diff --git a/crypto/test/src/cms/test/CMSTestUtil.cs b/crypto/test/src/cms/test/CMSTestUtil.cs
index e98810c84..e7ec50f53 100644
--- a/crypto/test/src/cms/test/CMSTestUtil.cs
+++ b/crypto/test/src/cms/test/CMSTestUtil.cs
@@ -3,6 +3,7 @@ using System.Collections.Generic;
using System.IO;
using System.Text;
+using Org.BouncyCastle.Asn1;
using Org.BouncyCastle.Asn1.CryptoPro;
using Org.BouncyCastle.Asn1.X509;
using Org.BouncyCastle.Crypto;
@@ -455,6 +456,15 @@ namespace Org.BouncyCastle.Cms.Tests
return CollectionUtilities.CreateStore(crlList);
}
+ internal static IStore<Asn1Encodable> MakeOtherRevocationInfoStore(byte[] ocspResponseBytes)
+ {
+ var otherRevocationInfoList = new List<Asn1Encodable>
+ {
+ Asn1Object.FromByteArray(ocspResponseBytes)
+ };
+ return CollectionUtilities.CreateStore(otherRevocationInfoList);
+ }
+
private static AuthorityKeyIdentifier CreateAuthorityKeyId(
AsymmetricKeyParameter _pubKey)
{
diff --git a/crypto/test/src/cms/test/SignedDataStreamTest.cs b/crypto/test/src/cms/test/SignedDataStreamTest.cs
index 37f41783d..3d7892c6d 100644
--- a/crypto/test/src/cms/test/SignedDataStreamTest.cs
+++ b/crypto/test/src/cms/test/SignedDataStreamTest.cs
@@ -38,6 +38,40 @@ namespace Org.BouncyCastle.Cms.Tests
private static X509Crl signCrl;
private static X509Crl origCrl;
+ private static readonly byte[] OcspResponseBytes = Base64.Decode(
+ "MIIFnAoBAKCCBZUwggWRBgkrBgEFBQcwAQEEggWCMIIFfjCCARehgZ8wgZwx"
+ + "CzAJBgNVBAYTAklOMRcwFQYDVQQIEw5BbmRocmEgcHJhZGVzaDESMBAGA1UE"
+ + "BxMJSHlkZXJhYmFkMQwwCgYDVQQKEwNUQ1MxDDAKBgNVBAsTA0FUQzEeMBwG"
+ + "A1UEAxMVVENTLUNBIE9DU1AgUmVzcG9uZGVyMSQwIgYJKoZIhvcNAQkBFhVv"
+ + "Y3NwQHRjcy1jYS50Y3MuY28uaW4YDzIwMDMwNDAyMTIzNDU4WjBiMGAwOjAJ"
+ + "BgUrDgMCGgUABBRs07IuoCWNmcEl1oHwIak1BPnX8QQUtGyl/iL9WJ1VxjxF"
+ + "j0hAwJ/s1AcCAQKhERgPMjAwMjA4MjkwNzA5MjZaGA8yMDAzMDQwMjEyMzQ1"
+ + "OFowDQYJKoZIhvcNAQEFBQADgYEAfbN0TCRFKdhsmvOdUoiJ+qvygGBzDxD/"
+ + "VWhXYA+16AphHLIWNABR3CgHB3zWtdy2j7DJmQ/R7qKj7dUhWLSqclAiPgFt"
+ + "QQ1YvSJAYfEIdyHkxv4NP0LSogxrumANcDyC9yt/W9yHjD2ICPBIqCsZLuLk"
+ + "OHYi5DlwWe9Zm9VFwCGgggPMMIIDyDCCA8QwggKsoAMCAQICAQYwDQYJKoZI"
+ + "hvcNAQEFBQAwgZQxFDASBgNVBAMTC1RDUy1DQSBPQ1NQMSYwJAYJKoZIhvcN"
+ + "AQkBFhd0Y3MtY2FAdGNzLWNhLnRjcy5jby5pbjEMMAoGA1UEChMDVENTMQww"
+ + "CgYDVQQLEwNBVEMxEjAQBgNVBAcTCUh5ZGVyYWJhZDEXMBUGA1UECBMOQW5k"
+ + "aHJhIHByYWRlc2gxCzAJBgNVBAYTAklOMB4XDTAyMDgyOTA3MTE0M1oXDTAz"
+ + "MDgyOTA3MTE0M1owgZwxCzAJBgNVBAYTAklOMRcwFQYDVQQIEw5BbmRocmEg"
+ + "cHJhZGVzaDESMBAGA1UEBxMJSHlkZXJhYmFkMQwwCgYDVQQKEwNUQ1MxDDAK"
+ + "BgNVBAsTA0FUQzEeMBwGA1UEAxMVVENTLUNBIE9DU1AgUmVzcG9uZGVyMSQw"
+ + "IgYJKoZIhvcNAQkBFhVvY3NwQHRjcy1jYS50Y3MuY28uaW4wgZ8wDQYJKoZI"
+ + "hvcNAQEBBQADgY0AMIGJAoGBAM+XWW4caMRv46D7L6Bv8iwtKgmQu0SAybmF"
+ + "RJiz12qXzdvTLt8C75OdgmUomxp0+gW/4XlTPUqOMQWv463aZRv9Ust4f8MH"
+ + "EJh4ekP/NS9+d8vEO3P40ntQkmSMcFmtA9E1koUtQ3MSJlcs441JjbgUaVnm"
+ + "jDmmniQnZY4bU3tVAgMBAAGjgZowgZcwDAYDVR0TAQH/BAIwADALBgNVHQ8E"
+ + "BAMCB4AwEwYDVR0lBAwwCgYIKwYBBQUHAwkwNgYIKwYBBQUHAQEEKjAoMCYG"
+ + "CCsGAQUFBzABhhpodHRwOi8vMTcyLjE5LjQwLjExMDo3NzAwLzAtBgNVHR8E"
+ + "JjAkMCKgIKAehhxodHRwOi8vMTcyLjE5LjQwLjExMC9jcmwuY3JsMA0GCSqG"
+ + "SIb3DQEBBQUAA4IBAQB6FovM3B4VDDZ15o12gnADZsIk9fTAczLlcrmXLNN4"
+ + "PgmqgnwF0Ymj3bD5SavDOXxbA65AZJ7rBNAguLUo+xVkgxmoBH7R2sBxjTCc"
+ + "r07NEadxM3HQkt0aX5XYEl8eRoifwqYAI9h0ziZfTNes8elNfb3DoPPjqq6V"
+ + "mMg0f0iMS4W8LjNPorjRB+kIosa1deAGPhq0eJ8yr0/s2QR2/WFD5P4aXc8I"
+ + "KWleklnIImS3zqiPrq6tl2Bm8DZj7vXlTOwmraSQxUwzCKwYob1yGvNOUQTq"
+ + "pG6jxn7jgDawHU1+WjWQe4Q34/pWeGLysxTraMa+Ug9kPe+jy/qRX2xwvKBZ");
+
private static AsymmetricCipherKeyPair SignKP
{
get { return signKP == null ? (signKP = CmsTestUtil.MakeKeyPair()) : signKP; }
@@ -341,7 +375,83 @@ namespace Org.BouncyCastle.Cms.Tests
Assert.IsTrue(col.Contains(OrigCrl));
}
- [Test]
+ [Test]
+ public void TestCrlAndOtherRevocationInfoFormat()
+ {
+ MemoryStream bOut = new MemoryStream();
+
+ var x509Certs = CmsTestUtil.MakeCertStore(OrigCert, SignCert);
+ var x509Crls = CmsTestUtil.MakeCrlStore(SignCrl, OrigCrl);
+ var x509OtherRevocationInfos = CmsTestUtil.MakeOtherRevocationInfoStore(OcspResponseBytes);
+
+ CmsSignedDataStreamGenerator gen = new CmsSignedDataStreamGenerator();
+ gen.AddSigner(OrigKP.Private, OrigCert, CmsSignedGenerator.DigestSha1);
+ gen.AddCertificates(x509Certs);
+ gen.AddCrls(x509Crls);
+ gen.AddOtherRevocationInfos(CmsObjectIdentifiers.id_ri_ocsp_response, x509OtherRevocationInfos);
+
+ Stream sigOut = gen.Open(bOut);
+
+ byte[] testBytes = Encoding.ASCII.GetBytes(TestMessage);
+ sigOut.Write(testBytes, 0, testBytes.Length);
+
+ sigOut.Close();
+
+ CheckSigParseable(bOut.ToArray());
+
+ CmsSignedDataParser sp = new CmsSignedDataParser(
+ new CmsTypedStream(new MemoryStream(testBytes, false)), bOut.ToArray());
+
+ sp.GetSignedContent().Drain();
+
+ // compute expected content digest
+ byte[] hash = DigestUtilities.CalculateDigest("SHA1", testBytes);
+
+ VerifySignatures(sp, hash);
+
+ //
+ // try using existing signer
+ //
+ gen = new CmsSignedDataStreamGenerator();
+ gen.AddSigners(sp.GetSignerInfos());
+ gen.AddCertificates(sp.GetCertificates());
+ gen.AddCrls(sp.GetCrls());
+
+ var spOtherRevocationInfos = sp.GetOtherRevInfos(CmsObjectIdentifiers.id_ri_ocsp_response);
+ gen.AddOtherRevocationInfos(CmsObjectIdentifiers.id_ri_ocsp_response, spOtherRevocationInfos);
+
+ bOut.SetLength(0);
+
+ sigOut = gen.Open(bOut, true);
+ sigOut.Write(testBytes, 0, testBytes.Length);
+ sigOut.Close();
+
+ VerifyEncodedData(bOut);
+
+ //
+ // look for the CRLs
+ //
+ var crls = new List<X509Crl>(x509Crls.EnumerateMatches(null));
+
+ Assert.AreEqual(2, crls.Count);
+ Assert.IsTrue(crls.Contains(SignCrl));
+ Assert.IsTrue(crls.Contains(OrigCrl));
+
+ //
+ // look for OtherRevocationInfo
+ //
+ var x509OtherRevocationInfoList = new List<Asn1Encodable>(
+ x509OtherRevocationInfos.EnumerateMatches(null));
+
+ Assert.AreEqual(1, x509OtherRevocationInfoList.Count);
+
+ var spOtherRevocationInfoList = new List<Asn1Encodable>(
+ spOtherRevocationInfos.EnumerateMatches(null));
+
+ Assert.AreEqual(1, spOtherRevocationInfoList.Count);
+ }
+
+ [Test]
public void TestSha1WithRsaNonData()
{
MemoryStream bOut = new MemoryStream();
|
