diff options
Diffstat (limited to 'prov/src/test/jdk1.3/org/spongycastle/jce/provider/test/CertPathBuilderTest.java')
-rw-r--r-- | prov/src/test/jdk1.3/org/spongycastle/jce/provider/test/CertPathBuilderTest.java | 171 |
1 files changed, 171 insertions, 0 deletions
diff --git a/prov/src/test/jdk1.3/org/spongycastle/jce/provider/test/CertPathBuilderTest.java b/prov/src/test/jdk1.3/org/spongycastle/jce/provider/test/CertPathBuilderTest.java new file mode 100644 index 00000000..fee48f48 --- /dev/null +++ b/prov/src/test/jdk1.3/org/spongycastle/jce/provider/test/CertPathBuilderTest.java @@ -0,0 +1,171 @@ +package org.spongycastle.jce.provider.test; + +import java.io.ByteArrayInputStream; +import java.math.BigInteger; +import java.security.KeyPair; +import java.security.Security; +import org.spongycastle.jce.cert.CertPath; +import org.spongycastle.jce.cert.CertPathBuilder; +import org.spongycastle.jce.cert.CertStore; +import org.spongycastle.jce.cert.CertificateFactory; +import org.spongycastle.jce.cert.CollectionCertStoreParameters; +import org.spongycastle.jce.cert.PKIXBuilderParameters; +import org.spongycastle.jce.cert.PKIXCertPathBuilderResult; +import org.spongycastle.jce.cert.TrustAnchor; +import java.security.cert.X509CRL; +import org.spongycastle.jce.cert.X509CertSelector; +import java.security.cert.X509Certificate; +import java.util.ArrayList; +import java.util.Calendar; +import java.util.Collections; +import java.util.Date; +import java.util.HashSet; +import java.util.List; +import java.util.Set; + +import org.spongycastle.jce.PrincipalUtil; +import org.spongycastle.jce.provider.BouncyCastleProvider; +import org.spongycastle.util.test.SimpleTestResult; +import org.spongycastle.util.test.Test; +import org.spongycastle.util.test.TestResult; + +public class CertPathBuilderTest + implements Test +{ + + public TestResult baseTest() + { + try + { + CertificateFactory cf = CertificateFactory.getInstance("X.509", "SC"); + + // initialise CertStore + X509Certificate rootCert = (X509Certificate)cf.generateCertificate(new ByteArrayInputStream(CertPathTest.rootCertBin)); + X509Certificate interCert = (X509Certificate)cf.generateCertificate(new ByteArrayInputStream(CertPathTest.interCertBin)); + X509Certificate finalCert = (X509Certificate)cf.generateCertificate(new ByteArrayInputStream(CertPathTest.finalCertBin)); + X509CRL rootCrl = (X509CRL)cf.generateCRL(new ByteArrayInputStream(CertPathTest.rootCrlBin)); + X509CRL interCrl = (X509CRL)cf.generateCRL(new ByteArrayInputStream(CertPathTest.interCrlBin)); + List list = new ArrayList(); + list.add(rootCert); + list.add(interCert); + list.add(finalCert); + list.add(rootCrl); + list.add(interCrl); + CollectionCertStoreParameters ccsp = new CollectionCertStoreParameters(list); + CertStore store = CertStore.getInstance("Collection", ccsp, "SC"); + Calendar validDate = Calendar.getInstance(); + validDate.set(2002,2,21,2,21,10); + + //Searching for rootCert by subjectDN without CRL + Set trust = new HashSet(); + trust.add(new TrustAnchor(rootCert, null)); + + CertPathBuilder cpb = CertPathBuilder.getInstance("PKIX","SC"); + X509CertSelector targetConstraints = new X509CertSelector(); + targetConstraints.setSubject(PrincipalUtil.getSubjectX509Principal(finalCert).getEncoded()); + PKIXBuilderParameters params = new PKIXBuilderParameters(trust, targetConstraints); + params.addCertStore(store); + params.setDate(validDate.getTime()); + PKIXCertPathBuilderResult result = (PKIXCertPathBuilderResult) cpb.build(params); + CertPath path = result.getCertPath(); + + if (path.getCertificates().size() != 2) + { + return new SimpleTestResult(false, this.getName() + ": wrong number of certs in baseTest path"); + } + } + catch (Exception e) + { + return new SimpleTestResult(false, this.getName() + ": exception - " + e.toString(), e); + } + + return new SimpleTestResult(true, this.getName() + ": Okay"); + } + + public TestResult v0Test() + { + try + { + // create certificates and CRLs + KeyPair rootPair = TestUtils.generateRSAKeyPair(); + KeyPair interPair = TestUtils.generateRSAKeyPair(); + KeyPair endPair = TestUtils.generateRSAKeyPair(); + + X509Certificate rootCert = TestUtils.generateRootCert(rootPair); + X509Certificate interCert = TestUtils.generateIntermediateCert(interPair.getPublic(), rootPair.getPrivate(), rootCert); + X509Certificate endCert = TestUtils.generateEndEntityCert(endPair.getPublic(), interPair.getPrivate(), interCert); + + BigInteger revokedSerialNumber = BigInteger.valueOf(2); + X509CRL rootCRL = TestUtils.createCRL(rootCert, rootPair.getPrivate(), revokedSerialNumber); + X509CRL interCRL = TestUtils.createCRL(interCert, interPair.getPrivate(), revokedSerialNumber); + + // create CertStore to support path building + List list = new ArrayList(); + + list.add(rootCert); + list.add(interCert); + list.add(endCert); + list.add(rootCRL); + list.add(interCRL); + + CollectionCertStoreParameters params = new CollectionCertStoreParameters(list); + CertStore store = CertStore.getInstance("Collection", params); + + // build the path + CertPathBuilder builder = CertPathBuilder.getInstance("PKIX", "SC"); + X509CertSelector pathConstraints = new X509CertSelector(); + + pathConstraints.setSubject(PrincipalUtil.getSubjectX509Principal(endCert).getEncoded()); + + PKIXBuilderParameters buildParams = new PKIXBuilderParameters(Collections.singleton(new TrustAnchor(rootCert, null)), pathConstraints); + + buildParams.addCertStore(store); + buildParams.setDate(new Date()); + + PKIXCertPathBuilderResult result = (PKIXCertPathBuilderResult)builder.build(buildParams); + CertPath path = result.getCertPath(); + + if (path.getCertificates().size() != 2) + { + return new SimpleTestResult(false, this.getName() + ": wrong number of certs in v0Test path"); + } + } + catch (Exception e) + { + return new SimpleTestResult(false, this.getName() + ": exception - " + e.toString(), e); + } + + return new SimpleTestResult(true, this.getName() + ": Okay"); + } + + /* (non-Javadoc) + * @see org.spongycastle.util.test.Test#perform() + */ + public TestResult perform() + { + TestResult res = baseTest(); + if (!res.isSuccessful()) + { + return res; + } + + return v0Test(); + } + + public String getName() + { + return "CertPathBuilder"; + } + + public static void main( + String[] args) + { + Security.addProvider(new BouncyCastleProvider()); + + Test test = new CertPathBuilderTest(); + TestResult result = test.perform(); + + System.out.println(result.toString()); + } +} + |