diff options
| -rw-r--r-- | crypto/src/asn1/cmp/CertifiedKeyPair.cs | 4 | ||||
| -rw-r--r-- | crypto/src/asn1/crmf/EncryptedValue.cs | 94 | ||||
| -rw-r--r-- | crypto/src/asn1/crmf/PKIPublicationInfo.cs | 92 | ||||
| -rw-r--r-- | crypto/test/src/asn1/cmp/test/CertifiedKeyPairTest.cs | 110 | ||||
| -rw-r--r-- | crypto/test/src/asn1/cmp/test/PkiFailureInfoTest.cs | 78 | ||||
| -rw-r--r-- | crypto/test/src/asn1/cmp/test/PollReqContentTest.cs | 57 | ||||
| -rw-r--r-- | crypto/test/src/util/test/SimpleTest.cs | 7 |
7 files changed, 359 insertions, 83 deletions
diff --git a/crypto/src/asn1/cmp/CertifiedKeyPair.cs b/crypto/src/asn1/cmp/CertifiedKeyPair.cs index a40a2730a..ec60ce965 100644 --- a/crypto/src/asn1/cmp/CertifiedKeyPair.cs +++ b/crypto/src/asn1/cmp/CertifiedKeyPair.cs @@ -42,8 +42,8 @@ namespace Org.BouncyCastle.Asn1.Cmp } else { - m_privateKey = EncryptedKey.GetInstance(Asn1TaggedObject.GetInstance(seq[1])); - m_publicationInfo = PkiPublicationInfo.GetInstance(Asn1TaggedObject.GetInstance(seq[2])); + m_privateKey = EncryptedKey.GetInstance(Asn1TaggedObject.GetInstance(seq[1]).GetObject()); + m_publicationInfo = PkiPublicationInfo.GetInstance(Asn1TaggedObject.GetInstance(seq[2]).GetObject()); } } } diff --git a/crypto/src/asn1/crmf/EncryptedValue.cs b/crypto/src/asn1/crmf/EncryptedValue.cs index ad3a4c3f7..950298504 100644 --- a/crypto/src/asn1/crmf/EncryptedValue.cs +++ b/crypto/src/asn1/crmf/EncryptedValue.cs @@ -9,8 +9,8 @@ namespace Org.BouncyCastle.Asn1.Crmf { public static EncryptedValue GetInstance(object obj) { - if (obj is EncryptedValue) - return (EncryptedValue)obj; + if (obj is EncryptedValue encryptedValue) + return encryptedValue; if (obj != null) return new EncryptedValue(Asn1Sequence.GetInstance(obj)); @@ -18,89 +18,67 @@ namespace Org.BouncyCastle.Asn1.Crmf return null; } - private readonly AlgorithmIdentifier intendedAlg; - private readonly AlgorithmIdentifier symmAlg; - private readonly DerBitString encSymmKey; - private readonly AlgorithmIdentifier keyAlg; - private readonly Asn1OctetString valueHint; - private readonly DerBitString encValue; + private readonly AlgorithmIdentifier m_intendedAlg; + private readonly AlgorithmIdentifier m_symmAlg; + private readonly DerBitString m_encSymmKey; + private readonly AlgorithmIdentifier m_keyAlg; + private readonly Asn1OctetString m_valueHint; + private readonly DerBitString m_encValue; private EncryptedValue(Asn1Sequence seq) { int index = 0; - while (seq[index++] is Asn1TaggedObject tObj) + while (seq[index] is Asn1TaggedObject tObj) { switch (tObj.TagNo) { case 0: - intendedAlg = AlgorithmIdentifier.GetInstance(tObj, false); + m_intendedAlg = AlgorithmIdentifier.GetInstance(tObj, false); break; case 1: - symmAlg = AlgorithmIdentifier.GetInstance(tObj, false); + m_symmAlg = AlgorithmIdentifier.GetInstance(tObj, false); break; case 2: - encSymmKey = DerBitString.GetInstance(tObj, false); + m_encSymmKey = DerBitString.GetInstance(tObj, false); break; case 3: - keyAlg = AlgorithmIdentifier.GetInstance(tObj, false); + m_keyAlg = AlgorithmIdentifier.GetInstance(tObj, false); break; case 4: - valueHint = Asn1OctetString.GetInstance(tObj, false); + m_valueHint = Asn1OctetString.GetInstance(tObj, false); break; } + ++index; } - encValue = DerBitString.GetInstance(seq[index]); + m_encValue = DerBitString.GetInstance(seq[index]); } - public EncryptedValue( - AlgorithmIdentifier intendedAlg, - AlgorithmIdentifier symmAlg, - DerBitString encSymmKey, - AlgorithmIdentifier keyAlg, - Asn1OctetString valueHint, - DerBitString encValue) + public EncryptedValue(AlgorithmIdentifier intendedAlg, AlgorithmIdentifier symmAlg, DerBitString encSymmKey, + AlgorithmIdentifier keyAlg, Asn1OctetString valueHint, DerBitString encValue) { if (encValue == null) throw new ArgumentNullException(nameof(encValue)); - this.intendedAlg = intendedAlg; - this.symmAlg = symmAlg; - this.encSymmKey = encSymmKey; - this.keyAlg = keyAlg; - this.valueHint = valueHint; - this.encValue = encValue; + m_intendedAlg = intendedAlg; + m_symmAlg = symmAlg; + m_encSymmKey = encSymmKey; + m_keyAlg = keyAlg; + m_valueHint = valueHint; + m_encValue = encValue; } - public virtual AlgorithmIdentifier IntendedAlg - { - get { return intendedAlg; } - } + public virtual AlgorithmIdentifier IntendedAlg => m_intendedAlg; - public virtual AlgorithmIdentifier SymmAlg - { - get { return symmAlg; } - } + public virtual AlgorithmIdentifier SymmAlg => m_symmAlg; - public virtual DerBitString EncSymmKey - { - get { return encSymmKey; } - } + public virtual DerBitString EncSymmKey => m_encSymmKey; - public virtual AlgorithmIdentifier KeyAlg - { - get { return keyAlg; } - } + public virtual AlgorithmIdentifier KeyAlg => m_keyAlg; - public virtual Asn1OctetString ValueHint - { - get { return valueHint; } - } + public virtual Asn1OctetString ValueHint => m_valueHint; - public virtual DerBitString EncValue - { - get { return encValue; } - } + public virtual DerBitString EncValue => m_encValue; /** * <pre> @@ -127,12 +105,12 @@ namespace Org.BouncyCastle.Asn1.Crmf public override Asn1Object ToAsn1Object() { Asn1EncodableVector v = new Asn1EncodableVector(); - v.AddOptionalTagged(false, 0, intendedAlg); - v.AddOptionalTagged(false, 1, symmAlg); - v.AddOptionalTagged(false, 2, encSymmKey); - v.AddOptionalTagged(false, 3, keyAlg); - v.AddOptionalTagged(false, 4, valueHint); - v.Add(encValue); + v.AddOptionalTagged(false, 0, m_intendedAlg); + v.AddOptionalTagged(false, 1, m_symmAlg); + v.AddOptionalTagged(false, 2, m_encSymmKey); + v.AddOptionalTagged(false, 3, m_keyAlg); + v.AddOptionalTagged(false, 4, m_valueHint); + v.Add(m_encValue); return new DerSequence(v); } } diff --git a/crypto/src/asn1/crmf/PKIPublicationInfo.cs b/crypto/src/asn1/crmf/PKIPublicationInfo.cs index a7d2bc603..c855a7d28 100644 --- a/crypto/src/asn1/crmf/PKIPublicationInfo.cs +++ b/crypto/src/asn1/crmf/PKIPublicationInfo.cs @@ -1,48 +1,91 @@ -using System; - -using Org.BouncyCastle.Utilities; +using Org.BouncyCastle.Math; namespace Org.BouncyCastle.Asn1.Crmf { + /** + * <pre> + * PKIPublicationInfo ::= SEQUENCE { + * action INTEGER { + * dontPublish (0), + * pleasePublish (1) }, + * pubInfos SEQUENCE SIZE (1..MAX) OF SinglePubInfo OPTIONAL } + * -- pubInfos MUST NOT be present if action is "dontPublish" + * -- (if action is "pleasePublish" and pubInfos is omitted, + * -- "dontCare" is assumed) + * </pre> + */ public class PkiPublicationInfo : Asn1Encodable { - private readonly DerInteger action; - private readonly Asn1Sequence pubInfos; + public static readonly DerInteger DontPublish = new DerInteger(0); + public static readonly DerInteger PleasePublish = new DerInteger(1); + + public static PkiPublicationInfo GetInstance(object obj) + { + if (obj is PkiPublicationInfo pkiPublicationInfo) + return pkiPublicationInfo; + + if (obj != null) + return new PkiPublicationInfo(Asn1Sequence.GetInstance(obj)); + + return null; + } + + private readonly DerInteger m_action; + private readonly Asn1Sequence m_pubInfos; private PkiPublicationInfo(Asn1Sequence seq) { - action = DerInteger.GetInstance(seq[0]); - pubInfos = Asn1Sequence.GetInstance(seq[1]); + m_action = DerInteger.GetInstance(seq[0]); + if (seq.Count > 1) + { + m_pubInfos = Asn1Sequence.GetInstance(seq[1]); + } } - public static PkiPublicationInfo GetInstance(object obj) + public PkiPublicationInfo(BigInteger action) + : this(new DerInteger(action)) { - if (obj is PkiPublicationInfo) - return (PkiPublicationInfo)obj; + } - if (obj is Asn1Sequence) - return new PkiPublicationInfo((Asn1Sequence)obj); + public PkiPublicationInfo(DerInteger action) + { + m_action = action; + } - throw new ArgumentException("Invalid object: " + Platform.GetTypeName(obj), "obj"); + /** + * Constructor with a single pubInfo, assumes pleasePublish as the action. + * + * @param pubInfo the pubInfo to be published (can be null if don't care is required). + */ + public PkiPublicationInfo(SinglePubInfo pubInfo) + : this(pubInfo != null ? new SinglePubInfo[1]{ pubInfo } : null) + { } - public virtual DerInteger Action + /** + * Constructor with multiple pubInfo, assumes pleasePublish as the action. + * + * @param pubInfos the pubInfos to be published (can be null if don't care is required). + */ + public PkiPublicationInfo(SinglePubInfo[] pubInfos) { - get { return action; } + m_action = PleasePublish; + + if (pubInfos != null) + { + m_pubInfos = new DerSequence(pubInfos); + } } + public virtual DerInteger Action => m_action; + public virtual SinglePubInfo[] GetPubInfos() { - if (pubInfos == null) + if (m_pubInfos == null) return null; - SinglePubInfo[] results = new SinglePubInfo[pubInfos.Count]; - for (int i = 0; i != results.Length; ++i) - { - results[i] = SinglePubInfo.GetInstance(pubInfos[i]); - } - return results; + return m_pubInfos.MapElements(SinglePubInfo.GetInstance); } /** @@ -60,7 +103,10 @@ namespace Org.BouncyCastle.Asn1.Crmf */ public override Asn1Object ToAsn1Object() { - return new DerSequence(action, pubInfos); + if (m_pubInfos == null) + return new DerSequence(m_action); + + return new DerSequence(m_action, m_pubInfos); } } } diff --git a/crypto/test/src/asn1/cmp/test/CertifiedKeyPairTest.cs b/crypto/test/src/asn1/cmp/test/CertifiedKeyPairTest.cs new file mode 100644 index 000000000..0935cdf8f --- /dev/null +++ b/crypto/test/src/asn1/cmp/test/CertifiedKeyPairTest.cs @@ -0,0 +1,110 @@ +using System; +using System.IO; + +using NUnit.Framework; + +using Org.BouncyCastle.Asn1.Crmf; +using Org.BouncyCastle.Asn1.X509; +using Org.BouncyCastle.Utilities.Encoders; +using Org.BouncyCastle.Utilities.Test; + +namespace Org.BouncyCastle.Asn1.Cmp.Tests +{ + [TestFixture] + public class CertifiedKeyPairTest + : SimpleTest + { + private static readonly byte[] cert1 = Base64.Decode( + "MIIDXjCCAsegAwIBAgIBBzANBgkqhkiG9w0BAQQFADCBtzELMAkGA1UEBhMCQVUx" + + "ETAPBgNVBAgTCFZpY3RvcmlhMRgwFgYDVQQHEw9Tb3V0aCBNZWxib3VybmUxGjAY" + + "BgNVBAoTEUNvbm5lY3QgNCBQdHkgTHRkMR4wHAYDVQQLExVDZXJ0aWZpY2F0ZSBB" + + "dXRob3JpdHkxFTATBgNVBAMTDENvbm5lY3QgNCBDQTEoMCYGCSqGSIb3DQEJARYZ" + + "d2VibWFzdGVyQGNvbm5lY3Q0LmNvbS5hdTAeFw0wMDA2MDIwNzU2MjFaFw0wMTA2" + + "MDIwNzU2MjFaMIG4MQswCQYDVQQGEwJBVTERMA8GA1UECBMIVmljdG9yaWExGDAW" + + "BgNVBAcTD1NvdXRoIE1lbGJvdXJuZTEaMBgGA1UEChMRQ29ubmVjdCA0IFB0eSBM" + + "dGQxFzAVBgNVBAsTDldlYnNlcnZlciBUZWFtMR0wGwYDVQQDExR3d3cyLmNvbm5l" + + "Y3Q0LmNvbS5hdTEoMCYGCSqGSIb3DQEJARYZd2VibWFzdGVyQGNvbm5lY3Q0LmNv" + + "bS5hdTCBnzANBgkqhkiG9w0BAQEFAAOBjQAwgYkCgYEArvDxclKAhyv7Q/Wmr2re" + + "Gw4XL9Cnh9e+6VgWy2AWNy/MVeXdlxzd7QAuc1eOWQkGQEiLPy5XQtTY+sBUJ3AO" + + "Rvd2fEVJIcjf29ey7bYua9J/vz5MG2KYo9/WCHIwqD9mmG9g0xLcfwq/s8ZJBswE" + + "7sb85VU+h94PTvsWOsWuKaECAwEAAaN3MHUwJAYDVR0RBB0wG4EZd2VibWFzdGVy" + + "QGNvbm5lY3Q0LmNvbS5hdTA6BglghkgBhvhCAQ0ELRYrbW9kX3NzbCBnZW5lcmF0" + + "ZWQgY3VzdG9tIHNlcnZlciBjZXJ0aWZpY2F0ZTARBglghkgBhvhCAQEEBAMCBkAw" + + "DQYJKoZIhvcNAQEEBQADgYEAotccfKpwSsIxM1Hae8DR7M/Rw8dg/RqOWx45HNVL" + + "iBS4/3N/TO195yeQKbfmzbAA2jbPVvIvGgTxPgO1MP4ZgvgRhasaa0qCJCkWvpM4" + + "yQf33vOiYQbpv4rTwzU8AmRlBG45WdjyNIigGV+oRc61aKCTnLq7zB8N3z1TF/bF" + + "5/8="); + + private static readonly byte[] encEncryptedValue = Hex.Decode( + "30820145a11d060960864801650304010204109ed75dc2111f006e0ea707583" + + "daa49898241001fad2520dec6122c51f9f292fc96de9adb881a2101a49155de" + + "3e4b04a4699ee517d7a7623679812f62e0fc996854d89df2daa6850862f11e4" + + "f1751768e8a1a8da30d06092a864886f70d01010105000381d100bb1084782a" + + "3b326390ce1096b44eda81e89b24e117c22b197a0df3ff3d181a5e3d96f30f6" + + "a7f8b545733a867f27f299ff3c2c0ec64bcdca18f566a5e3be893e4842a7442" + + "184a4d147066515d8bcb9aa7d8e6655937e393b2c45186119bf0869702fc58a" + + "ae8a983ce5b54cf5273bcd2e5273e219e2947e41446612c8cf8f4d9e1ede52d" + + "25e00d505485083ea8359f7767c0ae66ff47894f9d621459f50f60e0376059a" + + "6a3b6fe7caca1c13274cf549f6721cf9f3654462687c7392a1c0efea2f393d9" + + "4a5d33b829de8bd521c7205069db"); + + public override void PerformTest() + { + CertOrEncCert certOrEncCert = new CertOrEncCert(new CmpCertificate(X509CertificateStructure.GetInstance(cert1))); + + CertifiedKeyPair ckp = new CertifiedKeyPair(certOrEncCert); + + IsEquals(certOrEncCert, ckp.CertOrEncCert); + IsTrue(null == ckp.PrivateKey); + IsTrue(null == ckp.PublicationInfo); + + EncEqualTest(ckp); + + PkiPublicationInfo pubInfo = new PkiPublicationInfo(PkiPublicationInfo.DontPublish); + ckp = new CertifiedKeyPair(certOrEncCert, (EncryptedKey)null, pubInfo); + + IsEquals(certOrEncCert, ckp.CertOrEncCert); + IsTrue(null == ckp.PrivateKey); + IsEquals(pubInfo, ckp.PublicationInfo); + + EncEqualTest(ckp); + + EncryptedValue encValue = EncryptedValue.GetInstance(encEncryptedValue); + + ckp = new CertifiedKeyPair(certOrEncCert, encValue, null); + + IsEquals(certOrEncCert, ckp.CertOrEncCert); + IsEquals(encValue, ckp.PrivateKey); + IsTrue(null == ckp.PublicationInfo); + + EncEqualTest(ckp); + + ckp = new CertifiedKeyPair(certOrEncCert, encValue, pubInfo); + + IsEquals(certOrEncCert, ckp.CertOrEncCert); + IsEquals(encValue, ckp.PrivateKey); + IsEquals(pubInfo, ckp.PublicationInfo); + + EncEqualTest(ckp); + } + + private void EncEqualTest(CertifiedKeyPair ckp) + { + byte[] b = ckp.GetEncoded(); + + CertifiedKeyPair ckpResult = CertifiedKeyPair.GetInstance(b); + + IsEquals(ckp, ckpResult); + } + + public override string Name => "CertifiedKeyPairTest"; + + [Test] + public void TestFunction() + { + string resultText = Perform().ToString(); + + Assert.AreEqual(Name + ": Okay", resultText); + } + } +} diff --git a/crypto/test/src/asn1/cmp/test/PkiFailureInfoTest.cs b/crypto/test/src/asn1/cmp/test/PkiFailureInfoTest.cs new file mode 100644 index 000000000..1f51fa821 --- /dev/null +++ b/crypto/test/src/asn1/cmp/test/PkiFailureInfoTest.cs @@ -0,0 +1,78 @@ +using System; +using System.IO; + +using NUnit.Framework; + +using Org.BouncyCastle.Utilities.Encoders; +using Org.BouncyCastle.Utilities.Test; + +namespace Org.BouncyCastle.Asn1.Cmp.Tests +{ + /** + * PKIFailureInfoTest + */ + [TestFixture] + public class PkiFailureInfoTest + : SimpleTest + { + // A correct hex encoded BAD_DATA_FORMAT PKIFailureInfo + private static readonly byte[] CorrectFailureInfo = Base64.Decode("AwIANQ=="); + + public override string Name => "PkiFailureInfo"; + + private void ImplTestEncoding() + { + DerBitString bitString = (DerBitString)new Asn1InputStream(CorrectFailureInfo).ReadObject(); + PkiFailureInfo correct = new PkiFailureInfo(bitString); + + PkiFailureInfo bug = new PkiFailureInfo( + PkiFailureInfo.BadRequest | PkiFailureInfo.BadTime | PkiFailureInfo.BadDataFormat | PkiFailureInfo.IncorrectData); + + if (!AreEqual(correct.GetDerEncoded(), bug.GetDerEncoded())) + { + Fail("encoding doesn't match"); + } + } + + public override void PerformTest() + { + TestBitStringConstant(0, PkiFailureInfo.BadAlg); + TestBitStringConstant(1, PkiFailureInfo.BadMessageCheck); + TestBitStringConstant(2, PkiFailureInfo.BadRequest); + TestBitStringConstant(3, PkiFailureInfo.BadTime); + TestBitStringConstant(4, PkiFailureInfo.BadCertId); + TestBitStringConstant(5, PkiFailureInfo.BadDataFormat); + TestBitStringConstant(6, PkiFailureInfo.WrongAuthority); + TestBitStringConstant(7, PkiFailureInfo.IncorrectData); + TestBitStringConstant(8, PkiFailureInfo.MissingTimeStamp); + TestBitStringConstant(9, PkiFailureInfo.BadPop); + TestBitStringConstant(10, PkiFailureInfo.CertRevoked); + TestBitStringConstant(11, PkiFailureInfo.CertConfirmed); + TestBitStringConstant(12, PkiFailureInfo.WrongIntegrity); + TestBitStringConstant(13, PkiFailureInfo.BadRecipientNonce); + TestBitStringConstant(14, PkiFailureInfo.TimeNotAvailable); + TestBitStringConstant(15, PkiFailureInfo.UnacceptedPolicy); + TestBitStringConstant(16, PkiFailureInfo.UnacceptedExtension); + TestBitStringConstant(17, PkiFailureInfo.AddInfoNotAvailable); + TestBitStringConstant(18, PkiFailureInfo.BadSenderNonce); + TestBitStringConstant(19, PkiFailureInfo.BadCertTemplate); + TestBitStringConstant(20, PkiFailureInfo.SignerNotTrusted); + TestBitStringConstant(21, PkiFailureInfo.TransactionIdInUse); + TestBitStringConstant(22, PkiFailureInfo.UnsupportedVersion); + TestBitStringConstant(23, PkiFailureInfo.NotAuthorized); + TestBitStringConstant(24, PkiFailureInfo.SystemUnavail); + TestBitStringConstant(25, PkiFailureInfo.SystemFailure); + TestBitStringConstant(26, PkiFailureInfo.DuplicateCertReq); + + ImplTestEncoding(); + } + + [Test] + public void TestFunction() + { + string resultText = Perform().ToString(); + + Assert.AreEqual(Name + ": Okay", resultText); + } + } +} diff --git a/crypto/test/src/asn1/cmp/test/PollReqContentTest.cs b/crypto/test/src/asn1/cmp/test/PollReqContentTest.cs new file mode 100644 index 000000000..a78174e38 --- /dev/null +++ b/crypto/test/src/asn1/cmp/test/PollReqContentTest.cs @@ -0,0 +1,57 @@ +using System; + +using NUnit.Framework; + +using Org.BouncyCastle.Math; +using Org.BouncyCastle.Utilities.Test; + +namespace Org.BouncyCastle.Asn1.Cmp.Tests +{ + [TestFixture] + public class PollReqContentTest + : SimpleTest + { + public override string Name => "PollReqContentTest"; + + public override void PerformTest() + { + BigInteger one = BigInteger.ValueOf(1), two = BigInteger.ValueOf(2); + BigInteger[] ids = new BigInteger[]{ one, two }; + + PollReqContent c = new PollReqContent(ids); + + DerInteger[][] vs = c.GetCertReqIDs(); + + IsTrue(vs.Length == 2); + for (int i = 0; i != vs.Length; i++) + { + IsTrue(vs[i].Length == 1); + IsTrue(vs[i][0].Value.Equals(ids[i])); + } + + BigInteger[] values = c.GetCertReqIDValues(); + + IsTrue(values.Length == 2); + for (int i = 0; i != values.Length; i++) + { + IsTrue(values[i].Equals(ids[i])); + } + + c = new PollReqContent(two); + vs = c.GetCertReqIDs(); + + IsTrue(vs.Length == 1); + + IsTrue(vs[0].Length == 1); + IsTrue(vs[0][0].Value.Equals(two)); + } + + [Test] + public void TestFunction() + { + string resultText = Perform().ToString(); + + Assert.AreEqual(Name + ": Okay", resultText); + } + } +} diff --git a/crypto/test/src/util/test/SimpleTest.cs b/crypto/test/src/util/test/SimpleTest.cs index 81c38b54f..0a2b5e991 100644 --- a/crypto/test/src/util/test/SimpleTest.cs +++ b/crypto/test/src/util/test/SimpleTest.cs @@ -194,5 +194,12 @@ namespace Org.BouncyCastle.Utilities.Test { return new DateTime(year, month, day, hour, minute, second, millisecond, DateTimeKind.Utc); } + + public static void TestBitStringConstant(int bitNo, int value) + { + int expectedValue = 1 << ((bitNo | 7) - (bitNo & 7)); + if (expectedValue != value) + throw new ArgumentException("bit value " + bitNo + " wrong"); + } } } |