public void HaveMaterials()
{
BluePrint.HasMaterials(new ItemCollection()).ShouldBe(false);
var itemCollection = new ItemCollection(initialContents: BluePrint.Materials.Build());
BluePrint.HasMaterials(itemCollection).ShouldBe(true);
var c1 = new[] {new ItemState() {Code = ItemCode.LightFrigate, Quantity = 1}};
itemCollection = new ItemCollection(initialContents: c1.Build());
BluePrint.HasMaterials(itemCollection).ShouldBe(false);
var c2 = new[] {new ItemState() {Code = ItemCode.Veldnium, Quantity = 5}};
itemCollection = new ItemCollection(initialContents: c2.Build());
BluePrint.HasMaterials(itemCollection).ShouldBe(false);
var c3 = new[] {new ItemState() {Code = ItemCode.Veldnium, Quantity = 5}, new ItemState() {Code = ItemCode.Veldnium, Quantity = 5}};
itemCollection = new ItemCollection(initialContents: c3.Build());
BluePrint.HasMaterials(itemCollection).ShouldBe(true);
}
/// <summary>
/// Validates the web certificates.
/// </summary>
/// <returns>
/// <c>true</c>, if web certificates was validated, <c>false</c> otherwise.
/// </returns>
/// <param name='sender'>
/// <c>Object</c> usually parsed as WebRequest or HttpWebRequest.
/// </param>
/// <param name='endCert'>
/// Certificate consumed in the request.
/// </param>
/// <param name='chain'>
/// Certificate chain total or partial.
/// </param>
/// <param name='Errors'>
/// Policy errors found during the chain build process.
/// </param>
public static bool ValidateWebCertificates(Object sender, System.Security.Cryptography.X509Certificates.X509Certificate endCert, System.Security.Cryptography.X509Certificates.X509Chain chain, SslPolicyErrors Errors)
{
var request = sender as WebRequest;
string requestUri = request.RequestUri.ToString();
SystemLogger.Log (SystemLogger.Module.PLATFORM, "*************** Certificate Validation");
bool bErrorsFound = false;
try {
X509Certificate BCCert = Org.BouncyCastle.Security.DotNetUtilities.FromX509Certificate (endCert);
if (!CertificateIsTheSame (BCCert)) {
chain.Build (new System.Security.Cryptography.X509Certificates.X509Certificate2 (endCert.GetRawCertData ()));
if(Errors.Equals(SslPolicyErrors.None))
{
if(chain== null || chain.ChainElements== null || chain.ChainElements.Count == 0){
SystemLogger.Log (SystemLogger.Module.PLATFORM, "*************** Certificate Validation. Chain is empty");
bErrorsFound = true;
}else
SystemLogger.Log (SystemLogger.Module.PLATFORM, "*************** Certificate Validation. Chain Element count: " + chain.ChainElements.Count);
if(CertIsSelfSigned(BCCert)){
SystemLogger.Log (SystemLogger.Module.PLATFORM, "*************** Certificate Validation. End Certificate is Self Signed");
bErrorsFound = true;
}else
SystemLogger.Log (SystemLogger.Module.PLATFORM, "*************** Certificate Validation. End Certificate NOT Self Signed");
if(ValidateFingerprints){
SystemLogger.Log (SystemLogger.Module.PLATFORM, "*************** Certificate Validation. VALIDATING Fingerprint");
if(!VerifyFingerprint(endCert, requestUri)){
SystemLogger.Log (SystemLogger.Module.PLATFORM, "*************** Certificate Validation. Invalid Fingerprint");
bErrorsFound = true;
}else
SystemLogger.Log (SystemLogger.Module.PLATFORM, "*************** Certificate Validation. Valid Fingerprint");
}else{
SystemLogger.Log (SystemLogger.Module.PLATFORM, "*************** Certificate Validation. DO NOT validate Fingerprint");
}
if(ValidatePublicKey){
SystemLogger.Log (SystemLogger.Module.PLATFORM, "*************** Certificate Validation. VALIDATING Public Key");
if(!VerifyPublicKey(endCert, requestUri)){
SystemLogger.Log (SystemLogger.Module.PLATFORM, "*************** Certificate Validation. Invalid Public Key");
bErrorsFound = true;
}else
SystemLogger.Log (SystemLogger.Module.PLATFORM, "*************** Certificate Validation. Valid Public Key");
}else{
SystemLogger.Log (SystemLogger.Module.PLATFORM, "*************** Certificate Validation. DO NOT validate Public Key");
}
/*foreach (System.Security.Cryptography.X509Certificates.X509ChainElement cert in chain.ChainElements) {
X509Certificate BCCerto = Org.BouncyCastle.Security.DotNetUtilities.FromX509Certificate (cert.Certificate);
if(CertIsSelfSigned(BCCerto)){
SystemLogger.Log (SystemLogger.Module.PLATFORM, "*************** SELF SIGNED Certificate: CERT NAME " + BCCerto.SubjectDN.ToString() + " ;ID = " + BCCerto.SerialNumber);
if(cert.Certificate.SerialNumber.Equals(chain.ChainElements[chain.ChainElements.Count-1].Certificate.SerialNumber)){
string[] stringSeparators = new string[] {";"};
string[] valids = _VALIDROOTAUTHORITIES.Split(stringSeparators, StringSplitOptions.RemoveEmptyEntries);
foreach(String validRoot in valids){
SystemLogger.Log (SystemLogger.Module.PLATFORM, "*************** SELF SIGNED Certificate check ["+validRoot+"]: "+cert.Certificate.SerialNumber+":"+chain.ChainElements[chain.ChainElements.Count-1].Certificate.SerialNumber);
if(BCCerto.SubjectDN.ToString().Contains(validRoot)){
bErrorsFound = false;
} else {
bErrorsFound = true;
}
}
}else {
bErrorsFound = true;
}
}else{
SystemLogger.Log (SystemLogger.Module.PLATFORM, "*************** CERT NAME " + BCCerto.SubjectDN.ToString() + " ;ID = " + BCCerto.SerialNumber);
}
if(!CertIsValidNow(BCCerto)) bErrorsFound = true;
}*/
//if (chain.ChainElements.Count > 1 && !VerifyCertificateOCSP(chain)) bCertIsOk = true;
//if (chain.ChainElements.Count > 1) bCertIsOk = true;
// DO NOT check OCSP revocation URLs. The time consuming this is expensive.
// TODO make this configurable and asynchronously in the case of enabled
// !VerifyCertificateOCSP(chain) ---> ASYNC
SystemLogger.Log (SystemLogger.Module.PLATFORM, "*************** OCSP Verification (certificate revocation check) is DISABLED for this build");
if (!bErrorsFound) {
myCertificateList.Add (BCCert.GetHashCode(), DateTime.Now);
SystemLogger.Log (SystemLogger.Module.PLATFORM, "*************** Certificate Validation. Valid Certificate");
return true;
} else{
SystemLogger.Log (SystemLogger.Module.PLATFORM, "*************** Certificate Validation. Invalid Certificate");
return false;
}
}else if(Errors.Equals(SslPolicyErrors.RemoteCertificateChainErrors)){
SystemLogger.Log (SystemLogger.Module.PLATFORM, "*************** Certificate Validation: Errors found in the certificate chain.");
SystemLogger.Log (SystemLogger.Module.PLATFORM, "*************** Certificate Validation: Checking chain status information for each element in the chain");
foreach (System.Security.Cryptography.X509Certificates.X509ChainElement element in chain.ChainElements)
{
SystemLogger.Log (SystemLogger.Module.PLATFORM, "*************** Certificate Validation: Checking chain element... " + element.Information);
if (chain.ChainStatus!=null && chain.ChainStatus.Length >= 0)
{
SystemLogger.Log (SystemLogger.Module.PLATFORM, "*************** Certificate Validation: Chain Status array is not empty");
for (int index = 0; index < element.ChainElementStatus.Length; index++)
{
SystemLogger.Log (SystemLogger.Module.PLATFORM, "*************** Certificate Validation: chain element status: "
+ element.ChainElementStatus[index].Status);
SystemLogger.Log (SystemLogger.Module.PLATFORM, "*************** Certificate Validation: chain element status information: "
+ element.ChainElementStatus[index].StatusInformation);
}
}
}
}
else if(Errors.Equals(SslPolicyErrors.RemoteCertificateNameMismatch)){
SystemLogger.Log (SystemLogger.Module.PLATFORM, "*************** Certificate Validation: The certificate contains errors.");
}
else if(Errors.Equals(SslPolicyErrors.RemoteCertificateNotAvailable)){
SystemLogger.Log (SystemLogger.Module.PLATFORM, "*************** Certificate Validation: The certificate is not available");
}
SystemLogger.Log (SystemLogger.Module.PLATFORM, "*************** Certificate Validation. Policy Errors: " + Errors);
return false;
} else{ //Trusted certificate
SystemLogger.Log (SystemLogger.Module.PLATFORM, "*************** Certificate Validation. Trusted Certificate");
return true;
}
} catch (Exception e) {
SystemLogger.Log (SystemLogger.Module.PLATFORM, "*************** Certificate Validation: Unhandled exception: " + e.Message);
return false;
}
}
/// <summary>
/// Validates the web certificates.
/// </summary>
/// <returns>
/// <c>true</c>, if web certificates was validated, <c>false</c> otherwise.
/// </returns>
/// <param name='sender'>
/// <c>Object</c> usually parsed as WebRequest or HttpWebRequest.
/// </param>
/// <param name='endCert'>
/// Certificate consumed in the request.
/// </param>
/// <param name='chain'>
/// Certificate chain total or partial.
/// </param>
/// <param name='Errors'>
/// Policy errors found during the chain build process.
/// </param>
public static bool ValidateWebCertificates(Object sender, System.Security.Cryptography.X509Certificates.X509Certificate endCert, System.Security.Cryptography.X509Certificates.X509Chain chain, SslPolicyErrors Errors)
{
SystemLogger.Log (SystemLogger.Module.PLATFORM, "*************** Certificate Validation");
try {
X509Certificate BCCert = Org.BouncyCastle.Security.DotNetUtilities.FromX509Certificate (endCert);
if (!CertificateIsTheSame (BCCert)) {
chain.Build (new System.Security.Cryptography.X509Certificates.X509Certificate2 (endCert.GetRawCertData ()));
if(Errors.Equals(SslPolicyErrors.None))
{
if(chain== null || chain.ChainElements== null || chain.ChainElements.Count==0)
SystemLogger.Log (SystemLogger.Module.PLATFORM, "*************** Certificate Validation. Chain is empty");
bool bCertIsOk = false;
if (CertIsValidNow (BCCert))
if (chain.ChainElements.Count > 1 && !VerifyCertificateOCSP(chain)) bCertIsOk = true;
if (bCertIsOk) {
myCertificateList.Add (BCCert.GetHashCode(), DateTime.Now);
SystemLogger.Log (SystemLogger.Module.PLATFORM, "*************** Certificate Validation. Valid Certificate");
return true;
} else{
SystemLogger.Log (SystemLogger.Module.PLATFORM, "*************** Certificate Validation. Invalid Certificate");
return false;
}
}else if(Errors.Equals(SslPolicyErrors.RemoteCertificateChainErrors)){
SystemLogger.Log (SystemLogger.Module.PLATFORM, "*************** Certificate Validation: Errors found in the certificate chain.");
}
else if(Errors.Equals(SslPolicyErrors.RemoteCertificateNameMismatch)){
SystemLogger.Log (SystemLogger.Module.PLATFORM, "*************** Certificate Validation: The certificate contains errors.");
}
else if(Errors.Equals(SslPolicyErrors.RemoteCertificateNotAvailable)){
SystemLogger.Log (SystemLogger.Module.PLATFORM, "*************** Certificate Validation: The certificate is not available");
}
SystemLogger.Log (SystemLogger.Module.PLATFORM, "*************** Certificate Validation. Policy Errors: " + Errors);
return false;
} else{ //Trusted certificate
SystemLogger.Log (SystemLogger.Module.PLATFORM, "*************** Certificate Validation. Trusted Certificate");
return true;
}
} catch (Exception e) {
SystemLogger.Log (SystemLogger.Module.PLATFORM, "*************** Certificate Validation: Unhandled exception: " + e.Message);
return false;
}
}