1561ee011997c6c2f1befbfaa9d5f0a99771c1d63Elliott Hughes/* 2561ee011997c6c2f1befbfaa9d5f0a99771c1d63Elliott Hughes * Licensed to the Apache Software Foundation (ASF) under one or more 3561ee011997c6c2f1befbfaa9d5f0a99771c1d63Elliott Hughes * contributor license agreements. See the NOTICE file distributed with 4561ee011997c6c2f1befbfaa9d5f0a99771c1d63Elliott Hughes * this work for additional information regarding copyright ownership. 5561ee011997c6c2f1befbfaa9d5f0a99771c1d63Elliott Hughes * The ASF licenses this file to You under the Apache License, Version 2.0 6561ee011997c6c2f1befbfaa9d5f0a99771c1d63Elliott Hughes * (the "License"); you may not use this file except in compliance with 7561ee011997c6c2f1befbfaa9d5f0a99771c1d63Elliott Hughes * the License. You may obtain a copy of the License at 8561ee011997c6c2f1befbfaa9d5f0a99771c1d63Elliott Hughes * 9561ee011997c6c2f1befbfaa9d5f0a99771c1d63Elliott Hughes * http://www.apache.org/licenses/LICENSE-2.0 10561ee011997c6c2f1befbfaa9d5f0a99771c1d63Elliott Hughes * 11561ee011997c6c2f1befbfaa9d5f0a99771c1d63Elliott Hughes * Unless required by applicable law or agreed to in writing, software 12561ee011997c6c2f1befbfaa9d5f0a99771c1d63Elliott Hughes * distributed under the License is distributed on an "AS IS" BASIS, 13561ee011997c6c2f1befbfaa9d5f0a99771c1d63Elliott Hughes * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. 14561ee011997c6c2f1befbfaa9d5f0a99771c1d63Elliott Hughes * See the License for the specific language governing permissions and 15561ee011997c6c2f1befbfaa9d5f0a99771c1d63Elliott Hughes * limitations under the License. 16561ee011997c6c2f1befbfaa9d5f0a99771c1d63Elliott Hughes */ 17561ee011997c6c2f1befbfaa9d5f0a99771c1d63Elliott Hughes 18561ee011997c6c2f1befbfaa9d5f0a99771c1d63Elliott Hughes/** 198d8858e39800de641b50f6e8e864af9cf68bedeaNarayan Kamath * @author Alexander Y. Kleymenov 208d8858e39800de641b50f6e8e864af9cf68bedeaNarayan Kamath */ 21561ee011997c6c2f1befbfaa9d5f0a99771c1d63Elliott Hughes 22561ee011997c6c2f1befbfaa9d5f0a99771c1d63Elliott Hughespackage java.security.cert; 23561ee011997c6c2f1befbfaa9d5f0a99771c1d63Elliott Hughes 24561ee011997c6c2f1befbfaa9d5f0a99771c1d63Elliott Hughesimport java.io.IOException; 25561ee011997c6c2f1befbfaa9d5f0a99771c1d63Elliott Hughesimport java.math.BigInteger; 26561ee011997c6c2f1befbfaa9d5f0a99771c1d63Elliott Hughesimport java.security.InvalidKeyException; 27561ee011997c6c2f1befbfaa9d5f0a99771c1d63Elliott Hughesimport java.security.NoSuchAlgorithmException; 28561ee011997c6c2f1befbfaa9d5f0a99771c1d63Elliott Hughesimport java.security.NoSuchProviderException; 29561ee011997c6c2f1befbfaa9d5f0a99771c1d63Elliott Hughesimport java.security.Principal; 30561ee011997c6c2f1befbfaa9d5f0a99771c1d63Elliott Hughesimport java.security.PublicKey; 31561ee011997c6c2f1befbfaa9d5f0a99771c1d63Elliott Hughesimport java.security.SignatureException; 32561ee011997c6c2f1befbfaa9d5f0a99771c1d63Elliott Hughesimport java.security.cert.CertificateEncodingException; 33561ee011997c6c2f1befbfaa9d5f0a99771c1d63Elliott Hughesimport java.security.cert.CertificateException; 34561ee011997c6c2f1befbfaa9d5f0a99771c1d63Elliott Hughesimport java.security.cert.CertificateExpiredException; 35561ee011997c6c2f1befbfaa9d5f0a99771c1d63Elliott Hughesimport java.security.cert.CertificateNotYetValidException; 36561ee011997c6c2f1befbfaa9d5f0a99771c1d63Elliott Hughesimport java.security.cert.X509Certificate; 37561ee011997c6c2f1befbfaa9d5f0a99771c1d63Elliott Hughesimport java.security.spec.InvalidKeySpecException; 38561ee011997c6c2f1befbfaa9d5f0a99771c1d63Elliott Hughesimport java.util.Date; 39561ee011997c6c2f1befbfaa9d5f0a99771c1d63Elliott Hughesimport java.util.Set; 40561ee011997c6c2f1befbfaa9d5f0a99771c1d63Elliott Hughesimport java.util.HashSet; 41561ee011997c6c2f1befbfaa9d5f0a99771c1d63Elliott Hughesimport java.util.Arrays; 42561ee011997c6c2f1befbfaa9d5f0a99771c1d63Elliott Hughesimport java.util.ArrayList; 43561ee011997c6c2f1befbfaa9d5f0a99771c1d63Elliott Hughesimport java.util.List; 44561ee011997c6c2f1befbfaa9d5f0a99771c1d63Elliott Hughesimport java.util.Iterator; 45561ee011997c6c2f1befbfaa9d5f0a99771c1d63Elliott Hughesimport java.util.Collection; 46561ee011997c6c2f1befbfaa9d5f0a99771c1d63Elliott Hughesimport javax.security.auth.x500.X500Principal; 47561ee011997c6c2f1befbfaa9d5f0a99771c1d63Elliott Hughes 48561ee011997c6c2f1befbfaa9d5f0a99771c1d63Elliott Hughesimport org.apache.harmony.security.asn1.ASN1Boolean; 49561ee011997c6c2f1befbfaa9d5f0a99771c1d63Elliott Hughesimport org.apache.harmony.security.asn1.ASN1Integer; 50561ee011997c6c2f1befbfaa9d5f0a99771c1d63Elliott Hughesimport org.apache.harmony.security.asn1.ASN1OctetString; 51561ee011997c6c2f1befbfaa9d5f0a99771c1d63Elliott Hughesimport org.apache.harmony.security.asn1.ASN1Oid; 52561ee011997c6c2f1befbfaa9d5f0a99771c1d63Elliott Hughesimport org.apache.harmony.security.asn1.ASN1Sequence; 53561ee011997c6c2f1befbfaa9d5f0a99771c1d63Elliott Hughesimport org.apache.harmony.security.asn1.ASN1Type; 54561ee011997c6c2f1befbfaa9d5f0a99771c1d63Elliott Hughes 55561ee011997c6c2f1befbfaa9d5f0a99771c1d63Elliott Hughesimport org.apache.harmony.security.tests.support.TestKeyPair; 56561ee011997c6c2f1befbfaa9d5f0a99771c1d63Elliott Hughesimport org.apache.harmony.security.x501.Name; 57561ee011997c6c2f1befbfaa9d5f0a99771c1d63Elliott Hughesimport org.apache.harmony.security.x509.AlgorithmIdentifier; 58561ee011997c6c2f1befbfaa9d5f0a99771c1d63Elliott Hughesimport org.apache.harmony.security.x509.CertificatePolicies; 59561ee011997c6c2f1befbfaa9d5f0a99771c1d63Elliott Hughesimport org.apache.harmony.security.x509.EDIPartyName; 60561ee011997c6c2f1befbfaa9d5f0a99771c1d63Elliott Hughesimport org.apache.harmony.security.x509.Extension; 61561ee011997c6c2f1befbfaa9d5f0a99771c1d63Elliott Hughesimport org.apache.harmony.security.x509.Extensions; 62561ee011997c6c2f1befbfaa9d5f0a99771c1d63Elliott Hughesimport org.apache.harmony.security.x509.GeneralName; 63561ee011997c6c2f1befbfaa9d5f0a99771c1d63Elliott Hughesimport org.apache.harmony.security.x509.GeneralNames; 64561ee011997c6c2f1befbfaa9d5f0a99771c1d63Elliott Hughesimport org.apache.harmony.security.x509.GeneralSubtree; 65561ee011997c6c2f1befbfaa9d5f0a99771c1d63Elliott Hughesimport org.apache.harmony.security.x509.GeneralSubtrees; 66561ee011997c6c2f1befbfaa9d5f0a99771c1d63Elliott Hughesimport org.apache.harmony.security.x509.NameConstraints; 67561ee011997c6c2f1befbfaa9d5f0a99771c1d63Elliott Hughesimport org.apache.harmony.security.x509.ORAddress; 68561ee011997c6c2f1befbfaa9d5f0a99771c1d63Elliott Hughesimport org.apache.harmony.security.x509.OtherName; 69561ee011997c6c2f1befbfaa9d5f0a99771c1d63Elliott Hughesimport org.apache.harmony.security.x509.PolicyInformation; 70561ee011997c6c2f1befbfaa9d5f0a99771c1d63Elliott Hughesimport org.apache.harmony.security.x509.PrivateKeyUsagePeriod; 71561ee011997c6c2f1befbfaa9d5f0a99771c1d63Elliott Hughesimport org.apache.harmony.security.x509.SubjectPublicKeyInfo; 72561ee011997c6c2f1befbfaa9d5f0a99771c1d63Elliott Hughesimport org.apache.harmony.security.x509.TBSCertificate; 73561ee011997c6c2f1befbfaa9d5f0a99771c1d63Elliott Hughesimport org.apache.harmony.security.x509.Validity; 74561ee011997c6c2f1befbfaa9d5f0a99771c1d63Elliott Hughes 75561ee011997c6c2f1befbfaa9d5f0a99771c1d63Elliott Hughes 76561ee011997c6c2f1befbfaa9d5f0a99771c1d63Elliott Hughesimport junit.framework.Test; 77561ee011997c6c2f1befbfaa9d5f0a99771c1d63Elliott Hughesimport junit.framework.TestCase; 78561ee011997c6c2f1befbfaa9d5f0a99771c1d63Elliott Hughesimport junit.framework.TestSuite; 79561ee011997c6c2f1befbfaa9d5f0a99771c1d63Elliott Hughes 80561ee011997c6c2f1befbfaa9d5f0a99771c1d63Elliott Hughes/** 81561ee011997c6c2f1befbfaa9d5f0a99771c1d63Elliott Hughes * X509CertSelectorTest 82561ee011997c6c2f1befbfaa9d5f0a99771c1d63Elliott Hughes */ 83561ee011997c6c2f1befbfaa9d5f0a99771c1d63Elliott Hughespublic class X509CertSelectorTest extends TestCase { 84561ee011997c6c2f1befbfaa9d5f0a99771c1d63Elliott Hughes 85561ee011997c6c2f1befbfaa9d5f0a99771c1d63Elliott Hughes /** 86561ee011997c6c2f1befbfaa9d5f0a99771c1d63Elliott Hughes * The abstract class stub implementation. 87561ee011997c6c2f1befbfaa9d5f0a99771c1d63Elliott Hughes */ 88561ee011997c6c2f1befbfaa9d5f0a99771c1d63Elliott Hughes private class TestCert extends X509Certificate { 89e98fbf8686c5289bf03fe5c3de7ff82d3a77104dElliott Hughes 90561ee011997c6c2f1befbfaa9d5f0a99771c1d63Elliott Hughes /* Stuff fields */ 91561ee011997c6c2f1befbfaa9d5f0a99771c1d63Elliott Hughes protected String equalCriteria = null; // to simplify method equals() 92561ee011997c6c2f1befbfaa9d5f0a99771c1d63Elliott Hughes protected BigInteger serialNumber = null; 93561ee011997c6c2f1befbfaa9d5f0a99771c1d63Elliott Hughes protected X500Principal issuer = null; 94561ee011997c6c2f1befbfaa9d5f0a99771c1d63Elliott Hughes protected X500Principal subject = null; 95561ee011997c6c2f1befbfaa9d5f0a99771c1d63Elliott Hughes protected byte[] keyIdentifier = null; 96561ee011997c6c2f1befbfaa9d5f0a99771c1d63Elliott Hughes protected Date date = null; 97561ee011997c6c2f1befbfaa9d5f0a99771c1d63Elliott Hughes protected Date notBefore = null; 98561ee011997c6c2f1befbfaa9d5f0a99771c1d63Elliott Hughes protected Date notAfter = null; 99561ee011997c6c2f1befbfaa9d5f0a99771c1d63Elliott Hughes protected PublicKey key = null; 100561ee011997c6c2f1befbfaa9d5f0a99771c1d63Elliott Hughes protected boolean[] keyUsage = null; 101561ee011997c6c2f1befbfaa9d5f0a99771c1d63Elliott Hughes protected List extKeyUsage = null; 102561ee011997c6c2f1befbfaa9d5f0a99771c1d63Elliott Hughes protected int pathLen = -1; 103561ee011997c6c2f1befbfaa9d5f0a99771c1d63Elliott Hughes protected GeneralNames sans = null; 104561ee011997c6c2f1befbfaa9d5f0a99771c1d63Elliott Hughes protected byte[] encoding = null; 105561ee011997c6c2f1befbfaa9d5f0a99771c1d63Elliott Hughes protected String[] policies = null; 106561ee011997c6c2f1befbfaa9d5f0a99771c1d63Elliott Hughes protected NameConstraints nameConstraints = null; 107e98fbf8686c5289bf03fe5c3de7ff82d3a77104dElliott Hughes 108561ee011997c6c2f1befbfaa9d5f0a99771c1d63Elliott Hughes /* Stuff methods */ 1098d8858e39800de641b50f6e8e864af9cf68bedeaNarayan Kamath public TestCert() { 1108d8858e39800de641b50f6e8e864af9cf68bedeaNarayan Kamath } 111e98fbf8686c5289bf03fe5c3de7ff82d3a77104dElliott Hughes 112561ee011997c6c2f1befbfaa9d5f0a99771c1d63Elliott Hughes public TestCert(GeneralNames sans) { 113561ee011997c6c2f1befbfaa9d5f0a99771c1d63Elliott Hughes setSubjectAlternativeNames(sans); 114561ee011997c6c2f1befbfaa9d5f0a99771c1d63Elliott Hughes } 115561ee011997c6c2f1befbfaa9d5f0a99771c1d63Elliott Hughes 116561ee011997c6c2f1befbfaa9d5f0a99771c1d63Elliott Hughes public TestCert(NameConstraints nameConstraints) { 117561ee011997c6c2f1befbfaa9d5f0a99771c1d63Elliott Hughes this.nameConstraints = nameConstraints; 118561ee011997c6c2f1befbfaa9d5f0a99771c1d63Elliott Hughes } 119561ee011997c6c2f1befbfaa9d5f0a99771c1d63Elliott Hughes 120561ee011997c6c2f1befbfaa9d5f0a99771c1d63Elliott Hughes public TestCert(String equalCriteria) { 121561ee011997c6c2f1befbfaa9d5f0a99771c1d63Elliott Hughes setEqualCriteria(equalCriteria); 122561ee011997c6c2f1befbfaa9d5f0a99771c1d63Elliott Hughes } 123e98fbf8686c5289bf03fe5c3de7ff82d3a77104dElliott Hughes 124561ee011997c6c2f1befbfaa9d5f0a99771c1d63Elliott Hughes public TestCert(String[] policies) { 125561ee011997c6c2f1befbfaa9d5f0a99771c1d63Elliott Hughes setPolicies(policies); 126561ee011997c6c2f1befbfaa9d5f0a99771c1d63Elliott Hughes } 127e98fbf8686c5289bf03fe5c3de7ff82d3a77104dElliott Hughes 128561ee011997c6c2f1befbfaa9d5f0a99771c1d63Elliott Hughes public TestCert(BigInteger serial) { 129561ee011997c6c2f1befbfaa9d5f0a99771c1d63Elliott Hughes setSerialNumber(serial); 130561ee011997c6c2f1befbfaa9d5f0a99771c1d63Elliott Hughes } 131e98fbf8686c5289bf03fe5c3de7ff82d3a77104dElliott Hughes 132561ee011997c6c2f1befbfaa9d5f0a99771c1d63Elliott Hughes public TestCert(X500Principal principal) { 133561ee011997c6c2f1befbfaa9d5f0a99771c1d63Elliott Hughes setIssuer(principal); 134561ee011997c6c2f1befbfaa9d5f0a99771c1d63Elliott Hughes setSubject(principal); 135561ee011997c6c2f1befbfaa9d5f0a99771c1d63Elliott Hughes } 136e98fbf8686c5289bf03fe5c3de7ff82d3a77104dElliott Hughes 137561ee011997c6c2f1befbfaa9d5f0a99771c1d63Elliott Hughes public TestCert(byte[] array) { 138561ee011997c6c2f1befbfaa9d5f0a99771c1d63Elliott Hughes setKeyIdentifier(array); 139561ee011997c6c2f1befbfaa9d5f0a99771c1d63Elliott Hughes } 140e98fbf8686c5289bf03fe5c3de7ff82d3a77104dElliott Hughes 141561ee011997c6c2f1befbfaa9d5f0a99771c1d63Elliott Hughes public TestCert(Date date) { 142561ee011997c6c2f1befbfaa9d5f0a99771c1d63Elliott Hughes setDate(date); 143561ee011997c6c2f1befbfaa9d5f0a99771c1d63Elliott Hughes } 144e98fbf8686c5289bf03fe5c3de7ff82d3a77104dElliott Hughes 145561ee011997c6c2f1befbfaa9d5f0a99771c1d63Elliott Hughes public TestCert(Date notBefore, Date notAfter) { 146561ee011997c6c2f1befbfaa9d5f0a99771c1d63Elliott Hughes setPeriod(notBefore, notAfter); 147561ee011997c6c2f1befbfaa9d5f0a99771c1d63Elliott Hughes } 148e98fbf8686c5289bf03fe5c3de7ff82d3a77104dElliott Hughes 149561ee011997c6c2f1befbfaa9d5f0a99771c1d63Elliott Hughes public TestCert(PublicKey key) { 150561ee011997c6c2f1befbfaa9d5f0a99771c1d63Elliott Hughes setPublicKey(key); 151561ee011997c6c2f1befbfaa9d5f0a99771c1d63Elliott Hughes } 152e98fbf8686c5289bf03fe5c3de7ff82d3a77104dElliott Hughes 153561ee011997c6c2f1befbfaa9d5f0a99771c1d63Elliott Hughes public TestCert(boolean[] keyUsage) { 154561ee011997c6c2f1befbfaa9d5f0a99771c1d63Elliott Hughes setKeyUsage(keyUsage); 155561ee011997c6c2f1befbfaa9d5f0a99771c1d63Elliott Hughes } 156e98fbf8686c5289bf03fe5c3de7ff82d3a77104dElliott Hughes 157561ee011997c6c2f1befbfaa9d5f0a99771c1d63Elliott Hughes public TestCert(Set extKeyUsage) { 158561ee011997c6c2f1befbfaa9d5f0a99771c1d63Elliott Hughes setExtendedKeyUsage(extKeyUsage); 159561ee011997c6c2f1befbfaa9d5f0a99771c1d63Elliott Hughes } 160e98fbf8686c5289bf03fe5c3de7ff82d3a77104dElliott Hughes 161561ee011997c6c2f1befbfaa9d5f0a99771c1d63Elliott Hughes public TestCert(int pathLen) { 162561ee011997c6c2f1befbfaa9d5f0a99771c1d63Elliott Hughes this.pathLen = pathLen; 163561ee011997c6c2f1befbfaa9d5f0a99771c1d63Elliott Hughes } 164e98fbf8686c5289bf03fe5c3de7ff82d3a77104dElliott Hughes 165561ee011997c6c2f1befbfaa9d5f0a99771c1d63Elliott Hughes public void setPolicies(String[] policies) { 166561ee011997c6c2f1befbfaa9d5f0a99771c1d63Elliott Hughes this.policies = policies; 167561ee011997c6c2f1befbfaa9d5f0a99771c1d63Elliott Hughes } 168e98fbf8686c5289bf03fe5c3de7ff82d3a77104dElliott Hughes 169561ee011997c6c2f1befbfaa9d5f0a99771c1d63Elliott Hughes public void setSubjectAlternativeNames(GeneralNames sans) { 170561ee011997c6c2f1befbfaa9d5f0a99771c1d63Elliott Hughes this.sans = sans; 171561ee011997c6c2f1befbfaa9d5f0a99771c1d63Elliott Hughes } 172561ee011997c6c2f1befbfaa9d5f0a99771c1d63Elliott Hughes 173561ee011997c6c2f1befbfaa9d5f0a99771c1d63Elliott Hughes public void setExtendedKeyUsage(Set extKeyUsage) { 174e98fbf8686c5289bf03fe5c3de7ff82d3a77104dElliott Hughes this.extKeyUsage = (extKeyUsage == null) 1758d8858e39800de641b50f6e8e864af9cf68bedeaNarayan Kamath ? null 1768d8858e39800de641b50f6e8e864af9cf68bedeaNarayan Kamath : new ArrayList(extKeyUsage); 177561ee011997c6c2f1befbfaa9d5f0a99771c1d63Elliott Hughes } 178e98fbf8686c5289bf03fe5c3de7ff82d3a77104dElliott Hughes 179561ee011997c6c2f1befbfaa9d5f0a99771c1d63Elliott Hughes public void setKeyUsage(boolean[] keyUsage) { 180561ee011997c6c2f1befbfaa9d5f0a99771c1d63Elliott Hughes this.keyUsage = (keyUsage == null) ? null 1818d8858e39800de641b50f6e8e864af9cf68bedeaNarayan Kamath : (boolean[]) keyUsage.clone(); 182561ee011997c6c2f1befbfaa9d5f0a99771c1d63Elliott Hughes } 183e98fbf8686c5289bf03fe5c3de7ff82d3a77104dElliott Hughes 184561ee011997c6c2f1befbfaa9d5f0a99771c1d63Elliott Hughes public void setPublicKey(PublicKey key) { 185561ee011997c6c2f1befbfaa9d5f0a99771c1d63Elliott Hughes this.key = key; 186561ee011997c6c2f1befbfaa9d5f0a99771c1d63Elliott Hughes } 187e98fbf8686c5289bf03fe5c3de7ff82d3a77104dElliott Hughes 188561ee011997c6c2f1befbfaa9d5f0a99771c1d63Elliott Hughes public void setPeriod(Date notBefore, Date notAfter) { 189561ee011997c6c2f1befbfaa9d5f0a99771c1d63Elliott Hughes this.notBefore = notBefore; 190561ee011997c6c2f1befbfaa9d5f0a99771c1d63Elliott Hughes this.notAfter = notAfter; 191561ee011997c6c2f1befbfaa9d5f0a99771c1d63Elliott Hughes } 192e98fbf8686c5289bf03fe5c3de7ff82d3a77104dElliott Hughes 193561ee011997c6c2f1befbfaa9d5f0a99771c1d63Elliott Hughes public void setSerialNumber(BigInteger serial) { 194561ee011997c6c2f1befbfaa9d5f0a99771c1d63Elliott Hughes this.serialNumber = serial; 195561ee011997c6c2f1befbfaa9d5f0a99771c1d63Elliott Hughes } 196561ee011997c6c2f1befbfaa9d5f0a99771c1d63Elliott Hughes 197561ee011997c6c2f1befbfaa9d5f0a99771c1d63Elliott Hughes public void setEqualCriteria(String equalCriteria) { 198e98fbf8686c5289bf03fe5c3de7ff82d3a77104dElliott Hughes this.equalCriteria = equalCriteria; 199561ee011997c6c2f1befbfaa9d5f0a99771c1d63Elliott Hughes } 200e98fbf8686c5289bf03fe5c3de7ff82d3a77104dElliott Hughes 201561ee011997c6c2f1befbfaa9d5f0a99771c1d63Elliott Hughes public void setIssuer(X500Principal issuer) { 202e98fbf8686c5289bf03fe5c3de7ff82d3a77104dElliott Hughes this.issuer = issuer; 203561ee011997c6c2f1befbfaa9d5f0a99771c1d63Elliott Hughes } 204e98fbf8686c5289bf03fe5c3de7ff82d3a77104dElliott Hughes 205561ee011997c6c2f1befbfaa9d5f0a99771c1d63Elliott Hughes public void setSubject(X500Principal subject) { 206e98fbf8686c5289bf03fe5c3de7ff82d3a77104dElliott Hughes this.subject = subject; 207561ee011997c6c2f1befbfaa9d5f0a99771c1d63Elliott Hughes } 208e98fbf8686c5289bf03fe5c3de7ff82d3a77104dElliott Hughes 209561ee011997c6c2f1befbfaa9d5f0a99771c1d63Elliott Hughes public void setKeyIdentifier(byte[] subjectKeyID) { 210e98fbf8686c5289bf03fe5c3de7ff82d3a77104dElliott Hughes this.keyIdentifier = subjectKeyID.clone(); 211561ee011997c6c2f1befbfaa9d5f0a99771c1d63Elliott Hughes } 212e98fbf8686c5289bf03fe5c3de7ff82d3a77104dElliott Hughes 213561ee011997c6c2f1befbfaa9d5f0a99771c1d63Elliott Hughes public void setDate(Date date) { 214e98fbf8686c5289bf03fe5c3de7ff82d3a77104dElliott Hughes this.date = new Date(date.getTime()); 215561ee011997c6c2f1befbfaa9d5f0a99771c1d63Elliott Hughes } 216561ee011997c6c2f1befbfaa9d5f0a99771c1d63Elliott Hughes 217561ee011997c6c2f1befbfaa9d5f0a99771c1d63Elliott Hughes public void setEncoding(byte[] encoding) { 218561ee011997c6c2f1befbfaa9d5f0a99771c1d63Elliott Hughes this.encoding = encoding; 219561ee011997c6c2f1befbfaa9d5f0a99771c1d63Elliott Hughes } 220e98fbf8686c5289bf03fe5c3de7ff82d3a77104dElliott Hughes 221e98fbf8686c5289bf03fe5c3de7ff82d3a77104dElliott Hughes /* Method implementations */ 222561ee011997c6c2f1befbfaa9d5f0a99771c1d63Elliott Hughes public boolean equals(Object cert) { 223561ee011997c6c2f1befbfaa9d5f0a99771c1d63Elliott Hughes if (cert == null) { 224561ee011997c6c2f1befbfaa9d5f0a99771c1d63Elliott Hughes return false; 225561ee011997c6c2f1befbfaa9d5f0a99771c1d63Elliott Hughes } 226e98fbf8686c5289bf03fe5c3de7ff82d3a77104dElliott Hughes if ((equalCriteria == null) 2278d8858e39800de641b50f6e8e864af9cf68bedeaNarayan Kamath || (((TestCert) cert).equalCriteria == null)) { 228561ee011997c6c2f1befbfaa9d5f0a99771c1d63Elliott Hughes return false; 229561ee011997c6c2f1befbfaa9d5f0a99771c1d63Elliott Hughes } else { 2308d8858e39800de641b50f6e8e864af9cf68bedeaNarayan Kamath return equalCriteria.equals(((TestCert) cert).equalCriteria); 231561ee011997c6c2f1befbfaa9d5f0a99771c1d63Elliott Hughes } 232561ee011997c6c2f1befbfaa9d5f0a99771c1d63Elliott Hughes } 233e98fbf8686c5289bf03fe5c3de7ff82d3a77104dElliott Hughes 234561ee011997c6c2f1befbfaa9d5f0a99771c1d63Elliott Hughes public String toString() { 235561ee011997c6c2f1befbfaa9d5f0a99771c1d63Elliott Hughes if (equalCriteria != null) { 236561ee011997c6c2f1befbfaa9d5f0a99771c1d63Elliott Hughes return equalCriteria; 237561ee011997c6c2f1befbfaa9d5f0a99771c1d63Elliott Hughes } 238561ee011997c6c2f1befbfaa9d5f0a99771c1d63Elliott Hughes return ""; 239561ee011997c6c2f1befbfaa9d5f0a99771c1d63Elliott Hughes } 240e98fbf8686c5289bf03fe5c3de7ff82d3a77104dElliott Hughes 241561ee011997c6c2f1befbfaa9d5f0a99771c1d63Elliott Hughes public void checkValidity() throws CertificateExpiredException, 2428d8858e39800de641b50f6e8e864af9cf68bedeaNarayan Kamath CertificateNotYetValidException { 2438d8858e39800de641b50f6e8e864af9cf68bedeaNarayan Kamath } 244561ee011997c6c2f1befbfaa9d5f0a99771c1d63Elliott Hughes 245e98fbf8686c5289bf03fe5c3de7ff82d3a77104dElliott Hughes public void checkValidity(Date date) 2468d8858e39800de641b50f6e8e864af9cf68bedeaNarayan Kamath throws CertificateExpiredException, 2478d8858e39800de641b50f6e8e864af9cf68bedeaNarayan Kamath CertificateNotYetValidException { 248561ee011997c6c2f1befbfaa9d5f0a99771c1d63Elliott Hughes if (this.date == null) { 249561ee011997c6c2f1befbfaa9d5f0a99771c1d63Elliott Hughes throw new CertificateExpiredException(); 250561ee011997c6c2f1befbfaa9d5f0a99771c1d63Elliott Hughes } 251561ee011997c6c2f1befbfaa9d5f0a99771c1d63Elliott Hughes int result = this.date.compareTo(date); 252561ee011997c6c2f1befbfaa9d5f0a99771c1d63Elliott Hughes if (result > 0) { 253561ee011997c6c2f1befbfaa9d5f0a99771c1d63Elliott Hughes throw new CertificateExpiredException(); 254561ee011997c6c2f1befbfaa9d5f0a99771c1d63Elliott Hughes } 255561ee011997c6c2f1befbfaa9d5f0a99771c1d63Elliott Hughes if (result < 0) { 256561ee011997c6c2f1befbfaa9d5f0a99771c1d63Elliott Hughes throw new CertificateNotYetValidException(); 257561ee011997c6c2f1befbfaa9d5f0a99771c1d63Elliott Hughes } 258561ee011997c6c2f1befbfaa9d5f0a99771c1d63Elliott Hughes } 259561ee011997c6c2f1befbfaa9d5f0a99771c1d63Elliott Hughes 260561ee011997c6c2f1befbfaa9d5f0a99771c1d63Elliott Hughes public int getVersion() { 261561ee011997c6c2f1befbfaa9d5f0a99771c1d63Elliott Hughes return 3; 262561ee011997c6c2f1befbfaa9d5f0a99771c1d63Elliott Hughes } 263561ee011997c6c2f1befbfaa9d5f0a99771c1d63Elliott Hughes 264561ee011997c6c2f1befbfaa9d5f0a99771c1d63Elliott Hughes public BigInteger getSerialNumber() { 265e98fbf8686c5289bf03fe5c3de7ff82d3a77104dElliott Hughes return (serialNumber == null) 266e98fbf8686c5289bf03fe5c3de7ff82d3a77104dElliott Hughes ? new BigInteger("1111") 267561ee011997c6c2f1befbfaa9d5f0a99771c1d63Elliott Hughes : serialNumber; 268561ee011997c6c2f1befbfaa9d5f0a99771c1d63Elliott Hughes } 269561ee011997c6c2f1befbfaa9d5f0a99771c1d63Elliott Hughes 270561ee011997c6c2f1befbfaa9d5f0a99771c1d63Elliott Hughes public Principal getIssuerDN() { 271561ee011997c6c2f1befbfaa9d5f0a99771c1d63Elliott Hughes return issuer; 272561ee011997c6c2f1befbfaa9d5f0a99771c1d63Elliott Hughes } 273e98fbf8686c5289bf03fe5c3de7ff82d3a77104dElliott Hughes 274561ee011997c6c2f1befbfaa9d5f0a99771c1d63Elliott Hughes public X500Principal getIssuerX500Principal() { 275561ee011997c6c2f1befbfaa9d5f0a99771c1d63Elliott Hughes return issuer; 276561ee011997c6c2f1befbfaa9d5f0a99771c1d63Elliott Hughes } 277e98fbf8686c5289bf03fe5c3de7ff82d3a77104dElliott Hughes 278561ee011997c6c2f1befbfaa9d5f0a99771c1d63Elliott Hughes public Principal getSubjectDN() { 279561ee011997c6c2f1befbfaa9d5f0a99771c1d63Elliott Hughes return subject; 280561ee011997c6c2f1befbfaa9d5f0a99771c1d63Elliott Hughes } 281561ee011997c6c2f1befbfaa9d5f0a99771c1d63Elliott Hughes 282561ee011997c6c2f1befbfaa9d5f0a99771c1d63Elliott Hughes public X500Principal getSubjectX500Principal() { 283561ee011997c6c2f1befbfaa9d5f0a99771c1d63Elliott Hughes return subject; 284561ee011997c6c2f1befbfaa9d5f0a99771c1d63Elliott Hughes } 285561ee011997c6c2f1befbfaa9d5f0a99771c1d63Elliott Hughes 286561ee011997c6c2f1befbfaa9d5f0a99771c1d63Elliott Hughes public Date getNotBefore() { 287561ee011997c6c2f1befbfaa9d5f0a99771c1d63Elliott Hughes return null; 288561ee011997c6c2f1befbfaa9d5f0a99771c1d63Elliott Hughes } 289561ee011997c6c2f1befbfaa9d5f0a99771c1d63Elliott Hughes 290561ee011997c6c2f1befbfaa9d5f0a99771c1d63Elliott Hughes public Date getNotAfter() { 291561ee011997c6c2f1befbfaa9d5f0a99771c1d63Elliott Hughes return null; 292561ee011997c6c2f1befbfaa9d5f0a99771c1d63Elliott Hughes } 293561ee011997c6c2f1befbfaa9d5f0a99771c1d63Elliott Hughes 294561ee011997c6c2f1befbfaa9d5f0a99771c1d63Elliott Hughes public byte[] getTBSCertificate() 2958d8858e39800de641b50f6e8e864af9cf68bedeaNarayan Kamath throws CertificateEncodingException { 296561ee011997c6c2f1befbfaa9d5f0a99771c1d63Elliott Hughes return null; 297561ee011997c6c2f1befbfaa9d5f0a99771c1d63Elliott Hughes } 298561ee011997c6c2f1befbfaa9d5f0a99771c1d63Elliott Hughes 299561ee011997c6c2f1befbfaa9d5f0a99771c1d63Elliott Hughes public byte[] getSignature() { 300561ee011997c6c2f1befbfaa9d5f0a99771c1d63Elliott Hughes return null; 301561ee011997c6c2f1befbfaa9d5f0a99771c1d63Elliott Hughes } 302561ee011997c6c2f1befbfaa9d5f0a99771c1d63Elliott Hughes 303561ee011997c6c2f1befbfaa9d5f0a99771c1d63Elliott Hughes public String getSigAlgName() { 304561ee011997c6c2f1befbfaa9d5f0a99771c1d63Elliott Hughes return null; 305561ee011997c6c2f1befbfaa9d5f0a99771c1d63Elliott Hughes } 306561ee011997c6c2f1befbfaa9d5f0a99771c1d63Elliott Hughes 307561ee011997c6c2f1befbfaa9d5f0a99771c1d63Elliott Hughes public String getSigAlgOID() { 308561ee011997c6c2f1befbfaa9d5f0a99771c1d63Elliott Hughes return null; 309561ee011997c6c2f1befbfaa9d5f0a99771c1d63Elliott Hughes } 310561ee011997c6c2f1befbfaa9d5f0a99771c1d63Elliott Hughes 311561ee011997c6c2f1befbfaa9d5f0a99771c1d63Elliott Hughes public byte[] getSigAlgParams() { 312561ee011997c6c2f1befbfaa9d5f0a99771c1d63Elliott Hughes return null; 313561ee011997c6c2f1befbfaa9d5f0a99771c1d63Elliott Hughes } 314561ee011997c6c2f1befbfaa9d5f0a99771c1d63Elliott Hughes 315561ee011997c6c2f1befbfaa9d5f0a99771c1d63Elliott Hughes public boolean[] getIssuerUniqueID() { 316561ee011997c6c2f1befbfaa9d5f0a99771c1d63Elliott Hughes return null; 317561ee011997c6c2f1befbfaa9d5f0a99771c1d63Elliott Hughes } 318561ee011997c6c2f1befbfaa9d5f0a99771c1d63Elliott Hughes 319561ee011997c6c2f1befbfaa9d5f0a99771c1d63Elliott Hughes public boolean[] getSubjectUniqueID() { 320561ee011997c6c2f1befbfaa9d5f0a99771c1d63Elliott Hughes return null; 321561ee011997c6c2f1befbfaa9d5f0a99771c1d63Elliott Hughes } 322561ee011997c6c2f1befbfaa9d5f0a99771c1d63Elliott Hughes 323561ee011997c6c2f1befbfaa9d5f0a99771c1d63Elliott Hughes public boolean[] getKeyUsage() { 324561ee011997c6c2f1befbfaa9d5f0a99771c1d63Elliott Hughes return keyUsage; 325561ee011997c6c2f1befbfaa9d5f0a99771c1d63Elliott Hughes } 326561ee011997c6c2f1befbfaa9d5f0a99771c1d63Elliott Hughes 327561ee011997c6c2f1befbfaa9d5f0a99771c1d63Elliott Hughes public List/*<String>*/ getExtendedKeyUsage() 3288d8858e39800de641b50f6e8e864af9cf68bedeaNarayan Kamath throws CertificateParsingException { 329561ee011997c6c2f1befbfaa9d5f0a99771c1d63Elliott Hughes return extKeyUsage; 330561ee011997c6c2f1befbfaa9d5f0a99771c1d63Elliott Hughes } 331561ee011997c6c2f1befbfaa9d5f0a99771c1d63Elliott Hughes 332561ee011997c6c2f1befbfaa9d5f0a99771c1d63Elliott Hughes public int getBasicConstraints() { 333561ee011997c6c2f1befbfaa9d5f0a99771c1d63Elliott Hughes return pathLen; 334561ee011997c6c2f1befbfaa9d5f0a99771c1d63Elliott Hughes } 335561ee011997c6c2f1befbfaa9d5f0a99771c1d63Elliott Hughes 336561ee011997c6c2f1befbfaa9d5f0a99771c1d63Elliott Hughes public Collection/*<List<?>>*/ getSubjectAlternativeNames() 3378d8858e39800de641b50f6e8e864af9cf68bedeaNarayan Kamath throws CertificateParsingException { 338561ee011997c6c2f1befbfaa9d5f0a99771c1d63Elliott Hughes return sans.getPairsList(); 339561ee011997c6c2f1befbfaa9d5f0a99771c1d63Elliott Hughes } 340e98fbf8686c5289bf03fe5c3de7ff82d3a77104dElliott Hughes 341e98fbf8686c5289bf03fe5c3de7ff82d3a77104dElliott Hughes 342561ee011997c6c2f1befbfaa9d5f0a99771c1d63Elliott Hughes public void verify(PublicKey key) 3438d8858e39800de641b50f6e8e864af9cf68bedeaNarayan Kamath throws CertificateException, NoSuchAlgorithmException, 3448d8858e39800de641b50f6e8e864af9cf68bedeaNarayan Kamath InvalidKeyException, NoSuchProviderException, 3458d8858e39800de641b50f6e8e864af9cf68bedeaNarayan Kamath SignatureException { 346561ee011997c6c2f1befbfaa9d5f0a99771c1d63Elliott Hughes } 347561ee011997c6c2f1befbfaa9d5f0a99771c1d63Elliott Hughes 348561ee011997c6c2f1befbfaa9d5f0a99771c1d63Elliott Hughes public void verify(PublicKey key, 3498d8858e39800de641b50f6e8e864af9cf68bedeaNarayan Kamath String sigProvider) 3508d8858e39800de641b50f6e8e864af9cf68bedeaNarayan Kamath throws CertificateException, NoSuchAlgorithmException, 3518d8858e39800de641b50f6e8e864af9cf68bedeaNarayan Kamath InvalidKeyException, NoSuchProviderException, 3528d8858e39800de641b50f6e8e864af9cf68bedeaNarayan Kamath SignatureException { 353561ee011997c6c2f1befbfaa9d5f0a99771c1d63Elliott Hughes } 354561ee011997c6c2f1befbfaa9d5f0a99771c1d63Elliott Hughes 355561ee011997c6c2f1befbfaa9d5f0a99771c1d63Elliott Hughes public PublicKey getPublicKey() { 356561ee011997c6c2f1befbfaa9d5f0a99771c1d63Elliott Hughes return key; 357561ee011997c6c2f1befbfaa9d5f0a99771c1d63Elliott Hughes } 358561ee011997c6c2f1befbfaa9d5f0a99771c1d63Elliott Hughes 3598d8858e39800de641b50f6e8e864af9cf68bedeaNarayan Kamath public byte[] getEncoded() throws CertificateEncodingException { 360561ee011997c6c2f1befbfaa9d5f0a99771c1d63Elliott Hughes return encoding; 361561ee011997c6c2f1befbfaa9d5f0a99771c1d63Elliott Hughes } 362561ee011997c6c2f1befbfaa9d5f0a99771c1d63Elliott Hughes 363561ee011997c6c2f1befbfaa9d5f0a99771c1d63Elliott Hughes public Set getNonCriticalExtensionOIDs() { 364561ee011997c6c2f1befbfaa9d5f0a99771c1d63Elliott Hughes return null; 365561ee011997c6c2f1befbfaa9d5f0a99771c1d63Elliott Hughes } 366561ee011997c6c2f1befbfaa9d5f0a99771c1d63Elliott Hughes 367561ee011997c6c2f1befbfaa9d5f0a99771c1d63Elliott Hughes public Set getCriticalExtensionOIDs() { 368561ee011997c6c2f1befbfaa9d5f0a99771c1d63Elliott Hughes return null; 369561ee011997c6c2f1befbfaa9d5f0a99771c1d63Elliott Hughes } 370561ee011997c6c2f1befbfaa9d5f0a99771c1d63Elliott Hughes 371561ee011997c6c2f1befbfaa9d5f0a99771c1d63Elliott Hughes public byte[] getExtensionValue(String oid) { 372561ee011997c6c2f1befbfaa9d5f0a99771c1d63Elliott Hughes if (("2.5.29.14".equals(oid)) || ("2.5.29.35".equals(oid))) { 373561ee011997c6c2f1befbfaa9d5f0a99771c1d63Elliott Hughes // Extension value is represented as an OctetString 374561ee011997c6c2f1befbfaa9d5f0a99771c1d63Elliott Hughes return ASN1OctetString.getInstance().encode(keyIdentifier); 375561ee011997c6c2f1befbfaa9d5f0a99771c1d63Elliott Hughes } 376561ee011997c6c2f1befbfaa9d5f0a99771c1d63Elliott Hughes if ("2.5.29.16".equals(oid)) { 377e98fbf8686c5289bf03fe5c3de7ff82d3a77104dElliott Hughes PrivateKeyUsagePeriod pkup = 3788d8858e39800de641b50f6e8e864af9cf68bedeaNarayan Kamath new PrivateKeyUsagePeriod(notBefore, notAfter); 379561ee011997c6c2f1befbfaa9d5f0a99771c1d63Elliott Hughes byte[] encoded = pkup.getEncoded(); 380561ee011997c6c2f1befbfaa9d5f0a99771c1d63Elliott Hughes return ASN1OctetString.getInstance().encode(encoded); 381561ee011997c6c2f1befbfaa9d5f0a99771c1d63Elliott Hughes } 382561ee011997c6c2f1befbfaa9d5f0a99771c1d63Elliott Hughes if (("2.5.29.37".equals(oid)) && (extKeyUsage != null)) { 383561ee011997c6c2f1befbfaa9d5f0a99771c1d63Elliott Hughes ASN1Oid[] oa = new ASN1Oid[extKeyUsage.size()]; 384561ee011997c6c2f1befbfaa9d5f0a99771c1d63Elliott Hughes String[] val = new String[extKeyUsage.size()]; 385561ee011997c6c2f1befbfaa9d5f0a99771c1d63Elliott Hughes Iterator it = extKeyUsage.iterator(); 386561ee011997c6c2f1befbfaa9d5f0a99771c1d63Elliott Hughes int id = 0; 387561ee011997c6c2f1befbfaa9d5f0a99771c1d63Elliott Hughes while (it.hasNext()) { 388561ee011997c6c2f1befbfaa9d5f0a99771c1d63Elliott Hughes oa[id] = ASN1Oid.getInstanceForString(); 389561ee011997c6c2f1befbfaa9d5f0a99771c1d63Elliott Hughes val[id++] = (String) it.next(); 390561ee011997c6c2f1befbfaa9d5f0a99771c1d63Elliott Hughes } 391561ee011997c6c2f1befbfaa9d5f0a99771c1d63Elliott Hughes return ASN1OctetString.getInstance().encode( 3928d8858e39800de641b50f6e8e864af9cf68bedeaNarayan Kamath new ASN1Sequence(oa).encode(val)); 393561ee011997c6c2f1befbfaa9d5f0a99771c1d63Elliott Hughes } 394561ee011997c6c2f1befbfaa9d5f0a99771c1d63Elliott Hughes if ("2.5.29.19".equals(oid)) { 395561ee011997c6c2f1befbfaa9d5f0a99771c1d63Elliott Hughes return ASN1OctetString.getInstance().encode( 3968d8858e39800de641b50f6e8e864af9cf68bedeaNarayan Kamath new ASN1Sequence( 3978d8858e39800de641b50f6e8e864af9cf68bedeaNarayan Kamath new ASN1Type[] { 3988d8858e39800de641b50f6e8e864af9cf68bedeaNarayan Kamath ASN1Boolean.getInstance(), 3998d8858e39800de641b50f6e8e864af9cf68bedeaNarayan Kamath ASN1Integer.getInstance() 4008d8858e39800de641b50f6e8e864af9cf68bedeaNarayan Kamath }).encode( 4018d8858e39800de641b50f6e8e864af9cf68bedeaNarayan Kamath new Object[] { 4028d8858e39800de641b50f6e8e864af9cf68bedeaNarayan Kamath new Boolean(pathLen != -1), 4038d8858e39800de641b50f6e8e864af9cf68bedeaNarayan Kamath BigInteger.valueOf(pathLen). 4048d8858e39800de641b50f6e8e864af9cf68bedeaNarayan Kamath toByteArray() 4058d8858e39800de641b50f6e8e864af9cf68bedeaNarayan Kamath }) 4068d8858e39800de641b50f6e8e864af9cf68bedeaNarayan Kamath ); 407561ee011997c6c2f1befbfaa9d5f0a99771c1d63Elliott Hughes } 408561ee011997c6c2f1befbfaa9d5f0a99771c1d63Elliott Hughes if ("2.5.29.17".equals(oid) && (sans != null)) { 409561ee011997c6c2f1befbfaa9d5f0a99771c1d63Elliott Hughes if (sans.getNames() == null) { 410561ee011997c6c2f1befbfaa9d5f0a99771c1d63Elliott Hughes return null; 411561ee011997c6c2f1befbfaa9d5f0a99771c1d63Elliott Hughes } 412561ee011997c6c2f1befbfaa9d5f0a99771c1d63Elliott Hughes return ASN1OctetString.getInstance().encode( 4138d8858e39800de641b50f6e8e864af9cf68bedeaNarayan Kamath GeneralNames.ASN1.encode(sans)); 414561ee011997c6c2f1befbfaa9d5f0a99771c1d63Elliott Hughes } 415e98fbf8686c5289bf03fe5c3de7ff82d3a77104dElliott Hughes if ("2.5.29.32".equals(oid) && (policies != null) 4168d8858e39800de641b50f6e8e864af9cf68bedeaNarayan Kamath && (policies.length > 0)) { 417561ee011997c6c2f1befbfaa9d5f0a99771c1d63Elliott Hughes // Certificate Policies Extension (as specified in rfc 3280) 418e98fbf8686c5289bf03fe5c3de7ff82d3a77104dElliott Hughes CertificatePolicies certificatePolicies = 4198d8858e39800de641b50f6e8e864af9cf68bedeaNarayan Kamath new CertificatePolicies(); 4208d8858e39800de641b50f6e8e864af9cf68bedeaNarayan Kamath for (int i = 0; i < policies.length; i++) { 421561ee011997c6c2f1befbfaa9d5f0a99771c1d63Elliott Hughes PolicyInformation policyInformation = 4228d8858e39800de641b50f6e8e864af9cf68bedeaNarayan Kamath new PolicyInformation(policies[i]); 423561ee011997c6c2f1befbfaa9d5f0a99771c1d63Elliott Hughes certificatePolicies.addPolicyInformation(policyInformation); 424561ee011997c6c2f1befbfaa9d5f0a99771c1d63Elliott Hughes } 425561ee011997c6c2f1befbfaa9d5f0a99771c1d63Elliott Hughes return ASN1OctetString.getInstance().encode( 4268d8858e39800de641b50f6e8e864af9cf68bedeaNarayan Kamath certificatePolicies.getEncoded()); 427561ee011997c6c2f1befbfaa9d5f0a99771c1d63Elliott Hughes } 428561ee011997c6c2f1befbfaa9d5f0a99771c1d63Elliott Hughes if ("2.5.29.30".equals(oid) && (nameConstraints != null)) { 429561ee011997c6c2f1befbfaa9d5f0a99771c1d63Elliott Hughes // Name Constraints Extension (as specified in rfc 3280) 430561ee011997c6c2f1befbfaa9d5f0a99771c1d63Elliott Hughes return ASN1OctetString.getInstance().encode( 4318d8858e39800de641b50f6e8e864af9cf68bedeaNarayan Kamath nameConstraints.getEncoded()); 432561ee011997c6c2f1befbfaa9d5f0a99771c1d63Elliott Hughes } 433561ee011997c6c2f1befbfaa9d5f0a99771c1d63Elliott Hughes return null; 434561ee011997c6c2f1befbfaa9d5f0a99771c1d63Elliott Hughes } 435561ee011997c6c2f1befbfaa9d5f0a99771c1d63Elliott Hughes 436561ee011997c6c2f1befbfaa9d5f0a99771c1d63Elliott Hughes public boolean hasUnsupportedCriticalExtension() { 437561ee011997c6c2f1befbfaa9d5f0a99771c1d63Elliott Hughes return false; 438561ee011997c6c2f1befbfaa9d5f0a99771c1d63Elliott Hughes } 439561ee011997c6c2f1befbfaa9d5f0a99771c1d63Elliott Hughes } 440561ee011997c6c2f1befbfaa9d5f0a99771c1d63Elliott Hughes 441561ee011997c6c2f1befbfaa9d5f0a99771c1d63Elliott Hughes /* ********************************************************************** */ 442561ee011997c6c2f1befbfaa9d5f0a99771c1d63Elliott Hughes /* ************************* Test implementation ************************ */ 443561ee011997c6c2f1befbfaa9d5f0a99771c1d63Elliott Hughes /* ********************************************************************** */ 444e98fbf8686c5289bf03fe5c3de7ff82d3a77104dElliott Hughes 445561ee011997c6c2f1befbfaa9d5f0a99771c1d63Elliott Hughes /** 446561ee011997c6c2f1befbfaa9d5f0a99771c1d63Elliott Hughes * setCertificate(X509Certificate certificate) method testing. 447561ee011997c6c2f1befbfaa9d5f0a99771c1d63Elliott Hughes * Tests if any certificates match in the case of null criteria, 448561ee011997c6c2f1befbfaa9d5f0a99771c1d63Elliott Hughes * if [not]proper certificates [do not]match 449561ee011997c6c2f1befbfaa9d5f0a99771c1d63Elliott Hughes */ 450561ee011997c6c2f1befbfaa9d5f0a99771c1d63Elliott Hughes public void testSetCertificate() { 451561ee011997c6c2f1befbfaa9d5f0a99771c1d63Elliott Hughes TestCert cert_1 = new TestCert("same certificate"); 452561ee011997c6c2f1befbfaa9d5f0a99771c1d63Elliott Hughes TestCert cert_2 = new TestCert("other certificate"); 453561ee011997c6c2f1befbfaa9d5f0a99771c1d63Elliott Hughes X509CertSelector selector = new X509CertSelector(); 454561ee011997c6c2f1befbfaa9d5f0a99771c1d63Elliott Hughes 455561ee011997c6c2f1befbfaa9d5f0a99771c1d63Elliott Hughes selector.setCertificate(null); 456561ee011997c6c2f1befbfaa9d5f0a99771c1d63Elliott Hughes assertTrue("Any certificates should match in the case of null " 4578d8858e39800de641b50f6e8e864af9cf68bedeaNarayan Kamath + "certificateEquals criteria.", 4588d8858e39800de641b50f6e8e864af9cf68bedeaNarayan Kamath selector.match(cert_1) && selector.match(cert_2)); 459561ee011997c6c2f1befbfaa9d5f0a99771c1d63Elliott Hughes selector.setCertificate(cert_1); 460561ee011997c6c2f1befbfaa9d5f0a99771c1d63Elliott Hughes assertTrue("The certificate should match the selection criteria.", 4618d8858e39800de641b50f6e8e864af9cf68bedeaNarayan Kamath selector.match(cert_1)); 462561ee011997c6c2f1befbfaa9d5f0a99771c1d63Elliott Hughes assertFalse("The certificate should not match the selection criteria.", 4638d8858e39800de641b50f6e8e864af9cf68bedeaNarayan Kamath selector.match(cert_2)); 464561ee011997c6c2f1befbfaa9d5f0a99771c1d63Elliott Hughes selector.setCertificate(cert_2); 465561ee011997c6c2f1befbfaa9d5f0a99771c1d63Elliott Hughes assertTrue("The certificate should match the selection criteria.", 4668d8858e39800de641b50f6e8e864af9cf68bedeaNarayan Kamath selector.match(cert_2)); 467561ee011997c6c2f1befbfaa9d5f0a99771c1d63Elliott Hughes } 468561ee011997c6c2f1befbfaa9d5f0a99771c1d63Elliott Hughes 469561ee011997c6c2f1befbfaa9d5f0a99771c1d63Elliott Hughes /** 470561ee011997c6c2f1befbfaa9d5f0a99771c1d63Elliott Hughes * getCertificate() method testing. 471561ee011997c6c2f1befbfaa9d5f0a99771c1d63Elliott Hughes * Tests if the method return null in the case of not specified criteria, 472e98fbf8686c5289bf03fe5c3de7ff82d3a77104dElliott Hughes * if the returned value [does not]corresponds to [not]specified 473561ee011997c6c2f1befbfaa9d5f0a99771c1d63Elliott Hughes */ 474561ee011997c6c2f1befbfaa9d5f0a99771c1d63Elliott Hughes public void testGetCertificate() { 475561ee011997c6c2f1befbfaa9d5f0a99771c1d63Elliott Hughes TestCert cert_1 = new TestCert("same certificate"); 476561ee011997c6c2f1befbfaa9d5f0a99771c1d63Elliott Hughes TestCert cert_2 = new TestCert("other certificate"); 477561ee011997c6c2f1befbfaa9d5f0a99771c1d63Elliott Hughes X509CertSelector selector = new X509CertSelector(); 478561ee011997c6c2f1befbfaa9d5f0a99771c1d63Elliott Hughes 479561ee011997c6c2f1befbfaa9d5f0a99771c1d63Elliott Hughes assertNull("Selector should return null", selector.getCertificate()); 480561ee011997c6c2f1befbfaa9d5f0a99771c1d63Elliott Hughes selector.setCertificate(cert_1); 481561ee011997c6c2f1befbfaa9d5f0a99771c1d63Elliott Hughes assertEquals("The returned certificate should be equal to specified", 4828d8858e39800de641b50f6e8e864af9cf68bedeaNarayan Kamath cert_1, selector.getCertificate()); 483561ee011997c6c2f1befbfaa9d5f0a99771c1d63Elliott Hughes assertFalse("The returned certificate should differ", 4848d8858e39800de641b50f6e8e864af9cf68bedeaNarayan Kamath cert_2.equals(selector.getCertificate())); 485561ee011997c6c2f1befbfaa9d5f0a99771c1d63Elliott Hughes } 486561ee011997c6c2f1befbfaa9d5f0a99771c1d63Elliott Hughes 487561ee011997c6c2f1befbfaa9d5f0a99771c1d63Elliott Hughes /** 488561ee011997c6c2f1befbfaa9d5f0a99771c1d63Elliott Hughes * setSerialNumber(BigInteger serial) method testing. 489561ee011997c6c2f1befbfaa9d5f0a99771c1d63Elliott Hughes * Tests if any certificates match in the case of null criteria, 490561ee011997c6c2f1befbfaa9d5f0a99771c1d63Elliott Hughes * if [not]proper certificates [do not]match 491561ee011997c6c2f1befbfaa9d5f0a99771c1d63Elliott Hughes */ 492561ee011997c6c2f1befbfaa9d5f0a99771c1d63Elliott Hughes public void testSetSerialNumber() { 493561ee011997c6c2f1befbfaa9d5f0a99771c1d63Elliott Hughes BigInteger ser1 = new BigInteger("10000"); 494561ee011997c6c2f1befbfaa9d5f0a99771c1d63Elliott Hughes BigInteger ser2 = new BigInteger("10001"); 495561ee011997c6c2f1befbfaa9d5f0a99771c1d63Elliott Hughes TestCert cert_1 = new TestCert(ser1); 496561ee011997c6c2f1befbfaa9d5f0a99771c1d63Elliott Hughes TestCert cert_2 = new TestCert(ser2); 497561ee011997c6c2f1befbfaa9d5f0a99771c1d63Elliott Hughes X509CertSelector selector = new X509CertSelector(); 498561ee011997c6c2f1befbfaa9d5f0a99771c1d63Elliott Hughes 499561ee011997c6c2f1befbfaa9d5f0a99771c1d63Elliott Hughes selector.setSerialNumber(null); 500561ee011997c6c2f1befbfaa9d5f0a99771c1d63Elliott Hughes assertTrue("Any certificate should match in the case of null " 5018d8858e39800de641b50f6e8e864af9cf68bedeaNarayan Kamath + "serialNumber criteria.", 5028d8858e39800de641b50f6e8e864af9cf68bedeaNarayan Kamath selector.match(cert_1) && selector.match(cert_2)); 503561ee011997c6c2f1befbfaa9d5f0a99771c1d63Elliott Hughes selector.setSerialNumber(ser1); 504561ee011997c6c2f1befbfaa9d5f0a99771c1d63Elliott Hughes assertTrue("The certificate should match the selection criteria.", 5058d8858e39800de641b50f6e8e864af9cf68bedeaNarayan Kamath selector.match(cert_1)); 506561ee011997c6c2f1befbfaa9d5f0a99771c1d63Elliott Hughes assertFalse("The certificate should not match the selection criteria.", 5078d8858e39800de641b50f6e8e864af9cf68bedeaNarayan Kamath selector.match(cert_2)); 508561ee011997c6c2f1befbfaa9d5f0a99771c1d63Elliott Hughes selector.setSerialNumber(ser2); 509561ee011997c6c2f1befbfaa9d5f0a99771c1d63Elliott Hughes assertTrue("The certificate should match the selection criteria.", 5108d8858e39800de641b50f6e8e864af9cf68bedeaNarayan Kamath selector.match(cert_2)); 511561ee011997c6c2f1befbfaa9d5f0a99771c1d63Elliott Hughes } 512561ee011997c6c2f1befbfaa9d5f0a99771c1d63Elliott Hughes 513561ee011997c6c2f1befbfaa9d5f0a99771c1d63Elliott Hughes /** 514561ee011997c6c2f1befbfaa9d5f0a99771c1d63Elliott Hughes * getSerialNumber() method testing. 515561ee011997c6c2f1befbfaa9d5f0a99771c1d63Elliott Hughes * Tests if the method return null in the case of not specified criteria, 516e98fbf8686c5289bf03fe5c3de7ff82d3a77104dElliott Hughes * if the returned value [does not]corresponds to [not]specified 517561ee011997c6c2f1befbfaa9d5f0a99771c1d63Elliott Hughes */ 518561ee011997c6c2f1befbfaa9d5f0a99771c1d63Elliott Hughes public void testGetSerialNumber() { 519561ee011997c6c2f1befbfaa9d5f0a99771c1d63Elliott Hughes BigInteger ser1 = new BigInteger("10000"); 520561ee011997c6c2f1befbfaa9d5f0a99771c1d63Elliott Hughes BigInteger ser2 = new BigInteger("10001"); 521561ee011997c6c2f1befbfaa9d5f0a99771c1d63Elliott Hughes X509CertSelector selector = new X509CertSelector(); 522561ee011997c6c2f1befbfaa9d5f0a99771c1d63Elliott Hughes 523561ee011997c6c2f1befbfaa9d5f0a99771c1d63Elliott Hughes assertNull("Selector should return null", selector.getSerialNumber()); 524561ee011997c6c2f1befbfaa9d5f0a99771c1d63Elliott Hughes selector.setSerialNumber(ser1); 525561ee011997c6c2f1befbfaa9d5f0a99771c1d63Elliott Hughes assertEquals("The returned serial number should be equal to specified", 5268d8858e39800de641b50f6e8e864af9cf68bedeaNarayan Kamath ser1, selector.getSerialNumber()); 527561ee011997c6c2f1befbfaa9d5f0a99771c1d63Elliott Hughes assertFalse("The returned serial number should differ", 5288d8858e39800de641b50f6e8e864af9cf68bedeaNarayan Kamath ser2.equals(selector.getSerialNumber())); 529561ee011997c6c2f1befbfaa9d5f0a99771c1d63Elliott Hughes } 530561ee011997c6c2f1befbfaa9d5f0a99771c1d63Elliott Hughes 531561ee011997c6c2f1befbfaa9d5f0a99771c1d63Elliott Hughes /** 532561ee011997c6c2f1befbfaa9d5f0a99771c1d63Elliott Hughes * setIssuer(X500Principal issuer) method testing. 533561ee011997c6c2f1befbfaa9d5f0a99771c1d63Elliott Hughes * Tests if any certificates match in the case of null criteria, 534561ee011997c6c2f1befbfaa9d5f0a99771c1d63Elliott Hughes * if [not]proper certificates [do not]match 535561ee011997c6c2f1befbfaa9d5f0a99771c1d63Elliott Hughes */ 536561ee011997c6c2f1befbfaa9d5f0a99771c1d63Elliott Hughes public void testSetIssuer1() { 537561ee011997c6c2f1befbfaa9d5f0a99771c1d63Elliott Hughes X500Principal iss1 = new X500Principal("O=First Org."); 538561ee011997c6c2f1befbfaa9d5f0a99771c1d63Elliott Hughes X500Principal iss2 = new X500Principal("O=Second Org."); 539561ee011997c6c2f1befbfaa9d5f0a99771c1d63Elliott Hughes TestCert cert_1 = new TestCert(iss1); 540561ee011997c6c2f1befbfaa9d5f0a99771c1d63Elliott Hughes TestCert cert_2 = new TestCert(iss2); 541561ee011997c6c2f1befbfaa9d5f0a99771c1d63Elliott Hughes X509CertSelector selector = new X509CertSelector(); 542561ee011997c6c2f1befbfaa9d5f0a99771c1d63Elliott Hughes 543561ee011997c6c2f1befbfaa9d5f0a99771c1d63Elliott Hughes selector.setIssuer((X500Principal) null); 544561ee011997c6c2f1befbfaa9d5f0a99771c1d63Elliott Hughes assertTrue("Any certificates should match " 5458d8858e39800de641b50f6e8e864af9cf68bedeaNarayan Kamath + "in the case of null issuer criteria.", 5468d8858e39800de641b50f6e8e864af9cf68bedeaNarayan Kamath selector.match(cert_1) && selector.match(cert_2)); 547561ee011997c6c2f1befbfaa9d5f0a99771c1d63Elliott Hughes selector.setIssuer(iss1); 548561ee011997c6c2f1befbfaa9d5f0a99771c1d63Elliott Hughes assertTrue("The certificate should match the selection criteria.", 5498d8858e39800de641b50f6e8e864af9cf68bedeaNarayan Kamath selector.match(cert_1)); 550561ee011997c6c2f1befbfaa9d5f0a99771c1d63Elliott Hughes assertFalse("The certificate should not match the selection criteria.", 5518d8858e39800de641b50f6e8e864af9cf68bedeaNarayan Kamath selector.match(cert_2)); 552561ee011997c6c2f1befbfaa9d5f0a99771c1d63Elliott Hughes selector.setIssuer(iss2); 553561ee011997c6c2f1befbfaa9d5f0a99771c1d63Elliott Hughes assertTrue("The certificate should match the selection criteria.", 5548d8858e39800de641b50f6e8e864af9cf68bedeaNarayan Kamath selector.match(cert_2)); 555561ee011997c6c2f1befbfaa9d5f0a99771c1d63Elliott Hughes } 556561ee011997c6c2f1befbfaa9d5f0a99771c1d63Elliott Hughes 557561ee011997c6c2f1befbfaa9d5f0a99771c1d63Elliott Hughes /** 558561ee011997c6c2f1befbfaa9d5f0a99771c1d63Elliott Hughes * getIssuer() method testing. 559561ee011997c6c2f1befbfaa9d5f0a99771c1d63Elliott Hughes * Tests if the method return null in the case of not specified criteria, 560e98fbf8686c5289bf03fe5c3de7ff82d3a77104dElliott Hughes * if the returned value [does not]corresponds to [not]specified 561561ee011997c6c2f1befbfaa9d5f0a99771c1d63Elliott Hughes */ 562561ee011997c6c2f1befbfaa9d5f0a99771c1d63Elliott Hughes public void testGetIssuer() { 563561ee011997c6c2f1befbfaa9d5f0a99771c1d63Elliott Hughes X500Principal iss1 = new X500Principal("O=First Org."); 564561ee011997c6c2f1befbfaa9d5f0a99771c1d63Elliott Hughes X500Principal iss2 = new X500Principal("O=Second Org."); 565561ee011997c6c2f1befbfaa9d5f0a99771c1d63Elliott Hughes X509CertSelector selector = new X509CertSelector(); 566561ee011997c6c2f1befbfaa9d5f0a99771c1d63Elliott Hughes 567561ee011997c6c2f1befbfaa9d5f0a99771c1d63Elliott Hughes assertNull("Selector should return null", selector.getIssuer()); 568561ee011997c6c2f1befbfaa9d5f0a99771c1d63Elliott Hughes selector.setIssuer(iss1); 569561ee011997c6c2f1befbfaa9d5f0a99771c1d63Elliott Hughes assertEquals("The returned issuer should be equal to specified", 5708d8858e39800de641b50f6e8e864af9cf68bedeaNarayan Kamath iss1, selector.getIssuer()); 571561ee011997c6c2f1befbfaa9d5f0a99771c1d63Elliott Hughes assertFalse("The returned issuer should differ", 5728d8858e39800de641b50f6e8e864af9cf68bedeaNarayan Kamath iss2.equals(selector.getIssuer())); 573561ee011997c6c2f1befbfaa9d5f0a99771c1d63Elliott Hughes } 574561ee011997c6c2f1befbfaa9d5f0a99771c1d63Elliott Hughes 575561ee011997c6c2f1befbfaa9d5f0a99771c1d63Elliott Hughes /** 576561ee011997c6c2f1befbfaa9d5f0a99771c1d63Elliott Hughes * setIssuer(String issuerDN) method testing. 577561ee011997c6c2f1befbfaa9d5f0a99771c1d63Elliott Hughes * Tests if any certificates match in the case of null criteria, 578561ee011997c6c2f1befbfaa9d5f0a99771c1d63Elliott Hughes * if [not]proper certificates [do not]match 579561ee011997c6c2f1befbfaa9d5f0a99771c1d63Elliott Hughes */ 580561ee011997c6c2f1befbfaa9d5f0a99771c1d63Elliott Hughes public void testSetIssuer2() throws IOException { 581561ee011997c6c2f1befbfaa9d5f0a99771c1d63Elliott Hughes String name1 = "O=First Org."; 582561ee011997c6c2f1befbfaa9d5f0a99771c1d63Elliott Hughes String name2 = "O=Second Org."; 583561ee011997c6c2f1befbfaa9d5f0a99771c1d63Elliott Hughes X500Principal iss1 = new X500Principal(name1); 584561ee011997c6c2f1befbfaa9d5f0a99771c1d63Elliott Hughes X500Principal iss2 = new X500Principal(name2); 585561ee011997c6c2f1befbfaa9d5f0a99771c1d63Elliott Hughes TestCert cert_1 = new TestCert(iss1); 586561ee011997c6c2f1befbfaa9d5f0a99771c1d63Elliott Hughes TestCert cert_2 = new TestCert(iss2); 587561ee011997c6c2f1befbfaa9d5f0a99771c1d63Elliott Hughes X509CertSelector selector = new X509CertSelector(); 588561ee011997c6c2f1befbfaa9d5f0a99771c1d63Elliott Hughes 589561ee011997c6c2f1befbfaa9d5f0a99771c1d63Elliott Hughes selector.setIssuer((String) null); 590561ee011997c6c2f1befbfaa9d5f0a99771c1d63Elliott Hughes assertTrue( 591561ee011997c6c2f1befbfaa9d5f0a99771c1d63Elliott Hughes "Any certificates should match in the case of null issuer criteria.", 592561ee011997c6c2f1befbfaa9d5f0a99771c1d63Elliott Hughes selector.match(cert_1) && selector.match(cert_2)); 593561ee011997c6c2f1befbfaa9d5f0a99771c1d63Elliott Hughes 594561ee011997c6c2f1befbfaa9d5f0a99771c1d63Elliott Hughes selector.setIssuer(name1); 595561ee011997c6c2f1befbfaa9d5f0a99771c1d63Elliott Hughes assertTrue("The certificate should match the selection criteria.", 596561ee011997c6c2f1befbfaa9d5f0a99771c1d63Elliott Hughes selector.match(cert_1)); 597561ee011997c6c2f1befbfaa9d5f0a99771c1d63Elliott Hughes assertFalse("The certificate should not match the selection criteria.", 598561ee011997c6c2f1befbfaa9d5f0a99771c1d63Elliott Hughes selector.match(cert_2)); 599561ee011997c6c2f1befbfaa9d5f0a99771c1d63Elliott Hughes selector.setIssuer(name2); 600561ee011997c6c2f1befbfaa9d5f0a99771c1d63Elliott Hughes assertTrue("The certificate should match the selection criteria.", 601561ee011997c6c2f1befbfaa9d5f0a99771c1d63Elliott Hughes selector.match(cert_2)); 602561ee011997c6c2f1befbfaa9d5f0a99771c1d63Elliott Hughes } 603561ee011997c6c2f1befbfaa9d5f0a99771c1d63Elliott Hughes 604561ee011997c6c2f1befbfaa9d5f0a99771c1d63Elliott Hughes /** 605561ee011997c6c2f1befbfaa9d5f0a99771c1d63Elliott Hughes * getIssuerAsString() method testing. 606561ee011997c6c2f1befbfaa9d5f0a99771c1d63Elliott Hughes * Tests if the method return null in the case of not specified criteria, 607e98fbf8686c5289bf03fe5c3de7ff82d3a77104dElliott Hughes * if the returned value [does not]corresponds to [not]specified 608561ee011997c6c2f1befbfaa9d5f0a99771c1d63Elliott Hughes */ 609561ee011997c6c2f1befbfaa9d5f0a99771c1d63Elliott Hughes public void testGetIssuerAsString() { 610561ee011997c6c2f1befbfaa9d5f0a99771c1d63Elliott Hughes String name1 = "O=First Org."; 611561ee011997c6c2f1befbfaa9d5f0a99771c1d63Elliott Hughes String name2 = "O=Second Org."; 612561ee011997c6c2f1befbfaa9d5f0a99771c1d63Elliott Hughes X500Principal iss1 = new X500Principal(name1); 613561ee011997c6c2f1befbfaa9d5f0a99771c1d63Elliott Hughes X500Principal iss2 = new X500Principal(name2); 614561ee011997c6c2f1befbfaa9d5f0a99771c1d63Elliott Hughes X509CertSelector selector = new X509CertSelector(); 615561ee011997c6c2f1befbfaa9d5f0a99771c1d63Elliott Hughes 616561ee011997c6c2f1befbfaa9d5f0a99771c1d63Elliott Hughes assertNull("Selector should return null", selector.getIssuerAsString()); 617561ee011997c6c2f1befbfaa9d5f0a99771c1d63Elliott Hughes selector.setIssuer(iss1); 618561ee011997c6c2f1befbfaa9d5f0a99771c1d63Elliott Hughes assertEquals("The returned issuer should be equal to specified", 6198d8858e39800de641b50f6e8e864af9cf68bedeaNarayan Kamath new X500Principal(name1), 6208d8858e39800de641b50f6e8e864af9cf68bedeaNarayan Kamath new X500Principal(selector.getIssuerAsString())); 621561ee011997c6c2f1befbfaa9d5f0a99771c1d63Elliott Hughes assertFalse("The returned issuer should differ", 6228d8858e39800de641b50f6e8e864af9cf68bedeaNarayan Kamath new X500Principal(name2).equals( 6238d8858e39800de641b50f6e8e864af9cf68bedeaNarayan Kamath new X500Principal(selector.getIssuerAsString()))); 624561ee011997c6c2f1befbfaa9d5f0a99771c1d63Elliott Hughes selector.setIssuer(iss2); 625561ee011997c6c2f1befbfaa9d5f0a99771c1d63Elliott Hughes assertEquals("The returned issuer should be equal to specified", 6268d8858e39800de641b50f6e8e864af9cf68bedeaNarayan Kamath new X500Principal(name2), 6278d8858e39800de641b50f6e8e864af9cf68bedeaNarayan Kamath new X500Principal(selector.getIssuerAsString())); 628561ee011997c6c2f1befbfaa9d5f0a99771c1d63Elliott Hughes } 629561ee011997c6c2f1befbfaa9d5f0a99771c1d63Elliott Hughes 630561ee011997c6c2f1befbfaa9d5f0a99771c1d63Elliott Hughes /** 631561ee011997c6c2f1befbfaa9d5f0a99771c1d63Elliott Hughes * setIssuer(byte[] issuerDN) method testing. 632561ee011997c6c2f1befbfaa9d5f0a99771c1d63Elliott Hughes * Tests if any certificates match in the case of null criteria, 633561ee011997c6c2f1befbfaa9d5f0a99771c1d63Elliott Hughes * if [not]proper certificates [do not]match 634561ee011997c6c2f1befbfaa9d5f0a99771c1d63Elliott Hughes */ 635561ee011997c6c2f1befbfaa9d5f0a99771c1d63Elliott Hughes public void testSetIssuer3() throws IOException { 636561ee011997c6c2f1befbfaa9d5f0a99771c1d63Elliott Hughes byte[] name1 = new byte[] 6378d8858e39800de641b50f6e8e864af9cf68bedeaNarayan Kamath //manually obtained DER encoding of "O=First Org." issuer name; 6388d8858e39800de641b50f6e8e864af9cf68bedeaNarayan Kamath { 48, 21, 49, 19, 48, 17, 6, 3, 85, 4, 10, 19, 10, 6398d8858e39800de641b50f6e8e864af9cf68bedeaNarayan Kamath 70, 105, 114, 115, 116, 32, 79, 114, 103, 46 }; 640561ee011997c6c2f1befbfaa9d5f0a99771c1d63Elliott Hughes byte[] name2 = new byte[] 6418d8858e39800de641b50f6e8e864af9cf68bedeaNarayan Kamath //manually obtained DER encoding of "O=Second Org." issuer name; 6428d8858e39800de641b50f6e8e864af9cf68bedeaNarayan Kamath { 48, 22, 49, 20, 48, 18, 6, 3, 85, 4, 10, 19, 11, 6438d8858e39800de641b50f6e8e864af9cf68bedeaNarayan Kamath 83, 101, 99, 111, 110, 100, 32, 79, 114, 103, 46 }; 644561ee011997c6c2f1befbfaa9d5f0a99771c1d63Elliott Hughes X500Principal iss1 = new X500Principal(name1); 645561ee011997c6c2f1befbfaa9d5f0a99771c1d63Elliott Hughes X500Principal iss2 = new X500Principal(name2); 646561ee011997c6c2f1befbfaa9d5f0a99771c1d63Elliott Hughes TestCert cert_1 = new TestCert(iss1); 647561ee011997c6c2f1befbfaa9d5f0a99771c1d63Elliott Hughes TestCert cert_2 = new TestCert(iss2); 648561ee011997c6c2f1befbfaa9d5f0a99771c1d63Elliott Hughes X509CertSelector selector = new X509CertSelector(); 649561ee011997c6c2f1befbfaa9d5f0a99771c1d63Elliott Hughes 650561ee011997c6c2f1befbfaa9d5f0a99771c1d63Elliott Hughes selector.setIssuer((byte[]) null); 651561ee011997c6c2f1befbfaa9d5f0a99771c1d63Elliott Hughes assertTrue( 652561ee011997c6c2f1befbfaa9d5f0a99771c1d63Elliott Hughes "Any certificates should match in the case of null issuer criteria.", 653561ee011997c6c2f1befbfaa9d5f0a99771c1d63Elliott Hughes selector.match(cert_1) && selector.match(cert_2)); 654561ee011997c6c2f1befbfaa9d5f0a99771c1d63Elliott Hughes 655561ee011997c6c2f1befbfaa9d5f0a99771c1d63Elliott Hughes selector.setIssuer(name1); 656561ee011997c6c2f1befbfaa9d5f0a99771c1d63Elliott Hughes assertTrue("The certificate should match the selection criteria.", 657561ee011997c6c2f1befbfaa9d5f0a99771c1d63Elliott Hughes selector.match(cert_1)); 658561ee011997c6c2f1befbfaa9d5f0a99771c1d63Elliott Hughes assertFalse("The certificate should not match the selection criteria.", 659561ee011997c6c2f1befbfaa9d5f0a99771c1d63Elliott Hughes selector.match(cert_2)); 660561ee011997c6c2f1befbfaa9d5f0a99771c1d63Elliott Hughes selector.setIssuer(name2); 661561ee011997c6c2f1befbfaa9d5f0a99771c1d63Elliott Hughes assertTrue("The certificate should match the selection criteria.", 662561ee011997c6c2f1befbfaa9d5f0a99771c1d63Elliott Hughes selector.match(cert_2)); 663561ee011997c6c2f1befbfaa9d5f0a99771c1d63Elliott Hughes } 664561ee011997c6c2f1befbfaa9d5f0a99771c1d63Elliott Hughes 665561ee011997c6c2f1befbfaa9d5f0a99771c1d63Elliott Hughes /** 666561ee011997c6c2f1befbfaa9d5f0a99771c1d63Elliott Hughes * getIssuerAsBytes() method testing. 667561ee011997c6c2f1befbfaa9d5f0a99771c1d63Elliott Hughes * Tests if the method return null in the case of not specified criteria, 668e98fbf8686c5289bf03fe5c3de7ff82d3a77104dElliott Hughes * if the returned value [does not]corresponds to [not]specified 669561ee011997c6c2f1befbfaa9d5f0a99771c1d63Elliott Hughes */ 670561ee011997c6c2f1befbfaa9d5f0a99771c1d63Elliott Hughes public void testGetIssuerAsBytes() throws IOException { 671561ee011997c6c2f1befbfaa9d5f0a99771c1d63Elliott Hughes byte[] name1 = new byte[] 6728d8858e39800de641b50f6e8e864af9cf68bedeaNarayan Kamath //manually obtained DER encoding of "O=First Org." issuer name; 6738d8858e39800de641b50f6e8e864af9cf68bedeaNarayan Kamath { 48, 21, 49, 19, 48, 17, 6, 3, 85, 4, 10, 19, 10, 6748d8858e39800de641b50f6e8e864af9cf68bedeaNarayan Kamath 70, 105, 114, 115, 116, 32, 79, 114, 103, 46 }; 675561ee011997c6c2f1befbfaa9d5f0a99771c1d63Elliott Hughes byte[] name2 = new byte[] 6768d8858e39800de641b50f6e8e864af9cf68bedeaNarayan Kamath //manually obtained DER encoding of "O=Second Org." issuer name; 6778d8858e39800de641b50f6e8e864af9cf68bedeaNarayan Kamath { 48, 22, 49, 20, 48, 18, 6, 3, 85, 4, 10, 19, 11, 6788d8858e39800de641b50f6e8e864af9cf68bedeaNarayan Kamath 83, 101, 99, 111, 110, 100, 32, 79, 114, 103, 46 }; 679561ee011997c6c2f1befbfaa9d5f0a99771c1d63Elliott Hughes X500Principal iss1 = new X500Principal(name1); 680561ee011997c6c2f1befbfaa9d5f0a99771c1d63Elliott Hughes X500Principal iss2 = new X500Principal(name2); 681561ee011997c6c2f1befbfaa9d5f0a99771c1d63Elliott Hughes X509CertSelector selector = new X509CertSelector(); 682561ee011997c6c2f1befbfaa9d5f0a99771c1d63Elliott Hughes 683561ee011997c6c2f1befbfaa9d5f0a99771c1d63Elliott Hughes assertNull("Selector should return null", selector.getIssuerAsBytes()); 684561ee011997c6c2f1befbfaa9d5f0a99771c1d63Elliott Hughes 685561ee011997c6c2f1befbfaa9d5f0a99771c1d63Elliott Hughes selector.setIssuer(iss1); 686561ee011997c6c2f1befbfaa9d5f0a99771c1d63Elliott Hughes assertEquals("The returned issuer should be equal to specified", 687561ee011997c6c2f1befbfaa9d5f0a99771c1d63Elliott Hughes new X500Principal(name1), new X500Principal(selector 6888d8858e39800de641b50f6e8e864af9cf68bedeaNarayan Kamath .getIssuerAsBytes())); 689561ee011997c6c2f1befbfaa9d5f0a99771c1d63Elliott Hughes assertFalse("The returned issuer should differ", new X500Principal( 690561ee011997c6c2f1befbfaa9d5f0a99771c1d63Elliott Hughes name2).equals(new X500Principal(selector.getIssuerAsBytes()))); 691561ee011997c6c2f1befbfaa9d5f0a99771c1d63Elliott Hughes 692561ee011997c6c2f1befbfaa9d5f0a99771c1d63Elliott Hughes selector.setIssuer(iss2); 693561ee011997c6c2f1befbfaa9d5f0a99771c1d63Elliott Hughes assertEquals("The returned issuer should be equal to specified", 694561ee011997c6c2f1befbfaa9d5f0a99771c1d63Elliott Hughes new X500Principal(name2), new X500Principal(selector 6958d8858e39800de641b50f6e8e864af9cf68bedeaNarayan Kamath .getIssuerAsBytes())); 696561ee011997c6c2f1befbfaa9d5f0a99771c1d63Elliott Hughes } 697561ee011997c6c2f1befbfaa9d5f0a99771c1d63Elliott Hughes 698561ee011997c6c2f1befbfaa9d5f0a99771c1d63Elliott Hughes /** 699561ee011997c6c2f1befbfaa9d5f0a99771c1d63Elliott Hughes * setSubject(X500Principal subject) method testing. 700561ee011997c6c2f1befbfaa9d5f0a99771c1d63Elliott Hughes * Tests if any certificates match in the case of null criteria, 701561ee011997c6c2f1befbfaa9d5f0a99771c1d63Elliott Hughes * if [not]proper certificates [do not]match 702561ee011997c6c2f1befbfaa9d5f0a99771c1d63Elliott Hughes */ 703561ee011997c6c2f1befbfaa9d5f0a99771c1d63Elliott Hughes public void testSetSubject1() { 704561ee011997c6c2f1befbfaa9d5f0a99771c1d63Elliott Hughes X500Principal sub1 = new X500Principal("O=First Org."); 705561ee011997c6c2f1befbfaa9d5f0a99771c1d63Elliott Hughes X500Principal sub2 = new X500Principal("O=Second Org."); 706561ee011997c6c2f1befbfaa9d5f0a99771c1d63Elliott Hughes TestCert cert_1 = new TestCert(sub1); 707561ee011997c6c2f1befbfaa9d5f0a99771c1d63Elliott Hughes TestCert cert_2 = new TestCert(sub2); 708561ee011997c6c2f1befbfaa9d5f0a99771c1d63Elliott Hughes X509CertSelector selector = new X509CertSelector(); 709561ee011997c6c2f1befbfaa9d5f0a99771c1d63Elliott Hughes 710561ee011997c6c2f1befbfaa9d5f0a99771c1d63Elliott Hughes selector.setSubject((X500Principal) null); 711561ee011997c6c2f1befbfaa9d5f0a99771c1d63Elliott Hughes assertTrue("Any certificates should match " 7128d8858e39800de641b50f6e8e864af9cf68bedeaNarayan Kamath + "in the case of null subjcet criteria.", 7138d8858e39800de641b50f6e8e864af9cf68bedeaNarayan Kamath selector.match(cert_1) && selector.match(cert_2)); 714561ee011997c6c2f1befbfaa9d5f0a99771c1d63Elliott Hughes selector.setSubject(sub1); 715561ee011997c6c2f1befbfaa9d5f0a99771c1d63Elliott Hughes assertTrue("The certificate should match the selection criteria.", 7168d8858e39800de641b50f6e8e864af9cf68bedeaNarayan Kamath selector.match(cert_1)); 717561ee011997c6c2f1befbfaa9d5f0a99771c1d63Elliott Hughes assertFalse("The certificate should not match the selection criteria.", 7188d8858e39800de641b50f6e8e864af9cf68bedeaNarayan Kamath selector.match(cert_2)); 719561ee011997c6c2f1befbfaa9d5f0a99771c1d63Elliott Hughes selector.setSubject(sub2); 720561ee011997c6c2f1befbfaa9d5f0a99771c1d63Elliott Hughes assertTrue("The certificate should match the selection criteria.", 7218d8858e39800de641b50f6e8e864af9cf68bedeaNarayan Kamath selector.match(cert_2)); 722561ee011997c6c2f1befbfaa9d5f0a99771c1d63Elliott Hughes } 723561ee011997c6c2f1befbfaa9d5f0a99771c1d63Elliott Hughes 724561ee011997c6c2f1befbfaa9d5f0a99771c1d63Elliott Hughes /** 725561ee011997c6c2f1befbfaa9d5f0a99771c1d63Elliott Hughes * getSubject() method testing. 726561ee011997c6c2f1befbfaa9d5f0a99771c1d63Elliott Hughes * Tests if the method return null in the case of not specified criteria, 727e98fbf8686c5289bf03fe5c3de7ff82d3a77104dElliott Hughes * if the returned value [does not]corresponds to [not]specified 728561ee011997c6c2f1befbfaa9d5f0a99771c1d63Elliott Hughes */ 729561ee011997c6c2f1befbfaa9d5f0a99771c1d63Elliott Hughes public void testGetSubject() { 730561ee011997c6c2f1befbfaa9d5f0a99771c1d63Elliott Hughes X500Principal sub1 = new X500Principal("O=First Org."); 731561ee011997c6c2f1befbfaa9d5f0a99771c1d63Elliott Hughes X500Principal sub2 = new X500Principal("O=Second Org."); 732561ee011997c6c2f1befbfaa9d5f0a99771c1d63Elliott Hughes X509CertSelector selector = new X509CertSelector(); 733561ee011997c6c2f1befbfaa9d5f0a99771c1d63Elliott Hughes 734561ee011997c6c2f1befbfaa9d5f0a99771c1d63Elliott Hughes assertNull("Selector should return null", selector.getSubject()); 735561ee011997c6c2f1befbfaa9d5f0a99771c1d63Elliott Hughes selector.setSubject(sub1); 736561ee011997c6c2f1befbfaa9d5f0a99771c1d63Elliott Hughes assertEquals("The returned subject should be equal to specified", 7378d8858e39800de641b50f6e8e864af9cf68bedeaNarayan Kamath sub1, selector.getSubject()); 738561ee011997c6c2f1befbfaa9d5f0a99771c1d63Elliott Hughes assertFalse("The returned subject should differ", 7398d8858e39800de641b50f6e8e864af9cf68bedeaNarayan Kamath sub2.equals(selector.getSubject())); 740561ee011997c6c2f1befbfaa9d5f0a99771c1d63Elliott Hughes } 741561ee011997c6c2f1befbfaa9d5f0a99771c1d63Elliott Hughes 742561ee011997c6c2f1befbfaa9d5f0a99771c1d63Elliott Hughes /** 743561ee011997c6c2f1befbfaa9d5f0a99771c1d63Elliott Hughes * setSubject(String subjectDN) method testing. 744561ee011997c6c2f1befbfaa9d5f0a99771c1d63Elliott Hughes * Tests if any certificates match in the case of null criteria, 745561ee011997c6c2f1befbfaa9d5f0a99771c1d63Elliott Hughes * if [not]proper certificates [do not]match 746561ee011997c6c2f1befbfaa9d5f0a99771c1d63Elliott Hughes */ 747561ee011997c6c2f1befbfaa9d5f0a99771c1d63Elliott Hughes public void testSetSubject2() throws IOException { 748561ee011997c6c2f1befbfaa9d5f0a99771c1d63Elliott Hughes String name1 = "O=First Org."; 749561ee011997c6c2f1befbfaa9d5f0a99771c1d63Elliott Hughes String name2 = "O=Second Org."; 750561ee011997c6c2f1befbfaa9d5f0a99771c1d63Elliott Hughes X500Principal sub1 = new X500Principal(name1); 751561ee011997c6c2f1befbfaa9d5f0a99771c1d63Elliott Hughes X500Principal sub2 = new X500Principal(name2); 752561ee011997c6c2f1befbfaa9d5f0a99771c1d63Elliott Hughes TestCert cert_1 = new TestCert(sub1); 753561ee011997c6c2f1befbfaa9d5f0a99771c1d63Elliott Hughes TestCert cert_2 = new TestCert(sub2); 754561ee011997c6c2f1befbfaa9d5f0a99771c1d63Elliott Hughes X509CertSelector selector = new X509CertSelector(); 755561ee011997c6c2f1befbfaa9d5f0a99771c1d63Elliott Hughes 756561ee011997c6c2f1befbfaa9d5f0a99771c1d63Elliott Hughes selector.setSubject((String) null); 757561ee011997c6c2f1befbfaa9d5f0a99771c1d63Elliott Hughes assertTrue( 758561ee011997c6c2f1befbfaa9d5f0a99771c1d63Elliott Hughes "Any certificates should match in the case of null subject criteria.", 759561ee011997c6c2f1befbfaa9d5f0a99771c1d63Elliott Hughes selector.match(cert_1) && selector.match(cert_2)); 760561ee011997c6c2f1befbfaa9d5f0a99771c1d63Elliott Hughes 761561ee011997c6c2f1befbfaa9d5f0a99771c1d63Elliott Hughes selector.setSubject(name1); 762561ee011997c6c2f1befbfaa9d5f0a99771c1d63Elliott Hughes assertTrue("The certificate should match the selection criteria.", 763561ee011997c6c2f1befbfaa9d5f0a99771c1d63Elliott Hughes selector.match(cert_1)); 764561ee011997c6c2f1befbfaa9d5f0a99771c1d63Elliott Hughes assertFalse("The certificate should not match the selection criteria.", 765561ee011997c6c2f1befbfaa9d5f0a99771c1d63Elliott Hughes selector.match(cert_2)); 766561ee011997c6c2f1befbfaa9d5f0a99771c1d63Elliott Hughes 767561ee011997c6c2f1befbfaa9d5f0a99771c1d63Elliott Hughes selector.setSubject(name2); 768561ee011997c6c2f1befbfaa9d5f0a99771c1d63Elliott Hughes assertTrue("The certificate should match the selection criteria.", 769561ee011997c6c2f1befbfaa9d5f0a99771c1d63Elliott Hughes selector.match(cert_2)); 770561ee011997c6c2f1befbfaa9d5f0a99771c1d63Elliott Hughes } 771561ee011997c6c2f1befbfaa9d5f0a99771c1d63Elliott Hughes 772561ee011997c6c2f1befbfaa9d5f0a99771c1d63Elliott Hughes /** 773561ee011997c6c2f1befbfaa9d5f0a99771c1d63Elliott Hughes * getSubjectAsString() method testing. 774561ee011997c6c2f1befbfaa9d5f0a99771c1d63Elliott Hughes * Tests if the method return null in the case of not specified criteria, 775e98fbf8686c5289bf03fe5c3de7ff82d3a77104dElliott Hughes * if the returned value [does not]corresponds to [not]specified 776561ee011997c6c2f1befbfaa9d5f0a99771c1d63Elliott Hughes */ 777561ee011997c6c2f1befbfaa9d5f0a99771c1d63Elliott Hughes public void testGetSubjectAsString() { 778561ee011997c6c2f1befbfaa9d5f0a99771c1d63Elliott Hughes String name1 = "O=First Org."; 779561ee011997c6c2f1befbfaa9d5f0a99771c1d63Elliott Hughes String name2 = "O=Second Org."; 780561ee011997c6c2f1befbfaa9d5f0a99771c1d63Elliott Hughes X500Principal sub1 = new X500Principal(name1); 781561ee011997c6c2f1befbfaa9d5f0a99771c1d63Elliott Hughes X500Principal sub2 = new X500Principal(name2); 782561ee011997c6c2f1befbfaa9d5f0a99771c1d63Elliott Hughes X509CertSelector selector = new X509CertSelector(); 783561ee011997c6c2f1befbfaa9d5f0a99771c1d63Elliott Hughes 784e98fbf8686c5289bf03fe5c3de7ff82d3a77104dElliott Hughes assertNull("Selector should return null", 7858d8858e39800de641b50f6e8e864af9cf68bedeaNarayan Kamath selector.getSubjectAsString()); 786561ee011997c6c2f1befbfaa9d5f0a99771c1d63Elliott Hughes selector.setSubject(sub1); 787561ee011997c6c2f1befbfaa9d5f0a99771c1d63Elliott Hughes assertEquals("The returned subject should be equal to specified", 7888d8858e39800de641b50f6e8e864af9cf68bedeaNarayan Kamath new X500Principal(name1), 7898d8858e39800de641b50f6e8e864af9cf68bedeaNarayan Kamath new X500Principal(selector.getSubjectAsString())); 790561ee011997c6c2f1befbfaa9d5f0a99771c1d63Elliott Hughes assertFalse("The returned subject should differ", 7918d8858e39800de641b50f6e8e864af9cf68bedeaNarayan Kamath new X500Principal(name2).equals( 7928d8858e39800de641b50f6e8e864af9cf68bedeaNarayan Kamath new X500Principal(selector.getSubjectAsString()))); 793561ee011997c6c2f1befbfaa9d5f0a99771c1d63Elliott Hughes selector.setSubject(sub2); 794561ee011997c6c2f1befbfaa9d5f0a99771c1d63Elliott Hughes assertEquals("The returned subject should be equal to specified", 7958d8858e39800de641b50f6e8e864af9cf68bedeaNarayan Kamath new X500Principal(name2), 7968d8858e39800de641b50f6e8e864af9cf68bedeaNarayan Kamath new X500Principal(selector.getSubjectAsString())); 797561ee011997c6c2f1befbfaa9d5f0a99771c1d63Elliott Hughes } 798561ee011997c6c2f1befbfaa9d5f0a99771c1d63Elliott Hughes 799561ee011997c6c2f1befbfaa9d5f0a99771c1d63Elliott Hughes /** 800561ee011997c6c2f1befbfaa9d5f0a99771c1d63Elliott Hughes * setSubject(byte[] subjectDN) method testing. 801561ee011997c6c2f1befbfaa9d5f0a99771c1d63Elliott Hughes * Tests if any certificates match in the case of null criteria, 802561ee011997c6c2f1befbfaa9d5f0a99771c1d63Elliott Hughes * if [not]proper certificates [do not]match 803561ee011997c6c2f1befbfaa9d5f0a99771c1d63Elliott Hughes */ 804561ee011997c6c2f1befbfaa9d5f0a99771c1d63Elliott Hughes public void testSetSubject3() throws IOException { 805561ee011997c6c2f1befbfaa9d5f0a99771c1d63Elliott Hughes byte[] name1 = new byte[] 8068d8858e39800de641b50f6e8e864af9cf68bedeaNarayan Kamath //manually obtained DER encoding of "O=First Org." issuer name; 8078d8858e39800de641b50f6e8e864af9cf68bedeaNarayan Kamath { 48, 21, 49, 19, 48, 17, 6, 3, 85, 4, 10, 19, 10, 8088d8858e39800de641b50f6e8e864af9cf68bedeaNarayan Kamath 70, 105, 114, 115, 116, 32, 79, 114, 103, 46 }; 809561ee011997c6c2f1befbfaa9d5f0a99771c1d63Elliott Hughes byte[] name2 = new byte[] 8108d8858e39800de641b50f6e8e864af9cf68bedeaNarayan Kamath //manually obtained DER encoding of "O=Second Org." issuer name; 8118d8858e39800de641b50f6e8e864af9cf68bedeaNarayan Kamath { 48, 22, 49, 20, 48, 18, 6, 3, 85, 4, 10, 19, 11, 8128d8858e39800de641b50f6e8e864af9cf68bedeaNarayan Kamath 83, 101, 99, 111, 110, 100, 32, 79, 114, 103, 46 }; 813561ee011997c6c2f1befbfaa9d5f0a99771c1d63Elliott Hughes X500Principal sub1 = new X500Principal(name1); 814561ee011997c6c2f1befbfaa9d5f0a99771c1d63Elliott Hughes X500Principal sub2 = new X500Principal(name2); 815561ee011997c6c2f1befbfaa9d5f0a99771c1d63Elliott Hughes TestCert cert_1 = new TestCert(sub1); 816561ee011997c6c2f1befbfaa9d5f0a99771c1d63Elliott Hughes TestCert cert_2 = new TestCert(sub2); 817561ee011997c6c2f1befbfaa9d5f0a99771c1d63Elliott Hughes X509CertSelector selector = new X509CertSelector(); 818561ee011997c6c2f1befbfaa9d5f0a99771c1d63Elliott Hughes 819561ee011997c6c2f1befbfaa9d5f0a99771c1d63Elliott Hughes selector.setSubject((byte[]) null); 820561ee011997c6c2f1befbfaa9d5f0a99771c1d63Elliott Hughes assertTrue( 821561ee011997c6c2f1befbfaa9d5f0a99771c1d63Elliott Hughes "Any certificates should match in the case of null issuer criteria.", 822561ee011997c6c2f1befbfaa9d5f0a99771c1d63Elliott Hughes selector.match(cert_1) && selector.match(cert_2)); 823561ee011997c6c2f1befbfaa9d5f0a99771c1d63Elliott Hughes 824561ee011997c6c2f1befbfaa9d5f0a99771c1d63Elliott Hughes selector.setSubject(name1); 825561ee011997c6c2f1befbfaa9d5f0a99771c1d63Elliott Hughes assertTrue("The certificate should match the selection criteria.", 826561ee011997c6c2f1befbfaa9d5f0a99771c1d63Elliott Hughes selector.match(cert_1)); 827561ee011997c6c2f1befbfaa9d5f0a99771c1d63Elliott Hughes assertFalse("The certificate should not match the selection criteria.", 828561ee011997c6c2f1befbfaa9d5f0a99771c1d63Elliott Hughes selector.match(cert_2)); 829561ee011997c6c2f1befbfaa9d5f0a99771c1d63Elliott Hughes 830561ee011997c6c2f1befbfaa9d5f0a99771c1d63Elliott Hughes selector.setSubject(name2); 831561ee011997c6c2f1befbfaa9d5f0a99771c1d63Elliott Hughes assertTrue("The certificate should match the selection criteria.", 832561ee011997c6c2f1befbfaa9d5f0a99771c1d63Elliott Hughes selector.match(cert_2)); 833561ee011997c6c2f1befbfaa9d5f0a99771c1d63Elliott Hughes } 834561ee011997c6c2f1befbfaa9d5f0a99771c1d63Elliott Hughes 835561ee011997c6c2f1befbfaa9d5f0a99771c1d63Elliott Hughes /** 836561ee011997c6c2f1befbfaa9d5f0a99771c1d63Elliott Hughes * getSubjectAsBytes() method testing. 837561ee011997c6c2f1befbfaa9d5f0a99771c1d63Elliott Hughes * Tests if the method return null in the case of not specified criteria, 838e98fbf8686c5289bf03fe5c3de7ff82d3a77104dElliott Hughes * if the returned value [does not]corresponds to [not]specified 839561ee011997c6c2f1befbfaa9d5f0a99771c1d63Elliott Hughes */ 840561ee011997c6c2f1befbfaa9d5f0a99771c1d63Elliott Hughes public void testGetSubjectAsBytes() throws IOException { 841561ee011997c6c2f1befbfaa9d5f0a99771c1d63Elliott Hughes byte[] name1 = new byte[] 8428d8858e39800de641b50f6e8e864af9cf68bedeaNarayan Kamath //manually obtained DER encoding of "O=First Org." issuer name; 8438d8858e39800de641b50f6e8e864af9cf68bedeaNarayan Kamath { 48, 21, 49, 19, 48, 17, 6, 3, 85, 4, 10, 19, 10, 8448d8858e39800de641b50f6e8e864af9cf68bedeaNarayan Kamath 70, 105, 114, 115, 116, 32, 79, 114, 103, 46 }; 845561ee011997c6c2f1befbfaa9d5f0a99771c1d63Elliott Hughes byte[] name2 = new byte[] 8468d8858e39800de641b50f6e8e864af9cf68bedeaNarayan Kamath //manually obtained DER encoding of "O=Second Org." issuer name; 8478d8858e39800de641b50f6e8e864af9cf68bedeaNarayan Kamath { 48, 22, 49, 20, 48, 18, 6, 3, 85, 4, 10, 19, 11, 8488d8858e39800de641b50f6e8e864af9cf68bedeaNarayan Kamath 83, 101, 99, 111, 110, 100, 32, 79, 114, 103, 46 }; 849561ee011997c6c2f1befbfaa9d5f0a99771c1d63Elliott Hughes X500Principal sub1 = new X500Principal(name1); 850561ee011997c6c2f1befbfaa9d5f0a99771c1d63Elliott Hughes X500Principal sub2 = new X500Principal(name2); 851561ee011997c6c2f1befbfaa9d5f0a99771c1d63Elliott Hughes X509CertSelector selector = new X509CertSelector(); 852561ee011997c6c2f1befbfaa9d5f0a99771c1d63Elliott Hughes 853561ee011997c6c2f1befbfaa9d5f0a99771c1d63Elliott Hughes assertNull("Selector should return null", selector.getSubjectAsBytes()); 854561ee011997c6c2f1befbfaa9d5f0a99771c1d63Elliott Hughes selector.setSubject(sub1); 855561ee011997c6c2f1befbfaa9d5f0a99771c1d63Elliott Hughes 856561ee011997c6c2f1befbfaa9d5f0a99771c1d63Elliott Hughes assertEquals("The returned issuer should be equal to specified", 857561ee011997c6c2f1befbfaa9d5f0a99771c1d63Elliott Hughes new X500Principal(name1), new X500Principal(selector 8588d8858e39800de641b50f6e8e864af9cf68bedeaNarayan Kamath .getSubjectAsBytes())); 859561ee011997c6c2f1befbfaa9d5f0a99771c1d63Elliott Hughes assertFalse("The returned issuer should differ", new X500Principal( 860561ee011997c6c2f1befbfaa9d5f0a99771c1d63Elliott Hughes name2).equals(new X500Principal(selector.getSubjectAsBytes()))); 861561ee011997c6c2f1befbfaa9d5f0a99771c1d63Elliott Hughes 862561ee011997c6c2f1befbfaa9d5f0a99771c1d63Elliott Hughes selector.setSubject(sub2); 863561ee011997c6c2f1befbfaa9d5f0a99771c1d63Elliott Hughes assertEquals("The returned issuer should be equal to specified", 864561ee011997c6c2f1befbfaa9d5f0a99771c1d63Elliott Hughes new X500Principal(name2), new X500Principal(selector 8658d8858e39800de641b50f6e8e864af9cf68bedeaNarayan Kamath .getSubjectAsBytes())); 866561ee011997c6c2f1befbfaa9d5f0a99771c1d63Elliott Hughes } 867561ee011997c6c2f1befbfaa9d5f0a99771c1d63Elliott Hughes 868561ee011997c6c2f1befbfaa9d5f0a99771c1d63Elliott Hughes /** 869561ee011997c6c2f1befbfaa9d5f0a99771c1d63Elliott Hughes * setSubjectKeyIdentifier(byte[] subjectKeyID) method testing. 870561ee011997c6c2f1befbfaa9d5f0a99771c1d63Elliott Hughes * Tests if any certificates match in the case of null criteria, 871e98fbf8686c5289bf03fe5c3de7ff82d3a77104dElliott Hughes * if [not]proper certificates [do not]match, and if the initialization 872561ee011997c6c2f1befbfaa9d5f0a99771c1d63Elliott Hughes * object are copied during the initialization. 873561ee011997c6c2f1befbfaa9d5f0a99771c1d63Elliott Hughes */ 874561ee011997c6c2f1befbfaa9d5f0a99771c1d63Elliott Hughes public void testSetSubjectKeyIdentifier() { 8758d8858e39800de641b50f6e8e864af9cf68bedeaNarayan Kamath byte[] skid1 = new byte[] { 1, 2, 3, 4, 5 }; // random value 8768d8858e39800de641b50f6e8e864af9cf68bedeaNarayan Kamath byte[] skid2 = new byte[] { 5, 4, 3, 2, 1 }; // random value 877561ee011997c6c2f1befbfaa9d5f0a99771c1d63Elliott Hughes TestCert cert_1 = new TestCert(skid1); 878561ee011997c6c2f1befbfaa9d5f0a99771c1d63Elliott Hughes TestCert cert_2 = new TestCert(skid2); 879561ee011997c6c2f1befbfaa9d5f0a99771c1d63Elliott Hughes X509CertSelector selector = new X509CertSelector(); 880561ee011997c6c2f1befbfaa9d5f0a99771c1d63Elliott Hughes 881561ee011997c6c2f1befbfaa9d5f0a99771c1d63Elliott Hughes selector.setSubjectKeyIdentifier(null); 882561ee011997c6c2f1befbfaa9d5f0a99771c1d63Elliott Hughes assertTrue("Any certificate should match in the case of null " 8838d8858e39800de641b50f6e8e864af9cf68bedeaNarayan Kamath + "serialNumber criteria.", 8848d8858e39800de641b50f6e8e864af9cf68bedeaNarayan Kamath selector.match(cert_1) && selector.match(cert_2)); 885561ee011997c6c2f1befbfaa9d5f0a99771c1d63Elliott Hughes selector.setSubjectKeyIdentifier(skid1); 886561ee011997c6c2f1befbfaa9d5f0a99771c1d63Elliott Hughes assertTrue("The certificate should match the selection criteria.", 8878d8858e39800de641b50f6e8e864af9cf68bedeaNarayan Kamath selector.match(cert_1)); 888561ee011997c6c2f1befbfaa9d5f0a99771c1d63Elliott Hughes assertFalse("The certificate should not match the selection criteria.", 8898d8858e39800de641b50f6e8e864af9cf68bedeaNarayan Kamath selector.match(cert_2)); 890561ee011997c6c2f1befbfaa9d5f0a99771c1d63Elliott Hughes selector.setSubjectKeyIdentifier(skid2); 8918d8858e39800de641b50f6e8e864af9cf68bedeaNarayan Kamath skid2[0]++; 892561ee011997c6c2f1befbfaa9d5f0a99771c1d63Elliott Hughes assertTrue("The certificate should match the selection criteria.", 8938d8858e39800de641b50f6e8e864af9cf68bedeaNarayan Kamath selector.match(cert_2)); 894561ee011997c6c2f1befbfaa9d5f0a99771c1d63Elliott Hughes } 895561ee011997c6c2f1befbfaa9d5f0a99771c1d63Elliott Hughes 896561ee011997c6c2f1befbfaa9d5f0a99771c1d63Elliott Hughes /** 897561ee011997c6c2f1befbfaa9d5f0a99771c1d63Elliott Hughes * getSubjectKeyIdentifier() method testing. 898561ee011997c6c2f1befbfaa9d5f0a99771c1d63Elliott Hughes * Tests if the method return null in the case of not specified criteria, 899e98fbf8686c5289bf03fe5c3de7ff82d3a77104dElliott Hughes * if the returned value [does not]corresponds to [not]specified 900561ee011997c6c2f1befbfaa9d5f0a99771c1d63Elliott Hughes * and its modification does not cause the modification of internal object. 901561ee011997c6c2f1befbfaa9d5f0a99771c1d63Elliott Hughes */ 902561ee011997c6c2f1befbfaa9d5f0a99771c1d63Elliott Hughes public void testGetSubjectKeyIdentifier() { 9038d8858e39800de641b50f6e8e864af9cf68bedeaNarayan Kamath byte[] skid1 = new byte[] { 1, 2, 3, 4, 5 }; // random value 9048d8858e39800de641b50f6e8e864af9cf68bedeaNarayan Kamath byte[] skid2 = new byte[] { 4, 5, 5, 4, 3, 2, 1 }; // random value 905561ee011997c6c2f1befbfaa9d5f0a99771c1d63Elliott Hughes X509CertSelector selector = new X509CertSelector(); 906561ee011997c6c2f1befbfaa9d5f0a99771c1d63Elliott Hughes 907e98fbf8686c5289bf03fe5c3de7ff82d3a77104dElliott Hughes assertNull("Selector should return null", 9088d8858e39800de641b50f6e8e864af9cf68bedeaNarayan Kamath selector.getSubjectKeyIdentifier()); 909561ee011997c6c2f1befbfaa9d5f0a99771c1d63Elliott Hughes selector.setSubjectKeyIdentifier(skid1); 910561ee011997c6c2f1befbfaa9d5f0a99771c1d63Elliott Hughes assertTrue("The returned keyID should be equal to specified", 9118d8858e39800de641b50f6e8e864af9cf68bedeaNarayan Kamath Arrays.equals(skid1, selector.getSubjectKeyIdentifier())); 9128d8858e39800de641b50f6e8e864af9cf68bedeaNarayan Kamath selector.getSubjectKeyIdentifier()[0]++; 913561ee011997c6c2f1befbfaa9d5f0a99771c1d63Elliott Hughes assertTrue("The returned keyID should be equal to specified", 9148d8858e39800de641b50f6e8e864af9cf68bedeaNarayan Kamath Arrays.equals(skid1, selector.getSubjectKeyIdentifier())); 915561ee011997c6c2f1befbfaa9d5f0a99771c1d63Elliott Hughes assertFalse("The returned keyID should differ", 9168d8858e39800de641b50f6e8e864af9cf68bedeaNarayan Kamath Arrays.equals(skid2, selector.getSubjectKeyIdentifier())); 917561ee011997c6c2f1befbfaa9d5f0a99771c1d63Elliott Hughes } 918561ee011997c6c2f1befbfaa9d5f0a99771c1d63Elliott Hughes 919561ee011997c6c2f1befbfaa9d5f0a99771c1d63Elliott Hughes /** 920561ee011997c6c2f1befbfaa9d5f0a99771c1d63Elliott Hughes * setAuthorityKeyIdentifier(byte[] authorityKeyID) method testing. 921561ee011997c6c2f1befbfaa9d5f0a99771c1d63Elliott Hughes * Tests if any certificates match in the case of null criteria, 922e98fbf8686c5289bf03fe5c3de7ff82d3a77104dElliott Hughes * if [not]proper certificates [do not]match, and if the initialization 923561ee011997c6c2f1befbfaa9d5f0a99771c1d63Elliott Hughes * object are copied during the initialization. 924561ee011997c6c2f1befbfaa9d5f0a99771c1d63Elliott Hughes */ 925561ee011997c6c2f1befbfaa9d5f0a99771c1d63Elliott Hughes public void testSetAuthorityKeyIdentifier() { 9268d8858e39800de641b50f6e8e864af9cf68bedeaNarayan Kamath byte[] akid1 = new byte[] { 1, 2, 3, 4, 5 }; // random value 9278d8858e39800de641b50f6e8e864af9cf68bedeaNarayan Kamath byte[] akid2 = new byte[] { 5, 4, 3, 2, 1 }; // random value 928561ee011997c6c2f1befbfaa9d5f0a99771c1d63Elliott Hughes TestCert cert_1 = new TestCert(akid1); 929561ee011997c6c2f1befbfaa9d5f0a99771c1d63Elliott Hughes TestCert cert_2 = new TestCert(akid2); 930561ee011997c6c2f1befbfaa9d5f0a99771c1d63Elliott Hughes X509CertSelector selector = new X509CertSelector(); 931561ee011997c6c2f1befbfaa9d5f0a99771c1d63Elliott Hughes 932561ee011997c6c2f1befbfaa9d5f0a99771c1d63Elliott Hughes selector.setAuthorityKeyIdentifier(null); 933561ee011997c6c2f1befbfaa9d5f0a99771c1d63Elliott Hughes assertTrue("Any certificate should match in the case of null " 9348d8858e39800de641b50f6e8e864af9cf68bedeaNarayan Kamath + "serialNumber criteria.", 9358d8858e39800de641b50f6e8e864af9cf68bedeaNarayan Kamath selector.match(cert_1) && selector.match(cert_2)); 936561ee011997c6c2f1befbfaa9d5f0a99771c1d63Elliott Hughes selector.setAuthorityKeyIdentifier(akid1); 937561ee011997c6c2f1befbfaa9d5f0a99771c1d63Elliott Hughes assertTrue("The certificate should match the selection criteria.", 9388d8858e39800de641b50f6e8e864af9cf68bedeaNarayan Kamath selector.match(cert_1)); 939561ee011997c6c2f1befbfaa9d5f0a99771c1d63Elliott Hughes assertFalse("The certificate should not match the selection criteria.", 9408d8858e39800de641b50f6e8e864af9cf68bedeaNarayan Kamath selector.match(cert_2)); 941561ee011997c6c2f1befbfaa9d5f0a99771c1d63Elliott Hughes selector.setAuthorityKeyIdentifier(akid2); 9428d8858e39800de641b50f6e8e864af9cf68bedeaNarayan Kamath akid2[0]++; 943561ee011997c6c2f1befbfaa9d5f0a99771c1d63Elliott Hughes assertTrue("The certificate should match the selection criteria.", 9448d8858e39800de641b50f6e8e864af9cf68bedeaNarayan Kamath selector.match(cert_2)); 945561ee011997c6c2f1befbfaa9d5f0a99771c1d63Elliott Hughes } 946561ee011997c6c2f1befbfaa9d5f0a99771c1d63Elliott Hughes 947561ee011997c6c2f1befbfaa9d5f0a99771c1d63Elliott Hughes /** 948561ee011997c6c2f1befbfaa9d5f0a99771c1d63Elliott Hughes * getAuthorityKeyIdentifier() method testing. 949561ee011997c6c2f1befbfaa9d5f0a99771c1d63Elliott Hughes * Tests if the method return null in the case of not specified criteria, 950e98fbf8686c5289bf03fe5c3de7ff82d3a77104dElliott Hughes * if the returned value [does not]corresponds to [not]specified 951561ee011997c6c2f1befbfaa9d5f0a99771c1d63Elliott Hughes * and its modification does not cause the modification of internal object. 952561ee011997c6c2f1befbfaa9d5f0a99771c1d63Elliott Hughes */ 953561ee011997c6c2f1befbfaa9d5f0a99771c1d63Elliott Hughes public void testGetAuthorityKeyIdentifier() { 9548d8858e39800de641b50f6e8e864af9cf68bedeaNarayan Kamath byte[] akid1 = new byte[] { 4, 5, 1, 2, 3, 4, 5 }; // random value 9558d8858e39800de641b50f6e8e864af9cf68bedeaNarayan Kamath byte[] akid2 = new byte[] { 4, 5, 5, 4, 3, 2, 1 }; // random value 956561ee011997c6c2f1befbfaa9d5f0a99771c1d63Elliott Hughes X509CertSelector selector = new X509CertSelector(); 957561ee011997c6c2f1befbfaa9d5f0a99771c1d63Elliott Hughes 958e98fbf8686c5289bf03fe5c3de7ff82d3a77104dElliott Hughes assertNull("Selector should return null", 9598d8858e39800de641b50f6e8e864af9cf68bedeaNarayan Kamath selector.getAuthorityKeyIdentifier()); 960561ee011997c6c2f1befbfaa9d5f0a99771c1d63Elliott Hughes selector.setAuthorityKeyIdentifier(akid1); 961561ee011997c6c2f1befbfaa9d5f0a99771c1d63Elliott Hughes assertTrue("The returned keyID should be equal to specified", 9628d8858e39800de641b50f6e8e864af9cf68bedeaNarayan Kamath Arrays.equals(akid1, selector.getAuthorityKeyIdentifier())); 9638d8858e39800de641b50f6e8e864af9cf68bedeaNarayan Kamath selector.getAuthorityKeyIdentifier()[0]++; 964561ee011997c6c2f1befbfaa9d5f0a99771c1d63Elliott Hughes assertTrue("The returned keyID should be equal to specified", 9658d8858e39800de641b50f6e8e864af9cf68bedeaNarayan Kamath Arrays.equals(akid1, selector.getAuthorityKeyIdentifier())); 966561ee011997c6c2f1befbfaa9d5f0a99771c1d63Elliott Hughes assertFalse("The returned keyID should differ", 9678d8858e39800de641b50f6e8e864af9cf68bedeaNarayan Kamath Arrays.equals(akid2, selector.getAuthorityKeyIdentifier())); 968561ee011997c6c2f1befbfaa9d5f0a99771c1d63Elliott Hughes } 969561ee011997c6c2f1befbfaa9d5f0a99771c1d63Elliott Hughes 970561ee011997c6c2f1befbfaa9d5f0a99771c1d63Elliott Hughes /** 971561ee011997c6c2f1befbfaa9d5f0a99771c1d63Elliott Hughes * setCertificateValid(Date certificateValid) method testing. 972561ee011997c6c2f1befbfaa9d5f0a99771c1d63Elliott Hughes * Tests if any certificates match in the case of null criteria, 973e98fbf8686c5289bf03fe5c3de7ff82d3a77104dElliott Hughes * if [not]proper certificates [do not]match, and if the initialization 974561ee011997c6c2f1befbfaa9d5f0a99771c1d63Elliott Hughes * object are copied during the initialization. 975561ee011997c6c2f1befbfaa9d5f0a99771c1d63Elliott Hughes */ 976561ee011997c6c2f1befbfaa9d5f0a99771c1d63Elliott Hughes public void testSetCertificateValid() { 977561ee011997c6c2f1befbfaa9d5f0a99771c1d63Elliott Hughes Date date1 = new Date(100); 978561ee011997c6c2f1befbfaa9d5f0a99771c1d63Elliott Hughes Date date2 = new Date(200); 979561ee011997c6c2f1befbfaa9d5f0a99771c1d63Elliott Hughes TestCert cert_1 = new TestCert(date1); 980561ee011997c6c2f1befbfaa9d5f0a99771c1d63Elliott Hughes TestCert cert_2 = new TestCert(date2); 981561ee011997c6c2f1befbfaa9d5f0a99771c1d63Elliott Hughes X509CertSelector selector = new X509CertSelector(); 982561ee011997c6c2f1befbfaa9d5f0a99771c1d63Elliott Hughes 983561ee011997c6c2f1befbfaa9d5f0a99771c1d63Elliott Hughes selector.setCertificateValid(null); 984561ee011997c6c2f1befbfaa9d5f0a99771c1d63Elliott Hughes assertTrue("Any certificate should match in the case of null " 9858d8858e39800de641b50f6e8e864af9cf68bedeaNarayan Kamath + "serialNumber criteria.", 9868d8858e39800de641b50f6e8e864af9cf68bedeaNarayan Kamath selector.match(cert_1) && selector.match(cert_2)); 987561ee011997c6c2f1befbfaa9d5f0a99771c1d63Elliott Hughes selector.setCertificateValid(date1); 988561ee011997c6c2f1befbfaa9d5f0a99771c1d63Elliott Hughes assertTrue("The certificate should match the selection criteria.", 9898d8858e39800de641b50f6e8e864af9cf68bedeaNarayan Kamath selector.match(cert_1)); 990561ee011997c6c2f1befbfaa9d5f0a99771c1d63Elliott Hughes assertFalse("The certificate should not match the selection criteria.", 9918d8858e39800de641b50f6e8e864af9cf68bedeaNarayan Kamath selector.match(cert_2)); 992561ee011997c6c2f1befbfaa9d5f0a99771c1d63Elliott Hughes selector.setCertificateValid(date2); 993561ee011997c6c2f1befbfaa9d5f0a99771c1d63Elliott Hughes date2.setTime(300); 994561ee011997c6c2f1befbfaa9d5f0a99771c1d63Elliott Hughes assertTrue("The certificate should match the selection criteria.", 9958d8858e39800de641b50f6e8e864af9cf68bedeaNarayan Kamath selector.match(cert_2)); 996561ee011997c6c2f1befbfaa9d5f0a99771c1d63Elliott Hughes } 997561ee011997c6c2f1befbfaa9d5f0a99771c1d63Elliott Hughes 998561ee011997c6c2f1befbfaa9d5f0a99771c1d63Elliott Hughes /** 999561ee011997c6c2f1befbfaa9d5f0a99771c1d63Elliott Hughes * getCertificateValid() method testing. 1000561ee011997c6c2f1befbfaa9d5f0a99771c1d63Elliott Hughes * Tests if the method return null in the case of not specified criteria, 1001e98fbf8686c5289bf03fe5c3de7ff82d3a77104dElliott Hughes * if the returned value [does not]corresponds to [not]specified 1002561ee011997c6c2f1befbfaa9d5f0a99771c1d63Elliott Hughes * and its modification does not cause the modification of internal object. 1003561ee011997c6c2f1befbfaa9d5f0a99771c1d63Elliott Hughes */ 1004561ee011997c6c2f1befbfaa9d5f0a99771c1d63Elliott Hughes public void testGetCertificateValid() { 1005561ee011997c6c2f1befbfaa9d5f0a99771c1d63Elliott Hughes Date date1 = new Date(100); 1006561ee011997c6c2f1befbfaa9d5f0a99771c1d63Elliott Hughes Date date2 = new Date(200); 1007561ee011997c6c2f1befbfaa9d5f0a99771c1d63Elliott Hughes X509CertSelector selector = new X509CertSelector(); 1008561ee011997c6c2f1befbfaa9d5f0a99771c1d63Elliott Hughes 1009e98fbf8686c5289bf03fe5c3de7ff82d3a77104dElliott Hughes assertNull("Selector should return null", 10108d8858e39800de641b50f6e8e864af9cf68bedeaNarayan Kamath selector.getCertificateValid()); 1011561ee011997c6c2f1befbfaa9d5f0a99771c1d63Elliott Hughes selector.setCertificateValid(date1); 1012561ee011997c6c2f1befbfaa9d5f0a99771c1d63Elliott Hughes assertTrue("The returned date should be equal to specified", 10138d8858e39800de641b50f6e8e864af9cf68bedeaNarayan Kamath date1.equals(selector.getCertificateValid())); 1014561ee011997c6c2f1befbfaa9d5f0a99771c1d63Elliott Hughes selector.getCertificateValid().setTime(200); 1015561ee011997c6c2f1befbfaa9d5f0a99771c1d63Elliott Hughes assertTrue("The returned date should be equal to specified", 10168d8858e39800de641b50f6e8e864af9cf68bedeaNarayan Kamath date1.equals(selector.getCertificateValid())); 1017561ee011997c6c2f1befbfaa9d5f0a99771c1d63Elliott Hughes assertFalse("The returned date should differ", 10188d8858e39800de641b50f6e8e864af9cf68bedeaNarayan Kamath date2.equals(selector.getCertificateValid())); 1019561ee011997c6c2f1befbfaa9d5f0a99771c1d63Elliott Hughes } 1020561ee011997c6c2f1befbfaa9d5f0a99771c1d63Elliott Hughes 1021561ee011997c6c2f1befbfaa9d5f0a99771c1d63Elliott Hughes /** 1022561ee011997c6c2f1befbfaa9d5f0a99771c1d63Elliott Hughes * setPrivateKeyValid(Date privateKeyValid) method testing. 1023561ee011997c6c2f1befbfaa9d5f0a99771c1d63Elliott Hughes * Tests if any certificates match in the case of null criteria, 1024e98fbf8686c5289bf03fe5c3de7ff82d3a77104dElliott Hughes * if [not]proper certificates [do not]match, and if the initialization 1025561ee011997c6c2f1befbfaa9d5f0a99771c1d63Elliott Hughes * object are copied during the initialization. 1026561ee011997c6c2f1befbfaa9d5f0a99771c1d63Elliott Hughes */ 1027561ee011997c6c2f1befbfaa9d5f0a99771c1d63Elliott Hughes public void testSetPrivateKeyValid() { 1028561ee011997c6c2f1befbfaa9d5f0a99771c1d63Elliott Hughes Date date1 = new Date(100000000); 1029561ee011997c6c2f1befbfaa9d5f0a99771c1d63Elliott Hughes Date date2 = new Date(200000000); 1030561ee011997c6c2f1befbfaa9d5f0a99771c1d63Elliott Hughes Date date3 = new Date(300000000); 1031561ee011997c6c2f1befbfaa9d5f0a99771c1d63Elliott Hughes Date date4 = new Date(150000000); 1032561ee011997c6c2f1befbfaa9d5f0a99771c1d63Elliott Hughes Date date5 = new Date(250000000); 1033561ee011997c6c2f1befbfaa9d5f0a99771c1d63Elliott Hughes TestCert cert_1 = new TestCert(date1, date2); 1034561ee011997c6c2f1befbfaa9d5f0a99771c1d63Elliott Hughes TestCert cert_2 = new TestCert(date2, date3); 1035561ee011997c6c2f1befbfaa9d5f0a99771c1d63Elliott Hughes X509CertSelector selector = new X509CertSelector(); 1036561ee011997c6c2f1befbfaa9d5f0a99771c1d63Elliott Hughes 1037561ee011997c6c2f1befbfaa9d5f0a99771c1d63Elliott Hughes selector.setPrivateKeyValid(null); 1038561ee011997c6c2f1befbfaa9d5f0a99771c1d63Elliott Hughes assertTrue("Any certificate should match in the case of null " 10398d8858e39800de641b50f6e8e864af9cf68bedeaNarayan Kamath + "privateKeyValid criteria.", 10408d8858e39800de641b50f6e8e864af9cf68bedeaNarayan Kamath selector.match(cert_1) && selector.match(cert_2)); 1041561ee011997c6c2f1befbfaa9d5f0a99771c1d63Elliott Hughes selector.setPrivateKeyValid(date4); 1042561ee011997c6c2f1befbfaa9d5f0a99771c1d63Elliott Hughes assertTrue("The certificate should match the selection criteria.", 10438d8858e39800de641b50f6e8e864af9cf68bedeaNarayan Kamath selector.match(cert_1)); 1044561ee011997c6c2f1befbfaa9d5f0a99771c1d63Elliott Hughes assertFalse("The certificate should not match the selection criteria.", 10458d8858e39800de641b50f6e8e864af9cf68bedeaNarayan Kamath selector.match(cert_2)); 1046561ee011997c6c2f1befbfaa9d5f0a99771c1d63Elliott Hughes selector.setPrivateKeyValid(date5); 1047561ee011997c6c2f1befbfaa9d5f0a99771c1d63Elliott Hughes date5.setTime(date4.getTime()); 1048561ee011997c6c2f1befbfaa9d5f0a99771c1d63Elliott Hughes assertTrue("The certificate should match the selection criteria.", 10498d8858e39800de641b50f6e8e864af9cf68bedeaNarayan Kamath selector.match(cert_2)); 1050561ee011997c6c2f1befbfaa9d5f0a99771c1d63Elliott Hughes } 1051561ee011997c6c2f1befbfaa9d5f0a99771c1d63Elliott Hughes 1052561ee011997c6c2f1befbfaa9d5f0a99771c1d63Elliott Hughes /** 1053561ee011997c6c2f1befbfaa9d5f0a99771c1d63Elliott Hughes * getPrivateKeyValid() method testing. 1054561ee011997c6c2f1befbfaa9d5f0a99771c1d63Elliott Hughes * Tests if the method return null in the case of not specified criteria, 1055e98fbf8686c5289bf03fe5c3de7ff82d3a77104dElliott Hughes * if the returned value [does not]corresponds to [not]specified 1056561ee011997c6c2f1befbfaa9d5f0a99771c1d63Elliott Hughes * and its modification does not cause the modification of internal object. 1057561ee011997c6c2f1befbfaa9d5f0a99771c1d63Elliott Hughes */ 1058561ee011997c6c2f1befbfaa9d5f0a99771c1d63Elliott Hughes public void testGetPrivateKeyValid() { 1059561ee011997c6c2f1befbfaa9d5f0a99771c1d63Elliott Hughes Date date1 = new Date(100); 1060561ee011997c6c2f1befbfaa9d5f0a99771c1d63Elliott Hughes Date date2 = new Date(200); 1061561ee011997c6c2f1befbfaa9d5f0a99771c1d63Elliott Hughes X509CertSelector selector = new X509CertSelector(); 1062561ee011997c6c2f1befbfaa9d5f0a99771c1d63Elliott Hughes 1063e98fbf8686c5289bf03fe5c3de7ff82d3a77104dElliott Hughes assertNull("Selector should return null", 10648d8858e39800de641b50f6e8e864af9cf68bedeaNarayan Kamath selector.getPrivateKeyValid()); 1065561ee011997c6c2f1befbfaa9d5f0a99771c1d63Elliott Hughes selector.setPrivateKeyValid(date1); 1066561ee011997c6c2f1befbfaa9d5f0a99771c1d63Elliott Hughes assertTrue("The returned date should be equal to specified", 10678d8858e39800de641b50f6e8e864af9cf68bedeaNarayan Kamath date1.equals(selector.getPrivateKeyValid())); 1068561ee011997c6c2f1befbfaa9d5f0a99771c1d63Elliott Hughes selector.getPrivateKeyValid().setTime(200); 1069561ee011997c6c2f1befbfaa9d5f0a99771c1d63Elliott Hughes assertTrue("The returned date should be equal to specified", 10708d8858e39800de641b50f6e8e864af9cf68bedeaNarayan Kamath date1.equals(selector.getPrivateKeyValid())); 1071561ee011997c6c2f1befbfaa9d5f0a99771c1d63Elliott Hughes assertFalse("The returned date should differ", 10728d8858e39800de641b50f6e8e864af9cf68bedeaNarayan Kamath date2.equals(selector.getPrivateKeyValid())); 1073561ee011997c6c2f1befbfaa9d5f0a99771c1d63Elliott Hughes } 1074561ee011997c6c2f1befbfaa9d5f0a99771c1d63Elliott Hughes 1075561ee011997c6c2f1befbfaa9d5f0a99771c1d63Elliott Hughes /** 1076561ee011997c6c2f1befbfaa9d5f0a99771c1d63Elliott Hughes * setSubjectPublicKeyAlgID(String oid) method testing. 1077561ee011997c6c2f1befbfaa9d5f0a99771c1d63Elliott Hughes * Tests if any certificates match in the case of null criteria, 1078561ee011997c6c2f1befbfaa9d5f0a99771c1d63Elliott Hughes * if [not]proper certificates [do not]match 1079561ee011997c6c2f1befbfaa9d5f0a99771c1d63Elliott Hughes */ 1080561ee011997c6c2f1befbfaa9d5f0a99771c1d63Elliott Hughes public void testSetSubjectPublicKeyAlgID() throws Exception { 1081561ee011997c6c2f1befbfaa9d5f0a99771c1d63Elliott Hughes String pkaid1 = "1.2.840.113549.1.1.1"; // RSA (source: http://asn1.elibel.tm.fr) 1082561ee011997c6c2f1befbfaa9d5f0a99771c1d63Elliott Hughes String pkaid2 = "1.2.840.10040.4.1"; // DSA (source: http://asn1.elibel.tm.fr) 1083561ee011997c6c2f1befbfaa9d5f0a99771c1d63Elliott Hughes 1084561ee011997c6c2f1befbfaa9d5f0a99771c1d63Elliott Hughes PublicKey pkey1 = new TestKeyPair("RSA").getPublic(); 1085561ee011997c6c2f1befbfaa9d5f0a99771c1d63Elliott Hughes PublicKey pkey2 = new TestKeyPair("DSA").getPublic(); 1086561ee011997c6c2f1befbfaa9d5f0a99771c1d63Elliott Hughes 1087561ee011997c6c2f1befbfaa9d5f0a99771c1d63Elliott Hughes TestCert cert_1 = new TestCert(pkey1); 1088561ee011997c6c2f1befbfaa9d5f0a99771c1d63Elliott Hughes TestCert cert_2 = new TestCert(pkey2); 1089561ee011997c6c2f1befbfaa9d5f0a99771c1d63Elliott Hughes X509CertSelector selector = new X509CertSelector(); 1090561ee011997c6c2f1befbfaa9d5f0a99771c1d63Elliott Hughes 1091561ee011997c6c2f1befbfaa9d5f0a99771c1d63Elliott Hughes selector.setSubjectPublicKeyAlgID(null); 1092561ee011997c6c2f1befbfaa9d5f0a99771c1d63Elliott Hughes assertTrue("Any certificate should match in the case of null " 1093561ee011997c6c2f1befbfaa9d5f0a99771c1d63Elliott Hughes + "subjectPublicKeyAlgID criteria.", selector.match(cert_1) 1094561ee011997c6c2f1befbfaa9d5f0a99771c1d63Elliott Hughes && selector.match(cert_2)); 1095561ee011997c6c2f1befbfaa9d5f0a99771c1d63Elliott Hughes 1096561ee011997c6c2f1befbfaa9d5f0a99771c1d63Elliott Hughes selector.setSubjectPublicKeyAlgID(pkaid1); 1097561ee011997c6c2f1befbfaa9d5f0a99771c1d63Elliott Hughes assertTrue("The certificate should match the selection criteria.", 1098561ee011997c6c2f1befbfaa9d5f0a99771c1d63Elliott Hughes selector.match(cert_1)); 1099561ee011997c6c2f1befbfaa9d5f0a99771c1d63Elliott Hughes assertFalse("The certificate should not match the selection criteria.", 1100561ee011997c6c2f1befbfaa9d5f0a99771c1d63Elliott Hughes selector.match(cert_2)); 1101561ee011997c6c2f1befbfaa9d5f0a99771c1d63Elliott Hughes 1102561ee011997c6c2f1befbfaa9d5f0a99771c1d63Elliott Hughes selector.setSubjectPublicKeyAlgID(pkaid2); 1103561ee011997c6c2f1befbfaa9d5f0a99771c1d63Elliott Hughes assertTrue("The certificate should match the selection criteria.", 1104561ee011997c6c2f1befbfaa9d5f0a99771c1d63Elliott Hughes selector.match(cert_2)); 1105561ee011997c6c2f1befbfaa9d5f0a99771c1d63Elliott Hughes } 1106561ee011997c6c2f1befbfaa9d5f0a99771c1d63Elliott Hughes 1107561ee011997c6c2f1befbfaa9d5f0a99771c1d63Elliott Hughes /** 1108561ee011997c6c2f1befbfaa9d5f0a99771c1d63Elliott Hughes * @tests java.security.cert.X509CertSelector#setSubjectPublicKeyAlgID(java.lang.String) 1109561ee011997c6c2f1befbfaa9d5f0a99771c1d63Elliott Hughes */ 1110561ee011997c6c2f1befbfaa9d5f0a99771c1d63Elliott Hughes public void test_setSubjectPublicKeyAlgIDLjava_lang_String() throws Exception { 1111561ee011997c6c2f1befbfaa9d5f0a99771c1d63Elliott Hughes //Regression for HARMONY-465 1112561ee011997c6c2f1befbfaa9d5f0a99771c1d63Elliott Hughes X509CertSelector obj = new X509CertSelector(); 1113561ee011997c6c2f1befbfaa9d5f0a99771c1d63Elliott Hughes try { 1114561ee011997c6c2f1befbfaa9d5f0a99771c1d63Elliott Hughes obj.setSubjectPublicKeyAlgID("abc"); 1115561ee011997c6c2f1befbfaa9d5f0a99771c1d63Elliott Hughes fail("IOException expected"); 1116561ee011997c6c2f1befbfaa9d5f0a99771c1d63Elliott Hughes } catch (IOException e) { 1117561ee011997c6c2f1befbfaa9d5f0a99771c1d63Elliott Hughes // expected 1118561ee011997c6c2f1befbfaa9d5f0a99771c1d63Elliott Hughes } 1119561ee011997c6c2f1befbfaa9d5f0a99771c1d63Elliott Hughes } 1120561ee011997c6c2f1befbfaa9d5f0a99771c1d63Elliott Hughes 1121561ee011997c6c2f1befbfaa9d5f0a99771c1d63Elliott Hughes /** 1122561ee011997c6c2f1befbfaa9d5f0a99771c1d63Elliott Hughes * getSubjectPublicKeyAlgID() method testing. 1123561ee011997c6c2f1befbfaa9d5f0a99771c1d63Elliott Hughes * Tests if the method return null in the case of not specified criteria, 1124e98fbf8686c5289bf03fe5c3de7ff82d3a77104dElliott Hughes * if the returned value [does not]corresponds to [not]specified 1125561ee011997c6c2f1befbfaa9d5f0a99771c1d63Elliott Hughes */ 1126561ee011997c6c2f1befbfaa9d5f0a99771c1d63Elliott Hughes public void testGetSubjectPublicKeyAlgID() throws IOException { 1127561ee011997c6c2f1befbfaa9d5f0a99771c1d63Elliott Hughes String pkaid1 = "1.2.840.113549.1.1.1"; // RSA encryption (source: http://asn1.elibel.tm.fr) 1128561ee011997c6c2f1befbfaa9d5f0a99771c1d63Elliott Hughes String pkaid2 = "1.2.840.113549.1.1.2"; // MD2 with RSA encryption (source: http://asn1.elibel.tm.fr) 1129561ee011997c6c2f1befbfaa9d5f0a99771c1d63Elliott Hughes X509CertSelector selector = new X509CertSelector(); 1130561ee011997c6c2f1befbfaa9d5f0a99771c1d63Elliott Hughes 1131e98fbf8686c5289bf03fe5c3de7ff82d3a77104dElliott Hughes assertNull("Selector should return null", 11328d8858e39800de641b50f6e8e864af9cf68bedeaNarayan Kamath selector.getSubjectPublicKeyAlgID()); 1133561ee011997c6c2f1befbfaa9d5f0a99771c1d63Elliott Hughes 1134561ee011997c6c2f1befbfaa9d5f0a99771c1d63Elliott Hughes selector.setSubjectPublicKeyAlgID(pkaid1); 1135561ee011997c6c2f1befbfaa9d5f0a99771c1d63Elliott Hughes assertTrue("The returned oid should be equal to specified", 11368d8858e39800de641b50f6e8e864af9cf68bedeaNarayan Kamath pkaid1.equals(selector.getSubjectPublicKeyAlgID())); 1137561ee011997c6c2f1befbfaa9d5f0a99771c1d63Elliott Hughes assertFalse("The returned oid should differ", 11388d8858e39800de641b50f6e8e864af9cf68bedeaNarayan Kamath pkaid2.equals(selector.getSubjectPublicKeyAlgID())); 1139561ee011997c6c2f1befbfaa9d5f0a99771c1d63Elliott Hughes } 1140561ee011997c6c2f1befbfaa9d5f0a99771c1d63Elliott Hughes 1141561ee011997c6c2f1befbfaa9d5f0a99771c1d63Elliott Hughes /** 1142561ee011997c6c2f1befbfaa9d5f0a99771c1d63Elliott Hughes * setSubjectPublicKey(PublicKey key) method testing. 1143561ee011997c6c2f1befbfaa9d5f0a99771c1d63Elliott Hughes * Tests if any certificates match in the case of null criteria, 1144561ee011997c6c2f1befbfaa9d5f0a99771c1d63Elliott Hughes * if [not]proper certificates [do not]match. 1145561ee011997c6c2f1befbfaa9d5f0a99771c1d63Elliott Hughes */ 1146561ee011997c6c2f1befbfaa9d5f0a99771c1d63Elliott Hughes public void testSetSubjectPublicKey1() throws Exception { 1147561ee011997c6c2f1befbfaa9d5f0a99771c1d63Elliott Hughes PublicKey pkey1 = new TestKeyPair("RSA").getPublic(); 1148561ee011997c6c2f1befbfaa9d5f0a99771c1d63Elliott Hughes PublicKey pkey2 = new TestKeyPair("DSA").getPublic(); 1149561ee011997c6c2f1befbfaa9d5f0a99771c1d63Elliott Hughes 1150561ee011997c6c2f1befbfaa9d5f0a99771c1d63Elliott Hughes TestCert cert_1 = new TestCert(pkey1); 1151561ee011997c6c2f1befbfaa9d5f0a99771c1d63Elliott Hughes TestCert cert_2 = new TestCert(pkey2); 1152561ee011997c6c2f1befbfaa9d5f0a99771c1d63Elliott Hughes X509CertSelector selector = new X509CertSelector(); 1153561ee011997c6c2f1befbfaa9d5f0a99771c1d63Elliott Hughes 1154561ee011997c6c2f1befbfaa9d5f0a99771c1d63Elliott Hughes selector.setSubjectPublicKey((PublicKey) null); 1155561ee011997c6c2f1befbfaa9d5f0a99771c1d63Elliott Hughes assertTrue("Any certificate should match in the case of null " 11568d8858e39800de641b50f6e8e864af9cf68bedeaNarayan Kamath + "subjectPublicKey criteria.", 11578d8858e39800de641b50f6e8e864af9cf68bedeaNarayan Kamath selector.match(cert_1) && selector.match(cert_2)); 1158561ee011997c6c2f1befbfaa9d5f0a99771c1d63Elliott Hughes selector.setSubjectPublicKey(pkey1); 1159561ee011997c6c2f1befbfaa9d5f0a99771c1d63Elliott Hughes assertTrue("The certificate should match the selection criteria.", 11608d8858e39800de641b50f6e8e864af9cf68bedeaNarayan Kamath selector.match(cert_1)); 1161561ee011997c6c2f1befbfaa9d5f0a99771c1d63Elliott Hughes assertFalse("The certificate should not match the selection criteria.", 11628d8858e39800de641b50f6e8e864af9cf68bedeaNarayan Kamath selector.match(cert_2)); 1163561ee011997c6c2f1befbfaa9d5f0a99771c1d63Elliott Hughes selector.setSubjectPublicKey(pkey2); 1164561ee011997c6c2f1befbfaa9d5f0a99771c1d63Elliott Hughes assertTrue("The certificate should match the selection criteria.", 11658d8858e39800de641b50f6e8e864af9cf68bedeaNarayan Kamath selector.match(cert_2)); 1166561ee011997c6c2f1befbfaa9d5f0a99771c1d63Elliott Hughes } 1167561ee011997c6c2f1befbfaa9d5f0a99771c1d63Elliott Hughes 1168561ee011997c6c2f1befbfaa9d5f0a99771c1d63Elliott Hughes /** 1169561ee011997c6c2f1befbfaa9d5f0a99771c1d63Elliott Hughes * getSubjectPublicKey() method testing. 1170561ee011997c6c2f1befbfaa9d5f0a99771c1d63Elliott Hughes * Tests if the method return null in the case of not specified criteria, 1171e98fbf8686c5289bf03fe5c3de7ff82d3a77104dElliott Hughes * if the returned value corresponds to specified 1172561ee011997c6c2f1befbfaa9d5f0a99771c1d63Elliott Hughes */ 1173561ee011997c6c2f1befbfaa9d5f0a99771c1d63Elliott Hughes public void testGetSubjectPublicKey1() throws Exception { 1174561ee011997c6c2f1befbfaa9d5f0a99771c1d63Elliott Hughes 1175561ee011997c6c2f1befbfaa9d5f0a99771c1d63Elliott Hughes PublicKey pkey = new TestKeyPair("RSA").getPublic(); 1176561ee011997c6c2f1befbfaa9d5f0a99771c1d63Elliott Hughes 1177561ee011997c6c2f1befbfaa9d5f0a99771c1d63Elliott Hughes X509CertSelector selector = new X509CertSelector(); 1178561ee011997c6c2f1befbfaa9d5f0a99771c1d63Elliott Hughes 1179e98fbf8686c5289bf03fe5c3de7ff82d3a77104dElliott Hughes assertNull("Selector should return null", 11808d8858e39800de641b50f6e8e864af9cf68bedeaNarayan Kamath selector.getSubjectPublicKey()); 1181561ee011997c6c2f1befbfaa9d5f0a99771c1d63Elliott Hughes selector.setSubjectPublicKey(pkey); 1182561ee011997c6c2f1befbfaa9d5f0a99771c1d63Elliott Hughes PublicKey result = selector.getSubjectPublicKey(); 1183e98fbf8686c5289bf03fe5c3de7ff82d3a77104dElliott Hughes 1184561ee011997c6c2f1befbfaa9d5f0a99771c1d63Elliott Hughes assertEquals("The name of algorithm should be RSA", 11858d8858e39800de641b50f6e8e864af9cf68bedeaNarayan Kamath result.getAlgorithm(), "RSA"); 1186561ee011997c6c2f1befbfaa9d5f0a99771c1d63Elliott Hughes } 1187561ee011997c6c2f1befbfaa9d5f0a99771c1d63Elliott Hughes 1188561ee011997c6c2f1befbfaa9d5f0a99771c1d63Elliott Hughes /** 1189561ee011997c6c2f1befbfaa9d5f0a99771c1d63Elliott Hughes * setSubjectPublicKey(byte[] key) method testing. 1190561ee011997c6c2f1befbfaa9d5f0a99771c1d63Elliott Hughes * Tests if any certificates match in the case of null criteria, 1191e98fbf8686c5289bf03fe5c3de7ff82d3a77104dElliott Hughes * if [not]proper certificates [do not]match, and if the initialization 1192561ee011997c6c2f1befbfaa9d5f0a99771c1d63Elliott Hughes * object are copied during the initialization. 1193561ee011997c6c2f1befbfaa9d5f0a99771c1d63Elliott Hughes */ 1194561ee011997c6c2f1befbfaa9d5f0a99771c1d63Elliott Hughes public void testSetSubjectPublicKey2() throws Exception { 1195561ee011997c6c2f1befbfaa9d5f0a99771c1d63Elliott Hughes PublicKey pkey1 = new TestKeyPair("RSA").getPublic(); 1196561ee011997c6c2f1befbfaa9d5f0a99771c1d63Elliott Hughes PublicKey pkey2 = new TestKeyPair("DSA").getPublic(); 1197561ee011997c6c2f1befbfaa9d5f0a99771c1d63Elliott Hughes 1198561ee011997c6c2f1befbfaa9d5f0a99771c1d63Elliott Hughes byte[] encoding1 = pkey1.getEncoded(); 1199561ee011997c6c2f1befbfaa9d5f0a99771c1d63Elliott Hughes byte[] encoding2 = pkey2.getEncoded(); 1200561ee011997c6c2f1befbfaa9d5f0a99771c1d63Elliott Hughes TestCert cert_1 = new TestCert(pkey1); 1201561ee011997c6c2f1befbfaa9d5f0a99771c1d63Elliott Hughes TestCert cert_2 = new TestCert(pkey2); 1202561ee011997c6c2f1befbfaa9d5f0a99771c1d63Elliott Hughes X509CertSelector selector = new X509CertSelector(); 1203561ee011997c6c2f1befbfaa9d5f0a99771c1d63Elliott Hughes 1204561ee011997c6c2f1befbfaa9d5f0a99771c1d63Elliott Hughes selector.setSubjectPublicKey((byte[]) null); 1205561ee011997c6c2f1befbfaa9d5f0a99771c1d63Elliott Hughes assertTrue("Any certificate should match in the case of null " 1206561ee011997c6c2f1befbfaa9d5f0a99771c1d63Elliott Hughes + "subjectPublicKey criteria.", selector.match(cert_1) 1207561ee011997c6c2f1befbfaa9d5f0a99771c1d63Elliott Hughes && selector.match(cert_2)); 1208561ee011997c6c2f1befbfaa9d5f0a99771c1d63Elliott Hughes 1209561ee011997c6c2f1befbfaa9d5f0a99771c1d63Elliott Hughes selector.setSubjectPublicKey(encoding1); 1210561ee011997c6c2f1befbfaa9d5f0a99771c1d63Elliott Hughes assertTrue("The certificate should match the selection criteria.", 1211561ee011997c6c2f1befbfaa9d5f0a99771c1d63Elliott Hughes selector.match(cert_1)); 1212561ee011997c6c2f1befbfaa9d5f0a99771c1d63Elliott Hughes 1213561ee011997c6c2f1befbfaa9d5f0a99771c1d63Elliott Hughes encoding1[0]++; 1214561ee011997c6c2f1befbfaa9d5f0a99771c1d63Elliott Hughes assertTrue("The certificate should match the selection criteria.", 1215561ee011997c6c2f1befbfaa9d5f0a99771c1d63Elliott Hughes selector.match(cert_1)); 1216561ee011997c6c2f1befbfaa9d5f0a99771c1d63Elliott Hughes assertFalse("The certificate should not match the selection criteria.", 1217561ee011997c6c2f1befbfaa9d5f0a99771c1d63Elliott Hughes selector.match(cert_2)); 1218561ee011997c6c2f1befbfaa9d5f0a99771c1d63Elliott Hughes 1219561ee011997c6c2f1befbfaa9d5f0a99771c1d63Elliott Hughes selector.setSubjectPublicKey(encoding2); 1220561ee011997c6c2f1befbfaa9d5f0a99771c1d63Elliott Hughes assertTrue("The certificate should match the selection criteria.", 1221561ee011997c6c2f1befbfaa9d5f0a99771c1d63Elliott Hughes selector.match(cert_2)); 1222561ee011997c6c2f1befbfaa9d5f0a99771c1d63Elliott Hughes } 1223561ee011997c6c2f1befbfaa9d5f0a99771c1d63Elliott Hughes 1224561ee011997c6c2f1befbfaa9d5f0a99771c1d63Elliott Hughes /** 1225561ee011997c6c2f1befbfaa9d5f0a99771c1d63Elliott Hughes * getSubjectPublicKey() method testing. 1226561ee011997c6c2f1befbfaa9d5f0a99771c1d63Elliott Hughes * Tests if the method return null in the case of not specified criteria, 1227e98fbf8686c5289bf03fe5c3de7ff82d3a77104dElliott Hughes * if the returned value corresponds to specified 1228561ee011997c6c2f1befbfaa9d5f0a99771c1d63Elliott Hughes */ 1229561ee011997c6c2f1befbfaa9d5f0a99771c1d63Elliott Hughes public void testGetSubjectPublicKey2() throws Exception { 1230561ee011997c6c2f1befbfaa9d5f0a99771c1d63Elliott Hughes 1231561ee011997c6c2f1befbfaa9d5f0a99771c1d63Elliott Hughes PublicKey pkey = new TestKeyPair("RSA").getPublic(); 1232561ee011997c6c2f1befbfaa9d5f0a99771c1d63Elliott Hughes 1233561ee011997c6c2f1befbfaa9d5f0a99771c1d63Elliott Hughes X509CertSelector selector = new X509CertSelector(); 1234561ee011997c6c2f1befbfaa9d5f0a99771c1d63Elliott Hughes 1235e98fbf8686c5289bf03fe5c3de7ff82d3a77104dElliott Hughes assertNull("Selector should return null", 12368d8858e39800de641b50f6e8e864af9cf68bedeaNarayan Kamath selector.getSubjectPublicKey()); 1237561ee011997c6c2f1befbfaa9d5f0a99771c1d63Elliott Hughes 1238561ee011997c6c2f1befbfaa9d5f0a99771c1d63Elliott Hughes selector.setSubjectPublicKey(pkey.getEncoded()); 1239561ee011997c6c2f1befbfaa9d5f0a99771c1d63Elliott Hughes 1240561ee011997c6c2f1befbfaa9d5f0a99771c1d63Elliott Hughes PublicKey result = selector.getSubjectPublicKey(); 1241e98fbf8686c5289bf03fe5c3de7ff82d3a77104dElliott Hughes 1242561ee011997c6c2f1befbfaa9d5f0a99771c1d63Elliott Hughes assertEquals("The name of algorithm should be RSA", 12438d8858e39800de641b50f6e8e864af9cf68bedeaNarayan Kamath result.getAlgorithm(), "RSA"); 1244561ee011997c6c2f1befbfaa9d5f0a99771c1d63Elliott Hughes } 1245561ee011997c6c2f1befbfaa9d5f0a99771c1d63Elliott Hughes 1246561ee011997c6c2f1befbfaa9d5f0a99771c1d63Elliott Hughes /** 1247561ee011997c6c2f1befbfaa9d5f0a99771c1d63Elliott Hughes * setKeyUsage(boolean[] keyUsage) method testing. 1248561ee011997c6c2f1befbfaa9d5f0a99771c1d63Elliott Hughes * Tests if any certificates match in the case of null criteria, 1249e98fbf8686c5289bf03fe5c3de7ff82d3a77104dElliott Hughes * if [not]proper certificates [do not]match, and if the initialization 1250561ee011997c6c2f1befbfaa9d5f0a99771c1d63Elliott Hughes * object are copied during the initialization. Also checks if selector 1251561ee011997c6c2f1befbfaa9d5f0a99771c1d63Elliott Hughes * matches the certificate which does not have a keyUsage extension. 1252561ee011997c6c2f1befbfaa9d5f0a99771c1d63Elliott Hughes */ 1253561ee011997c6c2f1befbfaa9d5f0a99771c1d63Elliott Hughes public void testSetKeyUsage() { 1254e98fbf8686c5289bf03fe5c3de7ff82d3a77104dElliott Hughes boolean[] ku1 = new boolean[] 12558d8858e39800de641b50f6e8e864af9cf68bedeaNarayan Kamath { true, true, true, true, true, true, true, true, true }; 1256561ee011997c6c2f1befbfaa9d5f0a99771c1d63Elliott Hughes // decipherOnly is disallowed 1257561ee011997c6c2f1befbfaa9d5f0a99771c1d63Elliott Hughes boolean[] ku2 = new boolean[] 12588d8858e39800de641b50f6e8e864af9cf68bedeaNarayan Kamath { true, true, true, true, true, true, true, true, false }; 1259561ee011997c6c2f1befbfaa9d5f0a99771c1d63Elliott Hughes TestCert cert_1 = new TestCert(ku1); 1260561ee011997c6c2f1befbfaa9d5f0a99771c1d63Elliott Hughes TestCert cert_2 = new TestCert(ku2); 1261561ee011997c6c2f1befbfaa9d5f0a99771c1d63Elliott Hughes TestCert cert_3 = new TestCert((boolean[]) null); 1262561ee011997c6c2f1befbfaa9d5f0a99771c1d63Elliott Hughes X509CertSelector selector = new X509CertSelector(); 1263561ee011997c6c2f1befbfaa9d5f0a99771c1d63Elliott Hughes 1264561ee011997c6c2f1befbfaa9d5f0a99771c1d63Elliott Hughes selector.setKeyUsage(null); 1265561ee011997c6c2f1befbfaa9d5f0a99771c1d63Elliott Hughes assertTrue("Any certificate should match in the case of null " 12668d8858e39800de641b50f6e8e864af9cf68bedeaNarayan Kamath + "keyUsage criteria.", 12678d8858e39800de641b50f6e8e864af9cf68bedeaNarayan Kamath selector.match(cert_1) && selector.match(cert_2)); 1268561ee011997c6c2f1befbfaa9d5f0a99771c1d63Elliott Hughes selector.setKeyUsage(ku1); 1269561ee011997c6c2f1befbfaa9d5f0a99771c1d63Elliott Hughes assertTrue("The certificate should match the selection criteria.", 12708d8858e39800de641b50f6e8e864af9cf68bedeaNarayan Kamath selector.match(cert_1)); 1271561ee011997c6c2f1befbfaa9d5f0a99771c1d63Elliott Hughes assertFalse("The certificate should not match the selection criteria.", 12728d8858e39800de641b50f6e8e864af9cf68bedeaNarayan Kamath selector.match(cert_2)); 1273561ee011997c6c2f1befbfaa9d5f0a99771c1d63Elliott Hughes assertTrue("The certificate which does not have a keyUsage extension " 12748d8858e39800de641b50f6e8e864af9cf68bedeaNarayan Kamath + "implicitly allows all keyUsage values.", 12758d8858e39800de641b50f6e8e864af9cf68bedeaNarayan Kamath selector.match(cert_3)); 1276561ee011997c6c2f1befbfaa9d5f0a99771c1d63Elliott Hughes selector.setKeyUsage(ku2); 1277561ee011997c6c2f1befbfaa9d5f0a99771c1d63Elliott Hughes ku2[0] = !ku2[0]; 1278561ee011997c6c2f1befbfaa9d5f0a99771c1d63Elliott Hughes assertTrue("The certificate should match the selection criteria.", 12798d8858e39800de641b50f6e8e864af9cf68bedeaNarayan Kamath selector.match(cert_2)); 1280561ee011997c6c2f1befbfaa9d5f0a99771c1d63Elliott Hughes } 1281561ee011997c6c2f1befbfaa9d5f0a99771c1d63Elliott Hughes 1282561ee011997c6c2f1befbfaa9d5f0a99771c1d63Elliott Hughes /** 1283561ee011997c6c2f1befbfaa9d5f0a99771c1d63Elliott Hughes * getKeyUsage() method testing. 1284561ee011997c6c2f1befbfaa9d5f0a99771c1d63Elliott Hughes * Tests if the method return null in the case of not specified criteria, 1285e98fbf8686c5289bf03fe5c3de7ff82d3a77104dElliott Hughes * if the returned value [does not]corresponds to [not]specified 1286561ee011997c6c2f1befbfaa9d5f0a99771c1d63Elliott Hughes * and its modification does not cause the modification of internal object. 1287561ee011997c6c2f1befbfaa9d5f0a99771c1d63Elliott Hughes */ 1288561ee011997c6c2f1befbfaa9d5f0a99771c1d63Elliott Hughes public void testGetKeyUsage() { 1289561ee011997c6c2f1befbfaa9d5f0a99771c1d63Elliott Hughes boolean[] ku = new boolean[] 12908d8858e39800de641b50f6e8e864af9cf68bedeaNarayan Kamath { true, false, true, false, true, false, true, false, true }; 1291561ee011997c6c2f1befbfaa9d5f0a99771c1d63Elliott Hughes X509CertSelector selector = new X509CertSelector(); 1292561ee011997c6c2f1befbfaa9d5f0a99771c1d63Elliott Hughes 1293561ee011997c6c2f1befbfaa9d5f0a99771c1d63Elliott Hughes assertNull("Selector should return null", selector.getKeyUsage()); 1294561ee011997c6c2f1befbfaa9d5f0a99771c1d63Elliott Hughes selector.setKeyUsage(ku); 1295561ee011997c6c2f1befbfaa9d5f0a99771c1d63Elliott Hughes assertTrue("The returned date should be equal to specified", 12968d8858e39800de641b50f6e8e864af9cf68bedeaNarayan Kamath Arrays.equals(ku, selector.getKeyUsage())); 1297561ee011997c6c2f1befbfaa9d5f0a99771c1d63Elliott Hughes boolean[] result = selector.getKeyUsage(); 1298561ee011997c6c2f1befbfaa9d5f0a99771c1d63Elliott Hughes result[0] = !result[0]; 1299561ee011997c6c2f1befbfaa9d5f0a99771c1d63Elliott Hughes assertTrue("The returned keyUsage should be equal to specified", 13008d8858e39800de641b50f6e8e864af9cf68bedeaNarayan Kamath Arrays.equals(ku, selector.getKeyUsage())); 1301561ee011997c6c2f1befbfaa9d5f0a99771c1d63Elliott Hughes } 1302561ee011997c6c2f1befbfaa9d5f0a99771c1d63Elliott Hughes 1303561ee011997c6c2f1befbfaa9d5f0a99771c1d63Elliott Hughes /** 1304561ee011997c6c2f1befbfaa9d5f0a99771c1d63Elliott Hughes * setExtendedKeyUsage(Set<String> keyPurposeSet) method testing. 1305561ee011997c6c2f1befbfaa9d5f0a99771c1d63Elliott Hughes */ 1306561ee011997c6c2f1befbfaa9d5f0a99771c1d63Elliott Hughes public void testSetExtendedKeyUsage() throws IOException { 1307561ee011997c6c2f1befbfaa9d5f0a99771c1d63Elliott Hughes HashSet ku1 = new HashSet(Arrays.asList(new String[] { 1308e98fbf8686c5289bf03fe5c3de7ff82d3a77104dElliott Hughes "1.3.6.1.5.5.7.3.1", "1.3.6.1.5.5.7.3.2", "1.3.6.1.5.5.7.3.3", 1309e98fbf8686c5289bf03fe5c3de7ff82d3a77104dElliott Hughes "1.3.6.1.5.5.7.3.4", "1.3.6.1.5.5.7.3.8", "1.3.6.1.5.5.7.3.9", 13108d8858e39800de641b50f6e8e864af9cf68bedeaNarayan Kamath "1.3.6.1.5.5.7.3.5", "1.3.6.1.5.5.7.3.6", "1.3.6.1.5.5.7.3.7" } 13118d8858e39800de641b50f6e8e864af9cf68bedeaNarayan Kamath )); 1312561ee011997c6c2f1befbfaa9d5f0a99771c1d63Elliott Hughes HashSet ku2 = new HashSet(Arrays.asList(new String[] { 1313e98fbf8686c5289bf03fe5c3de7ff82d3a77104dElliott Hughes "1.3.6.1.5.5.7.3.1", "1.3.6.1.5.5.7.3.2", "1.3.6.1.5.5.7.3.3", 1314e98fbf8686c5289bf03fe5c3de7ff82d3a77104dElliott Hughes "1.3.6.1.5.5.7.3.4", "1.3.6.1.5.5.7.3.8", "1.3.6.1.5.5.7.3.9", 13158d8858e39800de641b50f6e8e864af9cf68bedeaNarayan Kamath "1.3.6.1.5.5.7.3.5", "1.3.6.1.5.5.7.3.6" })); 1316561ee011997c6c2f1befbfaa9d5f0a99771c1d63Elliott Hughes TestCert cert_1 = new TestCert(ku1); 1317561ee011997c6c2f1befbfaa9d5f0a99771c1d63Elliott Hughes TestCert cert_2 = new TestCert(ku2); 1318561ee011997c6c2f1befbfaa9d5f0a99771c1d63Elliott Hughes TestCert cert_3 = new TestCert((Set) null); 1319561ee011997c6c2f1befbfaa9d5f0a99771c1d63Elliott Hughes X509CertSelector selector = new X509CertSelector(); 1320561ee011997c6c2f1befbfaa9d5f0a99771c1d63Elliott Hughes 1321561ee011997c6c2f1befbfaa9d5f0a99771c1d63Elliott Hughes selector.setExtendedKeyUsage(null); 1322561ee011997c6c2f1befbfaa9d5f0a99771c1d63Elliott Hughes assertTrue("Any certificate should match in the case of null " 1323561ee011997c6c2f1befbfaa9d5f0a99771c1d63Elliott Hughes + "extendedKeyUsage criteria.", selector.match(cert_1) 1324561ee011997c6c2f1befbfaa9d5f0a99771c1d63Elliott Hughes && selector.match(cert_2)); 1325561ee011997c6c2f1befbfaa9d5f0a99771c1d63Elliott Hughes 1326561ee011997c6c2f1befbfaa9d5f0a99771c1d63Elliott Hughes selector.setExtendedKeyUsage(ku1); 1327561ee011997c6c2f1befbfaa9d5f0a99771c1d63Elliott Hughes assertTrue("The certificate should match the selection criteria.", 1328561ee011997c6c2f1befbfaa9d5f0a99771c1d63Elliott Hughes selector.match(cert_1)); 1329561ee011997c6c2f1befbfaa9d5f0a99771c1d63Elliott Hughes assertFalse("The certificate should not match the selection criteria.", 1330561ee011997c6c2f1befbfaa9d5f0a99771c1d63Elliott Hughes selector.match(cert_2)); 1331561ee011997c6c2f1befbfaa9d5f0a99771c1d63Elliott Hughes assertTrue("The certificate which does not have a keyUsage extension " 1332561ee011997c6c2f1befbfaa9d5f0a99771c1d63Elliott Hughes + "implicitly allows all keyUsage values.", selector 1333561ee011997c6c2f1befbfaa9d5f0a99771c1d63Elliott Hughes .match(cert_3)); 1334561ee011997c6c2f1befbfaa9d5f0a99771c1d63Elliott Hughes ku1.remove("1.3.6.1.5.5.7.3.7"); // remove the missing in ku2 keyUsage 1335561ee011997c6c2f1befbfaa9d5f0a99771c1d63Elliott Hughes assertFalse("The modification of initialization object " 1336561ee011997c6c2f1befbfaa9d5f0a99771c1d63Elliott Hughes + "should not affect the modification of internal object.", 1337561ee011997c6c2f1befbfaa9d5f0a99771c1d63Elliott Hughes selector.match(cert_2)); 1338561ee011997c6c2f1befbfaa9d5f0a99771c1d63Elliott Hughes 1339561ee011997c6c2f1befbfaa9d5f0a99771c1d63Elliott Hughes selector.setExtendedKeyUsage(ku2); 1340561ee011997c6c2f1befbfaa9d5f0a99771c1d63Elliott Hughes assertTrue("The certificate should match the selection criteria.", 1341561ee011997c6c2f1befbfaa9d5f0a99771c1d63Elliott Hughes selector.match(cert_2)); 1342561ee011997c6c2f1befbfaa9d5f0a99771c1d63Elliott Hughes } 1343561ee011997c6c2f1befbfaa9d5f0a99771c1d63Elliott Hughes 1344561ee011997c6c2f1befbfaa9d5f0a99771c1d63Elliott Hughes /** 1345561ee011997c6c2f1befbfaa9d5f0a99771c1d63Elliott Hughes * getExtendedKeyUsage() method testing. 1346561ee011997c6c2f1befbfaa9d5f0a99771c1d63Elliott Hughes */ 1347561ee011997c6c2f1befbfaa9d5f0a99771c1d63Elliott Hughes public void testGetExtendedKeyUsage() { 1348561ee011997c6c2f1befbfaa9d5f0a99771c1d63Elliott Hughes HashSet ku = new HashSet(Arrays.asList(new String[] { 1349e98fbf8686c5289bf03fe5c3de7ff82d3a77104dElliott Hughes "1.3.6.1.5.5.7.3.1", "1.3.6.1.5.5.7.3.2", "1.3.6.1.5.5.7.3.3", 1350e98fbf8686c5289bf03fe5c3de7ff82d3a77104dElliott Hughes "1.3.6.1.5.5.7.3.4", "1.3.6.1.5.5.7.3.8", "1.3.6.1.5.5.7.3.9", 13518d8858e39800de641b50f6e8e864af9cf68bedeaNarayan Kamath "1.3.6.1.5.5.7.3.5", "1.3.6.1.5.5.7.3.6", "1.3.6.1.5.5.7.3.7" } 13528d8858e39800de641b50f6e8e864af9cf68bedeaNarayan Kamath )); 1353561ee011997c6c2f1befbfaa9d5f0a99771c1d63Elliott Hughes X509CertSelector selector = new X509CertSelector(); 1354561ee011997c6c2f1befbfaa9d5f0a99771c1d63Elliott Hughes 1355e98fbf8686c5289bf03fe5c3de7ff82d3a77104dElliott Hughes assertNull("Selector should return null", 13568d8858e39800de641b50f6e8e864af9cf68bedeaNarayan Kamath selector.getExtendedKeyUsage()); 1357561ee011997c6c2f1befbfaa9d5f0a99771c1d63Elliott Hughes try { 1358561ee011997c6c2f1befbfaa9d5f0a99771c1d63Elliott Hughes selector.setExtendedKeyUsage(ku); 1359561ee011997c6c2f1befbfaa9d5f0a99771c1d63Elliott Hughes } catch (IOException e) { 1360561ee011997c6c2f1befbfaa9d5f0a99771c1d63Elliott Hughes e.printStackTrace(); 1361561ee011997c6c2f1befbfaa9d5f0a99771c1d63Elliott Hughes fail("Unexpected IOException was thrown."); 1362561ee011997c6c2f1befbfaa9d5f0a99771c1d63Elliott Hughes } 1363561ee011997c6c2f1befbfaa9d5f0a99771c1d63Elliott Hughes assertTrue("The returned extendedKeyUsage should be equal to specified", 13648d8858e39800de641b50f6e8e864af9cf68bedeaNarayan Kamath ku.equals(selector.getExtendedKeyUsage())); 1365561ee011997c6c2f1befbfaa9d5f0a99771c1d63Elliott Hughes try { 1366561ee011997c6c2f1befbfaa9d5f0a99771c1d63Elliott Hughes selector.getExtendedKeyUsage().add("KRIBLE-GRABLI"); 1367561ee011997c6c2f1befbfaa9d5f0a99771c1d63Elliott Hughes fail("The returned Set should be immutable."); 1368561ee011997c6c2f1befbfaa9d5f0a99771c1d63Elliott Hughes } catch (UnsupportedOperationException e) { 1369561ee011997c6c2f1befbfaa9d5f0a99771c1d63Elliott Hughes } 1370561ee011997c6c2f1befbfaa9d5f0a99771c1d63Elliott Hughes } 1371e98fbf8686c5289bf03fe5c3de7ff82d3a77104dElliott Hughes 1372561ee011997c6c2f1befbfaa9d5f0a99771c1d63Elliott Hughes /** 1373561ee011997c6c2f1befbfaa9d5f0a99771c1d63Elliott Hughes * setSubjectAlternativeNames(Collection<List<?>> names) method testing. 1374561ee011997c6c2f1befbfaa9d5f0a99771c1d63Elliott Hughes */ 1375561ee011997c6c2f1befbfaa9d5f0a99771c1d63Elliott Hughes public void testSetSubjectAlternativeNames() { 1376561ee011997c6c2f1befbfaa9d5f0a99771c1d63Elliott Hughes try { 1377e98fbf8686c5289bf03fe5c3de7ff82d3a77104dElliott Hughes GeneralName san0 = 13788d8858e39800de641b50f6e8e864af9cf68bedeaNarayan Kamath new GeneralName(new OtherName("1.2.3.4.5", 13798d8858e39800de641b50f6e8e864af9cf68bedeaNarayan Kamath new byte[] { 1, 2, 0, 1 })); 1380561ee011997c6c2f1befbfaa9d5f0a99771c1d63Elliott Hughes GeneralName san1 = new GeneralName(1, "rfc@822.Name"); 1381561ee011997c6c2f1befbfaa9d5f0a99771c1d63Elliott Hughes GeneralName san2 = new GeneralName(2, "dNSName"); 1382561ee011997c6c2f1befbfaa9d5f0a99771c1d63Elliott Hughes GeneralName san3 = new GeneralName(new ORAddress()); 1383561ee011997c6c2f1befbfaa9d5f0a99771c1d63Elliott Hughes GeneralName san4 = new GeneralName(new Name("O=Organization")); 1384e98fbf8686c5289bf03fe5c3de7ff82d3a77104dElliott Hughes GeneralName san5 = 13858d8858e39800de641b50f6e8e864af9cf68bedeaNarayan Kamath new GeneralName(new EDIPartyName("assigner", "party")); 1386561ee011997c6c2f1befbfaa9d5f0a99771c1d63Elliott Hughes GeneralName san6 = new GeneralName(6, "http://uniform.Resource.Id"); 1387561ee011997c6c2f1befbfaa9d5f0a99771c1d63Elliott Hughes GeneralName san7 = new GeneralName(7, "1.1.1.1"); 1388561ee011997c6c2f1befbfaa9d5f0a99771c1d63Elliott Hughes GeneralName san8 = new GeneralName(8, "1.2.3.4444.55555"); 1389561ee011997c6c2f1befbfaa9d5f0a99771c1d63Elliott Hughes 1390561ee011997c6c2f1befbfaa9d5f0a99771c1d63Elliott Hughes GeneralNames sans_1 = new GeneralNames(); 1391561ee011997c6c2f1befbfaa9d5f0a99771c1d63Elliott Hughes sans_1.addName(san0); 1392561ee011997c6c2f1befbfaa9d5f0a99771c1d63Elliott Hughes sans_1.addName(san1); 1393561ee011997c6c2f1befbfaa9d5f0a99771c1d63Elliott Hughes sans_1.addName(san2); 1394561ee011997c6c2f1befbfaa9d5f0a99771c1d63Elliott Hughes sans_1.addName(san3); 1395561ee011997c6c2f1befbfaa9d5f0a99771c1d63Elliott Hughes sans_1.addName(san4); 1396561ee011997c6c2f1befbfaa9d5f0a99771c1d63Elliott Hughes sans_1.addName(san5); 1397561ee011997c6c2f1befbfaa9d5f0a99771c1d63Elliott Hughes sans_1.addName(san6); 1398561ee011997c6c2f1befbfaa9d5f0a99771c1d63Elliott Hughes sans_1.addName(san7); 1399561ee011997c6c2f1befbfaa9d5f0a99771c1d63Elliott Hughes sans_1.addName(san8); 1400561ee011997c6c2f1befbfaa9d5f0a99771c1d63Elliott Hughes GeneralNames sans_2 = new GeneralNames(); 1401561ee011997c6c2f1befbfaa9d5f0a99771c1d63Elliott Hughes sans_2.addName(san0); 1402e98fbf8686c5289bf03fe5c3de7ff82d3a77104dElliott Hughes 1403561ee011997c6c2f1befbfaa9d5f0a99771c1d63Elliott Hughes TestCert cert_1 = new TestCert(sans_1); 1404561ee011997c6c2f1befbfaa9d5f0a99771c1d63Elliott Hughes TestCert cert_2 = new TestCert(sans_2); 1405561ee011997c6c2f1befbfaa9d5f0a99771c1d63Elliott Hughes X509CertSelector selector = new X509CertSelector(); 1406561ee011997c6c2f1befbfaa9d5f0a99771c1d63Elliott Hughes selector.setMatchAllSubjectAltNames(true); 1407561ee011997c6c2f1befbfaa9d5f0a99771c1d63Elliott Hughes 1408561ee011997c6c2f1befbfaa9d5f0a99771c1d63Elliott Hughes selector.setSubjectAlternativeNames(null); 1409561ee011997c6c2f1befbfaa9d5f0a99771c1d63Elliott Hughes assertTrue("Any certificate should match in the case of null " 14108d8858e39800de641b50f6e8e864af9cf68bedeaNarayan Kamath + "subjectAlternativeNames criteria.", 14118d8858e39800de641b50f6e8e864af9cf68bedeaNarayan Kamath selector.match(cert_1) && selector.match(cert_2)); 1412e98fbf8686c5289bf03fe5c3de7ff82d3a77104dElliott Hughes 1413561ee011997c6c2f1befbfaa9d5f0a99771c1d63Elliott Hughes Collection sans = sans_1.getPairsList(); 1414561ee011997c6c2f1befbfaa9d5f0a99771c1d63Elliott Hughes selector.setSubjectAlternativeNames(sans); 1415561ee011997c6c2f1befbfaa9d5f0a99771c1d63Elliott Hughes assertTrue("The certificate should match the selection criteria.", 14168d8858e39800de641b50f6e8e864af9cf68bedeaNarayan Kamath selector.match(cert_1)); 1417561ee011997c6c2f1befbfaa9d5f0a99771c1d63Elliott Hughes assertFalse("The certificate should not match " 14188d8858e39800de641b50f6e8e864af9cf68bedeaNarayan Kamath + "the selection criteria.", selector.match(cert_2)); 1419561ee011997c6c2f1befbfaa9d5f0a99771c1d63Elliott Hughes sans.clear(); 1420561ee011997c6c2f1befbfaa9d5f0a99771c1d63Elliott Hughes assertTrue("The modification of initialization object " 14218d8858e39800de641b50f6e8e864af9cf68bedeaNarayan Kamath + "should not affect the modification " 14228d8858e39800de641b50f6e8e864af9cf68bedeaNarayan Kamath + "of internal object.", selector.match(cert_1)); 1423561ee011997c6c2f1befbfaa9d5f0a99771c1d63Elliott Hughes selector.setSubjectAlternativeNames(sans_2.getPairsList()); 1424561ee011997c6c2f1befbfaa9d5f0a99771c1d63Elliott Hughes assertTrue("The certificate should match the selection criteria.", 14258d8858e39800de641b50f6e8e864af9cf68bedeaNarayan Kamath selector.match(cert_2)); 1426561ee011997c6c2f1befbfaa9d5f0a99771c1d63Elliott Hughes } catch (IOException e) { 1427561ee011997c6c2f1befbfaa9d5f0a99771c1d63Elliott Hughes e.printStackTrace(); 1428561ee011997c6c2f1befbfaa9d5f0a99771c1d63Elliott Hughes fail("Unexpected IOException was thrown."); 1429561ee011997c6c2f1befbfaa9d5f0a99771c1d63Elliott Hughes } 1430561ee011997c6c2f1befbfaa9d5f0a99771c1d63Elliott Hughes } 1431561ee011997c6c2f1befbfaa9d5f0a99771c1d63Elliott Hughes 1432561ee011997c6c2f1befbfaa9d5f0a99771c1d63Elliott Hughes /** 1433561ee011997c6c2f1befbfaa9d5f0a99771c1d63Elliott Hughes * addSubjectAlternativeName(int type, String name) method testing. 1434561ee011997c6c2f1befbfaa9d5f0a99771c1d63Elliott Hughes */ 1435561ee011997c6c2f1befbfaa9d5f0a99771c1d63Elliott Hughes public void testAddSubjectAlternativeName1() throws IOException { 1436561ee011997c6c2f1befbfaa9d5f0a99771c1d63Elliott Hughes String name1 = "rfc@822.Name"; 1437561ee011997c6c2f1befbfaa9d5f0a99771c1d63Elliott Hughes String name2 = "dNSName"; 1438561ee011997c6c2f1befbfaa9d5f0a99771c1d63Elliott Hughes String name4 = "O=Organization"; 1439561ee011997c6c2f1befbfaa9d5f0a99771c1d63Elliott Hughes String name6 = "http://uniform.Resource.Id"; 1440561ee011997c6c2f1befbfaa9d5f0a99771c1d63Elliott Hughes String name7 = "255.255.255.0"; 1441561ee011997c6c2f1befbfaa9d5f0a99771c1d63Elliott Hughes String name8 = "1.2.3.4444.55555"; 1442561ee011997c6c2f1befbfaa9d5f0a99771c1d63Elliott Hughes 1443561ee011997c6c2f1befbfaa9d5f0a99771c1d63Elliott Hughes GeneralName san1 = new GeneralName(1, name1); 1444561ee011997c6c2f1befbfaa9d5f0a99771c1d63Elliott Hughes GeneralName san2 = new GeneralName(2, name2); 1445561ee011997c6c2f1befbfaa9d5f0a99771c1d63Elliott Hughes GeneralName san4 = new GeneralName(4, name4); 1446561ee011997c6c2f1befbfaa9d5f0a99771c1d63Elliott Hughes GeneralName san6 = new GeneralName(6, name6); 1447561ee011997c6c2f1befbfaa9d5f0a99771c1d63Elliott Hughes GeneralName san7 = new GeneralName(7, name7); 1448561ee011997c6c2f1befbfaa9d5f0a99771c1d63Elliott Hughes GeneralName san8 = new GeneralName(8, name8); 1449561ee011997c6c2f1befbfaa9d5f0a99771c1d63Elliott Hughes 1450561ee011997c6c2f1befbfaa9d5f0a99771c1d63Elliott Hughes GeneralNames sans_1 = new GeneralNames(); 1451561ee011997c6c2f1befbfaa9d5f0a99771c1d63Elliott Hughes sans_1.addName(san1); 1452561ee011997c6c2f1befbfaa9d5f0a99771c1d63Elliott Hughes sans_1.addName(san2); 1453561ee011997c6c2f1befbfaa9d5f0a99771c1d63Elliott Hughes sans_1.addName(san4); 1454561ee011997c6c2f1befbfaa9d5f0a99771c1d63Elliott Hughes sans_1.addName(san6); 1455561ee011997c6c2f1befbfaa9d5f0a99771c1d63Elliott Hughes sans_1.addName(san7); 1456561ee011997c6c2f1befbfaa9d5f0a99771c1d63Elliott Hughes sans_1.addName(san8); 1457561ee011997c6c2f1befbfaa9d5f0a99771c1d63Elliott Hughes GeneralNames sans_2 = new GeneralNames(); 1458561ee011997c6c2f1befbfaa9d5f0a99771c1d63Elliott Hughes sans_2.addName(san1); 1459561ee011997c6c2f1befbfaa9d5f0a99771c1d63Elliott Hughes sans_2.addName(san2); 1460e98fbf8686c5289bf03fe5c3de7ff82d3a77104dElliott Hughes 1461561ee011997c6c2f1befbfaa9d5f0a99771c1d63Elliott Hughes TestCert cert_1 = new TestCert(sans_1); 1462561ee011997c6c2f1befbfaa9d5f0a99771c1d63Elliott Hughes TestCert cert_2 = new TestCert(sans_2); 1463561ee011997c6c2f1befbfaa9d5f0a99771c1d63Elliott Hughes X509CertSelector selector = new X509CertSelector(); 1464561ee011997c6c2f1befbfaa9d5f0a99771c1d63Elliott Hughes selector.setMatchAllSubjectAltNames(true); 1465561ee011997c6c2f1befbfaa9d5f0a99771c1d63Elliott Hughes 1466561ee011997c6c2f1befbfaa9d5f0a99771c1d63Elliott Hughes try { 1467561ee011997c6c2f1befbfaa9d5f0a99771c1d63Elliott Hughes selector.addSubjectAlternativeName(1, name1); 1468561ee011997c6c2f1befbfaa9d5f0a99771c1d63Elliott Hughes } catch (IOException e) { 1469561ee011997c6c2f1befbfaa9d5f0a99771c1d63Elliott Hughes e.printStackTrace(); 1470561ee011997c6c2f1befbfaa9d5f0a99771c1d63Elliott Hughes fail("Unexpected IOException was thrown."); 1471561ee011997c6c2f1befbfaa9d5f0a99771c1d63Elliott Hughes } 1472561ee011997c6c2f1befbfaa9d5f0a99771c1d63Elliott Hughes assertTrue("The certificate should match the selection criteria.", 14738d8858e39800de641b50f6e8e864af9cf68bedeaNarayan Kamath selector.match(cert_1)); 1474561ee011997c6c2f1befbfaa9d5f0a99771c1d63Elliott Hughes assertTrue("The certificate should match the selection criteria.", 14758d8858e39800de641b50f6e8e864af9cf68bedeaNarayan Kamath selector.match(cert_2)); 1476561ee011997c6c2f1befbfaa9d5f0a99771c1d63Elliott Hughes 1477561ee011997c6c2f1befbfaa9d5f0a99771c1d63Elliott Hughes try { 1478561ee011997c6c2f1befbfaa9d5f0a99771c1d63Elliott Hughes selector.addSubjectAlternativeName(2, name2); 1479561ee011997c6c2f1befbfaa9d5f0a99771c1d63Elliott Hughes } catch (IOException e) { 1480561ee011997c6c2f1befbfaa9d5f0a99771c1d63Elliott Hughes e.printStackTrace(); 1481561ee011997c6c2f1befbfaa9d5f0a99771c1d63Elliott Hughes fail("Unexpected IOException was thrown."); 1482561ee011997c6c2f1befbfaa9d5f0a99771c1d63Elliott Hughes } 1483561ee011997c6c2f1befbfaa9d5f0a99771c1d63Elliott Hughes assertTrue("The certificate should match the selection criteria.", 14848d8858e39800de641b50f6e8e864af9cf68bedeaNarayan Kamath selector.match(cert_1)); 1485561ee011997c6c2f1befbfaa9d5f0a99771c1d63Elliott Hughes assertTrue("The certificate should match the selection criteria.", 14868d8858e39800de641b50f6e8e864af9cf68bedeaNarayan Kamath selector.match(cert_2)); 1487561ee011997c6c2f1befbfaa9d5f0a99771c1d63Elliott Hughes 1488561ee011997c6c2f1befbfaa9d5f0a99771c1d63Elliott Hughes try { 1489561ee011997c6c2f1befbfaa9d5f0a99771c1d63Elliott Hughes selector.addSubjectAlternativeName(4, name4); 1490561ee011997c6c2f1befbfaa9d5f0a99771c1d63Elliott Hughes } catch (IOException e) { 1491561ee011997c6c2f1befbfaa9d5f0a99771c1d63Elliott Hughes e.printStackTrace(); 1492561ee011997c6c2f1befbfaa9d5f0a99771c1d63Elliott Hughes fail("Unexpected IOException was thrown."); 1493561ee011997c6c2f1befbfaa9d5f0a99771c1d63Elliott Hughes } 1494561ee011997c6c2f1befbfaa9d5f0a99771c1d63Elliott Hughes assertTrue("The certificate should match the selection criteria.", 14958d8858e39800de641b50f6e8e864af9cf68bedeaNarayan Kamath selector.match(cert_1)); 1496561ee011997c6c2f1befbfaa9d5f0a99771c1d63Elliott Hughes assertFalse("The certificate should not match the selection criteria.", 14978d8858e39800de641b50f6e8e864af9cf68bedeaNarayan Kamath selector.match(cert_2)); 1498561ee011997c6c2f1befbfaa9d5f0a99771c1d63Elliott Hughes try { 1499561ee011997c6c2f1befbfaa9d5f0a99771c1d63Elliott Hughes selector.addSubjectAlternativeName(6, name6); 1500561ee011997c6c2f1befbfaa9d5f0a99771c1d63Elliott Hughes selector.addSubjectAlternativeName(7, name7); 1501561ee011997c6c2f1befbfaa9d5f0a99771c1d63Elliott Hughes selector.addSubjectAlternativeName(8, name8); 1502561ee011997c6c2f1befbfaa9d5f0a99771c1d63Elliott Hughes } catch (IOException e) { 1503561ee011997c6c2f1befbfaa9d5f0a99771c1d63Elliott Hughes e.printStackTrace(); 1504561ee011997c6c2f1befbfaa9d5f0a99771c1d63Elliott Hughes fail("Unexpected IOException was thrown."); 1505561ee011997c6c2f1befbfaa9d5f0a99771c1d63Elliott Hughes } 1506561ee011997c6c2f1befbfaa9d5f0a99771c1d63Elliott Hughes assertTrue("The certificate should match the selection criteria.", 15078d8858e39800de641b50f6e8e864af9cf68bedeaNarayan Kamath selector.match(cert_1)); 1508561ee011997c6c2f1befbfaa9d5f0a99771c1d63Elliott Hughes assertFalse("The certificate should not match the selection criteria.", 15098d8858e39800de641b50f6e8e864af9cf68bedeaNarayan Kamath selector.match(cert_2)); 1510561ee011997c6c2f1befbfaa9d5f0a99771c1d63Elliott Hughes } 1511561ee011997c6c2f1befbfaa9d5f0a99771c1d63Elliott Hughes 1512561ee011997c6c2f1befbfaa9d5f0a99771c1d63Elliott Hughes /** 1513561ee011997c6c2f1befbfaa9d5f0a99771c1d63Elliott Hughes * addSubjectAlternativeName(int type, byte[] name) method testing. 1514561ee011997c6c2f1befbfaa9d5f0a99771c1d63Elliott Hughes */ 1515561ee011997c6c2f1befbfaa9d5f0a99771c1d63Elliott Hughes public void testAddSubjectAlternativeName2() { 1516561ee011997c6c2f1befbfaa9d5f0a99771c1d63Elliott Hughes try { 1517e98fbf8686c5289bf03fe5c3de7ff82d3a77104dElliott Hughes GeneralName san0 = 15188d8858e39800de641b50f6e8e864af9cf68bedeaNarayan Kamath new GeneralName(new OtherName("1.2.3.4.5", 15198d8858e39800de641b50f6e8e864af9cf68bedeaNarayan Kamath ASN1Integer.getInstance().encode( 15208d8858e39800de641b50f6e8e864af9cf68bedeaNarayan Kamath BigInteger.valueOf(55L).toByteArray()) 15218d8858e39800de641b50f6e8e864af9cf68bedeaNarayan Kamath )); 1522561ee011997c6c2f1befbfaa9d5f0a99771c1d63Elliott Hughes GeneralName san1 = new GeneralName(1, "rfc@822.Name"); 1523561ee011997c6c2f1befbfaa9d5f0a99771c1d63Elliott Hughes GeneralName san2 = new GeneralName(2, "dNSName"); 1524561ee011997c6c2f1befbfaa9d5f0a99771c1d63Elliott Hughes GeneralName san3 = new GeneralName(new ORAddress()); 1525561ee011997c6c2f1befbfaa9d5f0a99771c1d63Elliott Hughes GeneralName san4 = new GeneralName(new Name("O=Organization")); 1526e98fbf8686c5289bf03fe5c3de7ff82d3a77104dElliott Hughes GeneralName san5 = 15278d8858e39800de641b50f6e8e864af9cf68bedeaNarayan Kamath new GeneralName(new EDIPartyName("assigner", "party")); 1528561ee011997c6c2f1befbfaa9d5f0a99771c1d63Elliott Hughes GeneralName san6 = new GeneralName(6, "http://uniform.Resource.Id"); 15298d8858e39800de641b50f6e8e864af9cf68bedeaNarayan Kamath GeneralName san7 = new GeneralName(new byte[] { 1, 1, 1, 1 }); 1530561ee011997c6c2f1befbfaa9d5f0a99771c1d63Elliott Hughes GeneralName san8 = new GeneralName(8, "1.2.3.4444.55555"); 1531561ee011997c6c2f1befbfaa9d5f0a99771c1d63Elliott Hughes 1532561ee011997c6c2f1befbfaa9d5f0a99771c1d63Elliott Hughes GeneralNames sans_1 = new GeneralNames(); 1533561ee011997c6c2f1befbfaa9d5f0a99771c1d63Elliott Hughes sans_1.addName(san0); 1534561ee011997c6c2f1befbfaa9d5f0a99771c1d63Elliott Hughes sans_1.addName(san1); 1535561ee011997c6c2f1befbfaa9d5f0a99771c1d63Elliott Hughes sans_1.addName(san2); 1536561ee011997c6c2f1befbfaa9d5f0a99771c1d63Elliott Hughes sans_1.addName(san3); 1537561ee011997c6c2f1befbfaa9d5f0a99771c1d63Elliott Hughes sans_1.addName(san4); 1538561ee011997c6c2f1befbfaa9d5f0a99771c1d63Elliott Hughes sans_1.addName(san5); 1539561ee011997c6c2f1befbfaa9d5f0a99771c1d63Elliott Hughes sans_1.addName(san6); 1540561ee011997c6c2f1befbfaa9d5f0a99771c1d63Elliott Hughes sans_1.addName(san7); 1541561ee011997c6c2f1befbfaa9d5f0a99771c1d63Elliott Hughes sans_1.addName(san8); 1542561ee011997c6c2f1befbfaa9d5f0a99771c1d63Elliott Hughes GeneralNames sans_2 = new GeneralNames(); 1543561ee011997c6c2f1befbfaa9d5f0a99771c1d63Elliott Hughes sans_2.addName(san0); 1544561ee011997c6c2f1befbfaa9d5f0a99771c1d63Elliott Hughes sans_2.addName(san1); 1545561ee011997c6c2f1befbfaa9d5f0a99771c1d63Elliott Hughes sans_2.addName(san2); 1546e98fbf8686c5289bf03fe5c3de7ff82d3a77104dElliott Hughes 1547561ee011997c6c2f1befbfaa9d5f0a99771c1d63Elliott Hughes TestCert cert_1 = new TestCert(sans_1); 1548561ee011997c6c2f1befbfaa9d5f0a99771c1d63Elliott Hughes TestCert cert_2 = new TestCert(sans_2); 1549561ee011997c6c2f1befbfaa9d5f0a99771c1d63Elliott Hughes X509CertSelector selector = new X509CertSelector(); 1550561ee011997c6c2f1befbfaa9d5f0a99771c1d63Elliott Hughes selector.setMatchAllSubjectAltNames(true); 1551561ee011997c6c2f1befbfaa9d5f0a99771c1d63Elliott Hughes 1552561ee011997c6c2f1befbfaa9d5f0a99771c1d63Elliott Hughes selector.addSubjectAlternativeName(0, san0.getEncodedName()); 1553561ee011997c6c2f1befbfaa9d5f0a99771c1d63Elliott Hughes assertTrue("The certificate should match the selection criteria.", 15548d8858e39800de641b50f6e8e864af9cf68bedeaNarayan Kamath selector.match(cert_1)); 1555561ee011997c6c2f1befbfaa9d5f0a99771c1d63Elliott Hughes assertTrue("The certificate should match the selection criteria.", 15568d8858e39800de641b50f6e8e864af9cf68bedeaNarayan Kamath selector.match(cert_2)); 1557561ee011997c6c2f1befbfaa9d5f0a99771c1d63Elliott Hughes selector.addSubjectAlternativeName(1, san1.getEncodedName()); 1558561ee011997c6c2f1befbfaa9d5f0a99771c1d63Elliott Hughes assertTrue("The certificate should match the selection criteria.", 15598d8858e39800de641b50f6e8e864af9cf68bedeaNarayan Kamath selector.match(cert_1)); 1560561ee011997c6c2f1befbfaa9d5f0a99771c1d63Elliott Hughes assertTrue("The certificate should match the selection criteria.", 15618d8858e39800de641b50f6e8e864af9cf68bedeaNarayan Kamath selector.match(cert_2)); 1562561ee011997c6c2f1befbfaa9d5f0a99771c1d63Elliott Hughes selector.addSubjectAlternativeName(2, san2.getEncodedName()); 1563561ee011997c6c2f1befbfaa9d5f0a99771c1d63Elliott Hughes assertTrue("The certificate should match the selection criteria.", 15648d8858e39800de641b50f6e8e864af9cf68bedeaNarayan Kamath selector.match(cert_1)); 1565561ee011997c6c2f1befbfaa9d5f0a99771c1d63Elliott Hughes assertTrue("The certificate should match the selection criteria.", 15668d8858e39800de641b50f6e8e864af9cf68bedeaNarayan Kamath selector.match(cert_2)); 1567561ee011997c6c2f1befbfaa9d5f0a99771c1d63Elliott Hughes selector.addSubjectAlternativeName(3, san3.getEncodedName()); 1568561ee011997c6c2f1befbfaa9d5f0a99771c1d63Elliott Hughes assertTrue("The certificate should match the selection criteria.", 15698d8858e39800de641b50f6e8e864af9cf68bedeaNarayan Kamath selector.match(cert_1)); 1570561ee011997c6c2f1befbfaa9d5f0a99771c1d63Elliott Hughes assertFalse("The certificate should not match the selection criteria.", 15718d8858e39800de641b50f6e8e864af9cf68bedeaNarayan Kamath selector.match(cert_2)); 1572561ee011997c6c2f1befbfaa9d5f0a99771c1d63Elliott Hughes selector.addSubjectAlternativeName(4, san4.getEncodedName()); 1573561ee011997c6c2f1befbfaa9d5f0a99771c1d63Elliott Hughes assertTrue("The certificate should match the selection criteria.", 15748d8858e39800de641b50f6e8e864af9cf68bedeaNarayan Kamath selector.match(cert_1)); 1575561ee011997c6c2f1befbfaa9d5f0a99771c1d63Elliott Hughes assertFalse("The certificate should not match " 15768d8858e39800de641b50f6e8e864af9cf68bedeaNarayan Kamath + "the selection criteria.", selector.match(cert_2)); 1577561ee011997c6c2f1befbfaa9d5f0a99771c1d63Elliott Hughes selector.addSubjectAlternativeName(5, san5.getEncodedName()); 1578561ee011997c6c2f1befbfaa9d5f0a99771c1d63Elliott Hughes assertTrue("The certificate should match the selection criteria.", 15798d8858e39800de641b50f6e8e864af9cf68bedeaNarayan Kamath selector.match(cert_1)); 1580561ee011997c6c2f1befbfaa9d5f0a99771c1d63Elliott Hughes assertFalse("The certificate should not match " 15818d8858e39800de641b50f6e8e864af9cf68bedeaNarayan Kamath + "the selection criteria.", selector.match(cert_2)); 1582561ee011997c6c2f1befbfaa9d5f0a99771c1d63Elliott Hughes selector.addSubjectAlternativeName(6, san6.getEncodedName()); 1583561ee011997c6c2f1befbfaa9d5f0a99771c1d63Elliott Hughes assertTrue("The certificate should match the selection criteria.", 15848d8858e39800de641b50f6e8e864af9cf68bedeaNarayan Kamath selector.match(cert_1)); 1585561ee011997c6c2f1befbfaa9d5f0a99771c1d63Elliott Hughes assertFalse("The certificate should not match " 15868d8858e39800de641b50f6e8e864af9cf68bedeaNarayan Kamath + "the selection criteria.", selector.match(cert_2)); 1587561ee011997c6c2f1befbfaa9d5f0a99771c1d63Elliott Hughes selector.addSubjectAlternativeName(7, san7.getEncodedName()); 1588561ee011997c6c2f1befbfaa9d5f0a99771c1d63Elliott Hughes assertTrue("The certificate should match the selection criteria.", 15898d8858e39800de641b50f6e8e864af9cf68bedeaNarayan Kamath selector.match(cert_1)); 1590561ee011997c6c2f1befbfaa9d5f0a99771c1d63Elliott Hughes assertFalse("The certificate should not match " 15918d8858e39800de641b50f6e8e864af9cf68bedeaNarayan Kamath + "the selection criteria.", selector.match(cert_2)); 1592561ee011997c6c2f1befbfaa9d5f0a99771c1d63Elliott Hughes byte[] oid = san8.getEncodedName(); 1593561ee011997c6c2f1befbfaa9d5f0a99771c1d63Elliott Hughes selector.addSubjectAlternativeName(8, oid); 1594561ee011997c6c2f1befbfaa9d5f0a99771c1d63Elliott Hughes assertTrue("The certificate should match the selection criteria.", 15958d8858e39800de641b50f6e8e864af9cf68bedeaNarayan Kamath selector.match(cert_1)); 1596561ee011997c6c2f1befbfaa9d5f0a99771c1d63Elliott Hughes assertFalse("The certificate should not match " 15978d8858e39800de641b50f6e8e864af9cf68bedeaNarayan Kamath + "the selection criteria.", selector.match(cert_2)); 1598561ee011997c6c2f1befbfaa9d5f0a99771c1d63Elliott Hughes oid[3] += 1; 1599561ee011997c6c2f1befbfaa9d5f0a99771c1d63Elliott Hughes assertTrue("The byte array should be cloned to protect against " 16008d8858e39800de641b50f6e8e864af9cf68bedeaNarayan Kamath + "subsequent modifications.", selector.match(cert_1)); 1601561ee011997c6c2f1befbfaa9d5f0a99771c1d63Elliott Hughes } catch (IOException e) { 1602561ee011997c6c2f1befbfaa9d5f0a99771c1d63Elliott Hughes e.printStackTrace(); 1603561ee011997c6c2f1befbfaa9d5f0a99771c1d63Elliott Hughes fail("Unexpected IOException was thrown."); 1604561ee011997c6c2f1befbfaa9d5f0a99771c1d63Elliott Hughes } 1605561ee011997c6c2f1befbfaa9d5f0a99771c1d63Elliott Hughes } 1606561ee011997c6c2f1befbfaa9d5f0a99771c1d63Elliott Hughes 1607561ee011997c6c2f1befbfaa9d5f0a99771c1d63Elliott Hughes /** 1608561ee011997c6c2f1befbfaa9d5f0a99771c1d63Elliott Hughes * getSubjectAlternativeNames() method testing. 1609561ee011997c6c2f1befbfaa9d5f0a99771c1d63Elliott Hughes */ 1610561ee011997c6c2f1befbfaa9d5f0a99771c1d63Elliott Hughes public void testGetSubjectAlternativeNames() { 1611561ee011997c6c2f1befbfaa9d5f0a99771c1d63Elliott Hughes try { 1612561ee011997c6c2f1befbfaa9d5f0a99771c1d63Elliott Hughes GeneralName san1 = new GeneralName(1, "rfc@822.Name"); 1613561ee011997c6c2f1befbfaa9d5f0a99771c1d63Elliott Hughes GeneralName san2 = new GeneralName(2, "dNSName"); 1614561ee011997c6c2f1befbfaa9d5f0a99771c1d63Elliott Hughes 1615561ee011997c6c2f1befbfaa9d5f0a99771c1d63Elliott Hughes GeneralNames sans = new GeneralNames(); 1616561ee011997c6c2f1befbfaa9d5f0a99771c1d63Elliott Hughes sans.addName(san1); 1617561ee011997c6c2f1befbfaa9d5f0a99771c1d63Elliott Hughes sans.addName(san2); 1618561ee011997c6c2f1befbfaa9d5f0a99771c1d63Elliott Hughes 1619561ee011997c6c2f1befbfaa9d5f0a99771c1d63Elliott Hughes TestCert cert_1 = new TestCert(sans); 1620561ee011997c6c2f1befbfaa9d5f0a99771c1d63Elliott Hughes X509CertSelector selector = new X509CertSelector(); 1621561ee011997c6c2f1befbfaa9d5f0a99771c1d63Elliott Hughes 1622e98fbf8686c5289bf03fe5c3de7ff82d3a77104dElliott Hughes assertNull("Selector should return null", 16238d8858e39800de641b50f6e8e864af9cf68bedeaNarayan Kamath selector.getSubjectAlternativeNames()); 1624561ee011997c6c2f1befbfaa9d5f0a99771c1d63Elliott Hughes 1625561ee011997c6c2f1befbfaa9d5f0a99771c1d63Elliott Hughes selector.setSubjectAlternativeNames(sans.getPairsList()); 1626561ee011997c6c2f1befbfaa9d5f0a99771c1d63Elliott Hughes assertTrue("The certificate should match the selection criteria.", 16278d8858e39800de641b50f6e8e864af9cf68bedeaNarayan Kamath selector.match(cert_1)); 1628561ee011997c6c2f1befbfaa9d5f0a99771c1d63Elliott Hughes selector.getSubjectAlternativeNames().clear(); 1629561ee011997c6c2f1befbfaa9d5f0a99771c1d63Elliott Hughes assertTrue("The modification of initialization object " 16308d8858e39800de641b50f6e8e864af9cf68bedeaNarayan Kamath + "should not affect the modification " 16318d8858e39800de641b50f6e8e864af9cf68bedeaNarayan Kamath + "of internal object.", selector.match(cert_1)); 1632561ee011997c6c2f1befbfaa9d5f0a99771c1d63Elliott Hughes } catch (IOException e) { 1633561ee011997c6c2f1befbfaa9d5f0a99771c1d63Elliott Hughes e.printStackTrace(); 1634561ee011997c6c2f1befbfaa9d5f0a99771c1d63Elliott Hughes fail("Unexpected IOException was thrown."); 1635561ee011997c6c2f1befbfaa9d5f0a99771c1d63Elliott Hughes } 1636561ee011997c6c2f1befbfaa9d5f0a99771c1d63Elliott Hughes } 1637561ee011997c6c2f1befbfaa9d5f0a99771c1d63Elliott Hughes 1638561ee011997c6c2f1befbfaa9d5f0a99771c1d63Elliott Hughes /** 1639561ee011997c6c2f1befbfaa9d5f0a99771c1d63Elliott Hughes * setMatchAllSubjectAltNames(boolean matchAllNames) method testing. 1640561ee011997c6c2f1befbfaa9d5f0a99771c1d63Elliott Hughes */ 1641561ee011997c6c2f1befbfaa9d5f0a99771c1d63Elliott Hughes public void testSetMatchAllSubjectAltNames() { 1642561ee011997c6c2f1befbfaa9d5f0a99771c1d63Elliott Hughes try { 1643561ee011997c6c2f1befbfaa9d5f0a99771c1d63Elliott Hughes GeneralName san1 = new GeneralName(1, "rfc@822.Name"); 1644561ee011997c6c2f1befbfaa9d5f0a99771c1d63Elliott Hughes GeneralName san2 = new GeneralName(2, "dNSName"); 1645561ee011997c6c2f1befbfaa9d5f0a99771c1d63Elliott Hughes 1646561ee011997c6c2f1befbfaa9d5f0a99771c1d63Elliott Hughes GeneralNames sans_1 = new GeneralNames(); 1647561ee011997c6c2f1befbfaa9d5f0a99771c1d63Elliott Hughes sans_1.addName(san1); 1648561ee011997c6c2f1befbfaa9d5f0a99771c1d63Elliott Hughes GeneralNames sans_2 = new GeneralNames(); 1649561ee011997c6c2f1befbfaa9d5f0a99771c1d63Elliott Hughes sans_2.addName(san1); 1650561ee011997c6c2f1befbfaa9d5f0a99771c1d63Elliott Hughes sans_2.addName(san2); 1651561ee011997c6c2f1befbfaa9d5f0a99771c1d63Elliott Hughes 1652561ee011997c6c2f1befbfaa9d5f0a99771c1d63Elliott Hughes TestCert cert = new TestCert(sans_1); 1653561ee011997c6c2f1befbfaa9d5f0a99771c1d63Elliott Hughes X509CertSelector selector = new X509CertSelector(); 1654561ee011997c6c2f1befbfaa9d5f0a99771c1d63Elliott Hughes selector.setMatchAllSubjectAltNames(true); 1655561ee011997c6c2f1befbfaa9d5f0a99771c1d63Elliott Hughes 1656561ee011997c6c2f1befbfaa9d5f0a99771c1d63Elliott Hughes selector.setSubjectAlternativeNames(sans_2.getPairsList()); 1657561ee011997c6c2f1befbfaa9d5f0a99771c1d63Elliott Hughes assertFalse("Only certificate which contain all of the specified " 16588d8858e39800de641b50f6e8e864af9cf68bedeaNarayan Kamath + "subject alternative names should match.", 16598d8858e39800de641b50f6e8e864af9cf68bedeaNarayan Kamath selector.match(cert)); 1660561ee011997c6c2f1befbfaa9d5f0a99771c1d63Elliott Hughes selector.setMatchAllSubjectAltNames(false); 1661561ee011997c6c2f1befbfaa9d5f0a99771c1d63Elliott Hughes /* 1662561ee011997c6c2f1befbfaa9d5f0a99771c1d63Elliott Hughes assertTrue("The certificate which contain at least one of the " 1663561ee011997c6c2f1befbfaa9d5f0a99771c1d63Elliott Hughes + "specified subject alternative names must match.", 1664561ee011997c6c2f1befbfaa9d5f0a99771c1d63Elliott Hughes selector.match(cert)); 1665561ee011997c6c2f1befbfaa9d5f0a99771c1d63Elliott Hughes */ 1666561ee011997c6c2f1befbfaa9d5f0a99771c1d63Elliott Hughes } catch (IOException e) { 1667561ee011997c6c2f1befbfaa9d5f0a99771c1d63Elliott Hughes e.printStackTrace(); 1668561ee011997c6c2f1befbfaa9d5f0a99771c1d63Elliott Hughes fail("Unexpected IOException was thrown."); 1669561ee011997c6c2f1befbfaa9d5f0a99771c1d63Elliott Hughes } 1670561ee011997c6c2f1befbfaa9d5f0a99771c1d63Elliott Hughes } 1671561ee011997c6c2f1befbfaa9d5f0a99771c1d63Elliott Hughes 1672561ee011997c6c2f1befbfaa9d5f0a99771c1d63Elliott Hughes /** 1673561ee011997c6c2f1befbfaa9d5f0a99771c1d63Elliott Hughes * getMatchAllSubjectAltNames() method testing. 1674561ee011997c6c2f1befbfaa9d5f0a99771c1d63Elliott Hughes */ 1675561ee011997c6c2f1befbfaa9d5f0a99771c1d63Elliott Hughes public void testGetMatchAllSubjectAltNames() { 1676561ee011997c6c2f1befbfaa9d5f0a99771c1d63Elliott Hughes X509CertSelector selector = new X509CertSelector(); 1677e98fbf8686c5289bf03fe5c3de7ff82d3a77104dElliott Hughes assertTrue("The matchAllNames initially should be true", 1678561ee011997c6c2f1befbfaa9d5f0a99771c1d63Elliott Hughes selector.getMatchAllSubjectAltNames()); 1679561ee011997c6c2f1befbfaa9d5f0a99771c1d63Elliott Hughes selector.setMatchAllSubjectAltNames(false); 1680561ee011997c6c2f1befbfaa9d5f0a99771c1d63Elliott Hughes assertFalse("The value should be false", 1681561ee011997c6c2f1befbfaa9d5f0a99771c1d63Elliott Hughes selector.getMatchAllSubjectAltNames()); 1682561ee011997c6c2f1befbfaa9d5f0a99771c1d63Elliott Hughes } 1683561ee011997c6c2f1befbfaa9d5f0a99771c1d63Elliott Hughes 1684561ee011997c6c2f1befbfaa9d5f0a99771c1d63Elliott Hughes /** 1685561ee011997c6c2f1befbfaa9d5f0a99771c1d63Elliott Hughes * setNameConstraints(byte[] bytes) method testing. 1686561ee011997c6c2f1befbfaa9d5f0a99771c1d63Elliott Hughes * Constructs the NameConstraints DER structure with 1687561ee011997c6c2f1befbfaa9d5f0a99771c1d63Elliott Hughes * GeneralNames of types: 1, 2, 6, 7 and set it as a criterion. 1688561ee011997c6c2f1befbfaa9d5f0a99771c1d63Elliott Hughes */ 1689561ee011997c6c2f1befbfaa9d5f0a99771c1d63Elliott Hughes public void testSetNameConstraints0() throws IOException { 1690e98fbf8686c5289bf03fe5c3de7ff82d3a77104dElliott Hughes // Restrictions apply only when the specified name form is present. 1691e98fbf8686c5289bf03fe5c3de7ff82d3a77104dElliott Hughes // If no name of the type is in the certificate, 1692561ee011997c6c2f1befbfaa9d5f0a99771c1d63Elliott Hughes // the certificate is acceptable (rfc 3280). 1693e98fbf8686c5289bf03fe5c3de7ff82d3a77104dElliott Hughes 16948d8858e39800de641b50f6e8e864af9cf68bedeaNarayan Kamath GeneralName[] name_constraints = new GeneralName[] { 16958d8858e39800de641b50f6e8e864af9cf68bedeaNarayan Kamath new GeneralName(1, "822.Name"), 16968d8858e39800de641b50f6e8e864af9cf68bedeaNarayan Kamath new GeneralName(1, "rfc@822.Name"), 16978d8858e39800de641b50f6e8e864af9cf68bedeaNarayan Kamath new GeneralName(2, "Name.org"), 16988d8858e39800de641b50f6e8e864af9cf68bedeaNarayan Kamath new GeneralName(2, "dNS.Name.org"), 16998d8858e39800de641b50f6e8e864af9cf68bedeaNarayan Kamath //new GeneralName(4, "O=Organization"), 17008d8858e39800de641b50f6e8e864af9cf68bedeaNarayan Kamath new GeneralName(6, "http://.Resource.Id"), 17018d8858e39800de641b50f6e8e864af9cf68bedeaNarayan Kamath new GeneralName(6, "http://uniform.Resource.Id"), 17028d8858e39800de641b50f6e8e864af9cf68bedeaNarayan Kamath new GeneralName(7, "1.1.1.1"), 17038d8858e39800de641b50f6e8e864af9cf68bedeaNarayan Kamath // new GeneralName(7, new byte[] {1, 1, 1, 1, 3, 3, 3, 3}), 17048d8858e39800de641b50f6e8e864af9cf68bedeaNarayan Kamath new GeneralName(new byte[] { 1, 1, 1, 1, 1, 1, 1, 1, 17058d8858e39800de641b50f6e8e864af9cf68bedeaNarayan Kamath 1, 1, 1, 1, 1, 1, 1, 1 }), 17068d8858e39800de641b50f6e8e864af9cf68bedeaNarayan Kamath // new GeneralName(7, new byte[] {1, 1, 1, 1, 1, 1, 1, 1, 17078d8858e39800de641b50f6e8e864af9cf68bedeaNarayan Kamath // 1, 1, 1, 1, 1, 1, 1, 1, 17088d8858e39800de641b50f6e8e864af9cf68bedeaNarayan Kamath // 3, 3, 3, 3, 3, 3, 3, 3, 17098d8858e39800de641b50f6e8e864af9cf68bedeaNarayan Kamath // 3, 3, 3, 3, 3, 3, 3, 3}) 1710561ee011997c6c2f1befbfaa9d5f0a99771c1d63Elliott Hughes }; 1711561ee011997c6c2f1befbfaa9d5f0a99771c1d63Elliott Hughes 1712e98fbf8686c5289bf03fe5c3de7ff82d3a77104dElliott Hughes // names which should match divided from names which should not 1713561ee011997c6c2f1befbfaa9d5f0a99771c1d63Elliott Hughes // match by null 1714561ee011997c6c2f1befbfaa9d5f0a99771c1d63Elliott Hughes GeneralName[][] alternative_names = new GeneralName[][] { 17158d8858e39800de641b50f6e8e864af9cf68bedeaNarayan Kamath { 17168d8858e39800de641b50f6e8e864af9cf68bedeaNarayan Kamath new GeneralName(1, "rfc@822.Name"), 17178d8858e39800de641b50f6e8e864af9cf68bedeaNarayan Kamath null, 17188d8858e39800de641b50f6e8e864af9cf68bedeaNarayan Kamath new GeneralName(1, "rfc@Other.Name") 17198d8858e39800de641b50f6e8e864af9cf68bedeaNarayan Kamath }, { 1720561ee011997c6c2f1befbfaa9d5f0a99771c1d63Elliott Hughes new GeneralName(1, "rfc@822.Name"), 1721561ee011997c6c2f1befbfaa9d5f0a99771c1d63Elliott Hughes null, 1722561ee011997c6c2f1befbfaa9d5f0a99771c1d63Elliott Hughes new GeneralName(1, "rfc@Other.Name") 17238d8858e39800de641b50f6e8e864af9cf68bedeaNarayan Kamath }, { 1724561ee011997c6c2f1befbfaa9d5f0a99771c1d63Elliott Hughes new GeneralName(2, "Name.org"), 1725561ee011997c6c2f1befbfaa9d5f0a99771c1d63Elliott Hughes new GeneralName(2, "dNS.Name.org"), 1726561ee011997c6c2f1befbfaa9d5f0a99771c1d63Elliott Hughes null, 1727561ee011997c6c2f1befbfaa9d5f0a99771c1d63Elliott Hughes new GeneralName(2, "dNS.OtherName.org") 17288d8858e39800de641b50f6e8e864af9cf68bedeaNarayan Kamath }, { 1729561ee011997c6c2f1befbfaa9d5f0a99771c1d63Elliott Hughes new GeneralName(2, "dNS.Name.org"), 1730561ee011997c6c2f1befbfaa9d5f0a99771c1d63Elliott Hughes null, 1731561ee011997c6c2f1befbfaa9d5f0a99771c1d63Elliott Hughes new GeneralName(2, "Name.org"), 1732561ee011997c6c2f1befbfaa9d5f0a99771c1d63Elliott Hughes new GeneralName(2, "dNS.OtherName.org") 17338d8858e39800de641b50f6e8e864af9cf68bedeaNarayan Kamath }, { 1734e98fbf8686c5289bf03fe5c3de7ff82d3a77104dElliott Hughes 17358d8858e39800de641b50f6e8e864af9cf68bedeaNarayan Kamath // new GeneralName(4, "O=Organization"), 17368d8858e39800de641b50f6e8e864af9cf68bedeaNarayan Kamath // null, 17378d8858e39800de641b50f6e8e864af9cf68bedeaNarayan Kamath // new GeneralName(4, "O=OtherOrganization") 17388d8858e39800de641b50f6e8e864af9cf68bedeaNarayan Kamath //}, { 1739e98fbf8686c5289bf03fe5c3de7ff82d3a77104dElliott Hughes 1740561ee011997c6c2f1befbfaa9d5f0a99771c1d63Elliott Hughes new GeneralName(6, "http://uniform.Resource.Id/location"), 1741561ee011997c6c2f1befbfaa9d5f0a99771c1d63Elliott Hughes null, 1742561ee011997c6c2f1befbfaa9d5f0a99771c1d63Elliott Hughes //new GeneralName(6, "http://Resource.Id") 17438d8858e39800de641b50f6e8e864af9cf68bedeaNarayan Kamath }, { 1744561ee011997c6c2f1befbfaa9d5f0a99771c1d63Elliott Hughes new GeneralName(6, "http://uniform.Resource.Id"), 1745561ee011997c6c2f1befbfaa9d5f0a99771c1d63Elliott Hughes null, 1746561ee011997c6c2f1befbfaa9d5f0a99771c1d63Elliott Hughes new GeneralName(6, "http://Resource.Id") 17478d8858e39800de641b50f6e8e864af9cf68bedeaNarayan Kamath }, { 17488d8858e39800de641b50f6e8e864af9cf68bedeaNarayan Kamath new GeneralName(new byte[] { 1, 1, 1, 1 }), 1749561ee011997c6c2f1befbfaa9d5f0a99771c1d63Elliott Hughes null, 17508d8858e39800de641b50f6e8e864af9cf68bedeaNarayan Kamath new GeneralName(new byte[] { 2, 2, 2, 2 }) 17518d8858e39800de641b50f6e8e864af9cf68bedeaNarayan Kamath // }, { 17528d8858e39800de641b50f6e8e864af9cf68bedeaNarayan Kamath // new GeneralName(7, new byte[] {1, 1, 1, 1}), 17538d8858e39800de641b50f6e8e864af9cf68bedeaNarayan Kamath // new GeneralName(7, new byte[] {2, 2, 2, 2}), 17548d8858e39800de641b50f6e8e864af9cf68bedeaNarayan Kamath // new GeneralName(7, new byte[] {3, 3, 3, 3}), 17558d8858e39800de641b50f6e8e864af9cf68bedeaNarayan Kamath // null, 17568d8858e39800de641b50f6e8e864af9cf68bedeaNarayan Kamath // new GeneralName(7, new byte[] {4, 4, 4, 4}) 17578d8858e39800de641b50f6e8e864af9cf68bedeaNarayan Kamath }, { 17588d8858e39800de641b50f6e8e864af9cf68bedeaNarayan Kamath new GeneralName(new byte[] { 1, 1, 1, 1, 1, 1, 1, 1, 17598d8858e39800de641b50f6e8e864af9cf68bedeaNarayan Kamath 1, 1, 1, 1, 1, 1, 1, 1 }), 1760561ee011997c6c2f1befbfaa9d5f0a99771c1d63Elliott Hughes null, 17618d8858e39800de641b50f6e8e864af9cf68bedeaNarayan Kamath new GeneralName(new byte[] { 2, 2, 2, 2, 2, 2, 2, 2, 17628d8858e39800de641b50f6e8e864af9cf68bedeaNarayan Kamath 2, 2, 2, 2, 2, 2, 2, 2 }), 17638d8858e39800de641b50f6e8e864af9cf68bedeaNarayan Kamath // }, { 17648d8858e39800de641b50f6e8e864af9cf68bedeaNarayan Kamath // new GeneralName(7, new byte[] {1, 1, 1, 1, 1, 1, 1, 1, 17658d8858e39800de641b50f6e8e864af9cf68bedeaNarayan Kamath // 1, 1, 1, 1, 1, 1, 1, 1}), 17668d8858e39800de641b50f6e8e864af9cf68bedeaNarayan Kamath // new GeneralName(7, new byte[] {2, 2, 2, 2, 2, 2, 2, 2, 17678d8858e39800de641b50f6e8e864af9cf68bedeaNarayan Kamath // 2, 2, 2, 2, 2, 2, 2, 2}), 17688d8858e39800de641b50f6e8e864af9cf68bedeaNarayan Kamath // new GeneralName(7, new byte[] {3, 3, 3, 3, 3, 3, 3, 3, 17698d8858e39800de641b50f6e8e864af9cf68bedeaNarayan Kamath // 3, 3, 3, 3, 3, 3, 3, 3}), 17708d8858e39800de641b50f6e8e864af9cf68bedeaNarayan Kamath // null, 17718d8858e39800de641b50f6e8e864af9cf68bedeaNarayan Kamath // new GeneralName(7, new byte[] {4, 4, 4, 4, 4, 4, 4, 4, 17728d8858e39800de641b50f6e8e864af9cf68bedeaNarayan Kamath // 4, 4, 4, 4, 4, 4, 4, 4}), 17738d8858e39800de641b50f6e8e864af9cf68bedeaNarayan Kamath } 1774561ee011997c6c2f1befbfaa9d5f0a99771c1d63Elliott Hughes }; 1775561ee011997c6c2f1befbfaa9d5f0a99771c1d63Elliott Hughes 1776561ee011997c6c2f1befbfaa9d5f0a99771c1d63Elliott Hughes X509CertSelector selector = new X509CertSelector(); 1777561ee011997c6c2f1befbfaa9d5f0a99771c1d63Elliott Hughes String subject = "O=Organization"; 1778561ee011997c6c2f1befbfaa9d5f0a99771c1d63Elliott Hughes X500Principal x500Subject = new X500Principal(subject); 1779561ee011997c6c2f1befbfaa9d5f0a99771c1d63Elliott Hughes try { 1780561ee011997c6c2f1befbfaa9d5f0a99771c1d63Elliott Hughes Name nameSubject = new Name(subject); 17818d8858e39800de641b50f6e8e864af9cf68bedeaNarayan Kamath for (int i = 0; i < name_constraints.length; i++) { 1782561ee011997c6c2f1befbfaa9d5f0a99771c1d63Elliott Hughes // make the subtrees (part of name constraints) 1783561ee011997c6c2f1befbfaa9d5f0a99771c1d63Elliott Hughes // this subtrees will be used as permited and as excluded 1784e98fbf8686c5289bf03fe5c3de7ff82d3a77104dElliott Hughes GeneralSubtree subtree = 17858d8858e39800de641b50f6e8e864af9cf68bedeaNarayan Kamath new GeneralSubtree(name_constraints[i]); 1786561ee011997c6c2f1befbfaa9d5f0a99771c1d63Elliott Hughes GeneralSubtrees subtrees = new GeneralSubtrees(); 1787561ee011997c6c2f1befbfaa9d5f0a99771c1d63Elliott Hughes NameConstraints constraints; 1788561ee011997c6c2f1befbfaa9d5f0a99771c1d63Elliott Hughes subtrees.addSubtree(subtree); 1789561ee011997c6c2f1befbfaa9d5f0a99771c1d63Elliott Hughes // start the checking for each alt. name corresponding 1790561ee011997c6c2f1befbfaa9d5f0a99771c1d63Elliott Hughes // to current name_constraints[i] 1791561ee011997c6c2f1befbfaa9d5f0a99771c1d63Elliott Hughes boolean check_matching = true; 17928d8858e39800de641b50f6e8e864af9cf68bedeaNarayan Kamath for (int j = 0; j < alternative_names[i].length; j++) { 1793561ee011997c6c2f1befbfaa9d5f0a99771c1d63Elliott Hughes GeneralNames alt_names_extension = new GeneralNames(); 1794561ee011997c6c2f1befbfaa9d5f0a99771c1d63Elliott Hughes if (alternative_names[i][j] == null) { 1795e98fbf8686c5289bf03fe5c3de7ff82d3a77104dElliott Hughes // double trick: turn the switch and check that the 1796e98fbf8686c5289bf03fe5c3de7ff82d3a77104dElliott Hughes // restrictions apply only when the specified name 1797561ee011997c6c2f1befbfaa9d5f0a99771c1d63Elliott Hughes // form is presented. If no name of the type is in the 1798e98fbf8686c5289bf03fe5c3de7ff82d3a77104dElliott Hughes // certificate, the certificate is acceptable. 1799561ee011997c6c2f1befbfaa9d5f0a99771c1d63Elliott Hughes check_matching = false; 1800561ee011997c6c2f1befbfaa9d5f0a99771c1d63Elliott Hughes } else { 1801561ee011997c6c2f1befbfaa9d5f0a99771c1d63Elliott Hughes alt_names_extension.addName(alternative_names[i][j]); 1802561ee011997c6c2f1befbfaa9d5f0a99771c1d63Elliott Hughes } 1803561ee011997c6c2f1befbfaa9d5f0a99771c1d63Elliott Hughes TestCert certificate = new TestCert(alt_names_extension); 1804561ee011997c6c2f1befbfaa9d5f0a99771c1d63Elliott Hughes certificate.setSubject(x500Subject); 1805e98fbf8686c5289bf03fe5c3de7ff82d3a77104dElliott Hughes certificate.setEncoding(getCertEncoding(nameSubject, 18068d8858e39800de641b50f6e8e864af9cf68bedeaNarayan Kamath alt_names_extension)); 1807561ee011997c6c2f1befbfaa9d5f0a99771c1d63Elliott Hughes // first check if permited name match 1808561ee011997c6c2f1befbfaa9d5f0a99771c1d63Elliott Hughes constraints = new NameConstraints(subtrees, null); 1809561ee011997c6c2f1befbfaa9d5f0a99771c1d63Elliott Hughes selector.setNameConstraints(constraints.getEncoded()); 1810561ee011997c6c2f1befbfaa9d5f0a99771c1d63Elliott Hughes boolean expected = check_matching 18118d8858e39800de641b50f6e8e864af9cf68bedeaNarayan Kamath || (alternative_names[i][j] == null); 1812e98fbf8686c5289bf03fe5c3de7ff82d3a77104dElliott Hughes assertTrue("The method match() for:\n " 18138d8858e39800de641b50f6e8e864af9cf68bedeaNarayan Kamath + alternative_names[i][j] 18148d8858e39800de641b50f6e8e864af9cf68bedeaNarayan Kamath + "\nand permited name\n " 18158d8858e39800de641b50f6e8e864af9cf68bedeaNarayan Kamath + name_constraints[i] 18168d8858e39800de641b50f6e8e864af9cf68bedeaNarayan Kamath + "\nshould return: " + expected, 18178d8858e39800de641b50f6e8e864af9cf68bedeaNarayan Kamath selector.match(certificate) == expected); 1818561ee011997c6c2f1befbfaa9d5f0a99771c1d63Elliott Hughes // second check if excluded name does not match 1819e98fbf8686c5289bf03fe5c3de7ff82d3a77104dElliott Hughes constraints = (check_matching) 18208d8858e39800de641b50f6e8e864af9cf68bedeaNarayan Kamath // check for 'Any name matching a 18218d8858e39800de641b50f6e8e864af9cf68bedeaNarayan Kamath // restriction in the excludedSubtrees 18228d8858e39800de641b50f6e8e864af9cf68bedeaNarayan Kamath // field is invalid regardless of 18238d8858e39800de641b50f6e8e864af9cf68bedeaNarayan Kamath // information appearing in the 18248d8858e39800de641b50f6e8e864af9cf68bedeaNarayan Kamath // permittedSubtrees'. 18258d8858e39800de641b50f6e8e864af9cf68bedeaNarayan Kamath ? new NameConstraints(subtrees, subtrees) 18268d8858e39800de641b50f6e8e864af9cf68bedeaNarayan Kamath : new NameConstraints(null, subtrees); 1827561ee011997c6c2f1befbfaa9d5f0a99771c1d63Elliott Hughes selector.setNameConstraints(constraints.getEncoded()); 1828561ee011997c6c2f1befbfaa9d5f0a99771c1d63Elliott Hughes expected = !check_matching 18298d8858e39800de641b50f6e8e864af9cf68bedeaNarayan Kamath || (alternative_names[i][j] == null); 1830e98fbf8686c5289bf03fe5c3de7ff82d3a77104dElliott Hughes assertTrue("The method match() for:\n " 18318d8858e39800de641b50f6e8e864af9cf68bedeaNarayan Kamath + alternative_names[i][j] 18328d8858e39800de641b50f6e8e864af9cf68bedeaNarayan Kamath + "\nand excluded name\n " 18338d8858e39800de641b50f6e8e864af9cf68bedeaNarayan Kamath + name_constraints[i] 18348d8858e39800de641b50f6e8e864af9cf68bedeaNarayan Kamath + "\nshould return: " + expected, 18358d8858e39800de641b50f6e8e864af9cf68bedeaNarayan Kamath selector.match(certificate) == expected); 1836561ee011997c6c2f1befbfaa9d5f0a99771c1d63Elliott Hughes } 1837561ee011997c6c2f1befbfaa9d5f0a99771c1d63Elliott Hughes } 1838561ee011997c6c2f1befbfaa9d5f0a99771c1d63Elliott Hughes } catch (IOException e) { 1839561ee011997c6c2f1befbfaa9d5f0a99771c1d63Elliott Hughes e.printStackTrace(); 1840561ee011997c6c2f1befbfaa9d5f0a99771c1d63Elliott Hughes fail("Unexpected IOException was thrown."); 1841561ee011997c6c2f1befbfaa9d5f0a99771c1d63Elliott Hughes } 1842561ee011997c6c2f1befbfaa9d5f0a99771c1d63Elliott Hughes } 1843561ee011997c6c2f1befbfaa9d5f0a99771c1d63Elliott Hughes 1844561ee011997c6c2f1befbfaa9d5f0a99771c1d63Elliott Hughes /** 1845561ee011997c6c2f1befbfaa9d5f0a99771c1d63Elliott Hughes * setNameConstraints(byte[] bytes) method testing. 1846561ee011997c6c2f1befbfaa9d5f0a99771c1d63Elliott Hughes * Constructs the NameConstraints DER structure with 1847561ee011997c6c2f1befbfaa9d5f0a99771c1d63Elliott Hughes * GeneralNames of types: 1, 2, 6, 7 and set it as a criterion. 1848561ee011997c6c2f1befbfaa9d5f0a99771c1d63Elliott Hughes */ 1849561ee011997c6c2f1befbfaa9d5f0a99771c1d63Elliott Hughes public void testSetNameConstraints1() throws IOException { 1850561ee011997c6c2f1befbfaa9d5f0a99771c1d63Elliott Hughes 18518d8858e39800de641b50f6e8e864af9cf68bedeaNarayan Kamath GeneralName[] name_constraints = new GeneralName[] { 18528d8858e39800de641b50f6e8e864af9cf68bedeaNarayan Kamath new GeneralName(1, "822.Name"), 18538d8858e39800de641b50f6e8e864af9cf68bedeaNarayan Kamath new GeneralName(1, "rfc@822.Name"), 18548d8858e39800de641b50f6e8e864af9cf68bedeaNarayan Kamath new GeneralName(2, "Name.org"), 18558d8858e39800de641b50f6e8e864af9cf68bedeaNarayan Kamath new GeneralName(2, "dNS.Name.org"), 18568d8858e39800de641b50f6e8e864af9cf68bedeaNarayan Kamath new GeneralName(6, "http://.Resource.Id"), 18578d8858e39800de641b50f6e8e864af9cf68bedeaNarayan Kamath new GeneralName(6, "http://uniform.Resource.Id"), 18588d8858e39800de641b50f6e8e864af9cf68bedeaNarayan Kamath new GeneralName(7, "1.1.1.1"), 18598d8858e39800de641b50f6e8e864af9cf68bedeaNarayan Kamath new GeneralName(7, "1.1.1.1/3.3.3.3"), 18608d8858e39800de641b50f6e8e864af9cf68bedeaNarayan Kamath new GeneralName(7, "0101:0101:0101:0101:0101:0101:0101:0101"), 18618d8858e39800de641b50f6e8e864af9cf68bedeaNarayan Kamath new GeneralName(7, "0101:0101:0101:0101:0101:0101:0101:0101" 18628d8858e39800de641b50f6e8e864af9cf68bedeaNarayan Kamath + "/0303:0303:0303:0303:0303:0303:0303:0303"), 1863561ee011997c6c2f1befbfaa9d5f0a99771c1d63Elliott Hughes }; 1864561ee011997c6c2f1befbfaa9d5f0a99771c1d63Elliott Hughes 1865e98fbf8686c5289bf03fe5c3de7ff82d3a77104dElliott Hughes // Names which should match divided from names which should not 1866561ee011997c6c2f1befbfaa9d5f0a99771c1d63Elliott Hughes // match by null. 1867e98fbf8686c5289bf03fe5c3de7ff82d3a77104dElliott Hughes // Restrictions apply only when the specified name form is present. 1868e98fbf8686c5289bf03fe5c3de7ff82d3a77104dElliott Hughes // If no name of the type is in the certificate, the certificate 1869561ee011997c6c2f1befbfaa9d5f0a99771c1d63Elliott Hughes // is acceptable (rfc 3280). This assertion is checked during processing 1870561ee011997c6c2f1befbfaa9d5f0a99771c1d63Elliott Hughes // of null GeneralName object (it also serves as separator). 1871561ee011997c6c2f1befbfaa9d5f0a99771c1d63Elliott Hughes GeneralName[][] alternative_names = new GeneralName[][] { 18728d8858e39800de641b50f6e8e864af9cf68bedeaNarayan Kamath { 18738d8858e39800de641b50f6e8e864af9cf68bedeaNarayan Kamath new GeneralName(1, "rfc@822.Name"), 18748d8858e39800de641b50f6e8e864af9cf68bedeaNarayan Kamath null, 18758d8858e39800de641b50f6e8e864af9cf68bedeaNarayan Kamath new GeneralName(1, "rfc@Other.Name") 18768d8858e39800de641b50f6e8e864af9cf68bedeaNarayan Kamath }, { 1877561ee011997c6c2f1befbfaa9d5f0a99771c1d63Elliott Hughes new GeneralName(1, "rfc@822.Name"), 1878561ee011997c6c2f1befbfaa9d5f0a99771c1d63Elliott Hughes null, 1879561ee011997c6c2f1befbfaa9d5f0a99771c1d63Elliott Hughes new GeneralName(1, "rfc@Other.Name") 18808d8858e39800de641b50f6e8e864af9cf68bedeaNarayan Kamath }, { 1881561ee011997c6c2f1befbfaa9d5f0a99771c1d63Elliott Hughes new GeneralName(2, "Name.org"), 1882561ee011997c6c2f1befbfaa9d5f0a99771c1d63Elliott Hughes new GeneralName(2, "dNS.Name.org"), 1883561ee011997c6c2f1befbfaa9d5f0a99771c1d63Elliott Hughes null, 1884561ee011997c6c2f1befbfaa9d5f0a99771c1d63Elliott Hughes new GeneralName(2, "dNS.OtherName.org") 18858d8858e39800de641b50f6e8e864af9cf68bedeaNarayan Kamath }, { 1886561ee011997c6c2f1befbfaa9d5f0a99771c1d63Elliott Hughes new GeneralName(2, "dNS.Name.org"), 1887561ee011997c6c2f1befbfaa9d5f0a99771c1d63Elliott Hughes null, 1888561ee011997c6c2f1befbfaa9d5f0a99771c1d63Elliott Hughes new GeneralName(2, "Name.org"), 1889561ee011997c6c2f1befbfaa9d5f0a99771c1d63Elliott Hughes new GeneralName(2, "dNS.OtherName.org") 18908d8858e39800de641b50f6e8e864af9cf68bedeaNarayan Kamath }, { 1891e98fbf8686c5289bf03fe5c3de7ff82d3a77104dElliott Hughes 1892561ee011997c6c2f1befbfaa9d5f0a99771c1d63Elliott Hughes new GeneralName(6, "http://uniform.Resource.Id/location"), 1893561ee011997c6c2f1befbfaa9d5f0a99771c1d63Elliott Hughes null, 1894561ee011997c6c2f1befbfaa9d5f0a99771c1d63Elliott Hughes new GeneralName(6, "http://Resource.Id") 18958d8858e39800de641b50f6e8e864af9cf68bedeaNarayan Kamath }, { 1896561ee011997c6c2f1befbfaa9d5f0a99771c1d63Elliott Hughes new GeneralName(6, "http://uniform.Resource.Id"), 1897561ee011997c6c2f1befbfaa9d5f0a99771c1d63Elliott Hughes null, 1898561ee011997c6c2f1befbfaa9d5f0a99771c1d63Elliott Hughes new GeneralName(6, "http://Resource.Id") 18998d8858e39800de641b50f6e8e864af9cf68bedeaNarayan Kamath }, { 19008d8858e39800de641b50f6e8e864af9cf68bedeaNarayan Kamath new GeneralName(new byte[] { 1, 1, 1, 1 }), 1901561ee011997c6c2f1befbfaa9d5f0a99771c1d63Elliott Hughes null, 19028d8858e39800de641b50f6e8e864af9cf68bedeaNarayan Kamath new GeneralName(new byte[] { 2, 2, 2, 2 }) 19038d8858e39800de641b50f6e8e864af9cf68bedeaNarayan Kamath }, { 19048d8858e39800de641b50f6e8e864af9cf68bedeaNarayan Kamath new GeneralName(new byte[] { 1, 1, 1, 1 }), 19058d8858e39800de641b50f6e8e864af9cf68bedeaNarayan Kamath new GeneralName(new byte[] { 2, 2, 2, 2 }), 19068d8858e39800de641b50f6e8e864af9cf68bedeaNarayan Kamath new GeneralName(new byte[] { 3, 3, 3, 3 }), 1907561ee011997c6c2f1befbfaa9d5f0a99771c1d63Elliott Hughes null, 19088d8858e39800de641b50f6e8e864af9cf68bedeaNarayan Kamath new GeneralName(new byte[] { 4, 4, 4, 4 }) 19098d8858e39800de641b50f6e8e864af9cf68bedeaNarayan Kamath }, { 19108d8858e39800de641b50f6e8e864af9cf68bedeaNarayan Kamath new GeneralName(new byte[] { 1, 1, 1, 1, 1, 1, 1, 1, 19118d8858e39800de641b50f6e8e864af9cf68bedeaNarayan Kamath 1, 1, 1, 1, 1, 1, 1, 1 }), 1912561ee011997c6c2f1befbfaa9d5f0a99771c1d63Elliott Hughes null, 19138d8858e39800de641b50f6e8e864af9cf68bedeaNarayan Kamath new GeneralName(new byte[] { 2, 2, 2, 2, 2, 2, 2, 2, 19148d8858e39800de641b50f6e8e864af9cf68bedeaNarayan Kamath 2, 2, 2, 2, 2, 2, 2, 2 }), 19158d8858e39800de641b50f6e8e864af9cf68bedeaNarayan Kamath }, { 19168d8858e39800de641b50f6e8e864af9cf68bedeaNarayan Kamath new GeneralName(new byte[] { 1, 1, 1, 1, 1, 1, 1, 1, 19178d8858e39800de641b50f6e8e864af9cf68bedeaNarayan Kamath 1, 1, 1, 1, 1, 1, 1, 1 }), 19188d8858e39800de641b50f6e8e864af9cf68bedeaNarayan Kamath new GeneralName(new byte[] { 2, 2, 2, 2, 2, 2, 2, 2, 19198d8858e39800de641b50f6e8e864af9cf68bedeaNarayan Kamath 2, 2, 2, 2, 2, 2, 2, 2 }), 19208d8858e39800de641b50f6e8e864af9cf68bedeaNarayan Kamath new GeneralName(new byte[] { 3, 3, 3, 3, 3, 3, 3, 3, 19218d8858e39800de641b50f6e8e864af9cf68bedeaNarayan Kamath 3, 3, 3, 3, 3, 3, 3, 3 }), 1922561ee011997c6c2f1befbfaa9d5f0a99771c1d63Elliott Hughes null, 19238d8858e39800de641b50f6e8e864af9cf68bedeaNarayan Kamath new GeneralName(new byte[] { 4, 4, 4, 4, 4, 4, 4, 4, 19248d8858e39800de641b50f6e8e864af9cf68bedeaNarayan Kamath 4, 4, 4, 4, 4, 4, 4, 4 }), 19258d8858e39800de641b50f6e8e864af9cf68bedeaNarayan Kamath } 1926561ee011997c6c2f1befbfaa9d5f0a99771c1d63Elliott Hughes }; 1927561ee011997c6c2f1befbfaa9d5f0a99771c1d63Elliott Hughes 1928561ee011997c6c2f1befbfaa9d5f0a99771c1d63Elliott Hughes X509CertSelector selector = new X509CertSelector(); 1929561ee011997c6c2f1befbfaa9d5f0a99771c1d63Elliott Hughes String subject = "O=Organization"; 1930561ee011997c6c2f1befbfaa9d5f0a99771c1d63Elliott Hughes X500Principal x500Subject = new X500Principal(subject); 1931561ee011997c6c2f1befbfaa9d5f0a99771c1d63Elliott Hughes try { 1932561ee011997c6c2f1befbfaa9d5f0a99771c1d63Elliott Hughes Name nameSubject = new Name(subject); 19338d8858e39800de641b50f6e8e864af9cf68bedeaNarayan Kamath for (int i = 0; i < name_constraints.length; i++) { 1934561ee011997c6c2f1befbfaa9d5f0a99771c1d63Elliott Hughes // make the subtrees (part of name constraints) 1935561ee011997c6c2f1befbfaa9d5f0a99771c1d63Elliott Hughes // this subtrees will be used as permited and as excluded 1936e98fbf8686c5289bf03fe5c3de7ff82d3a77104dElliott Hughes GeneralSubtree subtree = 19378d8858e39800de641b50f6e8e864af9cf68bedeaNarayan Kamath new GeneralSubtree(name_constraints[i]); 1938561ee011997c6c2f1befbfaa9d5f0a99771c1d63Elliott Hughes GeneralSubtrees subtrees = new GeneralSubtrees(); 1939561ee011997c6c2f1befbfaa9d5f0a99771c1d63Elliott Hughes NameConstraints constraints; 1940561ee011997c6c2f1befbfaa9d5f0a99771c1d63Elliott Hughes subtrees.addSubtree(subtree); 1941561ee011997c6c2f1befbfaa9d5f0a99771c1d63Elliott Hughes // start the checking for each alt. name corresponding 1942561ee011997c6c2f1befbfaa9d5f0a99771c1d63Elliott Hughes // to current name_constraints[i] 1943561ee011997c6c2f1befbfaa9d5f0a99771c1d63Elliott Hughes boolean check_matching = true; 19448d8858e39800de641b50f6e8e864af9cf68bedeaNarayan Kamath for (int j = 0; j < alternative_names[i].length; j++) { 1945561ee011997c6c2f1befbfaa9d5f0a99771c1d63Elliott Hughes GeneralNames alt_names_extension = new GeneralNames(); 1946561ee011997c6c2f1befbfaa9d5f0a99771c1d63Elliott Hughes if (alternative_names[i][j] == null) { 1947e98fbf8686c5289bf03fe5c3de7ff82d3a77104dElliott Hughes // double trick: turn the switch and check that the 1948e98fbf8686c5289bf03fe5c3de7ff82d3a77104dElliott Hughes // restrictions apply only when the specified name 1949561ee011997c6c2f1befbfaa9d5f0a99771c1d63Elliott Hughes // form is presented. If no name of the type is in the 1950e98fbf8686c5289bf03fe5c3de7ff82d3a77104dElliott Hughes // certificate, the certificate is acceptable. 1951561ee011997c6c2f1befbfaa9d5f0a99771c1d63Elliott Hughes check_matching = false; 1952561ee011997c6c2f1befbfaa9d5f0a99771c1d63Elliott Hughes } else { 1953561ee011997c6c2f1befbfaa9d5f0a99771c1d63Elliott Hughes alt_names_extension.addName(alternative_names[i][j]); 1954561ee011997c6c2f1befbfaa9d5f0a99771c1d63Elliott Hughes } 1955561ee011997c6c2f1befbfaa9d5f0a99771c1d63Elliott Hughes TestCert certificate = new TestCert(alt_names_extension); 1956561ee011997c6c2f1befbfaa9d5f0a99771c1d63Elliott Hughes certificate.setSubject(x500Subject); 1957e98fbf8686c5289bf03fe5c3de7ff82d3a77104dElliott Hughes certificate.setEncoding(getCertEncoding(nameSubject, 19588d8858e39800de641b50f6e8e864af9cf68bedeaNarayan Kamath alt_names_extension)); 1959561ee011997c6c2f1befbfaa9d5f0a99771c1d63Elliott Hughes // first check if permited name match 1960561ee011997c6c2f1befbfaa9d5f0a99771c1d63Elliott Hughes constraints = new NameConstraints(subtrees, null); 1961561ee011997c6c2f1befbfaa9d5f0a99771c1d63Elliott Hughes selector.setNameConstraints(constraints.getEncoded()); 1962561ee011997c6c2f1befbfaa9d5f0a99771c1d63Elliott Hughes boolean expected = check_matching 19638d8858e39800de641b50f6e8e864af9cf68bedeaNarayan Kamath || (alternative_names[i][j] == null); 1964e98fbf8686c5289bf03fe5c3de7ff82d3a77104dElliott Hughes assertTrue("The method match() for:\n " 19658d8858e39800de641b50f6e8e864af9cf68bedeaNarayan Kamath + alternative_names[i][j] 19668d8858e39800de641b50f6e8e864af9cf68bedeaNarayan Kamath + "\nand permited name\n " 19678d8858e39800de641b50f6e8e864af9cf68bedeaNarayan Kamath + name_constraints[i] 19688d8858e39800de641b50f6e8e864af9cf68bedeaNarayan Kamath + "\nshould return: " + expected, 19698d8858e39800de641b50f6e8e864af9cf68bedeaNarayan Kamath selector.match(certificate) == expected); 1970561ee011997c6c2f1befbfaa9d5f0a99771c1d63Elliott Hughes // second check if excluded name does not match 1971e98fbf8686c5289bf03fe5c3de7ff82d3a77104dElliott Hughes constraints = (check_matching) 19728d8858e39800de641b50f6e8e864af9cf68bedeaNarayan Kamath // check for 'Any name matching a 19738d8858e39800de641b50f6e8e864af9cf68bedeaNarayan Kamath // restriction in the excludedSubtrees 19748d8858e39800de641b50f6e8e864af9cf68bedeaNarayan Kamath // field is invalid regardless of 19758d8858e39800de641b50f6e8e864af9cf68bedeaNarayan Kamath // information appearing in the 19768d8858e39800de641b50f6e8e864af9cf68bedeaNarayan Kamath // permittedSubtrees'. 19778d8858e39800de641b50f6e8e864af9cf68bedeaNarayan Kamath ? new NameConstraints(subtrees, subtrees) 19788d8858e39800de641b50f6e8e864af9cf68bedeaNarayan Kamath : new NameConstraints(null, subtrees); 1979561ee011997c6c2f1befbfaa9d5f0a99771c1d63Elliott Hughes selector.setNameConstraints(constraints.getEncoded()); 1980561ee011997c6c2f1befbfaa9d5f0a99771c1d63Elliott Hughes expected = !check_matching 19818d8858e39800de641b50f6e8e864af9cf68bedeaNarayan Kamath || (alternative_names[i][j] == null); 1982e98fbf8686c5289bf03fe5c3de7ff82d3a77104dElliott Hughes assertTrue("The method match() for:\n " 19838d8858e39800de641b50f6e8e864af9cf68bedeaNarayan Kamath + alternative_names[i][j] 19848d8858e39800de641b50f6e8e864af9cf68bedeaNarayan Kamath + "\nand excluded name\n " 19858d8858e39800de641b50f6e8e864af9cf68bedeaNarayan Kamath + name_constraints[i] 19868d8858e39800de641b50f6e8e864af9cf68bedeaNarayan Kamath + "\nshould return: " + expected, 19878d8858e39800de641b50f6e8e864af9cf68bedeaNarayan Kamath selector.match(certificate) == expected); 1988561ee011997c6c2f1befbfaa9d5f0a99771c1d63Elliott Hughes } 1989561ee011997c6c2f1befbfaa9d5f0a99771c1d63Elliott Hughes } 1990561ee011997c6c2f1befbfaa9d5f0a99771c1d63Elliott Hughes } catch (IOException e) { 1991561ee011997c6c2f1befbfaa9d5f0a99771c1d63Elliott Hughes e.printStackTrace(); 1992561ee011997c6c2f1befbfaa9d5f0a99771c1d63Elliott Hughes fail("Unexpected IOException was thrown."); 1993561ee011997c6c2f1befbfaa9d5f0a99771c1d63Elliott Hughes } 1994561ee011997c6c2f1befbfaa9d5f0a99771c1d63Elliott Hughes } 1995561ee011997c6c2f1befbfaa9d5f0a99771c1d63Elliott Hughes 1996561ee011997c6c2f1befbfaa9d5f0a99771c1d63Elliott Hughes /** 1997561ee011997c6c2f1befbfaa9d5f0a99771c1d63Elliott Hughes * setNameConstraints(byte[] bytes) method testing. 1998561ee011997c6c2f1befbfaa9d5f0a99771c1d63Elliott Hughes * Constructs the different NameConstraints DER structures with 1999561ee011997c6c2f1befbfaa9d5f0a99771c1d63Elliott Hughes * GeneralNames of type 4 and checks if the different certificates 2000561ee011997c6c2f1befbfaa9d5f0a99771c1d63Elliott Hughes * matches or does not. 2001561ee011997c6c2f1befbfaa9d5f0a99771c1d63Elliott Hughes */ 2002561ee011997c6c2f1befbfaa9d5f0a99771c1d63Elliott Hughes public void testSetNameConstraints2() { 2003561ee011997c6c2f1befbfaa9d5f0a99771c1d63Elliott Hughes // As specified in rfc 3280: 2004561ee011997c6c2f1befbfaa9d5f0a99771c1d63Elliott Hughes // 2005561ee011997c6c2f1befbfaa9d5f0a99771c1d63Elliott Hughes // Restrictions apply only when the specified name form is present. 2006e98fbf8686c5289bf03fe5c3de7ff82d3a77104dElliott Hughes // If no name of the type is in the certificate, 2007561ee011997c6c2f1befbfaa9d5f0a99771c1d63Elliott Hughes // the certificate is acceptable. 2008561ee011997c6c2f1befbfaa9d5f0a99771c1d63Elliott Hughes // 2009e98fbf8686c5289bf03fe5c3de7ff82d3a77104dElliott Hughes // Restrictions of the form directoryName MUST be applied to the 2010e98fbf8686c5289bf03fe5c3de7ff82d3a77104dElliott Hughes // subject field in the certificate and to the subjectAltName 2011561ee011997c6c2f1befbfaa9d5f0a99771c1d63Elliott Hughes // extensions of type directoryName. 2012e98fbf8686c5289bf03fe5c3de7ff82d3a77104dElliott Hughes // 2013561ee011997c6c2f1befbfaa9d5f0a99771c1d63Elliott Hughes // According to p. 4.1.2.4 comparing the encoded forms of the names. 2014561ee011997c6c2f1befbfaa9d5f0a99771c1d63Elliott Hughes 2015561ee011997c6c2f1befbfaa9d5f0a99771c1d63Elliott Hughes String[][] variants = new String[][] { 20168d8858e39800de641b50f6e8e864af9cf68bedeaNarayan Kamath // subject Alternative Presented name Absent name 20178d8858e39800de641b50f6e8e864af9cf68bedeaNarayan Kamath // name name perm(t)/excl(f) perm(f)/excl(t) 20188d8858e39800de641b50f6e8e864af9cf68bedeaNarayan Kamath { "O=Org", "O=Org", "O=Org", "O=Org2" }, 20198d8858e39800de641b50f6e8e864af9cf68bedeaNarayan Kamath { "O=Org", "O=Org1", "O=Org", "O=Org2" }, 20208d8858e39800de641b50f6e8e864af9cf68bedeaNarayan Kamath { "O=Org1", "O=Org", "O=Org", "O=Org2" }, 2021561ee011997c6c2f1befbfaa9d5f0a99771c1d63Elliott Hughes }; 2022561ee011997c6c2f1befbfaa9d5f0a99771c1d63Elliott Hughes 2023561ee011997c6c2f1befbfaa9d5f0a99771c1d63Elliott Hughes X509CertSelector selector = new X509CertSelector(); 2024561ee011997c6c2f1befbfaa9d5f0a99771c1d63Elliott Hughes try { 20258d8858e39800de641b50f6e8e864af9cf68bedeaNarayan Kamath for (int i = 0; i < variants.length; i++) { 2026561ee011997c6c2f1befbfaa9d5f0a99771c1d63Elliott Hughes // make the names objects 2027561ee011997c6c2f1befbfaa9d5f0a99771c1d63Elliott Hughes X500Principal subject = new X500Principal(variants[i][0]); 2028561ee011997c6c2f1befbfaa9d5f0a99771c1d63Elliott Hughes Name subject_name = new Name(variants[i][0]); 2029561ee011997c6c2f1befbfaa9d5f0a99771c1d63Elliott Hughes GeneralName alt_name = new GeneralName(4, variants[i][1]); 2030561ee011997c6c2f1befbfaa9d5f0a99771c1d63Elliott Hughes // make the certificate to be checked 2031561ee011997c6c2f1befbfaa9d5f0a99771c1d63Elliott Hughes GeneralNames alt_names_extension = new GeneralNames(); 2032561ee011997c6c2f1befbfaa9d5f0a99771c1d63Elliott Hughes alt_names_extension.addName(alt_name); 2033561ee011997c6c2f1befbfaa9d5f0a99771c1d63Elliott Hughes TestCert certificate = new TestCert(alt_names_extension); 2034561ee011997c6c2f1befbfaa9d5f0a99771c1d63Elliott Hughes certificate.setSubject(subject); 2035e98fbf8686c5289bf03fe5c3de7ff82d3a77104dElliott Hughes certificate.setEncoding(getCertEncoding(subject_name, 20368d8858e39800de641b50f6e8e864af9cf68bedeaNarayan Kamath alt_names_extension)); 2037561ee011997c6c2f1befbfaa9d5f0a99771c1d63Elliott Hughes // make the subtrees (part of name constraints) 2038561ee011997c6c2f1befbfaa9d5f0a99771c1d63Elliott Hughes // this subtrees will be used as permited and as excluded 2039561ee011997c6c2f1befbfaa9d5f0a99771c1d63Elliott Hughes // name which is presented in certificate: 2040561ee011997c6c2f1befbfaa9d5f0a99771c1d63Elliott Hughes GeneralSubtrees pos_subtrees = new GeneralSubtrees(); 2041561ee011997c6c2f1befbfaa9d5f0a99771c1d63Elliott Hughes pos_subtrees.addSubtree( 2042561ee011997c6c2f1befbfaa9d5f0a99771c1d63Elliott Hughes new GeneralSubtree( 20438d8858e39800de641b50f6e8e864af9cf68bedeaNarayan Kamath new GeneralName(4, variants[i][2]))); 2044561ee011997c6c2f1befbfaa9d5f0a99771c1d63Elliott Hughes // name which is absent in certificate: 2045561ee011997c6c2f1befbfaa9d5f0a99771c1d63Elliott Hughes GeneralSubtrees neg_subtrees = new GeneralSubtrees(); 2046561ee011997c6c2f1befbfaa9d5f0a99771c1d63Elliott Hughes neg_subtrees.addSubtree( 2047561ee011997c6c2f1befbfaa9d5f0a99771c1d63Elliott Hughes new GeneralSubtree( 20488d8858e39800de641b50f6e8e864af9cf68bedeaNarayan Kamath new GeneralName(4, variants[i][3]))); 2049561ee011997c6c2f1befbfaa9d5f0a99771c1d63Elliott Hughes 2050561ee011997c6c2f1befbfaa9d5f0a99771c1d63Elliott Hughes NameConstraints constraints; 2051561ee011997c6c2f1befbfaa9d5f0a99771c1d63Elliott Hughes // Work with name which is presented in certificate 2052561ee011997c6c2f1befbfaa9d5f0a99771c1d63Elliott Hughes // first check if certificate with permited name matches: 2053561ee011997c6c2f1befbfaa9d5f0a99771c1d63Elliott Hughes constraints = new NameConstraints(pos_subtrees, null); 2054561ee011997c6c2f1befbfaa9d5f0a99771c1d63Elliott Hughes selector.setNameConstraints(constraints.getEncoded()); 2055561ee011997c6c2f1befbfaa9d5f0a99771c1d63Elliott Hughes assertTrue("The method match() for certificate " 20568d8858e39800de641b50f6e8e864af9cf68bedeaNarayan Kamath + "with subject:\n " 20578d8858e39800de641b50f6e8e864af9cf68bedeaNarayan Kamath + variants[i][0] 20588d8858e39800de641b50f6e8e864af9cf68bedeaNarayan Kamath + "\nand with alternative name:\n " 20598d8858e39800de641b50f6e8e864af9cf68bedeaNarayan Kamath + variants[i][1] 20608d8858e39800de641b50f6e8e864af9cf68bedeaNarayan Kamath + "\nand permited name\n " 20618d8858e39800de641b50f6e8e864af9cf68bedeaNarayan Kamath + variants[i][2] 20628d8858e39800de641b50f6e8e864af9cf68bedeaNarayan Kamath + "\nshould return true", 20638d8858e39800de641b50f6e8e864af9cf68bedeaNarayan Kamath selector.match(certificate)); 2064561ee011997c6c2f1befbfaa9d5f0a99771c1d63Elliott Hughes // second check if certificate with excluded name doesn't match: 2065561ee011997c6c2f1befbfaa9d5f0a99771c1d63Elliott Hughes constraints = new NameConstraints(pos_subtrees, pos_subtrees); 2066561ee011997c6c2f1befbfaa9d5f0a99771c1d63Elliott Hughes selector.setNameConstraints(constraints.getEncoded()); 2067561ee011997c6c2f1befbfaa9d5f0a99771c1d63Elliott Hughes assertTrue("The method match() for certificate " 20688d8858e39800de641b50f6e8e864af9cf68bedeaNarayan Kamath + "with subject:\n " 20698d8858e39800de641b50f6e8e864af9cf68bedeaNarayan Kamath + variants[i][0] 20708d8858e39800de641b50f6e8e864af9cf68bedeaNarayan Kamath + "\nand with alternative name:\n " 20718d8858e39800de641b50f6e8e864af9cf68bedeaNarayan Kamath + variants[i][1] 20728d8858e39800de641b50f6e8e864af9cf68bedeaNarayan Kamath + "\nand excluded name\n " 20738d8858e39800de641b50f6e8e864af9cf68bedeaNarayan Kamath + variants[i][2] 20748d8858e39800de641b50f6e8e864af9cf68bedeaNarayan Kamath + "\nshould return false", 20758d8858e39800de641b50f6e8e864af9cf68bedeaNarayan Kamath !selector.match(certificate)); 2076561ee011997c6c2f1befbfaa9d5f0a99771c1d63Elliott Hughes // Work with name which is not presented in certificate 2077e98fbf8686c5289bf03fe5c3de7ff82d3a77104dElliott Hughes // first check if the certificate without permited name 2078561ee011997c6c2f1befbfaa9d5f0a99771c1d63Elliott Hughes // does not match: 2079561ee011997c6c2f1befbfaa9d5f0a99771c1d63Elliott Hughes constraints = new NameConstraints(neg_subtrees, null); 2080561ee011997c6c2f1befbfaa9d5f0a99771c1d63Elliott Hughes selector.setNameConstraints(constraints.getEncoded()); 2081561ee011997c6c2f1befbfaa9d5f0a99771c1d63Elliott Hughes assertTrue("The method match() for certificate " 20828d8858e39800de641b50f6e8e864af9cf68bedeaNarayan Kamath + "with subject:\n " 20838d8858e39800de641b50f6e8e864af9cf68bedeaNarayan Kamath + variants[i][0] 20848d8858e39800de641b50f6e8e864af9cf68bedeaNarayan Kamath + "\nand with alternative name:\n " 20858d8858e39800de641b50f6e8e864af9cf68bedeaNarayan Kamath + variants[i][1] 20868d8858e39800de641b50f6e8e864af9cf68bedeaNarayan Kamath + "\nand permited name\n " 20878d8858e39800de641b50f6e8e864af9cf68bedeaNarayan Kamath + variants[i][3] 20888d8858e39800de641b50f6e8e864af9cf68bedeaNarayan Kamath + "\nshould return false", 20898d8858e39800de641b50f6e8e864af9cf68bedeaNarayan Kamath !selector.match(certificate)); 2090561ee011997c6c2f1befbfaa9d5f0a99771c1d63Elliott Hughes // second check if certificate without excluded name matches: 2091561ee011997c6c2f1befbfaa9d5f0a99771c1d63Elliott Hughes constraints = new NameConstraints(neg_subtrees, neg_subtrees); 2092561ee011997c6c2f1befbfaa9d5f0a99771c1d63Elliott Hughes selector.setNameConstraints(constraints.getEncoded()); 2093561ee011997c6c2f1befbfaa9d5f0a99771c1d63Elliott Hughes assertTrue("The method match() for certificate " 20948d8858e39800de641b50f6e8e864af9cf68bedeaNarayan Kamath + "with subject:\n " 20958d8858e39800de641b50f6e8e864af9cf68bedeaNarayan Kamath + variants[i][0] 20968d8858e39800de641b50f6e8e864af9cf68bedeaNarayan Kamath + "\nand with alternative name:\n " 20978d8858e39800de641b50f6e8e864af9cf68bedeaNarayan Kamath + variants[i][1] 20988d8858e39800de641b50f6e8e864af9cf68bedeaNarayan Kamath + "\nand excluded name\n " 20998d8858e39800de641b50f6e8e864af9cf68bedeaNarayan Kamath + variants[i][3] 21008d8858e39800de641b50f6e8e864af9cf68bedeaNarayan Kamath + "\nshould return false", 21018d8858e39800de641b50f6e8e864af9cf68bedeaNarayan Kamath !selector.match(certificate)); 2102561ee011997c6c2f1befbfaa9d5f0a99771c1d63Elliott Hughes } 2103561ee011997c6c2f1befbfaa9d5f0a99771c1d63Elliott Hughes } catch (IOException e) { 2104561ee011997c6c2f1befbfaa9d5f0a99771c1d63Elliott Hughes e.printStackTrace(); 2105561ee011997c6c2f1befbfaa9d5f0a99771c1d63Elliott Hughes fail("Unexpected IOException was thrown."); 2106561ee011997c6c2f1befbfaa9d5f0a99771c1d63Elliott Hughes } 2107561ee011997c6c2f1befbfaa9d5f0a99771c1d63Elliott Hughes } 2108561ee011997c6c2f1befbfaa9d5f0a99771c1d63Elliott Hughes 2109561ee011997c6c2f1befbfaa9d5f0a99771c1d63Elliott Hughes /** 2110561ee011997c6c2f1befbfaa9d5f0a99771c1d63Elliott Hughes * Constructs the encoded form of certificate with specified subject field 2111561ee011997c6c2f1befbfaa9d5f0a99771c1d63Elliott Hughes * of TBSCertificate and specified alternative names. 2112561ee011997c6c2f1befbfaa9d5f0a99771c1d63Elliott Hughes */ 2113561ee011997c6c2f1befbfaa9d5f0a99771c1d63Elliott Hughes private byte[] getCertEncoding(Name subject, GeneralNames subjectAltNames) 21148d8858e39800de641b50f6e8e864af9cf68bedeaNarayan Kamath throws IOException { 2115561ee011997c6c2f1befbfaa9d5f0a99771c1d63Elliott Hughes // make the TBSCertificate for Certificate 2116561ee011997c6c2f1befbfaa9d5f0a99771c1d63Elliott Hughes int version = 2; //v3 2117e98fbf8686c5289bf03fe5c3de7ff82d3a77104dElliott Hughes BigInteger serialNumber = BigInteger.valueOf(555L); 2118561ee011997c6c2f1befbfaa9d5f0a99771c1d63Elliott Hughes AlgorithmIdentifier signature = new AlgorithmIdentifier("1.2.3.44.555"); 2119561ee011997c6c2f1befbfaa9d5f0a99771c1d63Elliott Hughes Name issuer = new Name("O=Certificate Issuer"); 2120e98fbf8686c5289bf03fe5c3de7ff82d3a77104dElliott Hughes Validity validity = new Validity(new Date(100000000), 21218d8858e39800de641b50f6e8e864af9cf68bedeaNarayan Kamath new Date(200000000)); 2122e98fbf8686c5289bf03fe5c3de7ff82d3a77104dElliott Hughes SubjectPublicKeyInfo subjectPublicKeyInfo = 21238d8858e39800de641b50f6e8e864af9cf68bedeaNarayan Kamath new SubjectPublicKeyInfo( 21248d8858e39800de641b50f6e8e864af9cf68bedeaNarayan Kamath new AlgorithmIdentifier("1.2.840.113549.1.1.2"), 21258d8858e39800de641b50f6e8e864af9cf68bedeaNarayan Kamath new byte[10]); 21268d8858e39800de641b50f6e8e864af9cf68bedeaNarayan Kamath boolean[] issuerUniqueID = new boolean[] 21278d8858e39800de641b50f6e8e864af9cf68bedeaNarayan Kamath { true, false, true, false, true, false, true, false }; 2128561ee011997c6c2f1befbfaa9d5f0a99771c1d63Elliott Hughes boolean[] subjectUniqueID = new boolean[] 21298d8858e39800de641b50f6e8e864af9cf68bedeaNarayan Kamath { false, true, false, true, false, true, false, true }; 2130561ee011997c6c2f1befbfaa9d5f0a99771c1d63Elliott Hughes 2131e98fbf8686c5289bf03fe5c3de7ff82d3a77104dElliott Hughes Extension extension = new Extension("2.5.29.17", 21328d8858e39800de641b50f6e8e864af9cf68bedeaNarayan Kamath true, subjectAltNames.getEncoded()); 2133561ee011997c6c2f1befbfaa9d5f0a99771c1d63Elliott Hughes Extensions extensions = new Extensions(); 2134561ee011997c6c2f1befbfaa9d5f0a99771c1d63Elliott Hughes extensions.addExtension(extension); 2135e98fbf8686c5289bf03fe5c3de7ff82d3a77104dElliott Hughes 2136e98fbf8686c5289bf03fe5c3de7ff82d3a77104dElliott Hughes TBSCertificate tbsCertificate = new TBSCertificate(version, 2137e98fbf8686c5289bf03fe5c3de7ff82d3a77104dElliott Hughes serialNumber, signature, issuer, validity, subject, 2138e98fbf8686c5289bf03fe5c3de7ff82d3a77104dElliott Hughes subjectPublicKeyInfo, issuerUniqueID, subjectUniqueID, 2139561ee011997c6c2f1befbfaa9d5f0a99771c1d63Elliott Hughes extensions); 2140561ee011997c6c2f1befbfaa9d5f0a99771c1d63Elliott Hughes 2141561ee011997c6c2f1befbfaa9d5f0a99771c1d63Elliott Hughes // make the Certificate 2142e98fbf8686c5289bf03fe5c3de7ff82d3a77104dElliott Hughes org.apache.harmony.security.x509.Certificate certificate = 21438d8858e39800de641b50f6e8e864af9cf68bedeaNarayan Kamath new org.apache.harmony.security.x509.Certificate 21448d8858e39800de641b50f6e8e864af9cf68bedeaNarayan Kamath (tbsCertificate, signature, new byte[10]); 2145561ee011997c6c2f1befbfaa9d5f0a99771c1d63Elliott Hughes 2146561ee011997c6c2f1befbfaa9d5f0a99771c1d63Elliott Hughes return certificate.getEncoded(); 2147561ee011997c6c2f1befbfaa9d5f0a99771c1d63Elliott Hughes } 2148561ee011997c6c2f1befbfaa9d5f0a99771c1d63Elliott Hughes 2149561ee011997c6c2f1befbfaa9d5f0a99771c1d63Elliott Hughes /** 2150561ee011997c6c2f1befbfaa9d5f0a99771c1d63Elliott Hughes * getNameConstraints() method testing. 2151561ee011997c6c2f1befbfaa9d5f0a99771c1d63Elliott Hughes */ 2152561ee011997c6c2f1befbfaa9d5f0a99771c1d63Elliott Hughes public void testGetNameConstraints() { 2153561ee011997c6c2f1befbfaa9d5f0a99771c1d63Elliott Hughes } 2154561ee011997c6c2f1befbfaa9d5f0a99771c1d63Elliott Hughes 2155561ee011997c6c2f1befbfaa9d5f0a99771c1d63Elliott Hughes /** 2156561ee011997c6c2f1befbfaa9d5f0a99771c1d63Elliott Hughes * setBasicConstraints(int minMaxPathLen) method testing. 2157561ee011997c6c2f1befbfaa9d5f0a99771c1d63Elliott Hughes */ 2158561ee011997c6c2f1befbfaa9d5f0a99771c1d63Elliott Hughes public void testSetBasicConstraints() { 2159561ee011997c6c2f1befbfaa9d5f0a99771c1d63Elliott Hughes try { 2160561ee011997c6c2f1befbfaa9d5f0a99771c1d63Elliott Hughes new X509CertSelector().setBasicConstraints(-3); 2161561ee011997c6c2f1befbfaa9d5f0a99771c1d63Elliott Hughes fail("IllegalArgumentException should be thrown."); 2162561ee011997c6c2f1befbfaa9d5f0a99771c1d63Elliott Hughes } catch (IllegalArgumentException e) { 2163561ee011997c6c2f1befbfaa9d5f0a99771c1d63Elliott Hughes } 2164e98fbf8686c5289bf03fe5c3de7ff82d3a77104dElliott Hughes 2165561ee011997c6c2f1befbfaa9d5f0a99771c1d63Elliott Hughes int plen1 = 2; 2166561ee011997c6c2f1befbfaa9d5f0a99771c1d63Elliott Hughes int plen2 = -1; 2167561ee011997c6c2f1befbfaa9d5f0a99771c1d63Elliott Hughes TestCert cert_1 = new TestCert(plen1); 2168561ee011997c6c2f1befbfaa9d5f0a99771c1d63Elliott Hughes TestCert cert_2 = new TestCert(plen2); 2169561ee011997c6c2f1befbfaa9d5f0a99771c1d63Elliott Hughes X509CertSelector selector = new X509CertSelector(); 2170561ee011997c6c2f1befbfaa9d5f0a99771c1d63Elliott Hughes 2171561ee011997c6c2f1befbfaa9d5f0a99771c1d63Elliott Hughes selector.setBasicConstraints(-1); 2172561ee011997c6c2f1befbfaa9d5f0a99771c1d63Elliott Hughes assertTrue("Any certificate should match in the case of -1 " 21738d8858e39800de641b50f6e8e864af9cf68bedeaNarayan Kamath + "pathLen criteria.", 21748d8858e39800de641b50f6e8e864af9cf68bedeaNarayan Kamath selector.match(cert_1) && selector.match(cert_2)); 2175561ee011997c6c2f1befbfaa9d5f0a99771c1d63Elliott Hughes selector.setBasicConstraints(plen1); 2176561ee011997c6c2f1befbfaa9d5f0a99771c1d63Elliott Hughes assertTrue("The certificate should match the selection criteria.", 21778d8858e39800de641b50f6e8e864af9cf68bedeaNarayan Kamath selector.match(cert_1)); 2178561ee011997c6c2f1befbfaa9d5f0a99771c1d63Elliott Hughes assertFalse("The certificate should not match the selection criteria.", 21798d8858e39800de641b50f6e8e864af9cf68bedeaNarayan Kamath selector.match(cert_2)); 2180561ee011997c6c2f1befbfaa9d5f0a99771c1d63Elliott Hughes selector.setBasicConstraints(plen2); 2181561ee011997c6c2f1befbfaa9d5f0a99771c1d63Elliott Hughes assertTrue("The certificate should match the selection criteria.", 21828d8858e39800de641b50f6e8e864af9cf68bedeaNarayan Kamath selector.match(cert_2)); 2183561ee011997c6c2f1befbfaa9d5f0a99771c1d63Elliott Hughes } 2184561ee011997c6c2f1befbfaa9d5f0a99771c1d63Elliott Hughes 2185561ee011997c6c2f1befbfaa9d5f0a99771c1d63Elliott Hughes /** 2186561ee011997c6c2f1befbfaa9d5f0a99771c1d63Elliott Hughes * getBasicConstraints() method testing. 2187561ee011997c6c2f1befbfaa9d5f0a99771c1d63Elliott Hughes */ 2188561ee011997c6c2f1befbfaa9d5f0a99771c1d63Elliott Hughes public void testGetBasicConstraints() { 2189561ee011997c6c2f1befbfaa9d5f0a99771c1d63Elliott Hughes int plen1 = 2; 2190561ee011997c6c2f1befbfaa9d5f0a99771c1d63Elliott Hughes int plen2 = -1; 2191561ee011997c6c2f1befbfaa9d5f0a99771c1d63Elliott Hughes X509CertSelector selector = new X509CertSelector(); 2192561ee011997c6c2f1befbfaa9d5f0a99771c1d63Elliott Hughes 2193e98fbf8686c5289bf03fe5c3de7ff82d3a77104dElliott Hughes assertEquals("Selector should return -1", 21948d8858e39800de641b50f6e8e864af9cf68bedeaNarayan Kamath selector.getBasicConstraints(), -1); 2195561ee011997c6c2f1befbfaa9d5f0a99771c1d63Elliott Hughes selector.setBasicConstraints(plen1); 2196561ee011997c6c2f1befbfaa9d5f0a99771c1d63Elliott Hughes assertEquals("The returned value should be equal to specified", 21978d8858e39800de641b50f6e8e864af9cf68bedeaNarayan Kamath plen1, selector.getBasicConstraints()); 2198561ee011997c6c2f1befbfaa9d5f0a99771c1d63Elliott Hughes assertFalse("The returned value should differ", 21998d8858e39800de641b50f6e8e864af9cf68bedeaNarayan Kamath plen2 == selector.getBasicConstraints()); 2200561ee011997c6c2f1befbfaa9d5f0a99771c1d63Elliott Hughes } 2201561ee011997c6c2f1befbfaa9d5f0a99771c1d63Elliott Hughes 2202561ee011997c6c2f1befbfaa9d5f0a99771c1d63Elliott Hughes /** 2203561ee011997c6c2f1befbfaa9d5f0a99771c1d63Elliott Hughes * setPolicy(Set<String> certPolicySet) method testing. 2204561ee011997c6c2f1befbfaa9d5f0a99771c1d63Elliott Hughes */ 2205561ee011997c6c2f1befbfaa9d5f0a99771c1d63Elliott Hughes public void testSetPolicy() { 2206561ee011997c6c2f1befbfaa9d5f0a99771c1d63Elliott Hughes String[] policies_1 = new String[] { 22078d8858e39800de641b50f6e8e864af9cf68bedeaNarayan Kamath "0.0.0.0.0.0", 22088d8858e39800de641b50f6e8e864af9cf68bedeaNarayan Kamath "1.1.1.1.1.1", 2209561ee011997c6c2f1befbfaa9d5f0a99771c1d63Elliott Hughes }; 2210561ee011997c6c2f1befbfaa9d5f0a99771c1d63Elliott Hughes String[] policies_2 = new String[] { 22118d8858e39800de641b50f6e8e864af9cf68bedeaNarayan Kamath "0.0.0.0.0.0", 22128d8858e39800de641b50f6e8e864af9cf68bedeaNarayan Kamath "1.1.1.1.1.1", 22138d8858e39800de641b50f6e8e864af9cf68bedeaNarayan Kamath "2.2.2.2.2.2" 2214561ee011997c6c2f1befbfaa9d5f0a99771c1d63Elliott Hughes }; 2215561ee011997c6c2f1befbfaa9d5f0a99771c1d63Elliott Hughes String[] policies_3 = new String[] { 22168d8858e39800de641b50f6e8e864af9cf68bedeaNarayan Kamath "2.2.2.2.2.2" 2217561ee011997c6c2f1befbfaa9d5f0a99771c1d63Elliott Hughes }; 22188d8858e39800de641b50f6e8e864af9cf68bedeaNarayan Kamath String[] policies_4 = new String[] { }; 2219561ee011997c6c2f1befbfaa9d5f0a99771c1d63Elliott Hughes X509CertSelector selector = new X509CertSelector(); 2220561ee011997c6c2f1befbfaa9d5f0a99771c1d63Elliott Hughes HashSet set = new HashSet(Arrays.asList(policies_1)); 2221561ee011997c6c2f1befbfaa9d5f0a99771c1d63Elliott Hughes try { 2222561ee011997c6c2f1befbfaa9d5f0a99771c1d63Elliott Hughes selector.setPolicy(set); 2223561ee011997c6c2f1befbfaa9d5f0a99771c1d63Elliott Hughes } catch (IOException e) { 2224561ee011997c6c2f1befbfaa9d5f0a99771c1d63Elliott Hughes e.printStackTrace(); 2225561ee011997c6c2f1befbfaa9d5f0a99771c1d63Elliott Hughes fail("Unexpected IOException was thrown."); 2226561ee011997c6c2f1befbfaa9d5f0a99771c1d63Elliott Hughes } 2227561ee011997c6c2f1befbfaa9d5f0a99771c1d63Elliott Hughes TestCert cert_1 = new TestCert(policies_1); 2228561ee011997c6c2f1befbfaa9d5f0a99771c1d63Elliott Hughes TestCert cert_2 = new TestCert(policies_2); 2229561ee011997c6c2f1befbfaa9d5f0a99771c1d63Elliott Hughes TestCert cert_3 = new TestCert(policies_3); 2230561ee011997c6c2f1befbfaa9d5f0a99771c1d63Elliott Hughes TestCert cert_4 = new TestCert(policies_4); 2231e98fbf8686c5289bf03fe5c3de7ff82d3a77104dElliott Hughes assertTrue("The certificate should match the specified criteria", 22328d8858e39800de641b50f6e8e864af9cf68bedeaNarayan Kamath selector.match(cert_1)); 2233e98fbf8686c5289bf03fe5c3de7ff82d3a77104dElliott Hughes assertTrue("The certificate should match the specified criteria", 22348d8858e39800de641b50f6e8e864af9cf68bedeaNarayan Kamath selector.match(cert_2)); 2235e98fbf8686c5289bf03fe5c3de7ff82d3a77104dElliott Hughes assertFalse("The certificate should not match the specified criteria", 22368d8858e39800de641b50f6e8e864af9cf68bedeaNarayan Kamath selector.match(cert_3)); 2237e98fbf8686c5289bf03fe5c3de7ff82d3a77104dElliott Hughes assertFalse("The certificate should not match the specified criteria", 22388d8858e39800de641b50f6e8e864af9cf68bedeaNarayan Kamath selector.match(cert_4)); 2239561ee011997c6c2f1befbfaa9d5f0a99771c1d63Elliott Hughes set.add("2.2.2.2.2.2"); 2240561ee011997c6c2f1befbfaa9d5f0a99771c1d63Elliott Hughes assertFalse("The modification of the set should not cause the " 22418d8858e39800de641b50f6e8e864af9cf68bedeaNarayan Kamath + "modification of internal object", 22428d8858e39800de641b50f6e8e864af9cf68bedeaNarayan Kamath selector.match(cert_3)); 2243561ee011997c6c2f1befbfaa9d5f0a99771c1d63Elliott Hughes set = new HashSet(); 2244561ee011997c6c2f1befbfaa9d5f0a99771c1d63Elliott Hughes try { 2245561ee011997c6c2f1befbfaa9d5f0a99771c1d63Elliott Hughes selector.setPolicy(set); 2246561ee011997c6c2f1befbfaa9d5f0a99771c1d63Elliott Hughes } catch (IOException e) { 2247561ee011997c6c2f1befbfaa9d5f0a99771c1d63Elliott Hughes e.printStackTrace(); 2248561ee011997c6c2f1befbfaa9d5f0a99771c1d63Elliott Hughes fail("Unexpected IOException was thrown."); 2249561ee011997c6c2f1befbfaa9d5f0a99771c1d63Elliott Hughes } 2250e98fbf8686c5289bf03fe5c3de7ff82d3a77104dElliott Hughes assertTrue("The certificate should match the specified criteria", 22518d8858e39800de641b50f6e8e864af9cf68bedeaNarayan Kamath selector.match(cert_1)); 2252e98fbf8686c5289bf03fe5c3de7ff82d3a77104dElliott Hughes assertTrue("The certificate should match the specified criteria", 22538d8858e39800de641b50f6e8e864af9cf68bedeaNarayan Kamath selector.match(cert_2)); 2254e98fbf8686c5289bf03fe5c3de7ff82d3a77104dElliott Hughes assertTrue("The certificate should match the specified criteria", 22558d8858e39800de641b50f6e8e864af9cf68bedeaNarayan Kamath selector.match(cert_3)); 2256e98fbf8686c5289bf03fe5c3de7ff82d3a77104dElliott Hughes assertFalse("The certificate should not match the specified criteria", 22578d8858e39800de641b50f6e8e864af9cf68bedeaNarayan Kamath selector.match(cert_4)); 2258561ee011997c6c2f1befbfaa9d5f0a99771c1d63Elliott Hughes set.add("2.2.2.2.2.2"); 2259561ee011997c6c2f1befbfaa9d5f0a99771c1d63Elliott Hughes try { 2260561ee011997c6c2f1befbfaa9d5f0a99771c1d63Elliott Hughes selector.setPolicy(set); 2261561ee011997c6c2f1befbfaa9d5f0a99771c1d63Elliott Hughes } catch (IOException e) { 2262561ee011997c6c2f1befbfaa9d5f0a99771c1d63Elliott Hughes e.printStackTrace(); 2263561ee011997c6c2f1befbfaa9d5f0a99771c1d63Elliott Hughes fail("Unexpected IOException was thrown."); 2264561ee011997c6c2f1befbfaa9d5f0a99771c1d63Elliott Hughes } 2265e98fbf8686c5289bf03fe5c3de7ff82d3a77104dElliott Hughes assertFalse("The certificate should not match the specified criteria", 22668d8858e39800de641b50f6e8e864af9cf68bedeaNarayan Kamath selector.match(cert_1)); 2267e98fbf8686c5289bf03fe5c3de7ff82d3a77104dElliott Hughes assertTrue("The certificate should match the specified criteria", 22688d8858e39800de641b50f6e8e864af9cf68bedeaNarayan Kamath selector.match(cert_2)); 2269e98fbf8686c5289bf03fe5c3de7ff82d3a77104dElliott Hughes assertTrue("The certificate should match the specified criteria", 22708d8858e39800de641b50f6e8e864af9cf68bedeaNarayan Kamath selector.match(cert_3)); 2271e98fbf8686c5289bf03fe5c3de7ff82d3a77104dElliott Hughes assertFalse("The certificate should not match the specified criteria", 22728d8858e39800de641b50f6e8e864af9cf68bedeaNarayan Kamath selector.match(cert_4)); 2273561ee011997c6c2f1befbfaa9d5f0a99771c1d63Elliott Hughes } 2274561ee011997c6c2f1befbfaa9d5f0a99771c1d63Elliott Hughes 2275561ee011997c6c2f1befbfaa9d5f0a99771c1d63Elliott Hughes /** 2276561ee011997c6c2f1befbfaa9d5f0a99771c1d63Elliott Hughes * getPolicy() method testing. 2277561ee011997c6c2f1befbfaa9d5f0a99771c1d63Elliott Hughes */ 2278561ee011997c6c2f1befbfaa9d5f0a99771c1d63Elliott Hughes public void testGetPolicy() { 2279561ee011997c6c2f1befbfaa9d5f0a99771c1d63Elliott Hughes String[] policies = new String[] { 22808d8858e39800de641b50f6e8e864af9cf68bedeaNarayan Kamath "0.0.0.0.0.0", 22818d8858e39800de641b50f6e8e864af9cf68bedeaNarayan Kamath "1.1.1.1.1.1", 22828d8858e39800de641b50f6e8e864af9cf68bedeaNarayan Kamath "2.2.2.2.2.2" 2283561ee011997c6c2f1befbfaa9d5f0a99771c1d63Elliott Hughes }; 2284561ee011997c6c2f1befbfaa9d5f0a99771c1d63Elliott Hughes X509CertSelector selector = new X509CertSelector(); 2285561ee011997c6c2f1befbfaa9d5f0a99771c1d63Elliott Hughes HashSet set = new HashSet(Arrays.asList(policies)); 2286561ee011997c6c2f1befbfaa9d5f0a99771c1d63Elliott Hughes try { 2287561ee011997c6c2f1befbfaa9d5f0a99771c1d63Elliott Hughes selector.setPolicy(set); 2288561ee011997c6c2f1befbfaa9d5f0a99771c1d63Elliott Hughes } catch (IOException e) { 2289561ee011997c6c2f1befbfaa9d5f0a99771c1d63Elliott Hughes e.printStackTrace(); 2290561ee011997c6c2f1befbfaa9d5f0a99771c1d63Elliott Hughes fail("Unexpected IOException was thrown."); 2291561ee011997c6c2f1befbfaa9d5f0a99771c1d63Elliott Hughes } 2292561ee011997c6c2f1befbfaa9d5f0a99771c1d63Elliott Hughes Set result = selector.getPolicy(); 2293561ee011997c6c2f1befbfaa9d5f0a99771c1d63Elliott Hughes try { 2294561ee011997c6c2f1befbfaa9d5f0a99771c1d63Elliott Hughes result.remove(policies[0]); 2295561ee011997c6c2f1befbfaa9d5f0a99771c1d63Elliott Hughes fail("An immutable set should be returned."); 2296561ee011997c6c2f1befbfaa9d5f0a99771c1d63Elliott Hughes } catch (UnsupportedOperationException e) { 2297561ee011997c6c2f1befbfaa9d5f0a99771c1d63Elliott Hughes } 2298561ee011997c6c2f1befbfaa9d5f0a99771c1d63Elliott Hughes if (result.size() != 3) { 2299561ee011997c6c2f1befbfaa9d5f0a99771c1d63Elliott Hughes fail("The size of returned set differs from specified."); 2300561ee011997c6c2f1befbfaa9d5f0a99771c1d63Elliott Hughes } 23018d8858e39800de641b50f6e8e864af9cf68bedeaNarayan Kamath for (int i = 0; i < policies.length; i++) { 2302561ee011997c6c2f1befbfaa9d5f0a99771c1d63Elliott Hughes if (!result.contains(policies[i])) { 2303561ee011997c6c2f1befbfaa9d5f0a99771c1d63Elliott Hughes fail("The set does not have specified policy."); 2304561ee011997c6c2f1befbfaa9d5f0a99771c1d63Elliott Hughes } 2305561ee011997c6c2f1befbfaa9d5f0a99771c1d63Elliott Hughes } 2306561ee011997c6c2f1befbfaa9d5f0a99771c1d63Elliott Hughes } 2307561ee011997c6c2f1befbfaa9d5f0a99771c1d63Elliott Hughes 2308561ee011997c6c2f1befbfaa9d5f0a99771c1d63Elliott Hughes /** 2309561ee011997c6c2f1befbfaa9d5f0a99771c1d63Elliott Hughes * setPathToNames(Collection<List<?>> names) method testing. 2310561ee011997c6c2f1befbfaa9d5f0a99771c1d63Elliott Hughes */ 2311561ee011997c6c2f1befbfaa9d5f0a99771c1d63Elliott Hughes public void testSetPathToNames() { 2312561ee011997c6c2f1befbfaa9d5f0a99771c1d63Elliott Hughes try { 2313561ee011997c6c2f1befbfaa9d5f0a99771c1d63Elliott Hughes GeneralName[] names = new GeneralName[] { 23148d8858e39800de641b50f6e8e864af9cf68bedeaNarayan Kamath new GeneralName(1, "rfc@822.Name"), 23158d8858e39800de641b50f6e8e864af9cf68bedeaNarayan Kamath new GeneralName(1, "rfc@822.AnotherName"), 23168d8858e39800de641b50f6e8e864af9cf68bedeaNarayan Kamath new GeneralName(2, "dNSName"), 23178d8858e39800de641b50f6e8e864af9cf68bedeaNarayan Kamath new GeneralName(2, "AnotherdNSName"), 23188d8858e39800de641b50f6e8e864af9cf68bedeaNarayan Kamath new GeneralName(4, "O=Organization"), 23198d8858e39800de641b50f6e8e864af9cf68bedeaNarayan Kamath new GeneralName(4, "O=Another Organization"), 23208d8858e39800de641b50f6e8e864af9cf68bedeaNarayan Kamath new GeneralName(6, "http://uniform.Resource.Id"), 23218d8858e39800de641b50f6e8e864af9cf68bedeaNarayan Kamath new GeneralName(6, "http://another.uniform.Resource.Id"), 23228d8858e39800de641b50f6e8e864af9cf68bedeaNarayan Kamath new GeneralName(7, "1.1.1.1"), 23238d8858e39800de641b50f6e8e864af9cf68bedeaNarayan Kamath new GeneralName(7, "2.2.2.2") 2324561ee011997c6c2f1befbfaa9d5f0a99771c1d63Elliott Hughes }; 2325561ee011997c6c2f1befbfaa9d5f0a99771c1d63Elliott Hughes 2326561ee011997c6c2f1befbfaa9d5f0a99771c1d63Elliott Hughes X509CertSelector selector = new X509CertSelector(); 2327561ee011997c6c2f1befbfaa9d5f0a99771c1d63Elliott Hughes 2328561ee011997c6c2f1befbfaa9d5f0a99771c1d63Elliott Hughes TestCert cert; 2329561ee011997c6c2f1befbfaa9d5f0a99771c1d63Elliott Hughes GeneralSubtrees subtrees; 2330e98fbf8686c5289bf03fe5c3de7ff82d3a77104dElliott Hughes NameConstraints constraints; 23318d8858e39800de641b50f6e8e864af9cf68bedeaNarayan Kamath for (int i = 0; i < names.length; i += 2) { 2332561ee011997c6c2f1befbfaa9d5f0a99771c1d63Elliott Hughes // Set up the pathToNames criterion 2333561ee011997c6c2f1befbfaa9d5f0a99771c1d63Elliott Hughes ArrayList pathToNames = new ArrayList(); 2334561ee011997c6c2f1befbfaa9d5f0a99771c1d63Elliott Hughes pathToNames.add(names[i].getAsList()); 2335561ee011997c6c2f1befbfaa9d5f0a99771c1d63Elliott Hughes selector.setPathToNames(pathToNames); 2336e98fbf8686c5289bf03fe5c3de7ff82d3a77104dElliott Hughes 2337561ee011997c6c2f1befbfaa9d5f0a99771c1d63Elliott Hughes // Construct the subtrees without the current name 2338e98fbf8686c5289bf03fe5c3de7ff82d3a77104dElliott Hughes subtrees = new GeneralSubtrees(); 23398d8858e39800de641b50f6e8e864af9cf68bedeaNarayan Kamath for (int j = 0; j < names.length; j++) { 23408d8858e39800de641b50f6e8e864af9cf68bedeaNarayan Kamath if (i != j && i + 1 != j) { 2341561ee011997c6c2f1befbfaa9d5f0a99771c1d63Elliott Hughes subtrees.addSubtree(new GeneralSubtree(names[j])); 2342561ee011997c6c2f1befbfaa9d5f0a99771c1d63Elliott Hughes } 2343561ee011997c6c2f1befbfaa9d5f0a99771c1d63Elliott Hughes } 2344561ee011997c6c2f1befbfaa9d5f0a99771c1d63Elliott Hughes constraints = new NameConstraints(subtrees, null); 2345561ee011997c6c2f1befbfaa9d5f0a99771c1d63Elliott Hughes cert = new TestCert(constraints); 2346561ee011997c6c2f1befbfaa9d5f0a99771c1d63Elliott Hughes assertTrue("The Name Constraints Extension of the " 23478d8858e39800de641b50f6e8e864af9cf68bedeaNarayan Kamath + "certificate does not contain the names " 23488d8858e39800de641b50f6e8e864af9cf68bedeaNarayan Kamath + "of such type so method match() should " 23498d8858e39800de641b50f6e8e864af9cf68bedeaNarayan Kamath + "return true.", selector.match(cert)); 2350561ee011997c6c2f1befbfaa9d5f0a99771c1d63Elliott Hughes 2351561ee011997c6c2f1befbfaa9d5f0a99771c1d63Elliott Hughes constraints = new NameConstraints(subtrees, subtrees); 2352561ee011997c6c2f1befbfaa9d5f0a99771c1d63Elliott Hughes cert = new TestCert(constraints); 2353561ee011997c6c2f1befbfaa9d5f0a99771c1d63Elliott Hughes assertTrue("The Name Constraints Extension of the " 23548d8858e39800de641b50f6e8e864af9cf68bedeaNarayan Kamath + "certificate does not contain the names " 23558d8858e39800de641b50f6e8e864af9cf68bedeaNarayan Kamath + "of such type so method match() should " 23568d8858e39800de641b50f6e8e864af9cf68bedeaNarayan Kamath + "return true.", selector.match(cert)); 2357561ee011997c6c2f1befbfaa9d5f0a99771c1d63Elliott Hughes 2358561ee011997c6c2f1befbfaa9d5f0a99771c1d63Elliott Hughes constraints = new NameConstraints(null, subtrees); 2359561ee011997c6c2f1befbfaa9d5f0a99771c1d63Elliott Hughes cert = new TestCert(constraints); 2360561ee011997c6c2f1befbfaa9d5f0a99771c1d63Elliott Hughes assertTrue("The Name Constraints Extension of the " 23618d8858e39800de641b50f6e8e864af9cf68bedeaNarayan Kamath + "certificate does not contain the names " 23628d8858e39800de641b50f6e8e864af9cf68bedeaNarayan Kamath + "of such type so method match() should " 23638d8858e39800de641b50f6e8e864af9cf68bedeaNarayan Kamath + "return true.", selector.match(cert)); 2364561ee011997c6c2f1befbfaa9d5f0a99771c1d63Elliott Hughes 23658d8858e39800de641b50f6e8e864af9cf68bedeaNarayan Kamath subtrees.addSubtree(new GeneralSubtree(names[i + 1])); 2366561ee011997c6c2f1befbfaa9d5f0a99771c1d63Elliott Hughes 2367561ee011997c6c2f1befbfaa9d5f0a99771c1d63Elliott Hughes constraints = new NameConstraints(subtrees, null); 2368561ee011997c6c2f1befbfaa9d5f0a99771c1d63Elliott Hughes cert = new TestCert(constraints); 2369561ee011997c6c2f1befbfaa9d5f0a99771c1d63Elliott Hughes assertFalse("The Name Constraints Extension of the " 23708d8858e39800de641b50f6e8e864af9cf68bedeaNarayan Kamath + "certificate does not contain the name " 23718d8858e39800de641b50f6e8e864af9cf68bedeaNarayan Kamath + "as a permitted name so method match() " 23728d8858e39800de641b50f6e8e864af9cf68bedeaNarayan Kamath + "should return false", selector.match(cert)); 2373561ee011997c6c2f1befbfaa9d5f0a99771c1d63Elliott Hughes 2374561ee011997c6c2f1befbfaa9d5f0a99771c1d63Elliott Hughes constraints = new NameConstraints(subtrees, subtrees); 2375561ee011997c6c2f1befbfaa9d5f0a99771c1d63Elliott Hughes cert = new TestCert(constraints); 2376561ee011997c6c2f1befbfaa9d5f0a99771c1d63Elliott Hughes assertFalse("The Name Constraints Extension of the " 23778d8858e39800de641b50f6e8e864af9cf68bedeaNarayan Kamath + "certificate does not contain the name " 23788d8858e39800de641b50f6e8e864af9cf68bedeaNarayan Kamath + "as an excluded name but it does not " 23798d8858e39800de641b50f6e8e864af9cf68bedeaNarayan Kamath + "contain this name as a permitted so match()" 23808d8858e39800de641b50f6e8e864af9cf68bedeaNarayan Kamath + "should return false", selector.match(cert)); 2381561ee011997c6c2f1befbfaa9d5f0a99771c1d63Elliott Hughes 2382561ee011997c6c2f1befbfaa9d5f0a99771c1d63Elliott Hughes constraints = new NameConstraints(null, subtrees); 2383561ee011997c6c2f1befbfaa9d5f0a99771c1d63Elliott Hughes cert = new TestCert(constraints); 2384561ee011997c6c2f1befbfaa9d5f0a99771c1d63Elliott Hughes assertTrue("The Name Constraints Extension of the " 23858d8858e39800de641b50f6e8e864af9cf68bedeaNarayan Kamath + "certificate does not contain the name " 23868d8858e39800de641b50f6e8e864af9cf68bedeaNarayan Kamath + "as an excluded name so method match() " 23878d8858e39800de641b50f6e8e864af9cf68bedeaNarayan Kamath + "should return true", selector.match(cert)); 2388561ee011997c6c2f1befbfaa9d5f0a99771c1d63Elliott Hughes 2389561ee011997c6c2f1befbfaa9d5f0a99771c1d63Elliott Hughes subtrees.addSubtree(new GeneralSubtree(names[i])); 2390561ee011997c6c2f1befbfaa9d5f0a99771c1d63Elliott Hughes 2391561ee011997c6c2f1befbfaa9d5f0a99771c1d63Elliott Hughes constraints = new NameConstraints(subtrees, null); 2392561ee011997c6c2f1befbfaa9d5f0a99771c1d63Elliott Hughes cert = new TestCert(constraints); 2393561ee011997c6c2f1befbfaa9d5f0a99771c1d63Elliott Hughes assertTrue("The Name Constraints Extension of the " 23948d8858e39800de641b50f6e8e864af9cf68bedeaNarayan Kamath + "certificate contains the name " 23958d8858e39800de641b50f6e8e864af9cf68bedeaNarayan Kamath + "as a permitted name so method match() " 23968d8858e39800de641b50f6e8e864af9cf68bedeaNarayan Kamath + "should return true", selector.match(cert)); 2397561ee011997c6c2f1befbfaa9d5f0a99771c1d63Elliott Hughes 2398561ee011997c6c2f1befbfaa9d5f0a99771c1d63Elliott Hughes constraints = new NameConstraints(subtrees, subtrees); 2399561ee011997c6c2f1befbfaa9d5f0a99771c1d63Elliott Hughes cert = new TestCert(constraints); 2400561ee011997c6c2f1befbfaa9d5f0a99771c1d63Elliott Hughes assertFalse("The Name Constraints Extension of the " 24018d8858e39800de641b50f6e8e864af9cf68bedeaNarayan Kamath + "certificate contains the name " 24028d8858e39800de641b50f6e8e864af9cf68bedeaNarayan Kamath + "as an excluded name so method match() " 24038d8858e39800de641b50f6e8e864af9cf68bedeaNarayan Kamath + "should return false", selector.match(cert)); 2404561ee011997c6c2f1befbfaa9d5f0a99771c1d63Elliott Hughes 2405561ee011997c6c2f1befbfaa9d5f0a99771c1d63Elliott Hughes constraints = new NameConstraints(null, subtrees); 2406561ee011997c6c2f1befbfaa9d5f0a99771c1d63Elliott Hughes cert = new TestCert(constraints); 2407561ee011997c6c2f1befbfaa9d5f0a99771c1d63Elliott Hughes assertFalse("The Name Constraints Extension of the " 24088d8858e39800de641b50f6e8e864af9cf68bedeaNarayan Kamath + "certificate contains the name " 24098d8858e39800de641b50f6e8e864af9cf68bedeaNarayan Kamath + "as an excluded name so method match() " 24108d8858e39800de641b50f6e8e864af9cf68bedeaNarayan Kamath + "should return false", selector.match(cert)); 2411561ee011997c6c2f1befbfaa9d5f0a99771c1d63Elliott Hughes 2412561ee011997c6c2f1befbfaa9d5f0a99771c1d63Elliott Hughes pathToNames.clear(); 2413561ee011997c6c2f1befbfaa9d5f0a99771c1d63Elliott Hughes assertFalse("The modification of initialization parameter " 24148d8858e39800de641b50f6e8e864af9cf68bedeaNarayan Kamath + "should not cause the modification of " 24158d8858e39800de641b50f6e8e864af9cf68bedeaNarayan Kamath + "internal object ", selector.match(cert)); 2416561ee011997c6c2f1befbfaa9d5f0a99771c1d63Elliott Hughes } 2417561ee011997c6c2f1befbfaa9d5f0a99771c1d63Elliott Hughes } catch (IOException e) { 2418561ee011997c6c2f1befbfaa9d5f0a99771c1d63Elliott Hughes e.printStackTrace(); 2419561ee011997c6c2f1befbfaa9d5f0a99771c1d63Elliott Hughes fail("Unexpected IOException was thrown."); 2420561ee011997c6c2f1befbfaa9d5f0a99771c1d63Elliott Hughes } 2421561ee011997c6c2f1befbfaa9d5f0a99771c1d63Elliott Hughes } 2422561ee011997c6c2f1befbfaa9d5f0a99771c1d63Elliott Hughes 2423561ee011997c6c2f1befbfaa9d5f0a99771c1d63Elliott Hughes /** 2424561ee011997c6c2f1befbfaa9d5f0a99771c1d63Elliott Hughes * addPathToName(int type, String name) method testing. 2425561ee011997c6c2f1befbfaa9d5f0a99771c1d63Elliott Hughes */ 2426561ee011997c6c2f1befbfaa9d5f0a99771c1d63Elliott Hughes public void testAddPathToName1() { 2427561ee011997c6c2f1befbfaa9d5f0a99771c1d63Elliott Hughes try { 24288d8858e39800de641b50f6e8e864af9cf68bedeaNarayan Kamath int[] types = new int[] { 1, 1, 2, 2, 4, 4, 6, 6, 7, 7 }; 2429561ee011997c6c2f1befbfaa9d5f0a99771c1d63Elliott Hughes String[] names = new String[] { 24308d8858e39800de641b50f6e8e864af9cf68bedeaNarayan Kamath "rfc@822.Name", 24318d8858e39800de641b50f6e8e864af9cf68bedeaNarayan Kamath "rfc@822.AnotherName", 24328d8858e39800de641b50f6e8e864af9cf68bedeaNarayan Kamath "dNSName", 24338d8858e39800de641b50f6e8e864af9cf68bedeaNarayan Kamath "AnotherdNSName", 24348d8858e39800de641b50f6e8e864af9cf68bedeaNarayan Kamath "O=Organization", 24358d8858e39800de641b50f6e8e864af9cf68bedeaNarayan Kamath "O=Another Organization", 24368d8858e39800de641b50f6e8e864af9cf68bedeaNarayan Kamath "http://uniform.Resource.Id", 24378d8858e39800de641b50f6e8e864af9cf68bedeaNarayan Kamath "http://another.uniform.Resource.Id", 24388d8858e39800de641b50f6e8e864af9cf68bedeaNarayan Kamath "1.1.1.1", 24398d8858e39800de641b50f6e8e864af9cf68bedeaNarayan Kamath "2.2.2.2" 2440561ee011997c6c2f1befbfaa9d5f0a99771c1d63Elliott Hughes }; 2441561ee011997c6c2f1befbfaa9d5f0a99771c1d63Elliott Hughes 2442561ee011997c6c2f1befbfaa9d5f0a99771c1d63Elliott Hughes X509CertSelector selector = new X509CertSelector(); 2443561ee011997c6c2f1befbfaa9d5f0a99771c1d63Elliott Hughes 2444561ee011997c6c2f1befbfaa9d5f0a99771c1d63Elliott Hughes TestCert cert; 2445561ee011997c6c2f1befbfaa9d5f0a99771c1d63Elliott Hughes GeneralSubtrees subtrees; 2446e98fbf8686c5289bf03fe5c3de7ff82d3a77104dElliott Hughes NameConstraints constraints; 24478d8858e39800de641b50f6e8e864af9cf68bedeaNarayan Kamath for (int i = 0; i < names.length - 2; i += 2) { 2448561ee011997c6c2f1befbfaa9d5f0a99771c1d63Elliott Hughes // Set up the pathToNames criterion 2449561ee011997c6c2f1befbfaa9d5f0a99771c1d63Elliott Hughes selector.addPathToName(types[i], names[i]); 2450e98fbf8686c5289bf03fe5c3de7ff82d3a77104dElliott Hughes 2451561ee011997c6c2f1befbfaa9d5f0a99771c1d63Elliott Hughes // Construct the subtrees without the current name 2452e98fbf8686c5289bf03fe5c3de7ff82d3a77104dElliott Hughes subtrees = new GeneralSubtrees(); 24538d8858e39800de641b50f6e8e864af9cf68bedeaNarayan Kamath for (int j = i + 2; j < names.length; j++) { 24548d8858e39800de641b50f6e8e864af9cf68bedeaNarayan Kamath if (i != j && i + 1 != j) { 2455561ee011997c6c2f1befbfaa9d5f0a99771c1d63Elliott Hughes subtrees.addSubtree( 2456561ee011997c6c2f1befbfaa9d5f0a99771c1d63Elliott Hughes new GeneralSubtree( 24578d8858e39800de641b50f6e8e864af9cf68bedeaNarayan Kamath new GeneralName(types[j], names[j]))); 2458561ee011997c6c2f1befbfaa9d5f0a99771c1d63Elliott Hughes } 2459561ee011997c6c2f1befbfaa9d5f0a99771c1d63Elliott Hughes } 2460561ee011997c6c2f1befbfaa9d5f0a99771c1d63Elliott Hughes constraints = new NameConstraints(subtrees, null); 2461561ee011997c6c2f1befbfaa9d5f0a99771c1d63Elliott Hughes cert = new TestCert(constraints); 2462561ee011997c6c2f1befbfaa9d5f0a99771c1d63Elliott Hughes assertTrue("The Name Constraints Extension of the " 24638d8858e39800de641b50f6e8e864af9cf68bedeaNarayan Kamath + "certificate does not contain the names " 24648d8858e39800de641b50f6e8e864af9cf68bedeaNarayan Kamath + "of such type so method match() should " 24658d8858e39800de641b50f6e8e864af9cf68bedeaNarayan Kamath + "return true.", selector.match(cert)); 2466561ee011997c6c2f1befbfaa9d5f0a99771c1d63Elliott Hughes 2467561ee011997c6c2f1befbfaa9d5f0a99771c1d63Elliott Hughes constraints = new NameConstraints(subtrees, subtrees); 2468561ee011997c6c2f1befbfaa9d5f0a99771c1d63Elliott Hughes cert = new TestCert(constraints); 2469561ee011997c6c2f1befbfaa9d5f0a99771c1d63Elliott Hughes assertTrue("The Name Constraints Extension of the " 24708d8858e39800de641b50f6e8e864af9cf68bedeaNarayan Kamath + "certificate does not contain the names " 24718d8858e39800de641b50f6e8e864af9cf68bedeaNarayan Kamath + "of such type so method match() should " 24728d8858e39800de641b50f6e8e864af9cf68bedeaNarayan Kamath + "return true.", selector.match(cert)); 2473561ee011997c6c2f1befbfaa9d5f0a99771c1d63Elliott Hughes 2474561ee011997c6c2f1befbfaa9d5f0a99771c1d63Elliott Hughes constraints = new NameConstraints(null, subtrees); 2475561ee011997c6c2f1befbfaa9d5f0a99771c1d63Elliott Hughes cert = new TestCert(constraints); 2476561ee011997c6c2f1befbfaa9d5f0a99771c1d63Elliott Hughes assertTrue("The Name Constraints Extension of the " 24778d8858e39800de641b50f6e8e864af9cf68bedeaNarayan Kamath + "certificate does not contain the names " 24788d8858e39800de641b50f6e8e864af9cf68bedeaNarayan Kamath + "of such type so method match() should " 24798d8858e39800de641b50f6e8e864af9cf68bedeaNarayan Kamath + "return true.", selector.match(cert)); 2480561ee011997c6c2f1befbfaa9d5f0a99771c1d63Elliott Hughes 2481561ee011997c6c2f1befbfaa9d5f0a99771c1d63Elliott Hughes subtrees.addSubtree( 2482561ee011997c6c2f1befbfaa9d5f0a99771c1d63Elliott Hughes new GeneralSubtree( 24838d8858e39800de641b50f6e8e864af9cf68bedeaNarayan Kamath new GeneralName(types[i + 1], names[i + 1]))); 2484561ee011997c6c2f1befbfaa9d5f0a99771c1d63Elliott Hughes 2485561ee011997c6c2f1befbfaa9d5f0a99771c1d63Elliott Hughes constraints = new NameConstraints(subtrees, null); 2486561ee011997c6c2f1befbfaa9d5f0a99771c1d63Elliott Hughes cert = new TestCert(constraints); 2487561ee011997c6c2f1befbfaa9d5f0a99771c1d63Elliott Hughes assertFalse("The Name Constraints Extension of the " 24888d8858e39800de641b50f6e8e864af9cf68bedeaNarayan Kamath + "certificate does not contain the name " 24898d8858e39800de641b50f6e8e864af9cf68bedeaNarayan Kamath + "as a permitted name so method match() " 24908d8858e39800de641b50f6e8e864af9cf68bedeaNarayan Kamath + "should return false", selector.match(cert)); 2491561ee011997c6c2f1befbfaa9d5f0a99771c1d63Elliott Hughes 2492561ee011997c6c2f1befbfaa9d5f0a99771c1d63Elliott Hughes constraints = new NameConstraints(subtrees, subtrees); 2493561ee011997c6c2f1befbfaa9d5f0a99771c1d63Elliott Hughes cert = new TestCert(constraints); 2494561ee011997c6c2f1befbfaa9d5f0a99771c1d63Elliott Hughes assertFalse("The Name Constraints Extension of the " 24958d8858e39800de641b50f6e8e864af9cf68bedeaNarayan Kamath + "certificate does not contain the name " 24968d8858e39800de641b50f6e8e864af9cf68bedeaNarayan Kamath + "as an excluded name but it does not " 24978d8858e39800de641b50f6e8e864af9cf68bedeaNarayan Kamath + "contain this name as a permitted so match()" 24988d8858e39800de641b50f6e8e864af9cf68bedeaNarayan Kamath + "should return false", selector.match(cert)); 2499561ee011997c6c2f1befbfaa9d5f0a99771c1d63Elliott Hughes 2500561ee011997c6c2f1befbfaa9d5f0a99771c1d63Elliott Hughes constraints = new NameConstraints(null, subtrees); 2501561ee011997c6c2f1befbfaa9d5f0a99771c1d63Elliott Hughes cert = new TestCert(constraints); 2502561ee011997c6c2f1befbfaa9d5f0a99771c1d63Elliott Hughes assertTrue("The Name Constraints Extension of the " 25038d8858e39800de641b50f6e8e864af9cf68bedeaNarayan Kamath + "certificate does not contain the name " 25048d8858e39800de641b50f6e8e864af9cf68bedeaNarayan Kamath + "as an excluded name so method match() " 25058d8858e39800de641b50f6e8e864af9cf68bedeaNarayan Kamath + "should return true", selector.match(cert)); 2506561ee011997c6c2f1befbfaa9d5f0a99771c1d63Elliott Hughes 2507561ee011997c6c2f1befbfaa9d5f0a99771c1d63Elliott Hughes subtrees.addSubtree( 2508561ee011997c6c2f1befbfaa9d5f0a99771c1d63Elliott Hughes new GeneralSubtree( 25098d8858e39800de641b50f6e8e864af9cf68bedeaNarayan Kamath new GeneralName(types[i], names[i]))); 2510561ee011997c6c2f1befbfaa9d5f0a99771c1d63Elliott Hughes 2511561ee011997c6c2f1befbfaa9d5f0a99771c1d63Elliott Hughes constraints = new NameConstraints(subtrees, null); 2512561ee011997c6c2f1befbfaa9d5f0a99771c1d63Elliott Hughes cert = new TestCert(constraints); 2513561ee011997c6c2f1befbfaa9d5f0a99771c1d63Elliott Hughes assertTrue("The Name Constraints Extension of the " 25148d8858e39800de641b50f6e8e864af9cf68bedeaNarayan Kamath + "certificate contains the name " 25158d8858e39800de641b50f6e8e864af9cf68bedeaNarayan Kamath + "as a permitted name so method match() " 25168d8858e39800de641b50f6e8e864af9cf68bedeaNarayan Kamath + "should return true", selector.match(cert)); 2517561ee011997c6c2f1befbfaa9d5f0a99771c1d63Elliott Hughes 2518561ee011997c6c2f1befbfaa9d5f0a99771c1d63Elliott Hughes constraints = new NameConstraints(subtrees, subtrees); 2519561ee011997c6c2f1befbfaa9d5f0a99771c1d63Elliott Hughes cert = new TestCert(constraints); 2520561ee011997c6c2f1befbfaa9d5f0a99771c1d63Elliott Hughes assertFalse("The Name Constraints Extension of the " 25218d8858e39800de641b50f6e8e864af9cf68bedeaNarayan Kamath + "certificate contains the name " 25228d8858e39800de641b50f6e8e864af9cf68bedeaNarayan Kamath + "as an excluded name so method match() " 25238d8858e39800de641b50f6e8e864af9cf68bedeaNarayan Kamath + "should return false", selector.match(cert)); 2524561ee011997c6c2f1befbfaa9d5f0a99771c1d63Elliott Hughes 2525561ee011997c6c2f1befbfaa9d5f0a99771c1d63Elliott Hughes constraints = new NameConstraints(null, subtrees); 2526561ee011997c6c2f1befbfaa9d5f0a99771c1d63Elliott Hughes cert = new TestCert(constraints); 2527561ee011997c6c2f1befbfaa9d5f0a99771c1d63Elliott Hughes assertFalse("The Name Constraints Extension of the " 25288d8858e39800de641b50f6e8e864af9cf68bedeaNarayan Kamath + "certificate contains the name " 25298d8858e39800de641b50f6e8e864af9cf68bedeaNarayan Kamath + "as an excluded name so method match() " 25308d8858e39800de641b50f6e8e864af9cf68bedeaNarayan Kamath + "should return false", selector.match(cert)); 2531561ee011997c6c2f1befbfaa9d5f0a99771c1d63Elliott Hughes } 2532561ee011997c6c2f1befbfaa9d5f0a99771c1d63Elliott Hughes } catch (IOException e) { 2533561ee011997c6c2f1befbfaa9d5f0a99771c1d63Elliott Hughes e.printStackTrace(); 2534561ee011997c6c2f1befbfaa9d5f0a99771c1d63Elliott Hughes fail("Unexpected IOException was thrown."); 2535561ee011997c6c2f1befbfaa9d5f0a99771c1d63Elliott Hughes } 2536561ee011997c6c2f1befbfaa9d5f0a99771c1d63Elliott Hughes } 2537561ee011997c6c2f1befbfaa9d5f0a99771c1d63Elliott Hughes 2538561ee011997c6c2f1befbfaa9d5f0a99771c1d63Elliott Hughes /** 2539561ee011997c6c2f1befbfaa9d5f0a99771c1d63Elliott Hughes * addPathToName(int type, byte[] name) method testing. 2540561ee011997c6c2f1befbfaa9d5f0a99771c1d63Elliott Hughes */ 2541561ee011997c6c2f1befbfaa9d5f0a99771c1d63Elliott Hughes public void testAddPathToName2() { 2542561ee011997c6c2f1befbfaa9d5f0a99771c1d63Elliott Hughes try { 25438d8858e39800de641b50f6e8e864af9cf68bedeaNarayan Kamath int[] types = new int[] { 1, 1, 2, 2, 4, 4, 6, 6, 7, 7 }; 2544561ee011997c6c2f1befbfaa9d5f0a99771c1d63Elliott Hughes byte[][] names = new byte[][] { 25458d8858e39800de641b50f6e8e864af9cf68bedeaNarayan Kamath new GeneralName(1, "rfc@822.Name").getEncodedName(), 25468d8858e39800de641b50f6e8e864af9cf68bedeaNarayan Kamath new GeneralName(1, "rfc@822.AnotherName").getEncodedName(), 25478d8858e39800de641b50f6e8e864af9cf68bedeaNarayan Kamath new GeneralName(2, "dNSName").getEncodedName(), 25488d8858e39800de641b50f6e8e864af9cf68bedeaNarayan Kamath new GeneralName(2, "AnotherdNSName").getEncodedName(), 25498d8858e39800de641b50f6e8e864af9cf68bedeaNarayan Kamath new GeneralName(4, "O=Organization").getEncodedName(), 25508d8858e39800de641b50f6e8e864af9cf68bedeaNarayan Kamath new GeneralName(4, "O=Another Organization").getEncodedName(), 25518d8858e39800de641b50f6e8e864af9cf68bedeaNarayan Kamath new GeneralName(6, "http://uniform.Resource.Id") 25528d8858e39800de641b50f6e8e864af9cf68bedeaNarayan Kamath .getEncodedName(), 25538d8858e39800de641b50f6e8e864af9cf68bedeaNarayan Kamath new GeneralName(6, "http://another.uniform.Resource.Id") 25548d8858e39800de641b50f6e8e864af9cf68bedeaNarayan Kamath .getEncodedName(), 25558d8858e39800de641b50f6e8e864af9cf68bedeaNarayan Kamath new GeneralName(7, "1.1.1.1").getEncodedName(), 25568d8858e39800de641b50f6e8e864af9cf68bedeaNarayan Kamath new GeneralName(7, "2.2.2.2").getEncodedName() 2557561ee011997c6c2f1befbfaa9d5f0a99771c1d63Elliott Hughes }; 2558561ee011997c6c2f1befbfaa9d5f0a99771c1d63Elliott Hughes 2559561ee011997c6c2f1befbfaa9d5f0a99771c1d63Elliott Hughes X509CertSelector selector = new X509CertSelector(); 2560561ee011997c6c2f1befbfaa9d5f0a99771c1d63Elliott Hughes 2561561ee011997c6c2f1befbfaa9d5f0a99771c1d63Elliott Hughes TestCert cert; 2562561ee011997c6c2f1befbfaa9d5f0a99771c1d63Elliott Hughes GeneralSubtrees subtrees; 2563e98fbf8686c5289bf03fe5c3de7ff82d3a77104dElliott Hughes NameConstraints constraints; 25648d8858e39800de641b50f6e8e864af9cf68bedeaNarayan Kamath for (int i = 0; i < names.length - 2; i += 2) { 2565561ee011997c6c2f1befbfaa9d5f0a99771c1d63Elliott Hughes // Set up the pathToNames criterion 2566561ee011997c6c2f1befbfaa9d5f0a99771c1d63Elliott Hughes selector.addPathToName(types[i], names[i]); 2567e98fbf8686c5289bf03fe5c3de7ff82d3a77104dElliott Hughes 2568561ee011997c6c2f1befbfaa9d5f0a99771c1d63Elliott Hughes // Construct the subtrees without the current name 2569e98fbf8686c5289bf03fe5c3de7ff82d3a77104dElliott Hughes subtrees = new GeneralSubtrees(); 25708d8858e39800de641b50f6e8e864af9cf68bedeaNarayan Kamath for (int j = i + 2; j < names.length; j++) { 25718d8858e39800de641b50f6e8e864af9cf68bedeaNarayan Kamath if (i != j && i + 1 != j) { 2572561ee011997c6c2f1befbfaa9d5f0a99771c1d63Elliott Hughes subtrees.addSubtree( 2573561ee011997c6c2f1befbfaa9d5f0a99771c1d63Elliott Hughes new GeneralSubtree( 25748d8858e39800de641b50f6e8e864af9cf68bedeaNarayan Kamath new GeneralName(types[j], names[j]))); 2575561ee011997c6c2f1befbfaa9d5f0a99771c1d63Elliott Hughes } 2576561ee011997c6c2f1befbfaa9d5f0a99771c1d63Elliott Hughes } 2577561ee011997c6c2f1befbfaa9d5f0a99771c1d63Elliott Hughes constraints = new NameConstraints(subtrees, null); 2578561ee011997c6c2f1befbfaa9d5f0a99771c1d63Elliott Hughes cert = new TestCert(constraints); 2579561ee011997c6c2f1befbfaa9d5f0a99771c1d63Elliott Hughes assertTrue("The Name Constraints Extension of the " 25808d8858e39800de641b50f6e8e864af9cf68bedeaNarayan Kamath + "certificate does not contain the names " 25818d8858e39800de641b50f6e8e864af9cf68bedeaNarayan Kamath + "of such type so method match() should " 25828d8858e39800de641b50f6e8e864af9cf68bedeaNarayan Kamath + "return true.", selector.match(cert)); 2583561ee011997c6c2f1befbfaa9d5f0a99771c1d63Elliott Hughes 2584561ee011997c6c2f1befbfaa9d5f0a99771c1d63Elliott Hughes constraints = new NameConstraints(subtrees, subtrees); 2585561ee011997c6c2f1befbfaa9d5f0a99771c1d63Elliott Hughes cert = new TestCert(constraints); 2586561ee011997c6c2f1befbfaa9d5f0a99771c1d63Elliott Hughes assertTrue("The Name Constraints Extension of the " 25878d8858e39800de641b50f6e8e864af9cf68bedeaNarayan Kamath + "certificate does not contain the names " 25888d8858e39800de641b50f6e8e864af9cf68bedeaNarayan Kamath + "of such type so method match() should " 25898d8858e39800de641b50f6e8e864af9cf68bedeaNarayan Kamath + "return true.", selector.match(cert)); 2590561ee011997c6c2f1befbfaa9d5f0a99771c1d63Elliott Hughes 2591561ee011997c6c2f1befbfaa9d5f0a99771c1d63Elliott Hughes constraints = new NameConstraints(null, subtrees); 2592561ee011997c6c2f1befbfaa9d5f0a99771c1d63Elliott Hughes cert = new TestCert(constraints); 2593561ee011997c6c2f1befbfaa9d5f0a99771c1d63Elliott Hughes assertTrue("The Name Constraints Extension of the " 25948d8858e39800de641b50f6e8e864af9cf68bedeaNarayan Kamath + "certificate does not contain the names " 25958d8858e39800de641b50f6e8e864af9cf68bedeaNarayan Kamath + "of such type so method match() should " 25968d8858e39800de641b50f6e8e864af9cf68bedeaNarayan Kamath + "return true.", selector.match(cert)); 2597561ee011997c6c2f1befbfaa9d5f0a99771c1d63Elliott Hughes 2598561ee011997c6c2f1befbfaa9d5f0a99771c1d63Elliott Hughes subtrees.addSubtree( 2599561ee011997c6c2f1befbfaa9d5f0a99771c1d63Elliott Hughes new GeneralSubtree( 26008d8858e39800de641b50f6e8e864af9cf68bedeaNarayan Kamath new GeneralName(types[i + 1], names[i + 1]))); 2601561ee011997c6c2f1befbfaa9d5f0a99771c1d63Elliott Hughes 2602561ee011997c6c2f1befbfaa9d5f0a99771c1d63Elliott Hughes constraints = new NameConstraints(subtrees, null); 2603561ee011997c6c2f1befbfaa9d5f0a99771c1d63Elliott Hughes cert = new TestCert(constraints); 2604561ee011997c6c2f1befbfaa9d5f0a99771c1d63Elliott Hughes assertFalse("The Name Constraints Extension of the " 26058d8858e39800de641b50f6e8e864af9cf68bedeaNarayan Kamath + "certificate does not contain the name " 26068d8858e39800de641b50f6e8e864af9cf68bedeaNarayan Kamath + "as a permitted name so method match() " 26078d8858e39800de641b50f6e8e864af9cf68bedeaNarayan Kamath + "should return false", selector.match(cert)); 2608561ee011997c6c2f1befbfaa9d5f0a99771c1d63Elliott Hughes 2609561ee011997c6c2f1befbfaa9d5f0a99771c1d63Elliott Hughes constraints = new NameConstraints(subtrees, subtrees); 2610561ee011997c6c2f1befbfaa9d5f0a99771c1d63Elliott Hughes cert = new TestCert(constraints); 2611561ee011997c6c2f1befbfaa9d5f0a99771c1d63Elliott Hughes assertFalse("The Name Constraints Extension of the " 26128d8858e39800de641b50f6e8e864af9cf68bedeaNarayan Kamath + "certificate does not contain the name " 26138d8858e39800de641b50f6e8e864af9cf68bedeaNarayan Kamath + "as an excluded name but it does not " 26148d8858e39800de641b50f6e8e864af9cf68bedeaNarayan Kamath + "contain this name as a permitted so match()" 26158d8858e39800de641b50f6e8e864af9cf68bedeaNarayan Kamath + "should return false", selector.match(cert)); 2616561ee011997c6c2f1befbfaa9d5f0a99771c1d63Elliott Hughes 2617561ee011997c6c2f1befbfaa9d5f0a99771c1d63Elliott Hughes constraints = new NameConstraints(null, subtrees); 2618561ee011997c6c2f1befbfaa9d5f0a99771c1d63Elliott Hughes cert = new TestCert(constraints); 2619561ee011997c6c2f1befbfaa9d5f0a99771c1d63Elliott Hughes assertTrue("The Name Constraints Extension of the " 26208d8858e39800de641b50f6e8e864af9cf68bedeaNarayan Kamath + "certificate does not contain the name " 26218d8858e39800de641b50f6e8e864af9cf68bedeaNarayan Kamath + "as an excluded name so method match() " 26228d8858e39800de641b50f6e8e864af9cf68bedeaNarayan Kamath + "should return true", selector.match(cert)); 2623561ee011997c6c2f1befbfaa9d5f0a99771c1d63Elliott Hughes 2624561ee011997c6c2f1befbfaa9d5f0a99771c1d63Elliott Hughes subtrees.addSubtree( 2625561ee011997c6c2f1befbfaa9d5f0a99771c1d63Elliott Hughes new GeneralSubtree( 26268d8858e39800de641b50f6e8e864af9cf68bedeaNarayan Kamath new GeneralName(types[i], names[i]))); 2627561ee011997c6c2f1befbfaa9d5f0a99771c1d63Elliott Hughes 2628561ee011997c6c2f1befbfaa9d5f0a99771c1d63Elliott Hughes constraints = new NameConstraints(subtrees, null); 2629561ee011997c6c2f1befbfaa9d5f0a99771c1d63Elliott Hughes cert = new TestCert(constraints); 2630561ee011997c6c2f1befbfaa9d5f0a99771c1d63Elliott Hughes assertTrue("The Name Constraints Extension of the " 26318d8858e39800de641b50f6e8e864af9cf68bedeaNarayan Kamath + "certificate contains the name " 26328d8858e39800de641b50f6e8e864af9cf68bedeaNarayan Kamath + "as a permitted name so method match() " 26338d8858e39800de641b50f6e8e864af9cf68bedeaNarayan Kamath + "should return true", selector.match(cert)); 2634561ee011997c6c2f1befbfaa9d5f0a99771c1d63Elliott Hughes 2635561ee011997c6c2f1befbfaa9d5f0a99771c1d63Elliott Hughes constraints = new NameConstraints(subtrees, subtrees); 2636561ee011997c6c2f1befbfaa9d5f0a99771c1d63Elliott Hughes cert = new TestCert(constraints); 2637561ee011997c6c2f1befbfaa9d5f0a99771c1d63Elliott Hughes assertFalse("The Name Constraints Extension of the " 26388d8858e39800de641b50f6e8e864af9cf68bedeaNarayan Kamath + "certificate contains the name " 26398d8858e39800de641b50f6e8e864af9cf68bedeaNarayan Kamath + "as an excluded name so method match() " 26408d8858e39800de641b50f6e8e864af9cf68bedeaNarayan Kamath + "should return false", selector.match(cert)); 2641561ee011997c6c2f1befbfaa9d5f0a99771c1d63Elliott Hughes 2642561ee011997c6c2f1befbfaa9d5f0a99771c1d63Elliott Hughes constraints = new NameConstraints(null, subtrees); 2643561ee011997c6c2f1befbfaa9d5f0a99771c1d63Elliott Hughes cert = new TestCert(constraints); 2644561ee011997c6c2f1befbfaa9d5f0a99771c1d63Elliott Hughes assertFalse("The Name Constraints Extension of the " 26458d8858e39800de641b50f6e8e864af9cf68bedeaNarayan Kamath + "certificate contains the name " 26468d8858e39800de641b50f6e8e864af9cf68bedeaNarayan Kamath + "as an excluded name so method match() " 26478d8858e39800de641b50f6e8e864af9cf68bedeaNarayan Kamath + "should return false", selector.match(cert)); 2648561ee011997c6c2f1befbfaa9d5f0a99771c1d63Elliott Hughes } 2649561ee011997c6c2f1befbfaa9d5f0a99771c1d63Elliott Hughes } catch (IOException e) { 2650561ee011997c6c2f1befbfaa9d5f0a99771c1d63Elliott Hughes e.printStackTrace(); 2651561ee011997c6c2f1befbfaa9d5f0a99771c1d63Elliott Hughes fail("Unexpected IOException was thrown."); 2652561ee011997c6c2f1befbfaa9d5f0a99771c1d63Elliott Hughes } 2653561ee011997c6c2f1befbfaa9d5f0a99771c1d63Elliott Hughes } 2654561ee011997c6c2f1befbfaa9d5f0a99771c1d63Elliott Hughes 2655561ee011997c6c2f1befbfaa9d5f0a99771c1d63Elliott Hughes /** 2656561ee011997c6c2f1befbfaa9d5f0a99771c1d63Elliott Hughes * getPathToNames() method testing. 2657561ee011997c6c2f1befbfaa9d5f0a99771c1d63Elliott Hughes */ 2658561ee011997c6c2f1befbfaa9d5f0a99771c1d63Elliott Hughes public void testGetPathToNames() { 2659561ee011997c6c2f1befbfaa9d5f0a99771c1d63Elliott Hughes try { 2660e98fbf8686c5289bf03fe5c3de7ff82d3a77104dElliott Hughes byte[] encoding = 26618d8858e39800de641b50f6e8e864af9cf68bedeaNarayan Kamath new GeneralName(1, "rfc@822.Name").getEncodedName(); 2662561ee011997c6c2f1befbfaa9d5f0a99771c1d63Elliott Hughes 2663561ee011997c6c2f1befbfaa9d5f0a99771c1d63Elliott Hughes X509CertSelector selector = new X509CertSelector(); 2664561ee011997c6c2f1befbfaa9d5f0a99771c1d63Elliott Hughes 2665561ee011997c6c2f1befbfaa9d5f0a99771c1d63Elliott Hughes selector.addPathToName(1, encoding); 2666561ee011997c6c2f1befbfaa9d5f0a99771c1d63Elliott Hughes encoding[0]++; 2667561ee011997c6c2f1befbfaa9d5f0a99771c1d63Elliott Hughes Collection coll = selector.getPathToNames(); 2668561ee011997c6c2f1befbfaa9d5f0a99771c1d63Elliott Hughes Iterator it = coll.iterator(); 2669561ee011997c6c2f1befbfaa9d5f0a99771c1d63Elliott Hughes List list = (List) it.next(); 2670561ee011997c6c2f1befbfaa9d5f0a99771c1d63Elliott Hughes Object result = list.get(1); 2671e98fbf8686c5289bf03fe5c3de7ff82d3a77104dElliott Hughes if ((result instanceof byte[]) 26728d8858e39800de641b50f6e8e864af9cf68bedeaNarayan Kamath && (encoding[0] == ((byte[]) result)[0])) { 2673561ee011997c6c2f1befbfaa9d5f0a99771c1d63Elliott Hughes fail("Deep copy should be performed on pathToNames."); 2674561ee011997c6c2f1befbfaa9d5f0a99771c1d63Elliott Hughes } 2675561ee011997c6c2f1befbfaa9d5f0a99771c1d63Elliott Hughes } catch (IOException e) { 2676561ee011997c6c2f1befbfaa9d5f0a99771c1d63Elliott Hughes e.printStackTrace(); 2677561ee011997c6c2f1befbfaa9d5f0a99771c1d63Elliott Hughes fail("Unexpected IOException was thrown."); 2678561ee011997c6c2f1befbfaa9d5f0a99771c1d63Elliott Hughes } 2679561ee011997c6c2f1befbfaa9d5f0a99771c1d63Elliott Hughes } 2680561ee011997c6c2f1befbfaa9d5f0a99771c1d63Elliott Hughes 2681561ee011997c6c2f1befbfaa9d5f0a99771c1d63Elliott Hughes /** 2682561ee011997c6c2f1befbfaa9d5f0a99771c1d63Elliott Hughes * toString() method testing. 2683561ee011997c6c2f1befbfaa9d5f0a99771c1d63Elliott Hughes */ 2684561ee011997c6c2f1befbfaa9d5f0a99771c1d63Elliott Hughes public void testToString() throws Exception { 2685561ee011997c6c2f1befbfaa9d5f0a99771c1d63Elliott Hughes BigInteger serial = new BigInteger("10000"); 2686561ee011997c6c2f1befbfaa9d5f0a99771c1d63Elliott Hughes X500Principal issuer = new X500Principal("O=Issuer Org."); 2687561ee011997c6c2f1befbfaa9d5f0a99771c1d63Elliott Hughes X500Principal subject = new X500Principal("O=Subject Org."); 26888d8858e39800de641b50f6e8e864af9cf68bedeaNarayan Kamath byte[] subject_auth_KeyID = new byte[] { 1, 2, 3, 4, 5 }; 2689561ee011997c6c2f1befbfaa9d5f0a99771c1d63Elliott Hughes Date certValid = new Date(2000000000); 2690561ee011997c6c2f1befbfaa9d5f0a99771c1d63Elliott Hughes Date[] privateKeyValid = new Date[] { 2691561ee011997c6c2f1befbfaa9d5f0a99771c1d63Elliott Hughes new Date(100000000L), 2692561ee011997c6c2f1befbfaa9d5f0a99771c1d63Elliott Hughes new Date(200000000L), 2693561ee011997c6c2f1befbfaa9d5f0a99771c1d63Elliott Hughes new Date(300000000L) 2694561ee011997c6c2f1befbfaa9d5f0a99771c1d63Elliott Hughes }; 2695561ee011997c6c2f1befbfaa9d5f0a99771c1d63Elliott Hughes String pkAlgID = "1.2.840.113549.1.1.4"; // MD5 with RSA encryption (source: http://asn1.elibel.tm.fr) 2696561ee011997c6c2f1befbfaa9d5f0a99771c1d63Elliott Hughes PublicKey pkey; 2697561ee011997c6c2f1befbfaa9d5f0a99771c1d63Elliott Hughes 2698561ee011997c6c2f1befbfaa9d5f0a99771c1d63Elliott Hughes pkey = new TestKeyPair("RSA").getPublic(); 2699561ee011997c6c2f1befbfaa9d5f0a99771c1d63Elliott Hughes 2700561ee011997c6c2f1befbfaa9d5f0a99771c1d63Elliott Hughes boolean[] keyUsage = new boolean[] 27018d8858e39800de641b50f6e8e864af9cf68bedeaNarayan Kamath { true, true, true, true, true, true, true, true, false }; 2702561ee011997c6c2f1befbfaa9d5f0a99771c1d63Elliott Hughes // OID values was taken from rfc 3280 2703561ee011997c6c2f1befbfaa9d5f0a99771c1d63Elliott Hughes HashSet extKeyUsage = new HashSet(Arrays.asList(new String[] { 2704e98fbf8686c5289bf03fe5c3de7ff82d3a77104dElliott Hughes "1.3.6.1.5.5.7.3.1", "1.3.6.1.5.5.7.3.2", "1.3.6.1.5.5.7.3.3", 2705e98fbf8686c5289bf03fe5c3de7ff82d3a77104dElliott Hughes "1.3.6.1.5.5.7.3.4", "1.3.6.1.5.5.7.3.8", "1.3.6.1.5.5.7.3.9", 27068d8858e39800de641b50f6e8e864af9cf68bedeaNarayan Kamath "1.3.6.1.5.5.7.3.5", "1.3.6.1.5.5.7.3.6", "1.3.6.1.5.5.7.3.7" } 2707561ee011997c6c2f1befbfaa9d5f0a99771c1d63Elliott Hughes )); 2708561ee011997c6c2f1befbfaa9d5f0a99771c1d63Elliott Hughes GeneralNames subjectAltNames = new GeneralNames(Arrays.asList( 27098d8858e39800de641b50f6e8e864af9cf68bedeaNarayan Kamath new GeneralName[] { 27108d8858e39800de641b50f6e8e864af9cf68bedeaNarayan Kamath new GeneralName(1, "rfc@822.Name"), 27118d8858e39800de641b50f6e8e864af9cf68bedeaNarayan Kamath new GeneralName(2, "dNSName"), 27128d8858e39800de641b50f6e8e864af9cf68bedeaNarayan Kamath new GeneralName(6, "http://uniform.Resource.Id"), 27138d8858e39800de641b50f6e8e864af9cf68bedeaNarayan Kamath new GeneralName(7, "1.1.1.1") 27148d8858e39800de641b50f6e8e864af9cf68bedeaNarayan Kamath } 2715561ee011997c6c2f1befbfaa9d5f0a99771c1d63Elliott Hughes )); 2716561ee011997c6c2f1befbfaa9d5f0a99771c1d63Elliott Hughes String[] policies = new String[] { 27178d8858e39800de641b50f6e8e864af9cf68bedeaNarayan Kamath "0.0.0.0.0.0", 27188d8858e39800de641b50f6e8e864af9cf68bedeaNarayan Kamath "1.1.1.1.1.1", 2719561ee011997c6c2f1befbfaa9d5f0a99771c1d63Elliott Hughes }; 2720561ee011997c6c2f1befbfaa9d5f0a99771c1d63Elliott Hughes TestCert cert = new TestCert("certificate equality criteria"); 2721e98fbf8686c5289bf03fe5c3de7ff82d3a77104dElliott Hughes 2722561ee011997c6c2f1befbfaa9d5f0a99771c1d63Elliott Hughes X509CertSelector selector = new X509CertSelector(); 2723561ee011997c6c2f1befbfaa9d5f0a99771c1d63Elliott Hughes selector.setCertificate(cert); 2724561ee011997c6c2f1befbfaa9d5f0a99771c1d63Elliott Hughes selector.setSerialNumber(serial); 2725561ee011997c6c2f1befbfaa9d5f0a99771c1d63Elliott Hughes selector.setIssuer(issuer); 2726561ee011997c6c2f1befbfaa9d5f0a99771c1d63Elliott Hughes selector.setSubject(subject); 2727561ee011997c6c2f1befbfaa9d5f0a99771c1d63Elliott Hughes selector.setSubjectKeyIdentifier(subject_auth_KeyID); 2728561ee011997c6c2f1befbfaa9d5f0a99771c1d63Elliott Hughes selector.setAuthorityKeyIdentifier(subject_auth_KeyID); 2729561ee011997c6c2f1befbfaa9d5f0a99771c1d63Elliott Hughes selector.setCertificateValid(certValid); 2730561ee011997c6c2f1befbfaa9d5f0a99771c1d63Elliott Hughes selector.setPrivateKeyValid(privateKeyValid[1]); 2731561ee011997c6c2f1befbfaa9d5f0a99771c1d63Elliott Hughes selector.setSubjectPublicKey(pkey); 2732561ee011997c6c2f1befbfaa9d5f0a99771c1d63Elliott Hughes selector.setSubjectPublicKeyAlgID(pkAlgID); 2733561ee011997c6c2f1befbfaa9d5f0a99771c1d63Elliott Hughes selector.setKeyUsage(keyUsage); 2734561ee011997c6c2f1befbfaa9d5f0a99771c1d63Elliott Hughes selector.setExtendedKeyUsage(extKeyUsage); 2735561ee011997c6c2f1befbfaa9d5f0a99771c1d63Elliott Hughes selector.setSubjectAlternativeNames(subjectAltNames.getPairsList()); 2736561ee011997c6c2f1befbfaa9d5f0a99771c1d63Elliott Hughes selector.setMatchAllSubjectAltNames(true); 2737561ee011997c6c2f1befbfaa9d5f0a99771c1d63Elliott Hughes selector.setPolicy(new HashSet(Arrays.asList(policies))); 2738561ee011997c6c2f1befbfaa9d5f0a99771c1d63Elliott Hughes 2739e98fbf8686c5289bf03fe5c3de7ff82d3a77104dElliott Hughes assertNotNull("The result should not be null.", 2740561ee011997c6c2f1befbfaa9d5f0a99771c1d63Elliott Hughes selector.toString()); 2741561ee011997c6c2f1befbfaa9d5f0a99771c1d63Elliott Hughes } 2742561ee011997c6c2f1befbfaa9d5f0a99771c1d63Elliott Hughes 2743561ee011997c6c2f1befbfaa9d5f0a99771c1d63Elliott Hughes /** 2744561ee011997c6c2f1befbfaa9d5f0a99771c1d63Elliott Hughes * match(Certificate cert) method testing. 2745e98fbf8686c5289bf03fe5c3de7ff82d3a77104dElliott Hughes * Tests if the null object matches to the selector or does not, 2746561ee011997c6c2f1befbfaa9d5f0a99771c1d63Elliott Hughes * and if the certificate conforming to the multiple matching criteria 2747561ee011997c6c2f1befbfaa9d5f0a99771c1d63Elliott Hughes * matches or does not.. 2748561ee011997c6c2f1befbfaa9d5f0a99771c1d63Elliott Hughes */ 2749561ee011997c6c2f1befbfaa9d5f0a99771c1d63Elliott Hughes public void testMatch() throws Exception { 2750561ee011997c6c2f1befbfaa9d5f0a99771c1d63Elliott Hughes BigInteger serial = new BigInteger("10000"); 2751561ee011997c6c2f1befbfaa9d5f0a99771c1d63Elliott Hughes X500Principal issuer = new X500Principal("O=Issuer Org."); 2752561ee011997c6c2f1befbfaa9d5f0a99771c1d63Elliott Hughes X500Principal subject = new X500Principal("O=Subject Org."); 27538d8858e39800de641b50f6e8e864af9cf68bedeaNarayan Kamath byte[] subject_auth_KeyID = new byte[] { 1, 2, 3, 4, 5 }; // random value 2754561ee011997c6c2f1befbfaa9d5f0a99771c1d63Elliott Hughes Date certValid = new Date(2000000000); 2755561ee011997c6c2f1befbfaa9d5f0a99771c1d63Elliott Hughes Date[] privateKeyValid = new Date[] { 2756561ee011997c6c2f1befbfaa9d5f0a99771c1d63Elliott Hughes new Date(100000000L), 2757561ee011997c6c2f1befbfaa9d5f0a99771c1d63Elliott Hughes new Date(200000000L), 2758561ee011997c6c2f1befbfaa9d5f0a99771c1d63Elliott Hughes new Date(300000000L) 2759561ee011997c6c2f1befbfaa9d5f0a99771c1d63Elliott Hughes }; 2760561ee011997c6c2f1befbfaa9d5f0a99771c1d63Elliott Hughes String pkAlgID = "1.2.840.113549.1.1.1"; // RSA encryption (source: http://asn1.elibel.tm.fr) 2761561ee011997c6c2f1befbfaa9d5f0a99771c1d63Elliott Hughes PublicKey pkey; 2762561ee011997c6c2f1befbfaa9d5f0a99771c1d63Elliott Hughes 2763561ee011997c6c2f1befbfaa9d5f0a99771c1d63Elliott Hughes pkey = new TestKeyPair("RSA").getPublic(); 2764561ee011997c6c2f1befbfaa9d5f0a99771c1d63Elliott Hughes 2765561ee011997c6c2f1befbfaa9d5f0a99771c1d63Elliott Hughes boolean[] keyUsage = new boolean[] 27668d8858e39800de641b50f6e8e864af9cf68bedeaNarayan Kamath { true, true, true, true, true, true, true, true, false }; 2767561ee011997c6c2f1befbfaa9d5f0a99771c1d63Elliott Hughes // OID values was taken from rfc 3280 2768561ee011997c6c2f1befbfaa9d5f0a99771c1d63Elliott Hughes HashSet extKeyUsage = new HashSet(Arrays.asList(new String[] { 2769e98fbf8686c5289bf03fe5c3de7ff82d3a77104dElliott Hughes "1.3.6.1.5.5.7.3.1", "1.3.6.1.5.5.7.3.2", "1.3.6.1.5.5.7.3.3", 2770e98fbf8686c5289bf03fe5c3de7ff82d3a77104dElliott Hughes "1.3.6.1.5.5.7.3.4", "1.3.6.1.5.5.7.3.8", "1.3.6.1.5.5.7.3.9", 27718d8858e39800de641b50f6e8e864af9cf68bedeaNarayan Kamath "1.3.6.1.5.5.7.3.5", "1.3.6.1.5.5.7.3.6", "1.3.6.1.5.5.7.3.7" } 2772561ee011997c6c2f1befbfaa9d5f0a99771c1d63Elliott Hughes )); 2773561ee011997c6c2f1befbfaa9d5f0a99771c1d63Elliott Hughes GeneralNames subjectAltNames = new GeneralNames(Arrays.asList( 27748d8858e39800de641b50f6e8e864af9cf68bedeaNarayan Kamath new GeneralName[] { 27758d8858e39800de641b50f6e8e864af9cf68bedeaNarayan Kamath new GeneralName(1, "rfc@822.Name"), 27768d8858e39800de641b50f6e8e864af9cf68bedeaNarayan Kamath new GeneralName(2, "dNSName"), 27778d8858e39800de641b50f6e8e864af9cf68bedeaNarayan Kamath new GeneralName(6, "http://uniform.Resource.Id"), 27788d8858e39800de641b50f6e8e864af9cf68bedeaNarayan Kamath new GeneralName(7, "1.1.1.1") 27798d8858e39800de641b50f6e8e864af9cf68bedeaNarayan Kamath } 2780561ee011997c6c2f1befbfaa9d5f0a99771c1d63Elliott Hughes )); 2781561ee011997c6c2f1befbfaa9d5f0a99771c1d63Elliott Hughes String[] policies = new String[] { 27828d8858e39800de641b50f6e8e864af9cf68bedeaNarayan Kamath "0.0.0.0.0.0", 27838d8858e39800de641b50f6e8e864af9cf68bedeaNarayan Kamath "1.1.1.1.1.1", 2784561ee011997c6c2f1befbfaa9d5f0a99771c1d63Elliott Hughes }; 2785e98fbf8686c5289bf03fe5c3de7ff82d3a77104dElliott Hughes 2786561ee011997c6c2f1befbfaa9d5f0a99771c1d63Elliott Hughes TestCert cert = new TestCert("certificate equality criteria"); 2787561ee011997c6c2f1befbfaa9d5f0a99771c1d63Elliott Hughes cert.setSerialNumber(serial); 2788561ee011997c6c2f1befbfaa9d5f0a99771c1d63Elliott Hughes cert.setIssuer(issuer); 2789561ee011997c6c2f1befbfaa9d5f0a99771c1d63Elliott Hughes cert.setSubject(subject); 2790561ee011997c6c2f1befbfaa9d5f0a99771c1d63Elliott Hughes cert.setKeyIdentifier(subject_auth_KeyID); 2791561ee011997c6c2f1befbfaa9d5f0a99771c1d63Elliott Hughes cert.setDate(certValid); 2792561ee011997c6c2f1befbfaa9d5f0a99771c1d63Elliott Hughes cert.setPeriod(privateKeyValid[0], privateKeyValid[2]); 2793561ee011997c6c2f1befbfaa9d5f0a99771c1d63Elliott Hughes cert.setPublicKey(pkey); 2794561ee011997c6c2f1befbfaa9d5f0a99771c1d63Elliott Hughes cert.setKeyUsage(keyUsage); 2795561ee011997c6c2f1befbfaa9d5f0a99771c1d63Elliott Hughes cert.setExtendedKeyUsage(extKeyUsage); 2796561ee011997c6c2f1befbfaa9d5f0a99771c1d63Elliott Hughes cert.setSubjectAlternativeNames(subjectAltNames); 2797561ee011997c6c2f1befbfaa9d5f0a99771c1d63Elliott Hughes cert.setPolicies(policies); 2798e98fbf8686c5289bf03fe5c3de7ff82d3a77104dElliott Hughes 2799561ee011997c6c2f1befbfaa9d5f0a99771c1d63Elliott Hughes X509CertSelector selector = new X509CertSelector(); 2800561ee011997c6c2f1befbfaa9d5f0a99771c1d63Elliott Hughes selector.setCertificate(cert); 2801561ee011997c6c2f1befbfaa9d5f0a99771c1d63Elliott Hughes selector.setSerialNumber(serial); 2802561ee011997c6c2f1befbfaa9d5f0a99771c1d63Elliott Hughes selector.setIssuer(issuer); 2803561ee011997c6c2f1befbfaa9d5f0a99771c1d63Elliott Hughes selector.setSubject(subject); 2804561ee011997c6c2f1befbfaa9d5f0a99771c1d63Elliott Hughes selector.setSubjectKeyIdentifier(subject_auth_KeyID); 2805561ee011997c6c2f1befbfaa9d5f0a99771c1d63Elliott Hughes selector.setAuthorityKeyIdentifier(subject_auth_KeyID); 2806561ee011997c6c2f1befbfaa9d5f0a99771c1d63Elliott Hughes selector.setCertificateValid(certValid); 2807561ee011997c6c2f1befbfaa9d5f0a99771c1d63Elliott Hughes selector.setPrivateKeyValid(privateKeyValid[1]); 2808561ee011997c6c2f1befbfaa9d5f0a99771c1d63Elliott Hughes selector.setSubjectPublicKey(pkey); 2809561ee011997c6c2f1befbfaa9d5f0a99771c1d63Elliott Hughes selector.setSubjectPublicKeyAlgID(pkAlgID); 2810561ee011997c6c2f1befbfaa9d5f0a99771c1d63Elliott Hughes selector.setKeyUsage(keyUsage); 2811561ee011997c6c2f1befbfaa9d5f0a99771c1d63Elliott Hughes selector.setExtendedKeyUsage(extKeyUsage); 2812561ee011997c6c2f1befbfaa9d5f0a99771c1d63Elliott Hughes selector.setSubjectAlternativeNames(subjectAltNames.getPairsList()); 2813561ee011997c6c2f1befbfaa9d5f0a99771c1d63Elliott Hughes selector.setMatchAllSubjectAltNames(true); 2814561ee011997c6c2f1befbfaa9d5f0a99771c1d63Elliott Hughes selector.setPolicy(new HashSet(Arrays.asList(policies))); 2815561ee011997c6c2f1befbfaa9d5f0a99771c1d63Elliott Hughes 2816e98fbf8686c5289bf03fe5c3de7ff82d3a77104dElliott Hughes assertFalse("The null object should not match", 28178d8858e39800de641b50f6e8e864af9cf68bedeaNarayan Kamath selector.match((X509Certificate) null)); 2818e98fbf8686c5289bf03fe5c3de7ff82d3a77104dElliott Hughes assertTrue("The certificate should match the selector", 28198d8858e39800de641b50f6e8e864af9cf68bedeaNarayan Kamath selector.match(cert)); 2820561ee011997c6c2f1befbfaa9d5f0a99771c1d63Elliott Hughes } 2821561ee011997c6c2f1befbfaa9d5f0a99771c1d63Elliott Hughes 2822561ee011997c6c2f1befbfaa9d5f0a99771c1d63Elliott Hughes /** 2823561ee011997c6c2f1befbfaa9d5f0a99771c1d63Elliott Hughes * @tests java.security.cert.X509CertSelector#match(java.security.cert.Certificate) 2824561ee011997c6c2f1befbfaa9d5f0a99771c1d63Elliott Hughes */ 2825561ee011997c6c2f1befbfaa9d5f0a99771c1d63Elliott Hughes public void test_matchLjava_security_cert_Certificate() { 2826561ee011997c6c2f1befbfaa9d5f0a99771c1d63Elliott Hughes 2827561ee011997c6c2f1befbfaa9d5f0a99771c1d63Elliott Hughes // Regression for HARMONY-186 2828561ee011997c6c2f1befbfaa9d5f0a99771c1d63Elliott Hughes TestCert cert = new TestCert(); 2829561ee011997c6c2f1befbfaa9d5f0a99771c1d63Elliott Hughes cert.setKeyUsage(new boolean[] { true, false, true, false, false, 2830561ee011997c6c2f1befbfaa9d5f0a99771c1d63Elliott Hughes false, false, false, false }); 2831561ee011997c6c2f1befbfaa9d5f0a99771c1d63Elliott Hughes 2832561ee011997c6c2f1befbfaa9d5f0a99771c1d63Elliott Hughes X509CertSelector certSelector = new X509CertSelector(); 2833561ee011997c6c2f1befbfaa9d5f0a99771c1d63Elliott Hughes 2834561ee011997c6c2f1befbfaa9d5f0a99771c1d63Elliott Hughes certSelector.setKeyUsage(new boolean[] { true, false, true }); 2835561ee011997c6c2f1befbfaa9d5f0a99771c1d63Elliott Hughes assertTrue("Assert 1: ", certSelector.match(cert)); 2836561ee011997c6c2f1befbfaa9d5f0a99771c1d63Elliott Hughes 2837561ee011997c6c2f1befbfaa9d5f0a99771c1d63Elliott Hughes certSelector.setKeyUsage(new boolean[] { true, true, true }); 2838561ee011997c6c2f1befbfaa9d5f0a99771c1d63Elliott Hughes assertFalse("Assert 2: ", certSelector.match(cert)); 2839561ee011997c6c2f1befbfaa9d5f0a99771c1d63Elliott Hughes } 2840561ee011997c6c2f1befbfaa9d5f0a99771c1d63Elliott Hughes 2841561ee011997c6c2f1befbfaa9d5f0a99771c1d63Elliott Hughes /** 2842561ee011997c6c2f1befbfaa9d5f0a99771c1d63Elliott Hughes * clone() method testing. 2843561ee011997c6c2f1befbfaa9d5f0a99771c1d63Elliott Hughes */ 2844561ee011997c6c2f1befbfaa9d5f0a99771c1d63Elliott Hughes public void testClone() throws Exception { 2845561ee011997c6c2f1befbfaa9d5f0a99771c1d63Elliott Hughes BigInteger serial = new BigInteger("10000"); 2846561ee011997c6c2f1befbfaa9d5f0a99771c1d63Elliott Hughes X500Principal issuer = new X500Principal("O=Issuer Org."); 2847561ee011997c6c2f1befbfaa9d5f0a99771c1d63Elliott Hughes X500Principal subject = new X500Principal("O=Subject Org."); 28488d8858e39800de641b50f6e8e864af9cf68bedeaNarayan Kamath byte[] subject_auth_KeyID = new byte[] { 1, 2, 3, 4, 5 }; // random value 2849561ee011997c6c2f1befbfaa9d5f0a99771c1d63Elliott Hughes Date certValid = new Date(2000000000); 2850561ee011997c6c2f1befbfaa9d5f0a99771c1d63Elliott Hughes Date[] privateKeyValid = new Date[] { 2851561ee011997c6c2f1befbfaa9d5f0a99771c1d63Elliott Hughes new Date(100000000L), 2852561ee011997c6c2f1befbfaa9d5f0a99771c1d63Elliott Hughes new Date(200000000L), 2853561ee011997c6c2f1befbfaa9d5f0a99771c1d63Elliott Hughes new Date(300000000L) 2854561ee011997c6c2f1befbfaa9d5f0a99771c1d63Elliott Hughes }; 2855561ee011997c6c2f1befbfaa9d5f0a99771c1d63Elliott Hughes String pkAlgID = "1.2.840.113549.1.1.1"; // RSA encryption (source: http://asn1.elibel.tm.fr) 2856561ee011997c6c2f1befbfaa9d5f0a99771c1d63Elliott Hughes PublicKey pkey; 2857561ee011997c6c2f1befbfaa9d5f0a99771c1d63Elliott Hughes 2858561ee011997c6c2f1befbfaa9d5f0a99771c1d63Elliott Hughes pkey = new TestKeyPair("RSA").getPublic(); 2859561ee011997c6c2f1befbfaa9d5f0a99771c1d63Elliott Hughes 2860561ee011997c6c2f1befbfaa9d5f0a99771c1d63Elliott Hughes boolean[] keyUsage = new boolean[] 28618d8858e39800de641b50f6e8e864af9cf68bedeaNarayan Kamath { true, true, true, true, true, true, true, true, false }; 2862561ee011997c6c2f1befbfaa9d5f0a99771c1d63Elliott Hughes // OID values was taken from rfc 3280 2863561ee011997c6c2f1befbfaa9d5f0a99771c1d63Elliott Hughes HashSet extKeyUsage = new HashSet(Arrays.asList(new String[] { 2864e98fbf8686c5289bf03fe5c3de7ff82d3a77104dElliott Hughes "1.3.6.1.5.5.7.3.1", "1.3.6.1.5.5.7.3.2", "1.3.6.1.5.5.7.3.3", 2865e98fbf8686c5289bf03fe5c3de7ff82d3a77104dElliott Hughes "1.3.6.1.5.5.7.3.4", "1.3.6.1.5.5.7.3.8", "1.3.6.1.5.5.7.3.9", 28668d8858e39800de641b50f6e8e864af9cf68bedeaNarayan Kamath "1.3.6.1.5.5.7.3.5", "1.3.6.1.5.5.7.3.6", "1.3.6.1.5.5.7.3.7" } 2867561ee011997c6c2f1befbfaa9d5f0a99771c1d63Elliott Hughes )); 2868561ee011997c6c2f1befbfaa9d5f0a99771c1d63Elliott Hughes GeneralNames subjectAltNames = new GeneralNames(Arrays.asList( 28698d8858e39800de641b50f6e8e864af9cf68bedeaNarayan Kamath new GeneralName[] { 28708d8858e39800de641b50f6e8e864af9cf68bedeaNarayan Kamath new GeneralName(1, "rfc@822.Name"), 28718d8858e39800de641b50f6e8e864af9cf68bedeaNarayan Kamath new GeneralName(2, "dNSName"), 28728d8858e39800de641b50f6e8e864af9cf68bedeaNarayan Kamath new GeneralName(6, "http://uniform.Resource.Id"), 28738d8858e39800de641b50f6e8e864af9cf68bedeaNarayan Kamath new GeneralName(7, "1.1.1.1") 28748d8858e39800de641b50f6e8e864af9cf68bedeaNarayan Kamath } 2875561ee011997c6c2f1befbfaa9d5f0a99771c1d63Elliott Hughes )); 2876561ee011997c6c2f1befbfaa9d5f0a99771c1d63Elliott Hughes String[] policies = new String[] { 28778d8858e39800de641b50f6e8e864af9cf68bedeaNarayan Kamath "0.0.0.0.0.0", 28788d8858e39800de641b50f6e8e864af9cf68bedeaNarayan Kamath "1.1.1.1.1.1", 2879561ee011997c6c2f1befbfaa9d5f0a99771c1d63Elliott Hughes }; 2880e98fbf8686c5289bf03fe5c3de7ff82d3a77104dElliott Hughes 2881561ee011997c6c2f1befbfaa9d5f0a99771c1d63Elliott Hughes TestCert cert = new TestCert("certificate equality criteria"); 2882561ee011997c6c2f1befbfaa9d5f0a99771c1d63Elliott Hughes cert.setSerialNumber(serial); 2883561ee011997c6c2f1befbfaa9d5f0a99771c1d63Elliott Hughes cert.setIssuer(issuer); 2884561ee011997c6c2f1befbfaa9d5f0a99771c1d63Elliott Hughes cert.setSubject(subject); 2885561ee011997c6c2f1befbfaa9d5f0a99771c1d63Elliott Hughes cert.setKeyIdentifier(subject_auth_KeyID); 2886561ee011997c6c2f1befbfaa9d5f0a99771c1d63Elliott Hughes cert.setDate(certValid); 2887561ee011997c6c2f1befbfaa9d5f0a99771c1d63Elliott Hughes cert.setPeriod(privateKeyValid[0], privateKeyValid[2]); 2888561ee011997c6c2f1befbfaa9d5f0a99771c1d63Elliott Hughes cert.setPublicKey(pkey); 2889561ee011997c6c2f1befbfaa9d5f0a99771c1d63Elliott Hughes cert.setKeyUsage(keyUsage); 2890561ee011997c6c2f1befbfaa9d5f0a99771c1d63Elliott Hughes cert.setExtendedKeyUsage(extKeyUsage); 2891561ee011997c6c2f1befbfaa9d5f0a99771c1d63Elliott Hughes cert.setSubjectAlternativeNames(subjectAltNames); 2892561ee011997c6c2f1befbfaa9d5f0a99771c1d63Elliott Hughes cert.setPolicies(policies); 2893e98fbf8686c5289bf03fe5c3de7ff82d3a77104dElliott Hughes 2894561ee011997c6c2f1befbfaa9d5f0a99771c1d63Elliott Hughes X509CertSelector selector = new X509CertSelector(); 2895561ee011997c6c2f1befbfaa9d5f0a99771c1d63Elliott Hughes selector.setCertificate(cert); 2896561ee011997c6c2f1befbfaa9d5f0a99771c1d63Elliott Hughes selector.setSerialNumber(serial); 2897561ee011997c6c2f1befbfaa9d5f0a99771c1d63Elliott Hughes selector.setIssuer(issuer); 2898561ee011997c6c2f1befbfaa9d5f0a99771c1d63Elliott Hughes selector.setSubject(subject); 2899561ee011997c6c2f1befbfaa9d5f0a99771c1d63Elliott Hughes selector.setSubjectKeyIdentifier(subject_auth_KeyID); 2900561ee011997c6c2f1befbfaa9d5f0a99771c1d63Elliott Hughes selector.setAuthorityKeyIdentifier(subject_auth_KeyID); 2901561ee011997c6c2f1befbfaa9d5f0a99771c1d63Elliott Hughes selector.setCertificateValid(certValid); 2902561ee011997c6c2f1befbfaa9d5f0a99771c1d63Elliott Hughes selector.setPrivateKeyValid(privateKeyValid[1]); 2903561ee011997c6c2f1befbfaa9d5f0a99771c1d63Elliott Hughes selector.setSubjectPublicKey(pkey); 2904561ee011997c6c2f1befbfaa9d5f0a99771c1d63Elliott Hughes selector.setSubjectPublicKeyAlgID(pkAlgID); 2905561ee011997c6c2f1befbfaa9d5f0a99771c1d63Elliott Hughes selector.setKeyUsage(keyUsage); 2906561ee011997c6c2f1befbfaa9d5f0a99771c1d63Elliott Hughes selector.setExtendedKeyUsage(extKeyUsage); 2907561ee011997c6c2f1befbfaa9d5f0a99771c1d63Elliott Hughes selector.setSubjectAlternativeNames(subjectAltNames.getPairsList()); 2908561ee011997c6c2f1befbfaa9d5f0a99771c1d63Elliott Hughes selector.setMatchAllSubjectAltNames(true); 2909561ee011997c6c2f1befbfaa9d5f0a99771c1d63Elliott Hughes selector.setPolicy(new HashSet(Arrays.asList(policies))); 2910561ee011997c6c2f1befbfaa9d5f0a99771c1d63Elliott Hughes 2911e98fbf8686c5289bf03fe5c3de7ff82d3a77104dElliott Hughes assertTrue("The certificate should match the selector", 29128d8858e39800de641b50f6e8e864af9cf68bedeaNarayan Kamath ((X509CertSelector) selector.clone()).match(cert)); 2913561ee011997c6c2f1befbfaa9d5f0a99771c1d63Elliott Hughes } 2914561ee011997c6c2f1befbfaa9d5f0a99771c1d63Elliott Hughes 2915561ee011997c6c2f1befbfaa9d5f0a99771c1d63Elliott Hughes 2916561ee011997c6c2f1befbfaa9d5f0a99771c1d63Elliott Hughes public static Test suite() { 2917561ee011997c6c2f1befbfaa9d5f0a99771c1d63Elliott Hughes return new TestSuite(X509CertSelectorTest.class); 2918561ee011997c6c2f1befbfaa9d5f0a99771c1d63Elliott Hughes } 2919561ee011997c6c2f1befbfaa9d5f0a99771c1d63Elliott Hughes 2920561ee011997c6c2f1befbfaa9d5f0a99771c1d63Elliott Hughes} 2921