예제 #1
0
            public void Ignores_issued_to_organization_if_no_organization_number()
            {
                //Act
                var result = CertificateValidator.ValidateCertificate(CertificateResource.UnitTests.GetPostenCertificate(), string.Empty);

                //Assert
                Assert.Equal(CertificateValidationType.Valid, result.Type);
                Assert.Contains("is a valid certificate", result.Message);
            }
예제 #2
0
            public void Returns_ok_if_valid()
            {
                //Arrange

                //Act
                var result = CertificateValidator.ValidateCertificate(CertificateResource.UnitTests.GetPostenCertificate());

                //Assert
                Assert.Equal(CertificateValidationType.Valid, result.Type);
                Assert.Contains("is a valid certificate", result.Message);
            }
예제 #3
0
            public void Returns_fail_if_not_activated()
            {
                //Arrange

                //Act
                var result = CertificateValidator.ValidateCertificate(CertificateResource.UnitTests.NotActivatedSelfSignedTestCertificate());

                //Assert
                Assert.Equal(CertificateValidationType.InvalidCertificate, result.Type);
                Assert.Contains("is not active until", result.Message);
            }
예제 #4
0
            public void Returns_fail_with_null_certificate()
            {
                //Arrange

                //Act
                var result = CertificateValidator.ValidateCertificate(null);

                //Assert
                Assert.Equal(CertificateValidationType.InvalidCertificate, result.Type);
                Assert.Contains("is null", result.Message);
            }
예제 #5
0
            public void Returns_fail_if_expired()
            {
                //Arrange

                //Act
                var result = CertificateValidator.ValidateCertificate(CertificateResource.UnitTests.GetExpiredSelfSignedTestCertificate());

                //Assert
                Assert.Equal(CertificateValidationType.InvalidCertificate, result.Type);
                Assert.Contains("expired on", result.Message);
            }
예제 #6
0
        /// <summary>
        /// The implementation of the interface ICertificateLookups function.
        ///
        /// It takes the subject string and queries the ldap server for a certificate
        /// that satifies the condition in the subject string.
        ///
        /// Also implements a certificate cache, which removes unused certificates after 14 days.
        /// </summary>
        /// <param name="subject">The subject string of an OCES certificate.</param>
        /// <returns>The certificate that satifies the conditions of the subject string.</returns>
        public X509Certificate2 GetCertificate(CertificateSubject subject)
        {
            if (subject == null)
            {
                throw new ArgumentNullException("subject");
            }

            X509Certificate2 certificateToBeReturned;

            if (!certiticateCache.TryGetValue(subject, out certificateToBeReturned))
            {
                LdapConnection ldapConnection = null;
                try
                {
                    ldapConnection = ConnectToServer();
                    LdapSearchResults results = Search(ldapConnection, subject);
                    certificateToBeReturned = GetCertificate(results, subject);
                }
                finally
                {
                    if (ldapConnection != null)
                    {
                        ldapConnection.Disconnect();
                    }
                }

                // Check the certificate
                //   Check for activation date and expire date
                //   Check the certificate chain
                CertificateValidator.ValidateCertificate(certificateToBeReturned);

                // everything is okay, add it to the cache
                this.certiticateCache.Set(subject, certificateToBeReturned);
            }
            else
            {
                // certificate found in cache
                // check it is not expired
                try
                {
                    CertificateValidator.ValidateCertificate(certificateToBeReturned);
                }
                catch
                {
                    // if any error is thrown, move the certificate from the cache
                    this.certiticateCache.Remove(subject);

                    // throw the original error
                    throw;
                }
            }

            return(certificateToBeReturned);
        }
예제 #7
0
            public void Returns_ok_if_valid()
            {
                //Arrange
                const string certificateOrganizationNumber = "984661185";

                //Act
                var result = CertificateValidator.ValidateCertificate(CertificateResource.UnitTests.GetPostenCertificate(), certificateOrganizationNumber);

                //Assert
                Assert.Equal(CertificateValidationType.Valid, result.Type);
                Assert.Contains("is a valid certificate", result.Message);
            }
예제 #8
0
            public void Returns_fail_if_not_issued_to_organization_number()
            {
                //Arrange
                const string certificateOrganizationNumber = "123456789";

                //Act
                var result = CertificateValidator.ValidateCertificate(CertificateResource.UnitTests.TestIntegrasjonssertifikat(), certificateOrganizationNumber);

                //Assert
                Assert.Equal(CertificateValidationType.InvalidCertificate, result.Type);
                Assert.Contains("is not issued to organization number", result.Message);
            }
예제 #9
0
            public void Calls_validate_certificate_overload_with_no_organization_number()
            {
                //Arrange
                const string organizationNumber = "988015814";

                //Act
                var result = CertificateValidator.ValidateCertificate(CertificateResource.UnitTests.GetExpiredSelfSignedTestCertificate(), organizationNumber);

                //Assert
                Assert.Equal(CertificateValidationType.InvalidCertificate, result.Type);
                Assert.Contains("expired on", result.Message);
            }
예제 #10
0
            public void Returns_fail_with_null_certificate()
            {
                //Arrange
                const string organizationNumber = "123456789";

                //Act
                var result = CertificateValidator.ValidateCertificate(null, organizationNumber);

                //Assert
                Assert.Equal(CertificateValidationType.InvalidCertificate, result.Type);
                Assert.Contains("var null", result.Message);
            }
예제 #11
0
            public void Returns_fail_if_not_activated()
            {
                //Arrange
                const string certificateOrganizationNumber = "988015814";

                //Act
                var result = CertificateValidator.ValidateCertificate(CertificateResource.UnitTests.NotActivatedSelfSignedTestCertificate(), certificateOrganizationNumber);

                //Assert
                Assert.Equal(CertificateValidationType.InvalidCertificate, result.Type);
                Assert.Contains("aktiveres ikke før", result.Message);
            }
예제 #12
0
 /// <summary>
 /// Performs a certificate chain validation
 /// </summary>
 /// <param name="certificate">the certificate to validate</param>
 /// <param name="result">the object to store the result</param>
 /// <exception cref="CheckCertificateChainUnexpectedException">This exception is thrown, if an unexpected exception is thrown during the method</exception>
 private void CheckCertificateChain(X509Certificate2 certificate, CertificateCheckResult result)
 {
     try {
         CertificateValidator.ValidateCertificate(certificate, _defaultOCESrootCertificate);
         result.RootCertificateAsRoot = true;
         result.CertificateActivated  = true;
         result.CertificateValid      = true;
     } catch (CertificateFailedChainValidationException) {
         result.RootCertificateAsRoot = false;
     } catch (CertificateNotActiveException) {
         result.CertificateActivated = false;
     } catch (CertificateExpiredException) {
         result.CertificateValid = false;
     } catch (ArgumentNullException) {
         throw;
     } catch (CryptographicUnexpectedOperationException) {
         throw;
     } catch (CryptographicException) {
         throw;
     } catch (Exception e) {
         throw new CheckCertificateChainUnexpectedException(e);
     }
 }