1/* 2 * Licensed to the Apache Software Foundation (ASF) under one or more 3 * contributor license agreements. See the NOTICE file distributed with 4 * this work for additional information regarding copyright ownership. 5 * The ASF licenses this file to You under the Apache License, Version 2.0 6 * (the "License"); you may not use this file except in compliance with 7 * the License. You may obtain a copy of the License at 8 * 9 * http://www.apache.org/licenses/LICENSE-2.0 10 * 11 * Unless required by applicable law or agreed to in writing, software 12 * distributed under the License is distributed on an "AS IS" BASIS, 13 * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. 14 * See the License for the specific language governing permissions and 15 * limitations under the License. 16 */ 17 18/** 19* @author Alexander Y. Kleymenov 20*/ 21 22package org.apache.harmony.security.tests.javax.security.cert; 23 24import java.io.ByteArrayInputStream; 25import java.io.InputStream; 26import java.security.cert.CertificateFactory; 27import java.util.Arrays; 28import java.util.Calendar; 29import java.util.Date; 30 31import javax.security.cert.CertificateEncodingException; 32import javax.security.cert.CertificateException; 33import javax.security.cert.CertificateExpiredException; 34import javax.security.cert.CertificateNotYetValidException; 35import javax.security.cert.X509Certificate; 36 37import junit.framework.Test; 38import junit.framework.TestCase; 39import junit.framework.TestSuite; 40 41 42 43/** 44 */ 45 46public class X509CertificateTest extends TestCase { 47 48 // Testing data was generated by using of classes 49 // from org.apache.harmony.security.asn1 package encoded 50 // by org.apache.harmony.misc.Base64 class. 51 52 private static String base64cert = 53 "-----BEGIN CERTIFICATE-----\n" + 54 "MIIC+jCCAragAwIBAgICAiswDAYHKoZIzjgEAwEBADAdMRswGQYDVQQKExJDZXJ0a" + 55 "WZpY2F0ZSBJc3N1ZXIwIhgPMTk3MDAxMTIxMzQ2NDBaGA8xOTcwMDEyNDAzMzMyMF" + 56 "owHzEdMBsGA1UEChMUU3ViamVjdCBPcmdhbml6YXRpb24wGTAMBgcqhkjOOAQDAQE" + 57 "AAwkAAQIDBAUGBwiBAgCqggIAVaOCAhQwggIQMA8GA1UdDwEB/wQFAwMBqoAwEgYD" + 58 "VR0TAQH/BAgwBgEB/wIBBTAUBgNVHSABAf8ECjAIMAYGBFUdIAAwZwYDVR0RAQH/B" + 59 "F0wW4EMcmZjQDgyMi5OYW1lggdkTlNOYW1lpBcxFTATBgNVBAoTDE9yZ2FuaXphdG" + 60 "lvboYaaHR0cDovL3VuaWZvcm0uUmVzb3VyY2UuSWSHBP///wCIByoDolyDsgMwDAY" + 61 "DVR0eAQH/BAIwADAMBgNVHSQBAf8EAjAAMIGZBgNVHSUBAf8EgY4wgYsGBFUdJQAG" + 62 "CCsGAQUFBwMBBggrBgEFBQcDAQYIKwYBBQUHAwIGCCsGAQUFBwMDBggrBgEFBQcDB" + 63 "AYIKwYBBQUHAwUGCCsGAQUFBwMGBggrBgEFBQcDBwYIKwYBBQUHAwgGCCsGAQUFBw" + 64 "MJBggrBgEFBQgCAgYKKwYBBAGCNwoDAwYJYIZIAYb4QgQBMA0GA1UdNgEB/wQDAgE" + 65 "BMA4GBCpNhgkBAf8EAwEBATBkBgNVHRIEXTBbgQxyZmNAODIyLk5hbWWCB2ROU05h" + 66 "bWWkFzEVMBMGA1UEChMMT3JnYW5pemF0aW9uhhpodHRwOi8vdW5pZm9ybS5SZXNvd" + 67 "XJjZS5JZIcE////AIgHKgOiXIOyAzAJBgNVHR8EAjAAMAoGA1UdIwQDAQEBMAoGA1" + 68 "UdDgQDAQEBMAoGA1UdIQQDAQEBMAwGByqGSM44BAMBAQADMAAwLQIUAL4QvoazNWP" + 69 "7jrj84/GZlhm09DsCFQCBKGKCGbrP64VtUt4JPmLjW1VxQA==\n" + 70 "-----END CERTIFICATE-----"; 71 72 private java.security.cert.X509Certificate cert; 73 private javax.security.cert.X509Certificate tbt_cert; 74 75 protected void setUp() throws Exception { 76 try { 77 ByteArrayInputStream bais = 78 new ByteArrayInputStream(base64cert.getBytes()); 79 80 CertificateFactory cf = CertificateFactory.getInstance("X.509"); 81 this.cert = (java.security.cert.X509Certificate) 82 cf.generateCertificate(bais); 83 this.tbt_cert = X509Certificate.getInstance(cert.getEncoded()); 84 } catch (java.security.cert.CertificateException e) { 85 // The requested certificate type is not available. 86 // Test pass.. 87 this.cert = null; 88 } catch (javax.security.cert.CertificateException e) { 89 // The requested certificate type is not available. 90 // Test pass.. 91 this.cert = null; 92 } 93 } 94 95 /** 96 * getInstance(InputStream inStream) method testing. 97 */ 98 public void testGetInstance1() { 99 if (this.cert == null) { 100 // The requested certificate type is not available. 101 // Test can not be applied. 102 return; 103 } 104 try { 105 ByteArrayInputStream bais = 106 new ByteArrayInputStream(cert.getEncoded()); 107 108 X509Certificate.getInstance(bais); 109 } catch (java.security.cert.CertificateEncodingException e) { 110 e.printStackTrace(); 111 fail("Unexpected CertificateEncodingException was thrown."); 112 } catch (CertificateEncodingException e) { 113 e.printStackTrace(); 114 fail("Unexpected CertificateEncodingException was thrown."); 115 } catch (CertificateException e) { 116 // The requested certificate type is not available. 117 // Test pass.. 118 } 119 120 // Regression for HARMONY-756 121 try { 122 X509Certificate.getInstance((InputStream) null); 123 fail("No expected CertificateException"); 124 } catch (CertificateException e) { 125 //expected; 126 } 127 } 128 129 /** 130 * getInstance(byte[] certData) method testing. 131 */ 132 public void testGetInstance2() { 133 if (this.cert == null) { 134 // The requested certificate type is not available. 135 // Test can not be applied. 136 return; 137 } 138 try { 139 X509Certificate.getInstance(cert.getEncoded()); 140 } catch (java.security.cert.CertificateEncodingException e) { 141 e.printStackTrace(); 142 fail("Unexpected CertificateEncodingException was thrown."); 143 } catch (CertificateException e) { 144 // The requested certificate type is not available. 145 // Test pass.. 146 } 147 148 // Regression for HARMONY-756 149 try { 150 X509Certificate.getInstance((byte[]) null); 151 fail("No expected CertificateException"); 152 } catch (CertificateException e) { 153 //expected; 154 } 155 } 156 157 /** 158 * checkValidity() method testing. 159 */ 160 public void testCheckValidity1() { 161 if (this.cert == null) { 162 // The requested certificate type is not available. 163 // Test can not be applied. 164 return; 165 } 166 Date date = new Date(); 167 Date nb_date = tbt_cert.getNotBefore(); 168 Date na_date = tbt_cert.getNotAfter(); 169 try { 170 tbt_cert.checkValidity(); 171 assertFalse("CertificateExpiredException expected", 172 date.compareTo(na_date) > 0); 173 assertFalse("CertificateNotYetValidException expected", 174 date.compareTo(nb_date) < 0); 175 } catch (CertificateExpiredException e) { 176 assertTrue("Unexpected CertificateExpiredException was thrown", 177 date.compareTo(na_date) > 0); 178 } catch (CertificateNotYetValidException e) { 179 assertTrue("Unexpected CertificateNotYetValidException was thrown", 180 date.compareTo(nb_date) < 0); 181 } 182 } 183 184 /** 185 * checkValidity(Date date) method testing. 186 */ 187 public void testCheckValidity2() { 188 if (this.cert == null) { 189 // The requested certificate type is not available. 190 // Test can not be applied. 191 return; 192 } 193 Date[] date = new Date[4]; 194 Calendar calendar = Calendar.getInstance(); 195 for (int i=0; i<date.length; i++) { 196 calendar.set(i*50, Calendar.JANUARY, 1); 197 date[i] = calendar.getTime(); 198 } 199 Date nb_date = tbt_cert.getNotBefore(); 200 Date na_date = tbt_cert.getNotAfter(); 201 for (int i=0; i<date.length; i++) { 202 try { 203 tbt_cert.checkValidity(date[i]); 204 assertFalse("CertificateExpiredException expected", 205 date[i].compareTo(na_date) > 0); 206 assertFalse("CertificateNotYetValidException expected", 207 date[i].compareTo(nb_date) < 0); 208 } catch (CertificateExpiredException e) { 209 assertTrue("Unexpected CertificateExpiredException was thrown", 210 date[i].compareTo(na_date) > 0); 211 } catch (CertificateNotYetValidException e) { 212 assertTrue("Unexpected CertificateNotYetValidException " 213 + "was thrown", date[i].compareTo(nb_date) < 0); 214 } 215 } 216 } 217 218 /** 219 * getVersion() method testing. 220 */ 221 public void testGetVersion() { 222 if (this.cert == null) { 223 // The requested certificate type is not available. 224 // Test can not be applied. 225 return; 226 } 227 assertEquals("The version is not correct.", 228 tbt_cert.getVersion(), 2); 229 } 230 231 /** 232 * getSerialNumber() method testing. 233 */ 234 public void testGetSerialNumber() { 235 if (this.cert == null) { 236 // The requested certificate type is not available. 237 // Test can not be applied. 238 return; 239 } 240 assertEquals("The serial number is not correct.", 241 tbt_cert.getSerialNumber(), cert.getSerialNumber()); 242 } 243 244 /** 245 * getIssuerDN() method testing. 246 */ 247 public void testGetIssuerDN() { 248 if (this.cert == null) { 249 // The requested certificate type is not available. 250 // Test can not be applied. 251 return; 252 } 253 assertEquals("The issuer DN is not correct.", 254 tbt_cert.getIssuerDN(), cert.getIssuerDN()); 255 } 256 257 /** 258 * getSubjectDN() method testing. 259 */ 260 public void testGetSubjectDN() { 261 if (this.cert == null) { 262 // The requested certificate type is not available. 263 // Test can not be applied. 264 return; 265 } 266 assertEquals("The subject DN is not correct.", 267 tbt_cert.getSubjectDN(), cert.getSubjectDN()); 268 } 269 270 /** 271 * getNotBefore() method testing. 272 */ 273 public void testGetNotBefore() { 274 if (this.cert == null) { 275 // The requested certificate type is not available. 276 // Test can not be applied. 277 return; 278 } 279 assertEquals("The NotBefore date is not correct.", 280 tbt_cert.getNotBefore(), cert.getNotBefore()); 281 } 282 283 /** 284 * getNotAfter() method testing. 285 */ 286 public void testGetNotAfter() { 287 if (this.cert == null) { 288 // The requested certificate type is not available. 289 // Test can not be applied. 290 return; 291 } 292 assertEquals("The NotAfter date is not correct.", 293 tbt_cert.getNotAfter(), cert.getNotAfter()); 294 } 295 296 /** 297 * getSigAlgName() method testing. 298 */ 299 public void testGetSigAlgName() { 300 if (this.cert == null) { 301 // The requested certificate type is not available. 302 // Test can not be applied. 303 return; 304 } 305 assertEquals("The name of signature algorithm is not correct.", 306 tbt_cert.getSigAlgName(), cert.getSigAlgName()); 307 } 308 309 /** 310 * getSigAlgOID() method testing. 311 */ 312 public void testGetSigAlgOID() { 313 if (this.cert == null) { 314 // The requested certificate type is not available. 315 // Test can not be applied. 316 return; 317 } 318 assertEquals("The name of OID of signature algorithm is not correct.", 319 tbt_cert.getSigAlgOID(), cert.getSigAlgOID()); 320 } 321 322 /** 323 * getSigAlgParams() method testing. 324 */ 325 public void testGetSigAlgParams() { 326 if (this.cert == null) { 327 // The requested certificate type is not available. 328 // Test can not be applied. 329 return; 330 } 331 assertTrue("The byte array with encoded algorithm parameters " 332 + "is not correct.", Arrays.equals(tbt_cert.getSigAlgParams(), 333 cert.getSigAlgParams())); 334 } 335 336 public static Test suite() { 337 return new TestSuite(X509CertificateTest.class); 338 } 339 340} 341