public void TestValidUnexpectedCert() { ExpectedCertificate allowed = new ExpectedCertificate("Some public key", IgnorePolicyErrors.None); SslCertValidator validator = new SslCertValidator(allowed); Assert.IsTrue(validator.CertRequired); Assert.IsFalse(validator.IsValid(null, _clientCert.Certificate, EmptyX509Chain, SslPolicyErrors.None)); }
public void TestValidAndExpectedCert() { ExpectedCertificate allowed = new ExpectedCertificate(_clientCert.Certificate.GetPublicKeyString(), IgnorePolicyErrors.None); SslCertValidator validator = new SslCertValidator(allowed); Assert.IsTrue(validator.CertRequired); Assert.IsTrue(validator.IsValid(null, _clientCert.Certificate, EmptyX509Chain, SslPolicyErrors.None)); Assert.IsFalse(validator.IsValid(null, _clientCert.Certificate, EmptyX509Chain, SslPolicyErrors.RemoteCertificateChainErrors)); }
public void TestAllowAnyValidCert() { SslCertValidator validator = new SslCertValidator( ); Assert.IsFalse(validator.CertRequired); Assert.IsTrue(validator.IsValid(null, _clientCert.Certificate, EmptyX509Chain, SslPolicyErrors.None)); Assert.IsFalse(validator.IsValid(null, _clientCert.Certificate, EmptyX509Chain, SslPolicyErrors.RemoteCertificateChainErrors)); }
public void TestAllowAnyTrustedCert() { ExpectedCertificate allowed = new ExpectedCertificate(); allowed.IgnoredErrors = IgnorePolicyErrors.NameMismatch; SslCertValidator validator = new SslCertValidator(allowed); Assert.IsTrue(validator.CertRequired); Assert.IsTrue(validator.IsValid(null, _clientCert.Certificate, EmptyX509Chain, SslPolicyErrors.RemoteCertificateNameMismatch)); Assert.IsFalse(validator.IsValid(null, _clientCert.Certificate, EmptyX509Chain, SslPolicyErrors.RemoteCertificateChainErrors)); }
public void TestAllowByHash() { ExpectedCertificate allowed = new ExpectedCertificate(); allowed.Hash = _clientCert.Certificate.GetCertHashString(); allowed.IgnoredErrors = IgnorePolicyErrors.All; SslCertValidator validator = new SslCertValidator(allowed); Assert.IsTrue(validator.CertRequired); Assert.IsTrue(validator.IsValid(null, _clientCert.Certificate, EmptyX509Chain, SslPolicyErrors.RemoteCertificateChainErrors)); }
public void TestDenyByPublicKey() { ExpectedCertificate allowed = new ExpectedCertificate(); allowed.PublicKey = _serverCert.Certificate.GetPublicKeyString(); allowed.IgnoredErrors = IgnorePolicyErrors.All; SslCertValidator validator = new SslCertValidator(allowed); Assert.IsTrue(validator.CertRequired); Assert.IsFalse(validator.IsValid(null, _clientCert.Certificate, EmptyX509Chain, SslPolicyErrors.RemoteCertificateChainErrors)); }