JSSE: implement WolfSSLPrincipal.toString() inside WolfSSLX509, add JUnit tests for Principal methods including default implies()

Author: cconlon

src/java/com/wolfssl/provider/jsse/WolfSSLX509.java

@@ -716,5 +716,15 @@ public String getName() {
             return this.name;
         }
 
+        @Override
+        public String toString() {
+
+            WolfSSLDebug.log(getClass(), WolfSSLDebug.INFO,
+                () -> "entered toString()");
+
+            return this.name;
+        }
+
+
     }
 }

src/test/com/wolfssl/provider/jsse/test/WolfSSLX509Test.java

@@ -22,6 +22,8 @@
 package com.wolfssl.provider.jsse.test;
 
 import static org.junit.Assert.assertNotNull;
+import static org.junit.Assert.assertEquals;
+import static org.junit.Assert.assertTrue;
 import static org.junit.Assert.fail;
 
 import java.io.FileInputStream;
@@ -38,6 +40,8 @@
 import java.security.NoSuchAlgorithmException;
 import java.security.NoSuchProviderException;
 import java.security.UnrecoverableKeyException;
+import java.security.Principal;
+import javax.security.auth.Subject;
 import java.security.cert.CertificateEncodingException;
 import java.security.cert.CertificateException;
 import java.security.cert.CertificateExpiredException;
@@ -389,25 +393,25 @@ public void testVerifyProvider() {
                 server.verify(ca.getPublicKey(), sigProvider.getName());
             } catch (InvalidKeyException | SignatureException |
                     NoSuchProviderException e) {
-                error("\t... failed");
+                error("\t\t\t... failed");
                 fail("failed to verify certificate");
             }
 
             try {
                 server.verify(server.getPublicKey(), sigProvider);
-                error("\t... failed");
+                error("\t\t\t... failed");
                 fail("able to verify when should not have been");
             } catch (InvalidKeyException | SignatureException e) {
                 /* expected fail case */
             }
 
         } catch (KeyStoreException | NoSuchAlgorithmException |
                 CertificateException | IOException | WolfSSLException e) {
-            error("\t... failed");
+            error("\t\t\t... failed");
             e.printStackTrace();
             fail("general failure");
         }
-        pass("\t... passed");
+        pass("\t\t\t... passed");
     }
 
 
@@ -671,6 +675,232 @@ public void testSubjectAlternativeNames() {
         pass("\t... passed");
     }
 
+    @Test
+    public void testWolfSSLPrincipalToString() {
+        WolfSSLX509 x509;
+        Principal issuerDN, subjectDN;
+
+        System.out.print("\tWolfSSLPrincipal toString");
+
+        try {
+            byte[] der = tf.getCert("server");
+            x509 = new WolfSSLX509(der);
+
+            issuerDN = x509.getIssuerDN();
+            subjectDN = x509.getSubjectDN();
+
+            assertNotNull("issuerDN should not be null", issuerDN);
+            assertNotNull("subjectDN should not be null", subjectDN);
+
+            /* Test that toString() returns a non-null, non-empty string */
+            String issuerString = issuerDN.toString();
+            String subjectString = subjectDN.toString();
+
+            assertNotNull("issuerDN.toString() should not be null",
+                issuerString);
+            assertNotNull("subjectDN.toString() should not be null",
+                subjectString);
+            assertTrue("issuerDN.toString() should not be empty",
+                !issuerString.isEmpty());
+            assertTrue("subjectDN.toString() should not be empty",
+                !subjectString.isEmpty());
+
+            /* Test that toString() returns the same value as getName() */
+            assertEquals("issuerDN.toString() should equal getName()",
+                        issuerDN.getName(), issuerString);
+            assertEquals("subjectDN.toString() should equal getName()",
+                        subjectDN.getName(), subjectString);
+
+        } catch (KeyStoreException | WolfSSLException |
+                 NoSuchAlgorithmException |
+                 CertificateException | IOException e) {
+            error("\t... failed");
+            fail("Exception during WolfSSLPrincipal toString test: " +
+                 e.getMessage());
+        }
+
+        pass("\t... passed");
+    }
+
+    @Test
+    public void testWolfSSLPrincipalGetName() {
+        WolfSSLX509 x509;
+        Principal issuerDN, subjectDN;
+
+        System.out.print("\tWolfSSLPrincipal getName");
+
+        try {
+            byte[] der = tf.getCert("server");
+            x509 = new WolfSSLX509(der);
+
+            issuerDN = x509.getIssuerDN();
+            subjectDN = x509.getSubjectDN();
+
+            assertNotNull("issuerDN should not be null", issuerDN);
+            assertNotNull("subjectDN should not be null", subjectDN);
+
+            /* Test that getName() returns formatted DN strings */
+            String issuerName = issuerDN.getName();
+            String subjectName = subjectDN.getName();
+
+            assertNotNull("issuerDN.getName() should not be null",
+                issuerName);
+            assertNotNull("subjectDN.getName() should not be null",
+                subjectName);
+            assertTrue("issuerDN.getName() should not be empty",
+                !issuerName.isEmpty());
+            assertTrue("subjectDN.getName() should not be empty",
+                !subjectName.isEmpty());
+
+            /* Test that names contain expected DN components */
+            /* Names should be in "DN=value, DN=value" format,
+             * not "/DN=value" */
+            assertTrue("issuer name should not start with /",
+                       !issuerName.startsWith("/"));
+            assertTrue("subject name should not start with /",
+                       !subjectName.startsWith("/"));
+
+        } catch (KeyStoreException | WolfSSLException |
+                 NoSuchAlgorithmException |
+                 CertificateException | IOException e) {
+            error("\t... failed");
+            fail("Exception during WolfSSLPrincipal getName test: " +
+                 e.getMessage());
+        }
+
+        pass("\t... passed");
+    }
+
+    @Test
+    public void testWolfSSLPrincipalInterfaceImplementation() {
+        WolfSSLX509 x509;
+        Principal issuerDN, subjectDN;
+
+        System.out.print("\tWolfSSLPrincipal interface");
+
+        try {
+            byte[] der = tf.getCert("server");
+            x509 = new WolfSSLX509(der);
+
+            issuerDN = x509.getIssuerDN();
+            subjectDN = x509.getSubjectDN();
+
+            assertNotNull("issuerDN should not be null", issuerDN);
+            assertNotNull("subjectDN should not be null", subjectDN);
+
+            /* Test that objects implement Principal interface */
+            assertTrue("issuerDN should implement Principal",
+                       issuerDN instanceof Principal);
+            assertTrue("subjectDN should implement Principal",
+                       subjectDN instanceof Principal);
+
+            /* Test equals() behavior -
+             * same principal should be equal to itself */
+            assertTrue("issuerDN should equal itself",
+                       issuerDN.equals(issuerDN));
+            assertTrue("subjectDN should equal itself",
+                       subjectDN.equals(subjectDN));
+
+            /* Test hashCode() consistency */
+            int issuerHash1 = issuerDN.hashCode();
+            int issuerHash2 = issuerDN.hashCode();
+            int subjectHash1 = subjectDN.hashCode();
+            int subjectHash2 = subjectDN.hashCode();
+
+            assertEquals("issuerDN hashCode should be consistent",
+                        issuerHash1, issuerHash2);
+            assertEquals("subjectDN hashCode should be consistent",
+                        subjectHash1, subjectHash2);
+
+        } catch (KeyStoreException | WolfSSLException |
+                 NoSuchAlgorithmException |
+                 CertificateException | IOException e) {
+            error("\t... failed");
+            fail("Exception during WolfSSLPrincipal interface test: " +
+                 e.getMessage());
+        }
+
+        pass("\t... passed");
+    }
+
+    @Test
+    public void testWolfSSLPrincipalImplies() {
+        WolfSSLX509 x509;
+        Principal issuerDN, subjectDN;
+        Subject emptySubject, subjectWithPrincipals;
+
+        System.out.print("\tWolfSSLPrincipal implies");
+
+        try {
+            byte[] der = tf.getCert("server");
+            x509 = new WolfSSLX509(der);
+
+            issuerDN = x509.getIssuerDN();
+            subjectDN = x509.getSubjectDN();
+
+            assertNotNull("issuerDN should not be null", issuerDN);
+            assertNotNull("subjectDN should not be null", subjectDN);
+
+            /* Test implies() with null Subject */
+            assertTrue("implies(null) should return false",
+                       !issuerDN.implies(null));
+            assertTrue("implies(null) should return false",
+                       !subjectDN.implies(null));
+
+            /* Test implies() with empty Subject */
+            emptySubject = new Subject();
+            assertTrue("implies(empty Subject) should return false",
+                       !issuerDN.implies(emptySubject));
+            assertTrue("implies(empty Subject) should return false",
+                       !subjectDN.implies(emptySubject));
+
+            /* Test implies() with Subject containing different principals */
+            subjectWithPrincipals = new Subject();
+            subjectWithPrincipals.getPrincipals().add(issuerDN);
+            subjectWithPrincipals.getPrincipals().add(subjectDN);
+
+            /* Default implementation should return true when Subject
+             * contains the same principal (equals() returns true) */
+            assertTrue("implies() should return true when Subject " +
+                "contains this principal",
+                issuerDN.implies(subjectWithPrincipals));
+            assertTrue("implies() should return true when Subject " +
+                "contains this principal",
+                subjectDN.implies(subjectWithPrincipals));
+
+            /* Test implies() with Subject containing only one principal */
+            Subject subjectWithIssuerOnly = new Subject();
+            subjectWithIssuerOnly.getPrincipals().add(issuerDN);
+
+            assertTrue("issuerDN.implies() should return true when Subject " +
+                "contains issuerDN",
+                issuerDN.implies(subjectWithIssuerOnly));
+            assertTrue("subjectDN.implies() should return false when " +
+                "Subject doesn't contain subjectDN",
+                !subjectDN.implies(subjectWithIssuerOnly));
+
+            /* Test implies() with Subject containing only other principal */
+            Subject subjectWithSubjectOnly = new Subject();
+            subjectWithSubjectOnly.getPrincipals().add(subjectDN);
+
+            assertTrue("subjectDN.implies() should return true when " +
+                "Subject contains subjectDN",
+                subjectDN.implies(subjectWithSubjectOnly));
+            assertTrue("issuerDN.implies() should return false when " +
+                "Subject doesn't contain issuerDN",
+                !issuerDN.implies(subjectWithSubjectOnly));
+
+        } catch (KeyStoreException | WolfSSLException |
+                 NoSuchAlgorithmException |
+                 CertificateException | IOException e) {
+            error("\t... failed");
+            fail("Exception during WolfSSLPrincipal implies test: " +
+                 e.getMessage());
+        }
+
+        pass("\t... passed");
+    }
+
     private void pass(String msg) {
         WolfSSLTestFactory.pass(msg);
     }