Example 11 with PKIXBuilderParameters
use of java.security.cert.PKIXBuilderParameters in project robovm by robovm.
the class PKIXBuilderParametersTest method testPKIXBuilderParametersKeyStoreCertSelector04.
/**
* Test #4 for <code>PKIXBuilderParameters(KeyStore, CertSelector)</code>
* constructor<br>
* Assertion: <code>NullPointerException</code> -
* if the <code>keystore</code> is <code>null</code>
*/
public final void testPKIXBuilderParametersKeyStoreCertSelector04() throws Exception {
KeyStore keyTest = KeyStore.getInstance(KeyStore.getDefaultType());
keyTest.load(null, null);
ByteArrayInputStream certArray = new ByteArrayInputStream(certificate.getBytes());
ByteArrayInputStream certArray2 = new ByteArrayInputStream(certificate2.getBytes());
CertificateFactory cf = CertificateFactory.getInstance("X.509");
X509Certificate[] cert = new X509Certificate[2];
cert[0] = (X509Certificate) cf.generateCertificate(certArray);
cert[1] = (X509Certificate) cf.generateCertificate(certArray2);
keyTest.setCertificateEntry("alias1", cert[0]);
keyTest.setCertificateEntry("alias2", cert[0]);
keyTest.setCertificateEntry("alias3", cert[1]);
try {
PKIXBuilderParameters p = new PKIXBuilderParameters(keyTest, new X509CertSelector());
assertEquals(3, p.getTrustAnchors().size());
assertEquals(5, p.getMaxPathLength());
} catch (Exception e) {
fail("Unexpected exception " + e.getMessage());
}
}
Also used :
ByteArrayInputStream(java.io.ByteArrayInputStream)
PKIXBuilderParameters(java.security.cert.PKIXBuilderParameters)
X509CertSelector(java.security.cert.X509CertSelector)
KeyStore(java.security.KeyStore)
CertificateFactory(java.security.cert.CertificateFactory)
X509Certificate(java.security.cert.X509Certificate)
KeyStoreException(java.security.KeyStoreException)
InvalidAlgorithmParameterException(java.security.InvalidAlgorithmParameterException)
InvalidParameterException(java.security.InvalidParameterException)
Example 12 with PKIXBuilderParameters
use of java.security.cert.PKIXBuilderParameters in project robovm by robovm.
the class PKIXBuilderParametersTest method testPKIXBuilderParametersSetCertSelector02.
/**
* Test #2 for <code>PKIXBuilderParameters(Set, CertSelector)</code>
* constructor<br>
* Assertion: creates an instance of <code>PKIXBuilderParameters</code>
* @throws InvalidAlgorithmParameterException
*/
public final void testPKIXBuilderParametersSetCertSelector02() throws InvalidAlgorithmParameterException {
Set<TrustAnchor> taSet = TestUtils.getTrustAnchorSet();
if (taSet == null) {
fail(getName() + ": not performed (could not create test TrustAnchor set)");
}
// both parameters are valid but CertSelector is null
PKIXParameters p = new PKIXBuilderParameters(taSet, null);
assertTrue("instanceOf", p instanceof PKIXBuilderParameters);
assertNull("certSelector", p.getTargetCertConstraints());
}
Also used :
PKIXParameters(java.security.cert.PKIXParameters)
PKIXBuilderParameters(java.security.cert.PKIXBuilderParameters)
TrustAnchor(java.security.cert.TrustAnchor)
Example 13 with PKIXBuilderParameters
use of java.security.cert.PKIXBuilderParameters in project robovm by robovm.
the class PKIXBuilderParametersTest method testGetMaxPathLength.
/**
* Test for <code>getMaxPathLength()</code>
*/
public final void testGetMaxPathLength() throws Exception {
KeyStore keyTest = KeyStore.getInstance(KeyStore.getDefaultType());
keyTest.load(null, null);
ByteArrayInputStream certArray = new ByteArrayInputStream(certificate.getBytes());
ByteArrayInputStream certArray2 = new ByteArrayInputStream(certificate2.getBytes());
CertificateFactory cf = CertificateFactory.getInstance("X.509");
X509Certificate[] cert = new X509Certificate[2];
cert[0] = (X509Certificate) cf.generateCertificate(certArray);
cert[1] = (X509Certificate) cf.generateCertificate(certArray2);
keyTest.setCertificateEntry("alias1", cert[0]);
keyTest.setCertificateEntry("alias2", cert[0]);
keyTest.setCertificateEntry("alias3", cert[1]);
PKIXBuilderParameters p = new PKIXBuilderParameters(keyTest, new X509CertSelector());
assertEquals(5, p.getMaxPathLength());
p.setMaxPathLength(10);
assertEquals(10, p.getMaxPathLength());
}
Also used :
ByteArrayInputStream(java.io.ByteArrayInputStream)
PKIXBuilderParameters(java.security.cert.PKIXBuilderParameters)
X509CertSelector(java.security.cert.X509CertSelector)
KeyStore(java.security.KeyStore)
CertificateFactory(java.security.cert.CertificateFactory)
X509Certificate(java.security.cert.X509Certificate)
Example 14 with PKIXBuilderParameters
use of java.security.cert.PKIXBuilderParameters in project robovm by robovm.
the class TrustManagerFactoryTest method test_TrustManagerFactory.
private void test_TrustManagerFactory(TrustManagerFactory tmf) throws Exception {
assertNotNull(tmf);
assertNotNull(tmf.getAlgorithm());
assertNotNull(tmf.getProvider());
// before init
try {
tmf.getTrustManagers();
fail();
} catch (IllegalStateException expected) {
}
// init with null ManagerFactoryParameters
try {
tmf.init((ManagerFactoryParameters) null);
fail();
} catch (InvalidAlgorithmParameterException expected) {
}
// init with useless ManagerFactoryParameters
try {
tmf.init(new UselessManagerFactoryParameters());
fail();
} catch (InvalidAlgorithmParameterException expected) {
}
// init with PKIXParameters ManagerFactoryParameters
try {
PKIXParameters pp = new PKIXParameters(getTestKeyStore().keyStore);
CertPathTrustManagerParameters cptmp = new CertPathTrustManagerParameters(pp);
tmf.init(cptmp);
fail();
} catch (InvalidAlgorithmParameterException expected) {
}
// init with PKIXBuilderParameters ManagerFactoryParameters
X509CertSelector xcs = new X509CertSelector();
PKIXBuilderParameters pbp = new PKIXBuilderParameters(getTestKeyStore().keyStore, xcs);
CertPathTrustManagerParameters cptmp = new CertPathTrustManagerParameters(pbp);
if (supportsManagerFactoryParameters(tmf.getAlgorithm())) {
tmf.init(cptmp);
test_TrustManagerFactory_getTrustManagers(tmf);
} else {
try {
tmf.init(cptmp);
fail();
} catch (InvalidAlgorithmParameterException expected) {
}
}
// init with null for default KeyStore
tmf.init((KeyStore) null);
test_TrustManagerFactory_getTrustManagers(tmf);
// init with specific key store
tmf.init(getTestKeyStore().keyStore);
test_TrustManagerFactory_getTrustManagers(tmf);
}
Also used :
InvalidAlgorithmParameterException(java.security.InvalidAlgorithmParameterException)
PKIXParameters(java.security.cert.PKIXParameters)
PKIXBuilderParameters(java.security.cert.PKIXBuilderParameters)
CertPathTrustManagerParameters(javax.net.ssl.CertPathTrustManagerParameters)
X509CertSelector(java.security.cert.X509CertSelector)
Example 15 with PKIXBuilderParameters
use of java.security.cert.PKIXBuilderParameters in project jdk8u_jdk by JetBrains.
the class BuildEEBasicConstraints method main.
public static void main(String[] args) throws Exception {
// reset the security property to make sure that the algorithms
// and keys used in this test are not disabled.
Security.setProperty("jdk.certpath.disabledAlgorithms", "MD2");
X509Certificate rootCert = CertUtils.getCertFromFile("anchor.cer");
TrustAnchor anchor = new TrustAnchor(rootCert.getSubjectX500Principal(), rootCert.getPublicKey(), null);
X509CertSelector sel = new X509CertSelector();
sel.setBasicConstraints(-2);
PKIXBuilderParameters params = new PKIXBuilderParameters(Collections.singleton(anchor), sel);
params.setRevocationEnabled(false);
X509Certificate eeCert = CertUtils.getCertFromFile("ee.cer");
X509Certificate caCert = CertUtils.getCertFromFile("ca.cer");
ArrayList<X509Certificate> certs = new ArrayList<X509Certificate>();
certs.add(caCert);
certs.add(eeCert);
CollectionCertStoreParameters ccsp = new CollectionCertStoreParameters(certs);
CertStore cs = CertStore.getInstance("Collection", ccsp);
params.addCertStore(cs);
PKIXCertPathBuilderResult res = CertUtils.build(params);
CertPath cp = res.getCertPath();
// check that first certificate is an EE cert
List<? extends Certificate> certList = cp.getCertificates();
X509Certificate cert = (X509Certificate) certList.get(0);
if (cert.getBasicConstraints() != -1) {
throw new Exception("Target certificate is not an EE certificate");
}
}
Also used :
CollectionCertStoreParameters(java.security.cert.CollectionCertStoreParameters)
PKIXBuilderParameters(java.security.cert.PKIXBuilderParameters)
PKIXCertPathBuilderResult(java.security.cert.PKIXCertPathBuilderResult)
ArrayList(java.util.ArrayList)
TrustAnchor(java.security.cert.TrustAnchor)
X509CertSelector(java.security.cert.X509CertSelector)
CertPath(java.security.cert.CertPath)
CertStore(java.security.cert.CertStore)
X509Certificate(java.security.cert.X509Certificate)
Aggregations
PKIXBuilderParameters (java.security.cert.PKIXBuilderParameters)34
X509CertSelector (java.security.cert.X509CertSelector)24
X509Certificate (java.security.cert.X509Certificate)18
CollectionCertStoreParameters (java.security.cert.CollectionCertStoreParameters)13
TrustAnchor (java.security.cert.TrustAnchor)13
ArrayList (java.util.ArrayList)10
InvalidAlgorithmParameterException (java.security.InvalidAlgorithmParameterException)9
KeyStore (java.security.KeyStore)9
CertPathBuilder (java.security.cert.CertPathBuilder)9
HashSet (java.util.HashSet)9
CertStore (java.security.cert.CertStore)8
CertPathBuilderException (java.security.cert.CertPathBuilderException)7
CertPathBuilderResult (java.security.cert.CertPathBuilderResult)7
PKIXCertPathBuilderResult (java.security.cert.PKIXCertPathBuilderResult)7
ByteArrayInputStream (java.io.ByteArrayInputStream)6
CertificateFactory (java.security.cert.CertificateFactory)6
IOException (java.io.IOException)5
KeyStoreException (java.security.KeyStoreException)5
Certificate (java.security.cert.Certificate)5
CertificateException (java.security.cert.CertificateException)5
