public void InitializedAdministrators()
{
CertificateIssuer issuer = new CertificateIssuer("test")
{
AccountId = "accountId",
AdministratorContacts =
{
new AdministratorContact
{
Email = "*****@*****.**",
},
},
};
using JsonStream json = new JsonStream();
using (Utf8JsonWriter writer = json.CreateWriter())
{
writer.WriteStartObject();
((IJsonSerializable)issuer).WriteProperties(writer);
writer.WriteEndObject();
}
Assert.AreEqual(@"{""credentials"":{""account_id"":""accountId""},""org_details"":{""admin_details"":[{""email"":""*****@*****.**""}]}}", json.ToString());
}
public async Task VerifyGetPropertiesOfIssuersAsync()
{
string issuerName = Recording.GenerateId();
string issuerName1 = Recording.GenerateId();
string providerName = "ssladmin";
string providerName1 = "onecert";
CertificateIssuer issuer = new CertificateIssuer(issuerName, providerName);
CertificateIssuer issuer1 = new CertificateIssuer(issuerName1, providerName1);
RegisterForCleanupIssuer(issuerName);
RegisterForCleanupIssuer(issuerName1);
await Client.CreateIssuerAsync(issuer);
await Client.CreateIssuerAsync(issuer1);
List <IssuerProperties> issuerProperties = await Client.GetPropertiesOfIssuersAsync().ToEnumerableAsync();
foreach (IssuerProperties issuerPropertie in issuerProperties)
{
Assert.NotNull(issuerPropertie);
IssuerProperties returnPropertie = issuerProperties.Single(s => s.Id == issuerPropertie.Id);
Assert.AreEqual(issuerPropertie.Provider, returnPropertie.Provider);
// TODO: https://github.com/Azure/azure-sdk-for-net/issues/10908
// https://github.com/Azure/azure-sdk-for-net/issues/10905
// Assert.AreEqual(issuerPropertie.Name, returnPropertie.Name);
}
}
public async Task VerifyGetIssuer()
{
string issuerName = Recording.GenerateId();
string providerName = "ssladmin";
CertificateIssuer issuer = new CertificateIssuer(issuerName, providerName)
{
AdministratorContacts =
{
new AdministratorContact
{
Email = "*****@*****.**",
FirstName = "fName",
LastName = "lName",
Phone = "1234"
},
},
};
RegisterForCleanupIssuer(issuerName);
await Client.CreateIssuerAsync(issuer);
CertificateIssuer getIssuer = await Client.GetIssuerAsync(issuerName);
Assert.NotNull(getIssuer);
Assert.NotNull(getIssuer.Id);
Assert.AreEqual(issuer.Provider, getIssuer.Provider);
// TODO: https://github.com/Azure/azure-sdk-for-net/issues/10908
// https://github.com/Azure/azure-sdk-for-net/issues/10905
// Assert.AreEqual(issuer.Name, getIssuer.Name);
}
public void NameDeSerialization()
{
const string name = "2100662614";
Uri id = new Uri($"https://some.vault.azure.net/certificates/issuers/{name}");
const string accountId = "accountId";
const string firstName = "fName";
const string lastName = "lName";
const string email = "*****@*****.**";
const string phone = "123-123-1234";
string expectedJson = $@"{{""id"":""{id.AbsoluteUri}"",""provider"":""ssladmin"",""credentials"":{{""account_id"":""{accountId}""}},""org_details"":{{""zip"":0,""admin_details"":[{{""first_name"":""{firstName}"",""last_name"":""{lastName}"",""email"":""{email}"",""phone"":""{phone}""}}]}},""attributes"":{{""enabled"":true,""created"":1592839861,""updated"":1592839861}}}}";
// De-Serialze the CertificateIssuer.
var jDoc = JsonDocument.Parse(expectedJson);
CertificateIssuer deserializedIssuer = new CertificateIssuer();
((IJsonDeserializable)deserializedIssuer).ReadProperties(jDoc.RootElement);
// Assert that the CertificateIssuer was de-serialized properly.
Assert.That(deserializedIssuer.Id, Is.EqualTo(id));
Assert.That(deserializedIssuer.Name, Is.EqualTo(name));
Assert.That(deserializedIssuer.AccountId, Is.EqualTo(accountId));
Assert.That(deserializedIssuer.AdministratorContacts[0].Email, Is.EqualTo(email));
Assert.That(deserializedIssuer.AdministratorContacts[0].FirstName, Is.EqualTo(firstName));
Assert.That(deserializedIssuer.AdministratorContacts[0].LastName, Is.EqualTo(lastName));
Assert.That(deserializedIssuer.AdministratorContacts[0].Phone, Is.EqualTo(phone));
}
public async Task IssueCertificateTest()
{
var serialNumberGenerator = new SerialNumberGenerator(Configuration.StorageConnectionString, Configuration.StorageContainerName);
var issuer = new CertificateIssuer(_client, Configuration.RootCertificateId, serialNumberGenerator);
X509Certificate2 certificate = await issuer.IssueCertificateAsync("Test Certificate", GeneratePublicKeyParameters());
Assert.Equal("CN=Test Certificate", certificate.Subject);
}
public async Task VerifyCertificateOperationError()
{
string issuerName = Recording.GenerateId();
string certName = Recording.GenerateId();
CertificateIssuer certIssuer = new CertificateIssuer(issuerName, "DigiCert")
{
AccountId = "test",
Password = "******",
OrganizationId = "test",
};
await Client.CreateIssuerAsync(certIssuer);
CertificateOperation operation = null;
try
{
CertificatePolicy certificatePolicy = DefaultPolicy;
certificatePolicy.IssuerName = issuerName;
operation = await Client.StartCreateCertificateAsync(certName, certificatePolicy);
operation = InstrumentOperation(operation);
RegisterForCleanup(certName);
using CancellationTokenSource cts = new CancellationTokenSource(TimeSpan.FromMinutes(2));
TimeSpan pollingInterval = Mode == RecordedTestMode.Playback ? TimeSpan.Zero : KeyVaultTestEnvironment.DefaultPollingInterval;
while (!operation.HasCompleted)
{
await Task.Delay(pollingInterval, cts.Token);
await operation.UpdateStatusAsync(cts.Token);
}
InvalidOperationException ex = Assert.Throws <InvalidOperationException>(() => { KeyVaultCertificateWithPolicy cert = operation.Value; });
StringAssert.StartsWith("The certificate operation failed: ", ex.Message);
Assert.IsTrue(operation.HasCompleted);
Assert.IsFalse(operation.HasValue);
Assert.AreEqual(200, operation.GetRawResponse().Status);
Assert.AreEqual("failed", operation.Properties.Status);
}
catch (TaskCanceledException) when(operation != null)
{
Assert.Inconclusive("Timed out while waiting for operation {0}", operation.Id);
}
finally
{
await Client.DeleteIssuerAsync(issuerName);
}
}
public void UpdateIssuerArgumentValidation()
{
ArgumentException ex = Assert.ThrowsAsync <ArgumentNullException>(() => Client.UpdateIssuerAsync(null));
Assert.AreEqual("issuer", ex.ParamName);
CertificateIssuer issuer = new CertificateIssuer();
ex = Assert.ThrowsAsync <ArgumentException>(() => Client.UpdateIssuerAsync(issuer));
Assert.AreEqual("issuer", ex.ParamName);
StringAssert.StartsWith("issuer.Name cannot be null or an empty string.", ex.Message);
}
public void InitializedAdministrators()
{
const string expectedJson = @"{""provider"":""provider"",""credentials"":{""account_id"":""accountId""},""org_details"":{""admin_details"":[{""first_name"":""fName"",""last_name"":""lName"",""email"":""*****@*****.**"",""phone"":""1234""}]}}";
CertificateIssuer issuer = new CertificateIssuer("test", "provider")
{
AccountId = "accountId",
AdministratorContacts =
{
new AdministratorContact
{
Email = "*****@*****.**",
FirstName = "fName",
LastName = "lName",
Phone = "1234"
},
},
};
// Serialize the CertificateIssuer.
using JsonStream json = new JsonStream();
using (Utf8JsonWriter writer = json.CreateWriter())
{
writer.WriteStartObject();
((IJsonSerializable)issuer).WriteProperties(writer);
writer.WriteEndObject();
}
// Assert that the CertificateIssuer was serialized properly.
Assert.That(expectedJson, Is.EqualTo(json.ToString()));
// De-Serialze the CertificateIssuer.
var jDoc = JsonDocument.Parse(expectedJson);
CertificateIssuer deserializedIssuer = new CertificateIssuer();
((IJsonDeserializable)deserializedIssuer).ReadProperties(jDoc.RootElement);
// Assert that the CertificateIssuer was de-serialized properly.
Assert.That(deserializedIssuer.AccountId, Is.EqualTo(issuer.AccountId));
Assert.That(deserializedIssuer.AdministratorContacts[0].Email, Is.EqualTo(issuer.AdministratorContacts[0].Email));
Assert.That(deserializedIssuer.AdministratorContacts[0].FirstName, Is.EqualTo(issuer.AdministratorContacts[0].FirstName));
Assert.That(deserializedIssuer.AdministratorContacts[0].LastName, Is.EqualTo(issuer.AdministratorContacts[0].LastName));
Assert.That(deserializedIssuer.AdministratorContacts[0].Phone, Is.EqualTo(issuer.AdministratorContacts[0].Phone));
}
public void UninitializedAdministrators()
{
CertificateIssuer issuer = new CertificateIssuer("test")
{
AccountId = "accountId",
};
using JsonStream json = new JsonStream();
using (Utf8JsonWriter writer = json.CreateWriter())
{
writer.WriteStartObject();
((IJsonSerializable)issuer).WriteProperties(writer);
writer.WriteEndObject();
}
Assert.AreEqual(@"{""credentials"":{""account_id"":""accountId""}}", json.ToString());
}
public async Task VerifyGetIssuer()
{
string issuerName = Recording.GenerateId();
string providerName = "ssladmin";
CertificateIssuer issuer = new CertificateIssuer(issuerName, providerName);
RegisterForCleanupIssuer(issuerName);
await Client.CreateIssuerAsync(issuer);
CertificateIssuer getIssuer = await Client.GetIssuerAsync(issuerName);
Assert.NotNull(getIssuer);
Assert.NotNull(getIssuer.Id);
Assert.AreEqual(issuer.Provider, getIssuer.Provider);
// TODO: https://github.com/Azure/azure-sdk-for-net/issues/10908
// https://github.com/Azure/azure-sdk-for-net/issues/10905
// Assert.AreEqual(issuer.Name, getIssuer.Name);
}
public async Task VerifyUpdateIssuer()
{
string issuerName = Recording.GenerateId();
string providerName = "ssladmin";
CertificateIssuer issuer = new CertificateIssuer(issuerName, providerName);
RegisterForCleanupIssuer(issuerName);
await Client.CreateIssuerAsync(issuer);
string updateProvider = "onecert";
issuer = new CertificateIssuer(issuerName, updateProvider);
Assert.NotNull(issuer);
CertificateIssuer updateIssuer = await Client.UpdateIssuerAsync(issuer);
Assert.NotNull(updateIssuer);
Assert.NotNull(updateIssuer.UpdatedOn);
Assert.AreEqual(updateProvider, updateIssuer.Provider);
}
public byte[] Get()
{
try
{
var path = Path.Combine(Directory.GetCurrentDirectory(), "Certificates\\DevCertRootCA.pfx");
Certificate ca = Certificate.LoadPfx(path, "", KeySetOptions.MachineKeySet);
// prepare certificate info
var info = new CertificateInfo();
// specify certificate validity range
info.EffectiveDate = DateTime.Now.AddDays(-1);
info.ExpirationDate = info.EffectiveDate.AddYears(1);
// specify certificate subject for a client certificate
info.Subject = new DistinguishedName("CN=Sample Certificate");
// specify certificate usage for a client certificate
info.Usage = KeyUses.DigitalSignature | KeyUses.KeyEncipherment | KeyUses.DataEncipherment;
// specify certificate extended usage for a client certificate
info.SetExtendedUsage(ExtendedUsageOids.ClientAuthentication, ExtendedUsageOids.EmailProtection);
// sets a unique serial number
info.SetSerialNumber(Guid.NewGuid().ToByteArray());
// use SHA-256 signature algorithm
info.SignatureHashAlgorithm = HashingAlgorithmId.SHA256;
// generate a 2048-bit RSA key for the certificate
PrivateKeyInfo privateKey;
using (var alg = new AsymmetricKeyAlgorithm())
{
alg.GenerateKey(AsymmetricKeyAlgorithmId.RSA, 2048);
privateKey = alg.GetPrivateKey();
}
// create the certificate signed by the CA certificate
PublicKeyInfo publicKey = privateKey.GetPublicKey();
Certificate certificate = CertificateIssuer.Issue(ca, info, publicKey);
// associate the private key with the certificate
certificate.Associate(privateKey);
using (CertificateStore store = new CertificateStore(CertificateStoreName.My, CertificateStoreLocation.LocalMachine))
{
store.Add(certificate);
}
using (CertificateStore store = new CertificateStore(CertificateStoreName.TrustedPeople, CertificateStoreLocation.LocalMachine))
{
store.Add(certificate);
}
var memoryStream = new MemoryStream();
certificate.Save(memoryStream, CertificateFormat.Pfx);
return(memoryStream.ToArray());
} catch (Exception ex)
{
_logger.LogError(ex.Message);
throw ex;
}
}
