public void TestSignAndValidateNotTrusted() { GenericCredentialVault vault = new GenericCredentialVault(); //Add test certificate to vault X509Certificate2 newCert = new X509Certificate2(AppDomain.CurrentDomain.SetupInformation.ApplicationBase + "\\Resources\\oces2\\PP\\FOCES_gyldig.p12", "Test1234"); var cert2 = new X509Certificate2(AppDomain.CurrentDomain.SetupInformation.ApplicationBase + "\\Resources\\oces2\\PP\\VOCES_gyldig.p12", "Test1234"); cert2.FriendlyName = vault.ALIAS_SYSTEM; vault.AddTrustedCertificate(cert2); var ass = AssertionMaker.MakeAssertionForSTS(newCert); var signedAss = SealUtilities.SignAssertion(ass, newCert); var signedXml = Serialize(signedAss); try { SignatureUtil.Validate(signedXml.Root, null, vault, true, true); } catch (Exception e) { //Assert.IsInstanceOfType(e, typeof(ModelException)); } }
public void TestDirectCall() { //Test mod lokal FMK service med lokal genereret SOSI kort var client = new proxy.MedicineCardPortTypeClient("localFMK"); var ass = SealUtilities.SignAssertion(AssertionMaker.MakeAssertion(), Global.MocesCprGyldig); client.GetMedicineCard_20120101(MakeSecurity(ass), MakeHeader()); }
public void TestAssertionSign() { var ass = SealUtilities.SignAssertion(AssertionMaker.MakeAssertion(), Global.MocesCprGyldig); Assert.IsTrue(SealUtilities.CheckAssertionSignature(ass)); var sec = MakeSecurity(AssertionMaker.MakeAssertion()); sec = SealUtilities.SignAssertion(sec, Global.MocesCprGyldig); Assert.IsTrue(SealUtilities.CheckAssertionSignature(sec)); }
private bool SignAndValidate(X509Certificate2 cert, bool checkTrust, bool checkRevoked) { GenericCredentialVault vault = new GenericCredentialVault(); cert.FriendlyName = vault.ALIAS_SYSTEM; vault.AddTrustedCertificate(cert); var ass = AssertionMaker.MakeAssertionForSTS(cert); var signedAss = SealUtilities.SignAssertion(ass, cert); var signedXml = Serialize(signedAss); return(SignatureUtil.Validate(signedXml.Root, null, vault, checkTrust, checkRevoked)); }
public void TestAssertionSign_new() { var factory = CreateSOSIFactory(Global.MocesCprGyldig); var uid = CreateMocesUserIdCard(factory); var ass = uid.Sign <dk.nsi.fmk.Assertion>(factory.SignatureProvider); Assert.IsTrue(SealUtilities.CheckAssertionSignature(ass)); var uid2 = CreateMocesUserIdCard(factory); var sec = MakeSecurity(uid2.GetAssertion <dk.nsi.fmk.Assertion>()); sec = SealUtilities.SignAssertion(sec, Global.MocesCprGyldig); Assert.IsTrue(SealUtilities.CheckAssertionSignature(sec)); }
public XElement Sign(Assertion ass) { ass = SealUtilities.SignAssertion(ass, Vault.GetSystemCredentials()); return(SerializerUtil.Serialize(ass).Root); }
public static Assertion MakeAssertionForSTS(X509Certificate2 certificate) { var vnow = DateTimeEx.UtcNowRound - TimeSpan.FromMinutes(5); var ass = new Assertion { IssueInstant = vnow, id = "IDCard", Version = 2.0m, Issuer = "WinPLC", Conditions = new Conditions { NotBefore = vnow, NotOnOrAfter = vnow + TimeSpan.FromHours(8) }, Subject = new Subject { NameID = new NameID { Format = "http://rep.oio.dk/cpr.dk/xml/schemas/core/2005/03/18/CPR_PersonCivilRegistrationIdentifier.xsd", Value = "2203333571" }, SubjectConfirmation = new SubjectConfirmation { ConfirmationMethod = ConfirmationMethod.urnoasisnamestcSAML20cmholderofkey, SubjectConfirmationData = new SubjectConfirmationData { Item = new KeyInfo { Item = "OCESSignature" } } } }, AttributeStatement = new[] { new AttributeStatement { id = AttributeStatementID.IDCardData, Attribute = new[] { new Attribute { Name = SosiAttributes.IDCardID, AttributeValue = Guid.NewGuid().ToString("D") }, new Attribute { Name = SosiAttributes.IDCardVersion, AttributeValue = "1.0.1" }, new Attribute { Name = SosiAttributes.IDCardType, AttributeValue = "user" }, new Attribute { Name = SosiAttributes.AuthenticationLevel, AttributeValue = "4" } } }, new AttributeStatement { id = AttributeStatementID.UserLog, Attribute = new[] { new Attribute { Name = MedComAttributes.UserCivilRegistrationNumber, AttributeValue = "1802602810" }, new Attribute { Name = MedComAttributes.UserGivenName, AttributeValue = "Stine" }, new Attribute { Name = MedComAttributes.UserSurname, AttributeValue = "Svendsen" }, new Attribute { Name = MedComAttributes.UserEmailAddress, AttributeValue = "*****@*****.**" }, new Attribute { Name = MedComAttributes.UserRole, AttributeValue = "7170" }, new Attribute { Name = MedComAttributes.UserAuthorizationCode, AttributeValue = "ZXCVB" } } }, new AttributeStatement { id = AttributeStatementID.SystemLog, Attribute = new[] { new Attribute { Name = MedComAttributes.ItSystemName, AttributeValue = "Sygdom.dk" }, new Attribute { Name = MedComAttributes.CareProviderId, AttributeValue = "30808460", NameFormat = "medcom:cvrnumber" }, new Attribute { Name = MedComAttributes.CareProviderName, AttributeValue = "Statens Serum Institut" } } } } }; return(certificate == null ? ass : SealUtilities.SignAssertion(ass, certificate)); }
private Assertion MakeAssertionForSts(X509Certificate2 certificate) { var vnow = FiveMinutesAgoUtc(); var ass = new Assertion { IssueInstant = FiveMinutesAgoUtc(), id = "IDCard", Version = 2.0m, Issuer = _issuer, Conditions = new Conditions { NotBefore = vnow, NotOnOrAfter = vnow + TimeSpan.FromHours(8) }, Subject = new Subject { NameID = new NameID { Format = SubjectIdentifierType.medcomcprnumber, Value = _userCpr }, SubjectConfirmation = new SubjectConfirmation { ConfirmationMethod = global::dk.nsi.seal.dgwstypes.ConfirmationMethod.urnoasisnamestcSAML20cmholderofkey, SubjectConfirmationData = new SubjectConfirmationData { Item = new KeyInfo { Item = "OCESSignature" } } } }, AttributeStatement = new[] { new AttributeStatement { id = AttributeStatementID.IDCardData, Attribute = new[] { new Attribute { Name = AttributeName.sosiIDCardID, AttributeValue = Guid.NewGuid().ToString("D") }, new Attribute { Name = AttributeName.sosiIDCardVersion, AttributeValue = "1.0.1" }, new Attribute { Name = AttributeName.sosiIDCardType, AttributeValue = "user" }, new Attribute { Name = AttributeName.sosiAuthenticationLevel, AttributeValue = "4" }, new Attribute { Name = AttributeName.sosiOCESCertHash, AttributeValue = EncodeTo64(certificate) } } }, new AttributeStatement { id = AttributeStatementID.UserLog, Attribute = new[] { new Attribute { Name = AttributeName.medcomUserCivilRegistrationNumber, AttributeValue = _userCpr }, new Attribute { Name = AttributeName.medcomUserGivenName, AttributeValue = _userGivenName }, new Attribute { Name = AttributeName.medcomUserSurName, AttributeValue = _userSurName }, new Attribute { Name = AttributeName.medcomUserEmailAddress, AttributeValue = _userEmail }, new Attribute { Name = AttributeName.medcomUserRole, AttributeValue = _userRole }, new Attribute { Name = AttributeName.medcomUserAuthorizationCode, AttributeValue = _userAuthCode } } }, new AttributeStatement { id = AttributeStatementID.SystemLog, Attribute = new[] { new Attribute { Name = AttributeName.medcomITSystemName, AttributeValue = _itSystemName }, new Attribute { Name = AttributeName.medcomCareProviderID, AttributeValue = _sosiCareProviderCvr, NameFormatSpecified = true, NameFormat = SubjectIdentifierType.medcomcvrnumber }, new Attribute { Name = AttributeName.medcomCareProviderName, AttributeValue = _sosiCareProviderName } } } } }; return(SealUtilities.SignAssertion(ass, certificate)); }