Package org.bouncycastle.x509

Examples of org.bouncycastle.x509.PKIXCertPathReviewer


        String[]    certs,
        String[]    crls,
        Set         policies)
        throws Exception
    {
        PKIXCertPathReviewer result = doTest(trustAnchor,certs,crls,policies);
        if (!result.isValidCertPath())
        {
            fail("path rejected when should be accepted");
        }
    }
View Full Code Here


        int         index,
        String      messageId,
        String      message)
        throws Exception
    {
        PKIXCertPathReviewer result = doTest(trustAnchor, certs, crls);
        if (result.isValidCertPath())
        {
            fail("path accepted when should be rejected");
        }
        else
        {
            ErrorBundle msg = (ErrorBundle) result.getErrors(index).iterator().next();
            assertEquals(messageId,msg.getId());
            assertEquals(message,msg.getText(Locale.ENGLISH,TimeZone.getTimeZone("GMT")));
        }
    }
View Full Code Here

        int         index,
        String      messageId,
        String      message)
        throws Exception
    {
        PKIXCertPathReviewer result = doTest(trustAnchor, certs, crls, policies);
        if (result.isValidCertPath())
        {
            fail("path accepted when should be rejected");
        }
        else
        {
            ErrorBundle msg = (ErrorBundle) result.getErrors(index).iterator().next();
            assertEquals(messageId,msg.getId());
            assertEquals(message,msg.getText(Locale.ENGLISH,TimeZone.getTimeZone("GMT")));
        }
    }
View Full Code Here

        }
   
        CertStore  store = CertStore.getInstance("Collection", new CollectionCertStoreParameters(certsAndCrls), "BC");
       
        //CertPathValidator validator = CertPathValidator.getInstance("PKIX","BC");
        PKIXCertPathReviewer reviewer;
        PKIXParameters    params = new PKIXParameters(trustedSet);
       
        params.addCertStore(store);
        params.setRevocationEnabled(true);
       
        if (policies != null)
        {
            params.setExplicitPolicyRequired(true);
            params.setInitialPolicies(policies);
        }
       
        reviewer = new PKIXCertPathReviewer(certPath,params);
       
        return reviewer;
    }
View Full Code Here

                    Object[] cpres = createCertPath(cert, usedParameters.getTrustAnchors(), pkixParam.getCertStores(), userCertStores);
                    certPath = (CertPath) cpres[0];
                    userProvidedList = (List) cpres[1];

                    // validate cert chain
                    PKIXCertPathReviewer review;
                    try
                    {
                        review = (PKIXCertPathReviewer)certPathReviewerClass.newInstance();
                    }
                    catch (IllegalAccessException e)
                    {
                        throw new IllegalArgumentException("Cannot instantiate object of type " +
                                certPathReviewerClass.getName() + ": " + e.getMessage());
                    }
                    catch (InstantiationException e)
                    {
                        throw new IllegalArgumentException("Cannot instantiate object of type " +
                                certPathReviewerClass.getName() + ": " + e.getMessage());
                    }
                    review.init(certPath, usedParameters);
                    if (!review.isValidCertPath())
                    {
                        ErrorBundle msg = new ErrorBundle(RESOURCE_NAME,
                                "SignedMailValidator.certPathInvalid");
                        errors.add(msg);
                    }
View Full Code Here

                    {
                        System.out.println("\t\t" + notMsg.getText(loc));
                    }
                }
            }
            PKIXCertPathReviewer review = result.getCertPathReview();
            if (review != null)
            {
                if (review.isValidCertPath())
                {
                    System.out.println("Certificate path valid");
                }
                else
                {
                    System.out.println("Certificate path invalid");
                }

                System.out.println("\nCertificate path validation results:");
                // global errors
                System.out.println("Errors:");
                Iterator errorsIt = review.getErrors(-1).iterator();
                while (errorsIt.hasNext())
                {
                    ErrorBundle errorMsg = (ErrorBundle) errorsIt.next();
                    if (dbgLvl == DETAIL)
                    {
                        System.out.println("\t\t" + errorMsg.getDetail(loc));
                    }
                    else
                    {
                        System.out.println("\t\t" + errorMsg.getText(loc));
                    }
                }

                System.out.println("Notifications:");
                Iterator notificationsIt = review.getNotifications(-1)
                        .iterator();
                while (notificationsIt.hasNext())
                {
                    ErrorBundle noteMsg = (ErrorBundle) notificationsIt.next();
                    System.out.println("\t" + noteMsg.getText(loc));
                }

                // per certificate errors and notifications
                Iterator certIt = review.getCertPath().getCertificates()
                        .iterator();
                int i = 0;
                while (certIt.hasNext())
                {
                    X509Certificate cert = (X509Certificate) certIt.next();
                    System.out.println("\nCertificate " + i + "\n========");
                    System.out.println("Issuer: "
                            + cert.getIssuerDN().getName());
                    System.out.println("Subject: "
                            + cert.getSubjectDN().getName());

                    // errors
                    System.out.println("\tErrors:");
                    errorsIt = review.getErrors(i).iterator();
                    while (errorsIt.hasNext())
                    {
                        ErrorBundle errorMsg = (ErrorBundle) errorsIt.next();
                        if (dbgLvl == DETAIL)
                        {
                            System.out
                                    .println("\t\t" + errorMsg.getDetail(loc));
                        }
                        else
                        {
                            System.out.println("\t\t" + errorMsg.getText(loc));
                        }
                    }

                    // notifications
                    System.out.println("\tNotifications:");
                    notificationsIt = review.getNotifications(i).iterator();
                    while (notificationsIt.hasNext())
                    {
                        ErrorBundle noteMsg = (ErrorBundle) notificationsIt
                                .next();
                        if (dbgLvl == DETAIL)
View Full Code Here

        assertFalse(result.isValidSignature());
        assertContainsMessage(result.getErrors(),
                "SignedMailValidator.certNotYetValid",
                "The message was signed at Aug 28, 2006 3:04:01 PM GMT. But the certificate is not valid before Dec 28, 2006 2:19:31 PM GMT.");
       
        PKIXCertPathReviewer review = result.getCertPathReview();
        assertFalse(review.isValidCertPath());
        assertContainsMessage(
                review.getErrors(0),
                "CertPathReviewer.certificateNotYetValid",
                "Could not validate the certificate. Certificate is not valid until Dec 28, 2006 2:19:31 PM GMT.");
    }
View Full Code Here

        assertFalse(result.isValidSignature());
        assertContainsMessage(result.getErrors(),
                "SignedMailValidator.certExpired",
                "The message was signed at Sep 1, 2006 9:08:35 AM GMT. But the certificate expired at Sep 1, 2006 8:39:20 AM GMT.");
       
        PKIXCertPathReviewer review = result.getCertPathReview();
        assertFalse(review.isValidCertPath());
        assertContainsMessage(
                review.getErrors(0),
                "CertPathReviewer.certificateExpired",
                "Could not validate the certificate. Certificate expired on Sep 1, 2006 8:39:20 AM GMT.");
    }
View Full Code Here

        SignedMailValidator.ValidationResult result = doTest(message, params);
       
        assertTrue(result.isVerifiedSignature());
        assertFalse(result.isValidSignature());
       
        PKIXCertPathReviewer review = result.getCertPathReview();
        assertFalse(review.isValidCertPath());
        assertContainsMessage(
                review.getErrors(0),
                "CertPathReviewer.certRevoked",
                "The certificate was revoked at Sep 1, 2006 9:30:00 AM GMT. Reason: Key Compromise.");
    }
View Full Code Here

        SignedMailValidator.ValidationResult result = doTest(message, params);
       
        assertTrue(result.isVerifiedSignature());
        assertFalse(result.isValidSignature());
       
        PKIXCertPathReviewer review = result.getCertPathReview();
       
        assertFalse(review.isValidCertPath());
        assertContainsMessage(review.getErrors(-1),
                "CertPathReviewer.conflictingTrustAnchors",
                "Warning: corrupt trust root store: There are 2 trusted public keys for the CA \"CN=SignedMailValidatorTest Root, C=CH\" - please ensure with CA which is the correct key.");
    }
View Full Code Here

TOP

Related Classes of org.bouncycastle.x509.PKIXCertPathReviewer

Copyright © 2018 www.massapicom. All rights reserved.
All source code are property of their respective owners. Java is a trademark of Sun Microsystems, Inc and owned by ORACLE Inc. Contact coftware#gmail.com.