x509storetest.java

kmlnjlkj nlkjlkjkljl okopokipoipo oipipipo i

package org.bouncycastle.jce.provider.test;

import org.bouncycastle.jce.PrincipalUtil;
import org.bouncycastle.jce.X509Principal;
import org.bouncycastle.jce.provider.BouncyCastleProvider;
import org.bouncycastle.util.test.SimpleTest;
import org.bouncycastle.x509.X509AttributeCertStoreSelector;
import org.bouncycastle.x509.X509AttributeCertificate;
import org.bouncycastle.x509.X509CRLStoreSelector;
import org.bouncycastle.x509.X509CertPairStoreSelector;
import org.bouncycastle.x509.X509CertStoreSelector;
import org.bouncycastle.x509.X509CertificatePair;
import org.bouncycastle.x509.X509CollectionStoreParameters;
import org.bouncycastle.x509.X509Store;
import org.bouncycastle.x509.X509V2AttributeCertificate;

import java.io.ByteArrayInputStream;
import java.math.BigInteger;
import java.security.Security;
import java.security.cert.CertificateFactory;
import java.security.cert.X509CRL;
import java.security.cert.X509Certificate;
import java.util.ArrayList;
import java.util.Collection;
import java.util.Collections;
import java.util.Date;
import java.util.List;

public class X509StoreTest
    extends SimpleTest
{
    private void certPairTest()
        throws Exception
    {
        CertificateFactory cf = CertificateFactory.getInstance("X.509",
                "BC");

        X509Certificate rootCert = (X509Certificate)cf
                .generateCertificate(new ByteArrayInputStream(
                        CertPathTest.rootCertBin));
        X509Certificate interCert = (X509Certificate)cf
                .generateCertificate(new ByteArrayInputStream(
                        CertPathTest.interCertBin));
        X509Certificate finalCert = (X509Certificate)cf
                .generateCertificate(new ByteArrayInputStream(
                        CertPathTest.finalCertBin));

        // Testing CollectionCertStore generation from List
        X509CertificatePair pair1 = new X509CertificatePair(rootCert, interCert);
        List certList = new ArrayList();

        certList.add(pair1);
        certList.add(new X509CertificatePair(interCert, finalCert));

        X509CollectionStoreParameters ccsp = new X509CollectionStoreParameters(certList);

        X509Store certStore = X509Store.getInstance("CertificatePair/Collection", ccsp, "BC");
        X509CertPairStoreSelector selector = new X509CertPairStoreSelector();
        X509CertStoreSelector fwSelector = new X509CertStoreSelector();

        fwSelector.setSerialNumber(rootCert.getSerialNumber());
        fwSelector.setSubject(rootCert.getIssuerDN().getName());
        
        selector.setForwardSelector(fwSelector);

        Collection col = certStore.getMatches(selector);

        if (col.size() != 1 || !col.contains(pair1))
        {
            fail("failed pair1 test");
        }

        col = certStore.getMatches(null);

        if (col.size() != 2)
        {
            fail("failed null test");
        }
    }

    public void performTest()
        throws Exception
    {
        CertificateFactory cf = CertificateFactory.getInstance("X.509",
                "BC");

        X509Certificate rootCert = (X509Certificate)cf
                .generateCertificate(new ByteArrayInputStream(
                        CertPathTest.rootCertBin));
        X509Certificate interCert = (X509Certificate)cf
                .generateCertificate(new ByteArrayInputStream(
                        CertPathTest.interCertBin));
        X509Certificate finalCert = (X509Certificate)cf
                .generateCertificate(new ByteArrayInputStream(
                        CertPathTest.finalCertBin));
        X509CRL rootCrl = (X509CRL)cf.generateCRL(new ByteArrayInputStream(
                CertPathTest.rootCrlBin));
        X509CRL interCrl = (X509CRL)cf
                .generateCRL(new ByteArrayInputStream(
                        CertPathTest.interCrlBin));

        // Testing CollectionCertStore generation from List
        List certList = new ArrayList();
        certList.add(rootCert);
        certList.add(interCert);
        certList.add(finalCert);
        X509CollectionStoreParameters ccsp = new X509CollectionStoreParameters(certList);
        X509Store certStore = X509Store.getInstance("Certificate/Collection", ccsp, "BC");
        // set default to be the same as for SUN X500 name
        X509Principal.DefaultReverse = true;

        // Searching for rootCert by subjectDN
    
        X509CertStoreSelector targetConstraints = new X509CertStoreSelector();
        targetConstraints.setSubject(PrincipalUtil.getSubjectX509Principal(rootCert).getEncoded());
        Collection certs = certStore.getMatches(targetConstraints);
        if (certs.size() != 1 || !certs.contains(rootCert))
        {
            fail("rootCert not found by subjectDN");
        }

        // Searching for rootCert by subjectDN encoded as byte
        targetConstraints = new X509CertStoreSelector();
        targetConstraints.setSubject(PrincipalUtil.getSubjectX509Principal(rootCert).getEncoded());
        certs = certStore.getMatches(targetConstraints);
        if (certs.size() != 1 || !certs.contains(rootCert))
        {
            fail("rootCert not found by encoded subjectDN");
        }

        X509Principal.DefaultReverse = false;

        // Searching for rootCert by public key encoded as byte
        targetConstraints = new X509CertStoreSelector();
        targetConstraints.setSubjectPublicKey(rootCert.getPublicKey().getEncoded());
        certs = certStore.getMatches(targetConstraints);
        if (certs.size() != 1 || !certs.contains(rootCert))
        {
            fail("rootCert not found by encoded public key");
        }

        // Searching for interCert by issuerDN
        targetConstraints = new X509CertStoreSelector();
        targetConstraints.setIssuer(PrincipalUtil.getSubjectX509Principal(rootCert).getEncoded());
        certs = certStore.getMatches(targetConstraints);
        if (certs.size() != 2)
        {
            fail("did not found 2 certs");
        }
        if (!certs.contains(rootCert))
        {
            fail("rootCert not found");
        }
        if (!certs.contains(interCert))
        {
            fail("interCert not found");
        }

        // Searching for rootCrl by issuerDN
        List crlList = new ArrayList();
        crlList.add(rootCrl);
        crlList.add(interCrl);
        ccsp = new X509CollectionStoreParameters(crlList);
        X509Store store = X509Store.getInstance("CRL/Collection", ccsp, "BC");
        X509CRLStoreSelector targetConstraintsCRL = new X509CRLStoreSelector();
        targetConstraintsCRL.setIssuers(Collections.singleton(rootCrl.getIssuerX500Principal()));
        Collection crls = store.getMatches(targetConstraintsCRL);
        if (crls.size() != 1 || !crls.contains(rootCrl))
        {
            fail("rootCrl not found");
        }

        crls = certStore.getMatches(targetConstraintsCRL);
        if (crls.size() != 0)
        {
            fail("error using wrong selector (CRL)");
        }
        certs = store.getMatches(targetConstraints);
        if (certs.size() != 0)
        {
            fail("error using wrong selector (certs)");
        }
        // Searching for attribute certificates
        X509V2AttributeCertificate attrCert = new X509V2AttributeCertificate(AttrCertTest.attrCert);
        X509AttributeCertificate attrCert2 = new X509V2AttributeCertificate(AttrCertTest.certWithBaseCertificateID);

        List attrList = new ArrayList();
        attrList.add(attrCert);
        attrList.add(attrCert2);
        ccsp = new X509CollectionStoreParameters(attrList);
        store = X509Store.getInstance("AttributeCertificate/Collection", ccsp, "BC");
        X509AttributeCertStoreSelector attrSelector = new X509AttributeCertStoreSelector();
        attrSelector.setHolder(attrCert.getHolder());
        if (!attrSelector.getHolder().equals(attrCert.getHolder()))
        {
            fail("holder get not correct");
        }
        Collection attrs = store.getMatches(attrSelector);
        if (attrs.size() != 1 || !attrs.contains(attrCert))
        {
            fail("attrCert not found on holder");
        }
        attrSelector.setHolder(attrCert2.getHolder());
        if (attrSelector.getHolder().equals(attrCert.getHolder()))
        {
            fail("holder get not correct");
        }
        attrs = store.getMatches(attrSelector);
        if (attrs.size() != 1 || !attrs.contains(attrCert2))
        {
            fail("attrCert2 not found on holder");
        }
        attrSelector = new X509AttributeCertStoreSelector();
        attrSelector.setIssuer(attrCert.getIssuer());
        if (!attrSelector.getIssuer().equals(attrCert.getIssuer()))
        {
            fail("issuer get not correct");
        }
        attrs = store.getMatches(attrSelector);
        if (attrs.size() != 1 || !attrs.contains(attrCert))
        {
            fail("attrCert not found on issuer");
        }
        attrSelector.setIssuer(attrCert2.getIssuer());
        if (attrSelector.getIssuer().equals(attrCert.getIssuer()))
        {
            fail("issuer get not correct");
        }
        attrs = store.getMatches(attrSelector);
        if (attrs.size() != 1 || !attrs.contains(attrCert2))
        {
            fail("attrCert2 not found on issuer");
        }
        attrSelector = new X509AttributeCertStoreSelector();
        attrSelector.setAttributeCert(attrCert);
        if (!attrSelector.getAttributeCert().equals(attrCert))
        {
            fail("attrCert get not correct");
        }
        attrs = store.getMatches(attrSelector);
        if (attrs.size() != 1 || !attrs.contains(attrCert))
        {
            fail("attrCert not found on attrCert");
        }
        attrSelector = new X509AttributeCertStoreSelector();
        attrSelector.setSerialNumber(attrCert.getSerialNumber());
        if (!attrSelector.getSerialNumber().equals(attrCert.getSerialNumber()))
        {
            fail("serial number get not correct");
        }
        attrs = store.getMatches(attrSelector);
        if (attrs.size() != 1 || !attrs.contains(attrCert))
        {
            fail("attrCert not found on serial number");
        }
        attrSelector = (X509AttributeCertStoreSelector)attrSelector.clone();
        if (!attrSelector.getSerialNumber().equals(attrCert.getSerialNumber()))
        {
            fail("serial number get not correct");
        }
        attrs = store.getMatches(attrSelector);
        if (attrs.size() != 1 || !attrs.contains(attrCert))
        {
            fail("attrCert not found on serial number");
        }

        attrSelector = new X509AttributeCertStoreSelector();
        attrSelector.setAttributeCertificateValid(attrCert.getNotBefore());
        if (!attrSelector.getAttributeCertificateValid().equals(attrCert.getNotBefore()))
        {
            fail("valid get not correct");
        }
        attrs = store.getMatches(attrSelector);
        if (attrs.size() != 1 || !attrs.contains(attrCert))
        {
            fail("attrCert not found on valid");
        }
        attrSelector = new X509AttributeCertStoreSelector();
        attrSelector.setAttributeCertificateValid(new Date(attrCert.getNotBefore().getTime() - 100));
        attrs = store.getMatches(attrSelector);
        if (attrs.size() != 0)
        {
            fail("attrCert found on before");
        }
        attrSelector.setAttributeCertificateValid(new Date(attrCert.getNotAfter().getTime() + 100));
        attrs = store.getMatches(attrSelector);
        if (attrs.size() != 0)
        {
            fail("attrCert found on after");
        }
        attrSelector.setSerialNumber(BigInteger.valueOf(10000));
        attrs = store.getMatches(attrSelector);
        if (attrs.size() != 0)
        {
            fail("attrCert found on wrong serial number");
        }

        attrSelector.setAttributeCert(null);
        attrSelector.setAttributeCertificateValid(null);
        attrSelector.setHolder(null);
        attrSelector.setIssuer(null);
        attrSelector.setSerialNumber(null);
        if (attrSelector.getAttributeCert() != null)
        {
            fail("null attrCert");
        }
        if (attrSelector.getAttributeCertificateValid() != null)
        {
            fail("null attrCertValid");
        }
        if (attrSelector.getHolder() != null)
        {
            fail("null attrCert holder");
        }
        if (attrSelector.getIssuer() != null)
        {
            fail("null attrCert issuer");
        }
        if (attrSelector.getSerialNumber() != null)
        {
            fail("null attrCert serial");
        }

        attrs = certStore.getMatches(attrSelector);
        if (attrs.size() != 0)
        {
            fail("error using wrong selector (attrs)");
        }

        certPairTest();
    }

    public String getName()
    {
        return "X509Store";
    }

    public static void main(String[] args)
    {
        Security.addProvider(new BouncyCastleProvider());

        runTest(new X509StoreTest());
    }

}