001: /*
002: * Licensed to the Apache Software Foundation (ASF) under one or more
003: * contributor license agreements. See the NOTICE file distributed with
004: * this work for additional information regarding copyright ownership.
005: * The ASF licenses this file to You under the Apache License, Version 2.0
006: * (the "License"); you may not use this file except in compliance with
007: * the License. You may obtain a copy of the License at
008: *
009: * http://www.apache.org/licenses/LICENSE-2.0
010: *
011: * Unless required by applicable law or agreed to in writing, software
012: * distributed under the License is distributed on an "AS IS" BASIS,
013: * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
014: * See the License for the specific language governing permissions and
015: * limitations under the License.
016: */
017:
018: /**
019: * @author Alexander V. Astapchuk
020: * @version $Revision$
021: */package org.apache.harmony.security.tests.java.security;
022:
023: import java.security.*;
024: import java.io.File;
025: import java.net.URL;
026: import java.net.InetAddress;
027: import java.net.MalformedURLException;
028: import java.net.UnknownHostException;
029: import java.security.cert.CertPath;
030: import java.security.cert.Certificate;
031:
032: import org.apache.harmony.security.tests.support.TestCertUtils;
033:
034: import junit.framework.TestCase;
035:
036: /**
037: * Unit test for CodeSource.
038: *
039: */
040:
041: public class CodeSourceTest extends TestCase {
042: /**
043: *
044: * Entry point for standalone runs.
045: *
046: * @param args command line arguments
047: */
048: public static void main(String[] args) throws Exception {
049: junit.textui.TestRunner.run(CodeSourceTest.class);
050: }
051:
052: private java.security.cert.Certificate[] chain = null;
053:
054: /* Below are various URLs used during the testing */
055: private static URL urlSite;
056:
057: private static URL urlDir; // must NOT end with '/'
058:
059: private static URL urlDirOtherSite; // same as urlDir, but another site
060:
061: private static URL urlDir_port80, urlDir_port81;
062:
063: /* must be exactly the same as urlDir, but with slash added */
064: private static URL urlDirWithSlash;
065:
066: //private static URL urlDirFtp;
067: private static URL urlDir_FileProtocol;
068:
069: private static URL urlDirIP;
070:
071: private static URL urlFile, urlFileWithAdditionalDirs,
072: urlFileDirOtherDir;
073:
074: private static URL urlFileDirMinus;
075:
076: private static URL urlFileDirStar;
077:
078: private static URL urlRef1, urlRef2;
079:
080: static {
081: try {
082: String siteName = "www.intel.com";
083: InetAddress addr = InetAddress.getByName(siteName);
084: String siteIP = addr.getHostAddress();
085:
086: urlSite = new URL("http://" + siteName + "");
087: urlDir = new URL("http://" + siteName + "/drl_test");
088: urlDirOtherSite = new URL(
089: "http://www.any-other-site-which-is-not-siteName.com/drl_test");
090:
091: urlDir_port80 = new URL("http://" + siteName
092: + ":80/drl_test");
093: urlDir_port81 = new URL("http://" + siteName
094: + ":81/drl_test");
095: urlDirWithSlash = new URL(urlDir + "/");
096:
097: //urlDirFtp = new URL("ftp://www.intel.com/drl_test");
098: urlDir_FileProtocol = new URL("file://" + siteName
099: + "/drl_test");
100:
101: urlDirIP = new URL("http://" + siteIP + "/drl_test");
102:
103: urlFile = new URL("http://" + siteName
104: + "/drl_test/empty.jar");
105: urlFileWithAdditionalDirs = new URL("http://" + siteName
106: + "/drl_test/what/ever/here/empty.jar");
107:
108: urlFileDirMinus = new URL("http://" + siteName
109: + "/drl_test/-");
110: urlFileDirStar = new URL("http://" + siteName
111: + "/drl_test/*");
112: urlFileDirOtherDir = new URL("http://" + siteName
113: + "/_test_drl_/*");
114:
115: urlRef1 = new URL("http://" + siteName
116: + "/drl_test/index.html#ref1");
117: urlRef2 = new URL("http://" + siteName
118: + "/drl_test/index.html#ref2");
119: } catch (MalformedURLException ex) {
120: throw new Error(ex);
121: } catch (UnknownHostException ex) {
122: throw new Error(ex);
123: }
124: }
125:
126: protected void setUp() throws Exception {
127: super .setUp();
128: chain = TestCertUtils.getCertChain();
129: }
130:
131: /**
132: * Tests hashCode().<br>
133: * javadoc says nothing, so test DRL-specific implementation.
134: */
135: public void testHashCode() {
136: // when nothing is specified, then hashCode obviously must be 0.
137: assertTrue(new CodeSource(null, (Certificate[]) null)
138: .hashCode() == 0);
139: // only URL.hashCode is taken into account...
140: assertTrue(new CodeSource(urlSite, (Certificate[]) null)
141: .hashCode() == urlSite.hashCode());
142: // ... and certs[] does not affect it
143: assertTrue(new CodeSource(urlSite, chain).hashCode() == urlSite
144: .hashCode());
145: }
146:
147: /**
148: * Tests CodeSource(URL, Certificate[]).
149: */
150: public void testCodeSourceURLCertificateArray() {
151: new CodeSource(null, (Certificate[]) null);
152: new CodeSource(urlSite, (Certificate[]) null);
153: new CodeSource(null, chain);
154: new CodeSource(urlSite, chain);
155: }
156:
157: /**
158: * Tests CodeSource(URL, CodeSigner[]).
159: */
160: public void testCodeSourceURLCodeSignerArray() {
161: if (!has_15_features()) {
162: return;
163: }
164: new CodeSource(null, (CodeSigner[]) null);
165:
166: }
167:
168: /**
169: * equals(Object) must return <code>false</code> for null
170: */
171: public void testEqualsObject_00() {
172: CodeSource thiz = new CodeSource(urlSite, (Certificate[]) null);
173: assertFalse(thiz.equals(null));
174:
175: }
176:
177: /**
178: * equals(Object) must return <code>true</code> for the same object
179: */
180: public void testEqualsObject_01() {
181: CodeSource thiz = new CodeSource(urlSite, (Certificate[]) null);
182: assertTrue(thiz.equals(thiz));
183: }
184:
185: /**
186: * Test for equals(Object)<br>
187: * The signer certificate chain must contain the same set of certificates, but
188: * the order of the certificates is not taken into account.
189: */
190: public void testEqualsObject_02() {
191: Certificate cert0 = new TestCertUtils.TestCertificate();
192: Certificate cert1 = new TestCertUtils.TestCertificate();
193: Certificate[] certs0 = new Certificate[] { cert0, cert1 };
194: Certificate[] certs1 = new Certificate[] { cert1, cert0 };
195: CodeSource thiz = new CodeSource(urlSite, certs0);
196: CodeSource that = new CodeSource(urlSite, certs1);
197: assertTrue(thiz.equals(that));
198: }
199:
200: /**
201: * Test for equals(Object)<br>
202: * Checks that both 'null' and not-null URLs are taken into account - properly.
203: */
204: public void testEqualsObject_04() {
205: CodeSource thiz = new CodeSource(urlSite, (Certificate[]) null);
206: CodeSource that = new CodeSource(null, (Certificate[]) null);
207: assertFalse(thiz.equals(that));
208: assertFalse(that.equals(thiz));
209:
210: that = new CodeSource(urlFile, (Certificate[]) null);
211: assertFalse(thiz.equals(that));
212: assertFalse(that.equals(thiz));
213: }
214:
215: /**
216: * Tests CodeSource.getCertificates().
217: */
218: public void testGetCertificates_00() {
219: assertNull(new CodeSource(null, (Certificate[]) null)
220: .getCertificates());
221: java.security.cert.Certificate[] got = new CodeSource(null,
222: chain).getCertificates();
223: // The returned array must be clone()-d ...
224: assertNotSame(got, chain);
225: // ... but must represent the same set of certificates
226: assertTrue(checkEqual(got, chain));
227: }
228:
229: /**
230: * Tests whether the getCertificates() returns certificates obtained from
231: * the signers.
232: */
233: public void testGetCertificates_01() {
234: if (!has_15_features()) {
235: return;
236: }
237: CertPath cpath = TestCertUtils.getCertPath();
238: Certificate[] certs = (Certificate[]) cpath.getCertificates()
239: .toArray();
240: CodeSigner[] signers = { new CodeSigner(cpath, null) };
241: CodeSource cs = new CodeSource(null, signers);
242: Certificate[] got = cs.getCertificates();
243: // The set of certificates must be exactly the same,
244: // but the order is not specified
245: assertTrue(presented(certs, got));
246: assertTrue(presented(got, certs));
247: }
248:
249: /**
250: * Checks whether two arrays of certificates represent the same same set of
251: * certificates - in the same order.
252: * @param one first array
253: * @param two second array
254: * @return <code>true</code> if both arrays represent the same set of
255: * certificates,
256: * <code>false</code> otherwise.
257: */
258: private static boolean checkEqual(
259: java.security.cert.Certificate[] one,
260: java.security.cert.Certificate[] two) {
261:
262: if (one == null) {
263: return two == null;
264: }
265:
266: if (two == null) {
267: return false;
268: }
269:
270: if (one.length != two.length) {
271: return false;
272: }
273:
274: for (int i = 0; i < one.length; i++) {
275: if (one[i] == null) {
276: if (two[i] != null) {
277: return false;
278: }
279: } else {
280: if (!one[i].equals(two[i])) {
281: return false;
282: }
283: }
284: }
285: return true;
286: }
287:
288: /**
289: * Performs a test whether the <code>what</code> certificates are all
290: * presented in <code>where</code> certificates.
291: *
292: * @param what - first array of Certificates
293: * @param where - second array of Certificates
294: * @return <code>true</code> if each and every certificate from 'what'
295: * (including null) is presented in 'where' <code>false</code> otherwise
296: */
297: private static boolean presented(Certificate[] what,
298: Certificate[] where) {
299: boolean whereHasNull = false;
300: for (int i = 0; i < what.length; i++) {
301: if (what[i] == null) {
302: if (whereHasNull) {
303: continue;
304: }
305: for (int j = 0; j < where.length; j++) {
306: if (where[j] == null) {
307: whereHasNull = true;
308: break;
309: }
310: }
311: if (!whereHasNull) {
312: return false;
313: }
314: } else {
315: boolean found = false;
316: for (int j = 0; j < where.length; j++) {
317: if (what[i].equals(where[j])) {
318: found = true;
319: break;
320: }
321: }
322: if (!found) {
323: return false;
324: }
325: }
326:
327: }
328: return true;
329: }
330:
331: /**
332: * Tests CodeSource.getCodeSigners().
333: */
334: public void testGetCodeSigners_00() {
335: if (!has_15_features()) {
336: return;
337: }
338: CodeSigner[] signers = { new CodeSigner(TestCertUtils
339: .getCertPath(), null) };
340: CodeSource cs = new CodeSource(null, signers);
341: CodeSigner[] got = cs.getCodeSigners();
342: assertNotNull(got);
343: assertTrue(signers.length == got.length);
344: // not sure whether they must be in the same order
345: for (int i = 0; i < signers.length; i++) {
346: CodeSigner s = signers[i];
347: boolean found = false;
348: for (int j = 0; j < got.length; j++) {
349: if (got[j] == s) {
350: found = true;
351: break;
352: }
353: }
354: assertTrue(found);
355: }
356: }
357:
358: public void testGetCoderSignersNull() throws Exception {
359: assertNull(new CodeSource(
360: new URL("http://url"), (Certificate[]) null).getCodeSigners()); //$NON-NLS-1$
361: }
362:
363: /**
364: * Tests CodeSource.getLocation()
365: */
366: public void testGetLocation() {
367: assertTrue(new CodeSource(urlSite, (Certificate[]) null)
368: .getLocation() == urlSite);
369: assertTrue(new CodeSource(urlSite, chain).getLocation() == urlSite);
370: assertNull(new CodeSource(null, (Certificate[]) null)
371: .getLocation());
372: assertNull(new CodeSource(null, chain).getLocation());
373: }
374:
375: /**
376: * Tests CodeSource.toString()
377: */
378: public void testToString() {
379: // Javadoc keeps silence about String's format,
380: // just make sure it can be invoked.
381: new CodeSource(urlSite, chain).toString();
382: new CodeSource(null, chain).toString();
383: new CodeSource(null, (Certificate[]) null).toString();
384: }
385:
386: /**
387: * Tests whether we are running with the 1.5 features.<br>
388: * The test is preformed by looking for (via reflection) the CodeSource's
389: * constructor {@link CodeSource#CodeSource(URL, CodeSigner[])}.
390: * @return <code>true</code> if 1.5 feature is presented, <code>false</code>
391: * otherwise.
392: */
393: private static boolean has_15_features() {
394: Class klass = CodeSource.class;
395: Class[] ctorArgs = { URL.class, new CodeSigner[] {}.getClass() };
396: try {
397: klass.getConstructor(ctorArgs);
398: } catch (NoSuchMethodException ex) {
399: // NoSuchMethod == Not RI.v1.5 and not DRL
400: return false;
401: }
402: return true;
403: }
404:
405: /**
406: * must not imply null CodeSource
407: */
408: public void testImplies_00() {
409: CodeSource cs0 = new CodeSource(null, (Certificate[]) null);
410: assertFalse(cs0.implies(null));
411: }
412:
413: /**
414: * CodeSource with location=null && Certificate[] == null implies any other
415: * CodeSource
416: */
417: public void testImplies_01() throws Exception {
418: CodeSource thizCS = new CodeSource(urlSite,
419: (Certificate[]) null);
420: CodeSource thatCS = new CodeSource(null, (Certificate[]) null);
421: assertTrue(thatCS.implies(thizCS));
422: assertTrue(thatCS.implies(thatCS));
423:
424: assertFalse(thizCS.implies(thatCS));
425: }
426:
427: /**
428: * If this object's location equals codesource's location, then return true.
429: */
430: public void testImplies_02() throws Exception {
431: CodeSource thizCS = new CodeSource(urlSite,
432: (Certificate[]) null);
433: CodeSource thatCS = new CodeSource(thizCS.getLocation(),
434: (Certificate[]) null);
435: assertTrue(thizCS.implies(thatCS));
436: assertTrue(thatCS.implies(thizCS));
437:
438: }
439:
440: /**
441: * This object's protocol (getLocation().getProtocol()) must be equal to
442: * codesource's protocol.
443: */
444: /*
445: * FIXME
446: * commented out for temporary, as there is no FTP:// protocol supported yet.
447: * to be uncommented back.
448: public void testImplies_03() throws Exception {
449: CodeSource thizCS = new CodeSource(urlDir, (Certificate[]) null);
450: CodeSource thatCS = new CodeSource(urlDirFtp, (Certificate[]) null);
451: assertFalse(thizCS.implies(thatCS));
452: assertFalse(thatCS.implies(thizCS));
453: }
454: */
455:
456: public void testImplies_03_tmp() throws Exception {
457: CodeSource thizCS = new CodeSource(urlDir, (Certificate[]) null);
458: CodeSource thatCS = new CodeSource(urlDir_FileProtocol,
459: (Certificate[]) null);
460: assertFalse(thizCS.implies(thatCS));
461: assertFalse(thatCS.implies(thizCS));
462: }
463:
464: /**
465: * If this object's host (getLocation().getHost()) is not null, then the
466: * SocketPermission constructed with this object's host must imply the
467: * SocketPermission constructed with codesource's host.
468: */
469: public void testImplies_04() throws Exception {
470: CodeSource thizCS = new CodeSource(urlDir, (Certificate[]) null);
471: CodeSource thatCS = new CodeSource(urlDirIP,
472: (Certificate[]) null);
473:
474: assertTrue(thizCS.implies(thatCS));
475: assertTrue(thatCS.implies(thizCS));
476:
477: //
478: // Check for another site - force to create SocketPermission
479: //
480: thatCS = new CodeSource(urlDirOtherSite, (Certificate[]) null);
481: assertFalse(thizCS.implies(thatCS));
482:
483: //
484: // also check for getHost() == null
485: //
486: thizCS = new CodeSource(new URL("http", null, "file1"),
487: (Certificate[]) null);
488: thatCS = new CodeSource(new URL("http", "another.host.com",
489: "file1"), (Certificate[]) null);
490: // well, yes, this is accordint to the spec...
491: assertTrue(thizCS.implies(thatCS));
492: assertFalse(thatCS.implies(thizCS));
493: }
494:
495: /**
496: * If this object's port (getLocation().getPort()) is not equal to -1 (that
497: * is, if a port is specified), it must equal codesource's port.
498: */
499: public void testImplies_05() throws Exception {
500: CodeSource thizCS = new CodeSource(urlDir_port80,
501: (Certificate[]) null);
502: CodeSource thatCS = new CodeSource(urlDir, (Certificate[]) null);
503:
504: assertTrue(thizCS.implies(thatCS));
505: assertTrue(thatCS.implies(thizCS));
506:
507: thizCS = new CodeSource(urlDir, (Certificate[]) null);
508: thatCS = new CodeSource(urlDir_port81, (Certificate[]) null);
509: //assert*True* because thizCS has 'port=-1'
510: assertTrue(thizCS.implies(thatCS));
511:
512: thizCS = new CodeSource(urlDir_port81, (Certificate[]) null);
513: thatCS = new CodeSource(urlDir, (Certificate[]) null);
514: assertFalse(thizCS.implies(thatCS));
515: //
516: thizCS = new CodeSource(urlDir_port80, (Certificate[]) null);
517: thatCS = new CodeSource(urlDir_port81, (Certificate[]) null);
518: assertFalse(thizCS.implies(thatCS));
519: }
520:
521: /**
522: * If this object's file (getLocation().getFile()) doesn't equal
523: * codesource's file, then the following checks are made: ...
524: */
525: public void testImplies_06() throws Exception {
526: CodeSource thizCS = new CodeSource(urlFile,
527: (Certificate[]) null);
528: CodeSource thatCS = new CodeSource(urlFile,
529: (Certificate[]) null);
530: assertTrue(thizCS.implies(thatCS));
531: }
532:
533: /**
534: * ... If this object's file ends with "/-", then codesource's file must
535: * start with this object's file (exclusive the trailing "-").
536: */
537: public void testImplies_07() throws Exception {
538: CodeSource thiz = new CodeSource(urlFileDirMinus,
539: (Certificate[]) null);
540: CodeSource that = new CodeSource(urlFile, (Certificate[]) null);
541: assertTrue(thiz.implies(that));
542:
543: that = new CodeSource(urlFileWithAdditionalDirs,
544: (Certificate[]) null);
545: assertTrue(thiz.implies(that));
546:
547: that = new CodeSource(urlFileDirOtherDir, (Certificate[]) null);
548: assertFalse(thiz.implies(that));
549: }
550:
551: /**
552: * ... If this object's file ends with a "/*", then codesource's file must
553: * start with this object's file and must not have any further "/"
554: * separators.
555: */
556: public void testImplies_08() throws Exception {
557: CodeSource thiz = new CodeSource(urlFileDirStar,
558: (Certificate[]) null);
559: CodeSource that = new CodeSource(urlFile, (Certificate[]) null);
560: assertTrue(thiz.implies(that));
561: that = new CodeSource(urlFileWithAdditionalDirs,
562: (Certificate[]) null);
563: assertFalse(thiz.implies(that));
564: //
565: that = new CodeSource(urlFileDirOtherDir, (Certificate[]) null);
566: assertFalse(thiz.implies(that));
567: // must not have any further '/'
568: that = new CodeSource(new URL(urlFile.toString() + "/"),
569: (Certificate[]) null);
570: assertFalse(thiz.implies(that));
571: }
572:
573: /**
574: * ... If this object's file doesn't end with a "/", then codesource's file
575: * must match this object's file with a '/' appended.
576: */
577: public void testImplies_09() throws Exception {
578: CodeSource thizCS = new CodeSource(urlDir, (Certificate[]) null);
579: CodeSource thatCS = new CodeSource(urlDirWithSlash,
580: (Certificate[]) null);
581: assertTrue(thizCS.implies(thatCS));
582: assertFalse(thatCS.implies(thizCS));
583: }
584:
585: /**
586: * If this object's reference (getLocation().getRef()) is not null, it must
587: * equal codesource's reference.
588: */
589: public void testImplies_0A() throws Exception {
590: CodeSource thizCS = new CodeSource(urlRef1,
591: (Certificate[]) null);
592: CodeSource thatCS = new CodeSource(urlRef1,
593: (Certificate[]) null);
594: assertTrue(thizCS.implies(thatCS));
595:
596: thizCS = new CodeSource(urlRef1, (Certificate[]) null);
597: thatCS = new CodeSource(urlRef2, (Certificate[]) null);
598: assertFalse(thizCS.implies(thatCS));
599:
600: }
601:
602: /**
603: * If this certificates are not null, then all of this certificates should
604: * be presented in certificates of that codesource.
605: */
606: public void testImplies_0B() {
607:
608: Certificate c0 = new TestCertUtils.TestCertificate("00");
609: Certificate c1 = new TestCertUtils.TestCertificate("01");
610: Certificate c2 = new TestCertUtils.TestCertificate("02");
611: Certificate[] thizCerts = { c0, c1 };
612: Certificate[] thatCerts = { c1, c0, c2 };
613:
614: CodeSource thiz = new CodeSource(urlSite, thizCerts);
615: CodeSource that = new CodeSource(urlSite, thatCerts);
616: // two CodeSource-s with different set of certificates
617: assertTrue(thiz.implies(that));
618:
619: //
620: that = new CodeSource(urlSite, (Certificate[]) null);
621: // 'thiz' has set of certs, while 'that' has no certs. URL-s are the
622: // same.
623: assertFalse(thiz.implies(that));
624: assertTrue(that.implies(thiz));
625: }
626:
627: /**
628: * Testing with special URLs like 'localhost', 'file://' scheme ...
629: * These special URLs have a special processing in implies(),
630: * so they need to be covered and performance need to be checked
631: */
632: public void testImplies_0C() throws Exception {
633: URL url0 = new URL("http://localhost/someDir");
634: URL url1 = new URL("http://localhost/someOtherDir");
635:
636: CodeSource thizCS = new CodeSource(url0, (Certificate[]) null);
637: CodeSource thatCS = new CodeSource(url1, (Certificate[]) null);
638: assertFalse(thizCS.implies(thatCS));
639: assertFalse(thatCS.implies(thizCS));
640: }
641:
642: /**
643: * Testing with special URLs like 'localhost', 'file://' scheme ...
644: * These special URLs have a special processing in implies(),
645: * so they need to be covered and performance need to be checked
646: */
647: public void testImplies_0D() throws Exception {
648: URL url0 = new URL("file:///" + System.getProperty("user.home")
649: + File.separator + "someDir");
650: URL url1 = new URL("file:///" + System.getProperty("user.home")
651: + File.separator + "someOtherDir");
652: CodeSource thizCS = new CodeSource(url0, (Certificate[]) null);
653: CodeSource thatCS = new CodeSource(url1, (Certificate[]) null);
654: assertFalse(thizCS.implies(thatCS));
655: assertFalse(thatCS.implies(thizCS));
656: }
657: }
|