public void ShouldDenyMissingCert() { const string fingerPrint = "ED:40:5C:C9:E2:71:44:11:78:47:1C:09:6F:28:2E:B5:F9:4D:6E:CE:90:BC:64:5B:ED:9A:46:1F:20:E2:EE:4E"; const string url = "https://foo.bar"; var tti = new TalkToIngress(url + "/api/ingress/influx", fingerPrint); bool certVerifyResult = tti.PinPublicKey(new object(), null, null, SslPolicyErrors.None); Assert.False(certVerifyResult, "Fingerprint is invalid"); }
public void ShouldVerifyCorrectFingerprint() { const string fingerPrint = "ED:40:5C:C9:E2:71:44:11:78:47:1C:09:6F:28:2E:B5:F9:4D:6E:CE:90:BC:64:5B:ED:9A:46:1F:20:E2:EE:4E"; const string url = "https://foo.bar"; var certMock = new Mock <X509Certificate>(MockBehavior.Loose); certMock.Setup( x => x.GetCertHashString(It.Is <HashAlgorithmName>(alg => alg == HashAlgorithmName.SHA256))) .Returns(fingerPrint.Replace(":", string.Empty).ToUpperInvariant()) .Verifiable(); var tti = new TalkToIngress(url + "/api/ingress/influx", fingerPrint); bool certVerifyResult = tti.PinPublicKey(new object(), certMock.Object, null, SslPolicyErrors.None); certMock.Verify(); Assert.True(certVerifyResult, "Fingerprint is valid"); }