public void SignHashWithTcpTimeoutAndBufferSizeTest()
{
uint requestTimeout = 9000;
uint bufferSize = 1024;
TcpKsiSigningServiceProtocol protocol = new TcpKsiSigningServiceProtocol(
IPAddress.Parse(Settings.Default.TcpExtendingServiceIp),
Settings.Default.TcpSigningServicePort,
requestTimeout,
bufferSize);
HttpKsiServiceProtocol publicationsFileProtocol = new HttpKsiServiceProtocol(
null,
null,
Settings.Default.HttpPublicationsFileUrl);
Ksi ksi = new Ksi(new KsiService(
protocol,
new ServiceCredentials(Settings.Default.HttpSigningServiceUser, Settings.Default.HttpSigningServicePass,
TestUtil.GetHashAlgorithm(Settings.Default.HttpSigningServiceHmacAlgorithm)),
null, null, publicationsFileProtocol,
new PublicationsFileFactory(
new PkiTrustStoreProvider(new X509Store(StoreName.Root), CryptoTestFactory.CreateCertificateSubjectRdnSelector("[email protected]")))));
VerificationResult verificationResult = SignHash(ksi);
Assert.AreEqual(VerificationResultCode.Ok, verificationResult.ResultCode, "Signature should verify with key based policy");
}
public void HttpKsiServiceProtocolEndGetPublicationsFileInvalidAsyncResultTest()
{
HttpKsiServiceProtocol protocol = new HttpKsiServiceProtocol(null, null, null);
KsiServiceProtocolException ex = Assert.Throws <KsiServiceProtocolException>(delegate
{
protocol.EndGetPublicationsFile(new TestAsyncResult());
});
Assert.That(ex.Message.StartsWith("Invalid IAsyncResult"), "Unexpected exception message: " + ex.Message);
}
public void BeginSignWithHashNullTest()
{
HttpKsiServiceProtocol protocol = new HttpKsiServiceProtocol("service-url", null, null);
ArgumentNullException ex = Assert.Throws <ArgumentNullException>(delegate
{
protocol.BeginSign(null, 1, null, null);
});
Assert.AreEqual("data", ex.ParamName);
}
static KsiSamples()
{
// The end point URL of the Aggregation service, needed for signing, e.g. http://host.net:8080/gt-signingservice.
string signingServiceUrl = Settings.Default.HttpSigningServiceUrl;
// The end point URL of the Extender service, needed for extending signature, e.g. *http://host.net:8081/gt-extendingservice
string extendingServiceUrl = Settings.Default.HttpExtendingServiceUrl;
// The publications file URL, needed for signature verification, e.g. http://verify.guardtime.com/ksi-publications.bin
string publicationsFileUrl = Settings.Default.HttpPublicationsFileUrl;
// The credentials to access the KSI signing service
ServiceCredentials signingServiceCredentials =
new ServiceCredentials(Settings.Default.HttpSigningServiceUser, Settings.Default.HttpSigningServicePass);
// The credentials to access the KSI extending service
ServiceCredentials extendingServiceCredentials =
new ServiceCredentials(Settings.Default.HttpExtendingServiceUser, Settings.Default.HttpExtendingServicePass);
HttpKsiServiceProtocol ksiServiceProtocol = new HttpKsiServiceProtocol(signingServiceUrl,
extendingServiceUrl, publicationsFileUrl);
// Certificate selector, used to filter which certificates are trusted when verifying the RSA signature.
// We only trust certificates, that have issued to the particular e-mail address
CertificateSubjectRdnSelector = new CertificateSubjectRdnSelector("[email protected]");
// This is the KSI context which holds the references to the Aggregation service, Extender
// service and other configuration data to perform the various operations.
KsiService =
new KsiService(
ksiServiceProtocol,
signingServiceCredentials,
ksiServiceProtocol,
extendingServiceCredentials,
ksiServiceProtocol,
new PublicationsFileFactory(new PkiTrustStoreProvider(new X509Store(StoreName.Root), CertificateSubjectRdnSelector)));
Ksi = new KSI.Ksi(GetKsiService());
// Set crypto provider to be used. Currently MicrosoftCryptoProvider and BouncyCastleCryptoProvider are available.
KsiProvider.SetCryptoProvider(new MicrosoftCryptoProvider());
}
