1 /* BaseValidTest.java -- superclass of "valid" tests.

     2    Copyright (C) 2003  Free Software Foundation, Inc.

     3 

     4    Distributed under the GPL; see the file `COPYING' */

     5 

     6 // Tags: not-a-test

     7 // Uses: PKITS

     8 // Files: data/certs/TrustAnchorRootCertificate.crt data/crls/TrustAnchorRootCRL.crl

     9 

    10 package gnu.testlet.java.security.cert.pkix.pkits;

    11 

    12 import java.security.cert.*;

    13 import java.util.*;

    14 

    15 import gnu.testlet.TestHarness;

    16 import gnu.testlet.Testlet;

    17 

    18 public abstract class BaseValidTest extends PKITS implements Testlet

    19 {

    20 

    21   // Fields.

    22   // -------------------------------------------------------------------------

    23 

    24   public static final String PROVIDER = System.getProperty("pkits.provider", "GNU");

    25   public static final String TRUST_ANCHOR_CERT = "data/certs/TrustAnchorRootCertificate.crt";

    26   public static final String TRUST_ANCHOR_CRL = "data/crls/TrustAnchorRootCRL.crl";

    27 

    28   protected String[] certPath;

    29   protected String[] crls;

    30   protected String[] certs;

    31 

    32   // Constructors.

    33   // -------------------------------------------------------------------------

    34 

    35   protected BaseValidTest(String[] certPath, String[] crls, String[] certs)

    36   {

    37     if (certPath == null || crls == null || certs == null)

    38       throw new NullPointerException();

    39     this.certPath = certPath;

    40     this.crls = crls;

    41     this.certs = certs;

    42   }

    43 

    44   protected BaseValidTest(String[] certPath, String[] crls)

    45   {

    46     this(certPath, crls, new String[0]);

    47   }

    48 

    49   // Instance method.

    50   // -------------------------------------------------------------------------

    51 

    52   public void test(TestHarness harness)

    53   {

    54     String testName = getClass().getName();

    55     if (testName.lastIndexOf ('.') > 0)

    56       testName = testName.substring (testName.lastIndexOf ('.') + 1);

    57     harness.checkPoint(testName);

    58     try

    59       {

    60         CertificateFactory factory = CertificateFactory.getInstance("X.509", PROVIDER);

    61         TrustAnchor anchor = new TrustAnchor((X509Certificate) factory.generateCertificate(getClass().getResourceAsStream(TRUST_ANCHOR_CERT)), null);

    62         List pathList = new ArrayList(certPath.length);

    63         for (int i = 0; i < certPath.length; i++)

    64           {

    65             pathList.add(factory.generateCertificate(getClass().getResourceAsStream(certPath[i])));

    66           }

    67         List crlsAndCerts = new ArrayList(crls.length + certs.length + 1);

    68         crlsAndCerts.add(factory.generateCRL(getClass().getResourceAsStream(TRUST_ANCHOR_CRL)));

    69         for (int i = 0; i < crls.length; i++)

    70           {

    71             crlsAndCerts.add(factory.generateCRL(getClass().getResourceAsStream(crls[i])));

    72           }

    73         for (int i = 0; i < certs.length; i++)

    74           {

    75             crlsAndCerts.add(factory.generateCertificate(getClass().getResourceAsStream(certs[i])));

    76           }

    77         CertPath path = factory.generateCertPath(pathList);

    78         CertStore certStore = CertStore.getInstance("Collection", new CollectionCertStoreParameters(crlsAndCerts), PROVIDER);

    79         PKIXParameters params = new PKIXParameters(Collections.singleton(anchor));

    80         params.addCertStore(certStore);

    81         params.setExplicitPolicyRequired(false);

    82         params.setInitialPolicies(Collections.singleton(PKITS.ANY_POLICY));

    83         params.setPolicyMappingInhibited(false);

    84         params.setAnyPolicyInhibited(false);

    85         setupAdditionalParams(params);

    86         CertPathValidator validator = CertPathValidator.getInstance("PKIX", PROVIDER);

    87         CertPathValidatorResult result = validator.validate(path, params);

    88         verify (harness, result);

    89       }

    90     catch (Exception x)

    91       {

    92         harness.debug(x);

    93         harness.fail(x.toString());

    94       }

    95   }

    96 

    97   /**

    98    * Subclasses should override this method to add any additional parameters

    99    * before the path verification is run.

   100    *

   101    * @param params The parameters.

   102    */

   103   protected void setupAdditionalParams (PKIXParameters params)

   104   {

   105   }

   106 

   107   /**

   108    * Subclasses should override this method to perform any final verification

   109    * on the certification path validation result. The default implementation

   110    * simply prints the policy tree (if we are configured to be verbose) and

   111    * passes the test.

   112    *

   113    * @param harness The test harness.

   114    * @param result The validation result. This will almost always be an

   115    *        instance of {@link PKIXCertPathValidatorResult}.

   116    * @throws Exception If verification fails unexpectedly.

   117    */

   118   protected void verify (TestHarness harness,

   119                          CertPathValidatorResult result)

   120     throws Exception

   121   {

   122     harness.verbose(((PKIXCertPathValidatorResult) result).getPolicyTree().toString());

   123     harness.check(true);

   124   }

   125 }