1/*
2 * Copyright (C) 2011 The Android Open Source Project
3 *
4 * Licensed under the Apache License, Version 2.0 (the "License");
5 * you may not use this file except in compliance with the License.
6 * You may obtain a copy of the License at
7 *
8 *      http://www.apache.org/licenses/LICENSE-2.0
9 *
10 * Unless required by applicable law or agreed to in writing, software
11 * distributed under the License is distributed on an "AS IS" BASIS,
12 * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
13 * See the License for the specific language governing permissions and
14 * limitations under the License.
15 */
16
17package libcore.java.security.cert;
18
19import com.android.org.bouncycastle.asn1.x509.GeneralName;
20import java.io.ByteArrayInputStream;
21import java.security.cert.Certificate;
22import java.security.cert.CertificateFactory;
23import java.security.cert.X509Certificate;
24import java.util.Collection;
25import java.util.List;
26import junit.framework.TestCase;
27import libcore.java.security.TestKeyStore;
28
29public final class SubjectAlternativeNameTest extends TestCase {
30
31    /**
32     * The spec doesn't cover this, but we require that IP addresses are
33     * formatted consistently with InetAddress.getHostAddress().
34     */
35    public void testFormatIpv4Address() throws Exception {
36        assertEquals("127.0.0.1", formatIpAddress(new byte[]{127, 0, 0, 1}));
37    }
38
39    public void testFormatIpv4MappedAddress() throws Exception {
40        byte[] mappedAddress = { 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, -1, -1, 127, 0, 0, 1 };
41        String decoded = formatIpAddress(mappedAddress);
42        assertTrue(decoded,
43                decoded.equals("127.0.0.1") || decoded.equalsIgnoreCase("::ffff:127.0.0.1"));
44    }
45
46    public void testFormatIpv6Address() throws Exception {
47        byte[] ipAddress = { 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 1 };
48        String decoded = formatIpAddress(ipAddress);
49        assertTrue(decoded, decoded.equals("::1") || decoded.equals("0:0:0:0:0:0:0:1"));
50    }
51
52    private String formatIpAddress(byte[] ipAddress) throws Exception {
53        Certificate root = new TestKeyStore.Builder()
54                .addSubjectAltNameIpAddress(ipAddress)
55                .build()
56                .getRootCertificate("RSA");
57        X509Certificate javaCertificate = bouncycastleToJava(root);
58        Collection<List<?>> subjectAlternativeNames = javaCertificate.getSubjectAlternativeNames();
59        assertEquals(1, subjectAlternativeNames.size());
60        List<?> subjectAlternativeName = subjectAlternativeNames.iterator().next();
61        assertEquals(2, subjectAlternativeName.size());
62        assertEquals(GeneralName.iPAddress, subjectAlternativeName.get(0));
63        return (String) subjectAlternativeName.get(1);
64    }
65
66    private X509Certificate bouncycastleToJava(Certificate certificate) throws Exception {
67        byte[] encoded = certificate.getEncoded();
68        CertificateFactory factory = CertificateFactory.getInstance("X.509");
69        return (X509Certificate) factory.generateCertificate(new ByteArrayInputStream(encoded));
70    }
71}
72