@Test public void testGetRevocationList() throws CertificateException, OperatorCreationException, NoSuchAlgorithmException, NoSuchProviderException, CertPathBuilderException, InvalidAlgorithmParameterException, CMSException, IOException, CertificateVerificationException { Response response = target("/v2.0/tokens/revoked").register(JacksonFeature.class) .register(ObjectMapperResolver.class).request() .header("X-Auth-Token", Config.Instance.getOpt(Config.Type.DEFAULT, "admin_token").asText()).get(); assertEquals(200, response.getStatus()); SignedWrapper signedWrapper = response.readEntity(SignedWrapper.class); String formatted = signedWrapper.getSigned().replace("-----BEGIN CMS-----", "").replace("-----END CMS-----", "") .trim(); String result = Cms.Instance.verifySignature(formatted.getBytes(), Config.Instance.getOpt(Config.Type.signing, "certfile").asText(), Config.Instance.getOpt(Config.Type.signing, "ca_certs").asText()); System.err.println(result); }
/** * Test for <code>build(CertPathParameters params)</code> method * Assertion: throws InvalidAlgorithmParameterException params is null */ @TestTargetNew( level = TestLevel.PARTIAL_COMPLETE, notes = "Verifies that build method throws InvalidAlgorithmParameterException if a parameter is null.", method = "build", args = {java.security.cert.CertPathParameters.class} ) public void testCertPathBuilder11() throws NoSuchAlgorithmException, NoSuchProviderException, CertPathBuilderException { if (!PKIXSupport) { fail(NotSupportMsg); return; } CertPathBuilder [] certPB = createCPBs(); assertNotNull("CertPathBuilder objects were not created", certPB); for (int i = 0; i < certPB.length; i++ ){ try { certPB[i].build(null); fail("InvalidAlgorithmParameterException must be thrown"); } catch(InvalidAlgorithmParameterException e) { } } }
/** * Test for <code>CertPathBuilderException(Throwable)</code> constructor * Assertion: constructs CertPathBuilderException when <code>cause</code> * is not null */ @TestTargetNew( level = TestLevel.PARTIAL_COMPLETE, notes = "", method = "CertPathBuilderException", args = {java.lang.Throwable.class} ) public void testCertPathBuilderException05() { CertPathBuilderException tE = new CertPathBuilderException(tCause); if (tE.getMessage() != null) { String toS = tCause.toString(); String getM = tE.getMessage(); assertTrue("getMessage() should contain ".concat(toS), (getM .indexOf(toS) != -1)); } assertNotNull("getCause() must not return null", tE.getCause()); assertEquals("getCause() must return ".concat(tCause.toString()), tE .getCause(), tCause); }
/** * Test for <code>CertPathBuilderException(String, Throwable)</code> * constructor Assertion: constructs CertPathBuilderException when * <code>cause</code> is not null <code>msg</code> is null */ @TestTargetNew( level = TestLevel.PARTIAL_COMPLETE, notes = "Verifies null as the first parameter.", method = "CertPathBuilderException", args = {java.lang.String.class, java.lang.Throwable.class} ) public void testCertPathBuilderException08() { CertPathBuilderException tE = new CertPathBuilderException(null, tCause); if (tE.getMessage() != null) { String toS = tCause.toString(); String getM = tE.getMessage(); assertTrue("getMessage() must should ".concat(toS), (getM .indexOf(toS) != -1)); } assertNotNull("getCause() must not return null", tE.getCause()); assertEquals("getCause() must return ".concat(tCause.toString()), tE .getCause(), tCause); }
private void checkResult(CertPathBuilder certBuild) throws InvalidAlgorithmParameterException, CertPathBuilderException { String dt = CertPathBuilder.getDefaultType(); String propName = CertPathBuilder1Test.DEFAULT_TYPE_PROPERTY; String dtN; for (int i = 0; i <invalidValues.length; i++) { Security.setProperty(propName, invalidValues[i]); dtN = CertPathBuilder.getDefaultType(); if (!dtN.equals(invalidValues[i]) && !dtN.equals(dt)) { fail("Incorrect default type: ".concat(dtN)); } } Security.setProperty(propName, dt); assertEquals("Incorrect default type", CertPathBuilder.getDefaultType(), dt); try { certBuild.build(null); fail("CertPathBuilderException must be thrown"); } catch (CertPathBuilderException e) { } CertPathBuilderResult cpbResult = certBuild.build(null); assertNull("Not null CertPathBuilderResult", cpbResult); }
/** * Test for <code>build(CertPathParameters params)</code> method * Assertion: throws InvalidAlgorithmParameterException params is null */ public void testCertPathBuilder11() throws NoSuchAlgorithmException, NoSuchProviderException, CertPathBuilderException { if (!PKIXSupport) { fail(NotSupportMsg); return; } CertPathBuilder [] certPB = createCPBs(); assertNotNull("CertPathBuilder objects were not created", certPB); for (int i = 0; i < certPB.length; i++ ){ try { certPB[i].build(null); fail("InvalidAlgorithmParameterException must be thrown"); } catch(InvalidAlgorithmParameterException e) { } } }
public static PKIXCertPathBuilderResult verifyCertificate(X509Certificate cert, Set<X509Certificate> additionalCerts, boolean verifySelfSignedCert) throws CertificateVerificationException { try { // Check for self-signed certificate if (!verifySelfSignedCert && isSelfSigned(cert)) { throw new CertificateVerificationException("The certificate is self-signed."); } // Prepare a set of trusted root CA certificates // and a set of intermediate certificates Set<X509Certificate> trustedRootCerts = new HashSet<X509Certificate>(); Set<X509Certificate> intermediateCerts = new HashSet<X509Certificate>(); for (X509Certificate additionalCert : additionalCerts) { if (isSelfSigned(additionalCert)) { trustedRootCerts.add(additionalCert); } else { intermediateCerts.add(additionalCert); } } // Attempt to build the certification chain and verify it PKIXCertPathBuilderResult verifiedCertChain = verifyCertificate(cert, trustedRootCerts, intermediateCerts, verifySelfSignedCert); // Check whether the certificate is revoked by the CRL // given in its CRL distribution point extension CRLVerifier.verifyCertificateCRLs(cert); // The chain is built and verified. Return it as a result return verifiedCertChain; } catch (CertPathBuilderException certPathEx) { throw new CertificateVerificationException("Error building certification path: " + cert.getSubjectX500Principal(), certPathEx); } catch (CertificateVerificationException cvex) { throw cvex; } catch (Exception ex) { throw new CertificateVerificationException("Error verifying the certificate: " + cert.getSubjectX500Principal(), ex); } }
@Test public void testNoValidationPossible() throws Exception { //trust chain incl intermediate certificates (root + intermediates) Collection<? extends Certificate> rootCas; final File trustedCas = getAbsoluteFilePathFromClassPath("chain-ca.pem"); try(FileInputStream trin = new FileInputStream(trustedCas)) { rootCas = (Collection<? extends Certificate>) CertificateFactory.getInstance("X.509").generateCertificates(trin); } Assert.assertEquals(rootCas.size(), 2); //certificate chain to validate (client cert + intermediates but without root) Collection<? extends Certificate> certsToValidate; final File certs = getAbsoluteFilePathFromClassPath("crl/revoked.crt.pem"); try(FileInputStream trin = new FileInputStream(certs)) { certsToValidate = (Collection<? extends Certificate>) CertificateFactory.getInstance("X.509").generateCertificates(trin); } Assert.assertEquals(certsToValidate.size(), 2); CertificateValidator validator = new CertificateValidator(rootCas.toArray(new X509Certificate[0]), Collections.emptyList()); validator.setDate(CRL_DATE); try { validator.validate(certsToValidate.toArray(new X509Certificate[0])); Assert.fail(); } catch (CertificateException e) { Assert.assertTrue(e.getCause() instanceof CertPathBuilderException); Assert.assertTrue(e.getCause().getMessage().contains("unable to find valid certification path to requested target")); } }
public CertPathBuilderResult engineBuild(CertPathParameters params) throws CertPathBuilderException, InvalidAlgorithmParameterException { swi++; if ((params == null) && ((swi %2 ) != 0)) { throw new CertPathBuilderException("Null parameter"); } return null; }
/** * Test for <code>CertPathBuilderSpi</code> constructor Assertion: * constructs CertPathBuilderSpi */ @TestTargets({ @TestTargetNew( level = TestLevel.COMPLETE, notes = "", method = "CertPathBuilderSpi", args = {} ), @TestTargetNew( level = TestLevel.COMPLETE, notes = "", method = "engineBuild", args = {java.security.cert.CertPathParameters.class} ) }) public void testCertPathBuilderSpi01() throws CertPathBuilderException, InvalidAlgorithmParameterException { CertPathBuilderSpi certPathBuilder = new MyCertPathBuilderSpi(); CertPathParameters cpp = null; try { certPathBuilder.engineBuild(cpp); fail("CertPathBuilderException must be thrown"); } catch (CertPathBuilderException e) { } CertPathBuilderResult cpbResult = certPathBuilder.engineBuild(cpp); assertNull("Not null CertPathBuilderResult", cpbResult); }
/** * Test for <code>CertPathBuilderException()</code> constructor Assertion: * constructs CertPathBuilderException with no detail message */ @TestTargetNew( level = TestLevel.COMPLETE, notes = "", method = "CertPathBuilderException", args = {} ) public void testCertPathBuilderException01() { CertPathBuilderException tE = new CertPathBuilderException(); assertNull("getMessage() must return null.", tE.getMessage()); assertNull("getCause() must return null", tE.getCause()); }
/** * Test for <code>CertPathBuilderException(String)</code> constructor * Assertion: constructs CertPathBuilderException when <code>msg</code> is * null */ @TestTargetNew( level = TestLevel.PARTIAL_COMPLETE, notes = "Verifies null as a parameter.", method = "CertPathBuilderException", args = {java.lang.String.class} ) public void testCertPathBuilderException03() { String msg = null; CertPathBuilderException tE = new CertPathBuilderException(msg); assertNull("getMessage() must return null.", tE.getMessage()); assertNull("getCause() must return null", tE.getCause()); }
/** * Test for <code>CertPathBuilderException(Throwable)</code> constructor * Assertion: constructs CertPathBuilderException when <code>cause</code> * is null */ @TestTargetNew( level = TestLevel.PARTIAL_COMPLETE, notes = "Verifies null as a parameter.", method = "CertPathBuilderException", args = {java.lang.Throwable.class} ) public void testCertPathBuilderException04() { Throwable cause = null; CertPathBuilderException tE = new CertPathBuilderException(cause); assertNull("getMessage() must return null.", tE.getMessage()); assertNull("getCause() must return null", tE.getCause()); }
/** * Test for <code>CertPathBuilderException(String, Throwable)</code> * constructor Assertion: constructs CertPathBuilderException when * <code>cause</code> is null <code>msg</code> is null */ @TestTargetNew( level = TestLevel.PARTIAL_COMPLETE, notes = "Verifies null as parameters.", method = "CertPathBuilderException", args = {java.lang.String.class, java.lang.Throwable.class} ) public void testCertPathBuilderException06() { CertPathBuilderException tE = new CertPathBuilderException(null, null); assertNull("getMessage() must return null", tE.getMessage()); assertNull("getCause() must return null", tE.getCause()); }
/** * Reads an X.509 certificate or a PKCS#7 formatted certificate chain from * the file specified in param and puts it into the entry identified by the * supplied alias. If the input file is not specified, the certificates are * read from the standard input. * * @param param * @throws KeytoolException * @throws IOException * @throws CertPathBuilderException * @throws UnrecoverableKeyException * @throws NoSuchAlgorithmException * @throws CertificateException * @throws FileNotFoundException * @throws NoSuchProviderException * @throws KeyStoreException */ static void importCert(KeytoolParameters param) throws FileNotFoundException, CertificateException, NoSuchAlgorithmException, UnrecoverableKeyException, CertPathBuilderException, IOException, KeytoolException, NoSuchProviderException, KeyStoreException { String alias = param.getAlias(); KeyStore keyStore = param.getKeyStore(); boolean contains = keyStore.containsAlias(alias); String certProvider = (param.getCertProvider() != null) ? param .getCertProvider() : param.getProvider(); // if the alias already exists, try to import the certificate as // a cert reply if (contains && keyStore.entryInstanceOf(alias, KeyStore.PrivateKeyEntry.class)) { // read the certificates Collection<X509Certificate> certCollection = CertReader.readCerts( param.getFileName(), false, certProvider); importReply(param, certCollection); } else if (!contains) { // import a trusted certificate // read the certificate Collection<X509Certificate> trustedCert = CertReader.readCerts( param.getFileName(), true, certProvider); importTrusted(param, trustedCert.iterator().next()); } else {// if the existing entry is not a private key entry throw new KeytoolException( "Failed to import the certificate. \nAlias <" + alias + "> already exists and is not a private key entry"); } }
protected Object[] getData() { Exception cause = new Exception(msgs[1]); CertPathBuilderException dExc = new CertPathBuilderException(msgs[0], cause); String msg = null; Throwable th = null; return new Object[] { new CertPathBuilderException(), new CertPathBuilderException(msg), new CertPathBuilderException(msgs[1]), new CertPathBuilderException(new Throwable()), new CertPathBuilderException(th), new CertPathBuilderException(msgs[1], dExc) }; }
/** * Test for <code>CertPathBuilderSpi</code> constructor Assertion: * constructs CertPathBuilderSpi */ public void testCertPathBuilderSpi01() throws CertPathBuilderException, InvalidAlgorithmParameterException { CertPathBuilderSpi certPathBuilder = new MyCertPathBuilderSpi(); CertPathParameters cpp = null; try { certPathBuilder.engineBuild(cpp); fail("CertPathBuilderException must be thrown"); } catch (CertPathBuilderException e) { } CertPathBuilderResult cpbResult = certPathBuilder.engineBuild(cpp); assertNull("Not null CertPathBuilderResult", cpbResult); }
/** * Test for <code>CertPathBuilderException(String)</code> constructor * Assertion: constructs CertPathBuilderException when <code>msg</code> is * null */ public void testCertPathBuilderException03() { String msg = null; CertPathBuilderException tE = new CertPathBuilderException(msg); assertNull("getMessage() must return null.", tE.getMessage()); assertNull("getCause() must return null", tE.getCause()); }
/** * Test for <code>CertPathBuilderException(Throwable)</code> constructor * Assertion: constructs CertPathBuilderException when <code>cause</code> * is null */ public void testCertPathBuilderException04() { Throwable cause = null; CertPathBuilderException tE = new CertPathBuilderException(cause); assertNull("getMessage() must return null.", tE.getMessage()); assertNull("getCause() must return null", tE.getCause()); }
/** * Test for <code>CertPathBuilderException(Throwable)</code> constructor * Assertion: constructs CertPathBuilderException when <code>cause</code> * is not null */ public void testCertPathBuilderException05() { CertPathBuilderException tE = new CertPathBuilderException(tCause); if (tE.getMessage() != null) { String toS = tCause.toString(); String getM = tE.getMessage(); assertTrue("getMessage() should contain ".concat(toS), (getM .indexOf(toS) != -1)); } assertNotNull("getCause() must not return null", tE.getCause()); assertEquals("getCause() must return ".concat(tCause.toString()), tE .getCause(), tCause); }
/** * Test for <code>CertPathBuilderException(String, Throwable)</code> * constructor Assertion: constructs CertPathBuilderException when * <code>cause</code> is not null <code>msg</code> is null */ public void testCertPathBuilderException08() { CertPathBuilderException tE = new CertPathBuilderException(null, tCause); if (tE.getMessage() != null) { String toS = tCause.toString(); String getM = tE.getMessage(); assertTrue("getMessage() must should ".concat(toS), (getM .indexOf(toS) != -1)); } assertNotNull("getCause() must not return null", tE.getCause()); assertEquals("getCause() must return ".concat(tCause.toString()), tE .getCause(), tCause); }