Example usage for java.security.cert PKIXCertPathBuilderResult getTrustAnchor

List of usage examples for java.security.cert PKIXCertPathBuilderResult getTrustAnchor

Introduction

In this page you can find the example usage for java.security.cert PKIXCertPathBuilderResult getTrustAnchor.

Prototype

public TrustAnchor getTrustAnchor() 

Source Link

Document

Returns the TrustAnchor describing the CA that served as a trust anchor for the certification path.

Usage

From source file:mitm.common.security.crl.PKITSTest.java

@Test
public void test_4_4_16_Valid_Long_Serial_Number_Test16() throws Exception {
    // add certificates
    addCertificates(new File(testBase, "certs/LongSerialNumberCACert.crt"), certStoreParams.getCertStore());
    addCertificates(new File(testBase, "certs/ValidLongSerialNumberTest16EE.crt"),
            certStoreParams.getCertStore());

    // add crls/*from  ww  w. ja  v a 2s .co  m*/
    addCRL(new File(testBase, "crls/TrustAnchorRootCRL.crl"), certStoreParams.getCRLStore());
    addCRL(new File(testBase, "crls/LongSerialNumberCACRL.crl"), certStoreParams.getCRLStore());

    X509CertSelector selector = new X509CertSelector();

    selector.setSerialNumber(BigIntegerUtils.hexDecode("7F0102030405060708090A0B0C0D0E0F10111212"));
    selector.setIssuer("CN=Long Serial Number CA, O=Test Certificates, C=US");

    PKIXCertPathBuilderResult result = getCertPathBuilderResult(selector);

    CertPath certPath = result.getCertPath();

    TrustAnchor trustAnchor = result.getTrustAnchor();

    assertNotNull(trustAnchor);
    assertEquals("CN=Trust Anchor, O=Test Certificates, C=US",
            trustAnchor.getTrustedCert().getSubjectX500Principal().toString());

    PKIXRevocationChecker revocationChecker = new PKIXRevocationChecker(certStoreParams.getCRLStore());

    RevocationResult revocationResult = revocationChecker.getRevocationStatus(certPath, trustAnchor, testDate);

    assertEquals(RevocationStatus.NOT_REVOKED, revocationResult.getStatus());
    assertEquals(null, revocationResult.getReason());

    RevocationDetail[] detail = revocationResult.getDetails();

    assertEquals(detail.length, 2);
    assertEquals(RevocationStatus.NOT_REVOKED, detail[0].getStatus());
    assertEquals(RevocationStatus.NOT_REVOKED, detail[1].getStatus());
}

From source file:mitm.common.security.crl.PKITSTest.java

@Test
public void test_4_4_17_Valid_Long_Serial_Number_Test17() throws Exception {
    // add certificates
    addCertificates(new File(testBase, "certs/LongSerialNumberCACert.crt"), certStoreParams.getCertStore());
    addCertificates(new File(testBase, "certs/ValidLongSerialNumberTest17EE.crt"),
            certStoreParams.getCertStore());

    // add crls//from  www  .j  av a 2  s .c  o  m
    addCRL(new File(testBase, "crls/TrustAnchorRootCRL.crl"), certStoreParams.getCRLStore());
    addCRL(new File(testBase, "crls/LongSerialNumberCACRL.crl"), certStoreParams.getCRLStore());

    X509CertSelector selector = new X509CertSelector();

    selector.setSerialNumber(BigIntegerUtils.hexDecode("7E0102030405060708090A0B0C0D0E0F10111213"));
    selector.setIssuer("CN=Long Serial Number CA, O=Test Certificates, C=US");

    PKIXCertPathBuilderResult result = getCertPathBuilderResult(selector);

    CertPath certPath = result.getCertPath();

    TrustAnchor trustAnchor = result.getTrustAnchor();

    assertNotNull(trustAnchor);
    assertEquals("CN=Trust Anchor, O=Test Certificates, C=US",
            trustAnchor.getTrustedCert().getSubjectX500Principal().toString());

    PKIXRevocationChecker revocationChecker = new PKIXRevocationChecker(certStoreParams.getCRLStore());

    RevocationResult revocationResult = revocationChecker.getRevocationStatus(certPath, trustAnchor, testDate);

    assertEquals(RevocationStatus.NOT_REVOKED, revocationResult.getStatus());
    assertEquals(null, revocationResult.getReason());

    RevocationDetail[] detail = revocationResult.getDetails();

    assertEquals(detail.length, 2);
    assertEquals(RevocationStatus.NOT_REVOKED, detail[0].getStatus());
    assertEquals(RevocationStatus.NOT_REVOKED, detail[1].getStatus());
}

From source file:mitm.common.security.crl.PKITSTest.java

@Test
public void test_4_4_18_Invalid_Long_Serial_Number_Test18() throws Exception {
    // add certificates
    addCertificates(new File(testBase, "certs/LongSerialNumberCACert.crt"), certStoreParams.getCertStore());
    addCertificates(new File(testBase, "certs/InvalidLongSerialNumberTest18EE.crt"),
            certStoreParams.getCertStore());

    // add crls//from   www.  j  av a 2  s . c  om
    addCRL(new File(testBase, "crls/TrustAnchorRootCRL.crl"), certStoreParams.getCRLStore());
    addCRL(new File(testBase, "crls/LongSerialNumberCACRL.crl"), certStoreParams.getCRLStore());

    X509CertSelector selector = new X509CertSelector();

    selector.setSerialNumber(BigIntegerUtils.hexDecode("7F0102030405060708090A0B0C0D0E0F10111213"));
    selector.setIssuer("CN=Long Serial Number CA, O=Test Certificates, C=US");

    PKIXCertPathBuilderResult result = getCertPathBuilderResult(selector);

    CertPath certPath = result.getCertPath();

    TrustAnchor trustAnchor = result.getTrustAnchor();

    assertNotNull(trustAnchor);
    assertEquals("CN=Trust Anchor, O=Test Certificates, C=US",
            trustAnchor.getTrustedCert().getSubjectX500Principal().toString());

    PKIXRevocationChecker revocationChecker = new PKIXRevocationChecker(certStoreParams.getCRLStore());

    RevocationResult revocationResult = revocationChecker.getRevocationStatus(certPath, trustAnchor, testDate);

    assertEquals(RevocationStatus.REVOKED, revocationResult.getStatus());
    assertEquals(RevocationReason.KEY_COMPROMISE, revocationResult.getReason());

    RevocationDetail[] detail = revocationResult.getDetails();

    assertEquals(detail.length, 2);
    assertEquals(RevocationStatus.REVOKED, detail[0].getStatus());
    assertEquals(RevocationStatus.UNKNOWN, detail[1].getStatus());
}

From source file:mitm.common.security.crl.PKITSTest.java

@Test
public void test_4_15_2_Valid_delta_CRL_Test2() throws Exception {
    // add certificates
    addCertificates(new File(testBase, "certs/deltaCRLCA1Cert.crt"), certStoreParams.getCertStore());
    addCertificates(new File(testBase, "certs/ValiddeltaCRLTest2EE.crt"), certStoreParams.getCertStore());

    // add crls/*  www.  ja v  a  2s  .co  m*/
    addCRL(new File(testBase, "crls/TrustAnchorRootCRL.crl"), certStoreParams.getCRLStore());
    addCRL(new File(testBase, "crls/deltaCRLCA1CRL.crl"), certStoreParams.getCRLStore());
    addCRL(new File(testBase, "crls/deltaCRLCA1deltaCRL.crl"), certStoreParams.getCRLStore());

    X509CertSelector selector = new X509CertSelector();

    selector.setSerialNumber(BigIntegerUtils.hexDecode("1"));
    selector.setIssuer("CN=deltaCRL CA1, O=Test Certificates, C=US");

    PKIXCertPathBuilderResult result = getCertPathBuilderResult(selector);

    CertPath certPath = result.getCertPath();

    TrustAnchor trustAnchor = result.getTrustAnchor();

    assertNotNull(trustAnchor);
    assertEquals("CN=Trust Anchor, O=Test Certificates, C=US",
            trustAnchor.getTrustedCert().getSubjectX500Principal().toString());

    PKIXRevocationChecker revocationChecker = new PKIXRevocationChecker(certStoreParams.getCRLStore());

    RevocationResult revocationResult = revocationChecker.getRevocationStatus(certPath, trustAnchor, testDate);

    assertEquals(RevocationStatus.NOT_REVOKED, revocationResult.getStatus());
    assertEquals(null, revocationResult.getReason());

    RevocationDetail[] detail = revocationResult.getDetails();

    assertEquals(detail.length, 2);
    assertEquals(RevocationStatus.NOT_REVOKED, detail[0].getStatus());
    assertEquals(RevocationStatus.NOT_REVOKED, detail[1].getStatus());
}

From source file:mitm.common.security.crl.PKITSTest.java

@Test
public void test_4_15_3_Invalid_delta_CRL_Test3() throws Exception {
    // add certificates
    addCertificates(new File(testBase, "certs/deltaCRLCA1Cert.crt"), certStoreParams.getCertStore());
    addCertificates(new File(testBase, "certs/InvaliddeltaCRLTest3EE.crt"), certStoreParams.getCertStore());

    // add crls// w  ww .  j ava  2s.  c  o m
    addCRL(new File(testBase, "crls/TrustAnchorRootCRL.crl"), certStoreParams.getCRLStore());
    addCRL(new File(testBase, "crls/deltaCRLCA1CRL.crl"), certStoreParams.getCRLStore());
    addCRL(new File(testBase, "crls/deltaCRLCA1deltaCRL.crl"), certStoreParams.getCRLStore());

    X509CertSelector selector = new X509CertSelector();

    selector.setSerialNumber(BigIntegerUtils.hexDecode("2"));
    selector.setIssuer("CN=deltaCRL CA1, O=Test Certificates, C=US");

    PKIXCertPathBuilderResult result = getCertPathBuilderResult(selector);

    CertPath certPath = result.getCertPath();

    TrustAnchor trustAnchor = result.getTrustAnchor();

    assertNotNull(trustAnchor);
    assertEquals("CN=Trust Anchor, O=Test Certificates, C=US",
            trustAnchor.getTrustedCert().getSubjectX500Principal().toString());

    PKIXRevocationChecker revocationChecker = new PKIXRevocationChecker(certStoreParams.getCRLStore());

    RevocationResult revocationResult = revocationChecker.getRevocationStatus(certPath, trustAnchor, testDate);

    assertEquals(RevocationStatus.REVOKED, revocationResult.getStatus());
    assertEquals(RevocationReason.KEY_COMPROMISE, revocationResult.getReason());

    RevocationDetail[] detail = revocationResult.getDetails();

    assertEquals(detail.length, 2);
    assertEquals(RevocationStatus.REVOKED, detail[0].getStatus());
    assertEquals(RevocationStatus.UNKNOWN, detail[1].getStatus());
}

From source file:mitm.common.security.crl.PKITSTest.java

@Test
public void test_4_15_4_Invalid_delta_CRL_Test4() throws Exception {
    // add certificates
    addCertificates(new File(testBase, "certs/deltaCRLCA1Cert.crt"), certStoreParams.getCertStore());
    addCertificates(new File(testBase, "certs/InvaliddeltaCRLTest4EE.crt"), certStoreParams.getCertStore());

    // add crls//from   w w  w  . j a v a  2 s.  co  m
    addCRL(new File(testBase, "crls/TrustAnchorRootCRL.crl"), certStoreParams.getCRLStore());
    addCRL(new File(testBase, "crls/deltaCRLCA1CRL.crl"), certStoreParams.getCRLStore());
    addCRL(new File(testBase, "crls/deltaCRLCA1deltaCRL.crl"), certStoreParams.getCRLStore());

    X509CertSelector selector = new X509CertSelector();

    selector.setSerialNumber(BigIntegerUtils.hexDecode("3"));
    selector.setIssuer("CN=deltaCRL CA1, O=Test Certificates, C=US");

    PKIXCertPathBuilderResult result = getCertPathBuilderResult(selector);

    CertPath certPath = result.getCertPath();

    TrustAnchor trustAnchor = result.getTrustAnchor();

    assertNotNull(trustAnchor);
    assertEquals("CN=Trust Anchor, O=Test Certificates, C=US",
            trustAnchor.getTrustedCert().getSubjectX500Principal().toString());

    PKIXRevocationChecker revocationChecker = new PKIXRevocationChecker(certStoreParams.getCRLStore());

    RevocationResult revocationResult = revocationChecker.getRevocationStatus(certPath, trustAnchor, testDate);

    assertEquals(RevocationStatus.REVOKED, revocationResult.getStatus());
    assertEquals(RevocationReason.KEY_COMPROMISE, revocationResult.getReason());

    RevocationDetail[] detail = revocationResult.getDetails();

    assertEquals(detail.length, 2);
    assertEquals(RevocationStatus.REVOKED, detail[0].getStatus());
    assertEquals(RevocationStatus.UNKNOWN, detail[1].getStatus());
}

From source file:mitm.common.security.crl.PKITSTest.java

@Test
public void test_4_15_6_Invalid_delta_CRL_Test6() throws Exception {
    // add certificates
    addCertificates(new File(testBase, "certs/deltaCRLCA1Cert.crt"), certStoreParams.getCertStore());
    addCertificates(new File(testBase, "certs/InvaliddeltaCRLTest6EE.crt"), certStoreParams.getCertStore());

    // add crls/* w w  w . ja  v  a2s .c o m*/
    addCRL(new File(testBase, "crls/TrustAnchorRootCRL.crl"), certStoreParams.getCRLStore());
    addCRL(new File(testBase, "crls/deltaCRLCA1CRL.crl"), certStoreParams.getCRLStore());
    addCRL(new File(testBase, "crls/deltaCRLCA1deltaCRL.crl"), certStoreParams.getCRLStore());

    X509CertSelector selector = new X509CertSelector();

    selector.setSerialNumber(BigIntegerUtils.hexDecode("5"));
    selector.setIssuer("CN=deltaCRL CA1, O=Test Certificates, C=US");

    PKIXCertPathBuilderResult result = getCertPathBuilderResult(selector);

    CertPath certPath = result.getCertPath();

    TrustAnchor trustAnchor = result.getTrustAnchor();

    assertNotNull(trustAnchor);
    assertEquals("CN=Trust Anchor, O=Test Certificates, C=US",
            trustAnchor.getTrustedCert().getSubjectX500Principal().toString());

    PKIXRevocationChecker revocationChecker = new PKIXRevocationChecker(certStoreParams.getCRLStore());

    RevocationResult revocationResult = revocationChecker.getRevocationStatus(certPath, trustAnchor, testDate);

    assertEquals(RevocationStatus.REVOKED, revocationResult.getStatus());
    assertEquals(RevocationReason.KEY_COMPROMISE, revocationResult.getReason());

    RevocationDetail[] detail = revocationResult.getDetails();

    assertEquals(detail.length, 2);
    assertEquals(RevocationStatus.REVOKED, detail[0].getStatus());
    assertEquals(RevocationStatus.UNKNOWN, detail[1].getStatus());
}

From source file:mitm.common.security.crl.PKITSTest.java

@Test
public void test_4_15_8_Valid_delta_CRL_Test8() throws Exception {
    // add certificates
    addCertificates(new File(testBase, "certs/deltaCRLCA2Cert.crt"), certStoreParams.getCertStore());
    addCertificates(new File(testBase, "certs/ValiddeltaCRLTest8EE.crt"), certStoreParams.getCertStore());

    // add crls//from   www  . j a v a  2 s. co m
    addCRL(new File(testBase, "crls/TrustAnchorRootCRL.crl"), certStoreParams.getCRLStore());
    addCRL(new File(testBase, "crls/deltaCRLCA2CRL.crl"), certStoreParams.getCRLStore());
    addCRL(new File(testBase, "crls/deltaCRLCA2deltaCRL.crl"), certStoreParams.getCRLStore());

    X509CertSelector selector = new X509CertSelector();

    selector.setSerialNumber(BigIntegerUtils.hexDecode("1"));
    selector.setIssuer("CN=deltaCRL CA2, O=Test Certificates, C=US");

    PKIXCertPathBuilderResult result = getCertPathBuilderResult(selector);

    CertPath certPath = result.getCertPath();

    TrustAnchor trustAnchor = result.getTrustAnchor();

    assertNotNull(trustAnchor);
    assertEquals("CN=Trust Anchor, O=Test Certificates, C=US",
            trustAnchor.getTrustedCert().getSubjectX500Principal().toString());

    PKIXRevocationChecker revocationChecker = new PKIXRevocationChecker(certStoreParams.getCRLStore());

    RevocationResult revocationResult = revocationChecker.getRevocationStatus(certPath, trustAnchor, testDate);

    assertEquals(RevocationStatus.NOT_REVOKED, revocationResult.getStatus());
    assertEquals(null, revocationResult.getReason());

    RevocationDetail[] detail = revocationResult.getDetails();

    assertEquals(detail.length, 2);
    assertEquals(RevocationStatus.NOT_REVOKED, detail[0].getStatus());
    assertEquals(RevocationStatus.NOT_REVOKED, detail[1].getStatus());
}

From source file:mitm.common.security.crl.PKITSTest.java

@Test
public void test_4_15_9_Invalid_delta_CRL_Test9() throws Exception {
    // add certificates
    addCertificates(new File(testBase, "certs/deltaCRLCA2Cert.crt"), certStoreParams.getCertStore());
    addCertificates(new File(testBase, "certs/InvaliddeltaCRLTest9EE.crt"), certStoreParams.getCertStore());

    // add crls//  w ww  .  ja v  a 2s  .c  om
    addCRL(new File(testBase, "crls/TrustAnchorRootCRL.crl"), certStoreParams.getCRLStore());
    addCRL(new File(testBase, "crls/deltaCRLCA2CRL.crl"), certStoreParams.getCRLStore());
    addCRL(new File(testBase, "crls/deltaCRLCA2deltaCRL.crl"), certStoreParams.getCRLStore());

    X509CertSelector selector = new X509CertSelector();

    selector.setSerialNumber(BigIntegerUtils.hexDecode("2"));
    selector.setIssuer("CN=deltaCRL CA2, O=Test Certificates, C=US");

    PKIXCertPathBuilderResult result = getCertPathBuilderResult(selector);

    CertPath certPath = result.getCertPath();

    TrustAnchor trustAnchor = result.getTrustAnchor();

    assertNotNull(trustAnchor);
    assertEquals("CN=Trust Anchor, O=Test Certificates, C=US",
            trustAnchor.getTrustedCert().getSubjectX500Principal().toString());

    PKIXRevocationChecker revocationChecker = new PKIXRevocationChecker(certStoreParams.getCRLStore());

    RevocationResult revocationResult = revocationChecker.getRevocationStatus(certPath, trustAnchor, testDate);

    assertEquals(RevocationStatus.REVOKED, revocationResult.getStatus());
    assertEquals(RevocationReason.KEY_COMPROMISE, revocationResult.getReason());

    RevocationDetail[] detail = revocationResult.getDetails();

    assertEquals(detail.length, 2);
    assertEquals(RevocationStatus.REVOKED, detail[0].getStatus());
    assertEquals(RevocationStatus.UNKNOWN, detail[1].getStatus());
}

From source file:mitm.common.security.crl.PKITSTest.java

@Test
public void test_4_15_10_Invalid_delta_CRL_Test10() throws Exception {
    // add certificates
    addCertificates(new File(testBase, "certs/deltaCRLCA3Cert.crt"), certStoreParams.getCertStore());
    addCertificates(new File(testBase, "certs/InvaliddeltaCRLTest10EE.crt"), certStoreParams.getCertStore());

    // add crls// w  w w  . j  a  v  a 2s .  c  o m
    addCRL(new File(testBase, "crls/TrustAnchorRootCRL.crl"), certStoreParams.getCRLStore());
    addCRL(new File(testBase, "crls/deltaCRLCA3CRL.crl"), certStoreParams.getCRLStore());
    addCRL(new File(testBase, "crls/deltaCRLCA3deltaCRL.crl"), certStoreParams.getCRLStore());

    X509CertSelector selector = new X509CertSelector();

    selector.setSerialNumber(BigIntegerUtils.hexDecode("1"));
    selector.setIssuer("CN=deltaCRL CA3, O=Test Certificates, C=US");

    PKIXCertPathBuilderResult result = getCertPathBuilderResult(selector);

    CertPath certPath = result.getCertPath();

    TrustAnchor trustAnchor = result.getTrustAnchor();

    assertNotNull(trustAnchor);
    assertEquals("CN=Trust Anchor, O=Test Certificates, C=US",
            trustAnchor.getTrustedCert().getSubjectX500Principal().toString());

    PKIXRevocationChecker revocationChecker = new PKIXRevocationChecker(certStoreParams.getCRLStore());

    RevocationResult revocationResult = revocationChecker.getRevocationStatus(certPath, trustAnchor, testDate);

    assertEquals(RevocationStatus.EXPIRED, revocationResult.getStatus());
    assertEquals(null, revocationResult.getReason());

    RevocationDetail[] detail = revocationResult.getDetails();

    assertEquals(detail.length, 2);
    assertEquals(RevocationStatus.EXPIRED, detail[0].getStatus());
    assertEquals(RevocationStatus.NOT_REVOKED, detail[1].getStatus());
}