Fix FindBySubjectName to find anything in the subject name (except th…

…e oid acronyms). Fix bug mono#3897
yeonwoonj · Mar 23, 2012 · f805fe6 · f805fe6
1 parent c5cdb79
commit f805fe6
Show file tree

Hide file tree

Showing 2 changed files with 53 additions and 3 deletions.
diff --git a/mcs/class/System/System.Security.Cryptography.X509Certificates/X509Certificate2Collection.cs b/mcs/class/System/System.Security.Cryptography.X509Certificates/X509Certificate2Collection.cs
@@ -148,6 +148,8 @@ public byte[] Export (X509ContentType contentType, string password)
 			return null;
 		}
 
+		static string[] newline_split = new string[] { Environment.NewLine };
+
 		[MonoTODO ("Does not support X509FindType.FindByTemplateName, FindByApplicationPolicy and FindByCertificatePolicy")]
 		public X509Certificate2Collection Find (X509FindType findType, object findValue, bool validOnly) 
 		{
@@ -238,8 +240,13 @@ public X509Certificate2Collection Find (X509FindType findType, object findValue,
 						(String.Compare (str, x.GetCertHashString (), true, cinv) == 0));
 					break;
 				case X509FindType.FindBySubjectName:
-					string sname = x.GetNameInfo (X509NameType.SimpleName, false);
-					value_match = (sname.IndexOf (str, StringComparison.InvariantCultureIgnoreCase) >= 0);
+					string [] names = x.SubjectName.Format (true).Split (newline_split, StringSplitOptions.RemoveEmptyEntries);
+					foreach (string name in names) {
+						int pos = name.IndexOf ('=');
+						value_match = (name.IndexOf (str, pos, StringComparison.InvariantCultureIgnoreCase) >= 0);
+						if (value_match)
+							break;
+					}
 					break;
 				case X509FindType.FindBySubjectDistinguishedName:
 					value_match = (String.Compare (str, x.Subject, true, cinv) == 0);

diff --git a/...stem/Test/System.Security.Cryptography.X509Certificates/X509Certificate2CollectionTest.cs b/...stem/Test/System.Security.Cryptography.X509Certificates/X509Certificate2CollectionTest.cs
@@ -2,8 +2,9 @@
 // X509CertificateCollection2Test.cs 
 //	- NUnit tests for X509CertificateCollection2
 //
-// Author:
+// Authors:
 //	Sebastien Pouliot  <sebastien@ximian.com>
+//	David Ferguson  <davecferguson@gmail.com>
 //
 // Copyright (C) 2006 Novell, Inc (http://www.novell.com)
 //
@@ -895,6 +896,48 @@ public void MixedCollection_Enumerator ()
 				Assert.IsTrue ((o is X509Certificate), "X509Certificate");
 			}
 		}
+
+		[Test]
+		public void X509Certificate2CollectionFindBySubjectName_Test ()
+		{
+			// Created with mono makecert
+			// makecert -n "O=Root, CN=MyCNName, T=SomeElse" -r <filename>
+			const string Cert = "MIIB6zCCAVSgAwIBAgIQEshQw4bf1kSsYsUoLCjlpTANBgkqhkiG9w0BAQUFADA1MQ0wCwYDVQQKEwRSb290MREwDwYDVQQDEwhNeUNOTmFtZTERMA8GA1UEDBMIU29tZUVsc2UwHhcNMTIwMzE1MTUzNjE0WhcNMzkxMjMxMjM1OTU5WjA1MQ0wCwYDVQQKEwRSb290MREwDwYDVQQDEwhNeUNOTmFtZTERMA8GA1UEDBMIU29tZUVsc2UwgZ0wDQYJKoZIhvcNAQEBBQADgYsAMIGHAoGBAI8A3ay+oRKRBAD4oojA2s4feHBHn5OafJ+Vxap7wsd3IF/qBrXdnFLxfvLltCSZDarajwTjxX2rhT7Q0hm3Yyy6DnyaMoL8u//c6HCv47SFNJ4JEgu2WP9M/xNU2m+JiABX+K/nwoWfE1VIYueJWL9ftCBOG099QBCsCrpdFUcbAgERMA0GCSqGSIb3DQEBBQUAA4GBAHV+uMPliZPhfLdcMGIbYQnWY2m4YrU/IvqZK4HTKyzG/heAp7+OvkGiC0YJHtvWehgZUV9ukVEbl93rCKmXlb6BuPgN60U1iLYJQ9nAVHm7fRoAjvjDj3CGFtmYb81sYu8sc5GHqsCbvTKHwW/x2O3uLJBM5ApDlcczmgdm8xqQ";
+
+			var cerBytes = Convert.FromBase64String (Cert);
+			var cert = new X509Certificate2 (cerBytes);
+			var collection = new X509Certificate2Collection ();
+
+			var found = collection.Find (X509FindType.FindBySubjectName, "SomeElse", false);
+			Assert.IsEmpty (found, "empty");
+
+			collection.Add (cert);
+
+			collection.Find (X509FindType.FindBySubjectName, "T=SomeElse", false);
+			Assert.IsEmpty (found, "with prefix");
+
+			found = collection.Find (X509FindType.FindBySubjectName, "SomeElse", false);
+			Assert.That (found.Count == 1, "full");
+
+			found = collection.Find (X509FindType.FindBySubjectName, "Else", false);
+			Assert.That (found.Count == 1, "partial");
+
+			Assert.That (found [0].SubjectName.Name.Contains ("O=Root"));
+			Assert.That (found [0].SubjectName.Name.Contains ("T=SomeElse"));
+			Assert.That (found [0].SubjectName.Name.Contains ("CN=MyCNName"));
+			found = collection.Find (X509FindType.FindBySubjectName, "MyCNName", false);
+			Assert.IsTrue (found.Count == 1);
+			Assert.That (found [0].SubjectName.Name.Contains ("O=Root"));
+			Assert.That (found [0].SubjectName.Name.Contains ("T=SomeElse"));
+			Assert.That (found [0].SubjectName.Name.Contains ("CN=MyCNName"));
+			found = collection.Find (X509FindType.FindBySubjectName, "Root", false);
+			Assert.IsTrue (found.Count == 1);
+			Assert.That (found [0].SubjectName.Name.Contains ("O=Root"));
+			Assert.That (found [0].SubjectName.Name.Contains ("T=SomeElse"));
+			Assert.That (found [0].SubjectName.Name.Contains ("CN=MyCNName"));
+			found = collection.Find (X509FindType.FindBySubjectName, "SomeRandomStringThatDoesn'tExist", false);
+			Assert.IsEmpty (found);
+		}
 	}
 }