public void ClientCertCallbackNoCaCertsFails()
{
X509Certificate2 cert = TestCertificateHelper.GenerateSelfSignedCert("top secret");
Assert.False(CertificateHelper.ValidateClientCert(cert, new X509Chain(),
Option.None <IList <X509Certificate2> >(), Logger.Factory.CreateLogger("something")));
}
public void ClientCertCallbackNoCaCertsFails()
{
X509Certificate2 cert = TestCertificateHelper.GenerateSelfSignedCert("top secret");
IList <X509Certificate2> ca = new List <X509Certificate2>();
var trustedCACerts = Option.Some(ca);
Assert.False(CertificateHelper.ValidateClientCert(cert, new List <X509Certificate2>(), trustedCACerts, Logger.Factory.CreateLogger("something")));
}
public void TestValidateCertificateWithCAExtentionFails()
{
var caCert = TestCertificateHelper.GenerateSelfSignedCert("MyTestCA", true);
Assert.False(CertificateHelper.ValidateClientCert(caCert, new List <X509Certificate2>()
{
caCert
}, Option.None <IList <X509Certificate2> >(), Logger.Factory.CreateLogger("something")));
}
public void ClientCertCallbackNullArgumentThrows()
{
var trustedCACerts = Option.None <IList <X509Certificate2> >();
Assert.Throws <ArgumentNullException>(() =>
CertificateHelper.ValidateClientCert(null, new List <X509Certificate2>(), trustedCACerts, Logger.Factory.CreateLogger("something")));
Assert.Throws <ArgumentNullException>(() =>
CertificateHelper.ValidateClientCert(new X509Certificate2(), null, trustedCACerts, Logger.Factory.CreateLogger("something")));
}
public void TestValidateCertificateWithExpiredValidityFails()
{
var notBefore = DateTime.Now.Subtract(TimeSpan.FromDays(2));
var notAfter = DateTime.Now.Subtract(TimeSpan.FromDays(1));
var(clientCert, clientKeyPair) = TestCertificateHelper.GenerateSelfSignedCert("MyTestClient", notBefore, notAfter, false);
Assert.False(CertificateHelper.ValidateClientCert(clientCert, new List <X509Certificate2>()
{
clientCert
}, Option.None <IList <X509Certificate2> >(), Logger.Factory.CreateLogger("something")));
}
public void TestValidateCertificateWithFutureValidityFails()
{
var notBefore = DateTime.Now.AddYears(1);
var notAfter = DateTime.Now.AddYears(2);
var clientCert = TestCertificateHelper.GenerateSelfSignedCert("MyTestClient", notBefore, notAfter, false);
Assert.False(CertificateHelper.ValidateClientCert(clientCert, new List <X509Certificate2>()
{
clientCert
}, Option.None <IList <X509Certificate2> >(), Logger.Factory.CreateLogger("something")));
}
public void TestValidateCertificateAndChainSucceeds()
{
var notBefore = DateTime.Now.Subtract(TimeSpan.FromDays(2));
var notAfter = DateTime.Now.AddYears(1);
var caCert = TestCertificateHelper.GenerateSelfSignedCert("MyTestCA", notBefore, notAfter, true);
var issuedClientCert = TestCertificateHelper.GenerateCertificate("MyIssuedTestClient", notBefore, notAfter, caCert, false, null, null);
Assert.True(CertificateHelper.ValidateClientCert(issuedClientCert, new List <X509Certificate2>()
{
caCert
}, Option.None <IList <X509Certificate2> >(), Logger.Factory.CreateLogger("something")));
}
public void ClientCertCallbackNullArgumentThrows()
{
Assert.Throws <ArgumentNullException>(() =>
CertificateHelper.ValidateClientCert(null, new X509Chain(),
Option.Some <IList <X509Certificate2> >(new X509Certificate2[] { }), Logger.Factory.CreateLogger("something")));
Assert.Throws <ArgumentNullException>(() =>
CertificateHelper.ValidateClientCert(new X509Certificate2(), null,
Option.Some <IList <X509Certificate2> >(new X509Certificate2[] { }), Logger.Factory.CreateLogger("something")));
Assert.Throws <ArgumentNullException>(() =>
CertificateHelper.ValidateClientCert(new X509Certificate2(), new X509Chain(),
Option.Some <IList <X509Certificate2> >(new X509Certificate2[] { }), null));
}
public void ClientCertCallbackNullArgumentThrows()
{
var trustedCACerts = Option.None <IList <X509Certificate2> >();
X509Certificate2 cert = TestCertificateHelper.GenerateSelfSignedCert("top secret");
Assert.Throws <ArgumentNullException>(
() =>
CertificateHelper.ValidateClientCert(null, new List <X509Certificate2>(), trustedCACerts, Logger.Factory.CreateLogger("something")));
Assert.Throws <ArgumentNullException>(
() =>
CertificateHelper.ValidateClientCert(cert, null, trustedCACerts, Logger.Factory.CreateLogger("something")));
}
public void TestValidateTrustedCACertificateAndEmptyChainFails()
{
var notBefore = DateTime.Now.Subtract(TimeSpan.FromDays(2));
var notAfter = DateTime.Now.AddYears(1);
var(caCert, caKeyPair) = TestCertificateHelper.GenerateSelfSignedCert("MyTestCA", notBefore, notAfter, true);
var(issuedClientCert, issuedClientKeyPair) = TestCertificateHelper.GenerateCertificate("MyIssuedTestClient", notBefore, notAfter, caCert, caKeyPair, false, null, null);
IList <X509Certificate2> trustedCACerts = new List <X509Certificate2>()
{
caCert
};
Assert.False(CertificateHelper.ValidateClientCert(issuedClientCert, new List <X509Certificate2>()
{
}, Option.Some(trustedCACerts), Logger.Factory.CreateLogger("something")));
}
