Welcome to mirror list, hosted at ThFree Co, Russian Federation.

gitlab.com/quite/humla-spongycastle.git - Unnamed repository; edit this file 'description' to name the repository.
summaryrefslogtreecommitdiff
path: root/prov/src/test/java/org/spongycastle/jce/provider/test/CertPathBuilderTest.java
diff options
context:
space:
mode:
Diffstat (limited to 'prov/src/test/java/org/spongycastle/jce/provider/test/CertPathBuilderTest.java')
-rw-r--r--prov/src/test/java/org/spongycastle/jce/provider/test/CertPathBuilderTest.java142
1 files changed, 142 insertions, 0 deletions
diff --git a/prov/src/test/java/org/spongycastle/jce/provider/test/CertPathBuilderTest.java b/prov/src/test/java/org/spongycastle/jce/provider/test/CertPathBuilderTest.java
new file mode 100644
index 00000000..62708a2f
--- /dev/null
+++ b/prov/src/test/java/org/spongycastle/jce/provider/test/CertPathBuilderTest.java
@@ -0,0 +1,142 @@
+package org.spongycastle.jce.provider.test;
+
+import java.io.ByteArrayInputStream;
+import java.math.BigInteger;
+import java.security.KeyPair;
+import java.security.Security;
+import java.security.cert.CertPath;
+import java.security.cert.CertPathBuilder;
+import java.security.cert.CertStore;
+import java.security.cert.CertificateFactory;
+import java.security.cert.CollectionCertStoreParameters;
+import java.security.cert.PKIXBuilderParameters;
+import java.security.cert.PKIXCertPathBuilderResult;
+import java.security.cert.TrustAnchor;
+import java.security.cert.X509CRL;
+import java.security.cert.X509CertSelector;
+import java.security.cert.X509Certificate;
+import java.util.ArrayList;
+import java.util.Calendar;
+import java.util.Collections;
+import java.util.Date;
+import java.util.HashSet;
+import java.util.List;
+import java.util.Set;
+
+import org.spongycastle.jce.provider.BouncyCastleProvider;
+import org.spongycastle.util.test.SimpleTest;
+
+public class CertPathBuilderTest
+ extends SimpleTest
+{
+
+ private void baseTest()
+ throws Exception
+ {
+ CertificateFactory cf = CertificateFactory.getInstance("X.509", "SC");
+
+ // initialise CertStore
+ X509Certificate rootCert = (X509Certificate)cf.generateCertificate(new ByteArrayInputStream(CertPathTest.rootCertBin));
+ X509Certificate interCert = (X509Certificate)cf.generateCertificate(new ByteArrayInputStream(CertPathTest.interCertBin));
+ X509Certificate finalCert = (X509Certificate)cf.generateCertificate(new ByteArrayInputStream(CertPathTest.finalCertBin));
+ X509CRL rootCrl = (X509CRL)cf.generateCRL(new ByteArrayInputStream(CertPathTest.rootCrlBin));
+ X509CRL interCrl = (X509CRL)cf.generateCRL(new ByteArrayInputStream(CertPathTest.interCrlBin));
+ List list = new ArrayList();
+ list.add(rootCert);
+ list.add(interCert);
+ list.add(finalCert);
+ list.add(rootCrl);
+ list.add(interCrl);
+ CollectionCertStoreParameters ccsp = new CollectionCertStoreParameters(list);
+ CertStore store = CertStore.getInstance("Collection", ccsp, "SC");
+ Calendar validDate = Calendar.getInstance();
+ validDate.set(2008,8,4,14,49,10);
+
+ //Searching for rootCert by subjectDN without CRL
+ Set trust = new HashSet();
+ trust.add(new TrustAnchor(rootCert, null));
+
+ CertPathBuilder cpb = CertPathBuilder.getInstance("PKIX","SC");
+ X509CertSelector targetConstraints = new X509CertSelector();
+ targetConstraints.setSubject(finalCert.getSubjectX500Principal().getEncoded());
+ PKIXBuilderParameters params = new PKIXBuilderParameters(trust, targetConstraints);
+ params.addCertStore(store);
+ params.setDate(validDate.getTime());
+ PKIXCertPathBuilderResult result = (PKIXCertPathBuilderResult) cpb.build(params);
+ CertPath path = result.getCertPath();
+
+ if (path.getCertificates().size() != 2)
+ {
+ fail("wrong number of certs in baseTest path");
+ }
+ }
+
+ private void v0Test()
+ throws Exception
+ {
+ // create certificates and CRLs
+ KeyPair rootPair = TestUtils.generateRSAKeyPair();
+ KeyPair interPair = TestUtils.generateRSAKeyPair();
+ KeyPair endPair = TestUtils.generateRSAKeyPair();
+
+ X509Certificate rootCert = TestUtils.generateRootCert(rootPair);
+ X509Certificate interCert = TestUtils.generateIntermediateCert(interPair.getPublic(), rootPair.getPrivate(), rootCert);
+ X509Certificate endCert = TestUtils.generateEndEntityCert(endPair.getPublic(), interPair.getPrivate(), interCert);
+
+ BigInteger revokedSerialNumber = BigInteger.valueOf(2);
+ X509CRL rootCRL = TestUtils.createCRL(rootCert, rootPair.getPrivate(), revokedSerialNumber);
+ X509CRL interCRL = TestUtils.createCRL(interCert, interPair.getPrivate(), revokedSerialNumber);
+
+ // create CertStore to support path building
+ List list = new ArrayList();
+
+ list.add(rootCert);
+ list.add(interCert);
+ list.add(endCert);
+ list.add(rootCRL);
+ list.add(interCRL);
+
+ CollectionCertStoreParameters params = new CollectionCertStoreParameters(list);
+ CertStore store = CertStore.getInstance("Collection", params);
+
+ // build the path
+ CertPathBuilder builder = CertPathBuilder.getInstance("PKIX", "SC");
+ X509CertSelector pathConstraints = new X509CertSelector();
+
+ pathConstraints.setSubject(endCert.getSubjectX500Principal().getEncoded());
+
+ PKIXBuilderParameters buildParams = new PKIXBuilderParameters(Collections.singleton(new TrustAnchor(rootCert, null)), pathConstraints);
+
+ buildParams.addCertStore(store);
+ buildParams.setDate(new Date());
+
+ PKIXCertPathBuilderResult result = (PKIXCertPathBuilderResult)builder.build(buildParams);
+ CertPath path = result.getCertPath();
+
+ if (path.getCertificates().size() != 2)
+ {
+ fail("wrong number of certs in v0Test path");
+ }
+ }
+
+ public void performTest()
+ throws Exception
+ {
+ baseTest();
+ v0Test();
+ }
+
+ public String getName()
+ {
+ return "CertPathBuilder";
+ }
+
+ public static void main(
+ String[] args)
+ {
+ Security.addProvider(new BouncyCastleProvider());
+
+ runTest(new CertPathBuilderTest());
+ }
+}
+
generated by cgit v1.2.3 (git 2.25.1) at 2024-05-23 09:42:29 +0300