3 files changed, 227 insertions, 2 deletions
diff --git a/test/com/isode/stroke/component/ComponentSessionTest.java b/test/com/isode/stroke/component/ComponentSessionTest.java
index c7fa36b..5d6d21e 100644
--- a/test/com/isode/stroke/component/ComponentSessionTest.java
+++ b/test/com/isode/stroke/component/ComponentSessionTest.java
@@ -65,13 +65,17 @@ public class ComponentSessionTest {
 		}
 
 		public void close() {
-			onClosed.emit((SessionStream.Error)null);
+			onClosed.emit((SessionStream.SessionStreamError)null);
 		}
 
 		public boolean isOpen() {
 			return available;
 		}
 
+		public void disconnect() {
+
+		}
+
 		public void writeHeader(final ProtocolHeader header) {
 			receivedEvents.add(new Event(header));
 		}
@@ -133,7 +137,7 @@ public class ComponentSessionTest {
 		}
 
 		public void breakConnection() {
-			onClosed.emit(new SessionStream.Error(SessionStream.Error.Type.ConnectionReadError));
+			onClosed.emit(new SessionStream.SessionStreamError(SessionStream.SessionStreamError.Type.ConnectionReadError));
 		}
 
 		public void sendStreamStart() {
diff --git a/test/com/isode/stroke/tls/CertificateTest.java b/test/com/isode/stroke/tls/CertificateTest.java
new file mode 100644
index 0000000..44d6701
--- /dev/null
+++ b/test/com/isode/stroke/tls/CertificateTest.java
@@ -0,0 +1,36 @@
+/*
+ * Copyright (c) 2010-2013 Isode Limited.
+ * All rights reserved.
+ * See the COPYING file for more information.
+ */
+/*
+ * Copyright (c) 2015 Tarun Gupta.
+ * Licensed under the simplified BSD license.
+ * See Documentation/Licenses/BSD-simplified.txt for more information.
+ */
+
+package com.isode.stroke.tls;
+
+import static org.junit.Assert.assertEquals;
+import static org.junit.Assert.assertNotNull;
+import static org.junit.Assert.assertNull;
+import static org.junit.Assert.assertFalse;
+import static org.junit.Assert.assertTrue;
+import org.junit.Test;
+import org.junit.Before;
+import com.isode.stroke.crypto.CryptoProvider;
+import com.isode.stroke.crypto.JavaCryptoProvider;
+import com.isode.stroke.tls.SimpleCertificate;
+import com.isode.stroke.tls.Certificate;
+import com.isode.stroke.base.ByteArray;
+
+public class CertificateTest {
+
+	@Test
+	public void testGetSHA1Fingerprint() {
+		SimpleCertificate testling = new SimpleCertificate();
+		testling.setDER(new ByteArray("abcdefg"));
+
+		assertEquals("2f:b5:e1:34:19:fc:89:24:68:65:e7:a3:24:f4:76:ec:62:4e:87:40", Certificate.getSHA1Fingerprint(testling, new JavaCryptoProvider()));
+	}
+}
diff --git a/test/com/isode/stroke/tls/ServerIdentityVerifierTest.java b/test/com/isode/stroke/tls/ServerIdentityVerifierTest.java
new file mode 100644
index 0000000..17a8c5a
--- /dev/null
+++ b/test/com/isode/stroke/tls/ServerIdentityVerifierTest.java
@@ -0,0 +1,185 @@
+/*
+ * Copyright (c) 2010 Isode Limited.
+ * All rights reserved.
+ * See the COPYING file for more information.
+ */
+/*
+ * Copyright (c) 2015 Tarun Gupta.
+ * Licensed under the simplified BSD license.
+ * See Documentation/Licenses/BSD-simplified.txt for more information.
+ */
+
+package com.isode.stroke.tls;
+
+import static org.junit.Assert.assertEquals;
+import static org.junit.Assert.assertNotNull;
+import static org.junit.Assert.assertNull;
+import static org.junit.Assert.assertFalse;
+import static org.junit.Assert.assertTrue;
+import org.junit.Test;
+import org.junit.Before;
+import com.isode.stroke.crypto.CryptoProvider;
+import com.isode.stroke.crypto.JavaCryptoProvider;
+import com.isode.stroke.tls.SimpleCertificate;
+import com.isode.stroke.tls.Certificate;
+import com.isode.stroke.tls.ServerIdentityVerifier;
+import com.isode.stroke.base.ByteArray;
+import com.isode.stroke.idn.IDNConverter;
+import com.isode.stroke.idn.ICUConverter;
+import com.isode.stroke.jid.JID;
+
+public class ServerIdentityVerifierTest {
+
+	private IDNConverter idnConverter;
+
+	@Before
+	public void setUp() {
+		idnConverter = new ICUConverter();
+	}
+
+	@Test
+	public void testCertificateVerifies_WithoutMatchingDNSName() {
+		ServerIdentityVerifier testling = new ServerIdentityVerifier(new JID("foo@bar.com/baz"), idnConverter);
+		SimpleCertificate certificate = new SimpleCertificate();
+		certificate.addDNSName("foo.com");
+
+		assertFalse(testling.certificateVerifies(certificate));
+	}
+
+	@Test
+	public void testCertificateVerifies_WithMatchingDNSName() {
+		ServerIdentityVerifier testling = new ServerIdentityVerifier(new JID("foo@bar.com/baz"), idnConverter);
+		SimpleCertificate certificate = new SimpleCertificate();
+		certificate.addDNSName("bar.com");
+
+		assertTrue(testling.certificateVerifies(certificate));
+	}
+
+	@Test
+	public void testCertificateVerifies_WithSecondMatchingDNSName() {
+		ServerIdentityVerifier testling = new ServerIdentityVerifier(new JID("foo@bar.com/baz"), idnConverter);
+		SimpleCertificate certificate = new SimpleCertificate();
+		certificate.addDNSName("foo.com");
+		certificate.addDNSName("bar.com");
+
+		assertTrue(testling.certificateVerifies(certificate));
+	}
+
+	@Test
+	public void testCertificateVerifies_WithMatchingInternationalDNSName() {
+		ServerIdentityVerifier testling = new ServerIdentityVerifier(new JID("foo@tronçon.com/baz"), idnConverter);
+		SimpleCertificate certificate = new SimpleCertificate();
+		certificate.addDNSName("xn--tronon-zua.com");
+
+		assertTrue(testling.certificateVerifies(certificate));
+	}
+
+	@Test
+	public void testCertificateVerifies_WithMatchingDNSNameWithWildcard() {
+		ServerIdentityVerifier testling = new ServerIdentityVerifier(new JID("foo@im.bar.com/baz"), idnConverter);
+		SimpleCertificate certificate = new SimpleCertificate();
+		certificate.addDNSName("*.bar.com");
+
+		assertTrue(testling.certificateVerifies(certificate));
+	}
+
+	@Test
+	public void testCertificateVerifies_WithMatchingDNSNameWithWildcardMatchingNoComponents() {
+		ServerIdentityVerifier testling = new ServerIdentityVerifier(new JID("foo@bar.com/baz"), idnConverter);
+		SimpleCertificate certificate = new SimpleCertificate();
+		certificate.addDNSName("*.bar.com");
+
+		assertFalse(testling.certificateVerifies(certificate));
+	}
+
+	@Test
+	public void testCertificateVerifies_WithDNSNameWithWildcardMatchingTwoComponents() {
+		ServerIdentityVerifier testling = new ServerIdentityVerifier(new JID("foo@xmpp.im.bar.com/baz"), idnConverter);
+		SimpleCertificate certificate = new SimpleCertificate();
+		certificate.addDNSName("*.bar.com");
+
+		assertFalse(testling.certificateVerifies(certificate));
+	}
+
+	@Test
+	public void testCertificateVerifies_WithMatchingSRVNameWithoutService() {
+		ServerIdentityVerifier testling = new ServerIdentityVerifier(new JID("foo@bar.com/baz"), idnConverter);
+		SimpleCertificate certificate = new SimpleCertificate();
+		certificate.addSRVName("bar.com");
+
+		assertFalse(testling.certificateVerifies(certificate));
+	}
+
+	@Test
+	public void testCertificateVerifies_WithMatchingSRVNameWithService() {
+		ServerIdentityVerifier testling = new ServerIdentityVerifier(new JID("foo@bar.com/baz"), idnConverter);
+		SimpleCertificate certificate = new SimpleCertificate();
+		certificate.addSRVName("_xmpp-client.bar.com");
+
+		assertTrue(testling.certificateVerifies(certificate));
+	}
+
+	@Test
+	public void testCertificateVerifies_WithMatchingSRVNameWithServiceAndWildcard() {
+		ServerIdentityVerifier testling = new ServerIdentityVerifier(new JID("foo@im.bar.com/baz"), idnConverter);
+		SimpleCertificate certificate = new SimpleCertificate();
+		certificate.addSRVName("_xmpp-client.*.bar.com");
+
+		assertTrue(testling.certificateVerifies(certificate));
+	}
+
+	@Test
+	public void testCertificateVerifies_WithMatchingSRVNameWithDifferentService() {
+		ServerIdentityVerifier testling = new ServerIdentityVerifier(new JID("foo@bar.com/baz"), idnConverter);
+		SimpleCertificate certificate = new SimpleCertificate();
+		certificate.addSRVName("_xmpp-server.bar.com");
+
+		assertFalse(testling.certificateVerifies(certificate));
+	}
+
+	@Test
+	public void testCertificateVerifies_WithMatchingXmppAddr() {
+		ServerIdentityVerifier testling = new ServerIdentityVerifier(new JID("foo@bar.com/baz"), idnConverter);
+		SimpleCertificate certificate = new SimpleCertificate();
+		certificate.addXMPPAddress("bar.com");
+
+		assertTrue(testling.certificateVerifies(certificate));
+	}
+
+	@Test
+	public void testCertificateVerifies_WithMatchingXmppAddrWithWildcard() {
+		ServerIdentityVerifier testling = new ServerIdentityVerifier(new JID("foo@im.bar.com/baz"), idnConverter);
+		SimpleCertificate certificate = new SimpleCertificate();
+		certificate.addXMPPAddress("*.bar.com");
+
+		assertFalse(testling.certificateVerifies(certificate));
+	}
+
+	@Test
+	public void testCertificateVerifies_WithMatchingInternationalXmppAddr() {
+		ServerIdentityVerifier testling = new ServerIdentityVerifier(new JID("foo@tronçon.com/baz"), idnConverter);
+		SimpleCertificate certificate = new SimpleCertificate();
+		certificate.addXMPPAddress("tronçon.com");
+
+		assertTrue(testling.certificateVerifies(certificate));
+	}
+
+	@Test
+	public void testCertificateVerifies_WithMatchingCNWithoutSAN() {
+		ServerIdentityVerifier testling = new ServerIdentityVerifier(new JID("foo@bar.com/baz"), idnConverter);
+		SimpleCertificate certificate = new SimpleCertificate();
+		certificate.addCommonName("bar.com");
+
+		assertTrue(testling.certificateVerifies(certificate));
+	}
+
+	@Test
+	public void testCertificateVerifies_WithMatchingCNWithSAN() {
+		ServerIdentityVerifier testling = new ServerIdentityVerifier(new JID("foo@bar.com/baz"), idnConverter);
+		SimpleCertificate certificate = new SimpleCertificate();
+		certificate.addSRVName("foo.com");
+		certificate.addCommonName("bar.com");
+
+		assertFalse(testling.certificateVerifies(certificate));
+	}
+}
+\ No newline at end of file