public void AttestationMechanism_ConstructorJSON_SucceedForX509() { // arrange AttestationMechanism attestationMechanism = JsonConvert.DeserializeObject <AttestationMechanism>(SampleX509AttestationJson); // act - assert Assert.IsNotNull(attestationMechanism); Assert.AreEqual(AttestationMechanismType.X509, attestationMechanism.Type); Assert.IsTrue(attestationMechanism.GetAttestation() is X509Attestation); }
public void AttestationMechanism_Constructor_SucceedOnX509Attestation() { // arrange - act AttestationMechanism attestationMechanism = new AttestationMechanism(SampleX509RootAttestation); // assert Assert.IsNotNull(attestationMechanism); Assert.AreEqual(SamplePublicKeyCertificateString, ((X509Attestation)attestationMechanism.GetAttestation()).RootCertificates.Primary.Certificate); Assert.AreEqual(AttestationMechanismType.X509, attestationMechanism.Type); }
public void AttestationMechanismConstructorSucceedOnTPMAttestation() { // arrange - act AttestationMechanism attestationMechanism = new AttestationMechanism(SampleTpmAttestation); // assert Assert.IsNotNull(attestationMechanism); Assert.AreEqual(SampleEndorsementKey, ((TpmAttestation)attestationMechanism.GetAttestation()).EndorsementKey); Assert.AreEqual(AttestationMechanismType.Tpm, attestationMechanism.Type); }
/********************************************************************************** * Retrieve attestation from DPS *********************************************************************************/ public async Task <AttestationMechanism> GetDpsAttestationMechanism(string registrationId) { AttestationMechanism attestation = null; try { attestation = await _provisioningServiceClient.GetIndividualEnrollmentAttestationAsync(registrationId).ConfigureAwait(false); } catch (Exception e) { _logger.LogError($"Exception in GetDpsEnrollment() : {e.Message}"); } return(attestation); }
public async Task ProvisioningServiceClient_GetEnrollmentGroupAttestation(AttestationMechanismType attestationType) { using var provisioningServiceClient = ProvisioningServiceClient.CreateFromConnectionString(TestConfiguration.Provisioning.ConnectionString); string groupId = AttestationTypeToString(attestationType) + "-" + Guid.NewGuid(); EnrollmentGroup enrollmentGroup = await CreateEnrollmentGroupAsync(provisioningServiceClient, attestationType, groupId, null, AllocationPolicy.Static, null, null, null, Logger); AttestationMechanism attestationMechanism = null; await RetryOperationHelper .RetryOperationsAsync( async() => { attestationMechanism = await provisioningServiceClient.GetEnrollmentGroupAttestationAsync(enrollmentGroup.EnrollmentGroupId); }, s_provisioningServiceRetryPolicy, s_retryableExceptions, Logger) .ConfigureAwait(false); if (attestationMechanism == null) { throw new ArgumentException($"The attestation mechanism for enrollment with group Id {enrollmentGroup.EnrollmentGroupId} could not retrieved, exiting test."); } // Note that tpm is not a supported attestation type for group enrollments if (attestationType == AttestationMechanismType.SymmetricKey) { attestationMechanism.Type.Should().Be(AttestationMechanismType.SymmetricKey); var symmetricKeyAttestation = (SymmetricKeyAttestation)attestationMechanism.GetAttestation(); symmetricKeyAttestation.PrimaryKey.Should().Be(((SymmetricKeyAttestation)enrollmentGroup.Attestation).PrimaryKey); symmetricKeyAttestation.SecondaryKey.Should().Be(((SymmetricKeyAttestation)enrollmentGroup.Attestation).SecondaryKey); } else if (attestationType == AttestationMechanismType.X509) { attestationMechanism.Type.Should().Be(AttestationMechanismType.X509); var x509Attestation = (X509Attestation)attestationMechanism.GetAttestation(); x509Attestation.GetPrimaryX509CertificateInfo().SHA1Thumbprint.Should().Be(((X509Attestation)enrollmentGroup.Attestation).GetPrimaryX509CertificateInfo().SHA1Thumbprint); x509Attestation.GetSecondaryX509CertificateInfo().SHA1Thumbprint.Should().Be(((X509Attestation)enrollmentGroup.Attestation).GetSecondaryX509CertificateInfo().SHA1Thumbprint); } }
public async Task <ActionResult> GetDpsEnrollment(string registrationId) { IndividualEnrollment enrollment; DPS_ENROLLMENT_DATA enrollmentData = new DPS_ENROLLMENT_DATA(); try { // retrieve the enrollment enrollment = await _helper.GetDpsEnrollment(registrationId).ConfigureAwait(false); if (enrollment == null) { _logger.LogWarning($"Individual enrollment {registrationId} not found"); return(BadRequest()); } AttestationMechanism attestationMechanism = await _helper.GetDpsAttestationMechanism(registrationId).ConfigureAwait(false); if (attestationMechanism == null) { _logger.LogWarning($"Attestation Mechanism for {registrationId} not found"); return(BadRequest()); } if (attestationMechanism.Type.Equals(AttestationMechanismType.SymmetricKey)) { SymmetricKeyAttestation attestation = (SymmetricKeyAttestation)attestationMechanism.GetAttestation(); enrollmentData.registrationId = enrollment.RegistrationId; enrollmentData.primaryKey = attestation.PrimaryKey; enrollmentData.secondaryKey = attestation.SecondaryKey; enrollmentData.status = enrollment.ProvisioningStatus.ToString(); } } catch (Exception e) { _logger.LogError($"Exception in GetEnrollment() : {e.Message}"); } return(Json(enrollmentData)); }
public async Task ProvisioningServiceClient_GetEnrollmentGroupAttestation(AttestationMechanismType attestationType) { ProvisioningServiceClient provisioningServiceClient = ProvisioningServiceClient.CreateFromConnectionString(Configuration.Provisioning.ConnectionString); string groupId = AttestationTypeToString(attestationType) + "-" + Guid.NewGuid(); EnrollmentGroup enrollmentGroup = await CreateEnrollmentGroup(provisioningServiceClient, attestationType, groupId, null, AllocationPolicy.Static, null, null, null); AttestationMechanism attestationMechanism = await provisioningServiceClient.GetEnrollmentGroupAttestationAsync(enrollmentGroup.EnrollmentGroupId); // Note that tpm is not a supported attestation type for group enrollments if (attestationType == AttestationMechanismType.SymmetricKey) { Assert.AreEqual(AttestationMechanismType.SymmetricKey, attestationMechanism.Type); SymmetricKeyAttestation symmetricKeyAttestation = (SymmetricKeyAttestation)attestationMechanism.GetAttestation(); Assert.AreEqual(((SymmetricKeyAttestation)enrollmentGroup.Attestation).PrimaryKey, symmetricKeyAttestation.PrimaryKey); Assert.AreEqual(((SymmetricKeyAttestation)enrollmentGroup.Attestation).SecondaryKey, symmetricKeyAttestation.SecondaryKey); } else if (attestationType == AttestationMechanismType.X509) { Assert.AreEqual(AttestationMechanismType.X509, attestationMechanism.Type); X509Attestation x509Attestation = (X509Attestation)attestationMechanism.GetAttestation(); Assert.AreEqual(((X509Attestation)enrollmentGroup.Attestation).GetPrimaryX509CertificateInfo().SHA1Thumbprint, x509Attestation.GetPrimaryX509CertificateInfo().SHA1Thumbprint); Assert.AreEqual(((X509Attestation)enrollmentGroup.Attestation).GetSecondaryX509CertificateInfo().SHA1Thumbprint, x509Attestation.GetSecondaryX509CertificateInfo().SHA1Thumbprint); } }