| /* |
| * Licensed to the Apache Software Foundation (ASF) under one or more |
| * contributor license agreements. See the NOTICE file distributed with |
| * this work for additional information regarding copyright ownership. |
| * The ASF licenses this file to You under the Apache License, Version 2.0 |
| * (the "License"); you may not use this file except in compliance with |
| * the License. You may obtain a copy of the License at |
| * |
| * http://www.apache.org/licenses/LICENSE-2.0 |
| * |
| * Unless required by applicable law or agreed to in writing, software |
| * distributed under the License is distributed on an "AS IS" BASIS, |
| * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. |
| * See the License for the specific language governing permissions and |
| * limitations under the License. |
| */ |
| |
| /** |
| * @author Vera Y. Petrashkova |
| */ |
| |
| package org.apache.harmony.security.tests.java.security; |
| |
| import java.io.File; |
| import java.io.FileOutputStream; |
| import java.io.IOException; |
| import java.security.InvalidKeyException; |
| import java.security.KeyStore; |
| import java.security.KeyStoreException; |
| import java.security.NoSuchAlgorithmException; |
| import java.security.NoSuchProviderException; |
| import java.security.PrivateKey; |
| import java.security.Provider; |
| import java.security.PublicKey; |
| import java.security.SignatureException; |
| import java.security.cert.Certificate; |
| import java.security.cert.CertificateEncodingException; |
| import java.security.cert.CertificateException; |
| import java.security.spec.InvalidKeySpecException; |
| import java.util.Enumeration; |
| |
| import junit.framework.TestCase; |
| |
| import org.apache.harmony.security.tests.support.KeyStoreTestSupport; |
| import org.apache.harmony.security.tests.support.SpiEngUtils; |
| import org.apache.harmony.security.tests.support.TestKeyPair; |
| import org.apache.harmony.security.tests.support.tmpCallbackHandler; |
| |
| /** |
| * Tests for <code>KeyStore.Builder</code> class |
| */ |
| public class KSBuilder_ImplTest extends TestCase { |
| |
| private static char[] pass = { 's', 't', 'o', 'r', 'e', 'p', 'w', 'd' }; |
| |
| private KeyStore.PasswordProtection protPass = new KeyStore.PasswordProtection(pass); |
| private tmpCallbackHandler tmpCall = new tmpCallbackHandler(); |
| private KeyStore.CallbackHandlerProtection callbackHand = new KeyStore.CallbackHandlerProtection(tmpCall); |
| private myProtectionParameter myProtParam = new myProtectionParameter(new byte[5]); |
| public static String[] validValues = KeyStoreTestSupport.validValues; |
| |
| private static String defaultType = KeyStoreTestSupport.defaultType; |
| |
| private static boolean JKSSupported = false; |
| |
| private static Provider defaultProvider = null; |
| |
| static { |
| defaultProvider = SpiEngUtils.isSupport( |
| KeyStoreTestSupport.defaultType, KeyStoreTestSupport.srvKeyStore); |
| JKSSupported = (defaultProvider != null); |
| } |
| |
| // Creates empty KeyStore and loads it to file |
| private File createKS() throws Exception { |
| FileOutputStream fos = null; |
| File ff = File.createTempFile("KSBuilder_ImplTest", "keystore"); |
| ff.deleteOnExit(); |
| try { |
| |
| KeyStore ks = KeyStore.getInstance(KeyStore.getDefaultType()); |
| fos = new FileOutputStream(ff); |
| ks.load(null, null); |
| ks.store(fos, pass); |
| } finally { |
| if (fos != null) { |
| try { |
| fos.close(); |
| } catch (IOException e) { |
| } |
| } |
| } |
| return ff; |
| } |
| |
| /* |
| * Test for method: |
| * <code>newInstance(KeyStore keyStore, ProtectionParameter protectionParameter)</code> |
| * <code>getKeyStore()</code> |
| * <code>getProtectionParameter(String alias)</code> |
| * Assertions: |
| * throws NullPointerException if keyStore or protectionParameter is null |
| * throws IllegalArgumentException if keyStore was not initialized |
| * returns new object. |
| * |
| * getKeyStore() returns specified keystore; |
| * getProtectionParameter(String alias) |
| * throws NullPointerException when alias is null; |
| * throws KeyStoreException when alias is not available; |
| * returns ProtectionParameter which is used in newInstance(...) |
| * |
| */ |
| public void testNewInstanceKeyStoreProtectionParameter() |
| throws KeyStoreException, NoSuchAlgorithmException, IOException, |
| CertificateException, InvalidKeyException, InvalidKeySpecException { |
| // exceptions verification |
| try { |
| KeyStore.Builder.newInstance(null, protPass); |
| fail("NullPointerException must be thrown when KeyStore is null"); |
| } catch (NullPointerException e) { |
| } |
| if (!JKSSupported) { |
| fail(defaultType + " type is not supported"); |
| return; |
| } |
| KeyStore.Builder ksB; |
| KeyStore ks = KeyStore.getInstance(defaultType); |
| try { |
| KeyStore.Builder.newInstance(ks, null); |
| fail("NullPointerException must be thrown when ProtectionParameter is null"); |
| } catch (NullPointerException e) { |
| } |
| |
| KeyStore.PasswordProtection protPass1 = new KeyStore.PasswordProtection( |
| pass); |
| KeyStore.ProtectionParameter[] pp = { protPass, protPass1, |
| callbackHand, myProtParam }; |
| TestKeyPair tkp = new TestKeyPair("DSA"); |
| Certificate certs[] = { |
| new MCertificate("DSA", tkp.getPrivate() |
| .getEncoded()), |
| new MCertificate("DSA", tkp.getPrivate() |
| .getEncoded()) }; |
| PrivateKey privKey = tkp.getPrivate(); |
| |
| KeyStore.PrivateKeyEntry pKey = new KeyStore.PrivateKeyEntry(privKey, |
| certs); |
| for (int i = 0; i < pp.length; i++) { |
| ks = KeyStore.getInstance(defaultType); |
| try { |
| KeyStore.Builder.newInstance(ks, pp[i]); |
| fail("IllegalArgumentException must be thrown because KeyStore was not initialized"); |
| } catch (IllegalArgumentException e) { |
| } |
| ks.load(null, pass); |
| ksB = KeyStore.Builder.newInstance(ks, pp[i]); |
| |
| assertEquals("Incorrect KeyStore", ksB.getKeyStore().size(), 0); |
| |
| ks.setEntry("aaa", pKey, pp[0]); |
| ksB = KeyStore.Builder.newInstance(ks, pp[i]); |
| |
| // verification getKeyStore() and getProtectionParameter(String |
| // alias) |
| assertEquals("Incorrect KeyStore", ks, ksB.getKeyStore()); |
| |
| try { |
| ksB.getProtectionParameter(null); |
| fail("NullPointerException must be thrown"); |
| } catch (NullPointerException e) { |
| } |
| try { |
| assertEquals(ksB.getProtectionParameter("aaa"), pp[i]); |
| } catch (KeyStoreException e) { |
| fail("Unexpected: " + e.toString() + " was thrown"); |
| } |
| |
| try { |
| assertEquals(ksB.getProtectionParameter("Bad alias"), pp[i]); |
| } catch (KeyStoreException e) { |
| // KeyStoreException might be thrown because there is no entry with such alias |
| } |
| |
| try { |
| assertEquals(ksB.getProtectionParameter(""), pp[i]); |
| } catch (KeyStoreException e) { |
| // KeyStoreException might be thrown because there is no entry with such alias |
| } |
| |
| KeyStore.ProtectionParameter pPar = ksB |
| .getProtectionParameter("aaa"); |
| |
| switch (i) { |
| case 0: |
| assertTrue(pPar instanceof KeyStore.PasswordProtection); |
| break; |
| case 1: |
| assertTrue(pPar instanceof KeyStore.PasswordProtection); |
| break; |
| case 2: |
| assertTrue(pPar instanceof KeyStore.CallbackHandlerProtection); |
| break; |
| case 3: |
| assertTrue(pPar instanceof myProtectionParameter); |
| break; |
| default: |
| fail("Incorrect protection parameter"); |
| } |
| assertEquals(pPar, pp[i]); |
| } |
| } |
| |
| /* |
| * Test for methods: |
| * <code>newInstance(String type, Provider provider, File file, |
| * ProtectionParameter protectionParameter)</code> |
| * <code>getKeyStore()</code> |
| * <code>getProtectionParameter(String alias)</code> |
| * Assertions: |
| * throws NullPointerException if type, file or protectionParameter is null; |
| * throws IllegalArgumentException if file does not exist or is not file; |
| * throws IllegalArgumentException if ProtectionParameter is not |
| * PasswordProtection or CallbackHandlerProtection; |
| * returns new object |
| * |
| * getKeyStore() returns specified keystore; |
| * getProtectionParameter(String alias) |
| * throws NullPointerException when alias is null; |
| * throws KeyStoreException when alias is not available; |
| * returns ProtectionParameter which is used in newInstance(...) |
| * |
| */ |
| public void testNewInstanceStringProviderFileProtectionParameter() |
| throws Exception { |
| if (!JKSSupported) { |
| fail(defaultType + " type is not supported"); |
| return; |
| } |
| File fl = File.createTempFile("KSBuilder_ImplTest", "keystore"); |
| fl.deleteOnExit(); |
| KeyStore.Builder ksB; |
| KeyStore.Builder ksB1; |
| KeyStore ks = null; |
| KeyStore ks1 = null; |
| |
| myProtectionParameter myPP = new myProtectionParameter(new byte[5]); |
| // check exceptions |
| try { |
| |
| KeyStore.Builder.newInstance(null, defaultProvider, fl, protPass); |
| fail("NullPointerException must be thrown when type is null"); |
| } catch (NullPointerException e) { |
| } |
| try { |
| KeyStore.Builder.newInstance(defaultType, defaultProvider, null, |
| protPass); |
| fail("NullPointerException must be thrown when file is null"); |
| } catch (NullPointerException e) { |
| } |
| try { |
| KeyStore.Builder |
| .newInstance(defaultType, defaultProvider, fl, null); |
| fail("NullPointerException must be thrown when ProtectionParameter is null"); |
| } catch (NullPointerException e) { |
| } |
| try { |
| KeyStore.Builder |
| .newInstance(defaultType, defaultProvider, fl, myPP); |
| fail("IllegalArgumentException must be thrown when ProtectionParameter is not correct"); |
| } catch (IllegalArgumentException e) { |
| } |
| try { |
| KeyStore.Builder.newInstance(defaultType, defaultProvider, |
| new File(fl.getAbsolutePath().concat("should_absent")), |
| protPass); |
| fail("IllegalArgumentException must be thrown when file does not exist"); |
| } catch (IllegalArgumentException e) { |
| } |
| try { |
| // 'file' param points to directory |
| KeyStore.Builder.newInstance(defaultType, defaultProvider, |
| fl.getParentFile(), protPass); |
| fail("IllegalArgumentException must be thrown when file does not exist"); |
| } catch (IllegalArgumentException e) { |
| } |
| ksB = KeyStore.Builder.newInstance(defaultType, defaultProvider, fl, |
| protPass); |
| try { |
| ksB.getKeyStore(); |
| fail("KeyStoreException must be throw because file is empty"); |
| } catch (KeyStoreException e) { |
| } |
| |
| fl = createKS(); |
| KeyStore.ProtectionParameter[] pp = { myPP, protPass, callbackHand }; |
| for (int i = 0; i < pp.length; i++) { |
| if (i == 0) { |
| try { |
| KeyStore.Builder.newInstance(defaultType, null, fl, pp[i]); |
| fail("IllegalArgumentException must be thrown for incorrect ProtectionParameter"); |
| } catch (IllegalArgumentException e) { |
| } |
| try { |
| KeyStore.Builder.newInstance(defaultType, defaultProvider, |
| fl, pp[i]); |
| fail("IllegalArgumentException must be thrown for incorrect ProtectionParameter"); |
| } catch (IllegalArgumentException e) { |
| } |
| continue; |
| } |
| ksB = KeyStore.Builder.newInstance(defaultType, null, fl, pp[i]); |
| ksB1 = KeyStore.Builder.newInstance(defaultType, defaultProvider, |
| fl, pp[i]); |
| try { |
| ks = ksB.getKeyStore(); |
| if (i == 2) { |
| fail("KeyStoreException must be thrown for incorrect ProtectionParameter"); |
| } else { |
| assertEquals("Incorrect KeyStore size", ks.size(), 0); |
| } |
| } catch (KeyStoreException e) { |
| if (i == 2) { |
| continue; |
| } |
| fail("Unexpected KeyException was thrown"); |
| } |
| try { |
| ks1 = ksB1.getKeyStore(); |
| if (i == 2) { |
| fail("KeyStoreException must be thrown for incorrect ProtectionParameter"); |
| } |
| } catch (KeyStoreException e) { |
| if (i == 2) { |
| continue; |
| } |
| fail("Unexpected KeyException was thrown"); |
| } |
| assertEquals("Incorrect KeyStore size", ks.size(), ks1.size()); |
| Enumeration iter = ks.aliases(); |
| String aName; |
| |
| while (iter.hasMoreElements()) { |
| aName = (String) iter.nextElement(); |
| assertEquals("Incorrect ProtectionParameter", ksB |
| .getProtectionParameter(aName), pp[i]); |
| } |
| |
| try { |
| assertEquals(ksB.getProtectionParameter("Bad alias"), pp[i]); |
| } catch (KeyStoreException e) { |
| // KeyStoreException might be thrown because there is no entry with such alias |
| } |
| |
| iter = ks1.aliases(); |
| while (iter.hasMoreElements()) { |
| aName = (String) iter.nextElement(); |
| assertEquals("Incorrect ProtectionParameter", ksB1 |
| .getProtectionParameter(aName), pp[i]); |
| } |
| |
| try { |
| assertEquals(ksB1.getProtectionParameter("Bad alias"), pp[i]); |
| } catch (KeyStoreException e) { |
| // KeyStoreException might be thrown because there is no entry with such alias |
| } |
| } |
| } |
| |
| /* |
| * Test for method: |
| * <code>newInstance(String type, Provider provider, |
| * ProtectionParameter protectionParameter)</code> |
| * <code>getKeyStore()</code> |
| * <code>getProtectionParameter(String alias)</code> |
| * Assertions: |
| * throws NullPointerException if type, or protectionParameter is null; |
| * returns new object |
| * |
| * getKeyStore() returns empty keystore |
| * getProtectionParameter(String alias) |
| * throws NullPointerException when alias is null; |
| * throws KeyStoreException when alias is not available |
| * |
| */ |
| public void testNewInstanceStringProviderProtectionParameter() |
| throws KeyStoreException { |
| if (!JKSSupported) { |
| fail(defaultType + " type is not supported"); |
| return; |
| } |
| try { |
| KeyStore.Builder.newInstance(null, |
| defaultProvider, protPass); |
| fail("NullPointerException must be thrown when type is null"); |
| } catch (NullPointerException e) { |
| } |
| try { |
| KeyStore.Builder.newInstance(defaultType, |
| defaultProvider, null); |
| fail("NullPointerException must be thrown when ProtectionParameter is null"); |
| } catch (NullPointerException e) { |
| } |
| myProtectionParameter myPP = new myProtectionParameter(new byte[5]); |
| KeyStore.ProtectionParameter[] pp = { protPass, myPP, callbackHand }; |
| KeyStore.Builder ksB, ksB1; |
| KeyStore ks = null; |
| for (int i = 0; i < pp.length; i++) { |
| ksB = KeyStore.Builder.newInstance(defaultType, defaultProvider, |
| pp[i]); |
| ksB1 = KeyStore.Builder.newInstance(defaultType, null, pp[i]); |
| switch (i) { |
| case 0: |
| try { |
| ks = ksB.getKeyStore(); |
| assertNotNull("KeyStore is null", ks); |
| try { |
| assertEquals(ksB.getProtectionParameter("Bad alias"), |
| pp[i]); |
| } catch (KeyStoreException e) { |
| // KeyStoreException might be thrown because there is no entry with such alias |
| } |
| |
| ks = ksB1.getKeyStore(); |
| assertNotNull("KeyStore is null", ks); |
| |
| try { |
| assertEquals(ksB1.getProtectionParameter("Bad alias"), |
| pp[i]); |
| } catch (KeyStoreException e) { |
| // KeyStoreException might be thrown because there is no entry with such alias |
| } |
| } catch (KeyStoreException e) { |
| try { |
| ks = ksB.getKeyStore(); |
| } catch (KeyStoreException e1) { |
| assertEquals("Incorrect exception", e.getMessage(), e1 |
| .getMessage()); |
| } |
| } |
| break; |
| case 1: |
| case 2: |
| Exception ex1 = null; |
| Exception ex2 = null; |
| try { |
| ks = ksB.getKeyStore(); |
| } catch (KeyStoreException e) { |
| ex1 = e; |
| } |
| try { |
| ks = ksB.getKeyStore(); |
| } catch (KeyStoreException e) { |
| ex2 = e; |
| } |
| assertEquals("Incorrect exception", ex1.getMessage(), ex2 |
| .getMessage()); |
| |
| |
| try { |
| ksB.getProtectionParameter("aaa"); |
| fail("IllegalStateException must be thrown because getKeyStore() was not invoked"); |
| } catch (IllegalStateException e) { |
| } |
| |
| try { |
| ks = ksB1.getKeyStore(); |
| } catch (KeyStoreException e) { |
| ex1 = e; |
| } |
| try { |
| ks = ksB1.getKeyStore(); |
| } catch (KeyStoreException e) { |
| ex2 = e; |
| } |
| assertEquals("Incorrect exception", ex1.getMessage(), ex2 |
| .getMessage()); |
| |
| |
| try { |
| ksB1.getProtectionParameter("aaa"); |
| fail("IllegalStateException must be thrown because getKeyStore() was not invoked"); |
| } catch (IllegalStateException e) { |
| } |
| break; |
| |
| } |
| } |
| } |
| |
| /** |
| * Additional class for creation Certificate object |
| */ |
| public class MCertificate extends Certificate { |
| private final byte[] encoding; |
| |
| private final String type; |
| |
| public MCertificate(String type, byte[] encoding) { |
| super(type); |
| this.encoding = encoding; |
| this.type = type; |
| } |
| |
| public byte[] getEncoded() throws CertificateEncodingException { |
| return encoding.clone(); |
| } |
| |
| public void verify(PublicKey key) throws CertificateException, |
| NoSuchAlgorithmException, InvalidKeyException, |
| NoSuchProviderException, SignatureException { |
| } |
| |
| public void verify(PublicKey key, String sigProvider) |
| throws CertificateException, NoSuchAlgorithmException, |
| InvalidKeyException, NoSuchProviderException, SignatureException { |
| } |
| |
| public String toString() { |
| return "[MCertificate, type: " + getType() + "]"; |
| } |
| |
| public PublicKey getPublicKey() { |
| return new PublicKey() { |
| public String getAlgorithm() { |
| return type; |
| } |
| |
| public byte[] getEncoded() { |
| return encoding; |
| } |
| |
| public String getFormat() { |
| return "test"; |
| } |
| }; |
| } |
| } |
| } |
| |
| /** |
| * Additional class for creating KeyStoreBuilder |
| */ |
| class myProtectionParameter implements KeyStore.ProtectionParameter { |
| public myProtectionParameter(byte[] param) { |
| if (param == null) { |
| throw new NullPointerException("param is null"); |
| } |
| } |
| } |