Start line:  
End line:  

Snippet Preview

Snippet HTML Code

Stack Overflow Questions
The BSD License Copyright (c) 2010-2012 RIPE NCC All rights reserved. Redistribution and use in source and binary forms, with or without modification, are permitted provided that the following conditions are met: - Redistributions of source code must retain the above copyright notice, this list of conditions and the following disclaimer. - Redistributions in binary form must reproduce the above copyright notice, this list of conditions and the following disclaimer in the documentation and/or other materials provided with the distribution. - Neither the name of the RIPE NCC nor the names of its contributors may be used to endorse or promote products derived from this software without specific prior written permission. THIS SOFTWARE IS PROVIDED BY THE COPYRIGHT HOLDERS AND CONTRIBUTORS "AS IS" AND ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE ARE DISCLAIMED. IN NO EVENT SHALL THE COPYRIGHT HOLDER OR CONTRIBUTORS BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION) HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF SUCH DAMAGE.
 
 package net.ripe.rpki.commons.crypto.x509cert;
 
 import org.junit.Test;
 
 import java.net.URI;
 
 import static org.junit.Assert.*;
 import static org.mockito.Mockito.*;
 
 
 public class X509ResourceCertificateTest {
 
     public static final URI TEST_TA_URI = URI.create("rsync://host.foo/ta.cer");
 
     public static final URI TEST_TA_CRL = URI.create("rsync://host.foo/bar/ta.crl");
     private static final URI MFT_URI = URI.create("rsync://host.foo/bar/ta.mft");
     private static final URI PUB_DIR_URI = URI.create("rsync://host.foo/bar/");
 
 
     public static final X500Principal TEST_SELF_SIGNED_CERTIFICATE_NAME = new X500Principal("CN=TEST-SELF-SIGNED-CERT");
     private static final IpResourceSet TEST_RESOURCE_SET = IpResourceSet.parse("10.0.0.0/8, 192.168.0.0/16, ffce::/16, AS21212");
     private CrlLocator crlLocator;
 
     private static final ValidityPeriod TEST_VALIDITY_PERIOD = new ValidityPeriod(new DateTime().minusMinutes(1), new DateTime().plusYears(100));
     private static final BigInteger TEST_SERIAL_NUMBER = BigInteger.valueOf(900);
 
     private static final ValidationOptions VALIDATION_OPTIONS = new ValidationOptions();
 
         X509ResourceCertificateBuilder builder = createBasicBuilder();
         builder.withCa(true);
         builder.withKeyUsage(. | .);
         return builder;
     }
 
         builder.withSerial();
         builder.withValidityPeriod();
        builder.withAuthorityKeyIdentifier(true);
        X509CertificateInformationAccessDescriptor[] descriptors = {
        builder.withSubjectInformationAccess(descriptors);
        return builder;
    }
    }
        return builder.build();
    }
        return builder.build();
    }
        return createSelfSignedCaCertificateBuilder()
                .withResources()
                .withSubjectDN()
                .withIssuerDN();
    }
        return createBasicBuilder().withCa(false)
                .withResources()
                .withSubjectDN()
                .withIssuerDN();
    }
    @Before
    public void setUp() {
         = mock(CrlLocator.class);
    }
    @Test(expected = IllegalArgumentException.class)
    public void shouldRequireCertificate() {
        new X509ResourceCertificate(null);
    }
    @Test
    public void shouldHaveCertificate() {
    }
    @Test
    public void shouldDecodeResourceExtensions() {
    }
    @Test
    public void shouldSupportResourceInheritance() {
        assertTrue(inherited.isResourceSetInherited());
        assertTrue(inherited.getResources().isEmpty());
        assertEquals("AS21212, 10.0.0.0/8, 192.168.0.0/16, ffce::/16"inherited.deriveResources().toString());
    }
    @Test
    public void shouldSupportInheritedAsnsOnly() {
        assertTrue(subject.isResourceTypesInherited(EnumSet.of(.)));
        assertFalse(subject.isResourceTypesInherited(EnumSet.of(.)));
        assertFalse(subject.isResourceTypesInherited(EnumSet.of(.)));
        assertTrue(subject.isResourceSetInherited());
        assertEquals("AS21212, 10.0.0.0/8"subject.deriveResources().toString());
    }
    @Test
    public void shouldSupportInheritedIpAddressesOnly() {
        assertFalse(subject.isResourceTypesInherited(EnumSet.of(.)));
        assertTrue(subject.isResourceTypesInherited(EnumSet.of(.)));
        assertTrue(subject.isResourceTypesInherited(EnumSet.of(.)));
        assertTrue(subject.isResourceSetInherited());
        assertEquals("AS1234, 10.0.0.0/8, 192.168.0.0/16, ffce::/16"subject.deriveResources().toString());
    }
    @Test
    public void shouldSupportCaCertificate() {
        X509ResourceCertificate resourceCertificate = createSelfSignedEeCertificateBuilder().build();
        assertTrue(resourceCertificate.isEe());
        assertFalse(resourceCertificate.isCa());
        assertTrue(cert.isCa());
        assertFalse(cert.isEe());
    }
    @Test
        X509CertificateInformationAccessDescriptor[] descriptors = {
                new X509CertificateInformationAccessDescriptor(.new URI("rsync://foo.host/bar/baz.cer")),
                new X509CertificateInformationAccessDescriptor(.new URI("http://foo.host/bar/baz.cer"))
        };
        builder.withAuthorityInformationAccess(descriptors);
        X509ResourceCertificate cert = builder.build();
        assertArrayEquals(descriptorscert.getAuthorityInformationAccess());
    }
    @Test
        X509CertificateInformationAccessDescriptor[] descriptors = {
                new X509CertificateInformationAccessDescriptor(.new URI("rsync://foo.host/bar/")),
        };
        builder.withSubjectInformationAccess(descriptors);
        X509ResourceCertificate cert = builder.build();
        assertArrayEquals(descriptorscert.getSubjectInformationAccess());
    }
    @Test
    public void shouldSupportCrlDistributionPoints() {
        URI[] crlDistributionPoints = {
                URI.create("rsync://localhost/ca.crl")
        };
        builder.withCrlDistributionPoints(crlDistributionPoints);
        X509ResourceCertificate cert = builder.build();
        assertArrayEquals(crlDistributionPointscert.getCrlDistributionPoints());
    }

    
See http://tools.ietf.org/html/draft-ietf-sidr-res-certs-13#section-3.9.8
    @Test
    public void shouldHaveCertificatePolicy() {
    }
    @Test
    }
    @Test(expected = SignatureException.class)
    }
    @Test
        ValidationResult result = ValidationResult.withLocation();
        selfSignedCert.validate(.toString(), contextresult);
    }
    @Test
    public void shouldFailWhenCrlCannotBeLocated() {
        final ValidationResult result = ValidationResult.withLocation();
                .withSubjectDN(new X500Principal("CN=child"))
                .withCrlDistributionPoints()
                .build();
        when(.getCrl(contextresult)).thenAnswer(new Answer<X509Crl>() {
            @Override
            public X509Crl answer(InvocationOnMock invocationOnMockthrows Throwable {
                assertEquals(result.getCurrentLocation());
                result.rejectIfFalse(false.);
                return null;
            }
        });
        result.setLocation(new ValidationLocation());
        subject.validate(.toString(), contextresult);
        assertTrue("certificate should have errors"result.hasFailureForCurrentLocation());
        assertTrue("crl should have errors"result.hasFailureForLocation());
    }
    @Test
    public void shouldValidateWhenCrlOk() {
        final ValidationResult result = ValidationResult.withLocation();
                .withSubjectDN(new X500Principal("CN=child"))
                .withCrlDistributionPoints()
                .build();
        X509Crl crl = X509CrlTest.createCrl();
        when(.getCrl(contextresult)).thenReturn(crl);
        subject.validate(.toString(), contextresult);
        assertEquals("[]"result.getFailuresForCurrentLocation().toString());
    }
    @Test
    public void shouldReturnImmutableResources() {
        IpResourceSet resources = cert.getResources();
        resources.removeAll(new IpResourceSet(resources));
        assertFalse(cert.getResources().isEmpty());
    }
New to GrepCode? Check out our FAQ X