Exemplo n.º 1
0
        public async Task VerifyChallenge_ShouldVerifyTheChallenge()
        {
            //SETUP
            AcmeRestApi api = new AcmeRestApi(ProtoacmeContants.LETSENCRYPT_STAGING_ENDPOINT);
            AcmeApiResponse <AcmeDirectory> directory;
            AcmeApiResponse nonceResponse = null;
            AcmeApiResponse <AcmeAccount> accountResponse = null;
            AcmeApiResponse <AcmeCertificateFulfillmentPromise> certificateFulfillmentPromise = null;
            List <AcmeApiResponse <AcmeAuthorization> >         authorizations = null;
            AcmeApiResponse <AcmeChallengeStatus> challengeStatusResponse;

            AcmeCertificateRequest certifcateRequest = new AcmeCertificateRequest()
            {
                Identifiers = new List <DnsCertificateIdentifier>()
                {
                    new DnsCertificateIdentifier()
                    {
                        Value = "taco.com"
                    },
                    new DnsCertificateIdentifier()
                    {
                        Value = "www.taco.com"
                    }
                }
            };

            //EXECUTE
            directory = await api.GetDirectoryAsync();

            nonceResponse = await api.GetNonceAsync(directory.Data);

            accountResponse = await api.CreateAccountAsync(directory.Data, nonceResponse.Nonce, new AcmeCreateAccount()
            {
                Contact = new List <string>()
                {
                    "mailto:[email protected]"
                }, TermsOfServiceAgreed = true
            });

            certificateFulfillmentPromise = await api.RequestCertificateAsync(directory.Data, accountResponse.Nonce, accountResponse.Data, certifcateRequest);

            authorizations = await api.GetChallengesAsync(certificateFulfillmentPromise.Data);

            AcmeChallenge httpChallenge = authorizations.First().Data.Challenges.First(t => t.Type.Equals("http-01"));
            string        authKey       = CreateAuthorizationKey(accountResponse.Data, httpChallenge.Token);

            challengeStatusResponse = await api.VerifyChallengeAsync(accountResponse.Data, httpChallenge, certificateFulfillmentPromise.Nonce, authKey);

            //ASSERT
            challengeStatusResponse.ShouldNotBeNull();
            challengeStatusResponse.Status.ShouldBe(AcmeApiResponseStatus.Success);
            challengeStatusResponse.Data.ShouldNotBeNull();
            challengeStatusResponse.Data.Status.ShouldBe("pending");
        }
Exemplo n.º 2
0
        public async Task GetChallenges_ShouldGetChallengesForEachIdentifier()
        {
            //SETUP
            AcmeRestApi api = new AcmeRestApi(ProtoacmeContants.LETSENCRYPT_STAGING_ENDPOINT);
            AcmeApiResponse <AcmeDirectory> directory;
            AcmeApiResponse nonceResponse = null;
            AcmeApiResponse <AcmeAccount> accountResponse = null;
            AcmeApiResponse <AcmeCertificateFulfillmentPromise> certificateFulfillmentPromise = null;
            List <AcmeApiResponse <AcmeAuthorization> >         authorizations = null;

            AcmeCertificateRequest certifcateRequest = new AcmeCertificateRequest()
            {
                Identifiers = new List <DnsCertificateIdentifier>()
                {
                    new DnsCertificateIdentifier()
                    {
                        Value = "taco.com"
                    },
                    new DnsCertificateIdentifier()
                    {
                        Value = "www.taco.com"
                    }
                }
            };

            //EXECUTE
            directory = await api.GetDirectoryAsync();

            nonceResponse = await api.GetNonceAsync(directory.Data);

            accountResponse = await api.CreateAccountAsync(directory.Data, nonceResponse.Nonce, new AcmeCreateAccount()
            {
                Contact = new List <string>()
                {
                    "mailto:[email protected]"
                }, TermsOfServiceAgreed = true
            });

            certificateFulfillmentPromise = await api.RequestCertificateAsync(directory.Data, accountResponse.Nonce, accountResponse.Data, certifcateRequest);

            authorizations = await api.GetChallengesAsync(certificateFulfillmentPromise.Data);

            //ASSERT
            authorizations.ShouldNotBeNull();
            authorizations.Count.ShouldBe(2);
            authorizations.ShouldAllBe(auth => auth.Status == AcmeApiResponseStatus.Success);
        }
Exemplo n.º 3
0
        public async Task DownloadCertificate_ShouldComplete()
        {
            //SETUP
            AcmeRestApi api = new AcmeRestApi(ProtoacmeContants.LETSENCRYPT_STAGING_ENDPOINT);
            AcmeApiResponse <AcmeDirectory> directory;
            AcmeApiResponse nonceResponse = null;
            AcmeApiResponse <AcmeAccount> accountResponse = null;
            AcmeApiResponse <AcmeCertificateFulfillmentPromise> certificateFulfillmentPromise = null;
            List <AcmeApiResponse <AcmeAuthorization> >         authorizations                = null;
            AcmeApiResponse <AcmeChallengeStatus>               challengeStatusResponse       = null;
            AcmeApiResponse <AcmeChallengeVerificationStatus>   challengeVerificationResponse = null;
            AcmeApiResponse <AcmeCertificateFulfillmentPromise> certificatePromiseResult      = null;
            AcmeApiResponse <ArraySegment <byte> >              certificateResult             = null;

            AcmeCertificateRequest certifcateRequest = new AcmeCertificateRequest()
            {
                Identifiers = new List <DnsCertificateIdentifier>()
                {
                    new DnsCertificateIdentifier()
                    {
                        Value = "test.com"
                    }
                }
            };

            //EXECUTE
            directory = await api.GetDirectoryAsync();

            nonceResponse = await api.GetNonceAsync(directory.Data);

            accountResponse = await api.CreateAccountAsync(directory.Data, nonceResponse.Nonce, new AcmeCreateAccount()
            {
                Contact = new List <string>()
                {
                    "mailto:[email protected]"
                }, TermsOfServiceAgreed = true
            });

            certificateFulfillmentPromise = await api.RequestCertificateAsync(directory.Data, accountResponse.Nonce, accountResponse.Data, certifcateRequest);

            authorizations = await api.GetChallengesAsync(certificateFulfillmentPromise.Data);

            AcmeChallenge httpChallenge = authorizations.First().Data.Challenges.First(t => t.Type.Equals("http-01"));
            string        authKey       = CreateAuthorizationKey(accountResponse.Data, httpChallenge.Token);

            challengeStatusResponse = await api.VerifyChallengeAsync(accountResponse.Data, httpChallenge, certificateFulfillmentPromise.Nonce, authKey);

            while (
                challengeVerificationResponse == null ||
                challengeVerificationResponse.Data.Status == "pending")
            {
                challengeVerificationResponse = await api.GetChallengeVerificationStatusAsync(httpChallenge);

                await Task.Delay(3000);
            }

            string csr = GenerateCSR(accountResponse.Data, "test.com");

            certificatePromiseResult = await api.FinalizeCertificatePromiseAsync(accountResponse.Data, challengeStatusResponse.Nonce, certificateFulfillmentPromise.Data, csr);

            certificateResult = await api.GetCertificateAsync(certificatePromiseResult.Data, CertificateType.Cert);

            //We will write the cert out to a temp directory if it exists. Otherwise, forget it.
            if (Directory.Exists(@"c:\temp"))
            {
                using (FileStream fs = new FileStream(@"c:\temp\mycert.cer", FileMode.Create))
                {
                    byte[] bytes = certificateResult.Data.Array;
                    fs.Write(bytes, 0, bytes.Length);
                }
            }

            //ASSERT (Cant really assert anything here. This call will mostlikey fail. There is no way to validate the domain here)
        }
Exemplo n.º 4
0
        public async Task FinalizeChallenge_ShouldComplete()
        {
            //SETUP
            AcmeRestApi api = new AcmeRestApi(ProtoacmeContants.LETSENCRYPT_STAGING_ENDPOINT);
            AcmeApiResponse <AcmeDirectory> directory;
            AcmeApiResponse nonceResponse = null;
            AcmeApiResponse <AcmeAccount> accountResponse = null;
            AcmeApiResponse <AcmeCertificateFulfillmentPromise> certificateFulfillmentPromise = null;
            List <AcmeApiResponse <AcmeAuthorization> >         authorizations                = null;
            AcmeApiResponse <AcmeChallengeStatus>               challengeStatusResponse       = null;
            AcmeApiResponse <AcmeChallengeVerificationStatus>   challengeVerificationResponse = null;
            AcmeApiResponse <AcmeCertificateFulfillmentPromise> certificatePromiseResult      = null;

            AcmeCertificateRequest certifcateRequest = new AcmeCertificateRequest()
            {
                Identifiers = new List <DnsCertificateIdentifier>()
                {
                    new DnsCertificateIdentifier()
                    {
                        Value = "test.com"
                    }
                }
            };

            //EXECUTE
            directory = await api.GetDirectoryAsync();

            nonceResponse = await api.GetNonceAsync(directory.Data);

            accountResponse = await api.CreateAccountAsync(directory.Data, nonceResponse.Nonce, new AcmeCreateAccount()
            {
                Contact = new List <string>()
                {
                    "mailto:[email protected]"
                }, TermsOfServiceAgreed = true
            });

            certificateFulfillmentPromise = await api.RequestCertificateAsync(directory.Data, accountResponse.Nonce, accountResponse.Data, certifcateRequest);

            authorizations = await api.GetChallengesAsync(certificateFulfillmentPromise.Data);

            AcmeChallenge httpChallenge = authorizations.First().Data.Challenges.First(t => t.Type.Equals("http-01"));
            string        authKey       = CreateAuthorizationKey(accountResponse.Data, httpChallenge.Token);

            challengeStatusResponse = await api.VerifyChallengeAsync(accountResponse.Data, httpChallenge, certificateFulfillmentPromise.Nonce, authKey);

            while (
                challengeVerificationResponse == null ||
                challengeVerificationResponse.Data.Status == "pending")
            {
                challengeVerificationResponse = await api.GetChallengeVerificationStatusAsync(httpChallenge);

                await Task.Delay(3000);
            }

            string csr = GenerateCSR(accountResponse.Data, "test.com");

            certificatePromiseResult = await api.FinalizeCertificatePromiseAsync(accountResponse.Data, challengeStatusResponse.Nonce, certificateFulfillmentPromise.Data, csr);

            //ASSERT (Cant really assert anything here. This call will mostlikey fail. There is no way to validate the domain here)
            certificatePromiseResult.ShouldNotBeNull();
        }