Logo Search packages:      
Sourcecode: libgnucrypto-java version File versions  Download package

BaseValidTest.java

/* BaseValidTest.java -- superclass of "valid" tests.
   Copyright (C) 2003  Free Software Foundation, Inc.

   Distributed under the GPL; see the file `COPYING' */


package gnu.testlet.gnu.crypto.pki.pkits;

import java.security.cert.*;
import java.util.*;

import gnu.testlet.TestHarness;
import gnu.testlet.Testlet;

public abstract class BaseValidTest extends PKITS implements Testlet
{

  // Fields.
  // -------------------------------------------------------------------------

  public static final String PROVIDER = System.getProperty("pkits.provider", "GNU-PKI");
  public static final String TRUST_ANCHOR_CERT = "data/certs/TrustAnchorRootCertificate.crt";
  public static final String TRUST_ANCHOR_CRL = "data/crls/TrustAnchorRootCRL.crl";

  protected String[] certPath;
  protected String[] crls;
  protected String[] certs;

  // Constructors.
  // -------------------------------------------------------------------------

  protected BaseValidTest(String[] certPath, String[] crls, String[] certs)
  {
    if (certPath == null || crls == null || certs == null)
      throw new NullPointerException();
    this.certPath = certPath;
    this.crls = crls;
    this.certs = certs;
  }

  protected BaseValidTest(String[] certPath, String[] crls)
  {
    this(certPath, crls, new String[0]);
  }

  // Instance method.
  // -------------------------------------------------------------------------

  public void test(TestHarness harness)
  {
    String testName = getClass().getName();
    if (testName.lastIndexOf ('.') > 0)
      testName = testName.substring (testName.lastIndexOf ('.') + 1);
    harness.checkPoint(testName);
    try
      {
        CertificateFactory factory = CertificateFactory.getInstance("X.509", PROVIDER);
        TrustAnchor anchor = new TrustAnchor((X509Certificate) factory.generateCertificate(getClass().getResourceAsStream(TRUST_ANCHOR_CERT)), null);
        List pathList = new ArrayList(certPath.length);
        for (int i = 0; i < certPath.length; i++)
          {
            pathList.add(factory.generateCertificate(getClass().getResourceAsStream(certPath[i])));
          }
        List crlsAndCerts = new ArrayList(crls.length + certs.length + 1);
        crlsAndCerts.add(factory.generateCRL(getClass().getResourceAsStream(TRUST_ANCHOR_CRL)));
        for (int i = 0; i < crls.length; i++)
          {
            crlsAndCerts.add(factory.generateCRL(getClass().getResourceAsStream(crls[i])));
          }
        for (int i = 0; i < certs.length; i++)
          {
            crlsAndCerts.add(factory.generateCertificate(getClass().getResourceAsStream(certs[i])));
          }
        CertPath path = factory.generateCertPath(pathList);
        CertStore certStore = CertStore.getInstance("Collection", new CollectionCertStoreParameters(crlsAndCerts), PROVIDER);
        PKIXParameters params = new PKIXParameters(Collections.singleton(anchor));
        params.addCertStore(certStore);
        params.setExplicitPolicyRequired(false);
        params.setInitialPolicies(Collections.singleton(PKITS.ANY_POLICY));
        params.setPolicyMappingInhibited(false);
        params.setAnyPolicyInhibited(false);
        setupAdditionalParams(params);
        CertPathValidator validator = CertPathValidator.getInstance("PKIX", PROVIDER);
        CertPathValidatorResult result = validator.validate(path, params);
        verify (harness, result);
      }
    catch (Exception x)
      {
        harness.debug(x);
        harness.fail(x.toString());
      }
  }

  /**
   * Subclasses should override this method to add any additional parameters
   * before the path verification is run.
   *
   * @param params The parameters.
   */
  protected void setupAdditionalParams (PKIXParameters params)
  {
  }

  /**
   * Subclasses should override this method to perform any final verification
   * on the certification path validation result. The default implementation
   * simply prints the policy tree (if we are configured to be verbose) and
   * passes the test.
   *
   * @param harness The test harness.
   * @param result The validation result. This will almost always be an
   *        instance of {@link PKIXCertPathValidatorResult}.
   * @throws Exception If verification fails unexpectedly.
   */
  protected void verify (TestHarness harness,
                         CertPathValidatorResult result)
    throws Exception
  {
    harness.verbose(((PKIXCertPathValidatorResult) result).getPolicyTree().toString());
    harness.check(true);
  }
}

Generated by  Doxygen 1.6.0   Back to index