use of java.security.cert.PKIXCertPathValidatorResult in project robovm by robovm.
the class PKIXCertPathValidatorResultTest method testGetPolicyTree01.
/**
* Test for <code>getPolicyTree()</code> method<br>
* Assertion: returns the root node of the valid
* policy tree or <code>null</code> if there are
* no valid policies
* @throws NoSuchAlgorithmException
* @throws InvalidKeySpecException
*/
public final void testGetPolicyTree01() throws Exception {
TrustAnchor ta = TestUtils.getTrustAnchor();
if (ta == null) {
fail(getName() + ": not performed (could not create test TrustAnchor)");
}
// valid policy tree case;
PolicyNode pn = TestUtils.getPolicyTree();
PKIXCertPathValidatorResult vr = new PKIXCertPathValidatorResult(ta, pn, testPublicKey);
// must return the same reference passed
// as a parameter to the constructor
assertSame(pn, vr.getPolicyTree());
}
use of java.security.cert.PKIXCertPathValidatorResult in project robovm by robovm.
the class PKIXCertPathValidatorResultTest method testToString01.
/**
* Test #1 for <code>toString()</code> method<br>
* Assertion: Returns a formatted string describing this object
* @throws NoSuchAlgorithmException
* @throws InvalidKeySpecException
*/
public final void testToString01() throws Exception {
TrustAnchor ta = TestUtils.getTrustAnchor();
if (ta == null) {
fail(getName() + ": not performed (could not create test TrustAnchor)");
}
PKIXCertPathValidatorResult vr = new PKIXCertPathValidatorResult(ta, TestUtils.getPolicyTree(), testPublicKey);
assertNotNull(vr.toString());
}
use of java.security.cert.PKIXCertPathValidatorResult in project robovm by robovm.
the class PKIXCertPathValidatorResultTest method testGetPolicyTree02.
/**
* Test for <code>getPolicyTree()</code> method<br>
* Assertion: returns the root node of the valid
* policy tree or <code>null</code> if there are
* no valid policies
* @throws NoSuchAlgorithmException
* @throws InvalidKeySpecException
*/
public final void testGetPolicyTree02() throws Exception {
TrustAnchor ta = TestUtils.getTrustAnchor();
if (ta == null) {
fail(getName() + ": not performed (could not create test TrustAnchor)");
}
// no valid policy tree case (null)
PKIXCertPathValidatorResult vr = new PKIXCertPathValidatorResult(ta, null, testPublicKey);
// must return the same reference passed
// as a parameter to the constructor
assertNull(vr.getPolicyTree());
}
use of java.security.cert.PKIXCertPathValidatorResult in project robovm by robovm.
the class PKIXCertPathValidatorResultTest method testPKIXCertPathValidatorResult03.
/**
* Test #3 for <code>PKIXCertPathValidatorResult(TrustAnchor,
* PolicyNode, PublicKey)</code> constructor<br>
* Assertion: <code>NullPointerException</code> if
* <code>PublicKey</code> parameter is <code>null</code>
*/
public final void testPKIXCertPathValidatorResult03() {
TrustAnchor ta = TestUtils.getTrustAnchor();
if (ta == null) {
fail(getName() + ": not performed (could not create test TrustAnchor)");
}
try {
// pass null
new PKIXCertPathValidatorResult(ta, TestUtils.getPolicyTree(), null);
fail("NPE expected");
} catch (NullPointerException e) {
}
}
use of java.security.cert.PKIXCertPathValidatorResult in project XobotOS by xamarin.
the class PKIXCertPathBuilderSpi method build.
protected CertPathBuilderResult build(X509Certificate tbvCert, ExtendedPKIXBuilderParameters pkixParams, List tbvPath) {
// PKI graph.
if (tbvPath.contains(tbvCert)) {
return null;
}
// chain.
if (pkixParams.getExcludedCerts().contains(tbvCert)) {
return null;
}
// test if certificate path exceeds maximum length
if (pkixParams.getMaxPathLength() != -1) {
if (tbvPath.size() - 1 > pkixParams.getMaxPathLength()) {
return null;
}
}
tbvPath.add(tbvCert);
CertificateFactory cFact;
CertPathValidator validator;
CertPathBuilderResult builderResult = null;
try {
cFact = CertificateFactory.getInstance("X.509", BouncyCastleProvider.PROVIDER_NAME);
validator = CertPathValidator.getInstance("PKIX", BouncyCastleProvider.PROVIDER_NAME);
} catch (Exception e) {
// cannot happen
throw new RuntimeException("Exception creating support classes.");
}
try {
// check whether the issuer of <tbvCert> is a TrustAnchor
if (CertPathValidatorUtilities.findTrustAnchor(tbvCert, pkixParams.getTrustAnchors(), pkixParams.getSigProvider()) != null) {
// exception message from possibly later tried certification
// chains
CertPath certPath = null;
PKIXCertPathValidatorResult result = null;
try {
certPath = cFact.generateCertPath(tbvPath);
} catch (Exception e) {
throw new AnnotatedException("Certification path could not be constructed from certificate list.", e);
}
try {
result = (PKIXCertPathValidatorResult) validator.validate(certPath, pkixParams);
} catch (Exception e) {
throw new AnnotatedException("Certification path could not be validated.", e);
}
return new PKIXCertPathBuilderResult(certPath, result.getTrustAnchor(), result.getPolicyTree(), result.getPublicKey());
} else {
// add additional X.509 stores from locations in certificate
try {
CertPathValidatorUtilities.addAdditionalStoresFromAltNames(tbvCert, pkixParams);
} catch (CertificateParsingException e) {
throw new AnnotatedException("No additiontal X.509 stores can be added from certificate locations.", e);
}
Collection issuers = new HashSet();
// of the stores
try {
issuers.addAll(CertPathValidatorUtilities.findIssuerCerts(tbvCert, pkixParams));
} catch (AnnotatedException e) {
throw new AnnotatedException("Cannot find issuer certificate for certificate in certification path.", e);
}
if (issuers.isEmpty()) {
throw new AnnotatedException("No issuer certificate for certificate in certification path found.");
}
Iterator it = issuers.iterator();
while (it.hasNext() && builderResult == null) {
X509Certificate issuer = (X509Certificate) it.next();
builderResult = build(issuer, pkixParams, tbvPath);
}
}
} catch (AnnotatedException e) {
certPathException = e;
}
if (builderResult == null) {
tbvPath.remove(tbvCert);
}
return builderResult;
}
Aggregations