1 /* 2 * Copyright (C) 2009 The Android Open Source Project 3 * 4 * Licensed under the Apache License, Version 2.0 (the "License"); 5 * you may not use this file except in compliance with the License. 6 * You may obtain a copy of the License at 7 * 8 * http://www.apache.org/licenses/LICENSE-2.0 9 * 10 * Unless required by applicable law or agreed to in writing, software 11 * distributed under the License is distributed on an "AS IS" BASIS, 12 * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. 13 * See the License for the specific language governing permissions and 14 * limitations under the License. 15 */ 16 package tests.targets.security.cert; 17 18 import java.io.ByteArrayInputStream; 19 import java.security.KeyStore; 20 import java.security.cert.CertPath; 21 import java.security.cert.CertPathBuilder; 22 import java.security.cert.CertPathBuilderResult; 23 import java.security.cert.CertPathParameters; 24 import java.security.cert.CertPathValidatorResult; 25 import java.security.cert.CertStore; 26 import java.security.cert.CertStoreParameters; 27 import java.security.cert.Certificate; 28 import java.security.cert.CertificateFactory; 29 import java.security.cert.CollectionCertStoreParameters; 30 import java.security.cert.PKIXBuilderParameters; 31 import java.security.cert.PKIXCertPathValidatorResult; 32 import java.security.cert.PKIXParameters; 33 import java.security.cert.X509CertSelector; 34 import java.security.cert.X509Certificate; 35 import java.util.ArrayList; 36 import java.util.List; 37 import tests.security.CertPathValidatorTest; 38 39 public class CertPathValidatorTestPKIX extends CertPathValidatorTest { 40 41 private CertPath certPath; 42 private PKIXParameters params; 43 44 public CertPathValidatorTestPKIX() { 45 super("PKIX"); 46 } 47 48 @Override 49 public CertPath getCertPath() { 50 return certPath; 51 } 52 53 @Override 54 protected void setUp() throws Exception { 55 super.setUp(); 56 KeyStore keyStore = KeyStore.getInstance(KeyStore.getDefaultType()); 57 keyStore.load(null, null); 58 59 CertificateFactory certificateFactory = CertificateFactory.getInstance( 60 "X509"); 61 62 X509Certificate selfSignedcertificate = 63 (X509Certificate) certificateFactory.generateCertificate( 64 new ByteArrayInputStream(selfSignedCert.getBytes())); 65 66 keyStore.setCertificateEntry("selfSignedCert", selfSignedcertificate); 67 68 X509CertSelector targetConstraints = new X509CertSelector(); 69 targetConstraints.setCertificate(selfSignedcertificate); 70 71 List<Certificate> certList = new ArrayList<Certificate>(); 72 certList.add(selfSignedcertificate); 73 CertStoreParameters storeParams = new CollectionCertStoreParameters( 74 certList); 75 76 CertStore certStore = CertStore.getInstance("Collection", storeParams); 77 78 PKIXBuilderParameters parameters = new PKIXBuilderParameters(keyStore, 79 targetConstraints); 80 parameters.addCertStore(certStore); 81 parameters.setRevocationEnabled(false); 82 83 CertPathBuilder pathBuilder = CertPathBuilder.getInstance("PKIX"); 84 85 CertPathBuilderResult builderResult = pathBuilder.build(parameters); 86 87 certPath = builderResult.getCertPath(); 88 89 params = new PKIXParameters(keyStore); 90 params.setRevocationEnabled(false); 91 } 92 93 @Override 94 public CertPathParameters getParams() { 95 return params; 96 } 97 98 @Override 99 public void validateResult(CertPathValidatorResult validatorResult) { 100 assertNotNull("validator result is null", validatorResult); 101 assertTrue("validator result is not PKIX", 102 validatorResult instanceof PKIXCertPathValidatorResult); 103 104 } 105 106 107 private String selfSignedCert = "-----BEGIN CERTIFICATE-----\n" 108 + "MIICSDCCAbECBEk2ZvswDQYJKoZIhvcNAQEEBQAwazELMAkGA1UEBhMCQU4xEDAOBgNVBAgTB0Fu\n" 109 + "ZHJvaWQxEDAOBgNVBAcTB0FuZHJvaWQxEDAOBgNVBAoTB0FuZHJvaWQxEDAOBgNVBAsTB0FuZHJv\n" 110 + "aWQxFDASBgNVBAMTC0FuZHJvaWQgQ1RTMB4XDTA4MTIwMzExMDExNVoXDTM2MDQyMDExMDExNVow\n" 111 + "azELMAkGA1UEBhMCQU4xEDAOBgNVBAgTB0FuZHJvaWQxEDAOBgNVBAcTB0FuZHJvaWQxEDAOBgNV\n" 112 + "BAoTB0FuZHJvaWQxEDAOBgNVBAsTB0FuZHJvaWQxFDASBgNVBAMTC0FuZHJvaWQgQ1RTMIGfMA0G\n" 113 + "CSqGSIb3DQEBAQUAA4GNADCBiQKBgQCAMd+N1Bu2eiI4kukOLvFlpTSEHTGplN2vvw76T7jSZinx\n" 114 + "WcrtLe6qH1uPffbVNW4/BRn6OywbcynazEdqEUa09hWtHYmUsXpRPyGUBScNnyF751SGA2JIQUfg\n" 115 + "3gi3gT3h32Z64AIHnn5gsGDJkeWOHx6/uVOV7iqr7cwPdLp03QIDAQABMA0GCSqGSIb3DQEBBAUA\n" 116 + "A4GBAGG46Udsh6U7bSkJsyPPmSCCEkGr14L8F431UuaWbLvQVDtyPv8vtdJilyUTVnlWM6JNGV/q\n" 117 + "bgHuLbohkVXn9l68GtgQ7QDexHJE5hEDG/S7cYNi9GhrCfzAjEed13VMntZHZ0XQ4E7jBOmhcMAY\n" 118 + "DC9BBx1sVKoji17RP4R8CTf1\n" + "-----END CERTIFICATE-----"; 119 } 120