188d31c7bb167fd2516bc82a99386cf8e66f28b47Jorg Pleumann/* 288d31c7bb167fd2516bc82a99386cf8e66f28b47Jorg Pleumann * Copyright (C) 2009 The Android Open Source Project 388d31c7bb167fd2516bc82a99386cf8e66f28b47Jorg Pleumann * 488d31c7bb167fd2516bc82a99386cf8e66f28b47Jorg Pleumann * Licensed under the Apache License, Version 2.0 (the "License"); 588d31c7bb167fd2516bc82a99386cf8e66f28b47Jorg Pleumann * you may not use this file except in compliance with the License. 688d31c7bb167fd2516bc82a99386cf8e66f28b47Jorg Pleumann * You may obtain a copy of the License at 788d31c7bb167fd2516bc82a99386cf8e66f28b47Jorg Pleumann * 888d31c7bb167fd2516bc82a99386cf8e66f28b47Jorg Pleumann * http://www.apache.org/licenses/LICENSE-2.0 988d31c7bb167fd2516bc82a99386cf8e66f28b47Jorg Pleumann * 1088d31c7bb167fd2516bc82a99386cf8e66f28b47Jorg Pleumann * Unless required by applicable law or agreed to in writing, software 1188d31c7bb167fd2516bc82a99386cf8e66f28b47Jorg Pleumann * distributed under the License is distributed on an "AS IS" BASIS, 1288d31c7bb167fd2516bc82a99386cf8e66f28b47Jorg Pleumann * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. 1388d31c7bb167fd2516bc82a99386cf8e66f28b47Jorg Pleumann * See the License for the specific language governing permissions and 1488d31c7bb167fd2516bc82a99386cf8e66f28b47Jorg Pleumann * limitations under the License. 1588d31c7bb167fd2516bc82a99386cf8e66f28b47Jorg Pleumann */ 16adc854b798c1cfe3bfd4c27d68d5cee38ca617daThe Android Open Source Projectpackage tests.targets.security.cert; 17adc854b798c1cfe3bfd4c27d68d5cee38ca617daThe Android Open Source Project 18adc854b798c1cfe3bfd4c27d68d5cee38ca617daThe Android Open Source Projectimport java.io.ByteArrayInputStream; 19adc854b798c1cfe3bfd4c27d68d5cee38ca617daThe Android Open Source Projectimport java.security.KeyStore; 20adc854b798c1cfe3bfd4c27d68d5cee38ca617daThe Android Open Source Projectimport java.security.cert.CertPath; 21adc854b798c1cfe3bfd4c27d68d5cee38ca617daThe Android Open Source Projectimport java.security.cert.CertPathParameters; 22adc854b798c1cfe3bfd4c27d68d5cee38ca617daThe Android Open Source Projectimport java.security.cert.CertStore; 23adc854b798c1cfe3bfd4c27d68d5cee38ca617daThe Android Open Source Projectimport java.security.cert.CertStoreParameters; 24adc854b798c1cfe3bfd4c27d68d5cee38ca617daThe Android Open Source Projectimport java.security.cert.Certificate; 25adc854b798c1cfe3bfd4c27d68d5cee38ca617daThe Android Open Source Projectimport java.security.cert.CertificateFactory; 26adc854b798c1cfe3bfd4c27d68d5cee38ca617daThe Android Open Source Projectimport java.security.cert.CollectionCertStoreParameters; 27adc854b798c1cfe3bfd4c27d68d5cee38ca617daThe Android Open Source Projectimport java.security.cert.PKIXBuilderParameters; 28adc854b798c1cfe3bfd4c27d68d5cee38ca617daThe Android Open Source Projectimport java.security.cert.X509CertSelector; 29adc854b798c1cfe3bfd4c27d68d5cee38ca617daThe Android Open Source Projectimport java.security.cert.X509Certificate; 30adc854b798c1cfe3bfd4c27d68d5cee38ca617daThe Android Open Source Projectimport java.util.ArrayList; 31adc854b798c1cfe3bfd4c27d68d5cee38ca617daThe Android Open Source Projectimport java.util.List; 32adc854b798c1cfe3bfd4c27d68d5cee38ca617daThe Android Open Source Projectimport javax.security.auth.x500.X500Principal; 33f979bbd1277c77ca945ad981e7864fb4e9f6ae05Jesse Wilsonimport tests.security.CertPathBuilderTest; 34adc854b798c1cfe3bfd4c27d68d5cee38ca617daThe Android Open Source Project 35adc854b798c1cfe3bfd4c27d68d5cee38ca617daThe Android Open Source Projectpublic class CertPathBuilderTestPKIX extends CertPathBuilderTest { 36adc854b798c1cfe3bfd4c27d68d5cee38ca617daThe Android Open Source Project 37adc854b798c1cfe3bfd4c27d68d5cee38ca617daThe Android Open Source Project public CertPathBuilderTestPKIX() { 38adc854b798c1cfe3bfd4c27d68d5cee38ca617daThe Android Open Source Project super("PKIX"); 39adc854b798c1cfe3bfd4c27d68d5cee38ca617daThe Android Open Source Project } 40adc854b798c1cfe3bfd4c27d68d5cee38ca617daThe Android Open Source Project 41adc854b798c1cfe3bfd4c27d68d5cee38ca617daThe Android Open Source Project @Override 42f979bbd1277c77ca945ad981e7864fb4e9f6ae05Jesse Wilson public CertPathParameters getCertPathParameters() throws Exception { 4387eb4de6347e1be029cde77dd43ad9b1af901472Urs Grob KeyStore keyStore = KeyStore.getInstance(KeyStore.getDefaultType()); 4487eb4de6347e1be029cde77dd43ad9b1af901472Urs Grob 4587eb4de6347e1be029cde77dd43ad9b1af901472Urs Grob keyStore.load(null, null); 4687eb4de6347e1be029cde77dd43ad9b1af901472Urs Grob 47c934a095e1f863f00bf6f7c0b37fbd05ebeaaff5Brian Carlstrom CertificateFactory certificateFactory = CertificateFactory.getInstance("X509"); 4887eb4de6347e1be029cde77dd43ad9b1af901472Urs Grob 4987eb4de6347e1be029cde77dd43ad9b1af901472Urs Grob X509Certificate selfSignedcertificate = 5087eb4de6347e1be029cde77dd43ad9b1af901472Urs Grob (X509Certificate) certificateFactory.generateCertificate( 5187eb4de6347e1be029cde77dd43ad9b1af901472Urs Grob new ByteArrayInputStream(selfSignedCert.getBytes())); 5287eb4de6347e1be029cde77dd43ad9b1af901472Urs Grob 5387eb4de6347e1be029cde77dd43ad9b1af901472Urs Grob keyStore.setCertificateEntry("selfSignedCert", selfSignedcertificate); 54adc854b798c1cfe3bfd4c27d68d5cee38ca617daThe Android Open Source Project 55adc854b798c1cfe3bfd4c27d68d5cee38ca617daThe Android Open Source Project X509CertSelector targetConstraints = new X509CertSelector(); 56adc854b798c1cfe3bfd4c27d68d5cee38ca617daThe Android Open Source Project targetConstraints.setCertificate(selfSignedcertificate); 57adc854b798c1cfe3bfd4c27d68d5cee38ca617daThe Android Open Source Project 58adc854b798c1cfe3bfd4c27d68d5cee38ca617daThe Android Open Source Project List<Certificate> certList = new ArrayList<Certificate>(); 59adc854b798c1cfe3bfd4c27d68d5cee38ca617daThe Android Open Source Project certList.add(selfSignedcertificate); 60adc854b798c1cfe3bfd4c27d68d5cee38ca617daThe Android Open Source Project CertStoreParameters storeParams = new CollectionCertStoreParameters( 61adc854b798c1cfe3bfd4c27d68d5cee38ca617daThe Android Open Source Project certList); 62adc854b798c1cfe3bfd4c27d68d5cee38ca617daThe Android Open Source Project 63adc854b798c1cfe3bfd4c27d68d5cee38ca617daThe Android Open Source Project 6487eb4de6347e1be029cde77dd43ad9b1af901472Urs Grob CertStore certStore = CertStore.getInstance("Collection", storeParams); 6587eb4de6347e1be029cde77dd43ad9b1af901472Urs Grob 6687eb4de6347e1be029cde77dd43ad9b1af901472Urs Grob 6787eb4de6347e1be029cde77dd43ad9b1af901472Urs Grob PKIXBuilderParameters parameters = new PKIXBuilderParameters( 6887eb4de6347e1be029cde77dd43ad9b1af901472Urs Grob keyStore, targetConstraints); 6987eb4de6347e1be029cde77dd43ad9b1af901472Urs Grob parameters.addCertStore(certStore); 7087eb4de6347e1be029cde77dd43ad9b1af901472Urs Grob parameters.setRevocationEnabled(false); 7187eb4de6347e1be029cde77dd43ad9b1af901472Urs Grob return parameters; 72adc854b798c1cfe3bfd4c27d68d5cee38ca617daThe Android Open Source Project } 73adc854b798c1cfe3bfd4c27d68d5cee38ca617daThe Android Open Source Project 74adc854b798c1cfe3bfd4c27d68d5cee38ca617daThe Android Open Source Project @Override 75f979bbd1277c77ca945ad981e7864fb4e9f6ae05Jesse Wilson public void validateCertPath(CertPath path) { 76adc854b798c1cfe3bfd4c27d68d5cee38ca617daThe Android Open Source Project List<? extends Certificate> certificates = path.getCertificates(); 77adc854b798c1cfe3bfd4c27d68d5cee38ca617daThe Android Open Source Project Certificate certificate = certificates.get(0); 78adc854b798c1cfe3bfd4c27d68d5cee38ca617daThe Android Open Source Project 79adc854b798c1cfe3bfd4c27d68d5cee38ca617daThe Android Open Source Project assertEquals("unexpected certificate type", "X.509", certificate 80adc854b798c1cfe3bfd4c27d68d5cee38ca617daThe Android Open Source Project .getType()); 81adc854b798c1cfe3bfd4c27d68d5cee38ca617daThe Android Open Source Project 82adc854b798c1cfe3bfd4c27d68d5cee38ca617daThe Android Open Source Project X509Certificate x509Certificate = (X509Certificate) certificate; 83adc854b798c1cfe3bfd4c27d68d5cee38ca617daThe Android Open Source Project X500Principal subjectX500Principal = x509Certificate 84adc854b798c1cfe3bfd4c27d68d5cee38ca617daThe Android Open Source Project .getSubjectX500Principal(); 85adc854b798c1cfe3bfd4c27d68d5cee38ca617daThe Android Open Source Project 8687eb4de6347e1be029cde77dd43ad9b1af901472Urs Grob X500Principal expectedPrincipal = new X500Principal("CN=Android CTS, " 8787eb4de6347e1be029cde77dd43ad9b1af901472Urs Grob + "OU=Android, O=Android, L=Android, ST=Android, C=AN"); 88adc854b798c1cfe3bfd4c27d68d5cee38ca617daThe Android Open Source Project 89adc854b798c1cfe3bfd4c27d68d5cee38ca617daThe Android Open Source Project assertEquals("unexpected principal", expectedPrincipal, 90adc854b798c1cfe3bfd4c27d68d5cee38ca617daThe Android Open Source Project subjectX500Principal); 91adc854b798c1cfe3bfd4c27d68d5cee38ca617daThe Android Open Source Project } 92adc854b798c1cfe3bfd4c27d68d5cee38ca617daThe Android Open Source Project 93adc854b798c1cfe3bfd4c27d68d5cee38ca617daThe Android Open Source Project private String selfSignedCert = "-----BEGIN CERTIFICATE-----\n" 94adc854b798c1cfe3bfd4c27d68d5cee38ca617daThe Android Open Source Project + "MIICSDCCAbECBEk2ZvswDQYJKoZIhvcNAQEEBQAwazELMAkGA1UEBhMCQU4xEDAOBgNVBAgTB0Fu\n" 95adc854b798c1cfe3bfd4c27d68d5cee38ca617daThe Android Open Source Project + "ZHJvaWQxEDAOBgNVBAcTB0FuZHJvaWQxEDAOBgNVBAoTB0FuZHJvaWQxEDAOBgNVBAsTB0FuZHJv\n" 96adc854b798c1cfe3bfd4c27d68d5cee38ca617daThe Android Open Source Project + "aWQxFDASBgNVBAMTC0FuZHJvaWQgQ1RTMB4XDTA4MTIwMzExMDExNVoXDTM2MDQyMDExMDExNVow\n" 97adc854b798c1cfe3bfd4c27d68d5cee38ca617daThe Android Open Source Project + "azELMAkGA1UEBhMCQU4xEDAOBgNVBAgTB0FuZHJvaWQxEDAOBgNVBAcTB0FuZHJvaWQxEDAOBgNV\n" 98adc854b798c1cfe3bfd4c27d68d5cee38ca617daThe Android Open Source Project + "BAoTB0FuZHJvaWQxEDAOBgNVBAsTB0FuZHJvaWQxFDASBgNVBAMTC0FuZHJvaWQgQ1RTMIGfMA0G\n" 99adc854b798c1cfe3bfd4c27d68d5cee38ca617daThe Android Open Source Project + "CSqGSIb3DQEBAQUAA4GNADCBiQKBgQCAMd+N1Bu2eiI4kukOLvFlpTSEHTGplN2vvw76T7jSZinx\n" 100adc854b798c1cfe3bfd4c27d68d5cee38ca617daThe Android Open Source Project + "WcrtLe6qH1uPffbVNW4/BRn6OywbcynazEdqEUa09hWtHYmUsXpRPyGUBScNnyF751SGA2JIQUfg\n" 101adc854b798c1cfe3bfd4c27d68d5cee38ca617daThe Android Open Source Project + "3gi3gT3h32Z64AIHnn5gsGDJkeWOHx6/uVOV7iqr7cwPdLp03QIDAQABMA0GCSqGSIb3DQEBBAUA\n" 102adc854b798c1cfe3bfd4c27d68d5cee38ca617daThe Android Open Source Project + "A4GBAGG46Udsh6U7bSkJsyPPmSCCEkGr14L8F431UuaWbLvQVDtyPv8vtdJilyUTVnlWM6JNGV/q\n" 103adc854b798c1cfe3bfd4c27d68d5cee38ca617daThe Android Open Source Project + "bgHuLbohkVXn9l68GtgQ7QDexHJE5hEDG/S7cYNi9GhrCfzAjEed13VMntZHZ0XQ4E7jBOmhcMAY\n" 104adc854b798c1cfe3bfd4c27d68d5cee38ca617daThe Android Open Source Project + "DC9BBx1sVKoji17RP4R8CTf1\n" + "-----END CERTIFICATE-----"; 105adc854b798c1cfe3bfd4c27d68d5cee38ca617daThe Android Open Source Project} 106