aboutsummaryrefslogtreecommitdiffstats
path: root/libraries/spongycastle/prov/src/test/java/org/spongycastle/jce/provider/test/X509StoreTest.java
diff options
context:
space:
mode:
Diffstat (limited to 'libraries/spongycastle/prov/src/test/java/org/spongycastle/jce/provider/test/X509StoreTest.java')
-rw-r--r--libraries/spongycastle/prov/src/test/java/org/spongycastle/jce/provider/test/X509StoreTest.java345
1 files changed, 345 insertions, 0 deletions
diff --git a/libraries/spongycastle/prov/src/test/java/org/spongycastle/jce/provider/test/X509StoreTest.java b/libraries/spongycastle/prov/src/test/java/org/spongycastle/jce/provider/test/X509StoreTest.java
new file mode 100644
index 000000000..57f47762a
--- /dev/null
+++ b/libraries/spongycastle/prov/src/test/java/org/spongycastle/jce/provider/test/X509StoreTest.java
@@ -0,0 +1,345 @@
+package org.spongycastle.jce.provider.test;
+
+import org.spongycastle.jce.PrincipalUtil;
+import org.spongycastle.jce.X509Principal;
+import org.spongycastle.jce.provider.BouncyCastleProvider;
+import org.spongycastle.util.test.SimpleTest;
+import org.spongycastle.x509.X509AttributeCertStoreSelector;
+import org.spongycastle.x509.X509AttributeCertificate;
+import org.spongycastle.x509.X509CRLStoreSelector;
+import org.spongycastle.x509.X509CertPairStoreSelector;
+import org.spongycastle.x509.X509CertStoreSelector;
+import org.spongycastle.x509.X509CertificatePair;
+import org.spongycastle.x509.X509CollectionStoreParameters;
+import org.spongycastle.x509.X509Store;
+import org.spongycastle.x509.X509V2AttributeCertificate;
+
+import java.io.ByteArrayInputStream;
+import java.math.BigInteger;
+import java.security.Security;
+import java.security.cert.CertificateFactory;
+import java.security.cert.X509CRL;
+import java.security.cert.X509Certificate;
+import java.util.ArrayList;
+import java.util.Collection;
+import java.util.Collections;
+import java.util.Date;
+import java.util.List;
+
+public class X509StoreTest
+ extends SimpleTest
+{
+ private void certPairTest()
+ throws Exception
+ {
+ CertificateFactory cf = CertificateFactory.getInstance("X.509",
+ "SC");
+
+ X509Certificate rootCert = (X509Certificate)cf
+ .generateCertificate(new ByteArrayInputStream(
+ CertPathTest.rootCertBin));
+ X509Certificate interCert = (X509Certificate)cf
+ .generateCertificate(new ByteArrayInputStream(
+ CertPathTest.interCertBin));
+ X509Certificate finalCert = (X509Certificate)cf
+ .generateCertificate(new ByteArrayInputStream(
+ CertPathTest.finalCertBin));
+
+ // Testing CollectionCertStore generation from List
+ X509CertificatePair pair1 = new X509CertificatePair(rootCert, interCert);
+ List certList = new ArrayList();
+
+ certList.add(pair1);
+ certList.add(new X509CertificatePair(interCert, finalCert));
+
+ X509CollectionStoreParameters ccsp = new X509CollectionStoreParameters(certList);
+
+ X509Store certStore = X509Store.getInstance("CertificatePair/Collection", ccsp, "SC");
+ X509CertPairStoreSelector selector = new X509CertPairStoreSelector();
+ X509CertStoreSelector fwSelector = new X509CertStoreSelector();
+
+ fwSelector.setSerialNumber(rootCert.getSerialNumber());
+ fwSelector.setSubject(rootCert.getIssuerDN().getName());
+
+ selector.setForwardSelector(fwSelector);
+
+ Collection col = certStore.getMatches(selector);
+
+ if (col.size() != 1 || !col.contains(pair1))
+ {
+ fail("failed pair1 test");
+ }
+
+ col = certStore.getMatches(null);
+
+ if (col.size() != 2)
+ {
+ fail("failed null test");
+ }
+ }
+
+ public void performTest()
+ throws Exception
+ {
+ CertificateFactory cf = CertificateFactory.getInstance("X.509",
+ "SC");
+
+ X509Certificate rootCert = (X509Certificate)cf
+ .generateCertificate(new ByteArrayInputStream(
+ CertPathTest.rootCertBin));
+ X509Certificate interCert = (X509Certificate)cf
+ .generateCertificate(new ByteArrayInputStream(
+ CertPathTest.interCertBin));
+ X509Certificate finalCert = (X509Certificate)cf
+ .generateCertificate(new ByteArrayInputStream(
+ CertPathTest.finalCertBin));
+ X509CRL rootCrl = (X509CRL)cf.generateCRL(new ByteArrayInputStream(
+ CertPathTest.rootCrlBin));
+ X509CRL interCrl = (X509CRL)cf
+ .generateCRL(new ByteArrayInputStream(
+ CertPathTest.interCrlBin));
+
+ // Testing CollectionCertStore generation from List
+ List certList = new ArrayList();
+ certList.add(rootCert);
+ certList.add(interCert);
+ certList.add(finalCert);
+ X509CollectionStoreParameters ccsp = new X509CollectionStoreParameters(certList);
+ X509Store certStore = X509Store.getInstance("Certificate/Collection", ccsp, "SC");
+ // set default to be the same as for SUN X500 name
+ X509Principal.DefaultReverse = true;
+
+ // Searching for rootCert by subjectDN
+
+ X509CertStoreSelector targetConstraints = new X509CertStoreSelector();
+ targetConstraints.setSubject(PrincipalUtil.getSubjectX509Principal(rootCert).getEncoded());
+ Collection certs = certStore.getMatches(targetConstraints);
+ if (certs.size() != 1 || !certs.contains(rootCert))
+ {
+ fail("rootCert not found by subjectDN");
+ }
+
+ // Searching for rootCert by subjectDN encoded as byte
+ targetConstraints = new X509CertStoreSelector();
+ targetConstraints.setSubject(PrincipalUtil.getSubjectX509Principal(rootCert).getEncoded());
+ certs = certStore.getMatches(targetConstraints);
+ if (certs.size() != 1 || !certs.contains(rootCert))
+ {
+ fail("rootCert not found by encoded subjectDN");
+ }
+
+ X509Principal.DefaultReverse = false;
+
+ // Searching for rootCert by public key encoded as byte
+ targetConstraints = new X509CertStoreSelector();
+ targetConstraints.setSubjectPublicKey(rootCert.getPublicKey().getEncoded());
+ certs = certStore.getMatches(targetConstraints);
+ if (certs.size() != 1 || !certs.contains(rootCert))
+ {
+ fail("rootCert not found by encoded public key");
+ }
+
+ // Searching for interCert by issuerDN
+ targetConstraints = new X509CertStoreSelector();
+ targetConstraints.setIssuer(PrincipalUtil.getSubjectX509Principal(rootCert).getEncoded());
+ certs = certStore.getMatches(targetConstraints);
+ if (certs.size() != 2)
+ {
+ fail("did not found 2 certs");
+ }
+ if (!certs.contains(rootCert))
+ {
+ fail("rootCert not found");
+ }
+ if (!certs.contains(interCert))
+ {
+ fail("interCert not found");
+ }
+
+ // Searching for rootCrl by issuerDN
+ List crlList = new ArrayList();
+ crlList.add(rootCrl);
+ crlList.add(interCrl);
+ ccsp = new X509CollectionStoreParameters(crlList);
+ X509Store store = X509Store.getInstance("CRL/Collection", ccsp, "SC");
+ X509CRLStoreSelector targetConstraintsCRL = new X509CRLStoreSelector();
+ targetConstraintsCRL.setIssuers(Collections.singleton(rootCrl.getIssuerX500Principal()));
+ Collection crls = store.getMatches(targetConstraintsCRL);
+ if (crls.size() != 1 || !crls.contains(rootCrl))
+ {
+ fail("rootCrl not found");
+ }
+
+ crls = certStore.getMatches(targetConstraintsCRL);
+ if (crls.size() != 0)
+ {
+ fail("error using wrong selector (CRL)");
+ }
+ certs = store.getMatches(targetConstraints);
+ if (certs.size() != 0)
+ {
+ fail("error using wrong selector (certs)");
+ }
+ // Searching for attribute certificates
+ X509V2AttributeCertificate attrCert = new X509V2AttributeCertificate(AttrCertTest.attrCert);
+ X509AttributeCertificate attrCert2 = new X509V2AttributeCertificate(AttrCertTest.certWithBaseCertificateID);
+
+ List attrList = new ArrayList();
+ attrList.add(attrCert);
+ attrList.add(attrCert2);
+ ccsp = new X509CollectionStoreParameters(attrList);
+ store = X509Store.getInstance("AttributeCertificate/Collection", ccsp, "SC");
+ X509AttributeCertStoreSelector attrSelector = new X509AttributeCertStoreSelector();
+ attrSelector.setHolder(attrCert.getHolder());
+ if (!attrSelector.getHolder().equals(attrCert.getHolder()))
+ {
+ fail("holder get not correct");
+ }
+ Collection attrs = store.getMatches(attrSelector);
+ if (attrs.size() != 1 || !attrs.contains(attrCert))
+ {
+ fail("attrCert not found on holder");
+ }
+ attrSelector.setHolder(attrCert2.getHolder());
+ if (attrSelector.getHolder().equals(attrCert.getHolder()))
+ {
+ fail("holder get not correct");
+ }
+ attrs = store.getMatches(attrSelector);
+ if (attrs.size() != 1 || !attrs.contains(attrCert2))
+ {
+ fail("attrCert2 not found on holder");
+ }
+ attrSelector = new X509AttributeCertStoreSelector();
+ attrSelector.setIssuer(attrCert.getIssuer());
+ if (!attrSelector.getIssuer().equals(attrCert.getIssuer()))
+ {
+ fail("issuer get not correct");
+ }
+ attrs = store.getMatches(attrSelector);
+ if (attrs.size() != 1 || !attrs.contains(attrCert))
+ {
+ fail("attrCert not found on issuer");
+ }
+ attrSelector.setIssuer(attrCert2.getIssuer());
+ if (attrSelector.getIssuer().equals(attrCert.getIssuer()))
+ {
+ fail("issuer get not correct");
+ }
+ attrs = store.getMatches(attrSelector);
+ if (attrs.size() != 1 || !attrs.contains(attrCert2))
+ {
+ fail("attrCert2 not found on issuer");
+ }
+ attrSelector = new X509AttributeCertStoreSelector();
+ attrSelector.setAttributeCert(attrCert);
+ if (!attrSelector.getAttributeCert().equals(attrCert))
+ {
+ fail("attrCert get not correct");
+ }
+ attrs = store.getMatches(attrSelector);
+ if (attrs.size() != 1 || !attrs.contains(attrCert))
+ {
+ fail("attrCert not found on attrCert");
+ }
+ attrSelector = new X509AttributeCertStoreSelector();
+ attrSelector.setSerialNumber(attrCert.getSerialNumber());
+ if (!attrSelector.getSerialNumber().equals(attrCert.getSerialNumber()))
+ {
+ fail("serial number get not correct");
+ }
+ attrs = store.getMatches(attrSelector);
+ if (attrs.size() != 1 || !attrs.contains(attrCert))
+ {
+ fail("attrCert not found on serial number");
+ }
+ attrSelector = (X509AttributeCertStoreSelector)attrSelector.clone();
+ if (!attrSelector.getSerialNumber().equals(attrCert.getSerialNumber()))
+ {
+ fail("serial number get not correct");
+ }
+ attrs = store.getMatches(attrSelector);
+ if (attrs.size() != 1 || !attrs.contains(attrCert))
+ {
+ fail("attrCert not found on serial number");
+ }
+
+ attrSelector = new X509AttributeCertStoreSelector();
+ attrSelector.setAttributeCertificateValid(attrCert.getNotBefore());
+ if (!attrSelector.getAttributeCertificateValid().equals(attrCert.getNotBefore()))
+ {
+ fail("valid get not correct");
+ }
+ attrs = store.getMatches(attrSelector);
+ if (attrs.size() != 1 || !attrs.contains(attrCert))
+ {
+ fail("attrCert not found on valid");
+ }
+ attrSelector = new X509AttributeCertStoreSelector();
+ attrSelector.setAttributeCertificateValid(new Date(attrCert.getNotBefore().getTime() - 100));
+ attrs = store.getMatches(attrSelector);
+ if (attrs.size() != 0)
+ {
+ fail("attrCert found on before");
+ }
+ attrSelector.setAttributeCertificateValid(new Date(attrCert.getNotAfter().getTime() + 100));
+ attrs = store.getMatches(attrSelector);
+ if (attrs.size() != 0)
+ {
+ fail("attrCert found on after");
+ }
+ attrSelector.setSerialNumber(BigInteger.valueOf(10000));
+ attrs = store.getMatches(attrSelector);
+ if (attrs.size() != 0)
+ {
+ fail("attrCert found on wrong serial number");
+ }
+
+ attrSelector.setAttributeCert(null);
+ attrSelector.setAttributeCertificateValid(null);
+ attrSelector.setHolder(null);
+ attrSelector.setIssuer(null);
+ attrSelector.setSerialNumber(null);
+ if (attrSelector.getAttributeCert() != null)
+ {
+ fail("null attrCert");
+ }
+ if (attrSelector.getAttributeCertificateValid() != null)
+ {
+ fail("null attrCertValid");
+ }
+ if (attrSelector.getHolder() != null)
+ {
+ fail("null attrCert holder");
+ }
+ if (attrSelector.getIssuer() != null)
+ {
+ fail("null attrCert issuer");
+ }
+ if (attrSelector.getSerialNumber() != null)
+ {
+ fail("null attrCert serial");
+ }
+
+ attrs = certStore.getMatches(attrSelector);
+ if (attrs.size() != 0)
+ {
+ fail("error using wrong selector (attrs)");
+ }
+
+ certPairTest();
+ }
+
+ public String getName()
+ {
+ return "X509Store";
+ }
+
+ public static void main(String[] args)
+ {
+ Security.addProvider(new BouncyCastleProvider());
+
+ runTest(new X509StoreTest());
+ }
+
+}
generated by cgit v1.2.3 (git 2.25.1) at 2024-06-13 18:37:19 +0000