From 90a31ee2675d85dd50d3727085891940e841c805 Mon Sep 17 00:00:00 2001 From: Kevin Jones Date: Wed, 22 Jul 2020 12:16:51 -0400 Subject: [PATCH] Fix some scenarios for DynamicRevocationTests on macOS. --- .../X509Certificates/CertificateAuthority.cs | 2 +- .../RevocationTests/DynamicRevocationTests.cs | 28 +++++++++++++++++++++- 2 files changed, 28 insertions(+), 2 deletions(-) diff --git a/src/libraries/Common/tests/System/Security/Cryptography/X509Certificates/CertificateAuthority.cs b/src/libraries/Common/tests/System/Security/Cryptography/X509Certificates/CertificateAuthority.cs index f619379..84a2607 100644 --- a/src/libraries/Common/tests/System/Security/Cryptography/X509Certificates/CertificateAuthority.cs +++ b/src/libraries/Common/tests/System/Security/Cryptography/X509Certificates/CertificateAuthority.cs @@ -488,7 +488,7 @@ ResponderID ::= CHOICE { } } - writer.WriteGeneralizedTime(now); + writer.WriteGeneralizedTime(now, omitFractionalSeconds: true); using (writer.PushSequence()) { diff --git a/src/libraries/System.Security.Cryptography.X509Certificates/tests/RevocationTests/DynamicRevocationTests.cs b/src/libraries/System.Security.Cryptography.X509Certificates/tests/RevocationTests/DynamicRevocationTests.cs index 8e720be..ac86924 100644 --- a/src/libraries/System.Security.Cryptography.X509Certificates/tests/RevocationTests/DynamicRevocationTests.cs +++ b/src/libraries/System.Security.Cryptography.X509Certificates/tests/RevocationTests/DynamicRevocationTests.cs @@ -11,7 +11,6 @@ using Xunit; namespace System.Security.Cryptography.X509Certificates.Tests.RevocationTests { [OuterLoop("These tests run serially at about 1 second each, and the code shouldn't change that often.")] - [ActiveIssue("https://github.com/dotnet/runtime/issues/31249", TestPlatforms.OSX)] public static class DynamicRevocationTests { // The CI machines are doing an awful lot of things at once, be generous with the timeout; @@ -20,6 +19,8 @@ namespace System.Security.Cryptography.X509Certificates.Tests.RevocationTests private static readonly Oid s_tlsServerOid = new Oid("1.3.6.1.5.5.7.3.1", null); private static readonly X509ChainStatusFlags ThisOsRevocationStatusUnknown = + PlatformDetection.IsOSX ? + X509ChainStatusFlags.RevocationStatusUnknown : X509ChainStatusFlags.RevocationStatusUnknown | X509ChainStatusFlags.OfflineRevocation; @@ -57,6 +58,16 @@ namespace System.Security.Cryptography.X509Certificates.Tests.RevocationTests continue; } + // https://github.com/dotnet/runtime/issues/31249 + // not all scenarios are working on macOS. + if (PlatformDetection.IsOSX) + { + if (!endEntityRevocation.HasFlag(PkiOptions.EndEntityRevocationViaOcsp)) + { + continue; + } + } + yield return new object[] { designationOptions | issuerRevocation | endEntityRevocation }; } } @@ -83,6 +94,7 @@ namespace System.Security.Cryptography.X509Certificates.Tests.RevocationTests [Theory] [MemberData(nameof(AllViableRevocation))] + [ActiveIssue("https://github.com/dotnet/runtime/issues/31249", TestPlatforms.OSX)] public static void RevokeIntermediate(PkiOptions pkiOptions) { SimpleTest( @@ -129,6 +141,7 @@ namespace System.Security.Cryptography.X509Certificates.Tests.RevocationTests [Theory] [MemberData(nameof(AllViableRevocation))] + [ActiveIssue("https://github.com/dotnet/runtime/issues/31249", TestPlatforms.OSX)] public static void RevokeIntermediateAndEndEntity(PkiOptions pkiOptions) { SimpleTest( @@ -157,6 +170,7 @@ namespace System.Security.Cryptography.X509Certificates.Tests.RevocationTests [Theory] [MemberData(nameof(AllViableRevocation))] + [ActiveIssue("https://github.com/dotnet/runtime/issues/31249", TestPlatforms.OSX)] public static void RevokeRoot(PkiOptions pkiOptions) { SimpleTest( @@ -193,6 +207,7 @@ namespace System.Security.Cryptography.X509Certificates.Tests.RevocationTests [Theory] [MemberData(nameof(AllViableRevocation))] + [ActiveIssue("https://github.com/dotnet/runtime/issues/31249", TestPlatforms.OSX)] public static void RevokeRootAndEndEntity(PkiOptions pkiOptions) { SimpleTest( @@ -227,6 +242,7 @@ namespace System.Security.Cryptography.X509Certificates.Tests.RevocationTests [Theory] [MemberData(nameof(AllViableRevocation))] + [ActiveIssue("https://github.com/dotnet/runtime/issues/31249", TestPlatforms.OSX)] public static void RevokeRootAndIntermediate(PkiOptions pkiOptions) { SimpleTest( @@ -262,6 +278,7 @@ namespace System.Security.Cryptography.X509Certificates.Tests.RevocationTests [Theory] [MemberData(nameof(AllViableRevocation))] + [ActiveIssue("https://github.com/dotnet/runtime/issues/31249", TestPlatforms.OSX)] public static void RevokeEverything(PkiOptions pkiOptions) { SimpleTest( @@ -384,6 +401,7 @@ namespace System.Security.Cryptography.X509Certificates.Tests.RevocationTests [Theory] [InlineData(PkiOptions.OcspEverywhere)] [InlineData(PkiOptions.IssuerRevocationViaOcsp | PkiOptions.AllEndEntityRevocation)] + [ActiveIssue("https://github.com/dotnet/runtime/issues/31249", TestPlatforms.OSX)] public static void RevokeEndEntity_RootUnrelatedOcsp(PkiOptions pkiOptions) { SimpleTest( @@ -472,6 +490,7 @@ namespace System.Security.Cryptography.X509Certificates.Tests.RevocationTests [InlineData(false, true)] [InlineData(true, false)] [InlineData(true, true)] + [ActiveIssue("https://github.com/dotnet/runtime/issues/31249", TestPlatforms.OSX)] public static void RevokeIntermediate_PolicyErrors_NotTimeValid(bool policyErrors, bool notTimeValid) { SimpleTest( @@ -558,6 +577,7 @@ namespace System.Security.Cryptography.X509Certificates.Tests.RevocationTests [InlineData(false, true)] [InlineData(true, false)] [InlineData(true, true)] + [ActiveIssue("https://github.com/dotnet/runtime/issues/31249", TestPlatforms.OSX)] public static void RevokeEndEntity_PolicyErrors_NotTimeValid(bool policyErrors, bool notTimeValid) { SimpleTest( @@ -639,6 +659,7 @@ namespace System.Security.Cryptography.X509Certificates.Tests.RevocationTests [Theory] [MemberData(nameof(AllViableRevocation))] + [ActiveIssue("https://github.com/dotnet/runtime/issues/31249", TestPlatforms.OSX)] public static void RevokeEndEntity_RootRevocationOffline(PkiOptions pkiOptions) { BuildPrivatePki( @@ -712,6 +733,7 @@ namespace System.Security.Cryptography.X509Certificates.Tests.RevocationTests [Theory] [MemberData(nameof(AllViableRevocation))] + [ActiveIssue("https://github.com/dotnet/runtime/issues/31249", TestPlatforms.OSX)] public static void NothingRevoked_RootRevocationOffline(PkiOptions pkiOptions) { BuildPrivatePki( @@ -798,6 +820,7 @@ namespace System.Security.Cryptography.X509Certificates.Tests.RevocationTests [Theory] [MemberData(nameof(AllViableRevocation))] + [ActiveIssue("https://github.com/dotnet/runtime/issues/31249", TestPlatforms.OSX)] public static void RevokeIntermediateWithInvalidRevocationSignature(PkiOptions pkiOptions) { SimpleTest( @@ -826,6 +849,7 @@ namespace System.Security.Cryptography.X509Certificates.Tests.RevocationTests [Theory] [MemberData(nameof(AllViableRevocation))] + [ActiveIssue("https://github.com/dotnet/runtime/issues/31249", TestPlatforms.OSX)] public static void RevokeIntermediateWithInvalidRevocationName(PkiOptions pkiOptions) { SimpleTest( @@ -863,6 +887,7 @@ namespace System.Security.Cryptography.X509Certificates.Tests.RevocationTests [Theory] [MemberData(nameof(AllViableRevocation))] + [ActiveIssue("https://github.com/dotnet/runtime/issues/31249", TestPlatforms.OSX)] public static void RevokeIntermediateWithExpiredRevocation(PkiOptions pkiOptions) { SimpleTest( @@ -903,6 +928,7 @@ namespace System.Security.Cryptography.X509Certificates.Tests.RevocationTests [Theory] [MemberData(nameof(AllViableRevocation))] + [ActiveIssue("https://github.com/dotnet/runtime/issues/31249", TestPlatforms.OSX)] public static void CheckIntermediateWithExpiredRevocation(PkiOptions pkiOptions) { SimpleTest( -- 2.7.4