1/*
2 *  Licensed to the Apache Software Foundation (ASF) under one or more
3 *  contributor license agreements.  See the NOTICE file distributed with
4 *  this work for additional information regarding copyright ownership.
5 *  The ASF licenses this file to You under the Apache License, Version 2.0
6 *  (the "License"); you may not use this file except in compliance with
7 *  the License.  You may obtain a copy of the License at
8 *
9 *     http://www.apache.org/licenses/LICENSE-2.0
10 *
11 *  Unless required by applicable law or agreed to in writing, software
12 *  distributed under the License is distributed on an "AS IS" BASIS,
13 *  WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
14 *  See the License for the specific language governing permissions and
15 *  limitations under the License.
16 */
17
18/**
19* @author Vladimir N. Molotkov
20*/
21
22package org.apache.harmony.security.tests.java.security.cert;
23
24import java.security.InvalidAlgorithmParameterException;
25import java.security.InvalidParameterException;
26import java.security.KeyStore;
27import java.security.KeyStoreException;
28import java.security.cert.PKIXBuilderParameters;
29import java.security.cert.PKIXParameters;
30import java.security.cert.X509CertSelector;
31
32import org.apache.harmony.security.tests.support.cert.TestUtils;
33
34import junit.framework.TestCase;
35
36/**
37 * Tests for <code>PKIXBuilderParameters</code> fields and methods
38 *
39 */
40public class PKIXBuilderParameters_ImplTest extends TestCase {
41    private static final int DEFAULT_MAX_PATH_LEN = 5;
42
43    /**
44     * Test #1 for <code>PKIXBuilderParameters(KeyStore, CertSelector)</code>
45     * constructor<br>
46     * Assertion: creates an instance of <code>PKIXBuilderParameters</code>
47     * @throws InvalidAlgorithmParameterException
48     * @throws KeyStoreException
49     */
50    public final void testPKIXBuilderParametersKeyStoreCertSelector01()
51        throws KeyStoreException,
52               InvalidAlgorithmParameterException {
53        KeyStore ks = TestUtils.getKeyStore(true, TestUtils.TRUSTED);
54        if (ks == null) {
55            fail(getName() + ": not performed (could not create test KeyStore)");
56        }
57        // both parameters are valid and non-null
58        PKIXParameters p =
59            new PKIXBuilderParameters(ks, new X509CertSelector());
60        assertTrue("instanceOf", p instanceof PKIXBuilderParameters);
61        assertNotNull("certSelector", p.getTargetCertConstraints());
62    }
63
64    /**
65     * Test #2 for <code>PKIXBuilderParameters(KeyStore, CertSelector)</code>
66     * constructor<br>
67     * Assertion: creates an instance of <code>PKIXBuilderParameters</code>
68     * @throws InvalidAlgorithmParameterException
69     * @throws KeyStoreException
70     */
71    public final void testPKIXBuilderParametersKeyStoreCertSelector02()
72        throws KeyStoreException,
73               InvalidAlgorithmParameterException {
74        KeyStore ks = TestUtils.getKeyStore(true, TestUtils.TRUSTED);
75        if (ks == null) {
76            fail(getName() + ": not performed (could not create test KeyStore)");
77        }
78        // both parameters are valid but CertSelector is null
79        PKIXParameters p =
80            new PKIXBuilderParameters(ks, null);
81        assertTrue("instanceOf", p instanceof PKIXBuilderParameters);
82        assertNull("certSelector", p.getTargetCertConstraints());
83    }
84
85    /**
86     * Test #3 for <code>PKIXBuilderParameters(KeyStore, CertSelector)</code>
87     * constructor<br>
88     * Assertion: Only keystore entries that contain trusted
89     * <code>X509Certificates</code> are considered; all other
90     * certificate types are ignored
91     * @throws InvalidAlgorithmParameterException
92     * @throws KeyStoreException
93     */
94    public final void testPKIXBuilderParametersKeyStoreCertSelector03()
95        throws KeyStoreException,
96               InvalidAlgorithmParameterException {
97        KeyStore ks = TestUtils.getKeyStore(true, TestUtils.TRUSTED_AND_UNTRUSTED);
98        if (ks == null) {
99            fail(getName() + ": not performed (could not create test KeyStore)");
100        }
101        // both parameters are valid but CertSelector is null
102        PKIXParameters p =
103            new PKIXBuilderParameters(ks, null);
104        assertTrue("instanceof", p instanceof PKIXBuilderParameters);
105        assertEquals("size", 1, p.getTrustAnchors().size());
106    }
107
108    /**
109     * Test #5 for <code>PKIXBuilderParameters(KeyStore, CertSelector)</code>
110     * constructor<br>
111     * Assertion: <code>KeyStoreException</code> -
112     * if the <code>keystore</code> has not been initialized
113     */
114    public final void testPKIXBuilderParametersKeyStoreCertSelector05() throws Exception {
115        KeyStore ks = TestUtils.getKeyStore(false, 0);
116        if (ks == null) {
117            fail(getName() + ": not performed (could not create test KeyStore)");
118        }
119
120        try {
121            // pass not initialized KeyStore
122            new PKIXBuilderParameters(ks, null);
123            fail("KeyStoreException expected");
124        } catch (KeyStoreException e) {
125        }
126    }
127
128    /**
129     * Test #6 for <code>PKIXBuilderParameters(KeyStore, CertSelector)</code>
130     * constructor<br>
131     * Assertion: <code>InvalidAlgorithmParameterException</code> -
132     * if the <code>keystore</code> does not contain at least one
133     * trusted certificate entry
134     */
135    public final void testPKIXBuilderParametersKeyStoreCertSelector06() throws Exception {
136        KeyStore ks = TestUtils.getKeyStore(true, TestUtils.UNTRUSTED);
137        if (ks == null) {
138            fail(getName() + ": not performed (could not create test KeyStore)");
139            return;
140        }
141
142        try {
143            // pass KeyStore that does not contain trusted certificates
144            new PKIXBuilderParameters(ks, null);
145            fail("InvalidAlgorithmParameterException expected");
146        } catch (InvalidAlgorithmParameterException e) {
147        }
148    }
149
150    /**
151     * Test for <code>getMaxPathLength()</code> method<br>
152     * Assertion: The default maximum path length, if not specified, is 5
153     * @throws KeyStoreException
154     * @throws InvalidAlgorithmParameterException
155     */
156    public final void testGetMaxPathLength01()
157        throws KeyStoreException,
158               InvalidAlgorithmParameterException {
159        KeyStore ks = TestUtils.getKeyStore(true, TestUtils.TRUSTED);
160        if (ks == null) {
161            fail(getName() + ": not performed (could not create test KeyStore)");
162        }
163        PKIXBuilderParameters p = new PKIXBuilderParameters(ks, null);
164        assertEquals(DEFAULT_MAX_PATH_LEN, p.getMaxPathLength());
165    }
166
167    /**
168     * Test #1 for <code>setMaxPathLength(int)</code> method<br>
169     * Assertion: sets the maximum number of non-self-signed certificates
170     * in the cert path
171     * @throws KeyStoreException
172     * @throws InvalidAlgorithmParameterException
173     */
174    public final void testSetMaxPathLength01()
175        throws KeyStoreException,
176               InvalidAlgorithmParameterException {
177        KeyStore ks = TestUtils.getKeyStore(true, TestUtils.TRUSTED);
178        if (ks == null) {
179            fail(getName() + ": not performed (could not create test KeyStore)");
180        }
181        // all these VALID maxPathLength values must be
182        // set (and get) without exceptions
183        int[] testPathLength = new int[] {-1, 0, 1, 999, Integer.MAX_VALUE};
184        for (int i=0; i<testPathLength.length; i++) {
185            PKIXBuilderParameters p = new PKIXBuilderParameters(ks, null);
186            p.setMaxPathLength(testPathLength[i]);
187            assertEquals("i="+i, testPathLength[i], p.getMaxPathLength());
188        }
189    }
190
191    /**
192     * Test #2 for <code>setMaxPathLength(int)</code> method<br>
193     * Assertion: throws InvalidParameterException if parameter is
194     * less than -1
195     * @throws InvalidAlgorithmParameterException
196     * @throws KeyStoreException
197     */
198    public final void testSetMaxPathLength02()
199        throws KeyStoreException,
200               InvalidAlgorithmParameterException {
201        KeyStore ks = TestUtils.getKeyStore(true, TestUtils.TRUSTED);
202        if (ks == null) {
203            fail(getName() + ": not performed (could not create test KeyStore)");
204        }
205        PKIXBuilderParameters p = new PKIXBuilderParameters(ks, null);
206
207        try {
208            // pass parameter less than -1
209            p.setMaxPathLength(Integer.MIN_VALUE);
210            fail("InvalidParameterException expected");
211        } catch (InvalidParameterException e) {
212        }
213    }
214
215    /**
216     * Test for <code>toString()</code> method<br>
217     * Assertion: returns string describing this object
218     * @throws InvalidAlgorithmParameterException
219     * @throws KeyStoreException
220     */
221    public final void testToString()
222        throws KeyStoreException,
223               InvalidAlgorithmParameterException {
224        KeyStore ks = TestUtils.getKeyStore(true,TestUtils.TRUSTED_AND_UNTRUSTED);
225        if (ks == null) {
226            fail(getName() + ": not performed (could not create test KeyStore)");
227        }
228        PKIXBuilderParameters p =
229            new PKIXBuilderParameters(ks, new X509CertSelector());
230        String rep = p.toString();
231
232        assertNotNull(rep);
233    }
234
235}
236