diff options
Diffstat (limited to 'tests/iketests/src/java/com/android/internal/net/ipsec/ike/message/IkeCertPayloadTest.java')
-rw-r--r-- | tests/iketests/src/java/com/android/internal/net/ipsec/ike/message/IkeCertPayloadTest.java | 154 |
1 files changed, 0 insertions, 154 deletions
diff --git a/tests/iketests/src/java/com/android/internal/net/ipsec/ike/message/IkeCertPayloadTest.java b/tests/iketests/src/java/com/android/internal/net/ipsec/ike/message/IkeCertPayloadTest.java deleted file mode 100644 index 2bb72e33..00000000 --- a/tests/iketests/src/java/com/android/internal/net/ipsec/ike/message/IkeCertPayloadTest.java +++ /dev/null @@ -1,154 +0,0 @@ -/* - * Copyright (C) 2019 The Android Open Source Project - * - * Licensed under the Apache License, Version 2.0 (the "License"); - * you may not use this file except in compliance with the License. - * You may obtain a copy of the License at - * - * http://www.apache.org/licenses/LICENSE-2.0 - * - * Unless required by applicable law or agreed to in writing, software - * distributed under the License is distributed on an "AS IS" BASIS, - * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. - * See the License for the specific language governing permissions and - * limitations under the License. - */ - -package com.android.internal.net.ipsec.ike.message; - -import static org.junit.Assert.fail; - -import com.android.internal.net.ipsec.ike.exceptions.AuthenticationFailedException; -import com.android.internal.net.ipsec.ike.testutils.CertUtils; - -import org.junit.Before; -import org.junit.Test; - -import java.security.cert.TrustAnchor; -import java.security.cert.X509Certificate; -import java.util.HashSet; -import java.util.LinkedList; -import java.util.List; -import java.util.Set; - -public final class IkeCertPayloadTest { - private X509Certificate mEndCertA; - private X509Certificate mEndCertB; - private X509Certificate mEndCertSmall; - - private X509Certificate mIntermediateCertBOne; - private X509Certificate mIntermediateCertBTwo; - - private TrustAnchor mTrustAnchorA; - private TrustAnchor mTrustAnchorB; - private TrustAnchor mTrustAnchorSmall; - - @Before - public void setUp() throws Exception { - mEndCertA = CertUtils.createCertFromPemFile("end-cert-a.pem"); - mTrustAnchorA = - new TrustAnchor( - CertUtils.createCertFromPemFile("self-signed-ca-a.pem"), - null /*nameConstraints*/); - - mEndCertB = CertUtils.createCertFromPemFile("end-cert-b.pem"); - mIntermediateCertBOne = CertUtils.createCertFromPemFile("intermediate-ca-b-one.pem"); - mIntermediateCertBTwo = CertUtils.createCertFromPemFile("intermediate-ca-b-two.pem"); - mTrustAnchorB = - new TrustAnchor( - CertUtils.createCertFromPemFile("self-signed-ca-b.pem"), - null /*nameConstraints*/); - - mEndCertSmall = CertUtils.createCertFromPemFile("end-cert-small.pem"); - mTrustAnchorSmall = - new TrustAnchor( - CertUtils.createCertFromPemFile("self-signed-ca-small.pem"), - null /*nameConstraints*/); - } - - @Test - public void testValidateCertsNoIntermediateCerts() throws Exception { - List<X509Certificate> certList = new LinkedList<>(); - certList.add(mEndCertA); - - Set<TrustAnchor> trustAnchors = new HashSet<>(); - trustAnchors.add(mTrustAnchorA); - - IkeCertPayload.validateCertificates(mEndCertA, certList, null /*crlList*/, trustAnchors); - } - - @Test - public void testValidateCertsWithIntermediateCerts() throws Exception { - List<X509Certificate> certList = new LinkedList<>(); - - certList.add(mEndCertB); - certList.add(mIntermediateCertBTwo); - certList.add(mIntermediateCertBOne); - - Set<TrustAnchor> trustAnchors = new HashSet<>(); - trustAnchors.add(mTrustAnchorB); - - IkeCertPayload.validateCertificates(mEndCertB, certList, null /*crlList*/, trustAnchors); - } - - @Test - public void testValidateCertsWithMultiTrustAnchors() throws Exception { - List<X509Certificate> certList = new LinkedList<>(); - certList.add(mEndCertA); - - Set<TrustAnchor> trustAnchors = new HashSet<>(); - trustAnchors.add(mTrustAnchorA); - trustAnchors.add(mTrustAnchorB); - - IkeCertPayload.validateCertificates(mEndCertA, certList, null /*crlList*/, trustAnchors); - } - - @Test - public void testValidateCertsWithWrongTrustAnchor() throws Exception { - List<X509Certificate> certList = new LinkedList<>(); - certList.add(mEndCertA); - - Set<TrustAnchor> trustAnchors = new HashSet<>(); - trustAnchors.add(mTrustAnchorB); - - try { - IkeCertPayload.validateCertificates( - mEndCertA, certList, null /*crlList*/, trustAnchors); - fail("Expected to fail due to absence of valid trust anchor."); - } catch (AuthenticationFailedException expected) { - } - } - - @Test - public void testValidateCertsWithMissingIntermediateCerts() throws Exception { - List<X509Certificate> certList = new LinkedList<>(); - certList.add(mEndCertB); - certList.add(mIntermediateCertBOne); - - Set<TrustAnchor> trustAnchors = new HashSet<>(); - trustAnchors.add(mTrustAnchorB); - - try { - IkeCertPayload.validateCertificates( - mEndCertA, certList, null /*crlList*/, trustAnchors); - fail("Expected to fail due to absence of intermediate certificate."); - } catch (AuthenticationFailedException expected) { - } - } - - @Test - public void testValidateCertsWithSmallSizeKey() throws Exception { - List<X509Certificate> certList = new LinkedList<>(); - certList.add(mEndCertSmall); - - Set<TrustAnchor> trustAnchors = new HashSet<>(); - trustAnchors.add(mTrustAnchorSmall); - - try { - IkeCertPayload.validateCertificates( - mEndCertSmall, certList, null /*crlList*/, trustAnchors); - fail("Expected to fail because certificates use small size key"); - } catch (AuthenticationFailedException expected) { - } - } -} |