/*
* X509SecurityInfoTest.java
*
* Created on Jun 30, 2008, 3:04:12 PM
*
* Description: .
*
* Copyright (C) Apr 19, 2010 reed.
*
* This program is free software; you can redistribute it and/or modify it under the terms
* of the GNU General Public License as published by the Free Software Foundation; either
* version 3 of the License, or (at your option) any later version.
*
* This program is distributed in the hope that it will be useful, but WITHOUT ANY WARRANTY;
* without even the implied warranty of MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE.
* See the GNU General Public License for more details.
*
* You should have received a copy of the GNU General Public License along with this program;
* if not, write to the Free Software Foundation, Inc., 675 Mass Ave, Cambridge, MA 02139, USA.
*/
package org.texai.x509;
import java.security.InvalidAlgorithmParameterException;
import java.security.KeyStore;
import java.security.KeyStoreException;
import java.security.NoSuchAlgorithmException;
import java.security.PrivateKey;
import java.security.cert.CertPath;
import java.security.cert.CertPathValidatorException;
import java.security.cert.Certificate;
import java.security.cert.X509Certificate;
import java.util.Enumeration;
import java.util.List;
import javax.net.ssl.KeyManager;
import javax.net.ssl.X509KeyManager;
import org.apache.log4j.Logger;
import org.junit.After;
import org.junit.AfterClass;
import org.junit.Before;
import org.junit.BeforeClass;
import org.junit.Test;
//import sun.security.x509.X509CertImpl;
import static org.junit.Assert.*;
/**
*
* @author reed
*/
public class X509SecurityInfoTest {
/** the logger */
private static final Logger LOGGER = Logger.getLogger(X509SecurityInfoTest.class);
public X509SecurityInfoTest() {
}
@BeforeClass
public static void setUpClass() throws Exception {
}
@AfterClass
public static void tearDownClass() throws Exception {
}
@Before
public void setUp() {
}
@After
public void tearDown() {
}
/**
* Test of getTrustStore method, of class X509SecurityInfo.
*/
@Test
public void testGetTrustStore() {
LOGGER.info("getTrustStore");
X509SecurityInfo instance = KeyStoreTestUtils.getClientX509SecurityInfo();
KeyStore result = instance.getTrustStore();
assertNotNull(result);
try {
LOGGER.info("truststore alias: " + result.aliases());
final Enumeration<String> aliasEnumeration = result.aliases();
while (aliasEnumeration.hasMoreElements()) {
LOGGER.info("truststore alias: " + aliasEnumeration.nextElement());
}
assertTrue(result.containsAlias(X509Utils.TRUSTSTORE_ENTRY_ALIAS));
} catch (KeyStoreException ex) {
fail(ex.getMessage());
}
}
/**
* Test of getKeyStore method, of class X509SecurityInfo.
*/
@Test
public void testGetKeyStore() {
LOGGER.info("getKeyStore");
X509SecurityInfo instance = KeyStoreTestUtils.getClientX509SecurityInfo();
KeyStore result = instance.getKeyStore();
assertNotNull(result);
try {
LOGGER.info("key store alias: " + result.aliases());
final Enumeration<String> aliasEnumeration = result.aliases();
assertTrue(aliasEnumeration.hasMoreElements());
while (aliasEnumeration.hasMoreElements()) {
LOGGER.info("key store alias: " + aliasEnumeration.nextElement());
}
assertTrue(result.containsAlias(X509Utils.ENTRY_ALIAS));
} catch (KeyStoreException ex) {
fail(ex.getMessage());
}
}
/**
* Test of getKeyManagers method, of class X509SecurityInfo.
*/
@Test
public void testGetKeyManagers() {
LOGGER.info("getKeyManagers");
X509SecurityInfo instance = KeyStoreTestUtils.getClientX509SecurityInfo();
KeyManager[] result = instance.getKeyManagers();
assertNotNull(result);
assertEquals(1, result.length);
final KeyManager keyManager = result[0];
assertTrue(keyManager instanceof X509KeyManager);
final X509KeyManager x509KeyManager = (X509KeyManager) keyManager;
assertNotNull(x509KeyManager.getCertificateChain(X509Utils.ENTRY_ALIAS));
assertNotNull(x509KeyManager.getPrivateKey(X509Utils.ENTRY_ALIAS));
}
/**
* Test of getPrivateKey method, of class X509SecurityInfo.
*/
@Test
public void testGetPrivateKey() {
LOGGER.info("getPrivateKey");
X509SecurityInfo instance = KeyStoreTestUtils.getClientX509SecurityInfo();
PrivateKey result = instance.getPrivateKey();
assertNotNull(result);
LOGGER.info("private key: \n" + result);
}
/**
* Test of getX509Certificate method, of class X509SecurityInfo.
*/
@Test
public void testGetX509Certificate() {
LOGGER.info("getX509Certificate");
X509SecurityInfo instance = KeyStoreTestUtils.getClientX509SecurityInfo();
X509Certificate result = instance.getX509Certificate();
assertNotNull(result);
assertTrue(result.getSubjectX500Principal().toString().startsWith("CN=texai.org, UID="));
}
/**
* Test of getCertPath method, of class X509SecurityInfo.
*/
@Test
public void testGetCertPath() {
LOGGER.info("getCertPath");
X509SecurityInfo x509SecurityInfo = KeyStoreTestUtils.getClientX509SecurityInfo();
try {
// to turn on java security debugging, specify java.security.debug=certpath in the Texai POM
final KeyStore keyStore = x509SecurityInfo.getKeyStore();
final X509Certificate clientX509Certificate = (X509Certificate) keyStore.getCertificate(X509Utils.ENTRY_ALIAS);
assertNotNull(clientX509Certificate);
assertTrue(clientX509Certificate.getSubjectX500Principal().toString().contains("CN=texai.org"));
Certificate[] certificateChain = keyStore.getCertificateChain(X509Utils.ENTRY_ALIAS);
assertEquals(2, certificateChain.length);
assertEquals(clientX509Certificate, certificateChain[0]);
final Certificate rootX509Certificate = certificateChain[1];
assertTrue(rootX509Certificate instanceof X509Certificate);
assertEquals("CN=texai.org, O=Texai Certification Authority, UID=ed6d6718-80de-4848-af43-fed7bdba3c36", ((X509Certificate) rootX509Certificate).getSubjectX500Principal().toString());
//assertTrue(X509CertImpl.isSelfIssued((X509Certificate) rootX509Certificate));
assertEquals(3, ((X509Certificate) rootX509Certificate).getVersion());
CertPath certPath = x509SecurityInfo.getCertPath();
LOGGER.info("certPath: " + certPath);
assertNotNull(certPath);
@SuppressWarnings("unchecked")
final List<X509Certificate> certificates = (List<X509Certificate>) certPath.getCertificates();
assertEquals(1, certificates.size());
assertEquals(clientX509Certificate, certificates.get(0));
X509Utils.validateCertificatePath(certPath);
} catch (InvalidAlgorithmParameterException | KeyStoreException | NoSuchAlgorithmException | CertPathValidatorException ex) {
ex.printStackTrace();
fail(ex.getMessage());
}
}
}