public async Task GetTrustListAsync()
{
Skip.If(!_fixture.KeyVaultInitOk);
string[] groups = await _keyVault.GetCertificateGroupIds();
foreach (string group in groups)
{
var trustList = await _keyVault.GetTrustListAsync(group, null, 2);
string nextPageLink = trustList.NextPageLink;
while (nextPageLink != null)
{
var nextTrustList = await _keyVault.GetTrustListAsync(group, nextPageLink, 2);
trustList.AddRange(nextTrustList);
nextPageLink = nextTrustList.NextPageLink;
}
var validator = X509TestUtils.CreateValidatorAsync(trustList);
}
}
public async Task CreateCAAndAppCertificatesThenRevokeAll()
{
Skip.If(!_fixture.KeyVaultInitOk);
X509Certificate2Collection certCollection = new X509Certificate2Collection();
for (int i = 0; i < 3; i++)
{
await KeyVaultCreateCACertificateAsync();
for (int v = 0; v < 10; v++)
{
certCollection.AddRange(await KeyVaultSigningRequestAsync());
certCollection.AddRange(await KeyVaultNewKeyPairRequestAsync());
}
}
string[] groups = await _keyVault.GetCertificateGroupIds();
// validate all certificates
foreach (string group in groups)
{
var trustList = await _keyVault.GetTrustListAsync(group);
string nextPageLink = trustList.NextPageLink;
while (nextPageLink != null)
{
var nextTrustList = await _keyVault.GetTrustListAsync(group, nextPageLink);
trustList.AddRange(nextTrustList);
nextPageLink = nextTrustList.NextPageLink;
}
var validator = await X509TestUtils.CreateValidatorAsync(trustList);
foreach (var cert in certCollection)
{
validator.Validate(cert);
}
}
// now revoke all certifcates
var revokeCertificates = new X509Certificate2Collection(certCollection);
foreach (string group in groups)
{
var unrevokedCertificates = await _keyVault.RevokeCertificatesAsync(group, revokeCertificates);
Assert.True(unrevokedCertificates.Count <= revokeCertificates.Count);
revokeCertificates = unrevokedCertificates;
}
Assert.Empty(revokeCertificates);
// reload updated trust list from KeyVault
var trustListAllGroups = new KeyVaultTrustListModel("all");
foreach (string group in groups)
{
var trustList = await _keyVault.GetTrustListAsync(group);
string nextPageLink = trustList.NextPageLink;
while (nextPageLink != null)
{
var nextTrustList = await _keyVault.GetTrustListAsync(group, nextPageLink);
trustList.AddRange(nextTrustList);
nextPageLink = nextTrustList.NextPageLink;
}
trustListAllGroups.AddRange(trustList);
}
// verify certificates are revoked
{
var validator = await X509TestUtils.CreateValidatorAsync(trustListAllGroups);
foreach (var cert in certCollection)
{
Assert.Throws <Opc.Ua.ServiceResultException>(() =>
{
validator.Validate(cert);
});
}
}
}