mcs/class/System.Security/Test/System.Security.Cryptography.Pkcs/PkitsTest.cs

   1 //
   2 // PkitsTest.cs - NUnit tests for
   3 //      NIST Public Key Interoperability Test Suite (PKITS)
   4 //      Certificate Path Validation, Version 1.0, September 2, 2004
   5 //
   6 // Author:
   7 //      Sebastien Pouliot  <sebastien@ximian.com>
   8 //
   9 // Copyright (C) 2006 Novell, Inc (http://www.novell.com)
  10 //
  11 // Permission is hereby granted, free of charge, to any person obtaining
  12 // a copy of this software and associated documentation files (the
  13 // "Software"), to deal in the Software without restriction, including
  14 // without limitation the rights to use, copy, modify, merge, publish,
  15 // distribute, sublicense, and/or sell copies of the Software, and to
  16 // permit persons to whom the Software is furnished to do so, subject to
  17 // the following conditions:
  18 //
  19 // The above copyright notice and this permission notice shall be
  20 // included in all copies or substantial portions of the Software.
  21 //
  22 // THE SOFTWARE IS PROVIDED "AS IS", WITHOUT WARRANTY OF ANY KIND,
  23 // EXPRESS OR IMPLIED, INCLUDING BUT NOT LIMITED TO THE WARRANTIES OF
  24 // MERCHANTABILITY, FITNESS FOR A PARTICULAR PURPOSE AND
  25 // NONINFRINGEMENT. IN NO EVENT SHALL THE AUTHORS OR COPYRIGHT HOLDERS BE
  26 // LIABLE FOR ANY CLAIM, DAMAGES OR OTHER LIABILITY, WHETHER IN AN ACTION
  27 // OF CONTRACT, TORT OR OTHERWISE, ARISING FROM, OUT OF OR IN CONNECTION
  28 // WITH THE SOFTWARE OR THE USE OR OTHER DEALINGS IN THE SOFTWARE.
  29 //
  30
  31
  32 using NUnit.Framework;
  33
  34 using System;
  35 using System.Collections;
  36 using System.IO;
  37 using System.Security.Cryptography;
  38 using System.Security.Cryptography.Pkcs;
  39 using System.Security.Cryptography.X509Certificates;
  40 using System.Text;
  41
  42 namespace MonoTests.System.Security.Cryptography.Pkcs {
  43
  44         /*
  45          *      PKITS home page
  46          *      http://csrs.nist.gov/pki/testing/x509paths.html
  47          *
  48          *      Documentation is available at
  49          *      http://csrc.nist.gov/pki/testing/PKITS.pdf
  50          *
  51          *      Test data is available at
  52          *      http://csrc.nist.gov/pki/testing/PKITS_data.zip
  53          *
  54          *      License information are available at
  55          *      http://cio.nist.gov/esd/emaildir/lists/pkits/msg00048.html
  56          */
  57
  58         [Category ("PKITS")]
  59         public class PkitsTest {
  60
  61                 private string base_dir;
  62                 private string certs_base_dir;
  63                 private string smime_base_dir;
  64                 private Hashtable cache;
  65                 private Oid[] policies;
  66
  67                 [TestFixtureSetUp]
  68                 public void FixtureSetUp ()
  69                 {
  70                         // reuse PKITS data installed in System (for X509Chain tests)
  71                         base_dir = String.Format ("{0}{1}..{1}System{1}Test{1}System.Security.Cryptography.X509Certificates{1}pkits",
  72                                 Directory.GetCurrentDirectory (), Path.DirectorySeparatorChar);
  73                         if (!Directory.Exists (base_dir))
  74                                 Assert.Ignore ("PKITS tests data not found under '{0}'.", new object[] { base_dir });
  75                         certs_base_dir = Path.Combine (base_dir, "certs");
  76                         smime_base_dir = Path.Combine (base_dir, "smime");
  77
  78                         cache = new Hashtable ();
  79
  80                         policies = new Oid[9];
  81                         // any-policies
  82                         policies[0] = new Oid ("2.5.29.32.0");
  83                         // nist_test_policy_#
  84                         for (int i=0; i < 9; i++)
  85                                 policies[i] = new Oid ("2.16.840.1.101.3.2.1.48." + i.ToString ());
  86                 }
  87
  88                 [TestFixtureTearDown]
  89                 public void FixtureTearDown ()
  90                 {
  91                         cache.Clear ();
  92                 }
  93
  94                 public X509Certificate2 GetCertificate (string filename)
  95                 {
  96                         X509Certificate2 result = (cache[filename] as X509Certificate2);
  97                         if (result == null) {
  98                                 string full_path = Path.Combine (certs_base_dir, filename);
  99                                 result = new X509Certificate2 (full_path);
 100                                 cache[filename] = result;
 101                         }
 102                         return result;
 103                 }
 104
 105                 public byte[] GetData (string filename)
 106                 {
 107                         string full_path = Path.Combine (smime_base_dir, filename);
 108                         using (StreamReader sr = new StreamReader (full_path)) {
 109                                 string s = sr.ReadLine ();
 110                                 while (!sr.EndOfStream) {
 111                                         if (s.Length == 0)
 112                                                 break;
 113                                         s = sr.ReadLine ();
 114                                 }
 115                                 s = sr.ReadToEnd ();
 116                                 return Convert.FromBase64String (s);
 117                         }
 118                 }
 119
 120                 public X509Certificate2 TrustAnchorRoot {
 121                         get { return GetCertificate ("TrustAnchorRootCertificate.crt"); }
 122                 }
 123
 124                 public X509Certificate2 GoodCACert {
 125                         get { return GetCertificate ("GoodCACert.crt"); }
 126                 }
 127
 128                 // Sadly both SignedCms.CheckHash and SignedCms.CheckSignature returns void and throw an exception.
 129                 // This makes it difficult to use in tests because we want to be sure that the "expected exception"
 130                 // is being thrown at the "right" place. The next 2 methods hacks around that limitation.
 131                 public bool CheckHash (SignedCms cms)
 132                 {
 133                         try {
 134                                 cms.CheckSignature (false);
 135                                 return true;
 136                         }
 137                         catch {
 138                         }
 139                         return false;
 140                 }
 141
 142                 public bool CheckSignature (SignedCms cms)
 143                 {
 144                         try {
 145                                 cms.CheckSignature (false);
 146                                 return true;
 147                         }
 148                         catch {
 149                         }
 150                         return false;
 151                 }
 152
 153                 public Oid AnyPolicy {
 154                         get { return policies [0]; }
 155                 }
 156
 157                 public Oid NistPolicy (int n)
 158                 {
 159                         return policies[n];
 160                 }
 161         }
 162 }
 163