src/test/model/pki/cert/ExtensionTest.java


1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
76
77
78
79
80
81
82
83
84
85
86
87
88
89
90
91
92
93
94
95
96
97
98
99
100
101
102
103
104
105
106
107
108
109
110
111
112
113
114
115
116
117
118

package model.pki.cert;

import model.asn1.ASN1Object;
import model.asn1.Bool;
import model.asn1.ObjectIdentifier;
import model.asn1.OctetString;
import model.asn1.exceptions.ParseException;
import model.asn1.parsing.BytesReader;
import org.junit.jupiter.api.Test;

import static org.junit.jupiter.api.Assertions.*;

public class ExtensionTest {
    static final Byte[] EXT_SUBJECT_KEY_ID = new Byte[] {
            0x30, 0x1D, // SEQUENCE Extension
            0x06, 0x03, 0x55, 0x1D, 0x0E, // OID subjectKeyIdentifier
            0x04, 0x16, // OCTET STRING
            0x04, 0x14,  -79,  -62,  -89, -127, 0x63, 0x66,
            0x4B, 0x72, 0x0A,  -35,   -3, 0x7D, 0x20, 0x29,
             -67, 0x6B, 0x49, 0x09, 0x61,  -64
    };

    static final Byte[] EXT_KEY_USAGE = new Byte[] {
            0x30, 0x0E, // SEQUENCE Extension
            0x06, 0x03, 0x55, 0x1D, 0x0F, // OID keyUsage
            0x01, 0x01,   -1, // BOOLEAN critical
            0x04, 0x04, // OCTET STRING
            0x03, 0x02, 0x01, -122
    };

    @Test
    void testConstructor() throws ParseException {
        final Extension ext = new Extension(ASN1Object.TAG_SEQUENCE, null,
                new ObjectIdentifier(ObjectIdentifier.TAG, null, ObjectIdentifier.OID_BASIC_CONSTRAINTS),
                new Bool(Bool.TAG, null, true),
                new OctetString(OctetString.TAG, null, new Byte[]{ 0x30, 0x03, 0x01, 0x01, -1 }));
        assertArrayEquals(ObjectIdentifier.OID_BASIC_CONSTRAINTS, ext.getExtnId().getInts());
        assertTrue(ext.getCritical().getValue());
        assertArrayEquals(new Byte[]{ 0x30, 0x03, 0x01, 0x01, -1 }, ext.getExtnValue().getBytes());
    }

    @Test
    void testParse() throws ParseException {
        Extension parsed = new Extension(new BytesReader(EXT_SUBJECT_KEY_ID), false);
        assertArrayEquals(ObjectIdentifier.OID_SUBJECT_KEY_IDENTIFIER, parsed.getExtnId().getInts());
        assertNull(parsed.getCritical());
        assertArrayEquals(new Byte[] {
                0x04, 0x14,  -79,  -62,  -89, -127, 0x63, 0x66,
                0x4B, 0x72, 0x0A,  -35,   -3, 0x7D, 0x20, 0x29,
                -67, 0x6B, 0x49, 0x09, 0x61,  -64
        }, parsed.getExtnValue().getBytes());

        parsed = new Extension(new BytesReader(EXT_KEY_USAGE), false);
        assertArrayEquals(ObjectIdentifier.OID_KEY_USAGE, parsed.getExtnId().getInts());
        assertTrue(parsed.getCritical().getValue());
        assertArrayEquals(new Byte[] {
                0x03, 0x02, 0x01, -122
        }, parsed.getExtnValue().getBytes());
    }

    @Test
    void testParseFail() throws ParseException {
        // Too short (no ID)
        assertThrows(ParseException.class, () -> new Extension(new BytesReader(new Byte[]{
                0x30, 0x00
        }), false));
        // Wrong ID tag
        assertThrows(ParseException.class, () -> new Extension(new BytesReader(new Byte[]{
                0x30, 0x0E, // SEQUENCE Extension
                0x07, 0x03, 0x55, 0x1D, 0x0F, // OID keyUsage
                0x01, 0x01,   -1, // BOOLEAN critical
                0x04, 0x04, // OCTET STRING
                0x03, 0x02, 0x01, -122
        }), false));
        // Wrong critical tag (neither bool nor sequence)
        assertThrows(ParseException.class, () -> new Extension(new BytesReader(new Byte[]{
                0x30, 0x0E, // SEQUENCE Extension
                0x06, 0x03, 0x55, 0x1D, 0x0F, // OID keyUsage
                0x05, 0x01,   -1, // BOOLEAN critical
                0x04, 0x04, // OCTET STRING
                0x03, 0x02, 0x01, -122
        }), false));
        // Critical and wrong value tag
        assertThrows(ParseException.class, () -> new Extension(new BytesReader(new Byte[]{
                0x30, 0x0E, // SEQUENCE Extension
                0x06, 0x03, 0x55, 0x1D, 0x0F, // OID keyUsage
                0x01, 0x01,   -1, // BOOLEAN critical
                0x09, 0x04, // OCTET STRING
                0x03, 0x02, 0x01, -122
        }), false));

        // No critical and wrong value tag
        assertThrows(ParseException.class, () -> new Extension(new BytesReader(new Byte[]{
                0x30, 0x0B, // SEQUENCE Extension
                0x06, 0x03, 0x55, 0x1D, 0x0F, // OID keyUsage
                0x09, 0x04, // OCTET STRING
                0x03, 0x02, 0x01, -122
        }), false));
    }

    @Test
    void testEncode() {
        assertArrayEquals(EXT_SUBJECT_KEY_ID, new Extension(ASN1Object.TAG_SEQUENCE, null,
                new ObjectIdentifier(ObjectIdentifier.TAG, null, ObjectIdentifier.OID_SUBJECT_KEY_IDENTIFIER),
                null,
                new OctetString(OctetString.TAG, null, new Byte[] {
                        0x04, 0x14,  -79,  -62,  -89, -127, 0x63, 0x66,
                        0x4B, 0x72, 0x0A,  -35,   -3, 0x7D, 0x20, 0x29,
                        -67, 0x6B, 0x49, 0x09, 0x61,  -64
                })).encodeDER());
        assertArrayEquals(EXT_KEY_USAGE, new Extension(ASN1Object.TAG_SEQUENCE, null,
                new ObjectIdentifier(ObjectIdentifier.TAG, null, ObjectIdentifier.OID_KEY_USAGE),
                new Bool(Bool.TAG, null, true),
                new OctetString(OctetString.TAG, null, new Byte[] {
                        0x03, 0x02, 0x01, -122
                })).encodeDER());
    }
}