cb.ConnectAsync(this.serverChannel.LocalAddress).Result; }
// // // obj is SslStream public bool ValidateClientCertificate(object obj, X509Certificate certificate, X509Chain chain, SslPolicyErrors sslPolicyErrors) { m_log.InfoFormat("[NSL CERT VERIFY]: ValidateClientCertificate: Policy is ({0})", sslPolicyErrors); X509Certificate2 certificate2 = new X509Certificate2(certificate); string simplename = certificate2.GetNameInfo(X509NameType.SimpleName, false); // None, ChainErrors 以外は全てエラーとする. if (sslPolicyErrors!=SslPolicyErrors.None && sslPolicyErrors!=SslPolicyErrors.RemoteCertificateChainErrors) { m_log.InfoFormat("[NSL CERT VERIFY]: ValidateClientCertificate: Simple Name is \"{0}\"", simplename); m_log.InfoFormat("[NSL CERT VERIFY]: ValidateClientCertificate: Policy Error!"); return false; } // check CRL if (m_clientcrl!=null) { Mono.Security.X509.X509Certificate monocert = new Mono.Security.X509.X509Certificate(certificate.GetRawCertData()); Mono.Security.X509.X509Crl.X509CrlEntry entry = m_clientcrl.GetCrlEntry(monocert); if (entry!=null) { m_log.InfoFormat("[NSL CERT VERIFY]: Common Name \"{0}\" was revoked at {1}", simplename, entry.RevocationDate.ToString()); return false; } } bool valid = CheckPrivateChain(certificate2); if (valid) { m_log.InfoFormat("[NSL CERT VERIFY]: Valid Client Certification for \"{0}\"", simplename); } else { m_log.InfoFormat("[NSL CERT VERIFY]: Failed to Verify Client Certification for \"{0}\"", simplename); } return valid; }
private void CheckPkcs12 (X509Certificate2 x) { byte[] raw = new byte[] { 0x30, 0x82, 0x02, 0x1E, 0x30, 0x82, 0x01, 0x8B, 0xA0, 0x03, 0x02, 0x01, 0x02, 0x02, 0x10, 0x74, 0x8B, 0xCD, 0xD9, 0x86, 0x99, 0x9A, 0x91, 0x4A, 0x0C, 0xC3, 0xF4, 0xE1, 0x2F, 0xF5, 0x95, 0x30, 0x09, 0x06, 0x05, 0x2B, 0x0E, 0x03, 0x02, 0x1D, 0x05, 0x00, 0x30, 0x23, 0x31, 0x21, 0x30, 0x1F, 0x06, 0x03, 0x55, 0x04, 0x03, 0x13, 0x18, 0x4D, 0x6F, 0x6E, 0x6F, 0x20, 0x53, 0x53, 0x4C, 0x20, 0x49, 0x6E, 0x74, 0x65, 0x72, 0x6D, 0x65, 0x64, 0x69, 0x61, 0x74, 0x65, 0x20, 0x43, 0x41, 0x30, 0x1E, 0x17, 0x0D, 0x30, 0x33, 0x31, 0x31, 0x32, 0x37, 0x30, 0x32, 0x35, 0x37, 0x34, 0x32, 0x5A, 0x17, 0x0D, 0x33, 0x39, 0x31, 0x32, 0x33, 0x31, 0x32, 0x33, 0x35, 0x39, 0x35, 0x39, 0x5A, 0x30, 0x13, 0x31, 0x11, 0x30, 0x0F, 0x06, 0x03, 0x55, 0x04, 0x03, 0x13, 0x08, 0x46, 0x41, 0x52, 0x53, 0x43, 0x41, 0x50, 0x45, 0x30, 0x81, 0x9F, 0x30, 0x0D, 0x06, 0x09, 0x2A, 0x86, 0x48, 0x86, 0xF7, 0x0D, 0x01, 0x01, 0x01, 0x05, 0x00, 0x03, 0x81, 0x8D, 0x00, 0x30, 0x81, 0x89, 0x02, 0x81, 0x81, 0x00, 0xC4, 0x26, 0x3B, 0xE9, 0x49, 0x07, 0x39, 0x8C, 0x51, 0x34, 0x3B, 0x84, 0x4C, 0x27, 0x98, 0x70, 0x15, 0x79, 0xF1, 0xF4, 0x2A, 0x32, 0x82, 0xC3, 0xFA, 0xCF, 0x6E, 0x72, 0x37, 0xCE, 0x37, 0x55, 0x1F, 0xFA, 0x8F, 0x78, 0x4A, 0xA0, 0x0C, 0x9D, 0x44, 0x29, 0xF2, 0x81, 0xD9, 0x87, 0xD5, 0x94, 0x1A, 0xFC, 0x8D, 0xF8, 0x9D, 0xE0, 0xC5, 0xD2, 0x4A, 0x4F, 0x68, 0xD3, 0xAD, 0x65, 0x23, 0xB2, 0x4F, 0x48, 0x35, 0xB9, 0xFE, 0xE1, 0xDB, 0x6B, 0xE7, 0x41, 0x76, 0xEC, 0x0C, 0x5B, 0x3A, 0xE3, 0x07, 0xC9, 0x3D, 0x94, 0x48, 0xF2, 0xCF, 0x71, 0xAC, 0x2F, 0x71, 0x60, 0x15, 0x0E, 0xD5, 0x9A, 0xF8, 0x6C, 0x7F, 0xE9, 0xC0, 0x19, 0x18, 0x72, 0x09, 0xA1, 0xD6, 0xB8, 0xA9, 0x60, 0xD1, 0xC3, 0x18, 0x91, 0x98, 0xCE, 0x9A, 0x44, 0x3D, 0xCF, 0x63, 0x79, 0x41, 0x27, 0x18, 0xB3, 0x8E, 0x05, 0x02, 0x03, 0x01, 0x00, 0x01, 0xA3, 0x6B, 0x30, 0x69, 0x30, 0x13, 0x06, 0x03, 0x55, 0x1D, 0x25, 0x04, 0x0C, 0x30, 0x0A, 0x06, 0x08, 0x2B, 0x06, 0x01, 0x05, 0x05, 0x07, 0x03, 0x01, 0x30, 0x52, 0x06, 0x03, 0x55, 0x1D, 0x01, 0x04, 0x4B, 0x30, 0x49, 0x80, 0x10, 0x7C, 0x13, 0x05, 0xC9, 0xB9, 0x5A, 0xA3, 0x19, 0x3E, 0x7C, 0x0D, 0x7C, 0xE3, 0xF2, 0xD3, 0x36, 0xA1, 0x23, 0x30, 0x21, 0x31, 0x1F, 0x30, 0x1D, 0x06, 0x03, 0x55, 0x04, 0x03, 0x13, 0x16, 0x4D, 0x6F, 0x6E, 0x6F, 0x20, 0x55, 0x6E, 0x69, 0x74, 0x20, 0x54, 0x65, 0x73, 0x74, 0x20, 0x52, 0x6F, 0x6F, 0x74, 0x20, 0x43, 0x41, 0x82, 0x10, 0x1B, 0xFC, 0x61, 0x41, 0xD0, 0xCF, 0x41, 0xB9, 0x47, 0xEF, 0x21, 0x7D, 0x6A, 0x53, 0x32, 0x76, 0x30, 0x09, 0x06, 0x05, 0x2B, 0x0E, 0x03, 0x02, 0x1D, 0x05, 0x00, 0x03, 0x81, 0x81, 0x00, 0x94, 0xF8, 0xDA, 0xEF, 0x93, 0x6A, 0x23, 0x04, 0x6B, 0x2D, 0xC3, 0x1E, 0x57, 0xC9, 0x7E, 0xE1, 0xF6, 0x6C, 0x55, 0xB6, 0xAC, 0xAB, 0xA8, 0x67, 0x19, 0xCD, 0x1D, 0x32, 0x1C, 0xD7, 0x63, 0x13, 0x4F, 0x41, 0x85, 0xB0, 0x62, 0xB8, 0x04, 0x38, 0xD0, 0xD8, 0x18, 0x36, 0x80, 0xE2, 0x70, 0xE7, 0x11, 0x05, 0x7A, 0x2D, 0x5D, 0xC8, 0xAD, 0x29, 0x2E, 0x05, 0x54, 0x66, 0xE2, 0x8E, 0xCC, 0xDA, 0xEE, 0x19, 0x10, 0xB9, 0x37, 0x30, 0x83, 0x62, 0x9A, 0x10, 0xDB, 0x19, 0x41, 0x57, 0x37, 0x1A, 0x39, 0x54, 0x59, 0xE6, 0x6D, 0xDF, 0x1B, 0xCE, 0x6E, 0x78, 0x6A, 0x5F, 0x06, 0x26, 0x8D, 0xE0, 0x94, 0x52, 0xF4, 0x86, 0x9C, 0x42, 0x58, 0xF0, 0xEB, 0x71, 0xEB, 0xB8, 0x8E, 0xC9, 0x20, 0x84, 0xD5, 0x11, 0x58, 0x40, 0x4A, 0xE9, 0xD1, 0x8E, 0x2F, 0x9D, 0xD9, 0x8B, 0xD0, 0x55, 0xB8, 0x96 }; Assert.IsFalse (x.Archived, "Archived"); Assert.AreEqual (2, x.Extensions.Count, "Extensions"); Assert.AreEqual (0, x.FriendlyName.Length, "FriendlyName"); Assert.IsTrue (x.HasPrivateKey, "HasPrivateKey"); Assert.AreEqual ("CN=Mono SSL Intermediate CA", x.Issuer, "Issuer"); Assert.AreEqual ("CN=Mono SSL Intermediate CA", x.IssuerName.Name, "IssuerName"); Assert.AreEqual (643445855990000000, x.NotAfter.ToUniversalTime ().Ticks, "NotAfter"); Assert.AreEqual (632054986620000000, x.NotBefore.ToUniversalTime ().Ticks, "NotBefore"); //Assert.IsNull (x.PrivateKey, "PrivateKey"); Assert.AreEqual ("<RSAKeyValue><Modulus>xCY76UkHOYxRNDuETCeYcBV58fQqMoLD+s9ucjfON1Uf+o94SqAMnUQp8oHZh9WUGvyN+J3gxdJKT2jTrWUjsk9INbn+4dtr50F27AxbOuMHyT2USPLPcawvcWAVDtWa+Gx/6cAZGHIJoda4qWDRwxiRmM6aRD3PY3lBJxizjgU=</Modulus><Exponent>AQAB</Exponent></RSAKeyValue>", x.PublicKey.Key.ToXmlString (false), "PublicKey"); Assert.AreEqual (raw, x.RawData, "RawData"); Assert.AreEqual ("748BCDD986999A914A0CC3F4E12FF595", x.SerialNumber, "SerialNumber"); Assert.AreEqual ("1.3.14.3.2.29", x.SignatureAlgorithm.Value, "SignatureAlgorithm"); Assert.AreEqual ("CN=FARSCAPE", x.Subject, "Subject"); Assert.AreEqual ("CN=FARSCAPE", x.SubjectName.Name, "SubjectName"); Assert.AreEqual ("3029694B22B2EE6AEC9B78449E510F7C348DBA33", x.Thumbprint, "Thumbprint"); Assert.AreEqual (3, x.Version, "Version"); Assert.AreEqual (String.Empty, x.GetNameInfo (X509NameType.DnsFromAlternativeName, true), "DnsFromAlternativeName,true"); Assert.AreEqual ("Mono SSL Intermediate CA", x.GetNameInfo (X509NameType.DnsName, true), "DnsName,true"); Assert.AreEqual (String.Empty, x.GetNameInfo (X509NameType.EmailName, true), "EmailName,true"); Assert.AreEqual ("Mono SSL Intermediate CA", x.GetNameInfo (X509NameType.SimpleName, true), "SimpleName,true"); Assert.AreEqual (String.Empty, x.GetNameInfo (X509NameType.UpnName, true), "UpnName,true"); Assert.AreEqual (String.Empty, x.GetNameInfo (X509NameType.UrlName, true), "UrlName,true"); Assert.AreEqual (String.Empty, x.GetNameInfo (X509NameType.DnsFromAlternativeName, false), "DnsFromAlternativeName,false"); Assert.AreEqual ("FARSCAPE", x.GetNameInfo (X509NameType.DnsName, false), "DnsName,false"); Assert.AreEqual (String.Empty, x.GetNameInfo (X509NameType.EmailName, false), "EmailName,false"); Assert.AreEqual ("FARSCAPE", x.GetNameInfo (X509NameType.SimpleName, false), "SimpleName,false"); Assert.AreEqual (String.Empty, x.GetNameInfo (X509NameType.UpnName, false), "UpnName,false"); Assert.AreEqual (String.Empty, x.GetNameInfo (X509NameType.UrlName, false), "UrlName,false"); // extensions X509Extension ext = x.Extensions[0]; Assert.AreEqual ("2.5.29.37", ext.Oid.Value, "Oid-0"); Assert.AreEqual ("30-0A-06-08-2B-06-01-05-05-07-03-01", BitConverter.ToString (ext.RawData), "RawData-0"); Assert.IsFalse (ext.Critical, "Critical-0"); X509EnhancedKeyUsageExtension eku = (X509EnhancedKeyUsageExtension) ext; Assert.AreEqual (1, eku.EnhancedKeyUsages.Count, "EnhancedKeyUsages.Count"); Assert.AreEqual ("1.3.6.1.5.5.7.3.1", eku.EnhancedKeyUsages[0].Value, "EnhancedKeyUsages[0]"); ext = x.Extensions[1]; Assert.AreEqual ("2.5.29.1", ext.Oid.Value, "Oid-1"); Assert.AreEqual ("30-49-80-10-7C-13-05-C9-B9-5A-A3-19-3E-7C-0D-7C-E3-F2-D3-36-A1-23-30-21-31-1F-30-1D-06-03-55-04-03-13-16-4D-6F-6E-6F-20-55-6E-69-74-20-54-65-73-74-20-52-6F-6F-74-20-43-41-82-10-1B-FC-61-41-D0-CF-41-B9-47-EF-21-7D-6A-53-32-76", BitConverter.ToString (ext.RawData), "RawData-1"); Assert.IsFalse (ext.Critical, "Critical-1"); }