1/*
2 *  Licensed to the Apache Software Foundation (ASF) under one or more
3 *  contributor license agreements.  See the NOTICE file distributed with
4 *  this work for additional information regarding copyright ownership.
5 *  The ASF licenses this file to You under the Apache License, Version 2.0
6 *  (the "License"); you may not use this file except in compliance with
7 *  the License.  You may obtain a copy of the License at
8 *
9 *     http://www.apache.org/licenses/LICENSE-2.0
10 *
11 *  Unless required by applicable law or agreed to in writing, software
12 *  distributed under the License is distributed on an "AS IS" BASIS,
13 *  WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
14 *  See the License for the specific language governing permissions and
15 *  limitations under the License.
16 */
17
18/**
19 * @author Alexander Y. Kleymenov
20 */
21
22package org.apache.harmony.security.tests.javax.security.cert;
23
24import java.io.ByteArrayInputStream;
25import java.io.InputStream;
26import java.security.cert.CertificateFactory;
27import java.util.Arrays;
28import java.util.Calendar;
29import java.util.Date;
30
31import javax.security.cert.CertificateEncodingException;
32import javax.security.cert.CertificateException;
33import javax.security.cert.CertificateExpiredException;
34import javax.security.cert.CertificateNotYetValidException;
35import javax.security.cert.X509Certificate;
36
37import junit.framework.Test;
38import junit.framework.TestCase;
39import junit.framework.TestSuite;
40
41
42/**
43 */
44
45public class X509CertificateTest extends TestCase {
46
47    // Testing data was generated by using of classes
48    // from org.apache.harmony.security.asn1 package encoded
49    // by org.apache.harmony.misc.Base64 class.
50
51    private static String base64cert =
52            "-----BEGIN CERTIFICATE-----\n" +
53                    "MIIC+jCCAragAwIBAgICAiswDAYHKoZIzjgEAwEBADAdMRswGQYDVQQKExJDZXJ0a" +
54                    "WZpY2F0ZSBJc3N1ZXIwIhgPMTk3MDAxMTIxMzQ2NDBaGA8xOTcwMDEyNDAzMzMyMF" +
55                    "owHzEdMBsGA1UEChMUU3ViamVjdCBPcmdhbml6YXRpb24wGTAMBgcqhkjOOAQDAQE" +
56                    "AAwkAAQIDBAUGBwiBAgCqggIAVaOCAhQwggIQMA8GA1UdDwEB/wQFAwMBqoAwEgYD" +
57                    "VR0TAQH/BAgwBgEB/wIBBTAUBgNVHSABAf8ECjAIMAYGBFUdIAAwZwYDVR0RAQH/B" +
58                    "F0wW4EMcmZjQDgyMi5OYW1lggdkTlNOYW1lpBcxFTATBgNVBAoTDE9yZ2FuaXphdG" +
59                    "lvboYaaHR0cDovL3VuaWZvcm0uUmVzb3VyY2UuSWSHBP///wCIByoDolyDsgMwDAY" +
60                    "DVR0eAQH/BAIwADAMBgNVHSQBAf8EAjAAMIGZBgNVHSUBAf8EgY4wgYsGBFUdJQAG" +
61                    "CCsGAQUFBwMBBggrBgEFBQcDAQYIKwYBBQUHAwIGCCsGAQUFBwMDBggrBgEFBQcDB" +
62                    "AYIKwYBBQUHAwUGCCsGAQUFBwMGBggrBgEFBQcDBwYIKwYBBQUHAwgGCCsGAQUFBw" +
63                    "MJBggrBgEFBQgCAgYKKwYBBAGCNwoDAwYJYIZIAYb4QgQBMA0GA1UdNgEB/wQDAgE" +
64                    "BMA4GBCpNhgkBAf8EAwEBATBkBgNVHRIEXTBbgQxyZmNAODIyLk5hbWWCB2ROU05h" +
65                    "bWWkFzEVMBMGA1UEChMMT3JnYW5pemF0aW9uhhpodHRwOi8vdW5pZm9ybS5SZXNvd" +
66                    "XJjZS5JZIcE////AIgHKgOiXIOyAzAJBgNVHR8EAjAAMAoGA1UdIwQDAQEBMAoGA1" +
67                    "UdDgQDAQEBMAoGA1UdIQQDAQEBMAwGByqGSM44BAMBAQADMAAwLQIUAL4QvoazNWP" +
68                    "7jrj84/GZlhm09DsCFQCBKGKCGbrP64VtUt4JPmLjW1VxQA==\n" +
69                    "-----END CERTIFICATE-----";
70
71    private java.security.cert.X509Certificate cert;
72    private javax.security.cert.X509Certificate tbt_cert;
73
74    protected void setUp() throws Exception {
75        try {
76            ByteArrayInputStream bais =
77                    new ByteArrayInputStream(base64cert.getBytes());
78
79            CertificateFactory cf = CertificateFactory.getInstance("X.509");
80            this.cert = (java.security.cert.X509Certificate)
81                    cf.generateCertificate(bais);
82            this.tbt_cert = X509Certificate.getInstance(cert.getEncoded());
83        } catch (java.security.cert.CertificateException e) {
84            // The requested certificate type is not available.
85            // Test pass..
86            this.cert = null;
87        } catch (javax.security.cert.CertificateException e) {
88            // The requested certificate type is not available.
89            // Test pass..
90            this.cert = null;
91        }
92    }
93
94    /**
95     * getInstance(InputStream inStream) method testing.
96     */
97    public void testGetInstance1() {
98        if (this.cert == null) {
99            // The requested certificate type is not available.
100            // Test can not be applied.
101            return;
102        }
103        try {
104            ByteArrayInputStream bais =
105                    new ByteArrayInputStream(cert.getEncoded());
106
107            X509Certificate.getInstance(bais);
108        } catch (java.security.cert.CertificateEncodingException e) {
109            e.printStackTrace();
110            fail("Unexpected CertificateEncodingException was thrown.");
111        } catch (CertificateEncodingException e) {
112            e.printStackTrace();
113            fail("Unexpected CertificateEncodingException was thrown.");
114        } catch (CertificateException e) {
115            // The requested certificate type is not available.
116            // Test pass..
117        }
118
119        // Regression for HARMONY-756
120        try {
121            X509Certificate.getInstance((InputStream) null);
122            fail("No expected CertificateException");
123        } catch (CertificateException e) {
124            //expected;
125        }
126    }
127
128    /**
129     * getInstance(byte[] certData) method testing.
130     */
131    public void testGetInstance2() {
132        if (this.cert == null) {
133            // The requested certificate type is not available.
134            // Test can not be applied.
135            return;
136        }
137        try {
138            X509Certificate.getInstance(cert.getEncoded());
139        } catch (java.security.cert.CertificateEncodingException e) {
140            e.printStackTrace();
141            fail("Unexpected CertificateEncodingException was thrown.");
142        } catch (CertificateException e) {
143            // The requested certificate type is not available.
144            // Test pass..
145        }
146
147        // Regression for HARMONY-756
148        try {
149            X509Certificate.getInstance((byte[]) null);
150            fail("No expected CertificateException");
151        } catch (CertificateException e) {
152            //expected;
153        }
154    }
155
156    /**
157     * checkValidity() method testing.
158     */
159    public void testCheckValidity1() {
160        if (this.cert == null) {
161            // The requested certificate type is not available.
162            // Test can not be applied.
163            return;
164        }
165        Date date = new Date();
166        Date nb_date = tbt_cert.getNotBefore();
167        Date na_date = tbt_cert.getNotAfter();
168        try {
169            tbt_cert.checkValidity();
170            assertFalse("CertificateExpiredException expected",
171                    date.compareTo(na_date) > 0);
172            assertFalse("CertificateNotYetValidException expected",
173                    date.compareTo(nb_date) < 0);
174        } catch (CertificateExpiredException e) {
175            assertTrue("Unexpected CertificateExpiredException was thrown",
176                    date.compareTo(na_date) > 0);
177        } catch (CertificateNotYetValidException e) {
178            assertTrue("Unexpected CertificateNotYetValidException was thrown",
179                    date.compareTo(nb_date) < 0);
180        }
181    }
182
183    /**
184     * checkValidity(Date date) method testing.
185     */
186    public void testCheckValidity2() {
187        if (this.cert == null) {
188            // The requested certificate type is not available.
189            // Test can not be applied.
190            return;
191        }
192        Date[] date = new Date[4];
193        Calendar calendar = Calendar.getInstance();
194        for (int i = 0; i < date.length; i++) {
195            calendar.set(i * 50, Calendar.JANUARY, 1);
196            date[i] = calendar.getTime();
197        }
198        Date nb_date = tbt_cert.getNotBefore();
199        Date na_date = tbt_cert.getNotAfter();
200        for (int i = 0; i < date.length; i++) {
201            try {
202                tbt_cert.checkValidity(date[i]);
203                assertFalse("CertificateExpiredException expected",
204                        date[i].compareTo(na_date) > 0);
205                assertFalse("CertificateNotYetValidException expected",
206                        date[i].compareTo(nb_date) < 0);
207            } catch (CertificateExpiredException e) {
208                assertTrue("Unexpected CertificateExpiredException was thrown",
209                        date[i].compareTo(na_date) > 0);
210            } catch (CertificateNotYetValidException e) {
211                assertTrue("Unexpected CertificateNotYetValidException "
212                        + "was thrown", date[i].compareTo(nb_date) < 0);
213            }
214        }
215    }
216
217    /**
218     * getVersion() method testing.
219     */
220    public void testGetVersion() {
221        if (this.cert == null) {
222            // The requested certificate type is not available.
223            // Test can not be applied.
224            return;
225        }
226        assertEquals("The version is not correct.",
227                tbt_cert.getVersion(), 2);
228    }
229
230    /**
231     * getSerialNumber() method testing.
232     */
233    public void testGetSerialNumber() {
234        if (this.cert == null) {
235            // The requested certificate type is not available.
236            // Test can not be applied.
237            return;
238        }
239        assertEquals("The serial number is not correct.",
240                tbt_cert.getSerialNumber(), cert.getSerialNumber());
241    }
242
243    /**
244     * getIssuerDN() method testing.
245     */
246    public void testGetIssuerDN() {
247        if (this.cert == null) {
248            // The requested certificate type is not available.
249            // Test can not be applied.
250            return;
251        }
252        assertEquals("The issuer DN is not correct.",
253                tbt_cert.getIssuerDN(), cert.getIssuerDN());
254    }
255
256    /**
257     * getSubjectDN() method testing.
258     */
259    public void testGetSubjectDN() {
260        if (this.cert == null) {
261            // The requested certificate type is not available.
262            // Test can not be applied.
263            return;
264        }
265        assertEquals("The subject DN is not correct.",
266                tbt_cert.getSubjectDN(), cert.getSubjectDN());
267    }
268
269    /**
270     * getNotBefore() method testing.
271     */
272    public void testGetNotBefore() {
273        if (this.cert == null) {
274            // The requested certificate type is not available.
275            // Test can not be applied.
276            return;
277        }
278        assertEquals("The NotBefore date is not correct.",
279                tbt_cert.getNotBefore(), cert.getNotBefore());
280    }
281
282    /**
283     * getNotAfter() method testing.
284     */
285    public void testGetNotAfter() {
286        if (this.cert == null) {
287            // The requested certificate type is not available.
288            // Test can not be applied.
289            return;
290        }
291        assertEquals("The NotAfter date is not correct.",
292                tbt_cert.getNotAfter(), cert.getNotAfter());
293    }
294
295    /**
296     * getSigAlgName() method testing.
297     */
298    public void testGetSigAlgName() {
299        if (this.cert == null) {
300            // The requested certificate type is not available.
301            // Test can not be applied.
302            return;
303        }
304        assertEquals("The name of signature algorithm is not correct.",
305                tbt_cert.getSigAlgName(), cert.getSigAlgName());
306    }
307
308    /**
309     * getSigAlgOID() method testing.
310     */
311    public void testGetSigAlgOID() {
312        if (this.cert == null) {
313            // The requested certificate type is not available.
314            // Test can not be applied.
315            return;
316        }
317        assertEquals("The name of OID of signature algorithm is not correct.",
318                tbt_cert.getSigAlgOID(), cert.getSigAlgOID());
319    }
320
321    /**
322     * getSigAlgParams() method testing.
323     */
324    public void testGetSigAlgParams() {
325        if (this.cert == null) {
326            // The requested certificate type is not available.
327            // Test can not be applied.
328            return;
329        }
330        assertTrue("The byte array with encoded algorithm parameters "
331                + "is not correct.", Arrays.equals(tbt_cert.getSigAlgParams(),
332                cert.getSigAlgParams()));
333    }
334
335    public static Test suite() {
336        return new TestSuite(X509CertificateTest.class);
337    }
338
339}
340