public void CreateSigningCertificateV2_WithValidInput_ReturnsAttribute(Common.HashAlgorithmName hashAlgorithmName) { using (var certificate = _fixture.GetDefaultCertificate()) { var attribute = AttributeUtility.CreateSigningCertificateV2(certificate, hashAlgorithmName); Assert.Equal(Oids.SigningCertificateV2, attribute.Oid.Value); Assert.Equal(1, attribute.Values.Count); var signingCertificateV2 = SigningCertificateV2.Read(attribute.Values[0].RawData); Assert.Equal(1, signingCertificateV2.Certificates.Count); var essCertIdV2 = signingCertificateV2.Certificates[0]; var expectedHash = SigningTestUtility.GetHash(certificate, hashAlgorithmName); SigningTestUtility.VerifyByteArrays(expectedHash, essCertIdV2.CertificateHash); Assert.Equal( hashAlgorithmName, CryptoHashUtility.OidToHashAlgorithmName(essCertIdV2.HashAlgorithm.Algorithm.Value)); Assert.Equal(certificate.IssuerName.Name, essCertIdV2.IssuerSerial.GeneralNames[0].DirectoryName.Name); var serialNumber = certificate.GetSerialNumber(); // Convert from little endian to big endian. Array.Reverse(serialNumber); SigningTestUtility.VerifyByteArrays( serialNumber, essCertIdV2.IssuerSerial.SerialNumber); } }
private static void VerifyAttributes( System.Security.Cryptography.CryptographicAttributeObjectCollection attributes, SignPackageRequest request) { var pkcs9SigningTimeAttributeFound = false; var commitmentTypeIndicationAttributeFound = false; var signingCertificateV2AttributeFound = false; foreach (var attribute in attributes) { Assert.Equal(1, attribute.Values.Count); switch (attribute.Oid.Value) { case "1.2.840.113549.1.9.5": // PKCS #9 signing time Assert.IsType <Pkcs9SigningTime>(attribute.Values[0]); pkcs9SigningTimeAttributeFound = true; break; case Oids.CommitmentTypeIndication: var qualifier = CommitmentTypeQualifier.Read(attribute.Values[0].RawData); var expectedCommitmentType = AttributeUtility.GetSignatureTypeOid(request.SignatureType); Assert.Equal(expectedCommitmentType, qualifier.CommitmentTypeIdentifier.Value); commitmentTypeIndicationAttributeFound = true; break; case Oids.SigningCertificateV2: var signingCertificateV2 = SigningCertificateV2.Read(attribute.Values[0].RawData); Assert.Equal(1, signingCertificateV2.Certificates.Count); var essCertIdV2 = signingCertificateV2.Certificates[0]; Assert.Equal(SigningTestUtility.GetHash(request.Certificate, request.SignatureHashAlgorithm), essCertIdV2.CertificateHash); Assert.Equal(request.SignatureHashAlgorithm.ConvertToOidString(), essCertIdV2.HashAlgorithm.Algorithm.Value); Assert.Equal(request.Certificate.IssuerName.Name, essCertIdV2.IssuerSerial.GeneralNames[0].DirectoryName.Name); SigningTestUtility.VerifySerialNumber(request.Certificate, essCertIdV2.IssuerSerial); Assert.Null(signingCertificateV2.Policies); signingCertificateV2AttributeFound = true; break; } } Assert.True(pkcs9SigningTimeAttributeFound); Assert.True(commitmentTypeIndicationAttributeFound); Assert.True(signingCertificateV2AttributeFound); }
public void Create_WithSha512_ReturnsEssCertIdV2() { var hashAlgorithmName = HashAlgorithmName.SHA512; using (var certificate = _fixture.GetDefaultCertificate()) { var essCertIdV2 = EssCertIdV2.Create(certificate, hashAlgorithmName); Assert.Equal(SigningTestUtility.GetHash(certificate, hashAlgorithmName), essCertIdV2.CertificateHash); Assert.Equal(Oids.Sha512, essCertIdV2.HashAlgorithm.Algorithm.Value); Assert.Equal(1, essCertIdV2.IssuerSerial.GeneralNames.Count); Assert.Equal(certificate.IssuerName.Name, essCertIdV2.IssuerSerial.GeneralNames[0].DirectoryName.Name); SigningTestUtility.VerifySerialNumber(certificate, essCertIdV2.IssuerSerial); } }
public void Create_WithValidInput_ReturnsSigningCertificateV2(HashAlgorithmName hashAlgorithmName) { using (var certificate = _fixture.GetDefaultCertificate()) { var signingCertificateV2 = SigningCertificateV2.Create(certificate, hashAlgorithmName); Assert.Equal(1, signingCertificateV2.Certificates.Count); var essCertIdV2 = signingCertificateV2.Certificates[0]; Assert.Equal(hashAlgorithmName, CryptoHashUtility.OidToHashAlgorithmName(essCertIdV2.HashAlgorithm.Algorithm.Value)); Assert.Equal(SigningTestUtility.GetHash(certificate, hashAlgorithmName), essCertIdV2.CertificateHash); Assert.Equal(1, essCertIdV2.IssuerSerial.GeneralNames.Count); Assert.Equal(certificate.IssuerName.Name, essCertIdV2.IssuerSerial.GeneralNames[0].DirectoryName.Name); SigningTestUtility.VerifySerialNumber(certificate, essCertIdV2.IssuerSerial); Assert.Null(signingCertificateV2.Policies); } }
public void Read_WithValidInput_ReturnsEssCertId() { using (var certificate = _fixture.GetDefaultCertificate()) { var bcCertificate = DotNetUtilities.FromX509Certificate(certificate); var bcGeneralNames = new GeneralNames( new BcGeneralName(BcGeneralName.DirectoryName, bcCertificate.IssuerDN)); var bcIssuerSerial = new BcIssuerSerial(bcGeneralNames, new DerInteger(bcCertificate.SerialNumber)); var hash = SigningTestUtility.GetHash(certificate, Common.HashAlgorithmName.SHA256); var bcEssCertId = new BcEssCertId(hash, bcIssuerSerial); var bytes = bcEssCertId.GetDerEncoded(); var essCertId = EssCertId.Read(bytes); Assert.Equal(1, essCertId.IssuerSerial.GeneralNames.Count); Assert.Equal(certificate.IssuerName.Name, essCertId.IssuerSerial.GeneralNames[0].DirectoryName.Name); SigningTestUtility.VerifyByteArrays(hash, essCertId.CertificateHash); SigningTestUtility.VerifyByteArrays(bcIssuerSerial.Serial.Value.ToByteArray(), essCertId.IssuerSerial.SerialNumber); } }