diff options
author | mw <megan@cryptoworkshop.com> | 2020-10-22 17:58:24 +1100 |
---|---|---|
committer | mw <megan@cryptoworkshop.com> | 2020-10-22 17:58:24 +1100 |
commit | 41c26ef9a2a22bebedff9f9c7a60d9be989c6609 (patch) | |
tree | 26bbe5eabaf9402d4bce863c481f6c6f84a6c24d | |
parent | GCM updates from bc-java (diff) | |
download | BouncyCastle.NET-ed25519-41c26ef9a2a22bebedff9f9c7a60d9be989c6609.tar.xz |
Updated TableGen2 to use IdAASigningCertificateV2 oid
-rw-r--r-- | crypto/src/tsp/TimeStampTokenGenerator.cs | 4 | ||||
-rw-r--r-- | crypto/test/src/tsp/test/TSPTest.cs | 96 |
2 files changed, 97 insertions, 3 deletions
diff --git a/crypto/src/tsp/TimeStampTokenGenerator.cs b/crypto/src/tsp/TimeStampTokenGenerator.cs index 76228761a..ae4a0caeb 100644 --- a/crypto/src/tsp/TimeStampTokenGenerator.cs +++ b/crypto/src/tsp/TimeStampTokenGenerator.cs @@ -372,9 +372,9 @@ namespace Org.BouncyCastle.Tsp public Asn1.Cms.AttributeTable GetAttributes(IDictionary parameters) { Asn1.Cms.AttributeTable tab = infoGen.signedGen.GetAttributes(parameters); - if (tab[PkcsObjectIdentifiers.IdAASigningCertificate] == null) + if (tab[PkcsObjectIdentifiers.IdAASigningCertificateV2] == null) { - return tab.Add(PkcsObjectIdentifiers.IdAASigningCertificate, new SigningCertificateV2(essCertID)); + return tab.Add(PkcsObjectIdentifiers.IdAASigningCertificateV2, new SigningCertificateV2(essCertID)); } return tab; } diff --git a/crypto/test/src/tsp/test/TSPTest.cs b/crypto/test/src/tsp/test/TSPTest.cs index e56d4ec9f..cb72f967b 100644 --- a/crypto/test/src/tsp/test/TSPTest.cs +++ b/crypto/test/src/tsp/test/TSPTest.cs @@ -2,11 +2,16 @@ using System; using System.Collections; using NUnit.Framework; - +using Org.BouncyCastle.Asn1; using Org.BouncyCastle.Asn1.Cmp; using Org.BouncyCastle.Asn1.Cms; +using Org.BouncyCastle.Asn1.Ess; +using Org.BouncyCastle.Asn1.Nist; +using Org.BouncyCastle.Asn1.Oiw; using Org.BouncyCastle.Asn1.Pkcs; +using Org.BouncyCastle.Cms; using Org.BouncyCastle.Crypto; +using Org.BouncyCastle.Crypto.Operators; using Org.BouncyCastle.Crypto.Parameters; using Org.BouncyCastle.Math; using Org.BouncyCastle.Utilities; @@ -21,17 +26,22 @@ namespace Org.BouncyCastle.Tsp.Tests private static AsymmetricKeyParameter privateKey; private static X509Certificate cert; private static IX509Store certs; + + static TspTest() { string signDN = "O=Bouncy Castle, C=AU"; AsymmetricCipherKeyPair signKP = TspTestUtil.MakeKeyPair(); X509Certificate signCert = TspTestUtil.MakeCACertificate(signKP, signDN, signKP, signDN); + string origDN = "CN=Eric H. Echidna, E=eric@bouncycastle.org, O=Bouncy Castle, C=AU"; AsymmetricCipherKeyPair origKP = TspTestUtil.MakeKeyPair(); privateKey = origKP.Private; + + cert = TspTestUtil.MakeCertificate(origKP, origDN, signKP, signDN); IList certList = new ArrayList(); @@ -544,5 +554,89 @@ namespace Org.BouncyCastle.Tsp.Tests Assert.AreEqual(0, certificates.Count); } + + [Test] + public void TestBasicSha256() + { + + var sInfoGenerator = makeInfoGenerator(privateKey, cert, TspAlgorithms.Sha256, null, null); + TimeStampTokenGenerator tsTokenGen = new TimeStampTokenGenerator( + sInfoGenerator, + Asn1DigestFactory.Get(NistObjectIdentifiers.IdSha256),new DerObjectIdentifier("1.2"),true); + + + tsTokenGen.SetCertificates(certs); + + TimeStampRequestGenerator reqGen = new TimeStampRequestGenerator(); + TimeStampRequest request = reqGen.Generate(TspAlgorithms.Sha256, new byte[32]); + + Assert.IsFalse(request.CertReq); + + TimeStampResponseGenerator tsRespGen = new TimeStampResponseGenerator(tsTokenGen, TspAlgorithms.Allowed); + + TimeStampResponse tsResp = tsRespGen.Generate(request, BigInteger.ValueOf(23), DateTime.UtcNow); + + tsResp = new TimeStampResponse(tsResp.GetEncoded()); + + TimeStampToken tsToken = tsResp.TimeStampToken; + + tsToken.Validate(cert); + + TimeStampTokenInfo tstInfo = tsToken.TimeStampInfo; + + AttributeTable table = tsToken.SignedAttributes; + + var r = table.Get(PkcsObjectIdentifiers.IdAASigningCertificateV2); + Assert.NotNull(r); + Assert.AreEqual(PkcsObjectIdentifiers.IdAASigningCertificateV2, r.AttrType); + var set = r.AttrValues; + SigningCertificateV2 sCert = SigningCertificateV2.GetInstance(set[0]); + + var issSerNum = sCert.GetCerts()[0].IssuerSerial; + + Assert.AreEqual(cert.SerialNumber, issSerNum.Serial.Value); + + } + + internal static SignerInfoGenerator makeInfoGenerator( + AsymmetricKeyParameter key, + X509Certificate cert, + string digestOID, + + Asn1.Cms.AttributeTable signedAttr, + Asn1.Cms.AttributeTable unsignedAttr) + { + + + TspUtil.ValidateCertificate(cert); + + // + // Add the ESSCertID attribute + // + IDictionary signedAttrs; + if (signedAttr != null) + { + signedAttrs = signedAttr.ToDictionary(); + } + else + { + signedAttrs = Platform.CreateHashtable(); + } + + + + string digestName = CmsSignedHelper.Instance.GetDigestAlgName(digestOID); + string signatureName = digestName + "with" + CmsSignedHelper.Instance.GetEncryptionAlgName(CmsSignedHelper.Instance.GetEncOid(key, digestOID)); + + Asn1SignatureFactory sigfact = new Asn1SignatureFactory(signatureName, key); + return new SignerInfoGeneratorBuilder() + .WithSignedAttributeGenerator( + new DefaultSignedAttributeTableGenerator( + new Asn1.Cms.AttributeTable(signedAttrs))) + .WithUnsignedAttributeGenerator( + new SimpleAttributeTableGenerator(unsignedAttr)) + .Build(sigfact, cert); + } + } } |