Home | History | Annotate | Download | only in cert 
      1 /*
      2  * Copyright (C) 2009 The Android Open Source Project
      3  *
      4  * Licensed under the Apache License, Version 2.0 (the "License");
      5  * you may not use this file except in compliance with the License.
      6  * You may obtain a copy of the License at
      7  *
      8  *     http://www.apache.org/licenses/LICENSE-2.0
      9  *
     10  * Unless required by applicable law or agreed to in writing, software
     11  * distributed under the License is distributed on an "AS IS" BASIS,
     12  * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
     13  * See the License for the specific language governing permissions and
     14  * limitations under the License.
     15  */
     16 package tests.targets.security.cert;
     17 
     18 import java.io.ByteArrayInputStream;
     19 import java.security.KeyStore;
     20 import java.security.cert.CertPath;
     21 import java.security.cert.CertPathParameters;
     22 import java.security.cert.CertStore;
     23 import java.security.cert.CertStoreParameters;
     24 import java.security.cert.Certificate;
     25 import java.security.cert.CertificateFactory;
     26 import java.security.cert.CollectionCertStoreParameters;
     27 import java.security.cert.PKIXBuilderParameters;
     28 import java.security.cert.X509CertSelector;
     29 import java.security.cert.X509Certificate;
     30 import java.util.ArrayList;
     31 import java.util.List;
     32 import javax.security.auth.x500.X500Principal;
     33 import tests.security.CertPathBuilderTest;
     34 
     35 public class CertPathBuilderTestPKIX extends CertPathBuilderTest {
     36 
     37     public CertPathBuilderTestPKIX() {
     38         super("PKIX");
     39     }
     40 
     41     @Override
     42     public CertPathParameters getCertPathParameters() throws Exception {
     43         KeyStore keyStore = KeyStore.getInstance(KeyStore.getDefaultType());
     44 
     45         keyStore.load(null, null);
     46 
     47         CertificateFactory certificateFactory = CertificateFactory.getInstance("X509");
     48 
     49         X509Certificate selfSignedcertificate =
     50                 (X509Certificate) certificateFactory.generateCertificate(
     51                         new ByteArrayInputStream(selfSignedCert.getBytes()));
     52 
     53         keyStore.setCertificateEntry("selfSignedCert", selfSignedcertificate);
     54 
     55         X509CertSelector targetConstraints = new X509CertSelector();
     56         targetConstraints.setCertificate(selfSignedcertificate);
     57 
     58         List<Certificate> certList = new ArrayList<Certificate>();
     59         certList.add(selfSignedcertificate);
     60         CertStoreParameters storeParams = new CollectionCertStoreParameters(
     61                 certList);
     62 
     63 
     64         CertStore certStore = CertStore.getInstance("Collection", storeParams);
     65 
     66 
     67         PKIXBuilderParameters parameters = new PKIXBuilderParameters(
     68                 keyStore, targetConstraints);
     69         parameters.addCertStore(certStore);
     70         parameters.setRevocationEnabled(false);
     71         return parameters;
     72     }
     73 
     74     @Override
     75     public void validateCertPath(CertPath path) {
     76         List<? extends Certificate> certificates = path.getCertificates();
     77         Certificate certificate = certificates.get(0);
     78 
     79         assertEquals("unexpected certificate type", "X.509", certificate
     80                 .getType());
     81 
     82         X509Certificate x509Certificate = (X509Certificate) certificate;
     83         X500Principal subjectX500Principal = x509Certificate
     84                 .getSubjectX500Principal();
     85 
     86         X500Principal expectedPrincipal = new X500Principal("CN=Android CTS, "
     87                 + "OU=Android, O=Android, L=Android, ST=Android, C=AN");
     88 
     89         assertEquals("unexpected principal", expectedPrincipal,
     90                 subjectX500Principal);
     91     }
     92 
     93     private String selfSignedCert = "-----BEGIN CERTIFICATE-----\n"
     94     + "MIICSDCCAbECBEk2ZvswDQYJKoZIhvcNAQEEBQAwazELMAkGA1UEBhMCQU4xEDAOBgNVBAgTB0Fu\n"
     95     + "ZHJvaWQxEDAOBgNVBAcTB0FuZHJvaWQxEDAOBgNVBAoTB0FuZHJvaWQxEDAOBgNVBAsTB0FuZHJv\n"
     96     + "aWQxFDASBgNVBAMTC0FuZHJvaWQgQ1RTMB4XDTA4MTIwMzExMDExNVoXDTM2MDQyMDExMDExNVow\n"
     97     + "azELMAkGA1UEBhMCQU4xEDAOBgNVBAgTB0FuZHJvaWQxEDAOBgNVBAcTB0FuZHJvaWQxEDAOBgNV\n"
     98     + "BAoTB0FuZHJvaWQxEDAOBgNVBAsTB0FuZHJvaWQxFDASBgNVBAMTC0FuZHJvaWQgQ1RTMIGfMA0G\n"
     99     + "CSqGSIb3DQEBAQUAA4GNADCBiQKBgQCAMd+N1Bu2eiI4kukOLvFlpTSEHTGplN2vvw76T7jSZinx\n"
    100     + "WcrtLe6qH1uPffbVNW4/BRn6OywbcynazEdqEUa09hWtHYmUsXpRPyGUBScNnyF751SGA2JIQUfg\n"
    101     + "3gi3gT3h32Z64AIHnn5gsGDJkeWOHx6/uVOV7iqr7cwPdLp03QIDAQABMA0GCSqGSIb3DQEBBAUA\n"
    102     + "A4GBAGG46Udsh6U7bSkJsyPPmSCCEkGr14L8F431UuaWbLvQVDtyPv8vtdJilyUTVnlWM6JNGV/q\n"
    103     + "bgHuLbohkVXn9l68GtgQ7QDexHJE5hEDG/S7cYNi9GhrCfzAjEed13VMntZHZ0XQ4E7jBOmhcMAY\n"
    104     + "DC9BBx1sVKoji17RP4R8CTf1\n" + "-----END CERTIFICATE-----";
    105 }
    106