directory-commits mailing list archives

Site index · List index
Message view « Date » · « Thread »
Top « Date » · « Thread »
From kayyag...@apache.org
Subject svn commit: r732001 - in /directory/shared/trunk/ldap/src: main/java/org/apache/directory/shared/ldap/codec/extended/operations/CertGenerationGrammar.java test/java/org/apache/directory/shared/ldap/codec/extended/operations/CertGenerationRequestTest.java
Date Tue, 06 Jan 2009 16:55:11 GMT
Author: kayyagari
Date: Tue Jan  6 08:55:10 2009
New Revision: 732001

URL: http://svn.apache.org/viewvc?rev=732001&view=rev
Log:
added few more tests and DN validation as suggested by Emmanuel

Modified:
    directory/shared/trunk/ldap/src/main/java/org/apache/directory/shared/ldap/codec/extended/operations/CertGenerationGrammar.java
    directory/shared/trunk/ldap/src/test/java/org/apache/directory/shared/ldap/codec/extended/operations/CertGenerationRequestTest.java

Modified: directory/shared/trunk/ldap/src/main/java/org/apache/directory/shared/ldap/codec/extended/operations/CertGenerationGrammar.java
URL: http://svn.apache.org/viewvc/directory/shared/trunk/ldap/src/main/java/org/apache/directory/shared/ldap/codec/extended/operations/CertGenerationGrammar.java?rev=732001&r1=732000&r2=732001&view=diff
==============================================================================
--- directory/shared/trunk/ldap/src/main/java/org/apache/directory/shared/ldap/codec/extended/operations/CertGenerationGrammar.java
(original)
+++ directory/shared/trunk/ldap/src/main/java/org/apache/directory/shared/ldap/codec/extended/operations/CertGenerationGrammar.java
Tue Jan  6 08:55:10 2009
@@ -29,6 +29,7 @@
 import org.apache.directory.shared.asn1.ber.tlv.UniversalTag;
 import org.apache.directory.shared.asn1.ber.tlv.Value;
 import org.apache.directory.shared.asn1.codec.DecoderException;
+import org.apache.directory.shared.ldap.name.LdapDN;
 import org.apache.directory.shared.ldap.util.StringTools;
 import org.slf4j.Logger;
 import org.slf4j.LoggerFactory;
@@ -121,6 +122,13 @@
 
                     if ( ( targetDN != null ) && ( targetDN.trim().length() >
0 ) )
                     {
+                        if( !LdapDN.isValid( targetDN ) )
+                        {
+                            String msg = "invalid target DN " +  targetDN;
+                            LOG.error( msg );
+                            throw new DecoderException( msg );
+                        }
+                        
                         CertGenContainer.getCertGenerationObject().setTargetDN( targetDN
);
                     }
                     else
@@ -161,6 +169,13 @@
 
                     if ( ( issuerDN != null ) && ( issuerDN.trim().length() >
0 ) )
                     {
+                        if( !LdapDN.isValid( issuerDN ) )
+                        {
+                            String msg = "invalid issuer DN " +  issuerDN;
+                            LOG.error( msg );
+                            throw new DecoderException( msg );
+                        }
+                        
                         CertGenContainer.getCertGenerationObject().setIssuerDN( issuerDN
);
                     }
                 }
@@ -194,8 +209,22 @@
 
                     if ( ( subjectDN != null ) && ( subjectDN.trim().length() >
0 ) )
                     {
+                        if( !LdapDN.isValid( subjectDN ) )
+                        {
+                            String msg = "invalid subject DN " +  subjectDN;
+                            LOG.error( msg );
+                            throw new DecoderException( msg );
+                        }
+
                         CertGenContainer.getCertGenerationObject().setSubjectDN( subjectDN
);
                     }
+                    else
+                    {
+                        String msg = "failed to decode the subject DN, it cannot be null
or empty it is '"
+                            + StringTools.dumpBytes( value.getData() );
+                        LOG.error( msg );
+                        throw new DecoderException( msg );
+                    }
                 }
             } );
 
@@ -221,7 +250,7 @@
 
                     if ( IS_DEBUG )
                     {
-                        LOG.debug( "subject DN = " + keyAlgorithm );
+                        LOG.debug( "key algorithm = " + keyAlgorithm );
                     }
 
                     if ( keyAlgorithm != null && ( keyAlgorithm.trim().length() >
0 ) )

Modified: directory/shared/trunk/ldap/src/test/java/org/apache/directory/shared/ldap/codec/extended/operations/CertGenerationRequestTest.java
URL: http://svn.apache.org/viewvc/directory/shared/trunk/ldap/src/test/java/org/apache/directory/shared/ldap/codec/extended/operations/CertGenerationRequestTest.java?rev=732001&r1=732000&r2=732001&view=diff
==============================================================================
--- directory/shared/trunk/ldap/src/test/java/org/apache/directory/shared/ldap/codec/extended/operations/CertGenerationRequestTest.java
(original)
+++ directory/shared/trunk/ldap/src/test/java/org/apache/directory/shared/ldap/codec/extended/operations/CertGenerationRequestTest.java
Tue Jan  6 08:55:10 2009
@@ -125,7 +125,7 @@
 
 
     @Test
-    public void testCertGenrationDecodeWithoutTargetDN()
+    public void testCertGenerationDecodeTargetDN()
     {
         Asn1Decoder decoder = new LdapDecoder();
 
@@ -135,7 +135,6 @@
             { 0x30, 0x03, // CertGenerateObject ::= SEQUENCE {
               0x04, 0x01, ' ' } ); // empty targetDN value
 
-        String decodedPdu = StringTools.dumpBytes( bb.array() );
         bb.flip();
 
         CertGenerationContainer container = new CertGenerationContainer();
@@ -150,19 +149,40 @@
             assertTrue( true );
         }
                 
+        String dn = "=sys";
+
+        bb = ByteBuffer.allocate( dn.length() + 2 + 2 );
+
+        bb.put( new byte[]
+            { 0x30, ( byte )( dn.length() + 2 ), // CertGenerateObject ::= SEQUENCE {
+              0x04, ( byte ) dn.length(), '=', 's', 'y', 's' } ); // empty targetDN value
+
+        bb.flip();
+
+        try
+        {
+            decoder.decode( bb, container );
+            fail( "shouldn't accept the invalid targetDN" );
+        }
+        catch ( DecoderException e )
+        {
+            assertTrue( true );
+        }
+
     }
     
     
     @Test
-    public void testNullvalues()
+    public void testCertGenerationDecodeIssuerDN()
     {
         Asn1Decoder decoder = new LdapDecoder();
         
-        ByteBuffer bb = ByteBuffer.allocate( 5 );
+        ByteBuffer bb = ByteBuffer.allocate( 11 );
 
         bb.put( new byte[]
-            { 0x30, 0x03, // CertGenerateObject ::= SEQUENCE {
-              0x04, 0x01, 'x' } ); // non empty DN string
+            { 0x30, 0x09, // CertGenerateObject ::= SEQUENCE {
+              0x04, 0x04, 'c', 'n', '=', 'x', // target DN string 
+              0x04, 0x01, ' '} ); // empty issuer DN
 
         CertGenerationContainer container = new CertGenerationContainer();
         bb.flip();
@@ -177,43 +197,74 @@
             assertTrue( true );
         }
 
-        /*
-        CertGenerationObject certGenObj = container.getCertGenerationObject();
-        
-        assertEquals( "x", certGenObj.getTargetDN() );
-        assertNull( certGenObj.getIssuerDN() );
-        assertNull( certGenObj.getSubjectDN() );
-        assertNull( certGenObj.getKeyAlgorithm() );
-        */
+
+        bb = ByteBuffer.allocate( 12 );
+
+        bb.put( new byte[]
+                         { 0x30, 0x10, // CertGenerateObject ::= SEQUENCE {
+                           0x04, 0x04, 'c', 'n', '=', 'x', // target DN string 
+                           0x04, 0x02, '=', 'x' } ); // empty issuer DN
+
+        bb.flip();
+
+        try
+        {
+            decoder.decode( bb, container );
+            fail( "shouldn't accept the invalid issuerDN" );
+        }
+        catch ( DecoderException e )
+        {
+            assertTrue( true );
+        }
     }
 
 
     @Test
-    public void testCertGenerationDecodeWithoutTargetDN()
+    public void testCertGenerationDecodeWithoutSubjectDN()
     {
         Asn1Decoder decoder = new LdapDecoder();
-
-        ByteBuffer bb = ByteBuffer.allocate( 5 );
+        
+        ByteBuffer bb = ByteBuffer.allocate( 17 );
 
         bb.put( new byte[]
-            { 0x30, 0x03, // CertGenerateObject ::= SEQUENCE {
-              0x04, 0x01, ' ' } ); // empty targetDN value
+            { 0x30, 0x15, // CertGenerateObject ::= SEQUENCE {
+              0x04, 0x04, 'c', 'n', '=', 'x', // target DN string 
+              0x04, 0x04, 'c', 'n', '=', 'x', // issuer DN
+              0x04, 0x01, ' ' } ); // empty subject DN
 
-        String decodedPdu = StringTools.dumpBytes( bb.array() );
+        CertGenerationContainer container = new CertGenerationContainer();
         bb.flip();
 
-        CertGenerationContainer container = new CertGenerationContainer();
+        try
+        {
+            decoder.decode( bb, container );
+            fail();
+        }
+        catch ( DecoderException e )
+        {
+            assertTrue( true );
+        }
+
+
+        bb = ByteBuffer.allocate( 18 );
+
+        bb.put( new byte[]
+                         { 0x30, 0x16, // CertGenerateObject ::= SEQUENCE {
+                           0x04, 0x04, 'c', 'n', '=', 'x', // target DN string 
+                           0x04, 0x04, 'c', 'n', '=', 'x', // issuer DN
+                           0x04, 0x02, '=', 'x' } ); // invalid subject DN
+
+        bb.flip();
 
         try
         {
             decoder.decode( bb, container );
-            fail( "shouldn't accept the empty targetDN" );
+            fail( "shouldn't accept the invalid subject DN" );
         }
         catch ( DecoderException e )
         {
             assertTrue( true );
         }
-                
     }
     
     



Mime
View raw message