public void TestSignAndValidateNotTrusted()
{
GenericCredentialVault vault = new GenericCredentialVault();
//Add test certificate to vault
X509Certificate2 newCert = new X509Certificate2(AppDomain.CurrentDomain.SetupInformation.ApplicationBase + "\\Resources\\oces2\\PP\\FOCES_gyldig.p12", "Test1234");
var cert2 = new X509Certificate2(AppDomain.CurrentDomain.SetupInformation.ApplicationBase + "\\Resources\\oces2\\PP\\VOCES_gyldig.p12", "Test1234");
cert2.FriendlyName = vault.ALIAS_SYSTEM;
vault.AddTrustedCertificate(cert2);
var ass = AssertionMaker.MakeAssertionForSTS(newCert);
var signedAss = SealUtilities.SignAssertion(ass, newCert);
var signedXml = Serialize(signedAss);
try
{
SignatureUtil.Validate(signedXml.Root, null, vault, true, true);
}
catch (Exception e)
{
//Assert.IsInstanceOfType(e, typeof(ModelException));
}
}
public static GenericCredentialVault GetCredentialVaultFromBase64String(string certificate, string postFix)
{
var credentialVault = new GenericCredentialVault();
var systemCredentialCert = new X509Certificate2(Convert.FromBase64String(certificate));
credentialVault.SetSystemCredentials(systemCredentialCert);
return(credentialVault);
}
public static GenericCredentialVault GetCredentialVaultFromResource(string resourceName, string postFix, string password = "******")
{
var credentialVault = new GenericCredentialVault();
var systemCredentialCert = new X509Certificate2(TestContext.CurrentContext.TestDirectory +
"/Resources/" + resourceName, password);
credentialVault.SetSystemCredentials(systemCredentialCert);
return(credentialVault);
}
public void SetSystemCredentialsEmptyStoreTest()
{
GenericCredentialVault vault = new GenericCredentialVault();
RemoveAllCerts(vault);
vault.SetSystemCredentials(Global.MocesCprGyldig);
Assert.True(vault.IsTrustedCertificate(Global.MocesCprGyldig));
Assert.True(vault.GetSystemCredentials().Equals(Global.MocesCprGyldig));
}
public void RemoveAllCerts(GenericCredentialVault vault)
{
var certStore = vault.CertStore;
certStore.Open(OpenFlags.ReadWrite);
foreach (var cer in certStore.Certificates)
{
vault.RemoveTrustedCertificate(cer.SerialNumber);
}
certStore.Close();;
}
private bool SignAndValidate(X509Certificate2 cert, bool checkTrust, bool checkRevoked)
{
GenericCredentialVault vault = new GenericCredentialVault();
cert.FriendlyName = vault.ALIAS_SYSTEM;
vault.AddTrustedCertificate(cert);
var ass = AssertionMaker.MakeAssertionForSTS(cert);
var signedAss = SealUtilities.SignAssertion(ass, cert);
var signedXml = Serialize(signedAss);
return(SignatureUtil.Validate(signedXml.Root, null, vault, checkTrust, checkRevoked));
}
public SOSIFactory CreateSOSIFactory(X509Certificate2 cert)
{
GenericCredentialVault vault = new GenericCredentialVault();
//Make sure certStore is cleaned for testing
RemoveAllCerts(vault);
//Add test certificate to vault
X509Certificate2 newCert = cert;
//newCert.FriendlyName = vault.ALIAS_SYSTEM;
vault.AddTrustedCertificate(newCert);
CredentialVaultSignatureProvider sigProvider = new CredentialVaultSignatureProvider(vault);
SOSIFactory factory = new SOSIFactory(null, sigProvider);
return(factory);
}
public void RemoveTrustedCertTest()
{
//string vocesFriendlyName = "NETS DANID A/S - TU VOCES gyldig";
//Global.VocesGyldig.FriendlyName = vocesFriendlyName;
string vocesFriendlyName = "5818E231";
var factory = CreateSOSIFactory(Global.MocesCprGyldig);
GenericCredentialVault vault = (GenericCredentialVault)factory.GetCredentialVault();
//Try to remove non-existing cert
Assert.Throws <InvalidCredentialException>(delegate { vault.RemoveTrustedCertificate(vocesFriendlyName); });
vault.AddTrustedCertificate(Global.VocesGyldig);
//Verify it is now trusted
Assert.True(vault.IsTrustedCertificate(Global.VocesGyldig));
Assert.DoesNotThrow(delegate { vault.RemoveTrustedCertificate(vocesFriendlyName); });
//Verify it is no longer trusted
Assert.False(vault.IsTrustedCertificate(Global.VocesGyldig));
}
public void IsTrustedCertTest()
{
//string vocesFriendlyName = "NETS DANID A/S - TU VOCES gyldig";
//Global.VocesGyldig.FriendlyName = vocesFriendlyName;
string vocesFriendlyName = "5818E231";
var factory = CreateSOSIFactory(Global.MocesCprGyldig);
GenericCredentialVault vault = (GenericCredentialVault)factory.GetCredentialVault();
vault.AddTrustedCertificate(Global.VocesGyldig);
Assert.True(vault.IsTrustedCertificate(Global.VocesGyldig));
Assert.True(vault.IsTrustedCertificate(Global.MocesCprGyldig));
Assert.False(vault.IsTrustedCertificate(Global.cert));
//Remove VOCES cert
vault.RemoveTrustedCertificate(vocesFriendlyName);
//Verify it is no longer trusted
Assert.False(vault.IsTrustedCertificate(Global.VocesGyldig));
}
public void TestNullVault()
{
GenericCredentialVault vault = null;
Assert.Throws <ArgumentException>(delegate { CredentialVaultSignatureProvider sigProvider = new CredentialVaultSignatureProvider(vault); });
}
