public async Task VerifyAppCertDirectoryStore()
{
var appCertificate = GetTestCert();
Assert.NotNull(appCertificate);
Assert.True(appCertificate.HasPrivateKey);
string password = Guid.NewGuid().ToString();
// pki directory root for app cert
var pkiRoot = Path.GetTempPath() + Path.GetRandomFileName() + Path.DirectorySeparatorChar;
var storePath = pkiRoot + "own";
var storeType = CertificateStoreType.Directory;
appCertificate.AddToStore(
storeType, storePath, password
);
using (var publicKey = new X509Certificate2(appCertificate.RawData))
{
Assert.NotNull(publicKey);
Assert.False(publicKey.HasPrivateKey);
var id = new CertificateIdentifier()
{
Thumbprint = publicKey.Thumbprint,
StorePath = storePath,
StoreType = storeType
};
{
// check no password fails to load
var nullKey = await id.LoadPrivateKey(null).ConfigureAwait(false);
Assert.IsNull(nullKey);
}
{
// check invalid password fails to load
var nullKey = await id.LoadPrivateKey("123").ConfigureAwait(false);
Assert.IsNull(nullKey);
}
{
// check invalid password fails to load
var nullKey = await id.LoadPrivateKeyEx(new CertificatePasswordProvider("123")).ConfigureAwait(false);
Assert.IsNull(nullKey);
}
var privateKey = await id.LoadPrivateKeyEx(new CertificatePasswordProvider(password)).ConfigureAwait(false);
Assert.NotNull(privateKey);
Assert.True(privateKey.HasPrivateKey);
X509Utils.VerifyRSAKeyPair(publicKey, privateKey, true);
using (ICertificateStore store = Opc.Ua.CertificateStoreIdentifier.CreateStore(storeType))
{
store.Open(storePath);
await store.Delete(publicKey.Thumbprint).ConfigureAwait(false);
}
}
}
