internal TLSIdentity ImportTLSIdentityFromPkc12(string label)
{
using (_store = new X509Store(StoreName.My)) {
// Check if identity exists, use the id if it is.
var id = TLSIdentity.GetIdentity(_store, label, null);
if (id != null)
{
return(id);
}
try {
byte[] data = null;
using (var stream = ResourceLoader.GetEmbeddedResourceStream(typeof(ListenerViewModel).GetTypeInfo().Assembly, $"{ListenerCertKeyP12File}.p12")) {
using (var reader = new BinaryReader(stream)) {
data = reader.ReadBytes((int)stream.Length);
}
}
id = TLSIdentity.ImportIdentity(_store, data, ListenerCertKeyExportPassword, label, null);
} catch (Exception ex) {
Debug.WriteLine($"Error while loading self signed cert : {ex}");
}
return(id);
}
}
internal TLSIdentity CreateIdentityWithCertLabel(string label)
{
using (_store = new X509Store(StoreName.My)) {
// Check if identity exists, use the id if it is.
var id = TLSIdentity.GetIdentity(_store, label, null);
if (id != null)
{
return(id);
}
try {
id = TLSIdentity.CreateIdentity(true,
new Dictionary <string, string>()
{
{ Certificate.CommonNameAttribute, ListenerCommonName }
},
null,
_store,
label,
null);
} catch (Exception ex) {
Debug.WriteLine($"Error while creating self signed cert : {ex}");
}
return(id);
}
}
public void TestCertificateExpiration()
{
TLSIdentity id;
// Delete
TLSIdentity.DeleteIdentity(_store, ServerCertLabel, null);
//Get
id = TLSIdentity.GetIdentity(_store, ServerCertLabel, null);
id.Should().BeNull();
var fiveMinToExpireCert = DateTimeOffset.UtcNow.AddMinutes(5);
id = TLSIdentity.CreateIdentity(true,
new Dictionary <string, string>()
{
{ Certificate.CommonNameAttribute, "CA-P2PTest" }
},
fiveMinToExpireCert,
_store,
ServerCertLabel,
null);
(id.Expiration - DateTimeOffset.UtcNow).Should().BeGreaterThan(TimeSpan.MinValue);
(id.Expiration - DateTimeOffset.UtcNow).Should().BeLessOrEqualTo(TimeSpan.FromMinutes(5));
// Delete
TLSIdentity.DeleteIdentity(_store, ServerCertLabel, null);
}
public void TestCreateIdentityWithNoAttributesOrEmptyAttributes()
{
// Delete
TLSIdentity.DeleteIdentity(_store, ServerCertLabel, null);
//Get
var id = TLSIdentity.GetIdentity(_store, ServerCertLabel, null);
id.Should().BeNull();
// Create id with empty Attributes
Action badAction = (() => TLSIdentity.CreateIdentity(true,
new Dictionary <string, string>()
{
},
null,
_store,
ServerCertLabel,
null));
badAction.Should().Throw <CouchbaseLiteException>(CouchbaseLiteErrorMessage.CreateCertAttributeEmpty);
// Create id with null Attributes
badAction = (() => TLSIdentity.CreateIdentity(true,
null,
null,
_store,
ServerCertLabel,
null));
badAction.Should().Throw <CouchbaseLiteException>(CouchbaseLiteErrorMessage.CreateCertAttributeEmpty);
}
public void TestImportIdentity()
{
TLSIdentity id;
byte[] data = null;
using (var stream = typeof(TLSIdentityTest).GetTypeInfo().Assembly.GetManifestResourceStream("certs.p12"))
using (var reader = new BinaryReader(stream)) {
data = reader.ReadBytes((int)stream.Length);
}
// Import
id = TLSIdentity.ImportIdentity(_store, data, "123", ServerCertLabel, null);
id.Should().NotBeNull();
id.Certs.Count.Should().Be(2);
ValidateCertsInStore(id.Certs, _store).Should().BeTrue();
// Get
id = TLSIdentity.GetIdentity(_store, ServerCertLabel, null);
id.Should().NotBeNull();
}
private void CreateGetDeleteServerIdentity(bool isServer)
{
string commonName = isServer ? "CBL-Server" : "CBL-Client";
string label = isServer ? ServerCertLabel : ClientCertLabel;
TLSIdentity id;
// Delete
TLSIdentity.DeleteIdentity(_store, label, null);
//Get
id = TLSIdentity.GetIdentity(_store, label, null);
id.Should().BeNull();
// Create
id = TLSIdentity.CreateIdentity(isServer,
new Dictionary <string, string>()
{
{ Certificate.CommonNameAttribute, commonName }
},
null,
_store,
label,
null);
id.Should().NotBeNull();
id.Certs.Count.Should().Be(1);
ValidateCertsInStore(id.Certs, _store).Should().BeTrue();
// Get
id = TLSIdentity.GetIdentity(_store, label, null);
id.Should().NotBeNull();
id.Certs.Count.Should().Be(1);
ValidateCertsInStore(id.Certs, _store).Should().BeTrue();
// Delete
TLSIdentity.DeleteIdentity(_store, label, null);
// Get
id = TLSIdentity.GetIdentity(_store, label, null);
id.Should().BeNull();
}
public void TestGetIdentityWithCertCollection()
{
TLSIdentity id;
TLSIdentity.DeleteIdentity(_store, ClientCertLabel, null);
TLSIdentity identity = TLSIdentity.CreateIdentity(false,
new Dictionary <string, string>()
{
{ Certificate.CommonNameAttribute, "CA-P2PTest1" }
},
null,
_store,
ClientCertLabel,
null);
var certs = identity.Certs;
id = TLSIdentity.GetIdentity(certs);
id.Should().NotBeNull();
// Delete
TLSIdentity.DeleteIdentity(_store, ClientCertLabel, null);
}
