diff options
Diffstat (limited to 'libraries/spongycastle/prov/src/test/java/org/spongycastle/jce/provider/test/X509StoreTest.java')
-rw-r--r-- | libraries/spongycastle/prov/src/test/java/org/spongycastle/jce/provider/test/X509StoreTest.java | 345 |
1 files changed, 345 insertions, 0 deletions
diff --git a/libraries/spongycastle/prov/src/test/java/org/spongycastle/jce/provider/test/X509StoreTest.java b/libraries/spongycastle/prov/src/test/java/org/spongycastle/jce/provider/test/X509StoreTest.java new file mode 100644 index 000000000..57f47762a --- /dev/null +++ b/libraries/spongycastle/prov/src/test/java/org/spongycastle/jce/provider/test/X509StoreTest.java @@ -0,0 +1,345 @@ +package org.spongycastle.jce.provider.test; + +import org.spongycastle.jce.PrincipalUtil; +import org.spongycastle.jce.X509Principal; +import org.spongycastle.jce.provider.BouncyCastleProvider; +import org.spongycastle.util.test.SimpleTest; +import org.spongycastle.x509.X509AttributeCertStoreSelector; +import org.spongycastle.x509.X509AttributeCertificate; +import org.spongycastle.x509.X509CRLStoreSelector; +import org.spongycastle.x509.X509CertPairStoreSelector; +import org.spongycastle.x509.X509CertStoreSelector; +import org.spongycastle.x509.X509CertificatePair; +import org.spongycastle.x509.X509CollectionStoreParameters; +import org.spongycastle.x509.X509Store; +import org.spongycastle.x509.X509V2AttributeCertificate; + +import java.io.ByteArrayInputStream; +import java.math.BigInteger; +import java.security.Security; +import java.security.cert.CertificateFactory; +import java.security.cert.X509CRL; +import java.security.cert.X509Certificate; +import java.util.ArrayList; +import java.util.Collection; +import java.util.Collections; +import java.util.Date; +import java.util.List; + +public class X509StoreTest + extends SimpleTest +{ + private void certPairTest() + throws Exception + { + CertificateFactory cf = CertificateFactory.getInstance("X.509", + "SC"); + + X509Certificate rootCert = (X509Certificate)cf + .generateCertificate(new ByteArrayInputStream( + CertPathTest.rootCertBin)); + X509Certificate interCert = (X509Certificate)cf + .generateCertificate(new ByteArrayInputStream( + CertPathTest.interCertBin)); + X509Certificate finalCert = (X509Certificate)cf + .generateCertificate(new ByteArrayInputStream( + CertPathTest.finalCertBin)); + + // Testing CollectionCertStore generation from List + X509CertificatePair pair1 = new X509CertificatePair(rootCert, interCert); + List certList = new ArrayList(); + + certList.add(pair1); + certList.add(new X509CertificatePair(interCert, finalCert)); + + X509CollectionStoreParameters ccsp = new X509CollectionStoreParameters(certList); + + X509Store certStore = X509Store.getInstance("CertificatePair/Collection", ccsp, "SC"); + X509CertPairStoreSelector selector = new X509CertPairStoreSelector(); + X509CertStoreSelector fwSelector = new X509CertStoreSelector(); + + fwSelector.setSerialNumber(rootCert.getSerialNumber()); + fwSelector.setSubject(rootCert.getIssuerDN().getName()); + + selector.setForwardSelector(fwSelector); + + Collection col = certStore.getMatches(selector); + + if (col.size() != 1 || !col.contains(pair1)) + { + fail("failed pair1 test"); + } + + col = certStore.getMatches(null); + + if (col.size() != 2) + { + fail("failed null test"); + } + } + + public void performTest() + throws Exception + { + CertificateFactory cf = CertificateFactory.getInstance("X.509", + "SC"); + + X509Certificate rootCert = (X509Certificate)cf + .generateCertificate(new ByteArrayInputStream( + CertPathTest.rootCertBin)); + X509Certificate interCert = (X509Certificate)cf + .generateCertificate(new ByteArrayInputStream( + CertPathTest.interCertBin)); + X509Certificate finalCert = (X509Certificate)cf + .generateCertificate(new ByteArrayInputStream( + CertPathTest.finalCertBin)); + X509CRL rootCrl = (X509CRL)cf.generateCRL(new ByteArrayInputStream( + CertPathTest.rootCrlBin)); + X509CRL interCrl = (X509CRL)cf + .generateCRL(new ByteArrayInputStream( + CertPathTest.interCrlBin)); + + // Testing CollectionCertStore generation from List + List certList = new ArrayList(); + certList.add(rootCert); + certList.add(interCert); + certList.add(finalCert); + X509CollectionStoreParameters ccsp = new X509CollectionStoreParameters(certList); + X509Store certStore = X509Store.getInstance("Certificate/Collection", ccsp, "SC"); + // set default to be the same as for SUN X500 name + X509Principal.DefaultReverse = true; + + // Searching for rootCert by subjectDN + + X509CertStoreSelector targetConstraints = new X509CertStoreSelector(); + targetConstraints.setSubject(PrincipalUtil.getSubjectX509Principal(rootCert).getEncoded()); + Collection certs = certStore.getMatches(targetConstraints); + if (certs.size() != 1 || !certs.contains(rootCert)) + { + fail("rootCert not found by subjectDN"); + } + + // Searching for rootCert by subjectDN encoded as byte + targetConstraints = new X509CertStoreSelector(); + targetConstraints.setSubject(PrincipalUtil.getSubjectX509Principal(rootCert).getEncoded()); + certs = certStore.getMatches(targetConstraints); + if (certs.size() != 1 || !certs.contains(rootCert)) + { + fail("rootCert not found by encoded subjectDN"); + } + + X509Principal.DefaultReverse = false; + + // Searching for rootCert by public key encoded as byte + targetConstraints = new X509CertStoreSelector(); + targetConstraints.setSubjectPublicKey(rootCert.getPublicKey().getEncoded()); + certs = certStore.getMatches(targetConstraints); + if (certs.size() != 1 || !certs.contains(rootCert)) + { + fail("rootCert not found by encoded public key"); + } + + // Searching for interCert by issuerDN + targetConstraints = new X509CertStoreSelector(); + targetConstraints.setIssuer(PrincipalUtil.getSubjectX509Principal(rootCert).getEncoded()); + certs = certStore.getMatches(targetConstraints); + if (certs.size() != 2) + { + fail("did not found 2 certs"); + } + if (!certs.contains(rootCert)) + { + fail("rootCert not found"); + } + if (!certs.contains(interCert)) + { + fail("interCert not found"); + } + + // Searching for rootCrl by issuerDN + List crlList = new ArrayList(); + crlList.add(rootCrl); + crlList.add(interCrl); + ccsp = new X509CollectionStoreParameters(crlList); + X509Store store = X509Store.getInstance("CRL/Collection", ccsp, "SC"); + X509CRLStoreSelector targetConstraintsCRL = new X509CRLStoreSelector(); + targetConstraintsCRL.setIssuers(Collections.singleton(rootCrl.getIssuerX500Principal())); + Collection crls = store.getMatches(targetConstraintsCRL); + if (crls.size() != 1 || !crls.contains(rootCrl)) + { + fail("rootCrl not found"); + } + + crls = certStore.getMatches(targetConstraintsCRL); + if (crls.size() != 0) + { + fail("error using wrong selector (CRL)"); + } + certs = store.getMatches(targetConstraints); + if (certs.size() != 0) + { + fail("error using wrong selector (certs)"); + } + // Searching for attribute certificates + X509V2AttributeCertificate attrCert = new X509V2AttributeCertificate(AttrCertTest.attrCert); + X509AttributeCertificate attrCert2 = new X509V2AttributeCertificate(AttrCertTest.certWithBaseCertificateID); + + List attrList = new ArrayList(); + attrList.add(attrCert); + attrList.add(attrCert2); + ccsp = new X509CollectionStoreParameters(attrList); + store = X509Store.getInstance("AttributeCertificate/Collection", ccsp, "SC"); + X509AttributeCertStoreSelector attrSelector = new X509AttributeCertStoreSelector(); + attrSelector.setHolder(attrCert.getHolder()); + if (!attrSelector.getHolder().equals(attrCert.getHolder())) + { + fail("holder get not correct"); + } + Collection attrs = store.getMatches(attrSelector); + if (attrs.size() != 1 || !attrs.contains(attrCert)) + { + fail("attrCert not found on holder"); + } + attrSelector.setHolder(attrCert2.getHolder()); + if (attrSelector.getHolder().equals(attrCert.getHolder())) + { + fail("holder get not correct"); + } + attrs = store.getMatches(attrSelector); + if (attrs.size() != 1 || !attrs.contains(attrCert2)) + { + fail("attrCert2 not found on holder"); + } + attrSelector = new X509AttributeCertStoreSelector(); + attrSelector.setIssuer(attrCert.getIssuer()); + if (!attrSelector.getIssuer().equals(attrCert.getIssuer())) + { + fail("issuer get not correct"); + } + attrs = store.getMatches(attrSelector); + if (attrs.size() != 1 || !attrs.contains(attrCert)) + { + fail("attrCert not found on issuer"); + } + attrSelector.setIssuer(attrCert2.getIssuer()); + if (attrSelector.getIssuer().equals(attrCert.getIssuer())) + { + fail("issuer get not correct"); + } + attrs = store.getMatches(attrSelector); + if (attrs.size() != 1 || !attrs.contains(attrCert2)) + { + fail("attrCert2 not found on issuer"); + } + attrSelector = new X509AttributeCertStoreSelector(); + attrSelector.setAttributeCert(attrCert); + if (!attrSelector.getAttributeCert().equals(attrCert)) + { + fail("attrCert get not correct"); + } + attrs = store.getMatches(attrSelector); + if (attrs.size() != 1 || !attrs.contains(attrCert)) + { + fail("attrCert not found on attrCert"); + } + attrSelector = new X509AttributeCertStoreSelector(); + attrSelector.setSerialNumber(attrCert.getSerialNumber()); + if (!attrSelector.getSerialNumber().equals(attrCert.getSerialNumber())) + { + fail("serial number get not correct"); + } + attrs = store.getMatches(attrSelector); + if (attrs.size() != 1 || !attrs.contains(attrCert)) + { + fail("attrCert not found on serial number"); + } + attrSelector = (X509AttributeCertStoreSelector)attrSelector.clone(); + if (!attrSelector.getSerialNumber().equals(attrCert.getSerialNumber())) + { + fail("serial number get not correct"); + } + attrs = store.getMatches(attrSelector); + if (attrs.size() != 1 || !attrs.contains(attrCert)) + { + fail("attrCert not found on serial number"); + } + + attrSelector = new X509AttributeCertStoreSelector(); + attrSelector.setAttributeCertificateValid(attrCert.getNotBefore()); + if (!attrSelector.getAttributeCertificateValid().equals(attrCert.getNotBefore())) + { + fail("valid get not correct"); + } + attrs = store.getMatches(attrSelector); + if (attrs.size() != 1 || !attrs.contains(attrCert)) + { + fail("attrCert not found on valid"); + } + attrSelector = new X509AttributeCertStoreSelector(); + attrSelector.setAttributeCertificateValid(new Date(attrCert.getNotBefore().getTime() - 100)); + attrs = store.getMatches(attrSelector); + if (attrs.size() != 0) + { + fail("attrCert found on before"); + } + attrSelector.setAttributeCertificateValid(new Date(attrCert.getNotAfter().getTime() + 100)); + attrs = store.getMatches(attrSelector); + if (attrs.size() != 0) + { + fail("attrCert found on after"); + } + attrSelector.setSerialNumber(BigInteger.valueOf(10000)); + attrs = store.getMatches(attrSelector); + if (attrs.size() != 0) + { + fail("attrCert found on wrong serial number"); + } + + attrSelector.setAttributeCert(null); + attrSelector.setAttributeCertificateValid(null); + attrSelector.setHolder(null); + attrSelector.setIssuer(null); + attrSelector.setSerialNumber(null); + if (attrSelector.getAttributeCert() != null) + { + fail("null attrCert"); + } + if (attrSelector.getAttributeCertificateValid() != null) + { + fail("null attrCertValid"); + } + if (attrSelector.getHolder() != null) + { + fail("null attrCert holder"); + } + if (attrSelector.getIssuer() != null) + { + fail("null attrCert issuer"); + } + if (attrSelector.getSerialNumber() != null) + { + fail("null attrCert serial"); + } + + attrs = certStore.getMatches(attrSelector); + if (attrs.size() != 0) + { + fail("error using wrong selector (attrs)"); + } + + certPairTest(); + } + + public String getName() + { + return "X509Store"; + } + + public static void main(String[] args) + { + Security.addProvider(new BouncyCastleProvider()); + + runTest(new X509StoreTest()); + } + +} |