List of usage examples for java.security.cert PKIXCertPathBuilderResult getTrustAnchor
public TrustAnchor getTrustAnchor()
From source file:mitm.common.security.crl.PKITSTest.java
@Test public void test_4_4_16_Valid_Long_Serial_Number_Test16() throws Exception { // add certificates addCertificates(new File(testBase, "certs/LongSerialNumberCACert.crt"), certStoreParams.getCertStore()); addCertificates(new File(testBase, "certs/ValidLongSerialNumberTest16EE.crt"), certStoreParams.getCertStore()); // add crls/*from ww w. ja v a 2s .co m*/ addCRL(new File(testBase, "crls/TrustAnchorRootCRL.crl"), certStoreParams.getCRLStore()); addCRL(new File(testBase, "crls/LongSerialNumberCACRL.crl"), certStoreParams.getCRLStore()); X509CertSelector selector = new X509CertSelector(); selector.setSerialNumber(BigIntegerUtils.hexDecode("7F0102030405060708090A0B0C0D0E0F10111212")); selector.setIssuer("CN=Long Serial Number CA, O=Test Certificates, C=US"); PKIXCertPathBuilderResult result = getCertPathBuilderResult(selector); CertPath certPath = result.getCertPath(); TrustAnchor trustAnchor = result.getTrustAnchor(); assertNotNull(trustAnchor); assertEquals("CN=Trust Anchor, O=Test Certificates, C=US", trustAnchor.getTrustedCert().getSubjectX500Principal().toString()); PKIXRevocationChecker revocationChecker = new PKIXRevocationChecker(certStoreParams.getCRLStore()); RevocationResult revocationResult = revocationChecker.getRevocationStatus(certPath, trustAnchor, testDate); assertEquals(RevocationStatus.NOT_REVOKED, revocationResult.getStatus()); assertEquals(null, revocationResult.getReason()); RevocationDetail[] detail = revocationResult.getDetails(); assertEquals(detail.length, 2); assertEquals(RevocationStatus.NOT_REVOKED, detail[0].getStatus()); assertEquals(RevocationStatus.NOT_REVOKED, detail[1].getStatus()); }
From source file:mitm.common.security.crl.PKITSTest.java
@Test public void test_4_4_17_Valid_Long_Serial_Number_Test17() throws Exception { // add certificates addCertificates(new File(testBase, "certs/LongSerialNumberCACert.crt"), certStoreParams.getCertStore()); addCertificates(new File(testBase, "certs/ValidLongSerialNumberTest17EE.crt"), certStoreParams.getCertStore()); // add crls//from www .j av a 2 s .c o m addCRL(new File(testBase, "crls/TrustAnchorRootCRL.crl"), certStoreParams.getCRLStore()); addCRL(new File(testBase, "crls/LongSerialNumberCACRL.crl"), certStoreParams.getCRLStore()); X509CertSelector selector = new X509CertSelector(); selector.setSerialNumber(BigIntegerUtils.hexDecode("7E0102030405060708090A0B0C0D0E0F10111213")); selector.setIssuer("CN=Long Serial Number CA, O=Test Certificates, C=US"); PKIXCertPathBuilderResult result = getCertPathBuilderResult(selector); CertPath certPath = result.getCertPath(); TrustAnchor trustAnchor = result.getTrustAnchor(); assertNotNull(trustAnchor); assertEquals("CN=Trust Anchor, O=Test Certificates, C=US", trustAnchor.getTrustedCert().getSubjectX500Principal().toString()); PKIXRevocationChecker revocationChecker = new PKIXRevocationChecker(certStoreParams.getCRLStore()); RevocationResult revocationResult = revocationChecker.getRevocationStatus(certPath, trustAnchor, testDate); assertEquals(RevocationStatus.NOT_REVOKED, revocationResult.getStatus()); assertEquals(null, revocationResult.getReason()); RevocationDetail[] detail = revocationResult.getDetails(); assertEquals(detail.length, 2); assertEquals(RevocationStatus.NOT_REVOKED, detail[0].getStatus()); assertEquals(RevocationStatus.NOT_REVOKED, detail[1].getStatus()); }
From source file:mitm.common.security.crl.PKITSTest.java
@Test public void test_4_4_18_Invalid_Long_Serial_Number_Test18() throws Exception { // add certificates addCertificates(new File(testBase, "certs/LongSerialNumberCACert.crt"), certStoreParams.getCertStore()); addCertificates(new File(testBase, "certs/InvalidLongSerialNumberTest18EE.crt"), certStoreParams.getCertStore()); // add crls//from www. j av a 2 s . c om addCRL(new File(testBase, "crls/TrustAnchorRootCRL.crl"), certStoreParams.getCRLStore()); addCRL(new File(testBase, "crls/LongSerialNumberCACRL.crl"), certStoreParams.getCRLStore()); X509CertSelector selector = new X509CertSelector(); selector.setSerialNumber(BigIntegerUtils.hexDecode("7F0102030405060708090A0B0C0D0E0F10111213")); selector.setIssuer("CN=Long Serial Number CA, O=Test Certificates, C=US"); PKIXCertPathBuilderResult result = getCertPathBuilderResult(selector); CertPath certPath = result.getCertPath(); TrustAnchor trustAnchor = result.getTrustAnchor(); assertNotNull(trustAnchor); assertEquals("CN=Trust Anchor, O=Test Certificates, C=US", trustAnchor.getTrustedCert().getSubjectX500Principal().toString()); PKIXRevocationChecker revocationChecker = new PKIXRevocationChecker(certStoreParams.getCRLStore()); RevocationResult revocationResult = revocationChecker.getRevocationStatus(certPath, trustAnchor, testDate); assertEquals(RevocationStatus.REVOKED, revocationResult.getStatus()); assertEquals(RevocationReason.KEY_COMPROMISE, revocationResult.getReason()); RevocationDetail[] detail = revocationResult.getDetails(); assertEquals(detail.length, 2); assertEquals(RevocationStatus.REVOKED, detail[0].getStatus()); assertEquals(RevocationStatus.UNKNOWN, detail[1].getStatus()); }
From source file:mitm.common.security.crl.PKITSTest.java
@Test public void test_4_15_2_Valid_delta_CRL_Test2() throws Exception { // add certificates addCertificates(new File(testBase, "certs/deltaCRLCA1Cert.crt"), certStoreParams.getCertStore()); addCertificates(new File(testBase, "certs/ValiddeltaCRLTest2EE.crt"), certStoreParams.getCertStore()); // add crls/* www. ja v a 2s .co m*/ addCRL(new File(testBase, "crls/TrustAnchorRootCRL.crl"), certStoreParams.getCRLStore()); addCRL(new File(testBase, "crls/deltaCRLCA1CRL.crl"), certStoreParams.getCRLStore()); addCRL(new File(testBase, "crls/deltaCRLCA1deltaCRL.crl"), certStoreParams.getCRLStore()); X509CertSelector selector = new X509CertSelector(); selector.setSerialNumber(BigIntegerUtils.hexDecode("1")); selector.setIssuer("CN=deltaCRL CA1, O=Test Certificates, C=US"); PKIXCertPathBuilderResult result = getCertPathBuilderResult(selector); CertPath certPath = result.getCertPath(); TrustAnchor trustAnchor = result.getTrustAnchor(); assertNotNull(trustAnchor); assertEquals("CN=Trust Anchor, O=Test Certificates, C=US", trustAnchor.getTrustedCert().getSubjectX500Principal().toString()); PKIXRevocationChecker revocationChecker = new PKIXRevocationChecker(certStoreParams.getCRLStore()); RevocationResult revocationResult = revocationChecker.getRevocationStatus(certPath, trustAnchor, testDate); assertEquals(RevocationStatus.NOT_REVOKED, revocationResult.getStatus()); assertEquals(null, revocationResult.getReason()); RevocationDetail[] detail = revocationResult.getDetails(); assertEquals(detail.length, 2); assertEquals(RevocationStatus.NOT_REVOKED, detail[0].getStatus()); assertEquals(RevocationStatus.NOT_REVOKED, detail[1].getStatus()); }
From source file:mitm.common.security.crl.PKITSTest.java
@Test public void test_4_15_3_Invalid_delta_CRL_Test3() throws Exception { // add certificates addCertificates(new File(testBase, "certs/deltaCRLCA1Cert.crt"), certStoreParams.getCertStore()); addCertificates(new File(testBase, "certs/InvaliddeltaCRLTest3EE.crt"), certStoreParams.getCertStore()); // add crls// w ww . j ava 2s. c o m addCRL(new File(testBase, "crls/TrustAnchorRootCRL.crl"), certStoreParams.getCRLStore()); addCRL(new File(testBase, "crls/deltaCRLCA1CRL.crl"), certStoreParams.getCRLStore()); addCRL(new File(testBase, "crls/deltaCRLCA1deltaCRL.crl"), certStoreParams.getCRLStore()); X509CertSelector selector = new X509CertSelector(); selector.setSerialNumber(BigIntegerUtils.hexDecode("2")); selector.setIssuer("CN=deltaCRL CA1, O=Test Certificates, C=US"); PKIXCertPathBuilderResult result = getCertPathBuilderResult(selector); CertPath certPath = result.getCertPath(); TrustAnchor trustAnchor = result.getTrustAnchor(); assertNotNull(trustAnchor); assertEquals("CN=Trust Anchor, O=Test Certificates, C=US", trustAnchor.getTrustedCert().getSubjectX500Principal().toString()); PKIXRevocationChecker revocationChecker = new PKIXRevocationChecker(certStoreParams.getCRLStore()); RevocationResult revocationResult = revocationChecker.getRevocationStatus(certPath, trustAnchor, testDate); assertEquals(RevocationStatus.REVOKED, revocationResult.getStatus()); assertEquals(RevocationReason.KEY_COMPROMISE, revocationResult.getReason()); RevocationDetail[] detail = revocationResult.getDetails(); assertEquals(detail.length, 2); assertEquals(RevocationStatus.REVOKED, detail[0].getStatus()); assertEquals(RevocationStatus.UNKNOWN, detail[1].getStatus()); }
From source file:mitm.common.security.crl.PKITSTest.java
@Test public void test_4_15_4_Invalid_delta_CRL_Test4() throws Exception { // add certificates addCertificates(new File(testBase, "certs/deltaCRLCA1Cert.crt"), certStoreParams.getCertStore()); addCertificates(new File(testBase, "certs/InvaliddeltaCRLTest4EE.crt"), certStoreParams.getCertStore()); // add crls//from w w w . j a v a 2 s. co m addCRL(new File(testBase, "crls/TrustAnchorRootCRL.crl"), certStoreParams.getCRLStore()); addCRL(new File(testBase, "crls/deltaCRLCA1CRL.crl"), certStoreParams.getCRLStore()); addCRL(new File(testBase, "crls/deltaCRLCA1deltaCRL.crl"), certStoreParams.getCRLStore()); X509CertSelector selector = new X509CertSelector(); selector.setSerialNumber(BigIntegerUtils.hexDecode("3")); selector.setIssuer("CN=deltaCRL CA1, O=Test Certificates, C=US"); PKIXCertPathBuilderResult result = getCertPathBuilderResult(selector); CertPath certPath = result.getCertPath(); TrustAnchor trustAnchor = result.getTrustAnchor(); assertNotNull(trustAnchor); assertEquals("CN=Trust Anchor, O=Test Certificates, C=US", trustAnchor.getTrustedCert().getSubjectX500Principal().toString()); PKIXRevocationChecker revocationChecker = new PKIXRevocationChecker(certStoreParams.getCRLStore()); RevocationResult revocationResult = revocationChecker.getRevocationStatus(certPath, trustAnchor, testDate); assertEquals(RevocationStatus.REVOKED, revocationResult.getStatus()); assertEquals(RevocationReason.KEY_COMPROMISE, revocationResult.getReason()); RevocationDetail[] detail = revocationResult.getDetails(); assertEquals(detail.length, 2); assertEquals(RevocationStatus.REVOKED, detail[0].getStatus()); assertEquals(RevocationStatus.UNKNOWN, detail[1].getStatus()); }
From source file:mitm.common.security.crl.PKITSTest.java
@Test public void test_4_15_6_Invalid_delta_CRL_Test6() throws Exception { // add certificates addCertificates(new File(testBase, "certs/deltaCRLCA1Cert.crt"), certStoreParams.getCertStore()); addCertificates(new File(testBase, "certs/InvaliddeltaCRLTest6EE.crt"), certStoreParams.getCertStore()); // add crls/* w w w . ja v a2s .c o m*/ addCRL(new File(testBase, "crls/TrustAnchorRootCRL.crl"), certStoreParams.getCRLStore()); addCRL(new File(testBase, "crls/deltaCRLCA1CRL.crl"), certStoreParams.getCRLStore()); addCRL(new File(testBase, "crls/deltaCRLCA1deltaCRL.crl"), certStoreParams.getCRLStore()); X509CertSelector selector = new X509CertSelector(); selector.setSerialNumber(BigIntegerUtils.hexDecode("5")); selector.setIssuer("CN=deltaCRL CA1, O=Test Certificates, C=US"); PKIXCertPathBuilderResult result = getCertPathBuilderResult(selector); CertPath certPath = result.getCertPath(); TrustAnchor trustAnchor = result.getTrustAnchor(); assertNotNull(trustAnchor); assertEquals("CN=Trust Anchor, O=Test Certificates, C=US", trustAnchor.getTrustedCert().getSubjectX500Principal().toString()); PKIXRevocationChecker revocationChecker = new PKIXRevocationChecker(certStoreParams.getCRLStore()); RevocationResult revocationResult = revocationChecker.getRevocationStatus(certPath, trustAnchor, testDate); assertEquals(RevocationStatus.REVOKED, revocationResult.getStatus()); assertEquals(RevocationReason.KEY_COMPROMISE, revocationResult.getReason()); RevocationDetail[] detail = revocationResult.getDetails(); assertEquals(detail.length, 2); assertEquals(RevocationStatus.REVOKED, detail[0].getStatus()); assertEquals(RevocationStatus.UNKNOWN, detail[1].getStatus()); }
From source file:mitm.common.security.crl.PKITSTest.java
@Test public void test_4_15_8_Valid_delta_CRL_Test8() throws Exception { // add certificates addCertificates(new File(testBase, "certs/deltaCRLCA2Cert.crt"), certStoreParams.getCertStore()); addCertificates(new File(testBase, "certs/ValiddeltaCRLTest8EE.crt"), certStoreParams.getCertStore()); // add crls//from www . j a v a 2 s. co m addCRL(new File(testBase, "crls/TrustAnchorRootCRL.crl"), certStoreParams.getCRLStore()); addCRL(new File(testBase, "crls/deltaCRLCA2CRL.crl"), certStoreParams.getCRLStore()); addCRL(new File(testBase, "crls/deltaCRLCA2deltaCRL.crl"), certStoreParams.getCRLStore()); X509CertSelector selector = new X509CertSelector(); selector.setSerialNumber(BigIntegerUtils.hexDecode("1")); selector.setIssuer("CN=deltaCRL CA2, O=Test Certificates, C=US"); PKIXCertPathBuilderResult result = getCertPathBuilderResult(selector); CertPath certPath = result.getCertPath(); TrustAnchor trustAnchor = result.getTrustAnchor(); assertNotNull(trustAnchor); assertEquals("CN=Trust Anchor, O=Test Certificates, C=US", trustAnchor.getTrustedCert().getSubjectX500Principal().toString()); PKIXRevocationChecker revocationChecker = new PKIXRevocationChecker(certStoreParams.getCRLStore()); RevocationResult revocationResult = revocationChecker.getRevocationStatus(certPath, trustAnchor, testDate); assertEquals(RevocationStatus.NOT_REVOKED, revocationResult.getStatus()); assertEquals(null, revocationResult.getReason()); RevocationDetail[] detail = revocationResult.getDetails(); assertEquals(detail.length, 2); assertEquals(RevocationStatus.NOT_REVOKED, detail[0].getStatus()); assertEquals(RevocationStatus.NOT_REVOKED, detail[1].getStatus()); }
From source file:mitm.common.security.crl.PKITSTest.java
@Test public void test_4_15_9_Invalid_delta_CRL_Test9() throws Exception { // add certificates addCertificates(new File(testBase, "certs/deltaCRLCA2Cert.crt"), certStoreParams.getCertStore()); addCertificates(new File(testBase, "certs/InvaliddeltaCRLTest9EE.crt"), certStoreParams.getCertStore()); // add crls// w ww . ja v a 2s .c om addCRL(new File(testBase, "crls/TrustAnchorRootCRL.crl"), certStoreParams.getCRLStore()); addCRL(new File(testBase, "crls/deltaCRLCA2CRL.crl"), certStoreParams.getCRLStore()); addCRL(new File(testBase, "crls/deltaCRLCA2deltaCRL.crl"), certStoreParams.getCRLStore()); X509CertSelector selector = new X509CertSelector(); selector.setSerialNumber(BigIntegerUtils.hexDecode("2")); selector.setIssuer("CN=deltaCRL CA2, O=Test Certificates, C=US"); PKIXCertPathBuilderResult result = getCertPathBuilderResult(selector); CertPath certPath = result.getCertPath(); TrustAnchor trustAnchor = result.getTrustAnchor(); assertNotNull(trustAnchor); assertEquals("CN=Trust Anchor, O=Test Certificates, C=US", trustAnchor.getTrustedCert().getSubjectX500Principal().toString()); PKIXRevocationChecker revocationChecker = new PKIXRevocationChecker(certStoreParams.getCRLStore()); RevocationResult revocationResult = revocationChecker.getRevocationStatus(certPath, trustAnchor, testDate); assertEquals(RevocationStatus.REVOKED, revocationResult.getStatus()); assertEquals(RevocationReason.KEY_COMPROMISE, revocationResult.getReason()); RevocationDetail[] detail = revocationResult.getDetails(); assertEquals(detail.length, 2); assertEquals(RevocationStatus.REVOKED, detail[0].getStatus()); assertEquals(RevocationStatus.UNKNOWN, detail[1].getStatus()); }
From source file:mitm.common.security.crl.PKITSTest.java
@Test public void test_4_15_10_Invalid_delta_CRL_Test10() throws Exception { // add certificates addCertificates(new File(testBase, "certs/deltaCRLCA3Cert.crt"), certStoreParams.getCertStore()); addCertificates(new File(testBase, "certs/InvaliddeltaCRLTest10EE.crt"), certStoreParams.getCertStore()); // add crls// w w w . j a v a 2s . c o m addCRL(new File(testBase, "crls/TrustAnchorRootCRL.crl"), certStoreParams.getCRLStore()); addCRL(new File(testBase, "crls/deltaCRLCA3CRL.crl"), certStoreParams.getCRLStore()); addCRL(new File(testBase, "crls/deltaCRLCA3deltaCRL.crl"), certStoreParams.getCRLStore()); X509CertSelector selector = new X509CertSelector(); selector.setSerialNumber(BigIntegerUtils.hexDecode("1")); selector.setIssuer("CN=deltaCRL CA3, O=Test Certificates, C=US"); PKIXCertPathBuilderResult result = getCertPathBuilderResult(selector); CertPath certPath = result.getCertPath(); TrustAnchor trustAnchor = result.getTrustAnchor(); assertNotNull(trustAnchor); assertEquals("CN=Trust Anchor, O=Test Certificates, C=US", trustAnchor.getTrustedCert().getSubjectX500Principal().toString()); PKIXRevocationChecker revocationChecker = new PKIXRevocationChecker(certStoreParams.getCRLStore()); RevocationResult revocationResult = revocationChecker.getRevocationStatus(certPath, trustAnchor, testDate); assertEquals(RevocationStatus.EXPIRED, revocationResult.getStatus()); assertEquals(null, revocationResult.getReason()); RevocationDetail[] detail = revocationResult.getDetails(); assertEquals(detail.length, 2); assertEquals(RevocationStatus.EXPIRED, detail[0].getStatus()); assertEquals(RevocationStatus.NOT_REVOKED, detail[1].getStatus()); }