1. Project Clover database Tue Dec 20 2016 21:24:09 CET
  2. Package org.xwiki.crypto.pkix.internal

File BcX509CertificateFactoryTest.java

 

Code metrics

2
59
7
1
191
143
8
0.14
8.43
7
1.14

Classes

Class Line # Actions
BcX509CertificateFactoryTest 55 59 0% 8 0
1.0100%
 

Contributing tests

This file is covered by 5 tests. .

Source view

1    /*
2    * See the NOTICE file distributed with this work for additional
3    * information regarding copyright ownership.
4    *
5    * This is free software; you can redistribute it and/or modify it
6    * under the terms of the GNU Lesser General Public License as
7    * published by the Free Software Foundation; either version 2.1 of
8    * the License, or (at your option) any later version.
9    *
10    * This software is distributed in the hope that it will be useful,
11    * but WITHOUT ANY WARRANTY; without even the implied warranty of
12    * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the GNU
13    * Lesser General Public License for more details.
14    *
15    * You should have received a copy of the GNU Lesser General Public
16    * License along with this software; if not, write to the Free
17    * Software Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA
18    * 02110-1301 USA, or see the FSF site: http://www.fsf.org.
19    */
20    package org.xwiki.crypto.pkix.internal;
21   
22    import java.util.EnumSet;
23   
24    import org.junit.Before;
25    import org.junit.Rule;
26    import org.junit.Test;
27    import org.xwiki.crypto.AbstractPKIXTest;
28    import org.xwiki.crypto.BinaryStringEncoder;
29    import org.xwiki.crypto.internal.asymmetric.keyfactory.BcDSAKeyFactory;
30    import org.xwiki.crypto.internal.asymmetric.keyfactory.BcRSAKeyFactory;
31    import org.xwiki.crypto.internal.digest.factory.BcSHA1DigestFactory;
32    import org.xwiki.crypto.internal.encoder.Base64BinaryStringEncoder;
33    import org.xwiki.crypto.pkix.CertificateFactory;
34    import org.xwiki.crypto.pkix.params.CertifiedPublicKey;
35    import org.xwiki.crypto.pkix.params.x509certificate.X509CertifiedPublicKey;
36    import org.xwiki.crypto.pkix.params.x509certificate.extension.ExtendedKeyUsages;
37    import org.xwiki.crypto.pkix.params.x509certificate.extension.KeyUsage;
38    import org.xwiki.crypto.pkix.params.x509certificate.extension.X509Extensions;
39    import org.xwiki.crypto.signer.internal.factory.BcDSAwithSHA1SignerFactory;
40    import org.xwiki.crypto.signer.internal.factory.BcSHA1withRsaSignerFactory;
41    import org.xwiki.crypto.signer.internal.factory.DefaultSignerFactory;
42    import org.xwiki.test.annotation.ComponentList;
43    import org.xwiki.test.mockito.MockitoComponentMockingRule;
44   
45    import static org.hamcrest.Matchers.notNullValue;
46    import static org.hamcrest.core.IsEqual.equalTo;
47    import static org.hamcrest.core.IsInstanceOf.instanceOf;
48    import static org.junit.Assert.assertFalse;
49    import static org.junit.Assert.assertThat;
50    import static org.junit.Assert.assertTrue;
51   
52    @ComponentList({Base64BinaryStringEncoder.class, BcRSAKeyFactory.class, BcDSAKeyFactory.class,
53    BcSHA1DigestFactory.class, BcSHA1withRsaSignerFactory.class,
54    DefaultSignerFactory.class, BcDSAwithSHA1SignerFactory.class})
 
55    public class BcX509CertificateFactoryTest extends AbstractPKIXTest
56    {
57    @Rule
58    public final MockitoComponentMockingRule<CertificateFactory> mocker =
59    new MockitoComponentMockingRule<CertificateFactory>(BcX509CertificateFactory.class);
60   
61    private CertificateFactory factory;
62    private static byte[] v1CaCert;
63    private static byte[] v1Cert;
64    private static byte[] v3CaCert;
65    private static byte[] v3InterCaCert;
66    private static byte[] v3Cert;
67   
 
68  5 toggle public void setupTest(MockitoComponentMockingRule<CertificateFactory> mocker) throws Exception
69    {
70    // Decode keys once for all tests.
71  5 if (v1CaCert == null) {
72  1 BinaryStringEncoder base64encoder = mocker.getInstance(BinaryStringEncoder.class, "Base64");
73  1 v1CaCert = base64encoder.decode(V1_CA_CERT);
74  1 v1Cert = base64encoder.decode(V1_CERT);
75  1 v3CaCert = base64encoder.decode(V3_CA_CERT);
76  1 v3InterCaCert = base64encoder.decode(V3_ITERCA_CERT);
77  1 v3Cert = base64encoder.decode(V3_CERT);
78    }
79    }
80   
 
81  5 toggle @Before
82    public void configure() throws Exception
83    {
84  5 factory = mocker.getComponentUnderTest();
85  5 setupTest(mocker);
86    }
87   
 
88  1 toggle @Test
89    public void testV1CaCert() throws Exception
90    {
91  1 CertifiedPublicKey certificate = factory.decode(v1CaCert);
92   
93  1 assertTrue("CA should verify itself.", certificate.isSignedBy(certificate.getPublicKeyParameters()));
94   
95  1 assertThat(certificate, instanceOf(X509CertifiedPublicKey.class));
96  1 X509CertifiedPublicKey cert = (X509CertifiedPublicKey) certificate;
97  1 assertThat(cert.getVersionNumber(), equalTo(1));
98  1 assertThat(cert.isRootCA(), equalTo(true));
99    }
100   
 
101  1 toggle @Test
102    public void testV1Cert() throws Exception
103    {
104  1 CertifiedPublicKey caCert = factory.decode(v1CaCert);
105  1 CertifiedPublicKey certificate = factory.decode(v1Cert);
106   
107  1 assertTrue("End certificate should be verified by CA.", certificate.isSignedBy(caCert.getPublicKeyParameters()));
108   
109  1 assertThat(certificate, instanceOf(X509CertifiedPublicKey.class));
110  1 X509CertifiedPublicKey cert = (X509CertifiedPublicKey) certificate;
111  1 assertThat(cert.getVersionNumber(), equalTo(1));
112    }
113   
 
114  1 toggle @Test
115    public void testV3CaCert() throws Exception
116    {
117  1 CertifiedPublicKey certificate = factory.decode(v3CaCert);
118   
119  1 assertTrue("CA should verify itself.", certificate.isSignedBy(certificate.getPublicKeyParameters()));
120   
121  1 assertThat(certificate, instanceOf(X509CertifiedPublicKey.class));
122  1 X509CertifiedPublicKey cert = (X509CertifiedPublicKey) certificate;
123  1 assertThat(cert.getVersionNumber(), equalTo(3));
124   
125  1 assertTrue("Basic constraints should be critical.", cert.getExtensions().isCritical(X509Extensions.BASIC_CONSTRAINTS_OID));
126  1 assertTrue("Basic constraints should be set to CA.", cert.getExtensions().hasCertificateAuthorityBasicConstraints());
127  1 assertTrue("KeyUsage extension should be critical.", cert.getExtensions().isCritical(KeyUsage.OID));
128  1 assertThat(cert.getExtensions().getKeyUsage(), equalTo(EnumSet.of(KeyUsage.keyCertSign,
129    KeyUsage.cRLSign)));
130  1 assertThat(cert.getAuthorityKeyIdentifier(), notNullValue());
131  1 assertThat(cert.getAuthorityKeyIdentifier(),
132    equalTo(cert.getSubjectKeyIdentifier()));
133  1 assertThat(cert.isRootCA(), equalTo(true));
134    }
135   
 
136  1 toggle @Test
137    public void testV3InterCACert() throws Exception
138    {
139  1 CertifiedPublicKey caCert = factory.decode(v3CaCert);
140  1 CertifiedPublicKey interCaCert = factory.decode(v3InterCaCert);
141   
142  1 assertTrue("Intermediate CA certificate should be verified by CA.",
143    interCaCert.isSignedBy(caCert.getPublicKeyParameters()));
144   
145  1 assertThat(interCaCert, instanceOf(X509CertifiedPublicKey.class));
146  1 X509CertifiedPublicKey cert = (X509CertifiedPublicKey) interCaCert;
147  1 assertThat(cert.getVersionNumber(), equalTo(3));
148   
149  1 assertTrue("Basic constraints should be critical.",
150    cert.getExtensions().isCritical(X509Extensions.BASIC_CONSTRAINTS_OID));
151  1 assertTrue("Basic constraints should be set to CA.",
152    cert.getExtensions().hasCertificateAuthorityBasicConstraints());
153  1 assertThat(cert.getExtensions().getBasicConstraintsPathLen(), equalTo(0));
154  1 assertTrue("KeyUsage extension should be critical.", cert.getExtensions().isCritical(KeyUsage.OID));
155  1 assertThat(cert.getExtensions().getKeyUsage(), equalTo(EnumSet.of(KeyUsage.keyCertSign,
156    KeyUsage.cRLSign)));
157   
158  1 assertThat(cert.getAuthorityKeyIdentifier(),
159    equalTo(((X509CertifiedPublicKey) caCert).getSubjectKeyIdentifier()));
160  1 assertThat(cert.isRootCA(), equalTo(false));
161    }
162   
 
163  1 toggle @Test
164    public void testV3Cert() throws Exception
165    {
166  1 CertifiedPublicKey interCaCert = factory.decode(v3InterCaCert);
167  1 CertifiedPublicKey certificate = factory.decode(v3Cert);
168   
169  1 assertTrue("End certificate should be verified by CA.",
170    certificate.isSignedBy(interCaCert.getPublicKeyParameters()));
171   
172  1 assertThat(certificate, instanceOf(X509CertifiedPublicKey.class));
173  1 X509CertifiedPublicKey cert = (X509CertifiedPublicKey) certificate;
174  1 assertThat(cert.getVersionNumber(), equalTo(3));
175   
176  1 assertTrue("KeyUsage extension should be critical.", cert.getExtensions().isCritical(KeyUsage.OID));
177  1 assertThat(cert.getExtensions().getKeyUsage(), equalTo(EnumSet.of(KeyUsage.digitalSignature,
178    KeyUsage.dataEncipherment)));
179  1 assertFalse("ExtendedKeyUsage extension should be non critical.",
180    cert.getExtensions().isCritical(ExtendedKeyUsages.OID));
181  1 assertThat(cert.getExtensions().getExtendedKeyUsage().getAll().toArray(new String[0]), equalTo(
182    new String[]{ExtendedKeyUsages.EMAIL_PROTECTION}));
183  1 assertTrue("Email data protection extended usage should be set.",
184    cert.getExtensions().getExtendedKeyUsage().hasUsage(ExtendedKeyUsages.EMAIL_PROTECTION));
185   
186  1 assertThat(cert.getAuthorityKeyIdentifier(),
187    equalTo(((X509CertifiedPublicKey) interCaCert).getSubjectKeyIdentifier()));
188  1 assertThat(cert.isRootCA(), equalTo(false));
189    }
190   
191    }