1/* 2 * Licensed to the Apache Software Foundation (ASF) under one or more 3 * contributor license agreements. See the NOTICE file distributed with 4 * this work for additional information regarding copyright ownership. 5 * The ASF licenses this file to You under the Apache License, Version 2.0 6 * (the "License"); you may not use this file except in compliance with 7 * the License. You may obtain a copy of the License at 8 * 9 * http://www.apache.org/licenses/LICENSE-2.0 10 * 11 * Unless required by applicable law or agreed to in writing, software 12 * distributed under the License is distributed on an "AS IS" BASIS, 13 * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. 14 * See the License for the specific language governing permissions and 15 * limitations under the License. 16 */ 17 18/** 19* @author Vera Y. Petrashkova 20* @version $Revision$ 21*/ 22 23package tests.security.cert; 24 25import junit.framework.TestCase; 26 27import java.security.InvalidAlgorithmParameterException; 28import java.security.NoSuchAlgorithmException; 29import java.security.NoSuchProviderException; 30import java.security.Provider; 31import java.security.Security; 32import java.security.cert.CertPathParameters; 33import java.security.cert.CertPathValidator; 34import java.security.cert.CertPathValidatorException; 35import java.security.cert.CertPathValidatorSpi; 36import java.security.cert.CertificateException; 37 38import org.apache.harmony.security.tests.support.cert.MyCertPath; 39import org.apache.harmony.security.tests.support.cert.MyCertPathValidatorSpi; 40import org.apache.harmony.security.tests.support.SpiEngUtils; 41 42/** 43 * Tests for <code>CertPathValidator</code> class constructors and 44 * methods. 45 * 46 */ 47public class CertPathValidator1Test extends TestCase { 48 49 public static final String srvCertPathValidator = "CertPathValidator"; 50 51 private static final String defaultType = "PKIX"; 52 public static final String [] validValues = { 53 "PKIX", "pkix", "PkiX", "pKiX" }; 54 55 private static String [] invalidValues = SpiEngUtils.invalidValues; 56 57 private static boolean PKIXSupport = false; 58 59 private static Provider defaultProvider; 60 private static String defaultProviderName; 61 62 private static String NotSupportMsg = ""; 63 64 static { 65 defaultProvider = SpiEngUtils.isSupport(defaultType, 66 srvCertPathValidator); 67 PKIXSupport = (defaultProvider != null); 68 defaultProviderName = (PKIXSupport ? defaultProvider.getName() : null); 69 NotSupportMsg = defaultType.concat(" is not supported"); 70 } 71 72 73 74 private static CertPathValidator[] createCPVs() { 75 if (!PKIXSupport) { 76 fail(NotSupportMsg); 77 return null; 78 } 79 try { 80 CertPathValidator[] certPVs = new CertPathValidator[3]; 81 certPVs[0] = CertPathValidator.getInstance(defaultType); 82 certPVs[1] = CertPathValidator.getInstance(defaultType, 83 defaultProviderName); 84 certPVs[2] = CertPathValidator.getInstance(defaultType, 85 defaultProvider); 86 return certPVs; 87 } catch (Exception e) { 88 return null; 89 } 90 } 91 92 93 /** 94 * Test for <code>getDefaultType()</code> method 95 * Assertion: returns security property "certpathvalidator.type" or "PKIX" 96 */ 97 public void testCertPathValidator01() { 98 if (!PKIXSupport) { 99 fail(NotSupportMsg); 100 return; 101 } 102 String propName = "certpathvalidator.type"; 103 String defCPV = Security.getProperty(propName); 104 105 String dt = CertPathValidator.getDefaultType(); 106 String resType = defCPV; 107 if (resType == null) { 108 resType = defaultType; 109 } 110 assertNotNull("Default type have not be null", dt); 111 assertEquals("Incorrect default type", dt, resType); 112 113 if (defCPV == null) { 114 Security.setProperty(propName, defaultType); 115 dt = CertPathValidator.getDefaultType(); 116 resType = Security.getProperty(propName); 117 assertNotNull("Incorrect default type", resType); 118 assertNotNull("Default type have not be null", dt); 119 assertEquals("Incorrect default type", dt, resType); 120 } 121 } 122 123 /** 124 * Test for <code>getInstance(String algorithm)</code> method 125 * Assertion: 126 * throws NullPointerException when algorithm is null 127 * throws NoSuchAlgorithmException when algorithm is not available 128 */ 129 public void testCertPathValidator02() { 130 try { 131 CertPathValidator.getInstance(null); 132 fail("NullPointerException or NoSuchAlgorithmException must be thrown when algorithm is null"); 133 } catch (NullPointerException e) { 134 } catch (NoSuchAlgorithmException e) { 135 } 136 for (int i = 0; i < invalidValues.length; i++) { 137 try { 138 CertPathValidator.getInstance(invalidValues[i]); 139 fail("NoSuchAlgorithmException must be thrown"); 140 } catch (NoSuchAlgorithmException e) { 141 } 142 } 143 } 144 /** 145 * Test for <code>getInstance(String algorithm)</code> method 146 * Assertion: returns CertPathValidator object 147 */ 148 public void testCertPathValidator03() throws NoSuchAlgorithmException { 149 if (!PKIXSupport) { 150 fail(NotSupportMsg); 151 return; 152 } 153 CertPathValidator certPV; 154 for (int i = 0; i < validValues.length; i++) { 155 certPV = CertPathValidator.getInstance(validValues[i]); 156 assertEquals("Incorrect algorithm", certPV.getAlgorithm(), validValues[i]); 157 } 158 } 159 /** 160 * Test for <code>getInstance(String algorithm, String provider)</code> method 161 * Assertion: throws IllegalArgumentException when provider is null or empty 162 * 163 * FIXME: verify what exception will be thrown if provider is empty 164 */ 165 public void testCertPathValidator04() 166 throws NoSuchAlgorithmException, NoSuchProviderException { 167 if (!PKIXSupport) { 168 fail(NotSupportMsg); 169 return; 170 } 171 String provider = null; 172 for (int i = 0; i < validValues.length; i++) { 173 try { 174 CertPathValidator.getInstance(validValues[i], provider); 175 fail("IllegalArgumentException must be thrown thrown"); 176 } catch (IllegalArgumentException e) { 177 } 178 try { 179 CertPathValidator.getInstance(validValues[i], ""); 180 fail("IllegalArgumentException must be thrown thrown"); 181 } catch (IllegalArgumentException e) { 182 } 183 } 184 } 185 /** 186 * Test for <code>getInstance(String algorithm, String provider)</code> method 187 * Assertion: 188 * throws NoSuchProviderException when provider has invalid value 189 */ 190 public void testCertPathValidator05() throws NoSuchAlgorithmException { 191 if (!PKIXSupport) { 192 fail(NotSupportMsg); 193 return; 194 } 195 for (int t = 0; t < validValues.length; t++) { 196 for (int i = 1; i < invalidValues.length; i++) { 197 try { 198 CertPathValidator.getInstance(validValues[t], 199 invalidValues[i]); 200 fail("NoSuchProviderException must be thrown"); 201 } catch (NoSuchProviderException e1) { 202 } 203 } 204 } 205 } 206 207 /** 208 * Test for <code>getInstance(String algorithm, String provider)</code> method 209 * Assertion: 210 * throws NullPointerException when algorithm is null 211 * throws NoSuchAlgorithmException when algorithm is not available 212 */ 213 public void testCertPathValidator06() 214 throws NoSuchAlgorithmException, NoSuchProviderException { 215 if (!PKIXSupport) { 216 fail(NotSupportMsg); 217 return; 218 } 219 try { 220 CertPathValidator.getInstance(null, defaultProviderName); 221 fail("NullPointerException or NoSuchAlgorithmException must be thrown when algorithm is null"); 222 } catch (NullPointerException e) { 223 } catch (NoSuchAlgorithmException e) { 224 } 225 for (int i = 0; i < invalidValues.length; i++) { 226 try { 227 CertPathValidator.getInstance(invalidValues[i], defaultProviderName); 228 fail("NoSuchAlgorithmException must be thrown"); 229 } catch (NoSuchAlgorithmException e1) { 230 } 231 } 232 } 233 /** 234 * Test for <code>getInstance(String algorithm, String provider)</code> method 235 * Assertion: returns CertPathValidator object 236 */ 237 public void testCertPathValidator07() throws NoSuchAlgorithmException, 238 NoSuchProviderException { 239 if (!PKIXSupport) { 240 fail(NotSupportMsg); 241 return; 242 } 243 CertPathValidator certPV; 244 for (int i = 0; i < validValues.length; i++) { 245 certPV = CertPathValidator.getInstance(validValues[i], 246 defaultProviderName); 247 assertEquals("Incorrect algorithm", certPV.getAlgorithm(), 248 validValues[i]); 249 assertEquals("Incorrect provider name", certPV.getProvider() 250 .getName(), defaultProviderName); 251 } 252 } 253 254 /** 255 * Test for <code>getInstance(String algorithm, Provider provider)</code> method 256 * Assertion: throws IllegalArgumentException when provider is null 257 */ 258 public void testCertPathValidator08() 259 throws NoSuchAlgorithmException { 260 if (!PKIXSupport) { 261 fail(NotSupportMsg); 262 return; 263 } 264 Provider prov = null; 265 for (int t = 0; t < validValues.length; t++ ) { 266 try { 267 CertPathValidator.getInstance(validValues[t], prov); 268 fail("IllegalArgumentException must be thrown"); 269 } catch (IllegalArgumentException e1) { 270 } 271 } 272 } 273 274 /** 275 * Test for <code>getInstance(String algorithm, String provider)</code> method 276 * Assertion: 277 * throws NullPointerException when algorithm is null 278 * throws NoSuchAlgorithmException when algorithm is not available 279 */ 280 public void testCertPathValidator09() 281 throws NoSuchAlgorithmException, NoSuchProviderException { 282 if (!PKIXSupport) { 283 fail(NotSupportMsg); 284 return; 285 } 286 try { 287 CertPathValidator.getInstance(null, defaultProvider); 288 fail("NullPointerException or NoSuchAlgorithmException must be thrown when algorithm is null"); 289 } catch (NullPointerException e) { 290 } catch (NoSuchAlgorithmException e) { 291 } 292 for (int i = 0; i < invalidValues.length; i++) { 293 try { 294 CertPathValidator.getInstance(invalidValues[i], defaultProvider); 295 fail("NoSuchAlgorithm must be thrown"); 296 } catch (NoSuchAlgorithmException e1) { 297 } 298 } 299 } 300 /** 301 * Test for <code>getInstance(String algorithm, String provider)</code> method 302 * Assertion: returns CertPathValidator object 303 */ 304 public void testCertPathValidator10() throws NoSuchAlgorithmException, 305 NoSuchProviderException { 306 if (!PKIXSupport) { 307 fail(NotSupportMsg); 308 return; 309 } 310 CertPathValidator certPV; 311 for (int i = 0; i < invalidValues.length; i++) { 312 certPV = CertPathValidator.getInstance(validValues[i], 313 defaultProvider); 314 assertEquals("Incorrect algorithm", certPV.getAlgorithm(), 315 validValues[i]); 316 assertEquals("Incorrect provider name", certPV.getProvider(), 317 defaultProvider); 318 } 319 } 320 321 /** 322 * Test for <code>validate(CertPath certpath, CertPathParameters params)</code> method 323 * Assertion: throws InvalidAlgorithmParameterException params is not 324 * instance of PKIXParameters or null 325 */ 326 public void testCertPathValidator11() 327 throws NoSuchAlgorithmException, NoSuchProviderException, CertPathValidatorException { 328 if (!PKIXSupport) { 329 fail(NotSupportMsg); 330 return; 331 } 332 CertPathValidator [] certPV = createCPVs(); 333 assertNotNull("CertPathValidator objects were not created", certPV); 334 MyCertPath mCP = new MyCertPath(new byte[0]); 335 invalidParams mPar = new invalidParams(); 336 for (int i = 0; i < certPV.length; i++) { 337 try { 338 certPV[i].validate(mCP, mPar); 339 fail("InvalidAlgorithmParameterException must be thrown"); 340 } catch(InvalidAlgorithmParameterException e) { 341 } 342 try { 343 certPV[i].validate(mCP, null); 344 fail("InvalidAlgorithmParameterException must be thrown"); 345 } catch(InvalidAlgorithmParameterException e) { 346 } 347 } 348 } 349 350 /** 351 * Test for 352 * <code>CertPathValidator</code> constructor 353 * Assertion: returns CertPathValidator object 354 */ 355 public void testCertPathValidator12() 356 throws CertificateException, NoSuchProviderException, NoSuchAlgorithmException, 357 CertPathValidatorException, InvalidAlgorithmParameterException { 358 if (!PKIXSupport) { 359 fail(NotSupportMsg); 360 return; 361 } 362 CertPathValidatorSpi spi = new MyCertPathValidatorSpi(); 363 CertPathValidator certPV = new myCertPathValidator(spi, 364 defaultProvider, defaultType); 365 assertEquals("Incorrect algorithm", certPV.getAlgorithm(), defaultType); 366 assertEquals("Incorrect provider", certPV.getProvider(), defaultProvider); 367 certPV.validate(null, null); 368 try { 369 certPV.validate(null, null); 370 fail("CertPathValidatorException must be thrown"); 371 } catch (CertPathValidatorException e) { 372 } 373 certPV = new myCertPathValidator(null, null, null); 374 assertNull("Incorrect algorithm", certPV.getAlgorithm()); 375 assertNull("Incorrect provider", certPV.getProvider()); 376 try { 377 certPV.validate(null, null); 378 fail("NullPointerException must be thrown"); 379 } catch (NullPointerException e) { 380 } 381 } 382 383 /** 384 * Test for <code>getAlgorithm()</code> method 385 */ 386 public void testCertPathValidator13() throws NoSuchAlgorithmException { 387 if (!PKIXSupport) { 388 fail(NotSupportMsg); 389 return; 390 } 391 CertPathValidator certPV; 392 for (int i = 0; i < validValues.length; i++) { 393 certPV = CertPathValidator.getInstance(validValues[i]); 394 assertEquals("Incorrect algorithm", certPV.getAlgorithm(), 395 validValues[i]); 396 try { 397 certPV = CertPathValidator.getInstance(validValues[i], 398 defaultProviderName); 399 assertEquals("Incorrect algorithm", certPV.getAlgorithm(), 400 validValues[i]); 401 } catch (NoSuchProviderException e) { 402 fail("Unexpected NoSuchAlgorithmException " + e.getMessage()); 403 } 404 405 certPV = CertPathValidator.getInstance(validValues[i], 406 defaultProvider); 407 assertEquals("Incorrect algorithm", certPV.getAlgorithm(), 408 validValues[i]); 409 } 410 } 411 412 /** 413 * Test for <code>getProvider()</code> method 414 */ 415 public void testCertPathValidator14() throws NoSuchAlgorithmException { 416 if (!PKIXSupport) { 417 fail(NotSupportMsg); 418 return; 419 } 420 421 CertPathValidator certPV; 422 423 for (int i = 0; i < validValues.length; i++) { 424 try { 425 certPV = CertPathValidator.getInstance(validValues[i], 426 defaultProviderName); 427 assertEquals("Incorrect provider", certPV.getProvider(), 428 defaultProvider); 429 } catch (NoSuchProviderException e) { 430 fail("Unexpected NoSuchProviderException " + e.getMessage()); 431 } 432 433 certPV = CertPathValidator.getInstance(validValues[i], 434 defaultProvider); 435 assertEquals("Incorrect provider", certPV.getProvider(), 436 defaultProvider); 437 } 438 } 439} 440/** 441 * Additional class to verify CertPathValidator constructor 442 */ 443class myCertPathValidator extends CertPathValidator { 444 445 public myCertPathValidator(CertPathValidatorSpi spi, Provider prov, String type) { 446 super(spi, prov, type); 447 } 448} 449/** 450 * Additional class to verify validate method 451 */ 452class invalidParams implements CertPathParameters { 453 public Object clone() { 454 return new invalidParams(); 455 } 456} 457