public static void Create_Validation() { Assert.Throws <ArgumentNullException>( "keyIdentifier", () => X509AuthorityKeyIdentifierExtension.Create( (byte[])null, null, (byte[])null)); Assert.Throws <ArgumentNullException>( "issuerName", () => X509AuthorityKeyIdentifierExtension.Create( Array.Empty <byte>(), null, (byte[])null)); X500DistinguishedName dn = new X500DistinguishedName("CN=Hi"); Assert.Throws <ArgumentNullException>( "serialNumber", () => X509AuthorityKeyIdentifierExtension.Create( Array.Empty <byte>(), dn, (byte[])null)); Assert.Throws <ArgumentNullException>( "issuerName", () => X509AuthorityKeyIdentifierExtension.Create( ReadOnlySpan <byte> .Empty, null, ReadOnlySpan <byte> .Empty)); }
public static void CreateFullPreservesKeyIdLeadingZeros() { ReadOnlySpan <byte> encoded = new byte[] { 0x30, 0x26, 0x80, 0x09, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x08, 0x80, 0xA1, 0x14, 0xA4, 0x12, 0x30, 0x10, 0x31, 0x0E, 0x30, 0x0C, 0x06, 0x03, 0x55, 0x04, 0x03, 0x13, 0x05, 0x48, 0x65, 0x6C, 0x6C, 0x6F, 0x82, 0x03, 0x00, 0xEE, 0x7B, }; ReadOnlySpan <byte> keyId = encoded.Slice(4, 9); X500DistinguishedName issuerName = new X500DistinguishedName("CN=Hello"); ReadOnlySpan <byte> serial = new byte[] { 0x00, 0xEE, 0x7B }; X509AuthorityKeyIdentifierExtension akid; // From ROSpan akid = X509AuthorityKeyIdentifierExtension.Create(keyId, issuerName, serial); AssertExtensions.SequenceEqual(encoded, akid.RawData); AssertExtensions.SequenceEqual(keyId, akid.KeyIdentifier.GetValueOrDefault().Span); AssertExtensions.SequenceEqual(issuerName.RawData, akid.NamedIssuer.RawData); AssertExtensions.SequenceEqual(serial, akid.SerialNumber.GetValueOrDefault().Span); // From Arrays akid = X509AuthorityKeyIdentifierExtension.Create(keyId.ToArray(), issuerName, serial.ToArray()); AssertExtensions.SequenceEqual(encoded, akid.RawData); AssertExtensions.SequenceEqual(keyId, akid.KeyIdentifier.GetValueOrDefault().Span); AssertExtensions.SequenceEqual(issuerName.RawData, akid.NamedIssuer.RawData); AssertExtensions.SequenceEqual(serial, akid.SerialNumber.GetValueOrDefault().Span); }
public static void CreateFullWithNegativeSerialNumber(bool fromArray) { X509AuthorityKeyIdentifierExtension akid; ReadOnlySpan <byte> skid = new byte[] { 0x01, 0x02, 0x04 }; X500DistinguishedName issuerName = new X500DistinguishedName("CN=Negative"); ReadOnlySpan <byte> serial = new byte[] { 0x80, 0x02 }; if (fromArray) { akid = X509AuthorityKeyIdentifierExtension.Create( skid.ToArray(), issuerName, serial.ToArray()); } else { akid = X509AuthorityKeyIdentifierExtension.Create(skid, issuerName, serial); } Assert.False(akid.Critical, "akid.Critical"); Assert.NotNull(akid.NamedIssuer); AssertExtensions.SequenceEqual(issuerName.RawData, akid.NamedIssuer.RawData); Assert.True(akid.SerialNumber.HasValue, "akid.SerialNumber.HasValue"); AssertExtensions.SequenceEqual(serial, akid.SerialNumber.GetValueOrDefault().Span); Assert.True(akid.KeyIdentifier.HasValue, "akid.KeyIdentifier.HasValue"); AssertExtensions.SequenceEqual(skid, akid.KeyIdentifier.GetValueOrDefault().Span); const string ExpectedHex = "30228003010204A117A41530133111300F060355040313084E65676174697665" + "82028002"; Assert.Equal(ExpectedHex, akid.RawData.ByteArrayToHex()); }
public static void CreateWithInvalidSerialNumber() { // This value has 9 leading zero bits, making it an invalid encoding for a BER/DER INTEGER. byte[] tooManyZeros = { 0x00, 0x7F }; byte[] invalidValue = tooManyZeros; X500DistinguishedName dn = new X500DistinguishedName("CN=Bad Serial"); // Array Assert.Throws <ArgumentException>( "serialNumber", () => X509AuthorityKeyIdentifierExtension.Create(invalidValue, dn, invalidValue)); // Span Assert.Throws <ArgumentException>( "serialNumber", () => X509AuthorityKeyIdentifierExtension.Create( new ReadOnlySpan <byte>(invalidValue), dn, new ReadOnlySpan <byte>(invalidValue))); // Array Assert.Throws <ArgumentException>( "serialNumber", () => X509AuthorityKeyIdentifierExtension.CreateFromIssuerNameAndSerialNumber(dn, invalidValue)); // Span Assert.Throws <ArgumentException>( "serialNumber", () => X509AuthorityKeyIdentifierExtension.CreateFromIssuerNameAndSerialNumber( dn, new ReadOnlySpan <byte>(invalidValue))); // The leading 9 bits are all one, also invalid. byte[] tooManyOnes = { 0xFF, 0x80 }; invalidValue = tooManyOnes; // Array Assert.Throws <ArgumentException>( "serialNumber", () => X509AuthorityKeyIdentifierExtension.Create(invalidValue, dn, invalidValue)); // Span Assert.Throws <ArgumentException>( "serialNumber", () => X509AuthorityKeyIdentifierExtension.Create( new ReadOnlySpan <byte>(invalidValue), dn, new ReadOnlySpan <byte>(invalidValue))); // Array Assert.Throws <ArgumentException>( "serialNumber", () => X509AuthorityKeyIdentifierExtension.CreateFromIssuerNameAndSerialNumber(dn, invalidValue)); // Span Assert.Throws <ArgumentException>( "serialNumber", () => X509AuthorityKeyIdentifierExtension.CreateFromIssuerNameAndSerialNumber( dn, new ReadOnlySpan <byte>(invalidValue))); }
public static void RoundtripFull() { byte[] encoded = ( "303C80140235857ED35BD13609F22DE8A71F93DFEBD3F495A11AA41830163114" + "301206035504030C0B49737375696E6743657274820852E6DEFA1D32A969").HexToByteArray(); X509AuthorityKeyIdentifierExtension akid = new X509AuthorityKeyIdentifierExtension(encoded, true); Assert.True(akid.Critical, "akid.Critical"); Assert.True(akid.KeyIdentifier.HasValue, "akid.KeyIdentifier.HasValue"); Assert.Equal( "0235857ED35BD13609F22DE8A71F93DFEBD3F495", akid.KeyIdentifier.Value.ByteArrayToHex()); Assert.True(akid.RawIssuer.HasValue, "akid.RawIssuer.HasValue"); Assert.NotNull(akid.NamedIssuer); Assert.Equal( "A11AA41830163114301206035504030C0B49737375696E6743657274", akid.RawIssuer.Value.ByteArrayToHex()); Assert.Equal( "30163114301206035504030C0B49737375696E6743657274", akid.NamedIssuer.RawData.ByteArrayToHex()); Assert.True(akid.SerialNumber.HasValue, "akid.SerialNumber.HasValue"); Assert.Equal("52E6DEFA1D32A969", akid.SerialNumber.Value.ByteArrayToHex()); X509AuthorityKeyIdentifierExtension akid2 = X509AuthorityKeyIdentifierExtension.Create( akid.KeyIdentifier.Value.Span, akid.NamedIssuer, akid.SerialNumber.Value.Span); Assert.False(akid2.Critical, "akid2.Critical"); AssertExtensions.SequenceEqual(akid.RawData, akid2.RawData); }