public static void CreateFromValue(string testDataName, bool viaTry)
        {
            TimestampTokenTestData testData = TimestampTokenTestData.GetTestData(testDataName);

            ValidateTokenInfo(
                testData.TokenInfoBytes,
                testData,
                viaTry ? testData.TokenInfoBytes.Length : (int?)null);
        }
Пример #2
0
        public static void ParseDocument_ExcessData(string testDataName)
        {
            TimestampTokenTestData testData = TimestampTokenTestData.GetTestData(testDataName);

            int baseLen = testData.FullTokenBytes.Length;

            byte[] tooMuchData = new byte[baseLen + 30];
            testData.FullTokenBytes.CopyTo(tooMuchData);

            // Look like an octet string of the remainder of the payload.  Should be ignored.
            tooMuchData[baseLen]     = 0x04;
            tooMuchData[baseLen + 1] = 28;

            TestParseDocument(tooMuchData, testData, baseLen);
        }
        private static void ValidateTokenInfo(
            ReadOnlyMemory <byte> tokenInfoBytes,
            TimestampTokenTestData testData,
            int?lengthFromTry)
        {
            Rfc3161TimestampTokenInfo tokenInfo;

            Assert.True(
                Rfc3161TimestampTokenInfo.TryDecode(tokenInfoBytes, out tokenInfo, out int bytesRead),
                "Rfc3161TimestampTokenInfo.TryDecode");

            Assert.NotNull(tokenInfo);

            if (lengthFromTry != null)
            {
                Assert.Equal(lengthFromTry.Value, bytesRead);
            }

            AssertEqual(testData, tokenInfo);
        }
        public static void CreateFromParameters(string testDataName)
        {
            TimestampTokenTestData testData = TimestampTokenTestData.GetTestData(testDataName);

            Oid policyId         = new Oid(testData.PolicyId, testData.PolicyId);
            Oid hashAlgorithmOid = new Oid(testData.HashAlgorithmId);

            byte[]         messageHash      = testData.HashBytes.ToArray();
            byte[]         serial           = testData.SerialNumberBytes.ToArray();
            DateTimeOffset nonUtcTimestamp  = testData.Timestamp.ToOffset(TimeSpan.FromHours(-8));
            long?          accuracyMicrosec = testData.AccuracyInMicroseconds;

            byte[] nonce        = testData.NonceBytes?.ToArray();
            byte[] tsaNameBytes = testData.TsaNameBytes?.ToArray();

            ReadOnlyMemory <byte>?nonceMemory = null;
            ReadOnlyMemory <byte>?tsaMemory   = null;

            if (nonce != null)
            {
                nonceMemory = nonce;
            }

            if (tsaNameBytes != null)
            {
                tsaMemory = tsaNameBytes;
            }

            var tokenInfo = new Rfc3161TimestampTokenInfo(
                policyId,
                hashAlgorithmOid,
                messageHash,
                serial,
                nonUtcTimestamp,
                accuracyMicrosec,
                testData.IsOrdering,
                nonceMemory,
                tsaMemory);

            // Since AssertEqual will check all the fields the remaining checks in this method are about
            // input/output value/reference associations.
            AssertEqual(testData, tokenInfo);

            Assert.NotSame(policyId, tokenInfo.PolicyId);
            Assert.NotSame(hashAlgorithmOid, tokenInfo.HashAlgorithmId);

            Assert.Equal(nonUtcTimestamp, tokenInfo.Timestamp);
            Assert.Equal(TimeSpan.Zero, tokenInfo.Timestamp.Offset);

            Assert.Equal(messageHash.ByteArrayToHex(), tokenInfo.GetMessageHash().ByteArrayToHex());
            // Detached from the original data
            messageHash[0] ^= 0xFF;
            Assert.NotEqual(messageHash.ByteArrayToHex(), tokenInfo.GetMessageHash().ByteArrayToHex());

            Assert.Equal(serial.ByteArrayToHex(), tokenInfo.GetSerialNumber().ByteArrayToHex());
            // Detached from the original data
            serial[1] ^= 0xFF;
            Assert.NotEqual(serial.ByteArrayToHex(), tokenInfo.GetSerialNumber().ByteArrayToHex());


            if (nonce != null)
            {
                ReadOnlyMemory <byte>?tokenNonce = tokenInfo.GetNonce();
                Assert.True(tokenNonce.HasValue, "tokenInfo.GetNonce().HasValue");

                Assert.Equal(nonce.ByteArrayToHex(), tokenNonce.Value.ByteArrayToHex());
                // Detached from the original data
                nonce[0] ^= 0xFF;
                Assert.NotEqual(nonce.ByteArrayToHex(), tokenNonce.Value.ByteArrayToHex());
            }

            ReadOnlyMemory <byte>?nameFromToken = tokenInfo.GetTimestampAuthorityName();

            if (tsaNameBytes != null)
            {
                Assert.True(nameFromToken.HasValue, "nameFromToken.HasValue");
                Assert.Equal(tsaNameBytes.ByteArrayToHex(), nameFromToken.Value.ByteArrayToHex());
                // Detached from the original data
                tsaNameBytes[5] ^= 0xFF;
                Assert.NotEqual(tsaNameBytes.ByteArrayToHex(), nameFromToken.Value.ByteArrayToHex());
            }

            if (testData.ExtensionsBytes == null)
            {
                Assert.False(tokenInfo.HasExtensions, "tokenInfo.HasExtensions");
                Assert.NotNull(tokenInfo.GetExtensions());
                Assert.Equal(0, tokenInfo.GetExtensions().Count);

                // GetExtensions always returns a new collection.
                Assert.NotSame(tokenInfo.GetExtensions(), tokenInfo.GetExtensions());
            }
            else
            {
                Assert.True(tokenInfo.HasExtensions, "tokenInfo.HasExtensions");
                Assert.NotNull(tokenInfo.GetExtensions());

                Assert.True(false, "A test handler has been written for extensions...");

                // GetExtensions always returns a new collection.
                Assert.NotSame(tokenInfo.GetExtensions(), tokenInfo.GetExtensions());
            }

            // Because the token is DER encoded, we should produce byte-for-byte the same value.
            Assert.Equal(testData.TokenInfoBytes.ByteArrayToHex(), tokenInfo.Encode().ByteArrayToHex());
        }
Пример #5
0
        private static void TestParseDocument(
            ReadOnlyMemory <byte> tokenBytes,
            TimestampTokenTestData testData,
            int?expectedBytesRead)
        {
            int bytesRead;
            Rfc3161TimestampToken token;

            Assert.True(
                Rfc3161TimestampToken.TryDecode(tokenBytes, out token, out bytesRead),
                "Rfc3161TimestampToken.TryDecode");

            if (expectedBytesRead != null)
            {
                Assert.Equal(expectedBytesRead.Value, bytesRead);
            }

            Assert.NotNull(token);
            TimestampTokenInfoTests.AssertEqual(testData, token.TokenInfo);

            SignedCms signedCms = token.AsSignedCms();

            Assert.NotNull(signedCms);
            Assert.Equal(Oids.TstInfo, signedCms.ContentInfo.ContentType.Value);

            Assert.Equal(
                testData.TokenInfoBytes.ByteArrayToHex(),
                signedCms.ContentInfo.Content.ByteArrayToHex());

            if (testData.EmbeddedSigningCertificate != null)
            {
                Assert.NotNull(signedCms.SignerInfos[0].Certificate);

                Assert.Equal(
                    testData.EmbeddedSigningCertificate.Value.ByteArrayToHex(),
                    signedCms.SignerInfos[0].Certificate.RawData.ByteArrayToHex());

                // Assert.NoThrow
                signedCms.CheckSignature(true);
            }
            else
            {
                Assert.Null(signedCms.SignerInfos[0].Certificate);

                using (var signerCert = new X509Certificate2(testData.ExternalCertificateBytes))
                {
                    // Assert.NoThrow
                    signedCms.CheckSignature(
                        new X509Certificate2Collection(signerCert),
                        true);
                }
            }

            X509Certificate2           returnedCert;
            ReadOnlySpan <byte>        messageContentSpan = testData.MessageContent.Span;
            X509Certificate2Collection candidates         = null;

            if (testData.EmbeddedSigningCertificate != null)
            {
                Assert.True(
                    token.VerifySignatureForData(messageContentSpan, out returnedCert),
                    "token.VerifySignatureForData(correct)");

                Assert.NotNull(returnedCert);
                Assert.Equal(signedCms.SignerInfos[0].Certificate, returnedCert);
            }
            else
            {
                candidates = new X509Certificate2Collection
                {
                    new X509Certificate2(testData.ExternalCertificateBytes),
                };

                Assert.False(
                    token.VerifySignatureForData(messageContentSpan, out returnedCert),
                    "token.VerifySignatureForData(correct, no cert)");

                Assert.Null(returnedCert);

                Assert.True(
                    token.VerifySignatureForData(messageContentSpan, out returnedCert, candidates),
                    "token.VerifySignatureForData(correct, certs)");

                Assert.NotNull(returnedCert);
                Assert.Equal(candidates[0], returnedCert);
            }

            X509Certificate2 previousCert = returnedCert;

            Assert.False(
                token.VerifySignatureForData(messageContentSpan.Slice(1), out returnedCert, candidates),
                "token.VerifySignatureForData(incorrect)");

            Assert.Null(returnedCert);

            byte[] messageHash = testData.HashBytes.ToArray();

            Assert.False(
                token.VerifySignatureForHash(messageHash, HashAlgorithmName.MD5, out returnedCert, candidates),
                "token.VerifyHash(correct, MD5)");
            Assert.Null(returnedCert);

            Assert.False(
                token.VerifySignatureForHash(messageHash, new Oid(Oids.Md5), out returnedCert, candidates),
                "token.VerifyHash(correct, Oid(MD5))");
            Assert.Null(returnedCert);

            Assert.True(
                token.VerifySignatureForHash(messageHash, new Oid(testData.HashAlgorithmId), out returnedCert, candidates),
                "token.VerifyHash(correct, Oid(algId))");
            Assert.NotNull(returnedCert);
            Assert.Equal(previousCert, returnedCert);

            messageHash[0] ^= 0xFF;
            Assert.False(
                token.VerifySignatureForHash(messageHash, new Oid(testData.HashAlgorithmId), out returnedCert, candidates),
                "token.VerifyHash(incorrect, Oid(algId))");
            Assert.Null(returnedCert);
        }
Пример #6
0
        public static void ParseDocument(string testDataName)
        {
            TimestampTokenTestData testData = TimestampTokenTestData.GetTestData(testDataName);

            TestParseDocument(testData.FullTokenBytes, testData, testData.FullTokenBytes.Length);
        }