public void ParseCertificatesResponseInvalidCertificateShouldThrow() { ServerCertificateResponse cert = new ServerCertificateResponse() { Certificate = "InvalidCert" }; Assert.Throws <InvalidOperationException>(() => CertificateHelper.ParseCertificateResponse(cert)); }
public void ValidateCertSuccess() { var trustedCACerts = Option.None <IList <X509Certificate2> >(); X509Certificate2 cert = TestCertificateHelper.GenerateSelfSignedCert("top secret"); (bool validated, Option <string> errors) = CertificateHelper.ValidateCert(cert, new[] { cert }, trustedCACerts); Assert.True(validated); Assert.False(errors.HasValue); }
public void ParseCertificatesResponseInvalidCertificateShouldThrow() { var response = new CertificateResponse() { Certificate = "InvalidCert", }; Assert.Throws <InvalidOperationException>(() => CertificateHelper.ParseCertificateResponse(response)); }
public void ParseTrustedBundleFromFileRaisesExceptionWithInvalidTBFile() { string testFile = Path.GetRandomFileName(); Assert.Throws <ArgumentException>(() => CertificateHelper.ParseTrustedBundleFromFile(null)); Assert.Throws <ArgumentException>(() => CertificateHelper.ParseTrustedBundleFromFile(string.Empty)); Assert.Throws <ArgumentException>(() => CertificateHelper.ParseTrustedBundleFromFile(" ")); Assert.Throws <ArgumentException>(() => CertificateHelper.ParseTrustedBundleFromFile(testFile)); }
public void ParseECCCertificateAndKeyShouldReturnCertAndKey() { (X509Certificate2 cert, IEnumerable <X509Certificate2> chain) = CertificateHelper.ParseCertificateAndKey(TestCertificateHelper.ECCCertificatePem, TestCertificateHelper.ECCPrivateKeyPem); var expected = new X509Certificate2(Encoding.UTF8.GetBytes(TestCertificateHelper.CertificatePem)); Assert.True(cert.HasPrivateKey); Assert.Empty(chain); }
public void ClientCertCallbackNullArgumentThrows() { var trustedCACerts = Option.None <IList <X509Certificate2> >(); Assert.Throws <ArgumentNullException>(() => CertificateHelper.ValidateClientCert(null, new List <X509Certificate2>(), trustedCACerts, Logger.Factory.CreateLogger("something"))); Assert.Throws <ArgumentNullException>(() => CertificateHelper.ValidateClientCert(new X509Certificate2(), null, trustedCACerts, Logger.Factory.CreateLogger("something"))); }
public void ValidateCertNoMatchFailure() { X509Certificate2 cert = TestCertificateHelper.GenerateSelfSignedCert("top secret"); X509Certificate2 root = TestCertificateHelper.GenerateSelfSignedCert("root"); (bool validated, Option <string> errors) = CertificateHelper.ValidateCert(cert, new[] { cert }, new[] { root }); Assert.False(validated); Assert.True(errors.HasValue); }
public void TestValidateCertificateWithCAExtentionFails() { var caCert = TestCertificateHelper.GenerateSelfSignedCert("MyTestCA", true); Assert.False(CertificateHelper.ValidateClientCert(caCert, new List <X509Certificate2>() { caCert }, Option.None <IList <X509Certificate2> >(), Logger.Factory.CreateLogger("something"))); }
public void ParseTrustBundleResponseWithMultipleCertReturnsNonEmptyList() { var response = new TrustBundleResponse() { Certificate = $"{TestCertificateHelper.CertificatePem}\n{TestCertificateHelper.CertificatePem}", }; IEnumerable <X509Certificate2> certs = CertificateHelper.ParseTrustBundleResponse(response); Assert.Equal(certs.Count(), 2); }
public void ParseCertificatesResponseInvalidKeyShouldThrow() { var response = new ServerCertificateResponse() { Certificate = TestCertificateHelper.CertificatePem, PrivateKey = "InvalidKey" }; Assert.Throws <InvalidOperationException>(() => CertificateHelper.ParseCertificateResponse(response)); }
public void ParseTrustBundleInvalidResponseReturnsEmptyList() { var response = new TrustBundleResponse() { Certificate = "somewhere over the rainbow", }; IEnumerable <X509Certificate2> certs = CertificateHelper.ParseTrustBundleResponse(response); Assert.Equal(certs.Count(), 0); }
public void ParseTrustBundleEmptyResponseReturnsEmptyList() { var response = new TrustBundleResponse() { Certificate = " ", }; IEnumerable <X509Certificate2> certs = CertificateHelper.ParseTrustBundleResponse(response); Assert.Equal(certs.Count(), 0); }
public void TestValidateCertificateWithFutureValidityFails() { var notBefore = DateTime.Now.AddYears(1); var notAfter = DateTime.Now.AddYears(2); var clientCert = TestCertificateHelper.GenerateSelfSignedCert("MyTestClient", notBefore, notAfter, false); Assert.False(CertificateHelper.ValidateClientCert(clientCert, new List <X509Certificate2>() { clientCert }, Option.None <IList <X509Certificate2> >(), Logger.Factory.CreateLogger("something"))); }
public void TestValidateCertificateWithExpiredValidityFails() { var notBefore = DateTime.Now.Subtract(TimeSpan.FromDays(2)); var notAfter = DateTime.Now.Subtract(TimeSpan.FromDays(1)); var(clientCert, clientKeyPair) = TestCertificateHelper.GenerateSelfSignedCert("MyTestClient", notBefore, notAfter, false); Assert.False(CertificateHelper.ValidateClientCert(clientCert, new List <X509Certificate2>() { clientCert }, Option.None <IList <X509Certificate2> >(), Logger.Factory.CreateLogger("something"))); }
public void ParseRSACertificateAndKeyShouldReturnCertAndKey() { TestCertificateHelper.GenerateSelfSignedCert("top secret").Export(X509ContentType.Cert); (X509Certificate2 cert, IEnumerable <X509Certificate2> chain) = CertificateHelper.ParseCertificateAndKey(TestCertificateHelper.CertificatePem, TestCertificateHelper.PrivateKeyPem); var expected = new X509Certificate2(Encoding.UTF8.GetBytes(TestCertificateHelper.CertificatePem)); Assert.Equal(expected, cert); Assert.True(cert.HasPrivateKey); Assert.Empty(chain); }
public void ClientCertCallbackNullArgumentThrows() { var trustedCACerts = Option.None <IList <X509Certificate2> >(); X509Certificate2 cert = TestCertificateHelper.GenerateSelfSignedCert("top secret"); Assert.Throws <ArgumentNullException>( () => CertificateHelper.ValidateClientCert(null, new List <X509Certificate2>(), trustedCACerts, Logger.Factory.CreateLogger("something"))); Assert.Throws <ArgumentNullException>( () => CertificateHelper.ValidateClientCert(cert, null, trustedCACerts, Logger.Factory.CreateLogger("something"))); }
public void ClientCertCallbackNullArgumentThrows() { Assert.Throws <ArgumentNullException>(() => CertificateHelper.ValidateClientCert(null, new X509Chain(), Option.Some <IList <X509Certificate2> >(new X509Certificate2[] { }), Logger.Factory.CreateLogger("something"))); Assert.Throws <ArgumentNullException>(() => CertificateHelper.ValidateClientCert(new X509Certificate2(), null, Option.Some <IList <X509Certificate2> >(new X509Certificate2[] { }), Logger.Factory.CreateLogger("something"))); Assert.Throws <ArgumentNullException>(() => CertificateHelper.ValidateClientCert(new X509Certificate2(), new X509Chain(), Option.Some <IList <X509Certificate2> >(new X509Certificate2[] { }), null)); }
public void TestValidateCertificateAndChainSucceeds() { var notBefore = DateTime.Now.Subtract(TimeSpan.FromDays(2)); var notAfter = DateTime.Now.AddYears(1); var caCert = TestCertificateHelper.GenerateSelfSignedCert("MyTestCA", notBefore, notAfter, true); var issuedClientCert = TestCertificateHelper.GenerateCertificate("MyIssuedTestClient", notBefore, notAfter, caCert, false, null, null); Assert.True(CertificateHelper.ValidateClientCert(issuedClientCert, new List <X509Certificate2>() { caCert }, Option.None <IList <X509Certificate2> >(), Logger.Factory.CreateLogger("something"))); }
public void TestIfCACertificate() { var notBefore = DateTime.Now.Subtract(TimeSpan.FromDays(2)); var notAfter = DateTime.Now.AddYears(1); var(caCert, caKeyPair) = TestCertificateHelper.GenerateSelfSignedCert("MyTestCA", notBefore, notAfter, true); Assert.True(CertificateHelper.IsCACertificate(caCert)); var(clientCert, clientKeyPair) = TestCertificateHelper.GenerateSelfSignedCert("MyTestClient", notBefore, notAfter, false); Assert.False(CertificateHelper.IsCACertificate(clientCert)); var(issuedClientCert, issuedClientKeyPair) = TestCertificateHelper.GenerateCertificate("MyIssuedTestClient", notBefore, notAfter, caCert, caKeyPair, false, null, null); Assert.False(CertificateHelper.IsCACertificate(issuedClientCert)); }
public void ParseCertificatesResponseInvalidKeyShouldThrow() { var response = new CertificateResponse() { Certificate = TestCertificateHelper.CertificatePem, Expiration = DateTime.UtcNow.AddDays(1), PrivateKey = new PrivateKey() { Bytes = "InvalidKey" } }; Assert.Throws <InvalidOperationException>(() => CertificateHelper.ParseCertificateResponse(response)); }
public void ParseMultipleCertificateAndKeyShouldReturnCertAndKey() { TestCertificateHelper.GenerateSelfSignedCert("top secret").Export(X509ContentType.Cert); string certificate = $"{TestCertificateHelper.CertificatePem}\n{TestCertificateHelper.CertificatePem}"; (X509Certificate2 cert, IEnumerable <X509Certificate2> chain) = CertificateHelper.ParseCertificateAndKey(certificate, TestCertificateHelper.PrivateKeyPemPkcs8); var expected = new X509Certificate2(Encoding.UTF8.GetBytes(TestCertificateHelper.CertificatePem)); Assert.Equal(expected, cert); Assert.True(cert.HasPrivateKey); Assert.Single(chain); Assert.Equal(expected, chain.First()); }
public void TestValidateTrustedCACertificateAndEmptyChainFails() { var notBefore = DateTime.Now.Subtract(TimeSpan.FromDays(2)); var notAfter = DateTime.Now.AddYears(1); var(caCert, caKeyPair) = TestCertificateHelper.GenerateSelfSignedCert("MyTestCA", notBefore, notAfter, true); var(issuedClientCert, issuedClientKeyPair) = TestCertificateHelper.GenerateCertificate("MyIssuedTestClient", notBefore, notAfter, caCert, caKeyPair, false, null, null); IList <X509Certificate2> trustedCACerts = new List <X509Certificate2>() { caCert }; Assert.False(CertificateHelper.ValidateClientCert(issuedClientCert, new List <X509Certificate2>() { }, Option.Some(trustedCACerts), Logger.Factory.CreateLogger("something"))); }
public void ParseCertificatesResponseShouldReturnCert() { TestCertificateHelper.GenerateSelfSignedCert("top secret").Export(X509ContentType.Cert); var response = new ServerCertificateResponse() { Certificate = $"{TestCertificateHelper.CertificatePem}\n{TestCertificateHelper.CertificatePem}", PrivateKey = TestCertificateHelper.PrivateKeyPem }; (X509Certificate2 cert, IEnumerable <X509Certificate2> chain) = CertificateHelper.ParseCertificateResponse(response); var expected = new X509Certificate2(Encoding.UTF8.GetBytes(TestCertificateHelper.CertificatePem)); Assert.Equal(expected, cert); Assert.True(cert.HasPrivateKey); Assert.Single(chain); Assert.Equal(expected, chain.First()); }
public void ParseCertificatesResponseShouldReturnCert() { TestCertificateHelper.GenerateSelfSignedCert("top secret").Export(X509ContentType.Cert); var response = new CertificateResponse() { Certificate = $"{TestCertificateHelper.CertificatePem}\n{TestCertificateHelper.CertificatePem}", Expiration = DateTime.UtcNow.AddDays(1), PrivateKey = new PrivateKey() { Bytes = TestCertificateHelper.PrivateKeyPem } }; (X509Certificate2 cert, IEnumerable <X509Certificate2> chain) = CertificateHelper.ParseCertificateResponse(response); var expected = new X509Certificate2(Encoding.UTF8.GetBytes(TestCertificateHelper.CertificatePem)); Assert.Equal(expected, cert); Assert.True(cert.HasPrivateKey); Assert.Equal(chain.Count(), 1); Assert.Equal(expected, chain.First()); }
public void ExtractCertsNullArgumentFails() { Assert.Throws <ArgumentException>(() => CertificateHelper.ExtractCertsFromPem(null)); Assert.Throws <ArgumentException>(() => CertificateHelper.ExtractCertsFromPem(string.Empty)); }
public void ValidateCertNullArgumentsThrows() { Assert.Throws <ArgumentNullException>(() => CertificateHelper.ValidateCert(null, new X509Certificate2[] { }, new X509Certificate2[] { })); Assert.Throws <ArgumentNullException>(() => CertificateHelper.ValidateCert(new X509Certificate2(), null, new X509Certificate2[] { })); Assert.Throws <ArgumentNullException>(() => CertificateHelper.ValidateCert(new X509Certificate2(), new X509Certificate2[] { }, null)); }
public void GetCertsAtPathNullArgumentFails() { Assert.Throws <ArgumentException>(() => CertificateHelper.GetCertsAtPath(null)); Assert.Throws <ArgumentException>(() => CertificateHelper.GetCertsAtPath("")); }
public void GetThumbprintNullCertThrows() { Assert.Throws <ArgumentNullException>(() => CertificateHelper.GetSha256Thumbprint(null)); }
public void ParseTrustBundleNullResponseRaisesException() { string response = null; Assert.Throws <ArgumentNullException>(() => CertificateHelper.ParseTrustedBundleCerts(response)); }