1/*
2 *  Licensed to the Apache Software Foundation (ASF) under one or more
3 *  contributor license agreements.  See the NOTICE file distributed with
4 *  this work for additional information regarding copyright ownership.
5 *  The ASF licenses this file to You under the Apache License, Version 2.0
6 *  (the "License"); you may not use this file except in compliance with
7 *  the License.  You may obtain a copy of the License at
8 *
9 *     http://www.apache.org/licenses/LICENSE-2.0
10 *
11 *  Unless required by applicable law or agreed to in writing, software
12 *  distributed under the License is distributed on an "AS IS" BASIS,
13 *  WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
14 *  See the License for the specific language governing permissions and
15 *  limitations under the License.
16 */
17
18/**
19* @author Vera Y. Petrashkova
20* @version $Revision$
21*/
22
23package tests.security.cert;
24
25import junit.framework.TestCase;
26
27import java.security.InvalidAlgorithmParameterException;
28import java.security.NoSuchAlgorithmException;
29import java.security.NoSuchProviderException;
30import java.security.Provider;
31import java.security.Security;
32import java.security.cert.CertPathParameters;
33import java.security.cert.CertPathValidator;
34import java.security.cert.CertPathValidatorException;
35import java.security.cert.CertPathValidatorSpi;
36import java.security.cert.CertificateException;
37
38import org.apache.harmony.security.tests.support.cert.MyCertPath;
39import org.apache.harmony.security.tests.support.cert.MyCertPathValidatorSpi;
40import org.apache.harmony.security.tests.support.SpiEngUtils;
41
42/**
43 * Tests for <code>CertPathValidator</code> class constructors and
44 * methods.
45 *
46 */
47public class CertPathValidator1Test extends TestCase {
48
49    public static final String srvCertPathValidator = "CertPathValidator";
50
51    private static final String defaultType = "PKIX";
52    public static final String [] validValues = {
53            "PKIX", "pkix", "PkiX", "pKiX" };
54
55    private static String [] invalidValues = SpiEngUtils.invalidValues;
56
57    private static boolean PKIXSupport = false;
58
59    private static Provider defaultProvider;
60    private static String defaultProviderName;
61
62    private static String NotSupportMsg = "";
63
64    static {
65        defaultProvider = SpiEngUtils.isSupport(defaultType,
66                srvCertPathValidator);
67        PKIXSupport = (defaultProvider != null);
68        defaultProviderName = (PKIXSupport ? defaultProvider.getName() : null);
69        NotSupportMsg = defaultType.concat(" is not supported");
70    }
71
72
73
74    private static CertPathValidator[] createCPVs() {
75        if (!PKIXSupport) {
76            fail(NotSupportMsg);
77            return null;
78        }
79        try {
80            CertPathValidator[] certPVs = new CertPathValidator[3];
81            certPVs[0] = CertPathValidator.getInstance(defaultType);
82            certPVs[1] = CertPathValidator.getInstance(defaultType,
83                    defaultProviderName);
84            certPVs[2] = CertPathValidator.getInstance(defaultType,
85                    defaultProvider);
86            return certPVs;
87        } catch (Exception e) {
88            return null;
89        }
90    }
91
92
93    /**
94     * Test for <code>getDefaultType()</code> method
95     * Assertion: returns security property "certpathvalidator.type" or "PKIX"
96     */
97    public void testCertPathValidator01() {
98        if (!PKIXSupport) {
99            fail(NotSupportMsg);
100            return;
101        }
102        String propName = "certpathvalidator.type";
103        String defCPV = Security.getProperty(propName);
104
105        String dt = CertPathValidator.getDefaultType();
106        String resType = defCPV;
107        if (resType == null) {
108            resType = defaultType;
109        }
110        assertNotNull("Default type have not be null", dt);
111        assertEquals("Incorrect default type", dt, resType);
112
113        if (defCPV == null) {
114            Security.setProperty(propName, defaultType);
115            dt = CertPathValidator.getDefaultType();
116            resType = Security.getProperty(propName);
117            assertNotNull("Incorrect default type", resType);
118            assertNotNull("Default type have not be null", dt);
119            assertEquals("Incorrect default type", dt, resType);
120        }
121    }
122
123    /**
124     * Test for <code>getInstance(String algorithm)</code> method
125     * Assertion:
126     * throws NullPointerException when algorithm is null
127     * throws NoSuchAlgorithmException when algorithm  is not available
128     */
129    public void testCertPathValidator02() {
130        try {
131            CertPathValidator.getInstance(null);
132            fail("NullPointerException or NoSuchAlgorithmException must be thrown when algorithm is null");
133        } catch (NullPointerException e) {
134        } catch (NoSuchAlgorithmException e) {
135        }
136        for (int i = 0; i < invalidValues.length; i++) {
137            try {
138                CertPathValidator.getInstance(invalidValues[i]);
139                fail("NoSuchAlgorithmException must be thrown");
140            } catch (NoSuchAlgorithmException e) {
141            }
142        }
143    }
144    /**
145     * Test for <code>getInstance(String algorithm)</code> method
146     * Assertion: returns CertPathValidator object
147     */
148    public void testCertPathValidator03() throws NoSuchAlgorithmException  {
149        if (!PKIXSupport) {
150            fail(NotSupportMsg);
151            return;
152        }
153        CertPathValidator certPV;
154        for (int i = 0; i < validValues.length; i++) {
155            certPV = CertPathValidator.getInstance(validValues[i]);
156            assertEquals("Incorrect algorithm", certPV.getAlgorithm(), validValues[i]);
157        }
158    }
159    /**
160     * Test for <code>getInstance(String algorithm, String provider)</code> method
161     * Assertion: throws IllegalArgumentException when provider is null or empty
162     *
163     * FIXME: verify what exception will be thrown if provider is empty
164     */
165    public void testCertPathValidator04()
166            throws NoSuchAlgorithmException, NoSuchProviderException  {
167        if (!PKIXSupport) {
168            fail(NotSupportMsg);
169            return;
170        }
171        String provider = null;
172        for (int i = 0; i < validValues.length; i++) {
173            try {
174                CertPathValidator.getInstance(validValues[i], provider);
175                fail("IllegalArgumentException must be thrown thrown");
176            } catch (IllegalArgumentException e) {
177            }
178            try {
179                CertPathValidator.getInstance(validValues[i], "");
180                fail("IllegalArgumentException must be thrown thrown");
181            } catch (IllegalArgumentException e) {
182            }
183        }
184    }
185    /**
186     * Test for <code>getInstance(String algorithm, String provider)</code> method
187     * Assertion:
188     * throws NoSuchProviderException when provider has invalid value
189     */
190    public void testCertPathValidator05() throws NoSuchAlgorithmException {
191        if (!PKIXSupport) {
192            fail(NotSupportMsg);
193            return;
194        }
195        for (int t = 0; t < validValues.length; t++) {
196            for (int i = 1; i < invalidValues.length; i++) {
197                try {
198                    CertPathValidator.getInstance(validValues[t],
199                            invalidValues[i]);
200                    fail("NoSuchProviderException must be thrown");
201                } catch (NoSuchProviderException e1) {
202                }
203            }
204        }
205    }
206
207    /**
208     * Test for <code>getInstance(String algorithm, String provider)</code> method
209     * Assertion:
210     * throws NullPointerException when algorithm is null
211     * throws NoSuchAlgorithmException when algorithm  is not available
212     */
213    public void testCertPathValidator06()
214            throws NoSuchAlgorithmException, NoSuchProviderException  {
215        if (!PKIXSupport) {
216            fail(NotSupportMsg);
217            return;
218        }
219        try {
220            CertPathValidator.getInstance(null, defaultProviderName);
221            fail("NullPointerException or NoSuchAlgorithmException must be thrown when algorithm is null");
222        } catch (NullPointerException e) {
223        } catch (NoSuchAlgorithmException e) {
224        }
225        for (int i = 0; i < invalidValues.length; i++) {
226            try {
227                CertPathValidator.getInstance(invalidValues[i], defaultProviderName);
228                fail("NoSuchAlgorithmException must be thrown");
229            } catch (NoSuchAlgorithmException e1) {
230            }
231        }
232    }
233    /**
234     * Test for <code>getInstance(String algorithm, String provider)</code> method
235     * Assertion: returns CertPathValidator object
236     */
237    public void testCertPathValidator07() throws NoSuchAlgorithmException,
238            NoSuchProviderException {
239        if (!PKIXSupport) {
240            fail(NotSupportMsg);
241            return;
242        }
243        CertPathValidator certPV;
244        for (int i = 0; i < validValues.length; i++) {
245            certPV = CertPathValidator.getInstance(validValues[i],
246                    defaultProviderName);
247            assertEquals("Incorrect algorithm", certPV.getAlgorithm(),
248                    validValues[i]);
249            assertEquals("Incorrect provider name", certPV.getProvider()
250                    .getName(), defaultProviderName);
251        }
252    }
253
254    /**
255     * Test for <code>getInstance(String algorithm, Provider provider)</code> method
256     * Assertion: throws IllegalArgumentException when provider is null
257     */
258    public void testCertPathValidator08()
259            throws NoSuchAlgorithmException  {
260        if (!PKIXSupport) {
261            fail(NotSupportMsg);
262            return;
263        }
264        Provider prov = null;
265        for (int t = 0; t < validValues.length; t++ ) {
266            try {
267                CertPathValidator.getInstance(validValues[t], prov);
268                fail("IllegalArgumentException must be thrown");
269            } catch (IllegalArgumentException e1) {
270            }
271        }
272    }
273
274    /**
275     * Test for <code>getInstance(String algorithm, String provider)</code> method
276     * Assertion:
277     * throws NullPointerException when algorithm is null
278     * throws NoSuchAlgorithmException when algorithm  is not available
279     */
280    public void testCertPathValidator09()
281            throws NoSuchAlgorithmException, NoSuchProviderException  {
282        if (!PKIXSupport) {
283            fail(NotSupportMsg);
284            return;
285        }
286        try {
287            CertPathValidator.getInstance(null, defaultProvider);
288            fail("NullPointerException or NoSuchAlgorithmException must be thrown when algorithm is null");
289        } catch (NullPointerException e) {
290        } catch (NoSuchAlgorithmException e) {
291        }
292        for (int i = 0; i < invalidValues.length; i++) {
293            try {
294                CertPathValidator.getInstance(invalidValues[i], defaultProvider);
295                fail("NoSuchAlgorithm must be thrown");
296            } catch (NoSuchAlgorithmException e1) {
297            }
298        }
299    }
300    /**
301     * Test for <code>getInstance(String algorithm, String provider)</code> method
302     * Assertion: returns CertPathValidator object
303     */
304    public void testCertPathValidator10() throws NoSuchAlgorithmException,
305            NoSuchProviderException {
306        if (!PKIXSupport) {
307            fail(NotSupportMsg);
308            return;
309        }
310        CertPathValidator certPV;
311        for (int i = 0; i < invalidValues.length; i++) {
312            certPV = CertPathValidator.getInstance(validValues[i],
313                    defaultProvider);
314            assertEquals("Incorrect algorithm", certPV.getAlgorithm(),
315                    validValues[i]);
316            assertEquals("Incorrect provider name", certPV.getProvider(),
317                    defaultProvider);
318        }
319    }
320
321    /**
322     * Test for <code>validate(CertPath certpath, CertPathParameters params)</code> method
323     * Assertion: throws InvalidAlgorithmParameterException params is not
324     * instance of PKIXParameters or null
325     */
326    public void testCertPathValidator11()
327            throws NoSuchAlgorithmException, NoSuchProviderException, CertPathValidatorException {
328        if (!PKIXSupport) {
329            fail(NotSupportMsg);
330            return;
331        }
332        CertPathValidator [] certPV = createCPVs();
333        assertNotNull("CertPathValidator objects were not created", certPV);
334        MyCertPath mCP = new MyCertPath(new byte[0]);
335        invalidParams mPar = new invalidParams();
336        for (int i = 0; i < certPV.length; i++) {
337            try {
338                certPV[i].validate(mCP, mPar);
339                fail("InvalidAlgorithmParameterException must be thrown");
340            } catch(InvalidAlgorithmParameterException e) {
341            }
342            try {
343                certPV[i].validate(mCP, null);
344                fail("InvalidAlgorithmParameterException must be thrown");
345            } catch(InvalidAlgorithmParameterException e) {
346            }
347        }
348    }
349
350     /**
351     * Test for
352     * <code>CertPathValidator</code> constructor
353     * Assertion: returns CertPathValidator object
354     */
355    public void testCertPathValidator12()
356            throws CertificateException, NoSuchProviderException, NoSuchAlgorithmException,
357            CertPathValidatorException, InvalidAlgorithmParameterException {
358        if (!PKIXSupport) {
359            fail(NotSupportMsg);
360            return;
361        }
362        CertPathValidatorSpi spi = new MyCertPathValidatorSpi();
363        CertPathValidator certPV = new myCertPathValidator(spi,
364                    defaultProvider, defaultType);
365        assertEquals("Incorrect algorithm", certPV.getAlgorithm(), defaultType);
366        assertEquals("Incorrect provider", certPV.getProvider(), defaultProvider);
367        certPV.validate(null, null);
368        try {
369            certPV.validate(null, null);
370            fail("CertPathValidatorException must be thrown");
371        } catch (CertPathValidatorException e) {
372        }
373        certPV = new myCertPathValidator(null, null, null);
374        assertNull("Incorrect algorithm", certPV.getAlgorithm());
375        assertNull("Incorrect provider", certPV.getProvider());
376        try {
377            certPV.validate(null, null);
378            fail("NullPointerException must be thrown");
379        } catch (NullPointerException e) {
380        }
381    }
382
383    /**
384     * Test for <code>getAlgorithm()</code> method
385     */
386    public void testCertPathValidator13() throws NoSuchAlgorithmException {
387        if (!PKIXSupport) {
388            fail(NotSupportMsg);
389            return;
390        }
391        CertPathValidator certPV;
392        for (int i = 0; i < validValues.length; i++) {
393            certPV = CertPathValidator.getInstance(validValues[i]);
394            assertEquals("Incorrect algorithm", certPV.getAlgorithm(),
395                    validValues[i]);
396            try {
397                certPV = CertPathValidator.getInstance(validValues[i],
398                        defaultProviderName);
399                assertEquals("Incorrect algorithm", certPV.getAlgorithm(),
400                        validValues[i]);
401            } catch (NoSuchProviderException e) {
402                fail("Unexpected NoSuchAlgorithmException " + e.getMessage());
403            }
404
405            certPV = CertPathValidator.getInstance(validValues[i],
406                    defaultProvider);
407            assertEquals("Incorrect algorithm", certPV.getAlgorithm(),
408                    validValues[i]);
409        }
410    }
411
412    /**
413     * Test for <code>getProvider()</code> method
414     */
415    public void testCertPathValidator14() throws NoSuchAlgorithmException {
416        if (!PKIXSupport) {
417            fail(NotSupportMsg);
418            return;
419        }
420
421        CertPathValidator certPV;
422
423        for (int i = 0; i < validValues.length; i++) {
424            try {
425                certPV = CertPathValidator.getInstance(validValues[i],
426                        defaultProviderName);
427                assertEquals("Incorrect provider", certPV.getProvider(),
428                        defaultProvider);
429            } catch (NoSuchProviderException e) {
430                fail("Unexpected NoSuchProviderException " + e.getMessage());
431            }
432
433            certPV = CertPathValidator.getInstance(validValues[i],
434                    defaultProvider);
435            assertEquals("Incorrect provider", certPV.getProvider(),
436                    defaultProvider);
437        }
438    }
439}
440/**
441 * Additional class to verify CertPathValidator constructor
442 */
443class myCertPathValidator extends CertPathValidator {
444
445    public myCertPathValidator(CertPathValidatorSpi spi, Provider prov, String type) {
446        super(spi, prov, type);
447    }
448}
449/**
450 * Additional class to verify validate method
451 */
452class invalidParams implements CertPathParameters {
453    public Object clone() {
454        return new invalidParams();
455    }
456}
457