1 /* 2 * Licensed to the Apache Software Foundation (ASF) under one or more 3 * contributor license agreements. See the NOTICE file distributed with 4 * this work for additional information regarding copyright ownership. 5 * The ASF licenses this file to You under the Apache License, Version 2.0 6 * (the "License"); you may not use this file except in compliance with 7 * the License. You may obtain a copy of the License at 8 * 9 * http://www.apache.org/licenses/LICENSE-2.0 10 * 11 * Unless required by applicable law or agreed to in writing, software 12 * distributed under the License is distributed on an "AS IS" BASIS, 13 * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. 14 * See the License for the specific language governing permissions and 15 * limitations under the License. 16 */ 17 18 /** 19 * @author Vladimir N. Molotkov 20 * @version $Revision$ 21 */ 22 23 package tests.security.cert; 24 25 import junit.framework.TestCase; 26 27 import org.apache.harmony.security.tests.support.TestCertUtils; 28 import org.apache.harmony.security.tests.support.TestKeyPair; 29 import org.apache.harmony.security.tests.support.cert.TestUtils; 30 31 import java.io.ByteArrayInputStream; 32 import java.security.PublicKey; 33 import java.security.cert.CertificateException; 34 import java.security.cert.CertificateFactory; 35 import java.security.cert.TrustAnchor; 36 import java.security.cert.X509Certificate; 37 import java.security.spec.InvalidKeySpecException; 38 import java.util.Arrays; 39 40 import javax.security.auth.x500.X500Principal; 41 42 /** 43 * Unit tests for <code>TrustAnchor</code> 44 */ 45 public class TrustAnchorTest extends TestCase { 46 private static final String keyAlg = "DSA"; 47 // Sample of some valid CA name 48 private static final String validCaNameRfc2253 = 49 "CN=Test CA,"+ 50 "OU=Testing Division,"+ 51 "O=Test It All,"+ 52 "L=Test Town,"+ 53 "ST=Testifornia,"+ 54 "C=Testland"; 55 56 /** 57 * Test #1 for <code>TrustAnchor(String, PublicKey, byte[])</code> constructor<br> 58 * Assertion: creates <code>TrustAnchor</code> instance<br> 59 * Test preconditions: valid parameters passed<br> 60 * Expected: must pass without any exceptions 61 * @throws InvalidKeySpecException 62 */ 63 public final void testTrustAnchorStringPublicKeybyteArray01() 64 throws Exception { 65 66 PublicKey pk = new TestKeyPair(keyAlg).getPublic(); 67 68 // sub testcase 1 69 new TrustAnchor(validCaNameRfc2253, pk, getFullEncoding()); 70 // sub testcase 2 71 new TrustAnchor(validCaNameRfc2253, pk, getEncodingPSOnly()); 72 // sub testcase 3 73 new TrustAnchor(validCaNameRfc2253, pk, getEncodingESOnly()); 74 // sub testcase 4 75 new TrustAnchor(validCaNameRfc2253, pk, getEncodingNoMinMax()); 76 } 77 78 /** 79 * Test #2 for <code>TrustAnchor(String, PublicKey, byte[])</code> constructor<br> 80 * Assertion: creates <code>TrustAnchor</code> instance<br> 81 * Test preconditions: <code>null</code> as nameConstraints passed<br> 82 * Expected: must pass without any exceptions 83 * @throws InvalidKeySpecException 84 */ 85 public final void testTrustAnchorStringPublicKeybyteArray02() 86 throws Exception { 87 88 PublicKey pk = new TestKeyPair(keyAlg).getPublic(); 89 90 new TrustAnchor(validCaNameRfc2253, pk, null); 91 } 92 93 /** 94 * Test #3 for <code>TrustAnchor(String, PublicKey, byte[])</code> constructor<br> 95 * Assertion: nameConstraints cloned by the constructor<br> 96 * Test preconditions: modify passed nameConstraints<br> 97 * Expected: modification must not change object internal state 98 * @throws InvalidKeySpecException 99 */ 100 public final void testTrustAnchorStringPublicKeybyteArray03() 101 throws Exception { 102 103 PublicKey pk = new TestKeyPair(keyAlg).getPublic(); 104 105 byte[] nc = getEncodingPSOnly(); 106 byte[] ncCopy = nc.clone(); 107 // sub testcase 5 - nameConstraints can be null 108 TrustAnchor ta = new TrustAnchor(validCaNameRfc2253, pk, ncCopy); 109 // modify 110 ncCopy[0]=(byte)0; 111 // check that above modification did not change 112 // object internal state 113 assertTrue(Arrays.equals(nc, ta.getNameConstraints())); 114 } 115 116 /** 117 * Test #4 for <code>TrustAnchor(String, PublicKey, byte[])</code> constructor<br> 118 * Assertion: <code>NullPointerException</code> if <code>caName</code> 119 * or <code>caPublicKey</code> parameter is <code>null</code><br> 120 * Test preconditions: pass <code>null</code> as mentioned parameter<br> 121 * Expected: NullPointerException 122 */ 123 public final void testTrustAnchorStringPublicKeybyteArray04() 124 throws Exception { 125 126 PublicKey pk = new TestKeyPair(keyAlg).getPublic(); 127 128 // sub testcase 1: 'caName' param is null 129 try { 130 new TrustAnchor((String)null, pk, getEncodingPSOnly()); 131 fail("NullPointerException has not been thrown"); 132 } catch (NullPointerException ok) { 133 } 134 135 // sub testcase 2: 'caPublicKey' param is null 136 try { 137 new TrustAnchor(validCaNameRfc2253, null, getEncodingPSOnly()); 138 fail("NullPointerException has not been thrown"); 139 } catch (NullPointerException ok) { 140 } 141 142 // sub testcase 3: 'caName' and 'caPublicKey' params are null 143 try { 144 new TrustAnchor((String)null, null, getEncodingPSOnly()); 145 fail("NullPointerException has not been thrown"); 146 } catch (NullPointerException ok) { 147 } 148 149 // sub testcase 4: 'caName' param is empty 150 try { 151 new TrustAnchor("", pk, getEncodingPSOnly()); 152 fail("IllegalArgumentException has not been thrown"); 153 } catch (IllegalArgumentException ok) { 154 } 155 156 // sub testcase 5: 'caName' param is incorrect distinguished name 157 try { 158 new TrustAnchor("AID.11.12=A", pk, getEncodingPSOnly()); 159 fail("IllegalArgumentException has not been thrown"); 160 } catch (IllegalArgumentException ok) { 161 } 162 } 163 164 /** 165 * Test #1 for <code>TrustAnchor(X500Principal, PublicKey, byte[])</code> constructor<br> 166 * Assertion: creates <code>TrustAnchor</code> instance<br> 167 * Test preconditions: valid parameters passed<br> 168 * Expected: must pass without any exceptions 169 * @throws InvalidKeySpecException 170 */ 171 public final void testTrustAnchorX500PrincipalPublicKeybyteArray01() 172 throws Exception { 173 174 PublicKey pk = new TestKeyPair(keyAlg).getPublic(); 175 176 X500Principal x500p = new X500Principal(validCaNameRfc2253); 177 // sub testcase 1 178 new TrustAnchor(x500p, pk, getFullEncoding()); 179 // sub testcase 2 180 new TrustAnchor(x500p, pk, getEncodingPSOnly()); 181 // sub testcase 3 182 new TrustAnchor(x500p, pk, getEncodingESOnly()); 183 // sub testcase 4 184 new TrustAnchor(x500p, pk, getEncodingNoMinMax()); 185 } 186 187 /** 188 * Test #2 for <code>TrustAnchor(X500Principal, PublicKey, byte[])</code> constructor<br> 189 * Assertion: creates <code>TrustAnchor</code> instance<br> 190 * Test preconditions: <code>null</code> as nameConstraints passed<br> 191 * Expected: must pass without any exceptions 192 * @throws InvalidKeySpecException 193 */ 194 public final void testTrustAnchorX500PrincipalPublicKeybyteArray02() 195 throws Exception { 196 197 PublicKey pk = new TestKeyPair(keyAlg).getPublic(); 198 199 X500Principal x500p = new X500Principal(validCaNameRfc2253); 200 201 new TrustAnchor(x500p, pk, null); 202 } 203 204 /** 205 * Test #3 for <code>TrustAnchor(X500Principal, PublicKey, byte[])</code> constructor<br> 206 * Assertion: nameConstraints cloned by the constructor<br> 207 * Test preconditions: modify passed nameConstraints<br> 208 * Expected: modification must not change object internal state 209 * @throws InvalidKeySpecException 210 */ 211 public final void testTrustAnchorX500PrincipalPublicKeybyteArray03() 212 throws Exception { 213 214 PublicKey pk = new TestKeyPair(keyAlg).getPublic(); 215 216 byte[] nc = getEncodingPSOnly(); 217 byte[] ncCopy = nc.clone(); 218 // sub testcase 5 - nameConstraints can be null 219 TrustAnchor ta = new TrustAnchor(new X500Principal(validCaNameRfc2253), 220 pk, ncCopy); 221 // modify 222 ncCopy[0]=(byte)0; 223 // check that above modification did not change 224 // object internal state 225 assertTrue(Arrays.equals(nc, ta.getNameConstraints())); 226 } 227 228 /** 229 * Test #4 for <code>TrustAnchor(X500Principal, PublicKey, byte[])</code> constructor<br> 230 * Assertion: <code>NullPointerException</code> if <code>caPrincipal</code> 231 * or <code>caPublicKey</code> parameter is <code>null</code><br> 232 * Test preconditions: pass <code>null</code> as mentioned parameter<br> 233 * Expected: NullPointerException 234 * @throws InvalidKeySpecException 235 */ 236 public final void testTrustAnchorX500PrincipalPublicKeybyteArray04() 237 throws Exception { 238 239 PublicKey pk = new TestKeyPair(keyAlg).getPublic(); 240 241 X500Principal x500p = new X500Principal(validCaNameRfc2253); 242 // sub testcase 1 243 try { 244 new TrustAnchor((X500Principal)null, 245 pk, getEncodingPSOnly()); 246 fail("NullPointerException has not been thrown"); 247 } catch (NullPointerException ok) { 248 } 249 250 // sub testcase 2 251 try { 252 new TrustAnchor(x500p, null, getEncodingPSOnly()); 253 fail("NullPointerException has not been thrown"); 254 } catch (NullPointerException ok) { 255 } 256 257 // sub testcase 3 258 try { 259 new TrustAnchor((X500Principal)null, null, 260 getEncodingPSOnly()); 261 fail("NullPointerException has not been thrown"); 262 } catch (NullPointerException ok) { 263 } 264 265 } 266 267 /** 268 * Test #1 for <code>TrustAnchor(X509Certificate, byte[])</code> 269 * constructor<br> 270 * Assertion: creates <code>TrustAnchor</code> instance<br> 271 * Test preconditions: valid parameters passed<br> 272 * Expected: must pass without any exceptions 273 */ 274 public final void testTrustAnchorX509CertificatebyteArray01() 275 throws CertificateException { 276 277 CertificateFactory certFact = CertificateFactory.getInstance("X509"); 278 X509Certificate pemCert = (X509Certificate) certFact 279 .generateCertificate(new ByteArrayInputStream(TestUtils 280 .getX509Certificate_v3())); 281 282 // sub testcase 1 283 TrustAnchor ta1 = new TrustAnchor(pemCert, getFullEncoding()); 284 assertNull(ta1.getCA()); 285 assertNull(ta1.getCAName()); 286 assertNull(ta1.getCAPublicKey()); 287 assertTrue(Arrays.equals(getFullEncoding(), ta1.getNameConstraints())); 288 assertEquals(pemCert, ta1.getTrustedCert()); 289 290 // sub testcase 2 291 TrustAnchor ta2 = new TrustAnchor(pemCert, getEncodingPSOnly()); 292 assertNull(ta2.getCA()); 293 assertNull(ta2.getCAName()); 294 assertNull(ta2.getCAPublicKey()); 295 assertTrue(Arrays.equals(getEncodingPSOnly(), ta2.getNameConstraints())); 296 assertEquals(pemCert, ta2.getTrustedCert()); 297 298 // sub testcase 3 299 TrustAnchor ta3 = new TrustAnchor(pemCert, getEncodingESOnly()); 300 assertNull(ta3.getCA()); 301 assertNull(ta3.getCAName()); 302 assertNull(ta3.getCAPublicKey()); 303 assertTrue(Arrays.equals(getEncodingESOnly(), ta3.getNameConstraints())); 304 assertEquals(pemCert, ta3.getTrustedCert()); 305 306 // sub testcase 4 307 TrustAnchor ta4 = new TrustAnchor(pemCert, getEncodingNoMinMax()); 308 assertNull(ta4.getCA()); 309 assertNull(ta4.getCAName()); 310 assertNull(ta4.getCAPublicKey()); 311 assertTrue(Arrays.equals(getEncodingNoMinMax(), ta4 312 .getNameConstraints())); 313 assertEquals(pemCert, ta4.getTrustedCert()); 314 } 315 316 /** 317 * Test #2 for <code>TrustAnchor(X509Certificate, byte[])</code> 318 * constructor<br> 319 * Assertion: creates <code>TrustAnchor</code> instance<br> 320 * Test preconditions: <code>null</code> as X509Certificate passed<br> 321 * Expected: <code>NullPointerException</code> 322 */ 323 public final void testTrustAnchorX509CertificatebyteArray02() 324 throws Exception { 325 326 try { 327 new TrustAnchor(null, getFullEncoding()); 328 fail("NullPointerException expected"); 329 } catch (NullPointerException e) { 330 // expected 331 } 332 } 333 334 /** 335 * Test #3 for <code>TrustAnchor(X509Certificate, byte[])</code> 336 * constructor<br> 337 * Assertion: creates <code>TrustAnchor</code> instance<br> 338 * Test preconditions: <code>null</code> as nameConstraints passed<br> 339 * Expected: must pass without any exceptions 340 */ 341 public final void testTrustAnchorX509CertificatebyteArray03() 342 throws Exception { 343 CertificateFactory certFact = CertificateFactory.getInstance("X509"); 344 X509Certificate pemCert = (X509Certificate) certFact 345 .generateCertificate(new ByteArrayInputStream(TestUtils 346 .getX509Certificate_v3())); 347 348 try { 349 new TrustAnchor(pemCert, null); 350 } catch (Exception e) { 351 fail("Unexpected exeption " + e.getMessage()); 352 } 353 } 354 355 /** 356 * Test #4 for <code>TrustAnchor(X509Certificate, byte[])</code> 357 * constructor<br> 358 * Assertion: creates <code>TrustAnchor</code> instance<br> 359 * Test preconditions: pass not valid name constraints array Expected: 360 * IllegalArgumentException 361 * 362 */ 363 public final void testTrustAnchorX509CertificatebyteArray04() 364 throws Exception { 365 366 CertificateFactory certFact = CertificateFactory.getInstance("X509"); 367 X509Certificate pemCert = (X509Certificate) certFact 368 .generateCertificate(new ByteArrayInputStream(TestUtils 369 .getX509Certificate_v3())); 370 371 try { 372 new TrustAnchor(pemCert, 373 new byte[] { (byte) 1, (byte) 2, (byte) 3 }); 374 fail("IllegalArgumentException expected"); 375 } catch (IllegalArgumentException e) { 376 // expected 377 } 378 } 379 380 /** 381 * Test #5 for <code>TrustAnchor(X509Certificate, byte[])</code> 382 * constructor<br> 383 * Assertion: creates <code>TrustAnchor</code> instance<br> 384 * Test preconditions: both parameters are passed as null<br> 385 * Expected: <code>NullPointerException</code> 386 */ 387 public final void testTrustAnchorX509CertificatebyteArray05() 388 throws Exception { 389 390 try { 391 new TrustAnchor(null, null); 392 fail("NullPointerException expected"); 393 } catch (NullPointerException e) { 394 // expected 395 } 396 } 397 398 /** 399 * Test #1 for <code>getCAPublicKey()</code> method<br> 400 * 401 * Assertion: returns most trusted CA public key</code><br> 402 * Test preconditions: valid name passed to the constructor<br> 403 * Expected: the same name must be returned by the method<br> 404 * 405 */ 406 public final void testGetCAPublicKey01() throws Exception { 407 408 PublicKey pk = new TestKeyPair(keyAlg).getPublic(); 409 410 // sub testcase 1 411 TrustAnchor ta = 412 new TrustAnchor(validCaNameRfc2253, pk, null); 413 assertEquals("equals1", pk, ta.getCAPublicKey()); 414 // sub testcase 2 415 X500Principal x500p = new X500Principal(validCaNameRfc2253); 416 ta = new TrustAnchor(x500p, pk, null); 417 assertEquals("equals2", pk, ta.getCAPublicKey()); 418 } 419 420 421 /** 422 * Test #1 for <code>getCAName()</code> method<br> 423 * 424 * Assertion: returns most trusted CA name as <code>String</code><br> 425 * Test preconditions: valid name passed to the constructor<br> 426 * Expected: the same name must be returned by the method<br> 427 * @throws InvalidKeySpecException 428 */ 429 public final void testGetCAName01() throws Exception { 430 431 PublicKey pk = new TestKeyPair(keyAlg).getPublic(); 432 433 // sub testcase 1 434 TrustAnchor ta = 435 new TrustAnchor(validCaNameRfc2253, pk, null); 436 assertEquals("equals1", validCaNameRfc2253, ta.getCAName()); 437 // sub testcase 2 438 X500Principal x500p = new X500Principal(validCaNameRfc2253); 439 ta = new TrustAnchor(x500p, pk, null); 440 assertEquals("equals2", validCaNameRfc2253, ta.getCAName()); 441 } 442 443 /** 444 * Test #2 for <code>getCAName()</code> method<br> 445 * 446 * Assertion: returns ... <code>null</code> if <code>TrustAnchor</code> 447 * was not specified as trusted certificate<br> 448 * Test preconditions: test object is not specified as trusted certificate<br> 449 * Expected: <code>null</code> as return value<br> 450 * @throws InvalidKeySpecException 451 */ 452 public final void testGetTrustedCer02() throws Exception { 453 454 PublicKey pk = new TestKeyPair(keyAlg).getPublic(); 455 456 // sub testcase 1 457 TrustAnchor ta = 458 new TrustAnchor(validCaNameRfc2253, pk, null); 459 assertNull("null1", ta.getTrustedCert()); 460 // sub testcase 2 461 X500Principal x500p = new X500Principal(validCaNameRfc2253); 462 ta = new TrustAnchor(x500p, pk, null); 463 assertNull("null2", ta.getTrustedCert()); 464 465 X509Certificate cert = new TestCertUtils.TestX509Certificate(x500p, x500p); 466 TrustAnchor ta2 = new TrustAnchor(cert, null); 467 assertSame(cert, ta2.getTrustedCert()); 468 } 469 470 /** 471 * Test #1 for <code>getNameConstraints()</code> method<br> 472 * 473 * Assertion: Returns the name constraints parameter.<br> 474 * Test preconditions: valid parameters are passed to the constructors<br> 475 * Expected: the valid parameters must be returned by the method<br> 476 */ 477 public final void testGetNameConstraints01() throws Exception { 478 PublicKey pk = new TestKeyPair(keyAlg).getPublic(); 479 TrustAnchor ta1 = new TrustAnchor(validCaNameRfc2253, pk, 480 getFullEncoding()); 481 assertTrue(Arrays.equals(getFullEncoding(), ta1.getNameConstraints())); 482 483 X500Principal x500p = new X500Principal(validCaNameRfc2253); 484 TrustAnchor ta2 = new TrustAnchor(x500p, pk, getEncodingNoMinMax()); 485 assertTrue(Arrays.equals(getEncodingNoMinMax(), ta2 486 .getNameConstraints())); 487 488 CertificateFactory certFact = CertificateFactory.getInstance("X509"); 489 X509Certificate pemCert = (X509Certificate) certFact 490 .generateCertificate(new ByteArrayInputStream(TestUtils 491 .getX509Certificate_v3())); 492 493 TrustAnchor ta3 = new TrustAnchor(pemCert, getEncodingPSOnly()); 494 assertTrue(Arrays.equals(getEncodingPSOnly(), ta3.getNameConstraints())); 495 } 496 497 /** 498 * Test #2 for <code>getNameConstraints()</code> method<br> 499 * 500 * Assertion: Returns the name constraints parameter.<br> 501 * Test preconditions: null parameters are passed to the constructors<br> 502 * Expected: the null parameters must be returned by the method<br> 503 */ 504 public final void testGetNameConstraints02() throws Exception { 505 PublicKey pk = new TestKeyPair(keyAlg).getPublic(); 506 TrustAnchor ta1 = new TrustAnchor(validCaNameRfc2253, pk, null); 507 assertNull(ta1.getNameConstraints()); 508 509 X500Principal x500p = new X500Principal(validCaNameRfc2253); 510 TrustAnchor ta2 = new TrustAnchor(x500p, pk, null); 511 assertNull(ta2.getNameConstraints()); 512 513 CertificateFactory certFact = CertificateFactory.getInstance("X509"); 514 X509Certificate pemCert = (X509Certificate) certFact 515 .generateCertificate(new ByteArrayInputStream(TestUtils 516 .getX509Certificate_v3())); 517 518 TrustAnchor ta3 = new TrustAnchor(pemCert, null); 519 assertNull(ta3.getNameConstraints()); 520 } 521 522 /** 523 * Test #1 for <code>toString()</code> method<br> 524 * 525 * Assertion: returns a formatted string describing the TrustAnchor<br> 526 * Test preconditions: valid parameters are passed to the constructors<br> 527 * Expected: not null string<br> 528 */ 529 public final void testToString() throws Exception { 530 PublicKey pk = new TestKeyPair(keyAlg).getPublic(); 531 TrustAnchor ta1 = new TrustAnchor(validCaNameRfc2253, pk, 532 getFullEncoding()); 533 assertNotNull(ta1.toString()); 534 535 X500Principal x500p = new X500Principal(validCaNameRfc2253); 536 TrustAnchor ta2 = new TrustAnchor(x500p, pk, getEncodingNoMinMax()); 537 assertNotNull(ta2.toString()); 538 539 CertificateFactory certFact = CertificateFactory.getInstance("X509"); 540 X509Certificate pemCert = (X509Certificate) certFact 541 .generateCertificate(new ByteArrayInputStream(TestUtils 542 .getX509Certificate_v3())); 543 544 TrustAnchor ta3 = new TrustAnchor(pemCert, getEncodingPSOnly()); 545 assertNotNull(ta3.toString()); 546 } 547 548 /** 549 * Test #1 for <code>getCA()</code> method<br> 550 * 551 * Assertion: returns most trusted CA<br> 552 * Test preconditions: valid CA or CA name passed to the constructor<br> 553 * Expected: the same CA ot the CA with the same name must be returned 554 * by the method<br> 555 * @throws InvalidKeySpecException 556 */ 557 public final void testGetCA01() throws Exception { 558 559 PublicKey pk = new TestKeyPair(keyAlg).getPublic(); 560 561 // sub testcase 1 562 TrustAnchor ta = 563 new TrustAnchor(validCaNameRfc2253, pk, null); 564 X500Principal ca = ta.getCA(); 565 assertEquals("equals1", validCaNameRfc2253, ca.getName()); 566 // sub testcase 2 567 X500Principal x500p = new X500Principal(validCaNameRfc2253); 568 ta = new TrustAnchor(x500p, pk, null); 569 assertEquals("equals2", x500p, ta.getCA()); 570 } 571 572 // 573 // Private stuff 574 // 575 576 /* 577 * The following methods return valid DER encoding 578 * for the following ASN.1 definition (as specified in RFC 3280 - 579 * Internet X.509 Public Key Infrastructure. 580 * Certificate and Certificate Revocation List (CRL) Profile. 581 * http://www.ietf.org/rfc/rfc3280.txt): 582 * 583 * NameConstraints ::= SEQUENCE { 584 * permittedSubtrees [0] GeneralSubtrees OPTIONAL, 585 * excludedSubtrees [1] GeneralSubtrees OPTIONAL } 586 * 587 * GeneralSubtrees ::= SEQUENCE SIZE (1..MAX) OF GeneralSubtree 588 * 589 * GeneralSubtree ::= SEQUENCE { 590 * base GeneralName, 591 * minimum [0] BaseDistance DEFAULT 0, 592 * maximum [1] BaseDistance OPTIONAL } 593 * 594 * BaseDistance ::= INTEGER (0..MAX) 595 * 596 * GeneralName ::= CHOICE { 597 * otherName [0] OtherName, 598 * rfc822Name [1] IA5String, 599 * dNSName [2] IA5String, 600 * x400Address [3] ORAddress, 601 * directoryName [4] Name, 602 * ediPartyName [5] EDIPartyName, 603 * uniformResourceIdentifier [6] IA5String, 604 * iPAddress [7] OCTET STRING, 605 * registeredID [8] OBJECT IDENTIFIER} 606 */ 607 608 // 609 // Full NameConstraints encoding 610 // (generated by own encoder class created during test development) 611 // 612 // @return Full NameConstraints encoding 613 // with all OPTIONAL values presented. 614 // 615 private static final byte[] getFullEncoding() { 616 // DO NOT MODIFY! 617 return new byte[] { 618 (byte)0x30,(byte)0x81,(byte)0x8c,(byte)0xa0, 619 (byte)0x44,(byte)0x30,(byte)0x16,(byte)0x86, 620 (byte)0x0e,(byte)0x66,(byte)0x69,(byte)0x6c, 621 (byte)0x65,(byte)0x3a,(byte)0x2f,(byte)0x2f, 622 (byte)0x66,(byte)0x6f,(byte)0x6f,(byte)0x2e, 623 (byte)0x63,(byte)0x6f,(byte)0x6d,(byte)0x80, 624 (byte)0x01,(byte)0x00,(byte)0x81,(byte)0x01, 625 (byte)0x01,(byte)0x30,(byte)0x16,(byte)0x86, 626 (byte)0x0e,(byte)0x66,(byte)0x69,(byte)0x6c, 627 (byte)0x65,(byte)0x3a,(byte)0x2f,(byte)0x2f, 628 (byte)0x62,(byte)0x61,(byte)0x72,(byte)0x2e, 629 (byte)0x63,(byte)0x6f,(byte)0x6d,(byte)0x80, 630 (byte)0x01,(byte)0x00,(byte)0x81,(byte)0x01, 631 (byte)0x01,(byte)0x30,(byte)0x12,(byte)0x86, 632 (byte)0x0a,(byte)0x66,(byte)0x69,(byte)0x6c, 633 (byte)0x65,(byte)0x3a,(byte)0x2f,(byte)0x2f, 634 (byte)0x6d,(byte)0x75,(byte)0x75,(byte)0x80, 635 (byte)0x01,(byte)0x00,(byte)0x81,(byte)0x01, 636 (byte)0x01,(byte)0xa1,(byte)0x44,(byte)0x30, 637 (byte)0x16,(byte)0x86,(byte)0x0e,(byte)0x68, 638 (byte)0x74,(byte)0x74,(byte)0x70,(byte)0x3a, 639 (byte)0x2f,(byte)0x2f,(byte)0x66,(byte)0x6f, 640 (byte)0x6f,(byte)0x2e,(byte)0x63,(byte)0x6f, 641 (byte)0x6d,(byte)0x80,(byte)0x01,(byte)0x00, 642 (byte)0x81,(byte)0x01,(byte)0x01,(byte)0x30, 643 (byte)0x16,(byte)0x86,(byte)0x0e,(byte)0x68, 644 (byte)0x74,(byte)0x74,(byte)0x70,(byte)0x3a, 645 (byte)0x2f,(byte)0x2f,(byte)0x62,(byte)0x61, 646 (byte)0x72,(byte)0x2e,(byte)0x63,(byte)0x6f, 647 (byte)0x6d,(byte)0x80,(byte)0x01,(byte)0x00, 648 (byte)0x81,(byte)0x01,(byte)0x01,(byte)0x30, 649 (byte)0x12,(byte)0x86,(byte)0x0a,(byte)0x68, 650 (byte)0x74,(byte)0x74,(byte)0x70,(byte)0x3a, 651 (byte)0x2f,(byte)0x2f,(byte)0x6d,(byte)0x75, 652 (byte)0x75,(byte)0x80,(byte)0x01,(byte)0x00, 653 (byte)0x81,(byte)0x01,(byte)0x01 654 }; 655 } 656 657 // 658 // NameConstraints encoding without excludedSubtrees 659 // (generated by own encoder class created during test development) 660 // 661 // @return NameConstraints encoding with 662 // permittedSubtrees only; all OPTIONAL 663 // values in permittedSubtrees are presented. 664 // 665 private static final byte[] getEncodingPSOnly() { 666 // DO NOT MODIFY! 667 return new byte[] { 668 (byte)0x30,(byte)0x46,(byte)0xa0,(byte)0x44, 669 (byte)0x30,(byte)0x16,(byte)0x86,(byte)0x0e, 670 (byte)0x66,(byte)0x69,(byte)0x6c,(byte)0x65, 671 (byte)0x3a,(byte)0x2f,(byte)0x2f,(byte)0x66, 672 (byte)0x6f,(byte)0x6f,(byte)0x2e,(byte)0x63, 673 (byte)0x6f,(byte)0x6d,(byte)0x80,(byte)0x01, 674 (byte)0x00,(byte)0x81,(byte)0x01,(byte)0x01, 675 (byte)0x30,(byte)0x16,(byte)0x86,(byte)0x0e, 676 (byte)0x66,(byte)0x69,(byte)0x6c,(byte)0x65, 677 (byte)0x3a,(byte)0x2f,(byte)0x2f,(byte)0x62, 678 (byte)0x61,(byte)0x72,(byte)0x2e,(byte)0x63, 679 (byte)0x6f,(byte)0x6d,(byte)0x80,(byte)0x01, 680 (byte)0x00,(byte)0x81,(byte)0x01,(byte)0x01, 681 (byte)0x30,(byte)0x12,(byte)0x86,(byte)0x0a, 682 (byte)0x66,(byte)0x69,(byte)0x6c,(byte)0x65, 683 (byte)0x3a,(byte)0x2f,(byte)0x2f,(byte)0x6d, 684 (byte)0x75,(byte)0x75,(byte)0x80,(byte)0x01, 685 (byte)0x00,(byte)0x81,(byte)0x01,(byte)0x01, 686 }; 687 } 688 689 // 690 // NameConstraints encoding without permittedSubtrees 691 // (generated by own encoder class created during test development) 692 // 693 // @return NameConstraints encoding with 694 // excludedSubtrees only; all OPTIONAL 695 // values in excludedSubtrees are presented. 696 // 697 private static final byte[] getEncodingESOnly() { 698 // DO NOT MODIFY! 699 return new byte[] { 700 (byte)0x30,(byte)0x46,(byte)0xa1,(byte)0x44, 701 (byte)0x30,(byte)0x16,(byte)0x86,(byte)0x0e, 702 (byte)0x68,(byte)0x74,(byte)0x74,(byte)0x70, // http 703 (byte)0x3a,(byte)0x2f,(byte)0x2f,(byte)0x66, // ://f 704 (byte)0x6f,(byte)0x6f,(byte)0x2e,(byte)0x63, // oo.c 705 (byte)0x6f,(byte)0x6d,(byte)0x80,(byte)0x01, // om 706 (byte)0x00,(byte)0x81,(byte)0x01,(byte)0x01, 707 (byte)0x30,(byte)0x16,(byte)0x86,(byte)0x0e, 708 (byte)0x68,(byte)0x74,(byte)0x74,(byte)0x70, 709 (byte)0x3a,(byte)0x2f,(byte)0x2f,(byte)0x62, 710 (byte)0x61,(byte)0x72,(byte)0x2e,(byte)0x63, 711 (byte)0x6f,(byte)0x6d,(byte)0x80,(byte)0x01, 712 (byte)0x00,(byte)0x81,(byte)0x01,(byte)0x01, 713 (byte)0x30,(byte)0x12,(byte)0x86,(byte)0x0a, 714 (byte)0x68,(byte)0x74,(byte)0x74,(byte)0x70, 715 (byte)0x3a,(byte)0x2f,(byte)0x2f,(byte)0x6d, 716 (byte)0x75,(byte)0x75,(byte)0x80,(byte)0x01, 717 (byte)0x00,(byte)0x81,(byte)0x01,(byte)0x01, 718 }; 719 } 720 721 // 722 // NameConstraints full encoding with all (OPTIONAL) 723 // minimum/maximum GeneralSubtree fields OMITTED 724 // (generated by own encoder class created during test development) 725 // 726 // @return Full NameConstraints encoding 727 // with all (OPTIONAL) minimum/maximum 728 // GeneralSubtree fields OMITTED 729 // 730 private static final byte[] getEncodingNoMinMax() { 731 // DO NOT MODIFY! 732 return new byte[] { 733 (byte)0x30,(byte)0x68,(byte)0xa0,(byte)0x32, 734 (byte)0x30,(byte)0x10,(byte)0x86,(byte)0x0e, 735 (byte)0x66,(byte)0x69,(byte)0x6c,(byte)0x65, 736 (byte)0x3a,(byte)0x2f,(byte)0x2f,(byte)0x66, 737 (byte)0x6f,(byte)0x6f,(byte)0x2e,(byte)0x63, 738 (byte)0x6f,(byte)0x6d,(byte)0x30,(byte)0x10, 739 (byte)0x86,(byte)0x0e,(byte)0x66,(byte)0x69, 740 (byte)0x6c,(byte)0x65,(byte)0x3a,(byte)0x2f, 741 (byte)0x2f,(byte)0x62,(byte)0x61,(byte)0x72, 742 (byte)0x2e,(byte)0x63,(byte)0x6f,(byte)0x6d, 743 (byte)0x30,(byte)0x0c,(byte)0x86,(byte)0x0a, 744 (byte)0x66,(byte)0x69,(byte)0x6c,(byte)0x65, 745 (byte)0x3a,(byte)0x2f,(byte)0x2f,(byte)0x6d, 746 (byte)0x75,(byte)0x75,(byte)0xa1,(byte)0x32, 747 (byte)0x30,(byte)0x10,(byte)0x86,(byte)0x0e, 748 (byte)0x68,(byte)0x74,(byte)0x74,(byte)0x70, 749 (byte)0x3a,(byte)0x2f,(byte)0x2f,(byte)0x66, 750 (byte)0x6f,(byte)0x6f,(byte)0x2e,(byte)0x63, 751 (byte)0x6f,(byte)0x6d,(byte)0x30,(byte)0x10, 752 (byte)0x86,(byte)0x0e,(byte)0x68,(byte)0x74, 753 (byte)0x74,(byte)0x70,(byte)0x3a,(byte)0x2f, 754 (byte)0x2f,(byte)0x62,(byte)0x61,(byte)0x72, 755 (byte)0x2e,(byte)0x63,(byte)0x6f,(byte)0x6d, 756 (byte)0x30,(byte)0x0c,(byte)0x86,(byte)0x0a, 757 (byte)0x68,(byte)0x74,(byte)0x74,(byte)0x70, 758 (byte)0x3a,(byte)0x2f,(byte)0x2f,(byte)0x6d, 759 (byte)0x75,(byte)0x75, 760 }; 761 } 762 763 } 764
