private void LoadRootCertificates(RootCertificateCollectionConfig rootCertificateCollectionConfig)
{
CertificateLoader certificateLoader = new CertificateLoader();
foreach (RootCertificateLocation rootCertificateLocation in rootCertificateCollectionConfig.RootCertificateCollection)
{
try
{
X509Certificate2 loadedRootCertificate = certificateLoader.GetCertificateFromCertificateStoreInformation(rootCertificateLocation);
this.rootCertificateDirectory.Add(loadedRootCertificate.Thumbprint.ToLowerInvariant(), loadedRootCertificate);
}
catch (CertificateLoaderCertificateNotFoundException notFoundException)
{
// So, this root certificate was not found.
try
{
this.logger.Warn(notFoundException.Message);
}
catch (Exception)
{
this.logger.Warn(string.Format("Root certificate ({0}) not found. StoreLocation: {1}. StoreName: {2}. SerialNumber: {3}.", rootCertificateLocation.Description, rootCertificateLocation.StoreLocation, rootCertificateLocation.StoreName, rootCertificateLocation.SerialNumber));
}
}
catch (Exception ex)
{
Debug.Fail(ex.Message);
}
}
}
public void _01_TestInitConfigurationEmpty()
{
ConfigurationHandler.ConfigFilePath = "Resources/RaspConfiguration.Live.xml";
ConfigurationHandler.Reset();
RootCertificateCollectionConfig rootCertificateCollectionConfig = ConfigurationHandler.GetConfigurationSection <RootCertificateCollectionConfig>();
RootCertificateLocation[] rootCertificateLocation = rootCertificateCollectionConfig.RootCertificateCollection;
Assert.AreEqual(1, rootCertificateLocation.Length, "Expected 2 root certificated.");
}
/// <summary>
/// Default constructor which makes it load configuration from
/// app.config
/// </summary>
public MultipleRootX509CertificateValidator()
{
this.logger = LoggerFactory.Create(this.GetType());
this.rootCertificateDirectory = new Dictionary <string, X509Certificate2>();
RootCertificateCollectionConfig rootCertificateCollectionConfig = ConfigurationHandler.GetConfigurationSection <RootCertificateCollectionConfig>();
try
{
this.LoadRootCertificates(rootCertificateCollectionConfig);
}
catch (Exception exception)
{
// log the exception to the log fil, and then throw it again
this.logger.Fatal(exception);
throw;
}
}
/// <summary>
/// Liver certificate default root certificate configuration
/// </summary>
public virtual void SetProductionDefaultRootCertificateCollectionConfig()
{
RootCertificateCollectionConfig rootCertificateCollectionConfig = ConfigurationHandler.GetConfigurationSection <RootCertificateCollectionConfig>();
RootCertificateLocation certificatLocation;
////// OCES 1
////certificatLocation = new RootCertificateLocation();
////certificatLocation.Description = "TDC OCES CA";
////certificatLocation.SerialNumber = "3E48BDC4";
////certificatLocation.StoreLocation = StoreLocation.LocalMachine;
////certificatLocation.StoreName = StoreName.Root;
////rootCertificateCollectionConfig.GetAsList().Add(certificatLocation);
// OCES 2
certificatLocation = new RootCertificateLocation();
certificatLocation.Description = "TRUST2408 OCES Primary CA";
certificatLocation.SerialNumber = "4b8e6003";
certificatLocation.StoreLocation = StoreLocation.LocalMachine;
certificatLocation.StoreName = StoreName.Root;
rootCertificateCollectionConfig.GetAsList().Add(certificatLocation);
}
/// <summary>
/// Test default root certificate configuration
/// </summary>
public virtual void SetTestDefaultRootCertificateCollectionConfig()
{
RootCertificateCollectionConfig rootCertificateCollectionConfig = ConfigurationHandler.GetConfigurationSection <RootCertificateCollectionConfig>();
RootCertificateLocation certificatLocation;
// OCES 1
////certificatLocation = new RootCertificateLocation();
////certificatLocation.Description = "TDC OCES Systemtest CA II";
////certificatLocation.SerialNumber = "403617FC";
////certificatLocation.StoreLocation = StoreLocation.LocalMachine;
////certificatLocation.StoreName = StoreName.Root;
////rootCertificateCollectionConfig.GetAsList().Add(certificatLocation);
// OCES 2
certificatLocation = new RootCertificateLocation();
certificatLocation.Description = "TRUST2408 Systemtest VII Primary CA";
certificatLocation.SerialNumber = "4bea6e94";
certificatLocation.StoreLocation = StoreLocation.LocalMachine;
certificatLocation.StoreName = StoreName.Root;
rootCertificateCollectionConfig.GetAsList().Add(certificatLocation);
}
public MultipleRootX509CertificateValidator(RootCertificateCollectionConfig rootCertificateCollectionConfig)
{
this.logger = LoggerFactory.Create(this.GetType());
this.rootCertificateDirectory = new Dictionary <string, X509Certificate2>();
this.LoadRootCertificates(rootCertificateCollectionConfig);
}
/// <summary>
/// Loads the configured OCES default root certificate
/// </summary>
/// <returns>The loaded x509 certificate. If no certificate is found, an exception is thrown.</returns>
public IList <X509Certificate2> GetDefaultOcesRootCertificateListFromStore()
{
IList <X509Certificate2> list = new List <X509Certificate2>();
RootCertificateCollectionConfig rootCertificateConfig = ConfigurationHandler.GetConfigurationSection <RootCertificateCollectionConfig>();
X509Certificate2 certificate2;
CertificateLoader certificateLoader = new CertificateLoader();
IList <Exception> exceptions = new List <Exception>();
foreach (CertificateStoreIdentification certificateStoreIdentification in rootCertificateConfig.GetAsList())
{
// reset certificate to null
certificate2 = null;
try
{
// tries to retrive the certificate
certificate2 = certificateLoader.GetCertificateFromCertificateStoreInformation(certificateStoreIdentification);
}
catch (Exception ex)
{
// store the exception
// it is log later
exceptions.Add(ex);
}
// only add the certificate, if one found
if (certificate2 != null)
{
list.Add(certificate2);
}
}
if (list.Count == 0)
{
// no root certificate was found.
// logging the exception
foreach (Exception exception in exceptions)
{
this.logger.Error(exceptions);
}
// and throw the latest exception
if (exceptions.Count > 0)
{
throw exceptions[exceptions.Count - 1];
}
else
{
// no exception
// an no root certificate
throw new CertificateHandlingException(new Exception("No root certificate was found!"));
}
}
else
{
// some root certificate found
// only log exceptions as debug
foreach (Exception exception in exceptions)
{
this.logger.Debug(exceptions);
}
}
return(list);
}
