diff --git a/crypto/test/src/pkcs/test/PKCS10Test.cs b/crypto/test/src/pkcs/test/PKCS10Test.cs
index d0227b9de..7eab8fccd 100644
--- a/crypto/test/src/pkcs/test/PKCS10Test.cs
+++ b/crypto/test/src/pkcs/test/PKCS10Test.cs
@@ -29,7 +29,111 @@ namespace Org.BouncyCastle.Pkcs.Tests
get { return "Pkcs10"; }
}
- public override void PerformTest()
+ [Test]
+ public void BrokenRequestWithDuplicateExtension()
+ {
+
+ String keyName = "RSA";
+ int keySize = 2048;
+
+ String sigName = "SHA256withRSA";
+
+ IAsymmetricCipherKeyPairGenerator kpg = GeneratorUtilities.GetKeyPairGenerator(keyName);
+
+ // kpg.initialize(keySize);
+ kpg.Init(new KeyGenerationParameters(new SecureRandom(), keySize));
+
+ AsymmetricCipherKeyPair kp = kpg.GenerateKeyPair();
+
+ IDictionary attrs = new Hashtable();
+ attrs.Add(X509Name.C, "AU");
+ attrs.Add(X509Name.O, "The Legion of the Bouncy Castle");
+ attrs.Add(X509Name.L, "Melbourne");
+ attrs.Add(X509Name.ST, "Victoria");
+ attrs.Add(X509Name.EmailAddress, "feedback-crypto@bouncycastle.org");
+
+ IList order = new ArrayList();
+ order.Add(X509Name.C);
+ order.Add(X509Name.O);
+ order.Add(X509Name.L);
+ order.Add(X509Name.ST);
+ order.Add(X509Name.EmailAddress);
+
+ X509Name subject = new X509Name(order, attrs);
+
+ //
+ // This is simulate the creation of a certification request with duplicate extensions.
+ //
+
+ GeneralName name1 = new GeneralName(GeneralName.DnsName, "bc1.local");
+ GeneralName name2 = new GeneralName(GeneralName.DnsName, "bc2.local");
+
+ Asn1EncodableVector v = new Asn1EncodableVector();
+ Asn1EncodableVector e1 = new Asn1EncodableVector();
+ e1.Add(X509Extensions.SubjectAlternativeName);
+ e1.Add(new DerOctetString(new GeneralNames(name1).GetEncoded()));
+
+ Asn1EncodableVector e2 = new Asn1EncodableVector();
+ e2.Add(X509Extensions.SubjectAlternativeName);
+ e2.Add(new DerOctetString(new GeneralNames(name2).GetEncoded()));
+
+ v.Add(new DerSequence(e1));
+ v.Add(new DerSequence(e2));
+
+ AttributePkcs attribute = new AttributePkcs(PkcsObjectIdentifiers.Pkcs9AtExtensionRequest, new DerSet(new DerSequence(v)));
+
+ Pkcs10CertificationRequest req1 = new Pkcs10CertificationRequest(
+ sigName,
+ subject,
+ kp.Public,
+ new DerSet(attribute),
+ kp.Private);
+
+
+ // Round trip serialisation
+ byte[] bytes = req1.GetEncoded();
+ Pkcs10CertificationRequest req2 = new Pkcs10CertificationRequest(bytes);
+
+
+ //
+ // Check verification after round tripping serialisation.
+ //
+
+ if (!req2.Verify())
+ {
+ Fail(sigName + ": Failed Verify check.");
+ }
+
+ if (!req2.GetPublicKey().Equals(req1.GetPublicKey()))
+ {
+ Fail(keyName + ": Failed public key check.");
+ }
+
+ //
+ // Disassemble the attributes with the duplicate extensions.
+ //
+
+ var extensions = req2.GetX509Extensions();
+
+ X509Extension returnedExtension = extensions.GetExtension(X509Extensions.SubjectAlternativeName);
+ Asn1Sequence seq = Asn1Sequence.GetInstance(returnedExtension.GetParsedValue());
+
+ //
+ // Check expected order and value.
+ //
+ if (!GeneralName.GetInstance(seq[0]).Equals(name1))
+ {
+ Fail("expected name 1");
+ }
+
+ if (!GeneralName.GetInstance(seq[1]).Equals(name2))
+ {
+ Fail("expected name 2");
+ }
+ }
+
+
+ public override void PerformTest()
{
IAsymmetricCipherKeyPairGenerator pGen = GeneratorUtilities.GetKeyPairGenerator("RSA");
RsaKeyGenerationParameters genParam = new RsaKeyGenerationParameters(
diff --git a/crypto/test/src/test/PKCS10CertRequestTest.cs b/crypto/test/src/test/PKCS10CertRequestTest.cs
index 26a8ab20c..8d040474e 100644
--- a/crypto/test/src/test/PKCS10CertRequestTest.cs
+++ b/crypto/test/src/test/PKCS10CertRequestTest.cs
@@ -447,108 +447,7 @@ namespace Org.BouncyCastle.Tests
- [Test]
- public void BrokenRequestWithDuplicateExtension()
- {
-
- String keyName = "RSA";
- int keySize = 2048;
-
- String sigName = "SHA256withRSA";
-
- IAsymmetricCipherKeyPairGenerator kpg = GeneratorUtilities.GetKeyPairGenerator(keyName);
-
- // kpg.initialize(keySize);
- kpg.Init(new KeyGenerationParameters(new SecureRandom(), keySize));
-
- AsymmetricCipherKeyPair kp = kpg.GenerateKeyPair();
-
- IDictionary attrs = new Hashtable();
- attrs.Add(X509Name.C, "AU");
- attrs.Add(X509Name.O, "The Legion of the Bouncy Castle");
- attrs.Add(X509Name.L, "Melbourne");
- attrs.Add(X509Name.ST, "Victoria");
- attrs.Add(X509Name.EmailAddress, "feedback-crypto@bouncycastle.org");
-
- IList order = new ArrayList();
- order.Add(X509Name.C);
- order.Add(X509Name.O);
- order.Add(X509Name.L);
- order.Add(X509Name.ST);
- order.Add(X509Name.EmailAddress);
-
- X509Name subject = new X509Name(order, attrs);
-
- //
- // This is simulate the creation of a certification request with duplicate extensions.
- //
-
- GeneralName name1 = new GeneralName(GeneralName.DnsName, "bc1.local");
- GeneralName name2 = new GeneralName(GeneralName.DnsName, "bc2.local");
-
- Asn1EncodableVector v = new Asn1EncodableVector();
- Asn1EncodableVector e1 = new Asn1EncodableVector();
- e1.Add(X509Extensions.SubjectAlternativeName);
- e1.Add(new DerOctetString(new GeneralNames(name1).GetEncoded()));
-
- Asn1EncodableVector e2 = new Asn1EncodableVector();
- e2.Add(X509Extensions.SubjectAlternativeName);
- e2.Add(new DerOctetString(new GeneralNames(name2).GetEncoded()));
-
- v.Add(new DerSequence(e1));
- v.Add(new DerSequence(e2));
-
- AttributePkcs attribute = new AttributePkcs(PkcsObjectIdentifiers.Pkcs9AtExtensionRequest, new DerSet(new DerSequence(v)));
-
- Pkcs10CertificationRequest req1 = new Pkcs10CertificationRequest(
- sigName,
- subject,
- kp.Public,
- new DerSet(attribute),
- kp.Private);
-
-
- // Round trip serialisation
- byte[] bytes = req1.GetEncoded();
- Pkcs10CertificationRequest req2 = new Pkcs10CertificationRequest(bytes);
-
-
- //
- // Check verification after round tripping serialisation.
- //
-
- if (!req2.Verify())
- {
- Fail(sigName + ": Failed Verify check.");
- }
-
- if (!req2.GetPublicKey().Equals(req1.GetPublicKey()))
- {
- Fail(keyName + ": Failed public key check.");
- }
-
- //
- // Disassemble the attributes with the duplicate extensions.
- //
-
- var extensions = req2.GetX509Extensions();
-
- X509Extension returnedExtension = extensions.GetExtension(X509Extensions.SubjectAlternativeName);
- Asn1Sequence seq = Asn1Sequence.GetInstance(returnedExtension.GetParsedValue());
-
- //
- // Check expected order and value.
- //
- if (!GeneralName.GetInstance(seq[0]).Equals(name1))
- {
- Fail("expected name 1");
- }
-
- if (!GeneralName.GetInstance(seq[1]).Equals(name2))
- {
- Fail("expected name 2");
- }
- }
+
public static void Main(
string[] args)
|
