/// <summary>
        /// Parse asn data
        /// </summary>
        /// <param name="data"></param>
        private void Parse(byte[] data)
        {
            if (base.Oid.Value != Oids.AuthorityKeyIdentifier &&
                base.Oid.Value != Oids.AuthorityKeyIdentifier2)
            {
                throw new FormatException("Extension has unknown oid.");
            }
            var authorityKey =
                new Org.BouncyCastle.X509.Extension.AuthorityKeyIdentifierStructure(
                    new Org.BouncyCastle.Asn1.DerOctetString(data));

            if (authorityKey == null)
            {
                throw new FormatException("Extension has bad oid.");
            }
            if (authorityKey.AuthorityCertSerialNumber != null)
            {
                SerialNumber = new SerialNumber(
                    authorityKey.AuthorityCertSerialNumber.ToByteArray());
            }
            AuthorityNames.Clear();
            if (authorityKey.AuthorityCertIssuer != null)
            {
                foreach (var name in authorityKey.AuthorityCertIssuer.GetNames())
                {
                    if (name.TagNo == Org.BouncyCastle.Asn1.X509.GeneralName.DirectoryName)
                    {
                        AuthorityNames.Add(name.Name.ToString());
                    }
                }
            }
            KeyId = authorityKey.GetKeyIdentifier().ToBase16String();
        }
 /// <summary>
 /// Create extension
 /// </summary>
 /// <param name="authorityNames"></param>
 /// <param name="serialNumber">big-endian</param>
 /// <param name="keyId"></param>
 /// <param name="critical"></param>
 public X509AuthorityKeyIdentifierExtension(IEnumerable <string> authorityNames,
                                            SerialNumber serialNumber, string keyId, bool critical = false) :
     this(Oids.AuthorityKeyIdentifier,
          BuildAuthorityKeyIdentifier(authorityNames, serialNumber, keyId),
          critical)
 {
 }
        /// <summary>
        /// Build the X509 Authority Key extension.
        /// </summary>
        /// <param name="authorityNames">The distinguished name of the issuer</param>
        /// <param name="serialNumber">The serial number of the issuer</param>
        /// <param name="keyId">The subject key identifier to use</param>
        private static byte[] BuildAuthorityKeyIdentifier(
            IEnumerable <string> authorityNames, SerialNumber serialNumber, string keyId)
        {
            using (var writer = new AsnWriter(AsnEncodingRules.DER)) {
                writer.PushSequence();
                if (keyId != null)
                {
                    var keyIdTag = new Asn1Tag(TagClass.ContextSpecific, 0);
                    writer.WriteOctetString(keyIdTag, keyId.DecodeAsBase16());
                }

                var issuerNameTag = new Asn1Tag(TagClass.ContextSpecific, 1);
                writer.PushSequence(issuerNameTag);
                // Add the tag to constructed context-specific 4 (GeneralName.directoryName)
                foreach (var issuerName in authorityNames)
                {
                    var directoryNameTag = new Asn1Tag(TagClass.ContextSpecific, 4, true);
                    writer.PushSetOf(directoryNameTag);
                    writer.WriteEncodedValue(X500DistinguishedNameEx.Create(issuerName).RawData);
                    writer.PopSetOf(directoryNameTag);
                }
                writer.PopSequence(issuerNameTag);

                var issuerSerialTag = new Asn1Tag(TagClass.ContextSpecific, 2);
                writer.WriteInteger(issuerSerialTag, serialNumber.ToBigInteger());

                writer.PopSequence();
                return(writer.Encode());
            }
        }
        public void TestParseX509AuthorityKeyIdentifierExtension3()
        {
            // Setup
            var authority    = "CN=TestAuthority";
            var keyId        = "32362340932423";
            var serialNumber = new SerialNumber(40);

            // Act
            var extension1 = new X509AuthorityKeyIdentifierExtension(
                authority, serialNumber, keyId, false);

            var buffer = extension1.RawData;

            var extension2 = new X509AuthorityKeyIdentifierExtension(buffer);
            var extension3 = new X509AuthorityKeyIdentifierExtension(extension2, true);

            // Assert

            Assert.Equal(extension1.AuthorityNames, extension3.AuthorityNames);
            Assert.Single(extension3.AuthorityNames);
            Assert.Equal(authority, extension1.AuthorityNames.Single());
            Assert.Equal(extension1.SerialNumber, extension3.SerialNumber);
            Assert.Equal(serialNumber, extension3.SerialNumber);
            Assert.Equal(extension1.KeyId, extension3.KeyId);
            Assert.Equal(keyId, extension3.KeyId);
            Assert.Equal(Oids.AuthorityKeyIdentifier,
                         extension1.Oid.Value);
            Assert.Equal(Oids.AuthorityKeyIdentifier,
                         extension3.Oid.Value);
            Assert.True(extension3.Critical);
        }
        public void TestCreate509AuthorityKeyIdentifierExtension2()
        {
            var authority = "CN=TestAuthority";
            var keyId     = "32362340932423";

            var serial = new byte[20];
            var rand   = new Random();

            rand.NextBytes(serial);
            serial[0] = 0;
            serial[1] = 0;
            serial[2] = 0;
            var serialNumber = new SerialNumber(serial);

            using (var rsa = RSA.Create()) {
                var request = rsa.ToKey().CreateCertificateRequest(
                    new X500DistinguishedName("CN=test"),
                    SignatureType.PS256,
                    new X509AuthorityKeyIdentifierExtension(authority, serialNumber, keyId)
                    .YieldReturn());
                var cert = request.Create(new X500DistinguishedName("CN=test"),
                                          X509SignatureGenerator.CreateForRSA(rsa, RSASignaturePadding.Pkcs1),
                                          DateTime.UtcNow, DateTime.UtcNow + TimeSpan.FromDays(1), serialNumber.Value);

                var aki = cert.GetAuthorityKeyIdentifierExtension();

                Assert.Equal(serialNumber, aki.SerialNumber);
                Assert.Equal(serialNumber.ToString(), cert.SerialNumber);
                Assert.Equal(aki.SerialNumber, SerialNumber.Parse(cert.SerialNumber));
            }
        }
Exemplo n.º 6
0
        public void ConvertToStringAndParseSize(long value)
        {
            var serial1 = new SerialNumber(value);
            var serial2 = SerialNumber.Parse(serial1.ToString());

            Assert.Equal(serial1, serial2);
        }
        public void TestParseX509AuthorityKeyIdentifierExtension2()
        {
            // Setup
            var authorities = new List <string> {
                "CN=TestAuthority", "CN=test", "CN=ttttttt"
            };
            var keyId        = "32362340932423";
            var serialNumber = new SerialNumber();

            // Act
            var extension1 = new X509AuthorityKeyIdentifierExtension(
                authorities, serialNumber, keyId, false);
            var sm1 = extension1.Format(true);
            var s1  = extension1.Format(false);

            var buffer = extension1.RawData;

            var extension2 = new X509AuthorityKeyIdentifierExtension(buffer, true);
            var sm2        = extension2.Format(true);
            var s2         = extension2.Format(false);

            // Assert

            Assert.Equal(extension1.AuthorityNames, extension2.AuthorityNames);
            Assert.Equal(authorities, extension1.AuthorityNames);
            Assert.Equal(extension1.SerialNumber, extension2.SerialNumber);
            Assert.Equal(serialNumber, extension2.SerialNumber);
            Assert.Equal(extension1.KeyId, extension2.KeyId);
            Assert.Equal(keyId, extension2.KeyId);
            Assert.Equal(Oids.AuthorityKeyIdentifier,
                         extension1.Oid.Value);
            Assert.Equal(Oids.AuthorityKeyIdentifier,
                         extension2.Oid.Value);
            Assert.True(extension2.Critical);
            Assert.Equal(sm1, sm2);
            Assert.Equal(s1, s2);
        }
        public void TestParseX509AuthorityKeyIdentifierExtension1()
        {
            // Setup
            var authority = "CN=TestAuthority";
            var keyId     = "32362340932423";

            var serialNumber = new SerialNumber(4);

            // Act
            var extension1 = new X509AuthorityKeyIdentifierExtension(
                authority, serialNumber, keyId, false);
            var sm1 = extension1.Format(true);
            var s1  = extension1.Format(false);

            var buffer = extension1.RawData;

            var extension2 = new X509AuthorityKeyIdentifierExtension(buffer);
            var sm2        = extension2.Format(true);
            var s2         = extension2.Format(false);

            // Assert

            Assert.Equal(extension1.AuthorityNames, extension2.AuthorityNames);
            Assert.Single(extension2.AuthorityNames);
            Assert.Equal(authority, extension1.AuthorityNames.Single());
            Assert.Equal(extension1.SerialNumber, extension2.SerialNumber);
            Assert.Equal(serialNumber, extension2.SerialNumber);
            Assert.Equal(extension1.KeyId, extension2.KeyId);
            Assert.Equal(keyId, extension2.KeyId);
            Assert.Equal(Oids.AuthorityKeyIdentifier,
                         extension1.Oid.Value);
            Assert.Equal(Oids.AuthorityKeyIdentifier,
                         extension2.Oid.Value);
            Assert.Equal(sm1, sm2);
            Assert.Equal(s1, s2);
        }
 /// <summary>
 /// Create extension
 /// </summary>
 /// <param name="authorityName"></param>
 /// <param name="serialNumber">big-endian</param>
 /// <param name="keyId"></param>
 /// <param name="critical"></param>
 public X509AuthorityKeyIdentifierExtension(string authorityName,
                                            SerialNumber serialNumber, string keyId, bool critical = false) :
     this(authorityName.YieldReturn(), serialNumber, keyId, critical)
 {
 }