/** * Test #1 for <code>PKIXCertPathValidatorResult(TrustAnchor, * PolicyNode, PublicKey)</code> constructor<br> * Assertion: creates an instance of * <code>PKIXCertPathValidatorResult</code> * * @throws NoSuchAlgorithmException * @throws InvalidKeySpecException */ @TestTargetNew( level = TestLevel.PARTIAL_COMPLETE, notes = "Doesn't verify NullPointerException.", method = "PKIXCertPathValidatorResult", args = {java.security.cert.TrustAnchor.class, java.security.cert.PolicyNode.class, java.security.PublicKey.class} ) public final void testPKIXCertPathValidatorResult01() throws InvalidKeySpecException, NoSuchAlgorithmException { TrustAnchor ta = TestUtils.getTrustAnchor(); if (ta == null) { fail(getName() + ": not performed (could not create test TrustAnchor)"); } new PKIXCertPathValidatorResult( ta, TestUtils.getPolicyTree(), testPublicKey); }
/** * Test #2 for <code>PKIXCertPathValidatorResult(TrustAnchor, * PolicyNode, PublicKey)</code> constructor<br> * Assertion: <code>NullPointerException</code> if * <code>TrustAnchor</code> parameter is <code>null</code> */ @TestTargetNew( level = TestLevel.PARTIAL_COMPLETE, notes = "Verifies NullPointerException.", method = "PKIXCertPathValidatorResult", args = {java.security.cert.TrustAnchor.class, java.security.cert.PolicyNode.class, java.security.PublicKey.class} ) public final void testPKIXCertPathValidatorResult02() { try { // pass null new PKIXCertPathValidatorResult( null, TestUtils.getPolicyTree(), testPublicKey); fail("NPE expected"); } catch (NullPointerException e) { } }
/** * Test #3 for <code>PKIXCertPathValidatorResult(TrustAnchor, * PolicyNode, PublicKey)</code> constructor<br> * Assertion: <code>NullPointerException</code> if * <code>PublicKey</code> parameter is <code>null</code> */ @TestTargetNew( level = TestLevel.PARTIAL_COMPLETE, notes = "Verifies NullPointerException.", method = "PKIXCertPathValidatorResult", args = {java.security.cert.TrustAnchor.class, java.security.cert.PolicyNode.class, java.security.PublicKey.class} ) public final void testPKIXCertPathValidatorResult03() { TrustAnchor ta = TestUtils.getTrustAnchor(); if (ta == null) { fail(getName() + ": not performed (could not create test TrustAnchor)"); } try { // pass null new PKIXCertPathValidatorResult( ta, TestUtils.getPolicyTree(), null); fail("NPE expected"); } catch (NullPointerException e) { } }
/** * Test #4 for <code>PKIXCertPathValidatorResult(TrustAnchor, * PolicyNode, PublicKey)</code> constructor<br> * Assertion: <code>PolicyNode</code>can be <code>null</code> */ @TestTargetNew( level = TestLevel.PARTIAL_COMPLETE, notes = "Verifies null as a parameter.", method = "PKIXCertPathValidatorResult", args = {java.security.cert.TrustAnchor.class, java.security.cert.PolicyNode.class, java.security.PublicKey.class} ) public final void testPKIXCertPathValidatorResult04() throws Exception { TrustAnchor ta = TestUtils.getTrustAnchor(); if (ta == null) { fail(getName() + ": not performed (could not create test TrustAnchor)"); } new PKIXCertPathValidatorResult( ta, null, testPublicKey); }
/** * Test for <code>getTrustAnchor()</code> method<br> * Assertion: returns <code>TrustAnchor</code> (never <code>null</code>) * @throws NoSuchAlgorithmException * @throws InvalidKeySpecException */ @TestTargetNew( level = TestLevel.COMPLETE, notes = "", method = "getTrustAnchor", args = {} ) public final void testGetTrustAnchor() throws Exception { TrustAnchor ta = TestUtils.getTrustAnchor(); if (ta == null) { fail(getName() + ": not performed (could not create test TrustAnchor)"); } PKIXCertPathValidatorResult vr = new PKIXCertPathValidatorResult( ta, null, testPublicKey); // must return the same reference passed // as a parameter to the constructor assertSame(ta, vr.getTrustAnchor()); }
/** * Test for <code>getPublicKey()</code> method<br> * Assertion: returns the subject's public key (never <code>null</code>) * @throws NoSuchAlgorithmException * @throws InvalidKeySpecException */ @TestTargetNew( level = TestLevel.COMPLETE, notes = "", method = "getPublicKey", args = {} ) public final void testGetPublicKey() throws Exception { TrustAnchor ta = TestUtils.getTrustAnchor(); if (ta == null) { fail(getName() + ": not performed (could not create test TrustAnchor)"); } PublicKey pk = testPublicKey; PKIXCertPathValidatorResult vr = new PKIXCertPathValidatorResult( ta, null, pk); // must return the same reference passed // as a parameter to the constructor assertSame(pk, vr.getPublicKey()); }
/** * Test for <code>getPolicyTree()</code> method<br> * Assertion: returns the root node of the valid * policy tree or <code>null</code> if there are * no valid policies * @throws NoSuchAlgorithmException * @throws InvalidKeySpecException */ @TestTargetNew( level = TestLevel.PARTIAL_COMPLETE, notes = "Verifies that getPolicyTree method returns the root node of the valid policy tree.", method = "getPolicyTree", args = {} ) public final void testGetPolicyTree01() throws Exception { TrustAnchor ta = TestUtils.getTrustAnchor(); if (ta == null) { fail(getName() + ": not performed (could not create test TrustAnchor)"); } // valid policy tree case; PolicyNode pn = TestUtils.getPolicyTree(); PKIXCertPathValidatorResult vr = new PKIXCertPathValidatorResult( ta, pn, testPublicKey); // must return the same reference passed // as a parameter to the constructor assertSame(pn, vr.getPolicyTree()); }
/** * Test for <code>getPolicyTree()</code> method<br> * Assertion: returns the root node of the valid * policy tree or <code>null</code> if there are * no valid policies * @throws NoSuchAlgorithmException * @throws InvalidKeySpecException */ @TestTargetNew( level = TestLevel.PARTIAL_COMPLETE, notes = "Verifies that getPolicyTree method returns null if there are no valid policies.", method = "getPolicyTree", args = {} ) public final void testGetPolicyTree02() throws Exception { TrustAnchor ta = TestUtils.getTrustAnchor(); if (ta == null) { fail(getName() + ": not performed (could not create test TrustAnchor)"); } // no valid policy tree case (null) PKIXCertPathValidatorResult vr = new PKIXCertPathValidatorResult( ta, null, testPublicKey); // must return the same reference passed // as a parameter to the constructor assertNull(vr.getPolicyTree()); }
/** * Test #1 for <code>toString()</code> method<br> * Assertion: Returns a formatted string describing this object * @throws NoSuchAlgorithmException * @throws InvalidKeySpecException */ @TestTargetNew( level = TestLevel.COMPLETE, notes = "", method = "toString", args = {} ) public final void testToString01() throws Exception { TrustAnchor ta = TestUtils.getTrustAnchor(); if (ta == null) { fail(getName() + ": not performed (could not create test TrustAnchor)"); } PKIXCertPathValidatorResult vr = new PKIXCertPathValidatorResult( ta, TestUtils.getPolicyTree(), testPublicKey); assertNotNull(vr.toString()); }
/** * Test #2 for <code>toString()</code> method<br> * Assertion: Returns a formatted string describing this object * @throws NoSuchAlgorithmException * @throws InvalidKeySpecException */ @TestTargetNew( level = TestLevel.COMPLETE, notes = "", method = "toString", args = {} ) public final void testToString02() throws Exception { TrustAnchor ta = TestUtils.getTrustAnchor(); if (ta == null) { fail(getName() + ": not performed (could not create test TrustAnchor)"); } PKIXCertPathValidatorResult vr = new PKIXCertPathValidatorResult( ta, null, testPublicKey); assertNotNull(vr.toString()); }
/** * Test #3 for <code>PKIXCertPathValidatorResult(TrustAnchor, * PolicyNode, PublicKey)</code> constructor<br> * Assertion: <code>NullPointerException</code> if * <code>PublicKey</code> parameter is <code>null</code> */ public final void testPKIXCertPathValidatorResult03() { TrustAnchor ta = TestUtils.getTrustAnchor(); if (ta == null) { fail(getName() + ": not performed (could not create test TrustAnchor)"); } try { // pass null new PKIXCertPathValidatorResult( ta, TestUtils.getPolicyTree(), null); fail("NPE expected"); } catch (NullPointerException e) { } }
/** * Test for <code>getTrustAnchor()</code> method<br> * Assertion: returns <code>TrustAnchor</code> (never <code>null</code>) * @throws NoSuchAlgorithmException * @throws InvalidKeySpecException */ public final void testGetTrustAnchor() throws Exception { TrustAnchor ta = TestUtils.getTrustAnchor(); if (ta == null) { fail(getName() + ": not performed (could not create test TrustAnchor)"); } PKIXCertPathValidatorResult vr = new PKIXCertPathValidatorResult( ta, null, testPublicKey); // must return the same reference passed // as a parameter to the constructor assertSame(ta, vr.getTrustAnchor()); }
/** * Test for <code>getPublicKey()</code> method<br> * Assertion: returns the subject's public key (never <code>null</code>) * @throws NoSuchAlgorithmException * @throws InvalidKeySpecException */ public final void testGetPublicKey() throws Exception { TrustAnchor ta = TestUtils.getTrustAnchor(); if (ta == null) { fail(getName() + ": not performed (could not create test TrustAnchor)"); } PublicKey pk = testPublicKey; PKIXCertPathValidatorResult vr = new PKIXCertPathValidatorResult( ta, null, pk); // must return the same reference passed // as a parameter to the constructor assertSame(pk, vr.getPublicKey()); }
/** * Test for <code>getPolicyTree()</code> method<br> * Assertion: returns the root node of the valid * policy tree or <code>null</code> if there are * no valid policies * @throws NoSuchAlgorithmException * @throws InvalidKeySpecException */ public final void testGetPolicyTree01() throws Exception { TrustAnchor ta = TestUtils.getTrustAnchor(); if (ta == null) { fail(getName() + ": not performed (could not create test TrustAnchor)"); } // valid policy tree case; PolicyNode pn = TestUtils.getPolicyTree(); PKIXCertPathValidatorResult vr = new PKIXCertPathValidatorResult( ta, pn, testPublicKey); // must return the same reference passed // as a parameter to the constructor assertSame(pn, vr.getPolicyTree()); }
/** * Test for <code>getPolicyTree()</code> method<br> * Assertion: returns the root node of the valid * policy tree or <code>null</code> if there are * no valid policies * @throws NoSuchAlgorithmException * @throws InvalidKeySpecException */ public final void testGetPolicyTree02() throws Exception { TrustAnchor ta = TestUtils.getTrustAnchor(); if (ta == null) { fail(getName() + ": not performed (could not create test TrustAnchor)"); } // no valid policy tree case (null) PKIXCertPathValidatorResult vr = new PKIXCertPathValidatorResult( ta, null, testPublicKey); // must return the same reference passed // as a parameter to the constructor assertNull(vr.getPolicyTree()); }
private PKIXCertPathValidatorResult certPathReview(CertPath certPath, PKIXParameters params) throws NoSuchAlgorithmException, CertPathValidatorException, InvalidAlgorithmParameterException { CertPathValidator certPathValidator = CertPathValidator .getInstance(CertPathValidator.getDefaultType()); CertPathValidatorResult result = certPathValidator.validate(certPath, params); PKIXCertPathValidatorResult pkixResult = (PKIXCertPathValidatorResult) result; return pkixResult; }
/** * Test for <code>clone()</code> method<br> * Assertion: returns a copy of this object * @throws NoSuchAlgorithmException * @throws InvalidKeySpecException */ @TestTargetNew( level = TestLevel.COMPLETE, notes = "", method = "clone", args = {} ) public final void testClone() throws Exception { TrustAnchor ta = TestUtils.getTrustAnchor(); if (ta == null) { fail(getName() + ": not performed (could not create test TrustAnchor)"); } PKIXCertPathValidatorResult vr1 = new PKIXCertPathValidatorResult( ta, TestUtils.getPolicyTree(), testPublicKey); PKIXCertPathValidatorResult vr2 = (PKIXCertPathValidatorResult) vr1.clone(); // check that method makes shallow copy assertNotSame("notSame", vr1, vr2); assertSame("trustAncor", vr1.getTrustAnchor(), vr2.getTrustAnchor()); assertSame("policyTree", vr1.getPolicyTree(), vr2.getPolicyTree()); assertSame("publicKey", vr1.getPublicKey(), vr2.getPublicKey()); // Regression for HARMONY-2786. byte[] encoding = { 0x01 }; MyPKIXCertPathBuilderResult my = new MyPKIXCertPathBuilderResult(ta, TestUtils.getPolicyTree(), testPublicKey, encoding); MyPKIXCertPathBuilderResult myClone = (MyPKIXCertPathBuilderResult) my .clone(); assertSame(my.getPolicyTree(), myClone.getPolicyTree()); assertSame(my.getPublicKey(), myClone.getPublicKey()); assertSame(my.getTrustAnchor(), myClone.getTrustAnchor()); assertSame(my.enc, myClone.enc); }
@Override public void validateResult(CertPathValidatorResult validatorResult) { assertNotNull("validator result is null", validatorResult); assertTrue("validator result is not PKIX", validatorResult instanceof PKIXCertPathValidatorResult); }
/** * Test #1 for <code>PKIXCertPathValidatorResult(TrustAnchor, * PolicyNode, PublicKey)</code> constructor<br> * Assertion: creates an instance of * <code>PKIXCertPathValidatorResult</code> * * @throws NoSuchAlgorithmException * @throws InvalidKeySpecException */ public final void testPKIXCertPathValidatorResult01() throws InvalidKeySpecException, NoSuchAlgorithmException { TrustAnchor ta = TestUtils.getTrustAnchor(); if (ta == null) { fail(getName() + ": not performed (could not create test TrustAnchor)"); } new PKIXCertPathValidatorResult( ta, TestUtils.getPolicyTree(), testPublicKey); }
/** * Test #2 for <code>PKIXCertPathValidatorResult(TrustAnchor, * PolicyNode, PublicKey)</code> constructor<br> * Assertion: <code>NullPointerException</code> if * <code>TrustAnchor</code> parameter is <code>null</code> */ public final void testPKIXCertPathValidatorResult02() { try { // pass null new PKIXCertPathValidatorResult( null, TestUtils.getPolicyTree(), testPublicKey); fail("NPE expected"); } catch (NullPointerException e) { } }
/** * Test #4 for <code>PKIXCertPathValidatorResult(TrustAnchor, * PolicyNode, PublicKey)</code> constructor<br> * Assertion: <code>PolicyNode</code>can be <code>null</code> */ public final void testPKIXCertPathValidatorResult04() throws Exception { TrustAnchor ta = TestUtils.getTrustAnchor(); if (ta == null) { fail(getName() + ": not performed (could not create test TrustAnchor)"); } new PKIXCertPathValidatorResult( ta, null, testPublicKey); }
/** * Test for <code>clone()</code> method<br> * Assertion: returns a copy of this object * @throws NoSuchAlgorithmException * @throws InvalidKeySpecException */ public final void testClone() throws Exception { TrustAnchor ta = TestUtils.getTrustAnchor(); if (ta == null) { fail(getName() + ": not performed (could not create test TrustAnchor)"); } PKIXCertPathValidatorResult vr1 = new PKIXCertPathValidatorResult( ta, TestUtils.getPolicyTree(), testPublicKey); PKIXCertPathValidatorResult vr2 = (PKIXCertPathValidatorResult) vr1.clone(); // check that method makes shallow copy assertNotSame("notSame", vr1, vr2); assertSame("trustAncor", vr1.getTrustAnchor(), vr2.getTrustAnchor()); assertSame("policyTree", vr1.getPolicyTree(), vr2.getPolicyTree()); assertSame("publicKey", vr1.getPublicKey(), vr2.getPublicKey()); // Regression for HARMONY-2786. byte[] encoding = { 0x01 }; MyPKIXCertPathBuilderResult my = new MyPKIXCertPathBuilderResult(ta, TestUtils.getPolicyTree(), testPublicKey, encoding); MyPKIXCertPathBuilderResult myClone = (MyPKIXCertPathBuilderResult) my .clone(); assertSame(my.getPolicyTree(), myClone.getPolicyTree()); assertSame(my.getPublicKey(), myClone.getPublicKey()); assertSame(my.getTrustAnchor(), myClone.getTrustAnchor()); assertSame(my.enc, myClone.enc); }
/** * Test #1 for <code>toString()</code> method<br> * Assertion: Returns a formatted string describing this object * @throws NoSuchAlgorithmException * @throws InvalidKeySpecException */ public final void testToString01() throws Exception { TrustAnchor ta = TestUtils.getTrustAnchor(); if (ta == null) { fail(getName() + ": not performed (could not create test TrustAnchor)"); } PKIXCertPathValidatorResult vr = new PKIXCertPathValidatorResult( ta, TestUtils.getPolicyTree(), testPublicKey); assertNotNull(vr.toString()); }
/** * Test #2 for <code>toString()</code> method<br> * Assertion: Returns a formatted string describing this object * @throws NoSuchAlgorithmException * @throws InvalidKeySpecException */ public final void testToString02() throws Exception { TrustAnchor ta = TestUtils.getTrustAnchor(); if (ta == null) { fail(getName() + ": not performed (could not create test TrustAnchor)"); } PKIXCertPathValidatorResult vr = new PKIXCertPathValidatorResult( ta, null, testPublicKey); assertNotNull(vr.toString()); }
public void testAllCertificatesAnyPolicyTest11() throws Exception { String[] certList = new String[] { "anyPolicyCACert", "AllCertificatesanyPolicyTest11EE" }; String[] crlList = new String[] { TRUST_ANCHOR_ROOT_CRL, "anyPolicyCACRL" }; PKIXCertPathValidatorResult result = doTest(TRUST_ANCHOR_ROOT_CERTIFICATE, certList, crlList); result = doTest(TRUST_ANCHOR_ROOT_CERTIFICATE, certList, crlList, nistTestPolicy1); }
public void testUserNoticeQualifierTest16() throws Exception { String[] certList = new String[] { GOOD_CA_CERT, "UserNoticeQualifierTest16EE" }; String[] crlList = new String[] { TRUST_ANCHOR_ROOT_CRL, GOOD_CA_CRL }; PKIXCertPathValidatorResult result = doTest(TRUST_ANCHOR_ROOT_CERTIFICATE, certList, crlList); result = doTest(TRUST_ANCHOR_ROOT_CERTIFICATE, certList, crlList, nistTestPolicy1); doExceptionTest(TRUST_ANCHOR_ROOT_CERTIFICATE, certList, crlList, nistTestPolicy2, -1, "Path processing failed on policy."); }
private PKIXCertPathValidatorResult doTest( String trustAnchor, String[] certs, String[] crls) throws Exception { return doTest(trustAnchor, certs, crls, null); }
/** * Attempts to build a certification chain for given certificate to verify * it. Relies on a set of root CA certificates (trust anchors) and a set of * intermediate certificates (to be used as part of the chain). */ private PKIXCertPathBuilderResult verifyCertificate(X509Certificate certificate, Set<X509Certificate> trustedRootCerts, Set<X509Certificate> intermediateCerts) throws GeneralSecurityException { // Create the selector that specifies the starting certificate X509CertSelector selector = new X509CertSelector(); selector.setBasicConstraints(-2); selector.setCertificate(certificate); // Create the trust anchors (set of root CA certificates) Set<TrustAnchor> trustAnchors = new HashSet<TrustAnchor>(); for (X509Certificate trustedRootCert : trustedRootCerts) { trustAnchors.add(new TrustAnchor(trustedRootCert, null)); } // Configure the PKIX certificate builder algorithm parameters PKIXBuilderParameters pkixParams = new PKIXBuilderParameters(trustAnchors, selector); // Turn off default revocation-checking mechanism pkixParams.setRevocationEnabled(false); // Specify a list of intermediate certificates CertStore intermediateCertStore = CertStore.getInstance("Collection", new CollectionCertStoreParameters(intermediateCerts)); pkixParams.addCertStore(intermediateCertStore); // Build and verify the certification chain CertPathBuilder builder = CertPathBuilder.getInstance("PKIX", BouncyCastleProvider.PROVIDER_NAME); PKIXCertPathBuilderResult certPathBuilderResult = (PKIXCertPathBuilderResult) builder.build(pkixParams); // Additional check to Verify cert path CertPathValidator certPathValidator = CertPathValidator.getInstance("PKIX", BouncyCastleProvider.PROVIDER_NAME); PKIXCertPathValidatorResult certPathValidationResult = (PKIXCertPathValidatorResult) certPathValidator.validate(certPathBuilderResult.getCertPath(), pkixParams); return certPathBuilderResult; }
