public void ByFriendlyName_NoneMatching_ReturnsNull() { Mock <IX509Store> storeMock = new Mock <IX509Store>(); storeMock.Setup(mock => mock.Certificates).Returns(new X509Certificate2CollectionFake { new X509Certificate2Fake() }); Certificate result = new CertificateLookup("FindMe", new[] { StoreName.My }, name => storeMock.Object) .ByFriendlyName(); Assert.Null(result); }
public void LookupPrimesignCertificateTest() { var test = new ReceiptQrCode(QRCODE1); string certSerial = test.CertificateSerial; // Lookup needs serial in decimal long certificateSerialDecimal = Convert.ToInt64(certSerial, 16); Assert.Equal(491306597551448, certificateSerialDecimal); // Sample Primesign lookup for above serial var result = CertificateLookup.Primesign(certificateSerialDecimal); string cert64Encoded = Convert.ToBase64String(result.CertificateBinary); Assert.Equal(CERT64ENCODED, cert64Encoded); }
public void LookupATrustCertificateTest() { var test = new ReceiptQrCode(QRCODE1); string certSerial = test.CertificateSerial; // Lookup needs serial in decimal int certificateSerialDecimal = Convert.ToInt32(certSerial, 16); Assert.Equal(2065058440, certificateSerialDecimal); // Sample A-Trust lookup for above serial var result = CertificateLookup.ATrust(certificateSerialDecimal); string cert64Encoded = Convert.ToBase64String(result.CertificateBinary); Assert.Equal(CERT64ENCODED, cert64Encoded); }
public void ByThumbprint_MultipleMatching_ReturnsFirstMatchingCertificate() { Mock <IX509Store> storeMock = new Mock <IX509Store>(); storeMock.Setup(mock => mock.Certificates).Returns(new X509Certificate2CollectionFake { new X509Certificate2Fake(), new X509Certificate2Fake(friendlyName: "FindMe", thumbprint: "FindMe"), new X509Certificate2Fake(friendlyName: "NotMe", thumbprint: "FindMe") }); Certificate result = new CertificateLookup("FindMe", new[] { StoreName.My }, name => storeMock.Object) .ByThumbprint(); Assert.Equal(result.FriendlyName, "FindMe"); Assert.Equal(result.Thumbprint, "FindMe"); }
public void ByFriendlyName_OneMatchingInSecondaryStore_ReturnsCertificate() { Dictionary <StoreName, Mock <IX509Store> > storeMocks = new Dictionary <StoreName, Mock <IX509Store> >(); storeMocks[StoreName.My] = CreateX509StoreMock(new X509Certificate2CollectionFake { new X509Certificate2Fake(), new X509Certificate2Fake() }); storeMocks[StoreName.Root] = CreateX509StoreMock(new X509Certificate2CollectionFake { new X509Certificate2Fake(), new X509Certificate2Fake(friendlyName: "FindMe", thumbprint: "FindMe") }); Certificate result = new CertificateLookup("FindMe", new[] { StoreName.My, StoreName.Root }, name => storeMocks[name].Object) .ByFriendlyName(); Assert.Equal(result.FriendlyName, "FindMe"); Assert.Equal(result.Thumbprint, "FindMe"); }
public static IActionResult Run([HttpTrigger(AuthorizationLevel.Function, "get", "post", Route = null)] HttpRequest req, TraceWriter log) { // TODO: Proper error handling, proper monitoring (Application Insights) log.Info("C# HTTP trigger function processed a request."); string requestBody = new StreamReader(req.Body).ReadToEnd(); var data = JsonConvert.DeserializeObject <VerificationParameters>(requestBody); // Short-circuit out of here if signature is invalid anyways byte[] signature = Convert.FromBase64String(data.Signature); if (64 != signature.Length) { return(new BadRequestObjectResult("Signature is not 64 bytes in length")); } // TODO: A-Trust hardcoded, would be data.Authority switch // TODO: Here we would be adding the caching logic for the certificates (hash of authority & cert# for lookup) var certificateLookupResult = CertificateLookup.ATrust(data.CertificateNumber); // TODO: Assuming valid lookup, would need checking certificateLookupResult.Found var cert = new X509Certificate2(certificateLookupResult.CertificateBinary); // https://stackoverflow.com/a/38235996/141927 using (ECDsa ecdsa = cert.GetECDsaPublicKey()) { if (ecdsa != null) { bool valid = ecdsa.VerifyHash(Convert.FromBase64String(data.HashToVerify), signature); return((ActionResult) new OkObjectResult(valid)); } else { return(new NotFoundResult()); } } }
private async void ScanBon_Clicked(object sender, EventArgs e) { try { var scanner = DependencyService.Get <IQrScanningService>(); var result = await scanner.ScanAsync(); if (result != null) { System.Diagnostics.Debug.WriteLine("QR: " + result); StringBuilder stb = new StringBuilder(); stb.AppendLine($"QR: {result}"); var qrCode = new ReceiptQrCode(result); if (qrCode.IsValid) { stb.AppendLine($"Cipher Suite: {qrCode.CipherSuite}"); if (!qrCode.IstGeschlossenesSystem()) { stb.AppendLine($"Cert Id: {qrCode.CertificateSerialAsDecimal}"); } else { stb.AppendLine("Kassentyp: geschlossenes System"); } stb.AppendLine($"Datum: {qrCode.Date}"); stb.AppendLine($"Beträge: {qrCode.BetragSatzNormal} / {qrCode.BetragSatzErmaessigt1} / {qrCode.BetragSatzErmaessigt2} / {qrCode.BetragSatzNull} / {qrCode.BetragSatzBesonders}"); if (!qrCode.IstGeschlossenesSystem()) { var certificateLookupResult = CertificateLookup.Lookup(qrCode); if (certificateLookupResult.Found) { bool verified = qrCode.ValidateSignatureBouncyCastle(certificateLookupResult.CertificateBinary); stb.AppendLine($"Ergebnis Validierung Signatur: {verified}"); } else { stb.AppendLine($"Fehler: Zertifikat nicht gefunden, {certificateLookupResult.ErrorMessage}"); } } else { stb.AppendLine($"Ordnungsbegriff des Unternehmers: {qrCode.CertificateSerial}"); } } else { stb.AppendLine("Fehler: QR Code ungültig"); } VerificationResult.Text = stb.ToString(); } } catch (Exception ex) { await DisplayAlert("Scan Error", ex.ToString(), "OK"); } }