diff options
Diffstat (limited to 'libraries/spongycastle/prov/src/test/java/org/spongycastle/jce/provider/test/PKIXNameConstraintsTest.java')
-rw-r--r-- | libraries/spongycastle/prov/src/test/java/org/spongycastle/jce/provider/test/PKIXNameConstraintsTest.java | 452 |
1 files changed, 0 insertions, 452 deletions
diff --git a/libraries/spongycastle/prov/src/test/java/org/spongycastle/jce/provider/test/PKIXNameConstraintsTest.java b/libraries/spongycastle/prov/src/test/java/org/spongycastle/jce/provider/test/PKIXNameConstraintsTest.java deleted file mode 100644 index b36f0691c..000000000 --- a/libraries/spongycastle/prov/src/test/java/org/spongycastle/jce/provider/test/PKIXNameConstraintsTest.java +++ /dev/null @@ -1,452 +0,0 @@ -package org.spongycastle.jce.provider.test; - -import org.spongycastle.asn1.DEROctetString; -import org.spongycastle.asn1.x509.GeneralName; -import org.spongycastle.asn1.x509.GeneralSubtree; -import org.spongycastle.jce.provider.PKIXNameConstraintValidator; -import org.spongycastle.jce.provider.PKIXNameConstraintValidatorException; -import org.spongycastle.util.test.SimpleTest; - -/** - * Test class for {@link PKIXNameConstraintValidator}. - * <p> - * The field testXYZ is the name to test. - * <p> - * The field testXYZIsConstraint must be tested if it is permitted and excluded. - * <p> - * The field testXYZIsNotConstraint must be tested if it is not permitted and - * not excluded. - * <p> - * Furthermore there are tests for the intersection and union of test names. - * - */ -public class PKIXNameConstraintsTest - extends SimpleTest -{ - - private final static String testEmail = "test@abc.test.com"; - - private final static String testEmailIsConstraint[] = - { "test@abc.test.com", "abc.test.com", ".test.com" }; - - private final static String testEmailIsNotConstraint[] = - { ".abc.test.com", "www.test.com", "test1@abc.test.com", "bc.test.com" }; - - private final static String email1[] = - { "test@test.com", "test@test.com", "test@test.com", "test@abc.test.com", - "test@test.com", "test@test.com", ".test.com", ".test.com", - ".test.com", ".test.com", "test.com", "abc.test.com", - "abc.test1.com", "test.com", "test.com", ".test.com" }; - - private final static String email2[] = - { "test@test.abc.com", "test@test.com", ".test.com", ".test.com", - "test.com", "test1.com", "test@test.com", ".test.com", - ".test1.com", "test.com", "test.com", ".test.com", ".test.com", - "test1.com", ".test.com", "abc.test.com" }; - - private final static String emailintersect[] = - { null, "test@test.com", null, "test@abc.test.com", "test@test.com", null, - null, ".test.com", null, null, "test.com", "abc.test.com", null, - null, null, "abc.test.com" }; - - private final static String emailunion[][] = - { - { "test@test.com", "test@test.abc.com" }, - { "test@test.com" }, - { "test@test.com", ".test.com" }, - { ".test.com" }, - { "test.com" }, - { "test@test.com", "test1.com" }, - { ".test.com", "test@test.com" }, - { ".test.com" }, - { ".test.com", ".test1.com" }, - { ".test.com", "test.com" }, - { "test.com" }, - { ".test.com" }, - { ".test.com", "abc.test1.com" }, - { "test1.com", "test.com" }, - { ".test.com", "test.com" }, - { ".test.com" } }; - - private final static String[] dn1 = - { "O=test org, OU=test org unit, CN=John Doe" }; - - private final static String[] dn2 = - { "O=test org, OU=test org unit" }; - - private final static String[][] dnUnion = - { - { "O=test org, OU=test org unit" } }; - - private final static String[] dnIntersection = - { "O=test org, OU=test org unit, CN=John Doe" }; - - private final static String testDN = "O=test org, OU=test org unit, CN=John Doe"; - - private final static String testDNIsConstraint[] = - { "O=test org, OU=test org unit", - "O=test org, OU=test org unit, CN=John Doe" }; - - private final static String testDNIsNotConstraint[] = - { "O=test org, OU=test org unit, CN=John Doe2", - "O=test org, OU=test org unit2", - "OU=test org unit, O=test org, CN=John Doe", - "O=test org, OU=test org unit, CN=John Doe, L=USA" }; - - private final static String testDNS = "abc.test.com"; - - private final static String testDNSIsConstraint[] = - { "test.com", "abc.test.com", "test.com" }; - - private final static String testDNSIsNotConstraint[] = - { "wwww.test.com", "ww.test.com", "www.test.com" }; - - private final static String dns1[] = - { "www.test.de", "www.test1.de", "www.test.de" }; - - private final static String dns2[] = - { "test.de", "www.test.de", "www.test.de" }; - - private final static String dnsintersect[] = - { "www.test.de", null, null }; - - private final static String dnsunion[][] = - { - { "test.de" }, - { "www.test1.de", "www.test.de" }, - { "www.test.de" } }; - - private final static String testURI = "http://karsten:password@abc.test.com:8080"; - - private final static String testURIIsConstraint[] = - { "abc.test.com", ".test.com" }; - - private final static String testURIIsNotConstraint[] = - { "xyz.test.com", ".abc.test.com" }; - - private final static String uri1[] = - { "www.test.de", ".test.de", "test1.de", ".test.de" }; - - private final static String uri2[] = - { "test.de", "www.test.de", "test1.de", ".test.de" }; - - private final static String uriintersect[] = - { null, "www.test.de", "test1.de", ".test.de" }; - - private final static String uriunion[][] = - { - { "www.test.de", "test.de" }, - { ".test.de" }, - { "test1.de" }, - { ".test.de" } }; - - private final static byte[] testIP = - - { (byte) 192, (byte) 168, 1, 2 }; - - private final static byte[][] testIPIsConstraint = - { - { (byte) 192, (byte) 168, 1, 1, (byte) 0xFF, (byte) 0xFF, (byte) 0xFF, 0 }, - { (byte) 192, (byte) 168, 1, 1, (byte) 0xFF, (byte) 0xFF, (byte) 0xFF, 4 } }; - - private final static byte[][] testIPIsNotConstraint = - { - { (byte) 192, (byte) 168, 3, 1, (byte) 0xFF, (byte) 0xFF, (byte) 0xFF, 2 }, - { (byte) 192, (byte) 168, 1, 1, (byte) 0xFF, (byte) 0xFF, (byte) 0xFF, 3 } }; - - private final static byte[][] ip1 = - { - { (byte) 192, (byte) 168, 1, 1, (byte) 0xFF, (byte) 0xFF, - (byte) 0xFE, (byte) 0xFF }, - { (byte) 192, (byte) 168, 1, 1, (byte) 0xFF, (byte) 0xFF, - (byte) 0xFF, (byte) 0xFF }, - { (byte) 192, (byte) 168, 1, 1, (byte) 0xFF, (byte) 0xFF, - (byte) 0xFF, (byte) 0x00 } }; - - private final static byte[][] ip2 = - { - { (byte) 192, (byte) 168, 0, 1, (byte) 0xFF, (byte) 0xFF, - (byte) 0xFC, 3 }, - { (byte) 192, (byte) 168, 1, 1, (byte) 0xFF, (byte) 0xFF, - (byte) 0xFF, (byte) 0xFF }, - { (byte) 192, (byte) 168, 0, 1, (byte) 0xFF, (byte) 0xFF, - (byte) 0xFF, (byte) 0x00 } }; - - private final static byte[][] ipintersect = - { - { (byte) 192, (byte) 168, 0, 1, (byte) 0xFF, (byte) 0xFF, - (byte) 0xFE, (byte) 0xFF }, - { (byte) 192, (byte) 168, 1, 1, (byte) 0xFF, (byte) 0xFF, - (byte) 0xFF, (byte) 0xFF }, null }; - - private final static byte[][][] ipunion = - { - { - { (byte) 192, (byte) 168, 1, 1, (byte) 0xFF, (byte) 0xFF, - (byte) 0xFE, (byte) 0xFF }, - { (byte) 192, (byte) 168, 0, 1, (byte) 0xFF, (byte) 0xFF, - (byte) 0xFC, 3 } }, - { - { (byte) 192, (byte) 168, 1, 1, (byte) 0xFF, (byte) 0xFF, - (byte) 0xFF, (byte) 0xFF } }, - { - { (byte) 192, (byte) 168, 1, 1, (byte) 0xFF, (byte) 0xFF, - (byte) 0xFF, (byte) 0x00 }, - { (byte) 192, (byte) 168, 0, 1, (byte) 0xFF, (byte) 0xFF, - (byte) 0xFF, (byte) 0x00 } } }; - - public String getName() - { - return "PKIXNameConstraintsTest"; - } - - public void performTest() throws Exception - { - testConstraints(GeneralName.rfc822Name, testEmail, - testEmailIsConstraint, testEmailIsNotConstraint, email1, email2, - emailunion, emailintersect); - testConstraints(GeneralName.dNSName, testDNS, testDNSIsConstraint, - testDNSIsNotConstraint, dns1, dns2, dnsunion, dnsintersect); - testConstraints(GeneralName.directoryName, testDN, testDNIsConstraint, - testDNIsNotConstraint, dn1, dn2, dnUnion, dnIntersection); - testConstraints(GeneralName.uniformResourceIdentifier, testURI, - testURIIsConstraint, testURIIsNotConstraint, uri1, uri2, uriunion, - uriintersect); - testConstraints(GeneralName.iPAddress, testIP, testIPIsConstraint, - testIPIsNotConstraint, ip1, ip2, ipunion, ipintersect); - } - - /** - * Tests string based GeneralNames for inclusion or exclusion. - * - * @param nameType The {@link GeneralName} type to test. - * @param testName The name to test. - * @param testNameIsConstraint The names where <code>testName</code> must - * be included and excluded. - * @param testNameIsNotConstraint The names where <code>testName</code> - * must not be excluded and included. - * @param testNames1 Operand 1 of test names to use for union and - * intersection testing. - * @param testNames2 Operand 2 of test names to use for union and - * intersection testing. - * @param testUnion The union results. - * @param testInterSection The intersection results. - * @throws Exception If an unexpected exception occurs. - */ - private void testConstraints( - int nameType, - String testName, - String[] testNameIsConstraint, - String[] testNameIsNotConstraint, - String[] testNames1, - String[] testNames2, - String[][] testUnion, - String[] testInterSection) throws Exception - { - for (int i = 0; i < testNameIsConstraint.length; i++) - { - PKIXNameConstraintValidator constraintValidator = new PKIXNameConstraintValidator(); - constraintValidator.intersectPermittedSubtree(new GeneralSubtree( - new GeneralName(nameType, testNameIsConstraint[i]))); - constraintValidator.checkPermitted(new GeneralName(nameType, testName)); - } - for (int i = 0; i < testNameIsNotConstraint.length; i++) - { - PKIXNameConstraintValidator constraintValidator = new PKIXNameConstraintValidator(); - constraintValidator.intersectPermittedSubtree(new GeneralSubtree( - new GeneralName(nameType, testNameIsNotConstraint[i]))); - try - { - constraintValidator.checkPermitted(new GeneralName(nameType, testName)); - fail("not permitted name allowed: " + nameType); - } - catch (PKIXNameConstraintValidatorException e) - { - // expected - } - } - for (int i = 0; i < testNameIsConstraint.length; i++) - { - PKIXNameConstraintValidator constraintValidator = new PKIXNameConstraintValidator(); - constraintValidator.addExcludedSubtree(new GeneralSubtree(new GeneralName( - nameType, testNameIsConstraint[i]))); - try - { - constraintValidator.checkExcluded(new GeneralName(nameType, testName)); - fail("excluded name missed: " + nameType); - } - catch (PKIXNameConstraintValidatorException e) - { - // expected - } - } - for (int i = 0; i < testNameIsNotConstraint.length; i++) - { - PKIXNameConstraintValidator constraintValidator = new PKIXNameConstraintValidator(); - constraintValidator.addExcludedSubtree(new GeneralSubtree(new GeneralName( - nameType, testNameIsNotConstraint[i]))); - constraintValidator.checkExcluded(new GeneralName(nameType, testName)); - } - for (int i = 0; i < testNames1.length; i++) - { - PKIXNameConstraintValidator constraintValidator = new PKIXNameConstraintValidator(); - constraintValidator.addExcludedSubtree(new GeneralSubtree(new GeneralName( - nameType, testNames1[i]))); - constraintValidator.addExcludedSubtree(new GeneralSubtree(new GeneralName( - nameType, testNames2[i]))); - PKIXNameConstraintValidator constraints2 = new PKIXNameConstraintValidator(); - for (int j = 0; j < testUnion[i].length; j++) - { - constraints2.addExcludedSubtree(new GeneralSubtree( - new GeneralName(nameType, testUnion[i][j]))); - } - if (!constraints2.equals(constraintValidator)) - { - fail("union wrong: " + nameType); - } - constraintValidator = new PKIXNameConstraintValidator(); - constraintValidator.intersectPermittedSubtree(new GeneralSubtree( - new GeneralName(nameType, testNames1[i]))); - constraintValidator.intersectPermittedSubtree(new GeneralSubtree( - new GeneralName(nameType, testNames2[i]))); - constraints2 = new PKIXNameConstraintValidator(); - if (testInterSection[i] != null) - { - constraints2.intersectPermittedSubtree(new GeneralSubtree( - new GeneralName(nameType, testInterSection[i]))); - } - else - { - constraints2.intersectEmptyPermittedSubtree(nameType); - } - if (!constraints2.equals(constraintValidator)) - { - fail("intersection wrong: " + nameType); - } - } - } - - /** - * Tests byte array based GeneralNames for inclusion or exclusion. - * - * @param nameType The {@link GeneralName} type to test. - * @param testName The name to test. - * @param testNameIsConstraint The names where <code>testName</code> must - * be included and excluded. - * @param testNameIsNotConstraint The names where <code>testName</code> - * must not be excluded and included. - * @param testNames1 Operand 1 of test names to use for union and - * intersection testing. - * @param testNames2 Operand 2 of test names to use for union and - * intersection testing. - * @param testUnion The union results. - * @param testInterSection The intersection results. - * @throws Exception If an unexpected exception occurs. - */ - private void testConstraints( - int nameType, - byte[] testName, - byte[][] testNameIsConstraint, - byte[][] testNameIsNotConstraint, - byte[][] testNames1, - byte[][] testNames2, - byte[][][] testUnion, - byte[][] testInterSection) throws Exception - { - for (int i = 0; i < testNameIsConstraint.length; i++) - { - PKIXNameConstraintValidator constraintValidator = new PKIXNameConstraintValidator(); - constraintValidator.intersectPermittedSubtree(new GeneralSubtree( - new GeneralName(nameType, new DEROctetString( - testNameIsConstraint[i])))); - constraintValidator.checkPermitted(new GeneralName(nameType, - new DEROctetString(testName))); - } - for (int i = 0; i < testNameIsNotConstraint.length; i++) - { - PKIXNameConstraintValidator constraintValidator = new PKIXNameConstraintValidator(); - constraintValidator.intersectPermittedSubtree(new GeneralSubtree( - new GeneralName(nameType, new DEROctetString( - testNameIsNotConstraint[i])))); - try - { - constraintValidator.checkPermitted(new GeneralName(nameType, - new DEROctetString(testName))); - fail("not permitted name allowed: " + nameType); - } - catch (PKIXNameConstraintValidatorException e) - { - // expected - } - } - for (int i = 0; i < testNameIsConstraint.length; i++) - { - PKIXNameConstraintValidator constraintValidator = new PKIXNameConstraintValidator(); - constraintValidator.addExcludedSubtree(new GeneralSubtree(new GeneralName( - nameType, new DEROctetString(testNameIsConstraint[i])))); - try - { - constraintValidator.checkExcluded(new GeneralName(nameType, - new DEROctetString(testName))); - fail("excluded name missed: " + nameType); - } - catch (PKIXNameConstraintValidatorException e) - { - // expected - } - } - for (int i = 0; i < testNameIsNotConstraint.length; i++) - { - PKIXNameConstraintValidator constraintValidator = new PKIXNameConstraintValidator(); - constraintValidator.addExcludedSubtree(new GeneralSubtree(new GeneralName( - nameType, new DEROctetString(testNameIsNotConstraint[i])))); - constraintValidator.checkExcluded(new GeneralName(nameType, - new DEROctetString(testName))); - } - for (int i = 0; i < testNames1.length; i++) - { - PKIXNameConstraintValidator constraintValidator = new PKIXNameConstraintValidator(); - constraintValidator.addExcludedSubtree(new GeneralSubtree(new GeneralName( - nameType, new DEROctetString(testNames1[i])))); - constraintValidator.addExcludedSubtree(new GeneralSubtree(new GeneralName( - nameType, new DEROctetString(testNames2[i])))); - PKIXNameConstraintValidator constraints2 = new PKIXNameConstraintValidator(); - for (int j = 0; j < testUnion[i].length; j++) - { - constraints2.addExcludedSubtree(new GeneralSubtree( - new GeneralName(nameType, new DEROctetString( - testUnion[i][j])))); - } - if (!constraints2.equals(constraintValidator)) - { - fail("union wrong: " + nameType); - } - constraintValidator = new PKIXNameConstraintValidator(); - constraintValidator.intersectPermittedSubtree(new GeneralSubtree( - new GeneralName(nameType, new DEROctetString(testNames1[i])))); - constraintValidator.intersectPermittedSubtree(new GeneralSubtree( - new GeneralName(nameType, new DEROctetString(testNames2[i])))); - constraints2 = new PKIXNameConstraintValidator(); - if (testInterSection[i] != null) - { - constraints2.intersectPermittedSubtree(new GeneralSubtree( - new GeneralName(nameType, new DEROctetString( - testInterSection[i])))); - } - else - { - constraints2.intersectEmptyPermittedSubtree(nameType); - } - - if (!constraints2.equals(constraintValidator)) - { - fail("intersection wrong: " + nameType); - } - } - } - - public static void main(String[] args) - { - runTest(new PKIXNameConstraintsTest()); - } -} |