Gitiles
Code Review Sign In
android-review.linaro.org / platform / libcore-snapshot / refs/heads/gingerbread / . / luni / src / test / java / tests / security / cert / X509CertSelectorTest.java
blob: 383b578789a1b2f52d718a3d0c29680398ef283e [file] [log] [blame]
The Android Open Source Project0eec4642012-04-01 00:00:00 -0700[diff] [blame]1/*
2 * Licensed to the Apache Software Foundation (ASF) under one or more
3 * contributor license agreements. See the NOTICE file distributed with
4 * this work for additional information regarding copyright ownership.
5 * The ASF licenses this file to You under the Apache License, Version 2.0
6 * (the "License"); you may not use this file except in compliance with
7 * the License. You may obtain a copy of the License at
8 *
9 * http://www.apache.org/licenses/LICENSE-2.0
10 *
11 * Unless required by applicable law or agreed to in writing, software
12 * distributed under the License is distributed on an "AS IS" BASIS,
13 * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
14 * See the License for the specific language governing permissions and
15 * limitations under the License.
16 */
17
18package tests.security.cert;
19
20import dalvik.annotation.TestLevel;
21import dalvik.annotation.TestTargetNew;
22import dalvik.annotation.TestTargetClass;
23
24import junit.framework.TestCase;
25
26import java.io.ByteArrayInputStream;
27import java.io.IOException;
28import java.math.BigInteger;
29import java.security.InvalidAlgorithmParameterException;
30import java.security.InvalidKeyException;
31import java.security.NoSuchAlgorithmException;
32import java.security.NoSuchProviderException;
33import java.security.Principal;
34import java.security.PublicKey;
35import java.security.SignatureException;
36import java.security.cert.CertPath;
37import java.security.cert.CertPathBuilder;
38import java.security.cert.CertPathBuilderException;
39import java.security.cert.CertificateEncodingException;
40import java.security.cert.CertificateException;
41import java.security.cert.CertificateExpiredException;
42import java.security.cert.CertificateFactory;
43import java.security.cert.CertificateNotYetValidException;
44import java.security.cert.CertificateParsingException;
45import java.security.cert.PKIXBuilderParameters;
46import java.security.cert.PKIXCertPathBuilderResult;
47import java.security.cert.TrustAnchor;
48import java.security.cert.X509CertSelector;
49import java.security.cert.X509Certificate;
50import java.util.ArrayList;
51import java.util.Arrays;
52import java.util.Calendar;
53import java.util.Collection;
54import java.util.Collections;
55import java.util.Date;
56import java.util.HashSet;
57import java.util.Iterator;
58import java.util.List;
59import java.util.Set;
60
61import javax.security.auth.x500.X500Principal;
62
63
64import org.apache.harmony.security.tests.support.cert.MyCRL;
65import org.apache.harmony.security.tests.support.cert.TestUtils;
66import org.apache.harmony.security.tests.support.TestKeyPair;
67import org.apache.harmony.security.asn1.ASN1Boolean;
68import org.apache.harmony.security.asn1.ASN1Integer;
69import org.apache.harmony.security.asn1.ASN1OctetString;
70import org.apache.harmony.security.asn1.ASN1Oid;
71import org.apache.harmony.security.asn1.ASN1Sequence;
72import org.apache.harmony.security.asn1.ASN1Type;
73import org.apache.harmony.security.x501.Name;
74import org.apache.harmony.security.x509.CertificatePolicies;
75import org.apache.harmony.security.x509.GeneralName;
76import org.apache.harmony.security.x509.GeneralNames;
77import org.apache.harmony.security.x509.NameConstraints;
78import org.apache.harmony.security.x509.ORAddress;
79import org.apache.harmony.security.x509.OtherName;
80import org.apache.harmony.security.x509.PolicyInformation;
81import org.apache.harmony.security.x509.PrivateKeyUsagePeriod;
82
83/**
84 * X509CertSelectorTest
85 */
86@TestTargetClass(X509CertSelector.class)
87public class X509CertSelectorTest extends TestCase {
88
89 byte[][] constraintBytes = new byte[][] {
90 {
91 48, 34, -96, 15, 48, 13, -127, 8, 56, 50, 50, 46, 78,
92 97, 109, 101, -128, 1, 0, -95, 15, 48, 13, -127, 8, 56,
93 50, 50, 46, 78, 97, 109, 101, -128, 1, 0},
94 {
95 48, 42, -96, 19, 48, 17, -127, 12, 114, 102, 99, 64,
96 56, 50, 50, 46, 78, 97, 109, 101, -128, 1, 0, -95, 19,
97 48, 17, -127, 12, 114, 102, 99, 64, 56, 50, 50, 46, 78,
98 97, 109, 101, -128, 1, 0},
99 {
100 48, 34, -96, 15, 48, 13, -126, 8, 78, 97, 109, 101, 46,
101 111, 114, 103, -128, 1, 0, -95, 15, 48, 13, -126, 8,
102 78, 97, 109, 101, 46, 111, 114, 103, -128, 1, 0},
103 {
104 48, 42, -96, 19, 48, 17, -126, 12, 100, 78, 83, 46, 78,
105 97, 109, 101, 46, 111, 114, 103, -128, 1, 0, -95, 19,
106 48, 17, -126, 12, 100, 78, 83, 46, 78, 97, 109, 101,
107 46, 111, 114, 103, -128, 1, 0},
108 {
109 48, 54, -96, 25, 48, 23, -122, 18, 104, 116, 116, 112,
110 58, 47, 47, 82, 101, 115, 111, 117, 114, 99, 101, 46,
111 73, 100, -128, 1, 0, -95, 25, 48, 23, -122, 18, 104,
112 116, 116, 112, 58, 47, 47, 82, 101, 115, 111, 117, 114,
113 99, 101, 46, 73, 100, -128, 1, 0},
114 {
115 48, 70, -96, 33, 48, 31, -122, 26, 104, 116, 116, 112,
116 58, 47, 47, 117, 110, 105, 102, 111, 114, 109, 46, 82,
117 101, 115, 111, 117, 114, 99, 101, 46, 73, 100, -128, 1,
118 0, -95, 33, 48, 31, -122, 26, 104, 116, 116, 112, 58,
119 47, 47, 117, 110, 105, 102, 111, 114, 109, 46, 82, 101,
120 115, 111, 117, 114, 99, 101, 46, 73, 100, -128, 1, 0},
121 {
122 48, 26, -96, 11, 48, 9, -121, 4, 1, 1, 1, 1, -128, 1,
123 0, -95, 11, 48, 9, -121, 4, 1, 1, 1, 1, -128, 1, 0},
124 {
125 48, 50, -96, 23, 48, 21, -121, 16, 1, 1, 1, 1, 1, 1, 1,
126 1, 1, 1, 1, 1, 1, 1, 1, 1, -128, 1, 0, -95, 23, 48, 21,
127 -121, 16, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1,
128 1, -128, 1, 0}};
129
130 /**
131 * @tests java.security.cert.X509CertSelector#addSubjectAlternativeName(int, byte[])
132 */
133 @TestTargetNew(
134 level = TestLevel.PARTIAL,
135 notes = "IOException checking missed",
136 method = "addSubjectAlternativeName",
137 args = {int.class, byte[].class}
138 )
139 public void test_addSubjectAlternativeNameLintLbyte_array() throws IOException {
140 // Regression for HARMONY-2487
141 int[] types = { 0, 1, 2, 3, 4, 5, 6, 7, 8 };
142 for (int i = 0; i < types.length; i++) {
143 try {
144 new X509CertSelector().addSubjectAlternativeName(types[i],
145 (byte[]) null);
146 fail("No expected NullPointerException for type: " + i);
147 } catch (NullPointerException e) {
148 }
149 }
150 }
151
152 /**
153 * @tests java.security.cert.X509CertSelector#addSubjectAlternativeName(int, String)
154 */
155 @TestTargetNew(
156 level = TestLevel.PARTIAL,
157 notes = "Verifies IOException.",
158 method = "addSubjectAlternativeName",
159 args = {int.class, java.lang.String.class}
160 )
161 public void test_addSubjectAlternativeNameLintLjava_lang_String() {
162 // Regression for HARMONY-727
163 int[] types = { 0, 2, 3, 4, 5, 6, 7, 8 };
164 for (int i = 0; i < types.length; i++) {
165 try {
166 new X509CertSelector().addSubjectAlternativeName(types[i],
167 "0xDFRF");
168 fail("IOException expected");
169 } catch (IOException e) {
170 }
171 }
172 }
173
174 /**
175 * @tests java.security.cert.X509CertSelector#addPathToName(int, byte[])
176 */
177 @TestTargetNew(
178 level = TestLevel.PARTIAL,
179 notes = "Verifies NullPointerException.",
180 method = "addPathToName",
181 args = {int.class, byte[].class}
182 )
183 public void test_addPathToNameLintLbyte_array() throws IOException {
184 // Regression for HARMONY-2487
185 int[] types = { 0, 1, 2, 3, 4, 5, 6, 7, 8 };
186 for (int i = 0; i < types.length; i++) {
187 try {
188 new X509CertSelector().addPathToName(types[i], (byte[]) null);
189 fail("No expected NullPointerException for type: " + i);
190 } catch (NullPointerException e) {
191 }
192 }
193 }
194
195 /**
196 * @tests java.security.cert.X509CertSelector#addPathToName(int, String)
197 */
198 @TestTargetNew(
199 level = TestLevel.PARTIAL,
200 notes = "Verifies IOException.",
201 method = "addPathToName",
202 args = {int.class, java.lang.String.class}
203 )
204 public void test_addPathToNameLintLjava_lang_String() {
205 // Regression for HARMONY-724
206 for (int type = 0; type <= 8; type++) {
207 try {
208 new X509CertSelector().addPathToName(type, (String) null);
209 fail("IOException expected!");
210 } catch (IOException ioe) {
211 // expected
212 }
213 }
214
215
216 }
217
218 /**
219 * @tests java.security.cert.X509CertSelector#X509CertSelector()
220 */
221 @TestTargetNew(
222 level = TestLevel.COMPLETE,
223 notes = "",
224 method = "X509CertSelector",
225 args = {}
226 )
227 public void test_X509CertSelector() {
228 X509CertSelector selector = null;
229 try {
230 selector = new X509CertSelector();
231 } catch (Exception e) {
232 fail("Unexpected exception " + e.getMessage());
233 }
234 assertEquals(-1, selector.getBasicConstraints());
235 assertTrue(selector.getMatchAllSubjectAltNames());
236 }
237
238 /**
239 * @tests java.security.cert.X509CertSelector#clone()
240 */
241 @TestTargetNew(
242 level = TestLevel.COMPLETE,
243 notes = "",
244 method = "clone",
245 args = {}
246 )
247 public void test_clone() throws Exception {
248 X509CertSelector selector = new X509CertSelector();
249 X509CertSelector selector1 = (X509CertSelector) selector.clone();
250
251 assertEquals(selector.getMatchAllSubjectAltNames(), selector1
252 .getMatchAllSubjectAltNames());
253 assertEquals(selector.getAuthorityKeyIdentifier(), selector1
254 .getAuthorityKeyIdentifier());
255 assertEquals(selector.getBasicConstraints(), selector1
256 .getBasicConstraints());
257 assertEquals(selector.getCertificate(), selector1.getCertificate());
258 assertEquals(selector.getCertificateValid(), selector1
259 .getCertificateValid());
260 assertEquals(selector.getExtendedKeyUsage(), selector1
261 .getExtendedKeyUsage());
262 assertEquals(selector.getIssuer(), selector1.getIssuer());
263 assertEquals(selector.getIssuerAsBytes(), selector1.getIssuerAsBytes());
264 assertEquals(selector.getIssuerAsString(), selector1
265 .getIssuerAsString());
266 assertEquals(selector.getKeyUsage(), selector1.getKeyUsage());
267 assertEquals(selector.getNameConstraints(), selector1
268 .getNameConstraints());
269 assertEquals(selector.getPathToNames(), selector1.getPathToNames());
270 assertEquals(selector.getPolicy(), selector1.getPolicy());
271 assertEquals(selector.getPrivateKeyValid(), selector1
272 .getPrivateKeyValid());
273 assertEquals(selector.getSerialNumber(), selector1.getSerialNumber());
274 assertEquals(selector.getSubject(), selector1.getSubject());
275 assertEquals(selector.getSubjectAlternativeNames(), selector1
276 .getSubjectAlternativeNames());
277 assertEquals(selector.getSubjectAsBytes(), selector1
278 .getSubjectAsBytes());
279 assertEquals(selector.getSubjectAsString(), selector1
280 .getSubjectAsString());
281 assertEquals(selector.getSubjectKeyIdentifier(), selector1
282 .getSubjectKeyIdentifier());
283 assertEquals(selector.getSubjectPublicKey(), selector1
284 .getSubjectPublicKey());
285 assertEquals(selector.getSubjectPublicKeyAlgID(), selector1
286 .getSubjectPublicKeyAlgID());
287
288 selector = null;
289 try {
290 selector.clone();
291 fail("NullPointerException expected");
292 } catch (NullPointerException e) {
293 // expected
294 }
295 }
296
297 /**
298 * @tests java.security.cert.X509CertSelector#getAuthorityKeyIdentifier()
299 */
300 @TestTargetNew(
301 level = TestLevel.COMPLETE,
302 notes = "",
303 method = "getAuthorityKeyIdentifier",
304 args = {}
305 )
306 public void test_getAuthorityKeyIdentifier() {
307 byte[] akid1 = new byte[] { 4, 5, 1, 2, 3, 4, 5 }; // random value
308 byte[] akid2 = new byte[] { 4, 5, 5, 4, 3, 2, 1 }; // random value
309 X509CertSelector selector = new X509CertSelector();
310
311 assertNull("Selector should return null", selector
312 .getAuthorityKeyIdentifier());
313 selector.setAuthorityKeyIdentifier(akid1);
314 assertTrue("The returned keyID should be equal to specified", Arrays
315 .equals(akid1, selector.getAuthorityKeyIdentifier()));
316 assertTrue("The returned keyID should be equal to specified", Arrays
317 .equals(akid1, selector.getAuthorityKeyIdentifier()));
318 assertFalse("The returned keyID should differ", Arrays.equals(akid2,
319 selector.getAuthorityKeyIdentifier()));
320 }
321
322 /**
323 * @tests java.security.cert.X509CertSelector#getBasicConstraints()
324 */
325 @TestTargetNew(
326 level = TestLevel.COMPLETE,
327 notes = "",
328 method = "getBasicConstraints",
329 args = {}
330 )
331 public void test_getBasicConstraints() {
332 X509CertSelector selector = new X509CertSelector();
333 int[] validValues = { 2, 1, 0, 1, 2, 3, 10, 20 };
334 for (int i = 0; i < validValues.length; i++) {
335 selector.setBasicConstraints(validValues[i]);
336 assertEquals(validValues[i], selector.getBasicConstraints());
337 }
338 }
339
340 /**
341 * @tests java.security.cert.X509CertSelector#getCertificate()
342 */
343 @TestTargetNew(
344 level = TestLevel.COMPLETE,
345 notes = "",
346 method = "getCertificate",
347 args = {}
348 )
349 public void test_getCertificate() throws CertificateException {
350 X509CertSelector selector = new X509CertSelector();
351 CertificateFactory certFact = CertificateFactory.getInstance("X509");
352 X509Certificate cert1 = (X509Certificate) certFact
353 .generateCertificate(new ByteArrayInputStream(TestUtils
354 .getX509Certificate_v3()));
355
356 X509Certificate cert2 = (X509Certificate) certFact
357 .generateCertificate(new ByteArrayInputStream(TestUtils
358 .getX509Certificate_v1()));
359
360 selector.setCertificate(cert1);
361 assertEquals(cert1, selector.getCertificate());
362
363 selector.setCertificate(cert2);
364 assertEquals(cert2, selector.getCertificate());
365
366 selector.setCertificate(null);
367 assertNull(selector.getCertificate());
368 }
369
370 /**
371 * @tests java.security.cert.X509CertSelector#getCertificateValid()
372 */
373 @TestTargetNew(
374 level = TestLevel.COMPLETE,
375 notes = "",
376 method = "getCertificateValid",
377 args = {}
378 )
379 public void test_getCertificateValid() {
380 Date date1 = new Date(100);
381 Date date2 = new Date(200);
382 Date date3 = Calendar.getInstance().getTime();
383 X509CertSelector selector = new X509CertSelector();
384
385 assertNull("Selector should return null", selector
386 .getCertificateValid());
387 selector.setCertificateValid(date1);
388 assertTrue("The returned date should be equal to specified", date1
389 .equals(selector.getCertificateValid()));
390 selector.getCertificateValid().setTime(200);
391 assertTrue("The returned date should be equal to specified", date1
392 .equals(selector.getCertificateValid()));
393 assertFalse("The returned date should differ", date2.equals(selector
394 .getCertificateValid()));
395 selector.setCertificateValid(date3);
396 assertTrue("The returned date should be equal to specified", date3
397 .equals(selector.getCertificateValid()));
398 selector.setCertificateValid(null);
399 assertNull(selector.getCertificateValid());
400 }
401
402 /**
403 * @tests java.security.cert.X509CertSelector#getExtendedKeyUsage()
404 */
405 @TestTargetNew(
406 level = TestLevel.COMPLETE,
407 notes = "",
408 method = "getExtendedKeyUsage",
409 args = {}
410 )
411 public void test_getExtendedKeyUsage() {
412 HashSet<String> ku = new HashSet<String>(Arrays
413 .asList(new String[] { "1.3.6.1.5.5.7.3.1",
414 "1.3.6.1.5.5.7.3.2", "1.3.6.1.5.5.7.3.3",
415 "1.3.6.1.5.5.7.3.4", "1.3.6.1.5.5.7.3.8",
416 "1.3.6.1.5.5.7.3.9", "1.3.6.1.5.5.7.3.5",
417 "1.3.6.1.5.5.7.3.6", "1.3.6.1.5.5.7.3.7" }));
418 X509CertSelector selector = new X509CertSelector();
419
420 assertNull("Selector should return null", selector
421 .getExtendedKeyUsage());
422 try {
423 selector.setExtendedKeyUsage(ku);
424 } catch (IOException e) {
425 fail("Unexpected IOException was thrown.");
426 }
427 assertTrue(
428 "The returned extendedKeyUsage should be equal to specified",
429 ku.equals(selector.getExtendedKeyUsage()));
430 try {
431 selector.getExtendedKeyUsage().add("KRIBLEGRABLI");
432 fail("The returned Set should be immutable.");
433 } catch (UnsupportedOperationException e) {
434 // expected
435 }
436 }
437
438 /**
439 * @tests java.security.cert.X509CertSelector#getIssuer()
440 */
441 @TestTargetNew(
442 level = TestLevel.COMPLETE,
443 notes = "",
444 method = "getIssuer",
445 args = {}
446 )
447 public void test_getIssuer() {
448 X500Principal iss1 = new X500Principal("O=First Org.");
449 X500Principal iss2 = new X500Principal("O=Second Org.");
450 X509CertSelector selector = new X509CertSelector();
451
452 assertNull("Selector should return null", selector.getIssuer());
453 selector.setIssuer(iss1);
454 assertEquals("The returned issuer should be equal to specified", iss1,
455 selector.getIssuer());
456 assertFalse("The returned issuer should differ", iss2.equals(selector
457 .getIssuer()));
458 }
459
460 /**
461 * @tests java.security.cert.X509CertSelector#getIssuerAsBytes()
462 */
463 @TestTargetNew(
464 level = TestLevel.COMPLETE,
465 notes = "",
466 method = "getIssuerAsBytes",
467 args = {}
468 )
469 public void test_getIssuerAsBytes() {
470 byte[] name1 = new byte[]
471 // manually obtained DER encoding of "O=First Org." issuer name;
472 { 48, 21, 49, 19, 48, 17, 6, 3, 85, 4, 10, 19, 10, 70, 105, 114, 115,
473 116, 32, 79, 114, 103, 46 };
474
475 byte[] name2 = new byte[]
476 // manually obtained DER encoding of "O=Second Org." issuer name;
477 { 48, 22, 49, 20, 48, 18, 6, 3, 85, 4, 10, 19, 11, 83, 101, 99, 111,
478 110, 100, 32, 79, 114, 103, 46 };
479 X500Principal iss1 = new X500Principal(name1);
480 X500Principal iss2 = new X500Principal(name2);
481 X509CertSelector selector = new X509CertSelector();
482
483 try {
484 assertNull("Selector should return null", selector
485 .getIssuerAsBytes());
486 selector.setIssuer(iss1);
487 assertTrue("The returned issuer should be equal to specified",
488 Arrays.equals(name1, selector.getIssuerAsBytes()));
489 assertFalse("The returned issuer should differ", name2
490 .equals(selector.getIssuerAsBytes()));
491 selector.setIssuer(iss2);
492 assertTrue("The returned issuer should be equal to specified",
493 Arrays.equals(name2, selector.getIssuerAsBytes()));
494 } catch (IOException e) {
495 fail("Unexpected IOException was thrown.");
496 }
497 }
498
499 /**
500 * @tests java.security.cert.X509CertSelector#getIssuerAsString()
501 */
502 @TestTargetNew(
503 level = TestLevel.COMPLETE,
504 notes = "",
505 method = "getIssuerAsString",
506 args = {}
507 )
508 public void test_getIssuerAsString() {
509 String name1 = "O=First Org.";
510 String name2 = "O=Second Org.";
511 X500Principal iss1 = new X500Principal(name1);
512 X500Principal iss2 = new X500Principal(name2);
513 X509CertSelector selector = new X509CertSelector();
514
515 assertNull("Selector should return null", selector.getIssuerAsString());
516 selector.setIssuer(iss1);
517 assertEquals("The returned issuer should be equal to specified", name1,
518 selector.getIssuerAsString());
519 assertFalse("The returned issuer should differ", name2.equals(selector
520 .getIssuerAsString()));
521 selector.setIssuer(iss2);
522 assertEquals("The returned issuer should be equal to specified", name2,
523 selector.getIssuerAsString());
524 }
525
526 /**
527 * @tests java.security.cert.X509CertSelector#getKeyUsage()
528 */
529 @TestTargetNew(
530 level = TestLevel.COMPLETE,
531 notes = "",
532 method = "getKeyUsage",
533 args = {}
534 )
535 public void test_getKeyUsage() {
536 boolean[] ku = new boolean[] { true, false, true, false, true, false,
537 true, false, true };
538 X509CertSelector selector = new X509CertSelector();
539
540 assertNull("Selector should return null", selector.getKeyUsage());
541 selector.setKeyUsage(ku);
542 assertTrue("The returned date should be equal to specified", Arrays
543 .equals(ku, selector.getKeyUsage()));
544 boolean[] result = selector.getKeyUsage();
545 result[0] = !result[0];
546 assertTrue("The returned keyUsage should be equal to specified", Arrays
547 .equals(ku, selector.getKeyUsage()));
548 }
549
550 /**
551 * @tests java.security.cert.X509CertSelector#getMatchAllSubjectAltNames()
552 */
553 @TestTargetNew(
554 level = TestLevel.COMPLETE,
555 notes = "",
556 method = "getMatchAllSubjectAltNames",
557 args = {}
558 )
559 public void test_getMatchAllSubjectAltNames() {
560 X509CertSelector selector = new X509CertSelector();
561 assertTrue("The matchAllNames initially should be true", selector
562 .getMatchAllSubjectAltNames());
563 selector.setMatchAllSubjectAltNames(false);
564 assertFalse("The value should be false", selector
565 .getMatchAllSubjectAltNames());
566 }
567
568 /**
569 * @tests java.security.cert.X509CertSelector#getNameConstraints()
570 */
571 @TestTargetNew(
572 level = TestLevel.COMPLETE,
573 notes = "",
574 method = "getNameConstraints",
575 args = {}
576 )
577 public void test_getNameConstraints() throws IOException {
578
579// Used to generate following byte array
580// GeneralName[] name_constraints = new GeneralName[] {
581// new GeneralName(1, "822.Name"),
582// new GeneralName(1, "rfc@822.Name"),
583// new GeneralName(2, "Name.org"),
584// new GeneralName(2, "dNS.Name.org"),
585//
586// new GeneralName(6, "http://Resource.Id"),
587// new GeneralName(6, "http://uniform.Resource.Id"),
588// new GeneralName(7, "1.1.1.1"),
589//
590// new GeneralName(new byte[] { 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1,
591// 1, 1, 1, 1, 1 }), };
592//
593// constraintBytes = new byte[name_constraints.length][];
594//
595// for (int i = 0; i < name_constraints.length; i++) {
596// GeneralSubtree subtree = new GeneralSubtree(name_constraints[i]);
597// GeneralSubtrees subtrees = new GeneralSubtrees();
598// subtrees.addSubtree(subtree);
599// NameConstraints constraints = new NameConstraints(subtrees,
600// subtrees);
601// constraintBytes[i] = constraints.getEncoded();
602// }
603// System.out.println("XXX"+Arrays.deepToString(constraintBytes)+"XXX");
604
605 X509CertSelector selector = new X509CertSelector();
606
607 for (int i = 0; i < constraintBytes.length; i++) {
608 selector.setNameConstraints(constraintBytes[i]);
609 assertTrue(Arrays.equals(constraintBytes[i], selector
610 .getNameConstraints()));
611 }
612 }
613
614 /**
615 * @tests java.security.cert.X509CertSelector#getPathToNames()
616 */
617 @TestTargetNew(
618 level = TestLevel.COMPLETE,
619 notes = "",
620 method = "getPathToNames",
621 args = {}
622 )
623 public void test_getPathToNames() {
624 try {
625 GeneralName san0 = new GeneralName(new OtherName("1.2.3.4.5",
626 new byte[] { 1, 2, 0, 1 }));
627 GeneralName san1 = new GeneralName(1, "rfc@822.Name");
628 GeneralName san2 = new GeneralName(2, "dNSName");
629 GeneralName san3 = new GeneralName(new ORAddress());
630 GeneralName san4 = new GeneralName(new Name("O=Organization"));
631 GeneralName san6 = new GeneralName(6, "http://uniform.Resource.Id");
632 GeneralName san7 = new GeneralName(7, "1.1.1.1");
633 GeneralName san8 = new GeneralName(8, "1.2.3.4444.55555");
634
635 GeneralNames sans1 = new GeneralNames();
636 sans1.addName(san0);
637 sans1.addName(san1);
638 sans1.addName(san2);
639 sans1.addName(san3);
640 sans1.addName(san4);
641 sans1.addName(san6);
642 sans1.addName(san7);
643 sans1.addName(san8);
644 GeneralNames sans2 = new GeneralNames();
645 sans2.addName(san0);
646
647 TestCert cert1 = new TestCert(sans1);
648 TestCert cert2 = new TestCert(sans2);
649 X509CertSelector selector = new X509CertSelector();
650 selector.setMatchAllSubjectAltNames(true);
651
652 selector.setPathToNames(null);
653 assertTrue("Any certificate should match in the case of null "
654 + "subjectAlternativeNames criteria.", selector
655 .match(cert1)
656 && selector.match(cert2));
657
658 Collection<List<?>> sans = sans1.getPairsList();
659
660 selector.setPathToNames(sans);
661
662 Collection<List<?>> col = selector.getPathToNames();
663 Iterator<List<?>> i = col.iterator();
664 while (i.hasNext()) {
665 Object o = i.next();
666 if (!(o instanceof List)) {
667 fail("expected a List");
668 }
669 }
670
671 } catch (IOException e) {
672 e.printStackTrace();
673 fail("Unexpected IOException was thrown.");
674 }
675 }
676
677 /**
678 * @tests java.security.cert.X509CertSelector#getPolicy()
679 */
680 @TestTargetNew(
681 level = TestLevel.COMPLETE,
682 notes = "",
683 method = "getPolicy",
684 args = {}
685 )
686 public void test_getPolicy() throws IOException {
687 String[] policies1 = new String[] { "1.3.6.1.5.5.7.3.1",
688 "1.3.6.1.5.5.7.3.2", "1.3.6.1.5.5.7.3.3", "1.3.6.1.5.5.7.3.4",
689 "1.3.6.1.5.5.7.3.8", "1.3.6.1.5.5.7.3.9", "1.3.6.1.5.5.7.3.5",
690 "1.3.6.1.5.5.7.3.6", "1.3.6.1.5.5.7.3.7" };
691
692 String[] policies2 = new String[] { "1.3.6.7.3.1" };
693
694 HashSet<String> p1 = new HashSet<String>(Arrays.asList(policies1));
695 HashSet<String> p2 = new HashSet<String>(Arrays.asList(policies2));
696
697 X509CertSelector selector = new X509CertSelector();
698
699 selector.setPolicy(null);
700 assertNull(selector.getPolicy());
701
702 selector.setPolicy(p1);
703 assertEquals("The returned date should be equal to specified", p1, selector.getPolicy());
704
705 selector.setPolicy(p2);
706 assertEquals("The returned date should be equal to specified", p2, selector.getPolicy());
707 }
708
709 /**
710 * @tests java.security.cert.X509CertSelector#getPrivateKeyValid()
711 */
712 @TestTargetNew(
713 level = TestLevel.COMPLETE,
714 notes = "",
715 method = "getPrivateKeyValid",
716 args = {}
717 )
718 public void test_getPrivateKeyValid() {
719 Date date1 = new Date(100);
720 Date date2 = new Date(200);
721 X509CertSelector selector = new X509CertSelector();
722
723 assertNull("Selector should return null", selector.getPrivateKeyValid());
724 selector.setPrivateKeyValid(date1);
725 assertTrue("The returned date should be equal to specified", date1
726 .equals(selector.getPrivateKeyValid()));
727 selector.getPrivateKeyValid().setTime(200);
728 assertTrue("The returned date should be equal to specified", date1
729 .equals(selector.getPrivateKeyValid()));
730 assertFalse("The returned date should differ", date2.equals(selector
731 .getPrivateKeyValid()));
732 }
733
734 /**
735 * @tests java.security.cert.X509CertSelector#getSerialNumber()
736 */
737 @TestTargetNew(
738 level = TestLevel.COMPLETE,
739 notes = "",
740 method = "getSerialNumber",
741 args = {}
742 )
743 public void test_getSerialNumber() {
744 BigInteger ser1 = new BigInteger("10000");
745 BigInteger ser2 = new BigInteger("10001");
746 X509CertSelector selector = new X509CertSelector();
747
748 assertNull("Selector should return null", selector.getSerialNumber());
749 selector.setSerialNumber(ser1);
750 assertEquals("The returned serial number should be equal to specified",
751 ser1, selector.getSerialNumber());
752 assertFalse("The returned serial number should differ", ser2
753 .equals(selector.getSerialNumber()));
754 }
755
756 /**
757 * @tests java.security.cert.X509CertSelector#getSubject()
758 */
759 @TestTargetNew(
760 level = TestLevel.COMPLETE,
761 notes = "",
762 method = "getSubject",
763 args = {}
764 )
765 public void test_getSubject() {
766 X500Principal sub1 = new X500Principal("O=First Org.");
767 X500Principal sub2 = new X500Principal("O=Second Org.");
768 X509CertSelector selector = new X509CertSelector();
769
770 assertNull("Selector should return null", selector.getSubject());
771 selector.setSubject(sub1);
772 assertEquals("The returned subject should be equal to specified", sub1,
773 selector.getSubject());
774 assertFalse("The returned subject should differ", sub2.equals(selector
775 .getSubject()));
776 }
777
778 /**
779 * @tests java.security.cert.X509CertSelector#getSubjectAlternativeNames()
780 */
781 @TestTargetNew(
782 level = TestLevel.COMPLETE,
783 notes = "",
784 method = "getSubjectAlternativeNames",
785 args = {}
786 )
787 public void test_getSubjectAlternativeNames() {
788 try {
789 GeneralName san1 = new GeneralName(1, "rfc@822.Name");
790 GeneralName san2 = new GeneralName(2, "dNSName");
791
792 GeneralNames sans = new GeneralNames();
793 sans.addName(san1);
794 sans.addName(san2);
795
796 TestCert cert_1 = new TestCert(sans);
797 X509CertSelector selector = new X509CertSelector();
798
799 assertNull("Selector should return null", selector
800 .getSubjectAlternativeNames());
801
802 selector.setSubjectAlternativeNames(sans.getPairsList());
803 assertTrue("The certificate should match the selection criteria.",
804 selector.match(cert_1));
805 selector.getSubjectAlternativeNames().clear();
806 assertTrue("The modification of initialization object "
807 + "should not affect the modification "
808 + "of internal object.", selector.match(cert_1));
809 } catch (IOException e) {
810 e.printStackTrace();
811 fail("Unexpected IOException was thrown.");
812 }
813 }
814
815 /**
816 * @tests java.security.cert.X509CertSelector#getSubjectAsBytes()
817 */
818 @TestTargetNew(
819 level = TestLevel.COMPLETE,
820 notes = "",
821 method = "getSubjectAsBytes",
822 args = {}
823 )
824 public void test_getSubjectAsBytes() {
825 byte[] name1 = new byte[]
826 // manually obtained DER encoding of "O=First Org." issuer name;
827 { 48, 21, 49, 19, 48, 17, 6, 3, 85, 4, 10, 19, 10, 70, 105, 114, 115,
828 116, 32, 79, 114, 103, 46 };
829 byte[] name2 = new byte[]
830 // manually obtained DER encoding of "O=Second Org." issuer name;
831 { 48, 22, 49, 20, 48, 18, 6, 3, 85, 4, 10, 19, 11, 83, 101, 99, 111,
832 110, 100, 32, 79, 114, 103, 46 };
833
834 X500Principal sub1 = new X500Principal(name1);
835 X500Principal sub2 = new X500Principal(name2);
836 X509CertSelector selector = new X509CertSelector();
837
838 try {
839 assertNull("Selector should return null", selector
840 .getSubjectAsBytes());
841 selector.setSubject(sub1);
842 assertTrue("The returned issuer should be equal to specified",
843 Arrays.equals(name1, selector.getSubjectAsBytes()));
844 assertFalse("The returned issuer should differ", name2
845 .equals(selector.getSubjectAsBytes()));
846 selector.setSubject(sub2);
847 assertTrue("The returned issuer should be equal to specified",
848 Arrays.equals(name2, selector.getSubjectAsBytes()));
849 } catch (IOException e) {
850 fail("Unexpected IOException was thrown.");
851 }
852 }
853
854 /**
855 * @tests java.security.cert.X509CertSelector#getSubjectAsString()
856 */
857 @TestTargetNew(
858 level = TestLevel.COMPLETE,
859 notes = "",
860 method = "getSubjectAsString",
861 args = {}
862 )
863 public void test_getSubjectAsString() {
864 String name1 = "O=First Org.";
865 String name2 = "O=Second Org.";
866 X500Principal sub1 = new X500Principal(name1);
867 X500Principal sub2 = new X500Principal(name2);
868 X509CertSelector selector = new X509CertSelector();
869
870 assertNull("Selector should return null", selector.getSubjectAsString());
871 selector.setSubject(sub1);
872 assertEquals("The returned subject should be equal to specified",
873 name1, selector.getSubjectAsString());
874 assertFalse("The returned subject should differ", name2.equals(selector
875 .getSubjectAsString()));
876 selector.setSubject(sub2);
877 assertEquals("The returned subject should be equal to specified",
878 name2, selector.getSubjectAsString());
879 }
880
881 /**
882 * @tests java.security.cert.X509CertSelector#getSubjectKeyIdentifier()
883 */
884 @TestTargetNew(
885 level = TestLevel.COMPLETE,
886 notes = "",
887 method = "getSubjectKeyIdentifier",
888 args = {}
889 )
890 public void test_getSubjectKeyIdentifier() {
891 byte[] skid1 = new byte[] { 1, 2, 3, 4, 5 }; // random value
892 byte[] skid2 = new byte[] { 4, 5, 5, 4, 3, 2, 1 }; // random value
893 X509CertSelector selector = new X509CertSelector();
894
895 assertNull("Selector should return null", selector
896 .getSubjectKeyIdentifier());
897 selector.setSubjectKeyIdentifier(skid1);
898 assertTrue("The returned keyID should be equal to specified", Arrays
899 .equals(skid1, selector.getSubjectKeyIdentifier()));
900 selector.getSubjectKeyIdentifier()[0]++;
901 assertTrue("The returned keyID should be equal to specified", Arrays
902 .equals(skid1, selector.getSubjectKeyIdentifier()));
903 assertFalse("The returned keyID should differ", Arrays.equals(skid2,
904 selector.getSubjectKeyIdentifier()));
905 }
906
907 /**
908 * @tests java.security.cert.X509CertSelector#getSubjectPublicKey()
909 */
910 @TestTargetNew(
911 level = TestLevel.COMPLETE,
912 notes = "",
913 method = "getSubjectPublicKey",
914 args = {}
915 )
916 public void test_getSubjectPublicKey() throws Exception {
917
918 // SubjectPublicKeyInfo ::= SEQUENCE {
919 // algorithm AlgorithmIdentifier,
920 // subjectPublicKey BIT STRING }
921 byte[] enc = { 0x30, 0x0E, // SEQUENCE
922 0x30, 0x07, // SEQUENCE
923 0x06, 0x02, 0x03, 0x05,// OID
924 0x01, 0x01, 0x07, // ANY
925 0x03, 0x03, 0x01, 0x01, 0x06, // subjectPublicKey
926 };
927
928 X509CertSelector selector = new X509CertSelector();
929
930 selector.setSubjectPublicKey(enc);
931 PublicKey key = selector.getSubjectPublicKey();
932 assertEquals("0.3.5", key.getAlgorithm());
933 assertEquals("X.509", key.getFormat());
934 assertTrue(Arrays.equals(enc, key.getEncoded()));
935 assertNotNull(key.toString());
936
937 key = new MyPublicKey();
938
939 selector.setSubjectPublicKey(key);
940 PublicKey keyActual = selector.getSubjectPublicKey();
941 assertEquals(key, keyActual);
942 assertEquals(key.getAlgorithm(), keyActual.getAlgorithm());
943 }
944
945 /**
946 * @tests java.security.cert.X509CertSelector#getSubjectPublicKeyAlgID()
947 */
948 @TestTargetNew(
949 level = TestLevel.COMPLETE,
950 notes = "",
951 method = "getSubjectPublicKeyAlgID",
952 args = {}
953 )
954 public void test_getSubjectPublicKeyAlgID() {
955
956 X509CertSelector selector = new X509CertSelector();
957 String[] validOIDs = { "0.0.20", "1.25.0", "2.0.39", "0.2.10", "1.35.15",
958 "2.17.89" };
959
960 assertNull("Selector should return null", selector
961 .getSubjectPublicKeyAlgID());
962
963 for (int i = 0; i < validOIDs.length; i++) {
964 try {
965 selector.setSubjectPublicKeyAlgID(validOIDs[i]);
966 assertEquals(validOIDs[i], selector.getSubjectPublicKeyAlgID());
967 } catch (IOException e) {
968 System.out.println("t = " + e.getMessage());
969 //fail("Unexpected exception " + e.getMessage());
970 }
971 }
972
973 String pkaid1 = "1.2.840.113549.1.1.1"; // RSA encryption
974 String pkaid2 = "1.2.840.113549.1.1.4"; // MD5 with RSA encryption
975
976 try {
977 selector.setSubjectPublicKeyAlgID(pkaid1);
978 } catch (IOException e) {
979 fail("Unexpected IOException was thrown.");
980 }
981 assertTrue("The returned oid should be equal to specified", pkaid1
982 .equals(selector.getSubjectPublicKeyAlgID()));
983 assertFalse("The returned oid should differ", pkaid2.equals(selector
984 .getSubjectPublicKeyAlgID()));
985 }
986
987 /**
988 * @tests java.security.cert.X509CertSelector#match(java.security.cert.Certificate)
989 */
990 @TestTargetNew(
991 level = TestLevel.COMPLETE,
992 notes = "",
993 method = "match",
994 args = {java.security.cert.Certificate.class}
995 )
996 public void test_matchLjava_security_cert_Certificate()
997 throws CertificateException {
998 X509CertSelector selector = new X509CertSelector();
999 assertFalse(selector.match(null));
1000
1001 CertificateFactory certFact = CertificateFactory.getInstance("X509");
1002 X509Certificate cert1 = (X509Certificate) certFact
1003 .generateCertificate(new ByteArrayInputStream(TestUtils
1004 .getX509Certificate_v3()));
1005
1006 X509Certificate cert2 = (X509Certificate) certFact
1007 .generateCertificate(new ByteArrayInputStream(TestUtils
1008 .getX509Certificate_v1()));
1009
1010 selector.setCertificate(cert1);
1011 assertTrue(selector.match(cert1));
1012 assertFalse(selector.match(cert2));
1013
1014 selector.setCertificate(cert2);
1015 assertFalse(selector.match(cert1));
1016 assertTrue(selector.match(cert2));
1017 }
1018
1019 /**
1020 * @tests java.security.cert.X509CertSelector#setAuthorityKeyIdentifier(byte[])
1021 */
1022 @TestTargetNew(
1023 level = TestLevel.COMPLETE,
1024 notes = "",
1025 method = "setAuthorityKeyIdentifier",
1026 args = {byte[].class}
1027 )
1028 public void test_setAuthorityKeyIdentifierLB$() throws CertificateException {
1029 X509CertSelector selector = new X509CertSelector();
1030
1031 byte[] akid1 = new byte[] { 1, 2, 3, 4, 5 }; // random value
1032 byte[] akid2 = new byte[] { 5, 4, 3, 2, 1 }; // random value
1033 TestCert cert1 = new TestCert(akid1);
1034 TestCert cert2 = new TestCert(akid2);
1035
1036 selector.setAuthorityKeyIdentifier(null);
1037 assertTrue("The certificate should match the selection criteria.",
1038 selector.match(cert1));
1039 assertTrue("The certificate should match the selection criteria.",
1040 selector.match(cert2));
1041 assertNull(selector.getAuthorityKeyIdentifier());
1042
1043 selector.setAuthorityKeyIdentifier(akid1);
1044 assertTrue("The certificate should not match the selection criteria.",
1045 selector.match(cert1));
1046 assertFalse("The certificate should not match the selection criteria.",
1047 selector.match(cert2));
1048 selector.setAuthorityKeyIdentifier(akid2);
1049 assertFalse("The certificate should not match the selection criteria.",
1050 selector.match(cert1));
1051 assertTrue("The certificate should not match the selection criteria.",
1052 selector.match(cert2));
1053
1054 akid2[0]++;
1055 assertTrue("The certificate should match the selection criteria.",
1056 selector.match(cert2));
1057 }
1058
1059 /**
1060 * @tests java.security.cert.X509CertSelector#setBasicConstraints(int)
1061 */
1062 @TestTargetNew(
1063 level = TestLevel.COMPLETE,
1064 notes = "",
1065 method = "setBasicConstraints",
1066 args = {int.class}
1067 )
1068 public void test_setBasicConstraintsLint() {
1069 X509CertSelector selector = new X509CertSelector();
1070 int[] invalidValues = { -3, -4, -5, 1000000000 };
1071 for (int i = 0; i < invalidValues.length; i++) {
1072 try {
1073 selector.setBasicConstraints(-3);
1074 fail("IllegalArgumentException expected");
1075 } catch (IllegalArgumentException e) {
1076 // expected
1077 }
1078 }
1079
1080 int[] validValues = { -2, -1, 0, 1, 2, 3, 10, 20 };
1081 for (int i = 0; i < validValues.length; i++) {
1082 selector.setBasicConstraints(validValues[i]);
1083 assertEquals(validValues[i], selector.getBasicConstraints());
1084 }
1085 }
1086
1087 /**
1088 * @tests java.security.cert.X509CertSelector#setCertificate(java.security.cert.Certificate)
1089 */
1090 @TestTargetNew(
1091 level = TestLevel.COMPLETE,
1092 notes = "",
1093 method = "setCertificate",
1094 args = {java.security.cert.X509Certificate.class}
1095 )
1096 public void test_setCertificateLjava_security_cert_X509Certificate()
1097 throws CertificateException {
1098
1099 TestCert cert1 = new TestCert("same certificate");
1100 TestCert cert2 = new TestCert("other certificate");
1101 X509CertSelector selector = new X509CertSelector();
1102
1103 selector.setCertificate(null);
1104 assertTrue("Any certificates should match in the case of null "
1105 + "certificateEquals criteria.", selector.match(cert1)
1106 && selector.match(cert2));
1107 selector.setCertificate(cert1);
1108 assertTrue("The certificate should match the selection criteria.",
1109 selector.match(cert1));
1110 assertFalse("The certificate should not match the selection criteria.",
1111 selector.match(cert2));
1112 selector.setCertificate(cert2);
1113 assertTrue("The certificate should match the selection criteria.",
1114 selector.match(cert2));
1115 selector.setCertificate(null);
1116 assertNull(selector.getCertificate());
1117 }
1118
1119 /**
1120 * @tests java.security.cert.X509CertSelector#setCertificateValid(java.util.Date)
1121 */
1122 @TestTargetNew(
1123 level = TestLevel.COMPLETE,
1124 notes = "",
1125 method = "setCertificateValid",
1126 args = {java.util.Date.class}
1127 )
1128 public void test_setCertificateValidLjava_util_Date()
1129 throws CertificateException {
1130 X509CertSelector selector = new X509CertSelector();
1131
1132 Date date1 = new Date(100);
1133 Date date2 = new Date(200);
1134 TestCert cert1 = new TestCert(date1);
1135 TestCert cert2 = new TestCert(date2);
1136
1137 selector.setCertificateValid(null);
1138 assertNull(selector.getCertificateValid());
1139 selector.setCertificateValid(date1);
1140 assertTrue("The certificate should match the selection criteria.",
1141 selector.match(cert1));
1142 assertFalse("The certificate should not match the selection criteria.",
1143 selector.match(cert2));
1144 selector.setCertificateValid(date2);
1145 date2.setTime(300);
1146 assertTrue("The certificate should match the selection criteria.",
1147 selector.match(cert2));
1148 }
1149
1150 /**
1151 * @tests java.security.cert.X509CertSelector#setExtendedKeyUsage(Set<String>)
1152 */
1153 @TestTargetNew(
1154 level = TestLevel.COMPLETE,
1155 notes = "",
1156 method = "setExtendedKeyUsage",
1157 args = {java.util.Set.class}
1158 )
1159 public void test_setExtendedKeyUsageLjava_util_Set()
1160 throws CertificateException {
1161 HashSet<String> ku1 = new HashSet<String>(Arrays
1162 .asList(new String[] { "1.3.6.1.5.5.7.3.1",
1163 "1.3.6.1.5.5.7.3.2", "1.3.6.1.5.5.7.3.3",
1164 "1.3.6.1.5.5.7.3.4", "1.3.6.1.5.5.7.3.8",
1165 "1.3.6.1.5.5.7.3.9", "1.3.6.1.5.5.7.3.5",
1166 "1.3.6.1.5.5.7.3.6", "1.3.6.1.5.5.7.3.7" }));
1167 HashSet<String> ku2 = new HashSet<String>(Arrays.asList(new String[] {
1168 "1.3.6.1.5.5.7.3.1", "1.3.6.1.5.5.7.3.2", "1.3.6.1.5.5.7.3.3",
1169 "1.3.6.1.5.5.7.3.4", "1.3.6.1.5.5.7.3.8", "1.3.6.1.5.5.7.3.9",
1170 "1.3.6.1.5.5.7.3.5", "1.3.6.1.5.5.7.3.6" }));
1171 TestCert cert1 = new TestCert(ku1);
1172 TestCert cert2 = new TestCert(ku2);
1173
1174 X509CertSelector selector = new X509CertSelector();
1175
1176 try {
1177 selector.setExtendedKeyUsage(null);
1178 } catch (IOException e) {
1179 fail("Unexpected IOException was thrown.");
1180 }
1181 assertTrue("Any certificate should match in the case of null "
1182 + "extendedKeyUsage criteria.", selector.match(cert1)
1183 && selector.match(cert2));
1184 try {
1185 selector.setExtendedKeyUsage(ku1);
1186 } catch (IOException e) {
1187 fail("Unexpected IOException was thrown.");
1188 }
1189 assertEquals(ku1, selector.getExtendedKeyUsage());
1190
1191 try {
1192 selector.setExtendedKeyUsage(ku2);
1193 } catch (IOException e) {
1194 fail("Unexpected IOException was thrown.");
1195 }
1196 assertEquals(ku2, selector.getExtendedKeyUsage());
1197 }
1198
1199 /**
1200 * @tests java.security.cert.X509CertSelector#setIssuer(byte[])
1201 */
1202 @TestTargetNew(
1203 level = TestLevel.COMPLETE,
1204 notes = "",
1205 method = "setIssuer",
1206 args = {byte[].class}
1207 )
1208 public void test_setIssuerLB$() throws CertificateException {
1209 byte[] name1 = new byte[]
1210 // manually obtained DER encoding of "O=First Org." issuer name;
1211 { 48, 21, 49, 19, 48, 17, 6, 3, 85, 4, 10, 19, 10, 70, 105, 114, 115,
1212 116, 32, 79, 114, 103, 46 };
1213 byte[] name2 = new byte[]
1214 // manually obtained DER encoding of "O=Second Org." issuer name;
1215 { 48, 22, 49, 20, 48, 18, 6, 3, 85, 4, 10, 19, 11, 83, 101, 99, 111,
1216 110, 100, 32, 79, 114, 103, 46 };
1217 X500Principal iss1 = new X500Principal(name1);
1218 X500Principal iss2 = new X500Principal(name2);
1219 TestCert cert1 = new TestCert(iss1);
1220 TestCert cert2 = new TestCert(iss2);
1221
1222 X509CertSelector selector = new X509CertSelector();
1223
1224 try {
1225 selector.setIssuer((byte[]) null);
1226 } catch (IOException e) {
1227 fail("Unexpected IOException was thrown.");
1228 }
1229 assertTrue("Any certificates should match "
1230 + "in the case of null issuer criteria.", selector.match(cert1)
1231 && selector.match(cert2));
1232 try {
1233 selector.setIssuer(name1);
1234 } catch (IOException e) {
1235 fail("Unexpected IOException was thrown.");
1236 }
1237 assertTrue("The certificate should match the selection criteria.",
1238 selector.match(cert1));
1239 assertFalse("The certificate should not match the selection criteria.",
1240 selector.match(cert2));
1241 try {
1242 selector.setIssuer(name2);
1243 } catch (IOException e) {
1244 fail("Unexpected IOException was thrown.");
1245 }
1246 assertTrue("The certificate should match the selection criteria.",
1247 selector.match(cert2));
1248 }
1249
1250 /**
1251 * @tests java.security.cert.X509CertSelector#setIssuer(java.lang.String)
1252 */
1253 @TestTargetNew(
1254 level = TestLevel.COMPLETE,
1255 notes = "",
1256 method = "setIssuer",
1257 args = {java.lang.String.class}
1258 )
1259 public void test_setIssuerLjava_lang_String() throws CertificateException {
1260
1261 String name1 = "O=First Org.";
1262 String name2 = "O=Second Org.";
1263 X500Principal iss1 = new X500Principal(name1);
1264 X500Principal iss2 = new X500Principal(name2);
1265 TestCert cert1 = new TestCert(iss1);
1266 TestCert cert2 = new TestCert(iss2);
1267
1268 X509CertSelector selector = new X509CertSelector();
1269
1270 try {
1271 selector.setIssuer((String) null);
1272 } catch (IOException e) {
1273 fail("Unexpected IOException was thrown.");
1274 }
1275 assertTrue("Any certificates should match "
1276 + "in the case of null issuer criteria.", selector.match(cert1)
1277 && selector.match(cert2));
1278 try {
1279 selector.setIssuer(name1);
1280 } catch (IOException e) {
1281 fail("Unexpected IOException was thrown.");
1282 }
1283 assertTrue("The certificate should match the selection criteria.",
1284 selector.match(cert1));
1285 assertFalse("The certificate should not match the selection criteria.",
1286 selector.match(cert2));
1287 try {
1288 selector.setIssuer(name2);
1289 } catch (IOException e) {
1290 fail("Unexpected IOException was thrown.");
1291 }
1292 assertTrue("The certificate should match the selection criteria.",
1293 selector.match(cert2));
1294 }
1295
1296 /**
1297 * @tests java.security.cert.X509CertSelector#setIssuer(javax.security.auth.x500.X500Principal)
1298 */
1299 @TestTargetNew(
1300 level = TestLevel.COMPLETE,
1301 notes = "",
1302 method = "setIssuer",
1303 args = {javax.security.auth.x500.X500Principal.class}
1304 )
1305 public void test_setIssuerLjavax_security_auth_x500_X500Principal()
1306 throws CertificateException {
1307 X500Principal iss1 = new X500Principal("O=First Org.");
1308 X500Principal iss2 = new X500Principal("O=Second Org.");
1309 TestCert cert1 = new TestCert(iss1);
1310 TestCert cert2 = new TestCert(iss2);
1311 X509CertSelector selector = new X509CertSelector();
1312
1313 selector.setIssuer((X500Principal) null);
1314 assertTrue("Any certificates should match "
1315 + "in the case of null issuer criteria.", selector.match(cert1)
1316 && selector.match(cert2));
1317 selector.setIssuer(iss1);
1318 assertTrue("The certificate should match the selection criteria.",
1319 selector.match(cert1));
1320 assertFalse("The certificate should not match the selection criteria.",
1321 selector.match(cert2));
1322 selector.setIssuer(iss2);
1323 assertTrue("The certificate should match the selection criteria.",
1324 selector.match(cert2));
1325 }
1326
1327 /**
1328 * @tests java.security.cert.X509CertSelector#setKeyUsage(boolean)
1329 */
1330 @TestTargetNew(
1331 level = TestLevel.COMPLETE,
1332 notes = "",
1333 method = "setKeyUsage",
1334 args = {boolean[].class}
1335 )
1336 public void test_setKeyUsageZ() throws CertificateException {
1337 boolean[] ku1 = new boolean[] { true, true, true, true, true, true,
1338 true, true, true };
1339 // decipherOnly is disallowed
1340 boolean[] ku2 = new boolean[] { true, true, true, true, true, true,
1341 true, true, false };
1342 TestCert cert1 = new TestCert(ku1);
1343 TestCert cert2 = new TestCert(ku2);
1344 TestCert cert3 = new TestCert((boolean[]) null);
1345
1346 X509CertSelector selector = new X509CertSelector();
1347
1348 selector.setKeyUsage(null);
1349 assertTrue("Any certificate should match in the case of null "
1350 + "keyUsage criteria.", selector.match(cert1)
1351 && selector.match(cert2));
1352 selector.setKeyUsage(ku1);
1353 assertTrue("The certificate should match the selection criteria.",
1354 selector.match(cert1));
1355 assertFalse("The certificate should not match the selection criteria.",
1356 selector.match(cert2));
1357 assertTrue("The certificate which does not have a keyUsage extension "
1358 + "implicitly allows all keyUsage values.", selector
1359 .match(cert3));
1360 selector.setKeyUsage(ku2);
1361 ku2[0] = !ku2[0];
1362 assertTrue("The certificate should match the selection criteria.",
1363 selector.match(cert2));
1364 }
1365
1366 /**
1367 * @tests java.security.cert.X509CertSelector#setMatchAllSubjectAltNames(boolean)
1368 */
1369 @TestTargetNew(
1370 level = TestLevel.COMPLETE,
1371 notes = "",
1372 method = "setMatchAllSubjectAltNames",
1373 args = {boolean.class}
1374 )
1375 public void test_setMatchAllSubjectAltNamesZ() {
1376 TestCert cert = new TestCert();
1377 X509CertSelector selector = new X509CertSelector();
1378
1379 assertTrue(selector.match(cert));
1380
1381 assertFalse(selector.match(null));
1382 }
1383
1384 /**
1385 * @tests java.security.cert.X509CertSelector#setNameConstraints(byte[]
1386 * bytes)
1387 */
1388 @TestTargetNew(
1389 level = TestLevel.COMPLETE,
1390 notes = "",
1391 method = "setNameConstraints",
1392 args = {byte[].class}
1393 )
1394 public void test_setNameConstraintsLB$() throws IOException {
1395// GeneralName[] name_constraints = new GeneralName[] {
1396// new GeneralName(1, "822.Name"),
1397// new GeneralName(1, "rfc@822.Name"),
1398// new GeneralName(2, "Name.org"),
1399// new GeneralName(2, "dNS.Name.org"),
1400//
1401// new GeneralName(6, "http://Resource.Id"),
1402// new GeneralName(6, "http://uniform.Resource.Id"),
1403// new GeneralName(7, "1.1.1.1"),
1404//
1405// new GeneralName(new byte[] { 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1,
1406// 1, 1, 1, 1, 1 }), };
1407//
1408// for (int i = 0; i < name_constraints.length; i++) {
1409// GeneralSubtree subtree = new GeneralSubtree(name_constraints[i]);
1410// GeneralSubtrees subtrees = new GeneralSubtrees();
1411// subtrees.addSubtree(subtree);
1412// NameConstraints constraints = new NameConstraints(subtrees,
1413// subtrees);
1414// }
1415 X509CertSelector selector = new X509CertSelector();
1416
1417 for (int i = 0; i < constraintBytes.length; i++) {
1418 selector.setNameConstraints(constraintBytes[i]);
1419 assertTrue(Arrays.equals(constraintBytes[i], selector
1420 .getNameConstraints()));
1421 }
1422 }
1423
1424 /**
1425 * @tests java.security.cert.X509CertSelector#setPathToNames(Collection<List<?>>)
1426 */
1427 @TestTargetNew(
1428 level = TestLevel.COMPLETE,
1429 notes = "",
1430 method = "setPathToNames",
1431 args = {java.util.Collection.class}
1432 )
1433 public void test_setPathToNamesLjava_util_Collection() {
1434 try {
1435 GeneralName san0 = new GeneralName(new OtherName("1.2.3.4.5",
1436 new byte[] { 1, 2, 0, 1 }));
1437 GeneralName san1 = new GeneralName(1, "rfc@822.Name");
1438 GeneralName san2 = new GeneralName(2, "dNSName");
1439 GeneralName san3 = new GeneralName(new ORAddress());
1440 GeneralName san4 = new GeneralName(new Name("O=Organization"));
1441 GeneralName san6 = new GeneralName(6, "http://uniform.Resource.Id");
1442 GeneralName san7 = new GeneralName(7, "1.1.1.1");
1443 GeneralName san8 = new GeneralName(8, "1.2.3.4444.55555");
1444
1445 GeneralNames sans1 = new GeneralNames();
1446 sans1.addName(san0);
1447 sans1.addName(san1);
1448 sans1.addName(san2);
1449 sans1.addName(san3);
1450 sans1.addName(san4);
1451 sans1.addName(san6);
1452 sans1.addName(san7);
1453 sans1.addName(san8);
1454 GeneralNames sans2 = new GeneralNames();
1455 sans2.addName(san0);
1456
1457 TestCert cert1 = new TestCert(sans1);
1458 TestCert cert2 = new TestCert(sans2);
1459 X509CertSelector selector = new X509CertSelector();
1460 selector.setMatchAllSubjectAltNames(true);
1461
1462 selector.setPathToNames(null);
1463 assertTrue("Any certificate should match in the case of null "
1464 + "subjectAlternativeNames criteria.", selector
1465 .match(cert1)
1466 && selector.match(cert2));
1467
1468 Collection<List<?>> sans = sans1.getPairsList();
1469
1470 selector.setPathToNames(sans);
1471
1472 Collection<List<?>> col = selector.getPathToNames();
1473 Iterator<List<?>> i = col.iterator();
1474 while (i.hasNext()) {
1475 Object o = i.next();
1476 if (!(o instanceof List)) {
1477 fail("expected a List");
1478 }
1479 }
1480
1481 } catch (IOException e) {
1482 e.printStackTrace();
1483 fail("Unexpected IOException was thrown.");
1484 }
1485 }
1486
1487 /**
1488 * @tests java.security.cert.X509CertSelector#setPolicy(Set<String>)
1489 */
1490 @TestTargetNew(
1491 level = TestLevel.COMPLETE,
1492 notes = "",
1493 method = "setPolicy",
1494 args = {java.util.Set.class}
1495 )
1496 public void test_setPolicyLjava_util_Set() throws IOException {
1497 String[] policies1 = new String[] { "1.3.6.1.5.5.7.3.1",
1498 "1.3.6.1.5.5.7.3.2", "1.3.6.1.5.5.7.3.3", "1.3.6.1.5.5.7.3.4",
1499 "1.3.6.1.5.5.7.3.8", "1.3.6.1.5.5.7.3.9", "1.3.6.1.5.5.7.3.5",
1500 "1.3.6.1.5.5.7.3.6", "1.3.6.1.5.5.7.3.7" };
1501
1502 String[] policies2 = new String[] { "1.3.6.7.3.1" };
1503
1504 HashSet<String> p1 = new HashSet<String>(Arrays.asList(policies1));
1505 HashSet<String> p2 = new HashSet<String>(Arrays.asList(policies2));
1506
1507 X509CertSelector selector = new X509CertSelector();
1508
1509 TestCert cert1 = new TestCert(policies1);
1510 TestCert cert2 = new TestCert(policies2);
1511
1512 selector.setPolicy(null);
1513 assertTrue("Any certificate should match in the case of null "
1514 + "privateKeyValid criteria.", selector.match(cert1)
1515 && selector.match(cert2));
1516
1517 selector.setPolicy(p1);
1518 assertTrue("The certificate should match the selection criteria.",
1519 selector.match(cert1));
1520 assertFalse("The certificate should not match the selection criteria.",
1521 selector.match(cert2));
1522
1523 selector.setPolicy(p2);
1524 assertFalse("The certificate should not match the selection criteria.",
1525 selector.match(cert1));
1526 assertTrue("The certificate should match the selection criteria.",
1527 selector.match(cert2));
1528 }
1529
1530 /**
1531 * @tests java.security.cert.X509CertSelector#setPrivateKeyValid(java.util.Date)
1532 */
1533 @TestTargetNew(
1534 level = TestLevel.COMPLETE,
1535 notes = "",
1536 method = "setPrivateKeyValid",
1537 args = {java.util.Date.class}
1538 )
1539 public void test_setPrivateKeyValidLjava_util_Date()
1540 throws CertificateException {
1541 Date date1 = new Date(100000000);
1542 Date date2 = new Date(200000000);
1543 Date date3 = new Date(300000000);
1544 Date date4 = new Date(150000000);
1545 Date date5 = new Date(250000000);
1546 TestCert cert1 = new TestCert(date1, date2);
1547 TestCert cert2 = new TestCert(date2, date3);
1548
1549 X509CertSelector selector = new X509CertSelector();
1550
1551 selector.setPrivateKeyValid(null);
1552 assertTrue("Any certificate should match in the case of null "
1553 + "privateKeyValid criteria.", selector.match(cert1)
1554 && selector.match(cert2));
1555 selector.setPrivateKeyValid(date4);
1556 assertTrue("The certificate should match the selection criteria.",
1557 selector.match(cert1));
1558 assertFalse("The certificate should not match the selection criteria.",
1559 selector.match(cert2));
1560 selector.setPrivateKeyValid(date5);
1561 date5.setTime(date4.getTime());
1562 assertTrue("The certificate should match the selection criteria.",
1563 selector.match(cert2));
1564 }
1565
1566 /**
1567 * @tests java.security.cert.X509CertSelector#setSerialNumber(java.math.BigInteger)
1568 */
1569 @TestTargetNew(
1570 level = TestLevel.COMPLETE,
1571 notes = "",
1572 method = "setSerialNumber",
1573 args = {java.math.BigInteger.class}
1574 )
1575 public void test_setSerialNumberLjava_math_BigInteger()
1576 throws CertificateException {
1577 BigInteger ser1 = new BigInteger("10000");
1578 BigInteger ser2 = new BigInteger("10001");
1579 TestCert cert1 = new TestCert(ser1);
1580 TestCert cert2 = new TestCert(ser2);
1581 X509CertSelector selector = new X509CertSelector();
1582
1583 selector.setSerialNumber(null);
1584 assertTrue("Any certificate should match in the case of null "
1585 + "serialNumber criteria.", selector.match(cert1)
1586 && selector.match(cert2));
1587 selector.setSerialNumber(ser1);
1588 assertTrue("The certificate should match the selection criteria.",
1589 selector.match(cert1));
1590 assertFalse("The certificate should not match the selection criteria.",
1591 selector.match(cert2));
1592 selector.setSerialNumber(ser2);
1593 assertTrue("The certificate should match the selection criteria.",
1594 selector.match(cert2));
1595 }
1596
1597 /**
1598 * @tests java.security.cert.X509CertSelector#setSubject(byte[])
1599 */
1600 @TestTargetNew(
1601 level = TestLevel.COMPLETE,
1602 notes = "",
1603 method = "setSubject",
1604 args = {byte[].class}
1605 )
1606 public void test_setSubjectLB$() throws CertificateException {
1607 byte[] name1 = new byte[]
1608 // manually obtained DER encoding of "O=First Org." issuer name;
1609 { 48, 21, 49, 19, 48, 17, 6, 3, 85, 4, 10, 19, 10, 70, 105, 114, 115,
1610 116, 32, 79, 114, 103, 46 };
1611 byte[] name2 = new byte[]
1612 // manually obtained DER encoding of "O=Second Org." issuer name;
1613 { 48, 22, 49, 20, 48, 18, 6, 3, 85, 4, 10, 19, 11, 83, 101, 99, 111,
1614 110, 100, 32, 79, 114, 103, 46 };
1615 X500Principal sub1 = new X500Principal(name1);
1616 X500Principal sub2 = new X500Principal(name2);
1617 TestCert cert1 = new TestCert(sub1);
1618 TestCert cert2 = new TestCert(sub2);
1619
1620 X509CertSelector selector = new X509CertSelector();
1621
1622 try {
1623 selector.setSubject((byte[]) null);
1624 } catch (IOException e) {
1625 fail("Unexpected IOException was thrown.");
1626 }
1627 assertTrue("Any certificates should match "
1628 + "in the case of null issuer criteria.", selector.match(cert1)
1629 && selector.match(cert2));
1630 try {
1631 selector.setSubject(name1);
1632 } catch (IOException e) {
1633 fail("Unexpected IOException was thrown.");
1634 }
1635 assertTrue("The certificate should match the selection criteria.",
1636 selector.match(cert1));
1637 assertFalse("The certificate should not match the selection criteria.",
1638 selector.match(cert2));
1639 try {
1640 selector.setSubject(name2);
1641 } catch (IOException e) {
1642 fail("Unexpected IOException was thrown.");
1643 }
1644 assertTrue("The certificate should match the selection criteria.",
1645 selector.match(cert2));
1646 }
1647
1648 /**
1649 * @tests java.security.cert.X509CertSelector#setSubject(java.lang.String)
1650 */
1651 @TestTargetNew(
1652 level = TestLevel.COMPLETE,
1653 notes = "",
1654 method = "setSubject",
1655 args = {java.lang.String.class}
1656 )
1657 public void test_setSubjectLjava_lang_String() throws CertificateException {
1658 String name1 = "O=First Org.";
1659 String name2 = "O=Second Org.";
1660 X500Principal sub1 = new X500Principal(name1);
1661 X500Principal sub2 = new X500Principal(name2);
1662 TestCert cert1 = new TestCert(sub1);
1663 TestCert cert2 = new TestCert(sub2);
1664 X509CertSelector selector = new X509CertSelector();
1665
1666 try {
1667 selector.setSubject((String) null);
1668 } catch (IOException e) {
1669 fail("Unexpected IOException was thrown.");
1670 }
1671 assertTrue("Any certificates should match "
1672 + "in the case of null subject criteria.", selector
1673 .match(cert1)
1674 && selector.match(cert2));
1675 try {
1676 selector.setSubject(name1);
1677 } catch (IOException e) {
1678 fail("Unexpected IOException was thrown.");
1679 }
1680 assertTrue("The certificate should match the selection criteria.",
1681 selector.match(cert1));
1682 assertFalse("The certificate should not match the selection criteria.",
1683 selector.match(cert2));
1684 try {
1685 selector.setSubject(name2);
1686 } catch (IOException e) {
1687 fail("Unexpected IOException was thrown.");
1688 }
1689 assertTrue("The certificate should match the selection criteria.",
1690 selector.match(cert2));
1691 }
1692
1693 /**
1694 * @tests java.security.cert.X509CertSelector#setSubject(javax.security.auth.x500.X500Principal)
1695 */
1696 @TestTargetNew(
1697 level = TestLevel.COMPLETE,
1698 notes = "",
1699 method = "setSubject",
1700 args = {javax.security.auth.x500.X500Principal.class}
1701 )
1702 public void test_setSubjectLjavax_security_auth_x500_X500Principal()
1703 throws CertificateException {
1704 X500Principal sub1 = new X500Principal("O=First Org.");
1705 X500Principal sub2 = new X500Principal("O=Second Org.");
1706 TestCert cert1 = new TestCert(sub1);
1707 TestCert cert2 = new TestCert(sub2);
1708 X509CertSelector selector = new X509CertSelector();
1709
1710 selector.setSubject((X500Principal) null);
1711 assertTrue("Any certificates should match "
1712 + "in the case of null subjcet criteria.", selector
1713 .match(cert1)
1714 && selector.match(cert2));
1715 selector.setSubject(sub1);
1716 assertTrue("The certificate should match the selection criteria.",
1717 selector.match(cert1));
1718 assertFalse("The certificate should not match the selection criteria.",
1719 selector.match(cert2));
1720 selector.setSubject(sub2);
1721 assertTrue("The certificate should match the selection criteria.",
1722 selector.match(cert2));
1723 }
1724
1725 /**
1726 * @tests java.security.cert.X509CertSelector#setSubjectAlternativeNames(Collection<List<?>>)
1727 */
1728 @TestTargetNew(
1729 level = TestLevel.COMPLETE,
1730 notes = "",
1731 method = "setSubjectAlternativeNames",
1732 args = {java.util.Collection.class}
1733 )
1734 public void test_setSubjectAlternativeNamesLjava_util_Collection() {
1735
1736 try {
1737 GeneralName san0 = new GeneralName(new OtherName("1.2.3.4.5",
1738 new byte[] { 1, 2, 0, 1 }));
1739 GeneralName san1 = new GeneralName(1, "rfc@822.Name");
1740 GeneralName san2 = new GeneralName(2, "dNSName");
1741 GeneralName san3 = new GeneralName(new ORAddress());
1742 GeneralName san4 = new GeneralName(new Name("O=Organization"));
1743 GeneralName san6 = new GeneralName(6, "http://uniform.Resource.Id");
1744 GeneralName san7 = new GeneralName(7, "1.1.1.1");
1745 GeneralName san8 = new GeneralName(8, "1.2.3.4444.55555");
1746
1747 GeneralNames sans1 = new GeneralNames();
1748 sans1.addName(san0);
1749 sans1.addName(san1);
1750 sans1.addName(san2);
1751 sans1.addName(san3);
1752 sans1.addName(san4);
1753 sans1.addName(san6);
1754 sans1.addName(san7);
1755 sans1.addName(san8);
1756 GeneralNames sans2 = new GeneralNames();
1757 sans2.addName(san0);
1758
1759 TestCert cert1 = new TestCert(sans1);
1760 TestCert cert2 = new TestCert(sans2);
1761 X509CertSelector selector = new X509CertSelector();
1762 selector.setMatchAllSubjectAltNames(true);
1763
1764 selector.setSubjectAlternativeNames(null);
1765 assertTrue("Any certificate should match in the case of null "
1766 + "subjectAlternativeNames criteria.", selector
1767 .match(cert1)
1768 && selector.match(cert2));
1769
1770 Collection<List<?>> sans = sans1.getPairsList();
1771
1772 selector.setSubjectAlternativeNames(sans);
1773
1774 Collection<List<?>> col = selector.getSubjectAlternativeNames();
1775 Iterator<List<?>> i = col.iterator();
1776 while (i.hasNext()) {
1777 Object o = i.next();
1778 if (!(o instanceof List)) {
1779 fail("expected a List");
1780 }
1781 }
1782
1783 } catch (IOException e) {
1784 e.printStackTrace();
1785 fail("Unexpected IOException was thrown.");
1786 }
1787 }
1788
1789 /**
1790 * @tests java.security.cert.X509CertSelector#setSubjectKeyIdentifier(byte[])
1791 */
1792 @TestTargetNew(
1793 level = TestLevel.COMPLETE,
1794 notes = "",
1795 method = "setSubjectKeyIdentifier",
1796 args = {byte[].class}
1797 )
1798 public void test_setSubjectKeyIdentifierLB$() throws CertificateException {
1799 byte[] skid1 = new byte[] { 1, 2, 3, 4, 5 }; // random value
1800 byte[] skid2 = new byte[] { 5, 4, 3, 2, 1 }; // random value
1801 TestCert cert1 = new TestCert(skid1);
1802 TestCert cert2 = new TestCert(skid2);
1803 X509CertSelector selector = new X509CertSelector();
1804
1805 selector.setSubjectKeyIdentifier(null);
1806 assertTrue("Any certificate should match in the case of null "
1807 + "serialNumber criteria.", selector.match(cert1)
1808 && selector.match(cert2));
1809 selector.setSubjectKeyIdentifier(skid1);
1810 assertTrue("The certificate should match the selection criteria.",
1811 selector.match(cert1));
1812 assertFalse("The certificate should not match the selection criteria.",
1813 selector.match(cert2));
1814 selector.setSubjectKeyIdentifier(skid2);
1815 skid2[0]++;
1816 assertTrue("The certificate should match the selection criteria.",
1817 selector.match(cert2));
1818 }
1819
1820 /**
1821 * @tests java.security.cert.X509CertSelector#setSubjectPublicKey(byte[])
1822 */
1823 @TestTargetNew(
1824 level = TestLevel.COMPLETE,
1825 notes = "",
1826 method = "setSubjectPublicKey",
1827 args = {byte[].class}
1828 )
1829 public void test_setSubjectPublicKeyLB$() throws Exception {
1830
1831 //SubjectPublicKeyInfo ::= SEQUENCE {
1832 // algorithm AlgorithmIdentifier,
1833 // subjectPublicKey BIT STRING }
1834 byte[] enc = { 0x30, 0x0E, // SEQUENCE
1835 0x30, 0x07, // SEQUENCE
1836 0x06, 0x02, 0x03, 0x05,//OID
1837 0x01, 0x01, 0x07, //ANY
1838 0x03, 0x03, 0x01, 0x01, 0x06, // subjectPublicKey
1839 };
1840
1841 X509CertSelector selector = new X509CertSelector();
1842
1843 selector.setSubjectPublicKey(enc);
1844 PublicKey key = selector.getSubjectPublicKey();
1845 assertEquals("0.3.5", key.getAlgorithm());
1846 assertEquals("X.509", key.getFormat());
1847 assertTrue(Arrays.equals(enc, key.getEncoded()));
1848 assertNotNull(key.toString());
1849 }
1850
1851 /**
1852 * @tests java.security.cert.X509CertSelector#setSubjectPublicKey(java.security.PublicKey key)
1853 */
1854 @TestTargetNew(
1855 level = TestLevel.COMPLETE,
1856 notes = "",
1857 method = "setSubjectPublicKey",
1858 args = {java.security.PublicKey.class}
1859 )
1860 public void test_setSubjectPublicKeyLjava_security_PublicKey()
1861 throws CertificateException {
1862 PublicKey pkey1 = null;
1863 PublicKey pkey2 = null;
1864 try {
1865 pkey1 = new TestKeyPair("RSA").getPublic();
1866 pkey2 = new TestKeyPair("DSA").getPublic();
1867 } catch (Exception e) {
1868 fail("Unexpected Exception was thrown: " + e.getMessage());
1869 }
1870
1871 TestCert cert1 = new TestCert(pkey1);
1872 TestCert cert2 = new TestCert(pkey2);
1873 X509CertSelector selector = new X509CertSelector();
1874
1875 selector.setSubjectPublicKey((PublicKey) null);
1876 assertTrue("Any certificate should match in the case of null "
1877 + "subjectPublicKey criteria.", selector.match(cert1)
1878 && selector.match(cert2));
1879 selector.setSubjectPublicKey(pkey1);
1880 assertTrue("The certificate should match the selection criteria.",
1881 selector.match(cert1));
1882 assertFalse("The certificate should not match the selection criteria.",
1883 selector.match(cert2));
1884 selector.setSubjectPublicKey(pkey2);
1885 assertTrue("The certificate should match the selection criteria.",
1886 selector.match(cert2));
1887 }
1888
1889 /**
1890 * @tests java.security.cert.X509CertSelector#setSubjectPublicKeyAlgID(java.lang.String)
1891 */
1892 @TestTargetNew(
1893 level = TestLevel.COMPLETE,
1894 notes = "",
1895 method = "setSubjectPublicKeyAlgID",
1896 args = {java.lang.String.class}
1897 )
1898 public void test_setSubjectPublicKeyAlgIDLjava_lang_String()
1899 throws CertificateException {
1900
1901 X509CertSelector selector = new X509CertSelector();
1902 String pkaid1 = "1.2.840.113549.1.1.1"; // RSA (source:
1903 // http://asn1.elibel.tm.fr)
1904 String pkaid2 = "1.2.840.10040.4.1"; // DSA (source:
1905 // http://asn1.elibel.tm.fr)
1906 PublicKey pkey1;
1907 PublicKey pkey2;
1908 try {
1909 pkey1 = new TestKeyPair("RSA").getPublic();
1910 pkey2 = new TestKeyPair("DSA").getPublic();
1911 } catch (Exception e) {
1912 e.printStackTrace();
1913 fail("Unexpected Exception was thrown: " + e.getMessage());
1914 return;
1915 }
1916 TestCert cert1 = new TestCert(pkey1);
1917 TestCert cert2 = new TestCert(pkey2);
1918
1919 try {
1920 selector.setSubjectPublicKeyAlgID(null);
1921 } catch (IOException e) {
1922
1923 fail("Unexpected IOException was thrown.");
1924 }
1925 assertTrue("Any certificate should match in the case of null "
1926 + "subjectPublicKeyAlgID criteria.", selector.match(cert1)
1927 && selector.match(cert2));
1928
1929 String[] validOIDs = { "0.0.20", "1.25.0", "2.0.39", "0.2.10", "1.35.15",
1930 "2.17.89", "2.5.29.16", "2.5.29.17", "2.5.29.30", "2.5.29.32",
1931 "2.5.29.37" };
1932
1933 for (int i = 0; i < validOIDs.length; i++) {
1934 try {
1935 selector.setSubjectPublicKeyAlgID(validOIDs[i]);
1936 assertEquals(validOIDs[i], selector.getSubjectPublicKeyAlgID());
1937 } catch (IOException e) {
1938 fail("Unexpected exception " + e.getMessage());
1939 }
1940 }
1941
1942 String[] invalidOIDs = { "0.20", "1.25", "2.39", "3.10"};
1943 for (int i = 0; i < invalidOIDs.length; i++) {
1944 try {
1945 selector.setSubjectPublicKeyAlgID(invalidOIDs[i]);
1946 fail("IOException wasn't thrown for " + invalidOIDs[i]);
1947 } catch (IOException e) {
1948 }
1949 }
1950
1951 try {
1952 selector.setSubjectPublicKeyAlgID(pkaid1);
1953 } catch (IOException e) {
1954 fail("Unexpected IOException was thrown.");
1955 }
1956 assertTrue("The certificate should match the selection criteria.",
1957 selector.match(cert1));
1958 assertFalse("The certificate should not match the selection criteria.",
1959 selector.match(cert2));
1960 try {
1961 selector.setSubjectPublicKeyAlgID(pkaid2);
1962 } catch (IOException e) {
1963 fail("Unexpected IOException was thrown.");
1964 }
1965 assertTrue("The certificate should match the selection criteria.",
1966 selector.match(cert2));
1967 }
1968
1969 /**
1970 * @tests java.security.cert.X509CertSelector#toString()
1971 */
1972 @TestTargetNew(
1973 level = TestLevel.COMPLETE,
1974 notes = "",
1975 method = "toString",
1976 args = {}
1977 )
1978 public void test_toString() {
1979 X509CertSelector selector = new X509CertSelector();
1980 assertNotNull(selector.toString());
1981 }
1982
1983 public class MyPublicKey implements PublicKey {
1984 private static final long serialVersionUID = 2899528375354645752L;
1985
1986 public MyPublicKey() {
1987 super();
1988 }
1989
1990 public String getAlgorithm() {
1991 return "PublicKey";
1992 }
1993
1994 public String getFormat() {
1995 return "Format";
1996 }
1997
1998 public byte[] getEncoded() {
1999 return new byte[0];
2000 }
2001
2002 public long getSerVerUID() {
2003 return serialVersionUID;
2004 }
2005 }
2006
2007 private class TestCert extends X509Certificate {
2008
2009 private static final long serialVersionUID = 176676115254260405L;
2010
2011 /* Stuff fields */
2012 protected String equalCriteria = null; // to simplify method equals()
2013
2014 protected BigInteger serialNumber = null;
2015
2016 protected X500Principal issuer = null;
2017
2018 protected X500Principal subject = null;
2019
2020 protected byte[] keyIdentifier = null;
2021
2022 protected Date date = null;
2023
2024 protected Date notBefore = null;
2025
2026 protected Date notAfter = null;
2027
2028 protected PublicKey key = null;
2029
2030 protected boolean[] keyUsage = null;
2031
2032 protected List<String> extKeyUsage = null;
2033
2034 protected int pathLen = 1;
2035
2036 protected GeneralNames sans = null;
2037
2038 protected byte[] encoding = null;
2039
2040 protected String[] policies = null;
2041
2042 protected Collection<List<?>> collection = null;
2043
2044 protected NameConstraints nameConstraints = null;
2045
2046 /* Stuff methods */
2047 public TestCert() {
2048 }
2049
2050 public TestCert(GeneralNames sans) {
2051 setSubjectAlternativeNames(sans);
2052 }
2053
2054 public TestCert(NameConstraints nameConstraints) {
2055 this.nameConstraints = nameConstraints;
2056 }
2057
2058 public TestCert(Collection<List<?>> collection) {
2059 setCollection(collection);
2060 }
2061
2062 public TestCert(String equalCriteria) {
2063 setEqualCriteria(equalCriteria);
2064 }
2065
2066 public TestCert(String[] policies) {
2067 setPolicies(policies);
2068 }
2069
2070 public TestCert(BigInteger serial) {
2071 setSerialNumber(serial);
2072 }
2073
2074 public TestCert(X500Principal principal) {
2075 setIssuer(principal);
2076 setSubject(principal);
2077 }
2078
2079 public TestCert(byte[] array) {
2080 setKeyIdentifier(array);
2081 }
2082
2083 public TestCert(Date date) {
2084 setDate(date);
2085 }
2086
2087 public TestCert(Date notBefore, Date notAfter) {
2088 setPeriod(notBefore, notAfter);
2089 }
2090
2091 public TestCert(PublicKey key) {
2092 setPublicKey(key);
2093 }
2094
2095 public TestCert(boolean[] keyUsage) {
2096 setKeyUsage(keyUsage);
2097 }
2098
2099 public TestCert(Set<String> extKeyUsage) {
2100 setExtendedKeyUsage(extKeyUsage);
2101 }
2102
2103 public TestCert(int pathLen) {
2104 this.pathLen = pathLen;
2105 }
2106
2107 public void setSubjectAlternativeNames(GeneralNames sans) {
2108 this.sans = sans;
2109 }
2110
2111 public void setCollection(Collection<List<?>> collection) {
2112 this.collection = collection;
2113 }
2114
2115 public void setPolicies(String[] policies) {
2116 this.policies = policies;
2117 }
2118
2119 public void setExtendedKeyUsage(Set<String> extKeyUsage) {
2120 this.extKeyUsage = (extKeyUsage == null) ? null : new ArrayList<String>(
2121 extKeyUsage);
2122 }
2123
2124 public void setKeyUsage(boolean[] keyUsage) {
2125 this.keyUsage = (keyUsage == null) ? null : (boolean[]) keyUsage
2126 .clone();
2127 }
2128
2129 public void setPublicKey(PublicKey key) {
2130 this.key = key;
2131 }
2132
2133 public void setPeriod(Date notBefore, Date notAfter) {
2134 this.notBefore = notBefore;
2135 this.notAfter = notAfter;
2136 }
2137
2138 public void setSerialNumber(BigInteger serial) {
2139 this.serialNumber = serial;
2140 }
2141
2142 public void setEqualCriteria(String equalCriteria) {
2143 this.equalCriteria = equalCriteria;
2144 }
2145
2146 public void setIssuer(X500Principal issuer) {
2147 this.issuer = issuer;
2148 }
2149
2150 public void setSubject(X500Principal subject) {
2151 this.subject = subject;
2152 }
2153
2154 public void setKeyIdentifier(byte[] subjectKeyID) {
2155 this.keyIdentifier = (byte[]) subjectKeyID.clone();
2156 }
2157
2158 public void setDate(Date date) {
2159 this.date = new Date(date.getTime());
2160 }
2161
2162 public void setEncoding(byte[] encoding) {
2163 this.encoding = encoding;
2164 }
2165
2166 /* Method implementations */
2167 public boolean equals(Object cert) {
2168 if (cert == null) {
2169 return false;
2170 }
2171 if ((equalCriteria == null)
2172 || (((TestCert) cert).equalCriteria == null)) {
2173 return false;
2174 } else {
2175 return equalCriteria.equals(((TestCert) cert).equalCriteria);
2176 }
2177 }
2178
2179 public String toString() {
2180 if (equalCriteria != null) {
2181 return equalCriteria;
2182 }
2183 return "";
2184 }
2185
2186 public void checkValidity() throws CertificateExpiredException,
2187 CertificateNotYetValidException {
2188 }
2189
2190 public void checkValidity(Date date)
2191 throws CertificateExpiredException,
2192 CertificateNotYetValidException {
2193 if (this.date == null) {
2194 throw new CertificateExpiredException();
2195 }
2196 int result = this.date.compareTo(date);
2197 if (result > 0) {
2198 throw new CertificateExpiredException();
2199 }
2200 if (result < 0) {
2201 throw new CertificateNotYetValidException();
2202 }
2203 }
2204
2205 public int getVersion() {
2206 return 3;
2207 }
2208
2209 public BigInteger getSerialNumber() {
2210 return (serialNumber == null) ? new BigInteger("1111")
2211 : serialNumber;
2212 }
2213
2214 public Principal getIssuerDN() {
2215 return issuer;
2216 }
2217
2218 public X500Principal getIssuerX500Principal() {
2219 return issuer;
2220 }
2221
2222 public Principal getSubjectDN() {
2223 return subject;
2224 }
2225
2226 public X500Principal getSubjectX500Principal() {
2227 return subject;
2228 }
2229
2230 public Date getNotBefore() {
2231 return null;
2232 }
2233
2234 public Date getNotAfter() {
2235 return null;
2236 }
2237
2238 public byte[] getTBSCertificate() throws CertificateEncodingException {
2239 return null;
2240 }
2241
2242 public byte[] getSignature() {
2243 return null;
2244 }
2245
2246 public String getSigAlgName() {
2247 return null;
2248 }
2249
2250 public String getSigAlgOID() {
2251 return null;
2252 }
2253
2254 public byte[] getSigAlgParams() {
2255 return null;
2256 }
2257
2258 public boolean[] getIssuerUniqueID() {
2259 return null;
2260 }
2261
2262 public boolean[] getSubjectUniqueID() {
2263 return null;
2264 }
2265
2266 public boolean[] getKeyUsage() {
2267 return keyUsage;
2268 }
2269
2270 public List<String> getExtendedKeyUsage()
2271 throws CertificateParsingException {
2272 return extKeyUsage;
2273 }
2274
2275 public int getBasicConstraints() {
2276 return pathLen;
2277 }
2278
2279 public void verify(PublicKey key) throws CertificateException,
2280 NoSuchAlgorithmException, InvalidKeyException,
2281 NoSuchProviderException, SignatureException {
2282 }
2283
2284 public void verify(PublicKey key, String sigProvider)
2285 throws CertificateException, NoSuchAlgorithmException,
2286 InvalidKeyException, NoSuchProviderException,
2287 SignatureException {
2288 }
2289
2290 public PublicKey getPublicKey() {
2291 return key;
2292 }
2293
2294 public byte[] getEncoded() throws CertificateEncodingException {
2295 return encoding;
2296 }
2297
2298 public Set<String> getNonCriticalExtensionOIDs() {
2299 return null;
2300 }
2301
2302 public Set<String> getCriticalExtensionOIDs() {
2303 return null;
2304 }
2305
2306 public byte[] getExtensionValue(String oid) {
2307
2308 if (("2.5.29.14".equals(oid)) || ("2.5.29.35".equals(oid))) {
2309 // Extension value is represented as an OctetString
2310 return ASN1OctetString.getInstance().encode(keyIdentifier);
2311 }
2312 if ("2.5.29.16".equals(oid)) {
2313 PrivateKeyUsagePeriod pkup = new PrivateKeyUsagePeriod(
2314 notBefore, notAfter);
2315 byte[] encoded = pkup.getEncoded();
2316 return ASN1OctetString.getInstance().encode(encoded);
2317 }
2318 if (("2.5.29.37".equals(oid)) && (extKeyUsage != null)) {
2319 ASN1Oid[] oa = new ASN1Oid[extKeyUsage.size()];
2320 String[] val = new String[extKeyUsage.size()];
2321 Iterator it = extKeyUsage.iterator();
2322 int id = 0;
2323 while (it.hasNext()) {
2324 oa[id] = ASN1Oid.getInstanceForString();
2325 val[id++] = (String) it.next();
2326 }
2327 return ASN1OctetString.getInstance().encode(
2328 new ASN1Sequence(oa).encode(val));
2329 }
2330 if ("2.5.29.19".equals(oid)) {
2331 return ASN1OctetString.getInstance().encode(
2332 new ASN1Sequence(new ASN1Type[] {
2333 ASN1Boolean.getInstance(),
2334 ASN1Integer.getInstance() })
2335 .encode(new Object[] {
2336 new Boolean(pathLen != 1),
2337 BigInteger.valueOf(pathLen)
2338 .toByteArray() }));
2339 }
2340 if ("2.5.29.17".equals(oid) && (sans != null)) {
2341 if (sans.getNames() == null) {
2342 return null;
2343 }
2344 return ASN1OctetString.getInstance().encode(
2345 GeneralNames.ASN1.encode(sans));
2346 }
2347 if ("2.5.29.32".equals(oid) && (policies != null)
2348 && (policies.length > 0)) {
2349 // Certificate Policies Extension (as specified in rfc 3280)
2350 CertificatePolicies certificatePolicies = new CertificatePolicies();
2351 for (int i = 0; i < policies.length; i++) {
2352 PolicyInformation policyInformation = new PolicyInformation(
2353 policies[i]);
2354 certificatePolicies.addPolicyInformation(policyInformation);
2355 }
2356 return ASN1OctetString.getInstance().encode(
2357 certificatePolicies.getEncoded());
2358 }
2359 if ("2.5.29.30".equals(oid) && (nameConstraints != null)) { //
2360 // Name
2361 // Constraints
2362 // Extension
2363 // (as
2364 // specified
2365 // in
2366 // rfc
2367 // 3280)
2368 return ASN1OctetString.getInstance().encode(
2369 nameConstraints.getEncoded());
2370 }
2371
2372 return null;
2373 }
2374
2375 public boolean hasUnsupportedCriticalExtension() {
2376 return false;
2377 }
2378
2379 }
2380
2381 public X509Certificate rootCertificate;
2382
2383 public X509Certificate endCertificate;
2384
2385 public MyCRL crl;
2386
2387 private X509CertSelector theCertSelector;
2388
2389 private CertPathBuilder builder;
2390
2391 private void setupEnvironment() throws Exception {
2392 // create certificates and CRLs
2393 CertificateFactory cf = CertificateFactory.getInstance("X.509");
2394 ByteArrayInputStream bi = new ByteArrayInputStream(TestUtils.rootCert.getBytes());
2395 rootCertificate = (X509Certificate) cf.generateCertificate(bi);
2396 bi = new ByteArrayInputStream(TestUtils.endCert.getBytes());
2397 endCertificate = (X509Certificate) cf.generateCertificate(bi);
2398
2399 BigInteger revokedSerialNumber = BigInteger.valueOf(1);
2400 crl = new MyCRL("X.509");
2401// X509CRL rootCRL = X509CRL;
2402// X509CRL interCRL = X509CRLExample.createCRL(interCert, interPair
2403// .getPrivate(), revokedSerialNumber);
2404
2405 // create CertStore to support path building
2406 List<Object> list = new ArrayList<Object>();
2407
2408 list.add(rootCertificate);
2409 list.add(endCertificate);
2410
2411// CollectionCertStoreParameters params = new CollectionCertStoreParameters(
2412// list);
2413// CertStore store = CertStore.getInstance("Collection", params);
2414//
2415 theCertSelector = new X509CertSelector();
2416 theCertSelector.setCertificate(endCertificate);
2417 theCertSelector.setIssuer(endCertificate.getIssuerX500Principal()
2418 .getEncoded());
2419
2420 // build the path
2421 builder = CertPathBuilder.getInstance("PKIX");
2422
2423 }
2424
2425 private CertPath buildCertPath() throws InvalidAlgorithmParameterException {
2426 PKIXCertPathBuilderResult result = null;
2427 PKIXBuilderParameters buildParams = new PKIXBuilderParameters(
2428 Collections.singleton(new TrustAnchor(rootCertificate, null)),
2429 theCertSelector);
2430 try {
2431 result = (PKIXCertPathBuilderResult) builder
2432 .build(buildParams);
2433 } catch(CertPathBuilderException e) {
2434 return null;
2435 }
2436 return result.getCertPath();
2437 }
2438
2439 /**
2440 * @tests java.security.cert.X509CertSelector#addPathToName(int, byte[])
2441 */
2442 @TestTargetNew(
2443 level = TestLevel.COMPLETE,
2444 notes = "Verifies Exception",
2445 method = "addPathToName",
2446 args = {int.class, byte[].class}
2447 )
2448 public void test_addPathToNameLintLbyte_array2() throws Exception {
2449 TestUtils.initCertPathSSCertChain();
2450 setupEnvironment();
2451 byte[] bytes, bytesName;
2452 // GeneralName name = new GeneralName(1, "822.Name");
2453 // bytes = name.getEncoded();
2454 // bytesName = name.getEncodedName();
2455 bytes = new byte[] {-127, 8, 56, 50, 50, 46, 78, 97, 109, 101};
2456 bytesName = new byte[] {22, 8, 56, 50, 50, 46, 78, 97, 109, 101};
2457 bytes[bytes.length-3] = (byte) 200;
2458
2459 try {
2460 theCertSelector.addPathToName(1, bytes);
2461 } catch (IOException e) {
2462 // ok
2463 }
2464
2465 theCertSelector.setPathToNames(null);
2466
2467 theCertSelector.addPathToName(1, bytesName);
2468 assertNotNull(theCertSelector.getPathToNames());
2469 CertPath p = buildCertPath();
2470 assertNull(p);
2471
2472 theCertSelector.setPathToNames(null);
2473
2474// name = new GeneralName(new Name("O=Android"));
2475// theCertSelector.addPathToName(4, endCertificate.getSubjectDN().getName());
2476 theCertSelector.addPathToName(4, TestUtils.rootCertificateSS.getIssuerX500Principal().getEncoded());
2477 assertNotNull(theCertSelector.getPathToNames());
2478 p = TestUtils.buildCertPathSSCertChain();
2479 assertNotNull(p);
2480 }
2481
2482 /**
2483 * @tests java.security.cert.X509CertSelector#addPathToName(int, String)
2484 */
2485 @TestTargetNew(
2486 level = TestLevel.COMPLETE,
2487 notes = "Verifies IOException.",
2488 method = "addPathToName",
2489 args = {int.class, java.lang.String.class}
2490 )
2491 public void test_addPathToNameLintLjava_lang_String2() throws Exception {
2492 setupEnvironment();
2493 byte[] bytes, bytesName;
2494 // GeneralName name = new GeneralName(1, "822.Name");
2495 // bytes = name.getEncoded();
2496 // bytesName = name.getEncodedName();
2497 bytes = new byte[] {-127, 8, 56, 50, 50, 46, 78, 97, 109, 101};
2498 bytesName = new byte[] {22, 8, 56, 50, 50, 46, 78, 97, 109, 101};
2499 assertNotNull(bytes);
2500 byte[] b = new byte[bytes.length];
2501 b = bytes;
2502 b[bytes.length-3] = (byte) 200;
2503
2504 try {
2505 theCertSelector.addPathToName(1, new String(b));
2506 } catch (IOException e) {
2507 // ok
2508 }
2509
2510 theCertSelector.setPathToNames(null);
2511
2512 theCertSelector.addPathToName(1, new String(bytesName));
2513 assertNotNull(theCertSelector.getPathToNames());
2514
2515 CertPath p = buildCertPath();
2516 assertNull(p);
2517
2518 theCertSelector.setPathToNames(null);
2519 theCertSelector.addPathToName(1, rootCertificate.getIssuerX500Principal().getName());
2520 assertNotNull(theCertSelector.getPathToNames());
2521 //p = buildCertPath();
2522 //assertNotNull(p);
2523 }
2524
2525 /**
2526 * @tests java.security.cert.X509CertSelector#addSubjectAlternativeName(int, byte[])
2527 */
2528 @TestTargetNew(
2529 level = TestLevel.COMPLETE,
2530 notes = "IOException checking missed",
2531 method = "addSubjectAlternativeName",
2532 args = {int.class, byte[].class}
2533 )
2534 public void test_addSubjectAlternativeNameLintLbyte_array2()
2535 throws Exception {
2536
2537
2538 GeneralName san0 = new GeneralName(new OtherName("1.2.3.4.5",
2539 new byte[] {1, 2, 0, 1}));
2540 GeneralName san1 = new GeneralName(1, "rfc@822.Name");
2541 GeneralName san2 = new GeneralName(2, "dNSName");
2542
2543 GeneralNames sans1 = new GeneralNames();
2544 sans1.addName(san0);
2545 sans1.addName(san1);
2546 sans1.addName(san2);
2547
2548 X509CertSelector selector = new X509CertSelector();
2549
2550 selector.addSubjectAlternativeName(0, san0.getEncodedName());
2551 selector.addSubjectAlternativeName(1, san1.getEncodedName());
2552 selector.addSubjectAlternativeName(2, san2.getEncodedName());
2553
2554 GeneralNames sans2 = new GeneralNames();
2555 sans2.addName(san0);
2556
2557 TestCert cert1 = new TestCert(sans1);
2558 TestCert cert2 = new TestCert(sans2);
2559
2560 assertTrue(selector.match(cert1));
2561 assertFalse(selector.match(cert2));
2562
2563 selector.setSubjectAlternativeNames(null);
2564
2565 GeneralName name = new GeneralName(new Name("O=Android"));
2566 try {
2567 selector.addSubjectAlternativeName(0, name.getEncodedName());
2568 } catch (IOException e) {
2569 // ok
2570 }
2571
2572 }
2573
2574 /**
2575 * @tests java.security.cert.X509CertSelector#addSubjectAlternativeName(int, String)
2576 */
2577 @TestTargetNew(
2578 level = TestLevel.COMPLETE,
2579 notes = "",
2580 method = "addSubjectAlternativeName",
2581 args = {int.class, java.lang.String.class}
2582 )
2583 public void test_addSubjectAlternativeNameLintLjava_lang_String2() throws Exception{
2584 GeneralName san6 = new GeneralName(6, "http://uniform.Resource.Id");
2585 GeneralName san2 = new GeneralName(2, "dNSName");
2586
2587 GeneralNames sans1 = new GeneralNames();
2588 sans1.addName(san6);
2589 sans1.addName(san2);
2590
2591 X509CertSelector selector = new X509CertSelector();
2592
2593 selector.addSubjectAlternativeName(6, "http://uniform.Resource.Id");
2594 selector.addSubjectAlternativeName(2, "dNSName");
2595
2596 GeneralNames sans2 = new GeneralNames();
2597 sans2.addName(san2);
2598
2599 TestCert cert1 = new TestCert(sans1);
2600 TestCert cert2 = new TestCert(sans2);
2601
2602 assertTrue(selector.match(cert1));
2603 assertFalse(selector.match(cert2));
2604
2605 selector.setSubjectAlternativeNames(null);
2606
2607 GeneralName name = new GeneralName(new Name("O=Android"));
2608 try {
2609 selector.addSubjectAlternativeName(0, (name.toString()));
2610 } catch (IOException e) {
2611 // ok
2612 }
2613
2614 }
2615}