1/* 2 * Copyright (C) 2011 The Android Open Source Project 3 * 4 * Licensed under the Apache License, Version 2.0 (the "License"); 5 * you may not use this file except in compliance with the License. 6 * You may obtain a copy of the License at 7 * 8 * http://www.apache.org/licenses/LICENSE-2.0 9 * 10 * Unless required by applicable law or agreed to in writing, software 11 * distributed under the License is distributed on an "AS IS" BASIS, 12 * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. 13 * See the License for the specific language governing permissions and 14 * limitations under the License. 15 */ 16 17package libcore.java.security.cert; 18 19import com.android.org.bouncycastle.asn1.x509.GeneralName; 20import java.io.ByteArrayInputStream; 21import java.security.cert.Certificate; 22import java.security.cert.CertificateFactory; 23import java.security.cert.X509Certificate; 24import java.util.Collection; 25import java.util.List; 26import junit.framework.TestCase; 27import libcore.java.security.TestKeyStore; 28 29public final class SubjectAlternativeNameTest extends TestCase { 30 31 /** 32 * The spec doesn't cover this, but we require that IP addresses are 33 * formatted consistently with InetAddress.getHostAddress(). 34 */ 35 public void testFormatIpv4Address() throws Exception { 36 assertEquals("127.0.0.1", formatIpAddress(new byte[]{127, 0, 0, 1})); 37 } 38 39 public void testFormatIpv4MappedAddress() throws Exception { 40 byte[] mappedAddress = { 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, -1, -1, 127, 0, 0, 1 }; 41 String decoded = formatIpAddress(mappedAddress); 42 assertTrue(decoded, 43 decoded.equals("127.0.0.1") || decoded.equalsIgnoreCase("::ffff:127.0.0.1")); 44 } 45 46 public void testFormatIpv6Address() throws Exception { 47 byte[] ipAddress = { 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 1 }; 48 String decoded = formatIpAddress(ipAddress); 49 assertTrue(decoded, decoded.equals("::1") || decoded.equals("0:0:0:0:0:0:0:1")); 50 } 51 52 private String formatIpAddress(byte[] ipAddress) throws Exception { 53 Certificate root = new TestKeyStore.Builder() 54 .addSubjectAltNameIpAddress(ipAddress) 55 .build() 56 .getRootCertificate("RSA"); 57 X509Certificate javaCertificate = bouncycastleToJava(root); 58 Collection<List<?>> subjectAlternativeNames = javaCertificate.getSubjectAlternativeNames(); 59 assertEquals(1, subjectAlternativeNames.size()); 60 List<?> subjectAlternativeName = subjectAlternativeNames.iterator().next(); 61 assertEquals(2, subjectAlternativeName.size()); 62 assertEquals(GeneralName.iPAddress, subjectAlternativeName.get(0)); 63 return (String) subjectAlternativeName.get(1); 64 } 65 66 private X509Certificate bouncycastleToJava(Certificate certificate) throws Exception { 67 byte[] encoded = certificate.getEncoded(); 68 CertificateFactory factory = CertificateFactory.getInstance("X.509"); 69 return (X509Certificate) factory.generateCertificate(new ByteArrayInputStream(encoded)); 70 } 71} 72