diff options
| author | Geremy Condra <gcondra@google.com> | 2013-01-04 20:17:47 -0800 |
|---|---|---|
| committer | Geremy Condra <gcondra@google.com> | 2013-01-04 20:36:36 -0800 |
| commit | 95ecd9024afcfa417911e158663ce5f31acbd839 (patch) | |
| tree | 4eec205e6db07121f652f946f84acfe5d33c4cef /luni/src/test/java/com | |
| parent | 647762c4d867de125e60b93113f162b2ed1caf57 (diff) | |
| download | libcore-95ecd9024afcfa417911e158663ce5f31acbd839.zip libcore-95ecd9024afcfa417911e158663ce5f31acbd839.tar.gz libcore-95ecd9024afcfa417911e158663ce5f31acbd839.tar.bz2 | |
Add blacklist tests for TURKTRUST.
Change-Id: Ibc0763f1688b9ac448990abf48c534f7fcf5056a
Diffstat (limited to 'luni/src/test/java/com')
| -rw-r--r-- | luni/src/test/java/com/android/org/bouncycastle/jce/provider/CertBlacklistTest.java | 93 |
1 files changed, 93 insertions, 0 deletions
diff --git a/luni/src/test/java/com/android/org/bouncycastle/jce/provider/CertBlacklistTest.java b/luni/src/test/java/com/android/org/bouncycastle/jce/provider/CertBlacklistTest.java index b374f56..9c3f915 100644 --- a/luni/src/test/java/com/android/org/bouncycastle/jce/provider/CertBlacklistTest.java +++ b/luni/src/test/java/com/android/org/bouncycastle/jce/provider/CertBlacklistTest.java @@ -25,6 +25,7 @@ import java.io.IOException; import java.math.BigInteger; import java.security.cert.CertificateFactory; import java.security.cert.Certificate; +import java.security.cert.X509Certificate; import java.security.MessageDigest; import java.security.PrivateKey; import java.security.PublicKey; @@ -62,6 +63,52 @@ public class CertBlacklistTest extends TestCase { "orDrR1AXTXkuxwLSbmVfedMGOZy7Awh7iZa8hw5x9XmUudfNxvmrKVEwGQY2DZ9PXbrnta/dwbhK" + "mWfoepESVbo7CKIhJp8gRW0h1Z55ETXD57aGJRvQS4pxkP8ANhM="; + public static final String TURKTRUST_1 = "" + + "MIIFPTCCBCWgAwIBAgICCCcwDQYJKoZIhvcNAQEFBQAwgawxPTA7BgNVBAMMNFTDnFJLVFJVU1Qg" + + "RWxla3Ryb25payBTdW51Y3UgU2VydGlmaWthc8SxIEhpem1ldGxlcmkxCzAJBgNVBAYTAlRSMV4w" + + "XAYDVQQKDFVUw5xSS1RSVVNUIEJpbGdpIMSwbGV0acWfaW0gdmUgQmlsacWfaW0gR8O8dmVubGnE" + + "n2kgSGl6bWV0bGVyaSBBLsWeLiAoYykgS2FzxLFtICAyMDA1MB4XDTExMDgwODA3MDc1MVoXDTIx" + + "MDcwNjA3MDc1MVowbjELMAkGA1UEBhMCVFIxDzANBgNVBAgMBkFOS0FSQTEPMA0GA1UEBwwGQU5L" + + "QVJBMQwwCgYDVQQKDANFR08xGDAWBgNVBAsMD0VHTyBCSUxHSSBJU0xFTTEVMBMGA1UEAwwMKi5F" + + "R08uR09WLlRSMIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAv5zoj2Bpdl7R1M/zF6Qf" + + "4su2F8vDqISKvuTuyJhNAHhFGHCsHjaixGMHspuz0l3V50kq/ECWbN8kKaeTrB112QOrWTU276iu" + + "p1Gh+OlEOiR9vlQ4VAP00dWUjD6z9HQFCi8W3EsEtiiHiYOU9BcPpPkaUbECwP4nGVwR8aPwhB5P" + + "GBJc98romdvciYkUpSOOwkuSRtooA7tRlLFu72QaNpXN1NueB36I3aajPk0YyiXy2w8XlgK7QI4P" + + "SSBnSq+QblFocWVmLhF94je7py6lCnllrIFXpR3FWZLD5GcI6HKlBS78AQ+IMBLFHhsEVw5NQj90" + + "chSZClfBWBZzIaV9RwIDAQABo4IBpDCCAaAwHwYDVR0jBBgwFoAUq042AzDS29UKaL6HpVBs/PZw" + + "pSUwHQYDVR0OBBYEFGT7G4Y9uEryRIL5Vj3qJsD047M0MA4GA1UdDwEB/wQEAwIBBjBFBgNVHSAE" + + "PjA8MDoGCWCGGAMAAwEBATAtMCsGCCsGAQUFBwIBFh9odHRwOi8vd3d3LnR1cmt0cnVzdC5jb20u" + + "dHIvc3VlMA8GA1UdEwEB/wQFMAMBAf8wSQYDVR0fBEIwQDA+oDygOoY4aHR0cDovL3d3dy50dXJr" + + "dHJ1c3QuY29tLnRyL3NpbC9UVVJLVFJVU1RfU1NMX1NJTF9zMi5jcmwwgaoGCCsGAQUFBwEBBIGd" + + "MIGaMG4GCCsGAQUFBzAChmJodHRwOi8vd3d3LnR1cmt0cnVzdC5jb20udHIvc2VydGlmaWthbGFy" + + "L1RVUktUUlVTVF9FbGVrdHJvbmlrX1N1bnVjdV9TZXJ0aWZpa2FzaV9IaXptZXRsZXJpX3MyLmNy" + + "dDAoBggrBgEFBQcwAYYcaHR0cDovL29jc3AudHVya3RydXN0LmNvbS50cjANBgkqhkiG9w0BAQUF" + + "AAOCAQEAj89QCCyoW0S20EcYDZAnvFLFmougK97Bt68iV1OM622+Cyeyf4Sz+1LBk1f9ni3fGT0Q" + + "+RWZJYWq5YuSBiLVgk3NLcxnwe3wmnvErUgq1QDtAaNlBWMEMklOlWGfJ0eWaillUskJbDd4KwgZ" + + "HDEj7g/jYEQqU1t0zoJdwM/zNsnLHkhwcWZ5PQnnbpff1Ct/1LH/8pdy2eRDmRmqniLUh8r2lZfJ" + + "eudVZG6yIbxsqP3t2JCq5c2P1jDhAGF3g9DiskH0CzsRdbVpoWdr+PY1Xz/19G8XEpX9r+IBJhLd" + + "bkpVo0Qh0A10mzFP/GUk5f/8nho2HvLaVMhWv1qKcF8IhQ=="; + + public static final String TURKTRUST_2 = "" + + "MIID8DCCAtigAwIBAgICCGQwDQYJKoZIhvcNAQEFBQAwgawxPTA7BgNVBAMMNFTDnFJLVFJVU1Qg" + + "RWxla3Ryb25payBTdW51Y3UgU2VydGlmaWthc8SxIEhpem1ldGxlcmkxCzAJBgNVBAYTAlRSMV4w" + + "XAYDVQQKDFVUw5xSS1RSVVNUIEJpbGdpIMSwbGV0acWfaW0gdmUgQmlsacWfaW0gR8O8dmVubGnE" + + "n2kgSGl6bWV0bGVyaSBBLsWeLiAoYykgS2FzxLFtICAyMDA1MB4XDTExMDgwODA3MDc1MVoXDTIx" + + "MDgwNTA3MDc1MVowgaMxCzAJBgNVBAYTAlRSMRAwDgYDVQQIEwdMZWZrb3NhMRAwDgYDVQQHEwdM" + + "ZWZrb3NhMRwwGgYDVQQKExNLS1RDIE1lcmtleiBCYW5rYXNpMSYwJAYDVQQDEx1lLWlzbGVtLmtr" + + "dGNtZXJrZXpiYW5rYXNpLm9yZzEqMCgGCSqGSIb3DQEJARYbaWxldGlAa2t0Y21lcmtlemJhbmth" + + "c2kub3JnMIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAw1hUpuRFY67NsZ6C9rzRAPCb" + + "9RVpi4nZzJIA1TvIfr4hMPM0X5jseMf5GvgJQ+cBMZtooDd7BbZNy2z7O5A+8PYFaMDdokCENx2e" + + "PIqAVuO6C5UAqM7J3n6RrhjOvqiw6dTQMbtXhjFao+YMuBVvRuuhGHBDK3Je64T/KLzcmAUlRJEu" + + "y+ZMe7AatUaSDr/jy5DMA5xEYOdsnS5Zo30lRG+9vqbxb8CQi+E97sNjY+W4lEgJKQWMNh5rCxo4" + + "Hinkm3CKyKX3PAS+DDVI3LQiCiIQUOMA2+1P5aTPTkpqlbjqhbWTWAPWOKCF9d83p3RMXOYt5Gah" + + "S8rg5u6+toEC1QIDAQABoyMwITAOBgNVHQ8BAf8EBAMCAQYwDwYDVR0TAQH/BAUwAwEB/zANBgkq" + + "hkiG9w0BAQUFAAOCAQEAwjWz5tsUvYORVW8KJSK/biHFrAnFotMtoTKEewRmnYaYjwXIr1IPaBqh" + + "jkGGviLN2eOH/v97Uli6HC4lzhKHfMQUS9KF/f5nGcH8iQBy/gmFsfJQ1KDC6GNM4CfMGIzyxjYh" + + "P0VzdUtKX3PAl5EqgMUcdqRDy6Ruz55+JkdvCL1nAC7xH+czJcZVwysTdGfLTCh6VtYPgIkeL6U8" + + "3xQAyMuOHm72exJljYFqIsiNvGE0KufCqCuH1PD97IXMrLlwGmKKg5jP349lySBpJjm6RDqCTT+6" + + "dUl2jkVbeNmco99Y7AOdtLsOdXBMCo5x8lK8zwQWFrzEms0joHXCpWfGWA=="; + public CertBlacklistTest() throws IOException { tmpFile = File.createTempFile("test", ""); DEFAULT_PUBKEYS = getDefaultPubkeys(); @@ -158,6 +205,14 @@ public class CertBlacklistTest extends TestCase { return cf.generateCertificate(istream).getPublicKey(); } + private BigInteger createSerialNumber(String cert) throws Exception { + byte[] derCert = Base64.decode(cert.getBytes()); + InputStream istream = new ByteArrayInputStream(derCert); + CertificateFactory cf = CertificateFactory.getInstance("X.509"); + X509Certificate xCert = (X509Certificate)cf.generateCertificate(istream); + return xCert.getSerialNumber(); + } + public void testPubkeyBlacklistLegit() throws Exception { // build the blacklist HashSet<String> bl = new HashSet<String>(); @@ -329,4 +384,42 @@ public class CertBlacklistTest extends TestCase { // do the test assertEquals(bl, getCurrentSerialBlacklist()); } + + public void testTurkTrustIntermediate1SerialBlacklist() throws Exception { + CertBlacklist bl = new CertBlacklist(); + assertEquals(bl.isSerialNumberBlackListed(createSerialNumber(TURKTRUST_1)), true); + } + + public void testTurkTrustIntermediate1PubkeyBlacklist() throws Exception { + // build the public key + PublicKey pk = createPublicKey(TURKTRUST_1); + // write that to the test blacklist + writeBlacklist(new HashSet<String>()); + // set our blacklist path + CertBlacklist bl = new CertBlacklist(); + // check to make sure it isn't blacklisted + assertEquals(bl.isPublicKeyBlackListed(pk), true); + } + + public void testTurkTrustIntermediate2SerialBlacklist() throws Exception { + CertBlacklist bl = new CertBlacklist(); + assertEquals(bl.isSerialNumberBlackListed(createSerialNumber(TURKTRUST_2)), true); + } + + public void testTurkTrustIntermediate2PubkeyBlacklist() throws Exception { + // build the public key + PublicKey pk = createPublicKey(TURKTRUST_2); + // set our blacklist path + CertBlacklist bl = new CertBlacklist(); + // check to make sure it isn't blacklisted + assertEquals(bl.isPublicKeyBlackListed(pk), true); + } + + public void printHash(String cert) throws Exception { + System.out.println("CERTIFICATE PUBLIC KEY HASH: " + getHash(createPublicKey(cert))); + } + + public void printSerial(String cert) throws Exception { + System.out.println("CERTIFICATE SERIAL NUMBER: " + createSerialNumber(cert).toString(16)); + } } |