using Microsoft.DotNet.XUnitExtensions;
using System.Collections.Generic;
using System.Linq;
+using Test.Cryptography;
using Xunit;
namespace System.Security.Cryptography.X509Certificates.Tests
[ConditionalTheory(typeof(RemoteExecutor), nameof(RemoteExecutor.IsSupported))]
[MemberData(memberName: nameof(PfxIterationCountTests.GetCertsWith_IterationCountNotExceedingDefaultLimit_AndNullOrEmptyPassword_MemberData), MemberType = typeof(PfxIterationCountTests))]
- public void Import_AppContextDataWithValueMinusTwo_ActsAsDefaultLimit_IterationCountNotExceedingDefaultLimit(string name, bool usesPbes2, byte[] blob, long iterationCount)
+ public void Import_AppContextDataWithValueMinusTwo_ActsAsDefaultLimit_IterationCountNotExceedingDefaultLimit(string name, bool usesPbes2, byte[] blob, long iterationCount, bool usesRC2)
{
_ = iterationCount;
_ = blob;
throw new SkipTestException(name + " uses PBES2, which is not supported on this version.");
}
+ if (usesRC2 && !PlatformSupport.IsRC2Supported)
+ {
+ throw new SkipTestException(name + " uses RC2, which is not supported on this platform.");
+ }
+
RemoteExecutor.Invoke((certName) =>
{
AppContext.SetData("System.Security.Cryptography.Pkcs12UnspecifiedPasswordIterationLimit", -2);
[ConditionalTheory(typeof(RemoteExecutor), nameof(RemoteExecutor.IsSupported))]
[MemberData(memberName: nameof(PfxIterationCountTests.GetCertsWith_IterationCountExceedingDefaultLimit_MemberData), MemberType = typeof(PfxIterationCountTests))]
- public void Import_AppContextDataWithValueMinusTwo_ActsAsDefaultLimit_IterationCountLimitExceeded_Throws(string name, string password, bool usesPbes2, byte[] blob, long iterationCount)
+ public void Import_AppContextDataWithValueMinusTwo_ActsAsDefaultLimit_IterationCountLimitExceeded_Throws(string name, string password, bool usesPbes2, byte[] blob, long iterationCount, bool usesRC2)
{
_ = password;
_ = iterationCount;
throw new SkipTestException(name + " uses PBES2, which is not supported on this version.");
}
+ if (usesRC2 && !PlatformSupport.IsRC2Supported)
+ {
+ throw new SkipTestException(name + " uses RC2, which is not supported on this platform.");
+ }
+
RemoteExecutor.Invoke((certName) =>
{
AppContext.SetData("System.Security.Cryptography.Pkcs12UnspecifiedPasswordIterationLimit", -2);
[ConditionalTheory(typeof(RemoteExecutor), nameof(RemoteExecutor.IsSupported))]
[MemberData(memberName: nameof(PfxIterationCountTests.GetCertsWith_IterationCountNotExceedingDefaultLimit_AndNullOrEmptyPassword_MemberData), MemberType = typeof(PfxIterationCountTests))]
- public void Import_AppContextDataWithValueZero_IterationCountNotExceedingDefaultLimit_Throws(string name, bool usesPbes2, byte[] blob, long iterationCount)
+ public void Import_AppContextDataWithValueZero_IterationCountNotExceedingDefaultLimit_Throws(string name, bool usesPbes2, byte[] blob, long iterationCount, bool usesRC2)
{
_ = iterationCount;
_ = blob;
throw new SkipTestException(name + " uses PBES2, which is not supported on this version.");
}
+ if (usesRC2 && !PlatformSupport.IsRC2Supported)
+ {
+ throw new SkipTestException(name + " uses RC2, which is not supported on this platform.");
+ }
+
RemoteExecutor.Invoke((certName) =>
{
AppContext.SetData("System.Security.Cryptography.Pkcs12UnspecifiedPasswordIterationLimit", 0);
[ConditionalTheory(typeof(RemoteExecutor), nameof(RemoteExecutor.IsSupported))]
[MemberData(memberName: nameof(PfxIterationCountTests.GetCertsWith_IterationCountExceedingDefaultLimit_MemberData), MemberType = typeof(PfxIterationCountTests))]
- public void Import_AppContextDataWithValueMinusOne_IterationCountExceedingDefaultLimit(string name, string password, bool usesPbes2, byte[] blob, long iterationCount)
+ public void Import_AppContextDataWithValueMinusOne_IterationCountExceedingDefaultLimit(string name, string password, bool usesPbes2, byte[] blob, long iterationCount, bool usesRC2)
{
_ = password;
_ = blob;
throw new SkipTestException(name + " uses PBES2, which is not supported on this version.");
}
+ if (usesRC2 && !PlatformSupport.IsRC2Supported)
+ {
+ throw new SkipTestException(name + " uses RC2, which is not supported on this platform.");
+ }
+
RemoteExecutor.Invoke((certName) =>
{
AppContext.SetData("System.Security.Cryptography.Pkcs12UnspecifiedPasswordIterationLimit", -1);
[ConditionalTheory]
[MemberData(nameof(GetCertsWith_IterationCountNotExceedingDefaultLimit_AndNullOrEmptyPassword_MemberData))]
- public void Import_IterationCounLimitNotExceeded_Succeeds(string name, bool usesPbes2, byte[] blob, long iterationCount)
+ public void Import_IterationCounLimitNotExceeded_Succeeds(string name, bool usesPbes2, byte[] blob, long iterationCount, bool usesRC2)
{
if (usesPbes2 && !PfxTests.Pkcs12PBES2Supported)
{
throw new SkipTestException(name + " uses PBES2, which is not supported on this version.");
}
+ if (usesRC2 && !PlatformSupport.IsRC2Supported)
+ {
+ throw new SkipTestException(name + " uses RC2, which is not supported on this platform.");
+ }
+
if (PfxTests.IsPkcs12IterationCountAllowed(iterationCount, PfxTests.DefaultIterations))
{
X509Certificate cert = Import(blob);
[ConditionalTheory]
[MemberData(nameof(GetCertsWith_IterationCountExceedingDefaultLimit_MemberData))]
- public void Import_IterationCountLimitExceeded_Throws(string name, string password, bool usesPbes2, byte[] blob, long iterationCount)
+ public void Import_IterationCountLimitExceeded_Throws(string name, string password, bool usesPbes2, byte[] blob, long iterationCount, bool usesRC2)
{
_ = password;
_ = iterationCount;
throw new SkipTestException(name + " uses PBES2, which is not supported on this version.");
}
+ if (usesRC2 && !PlatformSupport.IsRC2Supported)
+ {
+ throw new SkipTestException(name + " uses RC2, which is not supported on this platform.");
+ }
+
CryptographicException ce = Assert.Throws<CryptographicException>(() => Import(blob));
Assert.Contains(FwlinkId, ce.Message);
}
[ConditionalTheory]
[MemberData(nameof(GetCertsWith_IterationCountExceedingDefaultLimit_MemberData))]
- public void ImportWithPasswordOrFileName_IterationCountLimitExceeded(string name, string password, bool usesPbes2, byte[] blob, long iterationCount)
+ public void ImportWithPasswordOrFileName_IterationCountLimitExceeded(string name, string password, bool usesPbes2, byte[] blob, long iterationCount, bool usesRC2)
{
_ = iterationCount;
throw new SkipTestException(name + " uses PBES2, which is not supported on this version.");
}
+ if (usesRC2 && !PlatformSupport.IsRC2Supported)
+ {
+ throw new SkipTestException(name + " uses RC2, which is not supported on this platform.");
+ }
+
using (TempFileHolder tempFile = new TempFileHolder(blob))
{
string fileName = tempFile.FilePath;
[ConditionalTheory]
[MemberData(nameof(GetCertsWith_NonNullOrEmptyPassword_MemberData))]
- public void Import_NonNullOrEmptyPasswordExpected_Throws(string name, string password, bool usesPbes2, byte[] blob, long iterationCount)
+ public void Import_NonNullOrEmptyPasswordExpected_Throws(string name, string password, bool usesPbes2, byte[] blob, long iterationCount, bool usesRC2)
{
if (usesPbes2 && !PfxTests.Pkcs12PBES2Supported)
{
throw new SkipTestException(name + " uses PBES2, which is not supported on this version.");
}
+ if (usesRC2 && !PlatformSupport.IsRC2Supported)
+ {
+ throw new SkipTestException(name + " uses RC2, which is not supported on this platform.");
+ }
+
CryptographicException ce = Assert.ThrowsAny<CryptographicException>(() => Import(blob));
if (PfxTests.IsPkcs12IterationCountAllowed(iterationCount, PfxTests.DefaultIterations))
}
}
- [Fact]
+ [ConditionalFact(typeof(PlatformSupport), nameof(PlatformSupport.IsRC2Supported))]
public void ExportedPfxWithNullPassword_DecryptReturnsValidPaddingWithEmptyPassword()
{
Assert.NotNull(Import(TestData.MsCertificateExportedToPfx_NullPassword));
certificates.Add(new PfxInfo(
nameof(TestData.Pkcs12WindowsDotnetExportEmptyPassword), "", 6000, false, TestData.Pkcs12WindowsDotnetExportEmptyPassword));
certificates.Add(new PfxInfo(
- nameof(TestData.Pkcs12MacosKeychainCreated), null, 4097, false, TestData.Pkcs12MacosKeychainCreated));
+ nameof(TestData.Pkcs12MacosKeychainCreated), null, 4097, false, TestData.Pkcs12MacosKeychainCreated, usesRC2: true));
certificates.Add(new PfxInfo(
nameof(TestData.Pkcs12BuilderSaltWithMacNullPassword), null, 120000, true, TestData.Pkcs12BuilderSaltWithMacNullPassword));
certificates.Add(new PfxInfo(
{
if (p.IterationCount <= DefaultIterationLimit && string.IsNullOrEmpty(p.Password))
{
- yield return new object[] { p.Name, p.UsesPbes2, p.Blob, p.IterationCount };
+ yield return new object[] { p.Name, p.UsesPbes2, p.Blob, p.IterationCount, p.UsesRC2 };
}
}
}
{
if (p.IterationCount > DefaultIterationLimit)
{
- yield return new object[] { p.Name, p.Password, p.UsesPbes2, p.Blob, p.IterationCount };
+ yield return new object[] { p.Name, p.Password, p.UsesPbes2, p.Blob, p.IterationCount, p.UsesRC2 };
}
}
}
{
if (!string.IsNullOrEmpty(p.Password))
{
- yield return new object[] { p.Name, p.Password, p.UsesPbes2, p.Blob, p.IterationCount };
+ yield return new object[] { p.Name, p.Password, p.UsesPbes2, p.Blob, p.IterationCount, p.UsesRC2 };
}
}
}
internal long IterationCount { get; set; }
internal bool UsesPbes2 { get; set; }
internal byte[] Blob { get; set; }
+ internal bool UsesRC2 { get; set; }
- internal PfxInfo(string name, string password, long iterationCount, bool usesPbes2, byte[] blob)
+ internal PfxInfo(string name, string password, long iterationCount, bool usesPbes2, byte[] blob, bool usesRC2 = false)
{
Name = name;
Password = password;
IterationCount = iterationCount;
UsesPbes2 = usesPbes2;
Blob = blob;
+ UsesRC2 = usesRC2;
}
}
}