2 // X509ChainPolicyTest.cs - NUnit tests for X509ChainPolicy
5 // Sebastien Pouliot (spouliot@motus.com)
7 // (C) 2003 Motus Technologies Inc. (http://www.motus.com)
12 using NUnit.Framework;
15 using System.Collections;
16 using System.Security.Cryptography;
17 using System.Security.Cryptography.X509Certificates;
19 namespace MonoTests.System.Security.Cryptography.X509Certificates {
22 public class X509ChainPolicyTest : Assertion {
24 static string signingTimeOid = "1.2.840.113549.1.9.5";
26 private X509ChainPolicy GetPolicy ()
28 X509Chain c = new X509Chain ();
33 public void Default ()
35 X509ChainPolicy cp = GetPolicy ();
37 AssertEquals ("ApplicationPolicy", 0, cp.ApplicationPolicy.Count);
38 AssertEquals ("CertificatePolicy", 0, cp.CertificatePolicy.Count);
39 AssertEquals ("ExtraStore", 0, cp.ExtraStore.Count);
40 AssertEquals ("RevocationFlag", X509RevocationFlag.ExcludeRoot, cp.RevocationFlag);
41 AssertEquals ("RevocationMode", X509RevocationMode.Online, cp.RevocationMode);
42 AssertEquals ("UrlRetrievalTimeout", 0, cp.UrlRetrievalTimeout.Ticks);
43 AssertEquals ("VerificationFlags", X509VerificationFlags.NoFlag, cp.VerificationFlags);
44 DateTime vt = cp.VerificationTime;
45 Assert ("VerificationTime", ((vt <= DateTime.Now) && (vt > DateTime.Now.AddMinutes (-1))));
49 public void ApplicationPolicy ()
51 X509ChainPolicy cp = GetPolicy ();
52 cp.ApplicationPolicy.Add (new Oid (signingTimeOid));
53 AssertEquals ("ApplicationPolicy", 1, cp.ApplicationPolicy.Count);
57 public void CertificatePolicy ()
59 X509ChainPolicy cp = GetPolicy ();
60 cp.CertificatePolicy.Add (new Oid (signingTimeOid));
61 AssertEquals ("CertificatePolicy", 1, cp.CertificatePolicy.Count);
65 public void ExtraStore ()
67 X509ChainPolicy cp = GetPolicy ();
68 cp.ExtraStore.Add (new X509Certificate2 ());
69 AssertEquals ("ExtraStore", 1, cp.ExtraStore.Count);
73 public void RevocationFlag ()
75 X509ChainPolicy cp = GetPolicy ();
76 cp.RevocationFlag = X509RevocationFlag.EndCertificateOnly;
77 AssertEquals ("EndCertificateOnly", X509RevocationFlag.EndCertificateOnly, cp.RevocationFlag);
78 cp.RevocationFlag = X509RevocationFlag.EntireChain;
79 AssertEquals ("EntireChain", X509RevocationFlag.EntireChain, cp.RevocationFlag);
80 cp.RevocationFlag = X509RevocationFlag.ExcludeRoot;
81 AssertEquals ("ExcludeRoot", X509RevocationFlag.ExcludeRoot, cp.RevocationFlag);
85 public void RevocationMode ()
87 X509ChainPolicy cp = GetPolicy ();
88 cp.RevocationMode = X509RevocationMode.NoCheck;
89 AssertEquals ("NoCheck", X509RevocationMode.NoCheck, cp.RevocationMode);
90 cp.RevocationMode = X509RevocationMode.Offline;
91 AssertEquals ("Offline", X509RevocationMode.Offline, cp.RevocationMode);
92 cp.RevocationMode = X509RevocationMode.Online;
93 AssertEquals ("Online", X509RevocationMode.Online, cp.RevocationMode);
97 public void UrlRetrievalTimeout ()
99 X509ChainPolicy cp = GetPolicy ();
100 cp.UrlRetrievalTimeout = new TimeSpan (100);
101 AssertEquals ("TimeSpan=100", 100, cp.UrlRetrievalTimeout.Ticks);
102 cp.UrlRetrievalTimeout = new TimeSpan (0);
103 AssertEquals ("TimeSpan=0", 0, cp.UrlRetrievalTimeout.Ticks);
107 public void VerificationFlags ()
109 X509ChainPolicy cp = GetPolicy ();
110 cp.VerificationFlags = X509VerificationFlags.AllFlags;
111 AssertEquals ("AllFlags", X509VerificationFlags.AllFlags, cp.VerificationFlags);
112 cp.VerificationFlags = X509VerificationFlags.AllowUnknownCertificateAuthority;
113 AssertEquals ("AllowUnknownCertificateAuthority", X509VerificationFlags.AllowUnknownCertificateAuthority, cp.VerificationFlags);
114 cp.VerificationFlags = X509VerificationFlags.IgnoreCertificateAuthorityRevocationUnknown;
115 AssertEquals ("IgnoreCertificateAuthorityRevocationUnknown", X509VerificationFlags.IgnoreCertificateAuthorityRevocationUnknown, cp.VerificationFlags);
116 cp.VerificationFlags = X509VerificationFlags.IgnoreCtlNotTimeValid;
117 AssertEquals ("IgnoreCtlNotTimeValid", X509VerificationFlags.IgnoreCtlNotTimeValid, cp.VerificationFlags);
118 cp.VerificationFlags = X509VerificationFlags.IgnoreCtlSignerRevocationUnknown;
119 AssertEquals ("IgnoreCtlSignerRevocationUnknown", X509VerificationFlags.IgnoreCtlSignerRevocationUnknown, cp.VerificationFlags);
120 cp.VerificationFlags = X509VerificationFlags.IgnoreEndRevocationUnknown;
121 AssertEquals ("IgnoreEndRevocationUnknown", X509VerificationFlags.IgnoreEndRevocationUnknown, cp.VerificationFlags);
122 cp.VerificationFlags = X509VerificationFlags.IgnoreInvalidBasicConstraints;
123 AssertEquals ("IgnoreInvalidBasicConstraints", X509VerificationFlags.IgnoreInvalidBasicConstraints, cp.VerificationFlags);
124 cp.VerificationFlags = X509VerificationFlags.IgnoreInvalidName;
125 AssertEquals ("IgnoreInvalidName", X509VerificationFlags.IgnoreInvalidName, cp.VerificationFlags);
126 cp.VerificationFlags = X509VerificationFlags.IgnoreInvalidPolicy;
127 AssertEquals ("IgnoreInvalidPolicy", X509VerificationFlags.IgnoreInvalidPolicy, cp.VerificationFlags);
128 cp.VerificationFlags = X509VerificationFlags.IgnoreNotTimeNested;
129 AssertEquals ("IgnoreNotTimeNested", X509VerificationFlags.IgnoreNotTimeNested, cp.VerificationFlags);
130 cp.VerificationFlags = X509VerificationFlags.IgnoreNotTimeValid;
131 AssertEquals ("IgnoreNotTimeValid", X509VerificationFlags.IgnoreNotTimeValid, cp.VerificationFlags);
132 cp.VerificationFlags = X509VerificationFlags.IgnoreRootRevocationUnknown;
133 AssertEquals ("IgnoreRootRevocationUnknown", X509VerificationFlags.IgnoreRootRevocationUnknown, cp.VerificationFlags);
134 cp.VerificationFlags = X509VerificationFlags.IgnoreWrongUsage;
135 AssertEquals ("IgnoreWrongUsage", X509VerificationFlags.IgnoreWrongUsage, cp.VerificationFlags);
136 cp.VerificationFlags = X509VerificationFlags.NoFlag;
137 AssertEquals ("NoFlag", X509VerificationFlags.NoFlag, cp.VerificationFlags);
143 X509ChainPolicy cp = GetPolicy ();
144 cp.ApplicationPolicy.Add (new Oid (signingTimeOid));
145 cp.CertificatePolicy.Add (new Oid (signingTimeOid));
146 cp.ExtraStore.Add (new X509Certificate2 ());
147 cp.RevocationFlag = X509RevocationFlag.EndCertificateOnly;
148 cp.RevocationMode = X509RevocationMode.NoCheck;
149 cp.UrlRetrievalTimeout = new TimeSpan (100);
150 cp.VerificationFlags = X509VerificationFlags.AllFlags;
151 DateTime vt = cp.VerificationTime;
152 Assert ("VerificationTime", ((vt <= DateTime.Now) && (vt > DateTime.Now.AddMinutes (-1))));
154 Assert ("VerificationTime-Reset", (vt != cp.VerificationTime));
155 // default properties
156 AssertEquals ("ApplicationPolicy", 0, cp.ApplicationPolicy.Count);
157 AssertEquals ("CertificatePolicy", 0, cp.CertificatePolicy.Count);
158 AssertEquals ("ExtraStore", 0, cp.ExtraStore.Count);
159 AssertEquals ("RevocationFlag", X509RevocationFlag.ExcludeRoot, cp.RevocationFlag);
160 AssertEquals ("RevocationMode", X509RevocationMode.Online, cp.RevocationMode);
161 AssertEquals ("UrlRetrievalTimeout", 0, cp.UrlRetrievalTimeout.Ticks);
162 AssertEquals ("VerificationFlags", X509VerificationFlags.NoFlag, cp.VerificationFlags);
163 vt = cp.VerificationTime;
164 Assert ("VerificationTime", ((vt <= DateTime.Now) && (vt > DateTime.Now.AddMinutes (-1))));