Skip to content

Commit b577c74

Browse files
[release/9.0-staging] [Test Only] Fix BuildChainCustomTrustStore test (#117761)
* Fix BuildChainCustomTrustStore * Allow partial chains * Try using the extra store * Fix typo * Allow untrusted root --------- Co-authored-by: Kevin Jones <[email protected]>
1 parent 1493074 commit b577c74

File tree

1 file changed

+10
-1
lines changed
  • src/libraries/System.Security.Cryptography/tests/X509Certificates

1 file changed

+10
-1
lines changed

src/libraries/System.Security.Cryptography/tests/X509Certificates/ChainTests.cs

Lines changed: 10 additions & 1 deletion
Original file line numberDiff line numberDiff line change
@@ -344,6 +344,8 @@ public static void BuildChainCustomTrustStore(
344344
chainTest.ChainPolicy.TrustMode = X509ChainTrustMode.CustomRootTrust;
345345
chainTest.ChainPolicy.ExtraStore.Add(issuerCert);
346346

347+
X509ChainStatusFlags allowedFlags = X509ChainStatusFlags.NoError;
348+
347349
switch (testArguments)
348350
{
349351
case BuildChainCustomTrustStoreTestArguments.TrustedIntermediateUntrustedRoot:
@@ -361,14 +363,21 @@ public static void BuildChainCustomTrustStore(
361363
chainHolder.DisposeChainElements();
362364
chainTest.ChainPolicy.CustomTrustStore.Remove(rootCert);
363365
chainTest.ChainPolicy.TrustMode = X509ChainTrustMode.System;
366+
chainTest.ChainPolicy.VerificationFlags = X509VerificationFlags.AllowUnknownCertificateAuthority;
367+
chainTest.ChainPolicy.ExtraStore.Add(rootCert);
368+
allowedFlags |= X509ChainStatusFlags.UntrustedRoot;
364369
break;
365370
default:
366371
throw new InvalidDataException();
367372
}
368373

369374
Assert.Equal(chainBuildsSuccessfully, chainTest.Build(endCert));
370375
Assert.Equal(3, chainTest.ChainElements.Count);
371-
Assert.Equal(chainFlags, chainTest.AllStatusFlags());
376+
377+
X509ChainStatusFlags actualFlags = chainTest.AllStatusFlags();
378+
actualFlags &= ~allowedFlags;
379+
380+
Assert.Equal(chainFlags, actualFlags);
372381
}
373382
}
374383

0 commit comments

Comments
 (0)