// X509ChainPolicyTest.cs - NUnit tests for X509ChainPolicy
//
// Author:
-// Sebastien Pouliot (spouliot@motus.com)
+// Sebastien Pouliot <sebastien@ximian.com>
//
// (C) 2003 Motus Technologies Inc. (http://www.motus.com)
+// Copyright (C) 2006 Novell, Inc (http://www.novell.com)
+//
+// Permission is hereby granted, free of charge, to any person obtaining
+// a copy of this software and associated documentation files (the
+// "Software"), to deal in the Software without restriction, including
+// without limitation the rights to use, copy, modify, merge, publish,
+// distribute, sublicense, and/or sell copies of the Software, and to
+// permit persons to whom the Software is furnished to do so, subject to
+// the following conditions:
+//
+// The above copyright notice and this permission notice shall be
+// included in all copies or substantial portions of the Software.
+//
+// THE SOFTWARE IS PROVIDED "AS IS", WITHOUT WARRANTY OF ANY KIND,
+// EXPRESS OR IMPLIED, INCLUDING BUT NOT LIMITED TO THE WARRANTIES OF
+// MERCHANTABILITY, FITNESS FOR A PARTICULAR PURPOSE AND
+// NONINFRINGEMENT. IN NO EVENT SHALL THE AUTHORS OR COPYRIGHT HOLDERS BE
+// LIABLE FOR ANY CLAIM, DAMAGES OR OTHER LIABILITY, WHETHER IN AN ACTION
+// OF CONTRACT, TORT OR OTHERWISE, ARISING FROM, OUT OF OR IN CONNECTION
+// WITH THE SOFTWARE OR THE USE OR OTHER DEALINGS IN THE SOFTWARE.
//
#if NET_2_0
using System.Collections;
using System.Security.Cryptography;
using System.Security.Cryptography.X509Certificates;
+using System.Threading;
namespace MonoTests.System.Security.Cryptography.X509Certificates {
[TestFixture]
- public class X509ChainPolicyTest : Assertion {
+ public class X509ChainPolicyTest {
static string signingTimeOid = "1.2.840.113549.1.9.5";
{
X509ChainPolicy cp = GetPolicy ();
// default properties
- AssertEquals ("ApplicationPolicy", 0, cp.ApplicationPolicy.Count);
- AssertEquals ("CertificatePolicy", 0, cp.CertificatePolicy.Count);
- AssertEquals ("ExtraStore", 0, cp.ExtraStore.Count);
- AssertEquals ("RevocationFlag", X509RevocationFlag.ExcludeRoot, cp.RevocationFlag);
- AssertEquals ("RevocationMode", X509RevocationMode.Online, cp.RevocationMode);
- AssertEquals ("UrlRetrievalTimeout", 0, cp.UrlRetrievalTimeout.Ticks);
- AssertEquals ("VerificationFlags", X509VerificationFlags.NoFlag, cp.VerificationFlags);
+ Assert.AreEqual (0, cp.ApplicationPolicy.Count, "ApplicationPolicy");
+ Assert.AreEqual (0, cp.CertificatePolicy.Count, "CertificatePolicy");
+ Assert.AreEqual (0, cp.ExtraStore.Count, "ExtraStore");
+ Assert.AreEqual (X509RevocationFlag.ExcludeRoot, cp.RevocationFlag, "RevocationFlag");
+ Assert.AreEqual (X509RevocationMode.Online, cp.RevocationMode, "RevocationMode");
+ Assert.AreEqual (0, cp.UrlRetrievalTimeout.Ticks, "UrlRetrievalTimeout");
+ Assert.AreEqual (X509VerificationFlags.NoFlag, cp.VerificationFlags, "VerificationFlags");
DateTime vt = cp.VerificationTime;
- Assert ("VerificationTime", ((vt <= DateTime.Now) && (vt > DateTime.Now.AddMinutes (-1))));
+ Assert.IsTrue (((vt <= DateTime.Now) && (vt > DateTime.Now.AddMinutes (-1))), "VerificationTime");
}
[Test]
{
X509ChainPolicy cp = GetPolicy ();
cp.ApplicationPolicy.Add (new Oid (signingTimeOid));
- AssertEquals ("ApplicationPolicy", 1, cp.ApplicationPolicy.Count);
+ Assert.AreEqual (1, cp.ApplicationPolicy.Count, "ApplicationPolicy");
+ }
+
+ [Test]
+ public void ApplicationPolicy_Reset ()
+ {
+ X509ChainPolicy cp = GetPolicy ();
+ cp.ApplicationPolicy.Add (new Oid (signingTimeOid));
+ OidCollection oc = cp.ApplicationPolicy;
+ Assert.AreEqual (1, oc.Count, "ApplicationPolicy-1");
+ cp.Reset ();
+ Assert.AreEqual (1, oc.Count, "ApplicationPolicy-2");
+ Assert.AreEqual (0, cp.ApplicationPolicy.Count, "ApplicationPolicy-3");
}
[Test]
{
X509ChainPolicy cp = GetPolicy ();
cp.CertificatePolicy.Add (new Oid (signingTimeOid));
- AssertEquals ("CertificatePolicy", 1, cp.CertificatePolicy.Count);
+ Assert.AreEqual (1, cp.CertificatePolicy.Count, "CertificatePolicy");
+ }
+
+ [Test]
+ public void CertificatePolicy_Reset ()
+ {
+ X509ChainPolicy cp = GetPolicy ();
+ cp.CertificatePolicy.Add (new Oid (signingTimeOid));
+ OidCollection oc = cp.CertificatePolicy;
+ Assert.AreEqual (1, oc.Count, "CertificatePolicy-1");
+ cp.Reset ();
+ Assert.AreEqual (1, oc.Count, "CertificatePolicy-2");
+ Assert.AreEqual (0, cp.CertificatePolicy.Count, "CertificatePolicy-3");
}
[Test]
{
X509ChainPolicy cp = GetPolicy ();
cp.ExtraStore.Add (new X509Certificate2 ());
- AssertEquals ("ExtraStore", 1, cp.ExtraStore.Count);
+ Assert.AreEqual (1, cp.ExtraStore.Count, "ExtraStore");
+ }
+
+ [Test]
+ public void ExtraStore_Reset ()
+ {
+ X509ChainPolicy cp = GetPolicy ();
+ cp.ExtraStore.Add (new X509Certificate2 ());
+ X509Certificate2Collection cc = cp.ExtraStore;
+ Assert.AreEqual (1, cc.Count, "ExtraStore-1");
+ cp.Reset ();
+ Assert.AreEqual (1, cc.Count, "ExtraStore-2");
+ Assert.AreEqual (0, cp.ExtraStore.Count, "ExtraStore-3");
}
[Test]
{
X509ChainPolicy cp = GetPolicy ();
cp.RevocationFlag = X509RevocationFlag.EndCertificateOnly;
- AssertEquals ("EndCertificateOnly", X509RevocationFlag.EndCertificateOnly, cp.RevocationFlag);
+ Assert.AreEqual (X509RevocationFlag.EndCertificateOnly, cp.RevocationFlag, "EndCertificateOnly");
cp.RevocationFlag = X509RevocationFlag.EntireChain;
- AssertEquals ("EntireChain", X509RevocationFlag.EntireChain, cp.RevocationFlag);
+ Assert.AreEqual (X509RevocationFlag.EntireChain, cp.RevocationFlag, "EntireChain");
cp.RevocationFlag = X509RevocationFlag.ExcludeRoot;
- AssertEquals ("ExcludeRoot", X509RevocationFlag.ExcludeRoot, cp.RevocationFlag);
+ Assert.AreEqual (X509RevocationFlag.ExcludeRoot, cp.RevocationFlag, "ExcludeRoot");
+ }
+
+ [Test]
+ [ExpectedException (typeof (ArgumentException))]
+ public void RevocationFlag_Invalid ()
+ {
+ X509ChainPolicy cp = GetPolicy ();
+ cp.RevocationFlag = (X509RevocationFlag) Int32.MinValue;
}
[Test]
{
X509ChainPolicy cp = GetPolicy ();
cp.RevocationMode = X509RevocationMode.NoCheck;
- AssertEquals ("NoCheck", X509RevocationMode.NoCheck, cp.RevocationMode);
+ Assert.AreEqual (X509RevocationMode.NoCheck, cp.RevocationMode, "NoCheck");
cp.RevocationMode = X509RevocationMode.Offline;
- AssertEquals ("Offline", X509RevocationMode.Offline, cp.RevocationMode);
+ Assert.AreEqual (X509RevocationMode.Offline, cp.RevocationMode, "Offline");
cp.RevocationMode = X509RevocationMode.Online;
- AssertEquals ("Online", X509RevocationMode.Online, cp.RevocationMode);
+ Assert.AreEqual (X509RevocationMode.Online, cp.RevocationMode, "Online");
+ }
+
+ [Test]
+ [ExpectedException (typeof (ArgumentException))]
+ public void RevocationMode_Invalid ()
+ {
+ X509ChainPolicy cp = GetPolicy ();
+ cp.RevocationMode = (X509RevocationMode) Int32.MinValue;
}
[Test]
{
X509ChainPolicy cp = GetPolicy ();
cp.UrlRetrievalTimeout = new TimeSpan (100);
- AssertEquals ("TimeSpan=100", 100, cp.UrlRetrievalTimeout.Ticks);
+ Assert.AreEqual (100, cp.UrlRetrievalTimeout.Ticks, "TimeSpan=100");
cp.UrlRetrievalTimeout = new TimeSpan (0);
- AssertEquals ("TimeSpan=0", 0, cp.UrlRetrievalTimeout.Ticks);
+ Assert.AreEqual (0, cp.UrlRetrievalTimeout.Ticks, "TimeSpan=0");
+ cp.UrlRetrievalTimeout = TimeSpan.MinValue;
+ Assert.AreEqual (TimeSpan.MinValue, cp.UrlRetrievalTimeout, "TimeSpan=MinValue");
+ cp.UrlRetrievalTimeout = TimeSpan.MaxValue;
+ Assert.AreEqual (TimeSpan.MaxValue, cp.UrlRetrievalTimeout, "TimeSpan=MaxValue");
}
[Test]
{
X509ChainPolicy cp = GetPolicy ();
cp.VerificationFlags = X509VerificationFlags.AllFlags;
- AssertEquals ("AllFlags", X509VerificationFlags.AllFlags, cp.VerificationFlags);
+ Assert.AreEqual (X509VerificationFlags.AllFlags, cp.VerificationFlags, "AllFlags");
cp.VerificationFlags = X509VerificationFlags.AllowUnknownCertificateAuthority;
- AssertEquals ("AllowUnknownCertificateAuthority", X509VerificationFlags.AllowUnknownCertificateAuthority, cp.VerificationFlags);
+ Assert.AreEqual (X509VerificationFlags.AllowUnknownCertificateAuthority, cp.VerificationFlags, "AllowUnknownCertificateAuthority");
cp.VerificationFlags = X509VerificationFlags.IgnoreCertificateAuthorityRevocationUnknown;
- AssertEquals ("IgnoreCertificateAuthorityRevocationUnknown", X509VerificationFlags.IgnoreCertificateAuthorityRevocationUnknown, cp.VerificationFlags);
+ Assert.AreEqual (X509VerificationFlags.IgnoreCertificateAuthorityRevocationUnknown, cp.VerificationFlags, "IgnoreCertificateAuthorityRevocationUnknown");
cp.VerificationFlags = X509VerificationFlags.IgnoreCtlNotTimeValid;
- AssertEquals ("IgnoreCtlNotTimeValid", X509VerificationFlags.IgnoreCtlNotTimeValid, cp.VerificationFlags);
+ Assert.AreEqual (X509VerificationFlags.IgnoreCtlNotTimeValid, cp.VerificationFlags, "IgnoreCtlNotTimeValid");
cp.VerificationFlags = X509VerificationFlags.IgnoreCtlSignerRevocationUnknown;
- AssertEquals ("IgnoreCtlSignerRevocationUnknown", X509VerificationFlags.IgnoreCtlSignerRevocationUnknown, cp.VerificationFlags);
+ Assert.AreEqual (X509VerificationFlags.IgnoreCtlSignerRevocationUnknown, cp.VerificationFlags, "IgnoreCtlSignerRevocationUnknown");
cp.VerificationFlags = X509VerificationFlags.IgnoreEndRevocationUnknown;
- AssertEquals ("IgnoreEndRevocationUnknown", X509VerificationFlags.IgnoreEndRevocationUnknown, cp.VerificationFlags);
+ Assert.AreEqual (X509VerificationFlags.IgnoreEndRevocationUnknown, cp.VerificationFlags, "IgnoreEndRevocationUnknown");
cp.VerificationFlags = X509VerificationFlags.IgnoreInvalidBasicConstraints;
- AssertEquals ("IgnoreInvalidBasicConstraints", X509VerificationFlags.IgnoreInvalidBasicConstraints, cp.VerificationFlags);
+ Assert.AreEqual (X509VerificationFlags.IgnoreInvalidBasicConstraints, cp.VerificationFlags, "IgnoreInvalidBasicConstraints");
cp.VerificationFlags = X509VerificationFlags.IgnoreInvalidName;
- AssertEquals ("IgnoreInvalidName", X509VerificationFlags.IgnoreInvalidName, cp.VerificationFlags);
+ Assert.AreEqual (X509VerificationFlags.IgnoreInvalidName, cp.VerificationFlags, "IgnoreInvalidName");
cp.VerificationFlags = X509VerificationFlags.IgnoreInvalidPolicy;
- AssertEquals ("IgnoreInvalidPolicy", X509VerificationFlags.IgnoreInvalidPolicy, cp.VerificationFlags);
+ Assert.AreEqual (X509VerificationFlags.IgnoreInvalidPolicy, cp.VerificationFlags, "IgnoreInvalidPolicy");
cp.VerificationFlags = X509VerificationFlags.IgnoreNotTimeNested;
- AssertEquals ("IgnoreNotTimeNested", X509VerificationFlags.IgnoreNotTimeNested, cp.VerificationFlags);
+ Assert.AreEqual (X509VerificationFlags.IgnoreNotTimeNested, cp.VerificationFlags, "IgnoreNotTimeNested");
cp.VerificationFlags = X509VerificationFlags.IgnoreNotTimeValid;
- AssertEquals ("IgnoreNotTimeValid", X509VerificationFlags.IgnoreNotTimeValid, cp.VerificationFlags);
+ Assert.AreEqual (X509VerificationFlags.IgnoreNotTimeValid, cp.VerificationFlags, "IgnoreNotTimeValid");
cp.VerificationFlags = X509VerificationFlags.IgnoreRootRevocationUnknown;
- AssertEquals ("IgnoreRootRevocationUnknown", X509VerificationFlags.IgnoreRootRevocationUnknown, cp.VerificationFlags);
+ Assert.AreEqual (X509VerificationFlags.IgnoreRootRevocationUnknown, cp.VerificationFlags, "IgnoreRootRevocationUnknown");
cp.VerificationFlags = X509VerificationFlags.IgnoreWrongUsage;
- AssertEquals ("IgnoreWrongUsage", X509VerificationFlags.IgnoreWrongUsage, cp.VerificationFlags);
+ Assert.AreEqual (X509VerificationFlags.IgnoreWrongUsage, cp.VerificationFlags, "IgnoreWrongUsage");
cp.VerificationFlags = X509VerificationFlags.NoFlag;
- AssertEquals ("NoFlag", X509VerificationFlags.NoFlag, cp.VerificationFlags);
+ Assert.AreEqual (X509VerificationFlags.NoFlag, cp.VerificationFlags, "NoFlag");
+ }
+
+ [Test]
+ [ExpectedException (typeof (ArgumentException))]
+ public void VerificationFlags_Invalid ()
+ {
+ X509ChainPolicy cp = GetPolicy ();
+ cp.VerificationFlags = (X509VerificationFlags)Int32.MinValue;
+ }
+
+ [Test]
+ public void VerificationTime ()
+ {
+ X509ChainPolicy cp = GetPolicy ();
+ Assert.AreEqual (DateTimeKind.Local, cp.VerificationTime.Kind, "Kind=Local");
+ cp.VerificationTime = DateTime.Today;
+ Assert.AreEqual (DateTime.Today, cp.VerificationTime, "DateTime=Today");
+ cp.VerificationTime = new DateTime (0);
+ Assert.AreEqual (0, cp.VerificationTime.Ticks, "DateTime=0");
+ cp.VerificationTime = DateTime.MinValue;
+ Assert.AreEqual (DateTime.MinValue, cp.VerificationTime, "DateTime=MinValue");
+ cp.VerificationTime = DateTime.MaxValue;
+ Assert.AreEqual (DateTime.MaxValue, cp.VerificationTime, "DateTime=MaxValue");
}
[Test]
cp.UrlRetrievalTimeout = new TimeSpan (100);
cp.VerificationFlags = X509VerificationFlags.AllFlags;
DateTime vt = cp.VerificationTime;
- Assert ("VerificationTime", ((vt <= DateTime.Now) && (vt > DateTime.Now.AddMinutes (-1))));
+ Assert.IsTrue (((vt <= DateTime.Now) && (vt > DateTime.Now.AddMinutes (-1))), "VerificationTime");
+ // wait a bit before calling Reset, otherwise we could end up with the same time value
+ Thread.Sleep (100);
cp.Reset ();
- Assert ("VerificationTime-Reset", (vt != cp.VerificationTime));
+ Assert.IsTrue ((vt != cp.VerificationTime), "VerificationTime-Reset");
// default properties
- AssertEquals ("ApplicationPolicy", 0, cp.ApplicationPolicy.Count);
- AssertEquals ("CertificatePolicy", 0, cp.CertificatePolicy.Count);
- AssertEquals ("ExtraStore", 0, cp.ExtraStore.Count);
- AssertEquals ("RevocationFlag", X509RevocationFlag.ExcludeRoot, cp.RevocationFlag);
- AssertEquals ("RevocationMode", X509RevocationMode.Online, cp.RevocationMode);
- AssertEquals ("UrlRetrievalTimeout", 0, cp.UrlRetrievalTimeout.Ticks);
- AssertEquals ("VerificationFlags", X509VerificationFlags.NoFlag, cp.VerificationFlags);
+ Assert.AreEqual (0, cp.ApplicationPolicy.Count, "ApplicationPolicy");
+ Assert.AreEqual (0, cp.CertificatePolicy.Count, "CertificatePolicy");
+ Assert.AreEqual (0, cp.ExtraStore.Count, "ExtraStore");
+ Assert.AreEqual (X509RevocationFlag.ExcludeRoot, cp.RevocationFlag, "RevocationFlag");
+ Assert.AreEqual (X509RevocationMode.Online, cp.RevocationMode, "RevocationMode");
+ Assert.AreEqual (0, cp.UrlRetrievalTimeout.Ticks, "UrlRetrievalTimeout");
+ Assert.AreEqual (X509VerificationFlags.NoFlag, cp.VerificationFlags, "VerificationFlags");
vt = cp.VerificationTime;
- Assert ("VerificationTime", ((vt <= DateTime.Now) && (vt > DateTime.Now.AddMinutes (-1))));
+ Assert.IsTrue (((vt <= DateTime.Now) && (vt > DateTime.Now.AddMinutes (-1))), "VerificationTime");
}
}
}