public void ShouldReturnTrueIfServerIdIsTheSameAsTheOneSaved()
{
var fileName = Path.GetTempPath() + Guid.NewGuid() + ".tmp";
try
{
// Given a knownHost file with ServerId Fingerprint in it
using (var fileWriter = File.CreateText(fileName))
{
fileWriter.WriteLine("#this line should be ignored!");
fileWriter.WriteLine($"{ServerId} {Fingerprint}");
}
File.Exists(fileName).Should().BeTrue();
var trustStrategy = new TrustOnFirstUse(null, fileName);
trustStrategy.KnownHost.Count.Should().Be(1);
trustStrategy.KnownHost[ServerId].Should().Be(Fingerprint);
// When
var mockCert = new Mock <X509Certificate>();
mockCert.Setup(x => x.GetCertHash()).Returns(ServerCertText.ToByteArray());
var valid = trustStrategy.ValidateServerCertificate(new Uri(ServerId), mockCert.Object, SslPolicyErrors.None);
// Then
valid.Should().BeTrue();
trustStrategy.KnownHost.Count.Should().Be(1);
trustStrategy.KnownHost.Keys.Single().Should().Be(ServerId);
trustStrategy.KnownHost.Values.Single().Should().Be(Fingerprint);
}
finally
{
File.Delete(fileName);
}
}
public void ShouldNotCreateFileIfKnownHostFileDoesNotExist()
{
var fileName = Path.GetTempPath() + Guid.NewGuid() + ".tmp";
var trustStrategy = new TrustOnFirstUse(null, fileName);
File.Exists(fileName).Should().BeFalse();
trustStrategy.KnownHost.Count.Should().Be(0);
}
public void ShouldSaveNewServerIdToKnownHostsFileAndReturnTrue()
{
var fileName = Path.GetTempPath() + Guid.NewGuid() + ".tmp";
try
{
var trustStrategy = new TrustOnFirstUse(null, fileName);
var mockCert = new Mock <X509Certificate>();
mockCert.Setup(x => x.GetCertHash()).Returns(ServerCertText.ToByteArray());
var valid = trustStrategy.ValidateServerCertificate(new Uri(ServerId), mockCert.Object, SslPolicyErrors.None);
valid.Should().BeTrue();
trustStrategy.KnownHost.Count.Should().Be(1);
trustStrategy.KnownHost.Keys.Single().Should().Be(ServerId);
trustStrategy.KnownHost.Values.Single().Should().Be(Fingerprint);
}
finally
{
File.Delete(fileName);
}
}
public EncryptionManager(EncryptionLevel level, TrustStrategy strategy, ILogger logger)
{
_encryptionLevel = level;
if (_encryptionLevel != EncryptionLevel.None)
{
switch (strategy.ServerTrustStrategy())
{
case V1.TrustStrategy.Strategy.TrustOnFirstUse:
TrustStrategy = new TrustOnFirstUse(logger, strategy.FileName());
break;
case V1.TrustStrategy.Strategy.TrustSystemCaSignedCertificates:
TrustStrategy = new TrustSystemCaSignedCertificates(logger);
break;
default:
throw new InvalidOperationException($"Unknown trust strategy: {strategy}");
}
}
}
public void ShouldLoadFromKnownHostIfFileExists()
{
var fileName = Path.GetTempPath() + Guid.NewGuid() + ".tmp";
try
{
using (var fileWriter = File.CreateText(fileName))
{
fileWriter.WriteLine("#this line should be ignored!");
fileWriter.WriteLine("serverId fingerprint");
}
File.Exists(fileName).Should().BeTrue();
var trustStrategy = new TrustOnFirstUse(null, fileName);
trustStrategy.KnownHost.Count.Should().Be(1);
trustStrategy.KnownHost["serverId"].Should().Be("fingerprint");
}
finally
{
File.Delete(fileName);
}
}