public void ItShouldReturnTrueWhenAlternativeHostPinIsValid()
{
var config = GetAlternativeApiTlsPinningConfig(true);
var certificateHandler = new TestCertificateHandler(config, _reportClient);
certificateHandler.GetValidationResult(_alternativeHost, _alternativeHostCert, SslPolicyErrors.None).Should().BeTrue();
}
public void ItShouldSendTlsPinReportWhenPinIsNotValid()
{
var config = GetIncorrectTlsPinningConfig(true);
var certificateHandler = new TestCertificateHandler(config, _reportClient);
certificateHandler.GetValidationResult(_apiHost, _apiCert, SslPolicyErrors.None);
_reportClient.ReceivedWithAnyArgs().Send(null);
}
public void ItShouldReturnFalseWhenPinIsNotValid()
{
var config = GetApiTlsPinningConfig(true);
config.PinnedDomains = new List <TlsPinnedDomain>();
var certificateHandler = new TestCertificateHandler(config, _reportClient);
certificateHandler.GetValidationResult(_apiHost, _apiCert, SslPolicyErrors.None).Should().BeFalse();
}
public void ItShouldReturnTrueWhenEnforceIsOff()
{
var certificateHandler = new TestCertificateHandler(GetApiTlsPinningConfig(false), _reportClient);
certificateHandler.GetValidationResult(_apiHost, _apiCert, SslPolicyErrors.None).Should().BeTrue();
}
public void ItShouldReturnFalseWhenSslError()
{
var certificateHandler = new TestCertificateHandler(GetApiTlsPinningConfig(true), _reportClient);
certificateHandler.GetValidationResult(_apiHost, _apiCert, SslPolicyErrors.RemoteCertificateNameMismatch).Should().BeFalse();
}
