libcore/security/src/test/java/tests/targets/security/cert/CertPathValidatorTestPKIX.java

   1 /*
   2  * Copyright (C) 2009 The Android Open Source Project
   3  *
   4  * Licensed under the Apache License, Version 2.0 (the "License");
   5  * you may not use this file except in compliance with the License.
   6  * You may obtain a copy of the License at
   7  *
   8  *     http://www.apache.org/licenses/LICENSE-2.0
   9  *
  10  * Unless required by applicable law or agreed to in writing, software
  11  * distributed under the License is distributed on an "AS IS" BASIS,
  12  * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
  13  * See the License for the specific language governing permissions and
  14  * limitations under the License.
  15  */
  16 package tests.targets.security.cert;
  17
  18 import dalvik.annotation.TestTargetClass;
  19
  20 import java.io.ByteArrayInputStream;
  21 import java.io.IOException;
  22 import java.security.InvalidAlgorithmParameterException;
  23 import java.security.KeyStore;
  24 import java.security.KeyStoreException;
  25 import java.security.NoSuchAlgorithmException;
  26 import java.security.cert.CertPath;
  27 import java.security.cert.CertPathBuilder;
  28 import java.security.cert.CertPathBuilderException;
  29 import java.security.cert.CertPathBuilderResult;
  30 import java.security.cert.CertPathParameters;
  31 import java.security.cert.CertPathValidatorResult;
  32 import java.security.cert.CertStore;
  33 import java.security.cert.CertStoreParameters;
  34 import java.security.cert.Certificate;
  35 import java.security.cert.CertificateException;
  36 import java.security.cert.CertificateFactory;
  37 import java.security.cert.CollectionCertStoreParameters;
  38 import java.security.cert.PKIXBuilderParameters;
  39 import java.security.cert.PKIXCertPathValidatorResult;
  40 import java.security.cert.PKIXParameters;
  41 import java.security.cert.X509CertSelector;
  42 import java.security.cert.X509Certificate;
  43 import java.util.ArrayList;
  44 import java.util.List;
  45
  46 @TestTargetClass(targets.CertPathValidators.PKIX.class)
  47 public class CertPathValidatorTestPKIX extends CertPathValidatorTest {
  48
  49     private CertPath certPath;
  50     private PKIXParameters params;
  51
  52     public CertPathValidatorTestPKIX() {
  53         super("PKIX");
  54     }
  55
  56     @Override
  57     CertPath getCertPath() {
  58         return certPath;
  59     }
  60
  61     @Override
  62     protected void setUp() throws Exception {
  63         super.setUp();
  64         KeyStore keyStore = null;
  65         try {
  66             keyStore = KeyStore.getInstance(KeyStore.getDefaultType());
  67         } catch (KeyStoreException e) {
  68             fail(e.getMessage());
  69         }
  70
  71         try {
  72             keyStore.load(null, null);
  73         } catch (NoSuchAlgorithmException e) {
  74             fail(e.getMessage());
  75         } catch (CertificateException e) {
  76             fail(e.getMessage());
  77         } catch (IOException e) {
  78             fail(e.getMessage());
  79         }
  80
  81         CertificateFactory certificateFactory = null;
  82         try {
  83             certificateFactory = CertificateFactory.getInstance("X509");
  84         } catch (CertificateException e) {
  85             fail(e.getMessage());
  86         }
  87
  88         X509Certificate selfSignedcertificate = null;
  89         try {
  90             selfSignedcertificate = (X509Certificate) certificateFactory
  91                     .generateCertificate(new ByteArrayInputStream(
  92                             selfSignedCert.getBytes()));
  93         } catch (CertificateException e) {
  94             fail(e.getMessage());
  95         }
  96
  97         try {
  98             keyStore.setCertificateEntry("selfSignedCert",
  99                     selfSignedcertificate);
 100         } catch (KeyStoreException e) {
 101             fail(e.getMessage());
 102         }
 103
 104         X509CertSelector targetConstraints = new X509CertSelector();
 105         targetConstraints.setCertificate(selfSignedcertificate);
 106
 107         List<Certificate> certList = new ArrayList<Certificate>();
 108         certList.add(selfSignedcertificate);
 109         CertStoreParameters storeParams = new CollectionCertStoreParameters(
 110                 certList);
 111
 112
 113         CertStore certStore = null;
 114         try {
 115             certStore = CertStore.getInstance("Collection", storeParams);
 116         } catch (InvalidAlgorithmParameterException e) {
 117             fail(e.getMessage());
 118         } catch (NoSuchAlgorithmException e) {
 119             fail(e.getMessage());
 120         }
 121
 122
 123         PKIXBuilderParameters parameters = null;
 124         try {
 125             parameters = new PKIXBuilderParameters(keyStore, targetConstraints);
 126             parameters.addCertStore(certStore);
 127             parameters.setRevocationEnabled(false);
 128         } catch (KeyStoreException e) {
 129             fail(e.getMessage());
 130         } catch (InvalidAlgorithmParameterException e) {
 131             fail(e.getMessage());
 132         }
 133
 134         CertPathBuilder pathBuilder = null;
 135         try {
 136             pathBuilder = CertPathBuilder.getInstance("PKIX");
 137         } catch (NoSuchAlgorithmException e) {
 138             fail(e.getMessage());
 139         }
 140         CertPathBuilderResult builderResult = null;
 141         try {
 142             builderResult = pathBuilder.build(parameters);
 143         } catch (CertPathBuilderException e) {
 144             fail(e.getMessage());
 145         } catch (InvalidAlgorithmParameterException e) {
 146             fail(e.getMessage());
 147         }
 148
 149         certPath = builderResult.getCertPath();
 150
 151         try {
 152             params = new PKIXParameters(keyStore);
 153             params.setRevocationEnabled(false);
 154         } catch (KeyStoreException e) {
 155             fail(e.getMessage());
 156         } catch (InvalidAlgorithmParameterException e) {
 157             fail(e.getMessage());
 158         }
 159     }
 160
 161     @Override
 162     CertPathParameters getParams() {
 163         return params;
 164     }
 165
 166     @Override
 167     void validateResult(CertPathValidatorResult validatorResult) {
 168         assertNotNull("validator result is null", validatorResult);
 169         assertTrue("validator result is not PKIX",
 170                 validatorResult instanceof PKIXCertPathValidatorResult);
 171
 172     }
 173
 174
 175     private String selfSignedCert = "-----BEGIN CERTIFICATE-----\n"
 176     + "MIICSDCCAbECBEk2ZvswDQYJKoZIhvcNAQEEBQAwazELMAkGA1UEBhMCQU4xEDAOBgNVBAgTB0Fu\n"
 177     + "ZHJvaWQxEDAOBgNVBAcTB0FuZHJvaWQxEDAOBgNVBAoTB0FuZHJvaWQxEDAOBgNVBAsTB0FuZHJv\n"
 178     + "aWQxFDASBgNVBAMTC0FuZHJvaWQgQ1RTMB4XDTA4MTIwMzExMDExNVoXDTM2MDQyMDExMDExNVow\n"
 179     + "azELMAkGA1UEBhMCQU4xEDAOBgNVBAgTB0FuZHJvaWQxEDAOBgNVBAcTB0FuZHJvaWQxEDAOBgNV\n"
 180     + "BAoTB0FuZHJvaWQxEDAOBgNVBAsTB0FuZHJvaWQxFDASBgNVBAMTC0FuZHJvaWQgQ1RTMIGfMA0G\n"
 181     + "CSqGSIb3DQEBAQUAA4GNADCBiQKBgQCAMd+N1Bu2eiI4kukOLvFlpTSEHTGplN2vvw76T7jSZinx\n"
 182     + "WcrtLe6qH1uPffbVNW4/BRn6OywbcynazEdqEUa09hWtHYmUsXpRPyGUBScNnyF751SGA2JIQUfg\n"
 183     + "3gi3gT3h32Z64AIHnn5gsGDJkeWOHx6/uVOV7iqr7cwPdLp03QIDAQABMA0GCSqGSIb3DQEBBAUA\n"
 184     + "A4GBAGG46Udsh6U7bSkJsyPPmSCCEkGr14L8F431UuaWbLvQVDtyPv8vtdJilyUTVnlWM6JNGV/q\n"
 185     + "bgHuLbohkVXn9l68GtgQ7QDexHJE5hEDG/S7cYNi9GhrCfzAjEed13VMntZHZ0XQ4E7jBOmhcMAY\n"
 186     + "DC9BBx1sVKoji17RP4R8CTf1\n" + "-----END CERTIFICATE-----";
 187 }