Search in sources :

Example 26 with CertPathBuilder

use of java.security.cert.CertPathBuilder in project robovm by robovm.

the class myCertPathBuilder method testCertPathBuilder03.

/**
     * Test for <code>getInstance(String algorithm)</code> method
     * Assertion: returns CertPathBuilder object
     */
public void testCertPathBuilder03() throws NoSuchAlgorithmException {
    if (!PKIXSupport) {
        fail(NotSupportMsg);
        return;
    }
    for (int i = 0; i < validValues.length; i++) {
        CertPathBuilder cpb = CertPathBuilder.getInstance(validValues[i]);
        assertEquals("Incorrect algorithm", cpb.getAlgorithm(), validValues[i]);
    }
}
Also used : CertPathBuilder(java.security.cert.CertPathBuilder)

Example 27 with CertPathBuilder

use of java.security.cert.CertPathBuilder in project robovm by robovm.

the class CertPathBuilder2Test method testGetInstance03.

/**
     * Test for <code>getInstance(String algorithm, Provider provider)</code>
     * method
     * Assertions:
     * throws NullPointerException when algorithm is null
     * throws NoSuchAlgorithmException when algorithm  is not correct
     * returns CertPathBuilder object
     */
public void testGetInstance03() throws NoSuchAlgorithmException, IllegalArgumentException, InvalidAlgorithmParameterException, CertPathBuilderException {
    try {
        CertPathBuilder.getInstance(null, mProv);
        fail("NullPointerException or NoSuchAlgorithmException must be thrown when algorithm is null");
    } catch (NullPointerException e) {
    } catch (NoSuchAlgorithmException e) {
    }
    for (int i = 0; i < invalidValues.length; i++) {
        try {
            CertPathBuilder.getInstance(invalidValues[i], mProv);
            fail("NoSuchAlgorithmException must be thrown (type: ".concat(invalidValues[i]).concat(")"));
        } catch (NoSuchAlgorithmException e) {
        }
    }
    Provider prov = null;
    for (int i = 0; i < validValues.length; i++) {
        try {
            CertPathBuilder.getInstance(validValues[i], prov);
            fail("IllegalArgumentException must be thrown when provider is null (type: ".concat(validValues[i]).concat(")"));
        } catch (IllegalArgumentException e) {
        }
    }
    CertPathBuilder cerPB;
    for (int i = 0; i < validValues.length; i++) {
        cerPB = CertPathBuilder.getInstance(validValues[i], mProv);
        assertEquals("Incorrect type", cerPB.getAlgorithm(), validValues[i]);
        assertEquals("Incorrect provider", cerPB.getProvider(), mProv);
        checkResult(cerPB);
    }
}
Also used : NoSuchAlgorithmException(java.security.NoSuchAlgorithmException) CertPathBuilder(java.security.cert.CertPathBuilder) MyProvider(tests.security.cert.myCertPathBuilder.MyProvider) Provider(java.security.Provider)

Example 28 with CertPathBuilder

use of java.security.cert.CertPathBuilder in project robovm by robovm.

the class CertPathBuilderTest method testCertPathBuilder.

public void testCertPathBuilder() throws Exception {
    CertPathBuilder pathBuilder = CertPathBuilder.getInstance(algorithmName);
    CertPathBuilderResult builderResult = pathBuilder.build(params);
    CertPath path = builderResult.getCertPath();
    assertNotNull("built path is null", path);
    validateCertPath(path);
}
Also used : CertPathBuilderResult(java.security.cert.CertPathBuilderResult) CertPathBuilder(java.security.cert.CertPathBuilder) CertPath(java.security.cert.CertPath)

Example 29 with CertPathBuilder

use of java.security.cert.CertPathBuilder in project cloudstack by apache.

the class CertServiceImpl method validateChain.

private void validateChain(final List<Certificate> chain, final Certificate cert) {
    final List<Certificate> certs = new ArrayList<Certificate>();
    final Set<TrustAnchor> anchors = new HashSet<TrustAnchor>();
    // adding for self signed certs
    certs.add(cert);
    certs.addAll(chain);
    for (final Certificate c : certs) {
        if (!(c instanceof X509Certificate)) {
            throw new IllegalArgumentException("Invalid chain format. Expected X509 certificate");
        }
        final X509Certificate xCert = (X509Certificate) c;
        anchors.add(new TrustAnchor(xCert, null));
    }
    final X509CertSelector target = new X509CertSelector();
    target.setCertificate((X509Certificate) cert);
    PKIXBuilderParameters params = null;
    try {
        params = new PKIXBuilderParameters(anchors, target);
        params.setRevocationEnabled(false);
        params.addCertStore(CertStore.getInstance("Collection", new CollectionCertStoreParameters(certs)));
        final CertPathBuilder builder = CertPathBuilder.getInstance("PKIX", "BC");
        builder.build(params);
    } catch (final InvalidAlgorithmParameterException | CertPathBuilderException | NoSuchAlgorithmException e) {
        throw new IllegalStateException("Invalid certificate chain", e);
    } catch (final NoSuchProviderException e) {
        throw new CloudRuntimeException("No provider for certificate validation", e);
    }
}
Also used : InvalidAlgorithmParameterException(java.security.InvalidAlgorithmParameterException) PKIXBuilderParameters(java.security.cert.PKIXBuilderParameters) ArrayList(java.util.ArrayList) TrustAnchor(java.security.cert.TrustAnchor) X509CertSelector(java.security.cert.X509CertSelector) NoSuchAlgorithmException(java.security.NoSuchAlgorithmException) X509Certificate(java.security.cert.X509Certificate) CollectionCertStoreParameters(java.security.cert.CollectionCertStoreParameters) CertPathBuilderException(java.security.cert.CertPathBuilderException) CloudRuntimeException(com.cloud.utils.exception.CloudRuntimeException) CertPathBuilder(java.security.cert.CertPathBuilder) NoSuchProviderException(java.security.NoSuchProviderException) X509Certificate(java.security.cert.X509Certificate) Certificate(java.security.cert.Certificate) HashSet(java.util.HashSet)

Example 30 with CertPathBuilder

use of java.security.cert.CertPathBuilder in project jdk8u_jdk by JetBrains.

the class NoExtensions method doBuild.

private void doBuild(X509Certificate userCert) throws Exception {
    // get the set of trusted CA certificates (only one in this instance)
    HashSet trustAnchors = new HashSet();
    X509Certificate trustedCert = getTrustedCertificate();
    trustAnchors.add(new TrustAnchor(trustedCert, null));
    // put together a CertStore (repository of the certificates and CRLs)
    ArrayList certs = new ArrayList();
    certs.add(trustedCert);
    certs.add(userCert);
    CollectionCertStoreParameters certStoreParams = new CollectionCertStoreParameters(certs);
    CertStore certStore = CertStore.getInstance("Collection", certStoreParams);
    // specify the target certificate via a CertSelector
    X509CertSelector certSelector = new X509CertSelector();
    certSelector.setCertificate(userCert);
    // seems to be required
    certSelector.setSubject(userCert.getSubjectDN().getName());
    // build a valid cerificate path
    CertPathBuilder certPathBuilder = CertPathBuilder.getInstance("PKIX", "SUN");
    PKIXBuilderParameters certPathBuilderParams = new PKIXBuilderParameters(trustAnchors, certSelector);
    certPathBuilderParams.addCertStore(certStore);
    certPathBuilderParams.setRevocationEnabled(false);
    CertPathBuilderResult result = certPathBuilder.build(certPathBuilderParams);
    // get and show cert path
    CertPath certPath = result.getCertPath();
//        System.out.println(certPath.toString());
}
Also used : CollectionCertStoreParameters(java.security.cert.CollectionCertStoreParameters) PKIXBuilderParameters(java.security.cert.PKIXBuilderParameters) CertPathBuilderResult(java.security.cert.CertPathBuilderResult) ArrayList(java.util.ArrayList) TrustAnchor(java.security.cert.TrustAnchor) X509CertSelector(java.security.cert.X509CertSelector) CertPathBuilder(java.security.cert.CertPathBuilder) CertPath(java.security.cert.CertPath) CertStore(java.security.cert.CertStore) X509Certificate(java.security.cert.X509Certificate) HashSet(java.util.HashSet)

Aggregations

CertPathBuilder (java.security.cert.CertPathBuilder)36 PKIXBuilderParameters (java.security.cert.PKIXBuilderParameters)20 X509CertSelector (java.security.cert.X509CertSelector)20 X509Certificate (java.security.cert.X509Certificate)19 CollectionCertStoreParameters (java.security.cert.CollectionCertStoreParameters)15 HashSet (java.util.HashSet)14 NoSuchAlgorithmException (java.security.NoSuchAlgorithmException)10 CertPathBuilderException (java.security.cert.CertPathBuilderException)10 CertPathBuilderResult (java.security.cert.CertPathBuilderResult)10 TrustAnchor (java.security.cert.TrustAnchor)10 ArrayList (java.util.ArrayList)9 CertPath (java.security.cert.CertPath)8 InvalidAlgorithmParameterException (java.security.InvalidAlgorithmParameterException)7 NoSuchProviderException (java.security.NoSuchProviderException)7 CertPathValidator (java.security.cert.CertPathValidator)7 CertStore (java.security.cert.CertStore)7 GeneralSecurityException (java.security.GeneralSecurityException)6 Certificate (java.security.cert.Certificate)6 PKIXCertPathBuilderResult (java.security.cert.PKIXCertPathBuilderResult)6 IOException (java.io.IOException)5