public static void Test4()
{
data = new KeyInfoX509Data();
data.AddSubjectKeyId("SKI0");
data.AddSubjectKeyId("SKI1");
rv = data.SubjectKeyIds.Count == 2;
data = new KeyInfoX509Data();
data.AddSubjectKeyId(new byte[] { 1, 2, 3, 4, 5, 6 });
data.AddSubjectKeyId(new byte[] { 7, 8, 9, 10, 11, 12 });
rv = data.SubjectKeyIds.Count == 2;
}
/// <summary>
/// Creates an encrypted key.
/// </summary>
/// <param name="symmetricKey">Symmetric key that is to be encrypted.
/// Cannot be null.</param>
/// <param name="encryptCertificate">Certificate that will be
/// used to encrypt the symmetric key. Cannot be null.</param>
/// <param name="referenceIds">List of IDs which reference the
/// 'xenc:EncryptedData' elements the key was used to encrypt.
/// Cannot be null or empty.</param>
/// <returns>'EncryptedKey' object.</returns>
public static EncryptedKey CreateEncryptedKey(SymmetricAlgorithm symmetricKey,
X509Certificate2 encryptCertificate, IList <string> referenceIds)
{
// Encrypt the session key using the public key
byte[] encryptedKeyData =
EncryptedXml.EncryptKey(symmetricKey.Key,
(RSA)encryptCertificate.PublicKey.Key, false);
// Create the encrypted key
EncryptedKey encryptedKey = new EncryptedKey();
encryptedKey.CipherData = new CipherData(encryptedKeyData);
encryptedKey.EncryptionMethod =
new EncryptionMethod(EncryptedXml.XmlEncRSA15Url);
// Set the key information for the encrypted key
KeyInfoX509Data xd = new KeyInfoX509Data();
xd.AddSubjectKeyId(CertificateUtils.GetSubjectKeyIdentifier(
encryptCertificate).SubjectKeyIdentifier);
encryptedKey.KeyInfo.AddClause(xd);
// Add a data reference for each identifier
foreach (string referenceId in referenceIds)
{
DataReference dataReference = new DataReference("#" + referenceId);
encryptedKey.ReferenceList.Add(dataReference);
}
return(encryptedKey);
}
static void Test6() //Xml roundtrip
{
int i = 0;
data = new KeyInfoX509Data();
//add certs
data.AddCertificate(TestCert);
data.AddCertificate(EndCert);
//add subject name
data.AddSubjectName(TestCert.SubjectName.Name);
data.AddSubjectName(EndCert.SubjectName.Name);
//add subject keys
data.AddSubjectKeyId(new byte[] { 1, 2, 3, 4, 5, 6 });
data.AddSubjectKeyId(new byte[] { 7, 8, 9, 10, 11, 12 });
//add issuer serials
data.AddIssuerSerial(TestCert.IssuerName.Name, TestCert.SerialNumber);
data.AddIssuerSerial(EndCert.IssuerName.Name, EndCert.SerialNumber);
//add the crl
byte[] b = { 100, 101, 102, 104 };
data.CRL = b;
KeyInfoX509Data rt = new KeyInfoX509Data();
rt.LoadXml(data.GetXml());
for (i = 0; i < rt.CRL.Length; i++)
{
rv = rt.CRL[i] == data.CRL[i];
}
for (i = 0; i < rt.Certificates.Count; i++)
{
rv = rt.Certificates[i].ToString() == data.Certificates[i].ToString();
}
for (i = 0; i < rt.SubjectKeyIds.Count; i++)
{
rv = rt.SubjectKeyIds[i].ToString() == data.SubjectKeyIds[i].ToString();
}
for (i = 0; i < rt.SubjectNames.Count; i++)
{
rv = rt.SubjectNames[i].ToString() == data.SubjectNames[i].ToString();
}
}
public void AddSubjectKeyId_String_BadHexData()
{
KeyInfoX509Data data = new KeyInfoX509Data();
data.AddSubjectKeyId("Hello");
Assert.Null(data.Certificates);
Assert.Null(data.CRL);
Assert.Null(data.IssuerSerials);
Assert.Equal(1, data.SubjectKeyIds.Count);
Assert.Null(data.SubjectNames);
}
[Category("NotWorking")] // beta2 bug
public void AddSubjectKeyId_String_BadHexData()
{
KeyInfoX509Data data = new KeyInfoX509Data();
data.AddSubjectKeyId("Hello");
Assert.IsNull(data.Certificates, "Certificates");
Assert.IsNull(data.CRL, "Certificates");
Assert.IsNull(data.IssuerSerials, "IssuerSerials");
// looks like "garbage"
Assert.AreEqual(1, data.SubjectKeyIds.Count, "SubjectKeyIds");
Assert.IsNull(data.SubjectNames, "SubjectNames");
}
public void AddSubjectKeyId_Byte_Null()
{
KeyInfoX509Data data = new KeyInfoX509Data();
data.AddSubjectKeyId((byte[])null);
Assert.IsNull(data.Certificates, "Certificates");
Assert.IsNull(data.CRL, "Certificates");
Assert.IsNull(data.IssuerSerials, "IssuerSerials");
Assert.AreEqual(1, data.SubjectKeyIds.Count, "SubjectKeyIds");
Assert.IsNull(data.SubjectNames, "SubjectNames");
// beta2 bug - throw an ArgumentNullException (a little too late)
// Assert.AreEqual ("<X509Data xmlns=\"http://www.w3.org/2000/09/xmldsig#\" />", data.GetXml ().OuterXml);
}
public void AddSubjectKeyId_Byte_Null()
{
KeyInfoX509Data data = new KeyInfoX509Data();
data.AddSubjectKeyId((byte[])null);
Assert.Null(data.Certificates);
Assert.Null(data.GetCRL());
Assert.Null(data.IssuerSerials);
Assert.Equal(1, data.SubjectKeyIds.Count);
Assert.Null(data.SubjectNames);
Assert.Throws <ArgumentNullException>(() => data.GetXml().OuterXml);
}
public void Complex()
{
KeyInfoX509Data data1 = new KeyInfoX509Data(cert);
KeyInfoX509Data data2 = new KeyInfoX509Data();
XmlElement xel = data1.GetXml();
data2.LoadXml(xel);
Assert.Equal((data1.GetXml().OuterXml), (data2.GetXml().OuterXml));
byte[] c = (data1.Certificates[0] as X509Certificate).GetRawCertData();
AssertCrypto.AssertEquals("Certificate[0]", cert, c);
// add a second X.509 certificate
X509Certificate x509 = new X509Certificate(cert2);
data1.AddCertificate(x509);
xel = data1.GetXml();
data2.LoadXml(xel);
Assert.Equal((data1.GetXml().OuterXml), (data2.GetXml().OuterXml));
c = (data1.Certificates[1] as X509Certificate).GetRawCertData();
Assert.Equal(cert2, c);
// add properties from a third X.509 certificate
x509 = new X509Certificate(cert3);
data1.AddIssuerSerial(x509.Issuer, x509.GetSerialNumberString());
xel = data1.GetXml();
data2.LoadXml(xel);
Assert.Equal((data1.GetXml().OuterXml), (data2.GetXml().OuterXml));
// TODO: The type of IssuerSerial isn't documented
// X509Certificate doesn't export SubjectKeyId so we must improvise
byte[] skid = { 0xDE, 0xAD, 0xC0, 0xDE };
data1.AddSubjectKeyId(skid);
xel = data1.GetXml();
data2.LoadXml(xel);
Assert.Equal((data1.GetXml().OuterXml), (data2.GetXml().OuterXml));
Assert.Equal(skid, (byte[])data1.SubjectKeyIds[0]);
data1.AddSubjectName(x509.Subject);
xel = data1.GetXml();
data2.LoadXml(xel);
Assert.Equal((data1.GetXml().OuterXml), (data2.GetXml().OuterXml));
string s = (string)data1.SubjectNames[0];
Assert.Equal(x509.Subject, s);
}
public void AddSubjectKeyId_Byte_Null()
{
KeyInfoX509Data data = new KeyInfoX509Data();
data.AddSubjectKeyId((byte[])null);
Assert.Null(data.Certificates);
Assert.Null(data.CRL);
Assert.Null(data.IssuerSerials);
Assert.Equal(1, data.SubjectKeyIds.Count);
Assert.Null(data.SubjectNames);
//Comment from https://github.com/peterwurzinger
//TODO: This is senseless, since GetXml() will call Convert.ToBase64String(null), what will throw an exception not related to the Crypto-XML-API
//Assert.Equal("<X509Data xmlns=\"http://www.w3.org/2000/09/xmldsig#\" />", data.GetXml ().OuterXml); // May throw an exception
Assert.Throws <ArgumentNullException>(() => data.GetXml().OuterXml);
}
public void Complex()
{
KeyInfoX509Data data1 = new KeyInfoX509Data(cert);
KeyInfoX509Data data2 = new KeyInfoX509Data();
XmlElement xel = data1.GetXml();
data2.LoadXml(xel);
Assert.Equal((data1.GetXml().OuterXml), (data2.GetXml().OuterXml));
byte[] c = (data1.Certificates[0] as X509Certificate).GetEncoded();
AssertCrypto.AssertEquals("Certificate[0]", cert, c);
X509Certificate x509 = new X509CertificateParser().ReadCertificate(cert2);
data1.AddCertificate(x509);
xel = data1.GetXml();
data2.LoadXml(xel);
Assert.Equal((data1.GetXml().OuterXml), (data2.GetXml().OuterXml));
c = (data1.Certificates[1] as X509Certificate).GetEncoded();
Assert.Equal(cert2, c);
x509 = new X509CertificateParser().ReadCertificate(cert3);
data1.AddIssuerSerial(x509.IssuerDN.ToString(), x509.SerialNumber.ToString());
xel = data1.GetXml();
data2.LoadXml(xel);
Assert.Equal((data1.GetXml().OuterXml), (data2.GetXml().OuterXml));
byte[] skid = { 0xDE, 0xAD, 0xC0, 0xDE };
data1.AddSubjectKeyId(skid);
xel = data1.GetXml();
data2.LoadXml(xel);
Assert.Equal((data1.GetXml().OuterXml), (data2.GetXml().OuterXml));
Assert.Equal(skid, (byte[])data1.SubjectKeyIds[0]);
data1.AddSubjectName(x509.SubjectDN.ToString());
xel = data1.GetXml();
data2.LoadXml(xel);
Assert.Equal((data1.GetXml().OuterXml), (data2.GetXml().OuterXml));
string s = (string)data1.SubjectNames[0];
Assert.Equal(x509.SubjectDN.ToString(), s);
}
public void AddSubjectKeyId_String_Null()
{
KeyInfoX509Data data1 = new KeyInfoX509Data();
Assert.Throws <NullReferenceException>(() => data1.AddSubjectKeyId((string)null));
}
static void Test6() //Xml roundtrip
{
int i = 0 ;
data = new KeyInfoX509Data() ;
//add certs
data.AddCertificate( TestCert ) ;
data.AddCertificate( EndCert ) ;
//add subject name
data.AddSubjectName( TestCert.SubjectName.Name ) ;
data.AddSubjectName( EndCert.SubjectName.Name ) ;
//add subject keys
data.AddSubjectKeyId( new byte[]{1,2,3,4,5,6} ) ;
data.AddSubjectKeyId( new byte[]{7,8,9,10,11,12} ) ;
//add issuer serials
data.AddIssuerSerial( TestCert.IssuerName.Name , TestCert.SerialNumber ) ;
data.AddIssuerSerial( EndCert.IssuerName.Name , EndCert.SerialNumber ) ;
//add the crl
byte[] b = { 100, 101 , 102 , 104 } ;
data.CRL = b ;
KeyInfoX509Data rt = new KeyInfoX509Data() ;
rt.LoadXml( data.GetXml() ) ;
for( i = 0 ; i < rt.CRL.Length ; i++ )
{
rv = rt.CRL[i] == data.CRL[i] ;
}
for( i = 0 ; i < rt.Certificates.Count ; i++ )
{
rv = rt.Certificates[i].ToString() == data.Certificates[i].ToString() ;
}
for( i = 0 ; i < rt.SubjectKeyIds.Count ; i++ )
{
rv = rt.SubjectKeyIds[i].ToString() == data.SubjectKeyIds[i].ToString() ;
}
for( i = 0 ; i < rt.SubjectNames.Count ; i++ )
{
rv = rt.SubjectNames[i].ToString() == data.SubjectNames[i].ToString() ;
}
}
public static void Test4()
{
data = new KeyInfoX509Data() ;
data.AddSubjectKeyId( "SKI0" ) ;
data.AddSubjectKeyId( "SKI1" ) ;
rv = data.SubjectKeyIds.Count == 2 ;
data = new KeyInfoX509Data() ;
data.AddSubjectKeyId( new byte[]{1,2,3,4,5,6} ) ;
data.AddSubjectKeyId( new byte[]{7,8,9,10,11,12} ) ;
rv = data.SubjectKeyIds.Count == 2 ;
}
///////////////////////////////////////////////////////////////////////
///
/// <summary>
/// Carry out the Sign command.
/// </summary>
///
static void DoSignCommand(string title, X509Certificate2 certificate)
{
Console.WriteLine();
Console.WriteLine("Signing Xml file \"" + fileNames[0] + "\"...");
Console.WriteLine();
// display more details for verbose operation.
if (verbose)
{
DisplayDetail(null, certificate, detached);
}
SignedXml signedXml = new SignedXml();
ICspAsymmetricAlgorithm csp = (ICspAsymmetricAlgorithm)certificate.PrivateKey;
if (csp.CspKeyContainerInfo.RandomlyGenerated)
{
throw new InternalException("Internal error: This certificate does not have a corresponding private key.");
}
signedXml.SigningKey = (AsymmetricAlgorithm)csp;
Console.WriteLine(signedXml.SigningKey.ToXmlString(false));
if (detached)
{
Reference reference = new Reference();
reference.Uri = "file://" + Path.GetFullPath((string)fileNames[0]);
signedXml.AddReference(reference);
}
else
{
Reference reference = new Reference();
reference.Uri = "#object-1";
// Add an object
XmlDocument dataObject = new XmlDocument();
dataObject.PreserveWhitespace = true;
XmlElement dataElement = (XmlElement)dataObject.CreateElement("DataObject", SignedXml.XmlDsigNamespaceUrl);
dataElement.AppendChild(dataObject.CreateTextNode(new UTF8Encoding(false).GetString(ReadFile((string)fileNames[0]))));
dataObject.AppendChild(dataElement);
DataObject obj = new DataObject();
obj.Data = dataObject.ChildNodes;
obj.Id = "object-1";
signedXml.AddObject(obj);
signedXml.AddReference(reference);
}
signedXml.KeyInfo = new KeyInfo();
if (includeOptions.Count == 0)
{
signedXml.KeyInfo.AddClause(new KeyInfoX509Data(certificate, X509IncludeOption.ExcludeRoot));
}
else
{
KeyInfoX509Data keyInfoX509Data = new KeyInfoX509Data();
foreach (IncludeOptions includeOption in includeOptions)
{
switch (includeOption)
{
case IncludeOptions.ExcludeRoot:
case IncludeOptions.EndCertOnly:
case IncludeOptions.WholeChain:
keyInfoX509Data = new KeyInfoX509Data(certificate, (X509IncludeOption)includeOption);
break;
case IncludeOptions.SubjectName:
keyInfoX509Data.AddSubjectName(certificate.SubjectName.Name);
break;
case IncludeOptions.SKI:
X509ExtensionCollection extensions = certificate.Extensions;
foreach (X509Extension extension in extensions)
{
if (extension.Oid.Value == "2.5.29.14") // OID for SKI extension
{
X509SubjectKeyIdentifierExtension ski = extension as X509SubjectKeyIdentifierExtension;
if (ski != null)
{
keyInfoX509Data.AddSubjectKeyId(ski.SubjectKeyIdentifier);
break;
}
}
}
break;
case IncludeOptions.IssuerSerial:
keyInfoX509Data.AddIssuerSerial(certificate.IssuerName.Name, certificate.SerialNumber);
break;
}
signedXml.KeyInfo.AddClause(keyInfoX509Data);
}
}
// compute the signature
signedXml.ComputeSignature();
XmlElement xmlDigitalSignature = signedXml.GetXml();
// write it out
XmlTextWriter xmltw = new XmlTextWriter((string)fileNames[1], new UTF8Encoding(false));
xmlDigitalSignature.WriteTo(xmltw);
xmltw.Close();
Console.WriteLine();
Console.WriteLine("Signature written to file \"" + fileNames[1] + "\".");
Console.WriteLine();
return;
}
public void AddSubjectKeyId_String_Null()
{
KeyInfoX509Data data1 = new KeyInfoX509Data();
data1.AddSubjectKeyId((string)null);
}