public void IsValidForPurposeFast_WithNoEku_ReturnsTrueForCodeSigningEku()
{
using (var certificate = SigningTestUtility.GenerateCertificate("test", generator => { }))
{
Assert.Equal(0, GetExtendedKeyUsageCount(certificate));
Assert.True(CertificateUtility.IsValidForPurposeFast(certificate, Oids.CodeSigningEku));
}
}
private static X509Certificate2Collection FilterCodeSigningCertificates(X509Certificate2Collection matchingCollection)
{
var filteredCollection = new X509Certificate2Collection();
foreach (var certificate in matchingCollection)
{
if (CertificateUtility.IsValidForPurposeFast(certificate, Oids.CodeSigningEku))
{
filteredCollection.Add(certificate);
}
}
return(filteredCollection);
}
public void IsValidForPurposeFast_WithAnyExtendedKeyUsage_ReturnsFalseForCodeSigningEku()
{
using (var certificate = SigningTestUtility.GenerateCertificate("test",
generator =>
{
generator.AddExtension(
X509Extensions.ExtendedKeyUsage.Id,
critical: false,
extensionValue: new ExtendedKeyUsage(KeyPurposeID.IdKPEmailProtection, KeyPurposeID.AnyExtendedKeyUsage));
}))
{
Assert.Equal(2, GetExtendedKeyUsageCount(certificate));
Assert.False(CertificateUtility.IsValidForPurposeFast(certificate, Oids.CodeSigningEku));
}
}
public void IsValidForPurposeFast_WithAnyExtendedKeyUsage_ReturnsFalseForCodeSigningEku()
{
using (var certificate = SigningTestUtility.GenerateCertificate("test",
generator =>
{
var usages = new OidCollection {
new Oid(TestOids.IdKpEmailProtection), new Oid(TestOids.AnyExtendedKeyUsage)
};
generator.Extensions.Add(
new X509EnhancedKeyUsageExtension(
usages,
critical: false));
}))
{
Assert.Equal(2, GetExtendedKeyUsageCount(certificate));
Assert.False(CertificateUtility.IsValidForPurposeFast(certificate, Oids.CodeSigningEku));
}
}