001: /*
002: * Licensed to the Apache Software Foundation (ASF) under one or more
003: * contributor license agreements. See the NOTICE file distributed with
004: * this work for additional information regarding copyright ownership.
005: * The ASF licenses this file to You under the Apache License, Version 2.0
006: * (the "License"); you may not use this file except in compliance with
007: * the License. You may obtain a copy of the License at
008: *
009: * http://www.apache.org/licenses/LICENSE-2.0
010: *
011: * Unless required by applicable law or agreed to in writing, software
012: * distributed under the License is distributed on an "AS IS" BASIS,
013: * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
014: * See the License for the specific language governing permissions and
015: * limitations under the License.
016: */
017:
018: /**
019: * @author Alexander Y. Kleymenov
020: * @version $Revision$
021: */package java.security.cert;
022:
023: import java.io.IOException;
024: import java.math.BigInteger;
025: import java.security.InvalidKeyException;
026: import java.security.NoSuchAlgorithmException;
027: import java.security.NoSuchProviderException;
028: import java.security.Principal;
029: import java.security.PublicKey;
030: import java.security.SignatureException;
031: import java.security.cert.CRLException;
032: import java.security.cert.X509CRLEntry;
033: import java.util.ArrayList;
034: import java.util.Collection;
035: import java.util.Date;
036: import java.util.Set;
037: import javax.security.auth.x500.X500Principal;
038:
039: import org.apache.harmony.security.asn1.ASN1Integer;
040: import org.apache.harmony.security.asn1.ASN1OctetString;
041:
042: import junit.framework.Test;
043: import junit.framework.TestCase;
044: import junit.framework.TestSuite;
045:
046: /**
047: */
048:
049: public class X509CRLSelectorTest extends TestCase {
050:
051: /**
052: * The abstract class stub implementation.
053: */
054: private class TestCRL extends X509CRL {
055:
056: private X500Principal principal = null;
057: private BigInteger crlNumber = null;
058: private Date this Update = null;
059: private Date nextUpdate = null;
060:
061: public TestCRL(X500Principal principal) {
062: this .principal = principal;
063: }
064:
065: public TestCRL(Date this Update, Date nextUpdate) {
066: setUpdateDates(this Update, nextUpdate);
067: }
068:
069: public TestCRL(BigInteger crlNumber) {
070: setCrlNumber(crlNumber);
071: }
072:
073: public void setUpdateDates(Date this Update, Date nextUpdate) {
074: this .this Update = this Update;
075: this .nextUpdate = nextUpdate;
076: }
077:
078: public void setCrlNumber(BigInteger crlNumber) {
079: this .crlNumber = crlNumber;
080: }
081:
082: public X500Principal getIssuerX500Principal() {
083: return principal;
084: }
085:
086: public String toString() {
087: return null;
088: }
089:
090: public boolean isRevoked(Certificate cert) {
091: return true;
092: }
093:
094: public Set getNonCriticalExtensionOIDs() {
095: return null;
096: }
097:
098: public Set getCriticalExtensionOIDs() {
099: return null;
100: }
101:
102: public byte[] getExtensionValue(String oid) {
103: if ("2.5.29.20".equals(oid) && (crlNumber != null)) {
104: return ASN1OctetString.getInstance().encode(
105: ASN1Integer.getInstance().encode(
106: crlNumber.toByteArray()));
107: }
108: return null;
109: }
110:
111: public boolean hasUnsupportedCriticalExtension() {
112: return false;
113: }
114:
115: public byte[] getEncoded() {
116: return null;
117: }
118:
119: public void verify(PublicKey key) throws CRLException,
120: NoSuchAlgorithmException, InvalidKeyException,
121: NoSuchProviderException, SignatureException {
122: }
123:
124: public void verify(PublicKey key, String sigProvider)
125: throws CRLException, NoSuchAlgorithmException,
126: InvalidKeyException, NoSuchProviderException,
127: SignatureException {
128: }
129:
130: public int getVersion() {
131: return 2;
132: }
133:
134: public Principal getIssuerDN() {
135: return null;
136: }
137:
138: public Date getThisUpdate() {
139: return this Update;
140: }
141:
142: public Date getNextUpdate() {
143: return nextUpdate;
144: }
145:
146: public X509CRLEntry getRevokedCertificate(
147: BigInteger serialNumber) {
148: return null;
149: }
150:
151: public Set getRevokedCertificates() {
152: return null;
153: }
154:
155: public byte[] getTBSCertList() {
156: return null;
157: }
158:
159: public byte[] getSignature() {
160: return null;
161: }
162:
163: public String getSigAlgName() {
164: return null;
165: }
166:
167: public String getSigAlgOID() {
168: return null;
169: }
170:
171: public byte[] getSigAlgParams() {
172: return null;
173: }
174: }
175:
176: /**
177: * setIssuers(Collection <X500Principal> issuers) method testing.
178: * Tests if CRLs with any issuers match the selector in the case of
179: * null issuerNames criteria, if specified issuers match the selector,
180: * and if not specified issuer does not match the selector.
181: */
182: public void testSetIssuers() {
183: X509CRLSelector selector = new X509CRLSelector();
184: X500Principal iss1 = new X500Principal("O=First Org.");
185: X500Principal iss2 = new X500Principal("O=Second Org.");
186: X500Principal iss3 = new X500Principal("O=Third Org.");
187: TestCRL crl1 = new TestCRL(iss1);
188: TestCRL crl2 = new TestCRL(iss2);
189: TestCRL crl3 = new TestCRL(iss3);
190:
191: selector.setIssuers(null);
192: assertTrue(
193: "Any CRL issuers should match in the case of null issuers.",
194: selector.match(crl1) && selector.match(crl2));
195:
196: ArrayList issuers = new ArrayList(2);
197: issuers.add(iss1);
198: issuers.add(iss2);
199: selector.setIssuers(issuers);
200: assertTrue("The CRL should match the selection criteria.",
201: selector.match(crl1) && selector.match(crl2));
202: assertFalse("The CRL should not match the selection criteria.",
203: selector.match(crl3));
204: issuers.add(iss3);
205: assertFalse("The internal issuer collection is not protected "
206: + "against the modifications.", selector.match(crl3));
207: }
208:
209: /**
210: * setIssuerNames(Collection <?> names) method testing.
211: * Tests if CRLs with any issuers match the selector in the case of
212: * null issuerNames criteria, if specified issuers match the selector,
213: * if not specified issuer does not match the selector, and if the
214: * internal collection of issuer names is copied during initialization.
215: */
216: public void testSetIssuerNames() {
217: X509CRLSelector selector = new X509CRLSelector();
218: String iss1 = "O=First Org.";
219: byte[] iss2 = new byte[]
220: //manually obtained DER encoding of "O=Second Org." issuer name;
221: { 48, 22, 49, 20, 48, 18, 6, 3, 85, 4, 10, 19, 11, 83, 101, 99,
222: 111, 110, 100, 32, 79, 114, 103, 46 };
223: String iss3 = "O=Third Org.";
224: TestCRL crl1 = new TestCRL(new X500Principal(iss1));
225: TestCRL crl2 = new TestCRL(new X500Principal(iss2));
226: TestCRL crl3 = new TestCRL(new X500Principal(iss3));
227:
228: try {
229: selector.setIssuerNames(null);
230: } catch (IOException e) {
231: e.printStackTrace();
232: fail("Unexpected IOException was thrown.");
233: }
234: assertTrue(
235: "Any CRL issuers should match in the case of null issuers.",
236: selector.match(crl1) && selector.match(crl2));
237:
238: ArrayList issuers = new ArrayList(2);
239: issuers.add(iss1);
240: issuers.add(iss2);
241: try {
242: selector.setIssuerNames(issuers);
243: } catch (IOException e) {
244: e.printStackTrace();
245: fail("Unexpected IOException was thrown.");
246: }
247: assertTrue("The CRL should match the selection criteria.",
248: selector.match(crl1) && selector.match(crl2));
249: assertFalse("The CRL should not match the selection criteria.",
250: selector.match(crl3));
251: issuers.add(iss3);
252: assertFalse("The internal issuer collection is not protected "
253: + "against the modifications.", selector.match(crl3));
254: }
255:
256: /**
257: * addIssuer(X500Principal issuer) method testing.
258: * Tests if CRLs with specified issuers match the selector,
259: * and if not specified issuer does not match the selector.
260: */
261: public void testAddIssuer() {
262: X509CRLSelector selector = new X509CRLSelector();
263: X500Principal iss1 = new X500Principal("O=First Org.");
264: X500Principal iss2 = new X500Principal("O=Second Org.");
265: TestCRL crl1 = new TestCRL(iss1);
266: TestCRL crl2 = new TestCRL(iss2);
267:
268: selector.addIssuer(iss1);
269: assertTrue("The CRL should match the selection criteria.",
270: selector.match(crl1));
271: assertFalse("The CRL should not match the selection criteria.",
272: selector.match(crl2));
273: selector.addIssuer(iss2);
274: assertTrue("The CRL should match the selection criteria.",
275: selector.match(crl2));
276: }
277:
278: /**
279: * addIssuerName(String name) method testing.
280: * Tests if CRLs with specified issuers match the selector,
281: * and if not specified issuer does not match the selector.
282: */
283: public void testAddIssuerName1() {
284: X509CRLSelector selector = new X509CRLSelector();
285: String iss1 = "O=First Org.";
286: String iss2 = "O=Second Org.";
287: TestCRL crl1 = new TestCRL(new X500Principal(iss1));
288: TestCRL crl2 = new TestCRL(new X500Principal(iss2));
289:
290: try {
291: selector.addIssuerName(iss1);
292: } catch (IOException e) {
293: e.printStackTrace();
294: fail("Unexpected IOException was thrown.");
295: }
296: assertTrue("The CRL should match the selection criteria.",
297: selector.match(crl1));
298: assertFalse("The CRL should not match the selection criteria.",
299: selector.match(crl2));
300: try {
301: selector.addIssuerName(iss2);
302: } catch (IOException e) {
303: e.printStackTrace();
304: fail("Unexpected IOException was thrown.");
305: }
306: assertTrue("The CRL should match the selection criteria.",
307: selector.match(crl2));
308: }
309:
310: /**
311: * addIssuerName(byte[] name) method testing.
312: * Tests if CRLs with specified issuers match the selector,
313: * and if not specified issuer does not match the selector.
314: */
315: public void testAddIssuerName2() {
316: X509CRLSelector selector = new X509CRLSelector();
317: byte[] iss1 = new byte[]
318: //manually obtained DER encoding of "O=First Org." issuer name;
319: { 48, 21, 49, 19, 48, 17, 6, 3, 85, 4, 10, 19, 10, 70, 105,
320: 114, 115, 116, 32, 79, 114, 103, 46 };
321: byte[] iss2 = new byte[]
322: //manually obtained DER encoding of "O=Second Org." issuer name;
323: { 48, 22, 49, 20, 48, 18, 6, 3, 85, 4, 10, 19, 11, 83, 101, 99,
324: 111, 110, 100, 32, 79, 114, 103, 46 };
325: TestCRL crl1 = new TestCRL(new X500Principal(iss1));
326: TestCRL crl2 = new TestCRL(new X500Principal(iss2));
327:
328: try {
329: selector.addIssuerName(iss1);
330: } catch (IOException e) {
331: e.printStackTrace();
332: fail("Unexpected IOException was thrown.");
333: }
334: assertTrue("The CRL should match the selection criteria.",
335: selector.match(crl1));
336: assertFalse("The CRL should not match the selection criteria.",
337: selector.match(crl2));
338: try {
339: selector.addIssuerName(iss2);
340: } catch (IOException e) {
341: e.printStackTrace();
342: fail("Unexpected IOException was thrown.");
343: }
344: assertTrue("The CRL should match the selection criteria.",
345: selector.match(crl2));
346: }
347:
348: /**
349: * setMinCRLNumber(BigInteger minCRL) method testing.
350: * Tests if CRLs with any crl number value match the selector in the case of
351: * null crlNumber criteria, if specified minCRL value matches the selector,
352: * and if CRL with inappropriate crlNumber value does not match the selector.
353: */
354: public void testSetMinCRLNumber() {
355: X509CRLSelector selector = new X509CRLSelector();
356: BigInteger minCRL = new BigInteger("10000");
357: TestCRL crl = new TestCRL(minCRL);
358:
359: selector.setMinCRLNumber(null);
360: assertTrue(
361: "Any CRL should match in the case of null minCRLNumber.",
362: selector.match(crl));
363: selector.setMinCRLNumber(minCRL);
364: assertTrue("The CRL should match the selection criteria.",
365: selector.match(crl));
366: selector.setMinCRLNumber(new BigInteger("10001"));
367: assertFalse("The CRL should not match the selection criteria.",
368: selector.match(crl));
369: }
370:
371: /**
372: * setMaxCRLNumber(BigInteger maxCRL) method testing.
373: * Tests if CRLs with any crl number value match the selector in the case of
374: * null crlNumber criteria, if specified maxCRL value matches the selector,
375: * and if CRL with inappropriate crlNumber value does not match the selector.
376: */
377: public void testSetMaxCRLNumber() {
378: X509CRLSelector selector = new X509CRLSelector();
379: BigInteger maxCRL = new BigInteger("10000");
380: TestCRL crl = new TestCRL(maxCRL);
381:
382: selector.setMaxCRLNumber(null);
383: assertTrue(
384: "Any CRL should match in the case of null minCRLNumber.",
385: selector.match(crl));
386: selector.setMaxCRLNumber(maxCRL);
387: assertTrue("The CRL should match the selection criteria.",
388: selector.match(crl));
389: selector.setMaxCRLNumber(new BigInteger("9999"));
390: assertFalse("The CRL should not match the selection criteria.",
391: selector.match(crl));
392: }
393:
394: /**
395: * setDateAndTime(Date dateAndTime) method testing.
396: * Tests if CRLs with any update dates match the selector in the case of
397: * null dateAndTime criteria, if correct dates match and incorrect
398: * do not match the selector.
399: */
400: public void testSetDateAndTime() {
401: X509CRLSelector selector = new X509CRLSelector();
402: TestCRL crl = new TestCRL(new Date(200), new Date(300));
403: selector.setDateAndTime(null);
404: assertTrue(
405: "Any CRL should match in the case of null dateAndTime.",
406: selector.match(crl));
407: selector.setDateAndTime(new Date(200));
408: assertTrue("The CRL should match the selection criteria.",
409: selector.match(crl));
410: selector.setDateAndTime(new Date(250));
411: assertTrue("The CRL should match the selection criteria.",
412: selector.match(crl));
413: selector.setDateAndTime(new Date(300));
414: assertTrue("The CRL should match the selection criteria.",
415: selector.match(crl));
416: selector.setDateAndTime(new Date(150));
417: assertFalse("The CRL should not match the selection criteria.",
418: selector.match(crl));
419: selector.setDateAndTime(new Date(350));
420: assertFalse("The CRL should not match the selection criteria.",
421: selector.match(crl));
422: }
423:
424: /**
425: * getIssuers() method testing.
426: * Tests if the method return null in the case of not specified issuers,
427: * if the returned collection corresponds to the specified issuers and
428: * this collection is unmodifiable.
429: */
430: public void testGetIssuers() throws Exception {
431: X509CRLSelector selector = new X509CRLSelector();
432: X500Principal iss1 = new X500Principal("O=First Org.");
433: X500Principal iss2 = new X500Principal("O=Second Org.");
434: X500Principal iss3 = new X500Principal("O=Third Org.");
435: String iss_name_1 = "O=First String DN";
436: String iss_name_2 = "O=Second String DN";
437: String iss_name_3 = "O=Third String DN";
438: assertNull("The collection should be null.", selector
439: .getIssuers());
440: selector.addIssuerName(iss_name_1);
441: selector.addIssuer(iss1);
442: selector.addIssuerName(iss_name_2);
443: selector.addIssuer(iss2);
444: selector.addIssuerName(iss_name_3);
445:
446: Collection result = selector.getIssuers();
447: assertEquals("Size does not correspond to expected", 5, result
448: .size());
449: try {
450: result.add(iss3);
451: fail("The returned collection should be unmodifiable.");
452: } catch (UnsupportedOperationException e) {
453: }
454: assertTrue("The collection should contain the specified DN.",
455: result.contains(iss1));
456: assertTrue("The collection should contain the specified DN.",
457: result.contains(iss2));
458: assertTrue("The collection should contain the specified DN.",
459: result.contains(new X500Principal(iss_name_1)));
460: assertTrue("The collection should contain the specified DN.",
461: result.contains(new X500Principal(iss_name_2)));
462: selector.addIssuer(iss3);
463: assertTrue("The collection should contain the specified DN.",
464: result.contains(iss3));
465: }
466:
467: /**
468: * getIssuerNames() method testing.
469: * Tests if the method return null in the case of not specified issuers,
470: * if the returned collection corresponds to the specified issuers.
471: */
472: public void testGetIssuerNames() {
473: X509CRLSelector selector = new X509CRLSelector();
474: byte[] iss1 = new byte[]
475: //manually obtained DER encoding of "O=First Org." issuer name;
476: { 48, 21, 49, 19, 48, 17, 6, 3, 85, 4, 10, 19, 10, 70, 105,
477: 114, 115, 116, 32, 79, 114, 103, 46 };
478: byte[] iss2 = new byte[]
479: //manually obtained DER encoding of "O=Second Org." issuer name;
480: { 48, 22, 49, 20, 48, 18, 6, 3, 85, 4, 10, 19, 11, 83, 101, 99,
481: 111, 110, 100, 32, 79, 114, 103, 46 };
482: assertNull("The collection should be null.", selector
483: .getIssuerNames());
484: try {
485: selector.addIssuerName(iss1);
486: selector.addIssuerName(iss2);
487: } catch (IOException e) {
488: e.printStackTrace();
489: fail("Unexpected IOException was thrown.");
490: }
491: Collection result = selector.getIssuerNames();
492: assertEquals(
493: "The collection should contain all of the specified DNs.",
494: 2, result.size());
495: }
496:
497: /**
498: * getMinCRL() method testing.
499: * Tests if the method return null in the case of not specified minCRL
500: * criteria, and if the returned value corresponds to the specified one.
501: */
502: public void testGetMinCRL() {
503: X509CRLSelector selector = new X509CRLSelector();
504: assertNull("Initially the minCRL should be null.", selector
505: .getMinCRL());
506: BigInteger minCRL = new BigInteger("10000");
507: selector.setMinCRLNumber(minCRL);
508: assertTrue("The result should be equal to specified.", minCRL
509: .equals(selector.getMinCRL()));
510: }
511:
512: /**
513: * getMaxCRL() method testing.
514: * Tests if the method return null in the case of not specified maxCRL
515: * criteria, and if the returned value corresponds to the specified one.
516: */
517: public void testGetMaxCRL() {
518: X509CRLSelector selector = new X509CRLSelector();
519: assertNull("Initially the maxCRL should be null.", selector
520: .getMaxCRL());
521: BigInteger maxCRL = new BigInteger("10000");
522: selector.setMaxCRLNumber(maxCRL);
523: assertTrue("The result should be equal to specified.", maxCRL
524: .equals(selector.getMaxCRL()));
525: }
526:
527: /**
528: * getDateAndTime() method testing.
529: * Tests if the method return null in the case of not specified dateAndTime
530: * criteria, and if the returned value corresponds to the specified one.
531: */
532: public void testGetDateAndTime() {
533: X509CRLSelector selector = new X509CRLSelector();
534: assertNull(
535: "Initially the dateAndTime criteria should be null.",
536: selector.getDateAndTime());
537: Date date = new Date(200);
538: selector.setDateAndTime(date);
539: assertTrue("The result should be equal to specified.", date
540: .equals(selector.getDateAndTime()));
541: }
542:
543: /**
544: * match(CRL crl) method testing.
545: * Tests if the null object matches to the selector or not.
546: */
547: public void testMatch() {
548: X509CRLSelector selector = new X509CRLSelector();
549: assertFalse("The null object should not match", selector
550: .match((X509CRL) null));
551: }
552:
553: /**
554: * clone() method testing.
555: * Tests if the selector is cloned correctly: the crl which matche to
556: * the initial selector should match to the clone and the change of clone
557: * should not cause the change of initial selector.
558: */
559: public void testClone() {
560: X509CRLSelector selector = new X509CRLSelector();
561: X500Principal iss1 = new X500Principal("O=First Org.");
562: X500Principal iss2 = new X500Principal("O=Second Org.");
563: X500Principal iss3 = new X500Principal("O=Third Org.");
564: BigInteger minCRL = new BigInteger("10000");
565: BigInteger maxCRL = new BigInteger("10000");
566: Date date = new Date(200);
567:
568: selector.addIssuer(iss1);
569: selector.addIssuer(iss2);
570: selector.setMinCRLNumber(minCRL);
571: selector.setMaxCRLNumber(maxCRL);
572: selector.setDateAndTime(date);
573:
574: X509CRLSelector clone = (X509CRLSelector) selector.clone();
575: TestCRL crl = new TestCRL(iss1);
576: crl.setCrlNumber(minCRL);
577: crl.setUpdateDates(new Date(200), new Date(200));
578: assertTrue(
579: "The specified CRL should match the clone selector.",
580: selector.match(crl));
581:
582: clone.addIssuer(iss3);
583: assertFalse(
584: "The changes of the clone selector should not cause "
585: + "the changes of initial object", selector
586: .getIssuerNames().size() == 3);
587: }
588:
589: public void testToString() {
590: X509CRLSelector selector = new X509CRLSelector();
591: X500Principal iss1 = new X500Principal("O=First Org.");
592: X500Principal iss2 = new X500Principal("O=Second Org.");
593: BigInteger minCRL = new BigInteger("10000");
594: BigInteger maxCRL = new BigInteger("10000");
595: Date date = new Date(200);
596:
597: selector.addIssuer(iss1);
598: selector.addIssuer(iss2);
599: selector.setMinCRLNumber(minCRL);
600: selector.setMaxCRLNumber(maxCRL);
601: selector.setDateAndTime(date);
602:
603: assertNotNull("The result should not be null.", selector
604: .toString());
605: }
606:
607: public static Test suite() {
608: return new TestSuite(X509CRLSelectorTest.class);
609: }
610:
611: public static void main(String[] args) {
612: junit.textui.TestRunner.run(suite());
613: }
614: }
|