Search in sources :

Example 6 with CertPathValidator

use of java.security.cert.CertPathValidator in project robovm by robovm.

the class invalidParams method testCertPathValidator11.

/**
     * Test for <code>validate(CertPath certpath, CertPathParameters params)</code> method
     * Assertion: throws InvalidAlgorithmParameterException params is not
     * instance of PKIXParameters or null
     */
public void testCertPathValidator11() throws NoSuchAlgorithmException, NoSuchProviderException, CertPathValidatorException {
    if (!PKIXSupport) {
        fail(NotSupportMsg);
        return;
    }
    CertPathValidator[] certPV = createCPVs();
    assertNotNull("CertPathValidator objects were not created", certPV);
    MyCertPath mCP = new MyCertPath(new byte[0]);
    invalidParams mPar = new invalidParams();
    for (int i = 0; i < certPV.length; i++) {
        try {
            certPV[i].validate(mCP, mPar);
            fail("InvalidAlgorithmParameterException must be thrown");
        } catch (InvalidAlgorithmParameterException e) {
        }
        try {
            certPV[i].validate(mCP, null);
            fail("InvalidAlgorithmParameterException must be thrown");
        } catch (InvalidAlgorithmParameterException e) {
        }
    }
}
Also used : MyCertPath(org.apache.harmony.security.tests.support.cert.MyCertPath) CertPathValidator(java.security.cert.CertPathValidator) InvalidAlgorithmParameterException(java.security.InvalidAlgorithmParameterException)

Example 7 with CertPathValidator

use of java.security.cert.CertPathValidator in project robovm by robovm.

the class CertPathValidator2Test method testGetInstance03.

/**
     * Test for <code>getInstance(String algorithm, Provider provider)</code>
     * method Assertions: throws NullPointerException when algorithm is null
     * throws NoSuchAlgorithmException when algorithm is not available throws
     * IllegalArgumentException when provider is null; returns CertPathValidator
     * object
     */
public void testGetInstance03() throws NoSuchAlgorithmException, IllegalArgumentException, InvalidAlgorithmParameterException, CertPathValidatorException {
    try {
        CertPathValidator.getInstance(null, mProv);
        fail("NullPointerException or NoSuchAlgorithmException must be thrown when algorithm is null");
    } catch (NullPointerException e) {
    } catch (NoSuchAlgorithmException e) {
    }
    for (int i = 0; i < invalidValues.length; i++) {
        try {
            CertPathValidator.getInstance(invalidValues[i], mProv);
            fail("NoSuchAlgorithmException must be thrown (type: ".concat(invalidValues[i]).concat(")"));
        } catch (NoSuchAlgorithmException e) {
        }
    }
    Provider prov = null;
    for (int i = 0; i < validValues.length; i++) {
        try {
            CertPathValidator.getInstance(validValues[i], prov);
            fail("IllegalArgumentException must be thrown when provider is null (type: ".concat(validValues[i]).concat(")"));
        } catch (IllegalArgumentException e) {
        }
    }
    CertPathValidator cerPV;
    for (int i = 0; i < validValues.length; i++) {
        cerPV = CertPathValidator.getInstance(validValues[i], mProv);
        assertEquals("Incorrect type", cerPV.getAlgorithm(), validValues[i]);
        assertEquals("Incorrect provider", cerPV.getProvider(), mProv);
        checkResult(cerPV);
    }
}
Also used : CertPathValidator(java.security.cert.CertPathValidator) NoSuchAlgorithmException(java.security.NoSuchAlgorithmException) Provider(java.security.Provider)

Example 8 with CertPathValidator

use of java.security.cert.CertPathValidator in project robovm by robovm.

the class CertPathValidator2Test method testGetInstance02.

/**
     * Test for <code>getInstance(String algorithm, String provider)</code>
     * method Assertions: throws NullPointerException when algorithm is null
     * throws NoSuchAlgorithmException when algorithm is not available throws
     * IllegalArgumentException when provider is null or empty; throws
     * NoSuchProviderException when provider is available; returns
     * CertPathValidator object
     */
public void testGetInstance02() throws NoSuchAlgorithmException, NoSuchProviderException, IllegalArgumentException, InvalidAlgorithmParameterException, CertPathValidatorException {
    try {
        CertPathValidator.getInstance(null, mProv.getName());
        fail("NullPointerException or NoSuchAlgorithmException must be thrown when algorithm is null");
    } catch (NullPointerException e) {
    } catch (NoSuchAlgorithmException e) {
    }
    for (int i = 0; i < invalidValues.length; i++) {
        try {
            CertPathValidator.getInstance(invalidValues[i], mProv.getName());
            fail("NoSuchAlgorithmException must be thrown (type: ".concat(invalidValues[i]).concat(")"));
        } catch (NoSuchAlgorithmException e) {
        }
    }
    String prov = null;
    for (int i = 0; i < validValues.length; i++) {
        try {
            CertPathValidator.getInstance(validValues[i], prov);
            fail("IllegalArgumentException must be thrown when provider is null (type: ".concat(validValues[i]).concat(")"));
        } catch (IllegalArgumentException e) {
        }
        try {
            CertPathValidator.getInstance(validValues[i], "");
            fail("IllegalArgumentException must be thrown when provider is empty (type: ".concat(validValues[i]).concat(")"));
        } catch (IllegalArgumentException e) {
        }
    }
    for (int i = 0; i < validValues.length; i++) {
        for (int j = 1; j < invalidValues.length; j++) {
            try {
                CertPathValidator.getInstance(validValues[i], invalidValues[j]);
                fail("NoSuchProviderException must be thrown (type: ".concat(validValues[i]).concat(" provider: ").concat(invalidValues[j]).concat(")"));
            } catch (NoSuchProviderException e) {
            }
        }
    }
    CertPathValidator cerPV;
    for (int i = 0; i < validValues.length; i++) {
        cerPV = CertPathValidator.getInstance(validValues[i], mProv.getName());
        assertEquals("Incorrect type", cerPV.getAlgorithm(), validValues[i]);
        assertEquals("Incorrect provider", cerPV.getProvider().getName(), mProv.getName());
        checkResult(cerPV);
    }
}
Also used : CertPathValidator(java.security.cert.CertPathValidator) NoSuchAlgorithmException(java.security.NoSuchAlgorithmException) NoSuchProviderException(java.security.NoSuchProviderException)

Example 9 with CertPathValidator

use of java.security.cert.CertPathValidator in project robovm by robovm.

the class invalidParams method testCertPathValidator14.

/**
     * Test for <code>getProvider()</code> method
     */
public void testCertPathValidator14() throws NoSuchAlgorithmException {
    if (!PKIXSupport) {
        fail(NotSupportMsg);
        return;
    }
    CertPathValidator certPV;
    for (int i = 0; i < validValues.length; i++) {
        try {
            certPV = CertPathValidator.getInstance(validValues[i], defaultProviderName);
            assertEquals("Incorrect provider", certPV.getProvider(), defaultProvider);
        } catch (NoSuchProviderException e) {
            fail("Unexpected NoSuchProviderException " + e.getMessage());
        }
        certPV = CertPathValidator.getInstance(validValues[i], defaultProvider);
        assertEquals("Incorrect provider", certPV.getProvider(), defaultProvider);
    }
}
Also used : CertPathValidator(java.security.cert.CertPathValidator) NoSuchProviderException(java.security.NoSuchProviderException)

Example 10 with CertPathValidator

use of java.security.cert.CertPathValidator in project XobotOS by xamarin.

the class PKIXCertPathBuilderSpi method build.

protected CertPathBuilderResult build(X509Certificate tbvCert, ExtendedPKIXBuilderParameters pkixParams, List tbvPath) {
    // PKI graph.
    if (tbvPath.contains(tbvCert)) {
        return null;
    }
    // chain.
    if (pkixParams.getExcludedCerts().contains(tbvCert)) {
        return null;
    }
    // test if certificate path exceeds maximum length
    if (pkixParams.getMaxPathLength() != -1) {
        if (tbvPath.size() - 1 > pkixParams.getMaxPathLength()) {
            return null;
        }
    }
    tbvPath.add(tbvCert);
    CertificateFactory cFact;
    CertPathValidator validator;
    CertPathBuilderResult builderResult = null;
    try {
        cFact = CertificateFactory.getInstance("X.509", BouncyCastleProvider.PROVIDER_NAME);
        validator = CertPathValidator.getInstance("PKIX", BouncyCastleProvider.PROVIDER_NAME);
    } catch (Exception e) {
        // cannot happen
        throw new RuntimeException("Exception creating support classes.");
    }
    try {
        // check whether the issuer of <tbvCert> is a TrustAnchor
        if (CertPathValidatorUtilities.findTrustAnchor(tbvCert, pkixParams.getTrustAnchors(), pkixParams.getSigProvider()) != null) {
            // exception message from possibly later tried certification
            // chains
            CertPath certPath = null;
            PKIXCertPathValidatorResult result = null;
            try {
                certPath = cFact.generateCertPath(tbvPath);
            } catch (Exception e) {
                throw new AnnotatedException("Certification path could not be constructed from certificate list.", e);
            }
            try {
                result = (PKIXCertPathValidatorResult) validator.validate(certPath, pkixParams);
            } catch (Exception e) {
                throw new AnnotatedException("Certification path could not be validated.", e);
            }
            return new PKIXCertPathBuilderResult(certPath, result.getTrustAnchor(), result.getPolicyTree(), result.getPublicKey());
        } else {
            // add additional X.509 stores from locations in certificate
            try {
                CertPathValidatorUtilities.addAdditionalStoresFromAltNames(tbvCert, pkixParams);
            } catch (CertificateParsingException e) {
                throw new AnnotatedException("No additiontal X.509 stores can be added from certificate locations.", e);
            }
            Collection issuers = new HashSet();
            // of the stores
            try {
                issuers.addAll(CertPathValidatorUtilities.findIssuerCerts(tbvCert, pkixParams));
            } catch (AnnotatedException e) {
                throw new AnnotatedException("Cannot find issuer certificate for certificate in certification path.", e);
            }
            if (issuers.isEmpty()) {
                throw new AnnotatedException("No issuer certificate for certificate in certification path found.");
            }
            Iterator it = issuers.iterator();
            while (it.hasNext() && builderResult == null) {
                X509Certificate issuer = (X509Certificate) it.next();
                builderResult = build(issuer, pkixParams, tbvPath);
            }
        }
    } catch (AnnotatedException e) {
        certPathException = e;
    }
    if (builderResult == null) {
        tbvPath.remove(tbvCert);
    }
    return builderResult;
}
Also used : CertificateParsingException(java.security.cert.CertificateParsingException) CertPathBuilderResult(java.security.cert.CertPathBuilderResult) PKIXCertPathBuilderResult(java.security.cert.PKIXCertPathBuilderResult) CertificateFactory(java.security.cert.CertificateFactory) CertificateParsingException(java.security.cert.CertificateParsingException) ExtCertPathBuilderException(org.bouncycastle.jce.exception.ExtCertPathBuilderException) InvalidAlgorithmParameterException(java.security.InvalidAlgorithmParameterException) CertPathBuilderException(java.security.cert.CertPathBuilderException) X509Certificate(java.security.cert.X509Certificate) CertPathValidator(java.security.cert.CertPathValidator) PKIXCertPathValidatorResult(java.security.cert.PKIXCertPathValidatorResult) PKIXCertPathBuilderResult(java.security.cert.PKIXCertPathBuilderResult) Iterator(java.util.Iterator) Collection(java.util.Collection) CertPath(java.security.cert.CertPath) HashSet(java.util.HashSet)

Aggregations

CertPathValidator (java.security.cert.CertPathValidator)25 CertPath (java.security.cert.CertPath)8 PKIXCertPathValidatorResult (java.security.cert.PKIXCertPathValidatorResult)7 X509Certificate (java.security.cert.X509Certificate)7 InvalidAlgorithmParameterException (java.security.InvalidAlgorithmParameterException)6 CertPathValidatorResult (java.security.cert.CertPathValidatorResult)6 CertificateFactory (java.security.cert.CertificateFactory)6 PKIXParameters (java.security.cert.PKIXParameters)6 CertPathValidatorException (java.security.cert.CertPathValidatorException)5 NoSuchAlgorithmException (java.security.NoSuchAlgorithmException)4 NoSuchProviderException (java.security.NoSuchProviderException)4 CertPathBuilderException (java.security.cert.CertPathBuilderException)4 ArrayList (java.util.ArrayList)4 HashSet (java.util.HashSet)4 CertPathBuilder (java.security.cert.CertPathBuilder)3 CertPathBuilderResult (java.security.cert.CertPathBuilderResult)3 CertificateParsingException (java.security.cert.CertificateParsingException)3 PKIXBuilderParameters (java.security.cert.PKIXBuilderParameters)3 PKIXCertPathBuilderResult (java.security.cert.PKIXCertPathBuilderResult)3 X509CertSelector (java.security.cert.X509CertSelector)3