2 * Copyright (C) 2009 The Android Open Source Project
4 * Licensed under the Apache License, Version 2.0 (the "License");
5 * you may not use this file except in compliance with the License.
6 * You may obtain a copy of the License at
8 * http://www.apache.org/licenses/LICENSE-2.0
10 * Unless required by applicable law or agreed to in writing, software
11 * distributed under the License is distributed on an "AS IS" BASIS,
12 * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
13 * See the License for the specific language governing permissions and
14 * limitations under the License.
16 package tests.targets.security.cert;
18 import dalvik.annotation.TestTargetClass;
20 import java.io.ByteArrayInputStream;
21 import java.io.IOException;
22 import java.security.InvalidAlgorithmParameterException;
23 import java.security.KeyStore;
24 import java.security.KeyStoreException;
25 import java.security.NoSuchAlgorithmException;
26 import java.security.cert.CertPath;
27 import java.security.cert.CertPathBuilder;
28 import java.security.cert.CertPathBuilderException;
29 import java.security.cert.CertPathBuilderResult;
30 import java.security.cert.CertPathParameters;
31 import java.security.cert.CertPathValidatorResult;
32 import java.security.cert.CertStore;
33 import java.security.cert.CertStoreParameters;
34 import java.security.cert.Certificate;
35 import java.security.cert.CertificateException;
36 import java.security.cert.CertificateFactory;
37 import java.security.cert.CollectionCertStoreParameters;
38 import java.security.cert.PKIXBuilderParameters;
39 import java.security.cert.PKIXCertPathValidatorResult;
40 import java.security.cert.PKIXParameters;
41 import java.security.cert.X509CertSelector;
42 import java.security.cert.X509Certificate;
43 import java.util.ArrayList;
44 import java.util.List;
46 @TestTargetClass(targets.CertPathValidators.PKIX.class)
47 public class CertPathValidatorTestPKIX extends CertPathValidatorTest {
49 private CertPath certPath;
50 private PKIXParameters params;
52 public CertPathValidatorTestPKIX() {
57 CertPath getCertPath() {
62 protected void setUp() throws Exception {
64 KeyStore keyStore = null;
66 keyStore = KeyStore.getInstance(KeyStore.getDefaultType());
67 } catch (KeyStoreException e) {
72 keyStore.load(null, null);
73 } catch (NoSuchAlgorithmException e) {
75 } catch (CertificateException e) {
77 } catch (IOException e) {
81 CertificateFactory certificateFactory = null;
83 certificateFactory = CertificateFactory.getInstance("X509");
84 } catch (CertificateException e) {
88 X509Certificate selfSignedcertificate = null;
90 selfSignedcertificate = (X509Certificate) certificateFactory
91 .generateCertificate(new ByteArrayInputStream(
92 selfSignedCert.getBytes()));
93 } catch (CertificateException e) {
98 keyStore.setCertificateEntry("selfSignedCert",
99 selfSignedcertificate);
100 } catch (KeyStoreException e) {
101 fail(e.getMessage());
104 X509CertSelector targetConstraints = new X509CertSelector();
105 targetConstraints.setCertificate(selfSignedcertificate);
107 List<Certificate> certList = new ArrayList<Certificate>();
108 certList.add(selfSignedcertificate);
109 CertStoreParameters storeParams = new CollectionCertStoreParameters(
113 CertStore certStore = null;
115 certStore = CertStore.getInstance("Collection", storeParams);
116 } catch (InvalidAlgorithmParameterException e) {
117 fail(e.getMessage());
118 } catch (NoSuchAlgorithmException e) {
119 fail(e.getMessage());
123 PKIXBuilderParameters parameters = null;
125 parameters = new PKIXBuilderParameters(keyStore, targetConstraints);
126 parameters.addCertStore(certStore);
127 parameters.setRevocationEnabled(false);
128 } catch (KeyStoreException e) {
129 fail(e.getMessage());
130 } catch (InvalidAlgorithmParameterException e) {
131 fail(e.getMessage());
134 CertPathBuilder pathBuilder = null;
136 pathBuilder = CertPathBuilder.getInstance("PKIX");
137 } catch (NoSuchAlgorithmException e) {
138 fail(e.getMessage());
140 CertPathBuilderResult builderResult = null;
142 builderResult = pathBuilder.build(parameters);
143 } catch (CertPathBuilderException e) {
144 fail(e.getMessage());
145 } catch (InvalidAlgorithmParameterException e) {
146 fail(e.getMessage());
149 certPath = builderResult.getCertPath();
152 params = new PKIXParameters(keyStore);
153 params.setRevocationEnabled(false);
154 } catch (KeyStoreException e) {
155 fail(e.getMessage());
156 } catch (InvalidAlgorithmParameterException e) {
157 fail(e.getMessage());
162 CertPathParameters getParams() {
167 void validateResult(CertPathValidatorResult validatorResult) {
168 assertNotNull("validator result is null", validatorResult);
169 assertTrue("validator result is not PKIX",
170 validatorResult instanceof PKIXCertPathValidatorResult);
175 private String selfSignedCert = "-----BEGIN CERTIFICATE-----\n"
176 + "MIICSDCCAbECBEk2ZvswDQYJKoZIhvcNAQEEBQAwazELMAkGA1UEBhMCQU4xEDAOBgNVBAgTB0Fu\n"
177 + "ZHJvaWQxEDAOBgNVBAcTB0FuZHJvaWQxEDAOBgNVBAoTB0FuZHJvaWQxEDAOBgNVBAsTB0FuZHJv\n"
178 + "aWQxFDASBgNVBAMTC0FuZHJvaWQgQ1RTMB4XDTA4MTIwMzExMDExNVoXDTM2MDQyMDExMDExNVow\n"
179 + "azELMAkGA1UEBhMCQU4xEDAOBgNVBAgTB0FuZHJvaWQxEDAOBgNVBAcTB0FuZHJvaWQxEDAOBgNV\n"
180 + "BAoTB0FuZHJvaWQxEDAOBgNVBAsTB0FuZHJvaWQxFDASBgNVBAMTC0FuZHJvaWQgQ1RTMIGfMA0G\n"
181 + "CSqGSIb3DQEBAQUAA4GNADCBiQKBgQCAMd+N1Bu2eiI4kukOLvFlpTSEHTGplN2vvw76T7jSZinx\n"
182 + "WcrtLe6qH1uPffbVNW4/BRn6OywbcynazEdqEUa09hWtHYmUsXpRPyGUBScNnyF751SGA2JIQUfg\n"
183 + "3gi3gT3h32Z64AIHnn5gsGDJkeWOHx6/uVOV7iqr7cwPdLp03QIDAQABMA0GCSqGSIb3DQEBBAUA\n"
184 + "A4GBAGG46Udsh6U7bSkJsyPPmSCCEkGr14L8F431UuaWbLvQVDtyPv8vtdJilyUTVnlWM6JNGV/q\n"
185 + "bgHuLbohkVXn9l68GtgQ7QDexHJE5hEDG/S7cYNi9GhrCfzAjEed13VMntZHZ0XQ4E7jBOmhcMAY\n"
186 + "DC9BBx1sVKoji17RP4R8CTf1\n" + "-----END CERTIFICATE-----";