public static object LogDomainCertificates(object[] args) { byte[] domainCertListStorageKey = (byte[])args[0]; Logger.log("Log Domain Certificates started. Domain: ", domainCertListStorageKey); byte[] trustedRootCAListHashMapEntrySerialized = StorageUtil.readFromStorage(domainCertListStorageKey); if (trustedRootCAListHashMapEntrySerialized != null) { Logger.log("Certificates for domain exists in Storage. Domain: ", domainCertListStorageKey); CertificateHashMapEntry certificateHashMapEntry = (CertificateHashMapEntry)SerializationUtil.Deserialize(trustedRootCAListHashMapEntrySerialized); Logger.log("Certificate Count: "); Logger.log(certificateHashMapEntry.certificateHashArray.Length); for (int i = 0; i < certificateHashMapEntry.certificateHashArray.Length; i++) { byte[] certificateHashEntrySerialized = certificateHashMapEntry.certificateHashArray[i]; CertificateHashEntry certificateHashEntry = (CertificateHashEntry)SerializationUtil.Deserialize(certificateHashEntrySerialized); Logger.log("IsCa: ", certificateHashEntry.IsCa); Logger.log(certificateHashEntry.CertificateHash); LogSSLCertificateWithCertificateHashValue(certificateHashEntry.CertificateHash); } } else { Logger.log("There isn't any certificate for Domain: ", domainCertListStorageKey); } Logger.log("Log Domain Certificates completed. Domain: ", domainCertListStorageKey); return(true); }
public void Should_UnTrusted_Root_Certificate_When_Any_SubCA_And_Ssl_Certificate_Is_Not_Exist() { string rootCertFilePath = "../../../test-data/certs/test-ca/Test-Root-CA-RSA-2048.cer"; byte[] rootCertEncoded = File.ReadAllBytes(rootCertFilePath); byte[] rootCertDigest = DigestUtilities.CalculateDigest("SHA_256", rootCertEncoded); byte[] requestSignature = SignUtil.generateAddTrustedRootCAOperationRequestSignature(rootCertEncoded); bool result = RootCaCertificateHandler.AddTrustedRootCaCertificate(rootCertDigest, rootCertEncoded, requestSignature); Assert.True(result); Certificate rootCertificate = CertificateParser.Parse(rootCertEncoded); byte[] rootCACertificateEntryByte = StorageUtil.readFromStorage(rootCertDigest); CaCertificateEntry caCertificateEntry = (CaCertificateEntry)SerializationUtil.Deserialize(rootCACertificateEntryByte); Assert.True(caCertificateEntry.IsTrusted); Assert.False(caCertificateEntry.IsRevoked); Assert.Equal(caCertificateEntry.CertificateValue, rootCertEncoded); byte[] cACertificateSubjectKeyIdEntrySerialized = StorageUtil.readFromStorage(rootCertificate.SubjectKeyIdentifier.keyIdentifier); CaCertificateSubjectKeyIdEntry cACertificateSubjectKeyIdEntry = (CaCertificateSubjectKeyIdEntry)SerializationUtil.Deserialize( cACertificateSubjectKeyIdEntrySerialized); Assert.True(cACertificateSubjectKeyIdEntry.IsRootCa); Assert.Equal(cACertificateSubjectKeyIdEntry.CertificateHash, rootCertDigest); byte[] certificateHashMapEntrySerialized = StorageUtil.readFromStorage(CertificateStorageManager.TRUSTED_ROOT_CA_LIST_STORAGE_KEY); CertificateHashMapEntry trustedRootCAListHashMapEntry = (CertificateHashMapEntry)SerializationUtil.Deserialize(certificateHashMapEntrySerialized); Assert.Equal(1, trustedRootCAListHashMapEntry.certificateHashArray.Length); byte[] certificateHashEntrySerialized = trustedRootCAListHashMapEntry.certificateHashArray[0]; CertificateHashEntry certificateHashEntry = (CertificateHashEntry)SerializationUtil.Deserialize(certificateHashEntrySerialized); Assert.True(certificateHashEntry.IsCa); Assert.Equal(rootCertDigest, certificateHashEntry.CertificateHash); requestSignature = SignUtil.generateUntrustRootCAOperationRequestSignature(rootCertEncoded); result = RootCaCertificateHandler.UntrustRootCaCertificate(rootCertDigest, rootCertEncoded, requestSignature); Assert.True(result); rootCACertificateEntryByte = StorageUtil.readFromStorage(rootCertDigest); caCertificateEntry = (CaCertificateEntry)SerializationUtil.Deserialize(rootCACertificateEntryByte); Assert.False(caCertificateEntry.IsTrusted); Assert.False(caCertificateEntry.IsRevoked); }
public void Should_Add_SSL_Certificate() { { string rootCertFilePath = "../../../test-data/certs/test-ca/Test-Root-CA-RSA-2048.cer"; byte[] rootCertEncoded = File.ReadAllBytes(rootCertFilePath); byte[] rootCertDigest = DigestUtilities.CalculateDigest("SHA_256", rootCertEncoded); byte[] requestSignature = SignUtil.generateAddTrustedRootCAOperationRequestSignature(rootCertEncoded); bool result = RootCaCertificateHandler.AddTrustedRootCaCertificate(rootCertDigest, rootCertEncoded, requestSignature); Assert.True(result); } { string subCaCertFilePath = "../../../test-data/certs/test-ca/Test-Sub-CA-RSA-2048.cer"; byte[] subCaCertEncoded = File.ReadAllBytes(subCaCertFilePath); byte[] subCaCertificateHash = DigestUtilities.CalculateDigest("SHA_256", subCaCertEncoded); byte[] subCaAddRequestSignature = null; bool result = SubCaCertificateHandler.AddSubCaCertificate(subCaCertificateHash, subCaCertEncoded, subCaAddRequestSignature); Assert.True(result); } string sSLCertFilePath = "../../../test-data/certs/test-ca/Test-SSL-RSA-2048.cer"; byte[] sSLCertEncoded = File.ReadAllBytes(sSLCertFilePath); byte[] sSLCertHash = DigestUtilities.CalculateDigest("SHA_256", sSLCertEncoded); bool sslCertAddResult = SslCertificateHandler.AddSslCertificate(sSLCertHash, sSLCertEncoded); Assert.True(sslCertAddResult); Certificate sslCertificate = CertificateParser.Parse(sSLCertEncoded); byte[] sSLCertificateEntryByte = StorageUtil.readFromStorage(sSLCertHash); EndEntityCertificateEntry sSLCertificateEntry = (EndEntityCertificateEntry)SerializationUtil.Deserialize(sSLCertificateEntryByte); Assert.False(sSLCertificateEntry.IsRevoked); Assert.Equal(sSLCertificateEntry.CertificateValue, sSLCertEncoded); //Is Added To Issuer list { byte[] storageKey = ArrayUtil.Concat(CertificateStorageManager.ELEMENT_LIST, sslCertificate.AuthorityKeyIdentifier.keyIdentifier); byte[] certHashMapEntrySerialized = StorageUtil.readFromStorage(storageKey); Assert.True(certHashMapEntrySerialized != null); CertificateHashMapEntry certHashMapEntry = (CertificateHashMapEntry)SerializationUtil.Deserialize(certHashMapEntrySerialized); Assert.True(certHashMapEntry.certificateHashArray != null); Assert.True(certHashMapEntry.certificateHashArray.Length == 1); byte[] subjectKeyIdCertificateHashEntrySerialized = certHashMapEntry.certificateHashArray[0]; CertificateHashEntry subjectKeyIdCertificateHashEntry = (CertificateHashEntry)SerializationUtil.Deserialize(subjectKeyIdCertificateHashEntrySerialized); Assert.Equal(subjectKeyIdCertificateHashEntry.CertificateHash, sSLCertHash); Assert.False(subjectKeyIdCertificateHashEntry.IsCa); } //Domain Name List - Common Name { byte[] certHashMapEntrySerialized = StorageUtil.readFromStorage(HexUtil.HexStringToByteArray("6f6e742e696f")); Assert.True(certHashMapEntrySerialized != null); CertificateHashMapEntry certHashMapEntry = (CertificateHashMapEntry)SerializationUtil.Deserialize(certHashMapEntrySerialized); Assert.True(certHashMapEntry.certificateHashArray != null); Assert.True(certHashMapEntry.certificateHashArray.Length == 1); byte[] subjectKeyIdCertificateHashEntrySerialized = certHashMapEntry.certificateHashArray[0]; CertificateHashEntry subjectKeyIdCertificateHashEntry = (CertificateHashEntry)SerializationUtil.Deserialize(subjectKeyIdCertificateHashEntrySerialized); Assert.Equal(subjectKeyIdCertificateHashEntry.CertificateHash, sSLCertHash); Assert.False(subjectKeyIdCertificateHashEntry.IsCa); } //Domain Name List - Subject Alternative Name { byte[] certHashMapEntrySerialized = StorageUtil.readFromStorage(HexUtil.HexStringToByteArray("7777772e6f6e742e696f")); Assert.True(certHashMapEntrySerialized != null); CertificateHashMapEntry certHashMapEntry = (CertificateHashMapEntry)SerializationUtil.Deserialize(certHashMapEntrySerialized); Assert.True(certHashMapEntry.certificateHashArray != null); Assert.True(certHashMapEntry.certificateHashArray.Length == 1); byte[] subjectKeyIdCertificateHashEntrySerialized = certHashMapEntry.certificateHashArray[0]; CertificateHashEntry subjectKeyIdCertificateHashEntry = (CertificateHashEntry)SerializationUtil.Deserialize(subjectKeyIdCertificateHashEntrySerialized); Assert.Equal(subjectKeyIdCertificateHashEntry.CertificateHash, sSLCertHash); Assert.False(subjectKeyIdCertificateHashEntry.IsCa); } }