public void CreateSigningCertificateV2_WithValidInput_ReturnsAttribute(Common.HashAlgorithmName hashAlgorithmName) { using (var certificate = _fixture.GetDefaultCertificate()) { var attribute = AttributeUtility.CreateSigningCertificateV2(certificate, hashAlgorithmName); Assert.Equal(Oids.SigningCertificateV2, attribute.Oid.Value); Assert.Equal(1, attribute.Values.Count); var signingCertificateV2 = SigningCertificateV2.Read(attribute.Values[0].RawData); Assert.Equal(1, signingCertificateV2.Certificates.Count); var essCertIdV2 = signingCertificateV2.Certificates[0]; var expectedHash = SignTestUtility.GetHash(certificate, hashAlgorithmName); SignTestUtility.VerifyByteArrays(expectedHash, essCertIdV2.CertificateHash); Assert.Equal( hashAlgorithmName, CryptoHashUtility.OidToHashAlgorithmName(essCertIdV2.HashAlgorithm.Algorithm.Value)); Assert.Equal(certificate.IssuerName.Name, essCertIdV2.IssuerSerial.GeneralNames[0].DirectoryName.Name); var serialNumber = certificate.GetSerialNumber(); // Convert from little endian to big endian. Array.Reverse(serialNumber); SignTestUtility.VerifyByteArrays( serialNumber, essCertIdV2.IssuerSerial.SerialNumber); } }
public void Read_WithMultipleEssCertIds_ReturnsSigningCertificate() { var bcEssCertId1 = CreateBcEssCertId("1"); var bcEssCertId2 = CreateBcEssCertId("2"); var bcEssCertId3 = CreateBcEssCertId("3"); var bcSigningCertificate = new BcSigningCertificate( new DerSequence(new DerSequence(bcEssCertId1, bcEssCertId2, bcEssCertId3))); var bytes = bcSigningCertificate.GetDerEncoded(); var signingCertificate = SigningCertificate.Read(bytes); Assert.Equal(3, signingCertificate.Certificates.Count); Assert.Null(signingCertificate.Policies); SignTestUtility.VerifyByteArrays( bcEssCertId1.GetCertHash(), signingCertificate.Certificates[0].CertificateHash); Assert.Null(signingCertificate.Certificates[0].IssuerSerial); SignTestUtility.VerifyByteArrays( bcEssCertId2.GetCertHash(), signingCertificate.Certificates[1].CertificateHash); Assert.Null(signingCertificate.Certificates[1].IssuerSerial); SignTestUtility.VerifyByteArrays( bcEssCertId3.GetCertHash(), signingCertificate.Certificates[2].CertificateHash); Assert.Null(signingCertificate.Certificates[2].IssuerSerial); }
public void Read_WithValidInput_ReturnsSigningCertificateV2(HashAlgorithmName hashAlgorithmName) { using (var certificate = _fixture.GetDefaultCertificate()) { var expectedSigningCertificateV2 = SigningCertificateV2.Create(certificate, hashAlgorithmName); var bytes = expectedSigningCertificateV2.Encode(); var actualSigningCertificateV2 = SigningCertificateV2.Read(bytes); Assert.Equal( expectedSigningCertificateV2.Certificates.Count, actualSigningCertificateV2.Certificates.Count); for (var i = 0; i < expectedSigningCertificateV2.Certificates.Count; ++i) { var expectedEssCertIdV2 = expectedSigningCertificateV2.Certificates[i]; var actualEssCertIdV2 = actualSigningCertificateV2.Certificates[i]; Assert.Equal( expectedEssCertIdV2.HashAlgorithm.Algorithm.Value, actualEssCertIdV2.HashAlgorithm.Algorithm.Value); SignTestUtility.VerifyByteArrays( expectedEssCertIdV2.CertificateHash, actualEssCertIdV2.CertificateHash); Assert.Equal( expectedEssCertIdV2.IssuerSerial.GeneralNames[0].DirectoryName.Name, actualEssCertIdV2.IssuerSerial.GeneralNames[0].DirectoryName.Name); SignTestUtility.VerifyByteArrays(expectedEssCertIdV2.IssuerSerial.SerialNumber, actualEssCertIdV2.IssuerSerial.SerialNumber); } } }
public void Read_WithMultipleEssCertIds_ReturnsSigningCertificateV2(HashAlgorithmName hashAlgorithmName) { var bcEssCertIdV2_1 = CreateBcEssCertIdV2(hashAlgorithmName, "1"); var bcEssCertIdV2_2 = CreateBcEssCertIdV2(hashAlgorithmName, "2"); var bcEssCertIdV2_3 = CreateBcEssCertIdV2(hashAlgorithmName, "3"); var bcSigningCertificateV2 = new BcSigningCertificateV2( new[] { bcEssCertIdV2_1, bcEssCertIdV2_2, bcEssCertIdV2_3 }); var bytes = bcSigningCertificateV2.GetDerEncoded(); var signingCertificate = SigningCertificateV2.Read(bytes); Assert.Equal(3, signingCertificate.Certificates.Count); Assert.Null(signingCertificate.Policies); SignTestUtility.VerifyByteArrays( bcEssCertIdV2_1.GetCertHash(), signingCertificate.Certificates[0].CertificateHash); Assert.Null(signingCertificate.Certificates[0].IssuerSerial); SignTestUtility.VerifyByteArrays( bcEssCertIdV2_2.GetCertHash(), signingCertificate.Certificates[1].CertificateHash); Assert.Null(signingCertificate.Certificates[1].IssuerSerial); SignTestUtility.VerifyByteArrays( bcEssCertIdV2_3.GetCertHash(), signingCertificate.Certificates[2].CertificateHash); Assert.Null(signingCertificate.Certificates[2].IssuerSerial); }
public void Read_WithOnlyCertificateHash_ReturnsEssCertIdV2() { var hash = CryptoHashUtility.ComputeHash(HashAlgorithmName.SHA256, Encoding.UTF8.GetBytes("peach")); var bcEssCertId = new BcEssCertIdV2(hash); var bytes = bcEssCertId.GetDerEncoded(); var essCertIdV2 = EssCertIdV2.Read(bytes); Assert.Equal(Oids.Sha256, essCertIdV2.HashAlgorithm.Algorithm.Value); SignTestUtility.VerifyByteArrays(hash, essCertIdV2.CertificateHash); Assert.Null(essCertIdV2.IssuerSerial); }
public void Read_WithDefaultAlgorithmIdentifier_ReturnsEssCertIdV2() { var directoryName = new X509Name("CN=test"); var generalNames = new GeneralNames( new BcGeneralName(BcGeneralName.DirectoryName, directoryName)); var bcIssuerSerial = new BcIssuerSerial(generalNames, new DerInteger(BigInteger.One)); var hash = CryptoHashUtility.ComputeHash(HashAlgorithmName.SHA256, Encoding.UTF8.GetBytes("peach")); var bcEssCertId = new BcEssCertIdV2(hash, bcIssuerSerial); var bytes = bcEssCertId.GetDerEncoded(); var essCertIdV2 = EssCertIdV2.Read(bytes); Assert.Equal(Oids.Sha256, essCertIdV2.HashAlgorithm.Algorithm.Value); Assert.Equal(1, essCertIdV2.IssuerSerial.GeneralNames.Count); Assert.Equal(directoryName.ToString(), essCertIdV2.IssuerSerial.GeneralNames[0].DirectoryName.Name); SignTestUtility.VerifyByteArrays(hash, essCertIdV2.CertificateHash); SignTestUtility.VerifyByteArrays(bcIssuerSerial.Serial.Value.ToByteArray(), essCertIdV2.IssuerSerial.SerialNumber); }
public void Read_WithValidInput_ReturnsEssCertId() { using (var certificate = _fixture.GetDefaultCertificate()) { var bcCertificate = DotNetUtilities.FromX509Certificate(certificate); var bcGeneralNames = new GeneralNames( new BcGeneralName(BcGeneralName.DirectoryName, bcCertificate.IssuerDN)); var bcIssuerSerial = new BcIssuerSerial(bcGeneralNames, new DerInteger(bcCertificate.SerialNumber)); var hash = SignTestUtility.GetHash(certificate, Common.HashAlgorithmName.SHA256); var bcEssCertId = new BcEssCertId(hash, bcIssuerSerial); var bytes = bcEssCertId.GetDerEncoded(); var essCertId = EssCertId.Read(bytes); Assert.Equal(1, essCertId.IssuerSerial.GeneralNames.Count); Assert.Equal(certificate.IssuerName.Name, essCertId.IssuerSerial.GeneralNames[0].DirectoryName.Name); SignTestUtility.VerifyByteArrays(hash, essCertId.CertificateHash); SignTestUtility.VerifyByteArrays(bcIssuerSerial.Serial.Value.ToByteArray(), essCertId.IssuerSerial.SerialNumber); } }