Start line:  
End line:  

Snippet Preview

Snippet HTML Code

Stack Overflow Questions
The BSD License Copyright (c) 2010-2012 RIPE NCC All rights reserved. Redistribution and use in source and binary forms, with or without modification, are permitted provided that the following conditions are met: - Redistributions of source code must retain the above copyright notice, this list of conditions and the following disclaimer. - Redistributions in binary form must reproduce the above copyright notice, this list of conditions and the following disclaimer in the documentation and/or other materials provided with the distribution. - Neither the name of the RIPE NCC nor the names of its contributors may be used to endorse or promote products derived from this software without specific prior written permission. THIS SOFTWARE IS PROVIDED BY THE COPYRIGHT HOLDERS AND CONTRIBUTORS "AS IS" AND ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE ARE DISCLAIMED. IN NO EVENT SHALL THE COPYRIGHT HOLDER OR CONTRIBUTORS BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION) HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF SUCH DAMAGE.
 
 package net.ripe.rpki.commons.crypto.cms.manifest;
 
 import org.junit.Test;
 
 import java.net.URI;
 import java.util.Map;
 
 import static net.ripe.rpki.commons.crypto.x509cert.X509CertificateBuilderHelper.*;
 import static org.junit.Assert.*;
 import static org.mockito.Mockito.*;
 
 
 public class ManifestCmsTest {
 
     private static final URI ROOT_CERTIFICATE_LOCATION = URI.create("rsync://foo.host/bar/bar.cer");
     private static final URI ROOT_SIA_MANIFEST_RSYNC_LOCATION = URI.create("rsync://foo.host/bar/manifest.mft");
     private static final URI ROOT_MANIFEST_CRL_LOCATION = URI.create("rsync://foo.host/bar/bar.crl");
 
     // Root certificate
     private static final IpResourceSet ROOT_RESOURCE_SET = IpResourceSet.parse("10.0.0.0/8, 192.168.0.0/16, ffce::/16, AS21212");
     private static final KeyPair ROOT_KEY_PAIR = .;
 
     // Manifest EE certificate
     private static final X500Principal MANIFEST_DN = new X500Principal("CN=manifest");
 
     // Manifest data
     private static byte[] FILE1_CONTENTS = {'a''b''c'};
     private static byte[] FILE2_CONTENTS = {'d''e''f'};
 
     private static final DateTime THIS_UPDATE_TIME = new DateTime(2008, 9, 1, 22, 43, 29, 0, .);
     private static final DateTime MFT_EE_NOT_BEFORE = .minusMinutes(5);
     private static final DateTime NEXT_UPDATE_TIME = .plusHours(24);
     private static final DateTime MFT_EE_NOT_AFTER = .plusDays(7);
 
     // Test Manifest entries
    private static Map<Stringbyte[]> files = new HashMap<Stringbyte[]>();
    static {
        .put("filename1");
        .put("filename2");
    }
    private CrlLocator crlLocator;
    private ManifestCms subject;
    private static final ValidationOptions VALIDATION_OPTIONS = new ValidationOptions();
    public static ManifestCms getRootManifestCms() {
        ManifestCmsBuilder builder = getRootManifestBuilder();
        for (Entry<Stringbyte[]> entry : .entrySet()) {
            builder.addFile(entry.getKey(), entry.getValue());
        }
        return builder.build(.getPrivate());
    }
    @Before
    public void setUp() {
        DateTimeUtils.setCurrentMillisFixed(.getMillis());
         = mock(CrlLocator.class);
         = getRootManifestCms();
    }
    @After
    public void tearDown() {
        DateTimeUtils.setCurrentMillisSystem();
    }
    @Test
    public void shouldVerifySignature() {
    }
    @Test
    public void shouldVerifyFileContents() {
        assertTrue(.verifyFileContents("filename1"));
        assertFalse(.verifyFileContents("filename2"));
        FileContentSpecification spec = .getFileContentSpecification("filename2");
    }
    @Test
    public void shouldValidateManifestCms() {
        X509Crl crl = getRootCrl();
        IpResourceSet resources = .getResources();
        ValidationResult result = ValidationResult.withLocation();
        when(.getCrl(contextresult)).thenReturn(crl);
        assertEquals(0, result.getFailuresForCurrentLocation().size());
        assertFalse(result.hasFailures());
    }
    @Test
    public void shouldNotValidateWithInvalidCrl() {
        IpResourceSet resources = .getResources();
        final ValidationResult result = ValidationResult.withLocation();
        final ValidationLocation rootMftCrlValidationLocation = new ValidationLocation();
        when(.getCrl(contextresult)).thenAnswer(new Answer<X509Crl>() {
            @Override
            public X509Crl answer(InvocationOnMock invocationOnMockthrows Throwable {
                assertEquals(rootMftCrlValidationLocationresult.getCurrentLocation());
                result.rejectIfFalse(false.);
                return null;
            }
        });
        assertTrue(result.hasFailureForCurrentLocation());
        assertTrue(result.hasFailureForLocation(rootMftCrlValidationLocation));
    }
    @Test
    public void shouldWarnWhenManifestIsStale() {
        X509Crl crl = getRootCrl();
        DateTimeUtils.setCurrentMillisFixed(.plusDays(1).getMillis());
        IpResourceSet resources = .getResources();
        ValidationOptions options = new ValidationOptions();
        options.setMaxStaleDays(.);
        ValidationResult result = ValidationResult.withLocation();
        when(.getCrl(contextresult)).thenReturn(crl);
        .validate(.toString(), contextoptionsresult);
        assertFalse(result.hasFailures());
        assertEquals(0, result.getFailuresForCurrentLocation().size());
        assertEquals(
        );
    }
    @Test
    public void shouldRejectWhenManifestIsTooStale() {
        X509Crl crl = getRootCrl();
        DateTimeUtils.setCurrentMillisFixed(.plusDays(1).getMillis());
        IpResourceSet resources = .getResources();
        ValidationOptions options = new ValidationOptions();
        options.setMaxStaleDays(0);
        ValidationResult result = ValidationResult.withLocation();
        when(.getCrl(contextresult)).thenReturn(crl);
        .validate(.toString(), contextoptionsresult);
        assertTrue(result.hasFailures());
//        assertEquals(
//                new ValidationCheck(ValidationStatus.ERROR, ValidationString.NOT_VALID_AFTER, NEXT_UPDATE_TIME.toString()),
//                result.getResult(new ValidationLocation(ROOT_SIA_MANIFEST_RSYNC_LOCATION), ValidationString.NOT_VALID_AFTER)
//        );
        assertEquals(
        );
    }
    @Test
    public void shouldRejectWhenCertificateIsExpired() {
        X509Crl crl = getRootCrl();
        DateTimeUtils.setCurrentMillisFixed(.plusDays(8).getMillis());
        IpResourceSet resources = .getResources();
        ValidationOptions options = new ValidationOptions();
        options.setMaxStaleDays(100);
        ValidationResult result = ValidationResult.withLocation();
        when(.getCrl(contextresult)).thenReturn(crl);
        .validate(.toString(), contextoptionsresult);
        assertTrue(result.hasFailures());
        assertEquals(
        );
        assertEquals(
        );
    }
    @Test
    public void shouldMatchFiles() {
        ManifestCms mft = getRootManifestCms();
        assertTrue(mft.matchesFiles());
    }
    @Test
    public void shouldNotMatchIfFilesMissing() {
        ManifestCms mft = getRootManifestCms();
        Map<Stringbyte[]> emptyFiles = Collections.emptyMap();
        assertFalse(mft.matchesFiles(emptyFiles));
    }
    @Test
        ManifestCms mft = getRootManifestCms();
        Map<Stringbyte[]> wrongFiles = new HashMap<Stringbyte[]>();
        wrongFiles.put("newfile");
        assertFalse(mft.matchesFiles(wrongFiles));
    }
    @Test
    public void shouldNotMatchIfFileContentChanged() {
        ManifestCms mft = getRootManifestCms();
        Map<Stringbyte[]> wrongFiles = new HashMap<Stringbyte[]>();
        wrongFiles.put("filename2");
        assertFalse(mft.matchesFiles(wrongFiles));
    }
    private X509Crl getRootCrl() {
        return getRootCrlBuilder().build(.getPrivate());
    }
        X509ResourceCertificateBuilder builder = X509ResourceCertificateTest.createSelfSignedCaResourceCertificateBuilder();
        builder.withResources();
        builder.withPublicKey(.getPublic());
        builder.withSigningKeyPair();
        X509CertificateInformationAccessDescriptor[] descriptors = {
        };
        builder.withSubjectInformationAccess(descriptors);
        return builder.build();
    }
    private X509CrlBuilder getRootCrlBuilder() {
        X509CrlBuilder builder = new X509CrlBuilder();
        builder.withThisUpdateTime(new DateTime());
        builder.withNextUpdateTime(new DateTime().plusHours(8));
        builder.withNumber(.);
        return builder;
    }
    public static ManifestCmsBuilder getRootManifestBuilder() {
    }
    public static ManifestCmsBuilder getRootManifestBuilder(ValidityPeriod validityPeriod) {
        ManifestCmsBuilder builder = new ManifestCmsBuilder();
        builder.withManifestNumber(BigInteger.valueOf(68));
        builder.withThisUpdateTime(validityPeriod.getNotValidBefore()).withNextUpdateTime(validityPeriod.getNotValidAfter());
        return builder;
    }
        builder.withCa(false);
        builder.withKeyUsage(.);
        builder.withSubjectDN();
        builder.withSerial(.);
        builder.withPublicKey(.getPublic());
        builder.withSigningKeyPair();
        builder.withInheritedResourceTypes(EnumSet.allOf(IpResourceType.class));
        return builder;
    }
New to GrepCode? Check out our FAQ X