mcs/class/System/Test/System.Security.Cryptography.X509Certificates/X509BasicConstraintsExtensionTest.cs

   1 //
   2 // X509BasicConstraintsExtensionTest.cs
   3 //      - NUnit tests for X509BasicConstraintsExtension
   4 //
   5 // Author:
   6 //      Sebastien Pouliot  <sebastien@ximian.com>
   7 //
   8 // Copyright (C) 2005 Novell, Inc (http://www.novell.com)
   9 //
  10 // Permission is hereby granted, free of charge, to any person obtaining
  11 // a copy of this software and associated documentation files (the
  12 // "Software"), to deal in the Software without restriction, including
  13 // without limitation the rights to use, copy, modify, merge, publish,
  14 // distribute, sublicense, and/or sell copies of the Software, and to
  15 // permit persons to whom the Software is furnished to do so, subject to
  16 // the following conditions:
  17 //
  18 // The above copyright notice and this permission notice shall be
  19 // included in all copies or substantial portions of the Software.
  20 //
  21 // THE SOFTWARE IS PROVIDED "AS IS", WITHOUT WARRANTY OF ANY KIND,
  22 // EXPRESS OR IMPLIED, INCLUDING BUT NOT LIMITED TO THE WARRANTIES OF
  23 // MERCHANTABILITY, FITNESS FOR A PARTICULAR PURPOSE AND
  24 // NONINFRINGEMENT. IN NO EVENT SHALL THE AUTHORS OR COPYRIGHT HOLDERS BE
  25 // LIABLE FOR ANY CLAIM, DAMAGES OR OTHER LIABILITY, WHETHER IN AN ACTION
  26 // OF CONTRACT, TORT OR OTHERWISE, ARISING FROM, OUT OF OR IN CONNECTION
  27 // WITH THE SOFTWARE OR THE USE OR OTHER DEALINGS IN THE SOFTWARE.
  28 //
  29
  30 #if NET_2_0
  31
  32 using NUnit.Framework;
  33
  34 using System;
  35 using System.Security.Cryptography;
  36 using System.Security.Cryptography.X509Certificates;
  37
  38 namespace MonoTests.System.Security.Cryptography.X509Certificates {
  39
  40         [TestFixture]
  41         public class X509BasicConstraintsExtensionTest {
  42
  43                 private const string oid = "2.5.29.19";
  44                 private const string fname = "Basic Constraints";
  45
  46                 [Test]
  47                 public void ConstructorEmpty ()
  48                 {
  49                         X509BasicConstraintsExtension bc = new X509BasicConstraintsExtension ();
  50                         Assert.IsFalse (bc.Critical, "Critical");
  51                         Assert.IsNull (bc.RawData, "RawData");
  52                         Assert.AreEqual (oid, bc.Oid.Value, "Oid.Value");
  53                         // FIXME: Don't expect that FriendlyName is English. This test fails under non-English Windows.
  54                         //Assert.AreEqual (fname, bc.Oid.FriendlyName, "Oid.FriendlyName");
  55                         Assert.AreEqual (String.Empty, bc.Format (true), "Format(true)");
  56                         Assert.AreEqual (String.Empty, bc.Format (false), "Format(false)");
  57                 }
  58
  59                 [Test]
  60                 public void ConstructorEmpty_CertificateAuthority ()
  61                 {
  62                         X509BasicConstraintsExtension bc = new X509BasicConstraintsExtension ();
  63                         Assert.AreEqual (false, bc.CertificateAuthority, "CertificateAuthority");
  64                 }
  65
  66                 [Test]
  67                 public void ConstructorEmpty_HasPathLengthConstraint ()
  68                 {
  69                         X509BasicConstraintsExtension bc = new X509BasicConstraintsExtension ();
  70                         Assert.AreEqual (false, bc.HasPathLengthConstraint, "HasPathLengthConstraint");
  71                 }
  72
  73                 [Test]
  74                 public void ConstructorEmpty_PathLengthConstraint ()
  75                 {
  76                         X509BasicConstraintsExtension bc = new X509BasicConstraintsExtension ();
  77                         Assert.AreEqual (0, bc.PathLengthConstraint, "PathLengthConstraint");
  78                 }
  79
  80                 [Test]
  81                 public void ConstructorAsnEncodedData ()
  82                 {
  83                         AsnEncodedData aed = new AsnEncodedData (new byte[] { 0x30, 0x06, 0x01, 0x01, 0xFF, 0x02, 0x01, 0x01 });
  84                         X509BasicConstraintsExtension bc = new X509BasicConstraintsExtension (aed, true);
  85                         Assert.IsTrue (bc.Critical, "Critical");
  86                         Assert.AreEqual (8, bc.RawData.Length, "RawData");      // original Oid ignored
  87                         Assert.AreEqual (oid, bc.Oid.Value, "Oid.Value");
  88                         // FIXME: Don't expect that FriendlyName is English. This test fails under non-English Windows.
  89                         //Assert.AreEqual (fname, bc.Oid.FriendlyName, "Oid.FriendlyName");
  90                         Assert.IsTrue (bc.CertificateAuthority, "CertificateAuthority");
  91                         Assert.IsTrue (bc.HasPathLengthConstraint, "HasPathLengthConstraint");
  92                         Assert.AreEqual (1, bc.PathLengthConstraint, "PathLengthConstraint");
  93                         Assert.AreEqual ("Subject Type=CA" + Environment.NewLine + "Path Length Constraint=1" + Environment.NewLine, bc.Format (true), "Format(true)");
  94                         Assert.AreEqual ("Subject Type=CA, Path Length Constraint=1", bc.Format (false), "Format(false)");
  95                 }
  96
  97                 [Test]
  98                 [ExpectedException (typeof (CryptographicException))]
  99                 public void ConstructorAsnEncodedData_BadAsn ()
 100                 {
 101                         AsnEncodedData aed = new AsnEncodedData ("1.2.3", new byte[0]);
 102                         X509BasicConstraintsExtension bc = new X509BasicConstraintsExtension (aed, true);
 103                         Assert.AreEqual (String.Empty, bc.Format (true), "Format(true)");
 104                         Assert.AreEqual (String.Empty, bc.Format (false), "Format(false)");
 105                         bool b = bc.CertificateAuthority;
 106                 }
 107
 108                 [Test]
 109                 [ExpectedException (typeof (CryptographicException))]
 110                 public void ConstructorAsnEncodedData_BadAsnTag ()
 111                 {
 112                         AsnEncodedData aed = new AsnEncodedData ("1.2.3", new byte[] { 0x05, 0x00 });
 113                         X509BasicConstraintsExtension bc = new X509BasicConstraintsExtension (aed, true);
 114                         Assert.AreEqual ("0500", bc.Format (true), "Format(true)");
 115                         Assert.AreEqual ("0500", bc.Format (false), "Format(false)");
 116                         bool b = bc.CertificateAuthority;
 117                 }
 118
 119                 [Test]
 120                 [ExpectedException (typeof (CryptographicException))]
 121                 public void ConstructorAsnEncodedData_BadAsnLength ()
 122                 {
 123                         AsnEncodedData aed = new AsnEncodedData ("1.2.3", new byte[] { 0x30, 0x01 });
 124                         X509BasicConstraintsExtension bc = new X509BasicConstraintsExtension (aed, true);
 125                         Assert.AreEqual ("3001", bc.Format (true), "Format(true)");
 126                         Assert.AreEqual ("3001", bc.Format (false), "Format(false)");
 127                         bool b = bc.CertificateAuthority;
 128                 }
 129
 130                 [Test]
 131                 public void ConstructorAsnEncodedData_SmallestValid ()
 132                 {
 133                         AsnEncodedData aed = new AsnEncodedData ("1.2.3", new byte[] { 0x30, 0x00 });
 134                         X509BasicConstraintsExtension bc = new X509BasicConstraintsExtension (aed, true);
 135                         Assert.IsFalse (bc.CertificateAuthority, "CertificateAuthority");
 136                         Assert.IsFalse (bc.HasPathLengthConstraint, "HasPathLengthConstraint");
 137                         Assert.AreEqual (0, bc.PathLengthConstraint, "PathLengthConstraint");
 138                         Assert.AreEqual ("30-00", BitConverter.ToString (bc.RawData), "RawData");
 139                         Assert.AreEqual ("Subject Type=End Entity" + Environment.NewLine + "Path Length Constraint=None" + Environment.NewLine, bc.Format (true), "Format(true)");
 140                         Assert.AreEqual ("Subject Type=End Entity, Path Length Constraint=None", bc.Format (false), "Format(false)");
 141                 }
 142
 143                 [Test]
 144                 [ExpectedException (typeof (NullReferenceException))]
 145                 public void ConstructorAsnEncodedData_Null ()
 146                 {
 147                         X509BasicConstraintsExtension bc = new X509BasicConstraintsExtension (null, true);
 148                 }
 149
 150                 [Test]
 151                 public void Constructor_TrueTrueZero ()
 152                 {
 153                         X509BasicConstraintsExtension bc = new X509BasicConstraintsExtension (true, true, 0, true);
 154                         Assert.IsTrue (bc.CertificateAuthority, "CertificateAuthority");
 155                         Assert.IsTrue (bc.HasPathLengthConstraint, "HasPathLengthConstraint");
 156                         Assert.AreEqual (0, bc.PathLengthConstraint, "PathLengthConstraint");
 157                         Assert.AreEqual ("30-06-01-01-FF-02-01-00", BitConverter.ToString (bc.RawData), "RawData");
 158                         Assert.AreEqual ("Subject Type=CA" + Environment.NewLine + "Path Length Constraint=0" + Environment.NewLine, bc.Format (true), "Format(true)");
 159                         Assert.AreEqual ("Subject Type=CA, Path Length Constraint=0", bc.Format (false), "Format(false)");
 160                 }
 161
 162                 [Test]
 163                 public void Constructor_TrueTrueMaxInt ()
 164                 {
 165                         X509BasicConstraintsExtension bc = new X509BasicConstraintsExtension (true, true, Int32.MaxValue, true);
 166                         Assert.IsTrue (bc.CertificateAuthority, "CertificateAuthority");
 167                         Assert.IsTrue (bc.HasPathLengthConstraint, "HasPathLengthConstraint");
 168                         Assert.AreEqual (Int32.MaxValue, bc.PathLengthConstraint, "PathLengthConstraint");
 169                         Assert.AreEqual ("30-09-01-01-FF-02-04-7F-FF-FF-FF", BitConverter.ToString (bc.RawData), "RawData");
 170                         Assert.AreEqual ("Subject Type=CA" + Environment.NewLine + "Path Length Constraint=2147483647" + Environment.NewLine, bc.Format (true), "Format(true)");
 171                         Assert.AreEqual ("Subject Type=CA, Path Length Constraint=2147483647", bc.Format (false), "Format(false)");
 172                 }
 173
 174                 [Test]
 175                 public void Constructor_TrueFalseNegative ()
 176                 {
 177                         X509BasicConstraintsExtension bc = new X509BasicConstraintsExtension (true, false, -1, true);
 178                         Assert.IsTrue (bc.CertificateAuthority, "CertificateAuthority");
 179                         Assert.IsFalse (bc.HasPathLengthConstraint, "HasPathLengthConstraint");
 180                         Assert.AreEqual (0, bc.PathLengthConstraint, "PathLengthConstraint");
 181                         Assert.AreEqual ("30-03-01-01-FF", BitConverter.ToString (bc.RawData), "RawData");
 182                         Assert.AreEqual ("Subject Type=CA" + Environment.NewLine + "Path Length Constraint=None" + Environment.NewLine, bc.Format (true), "Format(true)");
 183                         Assert.AreEqual ("Subject Type=CA, Path Length Constraint=None", bc.Format (false), "Format(false)");
 184                 }
 185
 186                 [Test]
 187                 public void Constructor_FalseTruePositive ()
 188                 {
 189                         X509BasicConstraintsExtension bc = new X509BasicConstraintsExtension (false, true, 1, true);
 190                         Assert.IsFalse (bc.CertificateAuthority, "CertificateAuthority");
 191                         Assert.IsTrue (bc.HasPathLengthConstraint, "HasPathLengthConstraint");
 192                         Assert.AreEqual (1, bc.PathLengthConstraint, "PathLengthConstraint");
 193                         Assert.AreEqual ("30-03-02-01-01", BitConverter.ToString (bc.RawData), "RawData");
 194                         Assert.AreEqual ("Subject Type=End Entity" + Environment.NewLine + "Path Length Constraint=1" + Environment.NewLine, bc.Format (true), "Format(true)");
 195                         Assert.AreEqual ("Subject Type=End Entity, Path Length Constraint=1", bc.Format (false), "Format(false)");
 196                 }
 197
 198                 [Test]
 199                 [ExpectedException (typeof (ArgumentOutOfRangeException))]
 200                 public void Constructor_FalseTrueNegative ()
 201                 {
 202                         X509BasicConstraintsExtension bc = new X509BasicConstraintsExtension (false, true, -1, true);
 203                 }
 204
 205                 [Test]
 206                 public void Constructor_FalseFalseNegative ()
 207                 {
 208                         X509BasicConstraintsExtension bc = new X509BasicConstraintsExtension (false, false, -1, true);
 209                         Assert.IsFalse (bc.CertificateAuthority, "CertificateAuthority");
 210                         Assert.IsFalse (bc.HasPathLengthConstraint, "HasPathLengthConstraint");
 211                         Assert.AreEqual (0, bc.PathLengthConstraint, "PathLengthConstraint");
 212                         Assert.AreEqual ("30-00", BitConverter.ToString (bc.RawData), "RawData");
 213                         Assert.AreEqual ("Subject Type=End Entity" + Environment.NewLine + "Path Length Constraint=None" + Environment.NewLine, bc.Format (true), "Format(true)");
 214                         Assert.AreEqual ("Subject Type=End Entity, Path Length Constraint=None", bc.Format (false), "Format(false)");
 215                 }
 216
 217                 [Test]
 218                 [ExpectedException (typeof (ArgumentNullException))]
 219                 public void WrongExtension_X509KeyUsageExtension ()
 220                 {
 221                         X509KeyUsageExtension ku = new X509KeyUsageExtension ();
 222                         X509BasicConstraintsExtension bc = new X509BasicConstraintsExtension ();
 223                         bc.CopyFrom (ku);
 224                 }
 225
 226                 [Test]
 227                 public void WrongExtension_X509Extension ()
 228                 {
 229                         X509Extension ex = new X509Extension ("1.2.3", new byte[0], true);
 230                         X509BasicConstraintsExtension bc = new X509BasicConstraintsExtension (false, true, 1, false);
 231                         Assert.IsFalse (bc.Critical, "Critical");
 232                         bc.CopyFrom (ex);
 233                         Assert.IsTrue (bc.Critical, "Critical");
 234                         Assert.AreEqual (String.Empty, BitConverter.ToString (bc.RawData), "RawData");
 235                         Assert.AreEqual ("1.2.3", bc.Oid.Value, "Oid.Value");
 236                         Assert.IsNull (bc.Oid.FriendlyName, "Oid.FriendlyName");
 237                 }
 238
 239                 [Test]
 240                 [ExpectedException (typeof (CryptographicException))]
 241                 public void WrongExtension_X509Extension_CertificateAuthority ()
 242                 {
 243                         X509Extension ex = new X509Extension ("1.2.3", new byte[0], true);
 244                         X509BasicConstraintsExtension bc = new X509BasicConstraintsExtension ();
 245                         bc.CopyFrom (ex);
 246                         bool b = bc.CertificateAuthority;
 247                 }
 248
 249                 [Test]
 250                 [ExpectedException (typeof (ArgumentException))]
 251                 public void WrongAsnEncodedData ()
 252                 {
 253                         AsnEncodedData aed = new AsnEncodedData (new byte[0]);
 254                         X509BasicConstraintsExtension bc = new X509BasicConstraintsExtension (false, true, 1, false);
 255                         bc.CopyFrom (aed); // note: not the same behaviour than using the constructor!
 256                 }
 257
 258                 [Test]
 259                 [ExpectedException (typeof (ArgumentNullException))]
 260                 public void CopyFrom_Null ()
 261                 {
 262                         X509BasicConstraintsExtension bc = new X509BasicConstraintsExtension ();
 263                         bc.CopyFrom (null);
 264                 }
 265
 266                 [Test]
 267                 public void CopyFrom_Self ()
 268                 {
 269                         X509BasicConstraintsExtension bc = new X509BasicConstraintsExtension (false, false, -1, true);
 270                         Assert.IsTrue (bc.Critical, "Critical");
 271                         byte[] raw = bc.RawData;
 272                         Assert.AreEqual ("30-00", BitConverter.ToString (raw), "RawData");
 273
 274                         AsnEncodedData aed = new AsnEncodedData (raw);
 275                         X509BasicConstraintsExtension copy = new X509BasicConstraintsExtension (aed, false);
 276                         Assert.IsFalse (copy.Critical, "Critical");
 277                         Assert.AreEqual (2, copy.RawData.Length, "RawData");    // original Oid ignored
 278                         Assert.AreEqual (oid, copy.Oid.Value, "Oid.Value");
 279                         // FIXME: Don't expect that FriendlyName is English. This test fails under non-English Windows.
 280                         //Assert.AreEqual (fname, copy.Oid.FriendlyName, "Oid.FriendlyName");
 281                         Assert.IsFalse (copy.CertificateAuthority, "CertificateAuthority");
 282                         Assert.IsFalse (copy.HasPathLengthConstraint, "HasPathLengthConstraint");
 283                         Assert.AreEqual (0, copy.PathLengthConstraint, "PathLengthConstraint");
 284                 }
 285
 286                 [Test]
 287                 public void CreateViaCryptoConfig ()
 288                 {
 289                         // extensions can be created with CryptoConfig
 290                         AsnEncodedData aed = new AsnEncodedData (new byte[] { 0x30, 0x00 });
 291                         X509BasicConstraintsExtension bc = (X509BasicConstraintsExtension) CryptoConfig.CreateFromName (oid, new object[2] { aed, false });
 292                         Assert.IsFalse (bc.CertificateAuthority, "CertificateAuthority");
 293                         Assert.IsFalse (bc.HasPathLengthConstraint, "HasPathLengthConstraint");
 294                         Assert.AreEqual (0, bc.PathLengthConstraint, "PathLengthConstraint");
 295                         Assert.AreEqual ("30-00", BitConverter.ToString (bc.RawData), "RawData");
 296                 }
 297         }
 298 }
 299
 300 #endif