|
|
a359fa |
From 7f5ccbde792c7fd94ec27c33861ae1c3118ecf93 Mon Sep 17 00:00:00 2001
|
|
|
a359fa |
From: Filip Navara <filip.navara@gmail.com>
|
|
|
a359fa |
Date: Sun, 24 Jun 2018 06:29:39 +0200
|
|
|
a359fa |
Subject: [PATCH 1/7] NetFX compatibility fixes for X500DistinguishedName.
|
|
|
a359fa |
|
|
|
a359fa |
* Don't write a separator after the empty DN
|
|
|
a359fa |
* Make T61String behave like it does on Windows (UTF-8 with a Latin-1 fallback)
|
|
|
a359fa |
* Use the managed decoder on Linux, instead of a lot of P/Invokes back into OpenSSL.
|
|
|
a359fa |
---
|
|
|
a359fa |
.../Interop.ASN1.cs | 27 ----
|
|
|
a359fa |
.../Interop.X509Name.cs | 39 ------
|
|
|
a359fa |
.../Interop.X509NameEntry.cs | 61 ---------
|
|
|
a359fa |
.../SafeHandles/SafeX509NameHandle.Unix.cs | 30 -----
|
|
|
a359fa |
.../Cryptography/DerSequenceReader.cs | 35 +++++
|
|
|
a359fa |
.../pal_x509_name.cpp | 5 +
|
|
|
a359fa |
.../pal_x509_name.h | 5 +
|
|
|
a359fa |
.../src/System.Net.Http.csproj | 3 -
|
|
|
a359fa |
.../src/System.Net.Security.csproj | 3 -
|
|
|
a359fa |
...em.Security.Cryptography.Algorithms.csproj | 1 +
|
|
|
a359fa |
...stem.Security.Cryptography.Encoding.csproj | 1 +
|
|
|
a359fa |
...ystem.Security.Cryptography.OpenSsl.csproj | 1 +
|
|
|
a359fa |
.../Pal.Unix/X500NameEncoder.ManagedDecode.cs | 4 +-
|
|
|
a359fa |
.../Pal.Unix/X500NameEncoder.OpenSslDecode.cs | 123 ------------------
|
|
|
a359fa |
.../Cryptography/Pal.Unix/X500NameEncoder.cs | 7 +-
|
|
|
a359fa |
...urity.Cryptography.X509Certificates.csproj | 10 +-
|
|
|
a359fa |
.../tests/X500DistinguishedNameTests.cs | 69 ++++++++++
|
|
|
a359fa |
17 files changed, 125 insertions(+), 299 deletions(-)
|
|
|
a359fa |
delete mode 100644 src/Common/src/Interop/Unix/System.Security.Cryptography.Native/Interop.X509NameEntry.cs
|
|
|
a359fa |
delete mode 100644 src/Common/src/Microsoft/Win32/SafeHandles/SafeX509NameHandle.Unix.cs
|
|
|
a359fa |
delete mode 100644 src/System.Security.Cryptography.X509Certificates/src/Internal/Cryptography/Pal.Unix/X500NameEncoder.OpenSslDecode.cs
|
|
|
a359fa |
|
|
|
a359fa |
diff --git a/src/Common/src/Interop/Unix/System.Security.Cryptography.Native/Interop.ASN1.cs b/src/Common/src/Interop/Unix/System.Security.Cryptography.Native/Interop.ASN1.cs
|
|
|
a359fa |
index 962eaa426f..5bd2e8b9b4 100644
|
|
|
a359fa |
--- a/src/Common/src/Interop/Unix/System.Security.Cryptography.Native/Interop.ASN1.cs
|
|
|
a359fa |
+++ b/src/Common/src/Interop/Unix/System.Security.Cryptography.Native/Interop.ASN1.cs
|
|
|
a359fa |
@@ -61,22 +61,6 @@ internal static partial class Interop
|
|
|
a359fa |
[DllImport(Libraries.CryptoNative, EntryPoint = "CryptoNative_Asn1StringFree")]
|
|
|
a359fa |
internal static extern void Asn1StringFree(IntPtr o);
|
|
|
a359fa |
|
|
|
a359fa |
- internal static string GetOidValue(SafeSharedAsn1ObjectHandle asn1Object)
|
|
|
a359fa |
- {
|
|
|
a359fa |
- Debug.Assert(asn1Object != null);
|
|
|
a359fa |
-
|
|
|
a359fa |
- bool added = false;
|
|
|
a359fa |
- asn1Object.DangerousAddRef(ref added);
|
|
|
a359fa |
- try
|
|
|
a359fa |
- {
|
|
|
a359fa |
- return GetOidValue(asn1Object.DangerousGetHandle());
|
|
|
a359fa |
- }
|
|
|
a359fa |
- finally
|
|
|
a359fa |
- {
|
|
|
a359fa |
- asn1Object.DangerousRelease();
|
|
|
a359fa |
- }
|
|
|
a359fa |
- }
|
|
|
a359fa |
-
|
|
|
a359fa |
internal static unsafe string GetOidValue(IntPtr asn1ObjectPtr)
|
|
|
a359fa |
{
|
|
|
a359fa |
// OBJ_obj2txt returns the number of bytes that should have been in the answer, but it does not accept
|
|
|
a359fa |
@@ -127,14 +111,3 @@ internal static partial class Interop
|
|
|
a359fa |
}
|
|
|
a359fa |
}
|
|
|
a359fa |
}
|
|
|
a359fa |
-
|
|
|
a359fa |
-namespace Microsoft.Win32.SafeHandles
|
|
|
a359fa |
-{
|
|
|
a359fa |
- internal class SafeSharedAsn1ObjectHandle : SafeInteriorHandle
|
|
|
a359fa |
- {
|
|
|
a359fa |
- private SafeSharedAsn1ObjectHandle() :
|
|
|
a359fa |
- base(IntPtr.Zero, ownsHandle: true)
|
|
|
a359fa |
- {
|
|
|
a359fa |
- }
|
|
|
a359fa |
- }
|
|
|
a359fa |
-}
|
|
|
a359fa |
diff --git a/src/Common/src/Interop/Unix/System.Security.Cryptography.Native/Interop.X509Name.cs b/src/Common/src/Interop/Unix/System.Security.Cryptography.Native/Interop.X509Name.cs
|
|
|
a359fa |
index 0f0fecad24..70097d7db2 100644
|
|
|
a359fa |
--- a/src/Common/src/Interop/Unix/System.Security.Cryptography.Native/Interop.X509Name.cs
|
|
|
a359fa |
+++ b/src/Common/src/Interop/Unix/System.Security.Cryptography.Native/Interop.X509Name.cs
|
|
|
a359fa |
@@ -15,16 +15,6 @@ internal static partial class Interop
|
|
|
a359fa |
[DllImport(Libraries.CryptoNative, EntryPoint = "CryptoNative_GetX509NameStackFieldCount")]
|
|
|
a359fa |
internal static extern int GetX509NameStackFieldCount(SafeSharedX509NameStackHandle sk);
|
|
|
a359fa |
|
|
|
a359fa |
- [DllImport(Libraries.CryptoNative, EntryPoint = "CryptoNative_PushX509NameStackField")]
|
|
|
a359fa |
- [return: MarshalAs(UnmanagedType.Bool)]
|
|
|
a359fa |
- internal static extern bool PushX509NameStackField(SafeX509NameStackHandle stack, SafeX509NameHandle x509_Name);
|
|
|
a359fa |
-
|
|
|
a359fa |
- [DllImport(Libraries.CryptoNative, EntryPoint = "CryptoNative_RecursiveFreeX509NameStack")]
|
|
|
a359fa |
- internal static extern void RecursiveFreeX509NameStack(IntPtr stack);
|
|
|
a359fa |
-
|
|
|
a359fa |
- [DllImport(Libraries.CryptoNative, EntryPoint = "CryptoNative_NewX509NameStack")]
|
|
|
a359fa |
- internal static extern SafeX509NameStackHandle NewX509NameStack();
|
|
|
a359fa |
-
|
|
|
a359fa |
[DllImport(Libraries.CryptoNative, EntryPoint = "CryptoNative_GetX509NameStackField")]
|
|
|
a359fa |
private static extern SafeSharedX509NameHandle GetX509NameStackField_private(SafeSharedX509NameStackHandle sk,
|
|
|
a359fa |
int loc);
|
|
|
a359fa |
@@ -32,15 +22,6 @@ internal static partial class Interop
|
|
|
a359fa |
[DllImport(Libraries.CryptoNative, EntryPoint = "CryptoNative_GetX509NameRawBytes")]
|
|
|
a359fa |
private static extern int GetX509NameRawBytes(SafeSharedX509NameHandle x509Name, byte[] buf, int cBuf);
|
|
|
a359fa |
|
|
|
a359fa |
- [DllImport(Libraries.CryptoNative, EntryPoint = "CryptoNative_DecodeX509Name")]
|
|
|
a359fa |
- internal static extern SafeX509NameHandle DecodeX509Name(byte[] buf, int len);
|
|
|
a359fa |
-
|
|
|
a359fa |
- [DllImport(Libraries.CryptoNative, EntryPoint = "CryptoNative_X509NameDestroy")]
|
|
|
a359fa |
- internal static extern void X509NameDestroy(IntPtr a);
|
|
|
a359fa |
-
|
|
|
a359fa |
- [DllImport(Libraries.CryptoNative, EntryPoint = "CryptoNative_GetX509NameEntryCount")]
|
|
|
a359fa |
- internal static extern int GetX509NameEntryCount(SafeX509NameHandle x509Name);
|
|
|
a359fa |
-
|
|
|
a359fa |
internal static X500DistinguishedName LoadX500Name(SafeSharedX509NameHandle namePtr)
|
|
|
a359fa |
{
|
|
|
a359fa |
CheckValidOpenSslHandle(namePtr);
|
|
|
a359fa |
@@ -86,25 +67,5 @@ namespace Microsoft.Win32.SafeHandles
|
|
|
a359fa |
{
|
|
|
a359fa |
}
|
|
|
a359fa |
}
|
|
|
a359fa |
-
|
|
|
a359fa |
- internal sealed class SafeX509NameStackHandle : SafeHandle
|
|
|
a359fa |
- {
|
|
|
a359fa |
- private SafeX509NameStackHandle() :
|
|
|
a359fa |
- base(IntPtr.Zero, ownsHandle: true)
|
|
|
a359fa |
- {
|
|
|
a359fa |
- }
|
|
|
a359fa |
-
|
|
|
a359fa |
- protected override bool ReleaseHandle()
|
|
|
a359fa |
- {
|
|
|
a359fa |
- Interop.Crypto.RecursiveFreeX509NameStack(handle);
|
|
|
a359fa |
- SetHandle(IntPtr.Zero);
|
|
|
a359fa |
- return true;
|
|
|
a359fa |
- }
|
|
|
a359fa |
-
|
|
|
a359fa |
- public override bool IsInvalid
|
|
|
a359fa |
- {
|
|
|
a359fa |
- get { return handle == IntPtr.Zero; }
|
|
|
a359fa |
- }
|
|
|
a359fa |
- }
|
|
|
a359fa |
}
|
|
|
a359fa |
|
|
|
a359fa |
diff --git a/src/Common/src/Interop/Unix/System.Security.Cryptography.Native/Interop.X509NameEntry.cs b/src/Common/src/Interop/Unix/System.Security.Cryptography.Native/Interop.X509NameEntry.cs
|
|
|
a359fa |
deleted file mode 100644
|
|
|
a359fa |
index eeeea54d0c..0000000000
|
|
|
a359fa |
--- a/src/Common/src/Interop/Unix/System.Security.Cryptography.Native/Interop.X509NameEntry.cs
|
|
|
a359fa |
+++ /dev/null
|
|
|
a359fa |
@@ -1,61 +0,0 @@
|
|
|
a359fa |
-// Licensed to the .NET Foundation under one or more agreements.
|
|
|
a359fa |
-// The .NET Foundation licenses this file to you under the MIT license.
|
|
|
a359fa |
-// See the LICENSE file in the project root for more information.
|
|
|
a359fa |
-
|
|
|
a359fa |
-using System;
|
|
|
a359fa |
-using System.Runtime.InteropServices;
|
|
|
a359fa |
-using Microsoft.Win32.SafeHandles;
|
|
|
a359fa |
-
|
|
|
a359fa |
-internal static partial class Interop
|
|
|
a359fa |
-{
|
|
|
a359fa |
- internal static partial class Crypto
|
|
|
a359fa |
- {
|
|
|
a359fa |
- [DllImport(Libraries.CryptoNative, EntryPoint = "CryptoNative_GetX509NameEntry")]
|
|
|
a359fa |
- private static extern SafeSharedX509NameEntryHandle GetX509NameEntry_private(SafeX509NameHandle x509Name, int loc);
|
|
|
a359fa |
-
|
|
|
a359fa |
- [DllImport(Libraries.CryptoNative, EntryPoint = "CryptoNative_GetX509NameEntryOid")]
|
|
|
a359fa |
- private static extern SafeSharedAsn1ObjectHandle GetX509NameEntryOid_private(SafeSharedX509NameEntryHandle nameEntry);
|
|
|
a359fa |
-
|
|
|
a359fa |
- [DllImport(Libraries.CryptoNative, EntryPoint = "CryptoNative_GetX509NameEntryData")]
|
|
|
a359fa |
- private static extern SafeSharedAsn1StringHandle GetX509NameEntryData_private(SafeSharedX509NameEntryHandle nameEntry);
|
|
|
a359fa |
-
|
|
|
a359fa |
- internal static SafeSharedX509NameEntryHandle GetX509NameEntry(SafeX509NameHandle x509Name, int loc)
|
|
|
a359fa |
- {
|
|
|
a359fa |
- CheckValidOpenSslHandle(x509Name);
|
|
|
a359fa |
-
|
|
|
a359fa |
- return SafeInteriorHandle.OpenInteriorHandle(
|
|
|
a359fa |
- (nameHandle, i) => GetX509NameEntry_private(nameHandle, i),
|
|
|
a359fa |
- x509Name,
|
|
|
a359fa |
- loc);
|
|
|
a359fa |
- }
|
|
|
a359fa |
-
|
|
|
a359fa |
- internal static SafeSharedAsn1ObjectHandle GetX509NameEntryOid(SafeSharedX509NameEntryHandle nameEntry)
|
|
|
a359fa |
- {
|
|
|
a359fa |
- CheckValidOpenSslHandle(nameEntry);
|
|
|
a359fa |
-
|
|
|
a359fa |
- return SafeInteriorHandle.OpenInteriorHandle(
|
|
|
a359fa |
- handle => GetX509NameEntryOid_private(handle),
|
|
|
a359fa |
- nameEntry);
|
|
|
a359fa |
- }
|
|
|
a359fa |
-
|
|
|
a359fa |
- internal static SafeSharedAsn1StringHandle GetX509NameEntryData(SafeSharedX509NameEntryHandle nameEntry)
|
|
|
a359fa |
- {
|
|
|
a359fa |
- CheckValidOpenSslHandle(nameEntry);
|
|
|
a359fa |
-
|
|
|
a359fa |
- return SafeInteriorHandle.OpenInteriorHandle(
|
|
|
a359fa |
- handle => GetX509NameEntryData_private(handle),
|
|
|
a359fa |
- nameEntry);
|
|
|
a359fa |
- }
|
|
|
a359fa |
- }
|
|
|
a359fa |
-}
|
|
|
a359fa |
-
|
|
|
a359fa |
-namespace Microsoft.Win32.SafeHandles
|
|
|
a359fa |
-{
|
|
|
a359fa |
- internal sealed class SafeSharedX509NameEntryHandle : SafeInteriorHandle
|
|
|
a359fa |
- {
|
|
|
a359fa |
- private SafeSharedX509NameEntryHandle() :
|
|
|
a359fa |
- base(IntPtr.Zero, ownsHandle: true)
|
|
|
a359fa |
- {
|
|
|
a359fa |
- }
|
|
|
a359fa |
- }
|
|
|
a359fa |
-}
|
|
|
a359fa |
diff --git a/src/Common/src/Microsoft/Win32/SafeHandles/SafeX509NameHandle.Unix.cs b/src/Common/src/Microsoft/Win32/SafeHandles/SafeX509NameHandle.Unix.cs
|
|
|
a359fa |
deleted file mode 100644
|
|
|
a359fa |
index ae22b92303..0000000000
|
|
|
a359fa |
--- a/src/Common/src/Microsoft/Win32/SafeHandles/SafeX509NameHandle.Unix.cs
|
|
|
a359fa |
+++ /dev/null
|
|
|
a359fa |
@@ -1,30 +0,0 @@
|
|
|
a359fa |
-// Licensed to the .NET Foundation under one or more agreements.
|
|
|
a359fa |
-// The .NET Foundation licenses this file to you under the MIT license.
|
|
|
a359fa |
-// See the LICENSE file in the project root for more information.
|
|
|
a359fa |
-
|
|
|
a359fa |
-using System;
|
|
|
a359fa |
-using System.Security;
|
|
|
a359fa |
-using System.Runtime.InteropServices;
|
|
|
a359fa |
-
|
|
|
a359fa |
-namespace Microsoft.Win32.SafeHandles
|
|
|
a359fa |
-{
|
|
|
a359fa |
- internal sealed class SafeX509NameHandle : SafeHandle
|
|
|
a359fa |
- {
|
|
|
a359fa |
- private SafeX509NameHandle() :
|
|
|
a359fa |
- base(IntPtr.Zero, ownsHandle: true)
|
|
|
a359fa |
- {
|
|
|
a359fa |
- }
|
|
|
a359fa |
-
|
|
|
a359fa |
- protected override bool ReleaseHandle()
|
|
|
a359fa |
- {
|
|
|
a359fa |
- Interop.Crypto.X509NameDestroy(handle);
|
|
|
a359fa |
- SetHandle(IntPtr.Zero);
|
|
|
a359fa |
- return true;
|
|
|
a359fa |
- }
|
|
|
a359fa |
-
|
|
|
a359fa |
- public override bool IsInvalid
|
|
|
a359fa |
- {
|
|
|
a359fa |
- get { return handle == IntPtr.Zero; }
|
|
|
a359fa |
- }
|
|
|
a359fa |
- }
|
|
|
a359fa |
-}
|
|
|
a359fa |
diff --git a/src/Common/src/System/Security/Cryptography/DerSequenceReader.cs b/src/Common/src/System/Security/Cryptography/DerSequenceReader.cs
|
|
|
a359fa |
index b68c9da093..68d9ac1bd2 100644
|
|
|
a359fa |
--- a/src/Common/src/System/Security/Cryptography/DerSequenceReader.cs
|
|
|
a359fa |
+++ b/src/Common/src/System/Security/Cryptography/DerSequenceReader.cs
|
|
|
a359fa |
@@ -30,6 +30,9 @@ namespace System.Security.Cryptography
|
|
|
a359fa |
|
|
|
a359fa |
internal static DateTimeFormatInfo s_validityDateTimeFormatInfo;
|
|
|
a359fa |
|
|
|
a359fa |
+ private static System.Text.Encoding s_utf8EncodingWithExceptionFallback;
|
|
|
a359fa |
+ private static System.Text.Encoding s_latin1Encoding;
|
|
|
a359fa |
+
|
|
|
a359fa |
private readonly byte[] _data;
|
|
|
a359fa |
private readonly int _end;
|
|
|
a359fa |
private int _position;
|
|
|
a359fa |
@@ -383,6 +386,38 @@ namespace System.Security.Cryptography
|
|
|
a359fa |
return TrimTrailingNulls(ia5String);
|
|
|
a359fa |
}
|
|
|
a359fa |
|
|
|
a359fa |
+ internal string ReadT61String()
|
|
|
a359fa |
+ {
|
|
|
a359fa |
+ EatTag(DerTag.T61String);
|
|
|
a359fa |
+ int contentLength = EatLength();
|
|
|
a359fa |
+ string t61String;
|
|
|
a359fa |
+
|
|
|
a359fa |
+ // Technically the T.61 encoding (code page 20261) should be used here, but many
|
|
|
a359fa |
+ // implementations don't follow that and use different character sets. CryptoAPI
|
|
|
a359fa |
+ // on NetFX seems to interpret it as UTF-8 with fallback to ISO 8859-1. OpenSSL
|
|
|
a359fa |
+ // seems to interpret it as ISO 8859-1 with no support for UTF-8.
|
|
|
a359fa |
+ // https://github.com/dotnet/corefx/issues/27466
|
|
|
a359fa |
+
|
|
|
a359fa |
+ System.Text.Encoding utf8EncodingWithExceptionFallback = LazyInitializer.EnsureInitialized(
|
|
|
a359fa |
+ ref s_utf8EncodingWithExceptionFallback,
|
|
|
a359fa |
+ () => new UTF8Encoding(false, true));
|
|
|
a359fa |
+ System.Text.Encoding latin1Encoding = LazyInitializer.EnsureInitialized(
|
|
|
a359fa |
+ ref s_latin1Encoding,
|
|
|
a359fa |
+ () => System.Text.Encoding.GetEncoding("iso-8859-1"));
|
|
|
a359fa |
+
|
|
|
a359fa |
+ try
|
|
|
a359fa |
+ {
|
|
|
a359fa |
+ t61String = utf8EncodingWithExceptionFallback.GetString(_data, _position, contentLength);
|
|
|
a359fa |
+ }
|
|
|
a359fa |
+ catch (DecoderFallbackException)
|
|
|
a359fa |
+ {
|
|
|
a359fa |
+ t61String = latin1Encoding.GetString(_data, _position, contentLength);
|
|
|
a359fa |
+ }
|
|
|
a359fa |
+ _position += contentLength;
|
|
|
a359fa |
+
|
|
|
a359fa |
+ return TrimTrailingNulls(t61String);
|
|
|
a359fa |
+ }
|
|
|
a359fa |
+
|
|
|
a359fa |
internal DateTime ReadX509Date()
|
|
|
a359fa |
{
|
|
|
a359fa |
byte tag = PeekTag();
|
|
|
a359fa |
diff --git a/src/Native/Unix/System.Security.Cryptography.Native/pal_x509_name.cpp b/src/Native/Unix/System.Security.Cryptography.Native/pal_x509_name.cpp
|
|
|
a359fa |
index 2195b74906..02cbfee4a2 100644
|
|
|
a359fa |
--- a/src/Native/Unix/System.Security.Cryptography.Native/pal_x509_name.cpp
|
|
|
a359fa |
+++ b/src/Native/Unix/System.Security.Cryptography.Native/pal_x509_name.cpp
|
|
|
a359fa |
@@ -14,6 +14,11 @@ extern "C" X509_NAME* CryptoNative_GetX509NameStackField(X509NameStack* sk, int3
|
|
|
a359fa |
return sk_X509_NAME_value(sk, loc);
|
|
|
a359fa |
}
|
|
|
a359fa |
|
|
|
a359fa |
+/*
|
|
|
a359fa |
+ * The following methods are kept around for compatiblity during servicing.
|
|
|
a359fa |
+ * They are not used.
|
|
|
a359fa |
+ */
|
|
|
a359fa |
+
|
|
|
a359fa |
extern "C" X509_NAME* CryptoNative_DecodeX509Name(const uint8_t* buf, int32_t len)
|
|
|
a359fa |
{
|
|
|
a359fa |
if (!buf || !len)
|
|
|
a359fa |
diff --git a/src/Native/Unix/System.Security.Cryptography.Native/pal_x509_name.h b/src/Native/Unix/System.Security.Cryptography.Native/pal_x509_name.h
|
|
|
a359fa |
index 76a77ccc1f..b24a794bbd 100644
|
|
|
a359fa |
--- a/src/Native/Unix/System.Security.Cryptography.Native/pal_x509_name.h
|
|
|
a359fa |
+++ b/src/Native/Unix/System.Security.Cryptography.Native/pal_x509_name.h
|
|
|
a359fa |
@@ -18,6 +18,11 @@ Direct shim to sk_X509_NAME_value
|
|
|
a359fa |
*/
|
|
|
a359fa |
extern "C" X509_NAME* CryptoNative_GetX509NameStackField(X509NameStack* sk, int32_t loc);
|
|
|
a359fa |
|
|
|
a359fa |
+/*
|
|
|
a359fa |
+ * The following methods are kept around for compatiblity during servicing.
|
|
|
a359fa |
+ * They are not used.
|
|
|
a359fa |
+ */
|
|
|
a359fa |
+
|
|
|
a359fa |
/*
|
|
|
a359fa |
Shims the d2i_X509_NAME method and makes it easier to invoke from managed code.
|
|
|
a359fa |
*/
|
|
|
a359fa |
diff --git a/src/System.Net.Http/src/System.Net.Http.csproj b/src/System.Net.Http/src/System.Net.Http.csproj
|
|
|
a359fa |
index 3fa7cdd26f..66e5b8d5f8 100644
|
|
|
a359fa |
--- a/src/System.Net.Http/src/System.Net.Http.csproj
|
|
|
a359fa |
+++ b/src/System.Net.Http/src/System.Net.Http.csproj
|
|
|
a359fa |
@@ -530,9 +530,6 @@
|
|
|
a359fa |
<Compile Include="$(CommonPath)\Microsoft\Win32\SafeHandles\SafeX509Handles.Unix.cs">
|
|
|
a359fa |
<Link>Common\Microsoft\Win32\SafeHandles\SafeX509Handles.Unix.cs</Link>
|
|
|
a359fa |
</Compile>
|
|
|
a359fa |
- <Compile Include="$(CommonPath)\Microsoft\Win32\SafeHandles\SafeX509NameHandle.Unix.cs">
|
|
|
a359fa |
- <Link>Common\Microsoft\Win32\SafeHandles\SafeX509NameHandle.Unix.cs</Link>
|
|
|
a359fa |
- </Compile>
|
|
|
a359fa |
<Compile Include="$(CommonPath)\Microsoft\Win32\SafeHandles\X509ExtensionSafeHandles.Unix.cs">
|
|
|
a359fa |
<Link>Common\Microsoft\Win32\SafeHandles\X509ExtensionSafeHandles.Unix.cs</Link>
|
|
|
a359fa |
</Compile>
|
|
|
a359fa |
diff --git a/src/System.Net.Security/src/System.Net.Security.csproj b/src/System.Net.Security/src/System.Net.Security.csproj
|
|
|
a359fa |
index 9dff20160e..bf8d773a4e 100644
|
|
|
a359fa |
--- a/src/System.Net.Security/src/System.Net.Security.csproj
|
|
|
a359fa |
+++ b/src/System.Net.Security/src/System.Net.Security.csproj
|
|
|
a359fa |
@@ -328,9 +328,6 @@
|
|
|
a359fa |
<Compile Include="$(CommonPath)\Microsoft\Win32\SafeHandles\SafeX509Handles.Unix.cs">
|
|
|
a359fa |
<Link>Common\Microsoft\Win32\SafeHandles\SafeX509Handles.Unix.cs</Link>
|
|
|
a359fa |
</Compile>
|
|
|
a359fa |
- <Compile Include="$(CommonPath)\Microsoft\Win32\SafeHandles\SafeX509NameHandle.Unix.cs">
|
|
|
a359fa |
- <Link>Common\Microsoft\Win32\SafeHandles\SafeX509NameHandle.Unix.cs</Link>
|
|
|
a359fa |
- </Compile>
|
|
|
a359fa |
<Compile Include="$(CommonPath)\Microsoft\Win32\SafeHandles\X509ExtensionSafeHandles.Unix.cs">
|
|
|
a359fa |
<Link>Common\Microsoft\Win32\SafeHandles\X509ExtensionSafeHandles.Unix.cs</Link>
|
|
|
a359fa |
</Compile>
|
|
|
a359fa |
diff --git a/src/System.Security.Cryptography.Algorithms/src/System.Security.Cryptography.Algorithms.csproj b/src/System.Security.Cryptography.Algorithms/src/System.Security.Cryptography.Algorithms.csproj
|
|
|
a359fa |
index 9b1cb26508..fbe6f4c269 100644
|
|
|
a359fa |
--- a/src/System.Security.Cryptography.Algorithms/src/System.Security.Cryptography.Algorithms.csproj
|
|
|
a359fa |
+++ b/src/System.Security.Cryptography.Algorithms/src/System.Security.Cryptography.Algorithms.csproj
|
|
|
a359fa |
@@ -558,6 +558,7 @@
|
|
|
a359fa |
<Reference Include="System.Security.Cryptography.Encoding" />
|
|
|
a359fa |
<Reference Include="System.Security.Cryptography.Primitives" />
|
|
|
a359fa |
<Reference Include="System.Threading" />
|
|
|
a359fa |
+ <Reference Include="System.Text.Encoding.Extensions" />
|
|
|
a359fa |
</ItemGroup>
|
|
|
a359fa |
<ItemGroup Condition="'$(TargetsUnix)' == 'true'">
|
|
|
a359fa |
<Reference Include="System.Runtime.Numerics" />
|
|
|
a359fa |
diff --git a/src/System.Security.Cryptography.Encoding/src/System.Security.Cryptography.Encoding.csproj b/src/System.Security.Cryptography.Encoding/src/System.Security.Cryptography.Encoding.csproj
|
|
|
a359fa |
index 9681ef62e4..388d4f36a6 100644
|
|
|
a359fa |
--- a/src/System.Security.Cryptography.Encoding/src/System.Security.Cryptography.Encoding.csproj
|
|
|
a359fa |
+++ b/src/System.Security.Cryptography.Encoding/src/System.Security.Cryptography.Encoding.csproj
|
|
|
a359fa |
@@ -106,6 +106,7 @@
|
|
|
a359fa |
<Reference Include="System.Runtime.Extensions" />
|
|
|
a359fa |
<Reference Include="System.Runtime.InteropServices" />
|
|
|
a359fa |
<Reference Include="System.Security.Cryptography.Primitives" />
|
|
|
a359fa |
+ <Reference Include="System.Text.Encoding.Extensions" />
|
|
|
a359fa |
</ItemGroup>
|
|
|
a359fa |
<ItemGroup Condition=" '$(TargetsOSX)' == 'true' ">
|
|
|
a359fa |
<Reference Include="System.Runtime.Numerics" />
|
|
|
a359fa |
diff --git a/src/System.Security.Cryptography.OpenSsl/src/System.Security.Cryptography.OpenSsl.csproj b/src/System.Security.Cryptography.OpenSsl/src/System.Security.Cryptography.OpenSsl.csproj
|
|
|
a359fa |
index 095d62bc6d..3846bcad23 100644
|
|
|
a359fa |
--- a/src/System.Security.Cryptography.OpenSsl/src/System.Security.Cryptography.OpenSsl.csproj
|
|
|
a359fa |
+++ b/src/System.Security.Cryptography.OpenSsl/src/System.Security.Cryptography.OpenSsl.csproj
|
|
|
a359fa |
@@ -160,6 +160,7 @@
|
|
|
a359fa |
<Reference Include="System.Security.Cryptography.Algorithms" />
|
|
|
a359fa |
<Reference Include="System.Security.Cryptography.Encoding" />
|
|
|
a359fa |
<Reference Include="System.Security.Cryptography.Primitives" />
|
|
|
a359fa |
+ <Reference Include="System.Text.Encoding.Extensions" />
|
|
|
a359fa |
<Reference Include="System.Threading" />
|
|
|
a359fa |
</ItemGroup>
|
|
|
a359fa |
<Import Project="$([MSBuild]::GetDirectoryNameOfFileAbove($(MSBuildThisFileDirectory), dir.targets))\dir.targets" />
|
|
|
a359fa |
diff --git a/src/System.Security.Cryptography.X509Certificates/src/Internal/Cryptography/Pal.Unix/X500NameEncoder.ManagedDecode.cs b/src/System.Security.Cryptography.X509Certificates/src/Internal/Cryptography/Pal.Unix/X500NameEncoder.ManagedDecode.cs
|
|
|
a359fa |
index 094e95c20d..0285415ba3 100644
|
|
|
a359fa |
--- a/src/System.Security.Cryptography.X509Certificates/src/Internal/Cryptography/Pal.Unix/X500NameEncoder.ManagedDecode.cs
|
|
|
a359fa |
+++ b/src/System.Security.Cryptography.X509Certificates/src/Internal/Cryptography/Pal.Unix/X500NameEncoder.ManagedDecode.cs
|
|
|
a359fa |
@@ -127,7 +127,7 @@ namespace Internal.Cryptography.Pal
|
|
|
a359fa |
}
|
|
|
a359fa |
}
|
|
|
a359fa |
|
|
|
a359fa |
- if (addTrailingDelimiter)
|
|
|
a359fa |
+ if (addTrailingDelimiter && decodedName.Length > 0)
|
|
|
a359fa |
{
|
|
|
a359fa |
decodedName.Append(dnSeparator);
|
|
|
a359fa |
}
|
|
|
a359fa |
@@ -150,7 +150,7 @@ namespace Internal.Cryptography.Pal
|
|
|
a359fa |
case DerSequenceReader.DerTag.UTF8String:
|
|
|
a359fa |
return tavReader.ReadUtf8String();
|
|
|
a359fa |
case DerSequenceReader.DerTag.T61String:
|
|
|
a359fa |
- return "";
|
|
|
a359fa |
+ return tavReader.ReadT61String();
|
|
|
a359fa |
default:
|
|
|
a359fa |
throw new CryptographicException(SR.Cryptography_Der_Invalid_Encoding);
|
|
|
a359fa |
}
|
|
|
a359fa |
diff --git a/src/System.Security.Cryptography.X509Certificates/src/Internal/Cryptography/Pal.Unix/X500NameEncoder.OpenSslDecode.cs b/src/System.Security.Cryptography.X509Certificates/src/Internal/Cryptography/Pal.Unix/X500NameEncoder.OpenSslDecode.cs
|
|
|
a359fa |
deleted file mode 100644
|
|
|
a359fa |
index 0c03283475..0000000000
|
|
|
a359fa |
--- a/src/System.Security.Cryptography.X509Certificates/src/Internal/Cryptography/Pal.Unix/X500NameEncoder.OpenSslDecode.cs
|
|
|
a359fa |
+++ /dev/null
|
|
|
a359fa |
@@ -1,123 +0,0 @@
|
|
|
a359fa |
-// Licensed to the .NET Foundation under one or more agreements.
|
|
|
a359fa |
-// The .NET Foundation licenses this file to you under the MIT license.
|
|
|
a359fa |
-// See the LICENSE file in the project root for more information.
|
|
|
a359fa |
-
|
|
|
a359fa |
-using System.Text;
|
|
|
a359fa |
-
|
|
|
a359fa |
-using Microsoft.Win32.SafeHandles;
|
|
|
a359fa |
-
|
|
|
a359fa |
-namespace Internal.Cryptography.Pal
|
|
|
a359fa |
-{
|
|
|
a359fa |
- internal static partial class X500NameEncoder
|
|
|
a359fa |
- {
|
|
|
a359fa |
- private static string X500DistinguishedNameDecode(
|
|
|
a359fa |
- byte[] encodedName,
|
|
|
a359fa |
- bool printOid,
|
|
|
a359fa |
- bool reverse,
|
|
|
a359fa |
- bool quoteIfNeeded,
|
|
|
a359fa |
- string dnSeparator,
|
|
|
a359fa |
- string multiValueSeparator,
|
|
|
a359fa |
- bool addTrailingDelimiter)
|
|
|
a359fa |
- {
|
|
|
a359fa |
- using (SafeX509NameHandle x509Name = Interop.Crypto.DecodeX509Name(encodedName, encodedName.Length))
|
|
|
a359fa |
- {
|
|
|
a359fa |
- if (x509Name.IsInvalid)
|
|
|
a359fa |
- {
|
|
|
a359fa |
- Interop.Crypto.ErrClearError();
|
|
|
a359fa |
- return "";
|
|
|
a359fa |
- }
|
|
|
a359fa |
-
|
|
|
a359fa |
- // We need to allocate a StringBuilder to hold the data as we're building it, and there's the usual
|
|
|
a359fa |
- // arbitrary process of choosing a number that's "big enough" to minimize reallocations without wasting
|
|
|
a359fa |
- // too much space in the average case.
|
|
|
a359fa |
- //
|
|
|
a359fa |
- // So, let's look at an example of what our output might be.
|
|
|
a359fa |
- //
|
|
|
a359fa |
- // GitHub.com's SSL cert has a "pretty long" subject (partially due to the unknown OIDs):
|
|
|
a359fa |
- // businessCategory=Private Organization
|
|
|
a359fa |
- // 1.3.6.1.4.1.311.60.2.1.3=US
|
|
|
a359fa |
- // 1.3.6.1.4.1.311.60.2.1.2=Delaware
|
|
|
a359fa |
- // serialNumber=5157550
|
|
|
a359fa |
- // street=548 4th Street
|
|
|
a359fa |
- // postalCode=94107
|
|
|
a359fa |
- // C=US
|
|
|
a359fa |
- // ST=California
|
|
|
a359fa |
- // L=San Francisco
|
|
|
a359fa |
- // O=GitHub, Inc.
|
|
|
a359fa |
- // CN=github.com
|
|
|
a359fa |
- //
|
|
|
a359fa |
- // Which comes out to 228 characters using OpenSSL's default pretty-print
|
|
|
a359fa |
- // (openssl x509 -in github.cer -text -noout)
|
|
|
a359fa |
- // Throw in some "maybe-I-need-to-quote-this" quotes, and a couple of extra/extra-long O/OU values
|
|
|
a359fa |
- // and round that up to the next programmer number, and you get that 512 should avoid reallocations
|
|
|
a359fa |
- // in all but the most dire of cases.
|
|
|
a359fa |
- StringBuilder decodedName = new StringBuilder(512);
|
|
|
a359fa |
- int entryCount = Interop.Crypto.GetX509NameEntryCount(x509Name);
|
|
|
a359fa |
- bool printSpacing = false;
|
|
|
a359fa |
-
|
|
|
a359fa |
- for (int i = 0; i < entryCount; i++)
|
|
|
a359fa |
- {
|
|
|
a359fa |
- int loc = reverse ? entryCount - i - 1 : i;
|
|
|
a359fa |
-
|
|
|
a359fa |
- using (SafeSharedX509NameEntryHandle nameEntry = Interop.Crypto.GetX509NameEntry(x509Name, loc))
|
|
|
a359fa |
- {
|
|
|
a359fa |
- Interop.Crypto.CheckValidOpenSslHandle(nameEntry);
|
|
|
a359fa |
-
|
|
|
a359fa |
- string thisOidValue;
|
|
|
a359fa |
-
|
|
|
a359fa |
- using (SafeSharedAsn1ObjectHandle oidHandle = Interop.Crypto.GetX509NameEntryOid(nameEntry))
|
|
|
a359fa |
- {
|
|
|
a359fa |
- thisOidValue = Interop.Crypto.GetOidValue(oidHandle);
|
|
|
a359fa |
- }
|
|
|
a359fa |
-
|
|
|
a359fa |
- if (printSpacing)
|
|
|
a359fa |
- {
|
|
|
a359fa |
- decodedName.Append(dnSeparator);
|
|
|
a359fa |
- }
|
|
|
a359fa |
- else
|
|
|
a359fa |
- {
|
|
|
a359fa |
- printSpacing = true;
|
|
|
a359fa |
- }
|
|
|
a359fa |
-
|
|
|
a359fa |
- if (printOid)
|
|
|
a359fa |
- {
|
|
|
a359fa |
- AppendOid(decodedName, thisOidValue);
|
|
|
a359fa |
- }
|
|
|
a359fa |
-
|
|
|
a359fa |
- string rdnValue;
|
|
|
a359fa |
-
|
|
|
a359fa |
- using (SafeSharedAsn1StringHandle valueHandle = Interop.Crypto.GetX509NameEntryData(nameEntry))
|
|
|
a359fa |
- {
|
|
|
a359fa |
- rdnValue = Interop.Crypto.Asn1StringToManagedString(valueHandle);
|
|
|
a359fa |
- }
|
|
|
a359fa |
-
|
|
|
a359fa |
- bool quote = quoteIfNeeded && NeedsQuoting(rdnValue);
|
|
|
a359fa |
-
|
|
|
a359fa |
- if (quote)
|
|
|
a359fa |
- {
|
|
|
a359fa |
- decodedName.Append('"');
|
|
|
a359fa |
-
|
|
|
a359fa |
- // If the RDN itself had a quote within it, that quote needs to be escaped
|
|
|
a359fa |
- // with another quote.
|
|
|
a359fa |
- rdnValue = rdnValue.Replace("\"", "\"\"");
|
|
|
a359fa |
- }
|
|
|
a359fa |
-
|
|
|
a359fa |
- decodedName.Append(rdnValue);
|
|
|
a359fa |
-
|
|
|
a359fa |
- if (quote)
|
|
|
a359fa |
- {
|
|
|
a359fa |
- decodedName.Append('"');
|
|
|
a359fa |
- }
|
|
|
a359fa |
- }
|
|
|
a359fa |
- }
|
|
|
a359fa |
-
|
|
|
a359fa |
- if (addTrailingDelimiter)
|
|
|
a359fa |
- {
|
|
|
a359fa |
- decodedName.Append(dnSeparator);
|
|
|
a359fa |
- }
|
|
|
a359fa |
-
|
|
|
a359fa |
- return decodedName.ToString();
|
|
|
a359fa |
- }
|
|
|
a359fa |
- }
|
|
|
a359fa |
- }
|
|
|
a359fa |
-}
|
|
|
a359fa |
diff --git a/src/System.Security.Cryptography.X509Certificates/src/Internal/Cryptography/Pal.Unix/X500NameEncoder.cs b/src/System.Security.Cryptography.X509Certificates/src/Internal/Cryptography/Pal.Unix/X500NameEncoder.cs
|
|
|
a359fa |
index 56da9ae40c..005e09abe3 100644
|
|
|
a359fa |
--- a/src/System.Security.Cryptography.X509Certificates/src/Internal/Cryptography/Pal.Unix/X500NameEncoder.cs
|
|
|
a359fa |
+++ b/src/System.Security.Cryptography.X509Certificates/src/Internal/Cryptography/Pal.Unix/X500NameEncoder.cs
|
|
|
a359fa |
@@ -40,7 +40,7 @@ namespace Internal.Cryptography.Pal
|
|
|
a359fa |
byte[] encodedName,
|
|
|
a359fa |
bool printOid,
|
|
|
a359fa |
X500DistinguishedNameFlags flags,
|
|
|
a359fa |
- bool addTrailingDelimieter=false)
|
|
|
a359fa |
+ bool addTrailingDelimiter = false)
|
|
|
a359fa |
{
|
|
|
a359fa |
bool reverse = (flags & X500DistinguishedNameFlags.Reversed) == X500DistinguishedNameFlags.Reversed;
|
|
|
a359fa |
bool quoteIfNeeded = (flags & X500DistinguishedNameFlags.DoNotUseQuotes) != X500DistinguishedNameFlags.DoNotUseQuotes;
|
|
|
a359fa |
@@ -51,7 +51,8 @@ namespace Internal.Cryptography.Pal
|
|
|
a359fa |
{
|
|
|
a359fa |
dnSeparator = "; ";
|
|
|
a359fa |
}
|
|
|
a359fa |
- else if ((flags & X500DistinguishedNameFlags.UseNewLines) == X500DistinguishedNameFlags.UseNewLines)
|
|
|
a359fa |
+ // Explicit UseCommas has preference over explicit UseNewLines.
|
|
|
a359fa |
+ else if ((flags & (X500DistinguishedNameFlags.UseNewLines | X500DistinguishedNameFlags.UseCommas)) == X500DistinguishedNameFlags.UseNewLines)
|
|
|
a359fa |
{
|
|
|
a359fa |
dnSeparator = Environment.NewLine;
|
|
|
a359fa |
}
|
|
|
a359fa |
@@ -73,7 +74,7 @@ namespace Internal.Cryptography.Pal
|
|
|
a359fa |
quoteIfNeeded,
|
|
|
a359fa |
dnSeparator,
|
|
|
a359fa |
multiValueSparator,
|
|
|
a359fa |
- addTrailingDelimieter);
|
|
|
a359fa |
+ addTrailingDelimiter);
|
|
|
a359fa |
}
|
|
|
a359fa |
catch (CryptographicException)
|
|
|
a359fa |
{
|
|
|
a359fa |
diff --git a/src/System.Security.Cryptography.X509Certificates/src/System.Security.Cryptography.X509Certificates.csproj b/src/System.Security.Cryptography.X509Certificates/src/System.Security.Cryptography.X509Certificates.csproj
|
|
|
a359fa |
index 20b0328943..3bdef009b9 100644
|
|
|
a359fa |
--- a/src/System.Security.Cryptography.X509Certificates/src/System.Security.Cryptography.X509Certificates.csproj
|
|
|
a359fa |
+++ b/src/System.Security.Cryptography.X509Certificates/src/System.Security.Cryptography.X509Certificates.csproj
|
|
|
a359fa |
@@ -169,7 +169,6 @@
|
|
|
a359fa |
<Compile Include="Internal\Cryptography\Pal.Unix\PkcsFormatReader.cs" />
|
|
|
a359fa |
<Compile Include="Internal\Cryptography\Pal.Unix\SingleCertLoader.cs" />
|
|
|
a359fa |
<Compile Include="Internal\Cryptography\Pal.Unix\StorePal.cs" />
|
|
|
a359fa |
- <Compile Include="Internal\Cryptography\Pal.Unix\X500NameEncoder.OpenSslDecode.cs" />
|
|
|
a359fa |
<Compile Include="Internal\Cryptography\Pal.Unix\X509Pal.cs" />
|
|
|
a359fa |
<Compile Include="Internal\Cryptography\Pal.Unix\X509Persistence.cs" />
|
|
|
a359fa |
<Compile Include="$(CommonPath)\Interop\Unix\Interop.Libraries.cs">
|
|
|
a359fa |
@@ -223,9 +222,6 @@
|
|
|
a359fa |
<Compile Include="$(CommonPath)\Interop\Unix\System.Security.Cryptography.Native\Interop.X509Name.cs">
|
|
|
a359fa |
<Link>Common\Interop\Unix\System.Security.Cryptography.Native\Interop.X509Name.cs</Link>
|
|
|
a359fa |
</Compile>
|
|
|
a359fa |
- <Compile Include="$(CommonPath)\Interop\Unix\System.Security.Cryptography.Native\Interop.X509NameEntry.cs">
|
|
|
a359fa |
- <Link>Common\Interop\Unix\System.Security.Cryptography.Native\Interop.X509NameEntry.cs</Link>
|
|
|
a359fa |
- </Compile>
|
|
|
a359fa |
<Compile Include="$(CommonPath)\Interop\Unix\System.Security.Cryptography.Native\Interop.X509Stack.cs">
|
|
|
a359fa |
<Link>Common\Interop\Unix\System.Security.Cryptography.Native\Interop.X509Stack.cs</Link>
|
|
|
a359fa |
</Compile>
|
|
|
a359fa |
@@ -274,9 +270,6 @@
|
|
|
a359fa |
<Compile Include="$(CommonPath)\Microsoft\Win32\SafeHandles\SafeX509Handles.Unix.cs">
|
|
|
a359fa |
<Link>Common\Microsoft\Win32\SafeHandles\SafeX509Handles.Unix.cs</Link>
|
|
|
a359fa |
</Compile>
|
|
|
a359fa |
- <Compile Include="$(CommonPath)\Microsoft\Win32\SafeHandles\SafeX509NameHandle.Unix.cs">
|
|
|
a359fa |
- <Link>Common\Microsoft\Win32\SafeHandles\SafeX509NameHandle.Unix.cs</Link>
|
|
|
a359fa |
- </Compile>
|
|
|
a359fa |
<Compile Include="$(CommonPath)\Microsoft\Win32\SafeHandles\X509ExtensionSafeHandles.Unix.cs">
|
|
|
a359fa |
<Link>Common\Microsoft\Win32\SafeHandles\X509ExtensionSafeHandles.Unix.cs</Link>
|
|
|
a359fa |
</Compile>
|
|
|
a359fa |
@@ -390,7 +383,6 @@
|
|
|
a359fa |
<Compile Include="Internal\Cryptography\Pal.OSX\StorePal.ExportPal.cs" />
|
|
|
a359fa |
<Compile Include="Internal\Cryptography\Pal.OSX\StorePal.LoaderPal.cs" />
|
|
|
a359fa |
<Compile Include="Internal\Cryptography\Pal.OSX\X509Pal.cs" />
|
|
|
a359fa |
- <Compile Include="Internal\Cryptography\Pal.Unix\X500NameEncoder.ManagedDecode.cs" />
|
|
|
a359fa |
</ItemGroup>
|
|
|
a359fa |
<ItemGroup Condition=" '$(TargetsUnix)' == 'true'">
|
|
|
a359fa |
<Compile Include="Internal\Cryptography\Pal.Unix\CertificatePolicy.cs" />
|
|
|
a359fa |
@@ -398,6 +390,7 @@
|
|
|
a359fa |
<Compile Include="Internal\Cryptography\Pal.Unix\ManagedCertificateFinder.cs" />
|
|
|
a359fa |
<Compile Include="Internal\Cryptography\Pal.Unix\ManagedX509ExtensionProcessor.cs" />
|
|
|
a359fa |
<Compile Include="Internal\Cryptography\Pal.Unix\X500NameEncoder.cs" />
|
|
|
a359fa |
+ <Compile Include="Internal\Cryptography\Pal.Unix\X500NameEncoder.ManagedDecode.cs" />
|
|
|
a359fa |
</ItemGroup>
|
|
|
a359fa |
<ItemGroup>
|
|
|
a359fa |
<Reference Include="System.Buffers" />
|
|
|
a359fa |
@@ -417,6 +410,7 @@
|
|
|
a359fa |
<Reference Include="System.Security.Cryptography.Algorithms" />
|
|
|
a359fa |
<Reference Include="System.Security.Cryptography.Encoding" />
|
|
|
a359fa |
<Reference Include="System.Security.Cryptography.Primitives" />
|
|
|
a359fa |
+ <Reference Include="System.Text.Encoding.Extensions" />
|
|
|
a359fa |
<Reference Include="System.Threading" />
|
|
|
a359fa |
</ItemGroup>
|
|
|
a359fa |
<ItemGroup Condition="'$(TargetsWindows)' == 'true'">
|
|
|
a359fa |
diff --git a/src/System.Security.Cryptography.X509Certificates/tests/X500DistinguishedNameTests.cs b/src/System.Security.Cryptography.X509Certificates/tests/X500DistinguishedNameTests.cs
|
|
|
a359fa |
index 027823ffbd..95ac1ed519 100644
|
|
|
a359fa |
--- a/src/System.Security.Cryptography.X509Certificates/tests/X500DistinguishedNameTests.cs
|
|
|
a359fa |
+++ b/src/System.Security.Cryptography.X509Certificates/tests/X500DistinguishedNameTests.cs
|
|
|
a359fa |
@@ -126,6 +126,16 @@ namespace System.Security.Cryptography.X509Certificates.Tests
|
|
|
a359fa |
|
|
|
a359fa |
Assert.Equal(notQuoted, dn.Decode(X500DistinguishedNameFlags.DoNotUseQuotes));
|
|
|
a359fa |
}
|
|
|
a359fa |
+
|
|
|
a359fa |
+ [Theory]
|
|
|
a359fa |
+ [MemberData(nameof(T61Cases))]
|
|
|
a359fa |
+ public static void T61Strings(string expected, string hexEncoded)
|
|
|
a359fa |
+ {
|
|
|
a359fa |
+ byte[] encoded = hexEncoded.HexToByteArray();
|
|
|
a359fa |
+ X500DistinguishedName dn = new X500DistinguishedName(encoded);
|
|
|
a359fa |
+
|
|
|
a359fa |
+ Assert.Equal(expected, dn.Name);
|
|
|
a359fa |
+ }
|
|
|
a359fa |
|
|
|
a359fa |
[Fact]
|
|
|
a359fa |
public static void PrintComplexReversed()
|
|
|
a359fa |
@@ -158,6 +168,22 @@ namespace System.Security.Cryptography.X509Certificates.Tests
|
|
|
a359fa |
Assert.EndsWith(expected, dn.Decode(X500DistinguishedNameFlags.None), StringComparison.Ordinal);
|
|
|
a359fa |
}
|
|
|
a359fa |
|
|
|
a359fa |
+ [Fact]
|
|
|
a359fa |
+ public static void EdgeCaseEmptyFormat()
|
|
|
a359fa |
+ {
|
|
|
a359fa |
+ X500DistinguishedName dn = new X500DistinguishedName("");
|
|
|
a359fa |
+ Assert.Equal(String.Empty, dn.Format(true));
|
|
|
a359fa |
+ Assert.Equal(String.Empty, dn.Format(false));
|
|
|
a359fa |
+ }
|
|
|
a359fa |
+
|
|
|
a359fa |
+ [Fact]
|
|
|
a359fa |
+ public static void EdgeCaseUseCommaAndNewLines()
|
|
|
a359fa |
+ {
|
|
|
a359fa |
+ const string rname = "C=US, O=\"RSA Data Security, Inc.\", OU=Secure Server Certification Authority";
|
|
|
a359fa |
+ X500DistinguishedName dn = new X500DistinguishedName(rname, X500DistinguishedNameFlags.None);
|
|
|
a359fa |
+ Assert.Equal(rname, dn.Decode(X500DistinguishedNameFlags.UseCommas | X500DistinguishedNameFlags.UseNewLines));
|
|
|
a359fa |
+ }
|
|
|
a359fa |
+
|
|
|
a359fa |
public static readonly object[][] WhitespaceBeforeCases =
|
|
|
a359fa |
{
|
|
|
a359fa |
// Regular space.
|
|
|
a359fa |
@@ -386,6 +412,49 @@ namespace System.Security.Cryptography.X509Certificates.Tests
|
|
|
a359fa |
},
|
|
|
a359fa |
};
|
|
|
a359fa |
|
|
|
a359fa |
+ public static readonly object[][] T61Cases =
|
|
|
a359fa |
+ {
|
|
|
a359fa |
+ // https://github.com/dotnet/corefx/issues/27466
|
|
|
a359fa |
+ new object[]
|
|
|
a359fa |
+ {
|
|
|
a359fa |
+ "CN=GrapeCity inc., OU=Tools Development, O=GrapeCity inc., " +
|
|
|
a359fa |
+ "L=Sendai Izumi-ku, S=Miyagi, C=JP",
|
|
|
a359fa |
+ "308186310b3009060355040613024a50310f300d060355040813064d69796167" +
|
|
|
a359fa |
+ "69311830160603550407130f53656e64616920497a756d692d6b753117301506" +
|
|
|
a359fa |
+ "0355040a140e47726170654369747920696e632e311a3018060355040b141154" +
|
|
|
a359fa |
+ "6f6f6c7320446576656c6f706d656e74311730150603550403140e4772617065" +
|
|
|
a359fa |
+ "4369747920696e632e"
|
|
|
a359fa |
+ },
|
|
|
a359fa |
+
|
|
|
a359fa |
+ // Mono test case taken from old bug report
|
|
|
a359fa |
+ new object[]
|
|
|
a359fa |
+ {
|
|
|
a359fa |
+ "SERIALNUMBER=CVR:13471967-UID:121212121212, E=vhm@use.test.dk, " +
|
|
|
a359fa |
+ "CN=Hedeby's M\u00f8belhandel - Salgsafdelingen, " +
|
|
|
a359fa |
+ "O=Hedeby's M\u00f8belhandel // CVR:13471967, C=DK",
|
|
|
a359fa |
+ "3081B5310B300906035504061302444B312D302B060355040A14244865646562" +
|
|
|
a359fa |
+ "792773204DF862656C68616E64656C202F2F204356523A313334373139363731" +
|
|
|
a359fa |
+ "2F302D060355040314264865646562792773204DF862656C68616E64656C202D" +
|
|
|
a359fa |
+ "2053616C6773616664656C696E67656E311E301C06092A864886F70D01090116" +
|
|
|
a359fa |
+ "0F76686D407573652E746573742E646B312630240603550405131D4356523A31" +
|
|
|
a359fa |
+ "333437313936372D5549443A313231323132313231323132"
|
|
|
a359fa |
+ },
|
|
|
a359fa |
+
|
|
|
a359fa |
+ // Valid UTF-8 string is interpreted as UTF-8
|
|
|
a359fa |
+ new object[]
|
|
|
a359fa |
+ {
|
|
|
a359fa |
+ "C=\u00a2",
|
|
|
a359fa |
+ "300D310B300906035504061402C2A2"
|
|
|
a359fa |
+ },
|
|
|
a359fa |
+
|
|
|
a359fa |
+ // Invalid UTF-8 string with valid UTF-8 sequence is interpreted as ISO 8859-1
|
|
|
a359fa |
+ new object[]
|
|
|
a359fa |
+ {
|
|
|
a359fa |
+ "L=\u00c2\u00a2\u00f8",
|
|
|
a359fa |
+ "300E310C300A06035504071403C2A2F8"
|
|
|
a359fa |
+ },
|
|
|
a359fa |
+ };
|
|
|
a359fa |
+
|
|
|
a359fa |
private const string MicrosoftDotComSubject =
|
|
|
a359fa |
"3082010F31133011060B2B0601040182373C02010313025553311B3019060B2B" +
|
|
|
a359fa |
"0601040182373C0201020C0A57617368696E67746F6E311D301B060355040F13" +
|
|
|
a359fa |
--
|
|
|
a359fa |
2.20.1
|
|
|
a359fa |
|