public static bool Test(string[] args)
{
bool bRes = true;
// figure out the data file name
string filename = "Certificates.xml";
if (args.Length != 0)
{
filename = args[0];
}
// create an xml dirver object
XmlDriver xd = new XmlDriver(filename);
CertificateInfo[] certs = xd.Certificates;
foreach (CertificateInfo ci in certs)
{
Console.WriteLine("* Working with " + ci.FileName + " (encoding = " + ci.Encoding + ") *");
if (!TestCert(ci))
{
Console.WriteLine("ERROR");
bRes = false;
}
else
{
Console.WriteLine("OK");
}
}
return(bRes);
}
private static void InitRepositories()
{
var driver = new XmlDriver();
var _context = SimpleRepositoryContext.Of();
_context.Set <Role, IRoleRepository>(new RoleRepository(driver));
_context.Set <RoleAdmin, IRoleAdminRepository>(new RoleAdminRepository(driver));
_context.Set <Admin, IAdminRepository>(new AdminRepository(driver));
_context.Set <Ticket, ITicketRepository>(new TicketRepository(driver));
_context.Set <User, IUserRepository>(new UserRepository(driver));
_context.Set <VPS, IVpsRepository>(new VpsRepository(driver));
}
public static bool Test(string[] args)
{
bool bRes = true;
// figure out the data file name
string filename = "Certificates.xml";
if (args.Length != 0) filename = args[0];
// create an xml dirver object
XmlDriver xd = new XmlDriver(filename);
CertificateInfo[] certs = xd.Certificates;
foreach(CertificateInfo ci in certs)
{
Console.WriteLine("* Working with " + ci.FileName + " (encoding = " + ci.Encoding + ") *" );
if (!TestCert(ci)) {
Console.WriteLine("ERROR");
bRes = false;
} else {
Console.WriteLine("OK");
}
}
return bRes;
}
//
// Returns true is all available data in CertificateInfo matches the corresponding data in X509Certificate2 object
//
public bool Matches(X509Certificate2 cert)
{
bool bRes = true;
if (PrivateKeyFile != null)
{
// TODO: implement
}
// get the public key
PublicKey pk = cert.PublicKey;
// compare the algorithm if available
if (!CompareStrings(pk.Oid.Value, PublicKeyAlg))
{
Log.Comment("Public key algorithm mismatch (1): " + pk.Oid.Value + " != " + PublicKeyAlg);
bRes = false;
}
if (!CompareStrings(cert.GetKeyAlgorithm(), PublicKeyAlg))
{
Log.Comment("Public key algorithm mismatch (2): " + cert.GetKeyAlgorithm() + " != " + PublicKeyAlg);
bRes = false;
}
// compare the public key blob
if (PublicKeyBlob != null)
{
if (!XmlDriver.Compare(pk.EncodedKeyValue.RawData, PublicKeyBlob))
{
Log.Comment("Public key blob mismatch: " + "\n" +
BitConverter.ToString(pk.EncodedKeyValue.RawData) + " != " +
BitConverter.ToString(PublicKeyBlob));
bRes = false;
}
}
// compare the private key
// TODO: enhance, compare the actual value
// The idea for now is that if there is a password that means there is a private key
if (Password != null)
{
if (cert.PrivateKey == null)
{
Log.Comment("BAD: PrivateKey is null");
bRes = false;
}
else
{
Log.Comment("Private Key is there - " + cert.PrivateKey);
}
}
// compare the version
if (Version != -1)
{
if (cert.Version != Version)
{
Log.Comment("Version mismatch: " + cert.Version + " != " + Version);
bRes = false;
}
}
// compare the subject
if (Subject != null)
{
if (!CompareStrings(cert.SubjectName.Name, Subject))
{
Log.Comment("Subject mismatch: " + cert.SubjectName.Name + " != " + Subject);
bRes = false;
}
}
// compare the Issuer
if (Issuer != null)
{
if (!CompareStrings(cert.IssuerName.Name, Issuer))
{
Log.Comment("Issuer mismatch: " + cert.IssuerName.Name + " != " + Issuer);
bRes = false;
}
}
// compare the serial number
if (SerialNumber != null)
{
if (!CompareStrings(cert.SerialNumber, SerialNumber))
{
Log.Comment("Serial number mismatch: " + cert.SerialNumber + " != " + SerialNumber);
bRes = false;
}
}
// compare the NotBefore
if (NotBefore != DateTime.MinValue)
{
if (cert.NotBefore.CompareTo(NotBefore) != 0)
{
Log.Comment("NotBefore mismatch: " + cert.NotBefore + " != " + NotBefore);
bRes = false;
}
}
// compare the NotAfter
if (NotAfter != DateTime.MinValue)
{
if (cert.NotAfter.CompareTo(NotAfter) != 0)
{
Log.Comment("NotAfter mismatch: " + cert.NotAfter + " != " + NotAfter);
bRes = false;
}
}
// compare the signature algorithm
if (SignatureAlg != null)
{
if (!CompareStrings(cert.SignatureAlgorithm.FriendlyName, SignatureAlg))
{
Log.Comment("Signature algorithm mismatch: " + cert.SignatureAlgorithm.FriendlyName + " != " + SignatureAlg);
bRes = false;
}
}
// compare the thumbprint
if (Thumbprint != null)
{
if (!CompareStrings(cert.Thumbprint.ToLower(), Thumbprint.ToLower()))
{
Log.Comment("Thumbprint mismatch: " + cert.Thumbprint + " != " + Thumbprint);
bRes = false;
}
}
// compare the ToString baselines
/* if (ToStringBaseLine != null)
* // if ( (cert.ToString().Replace("\0", "").Replace( " " , "" ).Replace("\n", "").Trim()
* // != ToStringBaseLine.Replace( " " , "" ) )) // || (cert.ToString(false).Trim() != ToStringBaseLine) )
* if( !CompareToStrings( cert.ToString() , ToStringBaseLine ) )
* {
* Log.Comment("ToString() baseline mismatch: " + "\n" +
* cert.ToString().Replace("\0", "").Replace("\n", "").Trim() + "\n" +
* " != " + "\n" +
* ToStringBaseLine);
* bRes = false;
* }*/
if (ToStringVerboseBaseLine != null)
{
// if (cert.ToString(true).Replace("\0", "").Replace("\n\n", "\n").Replace("\n", "").Trim()
// != ToStringVerboseBaseLine)
if (!CompareToStrings(ToStringVerboseBaseLine, cert.ToString(true)))
{
Log.Comment("ToString(true) baseline mismatch: " + "\n" +
cert.ToString(true).Replace("\0", "").Replace("\n", "").Trim() + "\n" +
" != " + "\n" +
ToStringVerboseBaseLine);
bRes = false;
}
}
// TODO: Thumbprint Alg comparions if we get a property for it
// compare extensions
ArrayList alCertExt = new ArrayList();
foreach (X509Extension ext in cert.Extensions)
{
ExtensionInfo ei = null;
if (ext is X509KeyUsageExtension)
{
ei = new ExtensionInfo("KeyUsage", DumpFlags(typeof(X509KeyUsageFlags), ((X509KeyUsageExtension)ext).KeyUsages));
ei.Data += "(" + (((byte)((X509KeyUsageExtension)ext).KeyUsages)).ToString("X").ToLower() + ")";
}
else
if (ext is X509BasicConstraintsExtension)
{
X509BasicConstraintsExtension bce = (X509BasicConstraintsExtension)ext;
string data = bce.CertificateAuthority.ToString() + ", " +
bce.HasPathLengthConstraint + ", " +
bce.PathLengthConstraint;
ei = new ExtensionInfo("BasicConstraints", data);
}
else
if (ext is X509EnhancedKeyUsageExtension)
{
OidCollection oids = ((X509EnhancedKeyUsageExtension)ext).EnhancedKeyUsages;
string data = "";
foreach (Oid oid in oids)
{
data += oid.FriendlyName + " (" + oid.Value + "), ";
}
data = data.Substring(0, data.Length - 1); //.Replace("-", "");
ei = new ExtensionInfo("EnhancedKeyUsage", data);
}
else
if (ext is X509SubjectKeyIdentifierExtension)
{
ei = new ExtensionInfo("SubjectKeyIdentifier", ((X509SubjectKeyIdentifierExtension)ext).SubjectKeyIdentifier.ToLower());
}
else
{
ei = new ExtensionInfo(ext.Oid.FriendlyName, ext.Format(false));
}
alCertExt.Add(ei);
}
if (false == CompareKeyExtensions(Extentions, (ExtensionInfo[])alCertExt.ToArray(typeof(ExtensionInfo))))
{
Log.Comment("Key extensions mismatch.");
bRes = false;
}
return(bRes);
}
