public void TestTBSSerialNumber_AssertTrue()
{
using (Stream stream = "X509.TBS.SerialNumber = 00F74F1C4FE4E1762E".ToStream())
{
X509Certificate2 cert = new X509Certificate2(@"resources/certs/umesh.der");
IPolicyFilter filter = new PolicyFilter(new StackMachineCompiler(),
new SimpleTextV1LexiconPolicyParser());
filter.IsCompliant(cert, stream).Should().BeTrue();
}
using (Stream stream = "X509.TBS.SerialNumber = 00f74f1c4fe4e1762e".ToStream())
{
X509Certificate2 cert = new X509Certificate2(@"resources/certs/umesh.der");
IPolicyFilter filter = new PolicyFilter(new StackMachineCompiler(),
new SimpleTextV1LexiconPolicyParser());
filter.IsCompliant(cert, stream).Should().BeTrue();
}
using (Stream stream = "X509.TBS.SerialNumber = f74f1c4fe4e1762e".ToStream())
{
X509Certificate2 cert = new X509Certificate2(@"resources/certs/umesh.der");
IPolicyFilter filter = new PolicyFilter(new StackMachineCompiler(),
new SimpleTextV1LexiconPolicyParser());
filter.IsCompliant(cert, stream).Should().BeTrue();
}
}
private void ValidateCertButton_Click(object sender, RoutedEventArgs e)
{
if (string.IsNullOrEmpty(CertificateLocation.Text))
{
return;
}
var ms = new MemoryStream();
var textRange = new TextRange(PolicyRichTextBox.Document.ContentStart,
PolicyRichTextBox.Document.ContentEnd);
textRange.Save(ms, DataFormats.Text);
ms.Position = 0;
var cert = new X509Certificate2(CertificateLocation.Text);
ICompiler compiler = new StackMachineCompiler();
compiler.ReportModeEnabled = true;
IPolicyFilter filter = new PolicyFilter(compiler, new StackMachine(),
new SimpleTextV1LexiconPolicyParser());
var sb = new StringBuilder();
sb.Append("Validation run at ")
.AppendLine(DateTime.Now.ToString("ddd, MMM d yyyy HH:mm:ss"))
.AppendLine();
try
{
if (filter.IsCompliant(cert, ms))
{
sb.Append("Certificate is compliant with the provided policy.");
}
else
{
sb.AppendLine("Certificate is NOT compliant with the provided policy.").AppendLine();
foreach (string item in compiler.CompiliationReport)
{
sb.AppendLine(item);
}
}
}
catch (PolicyRequiredException ex)
{
sb.AppendLine("Validation Successful")
.AppendLine("Certificate is missing a required field \t")
.AppendLine(ex.Message);
}
catch (PolicyGrammarException ex)
{
sb.AppendLine("Validation Failed:")
.AppendLine("Error compiling policy\t")
.AppendLine(ex.Message);
}
catch (Exception ex)
{
sb.AppendLine("Validation Failed:")
.AppendLine("Error compiling or proccessing policy\t" + ex.Message)
.AppendLine(ex.StackTrace);
}
ValidationResults.Text = sb.ToString();
}
public void TestTBSSerialNumber_AssertTrue()
{
using (Stream stream = "X509.TBS.SerialNumber = 00F74F1C4FE4E1762E".ToStream())
{
X509Certificate2 cert = new X509Certificate2(@"resources/certs/umesh.der");
IPolicyFilter filter = new PolicyFilter(new StackMachineCompiler(), new StackMachine(), new SimpleTextV1LexiconPolicyParser());
filter.IsCompliant(cert, stream).Should().BeTrue();
}
using (Stream stream = "X509.TBS.SerialNumber = 00f74f1c4fe4e1762e".ToStream())
{
X509Certificate2 cert = new X509Certificate2(@"resources/certs/umesh.der");
IPolicyFilter filter = new PolicyFilter(new StackMachineCompiler(), new StackMachine(),
new SimpleTextV1LexiconPolicyParser());
filter.IsCompliant(cert, stream).Should().BeTrue();
}
using (Stream stream = "X509.TBS.SerialNumber = f74f1c4fe4e1762e".ToStream())
{
X509Certificate2 cert = new X509Certificate2(@"resources/certs/umesh.der");
IPolicyFilter filter = new PolicyFilter(new StackMachineCompiler(), new StackMachine(), new SimpleTextV1LexiconPolicyParser());
filter.IsCompliant(cert, stream).Should().BeTrue();
}
}
public void testCompliance_simpleTextLexicon_bitWiseOrIntegerCertValue_assertNotEquals()
{
using (Stream stream = "(X509.TBS.EXTENSION.KeyUsage | 255) != 224".ToStream())
{
var cert = new X509Certificate2(@"resources/certs/[email protected]");
IPolicyFilter filter = new PolicyFilter(new StackMachineCompiler(), new StackMachine(), new SimpleTextV1LexiconPolicyParser());
filter.IsCompliant(cert, stream).Should().BeTrue();
}
}
public void TestX509SignatureAlgorithm_Equals_AssertTrue()
{
using (Stream stream = "X509.Algorithm = 1.2.840.113549.1.1.5".ToStream())
{
X509Certificate2 cert = new X509Certificate2(@"resources/certs/umesh.der");
IPolicyFilter filter = new PolicyFilter(new StackMachineCompiler(), new StackMachine(), new SimpleTextV1LexiconPolicyParser());
filter.IsCompliant(cert, stream).Should().BeTrue();
}
}
public void testCompliance_simpleTextLexicon_bitWiseAndIntegerCertValue_assertNotEquals()
{
using (Stream stream = "(X509.TBS.EXTENSION.KeyUsage & 200) != 224".ToStream())
{
var cert = new X509Certificate2(@"resources/certs/[email protected]");
IPolicyFilter filter = new PolicyFilter(new StackMachineCompiler(), new StackMachine(), new SimpleTextV1LexiconPolicyParser());
filter.IsCompliant(cert, stream).Should().BeTrue();
}
}
public void TestX509SignatureAlgorithm_Equals_AssertTrue()
{
using (Stream stream = "X509.Algorithm = 1.2.840.113549.1.1.5".ToStream())
{
X509Certificate2 cert = new X509Certificate2(@"resources/certs/umesh.der");
IPolicyFilter filter = new PolicyFilter(new StackMachineCompiler(), new StackMachine(), new SimpleTextV1LexiconPolicyParser());
filter.IsCompliant(cert, stream).Should().BeTrue();
}
}
public void TestExtensionPolicy_OIDS_Empty_AssertTrue()
{
using (Stream stream = ("{}X509.TBS.EXTENSION.CertificatePolicies.PolicyOIDs").ToStream())
{
X509Certificate2 cert = new X509Certificate2(@"resources/certs/umesh.der");
IPolicyFilter filter = new PolicyFilter(new StackMachineCompiler(),
new SimpleTextV1LexiconPolicyParser());
filter.IsCompliant(cert, stream).Should().BeTrue();
}
}
public void TestExtensionPolicy_PolicyURL_AssertTrue()
{
using (Stream stream = ("X509.TBS.EXTENSION.CertificatePolicies.CPSUrls {?} https://www.phicert.com/cps").ToStream())
{
X509Certificate2 cert = new X509Certificate2(@"resources/certs/policyMixedQualifier.der");
IPolicyFilter filter = new PolicyFilter(new StackMachineCompiler(),
new SimpleTextV1LexiconPolicyParser());
filter.IsCompliant(cert, stream).Should().BeTrue();
}
}
public void TestExtensionExtendedKeyUsage_AssertTrue()
{
using (Stream stream = ("X509.TBS.EXTENSION.ExtKeyUsageSyntax {?} 1.3.6.1.5.5.7.3.4").ToStream())
{
X509Certificate2 cert = new X509Certificate2(@"resources/certs/[email protected]");
IPolicyFilter filter = new PolicyFilter(new StackMachineCompiler(),
new SimpleTextV1LexiconPolicyParser());
filter.IsCompliant(cert, stream).Should().BeTrue();
}
}
public void testIsCompliant_missingEngine_assertException()
{
Mock<ICompiler> mockCompiler = new Mock<ICompiler>();
Mock<IPolicyExpression> mockExpression = new Mock<IPolicyExpression>();
Mock<X509Certificate2> mockCert = new Mock<X509Certificate2>();
PolicyFilter filter = new PolicyFilter(mockCompiler.Object, null);
Action action = () => filter.IsCompliant(mockCert.Object, mockExpression.Object);
action.ShouldThrow<InvalidOperationException>().WithMessage("Execution engine cannot be null");
}
public void TestExtensionAIA_OCSPLocation_Size_AssertTrue()
{
using (Stream stream = ("^X509.TBS.EXTENSION.AuthorityInfoAccessSyntax.OCSPLocation = 1").ToStream())
{
X509Certificate2 cert = new X509Certificate2(@"resources/certs/CernerDirectProviderCA.der");
IPolicyFilter filter = new PolicyFilter(new StackMachineCompiler(),
new SimpleTextV1LexiconPolicyParser());
filter.IsCompliant(cert, stream).Should().BeTrue();
}
}
public void TestExtensionPolicy_Intersection_MultipleQueryOID_MultipleIntersection_AssertTrue()
{
using (Stream stream = ("^(X509.TBS.EXTENSION.CertificatePolicies.PolicyOIDs {}& 1.3.6.1.4.1.41179.0.1.2,1.3.6.1.4.1.41179.1.3) = 2").ToStream())
{
X509Certificate2 cert = new X509Certificate2(@"resources/certs/policyMixedQualifier.der");
IPolicyFilter filter = new PolicyFilter(new StackMachineCompiler(),
new SimpleTextV1LexiconPolicyParser());
filter.IsCompliant(cert, stream).Should().BeTrue();
}
}
public void testIsCompliant_missingComplier_assertException()
{
Mock <IPolicyExpression> mockExpression = new Mock <IPolicyExpression>();
Mock <X509Certificate2> mockCert = new Mock <X509Certificate2>();
PolicyFilter filter = new PolicyFilter(null, null);
Action action = () => filter.IsCompliant(mockCert.Object, mockExpression.Object);
action.ShouldThrow <InvalidOperationException>().WithMessage("Compiler cannot be null");
}
public void TestExtensionBasicContraint_CA_AssertTrue()
{
using (Stream stream = ("X509.TBS.EXTENSION.BasicConstraints.CA = true").ToStream())
{
X509Certificate2 cert = new X509Certificate2(@"resources/certs/CernerDirect DevCert Provider CA.der");
IPolicyFilter filter = new PolicyFilter(new StackMachineCompiler(),
new SimpleTextV1LexiconPolicyParser());
filter.IsCompliant(cert, stream).Should().BeTrue();
}
}
public void TestTBSPublicKeySize_AssertTrue()
{
using (Stream stream = ("X509.TBS.SubjectPublicKeyInfo.Size = 2024").ToStream())
{
X509Certificate2 cert = new X509Certificate2(@"resources/certs/umesh.der");
IPolicyFilter filter = new PolicyFilter(new StackMachineCompiler(),
new SimpleTextV1LexiconPolicyParser());
filter.IsCompliant(cert, stream).Should().BeTrue();
}
}
public void TestExtensionSubjectAltName_NotEmpty_AssertTrue()
{
using (Stream stream = ("{}!X509.TBS.EXTENSION.SubjectAltName").ToStream())
{
X509Certificate2 cert = new X509Certificate2(@"resources/certs/[email protected]");
IPolicyFilter filter = new PolicyFilter(new StackMachineCompiler(),
new SimpleTextV1LexiconPolicyParser());
filter.IsCompliant(cert, stream).Should().BeTrue();
}
}
public void TestExtensionSubjectKeyId_AssertTrue()
{
using (Stream stream = ("X509.TBS.EXTENSION.SubjectKeyIdentifier = e0f63ccfeb5ce3eef5c04efe8084c92bc628682c").ToStream())
{
X509Certificate2 cert = new X509Certificate2(@"resources/certs/[email protected]");
IPolicyFilter filter = new PolicyFilter(new StackMachineCompiler(),
new SimpleTextV1LexiconPolicyParser());
filter.IsCompliant(cert, stream).Should().BeTrue();
}
}
public void TestExtensionAuthorityKeyIdent_KeyId_AssertTrue()
{
using (Stream stream = ("X509.TBS.EXTENSION.AuthorityKeyIdentifier.KeyId = 3aa0074b77b2493efb447de5ce6cd055085de3f0").ToStream())
{
X509Certificate2 cert = new X509Certificate2(@"resources/certs/[email protected]");
IPolicyFilter filter = new PolicyFilter(new StackMachineCompiler(),
new SimpleTextV1LexiconPolicyParser());
filter.IsCompliant(cert, stream).Should().BeTrue();
}
}
public void testIsCompliant_engineReturnsCompliant_assertTrue()
{
Mock<ICompiler> mockCompiler = new Mock<ICompiler>();
Mock<IExecutionEngine> mockEngine = new Mock<IExecutionEngine>();
Mock<IPolicyExpression> mockExpression = new Mock<IPolicyExpression>();
Mock<X509Certificate2> mockCert = new Mock<X509Certificate2>();
mockEngine.Setup(e => e.Evaluate(It.IsAny<IList<IOpCode>>())).Returns(true);
PolicyFilter filter = new PolicyFilter(mockCompiler.Object, mockEngine.Object);
filter.IsCompliant(mockCert.Object, mockExpression.Object);
}
public void TestTBSSubject_AssertTrue_WithState_ST()
{
using (Stream stream = ("(X509.TBS.Subject.CN {?} umesh) && (X509.TBS.Subject.C {?} US) && (X509.TBS.Subject.ST {?} Missouri) " +
" && (X509.TBS.Subject.E {?} [email protected]) && (X509.TBS.Subject.OU {?} Medical Informatics)").ToStream())
{
X509Certificate2 cert = new X509Certificate2(@"resources/certs/umesh.der");
IPolicyFilter filter = new PolicyFilter(new StackMachineCompiler(),
new SimpleTextV1LexiconPolicyParser());
filter.IsCompliant(cert, stream).Should().BeTrue();
}
}
public void TestTBSIssuer_AssertTrue_WithState_ST()
{
using (Stream stream = ("(X509.TBS.Issuer.CN {?} SimpleInterop) && (X509.TBS.Issuer.C {?} US) && (X509.TBS.Issuer.ST {?} Missouri) " +
" && (X509.TBS.Issuer.E {?} [email protected]) && (X509.TBS.Issuer.OU {?} Medical Informatics)").ToStream())
{
X509Certificate2 cert = new X509Certificate2(@"resources/certs/umesh.der");
IPolicyFilter filter = new PolicyFilter(new StackMachineCompiler(), new StackMachine(),
new SimpleTextV1LexiconPolicyParser());
filter.IsCompliant(cert, stream).Should().BeTrue();
}
}
public void TestExtensionAIA_URL_Caissues_AssertTrue()
{
using (Stream stream = ("X509.TBS.EXTENSION.AuthorityInfoAccessSyntax.Url " +
"{?} caIssuers:http://ca.cerner.com/public/root.der").ToStream())
{
X509Certificate2 cert = new X509Certificate2(@"resources/certs/CernerDirectProviderCA.der");
IPolicyFilter filter = new PolicyFilter(new StackMachineCompiler(),
new SimpleTextV1LexiconPolicyParser());
filter.IsCompliant(cert, stream).Should().BeTrue();
}
}
public void TestTBSIssuer_AssertTrue_WithState_S()
{
using (Stream stream = ("(X509.TBS.Issuer.CN {?} SimpleInterop) && (X509.TBS.Issuer.C {?} US) && (X509.TBS.Issuer.S {?} Missouri) " +
" && (X509.TBS.Issuer.E {?} [email protected]) && (X509.TBS.Issuer.OU {?} Medical Informatics)").ToStream())
{
X509Certificate2 cert = new X509Certificate2(@"resources/certs/umesh.der");
IPolicyFilter filter = new PolicyFilter(new StackMachineCompiler(),
new SimpleTextV1LexiconPolicyParser());
filter.IsCompliant(cert, stream).Should().BeTrue();
}
}
public void testIsCompliant_engineReturnsCompliant_assertTrue()
{
Mock <ICompiler> mockCompiler = new Mock <ICompiler>();
Mock <IExecutionEngine> mockEngine = new Mock <IExecutionEngine>();
Mock <IPolicyExpression> mockExpression = new Mock <IPolicyExpression>();
Mock <X509Certificate2> mockCert = new Mock <X509Certificate2>();
mockEngine.Setup(e => e.Evaluate(It.IsAny <IList <IOpCode> >())).Returns(true);
PolicyFilter filter = new PolicyFilter(mockCompiler.Object, mockEngine.Object);
filter.IsCompliant(mockCert.Object, mockExpression.Object);
}
public void testIsCompliant_parse_engineReturnsCompliant_assertTrue()
{
using (Stream stream = File.OpenRead("./resources/policies/dataEnciphermentOnlyRequired.xml"))
{
Mock <ICompiler> mockCompiler = new Mock <ICompiler>();
Mock <IExecutionEngine> mockEngine = new Mock <IExecutionEngine>();
Mock <X509Certificate2> mockCert = new Mock <X509Certificate2>();
mockEngine.Setup(e => e.Evaluate(It.IsAny <IList <IOpCode> >())).Returns(true);
PolicyFilter filter = new PolicyFilter(mockCompiler.Object, new XMLLexiconPolicyParser());
filter.IsCompliant(mockCert.Object, stream);
}
}
public void testIsCompliant_parse_engineReturnsCompliant_assertTrue()
{
using (Stream stream = File.OpenRead("./resources/policies/dataEnciphermentOnlyRequired.xml"))
{
Mock<ICompiler> mockCompiler = new Mock<ICompiler>();
Mock<IExecutionEngine> mockEngine = new Mock<IExecutionEngine>();
Mock<X509Certificate2> mockCert = new Mock<X509Certificate2>();
mockEngine.Setup(e => e.Evaluate(It.IsAny<IList<IOpCode>>())).Returns(true);
PolicyFilter filter = new PolicyFilter(mockCompiler.Object, mockEngine.Object, new XMLLexiconPolicyParser());
filter.IsCompliant(mockCert.Object, stream);
}
}
public void TestTBSPublicKeySize_AssertTrue()
{
using (Stream stream = ("X509.TBS.SubjectPublicKeyInfo.Size = 2024").ToStream())
{
X509Certificate2 cert = new X509Certificate2(@"resources/certs/umesh.der");
IPolicyFilter filter = new PolicyFilter(new StackMachineCompiler(), new StackMachine(),
new SimpleTextV1LexiconPolicyParser());
filter.IsCompliant(cert, stream).Should().BeTrue();
}
}
public void TestExtensionSubjectAltName_NotEmpty_AssertTrue()
{
using (Stream stream = ("{}!X509.TBS.EXTENSION.SubjectAltName").ToStream())
{
X509Certificate2 cert = new X509Certificate2(@"resources/certs/[email protected]");
IPolicyFilter filter = new PolicyFilter(new StackMachineCompiler(), new StackMachine(),
new SimpleTextV1LexiconPolicyParser());
filter.IsCompliant(cert, stream).Should().BeTrue();
}
}
public void TestExtensionSubjectKeyId_AssertTrue()
{
using (Stream stream = ("X509.TBS.EXTENSION.SubjectKeyIdentifier = e0f63ccfeb5ce3eef5c04efe8084c92bc628682c").ToStream())
{
X509Certificate2 cert = new X509Certificate2(@"resources/certs/[email protected]");
IPolicyFilter filter = new PolicyFilter(new StackMachineCompiler(), new StackMachine(),
new SimpleTextV1LexiconPolicyParser());
filter.IsCompliant(cert, stream).Should().BeTrue();
}
}
public void TestExtensionAuthorityKeyIdent_KeyId_AssertTrue()
{
using (Stream stream = ("X509.TBS.EXTENSION.AuthorityKeyIdentifier.KeyId = 3aa0074b77b2493efb447de5ce6cd055085de3f0").ToStream())
{
X509Certificate2 cert = new X509Certificate2(@"resources/certs/[email protected]");
IPolicyFilter filter = new PolicyFilter(new StackMachineCompiler(), new StackMachine(),
new SimpleTextV1LexiconPolicyParser());
filter.IsCompliant(cert, stream).Should().BeTrue();
}
}
public void TestExtensionPolicy_PolicyURL_AssertTrue()
{
using (Stream stream = ("X509.TBS.EXTENSION.CertificatePolicies.CPSUrls {?} https://www.phicert.com/cps").ToStream())
{
X509Certificate2 cert = new X509Certificate2(@"resources/certs/policyMixedQualifier.der");
IPolicyFilter filter = new PolicyFilter(new StackMachineCompiler(), new StackMachine(),
new SimpleTextV1LexiconPolicyParser());
filter.IsCompliant(cert, stream).Should().BeTrue();
}
}
public void TestExtensionBasicContraint_CA_AssertTrue()
{
using (Stream stream = ("X509.TBS.EXTENSION.BasicConstraints.CA = true").ToStream())
{
X509Certificate2 cert = new X509Certificate2(@"resources/certs/CernerDirect DevCert Provider CA.der");
IPolicyFilter filter = new PolicyFilter(new StackMachineCompiler(), new StackMachine(),
new SimpleTextV1LexiconPolicyParser());
filter.IsCompliant(cert, stream).Should().BeTrue();
}
}
public void TestExtensionExtendedKeyUsage_AssertTrue()
{
using (Stream stream = ("X509.TBS.EXTENSION.ExtKeyUsageSyntax {?} 1.3.6.1.5.5.7.3.4").ToStream())
{
X509Certificate2 cert = new X509Certificate2(@"resources/certs/[email protected]");
IPolicyFilter filter = new PolicyFilter(new StackMachineCompiler(), new StackMachine(),
new SimpleTextV1LexiconPolicyParser());
filter.IsCompliant(cert, stream).Should().BeTrue();
}
}
public void TestExtensionAIA_URL_Caissues_AssertTrue()
{
using (Stream stream = ("X509.TBS.EXTENSION.AuthorityInfoAccessSyntax.Url " +
"{?} caIssuers:http://ca.cerner.com/public/root.der").ToStream())
{
X509Certificate2 cert = new X509Certificate2(@"resources/certs/CernerDirectProviderCA.der");
IPolicyFilter filter = new PolicyFilter(new StackMachineCompiler(), new StackMachine(),
new SimpleTextV1LexiconPolicyParser());
filter.IsCompliant(cert, stream).Should().BeTrue();
}
}
public void TestTBSSubject_AssertTrue_WithState_ST()
{
using (Stream stream = ("(X509.TBS.Subject.CN {?} umesh) && (X509.TBS.Subject.C {?} US) && (X509.TBS.Subject.ST {?} Missouri) " +
" && (X509.TBS.Subject.E {?} [email protected]) && (X509.TBS.Subject.OU {?} Medical Informatics)").ToStream())
{
X509Certificate2 cert = new X509Certificate2(@"resources/certs/umesh.der");
IPolicyFilter filter = new PolicyFilter(new StackMachineCompiler(), new StackMachine(),
new SimpleTextV1LexiconPolicyParser());
filter.IsCompliant(cert, stream).Should().BeTrue();
}
}
private void ValidateCertButton_Click(object sender, RoutedEventArgs e)
{
if (string.IsNullOrEmpty(CertificateLocation.Text))
{
return;
}
var ms = new MemoryStream();
var textRange = new TextRange(PolicyRichTextBox.Document.ContentStart,
PolicyRichTextBox.Document.ContentEnd);
textRange.Save(ms, DataFormats.Text);
ms.Position = 0;
var cert = new X509Certificate2(CertificateLocation.Text);
ICompiler compiler = new StackMachineCompiler();
compiler.ReportModeEnabled = true;
IPolicyFilter filter = new PolicyFilter(compiler, new StackMachine(),
new SimpleTextV1LexiconPolicyParser());
var sb = new StringBuilder();
sb.Append("Validation run at ")
.AppendLine(DateTime.Now.ToString("ddd, MMM d yyyy HH:mm:ss"))
.AppendLine();
try
{
if (filter.IsCompliant(cert, ms))
{
sb.Append("Certificate is compliant with the provided policy.");
}
else
{
sb.AppendLine("Certificate is NOT compliant with the provided policy.").AppendLine();
foreach (string item in compiler.CompiliationReport)
{
sb.AppendLine(item);
}
}
}
catch (PolicyRequiredException ex)
{
sb.AppendLine("Validation Successful")
.AppendLine("Certificate is missing a required field \t")
.AppendLine(ex.Message);
}
catch (PolicyGrammarException ex)
{
sb.AppendLine("Validation Failed:")
.AppendLine("Error compiling policy\t")
.AppendLine(ex.Message);
}
catch (Exception ex)
{
sb.AppendLine("Validation Failed:")
.AppendLine("Error compiling or proccessing policy\t" + ex.Message)
.AppendLine(ex.StackTrace);
}
ValidationResults.Text = sb.ToString();
}
public void TestExtensionPolicy_OIDS_Empty_AssertTrue()
{
using (Stream stream = ("{}X509.TBS.EXTENSION.CertificatePolicies.PolicyOIDs").ToStream())
{
X509Certificate2 cert = new X509Certificate2(@"resources/certs/umesh.der");
IPolicyFilter filter = new PolicyFilter(new StackMachineCompiler(), new StackMachine(),
new SimpleTextV1LexiconPolicyParser());
filter.IsCompliant(cert, stream).Should().BeTrue();
}
}
public void TestExtensionPolicy_Intersection_MultipleQueryOID_MultipleIntersection_AssertTrue()
{
using (Stream stream = ("^(X509.TBS.EXTENSION.CertificatePolicies.PolicyOIDs {}& 1.3.6.1.4.1.41179.0.1.2,1.3.6.1.4.1.41179.1.3) = 2").ToStream())
{
X509Certificate2 cert = new X509Certificate2(@"resources/certs/policyMixedQualifier.der");
IPolicyFilter filter = new PolicyFilter(new StackMachineCompiler(), new StackMachine(),
new SimpleTextV1LexiconPolicyParser());
filter.IsCompliant(cert, stream).Should().BeTrue();
}
}
public void TestExtensionAIA_OCSPLocation_Size_AssertTrue()
{
using (Stream stream = ("^X509.TBS.EXTENSION.AuthorityInfoAccessSyntax.OCSPLocation = 1").ToStream())
{
X509Certificate2 cert = new X509Certificate2(@"resources/certs/CernerDirectProviderCA.der");
IPolicyFilter filter = new PolicyFilter(new StackMachineCompiler(), new StackMachine(),
new SimpleTextV1LexiconPolicyParser());
filter.IsCompliant(cert, stream).Should().BeTrue();
}
}
