public void ConstructorAsnEncodedData_BadAsn ()
		{
			AsnEncodedData aed = new AsnEncodedData ("1.2.3", new byte[0]);
			X509SubjectKeyIdentifierExtension ski = new X509SubjectKeyIdentifierExtension (aed, true);
			Assert.AreEqual (String.Empty, ski.Format (true), "Format(true)");
			Assert.AreEqual (String.Empty, ski.Format (false), "Format(false)");
			string s = ski.SubjectKeyIdentifier;
		}
        /// <summary>
        ///   Creates an <see cref="X509AuthorityKeyIdentifierExtension"/> that specifies
        ///   the key identifier value from a subject key identifier extension.
        /// </summary>
        /// <param name="subjectKeyIdentifier">
        ///   The subject key identifier extension from the Certificate Authority (CA) certificate
        ///   that will sign this extension.
        /// </param>
        /// <returns>
        ///   The configured extension.
        /// </returns>
        /// <exception cref="ArgumentNullException">
        ///   <paramref name="subjectKeyIdentifier"/> is <see langword="null" />.
        /// </exception>
        public static X509AuthorityKeyIdentifierExtension CreateFromSubjectKeyIdentifier(
            X509SubjectKeyIdentifierExtension subjectKeyIdentifier)
        {
            ArgumentNullException.ThrowIfNull(subjectKeyIdentifier);

            return(CreateFromSubjectKeyIdentifier(
                       subjectKeyIdentifier.SubjectKeyIdentifierBytes.Span));
        }
        internal X509ExtensionCollection(MX.X509Certificate cert)
        {
            _list = new ArrayList(cert.Extensions.Count);
            if (cert.Extensions.Count == 0)
            {
                return;
            }

#if !MOONLIGHT
            object[] parameters = new object [2];
#endif
            foreach (MX.X509Extension ext in cert.Extensions)
            {
                bool   critical = ext.Critical;
                string oid      = ext.Oid;
                byte[] raw_data = null;
                // extension data is embedded in an octet stream (4)
                ASN1 value = ext.Value;
                if ((value.Tag == 0x04) && (value.Count > 0))
                {
                    raw_data = value [0].GetBytes();
                }

                X509Extension newt = null;
#if MOONLIGHT
                // non-extensible
                switch (oid)
                {
                case "2.5.29.14":
                    newt = new X509SubjectKeyIdentifierExtension(new AsnEncodedData(oid, raw_data), critical);
                    break;

                case "2.5.29.15":
                    newt = new X509KeyUsageExtension(new AsnEncodedData(oid, raw_data), critical);
                    break;

                case "2.5.29.19":
                    newt = new X509BasicConstraintsExtension(new AsnEncodedData(oid, raw_data), critical);
                    break;

                case "2.5.29.37":
                    newt = new X509EnhancedKeyUsageExtension(new AsnEncodedData(oid, raw_data), critical);
                    break;
                }
#else
                parameters [0] = new AsnEncodedData(oid, raw_data);
                parameters [1] = critical;
                newt           = (X509Extension)CryptoConfig.CreateFromName(oid, parameters);
#endif
                if (newt == null)
                {
                    // not registred in CryptoConfig, using default
                    newt = new X509Extension(oid, raw_data, critical);
                }
                _list.Add(newt);
            }
        }
		public void ConstructorEmpty ()
		{
			X509SubjectKeyIdentifierExtension ski = new X509SubjectKeyIdentifierExtension ();
			Assert.IsFalse (ski.Critical, "Critical");
			Assert.IsNull (ski.RawData, "RawData");
			Assert.AreEqual (oid, ski.Oid.Value, "Oid.Value");
			Assert.AreEqual (fname, ski.Oid.FriendlyName, "Oid.FriendlyName");
			Assert.AreEqual (String.Empty, ski.Format (true), "Format(true)");
			Assert.AreEqual (String.Empty, ski.Format (false), "Format(false)");
		}
        internal static byte FromHexChars(char c1, char c2)
        {
            byte b = X509SubjectKeyIdentifierExtension.FromHexChar(c1);

            if (b < 255)
            {
                b = (byte)((int)b << 4 | (int)X509SubjectKeyIdentifierExtension.FromHexChar(c2));
            }
            return(b);
        }
		public void ConstructorEmpty ()
		{
			X509SubjectKeyIdentifierExtension ski = new X509SubjectKeyIdentifierExtension ();
			Assert.IsFalse (ski.Critical, "Critical");
			Assert.IsNull (ski.RawData, "RawData");
			Assert.AreEqual (oid, ski.Oid.Value, "Oid.Value");
			// FIXME: Don't expect that FriendlyName is English. This test fails under non-English Windows.
			//Assert.AreEqual (fname, ski.Oid.FriendlyName, "Oid.FriendlyName");
			Assert.AreEqual (String.Empty, ski.Format (true), "Format(true)");
			Assert.AreEqual (String.Empty, ski.Format (false), "Format(false)");
		}
        private string GetKeyIdentifier(X509Certificate2 x)
        {
            // if present in certificate return value of the SubjectKeyIdentifier
            X509SubjectKeyIdentifierExtension ski = (x.Extensions ["2.5.29.14"] as X509SubjectKeyIdentifierExtension);

            if (ski == null)
            {
                // if not then we must calculate the SubjectKeyIdentifier ourselve
                ski = new X509SubjectKeyIdentifierExtension(x.PublicKey, X509SubjectKeyIdentifierHashAlgorithm.CapiSha1, false);
            }
            return(ski.SubjectKeyIdentifier);
        }
		public void ConstructorAsnEncodedData ()
		{
			AsnEncodedData aed = new AsnEncodedData (new byte[] { 0x04, 0x08, 0x01, 0x23, 0x45, 0x67, 0x89, 0xAB, 0xCD, 0xEF });
			X509SubjectKeyIdentifierExtension ski = new X509SubjectKeyIdentifierExtension (aed, true);
			Assert.IsTrue (ski.Critical, "Critical");
			Assert.AreEqual (oid, ski.Oid.Value, "Oid.Value");
			Assert.AreEqual (fname, ski.Oid.FriendlyName, "Oid.FriendlyName");
			Assert.AreEqual ("04-08-01-23-45-67-89-AB-CD-EF", BitConverter.ToString (ski.RawData), "RawData");
			Assert.AreEqual ("0123456789ABCDEF", ski.SubjectKeyIdentifier, "SubjectKeyIdentifier");
			Assert.AreEqual ("01 23 45 67 89 ab cd ef" + Environment.NewLine, ski.Format (true), "Format(true)");
			Assert.AreEqual ("01 23 45 67 89 ab cd ef", ski.Format (false), "Format(false)");
		}
 /// <summary>Initializes a new instance of the <see cref="T:System.Security.Cryptography.X509Certificates.X509SubjectKeyIdentifierExtension" /> class using a string and a value that identifies whether the extension is critical.</summary>
 /// <param name="subjectKeyIdentifier">A string, encoded in hexadecimal format, that represents the subject key identifier (SKI) for a certificate.</param>
 /// <param name="critical">true if the extension is critical; otherwise, false.</param>
 public X509SubjectKeyIdentifierExtension(string subjectKeyIdentifier, bool critical)
 {
     if (subjectKeyIdentifier == null)
     {
         throw new ArgumentNullException("subjectKeyIdentifier");
     }
     if (subjectKeyIdentifier.Length < 2)
     {
         throw new ArgumentException("subjectKeyIdentifier");
     }
     this._oid     = new Oid("2.5.29.14", "Subject Key Identifier");
     base.Critical = critical;
     this._subjectKeyIdentifier = X509SubjectKeyIdentifierExtension.FromHex(subjectKeyIdentifier);
     base.RawData = this.Encode();
 }
Exemplo n.º 10
0
		internal X509ExtensionCollection (MX.X509Certificate cert)
		{
			_list = new ArrayList (cert.Extensions.Count);
			if (cert.Extensions.Count == 0)
				return;

#if !MOONLIGHT
			object[] parameters = new object [2];
#endif
			foreach (MX.X509Extension ext in cert.Extensions) {
				bool critical = ext.Critical;
				string oid = ext.Oid;
				byte[] raw_data = null;
				// extension data is embedded in an octet stream (4)
				ASN1 value = ext.Value;
				if ((value.Tag == 0x04) && (value.Count > 0))
					raw_data = value [0].GetBytes ();

				X509Extension newt = null;
#if MOONLIGHT || FULL_AOT_RUNTIME
				// non-extensible
				switch (oid) {
				case "2.5.29.14":
					newt = new X509SubjectKeyIdentifierExtension (new AsnEncodedData (oid, raw_data), critical);
					break;
				case "2.5.29.15":
					newt = new X509KeyUsageExtension (new AsnEncodedData (oid, raw_data), critical);
					break;
				case "2.5.29.19":
					newt = new X509BasicConstraintsExtension (new AsnEncodedData (oid, raw_data), critical);
					break;
				case "2.5.29.37":
					newt = new X509EnhancedKeyUsageExtension (new AsnEncodedData (oid, raw_data), critical);
					break;
				}
#else
				parameters [0] = new AsnEncodedData (oid, raw_data ?? Empty);
				parameters [1] = critical;
				newt = (X509Extension) CryptoConfig.CreateFromName (oid, parameters);
#endif
				if (newt == null) {
					// not registred in CryptoConfig, using default
					newt = new X509Extension (oid, raw_data ?? Empty, critical);
				}
				_list.Add (newt);
			}
		}
        internal static byte[] FromHex(string hex)
        {
            if (hex == null)
            {
                return(null);
            }
            int num = hex.Length >> 1;

            byte[] array = new byte[num];
            int    i     = 0;
            int    num2  = 0;

            while (i < num)
            {
                array[i++] = X509SubjectKeyIdentifierExtension.FromHexChars(hex[num2++], hex[num2++]);
            }
            return(array);
        }
		public void CopyFrom_Null ()
		{
			X509SubjectKeyIdentifierExtension ski = new X509SubjectKeyIdentifierExtension ();
			ski.CopyFrom (null);
		}
		public void WrongExtension_X509Extension_CertificateAuthority ()
		{
			X509Extension ex = new X509Extension ("1.2.3", new byte[0], true);
			X509SubjectKeyIdentifierExtension ski = new X509SubjectKeyIdentifierExtension ();
			ski.CopyFrom (ex);
			string s = ski.SubjectKeyIdentifier;
		}
		public void WrongAsnEncodedData ()
		{
			AsnEncodedData aed = new AsnEncodedData (new byte[0]);
			X509SubjectKeyIdentifierExtension ski = new X509SubjectKeyIdentifierExtension ("www.mono-project.com", false);
			ski.CopyFrom (aed); // note: not the same behaviour than using the constructor!
		}
		public void ConstructorString_NotHex ()
		{
			X509SubjectKeyIdentifierExtension ski = new X509SubjectKeyIdentifierExtension ("Mono::", true);
			Assert.IsTrue (ski.Critical, "Critical");
			Assert.AreEqual ("04-03-FF-FF-FF", BitConverter.ToString (ski.RawData), "RawData");
			Assert.AreEqual (oid, ski.Oid.Value, "Oid.Value");
			Assert.AreEqual (fname, ski.Oid.FriendlyName, "Oid.FriendlyName");
			Assert.AreEqual ("FFFFFF", ski.SubjectKeyIdentifier, "SubjectKeyIdentifier");
			Assert.AreEqual ("ff ff ff" + Environment.NewLine, ski.Format (true), "Format(true)");
			Assert.AreEqual ("ff ff ff", ski.Format (false), "Format(false)");
		}
		public void ConstructorAsnEncodedData_Null ()
		{
			X509SubjectKeyIdentifierExtension ski = new X509SubjectKeyIdentifierExtension ((AsnEncodedData)null, true);
		}
		public void ConstructorEmpty_SubjectKeyIdentifier ()
		{
			X509SubjectKeyIdentifierExtension ski = new X509SubjectKeyIdentifierExtension ();
			Assert.IsNull (ski.SubjectKeyIdentifier, "SubjectKeyIdentifier");
		}
		public void ConstructorPublicKey_Null ()
		{
			X509SubjectKeyIdentifierExtension ski = new X509SubjectKeyIdentifierExtension ((PublicKey)null, true);
		}
Exemplo n.º 19
0
        private string GetSubjectKeyIdentifier(X509Certificate2 certificate)
        {
            X509SubjectKeyIdentifierExtension x509SubjectKeyIdentifierExtension = (X509SubjectKeyIdentifierExtension)certificate.Extensions["2.5.29.14"];

            return((x509SubjectKeyIdentifierExtension != null) ? x509SubjectKeyIdentifierExtension.SubjectKeyIdentifier : string.Empty);
        }
        private string GetSubjectKeyIdentifier(X509Certificate2 certificate)
        {
            X509SubjectKeyIdentifierExtension ski = (certificate.Extensions["2.5.29.14"] as X509SubjectKeyIdentifierExtension);

            return((ski == null) ? String.Empty : ski.SubjectKeyIdentifier);
        }
		public void ConstructorString_Empty ()
		{
			X509SubjectKeyIdentifierExtension ski = new X509SubjectKeyIdentifierExtension (String.Empty, true);
		}
		public void ConstructorAsnEncodedData_BadAsnLength ()
		{
			AsnEncodedData aed = new AsnEncodedData ("1.2.3", new byte[] { 0x30, 0x01 });
			X509SubjectKeyIdentifierExtension ski = new X509SubjectKeyIdentifierExtension (aed, true);
			Assert.AreEqual ("3001", ski.Format (true), "Format(true)");
			Assert.AreEqual ("3001", ski.Format (false), "Format(false)");
			string s = ski.SubjectKeyIdentifier;
		}
		public void ConstructorString_Null ()
		{
			X509SubjectKeyIdentifierExtension ski = new X509SubjectKeyIdentifierExtension ((String)null, true);
		}
		public void ConstructorByteArray_Empty ()
		{
			X509SubjectKeyIdentifierExtension ski = new X509SubjectKeyIdentifierExtension (new byte[0], true);
		}
		public void ConstructorByteArray_Null ()
		{
			X509SubjectKeyIdentifierExtension ski = new X509SubjectKeyIdentifierExtension ((byte[])null, true);
		}
		public void CopyFrom_Self ()
		{
			X509SubjectKeyIdentifierExtension ski = new X509SubjectKeyIdentifierExtension ("ff", true);
			Assert.IsTrue (ski.Critical, "Critical");
			byte[] raw = ski.RawData;
			Assert.AreEqual ("04-01-FF", BitConverter.ToString (raw), "RawData");

			AsnEncodedData aed = new AsnEncodedData (raw);
			X509SubjectKeyIdentifierExtension copy = new X509SubjectKeyIdentifierExtension (aed, false);
			Assert.IsFalse (copy.Critical, "Critical");
			Assert.AreEqual ("04-01-FF", BitConverter.ToString (copy.RawData), "copy.RawData");
			Assert.AreEqual (oid, copy.Oid.Value, "Oid.Value");
			// FIXME: Don't expect that FriendlyName is English. This test fails under non-English Windows.
			//Assert.AreEqual (fname, copy.Oid.FriendlyName, "Oid.FriendlyName");
			Assert.AreEqual ("FF", copy.SubjectKeyIdentifier, "SubjectKeyIdentifier");
		}
		public void ConstructorByteArray_20 ()
		{
			X509SubjectKeyIdentifierExtension ski = new X509SubjectKeyIdentifierExtension (new byte[20], true);
			Assert.IsTrue (ski.Critical, "Critical");
			Assert.AreEqual ("04-14-00-00-00-00-00-00-00-00-00-00-00-00-00-00-00-00-00-00-00-00", BitConverter.ToString (ski.RawData), "RawData");
			Assert.AreEqual (oid, ski.Oid.Value, "Oid.Value");
			Assert.AreEqual (fname, ski.Oid.FriendlyName, "Oid.FriendlyName");
			Assert.AreEqual ("0000000000000000000000000000000000000000", ski.SubjectKeyIdentifier, "SubjectKeyIdentifier");
			Assert.AreEqual ("00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00" + Environment.NewLine, ski.Format (true), "Format(true)");
			Assert.AreEqual ("00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00", ski.Format (false), "Format(false)");
		}
		public void ConstructorPublicKeyHash_Null ()
		{
			X509SubjectKeyIdentifierExtension ski = new X509SubjectKeyIdentifierExtension (null, X509SubjectKeyIdentifierHashAlgorithm.Sha1, true);
		}
		public void ConstructorPublicKeyHash_CapiSha1 ()
		{
			X509SubjectKeyIdentifierExtension ski = new X509SubjectKeyIdentifierExtension (pk1, X509SubjectKeyIdentifierHashAlgorithm.CapiSha1, false);
			Assert.IsFalse (ski.Critical, "Critical");
			Assert.AreEqual ("2.5.29.14", ski.Oid.Value, "Oid");
			Assert.AreEqual ("0E73CE0E2E059378FC782707EBF0B4E7AEA652E1", ski.SubjectKeyIdentifier, "SubjectKeyIdentifier");
			Assert.AreEqual ("04-14-0E-73-CE-0E-2E-05-93-78-FC-78-27-07-EB-F0-B4-E7-AE-A6-52-E1", BitConverter.ToString (ski.RawData), "RawData");
		}
 public X509SubjectKeyIdentifierExtensionWrapper(X509SubjectKeyIdentifierExtension extension)
     : base(extension)
 {
     x509 = extension;
 }
		public void WrongExtension_X509KeyUsageExtension ()
		{
			X509KeyUsageExtension ku = new X509KeyUsageExtension ();
			X509SubjectKeyIdentifierExtension ski = new X509SubjectKeyIdentifierExtension ();
			ski.CopyFrom (ku);
		}
        public X509Certificate2Collection Find(X509FindType findType, object findValue, bool validOnly)
        {
            if (findValue == null)
            {
                throw new ArgumentNullException("findValue");
            }
            string            text              = string.Empty;
            string            text2             = string.Empty;
            X509KeyUsageFlags x509KeyUsageFlags = X509KeyUsageFlags.None;
            DateTime          t = DateTime.MinValue;

            switch (findType)
            {
            case X509FindType.FindByThumbprint:
            case X509FindType.FindBySubjectName:
            case X509FindType.FindBySubjectDistinguishedName:
            case X509FindType.FindByIssuerName:
            case X509FindType.FindByIssuerDistinguishedName:
            case X509FindType.FindBySerialNumber:
            case X509FindType.FindByTemplateName:
            case X509FindType.FindBySubjectKeyIdentifier:
                try
                {
                    text = (string)findValue;
                }
                catch (Exception inner)
                {
                    string text3 = Locale.GetText("Invalid find value type '{0}', expected '{1}'.", new object[]
                    {
                        findValue.GetType(),
                        "string"
                    });
                    throw new CryptographicException(text3, inner);
                }
                break;

            case X509FindType.FindByTimeValid:
            case X509FindType.FindByTimeNotYetValid:
            case X509FindType.FindByTimeExpired:
                try
                {
                    t = (DateTime)findValue;
                }
                catch (Exception inner2)
                {
                    string text4 = Locale.GetText("Invalid find value type '{0}', expected '{1}'.", new object[]
                    {
                        findValue.GetType(),
                        "X509DateTime"
                    });
                    throw new CryptographicException(text4, inner2);
                }
                break;

            case X509FindType.FindByApplicationPolicy:
            case X509FindType.FindByCertificatePolicy:
            case X509FindType.FindByExtension:
                try
                {
                    text2 = (string)findValue;
                }
                catch (Exception inner3)
                {
                    string text5 = Locale.GetText("Invalid find value type '{0}', expected '{1}'.", new object[]
                    {
                        findValue.GetType(),
                        "X509KeyUsageFlags"
                    });
                    throw new CryptographicException(text5, inner3);
                }
                try
                {
                    CryptoConfig.EncodeOID(text2);
                }
                catch (CryptographicUnexpectedOperationException)
                {
                    string text6 = Locale.GetText("Invalid OID value '{0}'.", new object[]
                    {
                        text2
                    });
                    throw new ArgumentException("findValue", text6);
                }
                break;

            case X509FindType.FindByKeyUsage:
                try
                {
                    x509KeyUsageFlags = (X509KeyUsageFlags)((int)findValue);
                }
                catch (Exception inner4)
                {
                    string text7 = Locale.GetText("Invalid find value type '{0}', expected '{1}'.", new object[]
                    {
                        findValue.GetType(),
                        "X509KeyUsageFlags"
                    });
                    throw new CryptographicException(text7, inner4);
                }
                break;

            default:
            {
                string text8 = Locale.GetText("Invalid find type '{0}'.", new object[]
                    {
                        findType
                    });
                throw new CryptographicException(text8);
            }
            }
            CultureInfo invariantCulture = CultureInfo.InvariantCulture;
            X509Certificate2Collection x509Certificate2Collection = new X509Certificate2Collection();

            foreach (object obj in base.InnerList)
            {
                X509Certificate2 x509Certificate = (X509Certificate2)obj;
                bool             flag            = false;
                switch (findType)
                {
                case X509FindType.FindByThumbprint:
                    flag = (string.Compare(text, x509Certificate.Thumbprint, true, invariantCulture) == 0 || string.Compare(text, x509Certificate.GetCertHashString(), true, invariantCulture) == 0);
                    break;

                case X509FindType.FindBySubjectName:
                {
                    string nameInfo = x509Certificate.GetNameInfo(X509NameType.SimpleName, false);
                    flag = (nameInfo.IndexOf(text, StringComparison.InvariantCultureIgnoreCase) >= 0);
                    break;
                }

                case X509FindType.FindBySubjectDistinguishedName:
                    flag = (string.Compare(text, x509Certificate.Subject, true, invariantCulture) == 0);
                    break;

                case X509FindType.FindByIssuerName:
                {
                    string nameInfo2 = x509Certificate.GetNameInfo(X509NameType.SimpleName, true);
                    flag = (nameInfo2.IndexOf(text, StringComparison.InvariantCultureIgnoreCase) >= 0);
                    break;
                }

                case X509FindType.FindByIssuerDistinguishedName:
                    flag = (string.Compare(text, x509Certificate.Issuer, true, invariantCulture) == 0);
                    break;

                case X509FindType.FindBySerialNumber:
                    flag = (string.Compare(text, x509Certificate.SerialNumber, true, invariantCulture) == 0);
                    break;

                case X509FindType.FindByTimeValid:
                    flag = (t >= x509Certificate.NotBefore && t <= x509Certificate.NotAfter);
                    break;

                case X509FindType.FindByTimeNotYetValid:
                    flag = (t < x509Certificate.NotBefore);
                    break;

                case X509FindType.FindByTimeExpired:
                    flag = (t > x509Certificate.NotAfter);
                    break;

                case X509FindType.FindByApplicationPolicy:
                    flag = (x509Certificate.Extensions.Count == 0);
                    break;

                case X509FindType.FindByExtension:
                    flag = (x509Certificate.Extensions[text2] != null);
                    break;

                case X509FindType.FindByKeyUsage:
                {
                    X509KeyUsageExtension x509KeyUsageExtension = x509Certificate.Extensions["2.5.29.15"] as X509KeyUsageExtension;
                    flag = (x509KeyUsageExtension == null || (x509KeyUsageExtension.KeyUsages & x509KeyUsageFlags) == x509KeyUsageFlags);
                    break;
                }

                case X509FindType.FindBySubjectKeyIdentifier:
                {
                    X509SubjectKeyIdentifierExtension x509SubjectKeyIdentifierExtension = x509Certificate.Extensions["2.5.29.14"] as X509SubjectKeyIdentifierExtension;
                    if (x509SubjectKeyIdentifierExtension != null)
                    {
                        flag = (string.Compare(text, x509SubjectKeyIdentifierExtension.SubjectKeyIdentifier, true, invariantCulture) == 0);
                    }
                    break;
                }
                }
                if (flag)
                {
                    if (validOnly)
                    {
                        try
                        {
                            if (x509Certificate.Verify())
                            {
                                x509Certificate2Collection.Add(x509Certificate);
                            }
                        }
                        catch
                        {
                        }
                    }
                    else
                    {
                        x509Certificate2Collection.Add(x509Certificate);
                    }
                }
            }
            return(x509Certificate2Collection);
        }
		public void WrongExtension_X509Extension ()
		{
			X509Extension ex = new X509Extension ("1.2.3", new byte[0], true);
			X509SubjectKeyIdentifierExtension ski = new X509SubjectKeyIdentifierExtension ("www.go-mono.com", false); // odd length
			Assert.IsFalse (ski.Critical, "Critical");
			Assert.AreEqual ("FFFFFFFFFFFFFF", ski.SubjectKeyIdentifier, "SubjectKeyIdentifier");
			Assert.AreEqual ("ff ff ff ff ff ff ff" + Environment.NewLine, ski.Format (true), "Format(true)");
			Assert.AreEqual ("ff ff ff ff ff ff ff", ski.Format (false), "Format(false)");

			ski.CopyFrom (ex);
			Assert.IsTrue (ski.Critical, "Critical");
			Assert.AreEqual (String.Empty, BitConverter.ToString (ski.RawData), "RawData");
			Assert.AreEqual ("1.2.3", ski.Oid.Value, "Oid.Value");
			// FIXME: Don't expect that FriendlyName is English. This test fails under non-English Windows.
			//Assert.IsNull (ski.Oid.FriendlyName, "Oid.FriendlyName");
			Assert.AreEqual (String.Empty, ski.Format (true), "Format(true)");
			Assert.AreEqual (String.Empty, ski.Format (false), "Format(false)");
		}
		public void ConstructorString_Single ()
		{
			X509SubjectKeyIdentifierExtension ski = new X509SubjectKeyIdentifierExtension ("f", false);
		}
		public void ConstructorAsnEncodedData_SmallestValid ()
		{
			AsnEncodedData aed = new AsnEncodedData ("1.2.3", new byte[] { 0x04, 0x00 });
			X509SubjectKeyIdentifierExtension ski = new X509SubjectKeyIdentifierExtension (aed, true);
			Assert.AreEqual (String.Empty, ski.SubjectKeyIdentifier, "SubjectKeyIdentifier");
			Assert.AreEqual ("04-00", BitConverter.ToString (ski.RawData), "RawData");
			// FIXME: Don't expect that FriendlyName is English. This test fails under non-English Windows.
			//Assert.AreEqual ("Information Not Available", ski.Format (true), "Format(true)");
			//Assert.AreEqual ("Information Not Available", ski.Format (false), "Format(false)");
		}
Exemplo n.º 36
0
        public X509Certificate2Collection Find(X509FindType findType, object findValue, bool validOnly)
        {
            if (findValue == null)
            {
                throw new ArgumentNullException("findValue");
            }

            string            str = String.Empty;
            string            oid = String.Empty;
            X509KeyUsageFlags ku  = X509KeyUsageFlags.None;
            DateTime          dt  = DateTime.MinValue;

            switch (findType)
            {
            case X509FindType.FindByThumbprint:
            case X509FindType.FindBySubjectName:
            case X509FindType.FindBySubjectDistinguishedName:
            case X509FindType.FindByIssuerName:
            case X509FindType.FindByIssuerDistinguishedName:
            case X509FindType.FindBySerialNumber:
            case X509FindType.FindByTemplateName:
            case X509FindType.FindBySubjectKeyIdentifier:
                try {
                    str = (string)findValue;
                }
                catch (Exception e) {
                    string msg = Locale.GetText("Invalid find value type '{0}', expected '{1}'.",
                                                findValue.GetType(), "string");
                    throw new CryptographicException(msg, e);
                }
                break;

            case X509FindType.FindByApplicationPolicy:
            case X509FindType.FindByCertificatePolicy:
            case X509FindType.FindByExtension:
                try {
                    oid = (string)findValue;
                }
                catch (Exception e) {
                    string msg = Locale.GetText("Invalid find value type '{0}', expected '{1}'.",
                                                findValue.GetType(), "X509KeyUsageFlags");
                    throw new CryptographicException(msg, e);
                }
                // OID validation
                try {
                    CryptoConfig.EncodeOID(oid);
                }
                catch (CryptographicUnexpectedOperationException) {
                    string msg = Locale.GetText("Invalid OID value '{0}'.", oid);
                    throw new ArgumentException("findValue", msg);
                }
                break;

            case X509FindType.FindByKeyUsage:
                try {
                    ku = (X509KeyUsageFlags)findValue;
                }
                catch (Exception e) {
                    string msg = Locale.GetText("Invalid find value type '{0}', expected '{1}'.",
                                                findValue.GetType(), "X509KeyUsageFlags");
                    throw new CryptographicException(msg, e);
                }
                break;

            case X509FindType.FindByTimeValid:
            case X509FindType.FindByTimeNotYetValid:
            case X509FindType.FindByTimeExpired:
                try {
                    dt = (DateTime)findValue;
                }
                catch (Exception e) {
                    string msg = Locale.GetText("Invalid find value type '{0}', expected '{1}'.",
                                                findValue.GetType(), "X509DateTime");
                    throw new CryptographicException(msg, e);
                }
                break;

            default:
                string msg = Locale.GetText("Invalid find type '{0}'.", findType);
                throw new CryptographicException(msg);
            }

            CultureInfo cinv = CultureInfo.InvariantCulture;
            X509Certificate2Collection results = new  X509Certificate2Collection();

            foreach (X509Certificate2 x in InnerList)
            {
                bool value_match = false;

                switch (findType)
                {
                case X509FindType.FindByThumbprint:
                    // works with Thumbprint, GetCertHashString in both normal (upper) and lower case
                    value_match = ((String.Compare(str, x.Thumbprint, true, cinv) == 0) ||
                                   (String.Compare(str, x.GetCertHashString(), true, cinv) == 0));
                    break;

                case X509FindType.FindBySubjectName:
                    string sname = x.GetNameInfo(X509NameType.SimpleName, false);
                    value_match = (sname.IndexOf(str, StringComparison.InvariantCultureIgnoreCase) >= 0);
                    break;

                case X509FindType.FindBySubjectDistinguishedName:
                    value_match = (String.Compare(str, x.Subject, true, cinv) == 0);
                    break;

                case X509FindType.FindByIssuerName:
                    string iname = x.GetNameInfo(X509NameType.SimpleName, true);
                    value_match = (iname.IndexOf(str, StringComparison.InvariantCultureIgnoreCase) >= 0);
                    break;

                case X509FindType.FindByIssuerDistinguishedName:
                    value_match = (String.Compare(str, x.Issuer, true, cinv) == 0);
                    break;

                case X509FindType.FindBySerialNumber:
                    value_match = (String.Compare(str, x.SerialNumber, true, cinv) == 0);
                    break;

                case X509FindType.FindByTemplateName:
                    // TODO - find a valid test case
                    break;

                case X509FindType.FindBySubjectKeyIdentifier:
                    X509SubjectKeyIdentifierExtension ski = (x.Extensions ["2.5.29.14"] as X509SubjectKeyIdentifierExtension);
                    if (ski != null)
                    {
                        value_match = (String.Compare(str, ski.SubjectKeyIdentifier, true, cinv) == 0);
                    }
                    break;

                case X509FindType.FindByApplicationPolicy:
                    // note: include when no extensions are present (even if v3)
                    value_match = (x.Extensions.Count == 0);
                    // TODO - find test case with extension
                    break;

                case X509FindType.FindByCertificatePolicy:
                    // TODO - find test case with extension
                    break;

                case X509FindType.FindByExtension:
                    value_match = (x.Extensions [oid] != null);
                    break;

                case X509FindType.FindByKeyUsage:
                    X509KeyUsageExtension kue = (x.Extensions ["2.5.29.15"] as X509KeyUsageExtension);
                    if (kue == null)
                    {
                        // key doesn't have any hard coded limitations
                        // note: MS doesn't check for ExtendedKeyUsage
                        value_match = true;
                    }
                    else
                    {
                        value_match = ((kue.KeyUsages & ku) == ku);
                    }
                    break;

                case X509FindType.FindByTimeValid:
                    value_match = ((dt >= x.NotBefore) && (dt <= x.NotAfter));
                    break;

                case X509FindType.FindByTimeNotYetValid:
                    value_match = (dt < x.NotBefore);
                    break;

                case X509FindType.FindByTimeExpired:
                    value_match = (dt > x.NotAfter);
                    break;
                }

                if (!value_match)
                {
                    continue;
                }

                if (validOnly)
                {
                    try {
                        if (x.Verify())
                        {
                            results.Add(x);
                        }
                    }
                    catch {
                    }
                }
                else
                {
                    results.Add(x);
                }
            }
            return(results);
        }
		public void ConstructorString_NotHex ()
		{
			X509SubjectKeyIdentifierExtension ski = new X509SubjectKeyIdentifierExtension ("Mono::", true);
			Assert.IsTrue (ski.Critical, "Critical");
			Assert.AreEqual ("04-03-FF-FF-FF", BitConverter.ToString (ski.RawData), "RawData");
			Assert.AreEqual (oid, ski.Oid.Value, "Oid.Value");
			// FIXME: Don't expect that FriendlyName is English. This test fails under non-English Windows.
			//Assert.AreEqual (fname, ski.Oid.FriendlyName, "Oid.FriendlyName");
			Assert.AreEqual ("FFFFFF", ski.SubjectKeyIdentifier, "SubjectKeyIdentifier");
			Assert.AreEqual ("ff ff ff" + Environment.NewLine, ski.Format (true), "Format(true)");
			Assert.AreEqual ("ff ff ff", ski.Format (false), "Format(false)");
		}
Exemplo n.º 38
0
		internal string SubjectKeyIdentifierExtension (bool multiLine)
		{
			try {
				X509SubjectKeyIdentifierExtension ski = new X509SubjectKeyIdentifierExtension  (this, false);
				return ski.ToString (multiLine);
			}
			catch {
				return String.Empty;
			}
		}
		public void ConstructorPublicKeyHash_Sha1 ()
		{
			X509SubjectKeyIdentifierExtension ski = new X509SubjectKeyIdentifierExtension (pk1, X509SubjectKeyIdentifierHashAlgorithm.Sha1, false);
			Assert.IsFalse (ski.Critical, "Critical");
			Assert.AreEqual ("2.5.29.14", ski.Oid.Value, "Oid");
			Assert.AreEqual ("4A0200E2E8D33DBA05FC37BDC36DCF47212D77D1", ski.SubjectKeyIdentifier, "SubjectKeyIdentifier");
			Assert.AreEqual ("04-14-4A-02-00-E2-E8-D3-3D-BA-05-FC-37-BD-C3-6D-CF-47-21-2D-77-D1", BitConverter.ToString (ski.RawData), "RawData");
		}
		public void ConstructorPublicKeyHash_ShortSha1 ()
		{
			X509SubjectKeyIdentifierExtension ski = new X509SubjectKeyIdentifierExtension (pk1, X509SubjectKeyIdentifierHashAlgorithm.ShortSha1, false);
			Assert.IsFalse (ski.Critical, "Critical");
			Assert.AreEqual ("2.5.29.14", ski.Oid.Value, "Oid");
			Assert.AreEqual ("436DCF47212D77D1", ski.SubjectKeyIdentifier, "SubjectKeyIdentifier");
			Assert.AreEqual ("04-08-43-6D-CF-47-21-2D-77-D1", BitConverter.ToString (ski.RawData), "RawData");
		}
Exemplo n.º 41
0
        internal string SubjectKeyIdentifierExtension(bool multiLine)
        {
            string result;

            try
            {
                System.Security.Cryptography.X509Certificates.X509SubjectKeyIdentifierExtension x509SubjectKeyIdentifierExtension = new System.Security.Cryptography.X509Certificates.X509SubjectKeyIdentifierExtension(this, false);
                result = x509SubjectKeyIdentifierExtension.ToString(multiLine);
            }
            catch
            {
                result = string.Empty;
            }
            return(result);
        }