public EvaluationResult <Tag> Parse(string value)
{
string[] tokens = value?.Split(Separator, StringSplitOptions.RemoveEmptyEntries)
.Select(_ => _.Trim()).ToArray();
if (tokens == null || !tokens.Any())
{
Guid Error1Id = Guid.Parse("F59F5073-FDD3-4400-A5A9-62DCDC6B0C3B");
EvaluationError error = new EvaluationError(Error1Id, EvaluationErrorType.Error,
string.Format(DKimEvaluatorParsersResources.InvalidFlagValueErrorMessage, value ?? "null"),
string.Format(DKimEvaluatorParsersMarkdownResources.InvalidFlagValueErrorMessage, value ?? "null"));
return(new EvaluationResult <Tag>(new Flags(value, new List <FlagTypeValue>()), error));
}
List <FlagTypeValue> flagTypeValues = tokens.Select(GetFlagTypeValue).ToList();
Guid Error2Id = Guid.Parse("550293DB-D88F-40BA-9EF9-6CF28968610D");
List <EvaluationError> errors = flagTypeValues.Where(_ => _.Type == FlagType.Unknown)
.Select(_ => new EvaluationError(Error2Id, EvaluationErrorType.Error,
string.Format(DKimEvaluatorParsersResources.InvalidFalgTypeErrorMessage, _.Value ?? "null"),
string.Format(DKimEvaluatorParsersMarkdownResources.InvalidFalgTypeErrorMessage, _.Value ?? "null")))
.ToList();
return(new EvaluationResult <Tag>(new Flags(value, flagTypeValues), errors));
}
public EvaluationResult <Tag> Parse(string value)
{
string[] tokens = value?.Split(Separator, StringSplitOptions.RemoveEmptyEntries)
.Select(_ => _.Trim()).ToArray();
if (tokens == null || !tokens.Any())
{
Guid Error1Id = Guid.Parse("2028085F-0112-48CD-8E84-5E9E81B18D04");
EvaluationError error = new EvaluationError(Error1Id, EvaluationErrorType.Error,
string.Format(DKimEvaluatorParsersResources.InvalidHashAlgorithmErrorMessage, value ?? "null"),
string.Format(DKimEvaluatorParsersMarkdownResources.InvalidHashAlgorithmErrorMessage, value ?? "null"));
return(new EvaluationResult <Tag>(new HashAlgorithm(value, new List <HashAlgorithmValue>()), error));
}
List <HashAlgorithmValue> hashAlgorithmValues = tokens.Select(GetHashAlgorithmValue).ToList();
Guid Error2Id = Guid.Parse("8BC9C8EF-174D-415C-B6D1-2BA5C57C63A9");
List <EvaluationError> errors = hashAlgorithmValues.Where(_ => _.Type == HashAlgorithmType.Unknown)
.Select(_ => new EvaluationError(Error2Id, EvaluationErrorType.Error, string.Format(DKimEvaluatorParsersResources.UnknownHashAlgorithmErrorMessage, _.Value ?? "null"),
string.Format(DKimEvaluatorParsersMarkdownResources.UnknownHashAlgorithmErrorMessage, _.Value ?? "null"))).ToList();
return(new EvaluationResult <Tag>(new HashAlgorithm(value, hashAlgorithmValues), errors));
}
private async Task WriteError(HttpContext currentContext, string featureName)
{
await WriteAsync(
currentContext,
JsonSerializer.Serialize(EvaluationError.Default(featureName), options: _serializerOptions),
DEFAULT_MIME_TYPE,
StatusCodes.Status500InternalServerError);
}
public EvaluationResult <Tag> Parse(string value)
{
Version version = new Version(value);
if (!_regex.IsMatch(value ?? string.Empty))
{
EvaluationError error = new EvaluationError(Id, EvaluationErrorType.Error,
string.Format(DKimEvaluatorParsersResources.InvalidVersionErrorMessage, value ?? "null"),
string.Format(DKimEvaluatorParsersMarkdownResources.InvalidVersionErrorMessage, value ?? "null"));
return(new EvaluationResult <Tag>(version, error));
}
return(new EvaluationResult <Tag>(version));
}
public async Task MixedRuleFailuresErrorsAsExpected()
{
HostCertificates hostCertificates = A.Fake <HostCertificates>();
var evaluationError1 = new EvaluationError(EvaluationErrorType.Error, "Rule 1 Failed");
A.CallTo(() => _rule1.Evaluate(hostCertificates)).Returns(new List <EvaluationError> {
evaluationError1
});
A.CallTo(() => _rule2.Evaluate(hostCertificates)).Returns(new List <EvaluationError>());
EvaluationResult <HostCertificates> evaluationResult = await _evaluator.Evaluate(hostCertificates);
Assert.That(evaluationResult.Errors.Count, Is.EqualTo(1));
Assert.That(evaluationResult.Errors[0], Is.EqualTo(evaluationError1));
}
public async Task <List <EvaluationError> > Evaluate(HostCertificates hostCertificates)
{
_log.LogInformation("Running rule {RuleNumber}:{Rule} for host {Host}", SequenceNo, nameof(NonRootCertificatesShouldNotAppearOnRevocationLists), hostCertificates.Host);
for (int i = hostCertificates.Certificates.Count - 1; i > 0; i--)
{
RevocationResult ocspResult = await _ocspValidator.CheckOcspRevocation(hostCertificates.Host, hostCertificates.Certificates[i - 1], hostCertificates.Certificates[i]);
if (ocspResult.Revoked.HasValue)
{
EvaluationError error = GetErrorFromRevocationResult(ocspResult, hostCertificates.Certificates[i - 1]);
if (error != null)
{
return(new List <EvaluationError> {
error
});
}
}
else
{
RevocationResult crlResult = await _crlValidator.CheckCrlRevocation(hostCertificates.Host, hostCertificates.Certificates[i - 1]);
if (crlResult.Revoked.HasValue)
{
EvaluationError error = GetErrorFromRevocationResult(crlResult, hostCertificates.Certificates[i - 1]);
if (error != null)
{
return(new List <EvaluationError> {
error
});
}
}
else
{
string errorMessage = $"OCSP Error: {ocspResult.ErrorMessage}{Environment.NewLine}CRL Error: {crlResult.ErrorMessage}";
return(new List <EvaluationError> {
new EvaluationError(EvaluationErrorType.Inconclusive,
string.Format(CertificateEvaluatorErrors.NonRootCertificatesShouldNotAppearOnRevocationListsError,
hostCertificates.Certificates[i - 1].CommonName, Environment.NewLine, errorMessage))
});
}
}
}
return(new List <EvaluationError>());
}
public EvaluationResult <Tag> Parse(string value)
{
KeyType keyType = GetPublicKeyType(value);
PublicKeyType publicKeyType = new PublicKeyType(value, keyType);
if (keyType == KeyType.Unknown)
{
EvaluationError error = new EvaluationError(Id, EvaluationErrorType.Error,
string.Format(DKimEvaluatorParsersResources.InvalidPublicTypeErrorMessage, value ?? "null"),
string.Format(DKimEvaluatorParsersMarkdownResources.InvalidPublicTypeErrorMessage, value ?? "null"));
return(new EvaluationResult <Tag>(publicKeyType, error));
}
return(new EvaluationResult <Tag>(publicKeyType));
}
public EvaluationResult <Tag> Parse(string value)
{
ServiceTypeType serviceTypeType = GetServiceTypeType(value);
ServiceType serviceType = new ServiceType(value, serviceTypeType);
if (serviceTypeType == ServiceTypeType.Unknown)
{
EvaluationError error = new EvaluationError(Id, EvaluationErrorType.Error,
string.Format(DKimEvaluatorParsersResources.InvalidServiceTypeErrorMessage, value ?? "null"),
string.Format(DKimEvaluatorParsersMarkdownResources.InvalidServiceTypeErrorMessage, value ?? "null"));
return(new EvaluationResult <Tag>(serviceType, error));
}
return(new EvaluationResult <Tag>(serviceType));
}
public EvaluationResult <Tag> Parse(string value)
{
//first remove all legal folding white space
string trimmedValues = _fwsRegex.Replace(value ?? string.Empty, string.Empty);
//then check if the result if a valid base 64 string
PublicKeyData publicKeyData = new PublicKeyData(value);
if (!_base64Regex.IsMatch(trimmedValues))
{
EvaluationError error = new EvaluationError(Id, EvaluationErrorType.Error,
string.Format(DKimEvaluatorParsersResources.InvalidPublicKeyErrorMessage, value ?? "null"),
string.Format(DKimEvaluatorParsersMarkdownResources.InvalidPublicKeyErrorMessage, value ?? "null"));
return(new EvaluationResult <Tag>(publicKeyData, error));
}
return(new EvaluationResult <Tag>(publicKeyData));
}
public async Task AllRulesFailErrors()
{
HostCertificates hostCertificates = A.Fake <HostCertificates>();
var evaluationError1 = new EvaluationError(EvaluationErrorType.Error, "Rule 1 Failed");
var evaluationError2 = new EvaluationError(EvaluationErrorType.Warning, "Rule 2 Failed");
A.CallTo(() => _rule1.Evaluate(hostCertificates)).Returns(new List <EvaluationError> {
evaluationError1
});
A.CallTo(() => _rule2.Evaluate(hostCertificates)).Returns(new List <EvaluationError> {
evaluationError2
});
EvaluationResult <HostCertificates> evaluationResult = await _evaluator.Evaluate(hostCertificates);
Assert.That(evaluationResult.Errors.Count, Is.EqualTo(2));
Assert.That(evaluationResult.Errors[0], Is.EqualTo(evaluationError1));
Assert.That(evaluationResult.Errors[1], Is.EqualTo(evaluationError2));
}
public async Task StopRuleFailureHaltProcessing()
{
HostCertificates hostCertificates = A.Fake <HostCertificates>();
var evaluationError1 = new EvaluationError(EvaluationErrorType.Error, "Rule 1 Failed");
var evaluationError2 = new EvaluationError(EvaluationErrorType.Warning, "Rule 2 Failed");
A.CallTo(() => _rule1.Evaluate(hostCertificates)).Returns(new List <EvaluationError> {
evaluationError1
});
A.CallTo(() => _rule1.IsStopRule).Returns(true);
A.CallTo(() => _rule2.Evaluate(hostCertificates)).Returns(new List <EvaluationError> {
evaluationError2
});
EvaluationResult <HostCertificates> evaluationResult = await _evaluator.Evaluate(hostCertificates);
Assert.That(evaluationResult.Errors.Count, Is.EqualTo(1));
Assert.That(evaluationResult.Errors[0], Is.EqualTo(evaluationError1));
}
private static Message MapToMessage(EvaluationError message)
{
return(new Message(message.Id, ToMessageType(message.ErrorType), message.Message, message.MarkDown));
}
private static DkimEvaluatorMessage MapToEvaluatorMessage(EvaluationError message)
{
return(new DkimEvaluatorMessage(message.Id, message.ErrorType, message.Message, message.MarkDown));
}
protected bool Equals(EvaluationError other)
{
return(ErrorType == other.ErrorType && string.Equals(Message, other.Message));
}
