mirror of
https://github.com/moparisthebest/k-9
synced 2024-12-25 09:08:49 -05:00
Add more unit tests for TrustManagerFactory
This commit is contained in:
parent
4b57d79acf
commit
5f38306a9a
BIN
tests/assets/cacert.der
Normal file
BIN
tests/assets/cacert.der
Normal file
Binary file not shown.
BIN
tests/assets/cert3.der
Normal file
BIN
tests/assets/cert3.der
Normal file
Binary file not shown.
BIN
tests/assets/digicert.der
Normal file
BIN
tests/assets/digicert.der
Normal file
Binary file not shown.
BIN
tests/assets/github.der
Normal file
BIN
tests/assets/github.der
Normal file
Binary file not shown.
@ -27,6 +27,10 @@ public class TrustManagerFactoryTest extends AndroidTestCase {
|
|||||||
private Context mTestContext;
|
private Context mTestContext;
|
||||||
private X509Certificate mCert1;
|
private X509Certificate mCert1;
|
||||||
private X509Certificate mCert2;
|
private X509Certificate mCert2;
|
||||||
|
private X509Certificate mCaCert;
|
||||||
|
private X509Certificate mCert3;
|
||||||
|
private X509Certificate mDigiCert;
|
||||||
|
private X509Certificate mGithubCert;
|
||||||
|
|
||||||
|
|
||||||
@Override
|
@Override
|
||||||
@ -53,6 +57,12 @@ public class TrustManagerFactoryTest extends AndroidTestCase {
|
|||||||
CertificateFactory certFactory = CertificateFactory.getInstance("X509");
|
CertificateFactory certFactory = CertificateFactory.getInstance("X509");
|
||||||
mCert1 = (X509Certificate) certFactory.generateCertificate(assets.open("cert1.der"));
|
mCert1 = (X509Certificate) certFactory.generateCertificate(assets.open("cert1.der"));
|
||||||
mCert2 = (X509Certificate) certFactory.generateCertificate(assets.open("cert2.der"));
|
mCert2 = (X509Certificate) certFactory.generateCertificate(assets.open("cert2.der"));
|
||||||
|
|
||||||
|
mCaCert = (X509Certificate) certFactory.generateCertificate(assets.open("cacert.der"));
|
||||||
|
mCert3 = (X509Certificate) certFactory.generateCertificate(assets.open("cert3.der"));
|
||||||
|
|
||||||
|
mDigiCert = (X509Certificate) certFactory.generateCertificate(assets.open("digicert.der"));
|
||||||
|
mGithubCert = (X509Certificate) certFactory.generateCertificate(assets.open("github.der"));
|
||||||
}
|
}
|
||||||
|
|
||||||
private void waitForAppInitialization() throws InterruptedException {
|
private void waitForAppInitialization() throws InterruptedException {
|
||||||
@ -105,14 +115,7 @@ public class TrustManagerFactoryTest extends AndroidTestCase {
|
|||||||
public void testWrongCertificate() throws Exception {
|
public void testWrongCertificate() throws Exception {
|
||||||
TrustManagerFactory.addCertificate(MATCHING_HOST, PORT1, mCert1);
|
TrustManagerFactory.addCertificate(MATCHING_HOST, PORT1, mCert1);
|
||||||
X509TrustManager trustManager = TrustManagerFactory.get(MATCHING_HOST, PORT1, true);
|
X509TrustManager trustManager = TrustManagerFactory.get(MATCHING_HOST, PORT1, true);
|
||||||
boolean certificateValid;
|
assertCertificateRejection(trustManager, new X509Certificate[] { mCert2 });
|
||||||
try {
|
|
||||||
trustManager.checkServerTrusted(new X509Certificate[] { mCert2 }, "authType");
|
|
||||||
certificateValid = true;
|
|
||||||
} catch (CertificateException e) {
|
|
||||||
certificateValid = false;
|
|
||||||
}
|
|
||||||
assertFalse("The certificate should have been rejected but wasn't", certificateValid);
|
|
||||||
}
|
}
|
||||||
|
|
||||||
public void testCertificateOfOtherHost() throws Exception {
|
public void testCertificateOfOtherHost() throws Exception {
|
||||||
@ -120,9 +123,52 @@ public class TrustManagerFactoryTest extends AndroidTestCase {
|
|||||||
TrustManagerFactory.addCertificate(MATCHING_HOST, PORT2, mCert2);
|
TrustManagerFactory.addCertificate(MATCHING_HOST, PORT2, mCert2);
|
||||||
|
|
||||||
X509TrustManager trustManager = TrustManagerFactory.get(MATCHING_HOST, PORT1, true);
|
X509TrustManager trustManager = TrustManagerFactory.get(MATCHING_HOST, PORT1, true);
|
||||||
|
assertCertificateRejection(trustManager, new X509Certificate[] { mCert2 });
|
||||||
|
}
|
||||||
|
|
||||||
|
public void testUntrustedCertificateChain() throws Exception {
|
||||||
|
X509TrustManager trustManager = TrustManagerFactory.get(MATCHING_HOST, PORT1, true);
|
||||||
|
assertCertificateRejection(trustManager, new X509Certificate[] { mCert3, mCaCert });
|
||||||
|
}
|
||||||
|
|
||||||
|
public void testLocallyTrustedCertificateChain() throws Exception {
|
||||||
|
TrustManagerFactory.addCertificate(MATCHING_HOST, PORT1, mCert3);
|
||||||
|
|
||||||
|
X509TrustManager trustManager = TrustManagerFactory.get(MATCHING_HOST, PORT1, true);
|
||||||
|
trustManager.checkServerTrusted(new X509Certificate[] { mCert3, mCaCert }, "authType");
|
||||||
|
}
|
||||||
|
|
||||||
|
public void testLocallyTrustedCertificateChainNotMatchingHost() throws Exception {
|
||||||
|
TrustManagerFactory.addCertificate(NOT_MATCHING_HOST, PORT1, mCert3);
|
||||||
|
|
||||||
|
X509TrustManager trustManager = TrustManagerFactory.get(NOT_MATCHING_HOST, PORT1, true);
|
||||||
|
trustManager.checkServerTrusted(new X509Certificate[] { mCert3, mCaCert }, "authType");
|
||||||
|
}
|
||||||
|
|
||||||
|
public void testGloballyTrustedCertificateChain() throws Exception {
|
||||||
|
X509TrustManager trustManager = TrustManagerFactory.get("github.com", PORT1, true);
|
||||||
|
X509Certificate[] certificates = new X509Certificate[] { mGithubCert, mDigiCert };
|
||||||
|
trustManager.checkServerTrusted(certificates, "authType");
|
||||||
|
}
|
||||||
|
|
||||||
|
public void testGloballyTrustedCertificateNotMatchingHost() throws Exception {
|
||||||
|
X509TrustManager trustManager = TrustManagerFactory.get(NOT_MATCHING_HOST, PORT1, true);
|
||||||
|
assertCertificateRejection(trustManager, new X509Certificate[] { mGithubCert, mDigiCert});
|
||||||
|
}
|
||||||
|
|
||||||
|
public void testGloballyTrustedCertificateNotMatchingHostOverride() throws Exception {
|
||||||
|
TrustManagerFactory.addCertificate(MATCHING_HOST, PORT1, mGithubCert);
|
||||||
|
|
||||||
|
X509TrustManager trustManager = TrustManagerFactory.get(MATCHING_HOST, PORT1, true);
|
||||||
|
X509Certificate[] certificates = new X509Certificate[] { mGithubCert, mDigiCert };
|
||||||
|
trustManager.checkServerTrusted(certificates, "authType");
|
||||||
|
}
|
||||||
|
|
||||||
|
private void assertCertificateRejection(X509TrustManager trustManager,
|
||||||
|
X509Certificate[] certificates) {
|
||||||
boolean certificateValid;
|
boolean certificateValid;
|
||||||
try {
|
try {
|
||||||
trustManager.checkServerTrusted(new X509Certificate[] { mCert2 }, "authType");
|
trustManager.checkServerTrusted(certificates, "authType");
|
||||||
certificateValid = true;
|
certificateValid = true;
|
||||||
} catch (CertificateException e) {
|
} catch (CertificateException e) {
|
||||||
certificateValid = false;
|
certificateValid = false;
|
||||||
|
Loading…
Reference in New Issue
Block a user