Example usage for java.security.cert PKIXCertPathBuilderResult getCertPath

List of usage examples for java.security.cert PKIXCertPathBuilderResult getCertPath

Introduction

In this page you can find the example usage for java.security.cert PKIXCertPathBuilderResult getCertPath.

Prototype

public CertPath getCertPath() 

Source Link

Document

Returns the built and validated certification path.

Usage

From source file:mitm.common.security.crl.PKITSTest.java

@Test
public void test_4_4_17_Valid_Long_Serial_Number_Test17() throws Exception {
    // add certificates
    addCertificates(new File(testBase, "certs/LongSerialNumberCACert.crt"), certStoreParams.getCertStore());
    addCertificates(new File(testBase, "certs/ValidLongSerialNumberTest17EE.crt"),
            certStoreParams.getCertStore());

    // add crls//  w  w w .ja  v a2  s. c o  m
    addCRL(new File(testBase, "crls/TrustAnchorRootCRL.crl"), certStoreParams.getCRLStore());
    addCRL(new File(testBase, "crls/LongSerialNumberCACRL.crl"), certStoreParams.getCRLStore());

    X509CertSelector selector = new X509CertSelector();

    selector.setSerialNumber(BigIntegerUtils.hexDecode("7E0102030405060708090A0B0C0D0E0F10111213"));
    selector.setIssuer("CN=Long Serial Number CA, O=Test Certificates, C=US");

    PKIXCertPathBuilderResult result = getCertPathBuilderResult(selector);

    CertPath certPath = result.getCertPath();

    TrustAnchor trustAnchor = result.getTrustAnchor();

    assertNotNull(trustAnchor);
    assertEquals("CN=Trust Anchor, O=Test Certificates, C=US",
            trustAnchor.getTrustedCert().getSubjectX500Principal().toString());

    PKIXRevocationChecker revocationChecker = new PKIXRevocationChecker(certStoreParams.getCRLStore());

    RevocationResult revocationResult = revocationChecker.getRevocationStatus(certPath, trustAnchor, testDate);

    assertEquals(RevocationStatus.NOT_REVOKED, revocationResult.getStatus());
    assertEquals(null, revocationResult.getReason());

    RevocationDetail[] detail = revocationResult.getDetails();

    assertEquals(detail.length, 2);
    assertEquals(RevocationStatus.NOT_REVOKED, detail[0].getStatus());
    assertEquals(RevocationStatus.NOT_REVOKED, detail[1].getStatus());
}

From source file:mitm.common.security.crl.PKITSTest.java

@Test
public void test_4_4_18_Invalid_Long_Serial_Number_Test18() throws Exception {
    // add certificates
    addCertificates(new File(testBase, "certs/LongSerialNumberCACert.crt"), certStoreParams.getCertStore());
    addCertificates(new File(testBase, "certs/InvalidLongSerialNumberTest18EE.crt"),
            certStoreParams.getCertStore());

    // add crls/*from  w  ww. j  ava  2s. c  o m*/
    addCRL(new File(testBase, "crls/TrustAnchorRootCRL.crl"), certStoreParams.getCRLStore());
    addCRL(new File(testBase, "crls/LongSerialNumberCACRL.crl"), certStoreParams.getCRLStore());

    X509CertSelector selector = new X509CertSelector();

    selector.setSerialNumber(BigIntegerUtils.hexDecode("7F0102030405060708090A0B0C0D0E0F10111213"));
    selector.setIssuer("CN=Long Serial Number CA, O=Test Certificates, C=US");

    PKIXCertPathBuilderResult result = getCertPathBuilderResult(selector);

    CertPath certPath = result.getCertPath();

    TrustAnchor trustAnchor = result.getTrustAnchor();

    assertNotNull(trustAnchor);
    assertEquals("CN=Trust Anchor, O=Test Certificates, C=US",
            trustAnchor.getTrustedCert().getSubjectX500Principal().toString());

    PKIXRevocationChecker revocationChecker = new PKIXRevocationChecker(certStoreParams.getCRLStore());

    RevocationResult revocationResult = revocationChecker.getRevocationStatus(certPath, trustAnchor, testDate);

    assertEquals(RevocationStatus.REVOKED, revocationResult.getStatus());
    assertEquals(RevocationReason.KEY_COMPROMISE, revocationResult.getReason());

    RevocationDetail[] detail = revocationResult.getDetails();

    assertEquals(detail.length, 2);
    assertEquals(RevocationStatus.REVOKED, detail[0].getStatus());
    assertEquals(RevocationStatus.UNKNOWN, detail[1].getStatus());
}

From source file:mitm.common.security.crl.PKITSTest.java

@Test
public void test_4_15_2_Valid_delta_CRL_Test2() throws Exception {
    // add certificates
    addCertificates(new File(testBase, "certs/deltaCRLCA1Cert.crt"), certStoreParams.getCertStore());
    addCertificates(new File(testBase, "certs/ValiddeltaCRLTest2EE.crt"), certStoreParams.getCertStore());

    // add crls//from  w w w .  j  a  v  a  2 s .  c  o m
    addCRL(new File(testBase, "crls/TrustAnchorRootCRL.crl"), certStoreParams.getCRLStore());
    addCRL(new File(testBase, "crls/deltaCRLCA1CRL.crl"), certStoreParams.getCRLStore());
    addCRL(new File(testBase, "crls/deltaCRLCA1deltaCRL.crl"), certStoreParams.getCRLStore());

    X509CertSelector selector = new X509CertSelector();

    selector.setSerialNumber(BigIntegerUtils.hexDecode("1"));
    selector.setIssuer("CN=deltaCRL CA1, O=Test Certificates, C=US");

    PKIXCertPathBuilderResult result = getCertPathBuilderResult(selector);

    CertPath certPath = result.getCertPath();

    TrustAnchor trustAnchor = result.getTrustAnchor();

    assertNotNull(trustAnchor);
    assertEquals("CN=Trust Anchor, O=Test Certificates, C=US",
            trustAnchor.getTrustedCert().getSubjectX500Principal().toString());

    PKIXRevocationChecker revocationChecker = new PKIXRevocationChecker(certStoreParams.getCRLStore());

    RevocationResult revocationResult = revocationChecker.getRevocationStatus(certPath, trustAnchor, testDate);

    assertEquals(RevocationStatus.NOT_REVOKED, revocationResult.getStatus());
    assertEquals(null, revocationResult.getReason());

    RevocationDetail[] detail = revocationResult.getDetails();

    assertEquals(detail.length, 2);
    assertEquals(RevocationStatus.NOT_REVOKED, detail[0].getStatus());
    assertEquals(RevocationStatus.NOT_REVOKED, detail[1].getStatus());
}

From source file:mitm.common.security.crl.PKITSTest.java

@Test
public void test_4_15_3_Invalid_delta_CRL_Test3() throws Exception {
    // add certificates
    addCertificates(new File(testBase, "certs/deltaCRLCA1Cert.crt"), certStoreParams.getCertStore());
    addCertificates(new File(testBase, "certs/InvaliddeltaCRLTest3EE.crt"), certStoreParams.getCertStore());

    // add crls// w  w  w.  j a va 2  s  .c om
    addCRL(new File(testBase, "crls/TrustAnchorRootCRL.crl"), certStoreParams.getCRLStore());
    addCRL(new File(testBase, "crls/deltaCRLCA1CRL.crl"), certStoreParams.getCRLStore());
    addCRL(new File(testBase, "crls/deltaCRLCA1deltaCRL.crl"), certStoreParams.getCRLStore());

    X509CertSelector selector = new X509CertSelector();

    selector.setSerialNumber(BigIntegerUtils.hexDecode("2"));
    selector.setIssuer("CN=deltaCRL CA1, O=Test Certificates, C=US");

    PKIXCertPathBuilderResult result = getCertPathBuilderResult(selector);

    CertPath certPath = result.getCertPath();

    TrustAnchor trustAnchor = result.getTrustAnchor();

    assertNotNull(trustAnchor);
    assertEquals("CN=Trust Anchor, O=Test Certificates, C=US",
            trustAnchor.getTrustedCert().getSubjectX500Principal().toString());

    PKIXRevocationChecker revocationChecker = new PKIXRevocationChecker(certStoreParams.getCRLStore());

    RevocationResult revocationResult = revocationChecker.getRevocationStatus(certPath, trustAnchor, testDate);

    assertEquals(RevocationStatus.REVOKED, revocationResult.getStatus());
    assertEquals(RevocationReason.KEY_COMPROMISE, revocationResult.getReason());

    RevocationDetail[] detail = revocationResult.getDetails();

    assertEquals(detail.length, 2);
    assertEquals(RevocationStatus.REVOKED, detail[0].getStatus());
    assertEquals(RevocationStatus.UNKNOWN, detail[1].getStatus());
}

From source file:mitm.common.security.crl.PKITSTest.java

@Test
public void test_4_15_4_Invalid_delta_CRL_Test4() throws Exception {
    // add certificates
    addCertificates(new File(testBase, "certs/deltaCRLCA1Cert.crt"), certStoreParams.getCertStore());
    addCertificates(new File(testBase, "certs/InvaliddeltaCRLTest4EE.crt"), certStoreParams.getCertStore());

    // add crls//from  www  .j  a v a 2s  .c  o  m
    addCRL(new File(testBase, "crls/TrustAnchorRootCRL.crl"), certStoreParams.getCRLStore());
    addCRL(new File(testBase, "crls/deltaCRLCA1CRL.crl"), certStoreParams.getCRLStore());
    addCRL(new File(testBase, "crls/deltaCRLCA1deltaCRL.crl"), certStoreParams.getCRLStore());

    X509CertSelector selector = new X509CertSelector();

    selector.setSerialNumber(BigIntegerUtils.hexDecode("3"));
    selector.setIssuer("CN=deltaCRL CA1, O=Test Certificates, C=US");

    PKIXCertPathBuilderResult result = getCertPathBuilderResult(selector);

    CertPath certPath = result.getCertPath();

    TrustAnchor trustAnchor = result.getTrustAnchor();

    assertNotNull(trustAnchor);
    assertEquals("CN=Trust Anchor, O=Test Certificates, C=US",
            trustAnchor.getTrustedCert().getSubjectX500Principal().toString());

    PKIXRevocationChecker revocationChecker = new PKIXRevocationChecker(certStoreParams.getCRLStore());

    RevocationResult revocationResult = revocationChecker.getRevocationStatus(certPath, trustAnchor, testDate);

    assertEquals(RevocationStatus.REVOKED, revocationResult.getStatus());
    assertEquals(RevocationReason.KEY_COMPROMISE, revocationResult.getReason());

    RevocationDetail[] detail = revocationResult.getDetails();

    assertEquals(detail.length, 2);
    assertEquals(RevocationStatus.REVOKED, detail[0].getStatus());
    assertEquals(RevocationStatus.UNKNOWN, detail[1].getStatus());
}

From source file:mitm.common.security.crl.PKITSTest.java

@Test
public void test_4_15_6_Invalid_delta_CRL_Test6() throws Exception {
    // add certificates
    addCertificates(new File(testBase, "certs/deltaCRLCA1Cert.crt"), certStoreParams.getCertStore());
    addCertificates(new File(testBase, "certs/InvaliddeltaCRLTest6EE.crt"), certStoreParams.getCertStore());

    // add crls//from   ww w  .  j  av  a 2s .co m
    addCRL(new File(testBase, "crls/TrustAnchorRootCRL.crl"), certStoreParams.getCRLStore());
    addCRL(new File(testBase, "crls/deltaCRLCA1CRL.crl"), certStoreParams.getCRLStore());
    addCRL(new File(testBase, "crls/deltaCRLCA1deltaCRL.crl"), certStoreParams.getCRLStore());

    X509CertSelector selector = new X509CertSelector();

    selector.setSerialNumber(BigIntegerUtils.hexDecode("5"));
    selector.setIssuer("CN=deltaCRL CA1, O=Test Certificates, C=US");

    PKIXCertPathBuilderResult result = getCertPathBuilderResult(selector);

    CertPath certPath = result.getCertPath();

    TrustAnchor trustAnchor = result.getTrustAnchor();

    assertNotNull(trustAnchor);
    assertEquals("CN=Trust Anchor, O=Test Certificates, C=US",
            trustAnchor.getTrustedCert().getSubjectX500Principal().toString());

    PKIXRevocationChecker revocationChecker = new PKIXRevocationChecker(certStoreParams.getCRLStore());

    RevocationResult revocationResult = revocationChecker.getRevocationStatus(certPath, trustAnchor, testDate);

    assertEquals(RevocationStatus.REVOKED, revocationResult.getStatus());
    assertEquals(RevocationReason.KEY_COMPROMISE, revocationResult.getReason());

    RevocationDetail[] detail = revocationResult.getDetails();

    assertEquals(detail.length, 2);
    assertEquals(RevocationStatus.REVOKED, detail[0].getStatus());
    assertEquals(RevocationStatus.UNKNOWN, detail[1].getStatus());
}

From source file:mitm.common.security.crl.PKITSTest.java

@Test
public void test_4_15_8_Valid_delta_CRL_Test8() throws Exception {
    // add certificates
    addCertificates(new File(testBase, "certs/deltaCRLCA2Cert.crt"), certStoreParams.getCertStore());
    addCertificates(new File(testBase, "certs/ValiddeltaCRLTest8EE.crt"), certStoreParams.getCertStore());

    // add crls//from w w w.  ja v a2  s .co m
    addCRL(new File(testBase, "crls/TrustAnchorRootCRL.crl"), certStoreParams.getCRLStore());
    addCRL(new File(testBase, "crls/deltaCRLCA2CRL.crl"), certStoreParams.getCRLStore());
    addCRL(new File(testBase, "crls/deltaCRLCA2deltaCRL.crl"), certStoreParams.getCRLStore());

    X509CertSelector selector = new X509CertSelector();

    selector.setSerialNumber(BigIntegerUtils.hexDecode("1"));
    selector.setIssuer("CN=deltaCRL CA2, O=Test Certificates, C=US");

    PKIXCertPathBuilderResult result = getCertPathBuilderResult(selector);

    CertPath certPath = result.getCertPath();

    TrustAnchor trustAnchor = result.getTrustAnchor();

    assertNotNull(trustAnchor);
    assertEquals("CN=Trust Anchor, O=Test Certificates, C=US",
            trustAnchor.getTrustedCert().getSubjectX500Principal().toString());

    PKIXRevocationChecker revocationChecker = new PKIXRevocationChecker(certStoreParams.getCRLStore());

    RevocationResult revocationResult = revocationChecker.getRevocationStatus(certPath, trustAnchor, testDate);

    assertEquals(RevocationStatus.NOT_REVOKED, revocationResult.getStatus());
    assertEquals(null, revocationResult.getReason());

    RevocationDetail[] detail = revocationResult.getDetails();

    assertEquals(detail.length, 2);
    assertEquals(RevocationStatus.NOT_REVOKED, detail[0].getStatus());
    assertEquals(RevocationStatus.NOT_REVOKED, detail[1].getStatus());
}

From source file:mitm.common.security.crl.PKITSTest.java

@Test
public void test_4_15_9_Invalid_delta_CRL_Test9() throws Exception {
    // add certificates
    addCertificates(new File(testBase, "certs/deltaCRLCA2Cert.crt"), certStoreParams.getCertStore());
    addCertificates(new File(testBase, "certs/InvaliddeltaCRLTest9EE.crt"), certStoreParams.getCertStore());

    // add crls/* ww w. j a v  a2s.  c o  m*/
    addCRL(new File(testBase, "crls/TrustAnchorRootCRL.crl"), certStoreParams.getCRLStore());
    addCRL(new File(testBase, "crls/deltaCRLCA2CRL.crl"), certStoreParams.getCRLStore());
    addCRL(new File(testBase, "crls/deltaCRLCA2deltaCRL.crl"), certStoreParams.getCRLStore());

    X509CertSelector selector = new X509CertSelector();

    selector.setSerialNumber(BigIntegerUtils.hexDecode("2"));
    selector.setIssuer("CN=deltaCRL CA2, O=Test Certificates, C=US");

    PKIXCertPathBuilderResult result = getCertPathBuilderResult(selector);

    CertPath certPath = result.getCertPath();

    TrustAnchor trustAnchor = result.getTrustAnchor();

    assertNotNull(trustAnchor);
    assertEquals("CN=Trust Anchor, O=Test Certificates, C=US",
            trustAnchor.getTrustedCert().getSubjectX500Principal().toString());

    PKIXRevocationChecker revocationChecker = new PKIXRevocationChecker(certStoreParams.getCRLStore());

    RevocationResult revocationResult = revocationChecker.getRevocationStatus(certPath, trustAnchor, testDate);

    assertEquals(RevocationStatus.REVOKED, revocationResult.getStatus());
    assertEquals(RevocationReason.KEY_COMPROMISE, revocationResult.getReason());

    RevocationDetail[] detail = revocationResult.getDetails();

    assertEquals(detail.length, 2);
    assertEquals(RevocationStatus.REVOKED, detail[0].getStatus());
    assertEquals(RevocationStatus.UNKNOWN, detail[1].getStatus());
}

From source file:mitm.common.security.crl.PKITSTest.java

@Test
public void test_4_15_10_Invalid_delta_CRL_Test10() throws Exception {
    // add certificates
    addCertificates(new File(testBase, "certs/deltaCRLCA3Cert.crt"), certStoreParams.getCertStore());
    addCertificates(new File(testBase, "certs/InvaliddeltaCRLTest10EE.crt"), certStoreParams.getCertStore());

    // add crls//from w w  w.j a  va 2  s  . c  om
    addCRL(new File(testBase, "crls/TrustAnchorRootCRL.crl"), certStoreParams.getCRLStore());
    addCRL(new File(testBase, "crls/deltaCRLCA3CRL.crl"), certStoreParams.getCRLStore());
    addCRL(new File(testBase, "crls/deltaCRLCA3deltaCRL.crl"), certStoreParams.getCRLStore());

    X509CertSelector selector = new X509CertSelector();

    selector.setSerialNumber(BigIntegerUtils.hexDecode("1"));
    selector.setIssuer("CN=deltaCRL CA3, O=Test Certificates, C=US");

    PKIXCertPathBuilderResult result = getCertPathBuilderResult(selector);

    CertPath certPath = result.getCertPath();

    TrustAnchor trustAnchor = result.getTrustAnchor();

    assertNotNull(trustAnchor);
    assertEquals("CN=Trust Anchor, O=Test Certificates, C=US",
            trustAnchor.getTrustedCert().getSubjectX500Principal().toString());

    PKIXRevocationChecker revocationChecker = new PKIXRevocationChecker(certStoreParams.getCRLStore());

    RevocationResult revocationResult = revocationChecker.getRevocationStatus(certPath, trustAnchor, testDate);

    assertEquals(RevocationStatus.EXPIRED, revocationResult.getStatus());
    assertEquals(null, revocationResult.getReason());

    RevocationDetail[] detail = revocationResult.getDetails();

    assertEquals(detail.length, 2);
    assertEquals(RevocationStatus.EXPIRED, detail[0].getStatus());
    assertEquals(RevocationStatus.NOT_REVOKED, detail[1].getStatus());
}

From source file:mitm.common.security.crl.PKITSTest.java

@Test
public void test_4_14_1_Valid_distributionPoint_Test1() throws Exception {
    // add certificates
    addCertificates(new File(testBase, "certs/distributionPoint1CACert.crt"), certStoreParams.getCertStore());
    addCertificates(new File(testBase, "certs/ValiddistributionPointTest1EE.crt"),
            certStoreParams.getCertStore());

    // add crls/*from  w  w w. ja v  a2 s .c  om*/
    addCRL(new File(testBase, "crls/TrustAnchorRootCRL.crl"), certStoreParams.getCRLStore());
    addCRL(new File(testBase, "crls/distributionPoint1CACRL.crl"), certStoreParams.getCRLStore());

    X509CertSelector selector = new X509CertSelector();

    selector.setSerialNumber(BigIntegerUtils.hexDecode("1"));
    selector.setIssuer("OU=distributionPoint1 CA, O=Test Certificates, C=US");

    PKIXCertPathBuilderResult result = getCertPathBuilderResult(selector);

    CertPath certPath = result.getCertPath();

    TrustAnchor trustAnchor = result.getTrustAnchor();

    assertNotNull(trustAnchor);
    assertEquals("CN=Trust Anchor, O=Test Certificates, C=US",
            trustAnchor.getTrustedCert().getSubjectX500Principal().toString());

    PKIXRevocationChecker revocationChecker = new PKIXRevocationChecker(certStoreParams.getCRLStore());

    RevocationResult revocationResult = revocationChecker.getRevocationStatus(certPath, trustAnchor, testDate);

    assertEquals(RevocationStatus.NOT_REVOKED, revocationResult.getStatus());
    assertEquals(null, revocationResult.getReason());

    RevocationDetail[] detail = revocationResult.getDetails();

    assertEquals(detail.length, 2);
    assertEquals(RevocationStatus.NOT_REVOKED, detail[0].getStatus());
    assertEquals(RevocationStatus.NOT_REVOKED, detail[1].getStatus());
}