Beispiel #1
0
        public void setup()
        {
            AsymmetricCipherKeyPair keyPair = KeyStoreUtil.GenerateKeyPair();

            Org.BouncyCastle.X509.X509Certificate rootCertificate = KeyStoreUtil.CreateCert("CN=Root", keyPair.Public, keyPair.Private);
            AsymmetricCipherKeyPair clientKeyPair = KeyStoreUtil.GenerateKeyPair();

            Org.BouncyCastle.X509.X509Certificate clientCertificate = KeyStoreUtil.CreateCert("CN=Client", clientKeyPair.Public, clientKeyPair.Private);
            this.invalidCertChain = new List <Org.BouncyCastle.X509.X509Certificate>();
            this.invalidCertChain.Add(rootCertificate);
            this.invalidCertChain.Add(clientCertificate);
        }
Beispiel #2
0
        public void TestCreateKeyStore()
        {
            AsymmetricCipherKeyPair    keyPair    = KeyStoreUtil.GenerateKeyPair();
            RsaPrivateCrtKeyParameters RSAprivKey = (RsaPrivateCrtKeyParameters)keyPair.Private;
            RsaKeyParameters           RSApubKey  = (RsaKeyParameters)keyPair.Public;

            Org.BouncyCastle.X509.X509Certificate cert = KeyStoreUtil.CreateCert("Test", RSApubKey, RSAprivKey);
            Console.WriteLine(cert.ToString());

            string pfxPath = TEST_PFX_PATH;

            if (File.Exists(pfxPath))
            {
                pfxPath += "_old";
                if (File.Exists(pfxPath))
                {
                    File.Delete(pfxPath);
                }
            }
            FileStream fs = new FileStream(pfxPath, FileMode.CreateNew);

            KeyStoreUtil.WritePkcs12(RSAprivKey, cert, TEST_PFX_PASSWORD, fs);
            fs.Close();

            string crtPath = TEST_CRT_PATH;

            if (File.Exists(crtPath))
            {
                crtPath += "_old";
                if (File.Exists(crtPath))
                {
                    File.Delete(crtPath);
                }
            }
            FileStream certFileStream = new FileStream(crtPath, FileMode.CreateNew);

            byte[] encodedCert = cert.GetEncoded();
            certFileStream.Write(encodedCert, 0, encodedCert.Length);
            certFileStream.Close();
        }
Beispiel #3
0
        public void TestInvalidChainInvalidWSSecuritySig()
        {
            X509Certificate2 validCertificate = new X509Certificate2(WS_SECURITY_CERT);

            AsymmetricCipherKeyPair keyPair            = KeyStoreUtil.GenerateKeyPair();
            X509Certificate2        serviceCertificate =
                new X509Certificate2(DotNetUtilities.ToX509Certificate
                                         (KeyStoreUtil.CreateCert(validCertificate.Subject, keyPair.Public, keyPair.Private)));

            XkmsClient client = new XkmsClientImpl(TestXkms.TRUST_SERVICE_LOCATION);

            client.configureWSSecurity(serviceCertificate, null);
            try
            {
                client.validate("test", this.invalidCertChain);
                Assert.Fail();
            }
            catch (MessageSecurityException e)
            {
                // expected
            }
        }