public void ShouldSignXml() { // Given var signingCertificate = TestCertificates.GetCertificate(); var xmlDocument = CreateXmlDocument(); // When var signedXmlDocument = SignXmlDocument(xmlDocument, signingCertificate); // Then Assert.IsTrue(VerifyXmlDocumentSignature(signedXmlDocument)); }
public void ShouldSignXml() { // Given var signingCertificate = TestCertificates.GetCertificate(); var smevRequest = CreateSmevRequest(); // When var signedXmlDocument = SignSmevRequest(smevRequest, signingCertificate); // Then Assert.IsTrue(VerifySmevRequestSignature(signedXmlDocument)); }
protected virtual async Task SasProvisionEdgeAsync(bool withCerts = false) { using (var cts = new CancellationTokenSource(Context.Current.SetupTimeout)) { CancellationToken token = cts.Token; DateTime startTime = DateTime.Now; this.device = await EdgeDevice.GetOrCreateIdentityAsync( Context.Current.DeviceId.GetOrElse(DeviceId.Current.Generate()), this.GetNestedEdgeConfig(this.IotHub), this.IotHub, AuthenticationType.Sas, null, token); Log.Information($"Device ID {this.device.Id}"); Context.Current.DeleteList.TryAdd(this.device.Id, this.device); this.runtime = new EdgeRuntime( this.device.Id, Context.Current.EdgeAgentImage, Context.Current.EdgeHubImage, Context.Current.EdgeProxy, Context.Current.Registries, Context.Current.OptimizeForPerformance, this.IotHub); // This is a temporary solution see ticket: 9288683 if (!Context.Current.ISA95Tag) { TestCertificates testCerts; (testCerts, this.ca) = await TestCertificates.GenerateCertsAsync(this.device.Id, token); await this.ConfigureDaemonAsync( config => { testCerts.AddCertsToConfig(config); config.SetManualSasProvisioning(Context.Current.ParentHostname.GetOrElse(this.device.HubHostname), this.device.Id, this.device.SharedAccessKey); config.Update(); return(Task.FromResult(( "with connection string for device '{Identity}'", new object[] { this.device.Id }))); }, this.device, startTime, token); } } }
public void ShouldSign() { // Given var certificate = TestCertificates.GetCertificate(); var message = CreateMessage(); // When var detachedSignature = SignMessage(certificate, message); var isValudDetachedSignature = VerifyMessage(message, detachedSignature); // Then Assert.IsTrue(isValudDetachedSignature); }
public void ShouldSignXml() { // Given var keyContainer = TestCertificates.GetKeyContainer(); var signingKey = new Gost3410AsymmetricAlgorithm(keyContainer); var xmlDocument = CreateXmlDocument(); // When var signedXmlDocument = SignXmlDocument(xmlDocument, signingKey); // Then Assert.IsTrue(VerifyXmlDocumentSignature(signedXmlDocument)); }
public void ShouldEncryptAndDecrypt() { // Given var certificate = TestCertificates.GetCertificate(); var message = CreateMessage(); // When var encryptedMessage = EncryptMessage(certificate, message); var decryptedMessage = DecryptMessage(encryptedMessage); // Then Assert.IsTrue(message.SequenceEqual(decryptedMessage)); }
public void ShouldSign() { // Given var certificate = TestCertificates.GetCertificate(); var message = CreateMessage(); // When var signedMessage = SignMessage(certificate, message); var isValudSignedMessage = VerifyMessage(signedMessage); // Then Assert.IsTrue(isValudSignedMessage); }
internal virtual IConnectionProperties?CreateListenerProperties() { if (!UseSsl) { return(null); } var properties = new ConnectionProperties(); properties.Add(SslConnectionFactory.SslServerAuthenticationOptionsPropertyKey, new SslServerAuthenticationOptions { ServerCertificate = TestCertificates.GetSelfSigned13ServerCertificate() }); return(properties); }
public void ShouldEncryptXml() { // Given var certificate = TestCertificates.GetCertificate(); var xmlDocument = CreateXmlDocument(); var expectedXml = xmlDocument.OuterXml; // When var encryptedXmlDocument = EncryptXmlDocument(xmlDocument, certificate); var decryptedXmlDocument = DecryptXmlDocument(encryptedXmlDocument); var actualXml = decryptedXmlDocument.OuterXml; // Then Assert.AreEqual(expectedXml, actualXml); }
static IOAuthSession CreateConsumer(string signatureMethod) { var consumerContext = new OAuthConsumerContext { SignatureMethod = signatureMethod, ConsumerKey = "key", ConsumerSecret = "secret", Key = TestCertificates.OAuthTestCertificate().PrivateKey }; var session = new OAuthSession(consumerContext, "http://localhost/oauth/requesttoken.rails", "http://localhost/oauth/userauhtorize.rails", "http://localhost/oauth/accesstoken.rails"); return(session); }
protected IOAuthSession CreateSession() { string callBackUrl = "http://localhost:" + HttpContext.Current.Request.Url.Port + "/Callback.aspx"; var consumerContext = new OAuthConsumerContext { ConsumerKey = "key", ConsumerSecret = "secret", Key = TestCertificates.OAuthTestCertificate().PrivateKey }; return new OAuthSession(consumerContext, Settings.Default.RequestTokenUrl, Settings.Default.UserAuthorizationUrl, Settings.Default.AccessTokenUrl, callBackUrl).RequiresCallbackConfirmation(); }
public async Task DpsSymmetricKey() { string idScope = Context.Current.DpsIdScope.Expect(() => new InvalidOperationException("Missing DPS ID scope")); string groupKey = Context.Current.DpsGroupKey.Expect(() => new InvalidOperationException("Missing DPS enrollment group key")); string registrationId = DeviceId.Current.Generate(); string deviceKey = this.DeriveDeviceKey(Convert.FromBase64String(groupKey), registrationId); CancellationToken token = this.TestToken; (TestCertificates testCerts, _) = await TestCertificates.GenerateCertsAsync(registrationId, token); await this.daemon.ConfigureAsync( config => { testCerts.AddCertsToConfig(config); config.SetDpsSymmetricKey(idScope, registrationId, deviceKey); config.Update(); return(Task.FromResult(( "with DPS symmetric key attestation for '{Identity}'", new object[] { registrationId }))); }, token); await this.daemon.WaitForStatusAsync(EdgeDaemonStatus.Running, token); var agent = new EdgeAgent(registrationId, this.iotHub); await agent.WaitForStatusAsync(EdgeModuleStatus.Running, token); await agent.PingAsync(token); Option <EdgeDevice> device = await EdgeDevice.GetIdentityAsync( registrationId, Context.Current.ParentDeviceId, this.iotHub, token, takeOwnership : true); Context.Current.DeleteList.TryAdd( registrationId, device.Expect(() => new InvalidOperationException( $"Device '{registrationId}' should have been created by DPS, but was not found in '{this.iotHub.Hostname}'"))); }
public void ShouldSignDataStream() { // Given var certificate = TestCertificates.GetCertificate(); var privateKey = (Gost3410AsymmetricAlgorithmBase)certificate.GetPrivateKeyAlgorithm(); var publicKey = (Gost3410AsymmetricAlgorithmBase)certificate.GetPrivateKeyAlgorithm(); var dataStream = CreateDataStream(); // When dataStream.Seek(0, SeekOrigin.Begin); var signature = CreateSignature(privateKey, dataStream); dataStream.Seek(0, SeekOrigin.Begin); var isValidSignature = VerifySignature(publicKey, dataStream, signature); // Then Assert.IsTrue(isValidSignature); }
public void ShouldSign() { // Given var certificate = TestCertificates.GetCertificate(); Assert.IsNotNull(certificate); Assert.AreEqual(certificate.SignatureAlgorithm.Value, "1.2.643.2.2.3"); var message = CreateMessage(); // When var signedMessage = SignMessage(certificate, message); var bFile = Convert.ToBase64String(signedMessage); File.WriteAllBytes("test.txt", signedMessage); var isValudSignedMessage = VerifyMessage(signedMessage); // Then Assert.IsTrue(isValudSignedMessage); }
public async Task Connect_SelfSigned_Success() { var protocols = new List <SslApplicationProtocol> { new SslApplicationProtocol("test") }; var connectProperties = new ConnectionProperties(); connectProperties.Add(SslConnectionFactory.SslClientAuthenticationOptionsPropertyKey, new SslClientAuthenticationOptions { TargetHost = "localhost", ApplicationProtocols = protocols, RemoteCertificateValidationCallback = delegate { return(true); } }); var listenProperties = new ConnectionProperties(); listenProperties.Add(SslConnectionFactory.SslServerAuthenticationOptionsPropertyKey, new SslServerAuthenticationOptions { ApplicationProtocols = protocols, ServerCertificate = TestCertificates.GetSelfSigned13ServerCertificate() }); byte[] sendBuffer = Encoding.ASCII.GetBytes("Testing 123"); await using ConnectionFactory factory = new SslConnectionFactory(new MemoryConnectionFactory()); await using ConnectionListener listener = await factory.ListenAsync(options : listenProperties); await RunClientServer( async() => { await using Connection connection = await factory.ConnectAsync(listener.EndPoint !, connectProperties); await connection.Stream.WriteAsync(sendBuffer); }, async() => { await using Connection? connection = await listener.AcceptConnectionAsync(); Assert.NotNull(connection); Debug.Assert(connection != null); byte[] buffer = new byte[sendBuffer.Length + 1]; int readLen = await connection.Stream.ReadAsync(buffer); Assert.Equal(sendBuffer, buffer[..readLen]);
public void SetUp() { // Получатель извлекает информацию о закрытом ключе из контейнера ключей var keyContainer = TestCertificates.GetKeyContainer(); // Получатель формирует закрытый ключ для дешифрации XML var privateKey = new Gost3410AsymmetricAlgorithm(keyContainer); // Получатель экспортирует отправителю информацию о своем открытом ключе var publicKeyInfo = privateKey.ExportParameters(false); // Отправитель импортирует от получателя информацию о его открытом ключе var publicKey = new Gost3410AsymmetricAlgorithm(); // Отправитель формирует открытый ключ для шифрации XML publicKey.ImportParameters(publicKeyInfo); _privateKey = privateKey; _publicKey = publicKey; }
public void RsaSha1SignatureMethodFetchesCertificate() { var repository = new MockRepository(); var consumerStore = repository.DynamicMock <IConsumerStore>(); var signer = repository.StrictMock <IOAuthContextSigner>(); var context = new OAuthContext { ConsumerKey = "key", SignatureMethod = SignatureMethod.RsaSha1 }; using (repository.Record()) { Expect.Call(consumerStore.GetConsumerPublicKey(context)).Return( TestCertificates.OAuthTestCertificate().PublicKey.Key); Expect.Call(signer.ValidateSignature(null, null)).IgnoreArguments().Return(true); } using (repository.Playback()) { var inspector = new SignatureValidationInspector(consumerStore, signer); inspector.InspectContext(ProviderPhase.GrantRequestToken, context); } }
public async Task DpsX509() { (string, string, string)rootCa = Context.Current.RootCaKeys.Expect(() => new InvalidOperationException("Missing DPS ID scope (check rootCaPrivateKeyPath in context.json)")); string caCertScriptPath = Context.Current.CaCertScriptPath.Expect(() => new InvalidOperationException("Missing CA cert script path (check caCertScriptPath in context.json)")); string idScope = Context.Current.DpsIdScope.Expect(() => new InvalidOperationException("Missing DPS ID scope (check dpsIdScope in context.json)")); string registrationId = DeviceId.Current.Generate(); CancellationToken token = this.TestToken; CertificateAuthority ca = await CertificateAuthority.CreateAsync( registrationId, rootCa, caCertScriptPath, token); IdCertificates idCert = await ca.GenerateIdentityCertificatesAsync(registrationId, token); (TestCertificates testCerts, _) = await TestCertificates.GenerateCertsAsync(registrationId, token); // Generated credentials need to be copied out of the script path because future runs // of the script will overwrite them. string path = Path.Combine(FixedPaths.E2E_TEST_DIR, registrationId); string certPath = Path.Combine(path, "device_id_cert.pem"); string keyPath = Path.Combine(path, "device_id_cert_key.pem"); Directory.CreateDirectory(path); File.Copy(idCert.CertificatePath, certPath); OsPlatform.Current.SetOwner(certPath, "aziotcs", "644"); File.Copy(idCert.KeyPath, keyPath); OsPlatform.Current.SetOwner(keyPath, "aziotks", "600"); await this.daemon.ConfigureAsync( config => { testCerts.AddCertsToConfig(config); config.SetDpsX509(idScope, registrationId, certPath, keyPath); config.Update(); return(Task.FromResult(( "with DPS X509 attestation for '{Identity}'", new object[] { registrationId }))); }, token); await this.daemon.WaitForStatusAsync(EdgeDaemonStatus.Running, token); var agent = new EdgeAgent(registrationId, this.iotHub); await agent.WaitForStatusAsync(EdgeModuleStatus.Running, token); await agent.PingAsync(token); Option <EdgeDevice> device = await EdgeDevice.GetIdentityAsync( registrationId, this.iotHub, token, takeOwnership : true); Context.Current.DeleteList.TryAdd( registrationId, device.Expect(() => new InvalidOperationException( $"Device '{registrationId}' should have been created by DPS, but was not found in '{this.iotHub.Hostname}'"))); }
public AsymmetricAlgorithm GetConsumerPublicKey(IConsumer consumer) { return(TestCertificates.OAuthTestCertificate().PublicKey.Key); }
public X509Certificate2 GetConsumerCertificate(IConsumer consumer) { return TestCertificates.OAuthTestCertificate(); }
public System.Security.Cryptography.AsymmetricAlgorithm GetConsumerPublicKey(IConsumer consumer) { return(TestCertificates.OAuthTestCertificate().PublicKey.Key); }