public static void CreateFromValue(string testDataName, bool viaTry) { TimestampTokenTestData testData = TimestampTokenTestData.GetTestData(testDataName); ValidateTokenInfo( testData.TokenInfoBytes, testData, viaTry ? testData.TokenInfoBytes.Length : (int?)null); }
public static void ParseDocument_ExcessData(string testDataName) { TimestampTokenTestData testData = TimestampTokenTestData.GetTestData(testDataName); int baseLen = testData.FullTokenBytes.Length; byte[] tooMuchData = new byte[baseLen + 30]; testData.FullTokenBytes.CopyTo(tooMuchData); // Look like an octet string of the remainder of the payload. Should be ignored. tooMuchData[baseLen] = 0x04; tooMuchData[baseLen + 1] = 28; TestParseDocument(tooMuchData, testData, baseLen); }
private static void ValidateTokenInfo( ReadOnlyMemory <byte> tokenInfoBytes, TimestampTokenTestData testData, int?lengthFromTry) { Rfc3161TimestampTokenInfo tokenInfo; Assert.True( Rfc3161TimestampTokenInfo.TryDecode(tokenInfoBytes, out tokenInfo, out int bytesRead), "Rfc3161TimestampTokenInfo.TryDecode"); Assert.NotNull(tokenInfo); if (lengthFromTry != null) { Assert.Equal(lengthFromTry.Value, bytesRead); } AssertEqual(testData, tokenInfo); }
public static void CreateFromParameters(string testDataName) { TimestampTokenTestData testData = TimestampTokenTestData.GetTestData(testDataName); Oid policyId = new Oid(testData.PolicyId, testData.PolicyId); Oid hashAlgorithmOid = new Oid(testData.HashAlgorithmId); byte[] messageHash = testData.HashBytes.ToArray(); byte[] serial = testData.SerialNumberBytes.ToArray(); DateTimeOffset nonUtcTimestamp = testData.Timestamp.ToOffset(TimeSpan.FromHours(-8)); long? accuracyMicrosec = testData.AccuracyInMicroseconds; byte[] nonce = testData.NonceBytes?.ToArray(); byte[] tsaNameBytes = testData.TsaNameBytes?.ToArray(); ReadOnlyMemory <byte>?nonceMemory = null; ReadOnlyMemory <byte>?tsaMemory = null; if (nonce != null) { nonceMemory = nonce; } if (tsaNameBytes != null) { tsaMemory = tsaNameBytes; } var tokenInfo = new Rfc3161TimestampTokenInfo( policyId, hashAlgorithmOid, messageHash, serial, nonUtcTimestamp, accuracyMicrosec, testData.IsOrdering, nonceMemory, tsaMemory); // Since AssertEqual will check all the fields the remaining checks in this method are about // input/output value/reference associations. AssertEqual(testData, tokenInfo); Assert.NotSame(policyId, tokenInfo.PolicyId); Assert.NotSame(hashAlgorithmOid, tokenInfo.HashAlgorithmId); Assert.Equal(nonUtcTimestamp, tokenInfo.Timestamp); Assert.Equal(TimeSpan.Zero, tokenInfo.Timestamp.Offset); Assert.Equal(messageHash.ByteArrayToHex(), tokenInfo.GetMessageHash().ByteArrayToHex()); // Detached from the original data messageHash[0] ^= 0xFF; Assert.NotEqual(messageHash.ByteArrayToHex(), tokenInfo.GetMessageHash().ByteArrayToHex()); Assert.Equal(serial.ByteArrayToHex(), tokenInfo.GetSerialNumber().ByteArrayToHex()); // Detached from the original data serial[1] ^= 0xFF; Assert.NotEqual(serial.ByteArrayToHex(), tokenInfo.GetSerialNumber().ByteArrayToHex()); if (nonce != null) { ReadOnlyMemory <byte>?tokenNonce = tokenInfo.GetNonce(); Assert.True(tokenNonce.HasValue, "tokenInfo.GetNonce().HasValue"); Assert.Equal(nonce.ByteArrayToHex(), tokenNonce.Value.ByteArrayToHex()); // Detached from the original data nonce[0] ^= 0xFF; Assert.NotEqual(nonce.ByteArrayToHex(), tokenNonce.Value.ByteArrayToHex()); } ReadOnlyMemory <byte>?nameFromToken = tokenInfo.GetTimestampAuthorityName(); if (tsaNameBytes != null) { Assert.True(nameFromToken.HasValue, "nameFromToken.HasValue"); Assert.Equal(tsaNameBytes.ByteArrayToHex(), nameFromToken.Value.ByteArrayToHex()); // Detached from the original data tsaNameBytes[5] ^= 0xFF; Assert.NotEqual(tsaNameBytes.ByteArrayToHex(), nameFromToken.Value.ByteArrayToHex()); } if (testData.ExtensionsBytes == null) { Assert.False(tokenInfo.HasExtensions, "tokenInfo.HasExtensions"); Assert.NotNull(tokenInfo.GetExtensions()); Assert.Equal(0, tokenInfo.GetExtensions().Count); // GetExtensions always returns a new collection. Assert.NotSame(tokenInfo.GetExtensions(), tokenInfo.GetExtensions()); } else { Assert.True(tokenInfo.HasExtensions, "tokenInfo.HasExtensions"); Assert.NotNull(tokenInfo.GetExtensions()); Assert.True(false, "A test handler has been written for extensions..."); // GetExtensions always returns a new collection. Assert.NotSame(tokenInfo.GetExtensions(), tokenInfo.GetExtensions()); } // Because the token is DER encoded, we should produce byte-for-byte the same value. Assert.Equal(testData.TokenInfoBytes.ByteArrayToHex(), tokenInfo.Encode().ByteArrayToHex()); }
private static void TestParseDocument( ReadOnlyMemory <byte> tokenBytes, TimestampTokenTestData testData, int?expectedBytesRead) { int bytesRead; Rfc3161TimestampToken token; Assert.True( Rfc3161TimestampToken.TryDecode(tokenBytes, out token, out bytesRead), "Rfc3161TimestampToken.TryDecode"); if (expectedBytesRead != null) { Assert.Equal(expectedBytesRead.Value, bytesRead); } Assert.NotNull(token); TimestampTokenInfoTests.AssertEqual(testData, token.TokenInfo); SignedCms signedCms = token.AsSignedCms(); Assert.NotNull(signedCms); Assert.Equal(Oids.TstInfo, signedCms.ContentInfo.ContentType.Value); Assert.Equal( testData.TokenInfoBytes.ByteArrayToHex(), signedCms.ContentInfo.Content.ByteArrayToHex()); if (testData.EmbeddedSigningCertificate != null) { Assert.NotNull(signedCms.SignerInfos[0].Certificate); Assert.Equal( testData.EmbeddedSigningCertificate.Value.ByteArrayToHex(), signedCms.SignerInfos[0].Certificate.RawData.ByteArrayToHex()); // Assert.NoThrow signedCms.CheckSignature(true); } else { Assert.Null(signedCms.SignerInfos[0].Certificate); using (var signerCert = new X509Certificate2(testData.ExternalCertificateBytes)) { // Assert.NoThrow signedCms.CheckSignature( new X509Certificate2Collection(signerCert), true); } } X509Certificate2 returnedCert; ReadOnlySpan <byte> messageContentSpan = testData.MessageContent.Span; X509Certificate2Collection candidates = null; if (testData.EmbeddedSigningCertificate != null) { Assert.True( token.VerifySignatureForData(messageContentSpan, out returnedCert), "token.VerifySignatureForData(correct)"); Assert.NotNull(returnedCert); Assert.Equal(signedCms.SignerInfos[0].Certificate, returnedCert); } else { candidates = new X509Certificate2Collection { new X509Certificate2(testData.ExternalCertificateBytes), }; Assert.False( token.VerifySignatureForData(messageContentSpan, out returnedCert), "token.VerifySignatureForData(correct, no cert)"); Assert.Null(returnedCert); Assert.True( token.VerifySignatureForData(messageContentSpan, out returnedCert, candidates), "token.VerifySignatureForData(correct, certs)"); Assert.NotNull(returnedCert); Assert.Equal(candidates[0], returnedCert); } X509Certificate2 previousCert = returnedCert; Assert.False( token.VerifySignatureForData(messageContentSpan.Slice(1), out returnedCert, candidates), "token.VerifySignatureForData(incorrect)"); Assert.Null(returnedCert); byte[] messageHash = testData.HashBytes.ToArray(); Assert.False( token.VerifySignatureForHash(messageHash, HashAlgorithmName.MD5, out returnedCert, candidates), "token.VerifyHash(correct, MD5)"); Assert.Null(returnedCert); Assert.False( token.VerifySignatureForHash(messageHash, new Oid(Oids.Md5), out returnedCert, candidates), "token.VerifyHash(correct, Oid(MD5))"); Assert.Null(returnedCert); Assert.True( token.VerifySignatureForHash(messageHash, new Oid(testData.HashAlgorithmId), out returnedCert, candidates), "token.VerifyHash(correct, Oid(algId))"); Assert.NotNull(returnedCert); Assert.Equal(previousCert, returnedCert); messageHash[0] ^= 0xFF; Assert.False( token.VerifySignatureForHash(messageHash, new Oid(testData.HashAlgorithmId), out returnedCert, candidates), "token.VerifyHash(incorrect, Oid(algId))"); Assert.Null(returnedCert); }
public static void ParseDocument(string testDataName) { TimestampTokenTestData testData = TimestampTokenTestData.GetTestData(testDataName); TestParseDocument(testData.FullTokenBytes, testData, testData.FullTokenBytes.Length); }