private void ValidateCertButton_Click(object sender, RoutedEventArgs e)
{
if (string.IsNullOrEmpty(CertificateLocation.Text))
{
return;
}
var ms = new MemoryStream();
var textRange = new TextRange(PolicyRichTextBox.Document.ContentStart,
PolicyRichTextBox.Document.ContentEnd);
textRange.Save(ms, DataFormats.Text);
ms.Position = 0;
var cert = new X509Certificate2(CertificateLocation.Text);
ICompiler compiler = new StackMachineCompiler();
compiler.ReportModeEnabled = true;
IPolicyFilter filter = new PolicyFilter(compiler, new StackMachine(),
new SimpleTextV1LexiconPolicyParser());
var sb = new StringBuilder();
sb.Append("Validation run at ")
.AppendLine(DateTime.Now.ToString("ddd, MMM d yyyy HH:mm:ss"))
.AppendLine();
try
{
if (filter.IsCompliant(cert, ms))
{
sb.Append("Certificate is compliant with the provided policy.");
}
else
{
sb.AppendLine("Certificate is NOT compliant with the provided policy.").AppendLine();
foreach (string item in compiler.CompiliationReport)
{
sb.AppendLine(item);
}
}
}
catch (PolicyRequiredException ex)
{
sb.AppendLine("Validation Successful")
.AppendLine("Certificate is missing a required field \t")
.AppendLine(ex.Message);
}
catch (PolicyGrammarException ex)
{
sb.AppendLine("Validation Failed:")
.AppendLine("Error compiling policy\t")
.AppendLine(ex.Message);
}
catch (Exception ex)
{
sb.AppendLine("Validation Failed:")
.AppendLine("Error compiling or proccessing policy\t" + ex.Message)
.AppendLine(ex.StackTrace);
}
ValidationResults.Text = sb.ToString();
}
public Task <IList <PolicyInfoDto> > Handle(FindPoliciesQuery query, CancellationToken cancellationToken)
{
var policyFilter = new PolicyFilter
(
query.PolicyNumber,
query.PolicyHolder,
query.PolicyStartFrom,
query.PolicyStartTo,
query.CarPlateNumber
);
return(Task.FromResult(policyInfoDtoFinder.FindByFilter(policyFilter)));
/*
* using (var cn =
* new NpgsqlConnection(
* "User ID=lab_user;Password=lab_pass;Database=lab_cqrs_dotnet_demo;Host=localhost;Port=5432"))
* {
* return Task.FromResult(cn.Query<PolicyInfoDto>("select " +
* "policy_id as PolicyId," +
* "policy_number as PolicyNumber," +
* "cover_from as CoverFrom," +
* "cover_to as CoverTo," +
* "vehicle as Vehicle," +
* "policy_holder as PolicyHolder," +
* "total_premium as TotalPremiumAmount " +
* "from public.policy_info_view").ToList());
* }*/
}
public void TestTBSSerialNumber_AssertTrue()
{
using (Stream stream = "X509.TBS.SerialNumber = 00F74F1C4FE4E1762E".ToStream())
{
X509Certificate2 cert = new X509Certificate2(@"resources/certs/umesh.der");
IPolicyFilter filter = new PolicyFilter(new StackMachineCompiler(),
new SimpleTextV1LexiconPolicyParser());
filter.IsCompliant(cert, stream).Should().BeTrue();
}
using (Stream stream = "X509.TBS.SerialNumber = 00f74f1c4fe4e1762e".ToStream())
{
X509Certificate2 cert = new X509Certificate2(@"resources/certs/umesh.der");
IPolicyFilter filter = new PolicyFilter(new StackMachineCompiler(),
new SimpleTextV1LexiconPolicyParser());
filter.IsCompliant(cert, stream).Should().BeTrue();
}
using (Stream stream = "X509.TBS.SerialNumber = f74f1c4fe4e1762e".ToStream())
{
X509Certificate2 cert = new X509Certificate2(@"resources/certs/umesh.der");
IPolicyFilter filter = new PolicyFilter(new StackMachineCompiler(),
new SimpleTextV1LexiconPolicyParser());
filter.IsCompliant(cert, stream).Should().BeTrue();
}
}
public void TestTBSSerialNumber_AssertTrue()
{
using (Stream stream = "X509.TBS.SerialNumber = 00F74F1C4FE4E1762E".ToStream())
{
X509Certificate2 cert = new X509Certificate2(@"resources/certs/umesh.der");
IPolicyFilter filter = new PolicyFilter(new StackMachineCompiler(), new StackMachine(), new SimpleTextV1LexiconPolicyParser());
filter.IsCompliant(cert, stream).Should().BeTrue();
}
using (Stream stream = "X509.TBS.SerialNumber = 00f74f1c4fe4e1762e".ToStream())
{
X509Certificate2 cert = new X509Certificate2(@"resources/certs/umesh.der");
IPolicyFilter filter = new PolicyFilter(new StackMachineCompiler(), new StackMachine(),
new SimpleTextV1LexiconPolicyParser());
filter.IsCompliant(cert, stream).Should().BeTrue();
}
using (Stream stream = "X509.TBS.SerialNumber = f74f1c4fe4e1762e".ToStream())
{
X509Certificate2 cert = new X509Certificate2(@"resources/certs/umesh.der");
IPolicyFilter filter = new PolicyFilter(new StackMachineCompiler(), new StackMachine(), new SimpleTextV1LexiconPolicyParser());
filter.IsCompliant(cert, stream).Should().BeTrue();
}
}
public void TestX509SignatureAlgorithm_Equals_AssertTrue()
{
using (Stream stream = "X509.Algorithm = 1.2.840.113549.1.1.5".ToStream())
{
X509Certificate2 cert = new X509Certificate2(@"resources/certs/umesh.der");
IPolicyFilter filter = new PolicyFilter(new StackMachineCompiler(), new StackMachine(), new SimpleTextV1LexiconPolicyParser());
filter.IsCompliant(cert, stream).Should().BeTrue();
}
}
public void testCompliance_simpleTextLexicon_bitWiseOrIntegerCertValue_assertNotEquals()
{
using (Stream stream = "(X509.TBS.EXTENSION.KeyUsage | 255) != 224".ToStream())
{
var cert = new X509Certificate2(@"resources/certs/[email protected]");
IPolicyFilter filter = new PolicyFilter(new StackMachineCompiler(), new StackMachine(), new SimpleTextV1LexiconPolicyParser());
filter.IsCompliant(cert, stream).Should().BeTrue();
}
}
public void testCompliance_simpleTextLexicon_bitWiseAndIntegerCertValue_assertNotEquals()
{
using (Stream stream = "(X509.TBS.EXTENSION.KeyUsage & 200) != 224".ToStream())
{
var cert = new X509Certificate2(@"resources/certs/[email protected]");
IPolicyFilter filter = new PolicyFilter(new StackMachineCompiler(), new StackMachine(), new SimpleTextV1LexiconPolicyParser());
filter.IsCompliant(cert, stream).Should().BeTrue();
}
}
public void TestX509SignatureAlgorithm_Equals_AssertTrue()
{
using (Stream stream = "X509.Algorithm = 1.2.840.113549.1.1.5".ToStream())
{
X509Certificate2 cert = new X509Certificate2(@"resources/certs/umesh.der");
IPolicyFilter filter = new PolicyFilter(new StackMachineCompiler(), new StackMachine(), new SimpleTextV1LexiconPolicyParser());
filter.IsCompliant(cert, stream).Should().BeTrue();
}
}
public void TestExtensionAuthorityKeyIdent_KeyId_AssertTrue()
{
using (Stream stream = ("X509.TBS.EXTENSION.AuthorityKeyIdentifier.KeyId = 3aa0074b77b2493efb447de5ce6cd055085de3f0").ToStream())
{
X509Certificate2 cert = new X509Certificate2(@"resources/certs/[email protected]");
IPolicyFilter filter = new PolicyFilter(new StackMachineCompiler(),
new SimpleTextV1LexiconPolicyParser());
filter.IsCompliant(cert, stream).Should().BeTrue();
}
}
public void TestExtensionPolicy_Intersection_MultipleQueryOID_MultipleIntersection_AssertTrue()
{
using (Stream stream = ("^(X509.TBS.EXTENSION.CertificatePolicies.PolicyOIDs {}& 1.3.6.1.4.1.41179.0.1.2,1.3.6.1.4.1.41179.1.3) = 2").ToStream())
{
X509Certificate2 cert = new X509Certificate2(@"resources/certs/policyMixedQualifier.der");
IPolicyFilter filter = new PolicyFilter(new StackMachineCompiler(),
new SimpleTextV1LexiconPolicyParser());
filter.IsCompliant(cert, stream).Should().BeTrue();
}
}
public void TestExtensionPolicy_OIDS_Empty_AssertTrue()
{
using (Stream stream = ("{}X509.TBS.EXTENSION.CertificatePolicies.PolicyOIDs").ToStream())
{
X509Certificate2 cert = new X509Certificate2(@"resources/certs/umesh.der");
IPolicyFilter filter = new PolicyFilter(new StackMachineCompiler(),
new SimpleTextV1LexiconPolicyParser());
filter.IsCompliant(cert, stream).Should().BeTrue();
}
}
public void TestExtensionPolicy_PolicyURL_AssertTrue()
{
using (Stream stream = ("X509.TBS.EXTENSION.CertificatePolicies.CPSUrls {?} https://www.phicert.com/cps").ToStream())
{
X509Certificate2 cert = new X509Certificate2(@"resources/certs/policyMixedQualifier.der");
IPolicyFilter filter = new PolicyFilter(new StackMachineCompiler(),
new SimpleTextV1LexiconPolicyParser());
filter.IsCompliant(cert, stream).Should().BeTrue();
}
}
public void TestTBSPublicKeySize_AssertTrue()
{
using (Stream stream = ("X509.TBS.SubjectPublicKeyInfo.Size = 2024").ToStream())
{
X509Certificate2 cert = new X509Certificate2(@"resources/certs/umesh.der");
IPolicyFilter filter = new PolicyFilter(new StackMachineCompiler(),
new SimpleTextV1LexiconPolicyParser());
filter.IsCompliant(cert, stream).Should().BeTrue();
}
}
public void TestExtensionExtendedKeyUsage_AssertTrue()
{
using (Stream stream = ("X509.TBS.EXTENSION.ExtKeyUsageSyntax {?} 1.3.6.1.5.5.7.3.4").ToStream())
{
X509Certificate2 cert = new X509Certificate2(@"resources/certs/[email protected]");
IPolicyFilter filter = new PolicyFilter(new StackMachineCompiler(),
new SimpleTextV1LexiconPolicyParser());
filter.IsCompliant(cert, stream).Should().BeTrue();
}
}
public void TestExtensionAIA_OCSPLocation_Size_AssertTrue()
{
using (Stream stream = ("^X509.TBS.EXTENSION.AuthorityInfoAccessSyntax.OCSPLocation = 1").ToStream())
{
X509Certificate2 cert = new X509Certificate2(@"resources/certs/CernerDirectProviderCA.der");
IPolicyFilter filter = new PolicyFilter(new StackMachineCompiler(),
new SimpleTextV1LexiconPolicyParser());
filter.IsCompliant(cert, stream).Should().BeTrue();
}
}
public void TestExtensionSubjectKeyId_AssertTrue()
{
using (Stream stream = ("X509.TBS.EXTENSION.SubjectKeyIdentifier = e0f63ccfeb5ce3eef5c04efe8084c92bc628682c").ToStream())
{
X509Certificate2 cert = new X509Certificate2(@"resources/certs/[email protected]");
IPolicyFilter filter = new PolicyFilter(new StackMachineCompiler(),
new SimpleTextV1LexiconPolicyParser());
filter.IsCompliant(cert, stream).Should().BeTrue();
}
}
public void TestExtensionSubjectAltName_NotEmpty_AssertTrue()
{
using (Stream stream = ("{}!X509.TBS.EXTENSION.SubjectAltName").ToStream())
{
X509Certificate2 cert = new X509Certificate2(@"resources/certs/[email protected]");
IPolicyFilter filter = new PolicyFilter(new StackMachineCompiler(),
new SimpleTextV1LexiconPolicyParser());
filter.IsCompliant(cert, stream).Should().BeTrue();
}
}
public void testIsCompliant_missingEngine_assertException()
{
Mock<ICompiler> mockCompiler = new Mock<ICompiler>();
Mock<IPolicyExpression> mockExpression = new Mock<IPolicyExpression>();
Mock<X509Certificate2> mockCert = new Mock<X509Certificate2>();
PolicyFilter filter = new PolicyFilter(mockCompiler.Object, null);
Action action = () => filter.IsCompliant(mockCert.Object, mockExpression.Object);
action.ShouldThrow<InvalidOperationException>().WithMessage("Execution engine cannot be null");
}
public void testIsCompliant_missingComplier_assertException()
{
Mock <IPolicyExpression> mockExpression = new Mock <IPolicyExpression>();
Mock <X509Certificate2> mockCert = new Mock <X509Certificate2>();
PolicyFilter filter = new PolicyFilter(null, null);
Action action = () => filter.IsCompliant(mockCert.Object, mockExpression.Object);
action.ShouldThrow <InvalidOperationException>().WithMessage("Compiler cannot be null");
}
public void TestExtensionBasicContraint_CA_AssertTrue()
{
using (Stream stream = ("X509.TBS.EXTENSION.BasicConstraints.CA = true").ToStream())
{
X509Certificate2 cert = new X509Certificate2(@"resources/certs/CernerDirect DevCert Provider CA.der");
IPolicyFilter filter = new PolicyFilter(new StackMachineCompiler(),
new SimpleTextV1LexiconPolicyParser());
filter.IsCompliant(cert, stream).Should().BeTrue();
}
}
public void testIsCompliant_engineReturnsCompliant_assertTrue()
{
Mock<ICompiler> mockCompiler = new Mock<ICompiler>();
Mock<IExecutionEngine> mockEngine = new Mock<IExecutionEngine>();
Mock<IPolicyExpression> mockExpression = new Mock<IPolicyExpression>();
Mock<X509Certificate2> mockCert = new Mock<X509Certificate2>();
mockEngine.Setup(e => e.Evaluate(It.IsAny<IList<IOpCode>>())).Returns(true);
PolicyFilter filter = new PolicyFilter(mockCompiler.Object, mockEngine.Object);
filter.IsCompliant(mockCert.Object, mockExpression.Object);
}
public void TestTBSSubject_AssertTrue_WithState_ST()
{
using (Stream stream = ("(X509.TBS.Subject.CN {?} umesh) && (X509.TBS.Subject.C {?} US) && (X509.TBS.Subject.ST {?} Missouri) " +
" && (X509.TBS.Subject.E {?} [email protected]) && (X509.TBS.Subject.OU {?} Medical Informatics)").ToStream())
{
X509Certificate2 cert = new X509Certificate2(@"resources/certs/umesh.der");
IPolicyFilter filter = new PolicyFilter(new StackMachineCompiler(),
new SimpleTextV1LexiconPolicyParser());
filter.IsCompliant(cert, stream).Should().BeTrue();
}
}
public void TestExtensionAIA_URL_Caissues_AssertTrue()
{
using (Stream stream = ("X509.TBS.EXTENSION.AuthorityInfoAccessSyntax.Url " +
"{?} caIssuers:http://ca.cerner.com/public/root.der").ToStream())
{
X509Certificate2 cert = new X509Certificate2(@"resources/certs/CernerDirectProviderCA.der");
IPolicyFilter filter = new PolicyFilter(new StackMachineCompiler(),
new SimpleTextV1LexiconPolicyParser());
filter.IsCompliant(cert, stream).Should().BeTrue();
}
}
public void TestTBSIssuer_AssertTrue_WithState_S()
{
using (Stream stream = ("(X509.TBS.Issuer.CN {?} SimpleInterop) && (X509.TBS.Issuer.C {?} US) && (X509.TBS.Issuer.S {?} Missouri) " +
" && (X509.TBS.Issuer.E {?} [email protected]) && (X509.TBS.Issuer.OU {?} Medical Informatics)").ToStream())
{
X509Certificate2 cert = new X509Certificate2(@"resources/certs/umesh.der");
IPolicyFilter filter = new PolicyFilter(new StackMachineCompiler(),
new SimpleTextV1LexiconPolicyParser());
filter.IsCompliant(cert, stream).Should().BeTrue();
}
}
public void TestTBSIssuer_AssertTrue_WithState_ST()
{
using (Stream stream = ("(X509.TBS.Issuer.CN {?} SimpleInterop) && (X509.TBS.Issuer.C {?} US) && (X509.TBS.Issuer.ST {?} Missouri) " +
" && (X509.TBS.Issuer.E {?} [email protected]) && (X509.TBS.Issuer.OU {?} Medical Informatics)").ToStream())
{
X509Certificate2 cert = new X509Certificate2(@"resources/certs/umesh.der");
IPolicyFilter filter = new PolicyFilter(new StackMachineCompiler(), new StackMachine(),
new SimpleTextV1LexiconPolicyParser());
filter.IsCompliant(cert, stream).Should().BeTrue();
}
}
public void testIsCompliant_engineReturnsCompliant_assertTrue()
{
Mock <ICompiler> mockCompiler = new Mock <ICompiler>();
Mock <IExecutionEngine> mockEngine = new Mock <IExecutionEngine>();
Mock <IPolicyExpression> mockExpression = new Mock <IPolicyExpression>();
Mock <X509Certificate2> mockCert = new Mock <X509Certificate2>();
mockEngine.Setup(e => e.Evaluate(It.IsAny <IList <IOpCode> >())).Returns(true);
PolicyFilter filter = new PolicyFilter(mockCompiler.Object, mockEngine.Object);
filter.IsCompliant(mockCert.Object, mockExpression.Object);
}
public void testIsCompliant_parse_engineReturnsCompliant_assertTrue()
{
using (Stream stream = File.OpenRead("./resources/policies/dataEnciphermentOnlyRequired.xml"))
{
Mock <ICompiler> mockCompiler = new Mock <ICompiler>();
Mock <IExecutionEngine> mockEngine = new Mock <IExecutionEngine>();
Mock <X509Certificate2> mockCert = new Mock <X509Certificate2>();
mockEngine.Setup(e => e.Evaluate(It.IsAny <IList <IOpCode> >())).Returns(true);
PolicyFilter filter = new PolicyFilter(mockCompiler.Object, new XMLLexiconPolicyParser());
filter.IsCompliant(mockCert.Object, stream);
}
}
public void testIsCompliant_parse_engineReturnsCompliant_assertTrue()
{
using (Stream stream = File.OpenRead("./resources/policies/dataEnciphermentOnlyRequired.xml"))
{
Mock<ICompiler> mockCompiler = new Mock<ICompiler>();
Mock<IExecutionEngine> mockEngine = new Mock<IExecutionEngine>();
Mock<X509Certificate2> mockCert = new Mock<X509Certificate2>();
mockEngine.Setup(e => e.Evaluate(It.IsAny<IList<IOpCode>>())).Returns(true);
PolicyFilter filter = new PolicyFilter(mockCompiler.Object, mockEngine.Object, new XMLLexiconPolicyParser());
filter.IsCompliant(mockCert.Object, stream);
}
}
public List <PolicyInfoDto> SearchPolicies(SearchPolicyRequest request)
{
var policyFilter = new PolicyFilter
(
request.PolicyNumber,
request.PolicyHolderFirstName,
request.PolicyHolderLastName,
request.PolicyStartFrom,
request.PolicyStartTo,
request.CarPlateNumber
);
var results = dataStore.Policies.Find(policyFilter);
return(results
.Select(p => PolicyInfoDtoAssembler.AssemblePolicyInfoDto(p, p.CurrentVersion))
.ToList());
}
public IList <Policy> Find(PolicyFilter filter)
{
var query = dbContext.Policies.AsQueryable();
if (filter.PolicyNumber.NotBlank())
{
query = query.Where(p => p.Number == filter.PolicyNumber);
}
if (filter.CarPlateNumber.NotBlank())
{
query = query.Where(p => p.CurrentVersion.Car.PlateNumber == filter.CarPlateNumber);
}
if (filter.PolicyHolderFirstName.NotBlank())
{
query = query.Where(p => p.CurrentVersion.PolicyHolder.FirstName == filter.PolicyHolderFirstName);
}
if (filter.PolicyHolderLastName.NotBlank())
{
query = query.Where(p => p.CurrentVersion.PolicyHolder.LastName == filter.PolicyHolderLastName);
}
if (filter.PolicyStartDateFrom.HasValue)
{
query = query.Where(p => p.CurrentVersion.CoverPeriod.ValidFrom >= filter.PolicyStartDateFrom.Value);
}
if (filter.PolicyStartDateTo.HasValue)
{
query = query.Where(p => p.CurrentVersion.CoverPeriod.ValidFrom <= filter.PolicyStartDateTo.Value);
}
query = query
.Include(p => p.Product)
.Include(p => p.Versions)
.ThenInclude(pv => pv.Covers)
.ThenInclude(c => c.Cover);
return(query.ToList());
}
public MockServerProcessor(
PathValidationFilter <ProcessMessagePort> pathValidationFilter,
QueryMatchFilter <ProcessMessagePort> queryMatchFilter,
EndpointMatchFilter <ProcessMessagePort> endpointMatchFilter,
BodyMatchFilter <ProcessMessagePort> bodyMatchFilter,
HeaderMatchFilter <ProcessMessagePort> headerMatchFilter,
UrlMatchFilter <ProcessMessagePort> urlMatchFilter,
ResponseSelectorFilter <ProcessMessagePort> responseSelectorFilter,
PolicyFilter <ProcessMessagePort> policyFilter
)
{
this.pathValidationFilter = pathValidationFilter;
this.queryMatchFilter = queryMatchFilter;
this.endpointMatchFilter = endpointMatchFilter;
this.bodyMatchFilter = bodyMatchFilter;
this.blockFactory = new SyncBlockFactory(this.cancellationTokenSource);
this.headerMatchFilter = headerMatchFilter;
this.urlMatchFilter = urlMatchFilter;
this.responseSelectorFilter = responseSelectorFilter;
this.policyFilter = policyFilter;
}
public void TestExtensionPolicy_Intersection_MultipleQueryOID_MultipleIntersection_AssertTrue()
{
using (Stream stream = ("^(X509.TBS.EXTENSION.CertificatePolicies.PolicyOIDs {}& 1.3.6.1.4.1.41179.0.1.2,1.3.6.1.4.1.41179.1.3) = 2").ToStream())
{
X509Certificate2 cert = new X509Certificate2(@"resources/certs/policyMixedQualifier.der");
IPolicyFilter filter = new PolicyFilter(new StackMachineCompiler(), new StackMachine(),
new SimpleTextV1LexiconPolicyParser());
filter.IsCompliant(cert, stream).Should().BeTrue();
}
}
public void TestTBSSubject_AssertTrue_WithState_ST()
{
using (Stream stream = ("(X509.TBS.Subject.CN {?} umesh) && (X509.TBS.Subject.C {?} US) && (X509.TBS.Subject.ST {?} Missouri) " +
" && (X509.TBS.Subject.E {?} [email protected]) && (X509.TBS.Subject.OU {?} Medical Informatics)").ToStream())
{
X509Certificate2 cert = new X509Certificate2(@"resources/certs/umesh.der");
IPolicyFilter filter = new PolicyFilter(new StackMachineCompiler(), new StackMachine(),
new SimpleTextV1LexiconPolicyParser());
filter.IsCompliant(cert, stream).Should().BeTrue();
}
}
private void ValidateCertButton_Click(object sender, RoutedEventArgs e)
{
if (string.IsNullOrEmpty(CertificateLocation.Text))
{
return;
}
var ms = new MemoryStream();
var textRange = new TextRange(PolicyRichTextBox.Document.ContentStart,
PolicyRichTextBox.Document.ContentEnd);
textRange.Save(ms, DataFormats.Text);
ms.Position = 0;
var cert = new X509Certificate2(CertificateLocation.Text);
ICompiler compiler = new StackMachineCompiler();
compiler.ReportModeEnabled = true;
IPolicyFilter filter = new PolicyFilter(compiler, new StackMachine(),
new SimpleTextV1LexiconPolicyParser());
var sb = new StringBuilder();
sb.Append("Validation run at ")
.AppendLine(DateTime.Now.ToString("ddd, MMM d yyyy HH:mm:ss"))
.AppendLine();
try
{
if (filter.IsCompliant(cert, ms))
{
sb.Append("Certificate is compliant with the provided policy.");
}
else
{
sb.AppendLine("Certificate is NOT compliant with the provided policy.").AppendLine();
foreach (string item in compiler.CompiliationReport)
{
sb.AppendLine(item);
}
}
}
catch (PolicyRequiredException ex)
{
sb.AppendLine("Validation Successful")
.AppendLine("Certificate is missing a required field \t")
.AppendLine(ex.Message);
}
catch (PolicyGrammarException ex)
{
sb.AppendLine("Validation Failed:")
.AppendLine("Error compiling policy\t")
.AppendLine(ex.Message);
}
catch (Exception ex)
{
sb.AppendLine("Validation Failed:")
.AppendLine("Error compiling or proccessing policy\t" + ex.Message)
.AppendLine(ex.StackTrace);
}
ValidationResults.Text = sb.ToString();
}
public void TestTBSPublicKeySize_AssertTrue()
{
using (Stream stream = ("X509.TBS.SubjectPublicKeyInfo.Size = 2024").ToStream())
{
X509Certificate2 cert = new X509Certificate2(@"resources/certs/umesh.der");
IPolicyFilter filter = new PolicyFilter(new StackMachineCompiler(), new StackMachine(),
new SimpleTextV1LexiconPolicyParser());
filter.IsCompliant(cert, stream).Should().BeTrue();
}
}
public void TestExtensionAIA_URL_Caissues_AssertTrue()
{
using (Stream stream = ("X509.TBS.EXTENSION.AuthorityInfoAccessSyntax.Url " +
"{?} caIssuers:http://ca.cerner.com/public/root.der").ToStream())
{
X509Certificate2 cert = new X509Certificate2(@"resources/certs/CernerDirectProviderCA.der");
IPolicyFilter filter = new PolicyFilter(new StackMachineCompiler(), new StackMachine(),
new SimpleTextV1LexiconPolicyParser());
filter.IsCompliant(cert, stream).Should().BeTrue();
}
}
public void TestExtensionSubjectKeyId_AssertTrue()
{
using (Stream stream = ("X509.TBS.EXTENSION.SubjectKeyIdentifier = e0f63ccfeb5ce3eef5c04efe8084c92bc628682c").ToStream())
{
X509Certificate2 cert = new X509Certificate2(@"resources/certs/[email protected]");
IPolicyFilter filter = new PolicyFilter(new StackMachineCompiler(), new StackMachine(),
new SimpleTextV1LexiconPolicyParser());
filter.IsCompliant(cert, stream).Should().BeTrue();
}
}
public void TestExtensionSubjectAltName_NotEmpty_AssertTrue()
{
using (Stream stream = ("{}!X509.TBS.EXTENSION.SubjectAltName").ToStream())
{
X509Certificate2 cert = new X509Certificate2(@"resources/certs/[email protected]");
IPolicyFilter filter = new PolicyFilter(new StackMachineCompiler(), new StackMachine(),
new SimpleTextV1LexiconPolicyParser());
filter.IsCompliant(cert, stream).Should().BeTrue();
}
}
public void TestExtensionAuthorityKeyIdent_KeyId_AssertTrue()
{
using (Stream stream = ("X509.TBS.EXTENSION.AuthorityKeyIdentifier.KeyId = 3aa0074b77b2493efb447de5ce6cd055085de3f0").ToStream())
{
X509Certificate2 cert = new X509Certificate2(@"resources/certs/[email protected]");
IPolicyFilter filter = new PolicyFilter(new StackMachineCompiler(), new StackMachine(),
new SimpleTextV1LexiconPolicyParser());
filter.IsCompliant(cert, stream).Should().BeTrue();
}
}
public void TestExtensionExtendedKeyUsage_AssertTrue()
{
using (Stream stream = ("X509.TBS.EXTENSION.ExtKeyUsageSyntax {?} 1.3.6.1.5.5.7.3.4").ToStream())
{
X509Certificate2 cert = new X509Certificate2(@"resources/certs/[email protected]");
IPolicyFilter filter = new PolicyFilter(new StackMachineCompiler(), new StackMachine(),
new SimpleTextV1LexiconPolicyParser());
filter.IsCompliant(cert, stream).Should().BeTrue();
}
}
public void TestExtensionPolicy_OIDS_Empty_AssertTrue()
{
using (Stream stream = ("{}X509.TBS.EXTENSION.CertificatePolicies.PolicyOIDs").ToStream())
{
X509Certificate2 cert = new X509Certificate2(@"resources/certs/umesh.der");
IPolicyFilter filter = new PolicyFilter(new StackMachineCompiler(), new StackMachine(),
new SimpleTextV1LexiconPolicyParser());
filter.IsCompliant(cert, stream).Should().BeTrue();
}
}
public void TestExtensionPolicy_PolicyURL_AssertTrue()
{
using (Stream stream = ("X509.TBS.EXTENSION.CertificatePolicies.CPSUrls {?} https://www.phicert.com/cps").ToStream())
{
X509Certificate2 cert = new X509Certificate2(@"resources/certs/policyMixedQualifier.der");
IPolicyFilter filter = new PolicyFilter(new StackMachineCompiler(), new StackMachine(),
new SimpleTextV1LexiconPolicyParser());
filter.IsCompliant(cert, stream).Should().BeTrue();
}
}
public void TestExtensionBasicContraint_CA_AssertTrue()
{
using (Stream stream = ("X509.TBS.EXTENSION.BasicConstraints.CA = true").ToStream())
{
X509Certificate2 cert = new X509Certificate2(@"resources/certs/CernerDirect DevCert Provider CA.der");
IPolicyFilter filter = new PolicyFilter(new StackMachineCompiler(), new StackMachine(),
new SimpleTextV1LexiconPolicyParser());
filter.IsCompliant(cert, stream).Should().BeTrue();
}
}
public ApiFilterWrapper(IPolicyApiFilter policyFilter, Func <IAuthorizationPolicyStore> policyStoreFactory)
{
ApiFilter = new PolicyFilter(policyFilter, policyStoreFactory);
}
public void TestExtensionAIA_OCSPLocation_Size_AssertTrue()
{
using (Stream stream = ("^X509.TBS.EXTENSION.AuthorityInfoAccessSyntax.OCSPLocation = 1").ToStream())
{
X509Certificate2 cert = new X509Certificate2(@"resources/certs/CernerDirectProviderCA.der");
IPolicyFilter filter = new PolicyFilter(new StackMachineCompiler(), new StackMachine(),
new SimpleTextV1LexiconPolicyParser());
filter.IsCompliant(cert, stream).Should().BeTrue();
}
}
