Search in sources :

Example 6 with PKIXCertPathValidatorResult

use of java.security.cert.PKIXCertPathValidatorResult in project robovm by robovm.

the class PKIXCertPathValidatorResultTest method testGetPolicyTree01.

/**
     * Test for <code>getPolicyTree()</code> method<br>
     * Assertion: returns the root node of the valid
     * policy tree or <code>null</code> if there are
     * no valid policies
     * @throws NoSuchAlgorithmException
     * @throws InvalidKeySpecException
     */
public final void testGetPolicyTree01() throws Exception {
    TrustAnchor ta = TestUtils.getTrustAnchor();
    if (ta == null) {
        fail(getName() + ": not performed (could not create test TrustAnchor)");
    }
    // valid policy tree case;
    PolicyNode pn = TestUtils.getPolicyTree();
    PKIXCertPathValidatorResult vr = new PKIXCertPathValidatorResult(ta, pn, testPublicKey);
    // must return the same reference passed
    // as a parameter to the constructor
    assertSame(pn, vr.getPolicyTree());
}
Also used : PKIXCertPathValidatorResult(java.security.cert.PKIXCertPathValidatorResult) TrustAnchor(java.security.cert.TrustAnchor) PolicyNode(java.security.cert.PolicyNode)

Example 7 with PKIXCertPathValidatorResult

use of java.security.cert.PKIXCertPathValidatorResult in project robovm by robovm.

the class PKIXCertPathValidatorResultTest method testToString01.

/**
     * Test #1 for <code>toString()</code> method<br>
     * Assertion: Returns a formatted string describing this object
     * @throws NoSuchAlgorithmException
     * @throws InvalidKeySpecException
     */
public final void testToString01() throws Exception {
    TrustAnchor ta = TestUtils.getTrustAnchor();
    if (ta == null) {
        fail(getName() + ": not performed (could not create test TrustAnchor)");
    }
    PKIXCertPathValidatorResult vr = new PKIXCertPathValidatorResult(ta, TestUtils.getPolicyTree(), testPublicKey);
    assertNotNull(vr.toString());
}
Also used : PKIXCertPathValidatorResult(java.security.cert.PKIXCertPathValidatorResult) TrustAnchor(java.security.cert.TrustAnchor)

Example 8 with PKIXCertPathValidatorResult

use of java.security.cert.PKIXCertPathValidatorResult in project robovm by robovm.

the class PKIXCertPathValidatorResultTest method testGetPolicyTree02.

/**
     * Test for <code>getPolicyTree()</code> method<br>
     * Assertion: returns the root node of the valid
     * policy tree or <code>null</code> if there are
     * no valid policies
     * @throws NoSuchAlgorithmException
     * @throws InvalidKeySpecException
     */
public final void testGetPolicyTree02() throws Exception {
    TrustAnchor ta = TestUtils.getTrustAnchor();
    if (ta == null) {
        fail(getName() + ": not performed (could not create test TrustAnchor)");
    }
    // no valid policy tree case (null)
    PKIXCertPathValidatorResult vr = new PKIXCertPathValidatorResult(ta, null, testPublicKey);
    // must return the same reference passed
    // as a parameter to the constructor
    assertNull(vr.getPolicyTree());
}
Also used : PKIXCertPathValidatorResult(java.security.cert.PKIXCertPathValidatorResult) TrustAnchor(java.security.cert.TrustAnchor)

Example 9 with PKIXCertPathValidatorResult

use of java.security.cert.PKIXCertPathValidatorResult in project robovm by robovm.

the class PKIXCertPathValidatorResultTest method testPKIXCertPathValidatorResult03.

/**
     * Test #3 for <code>PKIXCertPathValidatorResult(TrustAnchor,
     * PolicyNode, PublicKey)</code> constructor<br>
     * Assertion: <code>NullPointerException</code> if
     * <code>PublicKey</code> parameter is <code>null</code>
     */
public final void testPKIXCertPathValidatorResult03() {
    TrustAnchor ta = TestUtils.getTrustAnchor();
    if (ta == null) {
        fail(getName() + ": not performed (could not create test TrustAnchor)");
    }
    try {
        // pass null
        new PKIXCertPathValidatorResult(ta, TestUtils.getPolicyTree(), null);
        fail("NPE expected");
    } catch (NullPointerException e) {
    }
}
Also used : PKIXCertPathValidatorResult(java.security.cert.PKIXCertPathValidatorResult) TrustAnchor(java.security.cert.TrustAnchor)

Example 10 with PKIXCertPathValidatorResult

use of java.security.cert.PKIXCertPathValidatorResult in project XobotOS by xamarin.

the class PKIXCertPathBuilderSpi method build.

protected CertPathBuilderResult build(X509Certificate tbvCert, ExtendedPKIXBuilderParameters pkixParams, List tbvPath) {
    // PKI graph.
    if (tbvPath.contains(tbvCert)) {
        return null;
    }
    // chain.
    if (pkixParams.getExcludedCerts().contains(tbvCert)) {
        return null;
    }
    // test if certificate path exceeds maximum length
    if (pkixParams.getMaxPathLength() != -1) {
        if (tbvPath.size() - 1 > pkixParams.getMaxPathLength()) {
            return null;
        }
    }
    tbvPath.add(tbvCert);
    CertificateFactory cFact;
    CertPathValidator validator;
    CertPathBuilderResult builderResult = null;
    try {
        cFact = CertificateFactory.getInstance("X.509", BouncyCastleProvider.PROVIDER_NAME);
        validator = CertPathValidator.getInstance("PKIX", BouncyCastleProvider.PROVIDER_NAME);
    } catch (Exception e) {
        // cannot happen
        throw new RuntimeException("Exception creating support classes.");
    }
    try {
        // check whether the issuer of <tbvCert> is a TrustAnchor
        if (CertPathValidatorUtilities.findTrustAnchor(tbvCert, pkixParams.getTrustAnchors(), pkixParams.getSigProvider()) != null) {
            // exception message from possibly later tried certification
            // chains
            CertPath certPath = null;
            PKIXCertPathValidatorResult result = null;
            try {
                certPath = cFact.generateCertPath(tbvPath);
            } catch (Exception e) {
                throw new AnnotatedException("Certification path could not be constructed from certificate list.", e);
            }
            try {
                result = (PKIXCertPathValidatorResult) validator.validate(certPath, pkixParams);
            } catch (Exception e) {
                throw new AnnotatedException("Certification path could not be validated.", e);
            }
            return new PKIXCertPathBuilderResult(certPath, result.getTrustAnchor(), result.getPolicyTree(), result.getPublicKey());
        } else {
            // add additional X.509 stores from locations in certificate
            try {
                CertPathValidatorUtilities.addAdditionalStoresFromAltNames(tbvCert, pkixParams);
            } catch (CertificateParsingException e) {
                throw new AnnotatedException("No additiontal X.509 stores can be added from certificate locations.", e);
            }
            Collection issuers = new HashSet();
            // of the stores
            try {
                issuers.addAll(CertPathValidatorUtilities.findIssuerCerts(tbvCert, pkixParams));
            } catch (AnnotatedException e) {
                throw new AnnotatedException("Cannot find issuer certificate for certificate in certification path.", e);
            }
            if (issuers.isEmpty()) {
                throw new AnnotatedException("No issuer certificate for certificate in certification path found.");
            }
            Iterator it = issuers.iterator();
            while (it.hasNext() && builderResult == null) {
                X509Certificate issuer = (X509Certificate) it.next();
                builderResult = build(issuer, pkixParams, tbvPath);
            }
        }
    } catch (AnnotatedException e) {
        certPathException = e;
    }
    if (builderResult == null) {
        tbvPath.remove(tbvCert);
    }
    return builderResult;
}
Also used : CertificateParsingException(java.security.cert.CertificateParsingException) CertPathBuilderResult(java.security.cert.CertPathBuilderResult) PKIXCertPathBuilderResult(java.security.cert.PKIXCertPathBuilderResult) CertificateFactory(java.security.cert.CertificateFactory) CertificateParsingException(java.security.cert.CertificateParsingException) ExtCertPathBuilderException(org.bouncycastle.jce.exception.ExtCertPathBuilderException) InvalidAlgorithmParameterException(java.security.InvalidAlgorithmParameterException) CertPathBuilderException(java.security.cert.CertPathBuilderException) X509Certificate(java.security.cert.X509Certificate) CertPathValidator(java.security.cert.CertPathValidator) PKIXCertPathValidatorResult(java.security.cert.PKIXCertPathValidatorResult) PKIXCertPathBuilderResult(java.security.cert.PKIXCertPathBuilderResult) Iterator(java.util.Iterator) Collection(java.util.Collection) CertPath(java.security.cert.CertPath) HashSet(java.util.HashSet)

Aggregations

PKIXCertPathValidatorResult (java.security.cert.PKIXCertPathValidatorResult)20 TrustAnchor (java.security.cert.TrustAnchor)13 CertPath (java.security.cert.CertPath)7 CertPathValidator (java.security.cert.CertPathValidator)7 X509Certificate (java.security.cert.X509Certificate)7 InvalidAlgorithmParameterException (java.security.InvalidAlgorithmParameterException)6 CertPathValidatorException (java.security.cert.CertPathValidatorException)5 CertificateFactory (java.security.cert.CertificateFactory)5 PKIXParameters (java.security.cert.PKIXParameters)5 HashSet (java.util.HashSet)5 PublicKey (java.security.PublicKey)4 ArrayList (java.util.ArrayList)4 Iterator (java.util.Iterator)4 CertPathBuilderException (java.security.cert.CertPathBuilderException)3 CertPathBuilderResult (java.security.cert.CertPathBuilderResult)3 PKIXCertPathBuilderResult (java.security.cert.PKIXCertPathBuilderResult)3 BigInteger (java.math.BigInteger)2 CertPathBuilder (java.security.cert.CertPathBuilder)2 CertPathValidatorResult (java.security.cert.CertPathValidatorResult)2 CertificateException (java.security.cert.CertificateException)2