public void Constructor_StringData ()
{
AsnEncodedData aed = new AsnEncodedData ("oid", asnNullBytes);
Assert.AreEqual ("oid", aed.Oid.Value, "Oid.Value");
Assert.IsNull (aed.Oid.FriendlyName, "Oid.FriendlyName");
Assert.AreEqual (BitConverter.ToString (asnNullBytes), BitConverter.ToString (aed.RawData), "RawData");
Assert.AreEqual (asnNullString, aed.Format (true), "Format");
}
[Category ("NotDotNet")] // FriendlyName should not only be English.
// note: important to emulate in Mono because we need it for SSL/TLS
public void Build_SubjectAltNameExtension ()
{
AsnEncodedData aed = new AsnEncodedData (new byte[] { 0x30, 0x16, 0x82, 0x14, 0x77, 0x77, 0x77, 0x2E, 0x6D, 0x6F, 0x6E, 0x6F, 0x2D, 0x70, 0x72, 0x6F, 0x6A, 0x65, 0x63, 0x74, 0x2E, 0x63, 0x6F, 0x6D });
Assert.AreEqual ("30 16 82 14 77 77 77 2e 6d 6f 6e 6f 2d 70 72 6f 6a 65 63 74 2e 63 6f 6d", aed.Format (true), "Format(true)");
Assert.AreEqual ("30 16 82 14 77 77 77 2e 6d 6f 6e 6f 2d 70 72 6f 6a 65 63 74 2e 63 6f 6d", aed.Format (false), "Format(false)");
aed.Oid = new Oid ("2.5.29.17");
// and now "AsnEncodedData" knows how to (magically) decode the data without involving the class
Assert.AreEqual ("DNS Name=www.mono-project.com" + Environment.NewLine, aed.Format (true), "aed.Format(true)");
Assert.AreEqual ("DNS Name=www.mono-project.com", aed.Format (false), "aed.Format(false)");
// note that the Fx doesn't "really" support this extension
// finally this also means that the Oid "knowns" about oid not used in the Fx itself
// FIXME: Don't expect that FriendlyName is English. This test fails under non-English Windows.
Assert.AreEqual ("Subject Alternative Name", aed.Oid.FriendlyName, "FriendlyName");
// anyway the answer is most probably CryptoAPI
}
[Category ("NotDotNet")] // FriendlyName should not only be English.
public void Build_X509EnhancedKeyUsageExtension ()
{
AsnEncodedData aed = new AsnEncodedData (new byte[] { 0x30, 0x05, 0x06, 0x03, 0x2A, 0x03, 0x04 });
Assert.AreEqual ("30 05 06 03 2a 03 04", aed.Format (true), "Format(true)");
Assert.AreEqual ("30 05 06 03 2a 03 04", aed.Format (false), "Format(false)");
aed.Oid = new Oid ("2.5.29.37");
// and now "AsnEncodedData" knows how to (magically) decode the data without involving the class
// FIXME: Don't expect that FriendlyName is English. This test fails under non-English Windows.
Assert.AreEqual ("Unknown Key Usage (1.2.3.4)" + Environment.NewLine, aed.Format (true), "aed.Format(true)");
Assert.AreEqual ("Unknown Key Usage (1.2.3.4)", aed.Format (false), "aed.Format(false)");
// compare with the output of the "appropriate" class
X509EnhancedKeyUsageExtension eku = new X509EnhancedKeyUsageExtension (aed, false);
// FIXME: Don't expect that FriendlyName is English. This test fails under non-English Windows.
Assert.AreEqual ("Unknown Key Usage (1.2.3.4)" + Environment.NewLine, eku.Format (true), "eku.Format(true)");
Assert.AreEqual ("Unknown Key Usage (1.2.3.4)", eku.Format (false), "eku.Format(false)");
}
[Category ("NotDotNet")] // FriendlyName should not only be English.
// note: important to emulate in Mono because we need it for SSL/TLS
public void Build_NetscapeCertTypeExtension ()
{
AsnEncodedData aed = new AsnEncodedData (new byte[] { 0x03, 0x02, 0x01, 0x06 });
Assert.AreEqual ("03 02 01 06", aed.Format (true), "Format(true)");
Assert.AreEqual ("03 02 01 06", aed.Format (false), "Format(false)");
aed.Oid = new Oid ("2.16.840.1.113730.1.1");
// and now "AsnEncodedData" knows how to (magically) decode the data without involving the class
Assert.AreEqual ("SSL CA, SMIME CA (06)", aed.Format (true), "aed.Format(true)");
Assert.AreEqual ("SSL CA, SMIME CA (06)", aed.Format (false), "aed.Format(false)");
// note that the Fx doesn't "really" support this extension
// and strangely no NewLine is being appended to Format(true)
// finally this also means that the Oid "knowns" about oid not used in the Fx itself
// FIXME: Don't expect that FriendlyName is English. This test fails under non-English Windows.
Assert.AreEqual ("Netscape Cert Type", aed.Oid.FriendlyName, "FriendlyName");
// anyway the answer is most probably CryptoAPI
}
public void CopyFrom ()
{
Oid o = new Oid ("1.2.3");
byte[] data = (byte[])asnNullBytes.Clone ();
AsnEncodedData aed = new AsnEncodedData (o, asnNullBytes);
AsnEncodedData copy = new AsnEncodedData ((Oid)null, new byte [0]);
copy.CopyFrom (aed);
Assert.AreEqual (aed.Oid.Value, copy.Oid.Value, "Oid 1");
Assert.AreEqual (aed.Format (true), copy.Format (true), "Format 1");
aed.Oid = new Oid ("1.2.4");
aed.RawData = new byte[1];
Assert.AreEqual ("1.2.3", copy.Oid.Value, "Oid 2");
Assert.AreEqual (asnNullString, copy.Format (true), "Format 2");
}
public void FormatMultiline ()
{
AsnEncodedData aed = new AsnEncodedData ("1.2.840.113549.1.1.1", asnLongBytes);
Assert.AreEqual ("1.2.840.113549.1.1.1", aed.Oid.Value, "Oid.Value");
Assert.AreEqual ("RSA", aed.Oid.FriendlyName, "Oid.FriendlyName");
Assert.AreEqual (BitConverter.ToString (asnLongBytes), BitConverter.ToString (aed.RawData), "RawData");
string result = aed.Format (true);
Assert.AreEqual (asnLongString, result, "Format(true)");
}
public void RawData_CanModify ()
{
byte[] data = (byte[])asnNullBytes.Clone ();
AsnEncodedData aed = new AsnEncodedData ("1.2.3", data);
Assert.AreEqual (asnNullString, aed.Format (true), "Format 1");
data[0] = 0x06;
Assert.AreEqual (asnNullString, aed.Format (true), "Format 2"); ; // didn't change (copy)
aed.RawData[0] = 0x07;
Assert.AreEqual ("07 00", aed.Format (true), "Format 3"); // changed!
}
private void Parse(byte[] data)
{
if (base.Oid.Value == SubjectAltNameOid ||
base.Oid.Value == SubjectAltName2Oid)
{
AsnEncodedData asnData = new AsnEncodedData(base.Oid.Value, data);
string formattedData = asnData.Format(false);
ParseSubjectAltNameUsageExtension(formattedData);
}
else
{
throw new ServiceResultException(
StatusCodes.BadCertificateInvalid,
"Certificate uses unknown SubjectAltNameOid.");
}
}
private void Parse(byte[] data)
{
if (base.Oid.Value == AuthorityKeyIdentifierOid ||
base.Oid.Value == AuthorityKeyIdentifier2Oid)
{
AsnEncodedData asnData = new AsnEncodedData(base.Oid.Value, data);
string formattedData = asnData.Format(false);
ParseAuthorityKeyIdentifierExtension(formattedData);
}
else
{
throw new ServiceResultException(
StatusCodes.BadCertificateInvalid,
"Certificate uses unknown AuthorityKeyIdentifierOid.");
}
}
public void Constructor_Asn ()
{
AsnEncodedData aed = new AsnEncodedData ("oid", asnNullBytes);
AsnEncodedData aed2 = new AsnEncodedData (aed);
Assert.AreEqual (aed.Oid.Value, aed2.Oid.Value, "Oid.Value");
Assert.AreEqual (aed.Oid.FriendlyName, aed2.Oid.FriendlyName, "Oid.FriendlyName");
Assert.AreEqual (BitConverter.ToString (aed.RawData), BitConverter.ToString (aed2.RawData), "RawData");
string s1 = aed.Format (false);
string s2 = aed.Format (true);
Assert.AreEqual (s1, s2, "Format");
}
private static bool CertificateValidationCallBack(object sender, X509Certificate certificate, X509Chain chain, SslPolicyErrors sslPolicyErrors)
{
// Certificate2 is better than Certificate1, right?
X509Certificate2 cert = (X509Certificate2)certificate;
string[] subjectPieces = splitDN(cert.Subject);
Console.Write("Certificate Subject : ");
for (int x = 0; x < subjectPieces.Length; x++)
{
if (x == 0)
Console.WriteLine(subjectPieces[x]);
else
Console.WriteLine(" " + subjectPieces[x]);
}
string[] issuerPieces = splitDN(cert.Issuer);
Console.Write("Certificate Issuer : ");
for (int x = 0; x < issuerPieces.Length; x++)
{
if (x == 0)
Console.WriteLine(issuerPieces[x]);
else
Console.WriteLine(" " + issuerPieces[x]);
}
Console.WriteLine("Certificate Begins : " + cert.NotBefore);
Console.WriteLine("Certificate Expires : " + cert.NotAfter);
Console.WriteLine("Certificate Version : " + cert.Version);
if (cert.SignatureAlgorithm.FriendlyName.ToLower().Contains("md5"))
{
Console.ForegroundColor = ConsoleColor.Red;
Console.WriteLine("Signature Algorithm : " + cert.SignatureAlgorithm.FriendlyName + " (" + cert.SignatureAlgorithm.Value + ")");
Console.ResetColor();
}
else
{
Console.WriteLine("Signature Algorithm : " + cert.SignatureAlgorithm.FriendlyName + " (" + cert.SignatureAlgorithm.Value + ")");
}
Console.WriteLine("Key Exchange Algorithm: " + cert.PublicKey.Key.KeyExchangeAlgorithm);
Console.WriteLine("Public Key Algorithm : " + new System.Security.Cryptography.Oid(cert.GetKeyAlgorithm()).FriendlyName);
Console.WriteLine("Public Key Size : " + cert.PublicKey.Key.KeySize);
foreach (X509Extension extension in cert.Extensions)
{
if (extension.Oid.FriendlyName == "Subject Alternative Name")
{
AsnEncodedData asnData = new AsnEncodedData(extension.Oid, extension.RawData);
string[] sans = asnData.Format(false).Split(',');
Console.Write("Alternative Names : ");
for (int x = 0; x < sans.Length; x++)
{
if (x == 0)
Console.WriteLine(sans[x]);
else
Console.WriteLine(" " + sans[x]);
}
}
}
Console.Write("Certificate Validated : ");
if (sslPolicyErrors == SslPolicyErrors.None)
{
Console.ForegroundColor = ConsoleColor.Green;
Console.WriteLine("Yes");
Console.ResetColor();
}
else
{
Console.ForegroundColor = ConsoleColor.Red;
Console.WriteLine("No (" + sslPolicyErrors + ")");
Console.ResetColor();
}
return true;
}
public static string GetElementInX509Name(X509Certificate2 certificate, string element)
{
var asnEncodedData = new AsnEncodedData(new Oid(element), certificate.SubjectName.RawData);
return asnEncodedData.Format(false);
}
public static string GetSubjectCommonName(X509Certificate2 certificate)
{
var asnEncodedData = new AsnEncodedData(new Oid(ObjectIdentifiers.CommonName), certificate.SubjectName.RawData);
return asnEncodedData.Format(false);
}
public void Constructor_OidNullData ()
{
// this is legal - http://lab.msdn.microsoft.com/ProductFeedback/viewfeedback.aspx?feedbackid=38336cfa-3b97-47da-ad4e-9522d557f001
Oid o = null;
AsnEncodedData aed = new AsnEncodedData (o, asnNullBytes);
Assert.IsNull (aed.Oid, "Oid");
Assert.AreEqual (BitConverter.ToString (asnNullBytes), BitConverter.ToString (aed.RawData), "RawData");
Assert.AreEqual (asnNullString, aed.Format (true), "Format");
}
public void RawData ()
{
AsnEncodedData aed = new AsnEncodedData ((Oid)null, asnNullBytes);
Assert.AreEqual (asnNullString, aed.Format (true), "Format 1");
aed.RawData = null;
}
public static string GetAuthorityKeyIdentifier(X509Certificate2 cert)
{
X509Extension extension = Helper.GetX509Extension(cert, "2.5.29.35");
if (extension == null)
{
return null;
}
AsnEncodedData asndata = new AsnEncodedData(extension.Oid, extension.RawData);
return asndata.Format(true);
}
public void CopyFrom_AsnEncodedData ()
{
AsnEncodedData aed = new AsnEncodedData (new Oid ("2.5.29.37"), new byte[] { 0x30, 0x05, 0x06, 0x03, 0x2A, 0x03, 0x04 });
// this is recognized as an Enhanced Key Usages extension
Assert.AreEqual ("Unknown Key Usage (1.2.3.4)" + Environment.NewLine, aed.Format (true), "aed.Format(true)");
Assert.AreEqual ("Unknown Key Usage (1.2.3.4)", aed.Format (false), "aed.Format(false)");
X509Ex ex = new X509Ex ();
// but won't be accepted by the CopyFrom method (no a X509Extension)
ex.CopyFrom (aed);
}
