Google Git
Sign in
android / platform / cts / c7bed5eae57 / . / tests / tests / apache-http / src / org / apache / http / conn / ssl / cts / AbstractVerifierTest.java
blob: 5e2a55e7ec7aa4318019f574321e0db28ac88601 [file] [log] [blame]
/*
* Copyright (C) 2010 The Android Open Source Project
*
* Licensed under the Apache License, Version 2.0 (the "License");
* you may not use this file except in compliance with the License.
* You may obtain a copy of the License at
*
* http://www.apache.org/licenses/LICENSE-2.0
*
* Unless required by applicable law or agreed to in writing, software
* distributed under the License is distributed on an "AS IS" BASIS,
* WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
* See the License for the specific language governing permissions and
* limitations under the License.
*/
package org.apache.http.conn.ssl.cts;
import javax.security.auth.x500.X500Principal;
import junit.framework.TestCase;
import org.apache.http.conn.ssl.AbstractVerifier;
import java.lang.Override;
import java.math.BigInteger;
import java.security.InvalidKeyException;
import java.security.NoSuchAlgorithmException;
import java.security.NoSuchProviderException;
import java.security.Principal;
import java.security.PublicKey;
import java.security.SignatureException;
import java.security.cert.CertificateEncodingException;
import java.security.cert.CertificateException;
import java.security.cert.CertificateExpiredException;
import java.security.cert.CertificateNotYetValidException;
import java.security.cert.X509Certificate;
import java.util.Arrays;
import java.util.Date;
import java.util.Set;
/**
* See also {@link libcore.javax.security.auth.x500.X500PrincipalTest} as it shows some cases
* we are not checking as they are not allowed by the X500 principal in the first place.
*/
public final class AbstractVerifierTest extends TestCase {
public void testGetCns() {
assertCns("");
assertCns("ou=xxx");
assertCns("ou=xxx,cn=xxx", "xxx");
assertCns("ou=xxx+cn=yyy,cn=zzz+cn=abc", "yyy", "zzz", "abc");
assertCns("cn=a,cn=b", "a", "b");
assertCns("cn=a c,cn=b", "a c", "b");
assertCns("cn=a ,cn=b", "a", "b");
assertCns("cn=Cc,cn=Bb,cn=Aa", "Cc", "Bb", "Aa");
assertCns("cn=imap.gmail.com", "imap.gmail.com");
assertCns("l=\"abcn=a,b\", cn=c", "c");
assertCns("l=\"abcn=a,b\", cn=c", "c");
assertCns("l=\"abcn=a,b\", cn= c", "c");
assertCns("cn=<", "<");
assertCns("cn=>", ">");
assertCns("cn= >", ">");
assertCns("cn=a b", "a b");
assertCns("cn =a b", "a b");
assertCns("Cn=a b", "a b");
assertCns("cN=a b", "a b");
assertCns("CN=a b", "a b");
assertCns("cn=a#b", "a#b");
assertCns("cn=#130161", "a");
assertCns("l=q\t+cn=p", "p");
assertCns("l=q\n+cn=p", "p");
assertCns("l=q\n,cn=p", "p");
assertCns("l=,cn=p", "p");
assertCns("l=\tq\n,cn=\tp", "\tp");
}
/** A cn=, generates an empty value, unless it's at the very end */
public void testEmptyValues() {
assertCns("l=,cn=+cn=q", "", "q");
assertCns("l=,cn=,cn=q", "", "q");
assertCns("l=,cn=");
assertCns("l=,cn=q,cn= ", "q");
assertCns("l=,cn=q ,cn= ", "q");
assertCns("l=,cn=\"\"");
assertCns("l=,cn=\" \",cn=\" \"", " ", " ");
assertCns("l=,cn= ,cn= ","");
assertCns("l=,cn=,cn= ,cn= ", "", "");
}
public void testGetCns_escapedChars() {
assertCns("cn=\\,", ",");
assertCns("cn=\\#", "#");
assertCns("cn=\\+", "+");
assertCns("cn=\\\"", "\"");
assertCns("cn=\\\\", "\\");
assertCns("cn=\\<", "<");
assertCns("cn=\\>", ">");
assertCns("cn=\\;", ";");
assertCns("cn=\\+", "+");
assertCns("cn=\"\\+\"", "+");
assertCns("cn=\"\\,\"", ",");
assertCns("cn= a =", "a =");
assertCns("cn==", "=");
}
public void testGetCns_whitespace() {
assertCns("cn= p", "p");
assertCns("cn=\np", "p");
assertCns("cn=\tp", "\tp");
}
public void testGetCnsWithOid() {
assertCns("2.5.4.3=a,ou=xxx", "a");
assertCns("2.5.4.3=\" a \",ou=xxx", " a ");
assertCns("2.5.5.3=a,ou=xxx,cn=b", "b");
}
public void testGetCnsWithQuotedStrings() {
assertCns("cn=\"\\\" a ,=<>#;\"", "\" a ,=<>#;");
assertCns("cn=abc\\,def", "abc,def");
assertCns("cn=\"\\\" a ,\\=<>\\#;\"", "\" a ,=<>#;");
}
public void testGetCnsWithUtf8() {
assertCns("cn=\"Lu\\C4\\8Di\\C4\\87\"", "\u004c\u0075\u010d\u0069\u0107");
assertCns("cn=Lu\\C4\\8Di\\C4\\87", "\u004c\u0075\u010d\u0069\u0107");
assertCns("cn=Lu\\C4\\8di\\c4\\87", "\u004c\u0075\u010d\u0069\u0107");
assertCns("cn=\"Lu\\C4\\8di\\c4\\87\"", "\u004c\u0075\u010d\u0069\u0107");
assertCns("cn=\u004c\u0075\u010d\u0069\u0107", "\u004c\u0075\u010d\u0069\u0107");
// \63=c
assertExceptionInPrincipal("\\63n=ab");
assertExceptionInPrincipal("cn=\\a");
}
public void testGetCnsWithWhitespace() {
assertCns("ou=a, cn= a b ,o=x", "a b");
assertCns("cn=\" a b \" ,o=x", " a b ");
}
private static void assertCns(String dn, String... expected) {
String[] result = AbstractVerifier.getCNs(createStubCertificate(dn));
if (expected.length == 0) {
assertNull(result);
} else {
assertNotNull(dn, result);
assertEquals(dn, Arrays.asList(expected), Arrays.asList(result));
}
}
private static void assertExceptionInPrincipal(String dn) {
try {
X500Principal principal = new X500Principal(dn);
fail("Expected " + IllegalArgumentException.class.getName()
+ " because of incorrect input name");
} catch (IllegalArgumentException e) {
// Expected.
}
}
private static X509Certificate createStubCertificate(final String subjectName) {
return new X509Certificate() {
@Override
public X500Principal getSubjectX500Principal() {
return new X500Principal(subjectName);
}
@Override
public Set<String> getCriticalExtensionOIDs() {
return null;
}
@Override
public byte[] getExtensionValue(String oid) {
return new byte[0];
}
@Override
public Set<String> getNonCriticalExtensionOIDs() {
return null;
}
@Override
public boolean hasUnsupportedCriticalExtension() {
return false;
}
@Override
public byte[] getEncoded() throws CertificateEncodingException {
return new byte[0];
}
@Override
public void verify(PublicKey key)
throws CertificateException, NoSuchAlgorithmException, InvalidKeyException,
NoSuchProviderException, SignatureException {
}
@Override
public void verify(PublicKey key, String sigProvider)
throws CertificateException, NoSuchAlgorithmException, InvalidKeyException,
NoSuchProviderException, SignatureException {
}
@Override
public String toString() {
return null;
}
@Override
public PublicKey getPublicKey() {
return null;
}
@Override
public void checkValidity()
throws CertificateExpiredException, CertificateNotYetValidException {
}
@Override
public void checkValidity(Date date)
throws CertificateExpiredException, CertificateNotYetValidException {
}
@Override
public int getVersion() {
return 0;
}
@Override
public BigInteger getSerialNumber() {
return null;
}
@Override
public Principal getIssuerDN() {
return null;
}
@Override
public Principal getSubjectDN() {
return null;
}
@Override
public Date getNotBefore() {
return null;
}
@Override
public Date getNotAfter() {
return null;
}
@Override
public byte[] getTBSCertificate() throws CertificateEncodingException {
return new byte[0];
}
@Override
public byte[] getSignature() {
return new byte[0];
}
@Override
public String getSigAlgName() {
return null;
}
@Override
public String getSigAlgOID() {
return null;
}
@Override
public byte[] getSigAlgParams() {
return new byte[0];
}
@Override
public boolean[] getIssuerUniqueID() {
return new boolean[0];
}
@Override
public boolean[] getSubjectUniqueID() {
return new boolean[0];
}
@Override
public boolean[] getKeyUsage() {
return new boolean[0];
}
@Override
public int getBasicConstraints() {
return 0;
}
};
}
}