harmony-commits mailing list archives

Site index · List index
Message view « Date » · « Thread »
Top « Date » · « Thread »
From ndbe...@apache.org
Subject svn commit: r443539 [27/29] - in /incubator/harmony/enhanced/classlib/trunk/modules/security: ./ .settings/ META-INF/ make/ src/main/java/common/java/security/ src/main/java/common/java/security/acl/ src/main/java/common/java/security/cert/ src/main/ja...
Date Fri, 15 Sep 2006 01:18:16 GMT
Modified: incubator/harmony/enhanced/classlib/trunk/modules/security/src/test/impl/java/org/apache/harmony/security/tests/java/security/cert/TrustAnchor_ImplTest.java
URL: http://svn.apache.org/viewvc/incubator/harmony/enhanced/classlib/trunk/modules/security/src/test/impl/java/org/apache/harmony/security/tests/java/security/cert/TrustAnchor_ImplTest.java?view=diff&rev=443539&r1=443538&r2=443539
==============================================================================
--- incubator/harmony/enhanced/classlib/trunk/modules/security/src/test/impl/java/org/apache/harmony/security/tests/java/security/cert/TrustAnchor_ImplTest.java (original)
+++ incubator/harmony/enhanced/classlib/trunk/modules/security/src/test/impl/java/org/apache/harmony/security/tests/java/security/cert/TrustAnchor_ImplTest.java Thu Sep 14 18:17:39 2006
@@ -1,757 +1,757 @@
-/*
- *  Copyright 2005 The Apache Software Foundation or its licensors, as applicable.
- *
- *  Licensed under the Apache License, Version 2.0 (the "License");
- *  you may not use this file except in compliance with the License.
- *  You may obtain a copy of the License at
- *
- *     http://www.apache.org/licenses/LICENSE-2.0
- *
- *  Unless required by applicable law or agreed to in writing, software
- *  distributed under the License is distributed on an "AS IS" BASIS,
- *  WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
- *  See the License for the specific language governing permissions and
- *  limitations under the License.
- */
-
-/**
-* @author Vladimir N. Molotkov
-* @version $Revision$
-*/
-
-package org.apache.harmony.security.tests.java.security.cert;
-
-import java.security.KeyStore;
-import java.security.KeyStoreException;
-import java.security.PublicKey;
-import java.security.cert.TrustAnchor;
-import java.security.cert.X509Certificate;
-import java.security.spec.InvalidKeySpecException;
-import java.util.Arrays;
-
-import javax.security.auth.x500.X500Principal;
-
-import org.apache.harmony.security.tests.support.TestKeyPair;
-import org.apache.harmony.security.tests.support.cert.TestUtils;
-
-import junit.framework.TestCase;
-
-/**
- * Unit tests for <code>TrustAnchor</code>
- */
-public class TrustAnchor_ImplTest extends TestCase {
-    private static final String keyAlg = "DSA";
-    // Sample of some valid CA name
-    private static final String validCaNameRfc2253 =
-        "CN=Test CA,"+
-        "OU=Testing Division,"+
-        "O=Test It All,"+
-        "L=Test Town,"+
-        "ST=Testifornia,"+
-        "C=Testland";
-
-    /**
-     * Test #1 for <code>TrustAnchor(X509Certificate, byte[])</code> constructor<br> 
-     * Assertion: creates <code>TrustAnchor</code> instance<br>
-     * Test preconditions: valid parameters passed<br>
-     * Expected: must pass without any exceptions
-     */
-    public final void testTrustAnchorX509CertificatebyteArray01()
-        throws KeyStoreException {
-        KeyStore ks = TestUtils.getKeyStore(true, TestUtils.TRUSTED);
-        if (ks == null) {
-            fail(getName() + ": not performed (could not create test KeyStore)");
-        }
-
-        String certAlias = "testca1";
-        // sub testcase 1
-        new TrustAnchor(
-            (X509Certificate)ks.getCertificate(certAlias),
-            getFullEncoding());
-        // sub testcase 2
-        new TrustAnchor(
-            (X509Certificate)ks.getCertificate(certAlias),
-            getEncodingPSOnly());
-        // sub testcase 3
-        new TrustAnchor(
-            (X509Certificate)ks.getCertificate(certAlias),
-            getEncodingESOnly());
-        // sub testcase 4
-        new TrustAnchor(
-            (X509Certificate)ks.getCertificate(certAlias),
-            getEncodingNoMinMax());
-    }
-
-    /**
-     * Test #2 for <code>TrustAnchor(X509Certificate, byte[])</code> constructor<br> 
-     * Assertion: creates <code>TrustAnchor</code> instance<br>
-     * Test preconditions: <code>null</code> as nameConstraints passed<br>
-     * Expected: must pass without any exceptions
-     */
-    public final void testTrustAnchorX509CertificatebyteArray02()
-        throws KeyStoreException {
-        KeyStore ks = TestUtils.getKeyStore(true, TestUtils.TRUSTED);
-        if (ks == null) {
-            fail(getName() + ": not performed (could not create test KeyStore)");
-        }
-
-        String certAlias = "testca1";
-        new TrustAnchor(
-            (X509Certificate)ks.getCertificate(certAlias),
-            null);        
-    }
-
-    /**
-     * Test #3 for <code>TrustAnchor(X509Certificate, byte[])</code> constructor<br> 
-     * Assertion: nameConstraints cloned by the constructor<br>
-     * Test preconditions: modify passed nameConstraints<br>
-     * Expected: modification must not change object internal state
-     */
-    public final void testTrustAnchorX509CertificatebyteArray03()
-        throws KeyStoreException {
-        KeyStore ks = TestUtils.getKeyStore(true, TestUtils.TRUSTED);
-        if (ks == null) {
-            fail(getName() + ": not performed (could not create test KeyStore)");
-        }
-
-        String certAlias = "testca1";
-        byte[] nc = getEncodingPSOnly();
-        byte[] ncCopy = nc.clone();
-        // sub testcase 5 - nameConstraints can be null
-        TrustAnchor ta = new TrustAnchor(
-                (X509Certificate)ks.getCertificate(certAlias),
-                ncCopy);
-        // modify
-        ncCopy[0]=(byte)0;
-        // check that above modification did not change
-        // object internal state
-        assertTrue(Arrays.equals(nc, ta.getNameConstraints()));
-    }
-
-    /**
-     * Test #4 for <code>TrustAnchor(X509Certificate, byte[])</code> constructor<br> 
-     * Assertion: <code>NullPointerException</code> if <code>X509Certificate</code>
-     * parameter is <code>null</code><br>
-     * Test preconditions: pass <code>null</code> as <code>X509Certificate</code><br>
-     * Expected: NullPointerException
-     */
-    public final void testTrustAnchorX509CertificatebyteArray04()
-        throws KeyStoreException {
-        KeyStore ks = TestUtils.getKeyStore(true, TestUtils.TRUSTED);
-        if (ks == null) {
-            fail(getName() + ": not performed (could not create test KeyStore)");
-        }
-
-        try {
-            new TrustAnchor(null, getFullEncoding());
-            fail("NullPointerException has not been thrown");
-        } catch (NullPointerException ok) {
-        }
-    }
-
-    /**
-     * Test #5 for <code>TrustAnchor(X509Certificate, byte[])</code> constructor<br> 
-     * Assertion: <code>IllegalArgumentException</code> if nameConstraints
-     * parameter can not be decoded<br>
-     * Test preconditions: pass invalid nameConstraints encoding<br>
-     * Expected: IllegalArgumentException
-     */
-    public final void testTrustAnchorX509CertificatebyteArray05()
-        throws KeyStoreException {
-        KeyStore ks = TestUtils.getKeyStore(true, TestUtils.TRUSTED);
-        if (ks == null) {
-            fail(getName() + ": not performed (could not create test KeyStore)");
-        }
-
-        String certAlias = "testca1";
-
-        // sub testcase 1:
-        byte [] nameConstraints = getFullEncoding();
-        // corrupt encoding:
-        // set wrong root seq length
-        nameConstraints[2] = (byte)0x8d;
-        try {
-            new TrustAnchor(
-                    (X509Certificate)ks.getCertificate(certAlias),
-                    nameConstraints);
-            fail("IllegalArgumentException has not been thrown");
-        } catch (IllegalArgumentException ok) {
-        }
-
-        // sub testcase 2:
-        nameConstraints = getFullEncoding();
-        // corrupt encoding:
-        // set wrong root seq length
-        nameConstraints[2] = (byte)0x8b;
-        try {
-            new TrustAnchor(
-                    (X509Certificate)ks.getCertificate(certAlias),
-                    nameConstraints);
-            fail("IllegalArgumentException has not been thrown");
-        } catch (IllegalArgumentException ok) {
-        }
-
-        // sub testcase 3:
-        nameConstraints = getFullEncoding();
-        // corrupt encoding:
-        // remove right class from seq tag
-        nameConstraints[3] &= (byte)0x3f;
-        try {
-            new TrustAnchor(
-                    (X509Certificate)ks.getCertificate(certAlias),
-                    nameConstraints);
-            fail("IllegalArgumentException has not been thrown");
-        } catch (IllegalArgumentException ok) {
-        }
-
-        // sub testcase 4:
-        nameConstraints = getEncodingESOnly();
-        // corrupt encoding:
-        // set wrong tagged value (excludedSubtrees SEQ OF) tag [2]
-        nameConstraints[2] = (byte)0xa2;
-        try {
-            new TrustAnchor(
-                    (X509Certificate)ks.getCertificate(certAlias),
-                    nameConstraints);
-            fail("IllegalArgumentException has not been thrown");
-        } catch (IllegalArgumentException ok) {
-        }
-
-        // sub testcase 5:
-        nameConstraints = getEncodingESOnly();
-        // corrupt encoding:
-        // remove CONSTRUCTED flag from tagged value (excludedSubtrees SEQ OF) tag
-        nameConstraints[2] &= (byte)0xdf;
-        try {
-            new TrustAnchor(
-                    (X509Certificate)ks.getCertificate(certAlias),
-                    nameConstraints);
-            fail("IllegalArgumentException has not been thrown");
-        } catch (IllegalArgumentException ok) {
-        }
-
-        // sub testcase 6:
-        nameConstraints = getEncodingESOnly();
-        // corrupt encoding:
-        // set CONSTRUCTED flag for PROMITIVE tagged value tag
-        // (generalSubtree's 'base' as IA5String)
-        nameConstraints[5] |= (byte)0x20;
-        try {
-            new TrustAnchor(
-                    (X509Certificate)ks.getCertificate(certAlias),
-                    nameConstraints);
-            fail("IllegalArgumentException has not been thrown");
-        } catch (IllegalArgumentException ok) {
-        }
-
-        // sub testcase 7:
-        nameConstraints = getEncodingESOnly();
-        // corrupt encoding:
-        // remove scheme from URI
-        // (generalSubtree's 'base' as IA5String (uniformResourceIdentifier))
-        nameConstraints[12] = nameConstraints[13] = nameConstraints[14] =
-            (byte)0x6f;
-        try {
-            new TrustAnchor(
-                    (X509Certificate)ks.getCertificate(certAlias),
-                    nameConstraints);
-            fail("IllegalArgumentException has not been thrown");
-        } catch (IllegalArgumentException ok) {
-        }
-    }
-
-    /**
-     * Test #6 for <code>TrustAnchor(X509Certificate, byte[])</code> constructor<br> 
-     * Assertion: creates <code>TrustAnchor</code> instance<br>
-     * Test preconditions: valid parameters passed (base as OID)<br>
-     * Expected: must pass without any exceptions
-     */
-    public final void testTrustAnchorX509CertificatebyteArray06()
-        throws KeyStoreException {
-        KeyStore ks = TestUtils.getKeyStore(true, TestUtils.TRUSTED);
-        if (ks == null) {
-            fail(getName() + ": not performed (could not create test KeyStore)");
-        }
-
-        String certAlias = "testca1";
-        byte []  nameConstraints = getEncodingOid();
-        new TrustAnchor(
-            (X509Certificate)ks.getCertificate(certAlias),
-            nameConstraints);
-    }
-
-    /**
-     * Test #7 for <code>TrustAnchor(X509Certificate, byte[])</code> constructor<br> 
-     * Assertion: <code>IllegalArgumentException</code> if nameConstraints
-     * parameter can not be decoded<br>
-     * Test preconditions: pass invalid nameConstraints (OID) encoding<br>
-     * Expected: IllegalArgumentException
-     */
-    public final void testTrustAnchorX509CertificatebyteArray07()
-        throws KeyStoreException {
-        KeyStore ks = TestUtils.getKeyStore(true, TestUtils.TRUSTED);
-        if (ks == null) {
-            fail(getName() + ": not performed (could not create test KeyStore)");
-        }
-
-        String certAlias = "testca1";
-        byte []  nameConstraints = getEncodingOid();
-        //corrupt Oid
-        nameConstraints[10]= (byte) 0xFF;
-        try {
-            new TrustAnchor(
-                (X509Certificate)ks.getCertificate(certAlias),
-                nameConstraints);
-            fail("IllegalArgumentException has not been thrown");
-        } catch (IllegalArgumentException ok) {
-        }
-    }
-
-    /**
-     * Test #8 for <code>TrustAnchor(X509Certificate, byte[])</code> constructor<br> 
-     * Assertion: <code>IllegalArgumentException</code> if nameConstraints
-     * parameter can not be decoded<br>
-     * Test preconditions: pass invalid nameConstraints encodings<br>
-     * Expected: IllegalArgumentException
-     */
-    public final void testTrustAnchorX509CertificatebyteArray08()
-        throws KeyStoreException {
-        KeyStore ks = TestUtils.getKeyStore(true, TestUtils.TRUSTED);
-        if (ks == null) {
-            fail(getName() + ": not performed (could not create test KeyStore)");
-        }
-
-        String certAlias = "testca1";
-        // GeneralName tags for this test (1,2 and 3 are omitted)
-        byte[] generalNameTag = new byte[] {
-                (byte)0xa0,(byte)0xa4,(byte)0xa5,
-                (byte)0x86,(byte)0x87,(byte)0x88
-        };
-        // wrong (for above tags) nameConstraints encoding
-        byte[] wrongEncoding = new byte[] {
-                (byte)0x30,(byte)0x0c, // sequence + length
-                (byte)0xa1,(byte)0x0a, // excluded subtrees, tag, len
-                (byte)0x30,(byte)0x08, // sequence of, tag, len
-                (byte)0xa0, // element 6 - tag identifying GeneralName choice
-                (byte)0x03, // GeneralName length
-                (byte)0x01,(byte)0x01,(byte)0xff, // wrong GeneralName for any choice 
-                (byte)0x80,(byte)0x01,(byte)0x00 // minimum
-        };
-        for (int i=0; i<generalNameTag.length; i++) {
-            wrongEncoding[6] = generalNameTag[i];
-            try {
-                new TrustAnchor(
-                    (X509Certificate)ks.getCertificate(certAlias),
-                    wrongEncoding);
-                fail("IllegalArgumentException has not been thrown for tag " +
-                        (generalNameTag[i]&0xff));
-            } catch (IllegalArgumentException ok) {
-            }
-        }
-    }
-
-    /**
-     * Test #9 for <code>TrustAnchor(X509Certificate, byte[])</code> constructor<br> 
-     * Assertion: <code>IllegalArgumentException</code> if nameConstraints
-     * parameter can not be decoded<br>
-     * Test preconditions: pass valid and then invalid nameConstraints encodings
-     * (GeneralName choice is [0] OtherName)<br>
-     * Expected: no exception for valid encoding and IllegalArgumentException for invalid
-     * @throws KeyStoreException
-     */
-    public final void testTrustAnchorX509CertificatebyteArray09()
-        throws KeyStoreException {
-        KeyStore ks = TestUtils.getKeyStore(true, TestUtils.TRUSTED);
-        if (ks == null) {
-            fail(getName() + ": not performed (could not create test KeyStore)");
-        }
-
-        String certAlias = "testca1";
-        byte[] encoding = new byte[] {
-                (byte)0x30,(byte)0x13,(byte)0xa1,(byte)0x11,
-                (byte)0x30,(byte)0x0f,(byte)0xa0,(byte)0x0a,
-                (byte)0x06,(byte)0x03,(byte)0x00,(byte)0x01,(byte)0x02,
-                (byte)0xA0,(byte)0x03,1,1,(byte)0xff, 
-                (byte)0x80,(byte)0x01,(byte)0x00
-        };
-        try {
-            new TrustAnchor(
-                (X509Certificate)ks.getCertificate(certAlias), encoding);
-        } catch (IllegalArgumentException failed) {
-            fail("valid encoding not accepted");
-        }
-        // now corrupt encoding: set OtherName value tag to 1 (must be 0)
-        encoding[13] = 1;
-        try {
-            new TrustAnchor(
-                (X509Certificate)ks.getCertificate(certAlias), encoding);
-            fail("invalid encoding accepted");
-        } catch (IllegalArgumentException ok) {
-        }
-    }
-
-    /**
-     * Test for <code>getNameConstraints()</code> method<br> 
-     * Assertion: returns <code>nameConstraints</code> der encoding<br>
-     * Test preconditions: valid nameConstraints parameter passed (not null)<br>
-     * Expected: encoding passed to the ctor must match returned one<br>
-     * Assertion: returns new <code>nameConstraints</code> der encoding each time<br>
-     * Test preconditions: valid nameConstraints parameter passed (not null)<br>
-     * Expected: must return new reference each time called
-     */
-    public final void testGetNameConstraints()
-        throws KeyStoreException {
-        KeyStore ks = TestUtils.getKeyStore(true, TestUtils.TRUSTED);
-        if (ks == null) {
-            fail(getName() + ": not performed (could not create test KeyStore)");
-        }
-
-        String certAlias = "testca1";
-        byte[] nc = getFullEncoding();
-        // sub testcase 1
-        TrustAnchor ta = new TrustAnchor(
-                (X509Certificate)ks.getCertificate(certAlias), nc);
-        byte[] ncRet = ta.getNameConstraints();
-        // assert 1
-        assertTrue(Arrays.equals(nc, ncRet));
-        assertNotSame(nc, ncRet);
-        // assert 2
-        assertNotSame(ncRet, ta.getNameConstraints());
-    }
-
-    /**
-     * Test #2 for <code>getCAName()</code> method<br>
-     *  
-     * Assertion: returns ... <code>null</code> if <code>TrustAnchor</code>
-     * was not specified as public key and CA name or CA principal pair<br>
-     * Test preconditions: test object is not specified as public key
-     * and CA name or CA principal pair<br>
-     * Expected: <code>null</code> as return value<br>
-     * @throws KeyStoreException
-     * 
-     */
-    public final void testGetCAPublicKey02()
-        throws InvalidKeySpecException, KeyStoreException {
-        KeyStore ks = TestUtils.getKeyStore(true, TestUtils.TRUSTED);
-        if (ks == null) {
-            fail(getName() + ": not performed (could not create test KeyStore)");
-        }
-
-        TrustAnchor ta = new TrustAnchor(
-                (X509Certificate)ks.getCertificate("testca1"),
-                null);
-        assertNull(ta.getCAPublicKey());
-    }
-
-    /**
-     * Test #2 for <code>getCAName()</code> method<br>
-     *  
-     * Assertion: returns ... <code>null</code> if <code>TrustAnchor</code>
-     * was not specified as public key and CA name or CA principal pair<br>
-     * Test preconditions: test object is not specified as public key
-     * and CA name or CA principal pair<br>
-     * Expected: <code>null</code> as return value<br>
-     * @throws KeyStoreException
-     */
-    public final void testGetCAName02()
-        throws KeyStoreException {
-        KeyStore ks = TestUtils.getKeyStore(true, TestUtils.TRUSTED);
-        if (ks == null) {
-            fail(getName() + ": not performed (could not create test KeyStore)");
-        }
-
-        TrustAnchor ta = new TrustAnchor(
-                (X509Certificate)ks.getCertificate("testca1"),
-                null);
-        assertNull(ta.getCAName());
-    }
-
-    /**
-     * Test #1 for <code>getCAName()</code> method<br>
-     *  
-     * Assertion: returns most trusted CA certificate<br>
-     * Test preconditions: valid certificate passed to the constructor<br>
-     * Expected: the same certificate must be returned by the method<br>
-     * @throws KeyStoreException
-     * 
-     */
-    public final void testGetTrustedCert01()
-        throws KeyStoreException {
-        KeyStore ks = TestUtils.getKeyStore(true, TestUtils.TRUSTED);
-        if (ks == null) {
-            fail(getName() + ": not performed (could not create test KeyStore)");
-        }
-
-        X509Certificate cert =
-            (X509Certificate)ks.getCertificate("testca1");
-        TrustAnchor ta = new TrustAnchor(cert, null);
-        assertEquals(cert, ta.getTrustedCert());
-    }
-
-    /**
-     * Test #2 for <code>getCA()</code> method<br>
-     *  
-     * Assertion: returns ... <code>null</code> if <code>TrustAnchor</code>
-     * was not specified as public key and CA name or CA principal pair<br>
-     * Test preconditions: test object is not specified as public key
-     * and CA name or CA principal pair<br>
-     * Expected: <code>null</code> as return value<br>
-     * @throws KeyStoreException
-     */
-    public final void testGetCA02()
-        throws KeyStoreException {
-        KeyStore ks = TestUtils.getKeyStore(true, TestUtils.TRUSTED);
-        if (ks == null) {
-            fail(getName() + ": not performed (could not create test KeyStore)");
-        }
-
-        TrustAnchor ta = new TrustAnchor(
-                (X509Certificate)ks.getCertificate("testca1"),
-                null);
-        assertNull(ta.getCA());
-    }
-
-    /**
-     * Test for <code>toString()</code> method<br>
-     *  
-     * Assertion: returns string representation of this <code>TrustAnchor</code>
-     * Test preconditions: several valid test objects created<br>
-     * Expected: method returns not <code>null</code> in all cases<br>
-     */
-    public final void testToString() throws Exception {
-
-        KeyStore ks = TestUtils.getKeyStore(true, TestUtils.TRUSTED);
-        if (ks == null) {
-            fail(getName() + ": not performed (could not create test KeyStore)");
-        }
-
-        String certAlias = "test";
-
-        // sub testcase 1
-        TrustAnchor ta = new TrustAnchor(
-                (X509Certificate)ks.getCertificate(certAlias),
-                getFullEncoding());
-
-        assertNotNull("#1", ta.toString());
-
-        PublicKey pk = new TestKeyPair(keyAlg).getPublic();
-
-
-        // sub testcase 2
-        ta = new TrustAnchor(validCaNameRfc2253, pk, getEncodingESOnly());
-
-        assertNotNull("#2", ta.toString());
-
-        // sub testcase 3
-        X500Principal x500p = new X500Principal(validCaNameRfc2253);
-        ta = new TrustAnchor(x500p, pk, getEncodingNoMinMax());
-
-        assertNotNull("#3", ta.toString());
-
-        // sub testcase 4
-        ta = new TrustAnchor(x500p, pk, null);
-        assertNotNull("#4", ta.toString());
-    }
-
-    //
-    // Private stuff
-    //
-    
-    /*
-     * The following methods return valid DER encoding
-     * for the following ASN.1 definition (as specified in RFC 3280 -
-     *  Internet X.509 Public Key Infrastructure.
-     *  Certificate and Certificate Revocation List (CRL) Profile.
-     *  http://www.ietf.org/rfc/rfc3280.txt):
-     * 
-     *  NameConstraints ::= SEQUENCE {
-     *             permittedSubtrees       [0]     GeneralSubtrees OPTIONAL,
-     *             excludedSubtrees        [1]     GeneralSubtrees OPTIONAL }
-     *
-     *        GeneralSubtrees ::= SEQUENCE SIZE (1..MAX) OF GeneralSubtree
-     *
-     *        GeneralSubtree ::= SEQUENCE {
-     *             base                    GeneralName,
-     *             minimum         [0]     BaseDistance DEFAULT 0,
-     *             maximum         [1]     BaseDistance OPTIONAL }
-     *
-     *        BaseDistance ::= INTEGER (0..MAX)
-     *
-     *        GeneralName ::= CHOICE {
-     *             otherName                       [0]     OtherName,
-     *             rfc822Name                      [1]     IA5String,
-     *             dNSName                         [2]     IA5String,
-     *             x400Address                     [3]     ORAddress,
-     *             directoryName                   [4]     Name,
-     *             ediPartyName                    [5]     EDIPartyName,
-     *             uniformResourceIdentifier       [6]     IA5String,
-     *             iPAddress                       [7]     OCTET STRING,
-     *             registeredID                    [8]     OBJECT IDENTIFIER}
-     */ 
-
-    //
-    // Full NameConstraints encoding
-    // (generated by own encoder class created durind test development)
-    //
-    // @return Full NameConstraints encoding
-    // with all OPTIONAL values presented.
-    //
-    private static final byte[] getFullEncoding() {
-        // DO NOT MODIFY!
-        return new byte[] {
-                (byte)0x30,(byte)0x81,(byte)0x8c,(byte)0xa0,
-                (byte)0x44,(byte)0x30,(byte)0x16,(byte)0x86,
-                (byte)0x0e,(byte)0x66,(byte)0x69,(byte)0x6c,
-                (byte)0x65,(byte)0x3a,(byte)0x2f,(byte)0x2f,
-                (byte)0x66,(byte)0x6f,(byte)0x6f,(byte)0x2e,
-                (byte)0x63,(byte)0x6f,(byte)0x6d,(byte)0x80,
-                (byte)0x01,(byte)0x00,(byte)0x81,(byte)0x01,
-                (byte)0x01,(byte)0x30,(byte)0x16,(byte)0x86,
-                (byte)0x0e,(byte)0x66,(byte)0x69,(byte)0x6c,
-                (byte)0x65,(byte)0x3a,(byte)0x2f,(byte)0x2f,
-                (byte)0x62,(byte)0x61,(byte)0x72,(byte)0x2e,
-                (byte)0x63,(byte)0x6f,(byte)0x6d,(byte)0x80,
-                (byte)0x01,(byte)0x00,(byte)0x81,(byte)0x01,
-                (byte)0x01,(byte)0x30,(byte)0x12,(byte)0x86,
-                (byte)0x0a,(byte)0x66,(byte)0x69,(byte)0x6c,
-                (byte)0x65,(byte)0x3a,(byte)0x2f,(byte)0x2f,
-                (byte)0x6d,(byte)0x75,(byte)0x75,(byte)0x80,
-                (byte)0x01,(byte)0x00,(byte)0x81,(byte)0x01,
-                (byte)0x01,(byte)0xa1,(byte)0x44,(byte)0x30,
-                (byte)0x16,(byte)0x86,(byte)0x0e,(byte)0x68,
-                (byte)0x74,(byte)0x74,(byte)0x70,(byte)0x3a,
-                (byte)0x2f,(byte)0x2f,(byte)0x66,(byte)0x6f,
-                (byte)0x6f,(byte)0x2e,(byte)0x63,(byte)0x6f,
-                (byte)0x6d,(byte)0x80,(byte)0x01,(byte)0x00,
-                (byte)0x81,(byte)0x01,(byte)0x01,(byte)0x30,
-                (byte)0x16,(byte)0x86,(byte)0x0e,(byte)0x68,
-                (byte)0x74,(byte)0x74,(byte)0x70,(byte)0x3a,
-                (byte)0x2f,(byte)0x2f,(byte)0x62,(byte)0x61,
-                (byte)0x72,(byte)0x2e,(byte)0x63,(byte)0x6f,
-                (byte)0x6d,(byte)0x80,(byte)0x01,(byte)0x00,
-                (byte)0x81,(byte)0x01,(byte)0x01,(byte)0x30,
-                (byte)0x12,(byte)0x86,(byte)0x0a,(byte)0x68,
-                (byte)0x74,(byte)0x74,(byte)0x70,(byte)0x3a,
-                (byte)0x2f,(byte)0x2f,(byte)0x6d,(byte)0x75,
-                (byte)0x75,(byte)0x80,(byte)0x01,(byte)0x00,
-                (byte)0x81,(byte)0x01,(byte)0x01
-        };
-    }
-
-    //
-    // NameConstraints encoding without excludedSubtrees
-    // (generated by own encoder class created durind test development)
-    //
-    // @return NameConstraints encoding with 
-    // permittedSubtrees only; all OPTIONAL
-    // values in permittedSubtrees are presented.
-    //
-    private static final byte[] getEncodingPSOnly() {
-        // DO NOT MODIFY!
-        return new byte[] {
-                (byte)0x30,(byte)0x46,(byte)0xa0,(byte)0x44,
-                (byte)0x30,(byte)0x16,(byte)0x86,(byte)0x0e,
-                (byte)0x66,(byte)0x69,(byte)0x6c,(byte)0x65,
-                (byte)0x3a,(byte)0x2f,(byte)0x2f,(byte)0x66,
-                (byte)0x6f,(byte)0x6f,(byte)0x2e,(byte)0x63,
-                (byte)0x6f,(byte)0x6d,(byte)0x80,(byte)0x01,
-                (byte)0x00,(byte)0x81,(byte)0x01,(byte)0x01,
-                (byte)0x30,(byte)0x16,(byte)0x86,(byte)0x0e,
-                (byte)0x66,(byte)0x69,(byte)0x6c,(byte)0x65,
-                (byte)0x3a,(byte)0x2f,(byte)0x2f,(byte)0x62,
-                (byte)0x61,(byte)0x72,(byte)0x2e,(byte)0x63,
-                (byte)0x6f,(byte)0x6d,(byte)0x80,(byte)0x01,
-                (byte)0x00,(byte)0x81,(byte)0x01,(byte)0x01,
-                (byte)0x30,(byte)0x12,(byte)0x86,(byte)0x0a,
-                (byte)0x66,(byte)0x69,(byte)0x6c,(byte)0x65,
-                (byte)0x3a,(byte)0x2f,(byte)0x2f,(byte)0x6d,
-                (byte)0x75,(byte)0x75,(byte)0x80,(byte)0x01,
-                (byte)0x00,(byte)0x81,(byte)0x01,(byte)0x01,
-        };
-    }
-
-    //
-    // NameConstraints encoding without permittedSubtrees
-    // (generated by own encoder class created durind test development)
-    //
-    // @return NameConstraints encoding with 
-    // excludedSubtrees only; all OPTIONAL
-    // values in excludedSubtrees are presented.
-    //
-    private static final byte[] getEncodingESOnly() {
-        // DO NOT MODIFY!
-        return new byte[] {
-                (byte)0x30,(byte)0x46,(byte)0xa1,(byte)0x44,
-                (byte)0x30,(byte)0x16,(byte)0x86,(byte)0x0e,
-                (byte)0x68,(byte)0x74,(byte)0x74,(byte)0x70, // http
-                (byte)0x3a,(byte)0x2f,(byte)0x2f,(byte)0x66, // ://f
-                (byte)0x6f,(byte)0x6f,(byte)0x2e,(byte)0x63, // oo.c
-                (byte)0x6f,(byte)0x6d,(byte)0x80,(byte)0x01, // om
-                (byte)0x00,(byte)0x81,(byte)0x01,(byte)0x01,
-                (byte)0x30,(byte)0x16,(byte)0x86,(byte)0x0e,
-                (byte)0x68,(byte)0x74,(byte)0x74,(byte)0x70,
-                (byte)0x3a,(byte)0x2f,(byte)0x2f,(byte)0x62,
-                (byte)0x61,(byte)0x72,(byte)0x2e,(byte)0x63,
-                (byte)0x6f,(byte)0x6d,(byte)0x80,(byte)0x01,
-                (byte)0x00,(byte)0x81,(byte)0x01,(byte)0x01,
-                (byte)0x30,(byte)0x12,(byte)0x86,(byte)0x0a,
-                (byte)0x68,(byte)0x74,(byte)0x74,(byte)0x70,
-                (byte)0x3a,(byte)0x2f,(byte)0x2f,(byte)0x6d,
-                (byte)0x75,(byte)0x75,(byte)0x80,(byte)0x01,
-                (byte)0x00,(byte)0x81,(byte)0x01,(byte)0x01,
-        };
-    }
-
-    //
-    // NameConstraints full encoding with all (OPTIONAL)
-    // minimum/maximum GeneralSubtree fields OMITTED
-    // (generated by own encoder class created durind test development)
-    //
-    // @return Full NameConstraints encoding
-    // with all (OPTIONAL) minimum/maximum
-    // GeneralSubtree fields OMITTED
-    //
-    private static final byte[] getEncodingNoMinMax() {
-        // DO NOT MODIFY!
-        return new byte[] {
-                (byte)0x30,(byte)0x68,(byte)0xa0,(byte)0x32,
-                (byte)0x30,(byte)0x10,(byte)0x86,(byte)0x0e,
-                (byte)0x66,(byte)0x69,(byte)0x6c,(byte)0x65,
-                (byte)0x3a,(byte)0x2f,(byte)0x2f,(byte)0x66,
-                (byte)0x6f,(byte)0x6f,(byte)0x2e,(byte)0x63,
-                (byte)0x6f,(byte)0x6d,(byte)0x30,(byte)0x10,
-                (byte)0x86,(byte)0x0e,(byte)0x66,(byte)0x69,
-                (byte)0x6c,(byte)0x65,(byte)0x3a,(byte)0x2f,
-                (byte)0x2f,(byte)0x62,(byte)0x61,(byte)0x72,
-                (byte)0x2e,(byte)0x63,(byte)0x6f,(byte)0x6d,
-                (byte)0x30,(byte)0x0c,(byte)0x86,(byte)0x0a,
-                (byte)0x66,(byte)0x69,(byte)0x6c,(byte)0x65,
-                (byte)0x3a,(byte)0x2f,(byte)0x2f,(byte)0x6d,
-                (byte)0x75,(byte)0x75,(byte)0xa1,(byte)0x32,
-                (byte)0x30,(byte)0x10,(byte)0x86,(byte)0x0e,
-                (byte)0x68,(byte)0x74,(byte)0x74,(byte)0x70,
-                (byte)0x3a,(byte)0x2f,(byte)0x2f,(byte)0x66,
-                (byte)0x6f,(byte)0x6f,(byte)0x2e,(byte)0x63,
-                (byte)0x6f,(byte)0x6d,(byte)0x30,(byte)0x10,
-                (byte)0x86,(byte)0x0e,(byte)0x68,(byte)0x74,
-                (byte)0x74,(byte)0x70,(byte)0x3a,(byte)0x2f,
-                (byte)0x2f,(byte)0x62,(byte)0x61,(byte)0x72,
-                (byte)0x2e,(byte)0x63,(byte)0x6f,(byte)0x6d,
-                (byte)0x30,(byte)0x0c,(byte)0x86,(byte)0x0a,
-                (byte)0x68,(byte)0x74,(byte)0x74,(byte)0x70,
-                (byte)0x3a,(byte)0x2f,(byte)0x2f,(byte)0x6d,
-                (byte)0x75,(byte)0x75,
-        };
-    }
-
-    // Returns OID encoding
-    // (generated by own encoder class created durind test development)
-    private static final byte[] getEncodingOid() {
-        // DO NOT MODIFY!
-        return new byte[] {
-                (byte) 0x30, (byte) 0x09, (byte) 0xA0, (byte) 0x07, 
-                (byte) 0x30, (byte) 0x05, (byte) 0x88, (byte) 0x03, 
-                (byte) 0x2A, (byte) 0x03, (byte) 0x04 
-        };
-    }
-}
+/*
+ *  Copyright 2005 The Apache Software Foundation or its licensors, as applicable.
+ *
+ *  Licensed under the Apache License, Version 2.0 (the "License");
+ *  you may not use this file except in compliance with the License.
+ *  You may obtain a copy of the License at
+ *
+ *     http://www.apache.org/licenses/LICENSE-2.0
+ *
+ *  Unless required by applicable law or agreed to in writing, software
+ *  distributed under the License is distributed on an "AS IS" BASIS,
+ *  WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+ *  See the License for the specific language governing permissions and
+ *  limitations under the License.
+ */
+
+/**
+* @author Vladimir N. Molotkov
+* @version $Revision$
+*/
+
+package org.apache.harmony.security.tests.java.security.cert;
+
+import java.security.KeyStore;
+import java.security.KeyStoreException;
+import java.security.PublicKey;
+import java.security.cert.TrustAnchor;
+import java.security.cert.X509Certificate;
+import java.security.spec.InvalidKeySpecException;
+import java.util.Arrays;
+
+import javax.security.auth.x500.X500Principal;
+
+import org.apache.harmony.security.tests.support.TestKeyPair;
+import org.apache.harmony.security.tests.support.cert.TestUtils;
+
+import junit.framework.TestCase;
+
+/**
+ * Unit tests for <code>TrustAnchor</code>
+ */
+public class TrustAnchor_ImplTest extends TestCase {
+    private static final String keyAlg = "DSA";
+    // Sample of some valid CA name
+    private static final String validCaNameRfc2253 =
+        "CN=Test CA,"+
+        "OU=Testing Division,"+
+        "O=Test It All,"+
+        "L=Test Town,"+
+        "ST=Testifornia,"+
+        "C=Testland";
+
+    /**
+     * Test #1 for <code>TrustAnchor(X509Certificate, byte[])</code> constructor<br> 
+     * Assertion: creates <code>TrustAnchor</code> instance<br>
+     * Test preconditions: valid parameters passed<br>
+     * Expected: must pass without any exceptions
+     */
+    public final void testTrustAnchorX509CertificatebyteArray01()
+        throws KeyStoreException {
+        KeyStore ks = TestUtils.getKeyStore(true, TestUtils.TRUSTED);
+        if (ks == null) {
+            fail(getName() + ": not performed (could not create test KeyStore)");
+        }
+
+        String certAlias = "testca1";
+        // sub testcase 1
+        new TrustAnchor(
+            (X509Certificate)ks.getCertificate(certAlias),
+            getFullEncoding());
+        // sub testcase 2
+        new TrustAnchor(
+            (X509Certificate)ks.getCertificate(certAlias),
+            getEncodingPSOnly());
+        // sub testcase 3
+        new TrustAnchor(
+            (X509Certificate)ks.getCertificate(certAlias),
+            getEncodingESOnly());
+        // sub testcase 4
+        new TrustAnchor(
+            (X509Certificate)ks.getCertificate(certAlias),
+            getEncodingNoMinMax());
+    }
+
+    /**
+     * Test #2 for <code>TrustAnchor(X509Certificate, byte[])</code> constructor<br> 
+     * Assertion: creates <code>TrustAnchor</code> instance<br>
+     * Test preconditions: <code>null</code> as nameConstraints passed<br>
+     * Expected: must pass without any exceptions
+     */
+    public final void testTrustAnchorX509CertificatebyteArray02()
+        throws KeyStoreException {
+        KeyStore ks = TestUtils.getKeyStore(true, TestUtils.TRUSTED);
+        if (ks == null) {
+            fail(getName() + ": not performed (could not create test KeyStore)");
+        }
+
+        String certAlias = "testca1";
+        new TrustAnchor(
+            (X509Certificate)ks.getCertificate(certAlias),
+            null);        
+    }
+
+    /**
+     * Test #3 for <code>TrustAnchor(X509Certificate, byte[])</code> constructor<br> 
+     * Assertion: nameConstraints cloned by the constructor<br>
+     * Test preconditions: modify passed nameConstraints<br>
+     * Expected: modification must not change object internal state
+     */
+    public final void testTrustAnchorX509CertificatebyteArray03()
+        throws KeyStoreException {
+        KeyStore ks = TestUtils.getKeyStore(true, TestUtils.TRUSTED);
+        if (ks == null) {
+            fail(getName() + ": not performed (could not create test KeyStore)");
+        }
+
+        String certAlias = "testca1";
+        byte[] nc = getEncodingPSOnly();
+        byte[] ncCopy = nc.clone();
+        // sub testcase 5 - nameConstraints can be null
+        TrustAnchor ta = new TrustAnchor(
+                (X509Certificate)ks.getCertificate(certAlias),
+                ncCopy);
+        // modify
+        ncCopy[0]=(byte)0;
+        // check that above modification did not change
+        // object internal state
+        assertTrue(Arrays.equals(nc, ta.getNameConstraints()));
+    }
+
+    /**
+     * Test #4 for <code>TrustAnchor(X509Certificate, byte[])</code> constructor<br> 
+     * Assertion: <code>NullPointerException</code> if <code>X509Certificate</code>
+     * parameter is <code>null</code><br>
+     * Test preconditions: pass <code>null</code> as <code>X509Certificate</code><br>
+     * Expected: NullPointerException
+     */
+    public final void testTrustAnchorX509CertificatebyteArray04()
+        throws KeyStoreException {
+        KeyStore ks = TestUtils.getKeyStore(true, TestUtils.TRUSTED);
+        if (ks == null) {
+            fail(getName() + ": not performed (could not create test KeyStore)");
+        }
+
+        try {
+            new TrustAnchor(null, getFullEncoding());
+            fail("NullPointerException has not been thrown");
+        } catch (NullPointerException ok) {
+        }
+    }
+
+    /**
+     * Test #5 for <code>TrustAnchor(X509Certificate, byte[])</code> constructor<br> 
+     * Assertion: <code>IllegalArgumentException</code> if nameConstraints
+     * parameter can not be decoded<br>
+     * Test preconditions: pass invalid nameConstraints encoding<br>
+     * Expected: IllegalArgumentException
+     */
+    public final void testTrustAnchorX509CertificatebyteArray05()
+        throws KeyStoreException {
+        KeyStore ks = TestUtils.getKeyStore(true, TestUtils.TRUSTED);
+        if (ks == null) {
+            fail(getName() + ": not performed (could not create test KeyStore)");
+        }
+
+        String certAlias = "testca1";
+
+        // sub testcase 1:
+        byte [] nameConstraints = getFullEncoding();
+        // corrupt encoding:
+        // set wrong root seq length
+        nameConstraints[2] = (byte)0x8d;
+        try {
+            new TrustAnchor(
+                    (X509Certificate)ks.getCertificate(certAlias),
+                    nameConstraints);
+            fail("IllegalArgumentException has not been thrown");
+        } catch (IllegalArgumentException ok) {
+        }
+
+        // sub testcase 2:
+        nameConstraints = getFullEncoding();
+        // corrupt encoding:
+        // set wrong root seq length
+        nameConstraints[2] = (byte)0x8b;
+        try {
+            new TrustAnchor(
+                    (X509Certificate)ks.getCertificate(certAlias),
+                    nameConstraints);
+            fail("IllegalArgumentException has not been thrown");
+        } catch (IllegalArgumentException ok) {
+        }
+
+        // sub testcase 3:
+        nameConstraints = getFullEncoding();
+        // corrupt encoding:
+        // remove right class from seq tag
+        nameConstraints[3] &= (byte)0x3f;
+        try {
+            new TrustAnchor(
+                    (X509Certificate)ks.getCertificate(certAlias),
+                    nameConstraints);
+            fail("IllegalArgumentException has not been thrown");
+        } catch (IllegalArgumentException ok) {
+        }
+
+        // sub testcase 4:
+        nameConstraints = getEncodingESOnly();
+        // corrupt encoding:
+        // set wrong tagged value (excludedSubtrees SEQ OF) tag [2]
+        nameConstraints[2] = (byte)0xa2;
+        try {
+            new TrustAnchor(
+                    (X509Certificate)ks.getCertificate(certAlias),
+                    nameConstraints);
+            fail("IllegalArgumentException has not been thrown");
+        } catch (IllegalArgumentException ok) {
+        }
+
+        // sub testcase 5:
+        nameConstraints = getEncodingESOnly();
+        // corrupt encoding:
+        // remove CONSTRUCTED flag from tagged value (excludedSubtrees SEQ OF) tag
+        nameConstraints[2] &= (byte)0xdf;
+        try {
+            new TrustAnchor(
+                    (X509Certificate)ks.getCertificate(certAlias),
+                    nameConstraints);
+            fail("IllegalArgumentException has not been thrown");
+        } catch (IllegalArgumentException ok) {
+        }
+
+        // sub testcase 6:
+        nameConstraints = getEncodingESOnly();
+        // corrupt encoding:
+        // set CONSTRUCTED flag for PROMITIVE tagged value tag
+        // (generalSubtree's 'base' as IA5String)
+        nameConstraints[5] |= (byte)0x20;
+        try {
+            new TrustAnchor(
+                    (X509Certificate)ks.getCertificate(certAlias),
+                    nameConstraints);
+            fail("IllegalArgumentException has not been thrown");
+        } catch (IllegalArgumentException ok) {
+        }
+
+        // sub testcase 7:
+        nameConstraints = getEncodingESOnly();
+        // corrupt encoding:
+        // remove scheme from URI
+        // (generalSubtree's 'base' as IA5String (uniformResourceIdentifier))
+        nameConstraints[12] = nameConstraints[13] = nameConstraints[14] =
+            (byte)0x6f;
+        try {
+            new TrustAnchor(
+                    (X509Certificate)ks.getCertificate(certAlias),
+                    nameConstraints);
+            fail("IllegalArgumentException has not been thrown");
+        } catch (IllegalArgumentException ok) {
+        }
+    }
+
+    /**
+     * Test #6 for <code>TrustAnchor(X509Certificate, byte[])</code> constructor<br> 
+     * Assertion: creates <code>TrustAnchor</code> instance<br>
+     * Test preconditions: valid parameters passed (base as OID)<br>
+     * Expected: must pass without any exceptions
+     */
+    public final void testTrustAnchorX509CertificatebyteArray06()
+        throws KeyStoreException {
+        KeyStore ks = TestUtils.getKeyStore(true, TestUtils.TRUSTED);
+        if (ks == null) {
+            fail(getName() + ": not performed (could not create test KeyStore)");
+        }
+
+        String certAlias = "testca1";
+        byte []  nameConstraints = getEncodingOid();
+        new TrustAnchor(
+            (X509Certificate)ks.getCertificate(certAlias),
+            nameConstraints);
+    }
+
+    /**
+     * Test #7 for <code>TrustAnchor(X509Certificate, byte[])</code> constructor<br> 
+     * Assertion: <code>IllegalArgumentException</code> if nameConstraints
+     * parameter can not be decoded<br>
+     * Test preconditions: pass invalid nameConstraints (OID) encoding<br>
+     * Expected: IllegalArgumentException
+     */
+    public final void testTrustAnchorX509CertificatebyteArray07()
+        throws KeyStoreException {
+        KeyStore ks = TestUtils.getKeyStore(true, TestUtils.TRUSTED);
+        if (ks == null) {
+            fail(getName() + ": not performed (could not create test KeyStore)");
+        }
+
+        String certAlias = "testca1";
+        byte []  nameConstraints = getEncodingOid();
+        //corrupt Oid
+        nameConstraints[10]= (byte) 0xFF;
+        try {
+            new TrustAnchor(
+                (X509Certificate)ks.getCertificate(certAlias),
+                nameConstraints);
+            fail("IllegalArgumentException has not been thrown");
+        } catch (IllegalArgumentException ok) {
+        }
+    }
+
+    /**
+     * Test #8 for <code>TrustAnchor(X509Certificate, byte[])</code> constructor<br> 
+     * Assertion: <code>IllegalArgumentException</code> if nameConstraints
+     * parameter can not be decoded<br>
+     * Test preconditions: pass invalid nameConstraints encodings<br>
+     * Expected: IllegalArgumentException
+     */
+    public final void testTrustAnchorX509CertificatebyteArray08()
+        throws KeyStoreException {
+        KeyStore ks = TestUtils.getKeyStore(true, TestUtils.TRUSTED);
+        if (ks == null) {
+            fail(getName() + ": not performed (could not create test KeyStore)");
+        }
+
+        String certAlias = "testca1";
+        // GeneralName tags for this test (1,2 and 3 are omitted)
+        byte[] generalNameTag = new byte[] {
+                (byte)0xa0,(byte)0xa4,(byte)0xa5,
+                (byte)0x86,(byte)0x87,(byte)0x88
+        };
+        // wrong (for above tags) nameConstraints encoding
+        byte[] wrongEncoding = new byte[] {
+                (byte)0x30,(byte)0x0c, // sequence + length
+                (byte)0xa1,(byte)0x0a, // excluded subtrees, tag, len
+                (byte)0x30,(byte)0x08, // sequence of, tag, len
+                (byte)0xa0, // element 6 - tag identifying GeneralName choice
+                (byte)0x03, // GeneralName length
+                (byte)0x01,(byte)0x01,(byte)0xff, // wrong GeneralName for any choice 
+                (byte)0x80,(byte)0x01,(byte)0x00 // minimum
+        };
+        for (int i=0; i<generalNameTag.length; i++) {
+            wrongEncoding[6] = generalNameTag[i];
+            try {
+                new TrustAnchor(
+                    (X509Certificate)ks.getCertificate(certAlias),
+                    wrongEncoding);
+                fail("IllegalArgumentException has not been thrown for tag " +
+                        (generalNameTag[i]&0xff));
+            } catch (IllegalArgumentException ok) {
+            }
+        }
+    }
+
+    /**
+     * Test #9 for <code>TrustAnchor(X509Certificate, byte[])</code> constructor<br> 
+     * Assertion: <code>IllegalArgumentException</code> if nameConstraints
+     * parameter can not be decoded<br>
+     * Test preconditions: pass valid and then invalid nameConstraints encodings
+     * (GeneralName choice is [0] OtherName)<br>
+     * Expected: no exception for valid encoding and IllegalArgumentException for invalid
+     * @throws KeyStoreException
+     */
+    public final void testTrustAnchorX509CertificatebyteArray09()
+        throws KeyStoreException {
+        KeyStore ks = TestUtils.getKeyStore(true, TestUtils.TRUSTED);
+        if (ks == null) {
+            fail(getName() + ": not performed (could not create test KeyStore)");
+        }
+
+        String certAlias = "testca1";
+        byte[] encoding = new byte[] {
+                (byte)0x30,(byte)0x13,(byte)0xa1,(byte)0x11,
+                (byte)0x30,(byte)0x0f,(byte)0xa0,(byte)0x0a,
+                (byte)0x06,(byte)0x03,(byte)0x00,(byte)0x01,(byte)0x02,
+                (byte)0xA0,(byte)0x03,1,1,(byte)0xff, 
+                (byte)0x80,(byte)0x01,(byte)0x00
+        };
+        try {
+            new TrustAnchor(
+                (X509Certificate)ks.getCertificate(certAlias), encoding);
+        } catch (IllegalArgumentException failed) {
+            fail("valid encoding not accepted");
+        }
+        // now corrupt encoding: set OtherName value tag to 1 (must be 0)
+        encoding[13] = 1;
+        try {
+            new TrustAnchor(
+                (X509Certificate)ks.getCertificate(certAlias), encoding);
+            fail("invalid encoding accepted");
+        } catch (IllegalArgumentException ok) {
+        }
+    }
+
+    /**
+     * Test for <code>getNameConstraints()</code> method<br> 
+     * Assertion: returns <code>nameConstraints</code> der encoding<br>
+     * Test preconditions: valid nameConstraints parameter passed (not null)<br>
+     * Expected: encoding passed to the ctor must match returned one<br>
+     * Assertion: returns new <code>nameConstraints</code> der encoding each time<br>
+     * Test preconditions: valid nameConstraints parameter passed (not null)<br>
+     * Expected: must return new reference each time called
+     */
+    public final void testGetNameConstraints()
+        throws KeyStoreException {
+        KeyStore ks = TestUtils.getKeyStore(true, TestUtils.TRUSTED);
+        if (ks == null) {
+            fail(getName() + ": not performed (could not create test KeyStore)");
+        }
+
+        String certAlias = "testca1";
+        byte[] nc = getFullEncoding();
+        // sub testcase 1
+        TrustAnchor ta = new TrustAnchor(
+                (X509Certificate)ks.getCertificate(certAlias), nc);
+        byte[] ncRet = ta.getNameConstraints();
+        // assert 1
+        assertTrue(Arrays.equals(nc, ncRet));
+        assertNotSame(nc, ncRet);
+        // assert 2
+        assertNotSame(ncRet, ta.getNameConstraints());
+    }
+
+    /**
+     * Test #2 for <code>getCAName()</code> method<br>
+     *  
+     * Assertion: returns ... <code>null</code> if <code>TrustAnchor</code>
+     * was not specified as public key and CA name or CA principal pair<br>
+     * Test preconditions: test object is not specified as public key
+     * and CA name or CA principal pair<br>
+     * Expected: <code>null</code> as return value<br>
+     * @throws KeyStoreException
+     * 
+     */
+    public final void testGetCAPublicKey02()
+        throws InvalidKeySpecException, KeyStoreException {
+        KeyStore ks = TestUtils.getKeyStore(true, TestUtils.TRUSTED);
+        if (ks == null) {
+            fail(getName() + ": not performed (could not create test KeyStore)");
+        }
+
+        TrustAnchor ta = new TrustAnchor(
+                (X509Certificate)ks.getCertificate("testca1"),
+                null);
+        assertNull(ta.getCAPublicKey());
+    }
+
+    /**
+     * Test #2 for <code>getCAName()</code> method<br>
+     *  
+     * Assertion: returns ... <code>null</code> if <code>TrustAnchor</code>
+     * was not specified as public key and CA name or CA principal pair<br>
+     * Test preconditions: test object is not specified as public key
+     * and CA name or CA principal pair<br>
+     * Expected: <code>null</code> as return value<br>
+     * @throws KeyStoreException
+     */
+    public final void testGetCAName02()
+        throws KeyStoreException {
+        KeyStore ks = TestUtils.getKeyStore(true, TestUtils.TRUSTED);
+        if (ks == null) {
+            fail(getName() + ": not performed (could not create test KeyStore)");
+        }
+
+        TrustAnchor ta = new TrustAnchor(
+                (X509Certificate)ks.getCertificate("testca1"),
+                null);
+        assertNull(ta.getCAName());
+    }
+
+    /**
+     * Test #1 for <code>getCAName()</code> method<br>
+     *  
+     * Assertion: returns most trusted CA certificate<br>
+     * Test preconditions: valid certificate passed to the constructor<br>
+     * Expected: the same certificate must be returned by the method<br>
+     * @throws KeyStoreException
+     * 
+     */
+    public final void testGetTrustedCert01()
+        throws KeyStoreException {
+        KeyStore ks = TestUtils.getKeyStore(true, TestUtils.TRUSTED);
+        if (ks == null) {
+            fail(getName() + ": not performed (could not create test KeyStore)");
+        }
+
+        X509Certificate cert =
+            (X509Certificate)ks.getCertificate("testca1");
+        TrustAnchor ta = new TrustAnchor(cert, null);
+        assertEquals(cert, ta.getTrustedCert());
+    }
+
+    /**
+     * Test #2 for <code>getCA()</code> method<br>
+     *  
+     * Assertion: returns ... <code>null</code> if <code>TrustAnchor</code>
+     * was not specified as public key and CA name or CA principal pair<br>
+     * Test preconditions: test object is not specified as public key
+     * and CA name or CA principal pair<br>
+     * Expected: <code>null</code> as return value<br>
+     * @throws KeyStoreException
+     */
+    public final void testGetCA02()
+        throws KeyStoreException {
+        KeyStore ks = TestUtils.getKeyStore(true, TestUtils.TRUSTED);
+        if (ks == null) {
+            fail(getName() + ": not performed (could not create test KeyStore)");
+        }
+
+        TrustAnchor ta = new TrustAnchor(
+                (X509Certificate)ks.getCertificate("testca1"),
+                null);
+        assertNull(ta.getCA());
+    }
+
+    /**
+     * Test for <code>toString()</code> method<br>
+     *  
+     * Assertion: returns string representation of this <code>TrustAnchor</code>
+     * Test preconditions: several valid test objects created<br>
+     * Expected: method returns not <code>null</code> in all cases<br>
+     */
+    public final void testToString() throws Exception {
+
+        KeyStore ks = TestUtils.getKeyStore(true, TestUtils.TRUSTED);
+        if (ks == null) {
+            fail(getName() + ": not performed (could not create test KeyStore)");
+        }
+
+        String certAlias = "test";
+
+        // sub testcase 1
+        TrustAnchor ta = new TrustAnchor(
+                (X509Certificate)ks.getCertificate(certAlias),
+                getFullEncoding());
+
+        assertNotNull("#1", ta.toString());
+
+        PublicKey pk = new TestKeyPair(keyAlg).getPublic();
+
+
+        // sub testcase 2
+        ta = new TrustAnchor(validCaNameRfc2253, pk, getEncodingESOnly());
+
+        assertNotNull("#2", ta.toString());
+
+        // sub testcase 3
+        X500Principal x500p = new X500Principal(validCaNameRfc2253);
+        ta = new TrustAnchor(x500p, pk, getEncodingNoMinMax());
+
+        assertNotNull("#3", ta.toString());
+
+        // sub testcase 4
+        ta = new TrustAnchor(x500p, pk, null);
+        assertNotNull("#4", ta.toString());
+    }
+
+    //
+    // Private stuff
+    //
+    
+    /*
+     * The following methods return valid DER encoding
+     * for the following ASN.1 definition (as specified in RFC 3280 -
+     *  Internet X.509 Public Key Infrastructure.
+     *  Certificate and Certificate Revocation List (CRL) Profile.
+     *  http://www.ietf.org/rfc/rfc3280.txt):
+     * 
+     *  NameConstraints ::= SEQUENCE {
+     *             permittedSubtrees       [0]     GeneralSubtrees OPTIONAL,
+     *             excludedSubtrees        [1]     GeneralSubtrees OPTIONAL }
+     *
+     *        GeneralSubtrees ::= SEQUENCE SIZE (1..MAX) OF GeneralSubtree
+     *
+     *        GeneralSubtree ::= SEQUENCE {
+     *             base                    GeneralName,
+     *             minimum         [0]     BaseDistance DEFAULT 0,
+     *             maximum         [1]     BaseDistance OPTIONAL }
+     *
+     *        BaseDistance ::= INTEGER (0..MAX)
+     *
+     *        GeneralName ::= CHOICE {
+     *             otherName                       [0]     OtherName,
+     *             rfc822Name                      [1]     IA5String,
+     *             dNSName                         [2]     IA5String,
+     *             x400Address                     [3]     ORAddress,
+     *             directoryName                   [4]     Name,
+     *             ediPartyName                    [5]     EDIPartyName,
+     *             uniformResourceIdentifier       [6]     IA5String,
+     *             iPAddress                       [7]     OCTET STRING,
+     *             registeredID                    [8]     OBJECT IDENTIFIER}
+     */ 
+
+    //
+    // Full NameConstraints encoding
+    // (generated by own encoder class created durind test development)
+    //
+    // @return Full NameConstraints encoding
+    // with all OPTIONAL values presented.
+    //
+    private static final byte[] getFullEncoding() {
+        // DO NOT MODIFY!
+        return new byte[] {
+                (byte)0x30,(byte)0x81,(byte)0x8c,(byte)0xa0,
+                (byte)0x44,(byte)0x30,(byte)0x16,(byte)0x86,
+                (byte)0x0e,(byte)0x66,(byte)0x69,(byte)0x6c,
+                (byte)0x65,(byte)0x3a,(byte)0x2f,(byte)0x2f,
+                (byte)0x66,(byte)0x6f,(byte)0x6f,(byte)0x2e,
+                (byte)0x63,(byte)0x6f,(byte)0x6d,(byte)0x80,
+                (byte)0x01,(byte)0x00,(byte)0x81,(byte)0x01,
+                (byte)0x01,(byte)0x30,(byte)0x16,(byte)0x86,
+                (byte)0x0e,(byte)0x66,(byte)0x69,(byte)0x6c,
+                (byte)0x65,(byte)0x3a,(byte)0x2f,(byte)0x2f,
+                (byte)0x62,(byte)0x61,(byte)0x72,(byte)0x2e,
+                (byte)0x63,(byte)0x6f,(byte)0x6d,(byte)0x80,
+                (byte)0x01,(byte)0x00,(byte)0x81,(byte)0x01,
+                (byte)0x01,(byte)0x30,(byte)0x12,(byte)0x86,
+                (byte)0x0a,(byte)0x66,(byte)0x69,(byte)0x6c,
+                (byte)0x65,(byte)0x3a,(byte)0x2f,(byte)0x2f,
+                (byte)0x6d,(byte)0x75,(byte)0x75,(byte)0x80,
+                (byte)0x01,(byte)0x00,(byte)0x81,(byte)0x01,
+                (byte)0x01,(byte)0xa1,(byte)0x44,(byte)0x30,
+                (byte)0x16,(byte)0x86,(byte)0x0e,(byte)0x68,
+                (byte)0x74,(byte)0x74,(byte)0x70,(byte)0x3a,
+                (byte)0x2f,(byte)0x2f,(byte)0x66,(byte)0x6f,
+                (byte)0x6f,(byte)0x2e,(byte)0x63,(byte)0x6f,
+                (byte)0x6d,(byte)0x80,(byte)0x01,(byte)0x00,
+                (byte)0x81,(byte)0x01,(byte)0x01,(byte)0x30,
+                (byte)0x16,(byte)0x86,(byte)0x0e,(byte)0x68,
+                (byte)0x74,(byte)0x74,(byte)0x70,(byte)0x3a,
+                (byte)0x2f,(byte)0x2f,(byte)0x62,(byte)0x61,
+                (byte)0x72,(byte)0x2e,(byte)0x63,(byte)0x6f,
+                (byte)0x6d,(byte)0x80,(byte)0x01,(byte)0x00,
+                (byte)0x81,(byte)0x01,(byte)0x01,(byte)0x30,
+                (byte)0x12,(byte)0x86,(byte)0x0a,(byte)0x68,
+                (byte)0x74,(byte)0x74,(byte)0x70,(byte)0x3a,
+                (byte)0x2f,(byte)0x2f,(byte)0x6d,(byte)0x75,
+                (byte)0x75,(byte)0x80,(byte)0x01,(byte)0x00,
+                (byte)0x81,(byte)0x01,(byte)0x01
+        };
+    }
+
+    //
+    // NameConstraints encoding without excludedSubtrees
+    // (generated by own encoder class created durind test development)
+    //
+    // @return NameConstraints encoding with 
+    // permittedSubtrees only; all OPTIONAL
+    // values in permittedSubtrees are presented.
+    //
+    private static final byte[] getEncodingPSOnly() {
+        // DO NOT MODIFY!
+        return new byte[] {
+                (byte)0x30,(byte)0x46,(byte)0xa0,(byte)0x44,
+                (byte)0x30,(byte)0x16,(byte)0x86,(byte)0x0e,
+                (byte)0x66,(byte)0x69,(byte)0x6c,(byte)0x65,
+                (byte)0x3a,(byte)0x2f,(byte)0x2f,(byte)0x66,
+                (byte)0x6f,(byte)0x6f,(byte)0x2e,(byte)0x63,
+                (byte)0x6f,(byte)0x6d,(byte)0x80,(byte)0x01,
+                (byte)0x00,(byte)0x81,(byte)0x01,(byte)0x01,
+                (byte)0x30,(byte)0x16,(byte)0x86,(byte)0x0e,
+                (byte)0x66,(byte)0x69,(byte)0x6c,(byte)0x65,
+                (byte)0x3a,(byte)0x2f,(byte)0x2f,(byte)0x62,
+                (byte)0x61,(byte)0x72,(byte)0x2e,(byte)0x63,
+                (byte)0x6f,(byte)0x6d,(byte)0x80,(byte)0x01,
+                (byte)0x00,(byte)0x81,(byte)0x01,(byte)0x01,
+                (byte)0x30,(byte)0x12,(byte)0x86,(byte)0x0a,
+                (byte)0x66,(byte)0x69,(byte)0x6c,(byte)0x65,
+                (byte)0x3a,(byte)0x2f,(byte)0x2f,(byte)0x6d,
+                (byte)0x75,(byte)0x75,(byte)0x80,(byte)0x01,
+                (byte)0x00,(byte)0x81,(byte)0x01,(byte)0x01,
+        };
+    }
+
+    //
+    // NameConstraints encoding without permittedSubtrees
+    // (generated by own encoder class created durind test development)
+    //
+    // @return NameConstraints encoding with 
+    // excludedSubtrees only; all OPTIONAL
+    // values in excludedSubtrees are presented.
+    //
+    private static final byte[] getEncodingESOnly() {
+        // DO NOT MODIFY!
+        return new byte[] {
+                (byte)0x30,(byte)0x46,(byte)0xa1,(byte)0x44,
+                (byte)0x30,(byte)0x16,(byte)0x86,(byte)0x0e,
+                (byte)0x68,(byte)0x74,(byte)0x74,(byte)0x70, // http
+                (byte)0x3a,(byte)0x2f,(byte)0x2f,(byte)0x66, // ://f
+                (byte)0x6f,(byte)0x6f,(byte)0x2e,(byte)0x63, // oo.c
+                (byte)0x6f,(byte)0x6d,(byte)0x80,(byte)0x01, // om
+                (byte)0x00,(byte)0x81,(byte)0x01,(byte)0x01,
+                (byte)0x30,(byte)0x16,(byte)0x86,(byte)0x0e,
+                (byte)0x68,(byte)0x74,(byte)0x74,(byte)0x70,
+                (byte)0x3a,(byte)0x2f,(byte)0x2f,(byte)0x62,
+                (byte)0x61,(byte)0x72,(byte)0x2e,(byte)0x63,
+                (byte)0x6f,(byte)0x6d,(byte)0x80,(byte)0x01,
+                (byte)0x00,(byte)0x81,(byte)0x01,(byte)0x01,
+                (byte)0x30,(byte)0x12,(byte)0x86,(byte)0x0a,
+                (byte)0x68,(byte)0x74,(byte)0x74,(byte)0x70,
+                (byte)0x3a,(byte)0x2f,(byte)0x2f,(byte)0x6d,
+                (byte)0x75,(byte)0x75,(byte)0x80,(byte)0x01,
+                (byte)0x00,(byte)0x81,(byte)0x01,(byte)0x01,
+        };
+    }
+
+    //
+    // NameConstraints full encoding with all (OPTIONAL)
+    // minimum/maximum GeneralSubtree fields OMITTED
+    // (generated by own encoder class created durind test development)
+    //
+    // @return Full NameConstraints encoding
+    // with all (OPTIONAL) minimum/maximum
+    // GeneralSubtree fields OMITTED
+    //
+    private static final byte[] getEncodingNoMinMax() {
+        // DO NOT MODIFY!
+        return new byte[] {
+                (byte)0x30,(byte)0x68,(byte)0xa0,(byte)0x32,
+                (byte)0x30,(byte)0x10,(byte)0x86,(byte)0x0e,
+                (byte)0x66,(byte)0x69,(byte)0x6c,(byte)0x65,
+                (byte)0x3a,(byte)0x2f,(byte)0x2f,(byte)0x66,
+                (byte)0x6f,(byte)0x6f,(byte)0x2e,(byte)0x63,
+                (byte)0x6f,(byte)0x6d,(byte)0x30,(byte)0x10,
+                (byte)0x86,(byte)0x0e,(byte)0x66,(byte)0x69,
+                (byte)0x6c,(byte)0x65,(byte)0x3a,(byte)0x2f,
+                (byte)0x2f,(byte)0x62,(byte)0x61,(byte)0x72,
+                (byte)0x2e,(byte)0x63,(byte)0x6f,(byte)0x6d,
+                (byte)0x30,(byte)0x0c,(byte)0x86,(byte)0x0a,
+                (byte)0x66,(byte)0x69,(byte)0x6c,(byte)0x65,
+                (byte)0x3a,(byte)0x2f,(byte)0x2f,(byte)0x6d,
+                (byte)0x75,(byte)0x75,(byte)0xa1,(byte)0x32,
+                (byte)0x30,(byte)0x10,(byte)0x86,(byte)0x0e,
+                (byte)0x68,(byte)0x74,(byte)0x74,(byte)0x70,
+                (byte)0x3a,(byte)0x2f,(byte)0x2f,(byte)0x66,
+                (byte)0x6f,(byte)0x6f,(byte)0x2e,(byte)0x63,
+                (byte)0x6f,(byte)0x6d,(byte)0x30,(byte)0x10,
+                (byte)0x86,(byte)0x0e,(byte)0x68,(byte)0x74,
+                (byte)0x74,(byte)0x70,(byte)0x3a,(byte)0x2f,
+                (byte)0x2f,(byte)0x62,(byte)0x61,(byte)0x72,
+                (byte)0x2e,(byte)0x63,(byte)0x6f,(byte)0x6d,
+                (byte)0x30,(byte)0x0c,(byte)0x86,(byte)0x0a,
+                (byte)0x68,(byte)0x74,(byte)0x74,(byte)0x70,
+                (byte)0x3a,(byte)0x2f,(byte)0x2f,(byte)0x6d,
+                (byte)0x75,(byte)0x75,
+        };
+    }
+
+    // Returns OID encoding
+    // (generated by own encoder class created durind test development)
+    private static final byte[] getEncodingOid() {
+        // DO NOT MODIFY!
+        return new byte[] {
+                (byte) 0x30, (byte) 0x09, (byte) 0xA0, (byte) 0x07, 
+                (byte) 0x30, (byte) 0x05, (byte) 0x88, (byte) 0x03, 
+                (byte) 0x2A, (byte) 0x03, (byte) 0x04 
+        };
+    }
+}

Propchange: incubator/harmony/enhanced/classlib/trunk/modules/security/src/test/impl/java/org/apache/harmony/security/tests/java/security/cert/TrustAnchor_ImplTest.java
------------------------------------------------------------------------------
    svn:eol-style = native

Modified: incubator/harmony/enhanced/classlib/trunk/modules/security/src/test/impl/java/org/apache/harmony/security/tests/java/security/spec/ECFieldF2m_ImplTest.java
URL: http://svn.apache.org/viewvc/incubator/harmony/enhanced/classlib/trunk/modules/security/src/test/impl/java/org/apache/harmony/security/tests/java/security/spec/ECFieldF2m_ImplTest.java?view=diff&rev=443539&r1=443538&r2=443539
==============================================================================
--- incubator/harmony/enhanced/classlib/trunk/modules/security/src/test/impl/java/org/apache/harmony/security/tests/java/security/spec/ECFieldF2m_ImplTest.java (original)
+++ incubator/harmony/enhanced/classlib/trunk/modules/security/src/test/impl/java/org/apache/harmony/security/tests/java/security/spec/ECFieldF2m_ImplTest.java Thu Sep 14 18:17:39 2006
@@ -1,219 +1,219 @@
-/*
- *  Copyright 2005 The Apache Software Foundation or its licensors, as applicable.
- *
- *  Licensed under the Apache License, Version 2.0 (the "License");
- *  you may not use this file except in compliance with the License.
- *  You may obtain a copy of the License at
- *
- *     http://www.apache.org/licenses/LICENSE-2.0
- *
- *  Unless required by applicable law or agreed to in writing, software
- *  distributed under the License is distributed on an "AS IS" BASIS,
- *  WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
- *  See the License for the specific language governing permissions and
- *  limitations under the License.
- */
-
-/**
-* @author Vladimir N. Molotkov
-* @version $Revision$
-*/
-
-package org.apache.harmony.security.tests.java.security.spec;
-
-import java.math.BigInteger;
-import java.security.spec.ECFieldF2m;
-
-import junit.framework.TestCase;
-
-/**
- * Tests for <code>ECFieldF2m</code> class fields and methods.
- * 
- */
-public class ECFieldF2m_ImplTest extends TestCase {
-
-    /**
-     * Support class for this test.
-     * Incapsulates <code>ECFieldF2m</code> testing
-     * domain parameters. 
-     * 
-     */
-    private static final class ECFieldF2mDomainParams {
-
-        /**
-         * <code>NPE</code> reference object of class NullPointerException.
-         * NullPointerException must be thrown by <code>ECFieldF2m</code>
-         * ctors in some circumstances
-         */
-        static final NullPointerException NPE = new NullPointerException();
-        /**
-         * <code>IArgE</code> reference object of class IllegalArgumentException.
-         * IllegalArgumentException must be thrown by <code>ECFieldF2m</code>
-         * ctors in some circumstances
-         */
-        static final IllegalArgumentException IArgE = new IllegalArgumentException();
-        
-        /**
-         * The <code>m</code> parameter for <code>ECFieldF2m</code>
-         * ctor for the current test.
-         */
-        final int m;
-        /**
-         * The <code>rp</code> parameter for <code>ECFieldF2m</code>
-         * ctor for the current test.
-         */
-        final BigInteger rp;
-        /**
-         * The <code>ks</code> parameter for <code>ECFieldF2m</code>
-         * ctor for the current test.
-         */
-        final int[] ks;
-        
-        
-        /**
-         * Exception expected with this parameters set or <code>null</code>
-         * if no exception expected.
-         */
-        final Exception x;
-        
-        /**
-         * Constructs ECFieldF2mDomainParams
-         * 
-         * @param m
-         * @param rp
-         * @param ks
-         * @param expectedException
-         */
-        ECFieldF2mDomainParams(final int m,
-                final BigInteger rp,
-                final int[] ks,
-                final Exception expectedException) {
-            this.m = m;
-            this.rp = rp;
-            this.ks = ks;
-            this.x = expectedException;
-        }
-    }
-
-
-    /**
-     * Set of parameters used for <code>ECFieldF2m(int, BigInteger)</code>
-     * constructor tests.
-     */
-    private final ECFieldF2mDomainParams[] intBigIntegerCtorTestParameters =
-        new ECFieldF2mDomainParams[] {
-            // set 0: valid m and rp - trinomial basis params
-            new ECFieldF2mDomainParams(
-                    1999,
-                    BigInteger.valueOf(0L).setBit(0).setBit(367).setBit(1999),
-                    null,
-                    null),
-            // set 1: valid m and rp - pentanomial basis params
-            new ECFieldF2mDomainParams(
-                    2000,
-                    BigInteger.valueOf(0L).setBit(0).setBit(1).setBit(2).setBit(981).setBit(2000),
-                    null,
-                    null),
-            // set 2: valid m, invalid (null) rp
-            new ECFieldF2mDomainParams(
-                    1963,
-                    (BigInteger)null,
-                    null,
-                    ECFieldF2mDomainParams.NPE),
-            // set 3: valid m, invalid rp - bit 0 not set
-            new ECFieldF2mDomainParams(
-                    1999,
-                    BigInteger.valueOf(0L).setBit(1).setBit(367).setBit(1999),
-                    null,
-                    ECFieldF2mDomainParams.IArgE),
-            // set 4: valid m, invalid rp - bit m not set
-            new ECFieldF2mDomainParams(
-                    1999,
-                    BigInteger.valueOf(0L).setBit(0).setBit(367).setBit(1998),
-                    null,
-                    ECFieldF2mDomainParams.IArgE),
-            // set 5: valid m, invalid rp - bit k improperly set
-            new ECFieldF2mDomainParams(
-                    1999,
-                    BigInteger.valueOf(0L).setBit(0).setBit(2367).setBit(1999),
-                    null,
-                    ECFieldF2mDomainParams.IArgE),
-            // set 6: valid m, invalid rp - k1 k2 k3
-            new ECFieldF2mDomainParams(
-                    2000,
-                    BigInteger.valueOf(0L).setBit(0).setBit(2001).setBit(2002).setBit(2003).setBit(2000),
-                    null,
-                    ECFieldF2mDomainParams.IArgE),
-            // set 7: valid m, invalid rp - number of bits set
-            new ECFieldF2mDomainParams(
-                    2000,
-                    BigInteger.valueOf(0L).setBit(0).setBit(2000),
-                    null,
-                    ECFieldF2mDomainParams.IArgE),
-            // set 8: valid m, invalid rp - number of bits set
-            new ECFieldF2mDomainParams(
-                    2000,
-                    BigInteger.valueOf(0L).setBit(0).setBit(1).setBit(2).setBit(2000),
-                    null,
-                    ECFieldF2mDomainParams.IArgE),
-            // set 9: valid m, invalid rp - number of bits set
-            new ECFieldF2mDomainParams(
-                    2000,
-                    BigInteger.valueOf(0L).setBit(0).setBit(1).setBit(2).
-                                           setBit(981).setBit(985).setBit(2000),
-                    null,
-                    ECFieldF2mDomainParams.IArgE),
-            // set 10: valid m, invalid rp
-            new ECFieldF2mDomainParams(
-                    2000,
-                    BigInteger.valueOf(0L),
-                    null,
-                    ECFieldF2mDomainParams.IArgE),
-            // set 11: invalid m
-            new ECFieldF2mDomainParams(
-                    -2000,
-                    BigInteger.valueOf(0L).setBit(0).setBit(1).setBit(2).
-                    setBit(981).setBit(2000),
-                    null,
-                    ECFieldF2mDomainParams.IArgE),
-        };  
-
-    /**
-     * Tests for constructor <code>ECFieldF2m(int, BigInteger)</code><br>
-     * 
-     * Assertion: constructs new <code>ECFieldF2m</code> object
-     * using valid parameters m and rp. rp represents trinomial basis.
-     * 
-     * Assertion: constructs new <code>ECFieldF2m</code> object
-     * using valid parameters m and rp. rp represents pentanomial basis.
-     * 
-     * Assertion: IllegalArgumentException if m is not positive.
-     * 
-     * Assertion: NullPointerException if rp is null.
-     * 
-     * Assertion: IllegalArgumentException if rp is invalid.
-     */
-    public final void testECFieldF2mintBigInteger() {
-        for(int i=0; i<intBigIntegerCtorTestParameters.length; i++) {
-            ECFieldF2mDomainParams tp = intBigIntegerCtorTestParameters[i];
-            try {
-                // perform test
-                new ECFieldF2m(tp.m, tp.rp);
-                
-                if (tp.x != null) {
-                    // exception has been expected 
-                    fail(getName() + ", set " + i +
-                            " FAILED: expected exception has not been thrown");
-                }
-            } catch (Exception e){
-                if (tp.x == null || !e.getClass().isInstance(tp.x)) {
-                    // exception: failure
-                    // if it has not been expected
-                    // or wrong one has been thrown
-                    fail(getName() + ", set " + i +
-                            " FAILED: unexpected " + e);
-                }
-            }
-        }
-    }
-}
+/*
+ *  Copyright 2005 The Apache Software Foundation or its licensors, as applicable.
+ *
+ *  Licensed under the Apache License, Version 2.0 (the "License");
+ *  you may not use this file except in compliance with the License.
+ *  You may obtain a copy of the License at
+ *
+ *     http://www.apache.org/licenses/LICENSE-2.0
+ *
+ *  Unless required by applicable law or agreed to in writing, software
+ *  distributed under the License is distributed on an "AS IS" BASIS,
+ *  WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+ *  See the License for the specific language governing permissions and
+ *  limitations under the License.
+ */
+
+/**
+* @author Vladimir N. Molotkov
+* @version $Revision$
+*/
+
+package org.apache.harmony.security.tests.java.security.spec;
+
+import java.math.BigInteger;
+import java.security.spec.ECFieldF2m;
+
+import junit.framework.TestCase;
+
+/**
+ * Tests for <code>ECFieldF2m</code> class fields and methods.
+ * 
+ */
+public class ECFieldF2m_ImplTest extends TestCase {
+
+    /**
+     * Support class for this test.
+     * Incapsulates <code>ECFieldF2m</code> testing
+     * domain parameters. 
+     * 
+     */
+    private static final class ECFieldF2mDomainParams {
+
+        /**
+         * <code>NPE</code> reference object of class NullPointerException.
+         * NullPointerException must be thrown by <code>ECFieldF2m</code>
+         * ctors in some circumstances
+         */
+        static final NullPointerException NPE = new NullPointerException();
+        /**
+         * <code>IArgE</code> reference object of class IllegalArgumentException.
+         * IllegalArgumentException must be thrown by <code>ECFieldF2m</code>
+         * ctors in some circumstances
+         */
+        static final IllegalArgumentException IArgE = new IllegalArgumentException();
+        
+        /**
+         * The <code>m</code> parameter for <code>ECFieldF2m</code>
+         * ctor for the current test.
+         */
+        final int m;
+        /**
+         * The <code>rp</code> parameter for <code>ECFieldF2m</code>
+         * ctor for the current test.
+         */
+        final BigInteger rp;
+        /**
+         * The <code>ks</code> parameter for <code>ECFieldF2m</code>
+         * ctor for the current test.
+         */
+        final int[] ks;
+        
+        
+        /**
+         * Exception expected with this parameters set or <code>null</code>
+         * if no exception expected.
+         */
+        final Exception x;
+        
+        /**
+         * Constructs ECFieldF2mDomainParams
+         * 
+         * @param m
+         * @param rp
+         * @param ks
+         * @param expectedException
+         */
+        ECFieldF2mDomainParams(final int m,
+                final BigInteger rp,
+                final int[] ks,
+                final Exception expectedException) {
+            this.m = m;
+            this.rp = rp;
+            this.ks = ks;
+            this.x = expectedException;
+        }
+    }
+
+
+    /**
+     * Set of parameters used for <code>ECFieldF2m(int, BigInteger)</code>
+     * constructor tests.
+     */
+    private final ECFieldF2mDomainParams[] intBigIntegerCtorTestParameters =
+        new ECFieldF2mDomainParams[] {
+            // set 0: valid m and rp - trinomial basis params
+            new ECFieldF2mDomainParams(
+                    1999,
+                    BigInteger.valueOf(0L).setBit(0).setBit(367).setBit(1999),
+                    null,
+                    null),
+            // set 1: valid m and rp - pentanomial basis params
+            new ECFieldF2mDomainParams(
+                    2000,
+                    BigInteger.valueOf(0L).setBit(0).setBit(1).setBit(2).setBit(981).setBit(2000),
+                    null,
+                    null),
+            // set 2: valid m, invalid (null) rp
+            new ECFieldF2mDomainParams(
+                    1963,
+                    (BigInteger)null,
+                    null,
+                    ECFieldF2mDomainParams.NPE),
+            // set 3: valid m, invalid rp - bit 0 not set
+            new ECFieldF2mDomainParams(
+                    1999,
+                    BigInteger.valueOf(0L).setBit(1).setBit(367).setBit(1999),
+                    null,
+                    ECFieldF2mDomainParams.IArgE),
+            // set 4: valid m, invalid rp - bit m not set
+            new ECFieldF2mDomainParams(
+                    1999,
+                    BigInteger.valueOf(0L).setBit(0).setBit(367).setBit(1998),
+                    null,
+                    ECFieldF2mDomainParams.IArgE),
+            // set 5: valid m, invalid rp - bit k improperly set
+            new ECFieldF2mDomainParams(
+                    1999,
+                    BigInteger.valueOf(0L).setBit(0).setBit(2367).setBit(1999),
+                    null,
+                    ECFieldF2mDomainParams.IArgE),
+            // set 6: valid m, invalid rp - k1 k2 k3
+            new ECFieldF2mDomainParams(
+                    2000,
+                    BigInteger.valueOf(0L).setBit(0).setBit(2001).setBit(2002).setBit(2003).setBit(2000),
+                    null,
+                    ECFieldF2mDomainParams.IArgE),
+            // set 7: valid m, invalid rp - number of bits set
+            new ECFieldF2mDomainParams(
+                    2000,
+                    BigInteger.valueOf(0L).setBit(0).setBit(2000),
+                    null,
+                    ECFieldF2mDomainParams.IArgE),
+            // set 8: valid m, invalid rp - number of bits set
+            new ECFieldF2mDomainParams(
+                    2000,
+                    BigInteger.valueOf(0L).setBit(0).setBit(1).setBit(2).setBit(2000),
+                    null,
+                    ECFieldF2mDomainParams.IArgE),
+            // set 9: valid m, invalid rp - number of bits set
+            new ECFieldF2mDomainParams(
+                    2000,
+                    BigInteger.valueOf(0L).setBit(0).setBit(1).setBit(2).
+                                           setBit(981).setBit(985).setBit(2000),
+                    null,
+                    ECFieldF2mDomainParams.IArgE),
+            // set 10: valid m, invalid rp
+            new ECFieldF2mDomainParams(
+                    2000,
+                    BigInteger.valueOf(0L),
+                    null,
+                    ECFieldF2mDomainParams.IArgE),
+            // set 11: invalid m
+            new ECFieldF2mDomainParams(
+                    -2000,
+                    BigInteger.valueOf(0L).setBit(0).setBit(1).setBit(2).
+                    setBit(981).setBit(2000),
+                    null,
+                    ECFieldF2mDomainParams.IArgE),
+        };  
+
+    /**
+     * Tests for constructor <code>ECFieldF2m(int, BigInteger)</code><br>
+     * 
+     * Assertion: constructs new <code>ECFieldF2m</code> object
+     * using valid parameters m and rp. rp represents trinomial basis.
+     * 
+     * Assertion: constructs new <code>ECFieldF2m</code> object
+     * using valid parameters m and rp. rp represents pentanomial basis.
+     * 
+     * Assertion: IllegalArgumentException if m is not positive.
+     * 
+     * Assertion: NullPointerException if rp is null.
+     * 
+     * Assertion: IllegalArgumentException if rp is invalid.
+     */
+    public final void testECFieldF2mintBigInteger() {
+        for(int i=0; i<intBigIntegerCtorTestParameters.length; i++) {
+            ECFieldF2mDomainParams tp = intBigIntegerCtorTestParameters[i];
+            try {
+                // perform test
+                new ECFieldF2m(tp.m, tp.rp);
+                
+                if (tp.x != null) {
+                    // exception has been expected 
+                    fail(getName() + ", set " + i +
+                            " FAILED: expected exception has not been thrown");
+                }
+            } catch (Exception e){
+                if (tp.x == null || !e.getClass().isInstance(tp.x)) {
+                    // exception: failure
+                    // if it has not been expected
+                    // or wrong one has been thrown
+                    fail(getName() + ", set " + i +
+                            " FAILED: unexpected " + e);
+                }
+            }
+        }
+    }
+}

Propchange: incubator/harmony/enhanced/classlib/trunk/modules/security/src/test/impl/java/org/apache/harmony/security/tests/java/security/spec/ECFieldF2m_ImplTest.java
------------------------------------------------------------------------------
    svn:eol-style = native



Mime
View raw message