} // for test public EncryptionManager(EncryptionLevel level, TrustStrategy strategy, TrustManager trustManager, IDriverLogger logger) { _encryptionLevel = level; if (_encryptionLevel == EncryptionLevel.Encrypted) { if (trustManager == null) { switch (strategy) { case V1.TrustStrategy.TrustAllCertificates: trustManager = TrustManager.CreateInsecure(false); break; case V1.TrustStrategy.TrustSystemCaSignedCertificates: trustManager = TrustManager.CreateChainTrust(true); break; default: throw new InvalidOperationException($"Unknown trust strategy: {strategy}"); } } trustManager.Logger = logger; TrustManager = trustManager; } }
public void WithTrustStrategyShouldModifyTheSingleValue() { var config = Config.Builder.WithTrustStrategy(TrustStrategy.TrustSystemCaSignedCertificates()).ToConfig(); config.EncryptionLevel.Should().Be(EncryptionLevel.EncryptedNonLocal); config.TrustStrategy.ServerTrustStrategy().Should().Be(TrustStrategy.Strategy.TrustSystemCaSignedCertificates); config.TrustStrategy.FileName().Should().BeNull(); config.Logger.Should().BeOfType <DebugLogger>(); config.MaxIdleSessionPoolSize.Should().Be(10); }
} // for test public EncryptionManager(EncryptionLevel level, TrustStrategy strategy, ILogger logger) { _encryptionLevel = level; if (_encryptionLevel == EncryptionLevel.Encrypted) { switch (strategy) { case V1.TrustStrategy.TrustAllCertificates: TrustStrategy = new TrustAllCertificates(logger); break; case V1.TrustStrategy.TrustSystemCaSignedCertificates: TrustStrategy = new TrustSystemCaSignedCertificates(logger); break; default: throw new InvalidOperationException($"Unknown trust strategy: {strategy}"); } } }
public EncryptionManager(EncryptionLevel level, TrustStrategy strategy, ILogger logger) { _encryptionLevel = level; if (_encryptionLevel != EncryptionLevel.None) { switch (strategy.ServerTrustStrategy()) { case V1.TrustStrategy.Strategy.TrustOnFirstUse: TrustStrategy = new TrustOnFirstUse(logger, strategy.FileName()); break; case V1.TrustStrategy.Strategy.TrustSystemCaSignedCertificates: TrustStrategy = new TrustSystemCaSignedCertificates(logger); break; default: throw new InvalidOperationException($"Unknown trust strategy: {strategy}"); } } }
public void TlsTrustOnFirstUse() { var knownHostsFileName = Path.GetTempPath() + Guid.NewGuid() + ".tmp"; //tag::tls-trust-on-first-use[] var driver = GraphDatabase.Driver("bolt://localhost", AuthTokens.Basic("neo4j", "neo4j"), Config.Builder.WithEncryptionLevel(EncryptionLevel.Encrypted).WithTrustStrategy(TrustStrategy.TrustOnFirstUse(knownHostsFileName)) .ToConfig()); //end::tls-trust-on-first-use[] using (var session = driver.Session()) { var result = session.Run("RETURN 1 as n"); result.Single()["n"].As <int>().Should().Be(1); } driver.Dispose(); File.Delete(knownHostsFileName); }
public void TlsSigned() { //tag::tls-signed[] var driver = GraphDatabase.Driver("bolt://localhost", AuthTokens.Basic("neo4j", "neo4j"), Config.Builder.WithEncryptionLevel(EncryptionLevel.Encrypted).WithTrustStrategy(TrustStrategy.TrustSystemCaSignedCertificates()).ToConfig()); //end::tls-signed[] driver.Dispose(); }
/// <exception cref="Sharpen.NoSuchAlgorithmException"></exception> /// <exception cref="Sharpen.KeyStoreException"></exception> public virtual Apache.Http.Conn.Ssl.SSLContextBuilder LoadTrustMaterial(KeyStore truststore, TrustStrategy trustStrategy) { TrustManagerFactory tmfactory = TrustManagerFactory.GetInstance(TrustManagerFactory .GetDefaultAlgorithm()); tmfactory.Init(truststore); TrustManager[] tms = tmfactory.GetTrustManagers(); if (tms != null) { if (trustStrategy != null) { for (int i = 0; i < tms.Length; i++) { TrustManager tm = tms[i]; if (tm is X509TrustManager) { tms[i] = new SSLContextBuilder.TrustManagerDelegate((X509TrustManager)tm, trustStrategy ); } } } for (int i_1 = 0; i_1 < tms.Length; i_1++) { this.trustmanagers.AddItem(tms[i_1]); } } return(this); }
internal TrustManagerDelegate(X509TrustManager trustManager, TrustStrategy trustStrategy ) : base() { this.trustManager = trustManager; this.trustStrategy = trustStrategy; }