public void ShouldDenyMissingCert()
{
const string fingerPrint = "ED:40:5C:C9:E2:71:44:11:78:47:1C:09:6F:28:2E:B5:F9:4D:6E:CE:90:BC:64:5B:ED:9A:46:1F:20:E2:EE:4E";
const string url = "https://foo.bar";
var tti = new TalkToIngress(url + "/api/ingress/influx", fingerPrint);
bool certVerifyResult = tti.PinPublicKey(new object(), null, null, SslPolicyErrors.None);
Assert.False(certVerifyResult, "Fingerprint is invalid");
}
public void ShouldVerifyCorrectFingerprint()
{
const string fingerPrint = "ED:40:5C:C9:E2:71:44:11:78:47:1C:09:6F:28:2E:B5:F9:4D:6E:CE:90:BC:64:5B:ED:9A:46:1F:20:E2:EE:4E";
const string url = "https://foo.bar";
var certMock = new Mock <X509Certificate>(MockBehavior.Loose);
certMock.Setup(
x => x.GetCertHashString(It.Is <HashAlgorithmName>(alg => alg == HashAlgorithmName.SHA256)))
.Returns(fingerPrint.Replace(":", string.Empty).ToUpperInvariant())
.Verifiable();
var tti = new TalkToIngress(url + "/api/ingress/influx", fingerPrint);
bool certVerifyResult = tti.PinPublicKey(new object(), certMock.Object, null, SslPolicyErrors.None);
certMock.Verify();
Assert.True(certVerifyResult, "Fingerprint is valid");
}