2 // X509KeyUsageExtensionTest.cs - NUnit tests for X509KeyUsageExtension
5 // Sebastien Pouliot <sebastien@ximian.com>
7 // Copyright (C) 2005, 2006 Novell, Inc (http://www.novell.com)
9 // Permission is hereby granted, free of charge, to any person obtaining
10 // a copy of this software and associated documentation files (the
11 // "Software"), to deal in the Software without restriction, including
12 // without limitation the rights to use, copy, modify, merge, publish,
13 // distribute, sublicense, and/or sell copies of the Software, and to
14 // permit persons to whom the Software is furnished to do so, subject to
15 // the following conditions:
17 // The above copyright notice and this permission notice shall be
18 // included in all copies or substantial portions of the Software.
20 // THE SOFTWARE IS PROVIDED "AS IS", WITHOUT WARRANTY OF ANY KIND,
21 // EXPRESS OR IMPLIED, INCLUDING BUT NOT LIMITED TO THE WARRANTIES OF
22 // MERCHANTABILITY, FITNESS FOR A PARTICULAR PURPOSE AND
23 // NONINFRINGEMENT. IN NO EVENT SHALL THE AUTHORS OR COPYRIGHT HOLDERS BE
24 // LIABLE FOR ANY CLAIM, DAMAGES OR OTHER LIABILITY, WHETHER IN AN ACTION
25 // OF CONTRACT, TORT OR OTHERWISE, ARISING FROM, OUT OF OR IN CONNECTION
26 // WITH THE SOFTWARE OR THE USE OR OTHER DEALINGS IN THE SOFTWARE.
30 using NUnit.Framework;
33 using System.Security.Cryptography;
34 using System.Security.Cryptography.X509Certificates;
36 namespace MonoTests.System.Security.Cryptography.X509Certificates {
39 public class X509KeyUsageExtensionTest {
41 private const string oid = "2.5.29.15";
42 private const string fname = "Key Usage";
45 public void ConstructorEmpty ()
47 X509KeyUsageExtension ku = new X509KeyUsageExtension ();
48 Assert.IsFalse (ku.Critical , "Critical");
49 Assert.IsNull (ku.RawData, "RawData");
50 Assert.AreEqual (oid, ku.Oid.Value, "Oid.Value");
51 // FIXME: Don't expect that FriendlyName is English. This test fails under non-English Windows.
52 //Assert.AreEqual (fname, ku.Oid.FriendlyName, "Oid.FriendlyName");
53 Assert.AreEqual (String.Empty, ku.Format (true), "Format(true)");
54 Assert.AreEqual (String.Empty, ku.Format (false), "Format(false)");
55 Assert.AreEqual (0, (int)ku.KeyUsages, "KeyUsages");
59 public void ConstructorAsnEncodedData ()
61 AsnEncodedData aed = new AsnEncodedData ("1.2.3", new byte[] { 0x03, 0x01, 0x00 });
62 X509KeyUsageExtension ku = new X509KeyUsageExtension (aed, true);
63 Assert.IsTrue (ku.Critical, "Critical");
64 Assert.AreEqual (3, ku.RawData.Length, "RawData"); // original Oid ignored
65 Assert.AreEqual (oid, ku.Oid.Value, "Oid.Value");
66 // FIXME: Don't expect that FriendlyName is English. This test fails under non-English Windows.
67 //Assert.AreEqual (fname, ku.Oid.FriendlyName, "Oid.FriendlyName");
68 //Assert.AreEqual ("Information Not Available", ku.Format (true), "Format(true)");
69 //Assert.AreEqual ("Information Not Available", ku.Format (false), "Format(false)");
70 Assert.AreEqual (0, (int)ku.KeyUsages, "KeyUsages");
74 [ExpectedException (typeof (CryptographicException))]
75 public void ConstructorAsnEncodedData_BadAsn ()
77 AsnEncodedData aed = new AsnEncodedData ("1.2.3", new byte[0]);
78 X509KeyUsageExtension ku = new X509KeyUsageExtension (aed, true);
79 Assert.AreEqual (String.Empty, ku.Format (true), "Format(true)");
80 Assert.AreEqual (String.Empty, ku.Format (false), "Format(false)");
81 X509KeyUsageFlags kuf = ku.KeyUsages;
85 [ExpectedException (typeof (CryptographicException))]
86 public void ConstructorAsnEncodedData_BadAsnTag ()
88 AsnEncodedData aed = new AsnEncodedData ("1.2.3", new byte[] { 0x05, 0x00 });
89 X509KeyUsageExtension ku = new X509KeyUsageExtension (aed, true);
90 Assert.AreEqual ("0500", ku.Format (true), "Format(true)");
91 Assert.AreEqual ("0500", ku.Format (false), "Format(false)");
92 X509KeyUsageFlags kuf = ku.KeyUsages;
96 [ExpectedException (typeof (CryptographicException))]
97 public void ConstructorAsnEncodedData_BadAsnLength ()
99 AsnEncodedData aed = new AsnEncodedData ("1.2.3", new byte[] { 0x03, 0x01 });
100 X509KeyUsageExtension ku = new X509KeyUsageExtension (aed, true);
101 Assert.AreEqual ("0301", ku.Format (true), "Format(true)");
102 Assert.AreEqual ("0301", ku.Format (false), "Format(false)");
103 X509KeyUsageFlags kuf = ku.KeyUsages;
107 [ExpectedException (typeof (NullReferenceException))]
108 public void ConstructorAsnEncodedData_Null ()
110 X509KeyUsageExtension ku = new X509KeyUsageExtension (null, true);
114 // [ExpectedException (typeof (...))]
115 public void ConstructorKeyUsage_Invalid ()
117 X509KeyUsageFlags kuf = (X509KeyUsageFlags)Int32.MinValue;
118 X509KeyUsageExtension ku = new X509KeyUsageExtension (kuf, false);
119 Assert.AreEqual (0, (int)ku.KeyUsages, "KeyUsages");
120 Assert.AreEqual ("03-01-00", BitConverter.ToString (ku.RawData), "RawData");
121 // FIXME: Don't expect that FriendlyName is English. This test fails under non-English Windows.
122 //Assert.AreEqual ("Information Not Available", ku.Format (true), "Format(true)");
123 //Assert.AreEqual ("Information Not Available", ku.Format (false), "Format(false)");
126 private X509KeyUsageExtension ValidateKeyUsage (X509KeyUsageFlags kuf, string rawdata)
128 X509KeyUsageExtension ku = new X509KeyUsageExtension (kuf, false);
129 Assert.IsFalse (ku.Critical, kuf.ToString () + ".Critical");
130 Assert.AreEqual (rawdata, BitConverter.ToString (ku.RawData), kuf.ToString () + ".RawData");
131 Assert.AreEqual (oid, ku.Oid.Value, kuf.ToString () + ".Oid.Value");
132 // FIXME: Don't expect that FriendlyName is English. This test fails under non-English Windows.
133 //Assert.AreEqual (fname, ku.Oid.FriendlyName, kuf.ToString () + ".Oid.FriendlyName");
134 Assert.AreEqual (kuf, ku.KeyUsages, kuf.ToString () + ".KeyUsages");
139 public void ConstructorKeyUsage_CRLSign ()
141 X509KeyUsageExtension ku = ValidateKeyUsage (X509KeyUsageFlags.CrlSign, "03-02-01-02");
142 Assert.AreEqual ("Off-line CRL Signing, CRL Signing (02)", ku.Format (false), "CRLSign");
144 ku = ValidateKeyUsage (X509KeyUsageFlags.DataEncipherment, "03-02-04-10");
145 Assert.AreEqual ("Data Encipherment (10)", ku.Format (false), "DataEncipherment");
147 ku = ValidateKeyUsage (X509KeyUsageFlags.DecipherOnly, "03-03-07-00-80");
148 Assert.AreEqual ("Decipher Only (00 80)", ku.Format (false), "DecipherOnly");
150 ku = ValidateKeyUsage (X509KeyUsageFlags.DigitalSignature, "03-02-07-80");
151 Assert.AreEqual ("Digital Signature (80)", ku.Format (false), "DigitalSignature");
153 ku = ValidateKeyUsage (X509KeyUsageFlags.EncipherOnly, "03-02-00-01");
154 Assert.AreEqual ("Encipher Only (01)", ku.Format (false), "EncipherOnly");
156 ku = ValidateKeyUsage (X509KeyUsageFlags.KeyAgreement, "03-02-03-08");
157 Assert.AreEqual ("Key Agreement (08)", ku.Format (false), "KeyAgreement");
159 ku = ValidateKeyUsage (X509KeyUsageFlags.KeyCertSign, "03-02-02-04");
160 Assert.AreEqual ("Certificate Signing (04)", ku.Format (false), "KeyCertSign");
162 ku = ValidateKeyUsage (X509KeyUsageFlags.KeyEncipherment, "03-02-05-20");
163 Assert.AreEqual ("Key Encipherment (20)", ku.Format (false), "KeyEncipherment");
165 ku = ValidateKeyUsage (X509KeyUsageFlags.NonRepudiation, "03-02-06-40");
166 Assert.AreEqual ("Non-Repudiation (40)", ku.Format (false), "NonRepudiation");
168 ValidateKeyUsage (X509KeyUsageFlags.DataEncipherment | X509KeyUsageFlags.DecipherOnly, "03-03-07-10-80");
169 ValidateKeyUsage (X509KeyUsageFlags.DigitalSignature | X509KeyUsageFlags.DecipherOnly, "03-03-07-80-80");
170 ValidateKeyUsage (X509KeyUsageFlags.EncipherOnly | X509KeyUsageFlags.DecipherOnly, "03-03-07-01-80");
171 ValidateKeyUsage (X509KeyUsageFlags.NonRepudiation | X509KeyUsageFlags.DataEncipherment, "03-02-04-50");
173 ku = ValidateKeyUsage (X509KeyUsageFlags.CrlSign | X509KeyUsageFlags.DataEncipherment | X509KeyUsageFlags.DecipherOnly |
174 X509KeyUsageFlags.DigitalSignature | X509KeyUsageFlags.EncipherOnly | X509KeyUsageFlags.KeyAgreement |
175 X509KeyUsageFlags.KeyCertSign | X509KeyUsageFlags.KeyEncipherment | X509KeyUsageFlags.NonRepudiation, "03-03-07-FF-80");
176 Assert.AreEqual ("Digital Signature, Non-Repudiation, Key Encipherment, Data Encipherment, Key Agreement, Certificate Signing, Off-line CRL Signing, CRL Signing, Encipher Only, Decipher Only (ff 80)" + Environment.NewLine,
177 ku.Format (true), "All");
181 [ExpectedException (typeof (ArgumentNullException))]
182 public void WrongExtension_X509EnhancedKeyUsageExtension ()
184 X509EnhancedKeyUsageExtension eku = new X509EnhancedKeyUsageExtension ();
185 X509KeyUsageExtension ku = new X509KeyUsageExtension ();
190 public void WrongExtension_X509Extension ()
192 X509Extension ex = new X509Extension ("1.2.3", new byte [0], true);
193 X509KeyUsageExtension ku = new X509KeyUsageExtension (X509KeyUsageFlags.CrlSign, true);
195 Assert.IsTrue (ku.Critical, "Critical");
196 Assert.AreEqual (String.Empty, BitConverter.ToString (ku.RawData), "RawData");
197 Assert.AreEqual ("1.2.3", ku.Oid.Value, "Oid.Value");
198 Assert.IsNull (ku.Oid.FriendlyName, "Oid.FriendlyName");
202 [ExpectedException (typeof (CryptographicException))]
203 public void WrongExtension_X509Extension_KeyUsages ()
205 X509Extension ex = new X509Extension ("1.2.3", new byte[0], true);
206 X509KeyUsageExtension ku = new X509KeyUsageExtension ();
208 Assert.AreEqual (0, ku.KeyUsages, "KeyUsages");
212 [ExpectedException (typeof (ArgumentException))]
213 public void WrongAsnEncodedData ()
215 AsnEncodedData aed = new AsnEncodedData (new byte[0]);
216 X509KeyUsageExtension ku = new X509KeyUsageExtension (X509KeyUsageFlags.CrlSign, true);
217 ku.CopyFrom (aed); // note: not the same behaviour than using the constructor!
221 [ExpectedException (typeof (ArgumentNullException))]
222 public void CopyFrom_Null ()
224 X509KeyUsageExtension eku = new X509KeyUsageExtension ();
229 public void CopyFrom_Self ()
231 X509KeyUsageExtension ku = new X509KeyUsageExtension (X509KeyUsageFlags.CrlSign, true);
232 Assert.IsTrue (ku.Critical, "Critical");
233 byte[] raw = ku.RawData;
234 Assert.AreEqual ("03-02-01-02", BitConverter.ToString (raw), "RawData");
236 AsnEncodedData aed = new AsnEncodedData (raw);
237 X509KeyUsageExtension copy = new X509KeyUsageExtension (aed, false);
238 Assert.IsFalse (copy.Critical, "Critical");
239 Assert.AreEqual (4, copy.RawData.Length, "RawData"); // original Oid ignored
240 Assert.AreEqual (oid, copy.Oid.Value, "Oid.Value");
241 // FIXME: Don't expect that FriendlyName is English. This test fails under non-English Windows.
242 //Assert.AreEqual (fname, copy.Oid.FriendlyName, "Oid.FriendlyName");
243 Assert.AreEqual (X509KeyUsageFlags.CrlSign, copy.KeyUsages, "KeyUsages");
248 public void CreateViaCryptoConfig ()
250 // extensions can be created with CryptoConfig
251 AsnEncodedData aed = new AsnEncodedData (new byte[] { 0x03, 0x01, 0x00 });
252 X509KeyUsageExtension ku = (X509KeyUsageExtension) CryptoConfig.CreateFromName (oid, new object[2] { aed, true });
253 Assert.IsTrue (ku.Critical, "Critical");
254 Assert.AreEqual (3, ku.RawData.Length, "RawData"); // original Oid ignored
255 Assert.AreEqual (oid, ku.Oid.Value, "Oid.Value");
256 Assert.AreEqual (0, (int) ku.KeyUsages, "KeyUsages");