mirror of
https://github.com/moparisthebest/k-9
synced 2024-12-25 00:58:50 -05:00
Add more unit tests for TrustManagerFactory
This commit is contained in:
parent
4b57d79acf
commit
5f38306a9a
BIN
tests/assets/cacert.der
Normal file
BIN
tests/assets/cacert.der
Normal file
Binary file not shown.
BIN
tests/assets/cert3.der
Normal file
BIN
tests/assets/cert3.der
Normal file
Binary file not shown.
BIN
tests/assets/digicert.der
Normal file
BIN
tests/assets/digicert.der
Normal file
Binary file not shown.
BIN
tests/assets/github.der
Normal file
BIN
tests/assets/github.der
Normal file
Binary file not shown.
@ -27,6 +27,10 @@ public class TrustManagerFactoryTest extends AndroidTestCase {
|
||||
private Context mTestContext;
|
||||
private X509Certificate mCert1;
|
||||
private X509Certificate mCert2;
|
||||
private X509Certificate mCaCert;
|
||||
private X509Certificate mCert3;
|
||||
private X509Certificate mDigiCert;
|
||||
private X509Certificate mGithubCert;
|
||||
|
||||
|
||||
@Override
|
||||
@ -53,6 +57,12 @@ public class TrustManagerFactoryTest extends AndroidTestCase {
|
||||
CertificateFactory certFactory = CertificateFactory.getInstance("X509");
|
||||
mCert1 = (X509Certificate) certFactory.generateCertificate(assets.open("cert1.der"));
|
||||
mCert2 = (X509Certificate) certFactory.generateCertificate(assets.open("cert2.der"));
|
||||
|
||||
mCaCert = (X509Certificate) certFactory.generateCertificate(assets.open("cacert.der"));
|
||||
mCert3 = (X509Certificate) certFactory.generateCertificate(assets.open("cert3.der"));
|
||||
|
||||
mDigiCert = (X509Certificate) certFactory.generateCertificate(assets.open("digicert.der"));
|
||||
mGithubCert = (X509Certificate) certFactory.generateCertificate(assets.open("github.der"));
|
||||
}
|
||||
|
||||
private void waitForAppInitialization() throws InterruptedException {
|
||||
@ -105,14 +115,7 @@ public class TrustManagerFactoryTest extends AndroidTestCase {
|
||||
public void testWrongCertificate() throws Exception {
|
||||
TrustManagerFactory.addCertificate(MATCHING_HOST, PORT1, mCert1);
|
||||
X509TrustManager trustManager = TrustManagerFactory.get(MATCHING_HOST, PORT1, true);
|
||||
boolean certificateValid;
|
||||
try {
|
||||
trustManager.checkServerTrusted(new X509Certificate[] { mCert2 }, "authType");
|
||||
certificateValid = true;
|
||||
} catch (CertificateException e) {
|
||||
certificateValid = false;
|
||||
}
|
||||
assertFalse("The certificate should have been rejected but wasn't", certificateValid);
|
||||
assertCertificateRejection(trustManager, new X509Certificate[] { mCert2 });
|
||||
}
|
||||
|
||||
public void testCertificateOfOtherHost() throws Exception {
|
||||
@ -120,9 +123,52 @@ public class TrustManagerFactoryTest extends AndroidTestCase {
|
||||
TrustManagerFactory.addCertificate(MATCHING_HOST, PORT2, mCert2);
|
||||
|
||||
X509TrustManager trustManager = TrustManagerFactory.get(MATCHING_HOST, PORT1, true);
|
||||
assertCertificateRejection(trustManager, new X509Certificate[] { mCert2 });
|
||||
}
|
||||
|
||||
public void testUntrustedCertificateChain() throws Exception {
|
||||
X509TrustManager trustManager = TrustManagerFactory.get(MATCHING_HOST, PORT1, true);
|
||||
assertCertificateRejection(trustManager, new X509Certificate[] { mCert3, mCaCert });
|
||||
}
|
||||
|
||||
public void testLocallyTrustedCertificateChain() throws Exception {
|
||||
TrustManagerFactory.addCertificate(MATCHING_HOST, PORT1, mCert3);
|
||||
|
||||
X509TrustManager trustManager = TrustManagerFactory.get(MATCHING_HOST, PORT1, true);
|
||||
trustManager.checkServerTrusted(new X509Certificate[] { mCert3, mCaCert }, "authType");
|
||||
}
|
||||
|
||||
public void testLocallyTrustedCertificateChainNotMatchingHost() throws Exception {
|
||||
TrustManagerFactory.addCertificate(NOT_MATCHING_HOST, PORT1, mCert3);
|
||||
|
||||
X509TrustManager trustManager = TrustManagerFactory.get(NOT_MATCHING_HOST, PORT1, true);
|
||||
trustManager.checkServerTrusted(new X509Certificate[] { mCert3, mCaCert }, "authType");
|
||||
}
|
||||
|
||||
public void testGloballyTrustedCertificateChain() throws Exception {
|
||||
X509TrustManager trustManager = TrustManagerFactory.get("github.com", PORT1, true);
|
||||
X509Certificate[] certificates = new X509Certificate[] { mGithubCert, mDigiCert };
|
||||
trustManager.checkServerTrusted(certificates, "authType");
|
||||
}
|
||||
|
||||
public void testGloballyTrustedCertificateNotMatchingHost() throws Exception {
|
||||
X509TrustManager trustManager = TrustManagerFactory.get(NOT_MATCHING_HOST, PORT1, true);
|
||||
assertCertificateRejection(trustManager, new X509Certificate[] { mGithubCert, mDigiCert});
|
||||
}
|
||||
|
||||
public void testGloballyTrustedCertificateNotMatchingHostOverride() throws Exception {
|
||||
TrustManagerFactory.addCertificate(MATCHING_HOST, PORT1, mGithubCert);
|
||||
|
||||
X509TrustManager trustManager = TrustManagerFactory.get(MATCHING_HOST, PORT1, true);
|
||||
X509Certificate[] certificates = new X509Certificate[] { mGithubCert, mDigiCert };
|
||||
trustManager.checkServerTrusted(certificates, "authType");
|
||||
}
|
||||
|
||||
private void assertCertificateRejection(X509TrustManager trustManager,
|
||||
X509Certificate[] certificates) {
|
||||
boolean certificateValid;
|
||||
try {
|
||||
trustManager.checkServerTrusted(new X509Certificate[] { mCert2 }, "authType");
|
||||
trustManager.checkServerTrusted(certificates, "authType");
|
||||
certificateValid = true;
|
||||
} catch (CertificateException e) {
|
||||
certificateValid = false;
|
||||
|
Loading…
Reference in New Issue
Block a user