C# (CSharp) SettingsValidator.ValidateCommonNames Exemples

Exemple #1

Fichier : SettingsValidator.Test.cs Projet : zmyer/service-fabric

        public void ValidateCommonNamesTest()
        {
            X509 validCertInfo = new X509()
            {
                ClusterCertificateCommonNames      = ConstructServerCns(new string[] { "hia", "bia" }, new string[] { "59EC792004C56225DD6691132C713194D28098F1", "59EC792004C56225DD6691132C713194D28098F1,59EC792004C56225DD6691132C713194D28098F2" }),
                ServerCertificateCommonNames       = ConstructServerCns(new string[] { "hia", "bia" }, new string[] { "59EC792004C56225DD6691132C713194D28098F1", "59EC792004C56225DD6691132C713194D28098F1,59EC792004C56225DD6691132C713194D28098F2" }),
                ReverseProxyCertificateCommonNames = ConstructServerCns(new string[] { "hia", "bia" }, null),
                ClientCertificateCommonNames       = new List <ClientCertificateCommonName>()
                {
                    new ClientCertificateCommonName()
                    {
                        CertificateCommonName = "lolo", CertificateIssuerThumbprint = "59EC792004C56225DD6691132C713194D28098F1,59EC792004C56225DD6691132C713194D28098F2"
                    },
                    new ClientCertificateCommonName()
                    {
                        CertificateCommonName = "biabia", CertificateIssuerThumbprint = "59EC792004C56225DD6691132C713194D28098F1,59EC792004C56225DD6691132C713194D28098F2"
                    },
                    new ClientCertificateCommonName()
                    {
                        CertificateCommonName = "lala", CertificateIssuerThumbprint = "59EC792004C56225DD6691132C713194D28098F1,59EC792004C56225DD6691132C713194D28098F2"
                    },
                }
            };

            this.RunWrapper(delegate { SettingsValidator.ValidateCommonNames(validCertInfo); }, null);

            // IT is supported for certs except reverseProxy cert
            X509 invalidCertInfo;

            invalidCertInfo = new X509()
            {
                ReverseProxyCertificateCommonNames = ConstructServerCns(new string[] { "hia" }, new string[] { "59EC792004C56225DD6691132C713194D28098F1" }),
                ClientCertificateCommonNames       = new List <ClientCertificateCommonName>()
                {
                    new ClientCertificateCommonName()
                    {
                        CertificateCommonName = "lolo", CertificateIssuerThumbprint = "59EC792004C56225DD6691132C713194D28098F1,59EC792004C56225DD6691132C713194D28098F2"
                    },
                    new ClientCertificateCommonName()
                    {
                        CertificateCommonName = "biabia", CertificateIssuerThumbprint = "59EC792004C56225DD6691132C713194D28098F1,59EC792004C56225DD6691132C713194D28098F2"
                    },
                    new ClientCertificateCommonName()
                    {
                        CertificateCommonName = "lala", CertificateIssuerThumbprint = "59EC792004C56225DD6691132C713194D28098F1,59EC792004C56225DD6691132C713194D28098F2"
                    },
                }
            };
            this.RunWrapper(delegate { SettingsValidator.ValidateCommonNames(invalidCertInfo); }, ClusterManagementErrorCode.UnsupportedIssuerThumbprintPair);

            // cns must not be nullOrWhitespace
            invalidCertInfo = new X509()
            {
                ClientCertificateCommonNames = new List <ClientCertificateCommonName>()
                {
                    new ClientCertificateCommonName()
                    {
                        CertificateCommonName = "  "
                    },
                }
            };
            this.RunWrapper(delegate { SettingsValidator.ValidateCommonNames(invalidCertInfo); }, ClusterManagementErrorCode.InvalidCommonName);

            // Issuer thumbprints must be separated by comma
            invalidCertInfo = new X509()
            {
                ServerCertificateCommonNames = ConstructServerCns("hia", "59EC792004C56225DD6691132C713194D28098F1;59EC792004C56225DD6691132C713194D28098F2"),
            };
            this.RunWrapper(delegate { SettingsValidator.ValidateCommonNames(invalidCertInfo); }, ClusterManagementErrorCode.InvalidCertificateIssuerThumbprints);

            // Issuer thumbprints must not dupe under the same cn
            invalidCertInfo = new X509()
            {
                ClientCertificateCommonNames = new List <ClientCertificateCommonName>()
                {
                    new ClientCertificateCommonName()
                    {
                        CertificateCommonName = "lolo", CertificateIssuerThumbprint = "59EC792004C56225DD6691132C713194D28098F1,59EC792004C56225DD6691132C713194D28098F1"
                    },
                },
                ServerCertificateCommonNames = ConstructServerCns("hia", "59EC792004C56225DD6691132C713194D28098F1,59EC792004C56225DD6691132C713194D28098F1"),
            };
            this.RunWrapper(delegate { SettingsValidator.ValidateCommonNames(invalidCertInfo); }, ClusterManagementErrorCode.InvalidCertificateIssuerThumbprints);

            // Up to 2 CNs are supported, except client CN
            invalidCertInfo = new X509()
            {
                ClusterCertificateCommonNames = ConstructServerCns(new string[] { "hia", "bia", "zaa" }, null),
            };
            this.RunWrapper(delegate { SettingsValidator.ValidateCommonNames(invalidCertInfo); }, ClusterManagementErrorCode.InvalidCommonNameCount);

            // no dupe CN is allowed for the same cert type, except client CN
            invalidCertInfo = new X509()
            {
                ClusterCertificateCommonNames = ConstructServerCns(new string[] { "hia", "hia" }, null),
            };
            this.RunWrapper(delegate { SettingsValidator.ValidateCommonNames(invalidCertInfo); }, ClusterManagementErrorCode.DupeCommonNameNotAllowedForClusterCert);
        }