1/* 2 * Licensed to the Apache Software Foundation (ASF) under one or more 3 * contributor license agreements. See the NOTICE file distributed with 4 * this work for additional information regarding copyright ownership. 5 * The ASF licenses this file to You under the Apache License, Version 2.0 6 * (the "License"); you may not use this file except in compliance with 7 * the License. You may obtain a copy of the License at 8 * 9 * http://www.apache.org/licenses/LICENSE-2.0 10 * 11 * Unless required by applicable law or agreed to in writing, software 12 * distributed under the License is distributed on an "AS IS" BASIS, 13 * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. 14 * See the License for the specific language governing permissions and 15 * limitations under the License. 16 */ 17 18/** 19 * @author Vera Y. Petrashkova 20 */ 21 22package org.apache.harmony.security.tests.java.security; 23 24import java.io.ByteArrayOutputStream; 25import java.security.Key; 26import java.security.KeyStore; 27import java.security.KeyStoreException; 28import java.security.KeyStoreSpi; 29import java.security.NoSuchProviderException; 30import java.security.PrivateKey; 31import java.security.Provider; 32import java.security.UnrecoverableEntryException; 33import java.security.UnrecoverableKeyException; 34import java.security.cert.Certificate; 35import java.util.Arrays; 36 37import org.apache.harmony.security.tests.support.KeyStoreTestSupport; 38import org.apache.harmony.security.tests.support.MyKeyStoreSpi; 39import org.apache.harmony.security.tests.support.MyLoadStoreParams; 40import org.apache.harmony.security.tests.support.SpiEngUtils; 41import org.apache.harmony.security.tests.support.TestKeyPair; 42 43import junit.framework.TestCase; 44 45/** 46 * Tests for <code>KeyStore</code> constructor and methods 47 */ 48 49public class KeyStore_Impl1Test extends TestCase { 50 51 public static final String srvKeyStore = KeyStoreTestSupport.srvKeyStore; 52 public static String[] validValues = KeyStoreTestSupport.validValues; 53 54 private static final String[] aliases = { "", "alias", "Alias", "ALIAS", 55 "new alias", "another alias", "ADDITIONAL", "THE SAME ALIAS" }; 56 57 private static String[] invalidValues = SpiEngUtils.invalidValues; 58 59 public static String defaultType = KeyStoreTestSupport.defaultType; 60 public static boolean JKSSupported = KeyStoreTestSupport.JKSSupported; 61 public static String defaultProviderName = KeyStoreTestSupport.defaultProviderName; 62 public static Provider defaultProvider = KeyStoreTestSupport.defaultProvider; 63 64 private static String NotSupportMsg = "Default KeyStore type is not supported"; 65 66 public KeyStore[] createKS() throws Exception { 67 assertTrue(NotSupportMsg, JKSSupported); 68 KeyStore[] kpg = new KeyStore[3]; 69 70 kpg[0] = KeyStore.getInstance(defaultType); 71 kpg[1] = KeyStore.getInstance(defaultType, defaultProvider); 72 kpg[2] = KeyStore.getInstance(defaultType, defaultProviderName); 73 return kpg; 74 } 75 76 /** 77 * Test for <code>getInstance(String type)</code> method 78 * Assertion: 79 * returns KeyStoreException object 80 */ 81 public void testKeyStore03() throws KeyStoreException { 82 assertTrue(NotSupportMsg, JKSSupported); 83 KeyStore ks; 84 for (int i = 0; i < validValues.length; i++) { 85 ks = KeyStore.getInstance(validValues[i]); 86 assertEquals("Incorrect type", ks.getType(), validValues[i]); 87 } 88 } 89 90 /** 91 * Test for <code>getInstance(String type, String provider)</code> method 92 * Assertion: throws IllegalArgumentException when provider is null or empty 93 */ 94 public void testKeyStore04() throws Exception { 95 assertTrue(NotSupportMsg, JKSSupported); 96 String provider = null; 97 for (int i = 0; i < validValues.length; i++) { 98 try { 99 KeyStore.getInstance(validValues[i], provider); 100 fail("IllegalArgumentException must be thrown when provider is null (type: " 101 .concat(validValues[i]).concat(" )")); 102 } catch (IllegalArgumentException e) { 103 } 104 try { 105 KeyStore.getInstance(validValues[i], ""); 106 fail("IllegalArgumentException must be thrown when provider is empty (type: " 107 .concat(validValues[i]).concat(" )")); 108 } catch (IllegalArgumentException e) { 109 } 110 } 111 } 112 113 /** 114 * Test for <code>getInstance(String type, String provider)</code> method 115 * Assertion: throws NoSuchProviderException when provider is not available 116 */ 117 public void testKeyStore05() throws KeyStoreException { 118 assertTrue(NotSupportMsg, JKSSupported); 119 for (int i = 0; i < validValues.length; i++) { 120 for (int j = 1; j < invalidValues.length; j++) { 121 try { 122 KeyStore.getInstance(validValues[i], invalidValues[j]); 123 fail("NoSuchProviderException must be thrown (type: " 124 .concat(validValues[i]).concat(" provider: ") 125 .concat(invalidValues[j]).concat(" )")); 126 } catch (NoSuchProviderException e) { 127 } 128 } 129 } 130 } 131 132 /** 133 * Test for <code>getInstance(String type, String provider)</code> method 134 * Assertion: 135 * throws NullPointerException when type is null 136 * throws KeyStoreException when type is not available 137 */ 138 public void testKeyStore06() throws NoSuchProviderException { 139 assertTrue(NotSupportMsg, JKSSupported); 140 try { 141 KeyStore.getInstance(null, defaultProviderName); 142 fail("KeyStoreException must be thrown when type is null"); 143 } catch (KeyStoreException e) { 144 } catch (NullPointerException e) { 145 } 146 for (int i = 0; i < invalidValues.length; i++) { 147 try { 148 KeyStore.getInstance(invalidValues[i], defaultProviderName); 149 fail("KeyStoreException must be thrown (type: ".concat( 150 invalidValues[i]).concat(" provider: ").concat( 151 defaultProviderName).concat(" )")); 152 } catch (KeyStoreException e) { 153 } 154 } 155 } 156 157 /** 158 * Test for <code>getInstance(String type, String provider)</code> method 159 * Assertion: returns KeyStore object 160 */ 161 public void testKeyStore07() throws Exception { 162 assertTrue(NotSupportMsg, JKSSupported); 163 KeyStore ks; 164 for (int i = 0; i < validValues.length; i++) { 165 ks = KeyStore.getInstance(validValues[i], defaultProviderName); 166 assertEquals("Incorrect type", ks.getType(), validValues[i]); 167 assertEquals("Incorrect provider", ks.getProvider().getName(), 168 defaultProviderName); 169 } 170 } 171 172 /** 173 * Test for <code>getInstance(String type, Provider provider)</code> method 174 * Assertion: throws IllegalArgumentException when provider is null 175 */ 176 public void testKeyStore08() throws KeyStoreException { 177 assertTrue(NotSupportMsg, JKSSupported); 178 Provider provider = null; 179 for (int i = 0; i < validValues.length; i++) { 180 try { 181 KeyStore.getInstance(validValues[i], provider); 182 fail("IllegalArgumentException must be thrown when provider is null (type: " 183 .concat(validValues[i]).concat(" )")); 184 } catch (IllegalArgumentException e) { 185 } 186 } 187 } 188 189 /** 190 * Test for <code>getInstance(String type, Provider provider)</code> 191 * method 192 * Assertions: 193 * throws NullPointerException when type is null 194 * throws KeyStoreException when type is not available 195 */ 196 public void testKeyStore09() { 197 assertTrue(NotSupportMsg, JKSSupported); 198 try { 199 KeyStore.getInstance(null, defaultProvider); 200 fail("KeyStoreException must be thrown when type is null"); 201 } catch (KeyStoreException e) { 202 } catch (NullPointerException e) { 203 } 204 for (int i = 0; i < invalidValues.length; i++) { 205 try { 206 KeyStore.getInstance(invalidValues[i], defaultProvider); 207 fail("KeyStoreException must be thrown when type is null (type: " 208 .concat(invalidValues[i]).concat(" provider: ").concat( 209 defaultProvider.getName()).concat(" )")); 210 } catch (KeyStoreException e) { 211 } 212 } 213 } 214 215 /** 216 * Test for <code>getInstance(String type, Provider provider)</code> 217 * method 218 * Assertion: returns KeyStore object 219 */ 220 public void testKeyStore10() throws KeyStoreException { 221 assertTrue(NotSupportMsg, JKSSupported); 222 KeyStore ks; 223 for (int i = 0; i < validValues.length; i++) { 224 ks = KeyStore.getInstance(validValues[i], defaultProvider); 225 assertEquals("Incorrect type", ks.getType(), validValues[i]); 226 assertEquals("Incorrect provider", ks.getProvider(), 227 defaultProvider); 228 } 229 } 230 231 /** 232 * Test for methods: 233 * <code>getKey(String alias, char[] password)</code> 234 * <code>getCertificateChain(String alias)</code> 235 * <code>getCertificate(String alias)</code> 236 * <code>getCreationDate(String alias)</code> 237 * <code>setKeyEntry(String alias, Key key, char[] password, Certificate[] chain)</code> 238 * <code>setKeyEntry(String alias, byte[] key, Certificate[] chain)</code> 239 * <code>setCertificateEntry(String alias, Certificate cert)</code> 240 * <code>deleteEntry(String alias)</code> 241 * <code>Enumeration aliases()</code> 242 * <code>containsAlias(String alias)</code> 243 * <code>size()</code> 244 * <code>isKeyEntry(String alias)</code> 245 * <code>isCertificateEntry(String alias)</code> 246 * <code>getCertificateAlias(Certificate cert)</code> 247 * <code>store(OutputStream stream, char[] password)</code> 248 * Assertion: throws KeyStoreException when KeyStore was not initialized 249 */ 250 public void testKeyStore11() throws Exception { 251 assertTrue(NotSupportMsg, JKSSupported); 252 String msgF = "KeyStoreException must be thrown because KeyStore was not initialized"; 253 KeyStore[] kss = createKS(); 254 assertNotNull("KeyStore objects were not created", kss); 255 for (int i = 0; i < kss.length; i++) { 256 try { 257 kss[i].getKey("", new char[1]); 258 fail(msgF); 259 } catch (KeyStoreException e) { 260 } 261 try { 262 kss[i].getCertificateChain(""); 263 fail(msgF); 264 } catch (KeyStoreException e) { 265 } 266 try { 267 kss[i].getCertificate(""); 268 fail(msgF); 269 } catch (KeyStoreException e) { 270 } 271 try { 272 kss[i].getCreationDate(""); 273 fail(msgF); 274 } catch (KeyStoreException e) { 275 } 276 try { 277 kss[i].aliases(); 278 fail(msgF); 279 } catch (KeyStoreException e) { 280 } 281 try { 282 kss[i].containsAlias(""); 283 fail(msgF); 284 } catch (KeyStoreException e) { 285 } 286 try { 287 kss[i].size(); 288 fail(msgF); 289 } catch (KeyStoreException e) { 290 } 291 try { 292 kss[i].setKeyEntry("", null, new char[0], new Certificate[0]); 293 fail(msgF); 294 } catch (KeyStoreException e) { 295 } 296 try { 297 kss[i].setKeyEntry("", new byte[0], new Certificate[0]); 298 fail(msgF); 299 } catch (KeyStoreException e) { 300 } 301 try { 302 kss[i].setCertificateEntry("", null); 303 fail(msgF); 304 } catch (KeyStoreException e) { 305 } 306 try { 307 kss[i].deleteEntry(""); 308 fail(msgF); 309 } catch (KeyStoreException e) { 310 } 311 try { 312 kss[i].isKeyEntry(""); 313 fail(msgF); 314 } catch (KeyStoreException e) { 315 } 316 try { 317 kss[i].isCertificateEntry(""); 318 fail(msgF); 319 } catch (KeyStoreException e) { 320 } 321 try { 322 kss[i].getCertificateAlias(null); 323 fail(msgF); 324 } catch (KeyStoreException e) { 325 } 326 ByteArrayOutputStream ba = new ByteArrayOutputStream(); 327 try { 328 kss[i].store(ba, new char[0]); 329 fail(msgF); 330 } catch (KeyStoreException e) { 331 } 332 try { 333 kss[i].store(new MyLoadStoreParams( 334 new KeyStore.PasswordProtection(new char[0]))); 335 fail(msgF); 336 } catch (KeyStoreException e) { 337 } 338 KeyStore.TrustedCertificateEntry entry = new KeyStore.TrustedCertificateEntry( 339 new KeyStoreTestSupport.MCertificate("type", new byte[0])); 340 try { 341 kss[i].setEntry("aaa", entry, null); 342 fail(msgF); 343 } catch (KeyStoreException e) { 344 } 345 try { 346 kss[i].getEntry("aaa", null); 347 fail(msgF); 348 } catch (KeyStoreException e) { 349 } 350 } 351 } 352 353 /** 354 * Test for 355 * <code>setEntry(String alias, KeyStore.Entry entry, KeyStore.ProtectionParameter params)</code> 356 * <code>containsAlias(String alias)</code> 357 * <code>getEntry(String alias)</code> 358 * <code>getCertificate(String alias)</code> 359 * <code>isCertificateEntry(String alias)</code> 360 * <code>isKeyEntry(String alias)</code> 361 * methods Assertions: setEntry(..) throws NullPointerException when alias 362 * or entry is null; 363 * <p/> 364 * containsAlias(..), getEntry(..), isCertificateEntry(..), isKeyEntry(...) 365 * throw NullPointerException when alias is null; 366 * <p/> 367 * setEntry(..) stores Entry and getEntry(..) returns it when 368 * KeyStore.TrustedCertificateEntry is used; getCertificate(...) returns 369 * used trusted certificate. 370 */ 371 public void testEntry01() throws Exception { 372 assertTrue(NotSupportMsg, JKSSupported); 373 KeyStoreTestSupport.MCertificate trust = new KeyStoreTestSupport.MCertificate( 374 "type", new byte[0]); 375 KeyStore.TrustedCertificateEntry entry = new KeyStore.TrustedCertificateEntry( 376 trust); 377 KeyStore[] kss = createKS(); 378 assertNotNull("KeyStore objects were not created", kss); 379 380 for (int i = 0; i < kss.length; i++) { 381 kss[i].load(null, null); 382 try { 383 kss[i].setEntry(null, entry, null); 384 fail("NullPointerException should be thrown when alias is null"); 385 } catch (NullPointerException e) { 386 } 387 try { 388 kss[i].setEntry("ZZZ", null, null); 389 fail("NullPointerException should be thrown when entry is null"); 390 } catch (NullPointerException e) { 391 } 392 for (int j = 0; j < aliases.length; j++) { 393 kss[i].setEntry(aliases[j], entry, null); 394 } 395 } 396 for (int i = 0; i < kss.length; i++) { 397 try { 398 kss[i].containsAlias(null); 399 fail("NullPointerException should be thrown when alias is null"); 400 } catch (NullPointerException e) { 401 } 402 try { 403 kss[i].isCertificateEntry(null); 404 fail("NullPointerException should be thrown when alias is null"); 405 } catch (NullPointerException e) { 406 } 407 try { 408 kss[i].isKeyEntry(null); 409 fail("NullPointerException should be thrown when alias is null"); 410 } catch (NullPointerException e) { 411 } 412 try { 413 kss[i].getEntry(null, null); 414 fail("NullPointerException should be thrown when alias is null"); 415 } catch (NullPointerException e) { 416 } 417 KeyStore.Entry en; 418 for (int j = 0; j < aliases.length; j++) { 419 assertFalse("Incorrect alias", kss[i].containsAlias("Bad" 420 .concat(aliases[j]))); 421 assertTrue("Incorrect alias", kss[i].containsAlias(aliases[j])); 422 assertTrue("Not CertificateEntry", kss[i] 423 .isCertificateEntry(aliases[j])); 424 assertFalse("Incorrect KeyEntry", kss[i].isKeyEntry(aliases[j])); 425 en = kss[i].getEntry(aliases[j], null); 426 assertTrue("Incorrect Entry", 427 en instanceof KeyStore.TrustedCertificateEntry); 428 assertEquals("Incorrect certificate", 429 ((KeyStore.TrustedCertificateEntry) en) 430 .getTrustedCertificate(), entry 431 .getTrustedCertificate()); 432 assertEquals("Incorrect certificate", kss[i] 433 .getCertificate(aliases[j]), trust); 434 } 435 } 436 } 437 438 439 /** 440 * Test for 441 * <code>setEntry(String alias, KeyStore.Entry entry, KeyStore.ProtectionParameter params)</code> 442 * <code>containsAlias(String alias)</code> 443 * <code>getEntry(String alias)</code> 444 * <code>isCertificateEntry(String alias)</code> 445 * <code>isKeyEntry(String alias)</code> 446 * methods 447 * Assertions: 448 * getEntry(...) throws KeyStoreException if password is incorrect; 449 * setEntry(..) throws KeyStoreException if password is destroyed; 450 * <p/> 451 * setEntry(..) throws KeyStoreException when incorrect Entry is used; 452 * <p/> 453 * setEntry(..) stores Entry and getEntry(...) returns it when 454 * KeyStore.PrivateKeyEntry is used. 455 */ 456 public void testEntry02() throws Exception { 457 assertTrue(NotSupportMsg, JKSSupported); 458 TestKeyPair tkp = new TestKeyPair("DSA"); 459 KeyStoreTestSupport.MCertificate certs[] = { 460 new KeyStoreTestSupport.MCertificate("DSA", tkp.getPrivate() 461 .getEncoded()), 462 new KeyStoreTestSupport.MCertificate("DSA", tkp.getPrivate() 463 .getEncoded()) }; 464 PrivateKey privKey = tkp.getPrivate(); 465 KeyStore.PrivateKeyEntry pKey = new KeyStore.PrivateKeyEntry(privKey, 466 certs); 467 char[] pwd = { 'p', 'a', 's', 's', 'w', 'd' }; 468 KeyStore.PasswordProtection pPath = new KeyStore.PasswordProtection(pwd); 469 KeyStore.PasswordProtection anotherPath = new KeyStore.PasswordProtection( 470 new char[0]); 471 KeyStoreTestSupport.ProtPar pPar = new KeyStoreTestSupport.ProtPar(); 472 KeyStore[] kss = createKS(); 473 assertNotNull("KeyStore objects were not created", kss); 474 for (int i = 0; i < kss.length; i++) { 475 kss[i].load(null, null); 476 for (int j = 0; j < aliases.length; j++) { 477 kss[i].setEntry(aliases[j], pKey, pPath); 478 } 479 KeyStore.Entry en; 480 Certificate[] cc; 481 for (int j = 0; j < aliases.length; j++) { 482 assertTrue("Incorrect alias", kss[i].containsAlias(aliases[j])); 483 assertTrue("Not KeyEntry", kss[i].isKeyEntry(aliases[j])); 484 assertFalse("Incorrect CertificateEntry", kss[i] 485 .isCertificateEntry(aliases[j])); 486 487 en = kss[i].getEntry(aliases[j], pPath); 488 assertTrue("Incorrect Entry", 489 en instanceof KeyStore.PrivateKeyEntry); 490 Key key = pKey.getPrivateKey(); 491 Key key1 = ((KeyStore.PrivateKeyEntry) en).getPrivateKey(); 492 if (!key.getAlgorithm().equals(key1.getAlgorithm()) || 493 !key.getFormat().equals(key1.getFormat())) { 494 fail("Incorrect key"); 495 } 496 byte[] enc = key.getEncoded(); 497 byte[] enc1 = key1.getEncoded(); 498 assertTrue("Diff. keys encoding", Arrays.equals(enc, enc1)); 499 500 cc = ((KeyStore.PrivateKeyEntry) en).getCertificateChain(); 501 assertEquals("Incorrect CertificateChain", cc.length, 502 certs.length); 503 for (int t = 0; t < cc.length; t++) { 504 assertEquals("Incorrect CertificateChain", cc[t], certs[t]); 505 } 506 507 key = kss[i].getKey(aliases[j], pwd); 508 key1 = privKey; 509 if (!key.getAlgorithm().equals(key1.getAlgorithm()) || 510 !key.getFormat().equals(key1.getFormat())) { 511 fail("Incorrect Entry: key"); 512 } 513 enc = key.getEncoded(); 514 enc1 = key1.getEncoded(); 515 assertTrue("Incorrect Entry: Diff. keys encoding", Arrays.equals(enc, enc1)); 516 517 cc = kss[i].getCertificateChain(aliases[j]); 518 assertEquals("Incorrect CertificateChain", cc.length, 519 certs.length); 520 for (int t = 0; t < cc.length; t++) { 521 assertEquals("Incorrect CertificateChain", cc[t], certs[t]); 522 } 523 try { 524 kss[i].getEntry(aliases[j], anotherPath); 525 fail("KeyStoreException or UnrecoverableEntryException should be thrown " 526 + "because password is incorrect"); 527 } catch (KeyStoreException e) { 528 } catch (UnrecoverableEntryException e) { 529 } 530 } 531 } 532 pPath.destroy(); 533 for (int i = 0; i < kss.length; i++) { 534 try { 535 kss[i].setEntry("ZZZ", pKey, pPath); 536 fail("KeyStoreException should be thrown because password is destroyed"); 537 } catch (KeyStoreException e) { 538 } 539 540 for (int j = 0; j < aliases.length; j++) { 541 try { 542 kss[i].getEntry(aliases[j], pPath); 543 fail("KeyStoreException should be thrown because password is destroyed"); 544 } catch (KeyStoreException e) { 545 } 546 547 try { 548 kss[i].getEntry(aliases[j], pPar); 549 fail("UnrecoverableEntryException should be thrown"); 550 } catch (UnrecoverableEntryException e) { 551 } 552 } 553 } 554 } 555 556 /** 557 * Test for 558 * <code>setEntry(String alias, KeyStore.Entry entry, KeyStore.ProtectionParameter params)</code> 559 * <code>containsAlias(String alias)</code> 560 * <code>getEntry(String alias)</code> 561 * <code>isCertificateEntry(String alias)</code> 562 * <code>isKeyEntry(String alias)</code> 563 * methods 564 * Assertions: 565 * setEntry(..) stores used entry and getEntry(..) returns it when 566 * KeyStore.SecretKeyEntry is used; 567 * <p/> 568 * setEntry(..) throws KeyStoreException when incorrect Entry is used. 569 * <p/> 570 * FIXME: this test should be changed to verify SecretKeyEntry. 571 * It is not supported. 572 */ 573 public void testEntry03() throws Exception { 574 assertTrue(NotSupportMsg, JKSSupported); 575 TestKeyPair tkp = new TestKeyPair("DSA"); 576 KeyStoreTestSupport.SKey secKey = new KeyStoreTestSupport.SKey("DSA", 577 tkp.getPrivate().getEncoded()); 578 KeyStore.SecretKeyEntry sKey = new KeyStore.SecretKeyEntry( 579 secKey); 580 char[] pwd = { 'p', 'a', 's', 's', 'w', 'd' }; 581 KeyStore.PasswordProtection pPath = new KeyStore.PasswordProtection(pwd); 582 KeyStoreTestSupport.AnotherEntry aEntry = new KeyStoreTestSupport.AnotherEntry(); 583 KeyStoreTestSupport.ProtPar pPar = new KeyStoreTestSupport.ProtPar(); 584 KeyStore[] kss = createKS(); 585 assertNotNull("KeyStore objects were not created", kss); 586 for (int i = 0; i < kss.length; i++) { 587 kss[i].load(null, null); 588 for (int j = 0; j < aliases.length; j++) { 589 try { 590 kss[i].setEntry(aliases[j], sKey, pPath); 591 } catch (KeyStoreException e) { 592 //logln("testEntry03: non-PrivateKeys not supported."); 593 return; 594 } 595 } 596 597 for (int j = 0; j < aliases.length; j++) { 598 assertTrue("Incorrect alias", kss[i].containsAlias(aliases[j])); 599 assertTrue("Not KeyEntry", kss[i].isKeyEntry(aliases[j])); 600 assertFalse("Incorrect CertificateEntry", kss[i].isCertificateEntry(aliases[j])); 601 Key key1; 602 try { 603 key1 = kss[i].getKey(aliases[j], pwd); 604 } catch (UnrecoverableKeyException e) { 605 //logln("testEntry03: non-PrivateKeys not supported."); 606 return; 607 } 608 if (!secKey.getAlgorithm().equals(key1.getAlgorithm()) || 609 !secKey.getFormat().equals(key1.getFormat())) { 610 fail("Incorrect key"); 611 } 612 byte[] enc = secKey.getEncoded(); 613 byte[] enc1 = key1.getEncoded(); 614 assertTrue("Diff. keys encoding", Arrays.equals(enc, enc1)); 615 assertNull("Incorrect CertificateChain", kss[i].getCertificateChain(aliases[j])); 616 } 617 } 618 pPath.destroy(); 619 for (int i = 0; i < kss.length; i++) { 620 try { 621 kss[i].setEntry("ZZZ", aEntry, pPath); 622 fail("KeyStoreException should be thrown because password is destroyed"); 623 } catch (KeyStoreException e) { 624 } 625 for (int j = 0; j < aliases.length; j++) { 626 try { 627 kss[i].getEntry(aliases[j], pPath); 628 fail("KeyStoreException should be thrown because password is destroyed"); 629 } catch (KeyStoreException e) { 630 } 631 try { 632 kss[i].getEntry(aliases[j], pPar); 633 fail("UnrecoverableEntryException should be thrown"); 634 } catch (UnrecoverableEntryException e) { 635 } 636 } 637 } 638 } 639 640 641 /** 642 * Test for 643 * <code>setCertificateEntry(String alias, Certificate cert)</code> 644 * <code>containsAlias(String alias)</code> 645 * <code>getCertificate(String alias)</code> 646 * <code>isCertificateEntry(String alias)</code> 647 * methods 648 * Assertions: 649 * setCertificateEntry(..), containsAlias(..), getCertificate(..) and isCertificateEntry(..) 650 * throw NullPointerException when alias is null 651 * <p/> 652 * setCertificateEntry(..) stores used entry and getCertificate(..) returns it 653 */ 654 public void testEntry04() throws Exception { 655 assertTrue(NotSupportMsg, JKSSupported); 656 KeyStoreTestSupport.MCertificate cert = new KeyStoreTestSupport.MCertificate( 657 "type", new byte[0]); 658 KeyStore[] kss = createKS(); 659 assertNotNull("KeyStore objects were not created", kss); 660 661 for (int i = 0; i < kss.length; i++) { 662 kss[i].load(null, null); 663 try { 664 kss[i].setCertificateEntry(null, cert); 665 fail("NullPointerException should be thrown when alias is null"); 666 } catch (NullPointerException e) { 667 } 668 for (int j = 0; j < aliases.length; j++) { 669 kss[i].setCertificateEntry(aliases[j], cert); 670 } 671 } 672 for (int i = 0; i < kss.length; i++) { 673 try { 674 kss[i].containsAlias(null); 675 fail("NullPointerException should be thrown when alias is null"); 676 } catch (NullPointerException e) { 677 } 678 try { 679 kss[i].isCertificateEntry(null); 680 fail("NullPointerException should be thrown when alias is null"); 681 } catch (NullPointerException e) { 682 } 683 try { 684 kss[i].getCertificate(null); 685 fail("NullPointerException should be thrown when alias is null"); 686 } catch (NullPointerException e) { 687 } 688 for (int j = 0; j < aliases.length; j++) { 689 assertFalse("Incorrect alias", kss[i].containsAlias("Bad".concat(aliases[j]))); 690 assertTrue("Incorrect alias", kss[i].containsAlias(aliases[j])); 691 assertTrue("Not CertificateEntry", kss[i].isCertificateEntry(aliases[j])); 692 assertFalse("Incorrect KeyEntry", kss[i].isKeyEntry(aliases[j])); 693 assertEquals("Incorrect Certificate", kss[i].getCertificate(aliases[j]), 694 cert); 695 } 696 } 697 } 698 699 /** 700 * Test for 701 * <code>setKeyEntry(String alias, Key key, char[] password, Certificate[] chain)</code> 702 * <code>containsAlias(String alias)</code> 703 * <code>getKey(String alias, char[] password)</code> 704 * <code>isCertificateEntry(String alias)</code> 705 * <code>isKeyEntry(String alias)</code> 706 * <code>setCerificateEntry(String alias, Certificate cert)</code> 707 * <code>getCertificateChain(String alias)</code> 708 * <code>getCertificateAlias(Certificate cert)</code> 709 * methods 710 * <p/> 711 * Assertions: 712 * setKeyEntry(..), getKeyEntry(..) and isKeyEntry(..) 713 * throw NullPointerException when alias is null 714 * <p/> 715 * setKeyEntry(...) throws KeyStoreException when key or password 716 * is null 717 * <p/> 718 * setCertificateEntry(..) throws KeyStoreException when KeyEntry was overwritten 719 * <p/> 720 * setKeyEntry(..) stores used entry, getKey(..) returns it and getCertificateChain(...) 721 * returns cert 722 */ 723 public void testEntry05() throws Exception { 724 assertTrue(NotSupportMsg, JKSSupported); 725 KeyStoreTestSupport.MCertificate certs[] = { 726 new KeyStoreTestSupport.MCertificate("type1", new byte[10]), 727 new KeyStoreTestSupport.MCertificate("type2", new byte[10]) }; 728 KeyStoreTestSupport.MCertificate cert = new KeyStoreTestSupport.MCertificate( 729 "type", new byte[0]); 730 char[] pwd = new char[0]; 731 TestKeyPair tkp = new TestKeyPair("DSA"); 732 PrivateKey key = tkp.getPrivate(); 733 KeyStore[] kss = createKS(); 734 assertNotNull("KeyStore objects were not created", kss); 735 for (int i = 0; i < kss.length; i++) { 736 kss[i].load(null, null); 737 738 // Null as alias does not necessarily lead to NullPointerException 739 740 try { 741 kss[i].setKeyEntry("ZZZ", null, pwd, certs); 742 fail("KeyStoreException should be thrown when key is null"); 743 } catch (KeyStoreException e) { 744 } 745 try { 746 kss[i].setKeyEntry("ZZZ", key, pwd, null); 747 fail("KeyStoreException or IllegalArgumentException should be thrown " 748 + "when chain is null and key is private"); 749 } catch (IllegalArgumentException e) { 750 } 751 try { 752 kss[i].setKeyEntry("ZZZ", key, pwd, 753 new KeyStoreTestSupport.MCertificate[0]); 754 fail("KeyStoreException or IllegalArgumentException should be thrown " 755 + "when chain is empty and key is private"); 756 } catch (IllegalArgumentException e) { 757 } 758 759 for (int j = 0; j < aliases.length; j++) { 760 kss[i].setKeyEntry(aliases[j], key, pwd, certs); 761 } 762 763 kss[i].setKeyEntry("KeyAlias", key, pwd, certs); 764 try { 765 kss[i].setCertificateEntry("KeyAlias", cert); 766 fail("KeyStoreException should be thrown when we try to overwrite KeyEntry to Certificate"); 767 } catch (KeyStoreException e) { 768 } 769 770 try { 771 kss[i].isKeyEntry(null); 772 fail("NullPointerException should be thrown when alias is null"); 773 } catch (NullPointerException e) { 774 } 775 try { 776 kss[i].getKey(null, pwd); 777 fail("NullPointerException should be thrown when alias is null"); 778 } catch (NullPointerException e) { 779 } 780 try { 781 kss[i].getCertificateChain(null); 782 fail("NullPointerException should be thrown when alias is null"); 783 } catch (NullPointerException e) { 784 } 785 for (int j = 0; j < aliases.length; j++) { 786 assertFalse("Incorrect alias", kss[i].containsAlias("Bad".concat(aliases[j]))); 787 assertTrue("Incorrect alias", kss[i].containsAlias(aliases[j])); 788 assertTrue("Not KeyEntry", kss[i].isKeyEntry(aliases[j])); 789 assertFalse("Incorrect CertificateEntry", kss[i].isCertificateEntry(aliases[j])); 790 Key key1 = kss[i].getKey(aliases[j], pwd); 791 if (!key.getAlgorithm().equals(key1.getAlgorithm()) || 792 !key.getFormat().equals(key1.getFormat())) { 793 fail("Incorrect key"); 794 } 795 byte[] enc = key.getEncoded(); 796 byte[] enc1 = key1.getEncoded(); 797 assertTrue("Diff. keys encoding", Arrays.equals(enc, enc1)); 798 Certificate[] cc = kss[i].getCertificateChain(aliases[j]); 799 assertEquals("Incorrect chain", cc.length, certs.length); 800 for (int t = 0; t < cc.length; t++) { 801 assertEquals("Incorrect certificate", cc[t], certs[t]); 802 } 803 } 804 assertNull(kss[i].getCertificateAlias(cert)); 805 String ss = kss[i].getCertificateAlias(certs[0]); 806 boolean ans = false; 807 for (int j = 1; j < aliases.length; j++) { 808 if (ss.equals(aliases[j])) { 809 ans = true; 810 break; 811 } 812 } 813 assertTrue("There is no alias for certificate <type1, new byte[10]>", ans); 814 } 815 } 816 817 /** 818 * Test for 819 * <code>deleteEntry(String alias)</code> 820 * <code>size()</code> 821 * methods 822 * Assertions: 823 * throws NullPointerException when alias is null; 824 * <p/> 825 * deletes entry from KeyStore. 826 */ 827 public void testEntry06() throws Exception { 828 assertTrue(NotSupportMsg, JKSSupported); 829 KeyStore.TrustedCertificateEntry tCert = new KeyStore.TrustedCertificateEntry( 830 new KeyStoreTestSupport.MCertificate("type", new byte[0])); 831 832 TestKeyPair tkp = new TestKeyPair("DSA"); 833 KeyStoreTestSupport.MCertificate certs[] = { 834 new KeyStoreTestSupport.MCertificate("DSA", tkp.getPrivate() 835 .getEncoded()), 836 new KeyStoreTestSupport.MCertificate("DSA", tkp.getPrivate() 837 .getEncoded()) }; 838 KeyStore.PrivateKeyEntry pKey = new KeyStore.PrivateKeyEntry(tkp 839 .getPrivate(), certs); 840 char[] pwd = { 'p', 'a', 's', 's', 'w', 'd' }; 841 KeyStore.PasswordProtection pp = new KeyStore.PasswordProtection(pwd); 842 843 String[] aliases = { "Alias1", "Alias2", "Alias3", "Alias4", "Alias5" }; 844 845 KeyStore[] kss = createKS(); 846 assertNotNull("KeyStore objects were not created", kss); 847 848 for (int i = 0; i < kss.length; i++) { 849 kss[i].load(null, null); 850 kss[i].setEntry(aliases[0], tCert, null); 851 kss[i].setEntry(aliases[1], pKey, pp); 852 kss[i].setEntry(aliases[2], pKey, pp); 853 854 kss[i].setKeyEntry(aliases[3], tkp.getPrivate(), pwd, certs); 855 856 kss[i].setCertificateEntry(aliases[4], certs[0]); 857 858 assertEquals("Incorrect size", kss[i].size(), 5); 859 try { 860 kss[i].deleteEntry(null); 861 fail("NullPointerException should be thrown when alias is null"); 862 } catch (NullPointerException e) { 863 } 864 kss[i].deleteEntry(aliases[0]); 865 kss[i].deleteEntry(aliases[3]); 866 assertEquals("Incorrect size", kss[i].size(), 3); 867 for (int j = 1; j < 5; j++) { 868 if ((j == 0) || (j == 3)) { 869 assertFalse("Incorrect deleted alias", kss[i] 870 .containsAlias(aliases[j])); 871 } else { 872 assertTrue("Incorrect alias", kss[i] 873 .containsAlias(aliases[j])); 874 } 875 } 876 } 877 } 878 879 /** 880 * Test for 881 * <code>entryInstanceOf(String alias, Class class)</code> 882 * method 883 * Assertions: 884 * throws NullPointerException when alias is null 885 * returns false if KeyStore does not contain entry with defined alias 886 * returns false if defined alias is not correspond Entry 887 * returns false 888 * setEntry(..) throws KeyStoreException when incorrect Entry is used; 889 * <p/> 890 * setEntry(..) stores Entry and getEntry(...) returns it when 891 * KeyStore.PrivateKeyEntry is used. 892 */ 893 public void testEntry07() throws Exception { 894 assertTrue(NotSupportMsg, JKSSupported); 895 TestKeyPair tkp = new TestKeyPair("DSA"); 896 KeyStoreTestSupport.MCertificate certs[] = { 897 new KeyStoreTestSupport.MCertificate("DSA", tkp.getPrivate() 898 .getEncoded()), 899 new KeyStoreTestSupport.MCertificate("DSA", tkp.getPrivate() 900 .getEncoded()) }; 901 PrivateKey privKey = tkp.getPrivate(); 902 KeyStore.PrivateKeyEntry pKey = new KeyStore.PrivateKeyEntry(privKey, certs); 903 char[] pwd = { 'p', 'a', 's', 's', 'w', 'd' }; 904 String aliasKE = "KeyAlias"; 905 KeyStore.PasswordProtection pp = new KeyStore.PasswordProtection(pwd); 906 new KeyStore.PasswordProtection(new char[0]); 907 KeyStore[] kss = createKS(); 908 assertNotNull("KeyStore objects were not created", kss); 909 910 for (int i = 0; i < kss.length; i++) { 911 kss[i].load(null, null); 912 // set entries 913 for (int j = 0; j < aliases.length; j++) { 914 kss[i].setEntry(aliases[j], pKey, pp); 915 } 916 kss[i].setKeyEntry(aliasKE, privKey, pwd, certs); 917 try { 918 kss[i].entryInstanceOf(null, pKey.getClass()); 919 fail("NullPointerEXception must be thrown"); 920 } catch (NullPointerException e) { 921 } 922 assertFalse("Incorrect class entry 1", 923 kss[i].entryInstanceOf("ZZZ", pKey.getClass())); 924 for (int j = 0; j < aliases.length; j++) { 925 assertTrue("Incorrect class entry 2", 926 kss[i].entryInstanceOf(aliases[j], pKey.getClass())); 927 928 //make it compilable on 1.5 929 Class c = privKey.getClass(); 930 assertFalse("Incorrect class entry 3", 931 kss[i].entryInstanceOf(aliases[j], c)); 932 } 933 934 //make it compilable on 1.5 935 Class c = privKey.getClass(); 936 assertFalse("Incorrect class entry 4", 937 kss[i].entryInstanceOf(aliasKE, c)); 938 assertTrue("Incorrect class entry 5", 939 kss[i].entryInstanceOf(aliasKE, pKey.getClass())); 940 } 941 } 942 943 944 /** 945 * Test for <code>KeyStore(KeyStoreSpi spi, Provider prov, String type)</code> 946 * constructor 947 * Assertion: constructs KeyStore object 948 */ 949 public void testKeyStoreConstr() throws Exception { 950 assertTrue(NotSupportMsg, JKSSupported); 951 KeyStoreSpi spi = new MyKeyStoreSpi(); 952 KeyStore keySt = new tmpKeyStore(spi, defaultProvider, 953 defaultType); 954 assertEquals("Incorrect name", keySt.getType(), 955 defaultType); 956 assertEquals("Incorrect provider", keySt.getProvider(), defaultProvider); 957 char[] pwd = new char[0]; 958 try { 959 keySt.store(null, pwd); 960 fail("KeyStoreException must be thrown"); 961 } catch (KeyStoreException e) { 962 } 963 keySt = new tmpKeyStore(null, null, null); 964 assertNull("Algorithm must be null", keySt.getType()); 965 assertNull("Provider must be null", keySt.getProvider()); 966 try { 967 keySt.load(null, pwd); 968 fail("NullPointerException must be thrown"); 969 } catch (NullPointerException e) { 970 } 971 } 972 973} 974 975/** 976 * Additional class to verify KeyStore constructor 977 */ 978class tmpKeyStore extends KeyStore { 979 public tmpKeyStore(KeyStoreSpi spi, Provider prov, String alg) { 980 super(spi, prov, alg); 981 } 982} 983