1 /* 2 * Copyright (C) 2016 The Android Open Source Project 3 * 4 * Licensed under the Apache License, Version 2.0 (the "License"); 5 * you may not use this file except in compliance with the License. 6 * You may obtain a copy of the License at 7 * 8 * http://www.apache.org/licenses/LICENSE-2.0 9 * 10 * Unless required by applicable law or agreed to in writing, software 11 * distributed under the License is distributed on an "AS IS" BASIS, 12 * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. 13 * See the License for the specific language governing permissions and 14 * limitations under the License 15 */ 16 17 package libcore.java.security; 18 19 import junit.framework.TestCase; 20 21 import java.io.IOException; 22 import java.security.PKCS12Attribute; 23 import java.util.Arrays; 24 25 26 public class PKCS12AttributeTest extends TestCase { 27 private static final String PKCS9_EMAIL_ADDRESS_OID = "1.2.840.113549.1.9.1"; 28 private static final String PKCS9_CONTENT_TYPE_OID = "1.2.840.113549.1.9.3"; 29 private static final String PKCS7_SIGNED_DATA_OID = "1.2.840.113549.1.7.2"; 30 private static final String EXAMPLE_EMAIL_ADDRESS = "someemail (at) server.com"; 31 private static final String EXAMPLE_EMAIL_ADDRESS_2 = "someotheremail (at) server.com"; 32 private static final String EXAMPLE_SEQUENCE_OF_EMAILS = 33 "[" + EXAMPLE_EMAIL_ADDRESS + ", " + EXAMPLE_EMAIL_ADDRESS_2 + "]"; 34 35 /* 36 * Encoded attribute obtained using BouncyCastle as an oracle for the known answer: 37 * 38 DERSequence s = new DERSequence(new ASN1Encodable[] { 39 new ASN1ObjectIdentifier("1.2.840.113549.1.9.1"), 40 new DERSet(new ASN1Encodable[] { new DERUTF8String("someemail (at) server.com") }) 41 }); 42 System.out.println(Arrays.toString(s.getEncoded())); 43 */ 44 private static final byte[] ENCODED_ATTRIBUTE_UTF8_EMAIL_ADDRESS = new byte[] { 45 48, 35, 6, 9, 42, -122, 72, -122, -9, 13, 1, 9, 1, 49, 22, 12, 20, 115, 111, 109, 46 101, 101, 109, 97, 105, 108, 64, 115, 101, 114, 118, 101, 114, 46, 99, 111, 109 47 }; 48 49 /* 50 * Encoded attribute obtained using BouncyCastle as an oracle for the known answer: 51 * 52 DERSequence s = new DERSequence(new ASN1Encodable[] { 53 new ASN1ObjectIdentifier("1.2.840.113549.1.9.1"), 54 new DERSet(new ASN1Encodable[] { 55 new DEROctetString("someemail (at) server.com".getBytes()) 56 }) 57 }); 58 System.out.println(Arrays.toString(s.getEncoded())); 59 */ 60 private static final byte[] ENCODED_ATTRIBUTE_OCTET_EMAIL_ADDRESS = new byte[] { 61 48, 35, 6, 9, 42, -122, 72, -122, -9, 13, 1, 9, 1, 49, 22, 4, 20, 115, 111, 109, 62 101, 101, 109, 97, 105, 108, 64, 115, 101, 114, 118, 101, 114, 46, 99, 111, 109 63 }; 64 65 /* 66 * Encoded attribute obtained using BouncyCastle as an oracle for the known answer: 67 * 68 DERSequence s = new DERSequence(new ASN1Encodable[] { 69 new ASN1ObjectIdentifier("1.2.840.113549.1.9.1"), 70 new DERSet(new ASN1Encodable[] { 71 new DERUTF8String("someemail (at) server.com"), 72 new DERUTF8String("someotheremail (at) server.com"), 73 }) 74 }); 75 */ 76 private static final byte[] ENCODED_ATTRIBUTE_SEQUENCE_OF_EMAIL_ADDRESSES = new byte[] { 77 48, 62, 6, 9, 42, -122, 72, -122, -9, 13, 1, 9, 1, 49, 49, 12, 20, 115, 111, 109, 78 101, 101, 109, 97, 105, 108, 64, 115, 101, 114, 118, 101, 114, 46, 99, 111, 109, 12, 25, 79 115, 111, 109, 101, 111, 116, 104, 101, 114, 101, 109, 97, 105, 108, 64, 115, 101, 80 114, 118, 101, 114, 46, 99, 111, 109 81 }; 82 83 /* 84 * Encoded attribute obtained using BouncyCastle as an oracle for the known answer: 85 * 86 DERSequence s = new DERSequence(new ASN1Encodable[] { 87 new ASN1ObjectIdentifier("1.2.840.113549.1.9.3"), 88 new DERSet(new ASN1Encodable[] { 89 new ASN1ObjectIdentifier("1.2.840.113549.1.7.2") 90 }) 91 }); 92 System.out.println(Arrays.toString(s.getEncoded())); 93 */ 94 private static final byte[] ENCODED_ATTRIBUTE_CONTENT_TYPE_SIGNED_DATA = new byte[] { 95 48, 24, 6, 9, 42, -122, 72, -122, -9, 13, 1, 9, 3, 49, 11, 6, 9, 42, -122, 72, -122, -9, 96 13, 1, 7, 2 97 }; 98 99 /* 100 echo -n 'someemail (at) server.com' | recode ../x1 | tr $'\x0a' ' ' \ 101 | sed 's/, /:/g' | sed 's/0x//g' 102 */ 103 private static final String EXAMPLE_EMAIL_AS_HEX_BYTES = 104 "73:6F:6D:65:65:6D:61:69:6C:40:73:65:72:76:65:72:2E:63:6F:6D"; 105 106 public void test_Constructor_String_String_success() { 107 PKCS12Attribute att = new PKCS12Attribute(PKCS9_EMAIL_ADDRESS_OID, EXAMPLE_EMAIL_ADDRESS); 108 assertEquals(PKCS9_EMAIL_ADDRESS_OID, att.getName()); 109 assertEquals(EXAMPLE_EMAIL_ADDRESS, att.getValue()); 110 } 111 112 public void test_Constructor_String_String_nullOID_throwsException() { 113 try { 114 new PKCS12Attribute(null, EXAMPLE_EMAIL_ADDRESS); 115 fail("Constructor allowed a null OID"); 116 } catch(NullPointerException expected) { 117 } 118 } 119 120 public void test_Constructor_String_String_nullValue_throwsException() { 121 try { 122 new PKCS12Attribute(PKCS9_EMAIL_ADDRESS_OID, null); 123 fail("Constructor allowed a null value"); 124 } catch(NullPointerException expected) { 125 } 126 } 127 128 public void test_Constructor_String_String_wrongOID_throwsException() { 129 try { 130 PKCS12Attribute att = 131 new PKCS12Attribute("IDontThinkThisIsAnOID", EXAMPLE_EMAIL_ADDRESS); 132 fail("Constructor allowed an invalid OID"); 133 } catch(IllegalArgumentException expected) { 134 } 135 } 136 137 public void test_Constructor_byteArray_success() { 138 PKCS12Attribute att = new PKCS12Attribute(ENCODED_ATTRIBUTE_UTF8_EMAIL_ADDRESS); 139 assertEquals(PKCS9_EMAIL_ADDRESS_OID, att.getName()); 140 assertEquals(EXAMPLE_EMAIL_ADDRESS, att.getValue()); 141 } 142 143 public void testConstructor_byteArray_nullEncoded_throwsException() { 144 try { 145 new PKCS12Attribute(null); 146 fail("Constructor accepted null encoded value"); 147 } catch (NullPointerException expected) { 148 } 149 } 150 151 public void test_Constructor_byteArray_wrongEncoding_throwsException() { 152 try { 153 new PKCS12Attribute(new byte[]{3, 14, 16}); 154 fail("Constructor accepted invalid encoding"); 155 } catch (IllegalArgumentException expected) { 156 } 157 } 158 159 public void test_Constructor_String_String_sequenceValue() { 160 PKCS12Attribute att = new PKCS12Attribute( 161 PKCS9_EMAIL_ADDRESS_OID, EXAMPLE_SEQUENCE_OF_EMAILS); 162 assertEquals(PKCS9_EMAIL_ADDRESS_OID, att.getName()); 163 assertEquals(EXAMPLE_SEQUENCE_OF_EMAILS, att.getValue()); 164 assertEquals(Arrays.toString(ENCODED_ATTRIBUTE_SEQUENCE_OF_EMAIL_ADDRESSES), 165 Arrays.toString(att.getEncoded())); 166 } 167 168 public void test_Constructor_String_String_hexValues() { 169 PKCS12Attribute att = new PKCS12Attribute( 170 PKCS9_EMAIL_ADDRESS_OID, EXAMPLE_EMAIL_AS_HEX_BYTES); 171 assertEquals(PKCS9_EMAIL_ADDRESS_OID, att.getName()); 172 assertEquals(EXAMPLE_EMAIL_AS_HEX_BYTES, att.getValue()); 173 // When specified as hex bytes, the underlying encoding is a DER octet string. 174 assertEquals(Arrays.toString(ENCODED_ATTRIBUTE_OCTET_EMAIL_ADDRESS), 175 Arrays.toString(att.getEncoded())); 176 } 177 178 @SuppressWarnings("SelfEquals") 179 public void test_Equals() { 180 PKCS12Attribute att = new PKCS12Attribute( 181 PKCS9_EMAIL_ADDRESS_OID, EXAMPLE_EMAIL_ADDRESS); 182 assertTrue(att.equals(att)); 183 assertFalse(att.equals(new Object())); 184 assertFalse(att.equals(null)); 185 assertTrue(att.equals(new PKCS12Attribute(ENCODED_ATTRIBUTE_UTF8_EMAIL_ADDRESS))); 186 assertFalse(att.equals( 187 new PKCS12Attribute(ENCODED_ATTRIBUTE_SEQUENCE_OF_EMAIL_ADDRESSES))); 188 } 189 190 /* Test the case in which the value encoded is an object id.*/ 191 public void test_encoding_ObjectIdValue() { 192 PKCS12Attribute att = new PKCS12Attribute(ENCODED_ATTRIBUTE_CONTENT_TYPE_SIGNED_DATA); 193 assertEquals(PKCS9_CONTENT_TYPE_OID, att.getName()); 194 /* Value is correctly decoded to a string. */ 195 assertEquals(PKCS7_SIGNED_DATA_OID, att.getValue()); 196 } 197 } 198