/** * Initialize the state. * * @param certPathCheckers the list of user-defined PKIXCertPathCheckers */ public void initState(List<PKIXCertPathChecker> certPathCheckers) throws CertPathValidatorException { subjectNamesTraversed = new HashSet<GeneralNameInterface>(); traversedCACerts = 0; /* * Populate forwardCheckers with every user-defined checker * that supports forward checking and initialize the forwardCheckers */ forwardCheckers = new ArrayList<PKIXCertPathChecker>(); for (PKIXCertPathChecker checker : certPathCheckers) { if (checker.isForwardCheckingSupported()) { checker.init(true); forwardCheckers.add(checker); } } init = true; }
/** * Update the state with the specified trust anchor. * * @param anchor the most-trusted CA */ public void updateState(TrustAnchor anchor) throws CertificateException, IOException, CertPathValidatorException { trustAnchor = anchor; X509Certificate trustedCert = anchor.getTrustedCert(); if (trustedCert != null) { updateState(trustedCert); } else { X500Principal caName = anchor.getCA(); updateState(anchor.getCAPublicKey(), caName); } // The user specified AlgorithmChecker may not be // able to set the trust anchor until now. for (PKIXCertPathChecker checker : userCheckers) { if (checker instanceof AlgorithmChecker) { ((AlgorithmChecker)checker).trySetTrustAnchor(anchor); } } init = false; }
/** * Initialize the state. * * @param certPathCheckers the list of user-defined PKIXCertPathCheckers */ public void initState(List<PKIXCertPathChecker> certPathCheckers) throws CertPathValidatorException { subjectNamesTraversed = new HashSet<GeneralNameInterface>(); traversedCACerts = 0; /* * Populate forwardCheckers with every user-defined checker * that supports forward checking and initialize the forwardCheckers */ forwardCheckers = new ArrayList<PKIXCertPathChecker>(); if (certPathCheckers != null) { for (PKIXCertPathChecker checker : certPathCheckers) { if (checker.isForwardCheckingSupported()) { checker.init(true); forwardCheckers.add(checker); } } } init = true; }
/** * Test #3 for <code>getCertPathCheckers()</code> method<br> * Assertion: The returned List is immutable, and each * <code>PKIXCertPathChecker</code> in the <code>List</code> * is cloned to protect against subsequent modifications * @throws InvalidAlgorithmParameterException * @throws CertPathValidatorException */ public final void testGetCertPathCheckers03() throws Exception { Set taSet = TestUtils.getTrustAnchorSet(); if (taSet == null) { fail(getName() + ": not performed (could not create test TrustAnchor set)"); } PKIXParameters p = new PKIXParameters(taSet); PKIXCertPathChecker cpc = TestUtils.getTestCertPathChecker(); List l = new ArrayList(); assertTrue("addedOk", l.add(cpc)); p.setCertPathCheckers(l); // retrieve checker and modify it PKIXCertPathChecker cpc1 = p.getCertPathCheckers().get(0); cpc1.init(true); assertTrue("modifiedOk", cpc1.isForwardCheckingSupported()); // retrieve checker again and check // that its state has not been changed // by the above modification PKIXCertPathChecker cpc2 = p.getCertPathCheckers().get(0); assertFalse("isCloned", cpc2.isForwardCheckingSupported()); }
/** * Test #1 for <code>setCertPathCheckers(List)</code> method<br> * Assertion: sets a <code>List</code> of additional * certification path checkers * @throws InvalidAlgorithmParameterException */ public final void testSetCertPathCheckers01() throws Exception { Set taSet = TestUtils.getTrustAnchorSet(); if (taSet == null) { fail(getName() + ": not performed (could not create test TrustAnchor set)"); } PKIXParameters p = new PKIXParameters(taSet); PKIXCertPathChecker cpc = TestUtils.getTestCertPathChecker(); List l = new ArrayList(); assertTrue("addedOk", l.add(cpc)); p.setCertPathCheckers(l); List l1 = p.getCertPathCheckers(); assertNotNull("notNull", l1); assertFalse("isNotEmpty", l1.isEmpty()); }
/** * Test #3 for <code>setCertPathCheckers(List)</code> method<br> * Assertion: <code>List</code> supplied here is copied and each * <code>PKIXCertPathChecker</code> in the list is cloned to protect * against subsequent modifications * @throws InvalidAlgorithmParameterException */ public final void testSetCertPathCheckers03() throws Exception { // checks that list copied Set taSet = TestUtils.getTrustAnchorSet(); if (taSet == null) { fail(getName() + ": not performed (could not create test TrustAnchor set)"); } PKIXParameters p = new PKIXParameters(taSet); PKIXCertPathChecker cpc = TestUtils.getTestCertPathChecker(); List l = new ArrayList(); assertTrue("addedOk", l.add(cpc)); p.setCertPathCheckers(l); // modify list l.clear(); // retrieve list and check // that its state has not been changed // by the above modification assertFalse("isCopied", p.getCertPathCheckers().isEmpty()); }
/** * Test #4 for <code>setCertPathCheckers(List)</code> method<br> * Assertion: <code>List</code> supplied here is copied and each * <code>PKIXCertPathChecker</code> in the list is cloned to protect * against subsequent modifications * @throws InvalidAlgorithmParameterException * @throws InvalidAlgorithmParameterException * @throws CertPathValidatorException */ public final void testSetCertPathCheckers04() throws Exception { // checks that checkers cloned Set taSet = TestUtils.getTrustAnchorSet(); if (taSet == null) { fail(getName() + ": not performed (could not create test TrustAnchor set)"); } PKIXParameters p = new PKIXParameters(taSet); PKIXCertPathChecker cpc = TestUtils.getTestCertPathChecker(); List l = new ArrayList(); assertTrue("addedOk", l.add(cpc)); p.setCertPathCheckers(l); // modify checker cpc.init(true); // retrieve list and check that CertPathChecker's // state it contains has not been changed by the // above modification PKIXCertPathChecker cpc1 = p.getCertPathCheckers().get(0); assertFalse("isCopied", cpc1.isForwardCheckingSupported()); }
/** * Test #5 for <code>setCertPathCheckers(List)</code> method<br> * Assertion: <code>ClassCastException</code> - * if any of the elements in the list are not of type * <code>java.security.cert.PKIXCertPathChecker</code> * @throws InvalidAlgorithmParameterException */ public final void testSetCertPathCheckers05() throws Exception { Set taSet = TestUtils.getTrustAnchorSet(); if (taSet == null) { fail(getName() + ": not performed (could not create test TrustAnchor set)"); } PKIXParameters p = new PKIXParameters(taSet); PKIXCertPathChecker cpc = TestUtils.getTestCertPathChecker(); List l = new ArrayList(); assertTrue("addedOk", l.add(cpc)); // add wrong object to the list assertTrue("addedOk", l.add(new Object())); try { p.setCertPathCheckers(l); fail("ClassCastException expected"); } catch (ClassCastException e) { } }
/** * Test #1 for <code>addCertPathChecker(PKIXCertPathChecker)</code> method<br> * Assertion: adds a <code>CertPathChecker</code> to the end of the * list of <code>CertPathChecker</code>s * @throws CertPathValidatorException */ public final void testAddCertPathChecker01() throws Exception { Set taSet = TestUtils.getTrustAnchorSet(); if (taSet == null) { fail(getName() + ": not performed (could not create test TrustAnchor set)"); } PKIXParameters p = new PKIXParameters(taSet); PKIXCertPathChecker cpc = TestUtils.getTestCertPathChecker(); List l = new ArrayList(); assertTrue("addedOk", l.add(cpc)); p.setCertPathCheckers(l); // create one more PKIXCertPathChecker PKIXCertPathChecker cpc1 = TestUtils.getTestCertPathChecker(); cpc1.init(true); p.addCertPathChecker(cpc1); // check that we have two PKIXCertPathCheckers and // they are in right order List l1 = p.getCertPathCheckers(); assertEquals("listSize", 2, l1.size()); assertFalse("order1", ((PKIXCertPathChecker)l1.get(0)).isForwardCheckingSupported()); assertTrue("order2", ((PKIXCertPathChecker)l1.get(1)).isForwardCheckingSupported()); }
/** * Test #2 for <code>addCertPathChecker(PKIXCertPathChecker)</code> method<br> * Assertion: if null, the checker is ignored (not added to list). * @throws InvalidAlgorithmParameterException */ public final void testAddCertPathChecker02() throws Exception { Set taSet = TestUtils.getTrustAnchorSet(); if (taSet == null) { fail(getName() + ": not performed (could not create test TrustAnchor set)"); } PKIXParameters p = new PKIXParameters(taSet); PKIXCertPathChecker cpc = TestUtils.getTestCertPathChecker(); List l = new ArrayList(); assertTrue("addedOk", l.add(cpc)); p.setCertPathCheckers(l); // try to add null p.addCertPathChecker(null); // check that we have one PKIXCertPathChecker List l1 = p.getCertPathCheckers(); assertEquals("listSize", 1, l1.size()); }
/** * Test #3 for <code>addCertPathChecker(PKIXCertPathChecker)</code> method<br> * Assertion: <code>PKIXCertPathChecker</code> is cloned to protect * against subsequent modifications * @throws InvalidAlgorithmParameterException * @throws CertPathValidatorException */ public final void testAddCertPathChecker03() throws Exception { Set taSet = TestUtils.getTrustAnchorSet(); if (taSet == null) { fail(getName() + ": not performed (could not create test TrustAnchor set)"); } // checks that checkers cloned PKIXParameters p = new PKIXParameters(taSet); PKIXCertPathChecker cpc = TestUtils.getTestCertPathChecker(); p.addCertPathChecker(cpc); // modify checker cpc.init(true); // retrieve list and check that CertPathChecker's // state it contains has not been changed by the // above modification List l = p.getCertPathCheckers(); PKIXCertPathChecker cpc1 = (PKIXCertPathChecker)l.get(0); assertEquals("listSize", 1, l.size()); assertFalse("isCopied", cpc1.isForwardCheckingSupported()); }
