1 /* 2 * Licensed to the Apache Software Foundation (ASF) under one or more 3 * contributor license agreements. See the NOTICE file distributed with 4 * this work for additional information regarding copyright ownership. 5 * The ASF licenses this file to You under the Apache License, Version 2.0 6 * (the "License"); you may not use this file except in compliance with 7 * the License. You may obtain a copy of the License at 8 * 9 * http://www.apache.org/licenses/LICENSE-2.0 10 * 11 * Unless required by applicable law or agreed to in writing, software 12 * distributed under the License is distributed on an "AS IS" BASIS, 13 * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. 14 * See the License for the specific language governing permissions and 15 * limitations under the License. 16 */ 17 18 /** 19 * @author Vera Y. Petrashkova 20 */ 21 22 package org.apache.harmony.security.tests.java.security; 23 24 import java.io.ByteArrayOutputStream; 25 import java.security.Key; 26 import java.security.KeyStore; 27 import java.security.KeyStoreException; 28 import java.security.KeyStoreSpi; 29 import java.security.NoSuchProviderException; 30 import java.security.PrivateKey; 31 import java.security.Provider; 32 import java.security.UnrecoverableEntryException; 33 import java.security.UnrecoverableKeyException; 34 import java.security.cert.Certificate; 35 import java.util.Arrays; 36 37 import org.apache.harmony.security.tests.support.KeyStoreTestSupport; 38 import org.apache.harmony.security.tests.support.MyKeyStoreSpi; 39 import org.apache.harmony.security.tests.support.MyLoadStoreParams; 40 import org.apache.harmony.security.tests.support.SpiEngUtils; 41 import org.apache.harmony.security.tests.support.TestKeyPair; 42 43 import junit.framework.TestCase; 44 45 /** 46 * Tests for <code>KeyStore</code> constructor and methods 47 * 48 */ 49 50 public class KeyStore_Impl1Test extends TestCase { 51 52 public static final String srvKeyStore = KeyStoreTestSupport.srvKeyStore; 53 public static String[] validValues = KeyStoreTestSupport.validValues; 54 55 private static final String[] aliases = { "", "alias", "Alias", "ALIAS", 56 "new alias", "another alias", "ADDITIONAL", "THE SAME ALIAS" }; 57 58 private static String[] invalidValues = SpiEngUtils.invalidValues; 59 60 public static String defaultType = KeyStoreTestSupport.defaultType; 61 public static boolean JKSSupported = KeyStoreTestSupport.JKSSupported; 62 public static String defaultProviderName = KeyStoreTestSupport.defaultProviderName; 63 public static Provider defaultProvider = KeyStoreTestSupport.defaultProvider; 64 65 private static String NotSupportMsg = "Default KeyStore type is not supported"; 66 67 public KeyStore[] createKS() throws Exception { 68 assertTrue(NotSupportMsg, JKSSupported); 69 KeyStore[] kpg = new KeyStore[3]; 70 71 kpg[0] = KeyStore.getInstance(defaultType); 72 kpg[1] = KeyStore.getInstance(defaultType, defaultProvider); 73 kpg[2] = KeyStore.getInstance(defaultType, defaultProviderName); 74 return kpg; 75 } 76 77 /** 78 * Test for <code>getInstance(String type)</code> method 79 * Assertion: 80 * returns KeyStoreException object 81 */ 82 public void testKeyStore03() throws KeyStoreException { 83 assertTrue(NotSupportMsg, JKSSupported); 84 KeyStore ks; 85 for (int i = 0; i < validValues.length; i++) { 86 ks = KeyStore.getInstance(validValues[i]); 87 assertEquals("Incorrect type", ks.getType(), validValues[i]); 88 } 89 } 90 91 /** 92 * Test for <code>getInstance(String type, String provider)</code> method 93 * Assertion: throws IllegalArgumentException when provider is null or empty 94 */ 95 public void testKeyStore04() throws Exception { 96 assertTrue(NotSupportMsg, JKSSupported); 97 String provider = null; 98 for (int i = 0; i < validValues.length; i++) { 99 try { 100 KeyStore.getInstance(validValues[i], provider); 101 fail("IllegalArgumentException must be thrown when provider is null (type: " 102 .concat(validValues[i]).concat(" )")); 103 } catch (IllegalArgumentException e) { 104 } 105 try { 106 KeyStore.getInstance(validValues[i], ""); 107 fail("IllegalArgumentException must be thrown when provider is empty (type: " 108 .concat(validValues[i]).concat(" )")); 109 } catch (IllegalArgumentException e) { 110 } 111 } 112 } 113 114 /** 115 * Test for <code>getInstance(String type, String provider)</code> method 116 * Assertion: throws NoSuchProviderException when provider is not available 117 */ 118 public void testKeyStore05() throws KeyStoreException { 119 assertTrue(NotSupportMsg, JKSSupported); 120 for (int i = 0; i < validValues.length; i++) { 121 for (int j = 1; j < invalidValues.length; j++) { 122 try { 123 KeyStore.getInstance(validValues[i], invalidValues[j]); 124 fail("NoSuchProviderException must be thrown (type: " 125 .concat(validValues[i]).concat(" provider: ") 126 .concat(invalidValues[j]).concat(" )")); 127 } catch (NoSuchProviderException e) { 128 } 129 } 130 } 131 } 132 133 /** 134 * Test for <code>getInstance(String type, String provider)</code> method 135 * Assertion: 136 * throws NullPointerException when type is null 137 * throws KeyStoreException when type is not available 138 */ 139 public void testKeyStore06() throws NoSuchProviderException { 140 assertTrue(NotSupportMsg, JKSSupported); 141 try { 142 KeyStore.getInstance(null, defaultProviderName); 143 fail("KeyStoreException must be thrown when type is null"); 144 } catch (KeyStoreException e) { 145 } catch (NullPointerException e) { 146 } 147 for (int i = 0; i < invalidValues.length; i++) { 148 try { 149 KeyStore.getInstance(invalidValues[i], defaultProviderName); 150 fail("KeyStoreException must be thrown (type: ".concat( 151 invalidValues[i]).concat(" provider: ").concat( 152 defaultProviderName).concat(" )")); 153 } catch (KeyStoreException e) { 154 } 155 } 156 } 157 158 /** 159 * Test for <code>getInstance(String type, String provider)</code> method 160 * Assertion: returns KeyStore object 161 */ 162 public void testKeyStore07() throws Exception { 163 assertTrue(NotSupportMsg, JKSSupported); 164 KeyStore ks; 165 for (int i = 0; i < validValues.length; i++) { 166 ks = KeyStore.getInstance(validValues[i], defaultProviderName); 167 assertEquals("Incorrect type", ks.getType(), validValues[i]); 168 assertEquals("Incorrect provider", ks.getProvider().getName(), 169 defaultProviderName); 170 } 171 } 172 173 /** 174 * Test for <code>getInstance(String type, Provider provider)</code> method 175 * Assertion: throws IllegalArgumentException when provider is null 176 */ 177 public void testKeyStore08() throws KeyStoreException { 178 assertTrue(NotSupportMsg, JKSSupported); 179 Provider provider = null; 180 for (int i = 0; i < validValues.length; i++) { 181 try { 182 KeyStore.getInstance(validValues[i], provider); 183 fail("IllegalArgumentException must be thrown when provider is null (type: " 184 .concat(validValues[i]).concat(" )")); 185 } catch (IllegalArgumentException e) { 186 } 187 } 188 } 189 190 /** 191 * Test for <code>getInstance(String type, Provider provider)</code> 192 * method 193 * Assertions: 194 * throws NullPointerException when type is null 195 * throws KeyStoreException when type is not available 196 */ 197 public void testKeyStore09() { 198 assertTrue(NotSupportMsg, JKSSupported); 199 try { 200 KeyStore.getInstance(null, defaultProvider); 201 fail("KeyStoreException must be thrown when type is null"); 202 } catch (KeyStoreException e) { 203 } catch (NullPointerException e) { 204 } 205 for (int i = 0; i < invalidValues.length; i++) { 206 try { 207 KeyStore.getInstance(invalidValues[i], defaultProvider); 208 fail("KeyStoreException must be thrown when type is null (type: " 209 .concat(invalidValues[i]).concat(" provider: ").concat( 210 defaultProvider.getName()).concat(" )")); 211 } catch (KeyStoreException e) { 212 } 213 } 214 } 215 216 /** 217 * Test for <code>getInstance(String type, Provider provider)</code> 218 * method 219 * Assertion: returns KeyStore object 220 */ 221 public void testKeyStore10() throws KeyStoreException { 222 assertTrue(NotSupportMsg, JKSSupported); 223 KeyStore ks; 224 for (int i = 0; i < validValues.length; i++) { 225 ks = KeyStore.getInstance(validValues[i], defaultProvider); 226 assertEquals("Incorrect type", ks.getType(), validValues[i]); 227 assertEquals("Incorrect provider", ks.getProvider(), 228 defaultProvider); 229 } 230 } 231 232 /** 233 * Test for methods: 234 * <code>getKey(String alias, char[] password)</code> 235 * <code>getCertificateChain(String alias)</code> 236 * <code>getCertificate(String alias)</code> 237 * <code>getCreationDate(String alias)</code> 238 * <code>setKeyEntry(String alias, Key key, char[] password, Certificate[] chain)</code> 239 * <code>setKeyEntry(String alias, byte[] key, Certificate[] chain)</code> 240 * <code>setCertificateEntry(String alias, Certificate cert)</code> 241 * <code>deleteEntry(String alias)</code> 242 * <code>Enumeration aliases()</code> 243 * <code>containsAlias(String alias)</code> 244 * <code>size()</code> 245 * <code>isKeyEntry(String alias)</code> 246 * <code>isCertificateEntry(String alias)</code> 247 * <code>getCertificateAlias(Certificate cert)</code> 248 * <code>store(OutputStream stream, char[] password)</code> 249 * Assertion: throws KeyStoreException when KeyStore was not initialized 250 */ 251 public void testKeyStore11() throws Exception { 252 assertTrue(NotSupportMsg, JKSSupported); 253 String msgF ="KeyStoreException must be thrown because KeyStore was not initialized"; 254 KeyStore [] kss = createKS(); 255 assertNotNull("KeyStore objects were not created", kss); 256 for (int i = 0; i < kss.length; i++) { 257 try { 258 kss[i].getKey("", new char[1]); 259 fail(msgF); 260 } catch (KeyStoreException e) { 261 } 262 try { 263 kss[i].getCertificateChain(""); 264 fail(msgF); 265 } catch (KeyStoreException e) { 266 } 267 try { 268 kss[i].getCertificate(""); 269 fail(msgF); 270 } catch (KeyStoreException e) { 271 } 272 try { 273 kss[i].getCreationDate(""); 274 fail(msgF); 275 } catch (KeyStoreException e) { 276 } 277 try { 278 kss[i].aliases(); 279 fail(msgF); 280 } catch (KeyStoreException e) { 281 } 282 try { 283 kss[i].containsAlias(""); 284 fail(msgF); 285 } catch (KeyStoreException e) { 286 } 287 try { 288 kss[i].size(); 289 fail(msgF); 290 } catch (KeyStoreException e) { 291 } 292 try { 293 kss[i].setKeyEntry("", null, new char[0], new Certificate[0]); 294 fail(msgF); 295 } catch (KeyStoreException e) { 296 } 297 try { 298 kss[i].setKeyEntry("", new byte[0], new Certificate[0]); 299 fail(msgF); 300 } catch (KeyStoreException e) { 301 } 302 try { 303 kss[i].setCertificateEntry("", null); 304 fail(msgF); 305 } catch (KeyStoreException e) { 306 } 307 try { 308 kss[i].deleteEntry(""); 309 fail(msgF); 310 } catch (KeyStoreException e) { 311 } 312 try { 313 kss[i].isKeyEntry(""); 314 fail(msgF); 315 } catch (KeyStoreException e) { 316 } 317 try { 318 kss[i].isCertificateEntry(""); 319 fail(msgF); 320 } catch (KeyStoreException e) { 321 } 322 try { 323 kss[i].getCertificateAlias(null); 324 fail(msgF); 325 } catch (KeyStoreException e) { 326 } 327 ByteArrayOutputStream ba = new ByteArrayOutputStream(); 328 try { 329 kss[i].store(ba, new char[0]); 330 fail(msgF); 331 } catch (KeyStoreException e) { 332 } 333 try { 334 kss[i].store(new MyLoadStoreParams( 335 new KeyStore.PasswordProtection(new char[0]))); 336 fail(msgF); 337 } catch (KeyStoreException e) { 338 } 339 KeyStore.TrustedCertificateEntry entry = new KeyStore.TrustedCertificateEntry( 340 new KeyStoreTestSupport.MCertificate("type", new byte[0])); 341 try { 342 kss[i].setEntry("aaa", entry, null); 343 fail(msgF); 344 } catch (KeyStoreException e) { 345 } 346 try { 347 kss[i].getEntry("aaa", null); 348 fail(msgF); 349 } catch (KeyStoreException e) { 350 } 351 } 352 } 353 354 /** 355 * Test for 356 * <code>setEntry(String alias, KeyStore.Entry entry, KeyStore.ProtectionParameter params)</code> 357 * <code>containsAlias(String alias)</code> 358 * <code>getEntry(String alias)</code> 359 * <code>getCertificate(String alias)</code> 360 * <code>isCertificateEntry(String alias)</code> 361 * <code>isKeyEntry(String alias)</code> 362 * methods Assertions: setEntry(..) throws NullPointerException when alias 363 * or entry is null; 364 * 365 * containsAlias(..), getEntry(..), isCertificateEntry(..), isKeyEntry(...) 366 * throw NullPointerException when alias is null; 367 * 368 * setEntry(..) stores Entry and getEntry(..) returns it when 369 * KeyStore.TrustedCertificateEntry is used; getCertificate(...) returns 370 * used trusted certificate. 371 * 372 */ 373 public void testEntry01() throws Exception { 374 assertTrue(NotSupportMsg, JKSSupported); 375 KeyStoreTestSupport.MCertificate trust = new KeyStoreTestSupport.MCertificate( 376 "type", new byte[0]); 377 KeyStore.TrustedCertificateEntry entry = new KeyStore.TrustedCertificateEntry( 378 trust); 379 KeyStore[] kss = createKS(); 380 assertNotNull("KeyStore objects were not created", kss); 381 382 for (int i = 0; i < kss.length; i++) { 383 kss[i].load(null, null); 384 try { 385 kss[i].setEntry(null, entry, null); 386 fail("NullPointerException should be thrown when alias is null"); 387 } catch (NullPointerException e) { 388 } 389 try { 390 kss[i].setEntry("ZZZ", null, null); 391 fail("NullPointerException should be thrown when entry is null"); 392 } catch (NullPointerException e) { 393 } 394 for (int j = 0; j < aliases.length; j++) { 395 kss[i].setEntry(aliases[j], entry, null); 396 } 397 } 398 for (int i = 0; i < kss.length; i++) { 399 try { 400 kss[i].containsAlias(null); 401 fail("NullPointerException should be thrown when alias is null"); 402 } catch (NullPointerException e) { 403 } 404 try { 405 kss[i].isCertificateEntry(null); 406 fail("NullPointerException should be thrown when alias is null"); 407 } catch (NullPointerException e) { 408 } 409 try { 410 kss[i].isKeyEntry(null); 411 fail("NullPointerException should be thrown when alias is null"); 412 } catch (NullPointerException e) { 413 } 414 try { 415 kss[i].getEntry(null, null); 416 fail("NullPointerException should be thrown when alias is null"); 417 } catch (NullPointerException e) { 418 } 419 KeyStore.Entry en; 420 for (int j = 0; j < aliases.length; j++) { 421 assertFalse("Incorrect alias", kss[i].containsAlias("Bad" 422 .concat(aliases[j]))); 423 assertTrue("Incorrect alias", kss[i].containsAlias(aliases[j])); 424 assertTrue("Not CertificateEntry", kss[i] 425 .isCertificateEntry(aliases[j])); 426 assertFalse("Incorrect KeyEntry", kss[i].isKeyEntry(aliases[j])); 427 en = kss[i].getEntry(aliases[j], null); 428 assertTrue("Incorrect Entry", 429 en instanceof KeyStore.TrustedCertificateEntry); 430 assertEquals("Incorrect certificate", 431 ((KeyStore.TrustedCertificateEntry) en) 432 .getTrustedCertificate(), entry 433 .getTrustedCertificate()); 434 assertEquals("Incorrect certificate", kss[i] 435 .getCertificate(aliases[j]), trust); 436 } 437 } 438 } 439 440 441 /** 442 * Test for 443 * <code>setEntry(String alias, KeyStore.Entry entry, KeyStore.ProtectionParameter params)</code> 444 * <code>containsAlias(String alias)</code> 445 * <code>getEntry(String alias)</code> 446 * <code>isCertificateEntry(String alias)</code> 447 * <code>isKeyEntry(String alias)</code> 448 * methods 449 * Assertions: 450 * getEntry(...) throws KeyStoreException if password is incorrect; 451 * setEntry(..) throws KeyStoreException if password is destroyed; 452 * 453 * setEntry(..) throws KeyStoreException when incorrect Entry is used; 454 * 455 * setEntry(..) stores Entry and getEntry(...) returns it when 456 * KeyStore.PrivateKeyEntry is used. 457 * 458 */ 459 public void testEntry02() throws Exception { 460 assertTrue(NotSupportMsg, JKSSupported); 461 TestKeyPair tkp = new TestKeyPair("DSA"); 462 KeyStoreTestSupport.MCertificate certs[] = { 463 new KeyStoreTestSupport.MCertificate("DSA", tkp.getPrivate() 464 .getEncoded()), 465 new KeyStoreTestSupport.MCertificate("DSA", tkp.getPrivate() 466 .getEncoded()) }; 467 PrivateKey privKey = tkp.getPrivate(); 468 KeyStore.PrivateKeyEntry pKey = new KeyStore.PrivateKeyEntry(privKey, 469 certs); 470 char[] pwd = { 'p', 'a', 's', 's', 'w', 'd' }; 471 KeyStore.PasswordProtection pPath = new KeyStore.PasswordProtection(pwd); 472 KeyStore.PasswordProtection anotherPath = new KeyStore.PasswordProtection( 473 new char[0]); 474 KeyStoreTestSupport.ProtPar pPar = new KeyStoreTestSupport.ProtPar(); 475 KeyStore[] kss = createKS(); 476 assertNotNull("KeyStore objects were not created", kss); 477 for (int i = 0; i < kss.length; i++) { 478 kss[i].load(null, null); 479 for (int j = 0; j < aliases.length; j++) { 480 kss[i].setEntry(aliases[j], pKey, pPath); 481 } 482 KeyStore.Entry en; 483 Certificate[] cc; 484 for (int j = 0; j < aliases.length; j++) { 485 assertTrue("Incorrect alias", kss[i].containsAlias(aliases[j])); 486 assertTrue("Not KeyEntry", kss[i].isKeyEntry(aliases[j])); 487 assertFalse("Incorrect CertificateEntry", kss[i] 488 .isCertificateEntry(aliases[j])); 489 490 en = kss[i].getEntry(aliases[j], pPath); 491 assertTrue("Incorrect Entry", 492 en instanceof KeyStore.PrivateKeyEntry); 493 Key key = pKey.getPrivateKey(); 494 Key key1 = ((KeyStore.PrivateKeyEntry) en).getPrivateKey(); 495 if (!key.getAlgorithm().equals(key1.getAlgorithm()) || 496 !key.getFormat().equals(key1.getFormat())) { 497 fail("Incorrect key"); 498 } 499 byte[] enc = key.getEncoded(); 500 byte[] enc1 = key1.getEncoded(); 501 assertTrue("Diff. keys encoding", Arrays.equals(enc, enc1)); 502 503 cc = ((KeyStore.PrivateKeyEntry) en).getCertificateChain(); 504 assertEquals("Incorrect CertificateChain", cc.length, 505 certs.length); 506 for (int t = 0; t < cc.length; t++) { 507 assertEquals("Incorrect CertificateChain", cc[t], certs[t]); 508 } 509 510 key = kss[i].getKey(aliases[j], pwd); 511 key1 = privKey; 512 if (!key.getAlgorithm().equals(key1.getAlgorithm()) || 513 !key.getFormat().equals(key1.getFormat())) { 514 fail("Incorrect Entry: key"); 515 } 516 enc = key.getEncoded(); 517 enc1 = key1.getEncoded(); 518 assertTrue("Incorrect Entry: Diff. keys encoding", Arrays.equals(enc, enc1)); 519 520 cc = kss[i].getCertificateChain(aliases[j]); 521 assertEquals("Incorrect CertificateChain", cc.length, 522 certs.length); 523 for (int t = 0; t < cc.length; t++) { 524 assertEquals("Incorrect CertificateChain", cc[t], certs[t]); 525 } 526 try { 527 kss[i].getEntry(aliases[j], anotherPath); 528 fail("KeyStoreException or UnrecoverableEntryException should be thrown " 529 + "because password is incorrect"); 530 } catch (KeyStoreException e) { 531 } catch (UnrecoverableEntryException e) { 532 } 533 } 534 } 535 pPath.destroy(); 536 for (int i = 0; i < kss.length; i++) { 537 try { 538 kss[i].setEntry("ZZZ", pKey, pPath); 539 fail("KeyStoreException should be thrown because password is destroyed"); 540 } catch (KeyStoreException e) { 541 } 542 543 for (int j = 0; j < aliases.length; j++) { 544 try { 545 kss[i].getEntry(aliases[j], pPath); 546 fail("KeyStoreException should be thrown because password is destroyed"); 547 } catch (KeyStoreException e) { 548 } 549 550 try { 551 kss[i].getEntry(aliases[j], pPar); 552 fail("UnrecoverableEntryException should be thrown"); 553 } catch (UnrecoverableEntryException e) { 554 } 555 } 556 } 557 } 558 559 /** 560 * Test for 561 * <code>setEntry(String alias, KeyStore.Entry entry, KeyStore.ProtectionParameter params)</code> 562 * <code>containsAlias(String alias)</code> 563 * <code>getEntry(String alias)</code> 564 * <code>isCertificateEntry(String alias)</code> 565 * <code>isKeyEntry(String alias)</code> 566 * methods 567 * Assertions: 568 * setEntry(..) stores used entry and getEntry(..) returns it when 569 * KeyStore.SecretKeyEntry is used; 570 * 571 * setEntry(..) throws KeyStoreException when incorrect Entry is used. 572 * 573 * FIXME: this test should be changed to verify SecretKeyEntry. 574 * It is not supported. 575 */ 576 public void testEntry03() throws Exception { 577 assertTrue(NotSupportMsg, JKSSupported); 578 TestKeyPair tkp = new TestKeyPair("DSA"); 579 KeyStoreTestSupport.SKey secKey = new KeyStoreTestSupport.SKey("DSA", 580 tkp.getPrivate().getEncoded()); 581 KeyStore.SecretKeyEntry sKey = new KeyStore.SecretKeyEntry( 582 secKey); 583 char [] pwd = {'p', 'a', 's', 's', 'w', 'd'}; 584 KeyStore.PasswordProtection pPath = new KeyStore.PasswordProtection(pwd); 585 KeyStoreTestSupport.AnotherEntry aEntry = new KeyStoreTestSupport.AnotherEntry(); 586 KeyStoreTestSupport.ProtPar pPar = new KeyStoreTestSupport.ProtPar(); 587 KeyStore [] kss = createKS(); 588 assertNotNull("KeyStore objects were not created", kss); 589 for (int i = 0; i < kss.length; i++) { 590 kss[i].load(null, null); 591 for (int j = 0; j < aliases.length; j++) { 592 try { 593 kss[i].setEntry(aliases[j], sKey, pPath); 594 } catch (KeyStoreException e) { 595 //logln("testEntry03: non-PrivateKeys not supported."); 596 return; 597 } 598 } 599 600 for (int j = 0; j < aliases.length; j++) { 601 assertTrue("Incorrect alias", kss[i].containsAlias(aliases[j])); 602 assertTrue("Not KeyEntry", kss[i].isKeyEntry(aliases[j])); 603 assertFalse("Incorrect CertificateEntry", kss[i].isCertificateEntry(aliases[j])); 604 Key key1; 605 try { 606 key1 = kss[i].getKey(aliases[j], pwd); 607 } catch (UnrecoverableKeyException e) { 608 //logln("testEntry03: non-PrivateKeys not supported."); 609 return; 610 } 611 if (!secKey.getAlgorithm().equals(key1.getAlgorithm()) || 612 !secKey.getFormat().equals(key1.getFormat())) { 613 fail("Incorrect key"); 614 } 615 byte[] enc = secKey.getEncoded(); 616 byte[] enc1 = key1.getEncoded(); 617 assertTrue("Diff. keys encoding", Arrays.equals(enc, enc1)); 618 assertNull("Incorrect CertificateChain", kss[i].getCertificateChain(aliases[j])); 619 } 620 } 621 pPath.destroy(); 622 for (int i = 0; i < kss.length; i++) { 623 try { 624 kss[i].setEntry("ZZZ", aEntry, pPath); 625 fail("KeyStoreException should be thrown because password is destroyed"); 626 } catch (KeyStoreException e) { 627 } 628 for (int j = 0; j < aliases.length; j++) { 629 try { 630 kss[i].getEntry(aliases[j], pPath); 631 fail("KeyStoreException should be thrown because password is destroyed"); 632 } catch (KeyStoreException e) { 633 } 634 try { 635 kss[i].getEntry(aliases[j], pPar); 636 fail("UnrecoverableEntryException should be thrown"); 637 } catch (UnrecoverableEntryException e) { 638 } 639 } 640 } 641 } 642 643 644 /** 645 * Test for 646 * <code>setCertificateEntry(String alias, Certificate cert)</code> 647 * <code>containsAlias(String alias)</code> 648 * <code>getCertificate(String alias)</code> 649 * <code>isCertificateEntry(String alias)</code> 650 * methods 651 * Assertions: 652 * setCertificateEntry(..), containsAlias(..), getCertificate(..) and isCertificateEntry(..) 653 * throw NullPointerException when alias is null 654 * 655 * setCertificateEntry(..) stores used entry and getCertificate(..) returns it 656 * 657 */ 658 public void testEntry04() throws Exception { 659 assertTrue(NotSupportMsg, JKSSupported); 660 KeyStoreTestSupport.MCertificate cert = new KeyStoreTestSupport.MCertificate( 661 "type", new byte[0]); 662 KeyStore [] kss = createKS(); 663 assertNotNull("KeyStore objects were not created", kss); 664 665 for (int i = 0; i < kss.length; i++) { 666 kss[i].load(null, null); 667 try { 668 kss[i].setCertificateEntry(null, cert); 669 fail("NullPointerException should be thrown when alias is null"); 670 } catch (NullPointerException e) { 671 } 672 for (int j = 0; j < aliases.length; j++) { 673 kss[i].setCertificateEntry(aliases[j], cert); 674 } 675 } 676 for (int i = 0; i < kss.length; i++) { 677 try { 678 kss[i].containsAlias(null); 679 fail("NullPointerException should be thrown when alias is null"); 680 } catch (NullPointerException e) { 681 } 682 try { 683 kss[i].isCertificateEntry(null); 684 fail("NullPointerException should be thrown when alias is null"); 685 } catch (NullPointerException e) { 686 } 687 try { 688 kss[i].getCertificate(null); 689 fail("NullPointerException should be thrown when alias is null"); 690 } catch (NullPointerException e) { 691 } 692 for (int j = 0; j < aliases.length; j++) { 693 assertFalse("Incorrect alias", kss[i].containsAlias("Bad".concat(aliases[j]))); 694 assertTrue("Incorrect alias", kss[i].containsAlias(aliases[j])); 695 assertTrue("Not CertificateEntry", kss[i].isCertificateEntry(aliases[j])); 696 assertFalse("Incorrect KeyEntry", kss[i].isKeyEntry(aliases[j])); 697 assertEquals("Incorrect Certificate", kss[i].getCertificate(aliases[j]), 698 cert); 699 } 700 } 701 } 702 703 /** 704 * Test for 705 * <code>setKeyEntry(String alias, Key key, char[] password, Certificate[] chain)</code> 706 * <code>containsAlias(String alias)</code> 707 * <code>getKey(String alias, char[] password)</code> 708 * <code>isCertificateEntry(String alias)</code> 709 * <code>isKeyEntry(String alias)</code> 710 * <code>setCerificateEntry(String alias, Certificate cert)</code> 711 * <code>getCertificateChain(String alias)</code> 712 * <code>getCertificateAlias(Certificate cert)</code> 713 * methods 714 * 715 * Assertions: 716 * setKeyEntry(..), getKeyEntry(..) and isKeyEntry(..) 717 * throw NullPointerException when alias is null 718 * 719 * setKeyEntry(...) throws KeyStoreException when key or password 720 * is null 721 * 722 * setCertificateEntry(..) throws KeyStoreException when KeyEntry was overwritten 723 * 724 * setKeyEntry(..) stores used entry, getKey(..) returns it and getCertificateChain(...) 725 * returns cert 726 * 727 */ 728 public void testEntry05() throws Exception { 729 assertTrue(NotSupportMsg, JKSSupported); 730 KeyStoreTestSupport.MCertificate certs[] = { 731 new KeyStoreTestSupport.MCertificate("type1", new byte[10]), 732 new KeyStoreTestSupport.MCertificate("type2", new byte[10]) }; 733 KeyStoreTestSupport.MCertificate cert = new KeyStoreTestSupport.MCertificate( 734 "type", new byte[0]); 735 char[] pwd = new char[0]; 736 TestKeyPair tkp = new TestKeyPair("DSA"); 737 PrivateKey key = tkp.getPrivate(); 738 KeyStore [] kss = createKS(); 739 assertNotNull("KeyStore objects were not created", kss); 740 for (int i = 0; i < kss.length; i++) { 741 kss[i].load(null, null); 742 743 // Null as alias does not necessarily lead to NullPointerException 744 745 try { 746 kss[i].setKeyEntry("ZZZ", null, pwd, certs); 747 fail("KeyStoreException should be thrown when key is null"); 748 } catch (KeyStoreException e) { 749 } 750 try { 751 kss[i].setKeyEntry("ZZZ", key, pwd, null); 752 fail("KeyStoreException or IllegalArgumentException should be thrown " 753 + "when chain is null and key is private"); 754 } catch (IllegalArgumentException e) { 755 } 756 try { 757 kss[i].setKeyEntry("ZZZ", key, pwd, 758 new KeyStoreTestSupport.MCertificate[0]); 759 fail("KeyStoreException or IllegalArgumentException should be thrown " 760 + "when chain is empty and key is private"); 761 } catch (IllegalArgumentException e) { 762 } 763 764 for (int j = 0; j < aliases.length; j++) { 765 kss[i].setKeyEntry(aliases[j], key, pwd, certs); 766 } 767 768 kss[i].setKeyEntry("KeyAlias", key, pwd, certs); 769 try { 770 kss[i].setCertificateEntry("KeyAlias", cert); 771 fail("KeyStoreException should be thrown when we try to overwrite KeyEntry to Certificate"); 772 } catch (KeyStoreException e) { 773 } 774 775 try { 776 kss[i].isKeyEntry(null); 777 fail("NullPointerException should be thrown when alias is null"); 778 } catch (NullPointerException e) { 779 } 780 try { 781 kss[i].getKey(null, pwd); 782 fail("NullPointerException should be thrown when alias is null"); 783 } catch (NullPointerException e) { 784 } 785 try { 786 kss[i].getCertificateChain(null); 787 fail("NullPointerException should be thrown when alias is null"); 788 } catch (NullPointerException e) { 789 } 790 for (int j = 0; j < aliases.length; j++) { 791 assertFalse("Incorrect alias", kss[i].containsAlias("Bad".concat(aliases[j]))); 792 assertTrue("Incorrect alias", kss[i].containsAlias(aliases[j])); 793 assertTrue("Not KeyEntry", kss[i].isKeyEntry(aliases[j])); 794 assertFalse("Incorrect CertificateEntry", kss[i].isCertificateEntry(aliases[j])); 795 Key key1 = kss[i].getKey(aliases[j], pwd); 796 if (!key.getAlgorithm().equals(key1.getAlgorithm()) || 797 !key.getFormat().equals(key1.getFormat())) { 798 fail("Incorrect key"); 799 } 800 byte[] enc = key.getEncoded(); 801 byte[] enc1 = key1.getEncoded(); 802 assertTrue("Diff. keys encoding", Arrays.equals(enc, enc1)); 803 Certificate [] cc = kss[i].getCertificateChain(aliases[j]); 804 assertEquals("Incorrect chain", cc.length, certs.length); 805 for (int t = 0; t < cc.length; t++) { 806 assertEquals("Incorrect certificate", cc[t], certs[t]); 807 } 808 } 809 assertNull(kss[i].getCertificateAlias(cert)); 810 String ss = kss[i].getCertificateAlias(certs[0]); 811 boolean ans = false; 812 for (int j = 1; j < aliases.length; j++) { 813 if (ss.equals(aliases[j])) { 814 ans = true; 815 break; 816 } 817 } 818 assertTrue("There is no alias for certificate <type1, new byte[10]>", ans); 819 } 820 } 821 822 /** 823 * Test for 824 * <code>deleteEntry(String alias)</code> 825 * <code>size()</code> 826 * methods 827 * Assertions: 828 * throws NullPointerException when alias is null; 829 * 830 * deletes entry from KeyStore. 831 * 832 */ 833 public void testEntry06() throws Exception { 834 assertTrue(NotSupportMsg, JKSSupported); 835 KeyStore.TrustedCertificateEntry tCert = new KeyStore.TrustedCertificateEntry( 836 new KeyStoreTestSupport.MCertificate("type", new byte[0])); 837 838 TestKeyPair tkp = new TestKeyPair("DSA"); 839 KeyStoreTestSupport.MCertificate certs[] = { 840 new KeyStoreTestSupport.MCertificate("DSA", tkp.getPrivate() 841 .getEncoded()), 842 new KeyStoreTestSupport.MCertificate("DSA", tkp.getPrivate() 843 .getEncoded()) }; 844 KeyStore.PrivateKeyEntry pKey = new KeyStore.PrivateKeyEntry(tkp 845 .getPrivate(), certs); 846 char[] pwd = { 'p', 'a', 's', 's', 'w', 'd' }; 847 KeyStore.PasswordProtection pp = new KeyStore.PasswordProtection(pwd); 848 849 String[] aliases = { "Alias1", "Alias2", "Alias3", "Alias4", "Alias5" }; 850 851 KeyStore[] kss = createKS(); 852 assertNotNull("KeyStore objects were not created", kss); 853 854 for (int i = 0; i < kss.length; i++) { 855 kss[i].load(null, null); 856 kss[i].setEntry(aliases[0], tCert, null); 857 kss[i].setEntry(aliases[1], pKey, pp); 858 kss[i].setEntry(aliases[2], pKey, pp); 859 860 kss[i].setKeyEntry(aliases[3], tkp.getPrivate(), pwd, certs); 861 862 kss[i].setCertificateEntry(aliases[4], certs[0]); 863 864 assertEquals("Incorrect size", kss[i].size(), 5); 865 try { 866 kss[i].deleteEntry(null); 867 fail("NullPointerException should be thrown when alias is null"); 868 } catch (NullPointerException e) { 869 } 870 kss[i].deleteEntry(aliases[0]); 871 kss[i].deleteEntry(aliases[3]); 872 assertEquals("Incorrect size", kss[i].size(), 3); 873 for (int j = 1; j < 5; j++) { 874 if ((j == 0) || (j == 3)) { 875 assertFalse("Incorrect deleted alias", kss[i] 876 .containsAlias(aliases[j])); 877 } else { 878 assertTrue("Incorrect alias", kss[i] 879 .containsAlias(aliases[j])); 880 } 881 } 882 } 883 } 884 885 /** 886 * Test for 887 * <code>entryInstanceOf(String alias, Class class)</code> 888 * method 889 * Assertions: 890 * throws NullPointerException when alias is null 891 * returns false if KeyStore does not contain entry with defined alias 892 * returns false if defined alias is not correspond Entry 893 * returns false 894 * setEntry(..) throws KeyStoreException when incorrect Entry is used; 895 * 896 * setEntry(..) stores Entry and getEntry(...) returns it when 897 * KeyStore.PrivateKeyEntry is used. 898 * 899 */ 900 public void testEntry07() throws Exception { 901 assertTrue(NotSupportMsg, JKSSupported); 902 TestKeyPair tkp = new TestKeyPair("DSA"); 903 KeyStoreTestSupport.MCertificate certs[] = { 904 new KeyStoreTestSupport.MCertificate("DSA", tkp.getPrivate() 905 .getEncoded()), 906 new KeyStoreTestSupport.MCertificate("DSA", tkp.getPrivate() 907 .getEncoded()) }; 908 PrivateKey privKey = tkp.getPrivate(); 909 KeyStore.PrivateKeyEntry pKey = new KeyStore.PrivateKeyEntry(privKey, certs); 910 char [] pwd = {'p', 'a', 's', 's', 'w', 'd'}; 911 String aliasKE = "KeyAlias"; 912 KeyStore.PasswordProtection pp = new KeyStore.PasswordProtection(pwd); 913 new KeyStore.PasswordProtection(new char[0]); 914 KeyStore [] kss = createKS(); 915 assertNotNull("KeyStore objects were not created", kss); 916 917 for (int i = 0; i < kss.length; i++) { 918 kss[i].load(null, null); 919 // set entries 920 for (int j = 0; j < aliases.length; j++) { 921 kss[i].setEntry(aliases[j], pKey, pp); 922 } 923 kss[i].setKeyEntry(aliasKE, privKey, pwd, certs); 924 try { 925 kss[i].entryInstanceOf(null, pKey.getClass()); 926 fail("NullPointerEXception must be thrown"); 927 } catch (NullPointerException e) { 928 } 929 assertFalse("Incorrect class entry 1", 930 kss[i].entryInstanceOf("ZZZ", pKey.getClass())); 931 for (int j = 0; j < aliases.length; j++) { 932 assertTrue("Incorrect class entry 2", 933 kss[i].entryInstanceOf(aliases[j], pKey.getClass())); 934 935 //make it compilable on 1.5 936 Class c = privKey.getClass(); 937 assertFalse("Incorrect class entry 3", 938 kss[i].entryInstanceOf(aliases[j], c )); 939 } 940 941 //make it compilable on 1.5 942 Class c = privKey.getClass(); 943 assertFalse("Incorrect class entry 4", 944 kss[i].entryInstanceOf(aliasKE, c )); 945 assertTrue("Incorrect class entry 5", 946 kss[i].entryInstanceOf(aliasKE, pKey.getClass())); 947 } 948 } 949 950 951 /** 952 * Test for <code>KeyStore(KeyStoreSpi spi, Provider prov, String type)</code> 953 * constructor 954 * Assertion: constructs KeyStore object 955 */ 956 public void testKeyStoreConstr() throws Exception { 957 assertTrue(NotSupportMsg, JKSSupported); 958 KeyStoreSpi spi = new MyKeyStoreSpi(); 959 KeyStore keySt = new tmpKeyStore(spi, defaultProvider, 960 defaultType); 961 assertEquals("Incorrect name", keySt.getType(), 962 defaultType); 963 assertEquals("Incorrect provider", keySt.getProvider(), defaultProvider); 964 char [] pwd = new char[0]; 965 try { 966 keySt.store(null, pwd); 967 fail("KeyStoreException must be thrown"); 968 } catch (KeyStoreException e) { 969 } 970 keySt = new tmpKeyStore(null, null, null); 971 assertNull("Algorithm must be null", keySt.getType()); 972 assertNull("Provider must be null", keySt.getProvider()); 973 try { 974 keySt.load(null, pwd); 975 fail("NullPointerException must be thrown"); 976 } catch (NullPointerException e) { 977 } 978 } 979 980 } 981 982 /** 983 * Additional class to verify KeyStore constructor 984 */ 985 class tmpKeyStore extends KeyStore { 986 public tmpKeyStore(KeyStoreSpi spi, Provider prov, String alg) { 987 super(spi, prov, alg); 988 } 989 } 990
