public void MllpClient_Receives_Correct_Server_Certificate()
{
// arrange
using (MllpServer server = this.StartupMllpServer(useSsl: true))
{
byte[] receivedServerCertificateSerialNumber = null;
var securityDetails = new ClientSecurityDetails(
(sender, certificate, chain, sslPolicyErrors) =>
{
receivedServerCertificateSerialNumber = certificate.GetSerialNumber();
return(true);
});
var connectionDetails = new ClientConnectionDetails(server.EndPoint.Address.ToString(), server.EndPoint.Port, Encoding.ASCII, null, securityDetails);
// act
using (MllpClient testee = (MllpClient)MllpClient.Create(connectionDetails).Result)
{
// assert
Assert.IsNotNull(receivedServerCertificateSerialNumber, "no server certificate was received by client.");
CollectionAssert.AreEqual(this.serverCertificate.GetSerialNumber(), receivedServerCertificateSerialNumber, "wrong server certificate received.");
}
}
}
public void MllpClient_Sends_Client_Certificate_Successfully()
{
// arrange
byte[] receivedClientCertificateSerialNumber = null;
RemoteCertificateValidationCallback clientCertificateValidationCallbackOnServer = (sender, certificate, chain, errors) =>
{
receivedClientCertificateSerialNumber = certificate.GetSerialNumber();
// the framework validation of the client cert on the server will result in errors.
// accept the client cert anyhow.
return(true);
};
using (MllpServer server = this.StartupMllpServer(true, true, clientCertificateValidationCallbackOnServer))
{
// accept any server certificate
var serverCertificateValidator = new RemoteCertificateValidationCallback((sender, certificate, chain, errors) => true);
// client certification has issuer-issues. force sending the one we have.
var clientCertificateCollection = new X509CertificateCollection {
this.clientCertificate
};
var clientCertificateSelector = new LocalCertificateSelectionCallback((sender, host, certificates, certificate, issuers) => certificates[0]);
var securityDetails = new ClientSecurityDetails(serverCertificateValidator, clientCertificateCollection, clientCertificateSelector);
var connectionDetails = new ClientConnectionDetails(server.EndPoint.Address.ToString(), server.EndPoint.Port, Encoding.ASCII, null, securityDetails);
// act
using (MllpClient testee = (MllpClient)MllpClient.Create(connectionDetails).Result)
{
}
}
// assert
Assert.IsNotNull(receivedClientCertificateSerialNumber, "no client certificate was received by server.");
CollectionAssert.AreEqual(this.clientCertificate.GetSerialNumber(), receivedClientCertificateSerialNumber, "wrong server certificate received.");
}
public void MllpClient_Receives_Server_Certificate_And_Certificate_Rejection_Is_Respected()
{
// arrange
using (MllpServer server = this.StartupMllpServer(useSsl: true))
{
var securityDetails = new ClientSecurityDetails((sender, certificate, chain, sslPolicyErrors) => false); // reject server certificate.
var connectionDetails = new ClientConnectionDetails(server.EndPoint.Address.ToString(), server.EndPoint.Port, Encoding.ASCII, null, securityDetails);
try
{
// act
using (MllpClient testee = (MllpClient)MllpClient.Create(connectionDetails).Result)
{
// assert
Assert.Fail("method should result in error since certificate was rejected.");
}
}
catch (AggregateException aggregateException)
{
Assert.AreEqual(typeof(AuthenticationException), aggregateException.InnerException.GetType());
}
}
}
