Search in sources :

Example 11 with X509CertSelector

use of java.security.cert.X509CertSelector in project robovm by robovm.

the class X509CertSelectorTest method test_setSubjectPublicKeyAlgIDLjava_lang_String.

/**
     * java.security.cert.X509CertSelector#setSubjectPublicKeyAlgID(java.lang.String)
     */
public void test_setSubjectPublicKeyAlgIDLjava_lang_String() throws Exception {
    X509CertSelector selector = new X509CertSelector();
    // RSA (source:
    String pkaid1 = "1.2.840.113549.1.1.1";
    // http://asn1.elibel.tm.fr)
    // DSA (source:
    String pkaid2 = "1.2.840.10040.4.1";
    // http://asn1.elibel.tm.fr)
    PublicKey pkey1 = new TestKeyPair("RSA").getPublic();
    ;
    PublicKey pkey2 = new TestKeyPair("DSA").getPublic();
    ;
    TestCert cert1 = new TestCert(pkey1);
    TestCert cert2 = new TestCert(pkey2);
    selector.setSubjectPublicKeyAlgID(null);
    assertTrue("Any certificate should match in the case of null " + "subjectPublicKeyAlgID criteria.", selector.match(cert1) && selector.match(cert2));
    String[] validOIDs = { "0.0.20", "1.25.0", "2.0.39", "0.2.10", "1.35.15", "2.17.89", "2.5.29.16", "2.5.29.17", "2.5.29.30", "2.5.29.32", "2.5.29.37" };
    for (int i = 0; i < validOIDs.length; i++) {
        selector.setSubjectPublicKeyAlgID(validOIDs[i]);
        assertEquals(validOIDs[i], selector.getSubjectPublicKeyAlgID());
    }
    String[] invalidOIDs = { "0.20", "1.25", "2.39", "3.10" };
    for (int i = 0; i < invalidOIDs.length; i++) {
        try {
            selector.setSubjectPublicKeyAlgID(invalidOIDs[i]);
            fail("IOException wasn't thrown for " + invalidOIDs[i]);
        } catch (IOException expected) {
        }
    }
    selector.setSubjectPublicKeyAlgID(pkaid1);
    assertTrue("The certificate should match the selection criteria.", selector.match(cert1));
    assertFalse("The certificate should not match the selection criteria.", selector.match(cert2));
    selector.setSubjectPublicKeyAlgID(pkaid2);
    assertTrue("The certificate should match the selection criteria.", selector.match(cert2));
}
Also used : TestKeyPair(org.apache.harmony.security.tests.support.TestKeyPair) PublicKey(java.security.PublicKey) X509CertSelector(java.security.cert.X509CertSelector) ASN1OctetString(org.apache.harmony.security.asn1.ASN1OctetString) IOException(java.io.IOException)

Example 12 with X509CertSelector

use of java.security.cert.X509CertSelector in project robovm by robovm.

the class X509CertSelectorTest method test_getSubjectAsBytes.

/**
     * java.security.cert.X509CertSelector#getSubjectAsBytes()
     */
public void test_getSubjectAsBytes() throws Exception {
    byte[] name1 = new byte[] // manually obtained DER encoding of "O=First Org." issuer name;
    { 48, 21, 49, 19, 48, 17, 6, 3, 85, 4, 10, 19, 10, 70, 105, 114, 115, 116, 32, 79, 114, 103, 46 };
    byte[] name2 = new byte[] // manually obtained DER encoding of "O=Second Org." issuer name;
    { 48, 22, 49, 20, 48, 18, 6, 3, 85, 4, 10, 19, 11, 83, 101, 99, 111, 110, 100, 32, 79, 114, 103, 46 };
    X500Principal sub1 = new X500Principal(name1);
    X500Principal sub2 = new X500Principal(name2);
    X509CertSelector selector = new X509CertSelector();
    assertNull("Selector should return null", selector.getSubjectAsBytes());
    selector.setSubject(sub1);
    assertTrue("The returned issuer should be equal to specified", Arrays.equals(name1, selector.getSubjectAsBytes()));
    assertFalse("The returned issuer should differ", name2.equals(selector.getSubjectAsBytes()));
    selector.setSubject(sub2);
    assertTrue("The returned issuer should be equal to specified", Arrays.equals(name2, selector.getSubjectAsBytes()));
}
Also used : X500Principal(javax.security.auth.x500.X500Principal) X509CertSelector(java.security.cert.X509CertSelector)

Example 13 with X509CertSelector

use of java.security.cert.X509CertSelector in project robovm by robovm.

the class X509CertSelectorTest method test_getMatchAllSubjectAltNames.

/**
     * java.security.cert.X509CertSelector#getMatchAllSubjectAltNames()
     */
public void test_getMatchAllSubjectAltNames() {
    X509CertSelector selector = new X509CertSelector();
    assertTrue("The matchAllNames initially should be true", selector.getMatchAllSubjectAltNames());
    selector.setMatchAllSubjectAltNames(false);
    assertFalse("The value should be false", selector.getMatchAllSubjectAltNames());
}
Also used : X509CertSelector(java.security.cert.X509CertSelector)

Example 14 with X509CertSelector

use of java.security.cert.X509CertSelector in project robovm by robovm.

the class PKIXBuilderParametersTest method testPKIXBuilderParametersSetCertSelector01.

/**
     * Test #1 for <code>PKIXBuilderParameters(Set, CertSelector)</code>
     * constructor<br>
     * Assertion: creates an instance of <code>PKIXBuilderParameters</code>
     * @throws InvalidAlgorithmParameterException
     */
public final void testPKIXBuilderParametersSetCertSelector01() throws InvalidAlgorithmParameterException {
    Set<TrustAnchor> taSet = TestUtils.getTrustAnchorSet();
    if (taSet == null) {
        fail(getName() + ": not performed (could not create test TrustAnchor set)");
    }
    // both parameters are valid and non-null
    PKIXParameters p = new PKIXBuilderParameters(taSet, new X509CertSelector());
    assertTrue("instanceOf", p instanceof PKIXBuilderParameters);
    assertNotNull("certSelector", p.getTargetCertConstraints());
}
Also used : PKIXParameters(java.security.cert.PKIXParameters) PKIXBuilderParameters(java.security.cert.PKIXBuilderParameters) TrustAnchor(java.security.cert.TrustAnchor) X509CertSelector(java.security.cert.X509CertSelector)

Example 15 with X509CertSelector

use of java.security.cert.X509CertSelector in project robovm by robovm.

the class PKIXBuilderParametersTest method testPKIXBuilderParametersKeyStoreCertSelector03.

/**
     * Test #3 for <code>PKIXBuilderParameters(KeyStore, CertSelector)</code>
     * constructor<br>
     * Assertion: <code>InvalidAlgorithmParameterException</code> - if the
     * <code>keystore</code> does not contain at least one trusted certificate
     * entry
     */
public final void testPKIXBuilderParametersKeyStoreCertSelector03() throws Exception {
    KeyStore keyTest = KeyStore.getInstance(KeyStore.getDefaultType());
    keyTest.load(null, null);
    try {
        new PKIXBuilderParameters(keyTest, new X509CertSelector());
        fail("InvalidAlgorithmParameterException expected");
    } catch (InvalidAlgorithmParameterException e) {
    // expected
    }
}
Also used : InvalidAlgorithmParameterException(java.security.InvalidAlgorithmParameterException) PKIXBuilderParameters(java.security.cert.PKIXBuilderParameters) X509CertSelector(java.security.cert.X509CertSelector) KeyStore(java.security.KeyStore)

Aggregations

X509CertSelector (java.security.cert.X509CertSelector)151 PKIXBuilderParameters (java.security.cert.PKIXBuilderParameters)54 X509Certificate (java.security.cert.X509Certificate)41 CollectionCertStoreParameters (java.security.cert.CollectionCertStoreParameters)33 IOException (java.io.IOException)23 CertPathBuilder (java.security.cert.CertPathBuilder)22 HashSet (java.util.HashSet)22 TrustAnchor (java.security.cert.TrustAnchor)20 X500Principal (javax.security.auth.x500.X500Principal)20 KeyStore (java.security.KeyStore)18 ArrayList (java.util.ArrayList)18 CertStore (java.security.cert.CertStore)17 CertPathTrustManagerParameters (javax.net.ssl.CertPathTrustManagerParameters)15 InvalidAlgorithmParameterException (java.security.InvalidAlgorithmParameterException)13 NoSuchAlgorithmException (java.security.NoSuchAlgorithmException)13 CertificateException (java.security.cert.CertificateException)11 CertificateFactory (java.security.cert.CertificateFactory)11 TrustManagerFactory (javax.net.ssl.TrustManagerFactory)11 ByteArrayInputStream (java.io.ByteArrayInputStream)10 Date (java.util.Date)10