1 package tests.security.cert; 2 3 import dalvik.annotation.AndroidOnly; 4 5 import junit.framework.TestCase; 6 7 import org.apache.harmony.security.asn1.ASN1Integer; 8 import org.apache.harmony.security.asn1.ASN1OctetString; 9 import org.apache.harmony.security.tests.support.cert.TestUtils; 10 11 import java.io.ByteArrayInputStream; 12 import java.io.IOException; 13 import java.math.BigInteger; 14 import java.security.InvalidKeyException; 15 import java.security.NoSuchAlgorithmException; 16 import java.security.NoSuchProviderException; 17 import java.security.Principal; 18 import java.security.PublicKey; 19 import java.security.SignatureException; 20 import java.security.cert.CRL; 21 import java.security.cert.CRLException; 22 import java.security.cert.Certificate; 23 import java.security.cert.CertificateException; 24 import java.security.cert.CertificateFactory; 25 import java.security.cert.X509CRL; 26 import java.security.cert.X509CRLEntry; 27 import java.security.cert.X509CRLSelector; 28 import java.security.cert.X509Certificate; 29 import java.util.ArrayList; 30 import java.util.Collection; 31 import java.util.Date; 32 import java.util.Set; 33 34 import javax.security.auth.x500.X500Principal; 35 36 public class X509CRLSelector2Test extends TestCase { 37 38 protected void setUp() throws Exception { 39 super.setUp(); 40 } 41 42 protected void tearDown() throws Exception { 43 super.tearDown(); 44 } 45 46 /** 47 * constructor testing. 48 * 49 */ 50 public void testX509CRLSelector() { 51 X509CRLSelector selector = new X509CRLSelector(); 52 assertNull(selector.getDateAndTime()); 53 assertNull(selector.getCertificateChecking()); 54 assertNull(selector.getIssuerNames()); 55 assertNull(selector.getIssuers()); 56 assertNull(selector.getMaxCRL()); 57 assertNull(selector.getMinCRL()); 58 } 59 60 /** 61 * addIssuer(X500Principal issuer) method testing. Tests if CRLs with 62 * specified issuers match the selector, and if not specified issuer does 63 * not match the selector. 64 */ 65 public void testAddIssuerLjavax_security_auth_x500_X500Principal02() { 66 X509CRLSelector selector = new X509CRLSelector(); 67 X500Principal iss1 = new X500Principal("O=First Org."); 68 X500Principal iss2 = new X500Principal("O=Second Org."); 69 CRL crl1 = new TestCRL(iss1); 70 CRL crl2 = new TestCRL(iss2); 71 72 selector.addIssuer(iss1); 73 assertTrue("The CRL should match the selection criteria.", selector 74 .match(crl1)); 75 assertFalse("The CRL should not match the selection criteria.", 76 selector.match(crl2)); 77 selector.addIssuer(iss2); 78 assertTrue("The CRL should match the selection criteria.", selector 79 .match(crl2)); 80 } 81 82 /** 83 * addIssuerName(String name) method testing. Tests if CRLs with specified 84 * issuers match the selector, and if not specified issuer does not match 85 * the selector. 86 */ 87 public void testAddIssuerNameLjava_lang_String03() { 88 X509CRLSelector selector = new X509CRLSelector(); 89 String iss1 = "O=First Org."; 90 String iss2 = "O=Second Org."; 91 TestCRL crl1 = new TestCRL(new X500Principal(iss1)); 92 TestCRL crl2 = new TestCRL(new X500Principal(iss2)); 93 94 try { 95 selector.addIssuerName(iss1); 96 } catch (IOException e) { 97 e.printStackTrace(); 98 fail("Unexpected IOException was thrown."); 99 } 100 assertTrue("The CRL should match the selection criteria.", selector 101 .match(crl1)); 102 assertFalse("The CRL should not match the selection criteria.", 103 selector.match(crl2)); 104 try { 105 selector.addIssuerName(iss2); 106 } catch (IOException e) { 107 e.printStackTrace(); 108 fail("Unexpected IOException was thrown."); 109 } 110 assertTrue("The CRL should match the selection criteria.", selector 111 .match(crl2)); 112 } 113 114 /** 115 * setIssuerNames(Collection <?> names) method testing. Tests if CRLs with 116 * any issuers match the selector in the case of null issuerNames criteria, 117 * if specified issuers match the selector, if not specified issuer does not 118 * match the selector, and if the internal collection of issuer names is 119 * copied during initialization. 120 */ 121 @SuppressWarnings("unchecked") 122 public void testSetIssuerNamesLjava_util_Collection02() { 123 X509CRLSelector selector = new X509CRLSelector(); 124 String iss1 = "O=First Org."; 125 byte[] iss2 = new byte[] 126 // manually obtained DER encoding of "O=Second Org." issuer name; 127 { 48, 22, 49, 20, 48, 18, 6, 3, 85, 4, 10, 19, 11, 83, 101, 99, 111, 128 110, 100, 32, 79, 114, 103, 46 }; 129 130 String iss3 = "O=Third Org."; 131 TestCRL crl1 = new TestCRL(new X500Principal(iss1)); 132 TestCRL crl2 = new TestCRL(new X500Principal(iss2)); 133 TestCRL crl3 = new TestCRL(new X500Principal(iss3)); 134 135 try { 136 selector.setIssuerNames(null); 137 } catch (IOException e) { 138 e.printStackTrace(); 139 fail("Unexpected IOException was thrown."); 140 } 141 assertTrue("Any CRL issuers should match in the case of null issuers.", 142 selector.match(crl1) && selector.match(crl2)); 143 144 ArrayList issuers = new ArrayList(2); 145 issuers.add(iss1); 146 issuers.add(iss2); 147 try { 148 selector.setIssuerNames(issuers); 149 } catch (IOException e) { 150 e.printStackTrace(); 151 fail("Unexpected IOException was thrown."); 152 } 153 assertTrue("The CRL should match the selection criteria.", selector 154 .match(crl1) 155 && selector.match(crl2)); 156 assertFalse("The CRL should not match the selection criteria.", 157 selector.match(crl3)); 158 issuers.add(iss3); 159 assertFalse("The internal issuer collection is not protected " 160 + "against the modifications.", selector.match(crl3)); 161 } 162 163 /** 164 * setIssuers(Collection <X500Principal> issuers) method testing. Tests if 165 * CRLs with any issuers match the selector in the case of null issuerNames 166 * criteria, if specified issuers match the selector, and if not specified 167 * issuer does not match the selector. 168 */ 169 public void testSetIssuersLjava_util_Collection() { 170 X509CRLSelector selector = new X509CRLSelector(); 171 X500Principal iss1 = new X500Principal("O=First Org."); 172 X500Principal iss2 = new X500Principal("O=Second Org."); 173 X500Principal iss3 = new X500Principal("O=Third Org."); 174 TestCRL crl1 = new TestCRL(iss1); 175 TestCRL crl2 = new TestCRL(iss2); 176 TestCRL crl3 = new TestCRL(iss3); 177 178 selector.setIssuers(null); 179 assertTrue("Any CRL issuers should match in the case of null issuers.", 180 selector.match(crl1) && selector.match(crl2)); 181 182 ArrayList<X500Principal> issuers = new ArrayList<X500Principal>(2); 183 issuers.add(iss1); 184 issuers.add(iss2); 185 selector.setIssuers(issuers); 186 assertTrue("The CRL should match the selection criteria.", selector 187 .match(crl1) 188 && selector.match(crl2)); 189 assertFalse("The CRL should not match the selection criteria.", 190 selector.match(crl3)); 191 issuers.add(iss3); 192 assertFalse("The internal issuer collection is not protected " 193 + "against the modifications.", selector.match(crl3)); 194 } 195 196 /** 197 * addIssuerName(byte[] name) method testing. Tests if CRLs with specified 198 * issuers match the selector, and if not specified issuer does not match 199 * the selector. 200 */ 201 public void testAddIssuerName$B() { 202 X509CRLSelector selector = new X509CRLSelector(); 203 byte[] iss1 = new byte[] 204 // manually obtained DER encoding of "O=First Org." issuer name; 205 { 48, 21, 49, 19, 48, 17, 6, 3, 85, 4, 10, 19, 10, 70, 105, 114, 115, 206 116, 32, 79, 114, 103, 46 }; 207 byte[] iss2 = new byte[] 208 // manually obtained DER encoding of "O=Second Org." issuer name; 209 { 48, 22, 49, 20, 48, 18, 6, 3, 85, 4, 10, 19, 11, 83, 101, 99, 111, 210 110, 100, 32, 79, 114, 103, 46 }; 211 TestCRL crl1 = new TestCRL(new X500Principal(iss1)); 212 TestCRL crl2 = new TestCRL(new X500Principal(iss2)); 213 214 try { 215 selector.addIssuerName(iss1); 216 } catch (IOException e) { 217 e.printStackTrace(); 218 fail("Unexpected IOException was thrown."); 219 } 220 assertTrue("The CRL should match the selection criteria.", selector 221 .match(crl1)); 222 assertFalse("The CRL should not match the selection criteria.", 223 selector.match(crl2)); 224 try { 225 selector.addIssuerName(iss2); 226 } catch (IOException e) { 227 e.printStackTrace(); 228 fail("Unexpected IOException was thrown."); 229 } 230 assertTrue("The CRL should match the selection criteria.", selector 231 .match(crl2)); 232 } 233 234 /** 235 * setMinCRLNumber(BigInteger minCRL) method testing. Tests if CRLs with any 236 * crl number value match the selector in the case of null crlNumber 237 * criteria, if specified minCRL value matches the selector, and if CRL with 238 * inappropriate crlNumber value does not match the selector. 239 */ 240 @AndroidOnly("Uses specific class: " + 241 "org.apache.harmony.security.asn1.ASN1OctetString.") 242 public void testSetMinCRLNumberLjava_math_BigInteger() { 243 X509CRLSelector selector = new X509CRLSelector(); 244 BigInteger minCRL = new BigInteger("10000"); 245 CRL crl = new TestCRL(minCRL); 246 247 selector.setMinCRLNumber(null); 248 assertTrue("Any CRL should match in the case of null minCRLNumber.", 249 selector.match(crl)); 250 selector.setMinCRLNumber(minCRL); 251 assertTrue("The CRL should match the selection criteria.", selector 252 .match(crl)); 253 selector.setMinCRLNumber(new BigInteger("10001")); 254 assertFalse("The CRL should not match the selection criteria.", 255 selector.match(crl)); 256 } 257 258 /** 259 * setMaxCRLNumber(BigInteger maxCRL) method testing. Tests if CRLs with any 260 * crl number value match the selector in the case of null crlNumber 261 * criteria, if specified maxCRL value matches the selector, and if CRL with 262 * inappropriate crlNumber value does not match the selector. 263 */ 264 @AndroidOnly("Uses specific class: " + 265 "org.apache.harmony.security.asn1.ASN1OctetString.") 266 public void testSetMaxCRLNumberLjava_math_BigInteger() { 267 X509CRLSelector selector = new X509CRLSelector(); 268 BigInteger maxCRL = new BigInteger("10000"); 269 TestCRL crl = new TestCRL(maxCRL); 270 271 selector.setMaxCRLNumber(null); 272 assertTrue("Any CRL should match in the case of null minCRLNumber.", 273 selector.match(crl)); 274 selector.setMaxCRLNumber(maxCRL); 275 assertTrue("The CRL should match the selection criteria.", selector 276 .match(crl)); 277 selector.setMaxCRLNumber(new BigInteger("9999")); 278 assertFalse("The CRL should not match the selection criteria.", 279 selector.match(crl)); 280 } 281 282 /** 283 * setDateAndTime(Date dateAndTime) method testing. Tests if CRLs with any 284 * update dates match the selector in the case of null dateAndTime criteria, 285 * if correct dates match and incorrect do not match the selector. 286 */ 287 public void testSetDateAndTimeLjava_util_Date() { 288 X509CRLSelector selector = new X509CRLSelector(); 289 TestCRL crl = new TestCRL(new Date(200), new Date(300)); 290 selector.setDateAndTime(null); 291 assertTrue("Any CRL should match in the case of null dateAndTime.", 292 selector.match(crl)); 293 selector.setDateAndTime(new Date(200)); 294 assertTrue("The CRL should match the selection criteria.", selector 295 .match(crl)); 296 selector.setDateAndTime(new Date(250)); 297 assertTrue("The CRL should match the selection criteria.", selector 298 .match(crl)); 299 selector.setDateAndTime(new Date(300)); 300 assertTrue("The CRL should match the selection criteria.", selector 301 .match(crl)); 302 selector.setDateAndTime(new Date(150)); 303 assertFalse("The CRL should not match the selection criteria.", 304 selector.match(crl)); 305 selector.setDateAndTime(new Date(350)); 306 assertFalse("The CRL should not match the selection criteria.", 307 selector.match(crl)); 308 } 309 310 /** 311 * setCertificateChecking(X509Certificate) method testing. 312 */ 313 public void testSetCertificateCheckingLjava_X509Certificate() 314 throws CertificateException { 315 X509CRLSelector selector = new X509CRLSelector(); 316 317 CertificateFactory certFact = CertificateFactory.getInstance("X509"); 318 X509Certificate cert = (X509Certificate) certFact 319 .generateCertificate(new ByteArrayInputStream(TestUtils 320 .getX509Certificate_v3())); 321 322 TestCRL crl = new TestCRL(); 323 selector.setCertificateChecking(cert); 324 assertTrue("The CRL should match the selection criteria.", selector 325 .match(crl)); 326 assertEquals(cert, selector.getCertificateChecking()); 327 328 selector.setCertificateChecking(null); 329 assertTrue("The CRL should match the selection criteria.", selector 330 .match(crl)); 331 assertNull(selector.getCertificateChecking()); 332 } 333 334 /** 335 * getIssuers() method testing. Tests if the method return null in the case 336 * of not specified issuers, if the returned collection corresponds to the 337 * specified issuers and this collection is unmodifiable. 338 */ 339 public void testGetIssuers() { 340 X509CRLSelector selector = new X509CRLSelector(); 341 X500Principal iss1 = new X500Principal("O=First Org."); 342 X500Principal iss2 = new X500Principal("O=Second Org."); 343 X500Principal iss3 = new X500Principal("O=Third Org."); 344 assertNull("The collection should be null.", selector.getIssuers()); 345 selector.addIssuer(iss1); 346 selector.addIssuer(iss2); 347 Collection<X500Principal> result = selector.getIssuers(); 348 try { 349 result.add(iss3); 350 fail("The returned collection should be unmodifiable."); 351 } catch (UnsupportedOperationException e) { 352 } 353 assertTrue("The collection should contain the specified DN.", result 354 .contains(iss2)); 355 } 356 357 /** 358 * getIssuerNames() method testing. Tests if the method return null in the 359 * case of not specified issuers, if the returned collection corresponds to 360 * the specified issuers. 361 */ 362 public void testGetIssuerNames() { 363 X509CRLSelector selector = new X509CRLSelector(); 364 byte[] iss1 = new byte[] 365 // manually obtained DER encoding of "O=First Org." issuer name; 366 { 48, 21, 49, 19, 48, 17, 6, 3, 85, 4, 10, 19, 10, 70, 105, 114, 115, 367 116, 32, 79, 114, 103, 46 }; 368 byte[] iss2 = new byte[] 369 // manually obtained DER encoding of "O=Second Org." issuer name; 370 { 48, 22, 49, 20, 48, 18, 6, 3, 85, 4, 10, 19, 11, 83, 101, 99, 111, 371 110, 100, 32, 79, 114, 103, 46 }; 372 assertNull("The collection should be null.", selector.getIssuerNames()); 373 try { 374 selector.addIssuerName(iss1); 375 selector.addIssuerName(iss2); 376 } catch (IOException e) { 377 e.printStackTrace(); 378 fail("Unexpected IOException was thrown."); 379 } 380 Collection<Object> result = selector.getIssuerNames(); 381 assertEquals("The collection should contain all of the specified DNs.", 382 2, result.size()); 383 } 384 385 /** 386 * getMinCRL() method testing. Tests if the method return null in the case 387 * of not specified minCRL criteria, and if the returned value corresponds 388 * to the specified one. 389 */ 390 public void testGetMinCRL() { 391 X509CRLSelector selector = new X509CRLSelector(); 392 assertNull("Initially the minCRL should be null.", selector.getMinCRL()); 393 BigInteger minCRL = new BigInteger("10000"); 394 selector.setMinCRLNumber(minCRL); 395 assertTrue("The result should be equal to specified.", minCRL 396 .equals(selector.getMinCRL())); 397 } 398 399 /** 400 * getMaxCRL() method testing. Tests if the method return null in the case 401 * of not specified maxCRL criteria, and if the returned value corresponds 402 * to the specified one. 403 */ 404 public void testGetMaxCRL() { 405 X509CRLSelector selector = new X509CRLSelector(); 406 assertNull("Initially the maxCRL should be null.", selector.getMaxCRL()); 407 BigInteger maxCRL = new BigInteger("10000"); 408 selector.setMaxCRLNumber(maxCRL); 409 assertTrue("The result should be equal to specified.", maxCRL 410 .equals(selector.getMaxCRL())); 411 } 412 413 /** 414 * getDateAndTime() method testing. Tests if the method return null in the 415 * case of not specified dateAndTime criteria, and if the returned value 416 * corresponds to the specified one. 417 */ 418 public void testGetDateAndTime() { 419 X509CRLSelector selector = new X509CRLSelector(); 420 assertNull("Initially the dateAndTime criteria should be null.", 421 selector.getDateAndTime()); 422 Date date = new Date(200); 423 selector.setDateAndTime(date); 424 assertTrue("The result should be equal to specified.", date 425 .equals(selector.getDateAndTime())); 426 } 427 428 /** 429 * getCertificateChecking() method testing. 430 */ 431 public void testGetCertificateCheckingLjava_X509Certificate() 432 throws CertificateException { 433 X509CRLSelector selector = new X509CRLSelector(); 434 435 CertificateFactory certFact = CertificateFactory.getInstance("X509"); 436 X509Certificate cert = (X509Certificate) certFact 437 .generateCertificate(new ByteArrayInputStream(TestUtils 438 .getX509Certificate_v3())); 439 440 selector.setCertificateChecking(cert); 441 assertEquals(cert, selector.getCertificateChecking()); 442 443 selector.setCertificateChecking(null); 444 assertNull(selector.getCertificateChecking()); 445 } 446 447 /** 448 * match(CRL crl) method testing. Tests if the null object matches to the 449 * selector or not. 450 */ 451 public void testMatchLjava_security_cert_X509CRL() { 452 X509CRLSelector selector = new X509CRLSelector(); 453 assertFalse("The null object should not match", selector 454 .match((X509CRL) null)); 455 } 456 457 /** 458 * clone() method testing. Tests if the selector is cloned correctly: the 459 * crl which matche to the initial selector should match to the clone and 460 * the change of clone should not cause the change of initial selector. 461 */ 462 @AndroidOnly("Uses specific classes: " + 463 "org.apache.harmony.security.asn1.ASN1OctetString, " + 464 "org.apache.harmony.security.asn1.ASN1Integer.") 465 public void testClone() { 466 X509CRLSelector selector = new X509CRLSelector(); 467 X500Principal iss1 = new X500Principal("O=First Org."); 468 X500Principal iss2 = new X500Principal("O=Second Org."); 469 X500Principal iss3 = new X500Principal("O=Third Org."); 470 BigInteger minCRL = new BigInteger("10000"); 471 BigInteger maxCRL = new BigInteger("10000"); 472 Date date = new Date(200); 473 474 selector.addIssuer(iss1); 475 selector.addIssuer(iss2); 476 selector.setMinCRLNumber(minCRL); 477 selector.setMaxCRLNumber(maxCRL); 478 selector.setDateAndTime(date); 479 480 X509CRLSelector clone = (X509CRLSelector) selector.clone(); 481 TestCRL crl = new TestCRL(iss1); 482 crl.setCrlNumber(minCRL); 483 crl.setUpdateDates(new Date(200), new Date(200)); 484 assertTrue("The specified CRL should match the clone selector.", 485 selector.match(crl)); 486 487 clone.addIssuer(iss3); 488 assertFalse("The changes of the clone selector should not cause " 489 + "the changes of initial object", selector.getIssuerNames() 490 .size() == 3); 491 } 492 public void testToString() { 493 X509CRLSelector selector = new X509CRLSelector(); 494 X500Principal iss1 = new X500Principal("O=First Org."); 495 X500Principal iss2 = new X500Principal("O=Second Org."); 496 BigInteger minCRL = new BigInteger("10000"); 497 BigInteger maxCRL = new BigInteger("10000"); 498 Date date = new Date(200); 499 500 selector.addIssuer(iss1); 501 selector.addIssuer(iss2); 502 selector.setMinCRLNumber(minCRL); 503 selector.setMaxCRLNumber(maxCRL); 504 selector.setDateAndTime(date); 505 506 assertNotNull("The result should not be null.", selector.toString()); 507 } 508 509 /** 510 * The abstract class stub implementation. 511 */ 512 private class TestCRL extends X509CRL { 513 514 private X500Principal principal = null; 515 516 private BigInteger crlNumber = null; 517 518 private Date thisUpdate = null; 519 520 private Date nextUpdate = null; 521 522 public TestCRL() { 523 } 524 525 public TestCRL(X500Principal principal) { 526 this.principal = principal; 527 } 528 529 public TestCRL(Date thisUpdate, Date nextUpdate) { 530 setUpdateDates(thisUpdate, nextUpdate); 531 } 532 533 public TestCRL(BigInteger crlNumber) { 534 setCrlNumber(crlNumber); 535 } 536 537 public void setUpdateDates(Date thisUpdate, Date nextUpdate) { 538 this.thisUpdate = thisUpdate; 539 this.nextUpdate = nextUpdate; 540 } 541 542 public void setCrlNumber(BigInteger crlNumber) { 543 this.crlNumber = crlNumber; 544 } 545 546 public X500Principal getIssuerX500Principal() { 547 return principal; 548 } 549 550 public String toString() { 551 return null; 552 } 553 554 public boolean isRevoked(Certificate cert) { 555 return true; 556 } 557 558 public Set<String> getNonCriticalExtensionOIDs() { 559 return null; 560 } 561 562 public Set<String> getCriticalExtensionOIDs() { 563 return null; 564 } 565 566 public byte[] getExtensionValue(String oid) { 567 if ("2.5.29.20".equals(oid) && (crlNumber != null)) { 568 return ASN1OctetString.getInstance().encode( 569 ASN1Integer.getInstance().encode( 570 crlNumber.toByteArray())); 571 } 572 return null; 573 } 574 575 public boolean hasUnsupportedCriticalExtension() { 576 return false; 577 } 578 579 public byte[] getEncoded() { 580 return null; 581 } 582 583 @SuppressWarnings("unused") 584 public void verify(PublicKey key) throws CRLException, 585 NoSuchAlgorithmException, InvalidKeyException, 586 NoSuchProviderException, SignatureException { 587 } 588 589 @SuppressWarnings("unused") 590 public void verify(PublicKey key, String sigProvider) 591 throws CRLException, NoSuchAlgorithmException, 592 InvalidKeyException, NoSuchProviderException, 593 SignatureException { 594 } 595 596 public int getVersion() { 597 return 2; 598 } 599 600 public Principal getIssuerDN() { 601 return null; 602 } 603 604 public Date getThisUpdate() { 605 return thisUpdate; 606 } 607 608 public Date getNextUpdate() { 609 return nextUpdate; 610 } 611 612 public X509CRLEntry getRevokedCertificate(BigInteger serialNumber) { 613 return null; 614 } 615 616 public Set<X509CRLEntry> getRevokedCertificates() { 617 return null; 618 } 619 620 public byte[] getTBSCertList() { 621 return null; 622 } 623 624 public byte[] getSignature() { 625 return null; 626 } 627 628 public String getSigAlgName() { 629 return null; 630 } 631 632 public String getSigAlgOID() { 633 return null; 634 } 635 636 public byte[] getSigAlgParams() { 637 return null; 638 } 639 } 640 } 641
