diff options
author | Kenny Root <kroot@google.com> | 2016-01-12 16:46:10 +0000 |
---|---|---|
committer | Gerrit Code Review <noreply-gerritcodereview@google.com> | 2016-01-12 16:46:10 +0000 |
commit | d9877d97c07e5c33132f6227044f795bd5f9df05 (patch) | |
tree | 15132b958bc9c4d8e0b3fd334e480dcc8f36818c | |
parent | 9504023228f92f80113e3fd2f8d93748e2ee14d8 (diff) | |
parent | 20cb4ffdb52c8e5594806ff11960ee4297b28a34 (diff) | |
download | nist-pkits-d9877d97c07e5c33132f6227044f795bd5f9df05.tar.gz |
Merge changes I4edd999d,I6dab5be8
* changes:
Fix several tests that were worded incorrectly
Allow separation of path and certs
-rw-r--r-- | src/libcore/java/security/cert/X509CertificateNistPkitsTest.java | 91 |
1 files changed, 79 insertions, 12 deletions
diff --git a/src/libcore/java/security/cert/X509CertificateNistPkitsTest.java b/src/libcore/java/security/cert/X509CertificateNistPkitsTest.java index 5171a64..d9a81c5 100644 --- a/src/libcore/java/security/cert/X509CertificateNistPkitsTest.java +++ b/src/libcore/java/security/cert/X509CertificateNistPkitsTest.java @@ -152,6 +152,12 @@ public class X509CertificateNistPkitsTest extends TestCase { private void assertInvalidPath(String trustAnchor, String[] certs, String[] crls) throws Exception, NoSuchAlgorithmException, InvalidAlgorithmParameterException { + assertInvalidPath(trustAnchor, certs, certs, crls); + } + + private void assertInvalidPath(String trustAnchor, String[] path, String[] certs, + String[] crls) throws Exception, NoSuchAlgorithmException, + InvalidAlgorithmParameterException { CertificateFactory f = CertificateFactory.getInstance("X.509"); PKIXParameters params = getTestPathParams(f, trustAnchor, certs, crls); @@ -169,10 +175,16 @@ public class X509CertificateNistPkitsTest extends TestCase { private void assertValidPath(String trustAnchor, String[] certs, String[] crls) throws Exception, NoSuchAlgorithmException, CertPathValidatorException, InvalidAlgorithmParameterException { + assertValidPath(trustAnchor, certs, certs, crls); + } + + private void assertValidPath(String trustAnchor, String[] path, String[] certs, String[] crls) + throws Exception, NoSuchAlgorithmException, CertPathValidatorException, + InvalidAlgorithmParameterException { CertificateFactory f = CertificateFactory.getInstance("X.509"); PKIXParameters params = getTestPathParams(f, trustAnchor, certs, crls); - CertPath cp = getTestPath(f, certs); + CertPath cp = getTestPath(f, path); CertPathValidator cpv = CertPathValidator.getInstance("PKIX"); PKIXCertPathValidatorResult cpvResult = (PKIXCertPathValidatorResult) cpv.validate(cp, @@ -919,6 +931,11 @@ public class X509CertificateNistPkitsTest extends TestCase { public void testBasicCertificateRevocationTests_ValidSeparateCertificateandCRLKeysTest19() throws Exception { String trustAnchor = "TrustAnchorRootCertificate.crt"; + String[] path = { + "ValidSeparateCertificateandCRLKeysTest19EE.crt", + "SeparateCertificateandCRLKeysCertificateSigningCACert.crt", + }; + String[] certs = { "ValidSeparateCertificateandCRLKeysTest19EE.crt", "SeparateCertificateandCRLKeysCRLSigningCert.crt", @@ -930,13 +947,18 @@ public class X509CertificateNistPkitsTest extends TestCase { "SeparateCertificateandCRLKeysCRL.crl", }; - assertValidPath(trustAnchor, certs, crls); + assertValidPath(trustAnchor, path, certs, crls); } /** NIST PKITS test 4.4.20 */ public void testBasicCertificateRevocationTests_InvalidSeparateCertificateandCRLKeysTest20() throws Exception { String trustAnchor = "TrustAnchorRootCertificate.crt"; + String[] path = { + "InvalidSeparateCertificateandCRLKeysTest20EE.crt", + "SeparateCertificateandCRLKeysCertificateSigningCACert.crt", + }; + String[] certs = { "InvalidSeparateCertificateandCRLKeysTest20EE.crt", "SeparateCertificateandCRLKeysCRLSigningCert.crt", @@ -948,13 +970,18 @@ public class X509CertificateNistPkitsTest extends TestCase { "SeparateCertificateandCRLKeysCRL.crl", }; - assertValidPath(trustAnchor, certs, crls); + assertInvalidPath(trustAnchor, path, certs, crls); } /** NIST PKITS test 4.4.21 */ public void testBasicCertificateRevocationTests_InvalidSeparateCertificateandCRLKeysTest21() throws Exception { String trustAnchor = "TrustAnchorRootCertificate.crt"; + String[] path = { + "InvalidSeparateCertificateandCRLKeysTest21EE.crt", + "SeparateCertificateandCRLKeysCA2CertificateSigningCACert.crt", + }; + String[] certs = { "InvalidSeparateCertificateandCRLKeysTest21EE.crt", "SeparateCertificateandCRLKeysCA2CRLSigningCert.crt", @@ -966,7 +993,7 @@ public class X509CertificateNistPkitsTest extends TestCase { "SeparateCertificateandCRLKeysCA2CRL.crl", }; - assertValidPath(trustAnchor, certs, crls); + assertInvalidPath(trustAnchor, path, certs, crls); } /** NIST PKITS test 4.5.1 */ @@ -1028,6 +1055,11 @@ public class X509CertificateNistPkitsTest extends TestCase { public void testVerifyingPathswithSelfIssuedCertificates_ValidBasicSelfIssuedNewWithOldTest4() throws Exception { String trustAnchor = "TrustAnchorRootCertificate.crt"; + String[] path = { + "ValidBasicSelfIssuedNewWithOldTest4EE.crt", + "BasicSelfIssuedOldKeyCACert.crt", + }; + String[] certs = { "ValidBasicSelfIssuedNewWithOldTest4EE.crt", "BasicSelfIssuedOldKeyNewWithOldCACert.crt", @@ -1040,7 +1072,7 @@ public class X509CertificateNistPkitsTest extends TestCase { "BasicSelfIssuedOldKeyCACRL.crl", }; - assertValidPath(trustAnchor, certs, crls); + assertValidPath(trustAnchor, path, certs, crls); } /** NIST PKITS test 4.5.5 */ @@ -1066,6 +1098,11 @@ public class X509CertificateNistPkitsTest extends TestCase { public void testVerifyingPathswithSelfIssuedCertificates_ValidBasicSelfIssuedCRLSigningKeyTest6() throws Exception { String trustAnchor = "TrustAnchorRootCertificate.crt"; + String[] path = { + "ValidBasicSelfIssuedCRLSigningKeyTest6EE.crt", + "BasicSelfIssuedCRLSigningKeyCACert.crt", + }; + String[] certs = { "ValidBasicSelfIssuedCRLSigningKeyTest6EE.crt", "BasicSelfIssuedCRLSigningKeyCRLCert.crt", @@ -1078,7 +1115,7 @@ public class X509CertificateNistPkitsTest extends TestCase { "BasicSelfIssuedCRLSigningKeyCACRL.crl", }; - assertValidPath(trustAnchor, certs, crls); + assertValidPath(trustAnchor, path, certs, crls); } /** NIST PKITS test 4.5.7 */ @@ -2608,6 +2645,11 @@ public class X509CertificateNistPkitsTest extends TestCase { public void testDistributionPoints_ValidIDPwithindirectCRLTest24() throws Exception { String trustAnchor = "TrustAnchorRootCertificate.crt"; + String[] path = { + "ValidIDPwithindirectCRLTest24EE.crt", + "indirectCRLCA2Cert.crt", + }; + String[] certs = { "ValidIDPwithindirectCRLTest24EE.crt", "indirectCRLCA1Cert.crt", @@ -2619,13 +2661,18 @@ public class X509CertificateNistPkitsTest extends TestCase { "indirectCRLCA1CRL.crl", }; - assertValidPath(trustAnchor, certs, crls); + assertValidPath(trustAnchor, path, certs, crls); } /** NIST PKITS test 4.14.25 */ public void testDistributionPoints_ValidIDPwithindirectCRLTest25() throws Exception { String trustAnchor = "TrustAnchorRootCertificate.crt"; + String[] path = { + "ValidIDPwithindirectCRLTest25EE.crt", + "indirectCRLCA2Cert.crt", + }; + String[] certs = { "ValidIDPwithindirectCRLTest25EE.crt", "indirectCRLCA1Cert.crt", @@ -2637,7 +2684,7 @@ public class X509CertificateNistPkitsTest extends TestCase { "indirectCRLCA1CRL.crl", }; - assertValidPath(trustAnchor, certs, crls); + assertValidPath(trustAnchor, path, certs, crls); } /** NIST PKITS test 4.14.26 */ @@ -2680,6 +2727,11 @@ public class X509CertificateNistPkitsTest extends TestCase { public void testDistributionPoints_ValidcRLIssuerTest28() throws Exception { String trustAnchor = "TrustAnchorRootCertificate.crt"; + String[] path = { + "ValidcRLIssuerTest28EE.crt", + "indirectCRLCA3Cert.crt", + }; + String[] certs = { "ValidcRLIssuerTest28EE.crt", "indirectCRLCA3cRLIssuerCert.crt", @@ -2692,13 +2744,18 @@ public class X509CertificateNistPkitsTest extends TestCase { "indirectCRLCA3cRLIssuerCRL.crl", }; - assertValidPath(trustAnchor, certs, crls); + assertValidPath(trustAnchor, path, certs, crls); } /** NIST PKITS test 4.14.29 */ public void testDistributionPoints_ValidcRLIssuerTest29() throws Exception { String trustAnchor = "TrustAnchorRootCertificate.crt"; + String[] path = { + "ValidcRLIssuerTest29EE.crt", + "indirectCRLCA3Cert.crt", + }; + String[] certs = { "ValidcRLIssuerTest29EE.crt", "indirectCRLCA3cRLIssuerCert.crt", @@ -2711,13 +2768,18 @@ public class X509CertificateNistPkitsTest extends TestCase { "indirectCRLCA3cRLIssuerCRL.crl", }; - assertValidPath(trustAnchor, certs, crls); + assertValidPath(trustAnchor, path, certs, crls); } /** NIST PKITS test 4.14.30 */ public void testDistributionPoints_ValidcRLIssuerTest30() throws Exception { String trustAnchor = "TrustAnchorRootCertificate.crt"; + String[] path = { + "ValidcRLIssuerTest30EE.crt", + "indirectCRLCA4Cert.crt", + }; + String[] certs = { "ValidcRLIssuerTest30EE.crt", "indirectCRLCA4cRLIssuerCert.crt", @@ -2729,7 +2791,7 @@ public class X509CertificateNistPkitsTest extends TestCase { "indirectCRLCA4cRLIssuerCRL.crl", }; - assertValidPath(trustAnchor, certs, crls); + assertValidPath(trustAnchor, path, certs, crls); } /** NIST PKITS test 4.14.31 */ @@ -2772,6 +2834,11 @@ public class X509CertificateNistPkitsTest extends TestCase { public void testDistributionPoints_ValidcRLIssuerTest33() throws Exception { String trustAnchor = "TrustAnchorRootCertificate.crt"; + String[] path = { + "ValidcRLIssuerTest33EE.crt", + "indirectCRLCA6Cert.crt", + }; + String[] certs = { "ValidcRLIssuerTest33EE.crt", "indirectCRLCA6Cert.crt", @@ -2783,7 +2850,7 @@ public class X509CertificateNistPkitsTest extends TestCase { "indirectCRLCA5CRL.crl", }; - assertValidPath(trustAnchor, certs, crls); + assertValidPath(trustAnchor, path, certs, crls); } /** NIST PKITS test 4.14.34 */ |