|
@@ -1,17 +1,17 @@
|
1
|
1
|
package com.dmdirc.tls;
|
2
|
2
|
|
3
|
3
|
import java.io.IOException;
|
|
4
|
+import java.io.InputStream;
|
4
|
5
|
import java.nio.file.Files;
|
5
|
6
|
import java.nio.file.Path;
|
6
|
7
|
import java.security.GeneralSecurityException;
|
|
8
|
+import java.security.KeyStore;
|
7
|
9
|
import java.security.cert.X509Certificate;
|
8
|
10
|
import java.util.Set;
|
9
|
11
|
import org.junit.Before;
|
10
|
12
|
import org.junit.Rule;
|
11
|
13
|
import org.junit.Test;
|
12
|
14
|
import org.junit.rules.TemporaryFolder;
|
13
|
|
-import sun.security.tools.keytool.CertAndKeyGen;
|
14
|
|
-import sun.security.x509.X500Name;
|
15
|
15
|
|
16
|
16
|
import static org.junit.Assert.assertEquals;
|
17
|
17
|
import static org.junit.Assert.assertFalse;
|
|
@@ -19,6 +19,13 @@ import static org.junit.Assert.assertTrue;
|
19
|
19
|
|
20
|
20
|
/**
|
21
|
21
|
* Tests for {@link CertificateExceptionManager}.
|
|
22
|
+ *
|
|
23
|
+ * <p>These test use two certificates stored in a keystore. They were generated using:
|
|
24
|
+ *
|
|
25
|
+ * <pre>
|
|
26
|
+ * keytool -genkey -validity 18250 -keystore "keystore.ks" -storepass "dmdirc" -keypass "dmdirc" -alias "test1" -dname "CN=Test1, O=DMDirc, C=GB"
|
|
27
|
+ * keytool -genkey -validity 18250 -keystore "keystore.ks" -storepass "dmdirc" -keypass "dmdirc" -alias "test2" -dname "CN=Test2, O=DMDirc, C=GB"
|
|
28
|
+ * </pre>
|
22
|
29
|
*/
|
23
|
30
|
public class CertificateExceptionManagerTest {
|
24
|
31
|
|
|
@@ -41,23 +48,23 @@ public class CertificateExceptionManagerTest {
|
41
|
48
|
|
42
|
49
|
@Test
|
43
|
50
|
public void testAddCert() throws GeneralSecurityException, IOException {
|
44
|
|
- X509Certificate cert = generateCertificate();
|
|
51
|
+ final X509Certificate cert = getCertificate(1);
|
45
|
52
|
assertTrue(manager.addExceptedCertificate(cert));
|
46
|
53
|
assertTrue(Files.exists(keyStorePath));
|
47
|
|
- Set<X509Certificate> certs = manager.getExceptedCertificates();
|
|
54
|
+ final Set<X509Certificate> certs = manager.getExceptedCertificates();
|
48
|
55
|
assertEquals(1, certs.size());
|
49
|
56
|
assertTrue(certs.contains(cert));
|
50
|
57
|
}
|
51
|
58
|
|
52
|
59
|
@Test
|
53
|
60
|
public void testRemoveUnknownCert() throws GeneralSecurityException, IOException {
|
54
|
|
- X509Certificate cert = generateCertificate();
|
|
61
|
+ final X509Certificate cert = getCertificate(1);
|
55
|
62
|
assertFalse(manager.removeExceptedCertificate(cert));
|
56
|
63
|
}
|
57
|
64
|
|
58
|
65
|
@Test
|
59
|
66
|
public void testRemoveCert() throws GeneralSecurityException, IOException {
|
60
|
|
- X509Certificate cert = generateCertificate();
|
|
67
|
+ final X509Certificate cert = getCertificate(1);
|
61
|
68
|
manager.addExceptedCertificate(cert);
|
62
|
69
|
assertTrue(manager.removeExceptedCertificate(cert));
|
63
|
70
|
assertTrue(manager.getExceptedCertificates().isEmpty());
|
|
@@ -65,20 +72,22 @@ public class CertificateExceptionManagerTest {
|
65
|
72
|
|
66
|
73
|
@Test
|
67
|
74
|
public void testRemoveCertLeavesExisting() throws GeneralSecurityException, IOException {
|
68
|
|
- X509Certificate cert1 = generateCertificate();
|
69
|
|
- X509Certificate cert2 = generateCertificate();
|
|
75
|
+ final X509Certificate cert1 = getCertificate(1);
|
|
76
|
+ final X509Certificate cert2 = getCertificate(2);
|
70
|
77
|
manager.addExceptedCertificate(cert1);
|
71
|
78
|
manager.addExceptedCertificate(cert2);
|
72
|
79
|
assertTrue(manager.removeExceptedCertificate(cert1));
|
73
|
|
- Set<X509Certificate> certs = manager.getExceptedCertificates();
|
|
80
|
+ final Set<X509Certificate> certs = manager.getExceptedCertificates();
|
74
|
81
|
assertEquals(1, certs.size());
|
75
|
82
|
assertTrue(certs.contains(cert2));
|
76
|
83
|
}
|
77
|
84
|
|
78
|
|
- private X509Certificate generateCertificate() throws GeneralSecurityException, IOException {
|
79
|
|
- CertAndKeyGen certGen = new CertAndKeyGen("RSA", "SHA256WithRSA", null);
|
80
|
|
- certGen.generate(2048);
|
81
|
|
- return certGen.getSelfCertificate(new X500Name("CN=Test,O=DMDirc,C=GB"), 120);
|
|
85
|
+ private X509Certificate getCertificate(final int num) throws GeneralSecurityException, IOException {
|
|
86
|
+ try (InputStream is = getClass().getResourceAsStream("keystore.ks")) {
|
|
87
|
+ final KeyStore keyStore = KeyStore.getInstance(KeyStore.getDefaultType());
|
|
88
|
+ keyStore.load(is, "dmdirc".toCharArray());
|
|
89
|
+ return (X509Certificate) keyStore.getCertificate("test" + num);
|
|
90
|
+ }
|
82
|
91
|
}
|
83
|
92
|
|
84
|
93
|
}
|