5 // Atsushi Enomoto <atsushi@ximian.com>
7 // Copyright (C) 2006 Novell, Inc. http://www.novell.com
9 // Permission is hereby granted, free of charge, to any person obtaining
10 // a copy of this software and associated documentation files (the
11 // "Software"), to deal in the Software without restriction, including
12 // without limitation the rights to use, copy, modify, merge, publish,
13 // distribute, sublicense, and/or sell copies of the Software, and to
14 // permit persons to whom the Software is furnished to do so, subject to
15 // the following conditions:
17 // The above copyright notice and this permission notice shall be
18 // included in all copies or substantial portions of the Software.
20 // THE SOFTWARE IS PROVIDED "AS IS", WITHOUT WARRANTY OF ANY KIND,
21 // EXPRESS OR IMPLIED, INCLUDING BUT NOT LIMITED TO THE WARRANTIES OF
22 // MERCHANTABILITY, FITNESS FOR A PARTICULAR PURPOSE AND
23 // NONINFRINGEMENT. IN NO EVENT SHALL THE AUTHORS OR COPYRIGHT HOLDERS BE
24 // LIABLE FOR ANY CLAIM, DAMAGES OR OTHER LIABILITY, WHETHER IN AN ACTION
25 // OF CONTRACT, TORT OR OTHERWISE, ARISING FROM, OUT OF OR IN CONNECTION
26 // WITH THE SOFTWARE OR THE USE OR OTHER DEALINGS IN THE SOFTWARE.
29 using System.Collections.Generic;
30 using System.Collections.ObjectModel;
32 using System.Net.Security;
33 using System.Security.Cryptography.X509Certificates;
34 using System.IdentityModel.Selectors;
35 using System.IdentityModel.Tokens;
36 using System.ServiceModel;
37 using System.ServiceModel.Channels;
38 using System.ServiceModel.Description;
39 using System.ServiceModel.Security;
40 using System.ServiceModel.Security.Tokens;
42 using NUnit.Framework;
44 namespace MonoTests.System.ServiceModel.Channels
46 public static class SecurityAssert
48 public static void AssertLocalClientSecuritySettings (
50 int renewalThresholdPercentage,
52 LocalClientSecuritySettings lc, string label)
54 Assert.IsNotNull (lc, label + " IsNotNull");
55 Assert.AreEqual (cacheCookies, lc.CacheCookies, label + ".CacheCookies");
56 Assert.AreEqual (renewalThresholdPercentage, lc.CookieRenewalThresholdPercentage, label + ".CookieRenewalThresholdPercentage");
57 Assert.AreEqual (detectReplays, lc.DetectReplays, label + ".DetectReplays");
60 public static void AssertSecurityTokenParameters (
61 SecurityTokenInclusionMode protectionTokenInclusionMode,
62 SecurityTokenReferenceStyle protectionTokenReferenceStyle,
63 bool protectionTokenRequireDerivedKeys,
64 SecurityTokenParameters tp, string label)
66 Assert.IsNotNull (tp, label + " IsNotNull");
67 Assert.AreEqual (protectionTokenInclusionMode,
68 tp.InclusionMode, label + ".InclusionMode");
69 Assert.AreEqual (protectionTokenReferenceStyle,
70 tp.ReferenceStyle, label + ".ReferenceStyle");
71 Assert.AreEqual (protectionTokenRequireDerivedKeys,
72 tp.RequireDerivedKeys, label + ".RequireDerivedKeys");
75 public static void AssertSupportingTokenParameters (
76 int endorsing, int signed, int signedEncrypted, int signedEndorsing,
77 SupportingTokenParameters tp, string label)
79 Assert.IsNotNull (tp, label + " IsNotNull");
80 Assert.AreEqual (endorsing, tp.Endorsing.Count, label + ".Endoring.Count");
81 Assert.AreEqual (signed, tp.Signed.Count, label + ".Signed.Count");
82 Assert.AreEqual (signedEncrypted, tp.SignedEncrypted.Count, label + ".SignedEncrypted.Count");
83 Assert.AreEqual (signedEndorsing, tp.SignedEndorsing.Count, label + ".SignedEndorsing.Count");
86 public static void AssertSecurityBindingElement (
87 SecurityAlgorithmSuite algorithm,
88 bool includeTimestamp,
89 SecurityKeyEntropyMode keyEntropyMode,
90 MessageSecurityVersion messageSecurityVersion,
91 SecurityHeaderLayout securityHeaderLayout,
92 // EndpointSupportingTokenParameters
93 int endorsing, int signed, int signedEncrypted, int signedEndorsing,
94 // LocalClientSettings
96 int renewalThresholdPercentage,
98 SecurityBindingElement be, string label)
100 Assert.AreEqual (algorithm, be.DefaultAlgorithmSuite, label + ".DefaultAlgorithmSuite");
101 Assert.AreEqual (includeTimestamp, be.IncludeTimestamp, label + ".KeyEntropyMode");
102 Assert.AreEqual (keyEntropyMode,
103 be.KeyEntropyMode, label + "#3");
105 Assert.AreEqual (messageSecurityVersion,
106 be.MessageSecurityVersion, label + ".MessageSecurityVersion");
107 Assert.AreEqual (securityHeaderLayout,
108 be.SecurityHeaderLayout, label + ".SecurityHeaderLayout");
110 // FIXME: they should be extracted step by step...
112 // EndpointSupportingTokenParameters
113 SupportingTokenParameters tp = be.EndpointSupportingTokenParameters;
114 AssertSupportingTokenParameters (
115 endorsing, signed, signedEncrypted, signedEndorsing,
116 tp, label + ".Endpoint");
118 // OptionalEndpointSupportingTokenParameters
119 tp = be.OptionalEndpointSupportingTokenParameters;
120 Assert.IsNotNull (tp, label + "#3-0");
121 Assert.AreEqual (0, tp.Endorsing.Count, label + "#3-1");
122 Assert.AreEqual (0, tp.Signed.Count, label + "#3-2");
123 Assert.AreEqual (0, tp.SignedEncrypted.Count, label + "#3-3");
124 Assert.AreEqual (0, tp.SignedEndorsing.Count, label + "#3-4");
126 // OperationSupportingTokenParameters
127 IDictionary<string,SupportingTokenParameters> oper = be.OperationSupportingTokenParameters;
128 Assert.IsNotNull (oper, label + "#4-1");
129 Assert.AreEqual (0, oper.Count, label + "#4-2");
131 // OptionalOperationSupportingTokenParameters
132 oper = be.OptionalOperationSupportingTokenParameters;
133 Assert.IsNotNull (oper, label + "#5-1");
134 Assert.AreEqual (0, oper.Count, label + "#5-2");
136 // LocalClientSettings
137 LocalClientSecuritySettings lc =
138 be.LocalClientSettings;
139 AssertLocalClientSecuritySettings (
141 renewalThresholdPercentage,
144 // FIXME: IdentityVerifier
145 Assert.AreEqual (TimeSpan.FromMinutes (5), lc.MaxClockSkew, label + "#7-5");
146 Assert.AreEqual (TimeSpan.MaxValue, lc.MaxCookieCachingTime, label + "#7-6");
147 Assert.AreEqual (true, lc.ReconnectTransportOnFailure, label + "#7-7");
148 Assert.AreEqual (900000, lc.ReplayCacheSize, label + "#7-8");
149 Assert.AreEqual (TimeSpan.FromMinutes (5), lc.ReplayWindow, label + "#7-9");
150 Assert.AreEqual (TimeSpan.FromHours (10), lc.SessionKeyRenewalInterval, label + "#7-10");
151 Assert.AreEqual (TimeSpan.FromMinutes (5), lc.SessionKeyRolloverInterval, label + "#7-11");
152 Assert.AreEqual (TimeSpan.FromMinutes (5), lc.TimestampValidityDuration, label + "#7-12");
154 // FIXME: LocalServiceSettings
157 public static void AssertSymmetricSecurityBindingElement (
158 SecurityAlgorithmSuite algorithm,
159 bool includeTimestamp,
160 SecurityKeyEntropyMode keyEntropyMode,
161 MessageProtectionOrder messageProtectionOrder,
162 MessageSecurityVersion messageSecurityVersion,
163 bool requireSignatureConfirmation,
164 SecurityHeaderLayout securityHeaderLayout,
165 // EndpointSupportingTokenParameters
166 int endorsing, int signed, int signedEncrypted, int signedEndorsing,
167 // ProtectionTokenParameters
168 bool hasProtectionTokenParameters,
169 SecurityTokenInclusionMode protectionTokenInclusionMode,
170 SecurityTokenReferenceStyle protectionTokenReferenceStyle,
171 bool protectionTokenRequireDerivedKeys,
172 // LocalClientSettings
174 int renewalThresholdPercentage,
176 SymmetricSecurityBindingElement be, string label)
178 AssertSecurityBindingElement (
182 messageSecurityVersion,
183 securityHeaderLayout,
184 // EndpointSupportingTokenParameters
185 endorsing, signed, signedEncrypted, signedEndorsing,
186 // LocalClientSettings
188 renewalThresholdPercentage,
192 Assert.AreEqual (messageProtectionOrder, be.MessageProtectionOrder, label + ".MessageProtectionOrder");
193 Assert.AreEqual (requireSignatureConfirmation, be.RequireSignatureConfirmation, label + ".RequireSignatureConfirmation");
195 if (!hasProtectionTokenParameters)
196 Assert.IsNull (be.ProtectionTokenParameters, label + ".ProtectionTokenParameters (null)");
198 AssertSecurityTokenParameters (
199 protectionTokenInclusionMode,
200 protectionTokenReferenceStyle,
201 protectionTokenRequireDerivedKeys,
202 be.ProtectionTokenParameters, label + ".ProtectionTokenParameters");
205 public static void AssertAsymmetricSecurityBindingElement (
206 SecurityAlgorithmSuite algorithm,
207 bool includeTimestamp,
208 SecurityKeyEntropyMode keyEntropyMode,
209 MessageProtectionOrder messageProtectionOrder,
210 MessageSecurityVersion messageSecurityVersion,
211 bool requireSignatureConfirmation,
212 SecurityHeaderLayout securityHeaderLayout,
213 // EndpointSupportingTokenParameters
214 int endorsing, int signed, int signedEncrypted, int signedEndorsing,
215 // InitiatorTokenParameters
216 bool hasInitiatorTokenParameters,
217 SecurityTokenInclusionMode initiatorTokenInclusionMode,
218 SecurityTokenReferenceStyle initiatorTokenReferenceStyle,
219 bool initiatorTokenRequireDerivedKeys,
220 // RecipientTokenParameters
221 bool hasRecipientTokenParameters,
222 SecurityTokenInclusionMode recipientTokenInclusionMode,
223 SecurityTokenReferenceStyle recipientTokenReferenceStyle,
224 bool recipientTokenRequireDerivedKeys,
225 // LocalClientSettings
227 int renewalThresholdPercentage,
229 AsymmetricSecurityBindingElement be, string label)
231 AssertSecurityBindingElement (
235 messageSecurityVersion,
236 securityHeaderLayout,
237 // EndpointSupportingTokenParameters
238 endorsing, signed, signedEncrypted, signedEndorsing,
239 // LocalClientSettings
241 renewalThresholdPercentage,
245 Assert.AreEqual (messageProtectionOrder, be.MessageProtectionOrder, label + ".MessageProtectionOrder");
246 Assert.AreEqual (requireSignatureConfirmation, be.RequireSignatureConfirmation, label + ".RequireSignatureConfirmation");
248 if (!hasInitiatorTokenParameters)
249 Assert.IsNull (be.InitiatorTokenParameters, label + ".InitiatorTokenParameters (null)");
251 AssertSecurityTokenParameters (
252 initiatorTokenInclusionMode,
253 initiatorTokenReferenceStyle,
254 initiatorTokenRequireDerivedKeys,
255 be.InitiatorTokenParameters, label + ".InitiatorTokenParameters");
256 if (!hasRecipientTokenParameters)
257 Assert.IsNull (be.RecipientTokenParameters, label + ".RecipientTokenParameters (null)");
259 AssertSecurityTokenParameters (
260 recipientTokenInclusionMode,
261 recipientTokenReferenceStyle,
262 recipientTokenRequireDerivedKeys,
263 be.RecipientTokenParameters, label + ".RecipientTokenParameters");