X509CertSelectorTest.java revision 5c27fb80ffd335aa45dc8829ba3ecbc18c01e4e8
1/* 2 * Licensed to the Apache Software Foundation (ASF) under one or more 3 * contributor license agreements. See the NOTICE file distributed with 4 * this work for additional information regarding copyright ownership. 5 * The ASF licenses this file to You under the Apache License, Version 2.0 6 * (the "License"); you may not use this file except in compliance with 7 * the License. You may obtain a copy of the License at 8 * 9 * http://www.apache.org/licenses/LICENSE-2.0 10 * 11 * Unless required by applicable law or agreed to in writing, software 12 * distributed under the License is distributed on an "AS IS" BASIS, 13 * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. 14 * See the License for the specific language governing permissions and 15 * limitations under the License. 16 */ 17 18package tests.security.cert; 19 20import dalvik.annotation.TestLevel; 21import dalvik.annotation.TestTargetNew; 22import dalvik.annotation.TestTargetClass; 23 24import junit.framework.TestCase; 25 26import java.io.ByteArrayInputStream; 27import java.io.IOException; 28import java.math.BigInteger; 29import java.security.InvalidAlgorithmParameterException; 30import java.security.InvalidKeyException; 31import java.security.NoSuchAlgorithmException; 32import java.security.NoSuchProviderException; 33import java.security.Principal; 34import java.security.PublicKey; 35import java.security.SignatureException; 36import java.security.cert.CertPath; 37import java.security.cert.CertPathBuilder; 38import java.security.cert.CertPathBuilderException; 39import java.security.cert.CertificateEncodingException; 40import java.security.cert.CertificateException; 41import java.security.cert.CertificateExpiredException; 42import java.security.cert.CertificateFactory; 43import java.security.cert.CertificateNotYetValidException; 44import java.security.cert.CertificateParsingException; 45import java.security.cert.PKIXBuilderParameters; 46import java.security.cert.PKIXCertPathBuilderResult; 47import java.security.cert.TrustAnchor; 48import java.security.cert.X509CertSelector; 49import java.security.cert.X509Certificate; 50import java.util.ArrayList; 51import java.util.Arrays; 52import java.util.Calendar; 53import java.util.Collection; 54import java.util.Collections; 55import java.util.Date; 56import java.util.HashSet; 57import java.util.Iterator; 58import java.util.List; 59import java.util.Set; 60 61import javax.security.auth.x500.X500Principal; 62 63 64import org.apache.harmony.security.tests.support.cert.MyCRL; 65import org.apache.harmony.security.tests.support.cert.TestUtils; 66import org.apache.harmony.security.tests.support.TestKeyPair; 67import org.apache.harmony.security.asn1.ASN1Boolean; 68import org.apache.harmony.security.asn1.ASN1Integer; 69import org.apache.harmony.security.asn1.ASN1OctetString; 70import org.apache.harmony.security.asn1.ASN1Oid; 71import org.apache.harmony.security.asn1.ASN1Sequence; 72import org.apache.harmony.security.asn1.ASN1Type; 73import org.apache.harmony.security.x501.Name; 74import org.apache.harmony.security.x509.CertificatePolicies; 75import org.apache.harmony.security.x509.GeneralName; 76import org.apache.harmony.security.x509.GeneralNames; 77import org.apache.harmony.security.x509.NameConstraints; 78import org.apache.harmony.security.x509.ORAddress; 79import org.apache.harmony.security.x509.OtherName; 80import org.apache.harmony.security.x509.PolicyInformation; 81import org.apache.harmony.security.x509.PrivateKeyUsagePeriod; 82 83/** 84 * X509CertSelectorTest 85 */ 86@TestTargetClass(X509CertSelector.class) 87public class X509CertSelectorTest extends TestCase { 88 89 byte[][] constraintBytes = new byte[][] { 90 { 91 48, 34, -96, 15, 48, 13, -127, 8, 56, 50, 50, 46, 78, 92 97, 109, 101, -128, 1, 0, -95, 15, 48, 13, -127, 8, 56, 93 50, 50, 46, 78, 97, 109, 101, -128, 1, 0}, 94 { 95 48, 42, -96, 19, 48, 17, -127, 12, 114, 102, 99, 64, 96 56, 50, 50, 46, 78, 97, 109, 101, -128, 1, 0, -95, 19, 97 48, 17, -127, 12, 114, 102, 99, 64, 56, 50, 50, 46, 78, 98 97, 109, 101, -128, 1, 0}, 99 { 100 48, 34, -96, 15, 48, 13, -126, 8, 78, 97, 109, 101, 46, 101 111, 114, 103, -128, 1, 0, -95, 15, 48, 13, -126, 8, 102 78, 97, 109, 101, 46, 111, 114, 103, -128, 1, 0}, 103 { 104 48, 42, -96, 19, 48, 17, -126, 12, 100, 78, 83, 46, 78, 105 97, 109, 101, 46, 111, 114, 103, -128, 1, 0, -95, 19, 106 48, 17, -126, 12, 100, 78, 83, 46, 78, 97, 109, 101, 107 46, 111, 114, 103, -128, 1, 0}, 108 { 109 48, 54, -96, 25, 48, 23, -122, 18, 104, 116, 116, 112, 110 58, 47, 47, 82, 101, 115, 111, 117, 114, 99, 101, 46, 111 73, 100, -128, 1, 0, -95, 25, 48, 23, -122, 18, 104, 112 116, 116, 112, 58, 47, 47, 82, 101, 115, 111, 117, 114, 113 99, 101, 46, 73, 100, -128, 1, 0}, 114 { 115 48, 70, -96, 33, 48, 31, -122, 26, 104, 116, 116, 112, 116 58, 47, 47, 117, 110, 105, 102, 111, 114, 109, 46, 82, 117 101, 115, 111, 117, 114, 99, 101, 46, 73, 100, -128, 1, 118 0, -95, 33, 48, 31, -122, 26, 104, 116, 116, 112, 58, 119 47, 47, 117, 110, 105, 102, 111, 114, 109, 46, 82, 101, 120 115, 111, 117, 114, 99, 101, 46, 73, 100, -128, 1, 0}, 121 { 122 48, 26, -96, 11, 48, 9, -121, 4, 1, 1, 1, 1, -128, 1, 123 0, -95, 11, 48, 9, -121, 4, 1, 1, 1, 1, -128, 1, 0}, 124 { 125 48, 50, -96, 23, 48, 21, -121, 16, 1, 1, 1, 1, 1, 1, 1, 126 1, 1, 1, 1, 1, 1, 1, 1, 1, -128, 1, 0, -95, 23, 48, 21, 127 -121, 16, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 128 1, -128, 1, 0}}; 129 130 /** 131 * @tests java.security.cert.X509CertSelector#addSubjectAlternativeName(int, byte[]) 132 */ 133 @TestTargetNew( 134 level = TestLevel.PARTIAL, 135 notes = "IOException checking missed", 136 method = "addSubjectAlternativeName", 137 args = {int.class, byte[].class} 138 ) 139 public void test_addSubjectAlternativeNameLintLbyte_array() throws IOException { 140 // Regression for HARMONY-2487 141 int[] types = { 0, 1, 2, 3, 4, 5, 6, 7, 8 }; 142 for (int i = 0; i < types.length; i++) { 143 try { 144 new X509CertSelector().addSubjectAlternativeName(types[i], 145 (byte[]) null); 146 fail("No expected NullPointerException for type: " + i); 147 } catch (NullPointerException e) { 148 } 149 } 150 } 151 152 /** 153 * @tests java.security.cert.X509CertSelector#addSubjectAlternativeName(int, String) 154 */ 155 @TestTargetNew( 156 level = TestLevel.PARTIAL, 157 notes = "Verifies IOException.", 158 method = "addSubjectAlternativeName", 159 args = {int.class, java.lang.String.class} 160 ) 161 public void test_addSubjectAlternativeNameLintLjava_lang_String() { 162 // Regression for HARMONY-727 163 int[] types = { 0, 2, 3, 4, 5, 6, 7, 8 }; 164 for (int i = 0; i < types.length; i++) { 165 try { 166 new X509CertSelector().addSubjectAlternativeName(types[i], 167 "0xDFRF"); 168 fail("IOException expected"); 169 } catch (IOException e) { 170 } 171 } 172 } 173 174 /** 175 * @tests java.security.cert.X509CertSelector#addPathToName(int, byte[]) 176 */ 177 @TestTargetNew( 178 level = TestLevel.PARTIAL, 179 notes = "Verifies NullPointerException.", 180 method = "addPathToName", 181 args = {int.class, byte[].class} 182 ) 183 public void test_addPathToNameLintLbyte_array() throws IOException { 184 // Regression for HARMONY-2487 185 int[] types = { 0, 1, 2, 3, 4, 5, 6, 7, 8 }; 186 for (int i = 0; i < types.length; i++) { 187 try { 188 new X509CertSelector().addPathToName(types[i], (byte[]) null); 189 fail("No expected NullPointerException for type: " + i); 190 } catch (NullPointerException e) { 191 } 192 } 193 } 194 195 /** 196 * @tests java.security.cert.X509CertSelector#addPathToName(int, String) 197 */ 198 @TestTargetNew( 199 level = TestLevel.PARTIAL, 200 notes = "Verifies IOException.", 201 method = "addPathToName", 202 args = {int.class, java.lang.String.class} 203 ) 204 public void test_addPathToNameLintLjava_lang_String() { 205 // Regression for HARMONY-724 206 for (int type = 0; type <= 8; type++) { 207 try { 208 new X509CertSelector().addPathToName(type, (String) null); 209 fail("IOException expected!"); 210 } catch (IOException ioe) { 211 // expected 212 } 213 } 214 215 216 } 217 218 /** 219 * @tests java.security.cert.X509CertSelector#X509CertSelector() 220 */ 221 @TestTargetNew( 222 level = TestLevel.COMPLETE, 223 notes = "", 224 method = "X509CertSelector", 225 args = {} 226 ) 227 public void test_X509CertSelector() { 228 X509CertSelector selector = null; 229 try { 230 selector = new X509CertSelector(); 231 } catch (Exception e) { 232 fail("Unexpected exception " + e.getMessage()); 233 } 234 assertEquals(-1, selector.getBasicConstraints()); 235 assertTrue(selector.getMatchAllSubjectAltNames()); 236 } 237 238 /** 239 * @tests java.security.cert.X509CertSelector#clone() 240 */ 241 @TestTargetNew( 242 level = TestLevel.COMPLETE, 243 notes = "", 244 method = "clone", 245 args = {} 246 ) 247 public void test_clone() throws Exception { 248 X509CertSelector selector = new X509CertSelector(); 249 X509CertSelector selector1 = (X509CertSelector) selector.clone(); 250 251 assertEquals(selector.getMatchAllSubjectAltNames(), selector1 252 .getMatchAllSubjectAltNames()); 253 assertEquals(selector.getAuthorityKeyIdentifier(), selector1 254 .getAuthorityKeyIdentifier()); 255 assertEquals(selector.getBasicConstraints(), selector1 256 .getBasicConstraints()); 257 assertEquals(selector.getCertificate(), selector1.getCertificate()); 258 assertEquals(selector.getCertificateValid(), selector1 259 .getCertificateValid()); 260 assertEquals(selector.getExtendedKeyUsage(), selector1 261 .getExtendedKeyUsage()); 262 assertEquals(selector.getIssuer(), selector1.getIssuer()); 263 assertEquals(selector.getIssuerAsBytes(), selector1.getIssuerAsBytes()); 264 assertEquals(selector.getIssuerAsString(), selector1 265 .getIssuerAsString()); 266 assertEquals(selector.getKeyUsage(), selector1.getKeyUsage()); 267 assertEquals(selector.getNameConstraints(), selector1 268 .getNameConstraints()); 269 assertEquals(selector.getPathToNames(), selector1.getPathToNames()); 270 assertEquals(selector.getPolicy(), selector1.getPolicy()); 271 assertEquals(selector.getPrivateKeyValid(), selector1 272 .getPrivateKeyValid()); 273 assertEquals(selector.getSerialNumber(), selector1.getSerialNumber()); 274 assertEquals(selector.getSubject(), selector1.getSubject()); 275 assertEquals(selector.getSubjectAlternativeNames(), selector1 276 .getSubjectAlternativeNames()); 277 assertEquals(selector.getSubjectAsBytes(), selector1 278 .getSubjectAsBytes()); 279 assertEquals(selector.getSubjectAsString(), selector1 280 .getSubjectAsString()); 281 assertEquals(selector.getSubjectKeyIdentifier(), selector1 282 .getSubjectKeyIdentifier()); 283 assertEquals(selector.getSubjectPublicKey(), selector1 284 .getSubjectPublicKey()); 285 assertEquals(selector.getSubjectPublicKeyAlgID(), selector1 286 .getSubjectPublicKeyAlgID()); 287 288 selector = null; 289 try { 290 selector.clone(); 291 fail("NullPointerException expected"); 292 } catch (NullPointerException e) { 293 // expected 294 } 295 } 296 297 /** 298 * @tests java.security.cert.X509CertSelector#getAuthorityKeyIdentifier() 299 */ 300 @TestTargetNew( 301 level = TestLevel.COMPLETE, 302 notes = "", 303 method = "getAuthorityKeyIdentifier", 304 args = {} 305 ) 306 public void test_getAuthorityKeyIdentifier() { 307 byte[] akid1 = new byte[] { 4, 5, 1, 2, 3, 4, 5 }; // random value 308 byte[] akid2 = new byte[] { 4, 5, 5, 4, 3, 2, 1 }; // random value 309 X509CertSelector selector = new X509CertSelector(); 310 311 assertNull("Selector should return null", selector 312 .getAuthorityKeyIdentifier()); 313 selector.setAuthorityKeyIdentifier(akid1); 314 assertTrue("The returned keyID should be equal to specified", Arrays 315 .equals(akid1, selector.getAuthorityKeyIdentifier())); 316 assertTrue("The returned keyID should be equal to specified", Arrays 317 .equals(akid1, selector.getAuthorityKeyIdentifier())); 318 assertFalse("The returned keyID should differ", Arrays.equals(akid2, 319 selector.getAuthorityKeyIdentifier())); 320 } 321 322 /** 323 * @tests java.security.cert.X509CertSelector#getBasicConstraints() 324 */ 325 @TestTargetNew( 326 level = TestLevel.COMPLETE, 327 notes = "", 328 method = "getBasicConstraints", 329 args = {} 330 ) 331 public void test_getBasicConstraints() { 332 X509CertSelector selector = new X509CertSelector(); 333 int[] validValues = { 2, 1, 0, 1, 2, 3, 10, 20 }; 334 for (int i = 0; i < validValues.length; i++) { 335 selector.setBasicConstraints(validValues[i]); 336 assertEquals(validValues[i], selector.getBasicConstraints()); 337 } 338 } 339 340 /** 341 * @tests java.security.cert.X509CertSelector#getCertificate() 342 */ 343 @TestTargetNew( 344 level = TestLevel.COMPLETE, 345 notes = "", 346 method = "getCertificate", 347 args = {} 348 ) 349 public void test_getCertificate() throws CertificateException { 350 X509CertSelector selector = new X509CertSelector(); 351 CertificateFactory certFact = CertificateFactory.getInstance("X509"); 352 X509Certificate cert1 = (X509Certificate) certFact 353 .generateCertificate(new ByteArrayInputStream(TestUtils 354 .getX509Certificate_v3())); 355 356 X509Certificate cert2 = (X509Certificate) certFact 357 .generateCertificate(new ByteArrayInputStream(TestUtils 358 .getX509Certificate_v1())); 359 360 selector.setCertificate(cert1); 361 assertEquals(cert1, selector.getCertificate()); 362 363 selector.setCertificate(cert2); 364 assertEquals(cert2, selector.getCertificate()); 365 366 selector.setCertificate(null); 367 assertNull(selector.getCertificate()); 368 } 369 370 /** 371 * @tests java.security.cert.X509CertSelector#getCertificateValid() 372 */ 373 @TestTargetNew( 374 level = TestLevel.COMPLETE, 375 notes = "", 376 method = "getCertificateValid", 377 args = {} 378 ) 379 public void test_getCertificateValid() { 380 Date date1 = new Date(100); 381 Date date2 = new Date(200); 382 Date date3 = Calendar.getInstance().getTime(); 383 X509CertSelector selector = new X509CertSelector(); 384 385 assertNull("Selector should return null", selector 386 .getCertificateValid()); 387 selector.setCertificateValid(date1); 388 assertTrue("The returned date should be equal to specified", date1 389 .equals(selector.getCertificateValid())); 390 selector.getCertificateValid().setTime(200); 391 assertTrue("The returned date should be equal to specified", date1 392 .equals(selector.getCertificateValid())); 393 assertFalse("The returned date should differ", date2.equals(selector 394 .getCertificateValid())); 395 selector.setCertificateValid(date3); 396 assertTrue("The returned date should be equal to specified", date3 397 .equals(selector.getCertificateValid())); 398 selector.setCertificateValid(null); 399 assertNull(selector.getCertificateValid()); 400 } 401 402 /** 403 * @tests java.security.cert.X509CertSelector#getExtendedKeyUsage() 404 */ 405 @TestTargetNew( 406 level = TestLevel.COMPLETE, 407 notes = "", 408 method = "getExtendedKeyUsage", 409 args = {} 410 ) 411 public void test_getExtendedKeyUsage() { 412 HashSet<String> ku = new HashSet<String>(Arrays 413 .asList(new String[] { "1.3.6.1.5.5.7.3.1", 414 "1.3.6.1.5.5.7.3.2", "1.3.6.1.5.5.7.3.3", 415 "1.3.6.1.5.5.7.3.4", "1.3.6.1.5.5.7.3.8", 416 "1.3.6.1.5.5.7.3.9", "1.3.6.1.5.5.7.3.5", 417 "1.3.6.1.5.5.7.3.6", "1.3.6.1.5.5.7.3.7" })); 418 X509CertSelector selector = new X509CertSelector(); 419 420 assertNull("Selector should return null", selector 421 .getExtendedKeyUsage()); 422 try { 423 selector.setExtendedKeyUsage(ku); 424 } catch (IOException e) { 425 fail("Unexpected IOException was thrown."); 426 } 427 assertTrue( 428 "The returned extendedKeyUsage should be equal to specified", 429 ku.equals(selector.getExtendedKeyUsage())); 430 try { 431 selector.getExtendedKeyUsage().add("KRIBLEGRABLI"); 432 fail("The returned Set should be immutable."); 433 } catch (UnsupportedOperationException e) { 434 // expected 435 } 436 } 437 438 /** 439 * @tests java.security.cert.X509CertSelector#getIssuer() 440 */ 441 @TestTargetNew( 442 level = TestLevel.COMPLETE, 443 notes = "", 444 method = "getIssuer", 445 args = {} 446 ) 447 public void test_getIssuer() { 448 X500Principal iss1 = new X500Principal("O=First Org."); 449 X500Principal iss2 = new X500Principal("O=Second Org."); 450 X509CertSelector selector = new X509CertSelector(); 451 452 assertNull("Selector should return null", selector.getIssuer()); 453 selector.setIssuer(iss1); 454 assertEquals("The returned issuer should be equal to specified", iss1, 455 selector.getIssuer()); 456 assertFalse("The returned issuer should differ", iss2.equals(selector 457 .getIssuer())); 458 } 459 460 /** 461 * @tests java.security.cert.X509CertSelector#getIssuerAsBytes() 462 */ 463 @TestTargetNew( 464 level = TestLevel.COMPLETE, 465 notes = "", 466 method = "getIssuerAsBytes", 467 args = {} 468 ) 469 public void test_getIssuerAsBytes() { 470 byte[] name1 = new byte[] 471 // manually obtained DER encoding of "O=First Org." issuer name; 472 { 48, 21, 49, 19, 48, 17, 6, 3, 85, 4, 10, 19, 10, 70, 105, 114, 115, 473 116, 32, 79, 114, 103, 46 }; 474 475 byte[] name2 = new byte[] 476 // manually obtained DER encoding of "O=Second Org." issuer name; 477 { 48, 22, 49, 20, 48, 18, 6, 3, 85, 4, 10, 19, 11, 83, 101, 99, 111, 478 110, 100, 32, 79, 114, 103, 46 }; 479 X500Principal iss1 = new X500Principal(name1); 480 X500Principal iss2 = new X500Principal(name2); 481 X509CertSelector selector = new X509CertSelector(); 482 483 try { 484 assertNull("Selector should return null", selector 485 .getIssuerAsBytes()); 486 selector.setIssuer(iss1); 487 assertTrue("The returned issuer should be equal to specified", 488 Arrays.equals(name1, selector.getIssuerAsBytes())); 489 assertFalse("The returned issuer should differ", name2 490 .equals(selector.getIssuerAsBytes())); 491 selector.setIssuer(iss2); 492 assertTrue("The returned issuer should be equal to specified", 493 Arrays.equals(name2, selector.getIssuerAsBytes())); 494 } catch (IOException e) { 495 fail("Unexpected IOException was thrown."); 496 } 497 } 498 499 /** 500 * @tests java.security.cert.X509CertSelector#getIssuerAsString() 501 */ 502 @TestTargetNew( 503 level = TestLevel.COMPLETE, 504 notes = "", 505 method = "getIssuerAsString", 506 args = {} 507 ) 508 public void test_getIssuerAsString() { 509 String name1 = "O=First Org."; 510 String name2 = "O=Second Org."; 511 X500Principal iss1 = new X500Principal(name1); 512 X500Principal iss2 = new X500Principal(name2); 513 X509CertSelector selector = new X509CertSelector(); 514 515 assertNull("Selector should return null", selector.getIssuerAsString()); 516 selector.setIssuer(iss1); 517 assertEquals("The returned issuer should be equal to specified", name1, 518 selector.getIssuerAsString()); 519 assertFalse("The returned issuer should differ", name2.equals(selector 520 .getIssuerAsString())); 521 selector.setIssuer(iss2); 522 assertEquals("The returned issuer should be equal to specified", name2, 523 selector.getIssuerAsString()); 524 } 525 526 /** 527 * @tests java.security.cert.X509CertSelector#getKeyUsage() 528 */ 529 @TestTargetNew( 530 level = TestLevel.COMPLETE, 531 notes = "", 532 method = "getKeyUsage", 533 args = {} 534 ) 535 public void test_getKeyUsage() { 536 boolean[] ku = new boolean[] { true, false, true, false, true, false, 537 true, false, true }; 538 X509CertSelector selector = new X509CertSelector(); 539 540 assertNull("Selector should return null", selector.getKeyUsage()); 541 selector.setKeyUsage(ku); 542 assertTrue("The returned date should be equal to specified", Arrays 543 .equals(ku, selector.getKeyUsage())); 544 boolean[] result = selector.getKeyUsage(); 545 result[0] = !result[0]; 546 assertTrue("The returned keyUsage should be equal to specified", Arrays 547 .equals(ku, selector.getKeyUsage())); 548 } 549 550 /** 551 * @tests java.security.cert.X509CertSelector#getMatchAllSubjectAltNames() 552 */ 553 @TestTargetNew( 554 level = TestLevel.COMPLETE, 555 notes = "", 556 method = "getMatchAllSubjectAltNames", 557 args = {} 558 ) 559 public void test_getMatchAllSubjectAltNames() { 560 X509CertSelector selector = new X509CertSelector(); 561 assertTrue("The matchAllNames initially should be true", selector 562 .getMatchAllSubjectAltNames()); 563 selector.setMatchAllSubjectAltNames(false); 564 assertFalse("The value should be false", selector 565 .getMatchAllSubjectAltNames()); 566 } 567 568 /** 569 * @tests java.security.cert.X509CertSelector#getNameConstraints() 570 */ 571 @TestTargetNew( 572 level = TestLevel.COMPLETE, 573 notes = "", 574 method = "getNameConstraints", 575 args = {} 576 ) 577 public void test_getNameConstraints() throws IOException { 578 579// Used to generate following byte array 580// GeneralName[] name_constraints = new GeneralName[] { 581// new GeneralName(1, "822.Name"), 582// new GeneralName(1, "rfc@822.Name"), 583// new GeneralName(2, "Name.org"), 584// new GeneralName(2, "dNS.Name.org"), 585// 586// new GeneralName(6, "http://Resource.Id"), 587// new GeneralName(6, "http://uniform.Resource.Id"), 588// new GeneralName(7, "1.1.1.1"), 589// 590// new GeneralName(new byte[] { 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 591// 1, 1, 1, 1, 1 }), }; 592// 593// constraintBytes = new byte[name_constraints.length][]; 594// 595// for (int i = 0; i < name_constraints.length; i++) { 596// GeneralSubtree subtree = new GeneralSubtree(name_constraints[i]); 597// GeneralSubtrees subtrees = new GeneralSubtrees(); 598// subtrees.addSubtree(subtree); 599// NameConstraints constraints = new NameConstraints(subtrees, 600// subtrees); 601// constraintBytes[i] = constraints.getEncoded(); 602// } 603// System.out.println("XXX"+Arrays.deepToString(constraintBytes)+"XXX"); 604 605 X509CertSelector selector = new X509CertSelector(); 606 607 for (int i = 0; i < constraintBytes.length; i++) { 608 selector.setNameConstraints(constraintBytes[i]); 609 assertTrue(Arrays.equals(constraintBytes[i], selector 610 .getNameConstraints())); 611 } 612 } 613 614 /** 615 * @tests java.security.cert.X509CertSelector#getPathToNames() 616 */ 617 @TestTargetNew( 618 level = TestLevel.COMPLETE, 619 notes = "", 620 method = "getPathToNames", 621 args = {} 622 ) 623 public void test_getPathToNames() { 624 try { 625 GeneralName san0 = new GeneralName(new OtherName("1.2.3.4.5", 626 new byte[] { 1, 2, 0, 1 })); 627 GeneralName san1 = new GeneralName(1, "rfc@822.Name"); 628 GeneralName san2 = new GeneralName(2, "dNSName"); 629 GeneralName san3 = new GeneralName(new ORAddress()); 630 GeneralName san4 = new GeneralName(new Name("O=Organization")); 631 GeneralName san6 = new GeneralName(6, "http://uniform.Resource.Id"); 632 GeneralName san7 = new GeneralName(7, "1.1.1.1"); 633 GeneralName san8 = new GeneralName(8, "1.2.3.4444.55555"); 634 635 GeneralNames sans1 = new GeneralNames(); 636 sans1.addName(san0); 637 sans1.addName(san1); 638 sans1.addName(san2); 639 sans1.addName(san3); 640 sans1.addName(san4); 641 sans1.addName(san6); 642 sans1.addName(san7); 643 sans1.addName(san8); 644 GeneralNames sans2 = new GeneralNames(); 645 sans2.addName(san0); 646 647 TestCert cert1 = new TestCert(sans1); 648 TestCert cert2 = new TestCert(sans2); 649 X509CertSelector selector = new X509CertSelector(); 650 selector.setMatchAllSubjectAltNames(true); 651 652 selector.setPathToNames(null); 653 assertTrue("Any certificate should match in the case of null " 654 + "subjectAlternativeNames criteria.", selector 655 .match(cert1) 656 && selector.match(cert2)); 657 658 Collection<List<?>> sans = sans1.getPairsList(); 659 660 selector.setPathToNames((Collection) sans); 661 selector.getPathToNames(); 662 } catch (IOException e) { 663 e.printStackTrace(); 664 fail("Unexpected IOException was thrown."); 665 } 666 } 667 668 /** 669 * @tests java.security.cert.X509CertSelector#getPolicy() 670 */ 671 @TestTargetNew( 672 level = TestLevel.COMPLETE, 673 notes = "", 674 method = "getPolicy", 675 args = {} 676 ) 677 public void test_getPolicy() throws IOException { 678 String[] policies1 = new String[] { "1.3.6.1.5.5.7.3.1", 679 "1.3.6.1.5.5.7.3.2", "1.3.6.1.5.5.7.3.3", "1.3.6.1.5.5.7.3.4", 680 "1.3.6.1.5.5.7.3.8", "1.3.6.1.5.5.7.3.9", "1.3.6.1.5.5.7.3.5", 681 "1.3.6.1.5.5.7.3.6", "1.3.6.1.5.5.7.3.7" }; 682 683 String[] policies2 = new String[] { "1.3.6.7.3.1" }; 684 685 HashSet<String> p1 = new HashSet<String>(Arrays.asList(policies1)); 686 HashSet<String> p2 = new HashSet<String>(Arrays.asList(policies2)); 687 688 X509CertSelector selector = new X509CertSelector(); 689 690 selector.setPolicy(null); 691 assertNull(selector.getPolicy()); 692 693 selector.setPolicy(p1); 694 assertEquals("The returned date should be equal to specified", p1, selector.getPolicy()); 695 696 selector.setPolicy(p2); 697 assertEquals("The returned date should be equal to specified", p2, selector.getPolicy()); 698 } 699 700 /** 701 * @tests java.security.cert.X509CertSelector#getPrivateKeyValid() 702 */ 703 @TestTargetNew( 704 level = TestLevel.COMPLETE, 705 notes = "", 706 method = "getPrivateKeyValid", 707 args = {} 708 ) 709 public void test_getPrivateKeyValid() { 710 Date date1 = new Date(100); 711 Date date2 = new Date(200); 712 X509CertSelector selector = new X509CertSelector(); 713 714 assertNull("Selector should return null", selector.getPrivateKeyValid()); 715 selector.setPrivateKeyValid(date1); 716 assertTrue("The returned date should be equal to specified", date1 717 .equals(selector.getPrivateKeyValid())); 718 selector.getPrivateKeyValid().setTime(200); 719 assertTrue("The returned date should be equal to specified", date1 720 .equals(selector.getPrivateKeyValid())); 721 assertFalse("The returned date should differ", date2.equals(selector 722 .getPrivateKeyValid())); 723 } 724 725 /** 726 * @tests java.security.cert.X509CertSelector#getSerialNumber() 727 */ 728 @TestTargetNew( 729 level = TestLevel.COMPLETE, 730 notes = "", 731 method = "getSerialNumber", 732 args = {} 733 ) 734 public void test_getSerialNumber() { 735 BigInteger ser1 = new BigInteger("10000"); 736 BigInteger ser2 = new BigInteger("10001"); 737 X509CertSelector selector = new X509CertSelector(); 738 739 assertNull("Selector should return null", selector.getSerialNumber()); 740 selector.setSerialNumber(ser1); 741 assertEquals("The returned serial number should be equal to specified", 742 ser1, selector.getSerialNumber()); 743 assertFalse("The returned serial number should differ", ser2 744 .equals(selector.getSerialNumber())); 745 } 746 747 /** 748 * @tests java.security.cert.X509CertSelector#getSubject() 749 */ 750 @TestTargetNew( 751 level = TestLevel.COMPLETE, 752 notes = "", 753 method = "getSubject", 754 args = {} 755 ) 756 public void test_getSubject() { 757 X500Principal sub1 = new X500Principal("O=First Org."); 758 X500Principal sub2 = new X500Principal("O=Second Org."); 759 X509CertSelector selector = new X509CertSelector(); 760 761 assertNull("Selector should return null", selector.getSubject()); 762 selector.setSubject(sub1); 763 assertEquals("The returned subject should be equal to specified", sub1, 764 selector.getSubject()); 765 assertFalse("The returned subject should differ", sub2.equals(selector 766 .getSubject())); 767 } 768 769 /** 770 * @tests java.security.cert.X509CertSelector#getSubjectAlternativeNames() 771 */ 772 @TestTargetNew( 773 level = TestLevel.COMPLETE, 774 notes = "", 775 method = "getSubjectAlternativeNames", 776 args = {} 777 ) 778 public void test_getSubjectAlternativeNames() { 779 try { 780 GeneralName san1 = new GeneralName(1, "rfc@822.Name"); 781 GeneralName san2 = new GeneralName(2, "dNSName"); 782 783 GeneralNames sans = new GeneralNames(); 784 sans.addName(san1); 785 sans.addName(san2); 786 787 TestCert cert_1 = new TestCert(sans); 788 X509CertSelector selector = new X509CertSelector(); 789 790 assertNull("Selector should return null", selector 791 .getSubjectAlternativeNames()); 792 793 selector.setSubjectAlternativeNames((Collection) sans.getPairsList()); 794 assertTrue("The certificate should match the selection criteria.", 795 selector.match(cert_1)); 796 selector.getSubjectAlternativeNames().clear(); 797 assertTrue("The modification of initialization object " 798 + "should not affect the modification " 799 + "of internal object.", selector.match(cert_1)); 800 } catch (IOException e) { 801 e.printStackTrace(); 802 fail("Unexpected IOException was thrown."); 803 } 804 } 805 806 /** 807 * @tests java.security.cert.X509CertSelector#getSubjectAsBytes() 808 */ 809 @TestTargetNew( 810 level = TestLevel.COMPLETE, 811 notes = "", 812 method = "getSubjectAsBytes", 813 args = {} 814 ) 815 public void test_getSubjectAsBytes() { 816 byte[] name1 = new byte[] 817 // manually obtained DER encoding of "O=First Org." issuer name; 818 { 48, 21, 49, 19, 48, 17, 6, 3, 85, 4, 10, 19, 10, 70, 105, 114, 115, 819 116, 32, 79, 114, 103, 46 }; 820 byte[] name2 = new byte[] 821 // manually obtained DER encoding of "O=Second Org." issuer name; 822 { 48, 22, 49, 20, 48, 18, 6, 3, 85, 4, 10, 19, 11, 83, 101, 99, 111, 823 110, 100, 32, 79, 114, 103, 46 }; 824 825 X500Principal sub1 = new X500Principal(name1); 826 X500Principal sub2 = new X500Principal(name2); 827 X509CertSelector selector = new X509CertSelector(); 828 829 try { 830 assertNull("Selector should return null", selector 831 .getSubjectAsBytes()); 832 selector.setSubject(sub1); 833 assertTrue("The returned issuer should be equal to specified", 834 Arrays.equals(name1, selector.getSubjectAsBytes())); 835 assertFalse("The returned issuer should differ", name2 836 .equals(selector.getSubjectAsBytes())); 837 selector.setSubject(sub2); 838 assertTrue("The returned issuer should be equal to specified", 839 Arrays.equals(name2, selector.getSubjectAsBytes())); 840 } catch (IOException e) { 841 fail("Unexpected IOException was thrown."); 842 } 843 } 844 845 /** 846 * @tests java.security.cert.X509CertSelector#getSubjectAsString() 847 */ 848 @TestTargetNew( 849 level = TestLevel.COMPLETE, 850 notes = "", 851 method = "getSubjectAsString", 852 args = {} 853 ) 854 public void test_getSubjectAsString() { 855 String name1 = "O=First Org."; 856 String name2 = "O=Second Org."; 857 X500Principal sub1 = new X500Principal(name1); 858 X500Principal sub2 = new X500Principal(name2); 859 X509CertSelector selector = new X509CertSelector(); 860 861 assertNull("Selector should return null", selector.getSubjectAsString()); 862 selector.setSubject(sub1); 863 assertEquals("The returned subject should be equal to specified", 864 name1, selector.getSubjectAsString()); 865 assertFalse("The returned subject should differ", name2.equals(selector 866 .getSubjectAsString())); 867 selector.setSubject(sub2); 868 assertEquals("The returned subject should be equal to specified", 869 name2, selector.getSubjectAsString()); 870 } 871 872 /** 873 * @tests java.security.cert.X509CertSelector#getSubjectKeyIdentifier() 874 */ 875 @TestTargetNew( 876 level = TestLevel.COMPLETE, 877 notes = "", 878 method = "getSubjectKeyIdentifier", 879 args = {} 880 ) 881 public void test_getSubjectKeyIdentifier() { 882 byte[] skid1 = new byte[] { 1, 2, 3, 4, 5 }; // random value 883 byte[] skid2 = new byte[] { 4, 5, 5, 4, 3, 2, 1 }; // random value 884 X509CertSelector selector = new X509CertSelector(); 885 886 assertNull("Selector should return null", selector 887 .getSubjectKeyIdentifier()); 888 selector.setSubjectKeyIdentifier(skid1); 889 assertTrue("The returned keyID should be equal to specified", Arrays 890 .equals(skid1, selector.getSubjectKeyIdentifier())); 891 selector.getSubjectKeyIdentifier()[0]++; 892 assertTrue("The returned keyID should be equal to specified", Arrays 893 .equals(skid1, selector.getSubjectKeyIdentifier())); 894 assertFalse("The returned keyID should differ", Arrays.equals(skid2, 895 selector.getSubjectKeyIdentifier())); 896 } 897 898 /** 899 * @tests java.security.cert.X509CertSelector#getSubjectPublicKey() 900 */ 901 @TestTargetNew( 902 level = TestLevel.COMPLETE, 903 notes = "", 904 method = "getSubjectPublicKey", 905 args = {} 906 ) 907 public void test_getSubjectPublicKey() throws Exception { 908 909 // SubjectPublicKeyInfo ::= SEQUENCE { 910 // algorithm AlgorithmIdentifier, 911 // subjectPublicKey BIT STRING } 912 byte[] enc = { 0x30, 0x0E, // SEQUENCE 913 0x30, 0x07, // SEQUENCE 914 0x06, 0x02, 0x03, 0x05,// OID 915 0x01, 0x01, 0x07, // ANY 916 0x03, 0x03, 0x01, 0x01, 0x06, // subjectPublicKey 917 }; 918 919 X509CertSelector selector = new X509CertSelector(); 920 921 selector.setSubjectPublicKey(enc); 922 PublicKey key = selector.getSubjectPublicKey(); 923 assertEquals("0.3.5", key.getAlgorithm()); 924 assertEquals("X.509", key.getFormat()); 925 assertTrue(Arrays.equals(enc, key.getEncoded())); 926 assertNotNull(key.toString()); 927 928 key = new MyPublicKey(); 929 930 selector.setSubjectPublicKey(key); 931 PublicKey keyActual = selector.getSubjectPublicKey(); 932 assertEquals(key, keyActual); 933 assertEquals(key.getAlgorithm(), keyActual.getAlgorithm()); 934 } 935 936 /** 937 * @tests java.security.cert.X509CertSelector#getSubjectPublicKeyAlgID() 938 */ 939 @TestTargetNew( 940 level = TestLevel.COMPLETE, 941 notes = "", 942 method = "getSubjectPublicKeyAlgID", 943 args = {} 944 ) 945 public void test_getSubjectPublicKeyAlgID() { 946 947 X509CertSelector selector = new X509CertSelector(); 948 String[] validOIDs = { "0.0.20", "1.25.0", "2.0.39", "0.2.10", "1.35.15", 949 "2.17.89" }; 950 951 assertNull("Selector should return null", selector 952 .getSubjectPublicKeyAlgID()); 953 954 for (int i = 0; i < validOIDs.length; i++) { 955 try { 956 selector.setSubjectPublicKeyAlgID(validOIDs[i]); 957 assertEquals(validOIDs[i], selector.getSubjectPublicKeyAlgID()); 958 } catch (IOException e) { 959 System.out.println("t = " + e.getMessage()); 960 //fail("Unexpected exception " + e.getMessage()); 961 } 962 } 963 964 String pkaid1 = "1.2.840.113549.1.1.1"; // RSA encryption 965 String pkaid2 = "1.2.840.113549.1.1.4"; // MD5 with RSA encryption 966 967 try { 968 selector.setSubjectPublicKeyAlgID(pkaid1); 969 } catch (IOException e) { 970 fail("Unexpected IOException was thrown."); 971 } 972 assertTrue("The returned oid should be equal to specified", pkaid1 973 .equals(selector.getSubjectPublicKeyAlgID())); 974 assertFalse("The returned oid should differ", pkaid2.equals(selector 975 .getSubjectPublicKeyAlgID())); 976 } 977 978 /** 979 * @tests java.security.cert.X509CertSelector#match(java.security.cert.Certificate) 980 */ 981 @TestTargetNew( 982 level = TestLevel.COMPLETE, 983 notes = "", 984 method = "match", 985 args = {java.security.cert.Certificate.class} 986 ) 987 public void test_matchLjava_security_cert_Certificate() 988 throws CertificateException { 989 X509CertSelector selector = new X509CertSelector(); 990 assertFalse(selector.match(null)); 991 992 CertificateFactory certFact = CertificateFactory.getInstance("X509"); 993 X509Certificate cert1 = (X509Certificate) certFact 994 .generateCertificate(new ByteArrayInputStream(TestUtils 995 .getX509Certificate_v3())); 996 997 X509Certificate cert2 = (X509Certificate) certFact 998 .generateCertificate(new ByteArrayInputStream(TestUtils 999 .getX509Certificate_v1())); 1000 1001 selector.setCertificate(cert1); 1002 assertTrue(selector.match(cert1)); 1003 assertFalse(selector.match(cert2)); 1004 1005 selector.setCertificate(cert2); 1006 assertFalse(selector.match(cert1)); 1007 assertTrue(selector.match(cert2)); 1008 } 1009 1010 /** 1011 * @tests java.security.cert.X509CertSelector#setAuthorityKeyIdentifier(byte[]) 1012 */ 1013 @TestTargetNew( 1014 level = TestLevel.COMPLETE, 1015 notes = "", 1016 method = "setAuthorityKeyIdentifier", 1017 args = {byte[].class} 1018 ) 1019 public void test_setAuthorityKeyIdentifierLB$() throws CertificateException { 1020 X509CertSelector selector = new X509CertSelector(); 1021 1022 byte[] akid1 = new byte[] { 1, 2, 3, 4, 5 }; // random value 1023 byte[] akid2 = new byte[] { 5, 4, 3, 2, 1 }; // random value 1024 TestCert cert1 = new TestCert(akid1); 1025 TestCert cert2 = new TestCert(akid2); 1026 1027 selector.setAuthorityKeyIdentifier(null); 1028 assertTrue("The certificate should match the selection criteria.", 1029 selector.match(cert1)); 1030 assertTrue("The certificate should match the selection criteria.", 1031 selector.match(cert2)); 1032 assertNull(selector.getAuthorityKeyIdentifier()); 1033 1034 selector.setAuthorityKeyIdentifier(akid1); 1035 assertTrue("The certificate should not match the selection criteria.", 1036 selector.match(cert1)); 1037 assertFalse("The certificate should not match the selection criteria.", 1038 selector.match(cert2)); 1039 selector.setAuthorityKeyIdentifier(akid2); 1040 assertFalse("The certificate should not match the selection criteria.", 1041 selector.match(cert1)); 1042 assertTrue("The certificate should not match the selection criteria.", 1043 selector.match(cert2)); 1044 1045 akid2[0]++; 1046 assertTrue("The certificate should match the selection criteria.", 1047 selector.match(cert2)); 1048 } 1049 1050 /** 1051 * @tests java.security.cert.X509CertSelector#setBasicConstraints(int) 1052 */ 1053 @TestTargetNew( 1054 level = TestLevel.COMPLETE, 1055 notes = "", 1056 method = "setBasicConstraints", 1057 args = {int.class} 1058 ) 1059 public void test_setBasicConstraintsLint() { 1060 X509CertSelector selector = new X509CertSelector(); 1061 int[] invalidValues = { -3, -4, -5, 1000000000 }; 1062 for (int i = 0; i < invalidValues.length; i++) { 1063 try { 1064 selector.setBasicConstraints(-3); 1065 fail("IllegalArgumentException expected"); 1066 } catch (IllegalArgumentException e) { 1067 // expected 1068 } 1069 } 1070 1071 int[] validValues = { -2, -1, 0, 1, 2, 3, 10, 20 }; 1072 for (int i = 0; i < validValues.length; i++) { 1073 selector.setBasicConstraints(validValues[i]); 1074 assertEquals(validValues[i], selector.getBasicConstraints()); 1075 } 1076 } 1077 1078 /** 1079 * @tests java.security.cert.X509CertSelector#setCertificate(java.security.cert.Certificate) 1080 */ 1081 @TestTargetNew( 1082 level = TestLevel.COMPLETE, 1083 notes = "", 1084 method = "setCertificate", 1085 args = {java.security.cert.X509Certificate.class} 1086 ) 1087 public void test_setCertificateLjava_security_cert_X509Certificate() 1088 throws CertificateException { 1089 1090 TestCert cert1 = new TestCert("same certificate"); 1091 TestCert cert2 = new TestCert("other certificate"); 1092 X509CertSelector selector = new X509CertSelector(); 1093 1094 selector.setCertificate(null); 1095 assertTrue("Any certificates should match in the case of null " 1096 + "certificateEquals criteria.", selector.match(cert1) 1097 && selector.match(cert2)); 1098 selector.setCertificate(cert1); 1099 assertTrue("The certificate should match the selection criteria.", 1100 selector.match(cert1)); 1101 assertFalse("The certificate should not match the selection criteria.", 1102 selector.match(cert2)); 1103 selector.setCertificate(cert2); 1104 assertTrue("The certificate should match the selection criteria.", 1105 selector.match(cert2)); 1106 selector.setCertificate(null); 1107 assertNull(selector.getCertificate()); 1108 } 1109 1110 /** 1111 * @tests java.security.cert.X509CertSelector#setCertificateValid(java.util.Date) 1112 */ 1113 @TestTargetNew( 1114 level = TestLevel.COMPLETE, 1115 notes = "", 1116 method = "setCertificateValid", 1117 args = {java.util.Date.class} 1118 ) 1119 public void test_setCertificateValidLjava_util_Date() 1120 throws CertificateException { 1121 X509CertSelector selector = new X509CertSelector(); 1122 1123 Date date1 = new Date(100); 1124 Date date2 = new Date(200); 1125 TestCert cert1 = new TestCert(date1); 1126 TestCert cert2 = new TestCert(date2); 1127 1128 selector.setCertificateValid(null); 1129 assertNull(selector.getCertificateValid()); 1130 selector.setCertificateValid(date1); 1131 assertTrue("The certificate should match the selection criteria.", 1132 selector.match(cert1)); 1133 assertFalse("The certificate should not match the selection criteria.", 1134 selector.match(cert2)); 1135 selector.setCertificateValid(date2); 1136 date2.setTime(300); 1137 assertTrue("The certificate should match the selection criteria.", 1138 selector.match(cert2)); 1139 } 1140 1141 /** 1142 * @tests java.security.cert.X509CertSelector#setExtendedKeyUsage(Set<String>) 1143 */ 1144 @TestTargetNew( 1145 level = TestLevel.COMPLETE, 1146 notes = "", 1147 method = "setExtendedKeyUsage", 1148 args = {java.util.Set.class} 1149 ) 1150 public void test_setExtendedKeyUsageLjava_util_Set() 1151 throws CertificateException { 1152 HashSet<String> ku1 = new HashSet<String>(Arrays 1153 .asList(new String[] { "1.3.6.1.5.5.7.3.1", 1154 "1.3.6.1.5.5.7.3.2", "1.3.6.1.5.5.7.3.3", 1155 "1.3.6.1.5.5.7.3.4", "1.3.6.1.5.5.7.3.8", 1156 "1.3.6.1.5.5.7.3.9", "1.3.6.1.5.5.7.3.5", 1157 "1.3.6.1.5.5.7.3.6", "1.3.6.1.5.5.7.3.7" })); 1158 HashSet<String> ku2 = new HashSet<String>(Arrays.asList(new String[] { 1159 "1.3.6.1.5.5.7.3.1", "1.3.6.1.5.5.7.3.2", "1.3.6.1.5.5.7.3.3", 1160 "1.3.6.1.5.5.7.3.4", "1.3.6.1.5.5.7.3.8", "1.3.6.1.5.5.7.3.9", 1161 "1.3.6.1.5.5.7.3.5", "1.3.6.1.5.5.7.3.6" })); 1162 TestCert cert1 = new TestCert(ku1); 1163 TestCert cert2 = new TestCert(ku2); 1164 1165 X509CertSelector selector = new X509CertSelector(); 1166 1167 try { 1168 selector.setExtendedKeyUsage(null); 1169 } catch (IOException e) { 1170 fail("Unexpected IOException was thrown."); 1171 } 1172 assertTrue("Any certificate should match in the case of null " 1173 + "extendedKeyUsage criteria.", selector.match(cert1) 1174 && selector.match(cert2)); 1175 try { 1176 selector.setExtendedKeyUsage(ku1); 1177 } catch (IOException e) { 1178 fail("Unexpected IOException was thrown."); 1179 } 1180 assertEquals(ku1, selector.getExtendedKeyUsage()); 1181 1182 try { 1183 selector.setExtendedKeyUsage(ku2); 1184 } catch (IOException e) { 1185 fail("Unexpected IOException was thrown."); 1186 } 1187 assertEquals(ku2, selector.getExtendedKeyUsage()); 1188 } 1189 1190 /** 1191 * @tests java.security.cert.X509CertSelector#setIssuer(byte[]) 1192 */ 1193 @TestTargetNew( 1194 level = TestLevel.COMPLETE, 1195 notes = "", 1196 method = "setIssuer", 1197 args = {byte[].class} 1198 ) 1199 public void test_setIssuerLB$() throws CertificateException { 1200 byte[] name1 = new byte[] 1201 // manually obtained DER encoding of "O=First Org." issuer name; 1202 { 48, 21, 49, 19, 48, 17, 6, 3, 85, 4, 10, 19, 10, 70, 105, 114, 115, 1203 116, 32, 79, 114, 103, 46 }; 1204 byte[] name2 = new byte[] 1205 // manually obtained DER encoding of "O=Second Org." issuer name; 1206 { 48, 22, 49, 20, 48, 18, 6, 3, 85, 4, 10, 19, 11, 83, 101, 99, 111, 1207 110, 100, 32, 79, 114, 103, 46 }; 1208 X500Principal iss1 = new X500Principal(name1); 1209 X500Principal iss2 = new X500Principal(name2); 1210 TestCert cert1 = new TestCert(iss1); 1211 TestCert cert2 = new TestCert(iss2); 1212 1213 X509CertSelector selector = new X509CertSelector(); 1214 1215 try { 1216 selector.setIssuer((byte[]) null); 1217 } catch (IOException e) { 1218 fail("Unexpected IOException was thrown."); 1219 } 1220 assertTrue("Any certificates should match " 1221 + "in the case of null issuer criteria.", selector.match(cert1) 1222 && selector.match(cert2)); 1223 try { 1224 selector.setIssuer(name1); 1225 } catch (IOException e) { 1226 fail("Unexpected IOException was thrown."); 1227 } 1228 assertTrue("The certificate should match the selection criteria.", 1229 selector.match(cert1)); 1230 assertFalse("The certificate should not match the selection criteria.", 1231 selector.match(cert2)); 1232 try { 1233 selector.setIssuer(name2); 1234 } catch (IOException e) { 1235 fail("Unexpected IOException was thrown."); 1236 } 1237 assertTrue("The certificate should match the selection criteria.", 1238 selector.match(cert2)); 1239 } 1240 1241 /** 1242 * @tests java.security.cert.X509CertSelector#setIssuer(java.lang.String) 1243 */ 1244 @TestTargetNew( 1245 level = TestLevel.COMPLETE, 1246 notes = "", 1247 method = "setIssuer", 1248 args = {java.lang.String.class} 1249 ) 1250 public void test_setIssuerLjava_lang_String() throws CertificateException { 1251 1252 String name1 = "O=First Org."; 1253 String name2 = "O=Second Org."; 1254 X500Principal iss1 = new X500Principal(name1); 1255 X500Principal iss2 = new X500Principal(name2); 1256 TestCert cert1 = new TestCert(iss1); 1257 TestCert cert2 = new TestCert(iss2); 1258 1259 X509CertSelector selector = new X509CertSelector(); 1260 1261 try { 1262 selector.setIssuer((String) null); 1263 } catch (IOException e) { 1264 fail("Unexpected IOException was thrown."); 1265 } 1266 assertTrue("Any certificates should match " 1267 + "in the case of null issuer criteria.", selector.match(cert1) 1268 && selector.match(cert2)); 1269 try { 1270 selector.setIssuer(name1); 1271 } catch (IOException e) { 1272 fail("Unexpected IOException was thrown."); 1273 } 1274 assertTrue("The certificate should match the selection criteria.", 1275 selector.match(cert1)); 1276 assertFalse("The certificate should not match the selection criteria.", 1277 selector.match(cert2)); 1278 try { 1279 selector.setIssuer(name2); 1280 } catch (IOException e) { 1281 fail("Unexpected IOException was thrown."); 1282 } 1283 assertTrue("The certificate should match the selection criteria.", 1284 selector.match(cert2)); 1285 } 1286 1287 /** 1288 * @tests java.security.cert.X509CertSelector#setIssuer(javax.security.auth.x500.X500Principal) 1289 */ 1290 @TestTargetNew( 1291 level = TestLevel.COMPLETE, 1292 notes = "", 1293 method = "setIssuer", 1294 args = {javax.security.auth.x500.X500Principal.class} 1295 ) 1296 public void test_setIssuerLjavax_security_auth_x500_X500Principal() 1297 throws CertificateException { 1298 X500Principal iss1 = new X500Principal("O=First Org."); 1299 X500Principal iss2 = new X500Principal("O=Second Org."); 1300 TestCert cert1 = new TestCert(iss1); 1301 TestCert cert2 = new TestCert(iss2); 1302 X509CertSelector selector = new X509CertSelector(); 1303 1304 selector.setIssuer((X500Principal) null); 1305 assertTrue("Any certificates should match " 1306 + "in the case of null issuer criteria.", selector.match(cert1) 1307 && selector.match(cert2)); 1308 selector.setIssuer(iss1); 1309 assertTrue("The certificate should match the selection criteria.", 1310 selector.match(cert1)); 1311 assertFalse("The certificate should not match the selection criteria.", 1312 selector.match(cert2)); 1313 selector.setIssuer(iss2); 1314 assertTrue("The certificate should match the selection criteria.", 1315 selector.match(cert2)); 1316 } 1317 1318 /** 1319 * @tests java.security.cert.X509CertSelector#setKeyUsage(boolean) 1320 */ 1321 @TestTargetNew( 1322 level = TestLevel.COMPLETE, 1323 notes = "", 1324 method = "setKeyUsage", 1325 args = {boolean[].class} 1326 ) 1327 public void test_setKeyUsageZ() throws CertificateException { 1328 boolean[] ku1 = new boolean[] { true, true, true, true, true, true, 1329 true, true, true }; 1330 // decipherOnly is disallowed 1331 boolean[] ku2 = new boolean[] { true, true, true, true, true, true, 1332 true, true, false }; 1333 TestCert cert1 = new TestCert(ku1); 1334 TestCert cert2 = new TestCert(ku2); 1335 TestCert cert3 = new TestCert((boolean[]) null); 1336 1337 X509CertSelector selector = new X509CertSelector(); 1338 1339 selector.setKeyUsage(null); 1340 assertTrue("Any certificate should match in the case of null " 1341 + "keyUsage criteria.", selector.match(cert1) 1342 && selector.match(cert2)); 1343 selector.setKeyUsage(ku1); 1344 assertTrue("The certificate should match the selection criteria.", 1345 selector.match(cert1)); 1346 assertFalse("The certificate should not match the selection criteria.", 1347 selector.match(cert2)); 1348 assertTrue("The certificate which does not have a keyUsage extension " 1349 + "implicitly allows all keyUsage values.", selector 1350 .match(cert3)); 1351 selector.setKeyUsage(ku2); 1352 ku2[0] = !ku2[0]; 1353 assertTrue("The certificate should match the selection criteria.", 1354 selector.match(cert2)); 1355 } 1356 1357 /** 1358 * @tests java.security.cert.X509CertSelector#setMatchAllSubjectAltNames(boolean) 1359 */ 1360 @TestTargetNew( 1361 level = TestLevel.COMPLETE, 1362 notes = "", 1363 method = "setMatchAllSubjectAltNames", 1364 args = {boolean.class} 1365 ) 1366 public void test_setMatchAllSubjectAltNamesZ() { 1367 TestCert cert = new TestCert(); 1368 X509CertSelector selector = new X509CertSelector(); 1369 1370 assertTrue(selector.match(cert)); 1371 1372 assertFalse(selector.match(null)); 1373 } 1374 1375 /** 1376 * @tests java.security.cert.X509CertSelector#setNameConstraints(byte[] 1377 * bytes) 1378 */ 1379 @TestTargetNew( 1380 level = TestLevel.COMPLETE, 1381 notes = "", 1382 method = "setNameConstraints", 1383 args = {byte[].class} 1384 ) 1385 public void test_setNameConstraintsLB$() throws IOException { 1386// GeneralName[] name_constraints = new GeneralName[] { 1387// new GeneralName(1, "822.Name"), 1388// new GeneralName(1, "rfc@822.Name"), 1389// new GeneralName(2, "Name.org"), 1390// new GeneralName(2, "dNS.Name.org"), 1391// 1392// new GeneralName(6, "http://Resource.Id"), 1393// new GeneralName(6, "http://uniform.Resource.Id"), 1394// new GeneralName(7, "1.1.1.1"), 1395// 1396// new GeneralName(new byte[] { 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1397// 1, 1, 1, 1, 1 }), }; 1398// 1399// for (int i = 0; i < name_constraints.length; i++) { 1400// GeneralSubtree subtree = new GeneralSubtree(name_constraints[i]); 1401// GeneralSubtrees subtrees = new GeneralSubtrees(); 1402// subtrees.addSubtree(subtree); 1403// NameConstraints constraints = new NameConstraints(subtrees, 1404// subtrees); 1405// } 1406 X509CertSelector selector = new X509CertSelector(); 1407 1408 for (int i = 0; i < constraintBytes.length; i++) { 1409 selector.setNameConstraints(constraintBytes[i]); 1410 assertTrue(Arrays.equals(constraintBytes[i], selector 1411 .getNameConstraints())); 1412 } 1413 } 1414 1415 /** 1416 * @tests java.security.cert.X509CertSelector#setPathToNames(Collection<List<?>>) 1417 */ 1418 @TestTargetNew( 1419 level = TestLevel.COMPLETE, 1420 notes = "", 1421 method = "setPathToNames", 1422 args = {java.util.Collection.class} 1423 ) 1424 public void test_setPathToNamesLjava_util_Collection() { 1425 try { 1426 GeneralName san0 = new GeneralName(new OtherName("1.2.3.4.5", 1427 new byte[] { 1, 2, 0, 1 })); 1428 GeneralName san1 = new GeneralName(1, "rfc@822.Name"); 1429 GeneralName san2 = new GeneralName(2, "dNSName"); 1430 GeneralName san3 = new GeneralName(new ORAddress()); 1431 GeneralName san4 = new GeneralName(new Name("O=Organization")); 1432 GeneralName san6 = new GeneralName(6, "http://uniform.Resource.Id"); 1433 GeneralName san7 = new GeneralName(7, "1.1.1.1"); 1434 GeneralName san8 = new GeneralName(8, "1.2.3.4444.55555"); 1435 1436 GeneralNames sans1 = new GeneralNames(); 1437 sans1.addName(san0); 1438 sans1.addName(san1); 1439 sans1.addName(san2); 1440 sans1.addName(san3); 1441 sans1.addName(san4); 1442 sans1.addName(san6); 1443 sans1.addName(san7); 1444 sans1.addName(san8); 1445 GeneralNames sans2 = new GeneralNames(); 1446 sans2.addName(san0); 1447 1448 TestCert cert1 = new TestCert(sans1); 1449 TestCert cert2 = new TestCert(sans2); 1450 X509CertSelector selector = new X509CertSelector(); 1451 selector.setMatchAllSubjectAltNames(true); 1452 1453 selector.setPathToNames(null); 1454 assertTrue("Any certificate should match in the case of null " 1455 + "subjectAlternativeNames criteria.", selector 1456 .match(cert1) 1457 && selector.match(cert2)); 1458 1459 Collection<List<?>> sans = sans1.getPairsList(); 1460 1461 selector.setPathToNames((Collection) sans); 1462 selector.getPathToNames(); 1463 } catch (IOException e) { 1464 e.printStackTrace(); 1465 fail("Unexpected IOException was thrown."); 1466 } 1467 } 1468 1469 /** 1470 * @tests java.security.cert.X509CertSelector#setPolicy(Set<String>) 1471 */ 1472 @TestTargetNew( 1473 level = TestLevel.COMPLETE, 1474 notes = "", 1475 method = "setPolicy", 1476 args = {java.util.Set.class} 1477 ) 1478 public void test_setPolicyLjava_util_Set() throws IOException { 1479 String[] policies1 = new String[] { "1.3.6.1.5.5.7.3.1", 1480 "1.3.6.1.5.5.7.3.2", "1.3.6.1.5.5.7.3.3", "1.3.6.1.5.5.7.3.4", 1481 "1.3.6.1.5.5.7.3.8", "1.3.6.1.5.5.7.3.9", "1.3.6.1.5.5.7.3.5", 1482 "1.3.6.1.5.5.7.3.6", "1.3.6.1.5.5.7.3.7" }; 1483 1484 String[] policies2 = new String[] { "1.3.6.7.3.1" }; 1485 1486 HashSet<String> p1 = new HashSet<String>(Arrays.asList(policies1)); 1487 HashSet<String> p2 = new HashSet<String>(Arrays.asList(policies2)); 1488 1489 X509CertSelector selector = new X509CertSelector(); 1490 1491 TestCert cert1 = new TestCert(policies1); 1492 TestCert cert2 = new TestCert(policies2); 1493 1494 selector.setPolicy(null); 1495 assertTrue("Any certificate should match in the case of null " 1496 + "privateKeyValid criteria.", selector.match(cert1) 1497 && selector.match(cert2)); 1498 1499 selector.setPolicy(p1); 1500 assertTrue("The certificate should match the selection criteria.", 1501 selector.match(cert1)); 1502 assertFalse("The certificate should not match the selection criteria.", 1503 selector.match(cert2)); 1504 1505 selector.setPolicy(p2); 1506 assertFalse("The certificate should not match the selection criteria.", 1507 selector.match(cert1)); 1508 assertTrue("The certificate should match the selection criteria.", 1509 selector.match(cert2)); 1510 } 1511 1512 /** 1513 * @tests java.security.cert.X509CertSelector#setPrivateKeyValid(java.util.Date) 1514 */ 1515 @TestTargetNew( 1516 level = TestLevel.COMPLETE, 1517 notes = "", 1518 method = "setPrivateKeyValid", 1519 args = {java.util.Date.class} 1520 ) 1521 public void test_setPrivateKeyValidLjava_util_Date() 1522 throws CertificateException { 1523 Date date1 = new Date(100000000); 1524 Date date2 = new Date(200000000); 1525 Date date3 = new Date(300000000); 1526 Date date4 = new Date(150000000); 1527 Date date5 = new Date(250000000); 1528 TestCert cert1 = new TestCert(date1, date2); 1529 TestCert cert2 = new TestCert(date2, date3); 1530 1531 X509CertSelector selector = new X509CertSelector(); 1532 1533 selector.setPrivateKeyValid(null); 1534 assertTrue("Any certificate should match in the case of null " 1535 + "privateKeyValid criteria.", selector.match(cert1) 1536 && selector.match(cert2)); 1537 selector.setPrivateKeyValid(date4); 1538 assertTrue("The certificate should match the selection criteria.", 1539 selector.match(cert1)); 1540 assertFalse("The certificate should not match the selection criteria.", 1541 selector.match(cert2)); 1542 selector.setPrivateKeyValid(date5); 1543 date5.setTime(date4.getTime()); 1544 assertTrue("The certificate should match the selection criteria.", 1545 selector.match(cert2)); 1546 } 1547 1548 /** 1549 * @tests java.security.cert.X509CertSelector#setSerialNumber(java.math.BigInteger) 1550 */ 1551 @TestTargetNew( 1552 level = TestLevel.COMPLETE, 1553 notes = "", 1554 method = "setSerialNumber", 1555 args = {java.math.BigInteger.class} 1556 ) 1557 public void test_setSerialNumberLjava_math_BigInteger() 1558 throws CertificateException { 1559 BigInteger ser1 = new BigInteger("10000"); 1560 BigInteger ser2 = new BigInteger("10001"); 1561 TestCert cert1 = new TestCert(ser1); 1562 TestCert cert2 = new TestCert(ser2); 1563 X509CertSelector selector = new X509CertSelector(); 1564 1565 selector.setSerialNumber(null); 1566 assertTrue("Any certificate should match in the case of null " 1567 + "serialNumber criteria.", selector.match(cert1) 1568 && selector.match(cert2)); 1569 selector.setSerialNumber(ser1); 1570 assertTrue("The certificate should match the selection criteria.", 1571 selector.match(cert1)); 1572 assertFalse("The certificate should not match the selection criteria.", 1573 selector.match(cert2)); 1574 selector.setSerialNumber(ser2); 1575 assertTrue("The certificate should match the selection criteria.", 1576 selector.match(cert2)); 1577 } 1578 1579 /** 1580 * @tests java.security.cert.X509CertSelector#setSubject(byte[]) 1581 */ 1582 @TestTargetNew( 1583 level = TestLevel.COMPLETE, 1584 notes = "", 1585 method = "setSubject", 1586 args = {byte[].class} 1587 ) 1588 public void test_setSubjectLB$() throws CertificateException { 1589 byte[] name1 = new byte[] 1590 // manually obtained DER encoding of "O=First Org." issuer name; 1591 { 48, 21, 49, 19, 48, 17, 6, 3, 85, 4, 10, 19, 10, 70, 105, 114, 115, 1592 116, 32, 79, 114, 103, 46 }; 1593 byte[] name2 = new byte[] 1594 // manually obtained DER encoding of "O=Second Org." issuer name; 1595 { 48, 22, 49, 20, 48, 18, 6, 3, 85, 4, 10, 19, 11, 83, 101, 99, 111, 1596 110, 100, 32, 79, 114, 103, 46 }; 1597 X500Principal sub1 = new X500Principal(name1); 1598 X500Principal sub2 = new X500Principal(name2); 1599 TestCert cert1 = new TestCert(sub1); 1600 TestCert cert2 = new TestCert(sub2); 1601 1602 X509CertSelector selector = new X509CertSelector(); 1603 1604 try { 1605 selector.setSubject((byte[]) null); 1606 } catch (IOException e) { 1607 fail("Unexpected IOException was thrown."); 1608 } 1609 assertTrue("Any certificates should match " 1610 + "in the case of null issuer criteria.", selector.match(cert1) 1611 && selector.match(cert2)); 1612 try { 1613 selector.setSubject(name1); 1614 } catch (IOException e) { 1615 fail("Unexpected IOException was thrown."); 1616 } 1617 assertTrue("The certificate should match the selection criteria.", 1618 selector.match(cert1)); 1619 assertFalse("The certificate should not match the selection criteria.", 1620 selector.match(cert2)); 1621 try { 1622 selector.setSubject(name2); 1623 } catch (IOException e) { 1624 fail("Unexpected IOException was thrown."); 1625 } 1626 assertTrue("The certificate should match the selection criteria.", 1627 selector.match(cert2)); 1628 } 1629 1630 /** 1631 * @tests java.security.cert.X509CertSelector#setSubject(java.lang.String) 1632 */ 1633 @TestTargetNew( 1634 level = TestLevel.COMPLETE, 1635 notes = "", 1636 method = "setSubject", 1637 args = {java.lang.String.class} 1638 ) 1639 public void test_setSubjectLjava_lang_String() throws CertificateException { 1640 String name1 = "O=First Org."; 1641 String name2 = "O=Second Org."; 1642 X500Principal sub1 = new X500Principal(name1); 1643 X500Principal sub2 = new X500Principal(name2); 1644 TestCert cert1 = new TestCert(sub1); 1645 TestCert cert2 = new TestCert(sub2); 1646 X509CertSelector selector = new X509CertSelector(); 1647 1648 try { 1649 selector.setSubject((String) null); 1650 } catch (IOException e) { 1651 fail("Unexpected IOException was thrown."); 1652 } 1653 assertTrue("Any certificates should match " 1654 + "in the case of null subject criteria.", selector 1655 .match(cert1) 1656 && selector.match(cert2)); 1657 try { 1658 selector.setSubject(name1); 1659 } catch (IOException e) { 1660 fail("Unexpected IOException was thrown."); 1661 } 1662 assertTrue("The certificate should match the selection criteria.", 1663 selector.match(cert1)); 1664 assertFalse("The certificate should not match the selection criteria.", 1665 selector.match(cert2)); 1666 try { 1667 selector.setSubject(name2); 1668 } catch (IOException e) { 1669 fail("Unexpected IOException was thrown."); 1670 } 1671 assertTrue("The certificate should match the selection criteria.", 1672 selector.match(cert2)); 1673 } 1674 1675 /** 1676 * @tests java.security.cert.X509CertSelector#setSubject(javax.security.auth.x500.X500Principal) 1677 */ 1678 @TestTargetNew( 1679 level = TestLevel.COMPLETE, 1680 notes = "", 1681 method = "setSubject", 1682 args = {javax.security.auth.x500.X500Principal.class} 1683 ) 1684 public void test_setSubjectLjavax_security_auth_x500_X500Principal() 1685 throws CertificateException { 1686 X500Principal sub1 = new X500Principal("O=First Org."); 1687 X500Principal sub2 = new X500Principal("O=Second Org."); 1688 TestCert cert1 = new TestCert(sub1); 1689 TestCert cert2 = new TestCert(sub2); 1690 X509CertSelector selector = new X509CertSelector(); 1691 1692 selector.setSubject((X500Principal) null); 1693 assertTrue("Any certificates should match " 1694 + "in the case of null subjcet criteria.", selector 1695 .match(cert1) 1696 && selector.match(cert2)); 1697 selector.setSubject(sub1); 1698 assertTrue("The certificate should match the selection criteria.", 1699 selector.match(cert1)); 1700 assertFalse("The certificate should not match the selection criteria.", 1701 selector.match(cert2)); 1702 selector.setSubject(sub2); 1703 assertTrue("The certificate should match the selection criteria.", 1704 selector.match(cert2)); 1705 } 1706 1707 /** 1708 * @tests java.security.cert.X509CertSelector#setSubjectAlternativeNames(Collection<List<?>>) 1709 */ 1710 @TestTargetNew( 1711 level = TestLevel.COMPLETE, 1712 notes = "", 1713 method = "setSubjectAlternativeNames", 1714 args = {java.util.Collection.class} 1715 ) 1716 public void test_setSubjectAlternativeNamesLjava_util_Collection() { 1717 1718 try { 1719 GeneralName san0 = new GeneralName(new OtherName("1.2.3.4.5", 1720 new byte[] { 1, 2, 0, 1 })); 1721 GeneralName san1 = new GeneralName(1, "rfc@822.Name"); 1722 GeneralName san2 = new GeneralName(2, "dNSName"); 1723 GeneralName san3 = new GeneralName(new ORAddress()); 1724 GeneralName san4 = new GeneralName(new Name("O=Organization")); 1725 GeneralName san6 = new GeneralName(6, "http://uniform.Resource.Id"); 1726 GeneralName san7 = new GeneralName(7, "1.1.1.1"); 1727 GeneralName san8 = new GeneralName(8, "1.2.3.4444.55555"); 1728 1729 GeneralNames sans1 = new GeneralNames(); 1730 sans1.addName(san0); 1731 sans1.addName(san1); 1732 sans1.addName(san2); 1733 sans1.addName(san3); 1734 sans1.addName(san4); 1735 sans1.addName(san6); 1736 sans1.addName(san7); 1737 sans1.addName(san8); 1738 GeneralNames sans2 = new GeneralNames(); 1739 sans2.addName(san0); 1740 1741 TestCert cert1 = new TestCert(sans1); 1742 TestCert cert2 = new TestCert(sans2); 1743 X509CertSelector selector = new X509CertSelector(); 1744 selector.setMatchAllSubjectAltNames(true); 1745 1746 selector.setSubjectAlternativeNames(null); 1747 assertTrue("Any certificate should match in the case of null " 1748 + "subjectAlternativeNames criteria.", selector 1749 .match(cert1) 1750 && selector.match(cert2)); 1751 1752 Collection<List<?>> sans = sans1.getPairsList(); 1753 1754 selector.setSubjectAlternativeNames((Collection) sans); 1755 1756 selector.getSubjectAlternativeNames(); 1757 } catch (IOException e) { 1758 e.printStackTrace(); 1759 fail("Unexpected IOException was thrown."); 1760 } 1761 } 1762 1763 /** 1764 * @tests java.security.cert.X509CertSelector#setSubjectKeyIdentifier(byte[]) 1765 */ 1766 @TestTargetNew( 1767 level = TestLevel.COMPLETE, 1768 notes = "", 1769 method = "setSubjectKeyIdentifier", 1770 args = {byte[].class} 1771 ) 1772 public void test_setSubjectKeyIdentifierLB$() throws CertificateException { 1773 byte[] skid1 = new byte[] { 1, 2, 3, 4, 5 }; // random value 1774 byte[] skid2 = new byte[] { 5, 4, 3, 2, 1 }; // random value 1775 TestCert cert1 = new TestCert(skid1); 1776 TestCert cert2 = new TestCert(skid2); 1777 X509CertSelector selector = new X509CertSelector(); 1778 1779 selector.setSubjectKeyIdentifier(null); 1780 assertTrue("Any certificate should match in the case of null " 1781 + "serialNumber criteria.", selector.match(cert1) 1782 && selector.match(cert2)); 1783 selector.setSubjectKeyIdentifier(skid1); 1784 assertTrue("The certificate should match the selection criteria.", 1785 selector.match(cert1)); 1786 assertFalse("The certificate should not match the selection criteria.", 1787 selector.match(cert2)); 1788 selector.setSubjectKeyIdentifier(skid2); 1789 skid2[0]++; 1790 assertTrue("The certificate should match the selection criteria.", 1791 selector.match(cert2)); 1792 } 1793 1794 /** 1795 * @tests java.security.cert.X509CertSelector#setSubjectPublicKey(byte[]) 1796 */ 1797 @TestTargetNew( 1798 level = TestLevel.COMPLETE, 1799 notes = "", 1800 method = "setSubjectPublicKey", 1801 args = {byte[].class} 1802 ) 1803 public void test_setSubjectPublicKeyLB$() throws Exception { 1804 1805 //SubjectPublicKeyInfo ::= SEQUENCE { 1806 // algorithm AlgorithmIdentifier, 1807 // subjectPublicKey BIT STRING } 1808 byte[] enc = { 0x30, 0x0E, // SEQUENCE 1809 0x30, 0x07, // SEQUENCE 1810 0x06, 0x02, 0x03, 0x05,//OID 1811 0x01, 0x01, 0x07, //ANY 1812 0x03, 0x03, 0x01, 0x01, 0x06, // subjectPublicKey 1813 }; 1814 1815 X509CertSelector selector = new X509CertSelector(); 1816 1817 selector.setSubjectPublicKey(enc); 1818 PublicKey key = selector.getSubjectPublicKey(); 1819 assertEquals("0.3.5", key.getAlgorithm()); 1820 assertEquals("X.509", key.getFormat()); 1821 assertTrue(Arrays.equals(enc, key.getEncoded())); 1822 assertNotNull(key.toString()); 1823 } 1824 1825 /** 1826 * @tests java.security.cert.X509CertSelector#setSubjectPublicKey(java.security.PublicKey key) 1827 */ 1828 @TestTargetNew( 1829 level = TestLevel.COMPLETE, 1830 notes = "", 1831 method = "setSubjectPublicKey", 1832 args = {java.security.PublicKey.class} 1833 ) 1834 public void test_setSubjectPublicKeyLjava_security_PublicKey() 1835 throws CertificateException { 1836 PublicKey pkey1 = null; 1837 PublicKey pkey2 = null; 1838 try { 1839 pkey1 = new TestKeyPair("RSA").getPublic(); 1840 pkey2 = new TestKeyPair("DSA").getPublic(); 1841 } catch (Exception e) { 1842 fail("Unexpected Exception was thrown: " + e.getMessage()); 1843 } 1844 1845 TestCert cert1 = new TestCert(pkey1); 1846 TestCert cert2 = new TestCert(pkey2); 1847 X509CertSelector selector = new X509CertSelector(); 1848 1849 selector.setSubjectPublicKey((PublicKey) null); 1850 assertTrue("Any certificate should match in the case of null " 1851 + "subjectPublicKey criteria.", selector.match(cert1) 1852 && selector.match(cert2)); 1853 selector.setSubjectPublicKey(pkey1); 1854 assertTrue("The certificate should match the selection criteria.", 1855 selector.match(cert1)); 1856 assertFalse("The certificate should not match the selection criteria.", 1857 selector.match(cert2)); 1858 selector.setSubjectPublicKey(pkey2); 1859 assertTrue("The certificate should match the selection criteria.", 1860 selector.match(cert2)); 1861 } 1862 1863 /** 1864 * @tests java.security.cert.X509CertSelector#setSubjectPublicKeyAlgID(java.lang.String) 1865 */ 1866 @TestTargetNew( 1867 level = TestLevel.COMPLETE, 1868 notes = "", 1869 method = "setSubjectPublicKeyAlgID", 1870 args = {java.lang.String.class} 1871 ) 1872 public void test_setSubjectPublicKeyAlgIDLjava_lang_String() 1873 throws CertificateException { 1874 1875 X509CertSelector selector = new X509CertSelector(); 1876 String pkaid1 = "1.2.840.113549.1.1.1"; // RSA (source: 1877 // http://asn1.elibel.tm.fr) 1878 String pkaid2 = "1.2.840.10040.4.1"; // DSA (source: 1879 // http://asn1.elibel.tm.fr) 1880 PublicKey pkey1; 1881 PublicKey pkey2; 1882 try { 1883 pkey1 = new TestKeyPair("RSA").getPublic(); 1884 pkey2 = new TestKeyPair("DSA").getPublic(); 1885 } catch (Exception e) { 1886 e.printStackTrace(); 1887 fail("Unexpected Exception was thrown: " + e.getMessage()); 1888 return; 1889 } 1890 TestCert cert1 = new TestCert(pkey1); 1891 TestCert cert2 = new TestCert(pkey2); 1892 1893 try { 1894 selector.setSubjectPublicKeyAlgID(null); 1895 } catch (IOException e) { 1896 1897 fail("Unexpected IOException was thrown."); 1898 } 1899 assertTrue("Any certificate should match in the case of null " 1900 + "subjectPublicKeyAlgID criteria.", selector.match(cert1) 1901 && selector.match(cert2)); 1902 1903 String[] validOIDs = { "0.0.20", "1.25.0", "2.0.39", "0.2.10", "1.35.15", 1904 "2.17.89", "2.5.29.16", "2.5.29.17", "2.5.29.30", "2.5.29.32", 1905 "2.5.29.37" }; 1906 1907 for (int i = 0; i < validOIDs.length; i++) { 1908 try { 1909 selector.setSubjectPublicKeyAlgID(validOIDs[i]); 1910 assertEquals(validOIDs[i], selector.getSubjectPublicKeyAlgID()); 1911 } catch (IOException e) { 1912 fail("Unexpected exception " + e.getMessage()); 1913 } 1914 } 1915 1916 String[] invalidOIDs = { "0.20", "1.25", "2.39", "3.10"}; 1917 for (int i = 0; i < invalidOIDs.length; i++) { 1918 try { 1919 selector.setSubjectPublicKeyAlgID(invalidOIDs[i]); 1920 fail("IOException wasn't thrown for " + invalidOIDs[i]); 1921 } catch (IOException e) { 1922 } 1923 } 1924 1925 try { 1926 selector.setSubjectPublicKeyAlgID(pkaid1); 1927 } catch (IOException e) { 1928 fail("Unexpected IOException was thrown."); 1929 } 1930 assertTrue("The certificate should match the selection criteria.", 1931 selector.match(cert1)); 1932 assertFalse("The certificate should not match the selection criteria.", 1933 selector.match(cert2)); 1934 try { 1935 selector.setSubjectPublicKeyAlgID(pkaid2); 1936 } catch (IOException e) { 1937 fail("Unexpected IOException was thrown."); 1938 } 1939 assertTrue("The certificate should match the selection criteria.", 1940 selector.match(cert2)); 1941 } 1942 1943 /** 1944 * @tests java.security.cert.X509CertSelector#toString() 1945 */ 1946 @TestTargetNew( 1947 level = TestLevel.COMPLETE, 1948 notes = "", 1949 method = "toString", 1950 args = {} 1951 ) 1952 public void test_toString() { 1953 X509CertSelector selector = new X509CertSelector(); 1954 assertNotNull(selector.toString()); 1955 } 1956 1957 public class MyPublicKey implements PublicKey { 1958 private static final long serialVersionUID = 2899528375354645752L; 1959 1960 public MyPublicKey() { 1961 super(); 1962 } 1963 1964 public String getAlgorithm() { 1965 return "PublicKey"; 1966 } 1967 1968 public String getFormat() { 1969 return "Format"; 1970 } 1971 1972 public byte[] getEncoded() { 1973 return new byte[0]; 1974 } 1975 1976 public long getSerVerUID() { 1977 return serialVersionUID; 1978 } 1979 } 1980 1981 private class TestCert extends X509Certificate { 1982 1983 private static final long serialVersionUID = 176676115254260405L; 1984 1985 /* Stuff fields */ 1986 protected String equalCriteria = null; // to simplify method equals() 1987 1988 protected BigInteger serialNumber = null; 1989 1990 protected X500Principal issuer = null; 1991 1992 protected X500Principal subject = null; 1993 1994 protected byte[] keyIdentifier = null; 1995 1996 protected Date date = null; 1997 1998 protected Date notBefore = null; 1999 2000 protected Date notAfter = null; 2001 2002 protected PublicKey key = null; 2003 2004 protected boolean[] keyUsage = null; 2005 2006 protected List<String> extKeyUsage = null; 2007 2008 protected int pathLen = 1; 2009 2010 protected GeneralNames sans = null; 2011 2012 protected byte[] encoding = null; 2013 2014 protected String[] policies = null; 2015 2016 protected Collection<List<?>> collection = null; 2017 2018 protected NameConstraints nameConstraints = null; 2019 2020 /* Stuff methods */ 2021 public TestCert() { 2022 } 2023 2024 public TestCert(GeneralNames sans) { 2025 setSubjectAlternativeNames(sans); 2026 } 2027 2028 public TestCert(NameConstraints nameConstraints) { 2029 this.nameConstraints = nameConstraints; 2030 } 2031 2032 public TestCert(Collection<List<?>> collection) { 2033 setCollection(collection); 2034 } 2035 2036 public TestCert(String equalCriteria) { 2037 setEqualCriteria(equalCriteria); 2038 } 2039 2040 public TestCert(String[] policies) { 2041 setPolicies(policies); 2042 } 2043 2044 public TestCert(BigInteger serial) { 2045 setSerialNumber(serial); 2046 } 2047 2048 public TestCert(X500Principal principal) { 2049 setIssuer(principal); 2050 setSubject(principal); 2051 } 2052 2053 public TestCert(byte[] array) { 2054 setKeyIdentifier(array); 2055 } 2056 2057 public TestCert(Date date) { 2058 setDate(date); 2059 } 2060 2061 public TestCert(Date notBefore, Date notAfter) { 2062 setPeriod(notBefore, notAfter); 2063 } 2064 2065 public TestCert(PublicKey key) { 2066 setPublicKey(key); 2067 } 2068 2069 public TestCert(boolean[] keyUsage) { 2070 setKeyUsage(keyUsage); 2071 } 2072 2073 public TestCert(Set<String> extKeyUsage) { 2074 setExtendedKeyUsage(extKeyUsage); 2075 } 2076 2077 public TestCert(int pathLen) { 2078 this.pathLen = pathLen; 2079 } 2080 2081 public void setSubjectAlternativeNames(GeneralNames sans) { 2082 this.sans = sans; 2083 } 2084 2085 public void setCollection(Collection<List<?>> collection) { 2086 this.collection = collection; 2087 } 2088 2089 public void setPolicies(String[] policies) { 2090 this.policies = policies; 2091 } 2092 2093 public void setExtendedKeyUsage(Set<String> extKeyUsage) { 2094 this.extKeyUsage = (extKeyUsage == null) ? null : new ArrayList<String>( 2095 extKeyUsage); 2096 } 2097 2098 public void setKeyUsage(boolean[] keyUsage) { 2099 this.keyUsage = (keyUsage == null) ? null : (boolean[]) keyUsage 2100 .clone(); 2101 } 2102 2103 public void setPublicKey(PublicKey key) { 2104 this.key = key; 2105 } 2106 2107 public void setPeriod(Date notBefore, Date notAfter) { 2108 this.notBefore = notBefore; 2109 this.notAfter = notAfter; 2110 } 2111 2112 public void setSerialNumber(BigInteger serial) { 2113 this.serialNumber = serial; 2114 } 2115 2116 public void setEqualCriteria(String equalCriteria) { 2117 this.equalCriteria = equalCriteria; 2118 } 2119 2120 public void setIssuer(X500Principal issuer) { 2121 this.issuer = issuer; 2122 } 2123 2124 public void setSubject(X500Principal subject) { 2125 this.subject = subject; 2126 } 2127 2128 public void setKeyIdentifier(byte[] subjectKeyID) { 2129 this.keyIdentifier = (byte[]) subjectKeyID.clone(); 2130 } 2131 2132 public void setDate(Date date) { 2133 this.date = new Date(date.getTime()); 2134 } 2135 2136 public void setEncoding(byte[] encoding) { 2137 this.encoding = encoding; 2138 } 2139 2140 /* Method implementations */ 2141 public boolean equals(Object cert) { 2142 if (cert == null) { 2143 return false; 2144 } 2145 if ((equalCriteria == null) 2146 || (((TestCert) cert).equalCriteria == null)) { 2147 return false; 2148 } else { 2149 return equalCriteria.equals(((TestCert) cert).equalCriteria); 2150 } 2151 } 2152 2153 public String toString() { 2154 if (equalCriteria != null) { 2155 return equalCriteria; 2156 } 2157 return ""; 2158 } 2159 2160 public void checkValidity() throws CertificateExpiredException, 2161 CertificateNotYetValidException { 2162 } 2163 2164 public void checkValidity(Date date) 2165 throws CertificateExpiredException, 2166 CertificateNotYetValidException { 2167 if (this.date == null) { 2168 throw new CertificateExpiredException(); 2169 } 2170 int result = this.date.compareTo(date); 2171 if (result > 0) { 2172 throw new CertificateExpiredException(); 2173 } 2174 if (result < 0) { 2175 throw new CertificateNotYetValidException(); 2176 } 2177 } 2178 2179 public int getVersion() { 2180 return 3; 2181 } 2182 2183 public BigInteger getSerialNumber() { 2184 return (serialNumber == null) ? new BigInteger("1111") 2185 : serialNumber; 2186 } 2187 2188 public Principal getIssuerDN() { 2189 return issuer; 2190 } 2191 2192 public X500Principal getIssuerX500Principal() { 2193 return issuer; 2194 } 2195 2196 public Principal getSubjectDN() { 2197 return subject; 2198 } 2199 2200 public X500Principal getSubjectX500Principal() { 2201 return subject; 2202 } 2203 2204 public Date getNotBefore() { 2205 return null; 2206 } 2207 2208 public Date getNotAfter() { 2209 return null; 2210 } 2211 2212 public byte[] getTBSCertificate() throws CertificateEncodingException { 2213 return null; 2214 } 2215 2216 public byte[] getSignature() { 2217 return null; 2218 } 2219 2220 public String getSigAlgName() { 2221 return null; 2222 } 2223 2224 public String getSigAlgOID() { 2225 return null; 2226 } 2227 2228 public byte[] getSigAlgParams() { 2229 return null; 2230 } 2231 2232 public boolean[] getIssuerUniqueID() { 2233 return null; 2234 } 2235 2236 public boolean[] getSubjectUniqueID() { 2237 return null; 2238 } 2239 2240 public boolean[] getKeyUsage() { 2241 return keyUsage; 2242 } 2243 2244 public List<String> getExtendedKeyUsage() 2245 throws CertificateParsingException { 2246 return extKeyUsage; 2247 } 2248 2249 public int getBasicConstraints() { 2250 return pathLen; 2251 } 2252 2253 public void verify(PublicKey key) throws CertificateException, 2254 NoSuchAlgorithmException, InvalidKeyException, 2255 NoSuchProviderException, SignatureException { 2256 } 2257 2258 public void verify(PublicKey key, String sigProvider) 2259 throws CertificateException, NoSuchAlgorithmException, 2260 InvalidKeyException, NoSuchProviderException, 2261 SignatureException { 2262 } 2263 2264 public PublicKey getPublicKey() { 2265 return key; 2266 } 2267 2268 public byte[] getEncoded() throws CertificateEncodingException { 2269 return encoding; 2270 } 2271 2272 public Set<String> getNonCriticalExtensionOIDs() { 2273 return null; 2274 } 2275 2276 public Set<String> getCriticalExtensionOIDs() { 2277 return null; 2278 } 2279 2280 public byte[] getExtensionValue(String oid) { 2281 2282 if (("2.5.29.14".equals(oid)) || ("2.5.29.35".equals(oid))) { 2283 // Extension value is represented as an OctetString 2284 return ASN1OctetString.getInstance().encode(keyIdentifier); 2285 } 2286 if ("2.5.29.16".equals(oid)) { 2287 PrivateKeyUsagePeriod pkup = new PrivateKeyUsagePeriod( 2288 notBefore, notAfter); 2289 byte[] encoded = pkup.getEncoded(); 2290 return ASN1OctetString.getInstance().encode(encoded); 2291 } 2292 if (("2.5.29.37".equals(oid)) && (extKeyUsage != null)) { 2293 ASN1Oid[] oa = new ASN1Oid[extKeyUsage.size()]; 2294 String[] val = new String[extKeyUsage.size()]; 2295 Iterator it = extKeyUsage.iterator(); 2296 int id = 0; 2297 while (it.hasNext()) { 2298 oa[id] = ASN1Oid.getInstanceForString(); 2299 val[id++] = (String) it.next(); 2300 } 2301 return ASN1OctetString.getInstance().encode( 2302 new ASN1Sequence(oa).encode(val)); 2303 } 2304 if ("2.5.29.19".equals(oid)) { 2305 return ASN1OctetString.getInstance().encode( 2306 new ASN1Sequence(new ASN1Type[] { 2307 ASN1Boolean.getInstance(), 2308 ASN1Integer.getInstance() }) 2309 .encode(new Object[] { 2310 new Boolean(pathLen != 1), 2311 BigInteger.valueOf(pathLen) 2312 .toByteArray() })); 2313 } 2314 if ("2.5.29.17".equals(oid) && (sans != null)) { 2315 if (sans.getNames() == null) { 2316 return null; 2317 } 2318 return ASN1OctetString.getInstance().encode( 2319 GeneralNames.ASN1.encode(sans)); 2320 } 2321 if ("2.5.29.32".equals(oid) && (policies != null) 2322 && (policies.length > 0)) { 2323 // Certificate Policies Extension (as specified in rfc 3280) 2324 CertificatePolicies certificatePolicies = new CertificatePolicies(); 2325 for (int i = 0; i < policies.length; i++) { 2326 PolicyInformation policyInformation = new PolicyInformation( 2327 policies[i]); 2328 certificatePolicies.addPolicyInformation(policyInformation); 2329 } 2330 return ASN1OctetString.getInstance().encode( 2331 certificatePolicies.getEncoded()); 2332 } 2333 if ("2.5.29.30".equals(oid) && (nameConstraints != null)) { // 2334 // Name 2335 // Constraints 2336 // Extension 2337 // (as 2338 // specified 2339 // in 2340 // rfc 2341 // 3280) 2342 return ASN1OctetString.getInstance().encode( 2343 nameConstraints.getEncoded()); 2344 } 2345 2346 return null; 2347 } 2348 2349 public boolean hasUnsupportedCriticalExtension() { 2350 return false; 2351 } 2352 2353 } 2354 2355 public X509Certificate rootCertificate; 2356 2357 public X509Certificate endCertificate; 2358 2359 public MyCRL crl; 2360 2361 private X509CertSelector theCertSelector; 2362 2363 private CertPathBuilder builder; 2364 2365 private void setupEnvironment() throws Exception { 2366 // create certificates and CRLs 2367 CertificateFactory cf = CertificateFactory.getInstance("X.509"); 2368 ByteArrayInputStream bi = new ByteArrayInputStream(TestUtils.rootCert.getBytes()); 2369 rootCertificate = (X509Certificate) cf.generateCertificate(bi); 2370 bi = new ByteArrayInputStream(TestUtils.endCert.getBytes()); 2371 endCertificate = (X509Certificate) cf.generateCertificate(bi); 2372 2373 BigInteger revokedSerialNumber = BigInteger.valueOf(1); 2374 crl = new MyCRL("X.509"); 2375// X509CRL rootCRL = X509CRL; 2376// X509CRL interCRL = X509CRLExample.createCRL(interCert, interPair 2377// .getPrivate(), revokedSerialNumber); 2378 2379 // create CertStore to support path building 2380 List<Object> list = new ArrayList<Object>(); 2381 2382 list.add(rootCertificate); 2383 list.add(endCertificate); 2384 2385// CollectionCertStoreParameters params = new CollectionCertStoreParameters( 2386// list); 2387// CertStore store = CertStore.getInstance("Collection", params); 2388// 2389 theCertSelector = new X509CertSelector(); 2390 theCertSelector.setCertificate(endCertificate); 2391 theCertSelector.setIssuer(endCertificate.getIssuerX500Principal() 2392 .getEncoded()); 2393 2394 // build the path 2395 builder = CertPathBuilder.getInstance("PKIX"); 2396 2397 } 2398 2399 private CertPath buildCertPath() throws InvalidAlgorithmParameterException { 2400 PKIXCertPathBuilderResult result = null; 2401 PKIXBuilderParameters buildParams = new PKIXBuilderParameters( 2402 Collections.singleton(new TrustAnchor(rootCertificate, null)), 2403 theCertSelector); 2404 try { 2405 result = (PKIXCertPathBuilderResult) builder 2406 .build(buildParams); 2407 } catch(CertPathBuilderException e) { 2408 return null; 2409 } 2410 return result.getCertPath(); 2411 } 2412 2413 /** 2414 * @tests java.security.cert.X509CertSelector#addPathToName(int, byte[]) 2415 */ 2416 @TestTargetNew( 2417 level = TestLevel.COMPLETE, 2418 notes = "Verifies Exception", 2419 method = "addPathToName", 2420 args = {int.class, byte[].class} 2421 ) 2422 public void test_addPathToNameLintLbyte_array2() throws Exception { 2423 TestUtils.initCertPathSSCertChain(); 2424 setupEnvironment(); 2425 byte[] bytes, bytesName; 2426 // GeneralName name = new GeneralName(1, "822.Name"); 2427 // bytes = name.getEncoded(); 2428 // bytesName = name.getEncodedName(); 2429 bytes = new byte[] {-127, 8, 56, 50, 50, 46, 78, 97, 109, 101}; 2430 bytesName = new byte[] {22, 8, 56, 50, 50, 46, 78, 97, 109, 101}; 2431 bytes[bytes.length-3] = (byte) 200; 2432 2433 try { 2434 theCertSelector.addPathToName(1, bytes); 2435 } catch (IOException e) { 2436 // ok 2437 } 2438 2439 theCertSelector.setPathToNames(null); 2440 2441 theCertSelector.addPathToName(1, bytesName); 2442 assertNotNull(theCertSelector.getPathToNames()); 2443 CertPath p = buildCertPath(); 2444 assertNull(p); 2445 2446 theCertSelector.setPathToNames(null); 2447 2448// name = new GeneralName(new Name("O=Android")); 2449// theCertSelector.addPathToName(4, endCertificate.getSubjectDN().getName()); 2450 theCertSelector.addPathToName(4, TestUtils.rootCertificateSS.getIssuerX500Principal().getEncoded()); 2451 assertNotNull(theCertSelector.getPathToNames()); 2452 p = TestUtils.buildCertPathSSCertChain(); 2453 assertNotNull(p); 2454 } 2455 2456 /** 2457 * @tests java.security.cert.X509CertSelector#addPathToName(int, String) 2458 */ 2459 @TestTargetNew( 2460 level = TestLevel.COMPLETE, 2461 notes = "Verifies IOException.", 2462 method = "addPathToName", 2463 args = {int.class, java.lang.String.class} 2464 ) 2465 public void test_addPathToNameLintLjava_lang_String2() throws Exception { 2466 setupEnvironment(); 2467 byte[] bytes, bytesName; 2468 // GeneralName name = new GeneralName(1, "822.Name"); 2469 // bytes = name.getEncoded(); 2470 // bytesName = name.getEncodedName(); 2471 bytes = new byte[] {-127, 8, 56, 50, 50, 46, 78, 97, 109, 101}; 2472 bytesName = new byte[] {22, 8, 56, 50, 50, 46, 78, 97, 109, 101}; 2473 assertNotNull(bytes); 2474 byte[] b = new byte[bytes.length]; 2475 b = bytes; 2476 b[bytes.length-3] = (byte) 200; 2477 2478 try { 2479 theCertSelector.addPathToName(1, new String(b)); 2480 } catch (IOException e) { 2481 // ok 2482 } 2483 2484 theCertSelector.setPathToNames(null); 2485 2486 theCertSelector.addPathToName(1, new String(bytesName)); 2487 assertNotNull(theCertSelector.getPathToNames()); 2488 2489 CertPath p = buildCertPath(); 2490 assertNull(p); 2491 2492 theCertSelector.setPathToNames(null); 2493 theCertSelector.addPathToName(1, rootCertificate.getIssuerX500Principal().getName()); 2494 assertNotNull(theCertSelector.getPathToNames()); 2495 //p = buildCertPath(); 2496 //assertNotNull(p); 2497 } 2498 2499 /** 2500 * @tests java.security.cert.X509CertSelector#addSubjectAlternativeName(int, byte[]) 2501 */ 2502 @TestTargetNew( 2503 level = TestLevel.COMPLETE, 2504 notes = "IOException checking missed", 2505 method = "addSubjectAlternativeName", 2506 args = {int.class, byte[].class} 2507 ) 2508 public void test_addSubjectAlternativeNameLintLbyte_array2() 2509 throws Exception { 2510 2511 2512 GeneralName san0 = new GeneralName(new OtherName("1.2.3.4.5", 2513 new byte[] {1, 2, 0, 1})); 2514 GeneralName san1 = new GeneralName(1, "rfc@822.Name"); 2515 GeneralName san2 = new GeneralName(2, "dNSName"); 2516 2517 GeneralNames sans1 = new GeneralNames(); 2518 sans1.addName(san0); 2519 sans1.addName(san1); 2520 sans1.addName(san2); 2521 2522 X509CertSelector selector = new X509CertSelector(); 2523 2524 selector.addSubjectAlternativeName(0, san0.getEncodedName()); 2525 selector.addSubjectAlternativeName(1, san1.getEncodedName()); 2526 selector.addSubjectAlternativeName(2, san2.getEncodedName()); 2527 2528 GeneralNames sans2 = new GeneralNames(); 2529 sans2.addName(san0); 2530 2531 TestCert cert1 = new TestCert(sans1); 2532 TestCert cert2 = new TestCert(sans2); 2533 2534 assertTrue(selector.match(cert1)); 2535 assertFalse(selector.match(cert2)); 2536 2537 selector.setSubjectAlternativeNames(null); 2538 2539 GeneralName name = new GeneralName(new Name("O=Android")); 2540 try { 2541 selector.addSubjectAlternativeName(0, name.getEncodedName()); 2542 } catch (IOException e) { 2543 // ok 2544 } 2545 2546 } 2547 2548 /** 2549 * @tests java.security.cert.X509CertSelector#addSubjectAlternativeName(int, String) 2550 */ 2551 @TestTargetNew( 2552 level = TestLevel.COMPLETE, 2553 notes = "", 2554 method = "addSubjectAlternativeName", 2555 args = {int.class, java.lang.String.class} 2556 ) 2557 public void test_addSubjectAlternativeNameLintLjava_lang_String2() throws Exception{ 2558 GeneralName san6 = new GeneralName(6, "http://uniform.Resource.Id"); 2559 GeneralName san2 = new GeneralName(2, "dNSName"); 2560 2561 GeneralNames sans1 = new GeneralNames(); 2562 sans1.addName(san6); 2563 sans1.addName(san2); 2564 2565 X509CertSelector selector = new X509CertSelector(); 2566 2567 selector.addSubjectAlternativeName(6, "http://uniform.Resource.Id"); 2568 selector.addSubjectAlternativeName(2, "dNSName"); 2569 2570 GeneralNames sans2 = new GeneralNames(); 2571 sans2.addName(san2); 2572 2573 TestCert cert1 = new TestCert(sans1); 2574 TestCert cert2 = new TestCert(sans2); 2575 2576 assertTrue(selector.match(cert1)); 2577 assertFalse(selector.match(cert2)); 2578 2579 selector.setSubjectAlternativeNames(null); 2580 2581 GeneralName name = new GeneralName(new Name("O=Android")); 2582 try { 2583 selector.addSubjectAlternativeName(0, (name.toString())); 2584 } catch (IOException e) { 2585 // ok 2586 } 2587 2588 } 2589} 2590