2 // PkitsTest.cs - NUnit tests for
3 // NIST Public Key Interoperability Test Suite (PKITS)
4 // Certificate Path Validation, Version 1.0, September 2, 2004
7 // Sebastien Pouliot <sebastien@ximian.com>
9 // Copyright (C) 2006 Novell, Inc (http://www.novell.com)
11 // Permission is hereby granted, free of charge, to any person obtaining
12 // a copy of this software and associated documentation files (the
13 // "Software"), to deal in the Software without restriction, including
14 // without limitation the rights to use, copy, modify, merge, publish,
15 // distribute, sublicense, and/or sell copies of the Software, and to
16 // permit persons to whom the Software is furnished to do so, subject to
17 // the following conditions:
19 // The above copyright notice and this permission notice shall be
20 // included in all copies or substantial portions of the Software.
22 // THE SOFTWARE IS PROVIDED "AS IS", WITHOUT WARRANTY OF ANY KIND,
23 // EXPRESS OR IMPLIED, INCLUDING BUT NOT LIMITED TO THE WARRANTIES OF
24 // MERCHANTABILITY, FITNESS FOR A PARTICULAR PURPOSE AND
25 // NONINFRINGEMENT. IN NO EVENT SHALL THE AUTHORS OR COPYRIGHT HOLDERS BE
26 // LIABLE FOR ANY CLAIM, DAMAGES OR OTHER LIABILITY, WHETHER IN AN ACTION
27 // OF CONTRACT, TORT OR OTHERWISE, ARISING FROM, OUT OF OR IN CONNECTION
28 // WITH THE SOFTWARE OR THE USE OR OTHER DEALINGS IN THE SOFTWARE.
32 using NUnit.Framework;
35 using System.Collections;
37 using System.Security.Cryptography;
38 using System.Security.Cryptography.X509Certificates;
41 namespace MonoTests.System.Security.Cryptography.X509Certificates {
45 * http://csrs.nist.gov/pki/testing/x509paths.html
47 * Documentation is available at
48 * http://csrc.nist.gov/pki/testing/PKITS.pdf
50 * Test data is available at
51 * http://csrc.nist.gov/pki/testing/PKITS_data.zip
53 * License information are available at
54 * http://cio.nist.gov/esd/emaildir/lists/pkits/msg00048.html
58 public class PkitsTest {
60 private string base_dir;
61 private Hashtable cache;
64 public void FixtureSetUp ()
66 base_dir = String.Format ("{0}{1}Test{1}System.Security.Cryptography.X509Certificates{1}pkits{1}certs",
67 Directory.GetCurrentDirectory (), Path.DirectorySeparatorChar);
68 if (!Directory.Exists (base_dir))
69 Assert.Ignore ("PKITS tests data not found under '{0}'.", new object[] { base_dir });
71 cache = new Hashtable ();
72 // prepare the environment
76 public void FixtureTearDown ()
79 // clean-up, as best as possible, the stores
82 public X509Certificate2 GetCertificate (string filename)
84 X509Certificate2 result = (cache[filename] as X509Certificate2);
86 string full_path = Path.Combine (base_dir, filename);
87 result = new X509Certificate2 (full_path);
88 cache[filename] = result;
93 public X509Certificate2 TrustAnchorRoot {
94 get { return GetCertificate ("TrustAnchorRootCertificate.crt"); }
97 public X509Certificate2 GoodCACert {
98 get { return GetCertificate ("GoodCACert.crt"); }
101 // this method avoid having a dependance on the order of status
102 public void CheckChainStatus (X509ChainStatusFlags expected, X509ChainStatus[] status, string msg)
104 if ((expected == X509ChainStatusFlags.NoError) && (status.Length == 0))
107 X509ChainStatusFlags actual = X509ChainStatusFlags.NoError;
108 foreach (X509ChainStatus s in status) {
111 Assert.AreEqual (expected, actual, msg);