From fd50c4a03c76d7f6513bd804e11701e66d264054 Mon Sep 17 00:00:00 2001 From: Kevin Jones Date: Fri, 23 Dec 2022 13:34:13 -0500 Subject: [PATCH 1/3] Fix SignedCms certificate collection modification with attribute certificates. When adding or removing certificates from the certificateSet collection, we assumed that the collection would only contain X.509 certificates. This changes the implementation so that when looking for duplicates, we skip over choices that are not an X.509 certificate when looking for a duplicate. The tests peek in to the SignedData ASN.1 to ensure that the attribute certificates are preserved during a round trip when encoding and decoding a CMS. --- .../Security/Cryptography/Pkcs/SignedCms.cs | 4 +- .../tests/SignedCms/SignedCmsTests.cs | 75 +++++++ .../tests/SignedCms/SignedDocuments.cs | 189 ++++++++++++++++++ ...em.Security.Cryptography.Pkcs.Tests.csproj | 3 + 4 files changed, 269 insertions(+), 2 deletions(-) diff --git a/src/libraries/System.Security.Cryptography.Pkcs/src/System/Security/Cryptography/Pkcs/SignedCms.cs b/src/libraries/System.Security.Cryptography.Pkcs/src/System/Security/Cryptography/Pkcs/SignedCms.cs index 8a88fb2b482bee..0b0700d2658410 100644 --- a/src/libraries/System.Security.Cryptography.Pkcs/src/System/Security/Cryptography/Pkcs/SignedCms.cs +++ b/src/libraries/System.Security.Cryptography.Pkcs/src/System/Security/Cryptography/Pkcs/SignedCms.cs @@ -686,7 +686,7 @@ public void AddCertificate(X509Certificate2 certificate) { foreach (CertificateChoiceAsn cert in _signedData.CertificateSet!) { - if (cert.Certificate!.Value.Span.SequenceEqual(rawData)) + if (cert.Certificate is not null && cert.Certificate.Value.Span.SequenceEqual(rawData)) { throw new CryptographicException(SR.Cryptography_Cms_CertificateAlreadyInCollection); } @@ -721,7 +721,7 @@ public void RemoveCertificate(X509Certificate2 certificate) foreach (CertificateChoiceAsn cert in _signedData.CertificateSet!) { - if (cert.Certificate!.Value.Span.SequenceEqual(rawData)) + if (cert.Certificate is not null && cert.Certificate.Value.Span.SequenceEqual(rawData)) { PkcsHelpers.RemoveAt(ref _signedData.CertificateSet, idx); Reencode(); diff --git a/src/libraries/System.Security.Cryptography.Pkcs/tests/SignedCms/SignedCmsTests.cs b/src/libraries/System.Security.Cryptography.Pkcs/tests/SignedCms/SignedCmsTests.cs index 7eee42aa5db719..8a7793942f654f 100644 --- a/src/libraries/System.Security.Cryptography.Pkcs/tests/SignedCms/SignedCmsTests.cs +++ b/src/libraries/System.Security.Cryptography.Pkcs/tests/SignedCms/SignedCmsTests.cs @@ -1,6 +1,7 @@ // Licensed to the .NET Foundation under one or more agreements. // The .NET Foundation licenses this file to you under the MIT license. +using System.Formats.Asn1; using System.Linq; using System.Security.Cryptography.X509Certificates; using System.Security.Cryptography.Xml; @@ -1611,6 +1612,49 @@ public static void Decode_CanDecodeWithAttributeCertificate() cms.CheckSignature(verifySignatureOnly: true); } + [Fact] + public static void AddCertificate_CollectionContainsAttributeCertificate() + { + SignedCms signedCms = new SignedCms(); + + signedCms.Decode(SignedDocuments.CmsWithAttributeCertificate); + signedCms.CheckSignature(true); + + int countBefore = CountCertificateChoices(SignedDocuments.CmsWithAttributeCertificate); + int certCount = signedCms.Certificates.Count; + + using (ECDsa ec = ECDsa.Create(ECCurve.NamedCurves.nistP256)) + { + CertificateRequest req = new("CN=test", ec, HashAlgorithmName.SHA256); + + using (X509Certificate2 cert = req.CreateSelfSigned(DateTimeOffset.Now, DateTimeOffset.Now)) + { + signedCms.AddCertificate(cert); + byte[] reEncoded = signedCms.Encode(); + int countAfter = CountCertificateChoices(reEncoded); + Assert.Equal(countBefore + 1, countAfter); + + signedCms = new SignedCms(); + signedCms.Decode(reEncoded); + signedCms.CheckSignature(true); + } + } + } + + [Fact] + public static void RemoveCertificate_CollectionContainsAttributeCertificate() + { + SignedCms signedCms = new SignedCms(); + + signedCms.Decode(SignedDocuments.CmsWithAttributeCertificate); + int countBefore = CountCertificateChoices(SignedDocuments.CmsWithAttributeCertificate); + + signedCms.RemoveCertificate(signedCms.Certificates[0]); + byte[] reEncoded = signedCms.Encode(); + int countAfter = CountCertificateChoices(reEncoded); + Assert.Equal(countBefore - 1, countAfter); + } + private static void CheckNoSignature(byte[] encoded, bool badOid=false) { SignedCms cms = new SignedCms(); @@ -1630,5 +1674,36 @@ private static void CheckNoSignature(byte[] encoded, bool badOid=false) cms.CheckHash(); } } + + public static int CountCertificateChoices(byte[] encoded) + { + AsnReader reader = new AsnReader(encoded, AsnEncodingRules.BER); + reader = reader.ReadSequence(); + reader.ReadObjectIdentifier(); + reader = reader.ReadSequence(new Asn1Tag(TagClass.ContextSpecific, 0)); + reader = reader.ReadSequence(); + + reader.ReadInteger(); // version + reader.ReadSetOf(); // digestAlgorithms + reader.ReadSequence(); // encapsulatedContentInfo + + Asn1Tag expectedTag = new Asn1Tag(TagClass.ContextSpecific, 0, true); // certificates[0] + + if (reader.PeekTag() == expectedTag) + { + AsnReader certs = reader.ReadSetOf(expectedTag); + int count = 0; + + while (certs.HasData) + { + certs.ReadEncodedValue(); + count++; + } + + return count; + } + + return 0; + } } } diff --git a/src/libraries/System.Security.Cryptography.Pkcs/tests/SignedCms/SignedDocuments.cs b/src/libraries/System.Security.Cryptography.Pkcs/tests/SignedCms/SignedDocuments.cs index cce3114824794e..83a8aa4da9ae98 100644 --- a/src/libraries/System.Security.Cryptography.Pkcs/tests/SignedCms/SignedDocuments.cs +++ b/src/libraries/System.Security.Cryptography.Pkcs/tests/SignedCms/SignedDocuments.cs @@ -1626,5 +1626,194 @@ internal static class SignedDocuments "6AB46C76047604BA7DF071EE0137B73F4D9DF616095C8F1CA9EB925B6D4C6ABC" + "FFEB73A81903169C6B487B316AFC951F696831A4B29B9ABCEA7EBCD243A553D2" + "F8B44FDA1B0AC0").HexToByteArray(); + + internal static readonly byte[] CmsWithAttributeCertificate = ( + "3082174e06092a864886f70d010702a082173f3082173b020103310f300d0609" + + "608648016503040201050030820161060b2a864886f70d0109100104a0820150" + + "0482014c30820148020101060a2b0601040184590a03013031300d0609608648" + + "01650304020105000420dffd6021bb2bd5b0af676290809ec3a53191dd81c7f7" + + "0a4b28688a362182986f020663a04d30704d1813323032323132323331343430" + + "34302e3133375a3004800201f4a081e0a481dd3081da310b3009060355040613" + + "025553311330110603550408130a57617368696e67746f6e3110300e06035504" + + "0713075265646d6f6e64311e301c060355040a13154d6963726f736f66742043" + + "6f72706f726174696f6e31253023060355040b131c4d6963726f736f66742041" + + "6d6572696361204f7065726174696f6e7331263024060355040b131d5468616c" + + "6573205453532045534e3a424237332d393646442d3737454631353033060355" + + "0403132c4d6963726f736f6674205075626c6963205253412054696d65205374" + + "616d70696e6720417574686f72697479a08211e6308207823082056aa0030201" + + "0202133300000005e5cf0fff662ec987000000000005300d06092a864886f70d" + + "01010c05003077310b3009060355040613025553311e301c060355040a13154d" + + "6963726f736f667420436f72706f726174696f6e314830460603550403133f4d" + + "6963726f736f6674204964656e7469747920566572696669636174696f6e2052" + + "6f6f7420436572746966696361746520417574686f726974792032303230301e" + + "170d3230313131393230333233315a170d3335313131393230343233315a3061" + + "310b3009060355040613025553311e301c060355040a13154d6963726f736f66" + + "7420436f72706f726174696f6e31323030060355040313294d6963726f736f66" + + "74205075626c6963205253412054696d657374616d70696e6720434120323032" + + "3030820222300d06092a864886f70d01010105000382020f003082020a028202" + + "01009e7ce75263fde0c59f057d63b50622a31c1ed7e79733d11305bd65464777" + + "91c15d706f7fb2ab43970c4aa1521c6aa0dbfa89858a8e431c2e1105c6f24078" + + "d70b0324fe5dd3398b60a018f19c6fde5624b8b0ec7ccb8812abc660e3d44401" + + "fe61b9784891044a7b7431b3c4a0a74d8a1c0ce711afd2b1a87c9d6a39849335" + + "c739e446c14fbbaadf0c7799786d566b5c084af964a4e428a1350b166f34f59d" + + "1962543c2e9ee2e45f58722165c802b09faca337f911e1f92ab9459f1a6328a4" + + "dabf07c53fa5da199196506f1365a893a20468025a9c7af6e2aa2a14cf562de0" + + "544ae773faa2f9d47c036322033d243749e1ed2a883466e6c39388442d04b19d" + + "f5585dd4c69dc6819c1eb442b12e6b3bdca1bf67e3247ae6950d042179a9e038" + + "4306278a50647e799e02344ddcb56e2ebd20d055e4a9f61d5268f57c51611fc9" + + "3c601a33ac46979ec48bde47530f4d57fb82df2163ae1734f3ba8b2506b0482d" + + "f1cd8fc45f3b13e08eec0dbc4e98cdab978b8a2ba784a6ead176e390da14e498" + + "6d614ae59806e9c518dbf6d4ab78376d002a66deb929c69ec04277672344a1bb" + + "f7e4d7fac4de85ac0ea317de38efe347bc28de58b09067733c9607827279e14c" + + "5b72417dd7802a1ce88457bc539c3d5aebdc3f513c708c4ba0a483cc20813aed" + + "2159d8f328dbbc6394b007596de5d421001632cd1dddc443bf4f52bf055177ad" + + "5ebd0203010001a382021b30820217300e0603551d0f0101ff04040302018630" + + "1006092b06010401823715010403020100301d0603551d0e041604146b69283a" + + "352f486340cf7bd8af49e93ed93ddb2130540603551d20044d304b3049060455" + + "1d20003041303f06082b060105050702011633687474703a2f2f7777772e6d69" + + "63726f736f66742e636f6d2f706b696f70732f446f63732f5265706f7369746f" + + "72792e68746d30130603551d25040c300a06082b06010505070308301906092b" + + "0601040182371402040c1e0a00530075006200430041300f0603551d130101ff" + + "040530030101ff301f0603551d23041830168014c87ed26a852a1bca19980407" + + "27cf50104f68a8a23081840603551d1f047d307b3079a077a075867368747470" + + "3a2f2f7777772e6d6963726f736f66742e636f6d2f706b696f70732f63726c2f" + + "4d6963726f736f66742532304964656e74697479253230566572696669636174" + + "696f6e253230526f6f742532304365727469666963617465253230417574686f" + + "72697479253230323032302e63726c30819406082b0601050507010104818730" + + "818430818106082b060105050730028675687474703a2f2f7777772e6d696372" + + "6f736f66742e636f6d2f706b696f70732f63657274732f4d6963726f736f6674" + + "2532304964656e74697479253230566572696669636174696f6e253230526f6f" + + "742532304365727469666963617465253230417574686f726974792532303230" + + "32302e637274300d06092a864886f70d01010c050003820201005f8876c77e6d" + + "b55a1575e74c7868fa4ee1d844992515a5b8b13439afe93bee207bf5c48b35ef" + + "86cd18efe2956326f89c796e8017ac9c5a81184742d885a6b4a3324b539622f8" + + "b0a672b768be4979dc336de045ecf3b283a2061bf5e1849dd4a967964cef82cd" + + "bd5cd8d3f9cf2121f3d17bdaef54230f887ef33d9730e67363b610d0fb30f9eb" + + "72359d427acb9f536d75acbb252cab0ef05d9a06cd9c228d64f9a1ce86bc3dc7" + + "0e8909638d35ba19e3dee6c185b911f3745b7ccbe6cdda7785ed9bbc8533b523" + + "ae17346aacb7c4bec3e4547627bc7d70b58cabb79bd28622a1786a576b6016a6" + + "ca1de0e2724f8ff2d1d8205a2f20fed81b86642566a0d47f752a510b1968b748" + + "bbf5d28e0a19a838da9b308f26d38b8b6841c0bf8ab0287435bc1cdb57f9c6f3" + + "d2c329b4524af8a39b0270c51c4b2e9310feee315f115f4787ff824b1291b269" + + "ee8a8bc258839bf87ec34689fd4e5c72762161beef3ca34c37e4990d6c9c5393" + + "832117f2a06979f41b1747f1e9446b6226ab8e6069af03fa64e6f0b595c9db78" + + "cadc583ff6ea8cde3d0fd359f3572813a6905a6f3c4f021fe11e1865b3a930a3" + + "740b27a368f34de352c65c778250c626071dcf90ff000c70f52760abffab63b8" + + "e382ced7e9fa8f4d73e66820092951c03f5f681232480700f52f21db684801c4" + + "50a881848e89422bd17a9caf59c97e2586d86c187ba668005d5b308207963082" + + "057ea00302010202133300000020b001af2f87675c8b000000000020300d0609" + + "2a864886f70d01010c05003061310b3009060355040613025553311e301c0603" + + "55040a13154d6963726f736f667420436f72706f726174696f6e313230300603" + + "55040313294d6963726f736f6674205075626c6963205253412054696d657374" + + "616d70696e672043412032303230301e170d3232303730373138333732355a17" + + "0d3233303730373138333732355a3081da310b30090603550406130255533113" + + "30110603550408130a57617368696e67746f6e3110300e060355040713075265" + + "646d6f6e64311e301c060355040a13154d6963726f736f667420436f72706f72" + + "6174696f6e31253023060355040b131c4d6963726f736f667420416d65726963" + + "61204f7065726174696f6e7331263024060355040b131d5468616c6573205453" + + "532045534e3a424237332d393646442d37374546313530330603550403132c4d" + + "6963726f736f6674205075626c6963205253412054696d65205374616d70696e" + + "6720417574686f7269747930820222300d06092a864886f70d01010105000382" + + "020f003082020a028202010097eb0cf8c8029c1a4123dd594c6e00d8afe06644" + + "da86c76d821dd4b437aca798906da023ad208e467fafdd60424f8c1899b01f7c" + + "989b0b7b59eef74d99799740f92395d64d9e44e6c35320bd89562c5cd40a1059" + + "da37ff452790bd04c259d7798fb40630f81cb9ab39de3411299121b11cc9214f" + + "0d30c954a387c077d9426bc0b58749b7301821de54d42d87f47633f2ef0facaa" + + "267cd64d453599e13388812426a7cc2a772e41fbdceb71c6c815bc0782b98e50" + + "1a35649fc29ec6bb6d98d7217776b4a914ec1bacbb6d0a937eeb998b6300f782" + + "b5fdc0c5378f56ebb221fc5e8726cf542bbc0116186e1da016fd60c6456bdd60" + + "3fcfd476a2ed2662d8565a4a18df134ca6a0c5a17ee8d902e22f04b4299b697c" + + "6475dd0f9977fd3f1b09b59409f1e66f62df74b6bff626890e53efc7e7a435cd" + + "575081fa6dfd68badda8592044fe1fbc8beb9a1e79a3fa2508af74f736b0314b" + + "ac231b8a8d9cc8868a547e66089ed821a40aea030d7e25bc21e863d81e13b938" + + "9aa4cddba2ec4423614ef9ef4843e9017cf6f74bc9971db7624b6c0100a22f15" + + "bf6a7ba47ace7f7926c13875247cc49b88a45f02bb9705388e940a9024456460" + + "75e0a007e0d421a736546ec9e8705dc548774aaa1ba35201b566f7d04a70b9bf" + + "86312bbbd35dd6bf7d51c501efe555e4d685dda7870922a4c41a9536b97c664c" + + "42136c81a910098ef12f23790203010001a38201cb308201c7301d0603551d0e" + + "04160414b8420c5a3a4a34ef5498a0d88df07070f3bba7a5301f0603551d2304" + + "18301680146b69283a352f486340cf7bd8af49e93ed93ddb21306c0603551d1f" + + "046530633061a05fa05d865b687474703a2f2f7777772e6d6963726f736f6674" + + "2e636f6d2f706b696f70732f63726c2f4d6963726f736f66742532305075626c" + + "696325323052534125323054696d657374616d70696e67253230434125323032" + + "3032302e63726c307906082b06010505070101046d306b306906082b06010505" + + "073002865d687474703a2f2f7777772e6d6963726f736f66742e636f6d2f706b" + + "696f70732f63657274732f4d6963726f736f66742532305075626c6963253230" + + "52534125323054696d657374616d70696e672532304341253230323032302e63" + + "7274300c0603551d130101ff0402300030160603551d250101ff040c300a0608" + + "2b06010505070308300e0603551d0f0101ff04040302078030660603551d2004" + + "5f305d3051060c2b0601040182374c837d01013041303f06082b060105050702" + + "011633687474703a2f2f7777772e6d6963726f736f66742e636f6d2f706b696f" + + "70732f446f63732f5265706f7369746f72792e68746d3008060667810c010402" + + "300d06092a864886f70d01010c050003820201003e041f26747dbe76f22adc0d" + + "e56aa190c6c9937af491ef40a80098131f143214749d2688be45c99b6f8ddc6a" + + "0f2d93cfe974bf898777e5fa1c7dcecea3c2ea4a9f1f490d620d6873b53300b5" + + "197c01d4a1c709a0a462684e425b9ecb1358cf083c03fff797dc46f131066429" + + "de68aa9cbe560e778d77bac22008dc2d5106014a63d8c749d38c661dadadaae4" + + "27e82bd5b9316bdd98b765f8056a931b8ed14a6fa21ebc92ddb27d09f6a5ff12" + + "437d8edccfc7efba52e13ff0cf849097569c5ac5d8d4025af968b356bd79514d" + + "c12cf4ad4003c20e722e13968fb90ea37798a9c1916de9d1e53c38ad0b37e247" + + "6abcd607c2ab085d876857cf6fda8c1c52a1ddbbea33ba24293769ded15b40e9" + + "d8cfa7e63735637e5857f10a56284efc7dde724ac4a155860b298a5ecdd74f79" + + "289140a99492f21a66e8b4d0b1f99bdf488e3cfaebaf642f7eac022a06676a2d" + + "0b1e027f475f2baf2c0831b12f78b0ca01aaf4ead628cab94f0b14aa5efaeb87" + + "82fca84bd590bca0dfe8bb2a58cb3b740a0ee006a25c7279dcc3371d45b6e610" + + "fd9a03a25d0e3f4b0c75cd30d8d7db4791b00a49291b5cf59b6861bb966a1b84" + + "3b26700d8afe9afb3f54b20f076e9b629bedbe6fc1384532e39cec71c9026373" + + "77e884c5dc801bbc6d9577d47d90aaedd087337e7d1f24107971aaeb42e32499" + + "c499083fd610892d18bfe9a5e1b3979fd7507269a18202c23082022b02010130" + + "820108a181e0a481dd3081da310b300906035504061302555331133011060355" + + "0408130a57617368696e67746f6e3110300e060355040713075265646d6f6e64" + + "311e301c060355040a13154d6963726f736f667420436f72706f726174696f6e" + + "31253023060355040b131c4d6963726f736f667420416d6572696361204f7065" + + "726174696f6e7331263024060355040b131d5468616c6573205453532045534e" + + "3a424237332d393646442d37374546313530330603550403132c4d6963726f73" + + "6f6674205075626c6963205253412054696d65205374616d70696e6720417574" + + "686f72697479a2230a0101300706052b0e03021a031500713fd5ca3151c27d82" + + "dff783846024d47dc89c92a0673065a4633061310b3009060355040613025553" + + "311e301c060355040a13154d6963726f736f667420436f72706f726174696f6e" + + "31323030060355040313294d6963726f736f6674205075626c69632052534120" + + "54696d657374616d70696e672043412032303230300d06092a864886f70d0101" + + "050500020500e75011b13022180f32303232313232333139333832355a180f32" + + "303232313232343139333832355a3077303d060a2b0601040184590a0401312f" + + "302d300a020500e75011b1020100300a020100020225a40201ff300702010002" + + "02103e300a020500e75163310201003036060a2b0601040184590a0402312830" + + "26300c060a2b0601040184590a0302a00a3008020100020307a120a10a300802" + + "010002030186a0300d06092a864886f70d01010505000381810089add4c4e06d" + + "5a634850da6fb8197070157501212b7669e5bd48eeb2de5b1d24d58fada655da" + + "ad85a1943bdcbf1a33c3ee3c8b6c2f9ba8873d2c449d447e1f43c4245fe9172e" + + "e5eab38442cf2eb81655486628db01452be945340eebd855a64e29181a4f578d" + + "f9cc14d02b6f1b3da3d41595463fe96a0ce961245201ae0ef664318203d43082" + + "03d002010130783061310b3009060355040613025553311e301c060355040a13" + + "154d6963726f736f667420436f72706f726174696f6e31323030060355040313" + + "294d6963726f736f6674205075626c6963205253412054696d657374616d7069" + + "6e67204341203230323002133300000020b001af2f87675c8b00000000002030" + + "0d06096086480165030402010500a082012d301a06092a864886f70d01090331" + + "0d060b2a864886f70d0109100104302f06092a864886f70d0109043122042015" + + "6a9c3cbbc59a83b57308b9ff5783c4f4af776cc3fe5291f086313f5aede03730" + + "81dd060b2a864886f70d010910022f3181cd3081ca3081c73081a00420586284" + + "fbd9a5cb98871b82c01557d1349c0fed98d9bcfcf3daa3c6b9c1e3f444307c30" + + "65a4633061310b3009060355040613025553311e301c060355040a13154d6963" + + "726f736f667420436f72706f726174696f6e31323030060355040313294d6963" + + "726f736f6674205075626c6963205253412054696d657374616d70696e672043" + + "41203230323002133300000020b001af2f87675c8b0000000000203022042047" + + "6a414df916ea44c176dfe014b74b7a722f3d3ab504771bc5907f76f1426dd330" + + "0d06092a864886f70d01010b050004820200269d12401fb57ddf9907e7679898" + + "e234e19c3eb32b3116ed721f6dafa61d6b71b0257d1b2b435bce97ff1ee0cf08" + + "64101ba287baba8b50ffdc437671e0cc64fd56e60d50db2aaefcc9c847414fca" + + "402d7e55e6ff58b901cfdf30cdb2b9aa165405a6e09eb3b199372b0413f43eef" + + "7ba80c7a8f2a51b92254cda91b68f86e725a63d21eb8fa1af733b8b2fc8db708" + + "3274f74627274a2f4481dacbd3a5153c8a7bbd573305681dab08a5a7b1137cf4" + + "e0a2b1b8f4f042a59219809fe756af513eab0e516226e7bc3ceb81b217fae92e" + + "8ae21fa649a9c22e06a674eaa50417dbc6a00d9f753b8e8c08ac066f4e77ab17" + + "b3f745772f286895d2ded5227a6826a0a0ae1614a1bdf9bde726c7c6ea1cf188" + + "334f037bfaad31baf4ce5cd8552fa82054c1002d32b22249b3d42da462725644" + + "9e46d7a0e4bbd3be1a048198afbbe1473d36a8cab276c4b000fb299976e7f30f" + + "c9cb466a2333f4b9a3f1aa92414cafd45a1de6c48d104835979a8e8381506e40" + + "5dd8af815dfc4b1001df062593e0bad41c2009efa00066d87a8eeb4bc46ece43" + + "6d59a536ffb519e66daca417775b43c69847ce45f5063a2001cfcac1aed7566b" + + "cf9cb2ffb1c40033defa93372e58c31be5bc715dda8d1d71231fb14c3d3bc1a5" + + "aace918310b8b9d6759e6dd574495e78d36d2ede72bbde11098944ab5443e430" + + "00318df0c8dbdc2f09164e96bb474731f6ee").HexToByteArray(); } } diff --git a/src/libraries/System.Security.Cryptography.Pkcs/tests/System.Security.Cryptography.Pkcs.Tests.csproj b/src/libraries/System.Security.Cryptography.Pkcs/tests/System.Security.Cryptography.Pkcs.Tests.csproj index 8523c0d8296ea5..630f891e124cc1 100644 --- a/src/libraries/System.Security.Cryptography.Pkcs/tests/System.Security.Cryptography.Pkcs.Tests.csproj +++ b/src/libraries/System.Security.Cryptography.Pkcs/tests/System.Security.Cryptography.Pkcs.Tests.csproj @@ -74,4 +74,7 @@ + + + From d494a4e5b288d356aa8c8fd785bd1356807f091a Mon Sep 17 00:00:00 2001 From: Kevin Jones Date: Fri, 23 Dec 2022 14:10:20 -0500 Subject: [PATCH 2/3] Tests are not applicable for .NET Framework --- .../tests/SignedCms/SignedCmsTests.cs | 75 ------------------- .../SignedCms/SignedCmsTests.netcoreapp.cs | 75 +++++++++++++++++++ ...em.Security.Cryptography.Pkcs.Tests.csproj | 3 - 3 files changed, 75 insertions(+), 78 deletions(-) diff --git a/src/libraries/System.Security.Cryptography.Pkcs/tests/SignedCms/SignedCmsTests.cs b/src/libraries/System.Security.Cryptography.Pkcs/tests/SignedCms/SignedCmsTests.cs index 8a7793942f654f..7eee42aa5db719 100644 --- a/src/libraries/System.Security.Cryptography.Pkcs/tests/SignedCms/SignedCmsTests.cs +++ b/src/libraries/System.Security.Cryptography.Pkcs/tests/SignedCms/SignedCmsTests.cs @@ -1,7 +1,6 @@ // Licensed to the .NET Foundation under one or more agreements. // The .NET Foundation licenses this file to you under the MIT license. -using System.Formats.Asn1; using System.Linq; using System.Security.Cryptography.X509Certificates; using System.Security.Cryptography.Xml; @@ -1612,49 +1611,6 @@ public static void Decode_CanDecodeWithAttributeCertificate() cms.CheckSignature(verifySignatureOnly: true); } - [Fact] - public static void AddCertificate_CollectionContainsAttributeCertificate() - { - SignedCms signedCms = new SignedCms(); - - signedCms.Decode(SignedDocuments.CmsWithAttributeCertificate); - signedCms.CheckSignature(true); - - int countBefore = CountCertificateChoices(SignedDocuments.CmsWithAttributeCertificate); - int certCount = signedCms.Certificates.Count; - - using (ECDsa ec = ECDsa.Create(ECCurve.NamedCurves.nistP256)) - { - CertificateRequest req = new("CN=test", ec, HashAlgorithmName.SHA256); - - using (X509Certificate2 cert = req.CreateSelfSigned(DateTimeOffset.Now, DateTimeOffset.Now)) - { - signedCms.AddCertificate(cert); - byte[] reEncoded = signedCms.Encode(); - int countAfter = CountCertificateChoices(reEncoded); - Assert.Equal(countBefore + 1, countAfter); - - signedCms = new SignedCms(); - signedCms.Decode(reEncoded); - signedCms.CheckSignature(true); - } - } - } - - [Fact] - public static void RemoveCertificate_CollectionContainsAttributeCertificate() - { - SignedCms signedCms = new SignedCms(); - - signedCms.Decode(SignedDocuments.CmsWithAttributeCertificate); - int countBefore = CountCertificateChoices(SignedDocuments.CmsWithAttributeCertificate); - - signedCms.RemoveCertificate(signedCms.Certificates[0]); - byte[] reEncoded = signedCms.Encode(); - int countAfter = CountCertificateChoices(reEncoded); - Assert.Equal(countBefore - 1, countAfter); - } - private static void CheckNoSignature(byte[] encoded, bool badOid=false) { SignedCms cms = new SignedCms(); @@ -1674,36 +1630,5 @@ private static void CheckNoSignature(byte[] encoded, bool badOid=false) cms.CheckHash(); } } - - public static int CountCertificateChoices(byte[] encoded) - { - AsnReader reader = new AsnReader(encoded, AsnEncodingRules.BER); - reader = reader.ReadSequence(); - reader.ReadObjectIdentifier(); - reader = reader.ReadSequence(new Asn1Tag(TagClass.ContextSpecific, 0)); - reader = reader.ReadSequence(); - - reader.ReadInteger(); // version - reader.ReadSetOf(); // digestAlgorithms - reader.ReadSequence(); // encapsulatedContentInfo - - Asn1Tag expectedTag = new Asn1Tag(TagClass.ContextSpecific, 0, true); // certificates[0] - - if (reader.PeekTag() == expectedTag) - { - AsnReader certs = reader.ReadSetOf(expectedTag); - int count = 0; - - while (certs.HasData) - { - certs.ReadEncodedValue(); - count++; - } - - return count; - } - - return 0; - } } } diff --git a/src/libraries/System.Security.Cryptography.Pkcs/tests/SignedCms/SignedCmsTests.netcoreapp.cs b/src/libraries/System.Security.Cryptography.Pkcs/tests/SignedCms/SignedCmsTests.netcoreapp.cs index 255bc691b72d1e..73d896e0e0478d 100644 --- a/src/libraries/System.Security.Cryptography.Pkcs/tests/SignedCms/SignedCmsTests.netcoreapp.cs +++ b/src/libraries/System.Security.Cryptography.Pkcs/tests/SignedCms/SignedCmsTests.netcoreapp.cs @@ -2,6 +2,7 @@ // The .NET Foundation licenses this file to you under the MIT license. using System.Collections.Generic; +using System.Formats.Asn1; using System.Linq; using System.Security.Cryptography.X509Certificates; using Test.Cryptography; @@ -604,6 +605,49 @@ public static void CreateSignature_Ecdsa_ThrowsWithRsaSignaturePadding() } } + [Fact] + public static void AddCertificate_CollectionContainsAttributeCertificate() + { + SignedCms signedCms = new SignedCms(); + + signedCms.Decode(SignedDocuments.CmsWithAttributeCertificate); + signedCms.CheckSignature(true); + + int countBefore = CountCertificateChoices(SignedDocuments.CmsWithAttributeCertificate); + int certCount = signedCms.Certificates.Count; + + using (ECDsa ec = ECDsa.Create(ECCurve.NamedCurves.nistP256)) + { + CertificateRequest req = new("CN=test", ec, HashAlgorithmName.SHA256); + + using (X509Certificate2 cert = req.CreateSelfSigned(DateTimeOffset.Now, DateTimeOffset.Now)) + { + signedCms.AddCertificate(cert); + byte[] reEncoded = signedCms.Encode(); + int countAfter = CountCertificateChoices(reEncoded); + Assert.Equal(countBefore + 1, countAfter); + + signedCms = new SignedCms(); + signedCms.Decode(reEncoded); + signedCms.CheckSignature(true); + } + } + } + + [Fact] + public static void RemoveCertificate_CollectionContainsAttributeCertificate() + { + SignedCms signedCms = new SignedCms(); + + signedCms.Decode(SignedDocuments.CmsWithAttributeCertificate); + int countBefore = CountCertificateChoices(SignedDocuments.CmsWithAttributeCertificate); + + signedCms.RemoveCertificate(signedCms.Certificates[0]); + byte[] reEncoded = signedCms.Encode(); + int countAfter = CountCertificateChoices(reEncoded); + Assert.Equal(countBefore - 1, countAfter); + } + private static void VerifyWithExplicitPrivateKey(X509Certificate2 cert, AsymmetricAlgorithm key) { using (var pubCert = new X509Certificate2(cert.RawData)) @@ -664,5 +708,36 @@ private static void VerifyCounterSignatureWithExplicitPrivateKey(X509Certificate Assert.Equal(counterSignerPubCert, cms.SignerInfos[0].CounterSignerInfos[0].Certificate); } } + + private static int CountCertificateChoices(byte[] encoded) + { + AsnReader reader = new AsnReader(encoded, AsnEncodingRules.BER); + reader = reader.ReadSequence(); + reader.ReadObjectIdentifier(); + reader = reader.ReadSequence(new Asn1Tag(TagClass.ContextSpecific, 0)); + reader = reader.ReadSequence(); + + reader.ReadInteger(); // version + reader.ReadSetOf(); // digestAlgorithms + reader.ReadSequence(); // encapsulatedContentInfo + + Asn1Tag expectedTag = new Asn1Tag(TagClass.ContextSpecific, 0, true); // certificates[0] + + if (reader.PeekTag() == expectedTag) + { + AsnReader certs = reader.ReadSetOf(expectedTag); + int count = 0; + + while (certs.HasData) + { + certs.ReadEncodedValue(); + count++; + } + + return count; + } + + return 0; + } } } diff --git a/src/libraries/System.Security.Cryptography.Pkcs/tests/System.Security.Cryptography.Pkcs.Tests.csproj b/src/libraries/System.Security.Cryptography.Pkcs/tests/System.Security.Cryptography.Pkcs.Tests.csproj index 630f891e124cc1..8523c0d8296ea5 100644 --- a/src/libraries/System.Security.Cryptography.Pkcs/tests/System.Security.Cryptography.Pkcs.Tests.csproj +++ b/src/libraries/System.Security.Cryptography.Pkcs/tests/System.Security.Cryptography.Pkcs.Tests.csproj @@ -74,7 +74,4 @@ - - - From c554684d3b50758b6b02fc52bc042459fd27ac06 Mon Sep 17 00:00:00 2001 From: Kevin Jones Date: Fri, 30 Dec 2022 15:32:39 -0500 Subject: [PATCH 3/3] Clean up tests --- .../SignedCms/SignedCmsTests.netcoreapp.cs | 48 +++-- .../tests/SignedCms/SignedDocuments.cs | 189 ------------------ 2 files changed, 27 insertions(+), 210 deletions(-) diff --git a/src/libraries/System.Security.Cryptography.Pkcs/tests/SignedCms/SignedCmsTests.netcoreapp.cs b/src/libraries/System.Security.Cryptography.Pkcs/tests/SignedCms/SignedCmsTests.netcoreapp.cs index 73d896e0e0478d..054a07cd6e001f 100644 --- a/src/libraries/System.Security.Cryptography.Pkcs/tests/SignedCms/SignedCmsTests.netcoreapp.cs +++ b/src/libraries/System.Security.Cryptography.Pkcs/tests/SignedCms/SignedCmsTests.netcoreapp.cs @@ -609,38 +609,30 @@ public static void CreateSignature_Ecdsa_ThrowsWithRsaSignaturePadding() public static void AddCertificate_CollectionContainsAttributeCertificate() { SignedCms signedCms = new SignedCms(); - - signedCms.Decode(SignedDocuments.CmsWithAttributeCertificate); + signedCms.Decode(SignedDocuments.TstWithAttributeCertificate); signedCms.CheckSignature(true); - int countBefore = CountCertificateChoices(SignedDocuments.CmsWithAttributeCertificate); - int certCount = signedCms.Certificates.Count; + int countBefore = CountCertificateChoices(SignedDocuments.TstWithAttributeCertificate); - using (ECDsa ec = ECDsa.Create(ECCurve.NamedCurves.nistP256)) + using (X509Certificate2 cert = Certificates.RSA2048SignatureOnly.GetCertificate()) { - CertificateRequest req = new("CN=test", ec, HashAlgorithmName.SHA256); + signedCms.AddCertificate(cert); + byte[] reEncoded = signedCms.Encode(); + int countAfter = CountCertificateChoices(reEncoded); + Assert.Equal(countBefore + 1, countAfter); - using (X509Certificate2 cert = req.CreateSelfSigned(DateTimeOffset.Now, DateTimeOffset.Now)) - { - signedCms.AddCertificate(cert); - byte[] reEncoded = signedCms.Encode(); - int countAfter = CountCertificateChoices(reEncoded); - Assert.Equal(countBefore + 1, countAfter); - - signedCms = new SignedCms(); - signedCms.Decode(reEncoded); - signedCms.CheckSignature(true); - } + signedCms = new SignedCms(); + signedCms.Decode(reEncoded); + signedCms.CheckSignature(true); } } [Fact] - public static void RemoveCertificate_CollectionContainsAttributeCertificate() + public static void RemoveCertificate_Existing_CollectionContainsAttributeCertificate() { SignedCms signedCms = new SignedCms(); - - signedCms.Decode(SignedDocuments.CmsWithAttributeCertificate); - int countBefore = CountCertificateChoices(SignedDocuments.CmsWithAttributeCertificate); + signedCms.Decode(SignedDocuments.TstWithAttributeCertificate); + int countBefore = CountCertificateChoices(SignedDocuments.TstWithAttributeCertificate); signedCms.RemoveCertificate(signedCms.Certificates[0]); byte[] reEncoded = signedCms.Encode(); @@ -648,6 +640,20 @@ public static void RemoveCertificate_CollectionContainsAttributeCertificate() Assert.Equal(countBefore - 1, countAfter); } + [Fact] + public static void RemoveCertificate_NonExisting_CollectionContainsAttributeCertificate() + { + SignedCms signedCms = new SignedCms(); + signedCms.Decode(SignedDocuments.TstWithAttributeCertificate); + + using (X509Certificate2 cert = Certificates.RSA2048SignatureOnly.GetCertificate()) + { + // Remove a non-existing certificate so that we are forced to enumerate the entire 'certificates[0]' + // collection (including attribute certificates) looking for it. + Assert.Throws(() => signedCms.RemoveCertificate(cert)); + } + } + private static void VerifyWithExplicitPrivateKey(X509Certificate2 cert, AsymmetricAlgorithm key) { using (var pubCert = new X509Certificate2(cert.RawData)) diff --git a/src/libraries/System.Security.Cryptography.Pkcs/tests/SignedCms/SignedDocuments.cs b/src/libraries/System.Security.Cryptography.Pkcs/tests/SignedCms/SignedDocuments.cs index 83a8aa4da9ae98..cce3114824794e 100644 --- a/src/libraries/System.Security.Cryptography.Pkcs/tests/SignedCms/SignedDocuments.cs +++ b/src/libraries/System.Security.Cryptography.Pkcs/tests/SignedCms/SignedDocuments.cs @@ -1626,194 +1626,5 @@ internal static class SignedDocuments "6AB46C76047604BA7DF071EE0137B73F4D9DF616095C8F1CA9EB925B6D4C6ABC" + "FFEB73A81903169C6B487B316AFC951F696831A4B29B9ABCEA7EBCD243A553D2" + "F8B44FDA1B0AC0").HexToByteArray(); - - internal static readonly byte[] CmsWithAttributeCertificate = ( - "3082174e06092a864886f70d010702a082173f3082173b020103310f300d0609" + - "608648016503040201050030820161060b2a864886f70d0109100104a0820150" + - "0482014c30820148020101060a2b0601040184590a03013031300d0609608648" + - "01650304020105000420dffd6021bb2bd5b0af676290809ec3a53191dd81c7f7" + - "0a4b28688a362182986f020663a04d30704d1813323032323132323331343430" + - "34302e3133375a3004800201f4a081e0a481dd3081da310b3009060355040613" + - "025553311330110603550408130a57617368696e67746f6e3110300e06035504" + - "0713075265646d6f6e64311e301c060355040a13154d6963726f736f66742043" + - "6f72706f726174696f6e31253023060355040b131c4d6963726f736f66742041" + - "6d6572696361204f7065726174696f6e7331263024060355040b131d5468616c" + - "6573205453532045534e3a424237332d393646442d3737454631353033060355" + - "0403132c4d6963726f736f6674205075626c6963205253412054696d65205374" + - "616d70696e6720417574686f72697479a08211e6308207823082056aa0030201" + - "0202133300000005e5cf0fff662ec987000000000005300d06092a864886f70d" + - "01010c05003077310b3009060355040613025553311e301c060355040a13154d" + - "6963726f736f667420436f72706f726174696f6e314830460603550403133f4d" + - "6963726f736f6674204964656e7469747920566572696669636174696f6e2052" + - "6f6f7420436572746966696361746520417574686f726974792032303230301e" + - "170d3230313131393230333233315a170d3335313131393230343233315a3061" + - "310b3009060355040613025553311e301c060355040a13154d6963726f736f66" + - "7420436f72706f726174696f6e31323030060355040313294d6963726f736f66" + - "74205075626c6963205253412054696d657374616d70696e6720434120323032" + - "3030820222300d06092a864886f70d01010105000382020f003082020a028202" + - "01009e7ce75263fde0c59f057d63b50622a31c1ed7e79733d11305bd65464777" + - "91c15d706f7fb2ab43970c4aa1521c6aa0dbfa89858a8e431c2e1105c6f24078" + - "d70b0324fe5dd3398b60a018f19c6fde5624b8b0ec7ccb8812abc660e3d44401" + - "fe61b9784891044a7b7431b3c4a0a74d8a1c0ce711afd2b1a87c9d6a39849335" + - "c739e446c14fbbaadf0c7799786d566b5c084af964a4e428a1350b166f34f59d" + - "1962543c2e9ee2e45f58722165c802b09faca337f911e1f92ab9459f1a6328a4" + - "dabf07c53fa5da199196506f1365a893a20468025a9c7af6e2aa2a14cf562de0" + - "544ae773faa2f9d47c036322033d243749e1ed2a883466e6c39388442d04b19d" + - "f5585dd4c69dc6819c1eb442b12e6b3bdca1bf67e3247ae6950d042179a9e038" + - "4306278a50647e799e02344ddcb56e2ebd20d055e4a9f61d5268f57c51611fc9" + - "3c601a33ac46979ec48bde47530f4d57fb82df2163ae1734f3ba8b2506b0482d" + - "f1cd8fc45f3b13e08eec0dbc4e98cdab978b8a2ba784a6ead176e390da14e498" + - "6d614ae59806e9c518dbf6d4ab78376d002a66deb929c69ec04277672344a1bb" + - "f7e4d7fac4de85ac0ea317de38efe347bc28de58b09067733c9607827279e14c" + - "5b72417dd7802a1ce88457bc539c3d5aebdc3f513c708c4ba0a483cc20813aed" + - "2159d8f328dbbc6394b007596de5d421001632cd1dddc443bf4f52bf055177ad" + - "5ebd0203010001a382021b30820217300e0603551d0f0101ff04040302018630" + - "1006092b06010401823715010403020100301d0603551d0e041604146b69283a" + - "352f486340cf7bd8af49e93ed93ddb2130540603551d20044d304b3049060455" + - "1d20003041303f06082b060105050702011633687474703a2f2f7777772e6d69" + - "63726f736f66742e636f6d2f706b696f70732f446f63732f5265706f7369746f" + - "72792e68746d30130603551d25040c300a06082b06010505070308301906092b" + - "0601040182371402040c1e0a00530075006200430041300f0603551d130101ff" + - "040530030101ff301f0603551d23041830168014c87ed26a852a1bca19980407" + - "27cf50104f68a8a23081840603551d1f047d307b3079a077a075867368747470" + - "3a2f2f7777772e6d6963726f736f66742e636f6d2f706b696f70732f63726c2f" + - "4d6963726f736f66742532304964656e74697479253230566572696669636174" + - "696f6e253230526f6f742532304365727469666963617465253230417574686f" + - "72697479253230323032302e63726c30819406082b0601050507010104818730" + - "818430818106082b060105050730028675687474703a2f2f7777772e6d696372" + - "6f736f66742e636f6d2f706b696f70732f63657274732f4d6963726f736f6674" + - "2532304964656e74697479253230566572696669636174696f6e253230526f6f" + - "742532304365727469666963617465253230417574686f726974792532303230" + - "32302e637274300d06092a864886f70d01010c050003820201005f8876c77e6d" + - "b55a1575e74c7868fa4ee1d844992515a5b8b13439afe93bee207bf5c48b35ef" + - "86cd18efe2956326f89c796e8017ac9c5a81184742d885a6b4a3324b539622f8" + - "b0a672b768be4979dc336de045ecf3b283a2061bf5e1849dd4a967964cef82cd" + - "bd5cd8d3f9cf2121f3d17bdaef54230f887ef33d9730e67363b610d0fb30f9eb" + - "72359d427acb9f536d75acbb252cab0ef05d9a06cd9c228d64f9a1ce86bc3dc7" + - "0e8909638d35ba19e3dee6c185b911f3745b7ccbe6cdda7785ed9bbc8533b523" + - "ae17346aacb7c4bec3e4547627bc7d70b58cabb79bd28622a1786a576b6016a6" + - "ca1de0e2724f8ff2d1d8205a2f20fed81b86642566a0d47f752a510b1968b748" + - "bbf5d28e0a19a838da9b308f26d38b8b6841c0bf8ab0287435bc1cdb57f9c6f3" + - "d2c329b4524af8a39b0270c51c4b2e9310feee315f115f4787ff824b1291b269" + - "ee8a8bc258839bf87ec34689fd4e5c72762161beef3ca34c37e4990d6c9c5393" + - "832117f2a06979f41b1747f1e9446b6226ab8e6069af03fa64e6f0b595c9db78" + - "cadc583ff6ea8cde3d0fd359f3572813a6905a6f3c4f021fe11e1865b3a930a3" + - "740b27a368f34de352c65c778250c626071dcf90ff000c70f52760abffab63b8" + - "e382ced7e9fa8f4d73e66820092951c03f5f681232480700f52f21db684801c4" + - "50a881848e89422bd17a9caf59c97e2586d86c187ba668005d5b308207963082" + - "057ea00302010202133300000020b001af2f87675c8b000000000020300d0609" + - "2a864886f70d01010c05003061310b3009060355040613025553311e301c0603" + - "55040a13154d6963726f736f667420436f72706f726174696f6e313230300603" + - "55040313294d6963726f736f6674205075626c6963205253412054696d657374" + - "616d70696e672043412032303230301e170d3232303730373138333732355a17" + - "0d3233303730373138333732355a3081da310b30090603550406130255533113" + - "30110603550408130a57617368696e67746f6e3110300e060355040713075265" + - "646d6f6e64311e301c060355040a13154d6963726f736f667420436f72706f72" + - "6174696f6e31253023060355040b131c4d6963726f736f667420416d65726963" + - "61204f7065726174696f6e7331263024060355040b131d5468616c6573205453" + - "532045534e3a424237332d393646442d37374546313530330603550403132c4d" + - "6963726f736f6674205075626c6963205253412054696d65205374616d70696e" + - "6720417574686f7269747930820222300d06092a864886f70d01010105000382" + - "020f003082020a028202010097eb0cf8c8029c1a4123dd594c6e00d8afe06644" + - "da86c76d821dd4b437aca798906da023ad208e467fafdd60424f8c1899b01f7c" + - "989b0b7b59eef74d99799740f92395d64d9e44e6c35320bd89562c5cd40a1059" + - "da37ff452790bd04c259d7798fb40630f81cb9ab39de3411299121b11cc9214f" + - "0d30c954a387c077d9426bc0b58749b7301821de54d42d87f47633f2ef0facaa" + - "267cd64d453599e13388812426a7cc2a772e41fbdceb71c6c815bc0782b98e50" + - "1a35649fc29ec6bb6d98d7217776b4a914ec1bacbb6d0a937eeb998b6300f782" + - "b5fdc0c5378f56ebb221fc5e8726cf542bbc0116186e1da016fd60c6456bdd60" + - "3fcfd476a2ed2662d8565a4a18df134ca6a0c5a17ee8d902e22f04b4299b697c" + - "6475dd0f9977fd3f1b09b59409f1e66f62df74b6bff626890e53efc7e7a435cd" + - "575081fa6dfd68badda8592044fe1fbc8beb9a1e79a3fa2508af74f736b0314b" + - "ac231b8a8d9cc8868a547e66089ed821a40aea030d7e25bc21e863d81e13b938" + - "9aa4cddba2ec4423614ef9ef4843e9017cf6f74bc9971db7624b6c0100a22f15" + - "bf6a7ba47ace7f7926c13875247cc49b88a45f02bb9705388e940a9024456460" + - "75e0a007e0d421a736546ec9e8705dc548774aaa1ba35201b566f7d04a70b9bf" + - "86312bbbd35dd6bf7d51c501efe555e4d685dda7870922a4c41a9536b97c664c" + - "42136c81a910098ef12f23790203010001a38201cb308201c7301d0603551d0e" + - "04160414b8420c5a3a4a34ef5498a0d88df07070f3bba7a5301f0603551d2304" + - "18301680146b69283a352f486340cf7bd8af49e93ed93ddb21306c0603551d1f" + - "046530633061a05fa05d865b687474703a2f2f7777772e6d6963726f736f6674" + - "2e636f6d2f706b696f70732f63726c2f4d6963726f736f66742532305075626c" + - "696325323052534125323054696d657374616d70696e67253230434125323032" + - "3032302e63726c307906082b06010505070101046d306b306906082b06010505" + - "073002865d687474703a2f2f7777772e6d6963726f736f66742e636f6d2f706b" + - "696f70732f63657274732f4d6963726f736f66742532305075626c6963253230" + - "52534125323054696d657374616d70696e672532304341253230323032302e63" + - "7274300c0603551d130101ff0402300030160603551d250101ff040c300a0608" + - "2b06010505070308300e0603551d0f0101ff04040302078030660603551d2004" + - "5f305d3051060c2b0601040182374c837d01013041303f06082b060105050702" + - "011633687474703a2f2f7777772e6d6963726f736f66742e636f6d2f706b696f" + - "70732f446f63732f5265706f7369746f72792e68746d3008060667810c010402" + - "300d06092a864886f70d01010c050003820201003e041f26747dbe76f22adc0d" + - "e56aa190c6c9937af491ef40a80098131f143214749d2688be45c99b6f8ddc6a" + - "0f2d93cfe974bf898777e5fa1c7dcecea3c2ea4a9f1f490d620d6873b53300b5" + - "197c01d4a1c709a0a462684e425b9ecb1358cf083c03fff797dc46f131066429" + - "de68aa9cbe560e778d77bac22008dc2d5106014a63d8c749d38c661dadadaae4" + - "27e82bd5b9316bdd98b765f8056a931b8ed14a6fa21ebc92ddb27d09f6a5ff12" + - "437d8edccfc7efba52e13ff0cf849097569c5ac5d8d4025af968b356bd79514d" + - "c12cf4ad4003c20e722e13968fb90ea37798a9c1916de9d1e53c38ad0b37e247" + - "6abcd607c2ab085d876857cf6fda8c1c52a1ddbbea33ba24293769ded15b40e9" + - "d8cfa7e63735637e5857f10a56284efc7dde724ac4a155860b298a5ecdd74f79" + - "289140a99492f21a66e8b4d0b1f99bdf488e3cfaebaf642f7eac022a06676a2d" + - "0b1e027f475f2baf2c0831b12f78b0ca01aaf4ead628cab94f0b14aa5efaeb87" + - "82fca84bd590bca0dfe8bb2a58cb3b740a0ee006a25c7279dcc3371d45b6e610" + - "fd9a03a25d0e3f4b0c75cd30d8d7db4791b00a49291b5cf59b6861bb966a1b84" + - "3b26700d8afe9afb3f54b20f076e9b629bedbe6fc1384532e39cec71c9026373" + - "77e884c5dc801bbc6d9577d47d90aaedd087337e7d1f24107971aaeb42e32499" + - "c499083fd610892d18bfe9a5e1b3979fd7507269a18202c23082022b02010130" + - "820108a181e0a481dd3081da310b300906035504061302555331133011060355" + - "0408130a57617368696e67746f6e3110300e060355040713075265646d6f6e64" + - "311e301c060355040a13154d6963726f736f667420436f72706f726174696f6e" + - "31253023060355040b131c4d6963726f736f667420416d6572696361204f7065" + - "726174696f6e7331263024060355040b131d5468616c6573205453532045534e" + - "3a424237332d393646442d37374546313530330603550403132c4d6963726f73" + - "6f6674205075626c6963205253412054696d65205374616d70696e6720417574" + - "686f72697479a2230a0101300706052b0e03021a031500713fd5ca3151c27d82" + - "dff783846024d47dc89c92a0673065a4633061310b3009060355040613025553" + - "311e301c060355040a13154d6963726f736f667420436f72706f726174696f6e" + - "31323030060355040313294d6963726f736f6674205075626c69632052534120" + - "54696d657374616d70696e672043412032303230300d06092a864886f70d0101" + - "050500020500e75011b13022180f32303232313232333139333832355a180f32" + - "303232313232343139333832355a3077303d060a2b0601040184590a0401312f" + - "302d300a020500e75011b1020100300a020100020225a40201ff300702010002" + - "02103e300a020500e75163310201003036060a2b0601040184590a0402312830" + - "26300c060a2b0601040184590a0302a00a3008020100020307a120a10a300802" + - "010002030186a0300d06092a864886f70d01010505000381810089add4c4e06d" + - "5a634850da6fb8197070157501212b7669e5bd48eeb2de5b1d24d58fada655da" + - "ad85a1943bdcbf1a33c3ee3c8b6c2f9ba8873d2c449d447e1f43c4245fe9172e" + - "e5eab38442cf2eb81655486628db01452be945340eebd855a64e29181a4f578d" + - "f9cc14d02b6f1b3da3d41595463fe96a0ce961245201ae0ef664318203d43082" + - "03d002010130783061310b3009060355040613025553311e301c060355040a13" + - "154d6963726f736f667420436f72706f726174696f6e31323030060355040313" + - "294d6963726f736f6674205075626c6963205253412054696d657374616d7069" + - "6e67204341203230323002133300000020b001af2f87675c8b00000000002030" + - "0d06096086480165030402010500a082012d301a06092a864886f70d01090331" + - "0d060b2a864886f70d0109100104302f06092a864886f70d0109043122042015" + - "6a9c3cbbc59a83b57308b9ff5783c4f4af776cc3fe5291f086313f5aede03730" + - "81dd060b2a864886f70d010910022f3181cd3081ca3081c73081a00420586284" + - "fbd9a5cb98871b82c01557d1349c0fed98d9bcfcf3daa3c6b9c1e3f444307c30" + - "65a4633061310b3009060355040613025553311e301c060355040a13154d6963" + - "726f736f667420436f72706f726174696f6e31323030060355040313294d6963" + - "726f736f6674205075626c6963205253412054696d657374616d70696e672043" + - "41203230323002133300000020b001af2f87675c8b0000000000203022042047" + - "6a414df916ea44c176dfe014b74b7a722f3d3ab504771bc5907f76f1426dd330" + - "0d06092a864886f70d01010b050004820200269d12401fb57ddf9907e7679898" + - "e234e19c3eb32b3116ed721f6dafa61d6b71b0257d1b2b435bce97ff1ee0cf08" + - "64101ba287baba8b50ffdc437671e0cc64fd56e60d50db2aaefcc9c847414fca" + - "402d7e55e6ff58b901cfdf30cdb2b9aa165405a6e09eb3b199372b0413f43eef" + - "7ba80c7a8f2a51b92254cda91b68f86e725a63d21eb8fa1af733b8b2fc8db708" + - "3274f74627274a2f4481dacbd3a5153c8a7bbd573305681dab08a5a7b1137cf4" + - "e0a2b1b8f4f042a59219809fe756af513eab0e516226e7bc3ceb81b217fae92e" + - "8ae21fa649a9c22e06a674eaa50417dbc6a00d9f753b8e8c08ac066f4e77ab17" + - "b3f745772f286895d2ded5227a6826a0a0ae1614a1bdf9bde726c7c6ea1cf188" + - "334f037bfaad31baf4ce5cd8552fa82054c1002d32b22249b3d42da462725644" + - "9e46d7a0e4bbd3be1a048198afbbe1473d36a8cab276c4b000fb299976e7f30f" + - "c9cb466a2333f4b9a3f1aa92414cafd45a1de6c48d104835979a8e8381506e40" + - "5dd8af815dfc4b1001df062593e0bad41c2009efa00066d87a8eeb4bc46ece43" + - "6d59a536ffb519e66daca417775b43c69847ce45f5063a2001cfcac1aed7566b" + - "cf9cb2ffb1c40033defa93372e58c31be5bc715dda8d1d71231fb14c3d3bc1a5" + - "aace918310b8b9d6759e6dd574495e78d36d2ede72bbde11098944ab5443e430" + - "00318df0c8dbdc2f09164e96bb474731f6ee").HexToByteArray(); } }