1 /* 2 * Copyright (C) 2009 The Android Open Source Project 3 * 4 * Licensed under the Apache License, Version 2.0 (the "License"); 5 * you may not use this file except in compliance with the License. 6 * You may obtain a copy of the License at 7 * 8 * http://www.apache.org/licenses/LICENSE-2.0 9 * 10 * Unless required by applicable law or agreed to in writing, software 11 * distributed under the License is distributed on an "AS IS" BASIS, 12 * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. 13 * See the License for the specific language governing permissions and 14 * limitations under the License. 15 */ 16 package tests.targets.security.cert; 17 18 import java.io.ByteArrayInputStream; 19 import java.security.KeyStore; 20 import java.security.cert.CertPath; 21 import java.security.cert.CertPathParameters; 22 import java.security.cert.CertStore; 23 import java.security.cert.CertStoreParameters; 24 import java.security.cert.Certificate; 25 import java.security.cert.CertificateFactory; 26 import java.security.cert.CollectionCertStoreParameters; 27 import java.security.cert.PKIXBuilderParameters; 28 import java.security.cert.X509CertSelector; 29 import java.security.cert.X509Certificate; 30 import java.util.ArrayList; 31 import java.util.List; 32 import javax.security.auth.x500.X500Principal; 33 import tests.security.CertPathBuilderTest; 34 35 public class CertPathBuilderTestPKIX extends CertPathBuilderTest { 36 37 public CertPathBuilderTestPKIX() { 38 super("PKIX"); 39 } 40 41 @Override 42 public CertPathParameters getCertPathParameters() throws Exception { 43 KeyStore keyStore = KeyStore.getInstance(KeyStore.getDefaultType()); 44 45 keyStore.load(null, null); 46 47 CertificateFactory certificateFactory = CertificateFactory.getInstance("X509"); 48 49 X509Certificate selfSignedcertificate = 50 (X509Certificate) certificateFactory.generateCertificate( 51 new ByteArrayInputStream(selfSignedCert.getBytes())); 52 53 keyStore.setCertificateEntry("selfSignedCert", selfSignedcertificate); 54 55 X509CertSelector targetConstraints = new X509CertSelector(); 56 targetConstraints.setCertificate(selfSignedcertificate); 57 58 List<Certificate> certList = new ArrayList<Certificate>(); 59 certList.add(selfSignedcertificate); 60 CertStoreParameters storeParams = new CollectionCertStoreParameters( 61 certList); 62 63 64 CertStore certStore = CertStore.getInstance("Collection", storeParams); 65 66 67 PKIXBuilderParameters parameters = new PKIXBuilderParameters( 68 keyStore, targetConstraints); 69 parameters.addCertStore(certStore); 70 parameters.setRevocationEnabled(false); 71 return parameters; 72 } 73 74 @Override 75 public void validateCertPath(CertPath path) { 76 List<? extends Certificate> certificates = path.getCertificates(); 77 Certificate certificate = certificates.get(0); 78 79 assertEquals("unexpected certificate type", "X.509", certificate 80 .getType()); 81 82 X509Certificate x509Certificate = (X509Certificate) certificate; 83 X500Principal subjectX500Principal = x509Certificate 84 .getSubjectX500Principal(); 85 86 X500Principal expectedPrincipal = new X500Principal("CN=Android CTS, " 87 + "OU=Android, O=Android, L=Android, ST=Android, C=AN"); 88 89 assertEquals("unexpected principal", expectedPrincipal, 90 subjectX500Principal); 91 } 92 93 private String selfSignedCert = "-----BEGIN CERTIFICATE-----\n" 94 + "MIICSDCCAbECBEk2ZvswDQYJKoZIhvcNAQEEBQAwazELMAkGA1UEBhMCQU4xEDAOBgNVBAgTB0Fu\n" 95 + "ZHJvaWQxEDAOBgNVBAcTB0FuZHJvaWQxEDAOBgNVBAoTB0FuZHJvaWQxEDAOBgNVBAsTB0FuZHJv\n" 96 + "aWQxFDASBgNVBAMTC0FuZHJvaWQgQ1RTMB4XDTA4MTIwMzExMDExNVoXDTM2MDQyMDExMDExNVow\n" 97 + "azELMAkGA1UEBhMCQU4xEDAOBgNVBAgTB0FuZHJvaWQxEDAOBgNVBAcTB0FuZHJvaWQxEDAOBgNV\n" 98 + "BAoTB0FuZHJvaWQxEDAOBgNVBAsTB0FuZHJvaWQxFDASBgNVBAMTC0FuZHJvaWQgQ1RTMIGfMA0G\n" 99 + "CSqGSIb3DQEBAQUAA4GNADCBiQKBgQCAMd+N1Bu2eiI4kukOLvFlpTSEHTGplN2vvw76T7jSZinx\n" 100 + "WcrtLe6qH1uPffbVNW4/BRn6OywbcynazEdqEUa09hWtHYmUsXpRPyGUBScNnyF751SGA2JIQUfg\n" 101 + "3gi3gT3h32Z64AIHnn5gsGDJkeWOHx6/uVOV7iqr7cwPdLp03QIDAQABMA0GCSqGSIb3DQEBBAUA\n" 102 + "A4GBAGG46Udsh6U7bSkJsyPPmSCCEkGr14L8F431UuaWbLvQVDtyPv8vtdJilyUTVnlWM6JNGV/q\n" 103 + "bgHuLbohkVXn9l68GtgQ7QDexHJE5hEDG/S7cYNi9GhrCfzAjEed13VMntZHZ0XQ4E7jBOmhcMAY\n" 104 + "DC9BBx1sVKoji17RP4R8CTf1\n" + "-----END CERTIFICATE-----"; 105 } 106