public void CertificateTrustManager_ShouldNotTrustIfNotValid()
{
var pkcs12 = CertificateUtils.CreateCert("localhost", DateTime.Now.AddYears(-1), DateTime.Now.AddDays(-1),
null, null, null);
Server.RestartServerWithCertificate(pkcs12);
VerifyFailure(Server.BoltUri, new CertificateTrustManager(true, new[] { pkcs12.GetDotnetCertificate() }));
}
public async Task CertificateTrustManager_ShouldNotTrustIfCertificateIsNotTrusted()
{
var pkcs12Untrusted = CertificateUtils.CreateCert("localhost", DateTime.Now.AddYears(-1),
DateTime.Now.AddYears(1),
null, null, null);
await VerifyFailure(Server.BoltUri,
new CertificateTrustManager(true, new[] { pkcs12Untrusted.GetDotnetCertificate() }));
}
public void InsecureTrustManager_ShouldTrustIfHostnameDiffersWhenHostnameVerificationIsDisabled()
{
var pkcs12 = CertificateUtils.CreateCert("localhost", DateTime.Now.AddYears(-1), DateTime.Now.AddYears(1),
null, null, null);
Server.RestartServerWithCertificate(pkcs12);
VerifySuccess(new Uri("bolt://another.host.domain:7687"), new InsecureTrustManager(false));
}
public void InsecureTrustManager_ShouldNotTrustIfHostnameDiffers()
{
var pkcs12 = CertificateUtils.CreateCert("localhost", DateTime.Now.AddYears(-1), DateTime.Now.AddYears(1),
null, null, null);
Server.RestartServerWithCertificate(pkcs12);
VerifyFailure(new Uri("bolt://another.host.domain:7687"), new InsecureTrustManager(true));
}
public void InsecureTrustManager_ShouldTrust()
{
var pkcs12 = CertificateUtils.CreateCert("localhost", DateTime.Now.AddYears(-1), DateTime.Now.AddYears(1),
null, null, null);
Server.RestartServerWithCertificate(pkcs12);
VerifySuccess(Server.BoltUri, new InsecureTrustManager(true));
}
public CertificateTrustIntegrationTestFixture()
{
if (!BoltkitHelper.IsBoltkitAvailable())
{
return;
}
try
{
Pkcs12 = CertificateUtils.CreateCert("localhost", DateTime.Now.AddYears(-1), DateTime.Now.AddYears(1),
null, null, null);
StandAlone = new StandAlone(Pkcs12);
}
catch (Exception)
{
Dispose();
throw;
}
}
private void buttonCreate_Click(object sender, EventArgs e)
{
DialogResult = DialogResult.OK;
int rsaKeySize = 0;
if (radioButtonSimpleCN.Checked && String.IsNullOrWhiteSpace(textBoxCN.Text))
{
MessageBox.Show(this, CANAPE.Properties.Resources.CreateCertForm_MustSpecifyCN,
CANAPE.Properties.Resources.MessageBox_ErrorString, MessageBoxButtons.OK, MessageBoxIcon.Error);
}
else if (radioButtonTemplate.Checked && _templateCert == null)
{
MessageBox.Show(this, CANAPE.Properties.Resources.CreateCertForm_MustSpecifyTemplate,
CANAPE.Properties.Resources.MessageBox_ErrorString, MessageBoxButtons.OK, MessageBoxIcon.Error);
}
else if (radioButtonSpecifyCA.Checked && _specifyCert == null)
{
MessageBox.Show(this, CANAPE.Properties.Resources.CreateCertForm_MustSpecifyCA,
CANAPE.Properties.Resources.MessageBox_ErrorString, MessageBoxButtons.OK, MessageBoxIcon.Error);
}
else if (!int.TryParse(comboBoxRsaKeySize.Text, out rsaKeySize))
{
MessageBox.Show(this, CANAPE.Properties.Resources.CreateCertForm_MustSpecifyAValidRSAKeySize,
CANAPE.Properties.Resources.MessageBox_ErrorString, MessageBoxButtons.OK, MessageBoxIcon.Error);
}
else
{
try
{
X509Certificate2 rootCert = null;
if (radioButtonSpecifyCA.Checked)
{
rootCert = _specifyCert;
}
else if (radioButtonDefaultCA.Checked)
{
rootCert = CertManager.GetRootCert();
}
else
{
// Self signed
}
if (radioButtonTemplate.Checked)
{
Certificate = CertificateUtils.CloneAndSignCertificate(_templateCert, rootCert, false, rsaKeySize, (CertificateHashAlgorithm)comboBoxHash.SelectedItem);
}
else
{
X509ExtensionCollection exts = new X509ExtensionCollection();
if (checkBoxCA.Checked)
{
exts.Add(new X509BasicConstraintsExtension(true, false, 0, true));
}
DateTime notBefore = DateTime.Now.Subtract(TimeSpan.FromDays(1));
Certificate = CertificateUtils.CreateCert(rootCert,
new X500DistinguishedName(radioButtonSubject.Checked ? textBoxCN.Text : String.Format("CN={0}", textBoxCN.Text)), null, false, rsaKeySize,
(CertificateHashAlgorithm)comboBoxHash.SelectedItem, notBefore, notBefore.AddYears(10), exts);
}
}
catch (Win32Exception ex)
{
MessageBox.Show(ex.Message, CANAPE.Properties.Resources.MessageBox_ErrorString,
MessageBoxButtons.OK, MessageBoxIcon.Error);
}
catch (CryptographicException ex)
{
MessageBox.Show(ex.Message, CANAPE.Properties.Resources.MessageBox_ErrorString,
MessageBoxButtons.OK, MessageBoxIcon.Error);
}
}
}