public void CreatePublicationsFileFromFileWithOu() { using (FileStream stream = new FileStream(Path.Combine(TestSetup.LocalPath, Resources.KsiPublicationsFile), FileMode.Open, FileAccess.Read)) { new PublicationsFileFactory(new PkiTrustStoreProvider(new X509Store(StoreName.Root), CryptoTestFactory.CreateCertificateSubjectRdnSelector("OU=Verified Email: [email protected]"))).Create(stream); } }
public void TestDataHasherWithAlgorithmNull() { ArgumentNullException ex = Assert.Throws <ArgumentNullException>(delegate { CryptoTestFactory.CreateDataHasher(null); }); Assert.AreEqual("algorithm", ex.ParamName); }
public void TestDataHasherWithRipemd160Algorithm() { IDataHasher hasher = CryptoTestFactory.CreateDataHasher(HashAlgorithm.Ripemd160); Assert.AreEqual(HashAlgorithm.Ripemd160.Length, hasher.GetHash().Value.Length, "Hash length should be correct"); byte[] bytes = new byte[hasher.GetHash().Value.Length]; hasher.GetHash().Value.CopyTo(bytes, 0); Assert.AreEqual("9C-11-85-A5-C5-E9-FC-54-61-28-08-97-7E-E8-F5-48-B2-25-8D-31", BitConverter.ToString(bytes), "Hash value should be calculated correctly"); }
public void PkiTrustStoreProviderVerifyWithRootTest() { PkiTrustStoreProvider trustStoreProvider = new PkiTrustStoreProvider(new X509Store(StoreName.Root), CryptoTestFactory.CreateCertificateSubjectRdnSelector("[email protected]")); PublicationsFile publicationsFile = TestUtil.GetPublicationsFile(Resources.KsiPublicationsFile); trustStoreProvider.Verify(publicationsFile.GetSignedBytes(), publicationsFile.GetSignatureValue()); }
public void TestDataHasherWithAlgorithmNotImplemented() { HashingException ex = Assert.Throws <HashingException>(delegate { CryptoTestFactory.CreateDataHasher(HashAlgorithm.Sha3256); }); Assert.That(ex.Message, Does.StartWith("Hash algorithm(SHA3-256) is not supported")); }
public void TestDataHasherWithNullICollection() { IDataHasher hasher = CryptoTestFactory.CreateDataHasher(); ArgumentNullException ex = Assert.Throws <ArgumentNullException>(delegate { hasher.AddData((byte[])null); }); Assert.AreEqual("data", ex.ParamName); }
public void TestDataHasherWithNullStream() { IDataHasher hasher = CryptoTestFactory.CreateDataHasher(); ArgumentNullException ex = Assert.Throws <ArgumentNullException>(delegate { hasher.AddData((Stream)null); }); Assert.AreEqual("inStream", ex.ParamName); }
public void CreatePublicationsFileWithBytesNull() { ArgumentNullException ex = Assert.Throws <ArgumentNullException>(delegate { new PublicationsFileFactory(new PkiTrustStoreProvider(new X509Store(StoreName.Root), CryptoTestFactory.CreateCertificateSubjectRdnSelector("[email protected]"))).Create((byte[])null); }); Assert.AreEqual("bytes", ex.ParamName, "Unexpected exception."); }
public void TestDataHasherWithDefaultAlgorithmAndEmptyData() { IDataHasher hasher = CryptoTestFactory.CreateDataHasher(); Assert.AreEqual(HashAlgorithm.Sha2256.Length, hasher.GetHash().Value.Length, "Hash length should be correct"); byte[] bytes = new byte[hasher.GetHash().Value.Length]; hasher.GetHash().Value.CopyTo(bytes, 0); Assert.AreEqual("E3-B0-C4-42-98-FC-1C-14-9A-FB-F4-C8-99-6F-B9-24-27-AE-41-E4-64-9B-93-4C-A4-95-99-1B-78-52-B8-55", BitConverter.ToString(bytes), "Hash value should be calculated correctly"); }
private static KsiService GetKsiService() { TestKsiServiceProtocol protocol = new TestKsiServiceProtocol(); return(new KsiService(protocol, new ServiceCredentials("test", "test", HashAlgorithm.Sha2256), protocol, new ServiceCredentials("test", "test", HashAlgorithm.Sha2256), protocol, new PublicationsFileFactory( new PkiTrustStoreProvider(new X509Store(StoreName.Root), CryptoTestFactory.CreateCertificateSubjectRdnSelector("[email protected]"))))); }
public void TestDataHasherWithNullBytesAndNoLength() { IDataHasher hasher = CryptoTestFactory.CreateDataHasher(); ArgumentNullException ex = Assert.Throws <ArgumentNullException>(delegate { hasher.AddData(null, 0, 0); }); Assert.AreEqual("data", ex.ParamName); }
public IKsiService GetPublicationsFileService(byte[] requestResult = null) { return(new TestKsiService( null, null, null, null, new TestKsiServiceProtocol { PublicationsFileBytes = requestResult }, new PublicationsFileFactory( new PkiTrustStoreProvider(new X509Store(StoreName.Root), CryptoTestFactory.CreateCertificateSubjectRdnSelector("[email protected]"))), 0, PduVersion.v1)); }
public void PkiTrustStoreProviderVerifyCustomCertTest() { // test verify with custom cert PkiTrustStoreProvider trustStoreProvider = new PkiTrustStoreProvider(TestUtil.CreateCertStore(Resources.PkiTrustProvider_CustomCert), CryptoTestFactory.CreateCertificateSubjectRdnSelector("[email protected]")); PublicationsFile publicationsFile = TestUtil.GetPublicationsFile(Resources.PkiTrustProvider_PubsFileCustomCert); trustStoreProvider.Verify(publicationsFile.GetSignedBytes(), publicationsFile.GetSignatureValue()); }
protected static KsiService GetService(PduVersion version, HashAlgorithm aggregatorHmacAlgo, HashAlgorithm extenderHmacAlgo) { return(new KsiService( new HttpKsiServiceProtocol(Settings.Default.HttpSigningServiceUrl, Settings.Default.HttpExtendingServiceUrl, Settings.Default.HttpPublicationsFileUrl, 10000), new ServiceCredentials(Settings.Default.HttpSigningServiceUser, Settings.Default.HttpSigningServicePass, aggregatorHmacAlgo), new HttpKsiServiceProtocol(Settings.Default.HttpSigningServiceUrl, Settings.Default.HttpExtendingServiceUrl, Settings.Default.HttpPublicationsFileUrl, 10000), new ServiceCredentials(Settings.Default.HttpExtendingServiceUser, Settings.Default.HttpExtendingServicePass, extenderHmacAlgo), new HttpKsiServiceProtocol(Settings.Default.HttpSigningServiceUrl, Settings.Default.HttpExtendingServiceUrl, Settings.Default.HttpPublicationsFileUrl, 10000), new PublicationsFileFactory(new PkiTrustStoreProvider(new X509Store(StoreName.Root), CryptoTestFactory.CreateCertificateSubjectRdnSelector("[email protected]"))), version)); }
public void TestDataHasherWithDefaultAlgorithmAndByteLength() { IDataHasher hasher = CryptoTestFactory.CreateDataHasher(); byte[] data = System.Text.Encoding.UTF8.GetBytes(Resources.DataHasher_TestString); hasher.AddData(data, 0, data.Length); Assert.AreEqual(HashAlgorithm.Sha2256.Length, hasher.GetHash().Value.Length, "Hash length should be correct"); byte[] bytes = new byte[hasher.GetHash().Value.Length]; hasher.GetHash().Value.CopyTo(bytes, 0); Assert.AreEqual("CF-00-FC-3A-72-A2-F7-1C-7D-E2-B7-18-C0-A4-DF-F3-8D-83-C0-E1-95-7E-C2-19-C3-B2-66-F8-CC-38-B9-EA", BitConverter.ToString(bytes), "Hash value should be calculated correctly"); }
public void PkiTrustStoreProviderVerifyWithoutSignedBytes() { PkiTrustStoreProvider trustStoreProvider = new PkiTrustStoreProvider(TestUtil.CreateCertStore(Resources.PkiTrustProvider_IdenTrustCert), CryptoTestFactory.CreateCertificateSubjectRdnSelector("[email protected]")); ArgumentNullException ex = Assert.Throws <ArgumentNullException>(delegate { trustStoreProvider.Verify(null, null); }); Assert.AreEqual("signedBytes", ex.ParamName); }
public void CreatePublicationsFileFromFileWithOidAndInvalidEmail() { using (FileStream stream = new FileStream(Path.Combine(TestSetup.LocalPath, Resources.KsiPublicationsFile), FileMode.Open, FileAccess.Read)) { PublicationsFileException ex = Assert.Throws <PublicationsFileException>(delegate { new PublicationsFileFactory(new PkiTrustStoreProvider(new X509Store(StoreName.Root), CryptoTestFactory.CreateCertificateSubjectRdnSelector("[email protected]"))).Create(stream); }); Assert.That(ex.Message, Does.StartWith("Publications file verification failed.")); } }
public void CreatePublicationsFileFromFileWithEmptyRdn() { using (FileStream stream = new FileStream(Path.Combine(TestSetup.LocalPath, Resources.KsiPublicationsFile), FileMode.Open, FileAccess.Read)) { ArgumentException ex = Assert.Throws <ArgumentException>(delegate { new PublicationsFileFactory(new PkiTrustStoreProvider(new X509Store(StoreName.Root), CryptoTestFactory.CreateCertificateSubjectRdnSelector(""))).Create(stream); }); Assert.That(ex.Message, Does.StartWith("RDN cannot be empty")); } }
protected static KsiService GetHttpKsiServiceWithDefaultPduVersion() { return(new KsiService( GetHttpKsiServiceProtocol(), new ServiceCredentials(Settings.Default.HttpSigningServiceUser, Settings.Default.HttpSigningServicePass, TestUtil.GetHashAlgorithm(Settings.Default.HttpSigningServiceHmacAlgorithm)), GetHttpKsiServiceProtocol(), new ServiceCredentials(Settings.Default.HttpExtendingServiceUser, Settings.Default.HttpExtendingServicePass, TestUtil.GetHashAlgorithm(Settings.Default.HttpExtendingServiceHmacAlgorithm)), GetHttpKsiServiceProtocol(), new PublicationsFileFactory(new PkiTrustStoreProvider(new X509Store(StoreName.Root), CryptoTestFactory.CreateCertificateSubjectRdnSelector("[email protected]"))))); }
public void TestDataHasherWithDefaultAlgorithmAndFileStreamLimitedBuffer() { IDataHasher hasher = CryptoTestFactory.CreateDataHasher(); FileStream stream = new FileStream(Path.Combine(TestSetup.LocalPath, Resources.DataHasher_TestFile), FileMode.Open); hasher.AddData(stream, 1); Assert.AreEqual(HashAlgorithm.Sha2256.Length, hasher.GetHash().Value.Length, "Hash length should be correct"); byte[] bytes = new byte[hasher.GetHash().Value.Length]; hasher.GetHash().Value.CopyTo(bytes, 0); Assert.AreEqual("54-66-E3-CB-A1-4A-84-3A-5E-93-B7-8E-3D-6A-B8-D3-49-1E-DC-AC-7E-06-43-1C-E1-A7-F4-98-28-C3-40-C3", BitConverter.ToString(bytes), "Hash value should be calculated correctly"); stream.Close(); }
public void CreatePublicationsFileFromFileWithMultipleRdns() { using (FileStream stream = new FileStream(Path.Combine(TestSetup.LocalPath, Resources.KsiPublicationsFile), FileMode.Open, FileAccess.Read)) { new PublicationsFileFactory(new PkiTrustStoreProvider(new X509Store(StoreName.Root), CryptoTestFactory.CreateCertificateSubjectRdnSelector(new List <CertificateSubjectRdn> { new CertificateSubjectRdn("1.2.840.113549.1.9.1", "*****@*****.**"), new CertificateSubjectRdn("OU", "Verified Email: [email protected]") }))) .Create(stream); } }
public void CreatePublicationsFileFromFileWithInvalidName() { using (FileStream stream = new FileStream(Path.Combine(TestSetup.LocalPath, Resources.KsiPublicationsFile), FileMode.Open, FileAccess.Read)) { ArgumentException ex = Assert.Throws <ArgumentException>(delegate { new PublicationsFileFactory(new PkiTrustStoreProvider(new X509Store(StoreName.Root), CryptoTestFactory.CreateCertificateSubjectRdnSelector("[email protected]"))).Create(stream); }); // separate error messages for microsoft and bouncycastle crypto Assert.That(ex.Message, Does.StartWith("Invalid RDN:") | Does.Contain("Unknown object id")); } }
public void TestDataHasherWithAddingDataAfterHashHasBeenCalculated() { IDataHasher hasher = CryptoTestFactory.CreateDataHasher(); byte[] data = System.Text.Encoding.UTF8.GetBytes(Resources.DataHasher_TestString); hasher.AddData(data); hasher.GetHash(); HashingException ex = Assert.Throws <HashingException>(delegate { hasher.AddData(data); }); Assert.That(ex.Message, Does.StartWith("Output hash has already been calculated")); }
private static IPublicationsFile GetPublicationsFile(string path, string certPath) { if (string.IsNullOrEmpty(path)) { return(PubsFile); } X509Store certStore = string.IsNullOrEmpty(certPath) ? new X509Store(StoreName.Root) : TestUtil.CreateCertStore(certPath); PublicationsFileFactory factory = new PublicationsFileFactory( new PkiTrustStoreProvider(certStore, CryptoTestFactory.CreateCertificateSubjectRdnSelector("[email protected]"))); return(factory.Create(File.ReadAllBytes(Path.Combine(TestSetup.LocalPath, path)))); }
protected static IKsiService GetStaticKsiService(TestKsiServiceProtocol protocol, ulong requestId = 0, PduVersion pduVersion = PduVersion.v2, HashAlgorithm signingMacAlgorithm = null, HashAlgorithm extendingMacAlgorithm = null) { return (new TestKsiService( protocol, new ServiceCredentials(TestConstants.ServiceUser, TestConstants.ServicePass, signingMacAlgorithm), protocol, new ServiceCredentials(TestConstants.ServiceUser, TestConstants.ServicePass, extendingMacAlgorithm), protocol, new PublicationsFileFactory( new PkiTrustStoreProvider(new X509Store(StoreName.Root), CryptoTestFactory.CreateCertificateSubjectRdnSelector("[email protected]"))), requestId, pduVersion)); }
public void CreateCertificateSubjectRdnSelectorTest() { string typeName = CryptoTestFactory.CreateCertificateSubjectRdnSelector("[email protected]").GetType().FullName; switch (CryptoTestFactory.ProviderType) { case CryptoProviderType.Microsoft: Assert.AreEqual("Guardtime.KSI.Crypto.Microsoft.Crypto.CertificateSubjectRdnSelector", typeName, "Invalid CertificateSubjectRdnSelector type name."); break; case CryptoProviderType.BouncyCastle: Assert.AreEqual("Guardtime.KSI.Crypto.BouncyCastle.Crypto.CertificateSubjectRdnSelector", typeName, "Invalid CertificateSubjectRdnSelector type name."); break; } }
public void CreateDataHasherTest() { string typeName = CryptoTestFactory.CreateDataHasher().GetType().FullName; switch (CryptoTestFactory.ProviderType) { case CryptoProviderType.Microsoft: Assert.AreEqual("Guardtime.KSI.Crypto.Microsoft.Hashing.DataHasher", typeName, "Invalid data hasher type name."); break; case CryptoProviderType.BouncyCastle: Assert.AreEqual("Guardtime.KSI.Crypto.BouncyCastle.Hashing.DataHasher", typeName, "Invalid data hasher type name."); break; } }
public void CreatePublicationsFileFromFileWithInvalidOid() { using (FileStream stream = new FileStream(Path.Combine(TestSetup.LocalPath, Resources.KsiPublicationsFile), FileMode.Open, FileAccess.Read)) { ArgumentException ex = Assert.Throws <ArgumentException>(delegate { new PublicationsFileFactory(new PkiTrustStoreProvider(new X509Store(StoreName.Root), CryptoTestFactory.CreateCertificateSubjectRdnSelector(new List <CertificateSubjectRdn> { new CertificateSubjectRdn("1.2.840.113549.1.9.1X", "*****@*****.**") }))) .Create(stream); }); Assert.That(ex.Message, Does.StartWith("Rdn contains invalid Oid or Value.")); } }
private static IVerificationContext GetVerificationContext(TestingRow testingRow, IKsiSignature signature, string testDataDir, bool setUserPublication = false) { IPublicationsFile publicationsFile = null; IKsiService service; if (!setUserPublication) { publicationsFile = GetPublicationsFile(string.IsNullOrEmpty(testingRow.PublicationsFilePath) ? null : testDataDir + testingRow.PublicationsFilePath, string.IsNullOrEmpty(testingRow.CertFilePath) ? null : testDataDir + testingRow.CertFilePath); } if (string.IsNullOrEmpty(testingRow.ResourceFile)) { service = IntegrationTests.GetHttpKsiService(); } else { TestKsiServiceProtocol protocol = new TestKsiServiceProtocol { RequestResult = File.ReadAllBytes(Path.Combine(TestSetup.LocalPath, testDataDir + testingRow.ResourceFile)) }; service = new TestKsiService( protocol, new ServiceCredentials(Properties.Settings.Default.HttpSigningServiceUser, Properties.Settings.Default.HttpSigningServicePass, TestUtil.GetHashAlgorithm(Properties.Settings.Default.HttpSigningServiceHmacAlgorithm)), protocol, new ServiceCredentials(Properties.Settings.Default.HttpExtendingServiceUser, Properties.Settings.Default.HttpExtendingServicePass, TestUtil.GetHashAlgorithm(Properties.Settings.Default.HttpExtendingServiceHmacAlgorithm)), protocol, new PublicationsFileFactory( new PkiTrustStoreProvider(new X509Store(StoreName.Root), CryptoTestFactory.CreateCertificateSubjectRdnSelector("[email protected]"))), 1, PduVersion.v2); } return(new VerificationContext(signature) { DocumentHash = testingRow.InputHash, UserPublication = setUserPublication ? testingRow.PublicationData : null, IsExtendingAllowed = testingRow.IsExtendingAllowed, KsiService = service, PublicationsFile = publicationsFile, DocumentHashLevel = testingRow.InputHashLevel }); }
public void PkiTrustStoreProviderVerifyCustomCertInvalidTest() { PkiTrustStoreProvider trustStoreProvider = new PkiTrustStoreProvider(TestUtil.CreateCertStore(Resources.PkiTrustProvider_IdenTrustCert), CryptoTestFactory.CreateCertificateSubjectRdnSelector("[email protected]")); PublicationsFile publicationsFile = TestUtil.GetPublicationsFile(Resources.PkiTrustProvider_PubsFileCustomCert); PkiVerificationFailedException ex = Assert.Throws <PkiVerificationFailedException>(delegate { trustStoreProvider.Verify(publicationsFile.GetSignedBytes(), publicationsFile.GetSignatureValue()); }); // separate error messages for Microsoft and Bouncy Castle Assert.That(ex.Message.StartsWith("Trust chain did not complete to the known authority anchor. Thumbprints did not match.") || (ex.Message.StartsWith("Could not build certificate path") && ex.InnerException.Message.StartsWith("Unable to find certificate chain.")), "Unexpected exception message: " + ex.Message); }