1/* 2 * Licensed to the Apache Software Foundation (ASF) under one or more 3 * contributor license agreements. See the NOTICE file distributed with 4 * this work for additional information regarding copyright ownership. 5 * The ASF licenses this file to You under the Apache License, Version 2.0 6 * (the "License"); you may not use this file except in compliance with 7 * the License. You may obtain a copy of the License at 8 * 9 * http://www.apache.org/licenses/LICENSE-2.0 10 * 11 * Unless required by applicable law or agreed to in writing, software 12 * distributed under the License is distributed on an "AS IS" BASIS, 13 * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. 14 * See the License for the specific language governing permissions and 15 * limitations under the License. 16 */ 17 18package tests.security.cert; 19 20import dalvik.annotation.TestLevel; 21import dalvik.annotation.TestTargetNew; 22import dalvik.annotation.TestTargetClass; 23 24import junit.framework.TestCase; 25 26import java.io.ByteArrayInputStream; 27import java.io.IOException; 28import java.math.BigInteger; 29import java.security.InvalidAlgorithmParameterException; 30import java.security.InvalidKeyException; 31import java.security.NoSuchAlgorithmException; 32import java.security.NoSuchProviderException; 33import java.security.Principal; 34import java.security.PublicKey; 35import java.security.SignatureException; 36import java.security.cert.CertPath; 37import java.security.cert.CertPathBuilder; 38import java.security.cert.CertPathBuilderException; 39import java.security.cert.CertificateEncodingException; 40import java.security.cert.CertificateException; 41import java.security.cert.CertificateExpiredException; 42import java.security.cert.CertificateFactory; 43import java.security.cert.CertificateNotYetValidException; 44import java.security.cert.CertificateParsingException; 45import java.security.cert.PKIXBuilderParameters; 46import java.security.cert.PKIXCertPathBuilderResult; 47import java.security.cert.TrustAnchor; 48import java.security.cert.X509CertSelector; 49import java.security.cert.X509Certificate; 50import java.util.ArrayList; 51import java.util.Arrays; 52import java.util.Calendar; 53import java.util.Collection; 54import java.util.Collections; 55import java.util.Date; 56import java.util.HashSet; 57import java.util.Iterator; 58import java.util.List; 59import java.util.Set; 60 61import javax.security.auth.x500.X500Principal; 62 63 64import org.apache.harmony.security.tests.support.cert.MyCRL; 65import org.apache.harmony.security.tests.support.cert.TestUtils; 66import org.apache.harmony.security.tests.support.TestKeyPair; 67import org.apache.harmony.security.asn1.ASN1Boolean; 68import org.apache.harmony.security.asn1.ASN1Integer; 69import org.apache.harmony.security.asn1.ASN1OctetString; 70import org.apache.harmony.security.asn1.ASN1Oid; 71import org.apache.harmony.security.asn1.ASN1Sequence; 72import org.apache.harmony.security.asn1.ASN1Type; 73import org.apache.harmony.security.x501.Name; 74import org.apache.harmony.security.x509.CertificatePolicies; 75import org.apache.harmony.security.x509.GeneralName; 76import org.apache.harmony.security.x509.GeneralNames; 77import org.apache.harmony.security.x509.NameConstraints; 78import org.apache.harmony.security.x509.ORAddress; 79import org.apache.harmony.security.x509.OtherName; 80import org.apache.harmony.security.x509.PolicyInformation; 81import org.apache.harmony.security.x509.PrivateKeyUsagePeriod; 82 83/** 84 * X509CertSelectorTest 85 */ 86@TestTargetClass(X509CertSelector.class) 87public class X509CertSelectorTest extends TestCase { 88 89 byte[][] constraintBytes = new byte[][] { 90 { 91 48, 34, -96, 15, 48, 13, -127, 8, 56, 50, 50, 46, 78, 92 97, 109, 101, -128, 1, 0, -95, 15, 48, 13, -127, 8, 56, 93 50, 50, 46, 78, 97, 109, 101, -128, 1, 0}, 94 { 95 48, 42, -96, 19, 48, 17, -127, 12, 114, 102, 99, 64, 96 56, 50, 50, 46, 78, 97, 109, 101, -128, 1, 0, -95, 19, 97 48, 17, -127, 12, 114, 102, 99, 64, 56, 50, 50, 46, 78, 98 97, 109, 101, -128, 1, 0}, 99 { 100 48, 34, -96, 15, 48, 13, -126, 8, 78, 97, 109, 101, 46, 101 111, 114, 103, -128, 1, 0, -95, 15, 48, 13, -126, 8, 102 78, 97, 109, 101, 46, 111, 114, 103, -128, 1, 0}, 103 { 104 48, 42, -96, 19, 48, 17, -126, 12, 100, 78, 83, 46, 78, 105 97, 109, 101, 46, 111, 114, 103, -128, 1, 0, -95, 19, 106 48, 17, -126, 12, 100, 78, 83, 46, 78, 97, 109, 101, 107 46, 111, 114, 103, -128, 1, 0}, 108 { 109 48, 54, -96, 25, 48, 23, -122, 18, 104, 116, 116, 112, 110 58, 47, 47, 82, 101, 115, 111, 117, 114, 99, 101, 46, 111 73, 100, -128, 1, 0, -95, 25, 48, 23, -122, 18, 104, 112 116, 116, 112, 58, 47, 47, 82, 101, 115, 111, 117, 114, 113 99, 101, 46, 73, 100, -128, 1, 0}, 114 { 115 48, 70, -96, 33, 48, 31, -122, 26, 104, 116, 116, 112, 116 58, 47, 47, 117, 110, 105, 102, 111, 114, 109, 46, 82, 117 101, 115, 111, 117, 114, 99, 101, 46, 73, 100, -128, 1, 118 0, -95, 33, 48, 31, -122, 26, 104, 116, 116, 112, 58, 119 47, 47, 117, 110, 105, 102, 111, 114, 109, 46, 82, 101, 120 115, 111, 117, 114, 99, 101, 46, 73, 100, -128, 1, 0}, 121 { 122 48, 26, -96, 11, 48, 9, -121, 4, 1, 1, 1, 1, -128, 1, 123 0, -95, 11, 48, 9, -121, 4, 1, 1, 1, 1, -128, 1, 0}, 124 { 125 48, 50, -96, 23, 48, 21, -121, 16, 1, 1, 1, 1, 1, 1, 1, 126 1, 1, 1, 1, 1, 1, 1, 1, 1, -128, 1, 0, -95, 23, 48, 21, 127 -121, 16, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 128 1, -128, 1, 0}}; 129 130 /** 131 * @tests java.security.cert.X509CertSelector#addSubjectAlternativeName(int, byte[]) 132 */ 133 @TestTargetNew( 134 level = TestLevel.PARTIAL, 135 notes = "IOException checking missed", 136 method = "addSubjectAlternativeName", 137 args = {int.class, byte[].class} 138 ) 139 public void test_addSubjectAlternativeNameLintLbyte_array() throws IOException { 140 // Regression for HARMONY-2487 141 int[] types = { 0, 1, 2, 3, 4, 5, 6, 7, 8 }; 142 for (int i = 0; i < types.length; i++) { 143 try { 144 new X509CertSelector().addSubjectAlternativeName(types[i], 145 (byte[]) null); 146 fail("No expected NullPointerException for type: " + i); 147 } catch (NullPointerException e) { 148 } 149 } 150 } 151 152 /** 153 * @tests java.security.cert.X509CertSelector#addSubjectAlternativeName(int, String) 154 */ 155 @TestTargetNew( 156 level = TestLevel.PARTIAL, 157 notes = "Verifies IOException.", 158 method = "addSubjectAlternativeName", 159 args = {int.class, java.lang.String.class} 160 ) 161 public void test_addSubjectAlternativeNameLintLjava_lang_String() { 162 // Regression for HARMONY-727 163 int[] types = { 0, 2, 3, 4, 5, 6, 7, 8 }; 164 for (int i = 0; i < types.length; i++) { 165 try { 166 new X509CertSelector().addSubjectAlternativeName(types[i], 167 "0xDFRF"); 168 fail("IOException expected"); 169 } catch (IOException e) { 170 } 171 } 172 } 173 174 /** 175 * @tests java.security.cert.X509CertSelector#addPathToName(int, byte[]) 176 */ 177 @TestTargetNew( 178 level = TestLevel.PARTIAL, 179 notes = "Verifies NullPointerException.", 180 method = "addPathToName", 181 args = {int.class, byte[].class} 182 ) 183 public void test_addPathToNameLintLbyte_array() throws IOException { 184 // Regression for HARMONY-2487 185 int[] types = { 0, 1, 2, 3, 4, 5, 6, 7, 8 }; 186 for (int i = 0; i < types.length; i++) { 187 try { 188 new X509CertSelector().addPathToName(types[i], (byte[]) null); 189 fail("No expected NullPointerException for type: " + i); 190 } catch (NullPointerException e) { 191 } 192 } 193 } 194 195 /** 196 * @tests java.security.cert.X509CertSelector#addPathToName(int, String) 197 */ 198 @TestTargetNew( 199 level = TestLevel.PARTIAL, 200 notes = "Verifies IOException.", 201 method = "addPathToName", 202 args = {int.class, java.lang.String.class} 203 ) 204 public void test_addPathToNameLintLjava_lang_String() { 205 // Regression for HARMONY-724 206 for (int type = 0; type <= 8; type++) { 207 try { 208 new X509CertSelector().addPathToName(type, (String) null); 209 fail("IOException expected!"); 210 } catch (IOException ioe) { 211 // expected 212 } 213 } 214 215 216 } 217 218 /** 219 * @tests java.security.cert.X509CertSelector#X509CertSelector() 220 */ 221 @TestTargetNew( 222 level = TestLevel.COMPLETE, 223 notes = "", 224 method = "X509CertSelector", 225 args = {} 226 ) 227 public void test_X509CertSelector() { 228 X509CertSelector selector = null; 229 try { 230 selector = new X509CertSelector(); 231 } catch (Exception e) { 232 fail("Unexpected exception " + e.getMessage()); 233 } 234 assertEquals(-1, selector.getBasicConstraints()); 235 assertTrue(selector.getMatchAllSubjectAltNames()); 236 } 237 238 /** 239 * @tests java.security.cert.X509CertSelector#clone() 240 */ 241 @TestTargetNew( 242 level = TestLevel.COMPLETE, 243 notes = "", 244 method = "clone", 245 args = {} 246 ) 247 public void test_clone() throws Exception { 248 X509CertSelector selector = new X509CertSelector(); 249 X509CertSelector selector1 = (X509CertSelector) selector.clone(); 250 251 assertEquals(selector.getMatchAllSubjectAltNames(), selector1 252 .getMatchAllSubjectAltNames()); 253 assertEquals(selector.getAuthorityKeyIdentifier(), selector1 254 .getAuthorityKeyIdentifier()); 255 assertEquals(selector.getBasicConstraints(), selector1 256 .getBasicConstraints()); 257 assertEquals(selector.getCertificate(), selector1.getCertificate()); 258 assertEquals(selector.getCertificateValid(), selector1 259 .getCertificateValid()); 260 assertEquals(selector.getExtendedKeyUsage(), selector1 261 .getExtendedKeyUsage()); 262 assertEquals(selector.getIssuer(), selector1.getIssuer()); 263 assertEquals(selector.getIssuerAsBytes(), selector1.getIssuerAsBytes()); 264 assertEquals(selector.getIssuerAsString(), selector1 265 .getIssuerAsString()); 266 assertEquals(selector.getKeyUsage(), selector1.getKeyUsage()); 267 assertEquals(selector.getNameConstraints(), selector1 268 .getNameConstraints()); 269 assertEquals(selector.getPathToNames(), selector1.getPathToNames()); 270 assertEquals(selector.getPolicy(), selector1.getPolicy()); 271 assertEquals(selector.getPrivateKeyValid(), selector1 272 .getPrivateKeyValid()); 273 assertEquals(selector.getSerialNumber(), selector1.getSerialNumber()); 274 assertEquals(selector.getSubject(), selector1.getSubject()); 275 assertEquals(selector.getSubjectAlternativeNames(), selector1 276 .getSubjectAlternativeNames()); 277 assertEquals(selector.getSubjectAsBytes(), selector1 278 .getSubjectAsBytes()); 279 assertEquals(selector.getSubjectAsString(), selector1 280 .getSubjectAsString()); 281 assertEquals(selector.getSubjectKeyIdentifier(), selector1 282 .getSubjectKeyIdentifier()); 283 assertEquals(selector.getSubjectPublicKey(), selector1 284 .getSubjectPublicKey()); 285 assertEquals(selector.getSubjectPublicKeyAlgID(), selector1 286 .getSubjectPublicKeyAlgID()); 287 288 selector = null; 289 try { 290 selector.clone(); 291 fail("NullPointerException expected"); 292 } catch (NullPointerException e) { 293 // expected 294 } 295 } 296 297 /** 298 * @tests java.security.cert.X509CertSelector#getAuthorityKeyIdentifier() 299 */ 300 @TestTargetNew( 301 level = TestLevel.COMPLETE, 302 notes = "", 303 method = "getAuthorityKeyIdentifier", 304 args = {} 305 ) 306 public void test_getAuthorityKeyIdentifier() { 307 byte[] akid1 = new byte[] { 4, 5, 1, 2, 3, 4, 5 }; // random value 308 byte[] akid2 = new byte[] { 4, 5, 5, 4, 3, 2, 1 }; // random value 309 X509CertSelector selector = new X509CertSelector(); 310 311 assertNull("Selector should return null", selector 312 .getAuthorityKeyIdentifier()); 313 selector.setAuthorityKeyIdentifier(akid1); 314 assertTrue("The returned keyID should be equal to specified", Arrays 315 .equals(akid1, selector.getAuthorityKeyIdentifier())); 316 assertTrue("The returned keyID should be equal to specified", Arrays 317 .equals(akid1, selector.getAuthorityKeyIdentifier())); 318 assertFalse("The returned keyID should differ", Arrays.equals(akid2, 319 selector.getAuthorityKeyIdentifier())); 320 } 321 322 /** 323 * @tests java.security.cert.X509CertSelector#getBasicConstraints() 324 */ 325 @TestTargetNew( 326 level = TestLevel.COMPLETE, 327 notes = "", 328 method = "getBasicConstraints", 329 args = {} 330 ) 331 public void test_getBasicConstraints() { 332 X509CertSelector selector = new X509CertSelector(); 333 int[] validValues = { 2, 1, 0, 1, 2, 3, 10, 20 }; 334 for (int i = 0; i < validValues.length; i++) { 335 selector.setBasicConstraints(validValues[i]); 336 assertEquals(validValues[i], selector.getBasicConstraints()); 337 } 338 } 339 340 /** 341 * @tests java.security.cert.X509CertSelector#getCertificate() 342 */ 343 @TestTargetNew( 344 level = TestLevel.COMPLETE, 345 notes = "", 346 method = "getCertificate", 347 args = {} 348 ) 349 public void test_getCertificate() throws CertificateException { 350 X509CertSelector selector = new X509CertSelector(); 351 CertificateFactory certFact = CertificateFactory.getInstance("X509"); 352 X509Certificate cert1 = (X509Certificate) certFact 353 .generateCertificate(new ByteArrayInputStream(TestUtils 354 .getX509Certificate_v3())); 355 356 X509Certificate cert2 = (X509Certificate) certFact 357 .generateCertificate(new ByteArrayInputStream(TestUtils 358 .getX509Certificate_v1())); 359 360 selector.setCertificate(cert1); 361 assertEquals(cert1, selector.getCertificate()); 362 363 selector.setCertificate(cert2); 364 assertEquals(cert2, selector.getCertificate()); 365 366 selector.setCertificate(null); 367 assertNull(selector.getCertificate()); 368 } 369 370 /** 371 * @tests java.security.cert.X509CertSelector#getCertificateValid() 372 */ 373 @TestTargetNew( 374 level = TestLevel.COMPLETE, 375 notes = "", 376 method = "getCertificateValid", 377 args = {} 378 ) 379 public void test_getCertificateValid() { 380 Date date1 = new Date(100); 381 Date date2 = new Date(200); 382 Date date3 = Calendar.getInstance().getTime(); 383 X509CertSelector selector = new X509CertSelector(); 384 385 assertNull("Selector should return null", selector 386 .getCertificateValid()); 387 selector.setCertificateValid(date1); 388 assertTrue("The returned date should be equal to specified", date1 389 .equals(selector.getCertificateValid())); 390 selector.getCertificateValid().setTime(200); 391 assertTrue("The returned date should be equal to specified", date1 392 .equals(selector.getCertificateValid())); 393 assertFalse("The returned date should differ", date2.equals(selector 394 .getCertificateValid())); 395 selector.setCertificateValid(date3); 396 assertTrue("The returned date should be equal to specified", date3 397 .equals(selector.getCertificateValid())); 398 selector.setCertificateValid(null); 399 assertNull(selector.getCertificateValid()); 400 } 401 402 /** 403 * @tests java.security.cert.X509CertSelector#getExtendedKeyUsage() 404 */ 405 @TestTargetNew( 406 level = TestLevel.COMPLETE, 407 notes = "", 408 method = "getExtendedKeyUsage", 409 args = {} 410 ) 411 public void test_getExtendedKeyUsage() { 412 HashSet<String> ku = new HashSet<String>(Arrays 413 .asList(new String[] { "1.3.6.1.5.5.7.3.1", 414 "1.3.6.1.5.5.7.3.2", "1.3.6.1.5.5.7.3.3", 415 "1.3.6.1.5.5.7.3.4", "1.3.6.1.5.5.7.3.8", 416 "1.3.6.1.5.5.7.3.9", "1.3.6.1.5.5.7.3.5", 417 "1.3.6.1.5.5.7.3.6", "1.3.6.1.5.5.7.3.7" })); 418 X509CertSelector selector = new X509CertSelector(); 419 420 assertNull("Selector should return null", selector 421 .getExtendedKeyUsage()); 422 try { 423 selector.setExtendedKeyUsage(ku); 424 } catch (IOException e) { 425 fail("Unexpected IOException was thrown."); 426 } 427 assertTrue( 428 "The returned extendedKeyUsage should be equal to specified", 429 ku.equals(selector.getExtendedKeyUsage())); 430 try { 431 selector.getExtendedKeyUsage().add("KRIBLEGRABLI"); 432 fail("The returned Set should be immutable."); 433 } catch (UnsupportedOperationException e) { 434 // expected 435 } 436 } 437 438 /** 439 * @tests java.security.cert.X509CertSelector#getIssuer() 440 */ 441 @TestTargetNew( 442 level = TestLevel.COMPLETE, 443 notes = "", 444 method = "getIssuer", 445 args = {} 446 ) 447 public void test_getIssuer() { 448 X500Principal iss1 = new X500Principal("O=First Org."); 449 X500Principal iss2 = new X500Principal("O=Second Org."); 450 X509CertSelector selector = new X509CertSelector(); 451 452 assertNull("Selector should return null", selector.getIssuer()); 453 selector.setIssuer(iss1); 454 assertEquals("The returned issuer should be equal to specified", iss1, 455 selector.getIssuer()); 456 assertFalse("The returned issuer should differ", iss2.equals(selector 457 .getIssuer())); 458 } 459 460 /** 461 * @tests java.security.cert.X509CertSelector#getIssuerAsBytes() 462 */ 463 @TestTargetNew( 464 level = TestLevel.COMPLETE, 465 notes = "", 466 method = "getIssuerAsBytes", 467 args = {} 468 ) 469 public void test_getIssuerAsBytes() { 470 byte[] name1 = new byte[] 471 // manually obtained DER encoding of "O=First Org." issuer name; 472 { 48, 21, 49, 19, 48, 17, 6, 3, 85, 4, 10, 19, 10, 70, 105, 114, 115, 473 116, 32, 79, 114, 103, 46 }; 474 475 byte[] name2 = new byte[] 476 // manually obtained DER encoding of "O=Second Org." issuer name; 477 { 48, 22, 49, 20, 48, 18, 6, 3, 85, 4, 10, 19, 11, 83, 101, 99, 111, 478 110, 100, 32, 79, 114, 103, 46 }; 479 X500Principal iss1 = new X500Principal(name1); 480 X500Principal iss2 = new X500Principal(name2); 481 X509CertSelector selector = new X509CertSelector(); 482 483 try { 484 assertNull("Selector should return null", selector 485 .getIssuerAsBytes()); 486 selector.setIssuer(iss1); 487 assertTrue("The returned issuer should be equal to specified", 488 Arrays.equals(name1, selector.getIssuerAsBytes())); 489 assertFalse("The returned issuer should differ", name2 490 .equals(selector.getIssuerAsBytes())); 491 selector.setIssuer(iss2); 492 assertTrue("The returned issuer should be equal to specified", 493 Arrays.equals(name2, selector.getIssuerAsBytes())); 494 } catch (IOException e) { 495 fail("Unexpected IOException was thrown."); 496 } 497 } 498 499 /** 500 * @tests java.security.cert.X509CertSelector#getIssuerAsString() 501 */ 502 @TestTargetNew( 503 level = TestLevel.COMPLETE, 504 notes = "", 505 method = "getIssuerAsString", 506 args = {} 507 ) 508 public void test_getIssuerAsString() { 509 String name1 = "O=First Org."; 510 String name2 = "O=Second Org."; 511 X500Principal iss1 = new X500Principal(name1); 512 X500Principal iss2 = new X500Principal(name2); 513 X509CertSelector selector = new X509CertSelector(); 514 515 assertNull("Selector should return null", selector.getIssuerAsString()); 516 selector.setIssuer(iss1); 517 assertEquals("The returned issuer should be equal to specified", name1, 518 selector.getIssuerAsString()); 519 assertFalse("The returned issuer should differ", name2.equals(selector 520 .getIssuerAsString())); 521 selector.setIssuer(iss2); 522 assertEquals("The returned issuer should be equal to specified", name2, 523 selector.getIssuerAsString()); 524 } 525 526 /** 527 * @tests java.security.cert.X509CertSelector#getKeyUsage() 528 */ 529 @TestTargetNew( 530 level = TestLevel.COMPLETE, 531 notes = "", 532 method = "getKeyUsage", 533 args = {} 534 ) 535 public void test_getKeyUsage() { 536 boolean[] ku = new boolean[] { true, false, true, false, true, false, 537 true, false, true }; 538 X509CertSelector selector = new X509CertSelector(); 539 540 assertNull("Selector should return null", selector.getKeyUsage()); 541 selector.setKeyUsage(ku); 542 assertTrue("The returned date should be equal to specified", Arrays 543 .equals(ku, selector.getKeyUsage())); 544 boolean[] result = selector.getKeyUsage(); 545 result[0] = !result[0]; 546 assertTrue("The returned keyUsage should be equal to specified", Arrays 547 .equals(ku, selector.getKeyUsage())); 548 } 549 550 /** 551 * @tests java.security.cert.X509CertSelector#getMatchAllSubjectAltNames() 552 */ 553 @TestTargetNew( 554 level = TestLevel.COMPLETE, 555 notes = "", 556 method = "getMatchAllSubjectAltNames", 557 args = {} 558 ) 559 public void test_getMatchAllSubjectAltNames() { 560 X509CertSelector selector = new X509CertSelector(); 561 assertTrue("The matchAllNames initially should be true", selector 562 .getMatchAllSubjectAltNames()); 563 selector.setMatchAllSubjectAltNames(false); 564 assertFalse("The value should be false", selector 565 .getMatchAllSubjectAltNames()); 566 } 567 568 /** 569 * @tests java.security.cert.X509CertSelector#getNameConstraints() 570 */ 571 @TestTargetNew( 572 level = TestLevel.COMPLETE, 573 notes = "", 574 method = "getNameConstraints", 575 args = {} 576 ) 577 public void test_getNameConstraints() throws IOException { 578 579// Used to generate following byte array 580// GeneralName[] name_constraints = new GeneralName[] { 581// new GeneralName(1, "822.Name"), 582// new GeneralName(1, "rfc@822.Name"), 583// new GeneralName(2, "Name.org"), 584// new GeneralName(2, "dNS.Name.org"), 585// 586// new GeneralName(6, "http://Resource.Id"), 587// new GeneralName(6, "http://uniform.Resource.Id"), 588// new GeneralName(7, "1.1.1.1"), 589// 590// new GeneralName(new byte[] { 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 591// 1, 1, 1, 1, 1 }), }; 592// 593// constraintBytes = new byte[name_constraints.length][]; 594// 595// for (int i = 0; i < name_constraints.length; i++) { 596// GeneralSubtree subtree = new GeneralSubtree(name_constraints[i]); 597// GeneralSubtrees subtrees = new GeneralSubtrees(); 598// subtrees.addSubtree(subtree); 599// NameConstraints constraints = new NameConstraints(subtrees, 600// subtrees); 601// constraintBytes[i] = constraints.getEncoded(); 602// } 603// System.out.println("XXX"+Arrays.deepToString(constraintBytes)+"XXX"); 604 605 X509CertSelector selector = new X509CertSelector(); 606 607 for (int i = 0; i < constraintBytes.length; i++) { 608 selector.setNameConstraints(constraintBytes[i]); 609 assertTrue(Arrays.equals(constraintBytes[i], selector 610 .getNameConstraints())); 611 } 612 } 613 614 /** 615 * @tests java.security.cert.X509CertSelector#getPathToNames() 616 */ 617 @TestTargetNew( 618 level = TestLevel.COMPLETE, 619 notes = "", 620 method = "getPathToNames", 621 args = {} 622 ) 623 public void test_getPathToNames() { 624 try { 625 GeneralName san0 = new GeneralName(new OtherName("1.2.3.4.5", 626 new byte[] { 1, 2, 0, 1 })); 627 GeneralName san1 = new GeneralName(1, "rfc@822.Name"); 628 GeneralName san2 = new GeneralName(2, "dNSName"); 629 GeneralName san3 = new GeneralName(new ORAddress()); 630 GeneralName san4 = new GeneralName(new Name("O=Organization")); 631 GeneralName san6 = new GeneralName(6, "http://uniform.Resource.Id"); 632 GeneralName san7 = new GeneralName(7, "1.1.1.1"); 633 GeneralName san8 = new GeneralName(8, "1.2.3.4444.55555"); 634 635 GeneralNames sans1 = new GeneralNames(); 636 sans1.addName(san0); 637 sans1.addName(san1); 638 sans1.addName(san2); 639 sans1.addName(san3); 640 sans1.addName(san4); 641 sans1.addName(san6); 642 sans1.addName(san7); 643 sans1.addName(san8); 644 GeneralNames sans2 = new GeneralNames(); 645 sans2.addName(san0); 646 647 TestCert cert1 = new TestCert(sans1); 648 TestCert cert2 = new TestCert(sans2); 649 X509CertSelector selector = new X509CertSelector(); 650 selector.setMatchAllSubjectAltNames(true); 651 652 selector.setPathToNames(null); 653 assertTrue("Any certificate should match in the case of null " 654 + "subjectAlternativeNames criteria.", selector 655 .match(cert1) 656 && selector.match(cert2)); 657 658 Collection<List<?>> sans = sans1.getPairsList(); 659 660 selector.setPathToNames(sans); 661 662 Collection<List<?>> col = selector.getPathToNames(); 663 Iterator<List<?>> i = col.iterator(); 664 while (i.hasNext()) { 665 Object o = i.next(); 666 if (!(o instanceof List)) { 667 fail("expected a List"); 668 } 669 } 670 671 } catch (IOException e) { 672 e.printStackTrace(); 673 fail("Unexpected IOException was thrown."); 674 } 675 } 676 677 /** 678 * @tests java.security.cert.X509CertSelector#getPolicy() 679 */ 680 @TestTargetNew( 681 level = TestLevel.COMPLETE, 682 notes = "", 683 method = "getPolicy", 684 args = {} 685 ) 686 public void test_getPolicy() throws IOException { 687 String[] policies1 = new String[] { "1.3.6.1.5.5.7.3.1", 688 "1.3.6.1.5.5.7.3.2", "1.3.6.1.5.5.7.3.3", "1.3.6.1.5.5.7.3.4", 689 "1.3.6.1.5.5.7.3.8", "1.3.6.1.5.5.7.3.9", "1.3.6.1.5.5.7.3.5", 690 "1.3.6.1.5.5.7.3.6", "1.3.6.1.5.5.7.3.7" }; 691 692 String[] policies2 = new String[] { "1.3.6.7.3.1" }; 693 694 HashSet<String> p1 = new HashSet<String>(Arrays.asList(policies1)); 695 HashSet<String> p2 = new HashSet<String>(Arrays.asList(policies2)); 696 697 X509CertSelector selector = new X509CertSelector(); 698 699 selector.setPolicy(null); 700 assertNull(selector.getPolicy()); 701 702 selector.setPolicy(p1); 703 assertEquals("The returned date should be equal to specified", p1, selector.getPolicy()); 704 705 selector.setPolicy(p2); 706 assertEquals("The returned date should be equal to specified", p2, selector.getPolicy()); 707 } 708 709 /** 710 * @tests java.security.cert.X509CertSelector#getPrivateKeyValid() 711 */ 712 @TestTargetNew( 713 level = TestLevel.COMPLETE, 714 notes = "", 715 method = "getPrivateKeyValid", 716 args = {} 717 ) 718 public void test_getPrivateKeyValid() { 719 Date date1 = new Date(100); 720 Date date2 = new Date(200); 721 X509CertSelector selector = new X509CertSelector(); 722 723 assertNull("Selector should return null", selector.getPrivateKeyValid()); 724 selector.setPrivateKeyValid(date1); 725 assertTrue("The returned date should be equal to specified", date1 726 .equals(selector.getPrivateKeyValid())); 727 selector.getPrivateKeyValid().setTime(200); 728 assertTrue("The returned date should be equal to specified", date1 729 .equals(selector.getPrivateKeyValid())); 730 assertFalse("The returned date should differ", date2.equals(selector 731 .getPrivateKeyValid())); 732 } 733 734 /** 735 * @tests java.security.cert.X509CertSelector#getSerialNumber() 736 */ 737 @TestTargetNew( 738 level = TestLevel.COMPLETE, 739 notes = "", 740 method = "getSerialNumber", 741 args = {} 742 ) 743 public void test_getSerialNumber() { 744 BigInteger ser1 = new BigInteger("10000"); 745 BigInteger ser2 = new BigInteger("10001"); 746 X509CertSelector selector = new X509CertSelector(); 747 748 assertNull("Selector should return null", selector.getSerialNumber()); 749 selector.setSerialNumber(ser1); 750 assertEquals("The returned serial number should be equal to specified", 751 ser1, selector.getSerialNumber()); 752 assertFalse("The returned serial number should differ", ser2 753 .equals(selector.getSerialNumber())); 754 } 755 756 /** 757 * @tests java.security.cert.X509CertSelector#getSubject() 758 */ 759 @TestTargetNew( 760 level = TestLevel.COMPLETE, 761 notes = "", 762 method = "getSubject", 763 args = {} 764 ) 765 public void test_getSubject() { 766 X500Principal sub1 = new X500Principal("O=First Org."); 767 X500Principal sub2 = new X500Principal("O=Second Org."); 768 X509CertSelector selector = new X509CertSelector(); 769 770 assertNull("Selector should return null", selector.getSubject()); 771 selector.setSubject(sub1); 772 assertEquals("The returned subject should be equal to specified", sub1, 773 selector.getSubject()); 774 assertFalse("The returned subject should differ", sub2.equals(selector 775 .getSubject())); 776 } 777 778 /** 779 * @tests java.security.cert.X509CertSelector#getSubjectAlternativeNames() 780 */ 781 @TestTargetNew( 782 level = TestLevel.COMPLETE, 783 notes = "", 784 method = "getSubjectAlternativeNames", 785 args = {} 786 ) 787 public void test_getSubjectAlternativeNames() { 788 try { 789 GeneralName san1 = new GeneralName(1, "rfc@822.Name"); 790 GeneralName san2 = new GeneralName(2, "dNSName"); 791 792 GeneralNames sans = new GeneralNames(); 793 sans.addName(san1); 794 sans.addName(san2); 795 796 TestCert cert_1 = new TestCert(sans); 797 X509CertSelector selector = new X509CertSelector(); 798 799 assertNull("Selector should return null", selector 800 .getSubjectAlternativeNames()); 801 802 selector.setSubjectAlternativeNames(sans.getPairsList()); 803 assertTrue("The certificate should match the selection criteria.", 804 selector.match(cert_1)); 805 selector.getSubjectAlternativeNames().clear(); 806 assertTrue("The modification of initialization object " 807 + "should not affect the modification " 808 + "of internal object.", selector.match(cert_1)); 809 } catch (IOException e) { 810 e.printStackTrace(); 811 fail("Unexpected IOException was thrown."); 812 } 813 } 814 815 /** 816 * @tests java.security.cert.X509CertSelector#getSubjectAsBytes() 817 */ 818 @TestTargetNew( 819 level = TestLevel.COMPLETE, 820 notes = "", 821 method = "getSubjectAsBytes", 822 args = {} 823 ) 824 public void test_getSubjectAsBytes() { 825 byte[] name1 = new byte[] 826 // manually obtained DER encoding of "O=First Org." issuer name; 827 { 48, 21, 49, 19, 48, 17, 6, 3, 85, 4, 10, 19, 10, 70, 105, 114, 115, 828 116, 32, 79, 114, 103, 46 }; 829 byte[] name2 = new byte[] 830 // manually obtained DER encoding of "O=Second Org." issuer name; 831 { 48, 22, 49, 20, 48, 18, 6, 3, 85, 4, 10, 19, 11, 83, 101, 99, 111, 832 110, 100, 32, 79, 114, 103, 46 }; 833 834 X500Principal sub1 = new X500Principal(name1); 835 X500Principal sub2 = new X500Principal(name2); 836 X509CertSelector selector = new X509CertSelector(); 837 838 try { 839 assertNull("Selector should return null", selector 840 .getSubjectAsBytes()); 841 selector.setSubject(sub1); 842 assertTrue("The returned issuer should be equal to specified", 843 Arrays.equals(name1, selector.getSubjectAsBytes())); 844 assertFalse("The returned issuer should differ", name2 845 .equals(selector.getSubjectAsBytes())); 846 selector.setSubject(sub2); 847 assertTrue("The returned issuer should be equal to specified", 848 Arrays.equals(name2, selector.getSubjectAsBytes())); 849 } catch (IOException e) { 850 fail("Unexpected IOException was thrown."); 851 } 852 } 853 854 /** 855 * @tests java.security.cert.X509CertSelector#getSubjectAsString() 856 */ 857 @TestTargetNew( 858 level = TestLevel.COMPLETE, 859 notes = "", 860 method = "getSubjectAsString", 861 args = {} 862 ) 863 public void test_getSubjectAsString() { 864 String name1 = "O=First Org."; 865 String name2 = "O=Second Org."; 866 X500Principal sub1 = new X500Principal(name1); 867 X500Principal sub2 = new X500Principal(name2); 868 X509CertSelector selector = new X509CertSelector(); 869 870 assertNull("Selector should return null", selector.getSubjectAsString()); 871 selector.setSubject(sub1); 872 assertEquals("The returned subject should be equal to specified", 873 name1, selector.getSubjectAsString()); 874 assertFalse("The returned subject should differ", name2.equals(selector 875 .getSubjectAsString())); 876 selector.setSubject(sub2); 877 assertEquals("The returned subject should be equal to specified", 878 name2, selector.getSubjectAsString()); 879 } 880 881 /** 882 * @tests java.security.cert.X509CertSelector#getSubjectKeyIdentifier() 883 */ 884 @TestTargetNew( 885 level = TestLevel.COMPLETE, 886 notes = "", 887 method = "getSubjectKeyIdentifier", 888 args = {} 889 ) 890 public void test_getSubjectKeyIdentifier() { 891 byte[] skid1 = new byte[] { 1, 2, 3, 4, 5 }; // random value 892 byte[] skid2 = new byte[] { 4, 5, 5, 4, 3, 2, 1 }; // random value 893 X509CertSelector selector = new X509CertSelector(); 894 895 assertNull("Selector should return null", selector 896 .getSubjectKeyIdentifier()); 897 selector.setSubjectKeyIdentifier(skid1); 898 assertTrue("The returned keyID should be equal to specified", Arrays 899 .equals(skid1, selector.getSubjectKeyIdentifier())); 900 selector.getSubjectKeyIdentifier()[0]++; 901 assertTrue("The returned keyID should be equal to specified", Arrays 902 .equals(skid1, selector.getSubjectKeyIdentifier())); 903 assertFalse("The returned keyID should differ", Arrays.equals(skid2, 904 selector.getSubjectKeyIdentifier())); 905 } 906 907 /** 908 * @tests java.security.cert.X509CertSelector#getSubjectPublicKey() 909 */ 910 @TestTargetNew( 911 level = TestLevel.COMPLETE, 912 notes = "", 913 method = "getSubjectPublicKey", 914 args = {} 915 ) 916 public void test_getSubjectPublicKey() throws Exception { 917 918 // SubjectPublicKeyInfo ::= SEQUENCE { 919 // algorithm AlgorithmIdentifier, 920 // subjectPublicKey BIT STRING } 921 byte[] enc = { 0x30, 0x0E, // SEQUENCE 922 0x30, 0x07, // SEQUENCE 923 0x06, 0x02, 0x03, 0x05,// OID 924 0x01, 0x01, 0x07, // ANY 925 0x03, 0x03, 0x01, 0x01, 0x06, // subjectPublicKey 926 }; 927 928 X509CertSelector selector = new X509CertSelector(); 929 930 selector.setSubjectPublicKey(enc); 931 PublicKey key = selector.getSubjectPublicKey(); 932 assertEquals("0.3.5", key.getAlgorithm()); 933 assertEquals("X.509", key.getFormat()); 934 assertTrue(Arrays.equals(enc, key.getEncoded())); 935 assertNotNull(key.toString()); 936 937 key = new MyPublicKey(); 938 939 selector.setSubjectPublicKey(key); 940 PublicKey keyActual = selector.getSubjectPublicKey(); 941 assertEquals(key, keyActual); 942 assertEquals(key.getAlgorithm(), keyActual.getAlgorithm()); 943 } 944 945 /** 946 * @tests java.security.cert.X509CertSelector#getSubjectPublicKeyAlgID() 947 */ 948 @TestTargetNew( 949 level = TestLevel.COMPLETE, 950 notes = "", 951 method = "getSubjectPublicKeyAlgID", 952 args = {} 953 ) 954 public void test_getSubjectPublicKeyAlgID() { 955 956 X509CertSelector selector = new X509CertSelector(); 957 String[] validOIDs = { "0.0.20", "1.25.0", "2.0.39", "0.2.10", "1.35.15", 958 "2.17.89" }; 959 960 assertNull("Selector should return null", selector 961 .getSubjectPublicKeyAlgID()); 962 963 for (int i = 0; i < validOIDs.length; i++) { 964 try { 965 selector.setSubjectPublicKeyAlgID(validOIDs[i]); 966 assertEquals(validOIDs[i], selector.getSubjectPublicKeyAlgID()); 967 } catch (IOException e) { 968 System.out.println("t = " + e.getMessage()); 969 //fail("Unexpected exception " + e.getMessage()); 970 } 971 } 972 973 String pkaid1 = "1.2.840.113549.1.1.1"; // RSA encryption 974 String pkaid2 = "1.2.840.113549.1.1.4"; // MD5 with RSA encryption 975 976 try { 977 selector.setSubjectPublicKeyAlgID(pkaid1); 978 } catch (IOException e) { 979 fail("Unexpected IOException was thrown."); 980 } 981 assertTrue("The returned oid should be equal to specified", pkaid1 982 .equals(selector.getSubjectPublicKeyAlgID())); 983 assertFalse("The returned oid should differ", pkaid2.equals(selector 984 .getSubjectPublicKeyAlgID())); 985 } 986 987 /** 988 * @tests java.security.cert.X509CertSelector#match(java.security.cert.Certificate) 989 */ 990 @TestTargetNew( 991 level = TestLevel.COMPLETE, 992 notes = "", 993 method = "match", 994 args = {java.security.cert.Certificate.class} 995 ) 996 public void test_matchLjava_security_cert_Certificate() 997 throws CertificateException { 998 X509CertSelector selector = new X509CertSelector(); 999 assertFalse(selector.match(null)); 1000 1001 CertificateFactory certFact = CertificateFactory.getInstance("X509"); 1002 X509Certificate cert1 = (X509Certificate) certFact 1003 .generateCertificate(new ByteArrayInputStream(TestUtils 1004 .getX509Certificate_v3())); 1005 1006 X509Certificate cert2 = (X509Certificate) certFact 1007 .generateCertificate(new ByteArrayInputStream(TestUtils 1008 .getX509Certificate_v1())); 1009 1010 selector.setCertificate(cert1); 1011 assertTrue(selector.match(cert1)); 1012 assertFalse(selector.match(cert2)); 1013 1014 selector.setCertificate(cert2); 1015 assertFalse(selector.match(cert1)); 1016 assertTrue(selector.match(cert2)); 1017 } 1018 1019 /** 1020 * @tests java.security.cert.X509CertSelector#setAuthorityKeyIdentifier(byte[]) 1021 */ 1022 @TestTargetNew( 1023 level = TestLevel.COMPLETE, 1024 notes = "", 1025 method = "setAuthorityKeyIdentifier", 1026 args = {byte[].class} 1027 ) 1028 public void test_setAuthorityKeyIdentifierLB$() throws CertificateException { 1029 X509CertSelector selector = new X509CertSelector(); 1030 1031 byte[] akid1 = new byte[] { 1, 2, 3, 4, 5 }; // random value 1032 byte[] akid2 = new byte[] { 5, 4, 3, 2, 1 }; // random value 1033 TestCert cert1 = new TestCert(akid1); 1034 TestCert cert2 = new TestCert(akid2); 1035 1036 selector.setAuthorityKeyIdentifier(null); 1037 assertTrue("The certificate should match the selection criteria.", 1038 selector.match(cert1)); 1039 assertTrue("The certificate should match the selection criteria.", 1040 selector.match(cert2)); 1041 assertNull(selector.getAuthorityKeyIdentifier()); 1042 1043 selector.setAuthorityKeyIdentifier(akid1); 1044 assertTrue("The certificate should not match the selection criteria.", 1045 selector.match(cert1)); 1046 assertFalse("The certificate should not match the selection criteria.", 1047 selector.match(cert2)); 1048 selector.setAuthorityKeyIdentifier(akid2); 1049 assertFalse("The certificate should not match the selection criteria.", 1050 selector.match(cert1)); 1051 assertTrue("The certificate should not match the selection criteria.", 1052 selector.match(cert2)); 1053 1054 akid2[0]++; 1055 assertTrue("The certificate should match the selection criteria.", 1056 selector.match(cert2)); 1057 } 1058 1059 /** 1060 * @tests java.security.cert.X509CertSelector#setBasicConstraints(int) 1061 */ 1062 @TestTargetNew( 1063 level = TestLevel.COMPLETE, 1064 notes = "", 1065 method = "setBasicConstraints", 1066 args = {int.class} 1067 ) 1068 public void test_setBasicConstraintsLint() { 1069 X509CertSelector selector = new X509CertSelector(); 1070 int[] invalidValues = { -3, -4, -5, 1000000000 }; 1071 for (int i = 0; i < invalidValues.length; i++) { 1072 try { 1073 selector.setBasicConstraints(-3); 1074 fail("IllegalArgumentException expected"); 1075 } catch (IllegalArgumentException e) { 1076 // expected 1077 } 1078 } 1079 1080 int[] validValues = { -2, -1, 0, 1, 2, 3, 10, 20 }; 1081 for (int i = 0; i < validValues.length; i++) { 1082 selector.setBasicConstraints(validValues[i]); 1083 assertEquals(validValues[i], selector.getBasicConstraints()); 1084 } 1085 } 1086 1087 /** 1088 * @tests java.security.cert.X509CertSelector#setCertificate(java.security.cert.Certificate) 1089 */ 1090 @TestTargetNew( 1091 level = TestLevel.COMPLETE, 1092 notes = "", 1093 method = "setCertificate", 1094 args = {java.security.cert.X509Certificate.class} 1095 ) 1096 public void test_setCertificateLjava_security_cert_X509Certificate() 1097 throws CertificateException { 1098 1099 TestCert cert1 = new TestCert("same certificate"); 1100 TestCert cert2 = new TestCert("other certificate"); 1101 X509CertSelector selector = new X509CertSelector(); 1102 1103 selector.setCertificate(null); 1104 assertTrue("Any certificates should match in the case of null " 1105 + "certificateEquals criteria.", selector.match(cert1) 1106 && selector.match(cert2)); 1107 selector.setCertificate(cert1); 1108 assertTrue("The certificate should match the selection criteria.", 1109 selector.match(cert1)); 1110 assertFalse("The certificate should not match the selection criteria.", 1111 selector.match(cert2)); 1112 selector.setCertificate(cert2); 1113 assertTrue("The certificate should match the selection criteria.", 1114 selector.match(cert2)); 1115 selector.setCertificate(null); 1116 assertNull(selector.getCertificate()); 1117 } 1118 1119 /** 1120 * @tests java.security.cert.X509CertSelector#setCertificateValid(java.util.Date) 1121 */ 1122 @TestTargetNew( 1123 level = TestLevel.COMPLETE, 1124 notes = "", 1125 method = "setCertificateValid", 1126 args = {java.util.Date.class} 1127 ) 1128 public void test_setCertificateValidLjava_util_Date() 1129 throws CertificateException { 1130 X509CertSelector selector = new X509CertSelector(); 1131 1132 Date date1 = new Date(100); 1133 Date date2 = new Date(200); 1134 TestCert cert1 = new TestCert(date1); 1135 TestCert cert2 = new TestCert(date2); 1136 1137 selector.setCertificateValid(null); 1138 assertNull(selector.getCertificateValid()); 1139 selector.setCertificateValid(date1); 1140 assertTrue("The certificate should match the selection criteria.", 1141 selector.match(cert1)); 1142 assertFalse("The certificate should not match the selection criteria.", 1143 selector.match(cert2)); 1144 selector.setCertificateValid(date2); 1145 date2.setTime(300); 1146 assertTrue("The certificate should match the selection criteria.", 1147 selector.match(cert2)); 1148 } 1149 1150 /** 1151 * @tests java.security.cert.X509CertSelector#setExtendedKeyUsage(Set<String>) 1152 */ 1153 @TestTargetNew( 1154 level = TestLevel.COMPLETE, 1155 notes = "", 1156 method = "setExtendedKeyUsage", 1157 args = {java.util.Set.class} 1158 ) 1159 public void test_setExtendedKeyUsageLjava_util_Set() 1160 throws CertificateException { 1161 HashSet<String> ku1 = new HashSet<String>(Arrays 1162 .asList(new String[] { "1.3.6.1.5.5.7.3.1", 1163 "1.3.6.1.5.5.7.3.2", "1.3.6.1.5.5.7.3.3", 1164 "1.3.6.1.5.5.7.3.4", "1.3.6.1.5.5.7.3.8", 1165 "1.3.6.1.5.5.7.3.9", "1.3.6.1.5.5.7.3.5", 1166 "1.3.6.1.5.5.7.3.6", "1.3.6.1.5.5.7.3.7" })); 1167 HashSet<String> ku2 = new HashSet<String>(Arrays.asList(new String[] { 1168 "1.3.6.1.5.5.7.3.1", "1.3.6.1.5.5.7.3.2", "1.3.6.1.5.5.7.3.3", 1169 "1.3.6.1.5.5.7.3.4", "1.3.6.1.5.5.7.3.8", "1.3.6.1.5.5.7.3.9", 1170 "1.3.6.1.5.5.7.3.5", "1.3.6.1.5.5.7.3.6" })); 1171 TestCert cert1 = new TestCert(ku1); 1172 TestCert cert2 = new TestCert(ku2); 1173 1174 X509CertSelector selector = new X509CertSelector(); 1175 1176 try { 1177 selector.setExtendedKeyUsage(null); 1178 } catch (IOException e) { 1179 fail("Unexpected IOException was thrown."); 1180 } 1181 assertTrue("Any certificate should match in the case of null " 1182 + "extendedKeyUsage criteria.", selector.match(cert1) 1183 && selector.match(cert2)); 1184 try { 1185 selector.setExtendedKeyUsage(ku1); 1186 } catch (IOException e) { 1187 fail("Unexpected IOException was thrown."); 1188 } 1189 assertEquals(ku1, selector.getExtendedKeyUsage()); 1190 1191 try { 1192 selector.setExtendedKeyUsage(ku2); 1193 } catch (IOException e) { 1194 fail("Unexpected IOException was thrown."); 1195 } 1196 assertEquals(ku2, selector.getExtendedKeyUsage()); 1197 } 1198 1199 /** 1200 * @tests java.security.cert.X509CertSelector#setIssuer(byte[]) 1201 */ 1202 @TestTargetNew( 1203 level = TestLevel.COMPLETE, 1204 notes = "", 1205 method = "setIssuer", 1206 args = {byte[].class} 1207 ) 1208 public void test_setIssuerLB$() throws CertificateException { 1209 byte[] name1 = new byte[] 1210 // manually obtained DER encoding of "O=First Org." issuer name; 1211 { 48, 21, 49, 19, 48, 17, 6, 3, 85, 4, 10, 19, 10, 70, 105, 114, 115, 1212 116, 32, 79, 114, 103, 46 }; 1213 byte[] name2 = new byte[] 1214 // manually obtained DER encoding of "O=Second Org." issuer name; 1215 { 48, 22, 49, 20, 48, 18, 6, 3, 85, 4, 10, 19, 11, 83, 101, 99, 111, 1216 110, 100, 32, 79, 114, 103, 46 }; 1217 X500Principal iss1 = new X500Principal(name1); 1218 X500Principal iss2 = new X500Principal(name2); 1219 TestCert cert1 = new TestCert(iss1); 1220 TestCert cert2 = new TestCert(iss2); 1221 1222 X509CertSelector selector = new X509CertSelector(); 1223 1224 try { 1225 selector.setIssuer((byte[]) null); 1226 } catch (IOException e) { 1227 fail("Unexpected IOException was thrown."); 1228 } 1229 assertTrue("Any certificates should match " 1230 + "in the case of null issuer criteria.", selector.match(cert1) 1231 && selector.match(cert2)); 1232 try { 1233 selector.setIssuer(name1); 1234 } catch (IOException e) { 1235 fail("Unexpected IOException was thrown."); 1236 } 1237 assertTrue("The certificate should match the selection criteria.", 1238 selector.match(cert1)); 1239 assertFalse("The certificate should not match the selection criteria.", 1240 selector.match(cert2)); 1241 try { 1242 selector.setIssuer(name2); 1243 } catch (IOException e) { 1244 fail("Unexpected IOException was thrown."); 1245 } 1246 assertTrue("The certificate should match the selection criteria.", 1247 selector.match(cert2)); 1248 } 1249 1250 /** 1251 * @tests java.security.cert.X509CertSelector#setIssuer(java.lang.String) 1252 */ 1253 @TestTargetNew( 1254 level = TestLevel.COMPLETE, 1255 notes = "", 1256 method = "setIssuer", 1257 args = {java.lang.String.class} 1258 ) 1259 public void test_setIssuerLjava_lang_String() throws CertificateException { 1260 1261 String name1 = "O=First Org."; 1262 String name2 = "O=Second Org."; 1263 X500Principal iss1 = new X500Principal(name1); 1264 X500Principal iss2 = new X500Principal(name2); 1265 TestCert cert1 = new TestCert(iss1); 1266 TestCert cert2 = new TestCert(iss2); 1267 1268 X509CertSelector selector = new X509CertSelector(); 1269 1270 try { 1271 selector.setIssuer((String) null); 1272 } catch (IOException e) { 1273 fail("Unexpected IOException was thrown."); 1274 } 1275 assertTrue("Any certificates should match " 1276 + "in the case of null issuer criteria.", selector.match(cert1) 1277 && selector.match(cert2)); 1278 try { 1279 selector.setIssuer(name1); 1280 } catch (IOException e) { 1281 fail("Unexpected IOException was thrown."); 1282 } 1283 assertTrue("The certificate should match the selection criteria.", 1284 selector.match(cert1)); 1285 assertFalse("The certificate should not match the selection criteria.", 1286 selector.match(cert2)); 1287 try { 1288 selector.setIssuer(name2); 1289 } catch (IOException e) { 1290 fail("Unexpected IOException was thrown."); 1291 } 1292 assertTrue("The certificate should match the selection criteria.", 1293 selector.match(cert2)); 1294 } 1295 1296 /** 1297 * @tests java.security.cert.X509CertSelector#setIssuer(javax.security.auth.x500.X500Principal) 1298 */ 1299 @TestTargetNew( 1300 level = TestLevel.COMPLETE, 1301 notes = "", 1302 method = "setIssuer", 1303 args = {javax.security.auth.x500.X500Principal.class} 1304 ) 1305 public void test_setIssuerLjavax_security_auth_x500_X500Principal() 1306 throws CertificateException { 1307 X500Principal iss1 = new X500Principal("O=First Org."); 1308 X500Principal iss2 = new X500Principal("O=Second Org."); 1309 TestCert cert1 = new TestCert(iss1); 1310 TestCert cert2 = new TestCert(iss2); 1311 X509CertSelector selector = new X509CertSelector(); 1312 1313 selector.setIssuer((X500Principal) null); 1314 assertTrue("Any certificates should match " 1315 + "in the case of null issuer criteria.", selector.match(cert1) 1316 && selector.match(cert2)); 1317 selector.setIssuer(iss1); 1318 assertTrue("The certificate should match the selection criteria.", 1319 selector.match(cert1)); 1320 assertFalse("The certificate should not match the selection criteria.", 1321 selector.match(cert2)); 1322 selector.setIssuer(iss2); 1323 assertTrue("The certificate should match the selection criteria.", 1324 selector.match(cert2)); 1325 } 1326 1327 /** 1328 * @tests java.security.cert.X509CertSelector#setKeyUsage(boolean) 1329 */ 1330 @TestTargetNew( 1331 level = TestLevel.COMPLETE, 1332 notes = "", 1333 method = "setKeyUsage", 1334 args = {boolean[].class} 1335 ) 1336 public void test_setKeyUsageZ() throws CertificateException { 1337 boolean[] ku1 = new boolean[] { true, true, true, true, true, true, 1338 true, true, true }; 1339 // decipherOnly is disallowed 1340 boolean[] ku2 = new boolean[] { true, true, true, true, true, true, 1341 true, true, false }; 1342 TestCert cert1 = new TestCert(ku1); 1343 TestCert cert2 = new TestCert(ku2); 1344 TestCert cert3 = new TestCert((boolean[]) null); 1345 1346 X509CertSelector selector = new X509CertSelector(); 1347 1348 selector.setKeyUsage(null); 1349 assertTrue("Any certificate should match in the case of null " 1350 + "keyUsage criteria.", selector.match(cert1) 1351 && selector.match(cert2)); 1352 selector.setKeyUsage(ku1); 1353 assertTrue("The certificate should match the selection criteria.", 1354 selector.match(cert1)); 1355 assertFalse("The certificate should not match the selection criteria.", 1356 selector.match(cert2)); 1357 assertTrue("The certificate which does not have a keyUsage extension " 1358 + "implicitly allows all keyUsage values.", selector 1359 .match(cert3)); 1360 selector.setKeyUsage(ku2); 1361 ku2[0] = !ku2[0]; 1362 assertTrue("The certificate should match the selection criteria.", 1363 selector.match(cert2)); 1364 } 1365 1366 /** 1367 * @tests java.security.cert.X509CertSelector#setMatchAllSubjectAltNames(boolean) 1368 */ 1369 @TestTargetNew( 1370 level = TestLevel.COMPLETE, 1371 notes = "", 1372 method = "setMatchAllSubjectAltNames", 1373 args = {boolean.class} 1374 ) 1375 public void test_setMatchAllSubjectAltNamesZ() { 1376 TestCert cert = new TestCert(); 1377 X509CertSelector selector = new X509CertSelector(); 1378 1379 assertTrue(selector.match(cert)); 1380 1381 assertFalse(selector.match(null)); 1382 } 1383 1384 /** 1385 * @tests java.security.cert.X509CertSelector#setNameConstraints(byte[] 1386 * bytes) 1387 */ 1388 @TestTargetNew( 1389 level = TestLevel.COMPLETE, 1390 notes = "", 1391 method = "setNameConstraints", 1392 args = {byte[].class} 1393 ) 1394 public void test_setNameConstraintsLB$() throws IOException { 1395// GeneralName[] name_constraints = new GeneralName[] { 1396// new GeneralName(1, "822.Name"), 1397// new GeneralName(1, "rfc@822.Name"), 1398// new GeneralName(2, "Name.org"), 1399// new GeneralName(2, "dNS.Name.org"), 1400// 1401// new GeneralName(6, "http://Resource.Id"), 1402// new GeneralName(6, "http://uniform.Resource.Id"), 1403// new GeneralName(7, "1.1.1.1"), 1404// 1405// new GeneralName(new byte[] { 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1406// 1, 1, 1, 1, 1 }), }; 1407// 1408// for (int i = 0; i < name_constraints.length; i++) { 1409// GeneralSubtree subtree = new GeneralSubtree(name_constraints[i]); 1410// GeneralSubtrees subtrees = new GeneralSubtrees(); 1411// subtrees.addSubtree(subtree); 1412// NameConstraints constraints = new NameConstraints(subtrees, 1413// subtrees); 1414// } 1415 X509CertSelector selector = new X509CertSelector(); 1416 1417 for (int i = 0; i < constraintBytes.length; i++) { 1418 selector.setNameConstraints(constraintBytes[i]); 1419 assertTrue(Arrays.equals(constraintBytes[i], selector 1420 .getNameConstraints())); 1421 } 1422 } 1423 1424 /** 1425 * @tests java.security.cert.X509CertSelector#setPathToNames(Collection<List<?>>) 1426 */ 1427 @TestTargetNew( 1428 level = TestLevel.COMPLETE, 1429 notes = "", 1430 method = "setPathToNames", 1431 args = {java.util.Collection.class} 1432 ) 1433 public void test_setPathToNamesLjava_util_Collection() { 1434 try { 1435 GeneralName san0 = new GeneralName(new OtherName("1.2.3.4.5", 1436 new byte[] { 1, 2, 0, 1 })); 1437 GeneralName san1 = new GeneralName(1, "rfc@822.Name"); 1438 GeneralName san2 = new GeneralName(2, "dNSName"); 1439 GeneralName san3 = new GeneralName(new ORAddress()); 1440 GeneralName san4 = new GeneralName(new Name("O=Organization")); 1441 GeneralName san6 = new GeneralName(6, "http://uniform.Resource.Id"); 1442 GeneralName san7 = new GeneralName(7, "1.1.1.1"); 1443 GeneralName san8 = new GeneralName(8, "1.2.3.4444.55555"); 1444 1445 GeneralNames sans1 = new GeneralNames(); 1446 sans1.addName(san0); 1447 sans1.addName(san1); 1448 sans1.addName(san2); 1449 sans1.addName(san3); 1450 sans1.addName(san4); 1451 sans1.addName(san6); 1452 sans1.addName(san7); 1453 sans1.addName(san8); 1454 GeneralNames sans2 = new GeneralNames(); 1455 sans2.addName(san0); 1456 1457 TestCert cert1 = new TestCert(sans1); 1458 TestCert cert2 = new TestCert(sans2); 1459 X509CertSelector selector = new X509CertSelector(); 1460 selector.setMatchAllSubjectAltNames(true); 1461 1462 selector.setPathToNames(null); 1463 assertTrue("Any certificate should match in the case of null " 1464 + "subjectAlternativeNames criteria.", selector 1465 .match(cert1) 1466 && selector.match(cert2)); 1467 1468 Collection<List<?>> sans = sans1.getPairsList(); 1469 1470 selector.setPathToNames(sans); 1471 1472 Collection<List<?>> col = selector.getPathToNames(); 1473 Iterator<List<?>> i = col.iterator(); 1474 while (i.hasNext()) { 1475 Object o = i.next(); 1476 if (!(o instanceof List)) { 1477 fail("expected a List"); 1478 } 1479 } 1480 1481 } catch (IOException e) { 1482 e.printStackTrace(); 1483 fail("Unexpected IOException was thrown."); 1484 } 1485 } 1486 1487 /** 1488 * @tests java.security.cert.X509CertSelector#setPolicy(Set<String>) 1489 */ 1490 @TestTargetNew( 1491 level = TestLevel.COMPLETE, 1492 notes = "", 1493 method = "setPolicy", 1494 args = {java.util.Set.class} 1495 ) 1496 public void test_setPolicyLjava_util_Set() throws IOException { 1497 String[] policies1 = new String[] { "1.3.6.1.5.5.7.3.1", 1498 "1.3.6.1.5.5.7.3.2", "1.3.6.1.5.5.7.3.3", "1.3.6.1.5.5.7.3.4", 1499 "1.3.6.1.5.5.7.3.8", "1.3.6.1.5.5.7.3.9", "1.3.6.1.5.5.7.3.5", 1500 "1.3.6.1.5.5.7.3.6", "1.3.6.1.5.5.7.3.7" }; 1501 1502 String[] policies2 = new String[] { "1.3.6.7.3.1" }; 1503 1504 HashSet<String> p1 = new HashSet<String>(Arrays.asList(policies1)); 1505 HashSet<String> p2 = new HashSet<String>(Arrays.asList(policies2)); 1506 1507 X509CertSelector selector = new X509CertSelector(); 1508 1509 TestCert cert1 = new TestCert(policies1); 1510 TestCert cert2 = new TestCert(policies2); 1511 1512 selector.setPolicy(null); 1513 assertTrue("Any certificate should match in the case of null " 1514 + "privateKeyValid criteria.", selector.match(cert1) 1515 && selector.match(cert2)); 1516 1517 selector.setPolicy(p1); 1518 assertTrue("The certificate should match the selection criteria.", 1519 selector.match(cert1)); 1520 assertFalse("The certificate should not match the selection criteria.", 1521 selector.match(cert2)); 1522 1523 selector.setPolicy(p2); 1524 assertFalse("The certificate should not match the selection criteria.", 1525 selector.match(cert1)); 1526 assertTrue("The certificate should match the selection criteria.", 1527 selector.match(cert2)); 1528 } 1529 1530 /** 1531 * @tests java.security.cert.X509CertSelector#setPrivateKeyValid(java.util.Date) 1532 */ 1533 @TestTargetNew( 1534 level = TestLevel.COMPLETE, 1535 notes = "", 1536 method = "setPrivateKeyValid", 1537 args = {java.util.Date.class} 1538 ) 1539 public void test_setPrivateKeyValidLjava_util_Date() 1540 throws CertificateException { 1541 Date date1 = new Date(100000000); 1542 Date date2 = new Date(200000000); 1543 Date date3 = new Date(300000000); 1544 Date date4 = new Date(150000000); 1545 Date date5 = new Date(250000000); 1546 TestCert cert1 = new TestCert(date1, date2); 1547 TestCert cert2 = new TestCert(date2, date3); 1548 1549 X509CertSelector selector = new X509CertSelector(); 1550 1551 selector.setPrivateKeyValid(null); 1552 assertTrue("Any certificate should match in the case of null " 1553 + "privateKeyValid criteria.", selector.match(cert1) 1554 && selector.match(cert2)); 1555 selector.setPrivateKeyValid(date4); 1556 assertTrue("The certificate should match the selection criteria.", 1557 selector.match(cert1)); 1558 assertFalse("The certificate should not match the selection criteria.", 1559 selector.match(cert2)); 1560 selector.setPrivateKeyValid(date5); 1561 date5.setTime(date4.getTime()); 1562 assertTrue("The certificate should match the selection criteria.", 1563 selector.match(cert2)); 1564 } 1565 1566 /** 1567 * @tests java.security.cert.X509CertSelector#setSerialNumber(java.math.BigInteger) 1568 */ 1569 @TestTargetNew( 1570 level = TestLevel.COMPLETE, 1571 notes = "", 1572 method = "setSerialNumber", 1573 args = {java.math.BigInteger.class} 1574 ) 1575 public void test_setSerialNumberLjava_math_BigInteger() 1576 throws CertificateException { 1577 BigInteger ser1 = new BigInteger("10000"); 1578 BigInteger ser2 = new BigInteger("10001"); 1579 TestCert cert1 = new TestCert(ser1); 1580 TestCert cert2 = new TestCert(ser2); 1581 X509CertSelector selector = new X509CertSelector(); 1582 1583 selector.setSerialNumber(null); 1584 assertTrue("Any certificate should match in the case of null " 1585 + "serialNumber criteria.", selector.match(cert1) 1586 && selector.match(cert2)); 1587 selector.setSerialNumber(ser1); 1588 assertTrue("The certificate should match the selection criteria.", 1589 selector.match(cert1)); 1590 assertFalse("The certificate should not match the selection criteria.", 1591 selector.match(cert2)); 1592 selector.setSerialNumber(ser2); 1593 assertTrue("The certificate should match the selection criteria.", 1594 selector.match(cert2)); 1595 } 1596 1597 /** 1598 * @tests java.security.cert.X509CertSelector#setSubject(byte[]) 1599 */ 1600 @TestTargetNew( 1601 level = TestLevel.COMPLETE, 1602 notes = "", 1603 method = "setSubject", 1604 args = {byte[].class} 1605 ) 1606 public void test_setSubjectLB$() throws CertificateException { 1607 byte[] name1 = new byte[] 1608 // manually obtained DER encoding of "O=First Org." issuer name; 1609 { 48, 21, 49, 19, 48, 17, 6, 3, 85, 4, 10, 19, 10, 70, 105, 114, 115, 1610 116, 32, 79, 114, 103, 46 }; 1611 byte[] name2 = new byte[] 1612 // manually obtained DER encoding of "O=Second Org." issuer name; 1613 { 48, 22, 49, 20, 48, 18, 6, 3, 85, 4, 10, 19, 11, 83, 101, 99, 111, 1614 110, 100, 32, 79, 114, 103, 46 }; 1615 X500Principal sub1 = new X500Principal(name1); 1616 X500Principal sub2 = new X500Principal(name2); 1617 TestCert cert1 = new TestCert(sub1); 1618 TestCert cert2 = new TestCert(sub2); 1619 1620 X509CertSelector selector = new X509CertSelector(); 1621 1622 try { 1623 selector.setSubject((byte[]) null); 1624 } catch (IOException e) { 1625 fail("Unexpected IOException was thrown."); 1626 } 1627 assertTrue("Any certificates should match " 1628 + "in the case of null issuer criteria.", selector.match(cert1) 1629 && selector.match(cert2)); 1630 try { 1631 selector.setSubject(name1); 1632 } catch (IOException e) { 1633 fail("Unexpected IOException was thrown."); 1634 } 1635 assertTrue("The certificate should match the selection criteria.", 1636 selector.match(cert1)); 1637 assertFalse("The certificate should not match the selection criteria.", 1638 selector.match(cert2)); 1639 try { 1640 selector.setSubject(name2); 1641 } catch (IOException e) { 1642 fail("Unexpected IOException was thrown."); 1643 } 1644 assertTrue("The certificate should match the selection criteria.", 1645 selector.match(cert2)); 1646 } 1647 1648 /** 1649 * @tests java.security.cert.X509CertSelector#setSubject(java.lang.String) 1650 */ 1651 @TestTargetNew( 1652 level = TestLevel.COMPLETE, 1653 notes = "", 1654 method = "setSubject", 1655 args = {java.lang.String.class} 1656 ) 1657 public void test_setSubjectLjava_lang_String() throws CertificateException { 1658 String name1 = "O=First Org."; 1659 String name2 = "O=Second Org."; 1660 X500Principal sub1 = new X500Principal(name1); 1661 X500Principal sub2 = new X500Principal(name2); 1662 TestCert cert1 = new TestCert(sub1); 1663 TestCert cert2 = new TestCert(sub2); 1664 X509CertSelector selector = new X509CertSelector(); 1665 1666 try { 1667 selector.setSubject((String) null); 1668 } catch (IOException e) { 1669 fail("Unexpected IOException was thrown."); 1670 } 1671 assertTrue("Any certificates should match " 1672 + "in the case of null subject criteria.", selector 1673 .match(cert1) 1674 && selector.match(cert2)); 1675 try { 1676 selector.setSubject(name1); 1677 } catch (IOException e) { 1678 fail("Unexpected IOException was thrown."); 1679 } 1680 assertTrue("The certificate should match the selection criteria.", 1681 selector.match(cert1)); 1682 assertFalse("The certificate should not match the selection criteria.", 1683 selector.match(cert2)); 1684 try { 1685 selector.setSubject(name2); 1686 } catch (IOException e) { 1687 fail("Unexpected IOException was thrown."); 1688 } 1689 assertTrue("The certificate should match the selection criteria.", 1690 selector.match(cert2)); 1691 } 1692 1693 /** 1694 * @tests java.security.cert.X509CertSelector#setSubject(javax.security.auth.x500.X500Principal) 1695 */ 1696 @TestTargetNew( 1697 level = TestLevel.COMPLETE, 1698 notes = "", 1699 method = "setSubject", 1700 args = {javax.security.auth.x500.X500Principal.class} 1701 ) 1702 public void test_setSubjectLjavax_security_auth_x500_X500Principal() 1703 throws CertificateException { 1704 X500Principal sub1 = new X500Principal("O=First Org."); 1705 X500Principal sub2 = new X500Principal("O=Second Org."); 1706 TestCert cert1 = new TestCert(sub1); 1707 TestCert cert2 = new TestCert(sub2); 1708 X509CertSelector selector = new X509CertSelector(); 1709 1710 selector.setSubject((X500Principal) null); 1711 assertTrue("Any certificates should match " 1712 + "in the case of null subjcet criteria.", selector 1713 .match(cert1) 1714 && selector.match(cert2)); 1715 selector.setSubject(sub1); 1716 assertTrue("The certificate should match the selection criteria.", 1717 selector.match(cert1)); 1718 assertFalse("The certificate should not match the selection criteria.", 1719 selector.match(cert2)); 1720 selector.setSubject(sub2); 1721 assertTrue("The certificate should match the selection criteria.", 1722 selector.match(cert2)); 1723 } 1724 1725 /** 1726 * @tests java.security.cert.X509CertSelector#setSubjectAlternativeNames(Collection<List<?>>) 1727 */ 1728 @TestTargetNew( 1729 level = TestLevel.COMPLETE, 1730 notes = "", 1731 method = "setSubjectAlternativeNames", 1732 args = {java.util.Collection.class} 1733 ) 1734 public void test_setSubjectAlternativeNamesLjava_util_Collection() { 1735 1736 try { 1737 GeneralName san0 = new GeneralName(new OtherName("1.2.3.4.5", 1738 new byte[] { 1, 2, 0, 1 })); 1739 GeneralName san1 = new GeneralName(1, "rfc@822.Name"); 1740 GeneralName san2 = new GeneralName(2, "dNSName"); 1741 GeneralName san3 = new GeneralName(new ORAddress()); 1742 GeneralName san4 = new GeneralName(new Name("O=Organization")); 1743 GeneralName san6 = new GeneralName(6, "http://uniform.Resource.Id"); 1744 GeneralName san7 = new GeneralName(7, "1.1.1.1"); 1745 GeneralName san8 = new GeneralName(8, "1.2.3.4444.55555"); 1746 1747 GeneralNames sans1 = new GeneralNames(); 1748 sans1.addName(san0); 1749 sans1.addName(san1); 1750 sans1.addName(san2); 1751 sans1.addName(san3); 1752 sans1.addName(san4); 1753 sans1.addName(san6); 1754 sans1.addName(san7); 1755 sans1.addName(san8); 1756 GeneralNames sans2 = new GeneralNames(); 1757 sans2.addName(san0); 1758 1759 TestCert cert1 = new TestCert(sans1); 1760 TestCert cert2 = new TestCert(sans2); 1761 X509CertSelector selector = new X509CertSelector(); 1762 selector.setMatchAllSubjectAltNames(true); 1763 1764 selector.setSubjectAlternativeNames(null); 1765 assertTrue("Any certificate should match in the case of null " 1766 + "subjectAlternativeNames criteria.", selector 1767 .match(cert1) 1768 && selector.match(cert2)); 1769 1770 Collection<List<?>> sans = sans1.getPairsList(); 1771 1772 selector.setSubjectAlternativeNames(sans); 1773 1774 Collection<List<?>> col = selector.getSubjectAlternativeNames(); 1775 Iterator<List<?>> i = col.iterator(); 1776 while (i.hasNext()) { 1777 Object o = i.next(); 1778 if (!(o instanceof List)) { 1779 fail("expected a List"); 1780 } 1781 } 1782 1783 } catch (IOException e) { 1784 e.printStackTrace(); 1785 fail("Unexpected IOException was thrown."); 1786 } 1787 } 1788 1789 /** 1790 * @tests java.security.cert.X509CertSelector#setSubjectKeyIdentifier(byte[]) 1791 */ 1792 @TestTargetNew( 1793 level = TestLevel.COMPLETE, 1794 notes = "", 1795 method = "setSubjectKeyIdentifier", 1796 args = {byte[].class} 1797 ) 1798 public void test_setSubjectKeyIdentifierLB$() throws CertificateException { 1799 byte[] skid1 = new byte[] { 1, 2, 3, 4, 5 }; // random value 1800 byte[] skid2 = new byte[] { 5, 4, 3, 2, 1 }; // random value 1801 TestCert cert1 = new TestCert(skid1); 1802 TestCert cert2 = new TestCert(skid2); 1803 X509CertSelector selector = new X509CertSelector(); 1804 1805 selector.setSubjectKeyIdentifier(null); 1806 assertTrue("Any certificate should match in the case of null " 1807 + "serialNumber criteria.", selector.match(cert1) 1808 && selector.match(cert2)); 1809 selector.setSubjectKeyIdentifier(skid1); 1810 assertTrue("The certificate should match the selection criteria.", 1811 selector.match(cert1)); 1812 assertFalse("The certificate should not match the selection criteria.", 1813 selector.match(cert2)); 1814 selector.setSubjectKeyIdentifier(skid2); 1815 skid2[0]++; 1816 assertTrue("The certificate should match the selection criteria.", 1817 selector.match(cert2)); 1818 } 1819 1820 /** 1821 * @tests java.security.cert.X509CertSelector#setSubjectPublicKey(byte[]) 1822 */ 1823 @TestTargetNew( 1824 level = TestLevel.COMPLETE, 1825 notes = "", 1826 method = "setSubjectPublicKey", 1827 args = {byte[].class} 1828 ) 1829 public void test_setSubjectPublicKeyLB$() throws Exception { 1830 1831 //SubjectPublicKeyInfo ::= SEQUENCE { 1832 // algorithm AlgorithmIdentifier, 1833 // subjectPublicKey BIT STRING } 1834 byte[] enc = { 0x30, 0x0E, // SEQUENCE 1835 0x30, 0x07, // SEQUENCE 1836 0x06, 0x02, 0x03, 0x05,//OID 1837 0x01, 0x01, 0x07, //ANY 1838 0x03, 0x03, 0x01, 0x01, 0x06, // subjectPublicKey 1839 }; 1840 1841 X509CertSelector selector = new X509CertSelector(); 1842 1843 selector.setSubjectPublicKey(enc); 1844 PublicKey key = selector.getSubjectPublicKey(); 1845 assertEquals("0.3.5", key.getAlgorithm()); 1846 assertEquals("X.509", key.getFormat()); 1847 assertTrue(Arrays.equals(enc, key.getEncoded())); 1848 assertNotNull(key.toString()); 1849 } 1850 1851 /** 1852 * @tests java.security.cert.X509CertSelector#setSubjectPublicKey(java.security.PublicKey key) 1853 */ 1854 @TestTargetNew( 1855 level = TestLevel.COMPLETE, 1856 notes = "", 1857 method = "setSubjectPublicKey", 1858 args = {java.security.PublicKey.class} 1859 ) 1860 public void test_setSubjectPublicKeyLjava_security_PublicKey() 1861 throws CertificateException { 1862 PublicKey pkey1 = null; 1863 PublicKey pkey2 = null; 1864 try { 1865 pkey1 = new TestKeyPair("RSA").getPublic(); 1866 pkey2 = new TestKeyPair("DSA").getPublic(); 1867 } catch (Exception e) { 1868 fail("Unexpected Exception was thrown: " + e.getMessage()); 1869 } 1870 1871 TestCert cert1 = new TestCert(pkey1); 1872 TestCert cert2 = new TestCert(pkey2); 1873 X509CertSelector selector = new X509CertSelector(); 1874 1875 selector.setSubjectPublicKey((PublicKey) null); 1876 assertTrue("Any certificate should match in the case of null " 1877 + "subjectPublicKey criteria.", selector.match(cert1) 1878 && selector.match(cert2)); 1879 selector.setSubjectPublicKey(pkey1); 1880 assertTrue("The certificate should match the selection criteria.", 1881 selector.match(cert1)); 1882 assertFalse("The certificate should not match the selection criteria.", 1883 selector.match(cert2)); 1884 selector.setSubjectPublicKey(pkey2); 1885 assertTrue("The certificate should match the selection criteria.", 1886 selector.match(cert2)); 1887 } 1888 1889 /** 1890 * @tests java.security.cert.X509CertSelector#setSubjectPublicKeyAlgID(java.lang.String) 1891 */ 1892 @TestTargetNew( 1893 level = TestLevel.COMPLETE, 1894 notes = "", 1895 method = "setSubjectPublicKeyAlgID", 1896 args = {java.lang.String.class} 1897 ) 1898 public void test_setSubjectPublicKeyAlgIDLjava_lang_String() 1899 throws CertificateException { 1900 1901 X509CertSelector selector = new X509CertSelector(); 1902 String pkaid1 = "1.2.840.113549.1.1.1"; // RSA (source: 1903 // http://asn1.elibel.tm.fr) 1904 String pkaid2 = "1.2.840.10040.4.1"; // DSA (source: 1905 // http://asn1.elibel.tm.fr) 1906 PublicKey pkey1; 1907 PublicKey pkey2; 1908 try { 1909 pkey1 = new TestKeyPair("RSA").getPublic(); 1910 pkey2 = new TestKeyPair("DSA").getPublic(); 1911 } catch (Exception e) { 1912 e.printStackTrace(); 1913 fail("Unexpected Exception was thrown: " + e.getMessage()); 1914 return; 1915 } 1916 TestCert cert1 = new TestCert(pkey1); 1917 TestCert cert2 = new TestCert(pkey2); 1918 1919 try { 1920 selector.setSubjectPublicKeyAlgID(null); 1921 } catch (IOException e) { 1922 1923 fail("Unexpected IOException was thrown."); 1924 } 1925 assertTrue("Any certificate should match in the case of null " 1926 + "subjectPublicKeyAlgID criteria.", selector.match(cert1) 1927 && selector.match(cert2)); 1928 1929 String[] validOIDs = { "0.0.20", "1.25.0", "2.0.39", "0.2.10", "1.35.15", 1930 "2.17.89", "2.5.29.16", "2.5.29.17", "2.5.29.30", "2.5.29.32", 1931 "2.5.29.37" }; 1932 1933 for (int i = 0; i < validOIDs.length; i++) { 1934 try { 1935 selector.setSubjectPublicKeyAlgID(validOIDs[i]); 1936 assertEquals(validOIDs[i], selector.getSubjectPublicKeyAlgID()); 1937 } catch (IOException e) { 1938 fail("Unexpected exception " + e.getMessage()); 1939 } 1940 } 1941 1942 String[] invalidOIDs = { "0.20", "1.25", "2.39", "3.10"}; 1943 for (int i = 0; i < invalidOIDs.length; i++) { 1944 try { 1945 selector.setSubjectPublicKeyAlgID(invalidOIDs[i]); 1946 fail("IOException wasn't thrown for " + invalidOIDs[i]); 1947 } catch (IOException e) { 1948 } 1949 } 1950 1951 try { 1952 selector.setSubjectPublicKeyAlgID(pkaid1); 1953 } catch (IOException e) { 1954 fail("Unexpected IOException was thrown."); 1955 } 1956 assertTrue("The certificate should match the selection criteria.", 1957 selector.match(cert1)); 1958 assertFalse("The certificate should not match the selection criteria.", 1959 selector.match(cert2)); 1960 try { 1961 selector.setSubjectPublicKeyAlgID(pkaid2); 1962 } catch (IOException e) { 1963 fail("Unexpected IOException was thrown."); 1964 } 1965 assertTrue("The certificate should match the selection criteria.", 1966 selector.match(cert2)); 1967 } 1968 1969 /** 1970 * @tests java.security.cert.X509CertSelector#toString() 1971 */ 1972 @TestTargetNew( 1973 level = TestLevel.COMPLETE, 1974 notes = "", 1975 method = "toString", 1976 args = {} 1977 ) 1978 public void test_toString() { 1979 X509CertSelector selector = new X509CertSelector(); 1980 assertNotNull(selector.toString()); 1981 } 1982 1983 public class MyPublicKey implements PublicKey { 1984 private static final long serialVersionUID = 2899528375354645752L; 1985 1986 public MyPublicKey() { 1987 super(); 1988 } 1989 1990 public String getAlgorithm() { 1991 return "PublicKey"; 1992 } 1993 1994 public String getFormat() { 1995 return "Format"; 1996 } 1997 1998 public byte[] getEncoded() { 1999 return new byte[0]; 2000 } 2001 2002 public long getSerVerUID() { 2003 return serialVersionUID; 2004 } 2005 } 2006 2007 private class TestCert extends X509Certificate { 2008 2009 private static final long serialVersionUID = 176676115254260405L; 2010 2011 /* Stuff fields */ 2012 protected String equalCriteria = null; // to simplify method equals() 2013 2014 protected BigInteger serialNumber = null; 2015 2016 protected X500Principal issuer = null; 2017 2018 protected X500Principal subject = null; 2019 2020 protected byte[] keyIdentifier = null; 2021 2022 protected Date date = null; 2023 2024 protected Date notBefore = null; 2025 2026 protected Date notAfter = null; 2027 2028 protected PublicKey key = null; 2029 2030 protected boolean[] keyUsage = null; 2031 2032 protected List<String> extKeyUsage = null; 2033 2034 protected int pathLen = 1; 2035 2036 protected GeneralNames sans = null; 2037 2038 protected byte[] encoding = null; 2039 2040 protected String[] policies = null; 2041 2042 protected Collection<List<?>> collection = null; 2043 2044 protected NameConstraints nameConstraints = null; 2045 2046 /* Stuff methods */ 2047 public TestCert() { 2048 } 2049 2050 public TestCert(GeneralNames sans) { 2051 setSubjectAlternativeNames(sans); 2052 } 2053 2054 public TestCert(NameConstraints nameConstraints) { 2055 this.nameConstraints = nameConstraints; 2056 } 2057 2058 public TestCert(Collection<List<?>> collection) { 2059 setCollection(collection); 2060 } 2061 2062 public TestCert(String equalCriteria) { 2063 setEqualCriteria(equalCriteria); 2064 } 2065 2066 public TestCert(String[] policies) { 2067 setPolicies(policies); 2068 } 2069 2070 public TestCert(BigInteger serial) { 2071 setSerialNumber(serial); 2072 } 2073 2074 public TestCert(X500Principal principal) { 2075 setIssuer(principal); 2076 setSubject(principal); 2077 } 2078 2079 public TestCert(byte[] array) { 2080 setKeyIdentifier(array); 2081 } 2082 2083 public TestCert(Date date) { 2084 setDate(date); 2085 } 2086 2087 public TestCert(Date notBefore, Date notAfter) { 2088 setPeriod(notBefore, notAfter); 2089 } 2090 2091 public TestCert(PublicKey key) { 2092 setPublicKey(key); 2093 } 2094 2095 public TestCert(boolean[] keyUsage) { 2096 setKeyUsage(keyUsage); 2097 } 2098 2099 public TestCert(Set<String> extKeyUsage) { 2100 setExtendedKeyUsage(extKeyUsage); 2101 } 2102 2103 public TestCert(int pathLen) { 2104 this.pathLen = pathLen; 2105 } 2106 2107 public void setSubjectAlternativeNames(GeneralNames sans) { 2108 this.sans = sans; 2109 } 2110 2111 public void setCollection(Collection<List<?>> collection) { 2112 this.collection = collection; 2113 } 2114 2115 public void setPolicies(String[] policies) { 2116 this.policies = policies; 2117 } 2118 2119 public void setExtendedKeyUsage(Set<String> extKeyUsage) { 2120 this.extKeyUsage = (extKeyUsage == null) ? null : new ArrayList<String>( 2121 extKeyUsage); 2122 } 2123 2124 public void setKeyUsage(boolean[] keyUsage) { 2125 this.keyUsage = (keyUsage == null) ? null : (boolean[]) keyUsage 2126 .clone(); 2127 } 2128 2129 public void setPublicKey(PublicKey key) { 2130 this.key = key; 2131 } 2132 2133 public void setPeriod(Date notBefore, Date notAfter) { 2134 this.notBefore = notBefore; 2135 this.notAfter = notAfter; 2136 } 2137 2138 public void setSerialNumber(BigInteger serial) { 2139 this.serialNumber = serial; 2140 } 2141 2142 public void setEqualCriteria(String equalCriteria) { 2143 this.equalCriteria = equalCriteria; 2144 } 2145 2146 public void setIssuer(X500Principal issuer) { 2147 this.issuer = issuer; 2148 } 2149 2150 public void setSubject(X500Principal subject) { 2151 this.subject = subject; 2152 } 2153 2154 public void setKeyIdentifier(byte[] subjectKeyID) { 2155 this.keyIdentifier = (byte[]) subjectKeyID.clone(); 2156 } 2157 2158 public void setDate(Date date) { 2159 this.date = new Date(date.getTime()); 2160 } 2161 2162 public void setEncoding(byte[] encoding) { 2163 this.encoding = encoding; 2164 } 2165 2166 /* Method implementations */ 2167 public boolean equals(Object cert) { 2168 if (cert == null) { 2169 return false; 2170 } 2171 if ((equalCriteria == null) 2172 || (((TestCert) cert).equalCriteria == null)) { 2173 return false; 2174 } else { 2175 return equalCriteria.equals(((TestCert) cert).equalCriteria); 2176 } 2177 } 2178 2179 public String toString() { 2180 if (equalCriteria != null) { 2181 return equalCriteria; 2182 } 2183 return ""; 2184 } 2185 2186 public void checkValidity() throws CertificateExpiredException, 2187 CertificateNotYetValidException { 2188 } 2189 2190 public void checkValidity(Date date) 2191 throws CertificateExpiredException, 2192 CertificateNotYetValidException { 2193 if (this.date == null) { 2194 throw new CertificateExpiredException(); 2195 } 2196 int result = this.date.compareTo(date); 2197 if (result > 0) { 2198 throw new CertificateExpiredException(); 2199 } 2200 if (result < 0) { 2201 throw new CertificateNotYetValidException(); 2202 } 2203 } 2204 2205 public int getVersion() { 2206 return 3; 2207 } 2208 2209 public BigInteger getSerialNumber() { 2210 return (serialNumber == null) ? new BigInteger("1111") 2211 : serialNumber; 2212 } 2213 2214 public Principal getIssuerDN() { 2215 return issuer; 2216 } 2217 2218 public X500Principal getIssuerX500Principal() { 2219 return issuer; 2220 } 2221 2222 public Principal getSubjectDN() { 2223 return subject; 2224 } 2225 2226 public X500Principal getSubjectX500Principal() { 2227 return subject; 2228 } 2229 2230 public Date getNotBefore() { 2231 return null; 2232 } 2233 2234 public Date getNotAfter() { 2235 return null; 2236 } 2237 2238 public byte[] getTBSCertificate() throws CertificateEncodingException { 2239 return null; 2240 } 2241 2242 public byte[] getSignature() { 2243 return null; 2244 } 2245 2246 public String getSigAlgName() { 2247 return null; 2248 } 2249 2250 public String getSigAlgOID() { 2251 return null; 2252 } 2253 2254 public byte[] getSigAlgParams() { 2255 return null; 2256 } 2257 2258 public boolean[] getIssuerUniqueID() { 2259 return null; 2260 } 2261 2262 public boolean[] getSubjectUniqueID() { 2263 return null; 2264 } 2265 2266 public boolean[] getKeyUsage() { 2267 return keyUsage; 2268 } 2269 2270 public List<String> getExtendedKeyUsage() 2271 throws CertificateParsingException { 2272 return extKeyUsage; 2273 } 2274 2275 public int getBasicConstraints() { 2276 return pathLen; 2277 } 2278 2279 public void verify(PublicKey key) throws CertificateException, 2280 NoSuchAlgorithmException, InvalidKeyException, 2281 NoSuchProviderException, SignatureException { 2282 } 2283 2284 public void verify(PublicKey key, String sigProvider) 2285 throws CertificateException, NoSuchAlgorithmException, 2286 InvalidKeyException, NoSuchProviderException, 2287 SignatureException { 2288 } 2289 2290 public PublicKey getPublicKey() { 2291 return key; 2292 } 2293 2294 public byte[] getEncoded() throws CertificateEncodingException { 2295 return encoding; 2296 } 2297 2298 public Set<String> getNonCriticalExtensionOIDs() { 2299 return null; 2300 } 2301 2302 public Set<String> getCriticalExtensionOIDs() { 2303 return null; 2304 } 2305 2306 public byte[] getExtensionValue(String oid) { 2307 2308 if (("2.5.29.14".equals(oid)) || ("2.5.29.35".equals(oid))) { 2309 // Extension value is represented as an OctetString 2310 return ASN1OctetString.getInstance().encode(keyIdentifier); 2311 } 2312 if ("2.5.29.16".equals(oid)) { 2313 PrivateKeyUsagePeriod pkup = new PrivateKeyUsagePeriod( 2314 notBefore, notAfter); 2315 byte[] encoded = pkup.getEncoded(); 2316 return ASN1OctetString.getInstance().encode(encoded); 2317 } 2318 if (("2.5.29.37".equals(oid)) && (extKeyUsage != null)) { 2319 ASN1Oid[] oa = new ASN1Oid[extKeyUsage.size()]; 2320 String[] val = new String[extKeyUsage.size()]; 2321 Iterator it = extKeyUsage.iterator(); 2322 int id = 0; 2323 while (it.hasNext()) { 2324 oa[id] = ASN1Oid.getInstanceForString(); 2325 val[id++] = (String) it.next(); 2326 } 2327 return ASN1OctetString.getInstance().encode( 2328 new ASN1Sequence(oa).encode(val)); 2329 } 2330 if ("2.5.29.19".equals(oid)) { 2331 return ASN1OctetString.getInstance().encode( 2332 new ASN1Sequence(new ASN1Type[] { 2333 ASN1Boolean.getInstance(), 2334 ASN1Integer.getInstance() }) 2335 .encode(new Object[] { 2336 new Boolean(pathLen != 1), 2337 BigInteger.valueOf(pathLen) 2338 .toByteArray() })); 2339 } 2340 if ("2.5.29.17".equals(oid) && (sans != null)) { 2341 if (sans.getNames() == null) { 2342 return null; 2343 } 2344 return ASN1OctetString.getInstance().encode( 2345 GeneralNames.ASN1.encode(sans)); 2346 } 2347 if ("2.5.29.32".equals(oid) && (policies != null) 2348 && (policies.length > 0)) { 2349 // Certificate Policies Extension (as specified in rfc 3280) 2350 CertificatePolicies certificatePolicies = new CertificatePolicies(); 2351 for (int i = 0; i < policies.length; i++) { 2352 PolicyInformation policyInformation = new PolicyInformation( 2353 policies[i]); 2354 certificatePolicies.addPolicyInformation(policyInformation); 2355 } 2356 return ASN1OctetString.getInstance().encode( 2357 certificatePolicies.getEncoded()); 2358 } 2359 if ("2.5.29.30".equals(oid) && (nameConstraints != null)) { // 2360 // Name 2361 // Constraints 2362 // Extension 2363 // (as 2364 // specified 2365 // in 2366 // rfc 2367 // 3280) 2368 return ASN1OctetString.getInstance().encode( 2369 nameConstraints.getEncoded()); 2370 } 2371 2372 return null; 2373 } 2374 2375 public boolean hasUnsupportedCriticalExtension() { 2376 return false; 2377 } 2378 2379 } 2380 2381 public X509Certificate rootCertificate; 2382 2383 public X509Certificate endCertificate; 2384 2385 public MyCRL crl; 2386 2387 private X509CertSelector theCertSelector; 2388 2389 private CertPathBuilder builder; 2390 2391 private void setupEnvironment() throws Exception { 2392 // create certificates and CRLs 2393 CertificateFactory cf = CertificateFactory.getInstance("X.509"); 2394 ByteArrayInputStream bi = new ByteArrayInputStream(TestUtils.rootCert.getBytes()); 2395 rootCertificate = (X509Certificate) cf.generateCertificate(bi); 2396 bi = new ByteArrayInputStream(TestUtils.endCert.getBytes()); 2397 endCertificate = (X509Certificate) cf.generateCertificate(bi); 2398 2399 BigInteger revokedSerialNumber = BigInteger.valueOf(1); 2400 crl = new MyCRL("X.509"); 2401// X509CRL rootCRL = X509CRL; 2402// X509CRL interCRL = X509CRLExample.createCRL(interCert, interPair 2403// .getPrivate(), revokedSerialNumber); 2404 2405 // create CertStore to support path building 2406 List<Object> list = new ArrayList<Object>(); 2407 2408 list.add(rootCertificate); 2409 list.add(endCertificate); 2410 2411// CollectionCertStoreParameters params = new CollectionCertStoreParameters( 2412// list); 2413// CertStore store = CertStore.getInstance("Collection", params); 2414// 2415 theCertSelector = new X509CertSelector(); 2416 theCertSelector.setCertificate(endCertificate); 2417 theCertSelector.setIssuer(endCertificate.getIssuerX500Principal() 2418 .getEncoded()); 2419 2420 // build the path 2421 builder = CertPathBuilder.getInstance("PKIX"); 2422 2423 } 2424 2425 private CertPath buildCertPath() throws InvalidAlgorithmParameterException { 2426 PKIXCertPathBuilderResult result = null; 2427 PKIXBuilderParameters buildParams = new PKIXBuilderParameters( 2428 Collections.singleton(new TrustAnchor(rootCertificate, null)), 2429 theCertSelector); 2430 try { 2431 result = (PKIXCertPathBuilderResult) builder 2432 .build(buildParams); 2433 } catch(CertPathBuilderException e) { 2434 return null; 2435 } 2436 return result.getCertPath(); 2437 } 2438 2439 /** 2440 * @tests java.security.cert.X509CertSelector#addPathToName(int, byte[]) 2441 */ 2442 @TestTargetNew( 2443 level = TestLevel.COMPLETE, 2444 notes = "Verifies Exception", 2445 method = "addPathToName", 2446 args = {int.class, byte[].class} 2447 ) 2448 public void test_addPathToNameLintLbyte_array2() throws Exception { 2449 TestUtils.initCertPathSSCertChain(); 2450 setupEnvironment(); 2451 byte[] bytes, bytesName; 2452 // GeneralName name = new GeneralName(1, "822.Name"); 2453 // bytes = name.getEncoded(); 2454 // bytesName = name.getEncodedName(); 2455 bytes = new byte[] {-127, 8, 56, 50, 50, 46, 78, 97, 109, 101}; 2456 bytesName = new byte[] {22, 8, 56, 50, 50, 46, 78, 97, 109, 101}; 2457 bytes[bytes.length-3] = (byte) 200; 2458 2459 try { 2460 theCertSelector.addPathToName(1, bytes); 2461 } catch (IOException e) { 2462 // ok 2463 } 2464 2465 theCertSelector.setPathToNames(null); 2466 2467 theCertSelector.addPathToName(1, bytesName); 2468 assertNotNull(theCertSelector.getPathToNames()); 2469 CertPath p = buildCertPath(); 2470 assertNull(p); 2471 2472 theCertSelector.setPathToNames(null); 2473 2474// name = new GeneralName(new Name("O=Android")); 2475// theCertSelector.addPathToName(4, endCertificate.getSubjectDN().getName()); 2476 theCertSelector.addPathToName(4, TestUtils.rootCertificateSS.getIssuerX500Principal().getEncoded()); 2477 assertNotNull(theCertSelector.getPathToNames()); 2478 p = TestUtils.buildCertPathSSCertChain(); 2479 assertNotNull(p); 2480 } 2481 2482 /** 2483 * @tests java.security.cert.X509CertSelector#addPathToName(int, String) 2484 */ 2485 @TestTargetNew( 2486 level = TestLevel.COMPLETE, 2487 notes = "Verifies IOException.", 2488 method = "addPathToName", 2489 args = {int.class, java.lang.String.class} 2490 ) 2491 public void test_addPathToNameLintLjava_lang_String2() throws Exception { 2492 setupEnvironment(); 2493 byte[] bytes, bytesName; 2494 // GeneralName name = new GeneralName(1, "822.Name"); 2495 // bytes = name.getEncoded(); 2496 // bytesName = name.getEncodedName(); 2497 bytes = new byte[] {-127, 8, 56, 50, 50, 46, 78, 97, 109, 101}; 2498 bytesName = new byte[] {22, 8, 56, 50, 50, 46, 78, 97, 109, 101}; 2499 assertNotNull(bytes); 2500 byte[] b = new byte[bytes.length]; 2501 b = bytes; 2502 b[bytes.length-3] = (byte) 200; 2503 2504 try { 2505 theCertSelector.addPathToName(1, new String(b)); 2506 } catch (IOException e) { 2507 // ok 2508 } 2509 2510 theCertSelector.setPathToNames(null); 2511 2512 theCertSelector.addPathToName(1, new String(bytesName)); 2513 assertNotNull(theCertSelector.getPathToNames()); 2514 2515 CertPath p = buildCertPath(); 2516 assertNull(p); 2517 2518 theCertSelector.setPathToNames(null); 2519 theCertSelector.addPathToName(1, rootCertificate.getIssuerX500Principal().getName()); 2520 assertNotNull(theCertSelector.getPathToNames()); 2521 //p = buildCertPath(); 2522 //assertNotNull(p); 2523 } 2524 2525 /** 2526 * @tests java.security.cert.X509CertSelector#addSubjectAlternativeName(int, byte[]) 2527 */ 2528 @TestTargetNew( 2529 level = TestLevel.COMPLETE, 2530 notes = "IOException checking missed", 2531 method = "addSubjectAlternativeName", 2532 args = {int.class, byte[].class} 2533 ) 2534 public void test_addSubjectAlternativeNameLintLbyte_array2() 2535 throws Exception { 2536 2537 2538 GeneralName san0 = new GeneralName(new OtherName("1.2.3.4.5", 2539 new byte[] {1, 2, 0, 1})); 2540 GeneralName san1 = new GeneralName(1, "rfc@822.Name"); 2541 GeneralName san2 = new GeneralName(2, "dNSName"); 2542 2543 GeneralNames sans1 = new GeneralNames(); 2544 sans1.addName(san0); 2545 sans1.addName(san1); 2546 sans1.addName(san2); 2547 2548 X509CertSelector selector = new X509CertSelector(); 2549 2550 selector.addSubjectAlternativeName(0, san0.getEncodedName()); 2551 selector.addSubjectAlternativeName(1, san1.getEncodedName()); 2552 selector.addSubjectAlternativeName(2, san2.getEncodedName()); 2553 2554 GeneralNames sans2 = new GeneralNames(); 2555 sans2.addName(san0); 2556 2557 TestCert cert1 = new TestCert(sans1); 2558 TestCert cert2 = new TestCert(sans2); 2559 2560 assertTrue(selector.match(cert1)); 2561 assertFalse(selector.match(cert2)); 2562 2563 selector.setSubjectAlternativeNames(null); 2564 2565 GeneralName name = new GeneralName(new Name("O=Android")); 2566 try { 2567 selector.addSubjectAlternativeName(0, name.getEncodedName()); 2568 } catch (IOException e) { 2569 // ok 2570 } 2571 2572 } 2573 2574 /** 2575 * @tests java.security.cert.X509CertSelector#addSubjectAlternativeName(int, String) 2576 */ 2577 @TestTargetNew( 2578 level = TestLevel.COMPLETE, 2579 notes = "", 2580 method = "addSubjectAlternativeName", 2581 args = {int.class, java.lang.String.class} 2582 ) 2583 public void test_addSubjectAlternativeNameLintLjava_lang_String2() throws Exception{ 2584 GeneralName san6 = new GeneralName(6, "http://uniform.Resource.Id"); 2585 GeneralName san2 = new GeneralName(2, "dNSName"); 2586 2587 GeneralNames sans1 = new GeneralNames(); 2588 sans1.addName(san6); 2589 sans1.addName(san2); 2590 2591 X509CertSelector selector = new X509CertSelector(); 2592 2593 selector.addSubjectAlternativeName(6, "http://uniform.Resource.Id"); 2594 selector.addSubjectAlternativeName(2, "dNSName"); 2595 2596 GeneralNames sans2 = new GeneralNames(); 2597 sans2.addName(san2); 2598 2599 TestCert cert1 = new TestCert(sans1); 2600 TestCert cert2 = new TestCert(sans2); 2601 2602 assertTrue(selector.match(cert1)); 2603 assertFalse(selector.match(cert2)); 2604 2605 selector.setSubjectAlternativeNames(null); 2606 2607 GeneralName name = new GeneralName(new Name("O=Android")); 2608 try { 2609 selector.addSubjectAlternativeName(0, (name.toString())); 2610 } catch (IOException e) { 2611 // ok 2612 } 2613 2614 } 2615} 2616