262 lines
11 KiB
C#
262 lines
11 KiB
C#
//
|
|
// X509KeyUsageExtensionTest.cs - NUnit tests for X509KeyUsageExtension
|
|
//
|
|
// Author:
|
|
// Sebastien Pouliot <sebastien@ximian.com>
|
|
//
|
|
// Copyright (C) 2005, 2006 Novell, Inc (http://www.novell.com)
|
|
//
|
|
// Permission is hereby granted, free of charge, to any person obtaining
|
|
// a copy of this software and associated documentation files (the
|
|
// "Software"), to deal in the Software without restriction, including
|
|
// without limitation the rights to use, copy, modify, merge, publish,
|
|
// distribute, sublicense, and/or sell copies of the Software, and to
|
|
// permit persons to whom the Software is furnished to do so, subject to
|
|
// the following conditions:
|
|
//
|
|
// The above copyright notice and this permission notice shall be
|
|
// included in all copies or substantial portions of the Software.
|
|
//
|
|
// THE SOFTWARE IS PROVIDED "AS IS", WITHOUT WARRANTY OF ANY KIND,
|
|
// EXPRESS OR IMPLIED, INCLUDING BUT NOT LIMITED TO THE WARRANTIES OF
|
|
// MERCHANTABILITY, FITNESS FOR A PARTICULAR PURPOSE AND
|
|
// NONINFRINGEMENT. IN NO EVENT SHALL THE AUTHORS OR COPYRIGHT HOLDERS BE
|
|
// LIABLE FOR ANY CLAIM, DAMAGES OR OTHER LIABILITY, WHETHER IN AN ACTION
|
|
// OF CONTRACT, TORT OR OTHERWISE, ARISING FROM, OUT OF OR IN CONNECTION
|
|
// WITH THE SOFTWARE OR THE USE OR OTHER DEALINGS IN THE SOFTWARE.
|
|
//
|
|
|
|
|
|
using NUnit.Framework;
|
|
|
|
using System;
|
|
using System.Security.Cryptography;
|
|
using System.Security.Cryptography.X509Certificates;
|
|
|
|
namespace MonoTests.System.Security.Cryptography.X509Certificates {
|
|
|
|
[TestFixture]
|
|
public class X509KeyUsageExtensionTest {
|
|
|
|
private const string oid = "2.5.29.15";
|
|
private const string fname = "Key Usage";
|
|
|
|
[Test]
|
|
public void ConstructorEmpty ()
|
|
{
|
|
X509KeyUsageExtension ku = new X509KeyUsageExtension ();
|
|
Assert.IsFalse (ku.Critical , "Critical");
|
|
Assert.IsNull (ku.RawData, "RawData");
|
|
Assert.AreEqual (oid, ku.Oid.Value, "Oid.Value");
|
|
// FIXME: Don't expect that FriendlyName is English. This test fails under non-English Windows.
|
|
//Assert.AreEqual (fname, ku.Oid.FriendlyName, "Oid.FriendlyName");
|
|
Assert.AreEqual (String.Empty, ku.Format (true), "Format(true)");
|
|
Assert.AreEqual (String.Empty, ku.Format (false), "Format(false)");
|
|
Assert.AreEqual (0, (int)ku.KeyUsages, "KeyUsages");
|
|
}
|
|
|
|
[Test]
|
|
public void ConstructorAsnEncodedData ()
|
|
{
|
|
AsnEncodedData aed = new AsnEncodedData ("1.2.3", new byte[] { 0x03, 0x01, 0x00 });
|
|
X509KeyUsageExtension ku = new X509KeyUsageExtension (aed, true);
|
|
Assert.IsTrue (ku.Critical, "Critical");
|
|
Assert.AreEqual (3, ku.RawData.Length, "RawData"); // original Oid ignored
|
|
Assert.AreEqual (oid, ku.Oid.Value, "Oid.Value");
|
|
// FIXME: Don't expect that FriendlyName is English. This test fails under non-English Windows.
|
|
//Assert.AreEqual (fname, ku.Oid.FriendlyName, "Oid.FriendlyName");
|
|
//Assert.AreEqual ("Information Not Available", ku.Format (true), "Format(true)");
|
|
//Assert.AreEqual ("Information Not Available", ku.Format (false), "Format(false)");
|
|
Assert.AreEqual (0, (int)ku.KeyUsages, "KeyUsages");
|
|
}
|
|
|
|
[Test]
|
|
[ExpectedException (typeof (CryptographicException))]
|
|
public void ConstructorAsnEncodedData_BadAsn ()
|
|
{
|
|
AsnEncodedData aed = new AsnEncodedData ("1.2.3", new byte[0]);
|
|
X509KeyUsageExtension ku = new X509KeyUsageExtension (aed, true);
|
|
Assert.AreEqual (String.Empty, ku.Format (true), "Format(true)");
|
|
Assert.AreEqual (String.Empty, ku.Format (false), "Format(false)");
|
|
X509KeyUsageFlags kuf = ku.KeyUsages;
|
|
}
|
|
|
|
[Test]
|
|
[ExpectedException (typeof (CryptographicException))]
|
|
public void ConstructorAsnEncodedData_BadAsnTag ()
|
|
{
|
|
AsnEncodedData aed = new AsnEncodedData ("1.2.3", new byte[] { 0x05, 0x00 });
|
|
X509KeyUsageExtension ku = new X509KeyUsageExtension (aed, true);
|
|
Assert.AreEqual ("0500", ku.Format (true), "Format(true)");
|
|
Assert.AreEqual ("0500", ku.Format (false), "Format(false)");
|
|
X509KeyUsageFlags kuf = ku.KeyUsages;
|
|
}
|
|
|
|
[Test]
|
|
[ExpectedException (typeof (CryptographicException))]
|
|
public void ConstructorAsnEncodedData_BadAsnLength ()
|
|
{
|
|
AsnEncodedData aed = new AsnEncodedData ("1.2.3", new byte[] { 0x03, 0x01 });
|
|
X509KeyUsageExtension ku = new X509KeyUsageExtension (aed, true);
|
|
Assert.AreEqual ("0301", ku.Format (true), "Format(true)");
|
|
Assert.AreEqual ("0301", ku.Format (false), "Format(false)");
|
|
X509KeyUsageFlags kuf = ku.KeyUsages;
|
|
}
|
|
|
|
[Test]
|
|
[ExpectedException (typeof (NullReferenceException))]
|
|
public void ConstructorAsnEncodedData_Null ()
|
|
{
|
|
X509KeyUsageExtension ku = new X509KeyUsageExtension (null, true);
|
|
}
|
|
|
|
[Test]
|
|
// [ExpectedException (typeof (...))]
|
|
public void ConstructorKeyUsage_Invalid ()
|
|
{
|
|
X509KeyUsageFlags kuf = (X509KeyUsageFlags)Int32.MinValue;
|
|
X509KeyUsageExtension ku = new X509KeyUsageExtension (kuf, false);
|
|
Assert.AreEqual (0, (int)ku.KeyUsages, "KeyUsages");
|
|
Assert.AreEqual ("03-01-00", BitConverter.ToString (ku.RawData), "RawData");
|
|
// FIXME: Don't expect that FriendlyName is English. This test fails under non-English Windows.
|
|
//Assert.AreEqual ("Information Not Available", ku.Format (true), "Format(true)");
|
|
//Assert.AreEqual ("Information Not Available", ku.Format (false), "Format(false)");
|
|
}
|
|
|
|
private X509KeyUsageExtension ValidateKeyUsage (X509KeyUsageFlags kuf, string rawdata)
|
|
{
|
|
X509KeyUsageExtension ku = new X509KeyUsageExtension (kuf, false);
|
|
Assert.IsFalse (ku.Critical, kuf.ToString () + ".Critical");
|
|
Assert.AreEqual (rawdata, BitConverter.ToString (ku.RawData), kuf.ToString () + ".RawData");
|
|
Assert.AreEqual (oid, ku.Oid.Value, kuf.ToString () + ".Oid.Value");
|
|
// FIXME: Don't expect that FriendlyName is English. This test fails under non-English Windows.
|
|
//Assert.AreEqual (fname, ku.Oid.FriendlyName, kuf.ToString () + ".Oid.FriendlyName");
|
|
Assert.AreEqual (kuf, ku.KeyUsages, kuf.ToString () + ".KeyUsages");
|
|
return ku;
|
|
}
|
|
|
|
[Test]
|
|
public void ConstructorKeyUsage_CRLSign ()
|
|
{
|
|
X509KeyUsageExtension ku = ValidateKeyUsage (X509KeyUsageFlags.CrlSign, "03-02-01-02");
|
|
Assert.AreEqual ("Off-line CRL Signing, CRL Signing (02)", ku.Format (false), "CRLSign");
|
|
|
|
ku = ValidateKeyUsage (X509KeyUsageFlags.DataEncipherment, "03-02-04-10");
|
|
Assert.AreEqual ("Data Encipherment (10)", ku.Format (false), "DataEncipherment");
|
|
|
|
ku = ValidateKeyUsage (X509KeyUsageFlags.DecipherOnly, "03-03-07-00-80");
|
|
Assert.AreEqual ("Decipher Only (00 80)", ku.Format (false), "DecipherOnly");
|
|
|
|
ku = ValidateKeyUsage (X509KeyUsageFlags.DigitalSignature, "03-02-07-80");
|
|
Assert.AreEqual ("Digital Signature (80)", ku.Format (false), "DigitalSignature");
|
|
|
|
ku = ValidateKeyUsage (X509KeyUsageFlags.EncipherOnly, "03-02-00-01");
|
|
Assert.AreEqual ("Encipher Only (01)", ku.Format (false), "EncipherOnly");
|
|
|
|
ku = ValidateKeyUsage (X509KeyUsageFlags.KeyAgreement, "03-02-03-08");
|
|
Assert.AreEqual ("Key Agreement (08)", ku.Format (false), "KeyAgreement");
|
|
|
|
ku = ValidateKeyUsage (X509KeyUsageFlags.KeyCertSign, "03-02-02-04");
|
|
Assert.AreEqual ("Certificate Signing (04)", ku.Format (false), "KeyCertSign");
|
|
|
|
ku = ValidateKeyUsage (X509KeyUsageFlags.KeyEncipherment, "03-02-05-20");
|
|
Assert.AreEqual ("Key Encipherment (20)", ku.Format (false), "KeyEncipherment");
|
|
|
|
ku = ValidateKeyUsage (X509KeyUsageFlags.NonRepudiation, "03-02-06-40");
|
|
Assert.AreEqual ("Non-Repudiation (40)", ku.Format (false), "NonRepudiation");
|
|
|
|
ValidateKeyUsage (X509KeyUsageFlags.DataEncipherment | X509KeyUsageFlags.DecipherOnly, "03-03-07-10-80");
|
|
ValidateKeyUsage (X509KeyUsageFlags.DigitalSignature | X509KeyUsageFlags.DecipherOnly, "03-03-07-80-80");
|
|
ValidateKeyUsage (X509KeyUsageFlags.EncipherOnly | X509KeyUsageFlags.DecipherOnly, "03-03-07-01-80");
|
|
ValidateKeyUsage (X509KeyUsageFlags.NonRepudiation | X509KeyUsageFlags.DataEncipherment, "03-02-04-50");
|
|
|
|
ku = ValidateKeyUsage (X509KeyUsageFlags.CrlSign | X509KeyUsageFlags.DataEncipherment | X509KeyUsageFlags.DecipherOnly |
|
|
X509KeyUsageFlags.DigitalSignature | X509KeyUsageFlags.EncipherOnly | X509KeyUsageFlags.KeyAgreement |
|
|
X509KeyUsageFlags.KeyCertSign | X509KeyUsageFlags.KeyEncipherment | X509KeyUsageFlags.NonRepudiation, "03-03-07-FF-80");
|
|
Assert.AreEqual ("Digital Signature, Non-Repudiation, Key Encipherment, Data Encipherment, Key Agreement, Certificate Signing, Off-line CRL Signing, CRL Signing, Encipher Only, Decipher Only (ff 80)" + Environment.NewLine,
|
|
ku.Format (true), "All");
|
|
}
|
|
|
|
[Test]
|
|
[ExpectedException (typeof (ArgumentNullException))]
|
|
public void WrongExtension_X509EnhancedKeyUsageExtension ()
|
|
{
|
|
X509EnhancedKeyUsageExtension eku = new X509EnhancedKeyUsageExtension ();
|
|
X509KeyUsageExtension ku = new X509KeyUsageExtension ();
|
|
ku.CopyFrom (eku);
|
|
}
|
|
|
|
[Test]
|
|
public void WrongExtension_X509Extension ()
|
|
{
|
|
X509Extension ex = new X509Extension ("1.2.3", new byte [0], true);
|
|
X509KeyUsageExtension ku = new X509KeyUsageExtension (X509KeyUsageFlags.CrlSign, true);
|
|
ku.CopyFrom (ex);
|
|
Assert.IsTrue (ku.Critical, "Critical");
|
|
Assert.AreEqual (String.Empty, BitConverter.ToString (ku.RawData), "RawData");
|
|
Assert.AreEqual ("1.2.3", ku.Oid.Value, "Oid.Value");
|
|
Assert.IsNull (ku.Oid.FriendlyName, "Oid.FriendlyName");
|
|
}
|
|
|
|
[Test]
|
|
[ExpectedException (typeof (CryptographicException))]
|
|
public void WrongExtension_X509Extension_KeyUsages ()
|
|
{
|
|
X509Extension ex = new X509Extension ("1.2.3", new byte[0], true);
|
|
X509KeyUsageExtension ku = new X509KeyUsageExtension ();
|
|
ku.CopyFrom (ex);
|
|
Assert.AreEqual (0, ku.KeyUsages, "KeyUsages");
|
|
}
|
|
|
|
[Test]
|
|
[ExpectedException (typeof (ArgumentException))]
|
|
public void WrongAsnEncodedData ()
|
|
{
|
|
AsnEncodedData aed = new AsnEncodedData (new byte[0]);
|
|
X509KeyUsageExtension ku = new X509KeyUsageExtension (X509KeyUsageFlags.CrlSign, true);
|
|
ku.CopyFrom (aed); // note: not the same behaviour than using the constructor!
|
|
}
|
|
|
|
[Test]
|
|
[ExpectedException (typeof (ArgumentNullException))]
|
|
public void CopyFrom_Null ()
|
|
{
|
|
X509KeyUsageExtension eku = new X509KeyUsageExtension ();
|
|
eku.CopyFrom (null);
|
|
}
|
|
|
|
[Test]
|
|
public void CopyFrom_Self ()
|
|
{
|
|
X509KeyUsageExtension ku = new X509KeyUsageExtension (X509KeyUsageFlags.CrlSign, true);
|
|
Assert.IsTrue (ku.Critical, "Critical");
|
|
byte[] raw = ku.RawData;
|
|
Assert.AreEqual ("03-02-01-02", BitConverter.ToString (raw), "RawData");
|
|
|
|
AsnEncodedData aed = new AsnEncodedData (raw);
|
|
X509KeyUsageExtension copy = new X509KeyUsageExtension (aed, false);
|
|
Assert.IsFalse (copy.Critical, "Critical");
|
|
Assert.AreEqual (4, copy.RawData.Length, "RawData"); // original Oid ignored
|
|
Assert.AreEqual (oid, copy.Oid.Value, "Oid.Value");
|
|
// FIXME: Don't expect that FriendlyName is English. This test fails under non-English Windows.
|
|
//Assert.AreEqual (fname, copy.Oid.FriendlyName, "Oid.FriendlyName");
|
|
Assert.AreEqual (X509KeyUsageFlags.CrlSign, copy.KeyUsages, "KeyUsages");
|
|
}
|
|
|
|
#if !MOBILE
|
|
[Test]
|
|
public void CreateViaCryptoConfig ()
|
|
{
|
|
// extensions can be created with CryptoConfig
|
|
AsnEncodedData aed = new AsnEncodedData (new byte[] { 0x03, 0x01, 0x00 });
|
|
X509KeyUsageExtension ku = (X509KeyUsageExtension) CryptoConfig.CreateFromName (oid, new object[2] { aed, true });
|
|
Assert.IsTrue (ku.Critical, "Critical");
|
|
Assert.AreEqual (3, ku.RawData.Length, "RawData"); // original Oid ignored
|
|
Assert.AreEqual (oid, ku.Oid.Value, "Oid.Value");
|
|
Assert.AreEqual (0, (int) ku.KeyUsages, "KeyUsages");
|
|
}
|
|
#endif
|
|
}
|
|
}
|
|
|