1/* 2 * Licensed to the Apache Software Foundation (ASF) under one or more 3 * contributor license agreements. See the NOTICE file distributed with 4 * this work for additional information regarding copyright ownership. 5 * The ASF licenses this file to You under the Apache License, Version 2.0 6 * (the "License"); you may not use this file except in compliance with 7 * the License. You may obtain a copy of the License at 8 * 9 * http://www.apache.org/licenses/LICENSE-2.0 10 * 11 * Unless required by applicable law or agreed to in writing, software 12 * distributed under the License is distributed on an "AS IS" BASIS, 13 * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. 14 * See the License for the specific language governing permissions and 15 * limitations under the License. 16 */ 17 18/** 19 * @author Alexander Y. Kleymenov 20 */ 21 22package org.apache.harmony.security.tests.javax.security.cert; 23 24import java.io.ByteArrayInputStream; 25import java.io.InputStream; 26import java.security.cert.CertificateFactory; 27import java.util.Arrays; 28import java.util.Calendar; 29import java.util.Date; 30 31import javax.security.cert.CertificateEncodingException; 32import javax.security.cert.CertificateException; 33import javax.security.cert.CertificateExpiredException; 34import javax.security.cert.CertificateNotYetValidException; 35import javax.security.cert.X509Certificate; 36 37import junit.framework.Test; 38import junit.framework.TestCase; 39import junit.framework.TestSuite; 40 41 42/** 43 */ 44 45public class X509CertificateTest extends TestCase { 46 47 // Testing data was generated by using of classes 48 // from org.apache.harmony.security.asn1 package encoded 49 // by org.apache.harmony.misc.Base64 class. 50 51 private static String base64cert = 52 "-----BEGIN CERTIFICATE-----\n" + 53 "MIIC+jCCAragAwIBAgICAiswDAYHKoZIzjgEAwEBADAdMRswGQYDVQQKExJDZXJ0a" + 54 "WZpY2F0ZSBJc3N1ZXIwIhgPMTk3MDAxMTIxMzQ2NDBaGA8xOTcwMDEyNDAzMzMyMF" + 55 "owHzEdMBsGA1UEChMUU3ViamVjdCBPcmdhbml6YXRpb24wGTAMBgcqhkjOOAQDAQE" + 56 "AAwkAAQIDBAUGBwiBAgCqggIAVaOCAhQwggIQMA8GA1UdDwEB/wQFAwMBqoAwEgYD" + 57 "VR0TAQH/BAgwBgEB/wIBBTAUBgNVHSABAf8ECjAIMAYGBFUdIAAwZwYDVR0RAQH/B" + 58 "F0wW4EMcmZjQDgyMi5OYW1lggdkTlNOYW1lpBcxFTATBgNVBAoTDE9yZ2FuaXphdG" + 59 "lvboYaaHR0cDovL3VuaWZvcm0uUmVzb3VyY2UuSWSHBP///wCIByoDolyDsgMwDAY" + 60 "DVR0eAQH/BAIwADAMBgNVHSQBAf8EAjAAMIGZBgNVHSUBAf8EgY4wgYsGBFUdJQAG" + 61 "CCsGAQUFBwMBBggrBgEFBQcDAQYIKwYBBQUHAwIGCCsGAQUFBwMDBggrBgEFBQcDB" + 62 "AYIKwYBBQUHAwUGCCsGAQUFBwMGBggrBgEFBQcDBwYIKwYBBQUHAwgGCCsGAQUFBw" + 63 "MJBggrBgEFBQgCAgYKKwYBBAGCNwoDAwYJYIZIAYb4QgQBMA0GA1UdNgEB/wQDAgE" + 64 "BMA4GBCpNhgkBAf8EAwEBATBkBgNVHRIEXTBbgQxyZmNAODIyLk5hbWWCB2ROU05h" + 65 "bWWkFzEVMBMGA1UEChMMT3JnYW5pemF0aW9uhhpodHRwOi8vdW5pZm9ybS5SZXNvd" + 66 "XJjZS5JZIcE////AIgHKgOiXIOyAzAJBgNVHR8EAjAAMAoGA1UdIwQDAQEBMAoGA1" + 67 "UdDgQDAQEBMAoGA1UdIQQDAQEBMAwGByqGSM44BAMBAQADMAAwLQIUAL4QvoazNWP" + 68 "7jrj84/GZlhm09DsCFQCBKGKCGbrP64VtUt4JPmLjW1VxQA==\n" + 69 "-----END CERTIFICATE-----"; 70 71 private java.security.cert.X509Certificate cert; 72 private javax.security.cert.X509Certificate tbt_cert; 73 74 protected void setUp() throws Exception { 75 try { 76 ByteArrayInputStream bais = 77 new ByteArrayInputStream(base64cert.getBytes()); 78 79 CertificateFactory cf = CertificateFactory.getInstance("X.509"); 80 this.cert = (java.security.cert.X509Certificate) 81 cf.generateCertificate(bais); 82 this.tbt_cert = X509Certificate.getInstance(cert.getEncoded()); 83 } catch (java.security.cert.CertificateException e) { 84 // The requested certificate type is not available. 85 // Test pass.. 86 this.cert = null; 87 } catch (javax.security.cert.CertificateException e) { 88 // The requested certificate type is not available. 89 // Test pass.. 90 this.cert = null; 91 } 92 } 93 94 /** 95 * getInstance(InputStream inStream) method testing. 96 */ 97 public void testGetInstance1() { 98 if (this.cert == null) { 99 // The requested certificate type is not available. 100 // Test can not be applied. 101 return; 102 } 103 try { 104 ByteArrayInputStream bais = 105 new ByteArrayInputStream(cert.getEncoded()); 106 107 X509Certificate.getInstance(bais); 108 } catch (java.security.cert.CertificateEncodingException e) { 109 e.printStackTrace(); 110 fail("Unexpected CertificateEncodingException was thrown."); 111 } catch (CertificateEncodingException e) { 112 e.printStackTrace(); 113 fail("Unexpected CertificateEncodingException was thrown."); 114 } catch (CertificateException e) { 115 // The requested certificate type is not available. 116 // Test pass.. 117 } 118 119 // Regression for HARMONY-756 120 try { 121 X509Certificate.getInstance((InputStream) null); 122 fail("No expected CertificateException"); 123 } catch (CertificateException e) { 124 //expected; 125 } 126 } 127 128 /** 129 * getInstance(byte[] certData) method testing. 130 */ 131 public void testGetInstance2() { 132 if (this.cert == null) { 133 // The requested certificate type is not available. 134 // Test can not be applied. 135 return; 136 } 137 try { 138 X509Certificate.getInstance(cert.getEncoded()); 139 } catch (java.security.cert.CertificateEncodingException e) { 140 e.printStackTrace(); 141 fail("Unexpected CertificateEncodingException was thrown."); 142 } catch (CertificateException e) { 143 // The requested certificate type is not available. 144 // Test pass.. 145 } 146 147 // Regression for HARMONY-756 148 try { 149 X509Certificate.getInstance((byte[]) null); 150 fail("No expected CertificateException"); 151 } catch (CertificateException e) { 152 //expected; 153 } 154 } 155 156 /** 157 * checkValidity() method testing. 158 */ 159 public void testCheckValidity1() { 160 if (this.cert == null) { 161 // The requested certificate type is not available. 162 // Test can not be applied. 163 return; 164 } 165 Date date = new Date(); 166 Date nb_date = tbt_cert.getNotBefore(); 167 Date na_date = tbt_cert.getNotAfter(); 168 try { 169 tbt_cert.checkValidity(); 170 assertFalse("CertificateExpiredException expected", 171 date.compareTo(na_date) > 0); 172 assertFalse("CertificateNotYetValidException expected", 173 date.compareTo(nb_date) < 0); 174 } catch (CertificateExpiredException e) { 175 assertTrue("Unexpected CertificateExpiredException was thrown", 176 date.compareTo(na_date) > 0); 177 } catch (CertificateNotYetValidException e) { 178 assertTrue("Unexpected CertificateNotYetValidException was thrown", 179 date.compareTo(nb_date) < 0); 180 } 181 } 182 183 /** 184 * checkValidity(Date date) method testing. 185 */ 186 public void testCheckValidity2() { 187 if (this.cert == null) { 188 // The requested certificate type is not available. 189 // Test can not be applied. 190 return; 191 } 192 Date[] date = new Date[4]; 193 Calendar calendar = Calendar.getInstance(); 194 for (int i = 0; i < date.length; i++) { 195 calendar.set(i * 50, Calendar.JANUARY, 1); 196 date[i] = calendar.getTime(); 197 } 198 Date nb_date = tbt_cert.getNotBefore(); 199 Date na_date = tbt_cert.getNotAfter(); 200 for (int i = 0; i < date.length; i++) { 201 try { 202 tbt_cert.checkValidity(date[i]); 203 assertFalse("CertificateExpiredException expected", 204 date[i].compareTo(na_date) > 0); 205 assertFalse("CertificateNotYetValidException expected", 206 date[i].compareTo(nb_date) < 0); 207 } catch (CertificateExpiredException e) { 208 assertTrue("Unexpected CertificateExpiredException was thrown", 209 date[i].compareTo(na_date) > 0); 210 } catch (CertificateNotYetValidException e) { 211 assertTrue("Unexpected CertificateNotYetValidException " 212 + "was thrown", date[i].compareTo(nb_date) < 0); 213 } 214 } 215 } 216 217 /** 218 * getVersion() method testing. 219 */ 220 public void testGetVersion() { 221 if (this.cert == null) { 222 // The requested certificate type is not available. 223 // Test can not be applied. 224 return; 225 } 226 assertEquals("The version is not correct.", 227 tbt_cert.getVersion(), 2); 228 } 229 230 /** 231 * getSerialNumber() method testing. 232 */ 233 public void testGetSerialNumber() { 234 if (this.cert == null) { 235 // The requested certificate type is not available. 236 // Test can not be applied. 237 return; 238 } 239 assertEquals("The serial number is not correct.", 240 tbt_cert.getSerialNumber(), cert.getSerialNumber()); 241 } 242 243 /** 244 * getIssuerDN() method testing. 245 */ 246 public void testGetIssuerDN() { 247 if (this.cert == null) { 248 // The requested certificate type is not available. 249 // Test can not be applied. 250 return; 251 } 252 assertEquals("The issuer DN is not correct.", 253 tbt_cert.getIssuerDN(), cert.getIssuerDN()); 254 } 255 256 /** 257 * getSubjectDN() method testing. 258 */ 259 public void testGetSubjectDN() { 260 if (this.cert == null) { 261 // The requested certificate type is not available. 262 // Test can not be applied. 263 return; 264 } 265 assertEquals("The subject DN is not correct.", 266 tbt_cert.getSubjectDN(), cert.getSubjectDN()); 267 } 268 269 /** 270 * getNotBefore() method testing. 271 */ 272 public void testGetNotBefore() { 273 if (this.cert == null) { 274 // The requested certificate type is not available. 275 // Test can not be applied. 276 return; 277 } 278 assertEquals("The NotBefore date is not correct.", 279 tbt_cert.getNotBefore(), cert.getNotBefore()); 280 } 281 282 /** 283 * getNotAfter() method testing. 284 */ 285 public void testGetNotAfter() { 286 if (this.cert == null) { 287 // The requested certificate type is not available. 288 // Test can not be applied. 289 return; 290 } 291 assertEquals("The NotAfter date is not correct.", 292 tbt_cert.getNotAfter(), cert.getNotAfter()); 293 } 294 295 /** 296 * getSigAlgName() method testing. 297 */ 298 public void testGetSigAlgName() { 299 if (this.cert == null) { 300 // The requested certificate type is not available. 301 // Test can not be applied. 302 return; 303 } 304 assertEquals("The name of signature algorithm is not correct.", 305 tbt_cert.getSigAlgName(), cert.getSigAlgName()); 306 } 307 308 /** 309 * getSigAlgOID() method testing. 310 */ 311 public void testGetSigAlgOID() { 312 if (this.cert == null) { 313 // The requested certificate type is not available. 314 // Test can not be applied. 315 return; 316 } 317 assertEquals("The name of OID of signature algorithm is not correct.", 318 tbt_cert.getSigAlgOID(), cert.getSigAlgOID()); 319 } 320 321 /** 322 * getSigAlgParams() method testing. 323 */ 324 public void testGetSigAlgParams() { 325 if (this.cert == null) { 326 // The requested certificate type is not available. 327 // Test can not be applied. 328 return; 329 } 330 assertTrue("The byte array with encoded algorithm parameters " 331 + "is not correct.", Arrays.equals(tbt_cert.getSigAlgParams(), 332 cert.getSigAlgParams())); 333 } 334 335 public static Test suite() { 336 return new TestSuite(X509CertificateTest.class); 337 } 338 339} 340