aboutsummaryrefslogtreecommitdiffstats
path: root/libraries/spongycastle/prov/src/test/java/org/spongycastle/jce/provider/test/PKIXNameConstraintsTest.java
diff options
context:
space:
mode:
Diffstat (limited to 'libraries/spongycastle/prov/src/test/java/org/spongycastle/jce/provider/test/PKIXNameConstraintsTest.java')
-rw-r--r--libraries/spongycastle/prov/src/test/java/org/spongycastle/jce/provider/test/PKIXNameConstraintsTest.java452
1 files changed, 0 insertions, 452 deletions
diff --git a/libraries/spongycastle/prov/src/test/java/org/spongycastle/jce/provider/test/PKIXNameConstraintsTest.java b/libraries/spongycastle/prov/src/test/java/org/spongycastle/jce/provider/test/PKIXNameConstraintsTest.java
deleted file mode 100644
index b36f0691c..000000000
--- a/libraries/spongycastle/prov/src/test/java/org/spongycastle/jce/provider/test/PKIXNameConstraintsTest.java
+++ /dev/null
@@ -1,452 +0,0 @@
-package org.spongycastle.jce.provider.test;
-
-import org.spongycastle.asn1.DEROctetString;
-import org.spongycastle.asn1.x509.GeneralName;
-import org.spongycastle.asn1.x509.GeneralSubtree;
-import org.spongycastle.jce.provider.PKIXNameConstraintValidator;
-import org.spongycastle.jce.provider.PKIXNameConstraintValidatorException;
-import org.spongycastle.util.test.SimpleTest;
-
-/**
- * Test class for {@link PKIXNameConstraintValidator}.
- * <p>
- * The field testXYZ is the name to test.
- * <p>
- * The field testXYZIsConstraint must be tested if it is permitted and excluded.
- * <p>
- * The field testXYZIsNotConstraint must be tested if it is not permitted and
- * not excluded.
- * <p>
- * Furthermore there are tests for the intersection and union of test names.
- *
- */
-public class PKIXNameConstraintsTest
- extends SimpleTest
-{
-
- private final static String testEmail = "test@abc.test.com";
-
- private final static String testEmailIsConstraint[] =
- { "test@abc.test.com", "abc.test.com", ".test.com" };
-
- private final static String testEmailIsNotConstraint[] =
- { ".abc.test.com", "www.test.com", "test1@abc.test.com", "bc.test.com" };
-
- private final static String email1[] =
- { "test@test.com", "test@test.com", "test@test.com", "test@abc.test.com",
- "test@test.com", "test@test.com", ".test.com", ".test.com",
- ".test.com", ".test.com", "test.com", "abc.test.com",
- "abc.test1.com", "test.com", "test.com", ".test.com" };
-
- private final static String email2[] =
- { "test@test.abc.com", "test@test.com", ".test.com", ".test.com",
- "test.com", "test1.com", "test@test.com", ".test.com",
- ".test1.com", "test.com", "test.com", ".test.com", ".test.com",
- "test1.com", ".test.com", "abc.test.com" };
-
- private final static String emailintersect[] =
- { null, "test@test.com", null, "test@abc.test.com", "test@test.com", null,
- null, ".test.com", null, null, "test.com", "abc.test.com", null,
- null, null, "abc.test.com" };
-
- private final static String emailunion[][] =
- {
- { "test@test.com", "test@test.abc.com" },
- { "test@test.com" },
- { "test@test.com", ".test.com" },
- { ".test.com" },
- { "test.com" },
- { "test@test.com", "test1.com" },
- { ".test.com", "test@test.com" },
- { ".test.com" },
- { ".test.com", ".test1.com" },
- { ".test.com", "test.com" },
- { "test.com" },
- { ".test.com" },
- { ".test.com", "abc.test1.com" },
- { "test1.com", "test.com" },
- { ".test.com", "test.com" },
- { ".test.com" } };
-
- private final static String[] dn1 =
- { "O=test org, OU=test org unit, CN=John Doe" };
-
- private final static String[] dn2 =
- { "O=test org, OU=test org unit" };
-
- private final static String[][] dnUnion =
- {
- { "O=test org, OU=test org unit" } };
-
- private final static String[] dnIntersection =
- { "O=test org, OU=test org unit, CN=John Doe" };
-
- private final static String testDN = "O=test org, OU=test org unit, CN=John Doe";
-
- private final static String testDNIsConstraint[] =
- { "O=test org, OU=test org unit",
- "O=test org, OU=test org unit, CN=John Doe" };
-
- private final static String testDNIsNotConstraint[] =
- { "O=test org, OU=test org unit, CN=John Doe2",
- "O=test org, OU=test org unit2",
- "OU=test org unit, O=test org, CN=John Doe",
- "O=test org, OU=test org unit, CN=John Doe, L=USA" };
-
- private final static String testDNS = "abc.test.com";
-
- private final static String testDNSIsConstraint[] =
- { "test.com", "abc.test.com", "test.com" };
-
- private final static String testDNSIsNotConstraint[] =
- { "wwww.test.com", "ww.test.com", "www.test.com" };
-
- private final static String dns1[] =
- { "www.test.de", "www.test1.de", "www.test.de" };
-
- private final static String dns2[] =
- { "test.de", "www.test.de", "www.test.de" };
-
- private final static String dnsintersect[] =
- { "www.test.de", null, null };
-
- private final static String dnsunion[][] =
- {
- { "test.de" },
- { "www.test1.de", "www.test.de" },
- { "www.test.de" } };
-
- private final static String testURI = "http://karsten:password@abc.test.com:8080";
-
- private final static String testURIIsConstraint[] =
- { "abc.test.com", ".test.com" };
-
- private final static String testURIIsNotConstraint[] =
- { "xyz.test.com", ".abc.test.com" };
-
- private final static String uri1[] =
- { "www.test.de", ".test.de", "test1.de", ".test.de" };
-
- private final static String uri2[] =
- { "test.de", "www.test.de", "test1.de", ".test.de" };
-
- private final static String uriintersect[] =
- { null, "www.test.de", "test1.de", ".test.de" };
-
- private final static String uriunion[][] =
- {
- { "www.test.de", "test.de" },
- { ".test.de" },
- { "test1.de" },
- { ".test.de" } };
-
- private final static byte[] testIP =
-
- { (byte) 192, (byte) 168, 1, 2 };
-
- private final static byte[][] testIPIsConstraint =
- {
- { (byte) 192, (byte) 168, 1, 1, (byte) 0xFF, (byte) 0xFF, (byte) 0xFF, 0 },
- { (byte) 192, (byte) 168, 1, 1, (byte) 0xFF, (byte) 0xFF, (byte) 0xFF, 4 } };
-
- private final static byte[][] testIPIsNotConstraint =
- {
- { (byte) 192, (byte) 168, 3, 1, (byte) 0xFF, (byte) 0xFF, (byte) 0xFF, 2 },
- { (byte) 192, (byte) 168, 1, 1, (byte) 0xFF, (byte) 0xFF, (byte) 0xFF, 3 } };
-
- private final static byte[][] ip1 =
- {
- { (byte) 192, (byte) 168, 1, 1, (byte) 0xFF, (byte) 0xFF,
- (byte) 0xFE, (byte) 0xFF },
- { (byte) 192, (byte) 168, 1, 1, (byte) 0xFF, (byte) 0xFF,
- (byte) 0xFF, (byte) 0xFF },
- { (byte) 192, (byte) 168, 1, 1, (byte) 0xFF, (byte) 0xFF,
- (byte) 0xFF, (byte) 0x00 } };
-
- private final static byte[][] ip2 =
- {
- { (byte) 192, (byte) 168, 0, 1, (byte) 0xFF, (byte) 0xFF,
- (byte) 0xFC, 3 },
- { (byte) 192, (byte) 168, 1, 1, (byte) 0xFF, (byte) 0xFF,
- (byte) 0xFF, (byte) 0xFF },
- { (byte) 192, (byte) 168, 0, 1, (byte) 0xFF, (byte) 0xFF,
- (byte) 0xFF, (byte) 0x00 } };
-
- private final static byte[][] ipintersect =
- {
- { (byte) 192, (byte) 168, 0, 1, (byte) 0xFF, (byte) 0xFF,
- (byte) 0xFE, (byte) 0xFF },
- { (byte) 192, (byte) 168, 1, 1, (byte) 0xFF, (byte) 0xFF,
- (byte) 0xFF, (byte) 0xFF }, null };
-
- private final static byte[][][] ipunion =
- {
- {
- { (byte) 192, (byte) 168, 1, 1, (byte) 0xFF, (byte) 0xFF,
- (byte) 0xFE, (byte) 0xFF },
- { (byte) 192, (byte) 168, 0, 1, (byte) 0xFF, (byte) 0xFF,
- (byte) 0xFC, 3 } },
- {
- { (byte) 192, (byte) 168, 1, 1, (byte) 0xFF, (byte) 0xFF,
- (byte) 0xFF, (byte) 0xFF } },
- {
- { (byte) 192, (byte) 168, 1, 1, (byte) 0xFF, (byte) 0xFF,
- (byte) 0xFF, (byte) 0x00 },
- { (byte) 192, (byte) 168, 0, 1, (byte) 0xFF, (byte) 0xFF,
- (byte) 0xFF, (byte) 0x00 } } };
-
- public String getName()
- {
- return "PKIXNameConstraintsTest";
- }
-
- public void performTest() throws Exception
- {
- testConstraints(GeneralName.rfc822Name, testEmail,
- testEmailIsConstraint, testEmailIsNotConstraint, email1, email2,
- emailunion, emailintersect);
- testConstraints(GeneralName.dNSName, testDNS, testDNSIsConstraint,
- testDNSIsNotConstraint, dns1, dns2, dnsunion, dnsintersect);
- testConstraints(GeneralName.directoryName, testDN, testDNIsConstraint,
- testDNIsNotConstraint, dn1, dn2, dnUnion, dnIntersection);
- testConstraints(GeneralName.uniformResourceIdentifier, testURI,
- testURIIsConstraint, testURIIsNotConstraint, uri1, uri2, uriunion,
- uriintersect);
- testConstraints(GeneralName.iPAddress, testIP, testIPIsConstraint,
- testIPIsNotConstraint, ip1, ip2, ipunion, ipintersect);
- }
-
- /**
- * Tests string based GeneralNames for inclusion or exclusion.
- *
- * @param nameType The {@link GeneralName} type to test.
- * @param testName The name to test.
- * @param testNameIsConstraint The names where <code>testName</code> must
- * be included and excluded.
- * @param testNameIsNotConstraint The names where <code>testName</code>
- * must not be excluded and included.
- * @param testNames1 Operand 1 of test names to use for union and
- * intersection testing.
- * @param testNames2 Operand 2 of test names to use for union and
- * intersection testing.
- * @param testUnion The union results.
- * @param testInterSection The intersection results.
- * @throws Exception If an unexpected exception occurs.
- */
- private void testConstraints(
- int nameType,
- String testName,
- String[] testNameIsConstraint,
- String[] testNameIsNotConstraint,
- String[] testNames1,
- String[] testNames2,
- String[][] testUnion,
- String[] testInterSection) throws Exception
- {
- for (int i = 0; i < testNameIsConstraint.length; i++)
- {
- PKIXNameConstraintValidator constraintValidator = new PKIXNameConstraintValidator();
- constraintValidator.intersectPermittedSubtree(new GeneralSubtree(
- new GeneralName(nameType, testNameIsConstraint[i])));
- constraintValidator.checkPermitted(new GeneralName(nameType, testName));
- }
- for (int i = 0; i < testNameIsNotConstraint.length; i++)
- {
- PKIXNameConstraintValidator constraintValidator = new PKIXNameConstraintValidator();
- constraintValidator.intersectPermittedSubtree(new GeneralSubtree(
- new GeneralName(nameType, testNameIsNotConstraint[i])));
- try
- {
- constraintValidator.checkPermitted(new GeneralName(nameType, testName));
- fail("not permitted name allowed: " + nameType);
- }
- catch (PKIXNameConstraintValidatorException e)
- {
- // expected
- }
- }
- for (int i = 0; i < testNameIsConstraint.length; i++)
- {
- PKIXNameConstraintValidator constraintValidator = new PKIXNameConstraintValidator();
- constraintValidator.addExcludedSubtree(new GeneralSubtree(new GeneralName(
- nameType, testNameIsConstraint[i])));
- try
- {
- constraintValidator.checkExcluded(new GeneralName(nameType, testName));
- fail("excluded name missed: " + nameType);
- }
- catch (PKIXNameConstraintValidatorException e)
- {
- // expected
- }
- }
- for (int i = 0; i < testNameIsNotConstraint.length; i++)
- {
- PKIXNameConstraintValidator constraintValidator = new PKIXNameConstraintValidator();
- constraintValidator.addExcludedSubtree(new GeneralSubtree(new GeneralName(
- nameType, testNameIsNotConstraint[i])));
- constraintValidator.checkExcluded(new GeneralName(nameType, testName));
- }
- for (int i = 0; i < testNames1.length; i++)
- {
- PKIXNameConstraintValidator constraintValidator = new PKIXNameConstraintValidator();
- constraintValidator.addExcludedSubtree(new GeneralSubtree(new GeneralName(
- nameType, testNames1[i])));
- constraintValidator.addExcludedSubtree(new GeneralSubtree(new GeneralName(
- nameType, testNames2[i])));
- PKIXNameConstraintValidator constraints2 = new PKIXNameConstraintValidator();
- for (int j = 0; j < testUnion[i].length; j++)
- {
- constraints2.addExcludedSubtree(new GeneralSubtree(
- new GeneralName(nameType, testUnion[i][j])));
- }
- if (!constraints2.equals(constraintValidator))
- {
- fail("union wrong: " + nameType);
- }
- constraintValidator = new PKIXNameConstraintValidator();
- constraintValidator.intersectPermittedSubtree(new GeneralSubtree(
- new GeneralName(nameType, testNames1[i])));
- constraintValidator.intersectPermittedSubtree(new GeneralSubtree(
- new GeneralName(nameType, testNames2[i])));
- constraints2 = new PKIXNameConstraintValidator();
- if (testInterSection[i] != null)
- {
- constraints2.intersectPermittedSubtree(new GeneralSubtree(
- new GeneralName(nameType, testInterSection[i])));
- }
- else
- {
- constraints2.intersectEmptyPermittedSubtree(nameType);
- }
- if (!constraints2.equals(constraintValidator))
- {
- fail("intersection wrong: " + nameType);
- }
- }
- }
-
- /**
- * Tests byte array based GeneralNames for inclusion or exclusion.
- *
- * @param nameType The {@link GeneralName} type to test.
- * @param testName The name to test.
- * @param testNameIsConstraint The names where <code>testName</code> must
- * be included and excluded.
- * @param testNameIsNotConstraint The names where <code>testName</code>
- * must not be excluded and included.
- * @param testNames1 Operand 1 of test names to use for union and
- * intersection testing.
- * @param testNames2 Operand 2 of test names to use for union and
- * intersection testing.
- * @param testUnion The union results.
- * @param testInterSection The intersection results.
- * @throws Exception If an unexpected exception occurs.
- */
- private void testConstraints(
- int nameType,
- byte[] testName,
- byte[][] testNameIsConstraint,
- byte[][] testNameIsNotConstraint,
- byte[][] testNames1,
- byte[][] testNames2,
- byte[][][] testUnion,
- byte[][] testInterSection) throws Exception
- {
- for (int i = 0; i < testNameIsConstraint.length; i++)
- {
- PKIXNameConstraintValidator constraintValidator = new PKIXNameConstraintValidator();
- constraintValidator.intersectPermittedSubtree(new GeneralSubtree(
- new GeneralName(nameType, new DEROctetString(
- testNameIsConstraint[i]))));
- constraintValidator.checkPermitted(new GeneralName(nameType,
- new DEROctetString(testName)));
- }
- for (int i = 0; i < testNameIsNotConstraint.length; i++)
- {
- PKIXNameConstraintValidator constraintValidator = new PKIXNameConstraintValidator();
- constraintValidator.intersectPermittedSubtree(new GeneralSubtree(
- new GeneralName(nameType, new DEROctetString(
- testNameIsNotConstraint[i]))));
- try
- {
- constraintValidator.checkPermitted(new GeneralName(nameType,
- new DEROctetString(testName)));
- fail("not permitted name allowed: " + nameType);
- }
- catch (PKIXNameConstraintValidatorException e)
- {
- // expected
- }
- }
- for (int i = 0; i < testNameIsConstraint.length; i++)
- {
- PKIXNameConstraintValidator constraintValidator = new PKIXNameConstraintValidator();
- constraintValidator.addExcludedSubtree(new GeneralSubtree(new GeneralName(
- nameType, new DEROctetString(testNameIsConstraint[i]))));
- try
- {
- constraintValidator.checkExcluded(new GeneralName(nameType,
- new DEROctetString(testName)));
- fail("excluded name missed: " + nameType);
- }
- catch (PKIXNameConstraintValidatorException e)
- {
- // expected
- }
- }
- for (int i = 0; i < testNameIsNotConstraint.length; i++)
- {
- PKIXNameConstraintValidator constraintValidator = new PKIXNameConstraintValidator();
- constraintValidator.addExcludedSubtree(new GeneralSubtree(new GeneralName(
- nameType, new DEROctetString(testNameIsNotConstraint[i]))));
- constraintValidator.checkExcluded(new GeneralName(nameType,
- new DEROctetString(testName)));
- }
- for (int i = 0; i < testNames1.length; i++)
- {
- PKIXNameConstraintValidator constraintValidator = new PKIXNameConstraintValidator();
- constraintValidator.addExcludedSubtree(new GeneralSubtree(new GeneralName(
- nameType, new DEROctetString(testNames1[i]))));
- constraintValidator.addExcludedSubtree(new GeneralSubtree(new GeneralName(
- nameType, new DEROctetString(testNames2[i]))));
- PKIXNameConstraintValidator constraints2 = new PKIXNameConstraintValidator();
- for (int j = 0; j < testUnion[i].length; j++)
- {
- constraints2.addExcludedSubtree(new GeneralSubtree(
- new GeneralName(nameType, new DEROctetString(
- testUnion[i][j]))));
- }
- if (!constraints2.equals(constraintValidator))
- {
- fail("union wrong: " + nameType);
- }
- constraintValidator = new PKIXNameConstraintValidator();
- constraintValidator.intersectPermittedSubtree(new GeneralSubtree(
- new GeneralName(nameType, new DEROctetString(testNames1[i]))));
- constraintValidator.intersectPermittedSubtree(new GeneralSubtree(
- new GeneralName(nameType, new DEROctetString(testNames2[i]))));
- constraints2 = new PKIXNameConstraintValidator();
- if (testInterSection[i] != null)
- {
- constraints2.intersectPermittedSubtree(new GeneralSubtree(
- new GeneralName(nameType, new DEROctetString(
- testInterSection[i]))));
- }
- else
- {
- constraints2.intersectEmptyPermittedSubtree(nameType);
- }
-
- if (!constraints2.equals(constraintValidator))
- {
- fail("intersection wrong: " + nameType);
- }
- }
- }
-
- public static void main(String[] args)
- {
- runTest(new PKIXNameConstraintsTest());
- }
-}
generated by cgit v1.2.3 (git 2.25.1) at 2024-06-10 13:01:16 +0000