001: /*
002: * Licensed to the Apache Software Foundation (ASF) under one or more
003: * contributor license agreements. See the NOTICE file distributed with
004: * this work for additional information regarding copyright ownership.
005: * The ASF licenses this file to You under the Apache License, Version 2.0
006: * (the "License"); you may not use this file except in compliance with
007: * the License. You may obtain a copy of the License at
008: *
009: * http://www.apache.org/licenses/LICENSE-2.0
010: *
011: * Unless required by applicable law or agreed to in writing, software
012: * distributed under the License is distributed on an "AS IS" BASIS,
013: * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
014: * See the License for the specific language governing permissions and
015: * limitations under the License.
016: */
017:
018: /**
019: * @author Vera Y. Petrashkova
020: * @version $Revision$
021: */package org.apache.harmony.security.tests.java.security;
022:
023: import java.io.File;
024: import java.io.FileOutputStream;
025: import java.io.IOException;
026: import java.security.InvalidKeyException;
027: import java.security.KeyStore;
028: import java.security.KeyStoreException;
029: import java.security.NoSuchAlgorithmException;
030: import java.security.NoSuchProviderException;
031: import java.security.PrivateKey;
032: import java.security.Provider;
033: import java.security.PublicKey;
034: import java.security.SignatureException;
035: import java.security.cert.Certificate;
036: import java.security.cert.CertificateEncodingException;
037: import java.security.cert.CertificateException;
038: import java.security.spec.InvalidKeySpecException;
039: import java.util.Enumeration;
040:
041: import junit.framework.TestCase;
042:
043: import org.apache.harmony.security.tests.support.KeyStoreTestSupport;
044: import org.apache.harmony.security.tests.support.SpiEngUtils;
045: import org.apache.harmony.security.tests.support.TestKeyPair;
046: import org.apache.harmony.security.tests.support.tmpCallbackHandler;
047:
048: /**
049: * Tests for <code>KeyStore.Builder</code> class
050: */
051: public class KSBuilder_ImplTest extends TestCase {
052:
053: private static char[] pass = { 's', 't', 'o', 'r', 'e', 'p', 'w',
054: 'd' };
055:
056: private KeyStore.PasswordProtection protPass = new KeyStore.PasswordProtection(
057: pass);
058: private tmpCallbackHandler tmpCall = new tmpCallbackHandler();
059: private KeyStore.CallbackHandlerProtection callbackHand = new KeyStore.CallbackHandlerProtection(
060: tmpCall);
061: private myProtectionParameter myProtParam = new myProtectionParameter(
062: new byte[5]);
063: public static String[] validValues = KeyStoreTestSupport.validValues;
064:
065: private static String defaultType = KeyStoreTestSupport.defaultType;
066:
067: private static boolean JKSSupported = false;
068:
069: private static Provider defaultProvider = null;
070:
071: static {
072: defaultProvider = SpiEngUtils.isSupport(
073: KeyStoreTestSupport.defaultType,
074: KeyStoreTestSupport.srvKeyStore);
075: JKSSupported = (defaultProvider != null);
076: }
077:
078: // Creates empty KeyStore and loads it to file
079: private File createKS() throws Exception {
080: FileOutputStream fos = null;
081: File ff = File.createTempFile("KSBuilder_ImplTest", "keystore");
082: ff.deleteOnExit();
083: try {
084:
085: KeyStore ks = KeyStore.getInstance(KeyStore
086: .getDefaultType());
087: fos = new FileOutputStream(ff);
088: ks.load(null, null);
089: ks.store(fos, pass);
090: } finally {
091: if (fos != null) {
092: try {
093: fos.close();
094: } catch (IOException e) {
095: }
096: }
097: }
098: return ff;
099: }
100:
101: /*
102: * Test for method:
103: * <code>newInstance(KeyStore keyStore, ProtectionParameter protectionParameter)</code>
104: * <code>getKeyStore()</code>
105: * <code>getProtectionParameter(String alias)</code>
106: * Assertions:
107: * throws NullPointerException if keyStore or protectionParameter is null
108: * throws IllegalArgumentException if keyStore was not initialized
109: * returns new object.
110: *
111: * getKeyStore() returns specified keystore;
112: * getProtectionParameter(String alias)
113: * throws NullPointerException when alias is null;
114: * throws KeyStoreException when alias is not available;
115: * returns ProtectionParameter which is used in newInstance(...)
116: *
117: */
118: public void testNewInstanceKeyStoreProtectionParameter()
119: throws KeyStoreException, NoSuchAlgorithmException,
120: IOException, CertificateException, InvalidKeyException,
121: InvalidKeySpecException {
122: // exceptions verification
123: try {
124: KeyStore.Builder.newInstance(null, protPass);
125: fail("NullPointerException must be thrown when KeyStore is null");
126: } catch (NullPointerException e) {
127: }
128: if (!JKSSupported) {
129: fail(defaultType + " type is not supported");
130: return;
131: }
132: KeyStore.Builder ksB;
133: KeyStore ks = KeyStore.getInstance(defaultType);
134: try {
135: KeyStore.Builder.newInstance(ks, null);
136: fail("NullPointerException must be thrown when ProtectionParameter is null");
137: } catch (NullPointerException e) {
138: }
139:
140: KeyStore.PasswordProtection protPass1 = new KeyStore.PasswordProtection(
141: pass);
142: KeyStore.ProtectionParameter[] pp = { protPass, protPass1,
143: callbackHand, myProtParam };
144: TestKeyPair tkp = new TestKeyPair("DSA");
145: Certificate certs[] = {
146: new MCertificate("DSA", tkp.getPrivate().getEncoded()),
147: new MCertificate("DSA", tkp.getPrivate().getEncoded()) };
148: PrivateKey privKey = tkp.getPrivate();
149:
150: KeyStore.PrivateKeyEntry pKey = new KeyStore.PrivateKeyEntry(
151: privKey, certs);
152: for (int i = 0; i < pp.length; i++) {
153: ks = KeyStore.getInstance(defaultType);
154: try {
155: KeyStore.Builder.newInstance(ks, pp[i]);
156: fail("IllegalArgumentException must be thrown because KeyStore was not initialized");
157: } catch (IllegalArgumentException e) {
158: }
159: ks.load(null, pass);
160: ksB = KeyStore.Builder.newInstance(ks, pp[i]);
161:
162: assertEquals("Incorrect KeyStore",
163: ksB.getKeyStore().size(), 0);
164:
165: ks.setEntry("aaa", pKey, pp[0]);
166: ksB = KeyStore.Builder.newInstance(ks, pp[i]);
167:
168: // verification getKeyStore() and getProtectionParameter(String
169: // alias)
170: assertEquals("Incorrect KeyStore", ks, ksB.getKeyStore());
171:
172: try {
173: ksB.getProtectionParameter(null);
174: fail("NullPointerException must be thrown");
175: } catch (NullPointerException e) {
176: }
177: try {
178: assertEquals(ksB.getProtectionParameter("aaa"), pp[i]);
179: } catch (KeyStoreException e) {
180: fail("Unexpected: " + e.toString() + " was thrown");
181: }
182:
183: try {
184: assertEquals(ksB.getProtectionParameter("Bad alias"),
185: pp[i]);
186: } catch (KeyStoreException e) {
187: // KeyStoreException might be thrown because there is no entry with such alias
188: }
189:
190: try {
191: assertEquals(ksB.getProtectionParameter(""), pp[i]);
192: } catch (KeyStoreException e) {
193: // KeyStoreException might be thrown because there is no entry with such alias
194: }
195:
196: KeyStore.ProtectionParameter pPar = ksB
197: .getProtectionParameter("aaa");
198:
199: switch (i) {
200: case 0:
201: assertTrue(pPar instanceof KeyStore.PasswordProtection);
202: break;
203: case 1:
204: assertTrue(pPar instanceof KeyStore.PasswordProtection);
205: break;
206: case 2:
207: assertTrue(pPar instanceof KeyStore.CallbackHandlerProtection);
208: break;
209: case 3:
210: assertTrue(pPar instanceof myProtectionParameter);
211: break;
212: default:
213: fail("Incorrect protection parameter");
214: }
215: assertEquals(pPar, pp[i]);
216: }
217: }
218:
219: /*
220: * Test for methods:
221: * <code>newInstance(String type, Provider provider, File file,
222: * ProtectionParameter protectionParameter)</code>
223: * <code>getKeyStore()</code>
224: * <code>getProtectionParameter(String alias)</code>
225: * Assertions:
226: * throws NullPointerException if type, file or protectionParameter is null;
227: * throws IllegalArgumentException if file does not exist or is not file;
228: * throws IllegalArgumentException if ProtectionParameter is not
229: * PasswordProtection or CallbackHandlerProtection;
230: * returns new object
231: *
232: * getKeyStore() returns specified keystore;
233: * getProtectionParameter(String alias)
234: * throws NullPointerException when alias is null;
235: * throws KeyStoreException when alias is not available;
236: * returns ProtectionParameter which is used in newInstance(...)
237: *
238: */
239: public void testNewInstanceStringProviderFileProtectionParameter()
240: throws Exception {
241: if (!JKSSupported) {
242: fail(defaultType + " type is not supported");
243: return;
244: }
245: File fl = File.createTempFile("KSBuilder_ImplTest", "keystore");
246: fl.deleteOnExit();
247: KeyStore.Builder ksB;
248: KeyStore.Builder ksB1;
249: KeyStore ks = null;
250: KeyStore ks1 = null;
251:
252: myProtectionParameter myPP = new myProtectionParameter(
253: new byte[5]);
254: // check exceptions
255: try {
256:
257: KeyStore.Builder.newInstance(null, defaultProvider, fl,
258: protPass);
259: fail("NullPointerException must be thrown when type is null");
260: } catch (NullPointerException e) {
261: }
262: try {
263: KeyStore.Builder.newInstance(defaultType, defaultProvider,
264: null, protPass);
265: fail("NullPointerException must be thrown when file is null");
266: } catch (NullPointerException e) {
267: }
268: try {
269: KeyStore.Builder.newInstance(defaultType, defaultProvider,
270: fl, null);
271: fail("NullPointerException must be thrown when ProtectionParameter is null");
272: } catch (NullPointerException e) {
273: }
274: try {
275: KeyStore.Builder.newInstance(defaultType, defaultProvider,
276: fl, myPP);
277: fail("IllegalArgumentException must be thrown when ProtectionParameter is not correct");
278: } catch (IllegalArgumentException e) {
279: }
280: try {
281: KeyStore.Builder.newInstance(defaultType, defaultProvider,
282: new File(fl.getAbsolutePath().concat(
283: "should_absent")), protPass);
284: fail("IllegalArgumentException must be thrown when file does not exist");
285: } catch (IllegalArgumentException e) {
286: }
287: try {
288: // 'file' param points to directory
289: KeyStore.Builder.newInstance(defaultType, defaultProvider,
290: fl.getParentFile(), protPass);
291: fail("IllegalArgumentException must be thrown when file does not exist");
292: } catch (IllegalArgumentException e) {
293: }
294: ksB = KeyStore.Builder.newInstance(defaultType,
295: defaultProvider, fl, protPass);
296: try {
297: ksB.getKeyStore();
298: fail("KeyStoreException must be throw because file is empty");
299: } catch (KeyStoreException e) {
300: }
301:
302: fl = createKS();
303: KeyStore.ProtectionParameter[] pp = { myPP, protPass,
304: callbackHand };
305: for (int i = 0; i < pp.length; i++) {
306: if (i == 0) {
307: try {
308: KeyStore.Builder.newInstance(defaultType, null, fl,
309: pp[i]);
310: fail("IllegalArgumentException must be thrown for incorrect ProtectionParameter");
311: } catch (IllegalArgumentException e) {
312: }
313: try {
314: KeyStore.Builder.newInstance(defaultType,
315: defaultProvider, fl, pp[i]);
316: fail("IllegalArgumentException must be thrown for incorrect ProtectionParameter");
317: } catch (IllegalArgumentException e) {
318: }
319: continue;
320: }
321: ksB = KeyStore.Builder.newInstance(defaultType, null, fl,
322: pp[i]);
323: ksB1 = KeyStore.Builder.newInstance(defaultType,
324: defaultProvider, fl, pp[i]);
325: try {
326: ks = ksB.getKeyStore();
327: if (i == 2) {
328: fail("KeyStoreException must be thrown for incorrect ProtectionParameter");
329: } else {
330: assertEquals("Incorrect KeyStore size", ks.size(),
331: 0);
332: }
333: } catch (KeyStoreException e) {
334: if (i == 2) {
335: continue;
336: }
337: fail("Unexpected KeyException was thrown");
338: }
339: try {
340: ks1 = ksB1.getKeyStore();
341: if (i == 2) {
342: fail("KeyStoreException must be thrown for incorrect ProtectionParameter");
343: }
344: } catch (KeyStoreException e) {
345: if (i == 2) {
346: continue;
347: }
348: fail("Unexpected KeyException was thrown");
349: }
350: assertEquals("Incorrect KeyStore size", ks.size(), ks1
351: .size());
352: Enumeration iter = ks.aliases();
353: String aName;
354:
355: while (iter.hasMoreElements()) {
356: aName = (String) iter.nextElement();
357: assertEquals("Incorrect ProtectionParameter", ksB
358: .getProtectionParameter(aName), pp[i]);
359: }
360:
361: try {
362: assertEquals(ksB.getProtectionParameter("Bad alias"),
363: pp[i]);
364: } catch (KeyStoreException e) {
365: // KeyStoreException might be thrown because there is no entry with such alias
366: }
367:
368: iter = ks1.aliases();
369: while (iter.hasMoreElements()) {
370: aName = (String) iter.nextElement();
371: assertEquals("Incorrect ProtectionParameter", ksB1
372: .getProtectionParameter(aName), pp[i]);
373: }
374:
375: try {
376: assertEquals(ksB1.getProtectionParameter("Bad alias"),
377: pp[i]);
378: } catch (KeyStoreException e) {
379: // KeyStoreException might be thrown because there is no entry with such alias
380: }
381: }
382: }
383:
384: /*
385: * Test for method:
386: * <code>newInstance(String type, Provider provider,
387: * ProtectionParameter protectionParameter)</code>
388: * <code>getKeyStore()</code>
389: * <code>getProtectionParameter(String alias)</code>
390: * Assertions:
391: * throws NullPointerException if type, or protectionParameter is null;
392: * returns new object
393: *
394: * getKeyStore() returns empty keystore
395: * getProtectionParameter(String alias)
396: * throws NullPointerException when alias is null;
397: * throws KeyStoreException when alias is not available
398: *
399: */
400: public void testNewInstanceStringProviderProtectionParameter()
401: throws KeyStoreException {
402: if (!JKSSupported) {
403: fail(defaultType + " type is not supported");
404: return;
405: }
406: try {
407: KeyStore.Builder.newInstance(null, defaultProvider,
408: protPass);
409: fail("NullPointerException must be thrown when type is null");
410: } catch (NullPointerException e) {
411: }
412: try {
413: KeyStore.Builder.newInstance(defaultType, defaultProvider,
414: null);
415: fail("NullPointerException must be thrown when ProtectionParameter is null");
416: } catch (NullPointerException e) {
417: }
418: myProtectionParameter myPP = new myProtectionParameter(
419: new byte[5]);
420: KeyStore.ProtectionParameter[] pp = { protPass, myPP,
421: callbackHand };
422: KeyStore.Builder ksB, ksB1;
423: KeyStore ks = null;
424: for (int i = 0; i < pp.length; i++) {
425: ksB = KeyStore.Builder.newInstance(defaultType,
426: defaultProvider, pp[i]);
427: ksB1 = KeyStore.Builder.newInstance(defaultType, null,
428: pp[i]);
429: switch (i) {
430: case 0:
431: try {
432: ks = ksB.getKeyStore();
433: assertNotNull("KeyStore is null", ks);
434: try {
435: assertEquals(ksB
436: .getProtectionParameter("Bad alias"),
437: pp[i]);
438: } catch (KeyStoreException e) {
439: // KeyStoreException might be thrown because there is no entry with such alias
440: }
441:
442: ks = ksB1.getKeyStore();
443: assertNotNull("KeyStore is null", ks);
444:
445: try {
446: assertEquals(ksB1
447: .getProtectionParameter("Bad alias"),
448: pp[i]);
449: } catch (KeyStoreException e) {
450: // KeyStoreException might be thrown because there is no entry with such alias
451: }
452: } catch (KeyStoreException e) {
453: try {
454: ks = ksB.getKeyStore();
455: } catch (KeyStoreException e1) {
456: assertEquals("Incorrect exception", e
457: .getMessage(), e1.getMessage());
458: }
459: }
460: break;
461: case 1:
462: case 2:
463: Exception ex1 = null;
464: Exception ex2 = null;
465: try {
466: ks = ksB.getKeyStore();
467: } catch (KeyStoreException e) {
468: ex1 = e;
469: }
470: try {
471: ks = ksB.getKeyStore();
472: } catch (KeyStoreException e) {
473: ex2 = e;
474: }
475: assertEquals("Incorrect exception", ex1.getMessage(),
476: ex2.getMessage());
477:
478: try {
479: ksB.getProtectionParameter("aaa");
480: fail("IllegalStateException must be thrown because getKeyStore() was not invoked");
481: } catch (IllegalStateException e) {
482: }
483:
484: try {
485: ks = ksB1.getKeyStore();
486: } catch (KeyStoreException e) {
487: ex1 = e;
488: }
489: try {
490: ks = ksB1.getKeyStore();
491: } catch (KeyStoreException e) {
492: ex2 = e;
493: }
494: assertEquals("Incorrect exception", ex1.getMessage(),
495: ex2.getMessage());
496:
497: try {
498: ksB1.getProtectionParameter("aaa");
499: fail("IllegalStateException must be thrown because getKeyStore() was not invoked");
500: } catch (IllegalStateException e) {
501: }
502: break;
503:
504: }
505: }
506: }
507:
508: /**
509: * Additional class for creation Certificate object
510: */
511: public class MCertificate extends Certificate {
512: private final byte[] encoding;
513:
514: private final String type;
515:
516: public MCertificate(String type, byte[] encoding) {
517: super (type);
518: this .encoding = encoding;
519: this .type = type;
520: }
521:
522: public byte[] getEncoded() throws CertificateEncodingException {
523: return encoding.clone();
524: }
525:
526: public void verify(PublicKey key) throws CertificateException,
527: NoSuchAlgorithmException, InvalidKeyException,
528: NoSuchProviderException, SignatureException {
529: }
530:
531: public void verify(PublicKey key, String sigProvider)
532: throws CertificateException, NoSuchAlgorithmException,
533: InvalidKeyException, NoSuchProviderException,
534: SignatureException {
535: }
536:
537: public String toString() {
538: return "[MCertificate, type: " + getType() + "]";
539: }
540:
541: public PublicKey getPublicKey() {
542: return new PublicKey() {
543: public String getAlgorithm() {
544: return type;
545: }
546:
547: public byte[] getEncoded() {
548: return encoding;
549: }
550:
551: public String getFormat() {
552: return "test";
553: }
554: };
555: }
556: }
557: }
558:
559: /**
560: * Additional class for creating KeyStoreBuilder
561: */
562: class myProtectionParameter implements KeyStore.ProtectionParameter {
563: public myProtectionParameter(byte[] param) {
564: if (param == null) {
565: throw new NullPointerException("param is null");
566: }
567: }
568: }
|