Exemplo n.º 1
0
        /// <summary>
        /// test loadup ca and make cert
        /// </summary>
        /// <param name="xmlstring"></param>
        private void TestLoadupCAandMakeCert(string xmlstring)
        {
            var sw       = Stopwatch.StartNew();
            var ca       = CertificateAuthority.FromXmlString(xmlstring);
            var catim    = sw.ElapsedMilliseconds;
            var cermaker = new Certificate(ca, "CN=actualcer", 0, TimeSpan.FromMinutes(3));
            var cer      = cermaker.Cert;

            Assert.IsNotNull(cer);
            Assert.IsTrue(cer.HasPrivateKey);
            sw.Stop();

            var cp = new X509ChainPolicy();

            cp.ExtraStore.Add(ca.PublicKey);
            cp.VerificationFlags = X509VerificationFlags.AllowUnknownCertificateAuthority;
            cp.RevocationMode    = X509RevocationMode.NoCheck;
            cp.RevocationFlag    = X509RevocationFlag.EndCertificateOnly;


            var chain = new X509Chain
            {
                ChainPolicy = cp
            };

            var built = chain.Build(cer);

            Assert.IsTrue(built, "should have built a validated chain");
            Assert.IsTrue(chain.ChainElements.Cast <X509ChainElement>().Select(x => x.Certificate).Contains(ca.PublicKey), "expecting chain to have our generated CA");
            Assert.IsTrue(chain.ChainElements.Cast <X509ChainElement>().Select(x => x.Certificate).Contains(cer), "expecting chain to have our actual cert");
            Assert.AreEqual(2, chain.ChainElements.Count, "chain element count");
        }