java.security.cert.PKIXRevocationChecker.Option Java Examples

The following examples show how to use java.security.cert.PKIXRevocationChecker.Option. You can vote up the ones you like or vote down the ones you don't like, and go to the original project or source file by following the links above each example. You may check out the related API usage on the sidebar.
Example #1
Source File: OcspUnauthorized.java    From dragonwell8_jdk with GNU General Public License v2.0 6 votes vote down vote up
public static void main(String[] args) throws Exception {
    cf = CertificateFactory.getInstance("X.509");
    X509Certificate taCert = getX509Cert(TRUST_ANCHOR);
    X509Certificate eeCert = getX509Cert(EE_CERT);
    CertPath cp = cf.generateCertPath(Collections.singletonList(eeCert));

    CertPathValidator cpv = CertPathValidator.getInstance("PKIX");
    PKIXRevocationChecker prc =
        (PKIXRevocationChecker)cpv.getRevocationChecker();
    prc.setOptions(EnumSet.of(Option.SOFT_FAIL, Option.NO_FALLBACK));
    byte[] response = base64Decoder.decode(OCSP_RESPONSE);

    prc.setOcspResponses(Collections.singletonMap(eeCert, response));

    TrustAnchor ta = new TrustAnchor(taCert, null);
    PKIXParameters params = new PKIXParameters(Collections.singleton(ta));

    params.addCertPathChecker(prc);

    try {
        cpv.validate(cp, params);
        throw new Exception("FAILED: expected CertPathValidatorException");
    } catch (CertPathValidatorException cpve) {
        cpve.printStackTrace();
    }
}
 
Example #2
Source File: OcspUnauthorized.java    From jdk8u-dev-jdk with GNU General Public License v2.0 6 votes vote down vote up
public static void main(String[] args) throws Exception {
    cf = CertificateFactory.getInstance("X.509");
    X509Certificate taCert = getX509Cert(TRUST_ANCHOR);
    X509Certificate eeCert = getX509Cert(EE_CERT);
    CertPath cp = cf.generateCertPath(Collections.singletonList(eeCert));

    CertPathValidator cpv = CertPathValidator.getInstance("PKIX");
    PKIXRevocationChecker prc =
        (PKIXRevocationChecker)cpv.getRevocationChecker();
    prc.setOptions(EnumSet.of(Option.SOFT_FAIL, Option.NO_FALLBACK));
    byte[] response = base64Decoder.decode(OCSP_RESPONSE);

    prc.setOcspResponses(Collections.singletonMap(eeCert, response));

    TrustAnchor ta = new TrustAnchor(taCert, null);
    PKIXParameters params = new PKIXParameters(Collections.singleton(ta));

    params.addCertPathChecker(prc);

    try {
        cpv.validate(cp, params);
        throw new Exception("FAILED: expected CertPathValidatorException");
    } catch (CertPathValidatorException cpve) {
        cpve.printStackTrace();
    }
}
 
Example #3
Source File: OcspUnauthorized.java    From jdk8u-jdk with GNU General Public License v2.0 6 votes vote down vote up
public static void main(String[] args) throws Exception {
    cf = CertificateFactory.getInstance("X.509");
    X509Certificate taCert = getX509Cert(TRUST_ANCHOR);
    X509Certificate eeCert = getX509Cert(EE_CERT);
    CertPath cp = cf.generateCertPath(Collections.singletonList(eeCert));

    CertPathValidator cpv = CertPathValidator.getInstance("PKIX");
    PKIXRevocationChecker prc =
        (PKIXRevocationChecker)cpv.getRevocationChecker();
    prc.setOptions(EnumSet.of(Option.SOFT_FAIL, Option.NO_FALLBACK));
    byte[] response = base64Decoder.decode(OCSP_RESPONSE);

    prc.setOcspResponses(Collections.singletonMap(eeCert, response));

    TrustAnchor ta = new TrustAnchor(taCert, null);
    PKIXParameters params = new PKIXParameters(Collections.singleton(ta));

    params.addCertPathChecker(prc);

    try {
        cpv.validate(cp, params);
        throw new Exception("FAILED: expected CertPathValidatorException");
    } catch (CertPathValidatorException cpve) {
        cpve.printStackTrace();
    }
}
 
Example #4
Source File: OcspUnauthorized.java    From jdk8u_jdk with GNU General Public License v2.0 6 votes vote down vote up
public static void main(String[] args) throws Exception {
    cf = CertificateFactory.getInstance("X.509");
    X509Certificate taCert = getX509Cert(TRUST_ANCHOR);
    X509Certificate eeCert = getX509Cert(EE_CERT);
    CertPath cp = cf.generateCertPath(Collections.singletonList(eeCert));

    CertPathValidator cpv = CertPathValidator.getInstance("PKIX");
    PKIXRevocationChecker prc =
        (PKIXRevocationChecker)cpv.getRevocationChecker();
    prc.setOptions(EnumSet.of(Option.SOFT_FAIL, Option.NO_FALLBACK));
    byte[] response = base64Decoder.decode(OCSP_RESPONSE);

    prc.setOcspResponses(Collections.singletonMap(eeCert, response));

    TrustAnchor ta = new TrustAnchor(taCert, null);
    PKIXParameters params = new PKIXParameters(Collections.singleton(ta));

    params.addCertPathChecker(prc);

    try {
        cpv.validate(cp, params);
        throw new Exception("FAILED: expected CertPathValidatorException");
    } catch (CertPathValidatorException cpve) {
        cpve.printStackTrace();
    }
}
 
Example #5
Source File: OcspUnauthorized.java    From openjdk-8 with GNU General Public License v2.0 6 votes vote down vote up
public static void main(String[] args) throws Exception {
    cf = CertificateFactory.getInstance("X.509");
    X509Certificate taCert = getX509Cert(TRUST_ANCHOR);
    X509Certificate eeCert = getX509Cert(EE_CERT);
    CertPath cp = cf.generateCertPath(Collections.singletonList(eeCert));

    CertPathValidator cpv = CertPathValidator.getInstance("PKIX");
    PKIXRevocationChecker prc =
        (PKIXRevocationChecker)cpv.getRevocationChecker();
    prc.setOptions(EnumSet.of(Option.SOFT_FAIL, Option.NO_FALLBACK));
    byte[] response = base64Decoder.decode(OCSP_RESPONSE);

    prc.setOcspResponses(Collections.singletonMap(eeCert, response));

    TrustAnchor ta = new TrustAnchor(taCert, null);
    PKIXParameters params = new PKIXParameters(Collections.singleton(ta));

    params.addCertPathChecker(prc);

    try {
        cpv.validate(cp, params);
        throw new Exception("FAILED: expected CertPathValidatorException");
    } catch (CertPathValidatorException cpve) {
        cpve.printStackTrace();
    }
}
 
Example #6
Source File: OcspUnauthorized.java    From openjdk-8-source with GNU General Public License v2.0 6 votes vote down vote up
public static void main(String[] args) throws Exception {
    cf = CertificateFactory.getInstance("X.509");
    X509Certificate taCert = getX509Cert(TRUST_ANCHOR);
    X509Certificate eeCert = getX509Cert(EE_CERT);
    CertPath cp = cf.generateCertPath(Collections.singletonList(eeCert));

    CertPathValidator cpv = CertPathValidator.getInstance("PKIX");
    PKIXRevocationChecker prc =
        (PKIXRevocationChecker)cpv.getRevocationChecker();
    prc.setOptions(EnumSet.of(Option.SOFT_FAIL, Option.NO_FALLBACK));
    byte[] response = base64Decoder.decode(OCSP_RESPONSE);

    prc.setOcspResponses(Collections.singletonMap(eeCert, response));

    TrustAnchor ta = new TrustAnchor(taCert, null);
    PKIXParameters params = new PKIXParameters(Collections.singleton(ta));

    params.addCertPathChecker(prc);

    try {
        cpv.validate(cp, params);
        throw new Exception("FAILED: expected CertPathValidatorException");
    } catch (CertPathValidatorException cpve) {
        cpve.printStackTrace();
    }
}
 
Example #7
Source File: OcspUnauthorized.java    From hottub with GNU General Public License v2.0 6 votes vote down vote up
public static void main(String[] args) throws Exception {
    cf = CertificateFactory.getInstance("X.509");
    X509Certificate taCert = getX509Cert(TRUST_ANCHOR);
    X509Certificate eeCert = getX509Cert(EE_CERT);
    CertPath cp = cf.generateCertPath(Collections.singletonList(eeCert));

    CertPathValidator cpv = CertPathValidator.getInstance("PKIX");
    PKIXRevocationChecker prc =
        (PKIXRevocationChecker)cpv.getRevocationChecker();
    prc.setOptions(EnumSet.of(Option.SOFT_FAIL, Option.NO_FALLBACK));
    byte[] response = base64Decoder.decode(OCSP_RESPONSE);

    prc.setOcspResponses(Collections.singletonMap(eeCert, response));

    TrustAnchor ta = new TrustAnchor(taCert, null);
    PKIXParameters params = new PKIXParameters(Collections.singleton(ta));

    params.addCertPathChecker(prc);

    try {
        cpv.validate(cp, params);
        throw new Exception("FAILED: expected CertPathValidatorException");
    } catch (CertPathValidatorException cpve) {
        cpve.printStackTrace();
    }
}
 
Example #8
Source File: OcspUnauthorized.java    From jdk8u-jdk with GNU General Public License v2.0 6 votes vote down vote up
public static void main(String[] args) throws Exception {
    cf = CertificateFactory.getInstance("X.509");
    X509Certificate taCert = getX509Cert(TRUST_ANCHOR);
    X509Certificate eeCert = getX509Cert(EE_CERT);
    CertPath cp = cf.generateCertPath(Collections.singletonList(eeCert));

    CertPathValidator cpv = CertPathValidator.getInstance("PKIX");
    PKIXRevocationChecker prc =
        (PKIXRevocationChecker)cpv.getRevocationChecker();
    prc.setOptions(EnumSet.of(Option.SOFT_FAIL, Option.NO_FALLBACK));
    byte[] response = base64Decoder.decode(OCSP_RESPONSE);

    prc.setOcspResponses(Collections.singletonMap(eeCert, response));

    TrustAnchor ta = new TrustAnchor(taCert, null);
    PKIXParameters params = new PKIXParameters(Collections.singleton(ta));

    params.addCertPathChecker(prc);

    try {
        cpv.validate(cp, params);
        throw new Exception("FAILED: expected CertPathValidatorException");
    } catch (CertPathValidatorException cpve) {
        cpve.printStackTrace();
    }
}
 
Example #9
Source File: OcspUnauthorized.java    From openjdk-jdk9 with GNU General Public License v2.0 6 votes vote down vote up
public static void main(String[] args) throws Exception {
    cf = CertificateFactory.getInstance("X.509");
    X509Certificate taCert = getX509Cert(TRUST_ANCHOR);
    X509Certificate eeCert = getX509Cert(EE_CERT);
    CertPath cp = cf.generateCertPath(Collections.singletonList(eeCert));

    CertPathValidator cpv = CertPathValidator.getInstance("PKIX");
    PKIXRevocationChecker prc =
        (PKIXRevocationChecker)cpv.getRevocationChecker();
    prc.setOptions(EnumSet.of(Option.SOFT_FAIL, Option.NO_FALLBACK));
    byte[] response = base64Decoder.decode(OCSP_RESPONSE);

    prc.setOcspResponses(Collections.singletonMap(eeCert, response));

    TrustAnchor ta = new TrustAnchor(taCert, null);
    PKIXParameters params = new PKIXParameters(Collections.singleton(ta));

    params.addCertPathChecker(prc);

    try {
        cpv.validate(cp, params);
        throw new Exception("FAILED: expected CertPathValidatorException");
    } catch (CertPathValidatorException cpve) {
        cpve.printStackTrace();
    }
}
 
Example #10
Source File: OcspUnauthorized.java    From openjdk-jdk8u-backup with GNU General Public License v2.0 6 votes vote down vote up
public static void main(String[] args) throws Exception {
    cf = CertificateFactory.getInstance("X.509");
    X509Certificate taCert = getX509Cert(TRUST_ANCHOR);
    X509Certificate eeCert = getX509Cert(EE_CERT);
    CertPath cp = cf.generateCertPath(Collections.singletonList(eeCert));

    CertPathValidator cpv = CertPathValidator.getInstance("PKIX");
    PKIXRevocationChecker prc =
        (PKIXRevocationChecker)cpv.getRevocationChecker();
    prc.setOptions(EnumSet.of(Option.SOFT_FAIL, Option.NO_FALLBACK));
    byte[] response = base64Decoder.decode(OCSP_RESPONSE);

    prc.setOcspResponses(Collections.singletonMap(eeCert, response));

    TrustAnchor ta = new TrustAnchor(taCert, null);
    PKIXParameters params = new PKIXParameters(Collections.singleton(ta));

    params.addCertPathChecker(prc);

    try {
        cpv.validate(cp, params);
        throw new Exception("FAILED: expected CertPathValidatorException");
    } catch (CertPathValidatorException cpve) {
        cpve.printStackTrace();
    }
}
 
Example #11
Source File: OcspUnauthorized.java    From openjdk-jdk8u with GNU General Public License v2.0 6 votes vote down vote up
public static void main(String[] args) throws Exception {
    cf = CertificateFactory.getInstance("X.509");
    X509Certificate taCert = getX509Cert(TRUST_ANCHOR);
    X509Certificate eeCert = getX509Cert(EE_CERT);
    CertPath cp = cf.generateCertPath(Collections.singletonList(eeCert));

    CertPathValidator cpv = CertPathValidator.getInstance("PKIX");
    PKIXRevocationChecker prc =
        (PKIXRevocationChecker)cpv.getRevocationChecker();
    prc.setOptions(EnumSet.of(Option.SOFT_FAIL, Option.NO_FALLBACK));
    byte[] response = base64Decoder.decode(OCSP_RESPONSE);

    prc.setOcspResponses(Collections.singletonMap(eeCert, response));

    TrustAnchor ta = new TrustAnchor(taCert, null);
    PKIXParameters params = new PKIXParameters(Collections.singleton(ta));

    params.addCertPathChecker(prc);

    try {
        cpv.validate(cp, params);
        throw new Exception("FAILED: expected CertPathValidatorException");
    } catch (CertPathValidatorException cpve) {
        cpve.printStackTrace();
    }
}
 
Example #12
Source File: OcspUnauthorized.java    From TencentKona-8 with GNU General Public License v2.0 6 votes vote down vote up
public static void main(String[] args) throws Exception {
    cf = CertificateFactory.getInstance("X.509");
    X509Certificate taCert = getX509Cert(TRUST_ANCHOR);
    X509Certificate eeCert = getX509Cert(EE_CERT);
    CertPath cp = cf.generateCertPath(Collections.singletonList(eeCert));

    CertPathValidator cpv = CertPathValidator.getInstance("PKIX");
    PKIXRevocationChecker prc =
        (PKIXRevocationChecker)cpv.getRevocationChecker();
    prc.setOptions(EnumSet.of(Option.SOFT_FAIL, Option.NO_FALLBACK));
    byte[] response = base64Decoder.decode(OCSP_RESPONSE);

    prc.setOcspResponses(Collections.singletonMap(eeCert, response));

    TrustAnchor ta = new TrustAnchor(taCert, null);
    PKIXParameters params = new PKIXParameters(Collections.singleton(ta));

    params.addCertPathChecker(prc);

    try {
        cpv.validate(cp, params);
        throw new Exception("FAILED: expected CertPathValidatorException");
    } catch (CertPathValidatorException cpve) {
        cpve.printStackTrace();
    }
}
 
Example #13
Source File: OcspUnauthorized.java    From jdk8u60 with GNU General Public License v2.0 6 votes vote down vote up
public static void main(String[] args) throws Exception {
    cf = CertificateFactory.getInstance("X.509");
    X509Certificate taCert = getX509Cert(TRUST_ANCHOR);
    X509Certificate eeCert = getX509Cert(EE_CERT);
    CertPath cp = cf.generateCertPath(Collections.singletonList(eeCert));

    CertPathValidator cpv = CertPathValidator.getInstance("PKIX");
    PKIXRevocationChecker prc =
        (PKIXRevocationChecker)cpv.getRevocationChecker();
    prc.setOptions(EnumSet.of(Option.SOFT_FAIL, Option.NO_FALLBACK));
    byte[] response = base64Decoder.decode(OCSP_RESPONSE);

    prc.setOcspResponses(Collections.singletonMap(eeCert, response));

    TrustAnchor ta = new TrustAnchor(taCert, null);
    PKIXParameters params = new PKIXParameters(Collections.singleton(ta));

    params.addCertPathChecker(prc);

    try {
        cpv.validate(cp, params);
        throw new Exception("FAILED: expected CertPathValidatorException");
    } catch (CertPathValidatorException cpve) {
        cpve.printStackTrace();
    }
}
 
Example #14
Source File: UnitTest.java    From dragonwell8_jdk with GNU General Public License v2.0 4 votes vote down vote up
public static void main(String[] args) throws Exception {

        CertPathValidator cpv = CertPathValidator.getInstance("PKIX");
        CertPathChecker cpc = cpv.getRevocationChecker();
        PKIXRevocationChecker prc = (PKIXRevocationChecker)cpc;

        prc.init(false);

        System.out.println("Testing that get methods return null or " +
                           "empty lists/sets/maps");
        requireNull(prc.getOcspResponder(), "getOcspResponder()");
        requireNull(prc.getOcspResponderCert(), "getOcspResponderCert()");
        requireEmpty(prc.getOcspExtensions(), "getOcspExtensions()");
        requireEmpty(prc.getOcspResponses(), "getOcspResponses()");
        requireEmpty(prc.getOptions(), "getOptions()");
        requireEmpty(prc.getSoftFailExceptions(), "getSoftFailExceptions()");

        System.out.println("Testing that get methods return same parameters " +
                           "that are passed to set methods");
        URI uri = new URI("http://localhost");
        prc.setOcspResponder(uri);
        requireEquals(uri, prc.getOcspResponder(), "getOcspResponder()");

        X509Certificate cert = getCert();
        prc.setOcspResponderCert(cert);
        requireEquals(cert, prc.getOcspResponderCert(),
                      "getOcspResponderCert()");

        List<Extension> exts = new ArrayList<>();
        for (String oid : cert.getNonCriticalExtensionOIDs()) {
            System.out.println(oid);
            exts.add(new ExtensionImpl(oid,
                                       cert.getExtensionValue(oid), false));
        }
        prc.setOcspExtensions(exts);
        requireEquals(exts, prc.getOcspExtensions(), "getOcspExtensions()");

        Set<Option> options = EnumSet.of(Option.ONLY_END_ENTITY);
        prc.setOptions(options);
        requireEquals(options, prc.getOptions(), "getOptions()");

        System.out.println("Testing that parameters are re-initialized to " +
                           "default values if null is passed to set methods");
        prc.setOcspResponder(null);
        requireNull(prc.getOcspResponder(), "getOcspResponder()");
        prc.setOcspResponderCert(null);
        requireNull(prc.getOcspResponderCert(), "getOcspResponderCert()");
        prc.setOcspExtensions(null);
        requireEmpty(prc.getOcspExtensions(), "getOcspExtensions()");
        prc.setOcspResponses(null);
        requireEmpty(prc.getOcspResponses(), "getOcspResponses()");
        prc.setOptions(null);
        requireEmpty(prc.getOptions(), "getOptions()");

        System.out.println("Testing that getRevocationChecker returns new " +
                           "instance each time");
        CertPathChecker first = cpv.getRevocationChecker();
        CertPathChecker second = cpv.getRevocationChecker();
        if (first == second) {
            throw new Exception("FAILED: CertPathCheckers not new instances");
        }
        CertPathBuilder cpb = CertPathBuilder.getInstance("PKIX");
        first = cpb.getRevocationChecker();
        second = cpb.getRevocationChecker();
        if (first == second) {
            throw new Exception("FAILED: CertPathCheckers not new instances");
        }
    }
 
Example #15
Source File: UnitTest.java    From jdk8u-dev-jdk with GNU General Public License v2.0 4 votes vote down vote up
public static void main(String[] args) throws Exception {

        CertPathValidator cpv = CertPathValidator.getInstance("PKIX");
        CertPathChecker cpc = cpv.getRevocationChecker();
        PKIXRevocationChecker prc = (PKIXRevocationChecker)cpc;

        prc.init(false);

        System.out.println("Testing that get methods return null or " +
                           "empty lists/sets/maps");
        requireNull(prc.getOcspResponder(), "getOcspResponder()");
        requireNull(prc.getOcspResponderCert(), "getOcspResponderCert()");
        requireEmpty(prc.getOcspExtensions(), "getOcspExtensions()");
        requireEmpty(prc.getOcspResponses(), "getOcspResponses()");
        requireEmpty(prc.getOptions(), "getOptions()");
        requireEmpty(prc.getSoftFailExceptions(), "getSoftFailExceptions()");

        System.out.println("Testing that get methods return same parameters " +
                           "that are passed to set methods");
        URI uri = new URI("http://localhost");
        prc.setOcspResponder(uri);
        requireEquals(uri, prc.getOcspResponder(), "getOcspResponder()");

        X509Certificate cert = getCert();
        prc.setOcspResponderCert(cert);
        requireEquals(cert, prc.getOcspResponderCert(),
                      "getOcspResponderCert()");

        List<Extension> exts = new ArrayList<>();
        for (String oid : cert.getNonCriticalExtensionOIDs()) {
            System.out.println(oid);
            exts.add(new ExtensionImpl(oid,
                                       cert.getExtensionValue(oid), false));
        }
        prc.setOcspExtensions(exts);
        requireEquals(exts, prc.getOcspExtensions(), "getOcspExtensions()");

        Set<Option> options = EnumSet.of(Option.ONLY_END_ENTITY);
        prc.setOptions(options);
        requireEquals(options, prc.getOptions(), "getOptions()");

        System.out.println("Testing that parameters are re-initialized to " +
                           "default values if null is passed to set methods");
        prc.setOcspResponder(null);
        requireNull(prc.getOcspResponder(), "getOcspResponder()");
        prc.setOcspResponderCert(null);
        requireNull(prc.getOcspResponderCert(), "getOcspResponderCert()");
        prc.setOcspExtensions(null);
        requireEmpty(prc.getOcspExtensions(), "getOcspExtensions()");
        prc.setOcspResponses(null);
        requireEmpty(prc.getOcspResponses(), "getOcspResponses()");
        prc.setOptions(null);
        requireEmpty(prc.getOptions(), "getOptions()");

        System.out.println("Testing that getRevocationChecker returns new " +
                           "instance each time");
        CertPathChecker first = cpv.getRevocationChecker();
        CertPathChecker second = cpv.getRevocationChecker();
        if (first == second) {
            throw new Exception("FAILED: CertPathCheckers not new instances");
        }
        CertPathBuilder cpb = CertPathBuilder.getInstance("PKIX");
        first = cpb.getRevocationChecker();
        second = cpb.getRevocationChecker();
        if (first == second) {
            throw new Exception("FAILED: CertPathCheckers not new instances");
        }
    }
 
Example #16
Source File: UnitTest.java    From TencentKona-8 with GNU General Public License v2.0 4 votes vote down vote up
public static void main(String[] args) throws Exception {

        CertPathValidator cpv = CertPathValidator.getInstance("PKIX");
        CertPathChecker cpc = cpv.getRevocationChecker();
        PKIXRevocationChecker prc = (PKIXRevocationChecker)cpc;

        prc.init(false);

        System.out.println("Testing that get methods return null or " +
                           "empty lists/sets/maps");
        requireNull(prc.getOcspResponder(), "getOcspResponder()");
        requireNull(prc.getOcspResponderCert(), "getOcspResponderCert()");
        requireEmpty(prc.getOcspExtensions(), "getOcspExtensions()");
        requireEmpty(prc.getOcspResponses(), "getOcspResponses()");
        requireEmpty(prc.getOptions(), "getOptions()");
        requireEmpty(prc.getSoftFailExceptions(), "getSoftFailExceptions()");

        System.out.println("Testing that get methods return same parameters " +
                           "that are passed to set methods");
        URI uri = new URI("http://localhost");
        prc.setOcspResponder(uri);
        requireEquals(uri, prc.getOcspResponder(), "getOcspResponder()");

        X509Certificate cert = getCert();
        prc.setOcspResponderCert(cert);
        requireEquals(cert, prc.getOcspResponderCert(),
                      "getOcspResponderCert()");

        List<Extension> exts = new ArrayList<>();
        for (String oid : cert.getNonCriticalExtensionOIDs()) {
            System.out.println(oid);
            exts.add(new ExtensionImpl(oid,
                                       cert.getExtensionValue(oid), false));
        }
        prc.setOcspExtensions(exts);
        requireEquals(exts, prc.getOcspExtensions(), "getOcspExtensions()");

        Set<Option> options = EnumSet.of(Option.ONLY_END_ENTITY);
        prc.setOptions(options);
        requireEquals(options, prc.getOptions(), "getOptions()");

        System.out.println("Testing that parameters are re-initialized to " +
                           "default values if null is passed to set methods");
        prc.setOcspResponder(null);
        requireNull(prc.getOcspResponder(), "getOcspResponder()");
        prc.setOcspResponderCert(null);
        requireNull(prc.getOcspResponderCert(), "getOcspResponderCert()");
        prc.setOcspExtensions(null);
        requireEmpty(prc.getOcspExtensions(), "getOcspExtensions()");
        prc.setOcspResponses(null);
        requireEmpty(prc.getOcspResponses(), "getOcspResponses()");
        prc.setOptions(null);
        requireEmpty(prc.getOptions(), "getOptions()");

        System.out.println("Testing that getRevocationChecker returns new " +
                           "instance each time");
        CertPathChecker first = cpv.getRevocationChecker();
        CertPathChecker second = cpv.getRevocationChecker();
        if (first == second) {
            throw new Exception("FAILED: CertPathCheckers not new instances");
        }
        CertPathBuilder cpb = CertPathBuilder.getInstance("PKIX");
        first = cpb.getRevocationChecker();
        second = cpb.getRevocationChecker();
        if (first == second) {
            throw new Exception("FAILED: CertPathCheckers not new instances");
        }
    }
 
Example #17
Source File: UnitTest.java    From jdk8u-jdk with GNU General Public License v2.0 4 votes vote down vote up
public static void main(String[] args) throws Exception {

        CertPathValidator cpv = CertPathValidator.getInstance("PKIX");
        CertPathChecker cpc = cpv.getRevocationChecker();
        PKIXRevocationChecker prc = (PKIXRevocationChecker)cpc;

        prc.init(false);

        System.out.println("Testing that get methods return null or " +
                           "empty lists/sets/maps");
        requireNull(prc.getOcspResponder(), "getOcspResponder()");
        requireNull(prc.getOcspResponderCert(), "getOcspResponderCert()");
        requireEmpty(prc.getOcspExtensions(), "getOcspExtensions()");
        requireEmpty(prc.getOcspResponses(), "getOcspResponses()");
        requireEmpty(prc.getOptions(), "getOptions()");
        requireEmpty(prc.getSoftFailExceptions(), "getSoftFailExceptions()");

        System.out.println("Testing that get methods return same parameters " +
                           "that are passed to set methods");
        URI uri = new URI("http://localhost");
        prc.setOcspResponder(uri);
        requireEquals(uri, prc.getOcspResponder(), "getOcspResponder()");

        X509Certificate cert = getCert();
        prc.setOcspResponderCert(cert);
        requireEquals(cert, prc.getOcspResponderCert(),
                      "getOcspResponderCert()");

        List<Extension> exts = new ArrayList<>();
        for (String oid : cert.getNonCriticalExtensionOIDs()) {
            System.out.println(oid);
            exts.add(new ExtensionImpl(oid,
                                       cert.getExtensionValue(oid), false));
        }
        prc.setOcspExtensions(exts);
        requireEquals(exts, prc.getOcspExtensions(), "getOcspExtensions()");

        Set<Option> options = EnumSet.of(Option.ONLY_END_ENTITY);
        prc.setOptions(options);
        requireEquals(options, prc.getOptions(), "getOptions()");

        System.out.println("Testing that parameters are re-initialized to " +
                           "default values if null is passed to set methods");
        prc.setOcspResponder(null);
        requireNull(prc.getOcspResponder(), "getOcspResponder()");
        prc.setOcspResponderCert(null);
        requireNull(prc.getOcspResponderCert(), "getOcspResponderCert()");
        prc.setOcspExtensions(null);
        requireEmpty(prc.getOcspExtensions(), "getOcspExtensions()");
        prc.setOcspResponses(null);
        requireEmpty(prc.getOcspResponses(), "getOcspResponses()");
        prc.setOptions(null);
        requireEmpty(prc.getOptions(), "getOptions()");

        System.out.println("Testing that getRevocationChecker returns new " +
                           "instance each time");
        CertPathChecker first = cpv.getRevocationChecker();
        CertPathChecker second = cpv.getRevocationChecker();
        if (first == second) {
            throw new Exception("FAILED: CertPathCheckers not new instances");
        }
        CertPathBuilder cpb = CertPathBuilder.getInstance("PKIX");
        first = cpb.getRevocationChecker();
        second = cpb.getRevocationChecker();
        if (first == second) {
            throw new Exception("FAILED: CertPathCheckers not new instances");
        }
    }
 
Example #18
Source File: UnitTest.java    From jdk8u_jdk with GNU General Public License v2.0 4 votes vote down vote up
public static void main(String[] args) throws Exception {

        CertPathValidator cpv = CertPathValidator.getInstance("PKIX");
        CertPathChecker cpc = cpv.getRevocationChecker();
        PKIXRevocationChecker prc = (PKIXRevocationChecker)cpc;

        prc.init(false);

        System.out.println("Testing that get methods return null or " +
                           "empty lists/sets/maps");
        requireNull(prc.getOcspResponder(), "getOcspResponder()");
        requireNull(prc.getOcspResponderCert(), "getOcspResponderCert()");
        requireEmpty(prc.getOcspExtensions(), "getOcspExtensions()");
        requireEmpty(prc.getOcspResponses(), "getOcspResponses()");
        requireEmpty(prc.getOptions(), "getOptions()");
        requireEmpty(prc.getSoftFailExceptions(), "getSoftFailExceptions()");

        System.out.println("Testing that get methods return same parameters " +
                           "that are passed to set methods");
        URI uri = new URI("http://localhost");
        prc.setOcspResponder(uri);
        requireEquals(uri, prc.getOcspResponder(), "getOcspResponder()");

        X509Certificate cert = getCert();
        prc.setOcspResponderCert(cert);
        requireEquals(cert, prc.getOcspResponderCert(),
                      "getOcspResponderCert()");

        List<Extension> exts = new ArrayList<>();
        for (String oid : cert.getNonCriticalExtensionOIDs()) {
            System.out.println(oid);
            exts.add(new ExtensionImpl(oid,
                                       cert.getExtensionValue(oid), false));
        }
        prc.setOcspExtensions(exts);
        requireEquals(exts, prc.getOcspExtensions(), "getOcspExtensions()");

        Set<Option> options = EnumSet.of(Option.ONLY_END_ENTITY);
        prc.setOptions(options);
        requireEquals(options, prc.getOptions(), "getOptions()");

        System.out.println("Testing that parameters are re-initialized to " +
                           "default values if null is passed to set methods");
        prc.setOcspResponder(null);
        requireNull(prc.getOcspResponder(), "getOcspResponder()");
        prc.setOcspResponderCert(null);
        requireNull(prc.getOcspResponderCert(), "getOcspResponderCert()");
        prc.setOcspExtensions(null);
        requireEmpty(prc.getOcspExtensions(), "getOcspExtensions()");
        prc.setOcspResponses(null);
        requireEmpty(prc.getOcspResponses(), "getOcspResponses()");
        prc.setOptions(null);
        requireEmpty(prc.getOptions(), "getOptions()");

        System.out.println("Testing that getRevocationChecker returns new " +
                           "instance each time");
        CertPathChecker first = cpv.getRevocationChecker();
        CertPathChecker second = cpv.getRevocationChecker();
        if (first == second) {
            throw new Exception("FAILED: CertPathCheckers not new instances");
        }
        CertPathBuilder cpb = CertPathBuilder.getInstance("PKIX");
        first = cpb.getRevocationChecker();
        second = cpb.getRevocationChecker();
        if (first == second) {
            throw new Exception("FAILED: CertPathCheckers not new instances");
        }
    }
 
Example #19
Source File: UnitTest.java    From jdk8u60 with GNU General Public License v2.0 4 votes vote down vote up
public static void main(String[] args) throws Exception {

        CertPathValidator cpv = CertPathValidator.getInstance("PKIX");
        CertPathChecker cpc = cpv.getRevocationChecker();
        PKIXRevocationChecker prc = (PKIXRevocationChecker)cpc;

        prc.init(false);

        System.out.println("Testing that get methods return null or " +
                           "empty lists/sets/maps");
        requireNull(prc.getOcspResponder(), "getOcspResponder()");
        requireNull(prc.getOcspResponderCert(), "getOcspResponderCert()");
        requireEmpty(prc.getOcspExtensions(), "getOcspExtensions()");
        requireEmpty(prc.getOcspResponses(), "getOcspResponses()");
        requireEmpty(prc.getOptions(), "getOptions()");
        requireEmpty(prc.getSoftFailExceptions(), "getSoftFailExceptions()");

        System.out.println("Testing that get methods return same parameters " +
                           "that are passed to set methods");
        URI uri = new URI("http://localhost");
        prc.setOcspResponder(uri);
        requireEquals(uri, prc.getOcspResponder(), "getOcspResponder()");

        X509Certificate cert = getCert();
        prc.setOcspResponderCert(cert);
        requireEquals(cert, prc.getOcspResponderCert(),
                      "getOcspResponderCert()");

        List<Extension> exts = new ArrayList<>();
        for (String oid : cert.getNonCriticalExtensionOIDs()) {
            System.out.println(oid);
            exts.add(new ExtensionImpl(oid,
                                       cert.getExtensionValue(oid), false));
        }
        prc.setOcspExtensions(exts);
        requireEquals(exts, prc.getOcspExtensions(), "getOcspExtensions()");

        Set<Option> options = EnumSet.of(Option.ONLY_END_ENTITY);
        prc.setOptions(options);
        requireEquals(options, prc.getOptions(), "getOptions()");

        System.out.println("Testing that parameters are re-initialized to " +
                           "default values if null is passed to set methods");
        prc.setOcspResponder(null);
        requireNull(prc.getOcspResponder(), "getOcspResponder()");
        prc.setOcspResponderCert(null);
        requireNull(prc.getOcspResponderCert(), "getOcspResponderCert()");
        prc.setOcspExtensions(null);
        requireEmpty(prc.getOcspExtensions(), "getOcspExtensions()");
        prc.setOcspResponses(null);
        requireEmpty(prc.getOcspResponses(), "getOcspResponses()");
        prc.setOptions(null);
        requireEmpty(prc.getOptions(), "getOptions()");

        System.out.println("Testing that getRevocationChecker returns new " +
                           "instance each time");
        CertPathChecker first = cpv.getRevocationChecker();
        CertPathChecker second = cpv.getRevocationChecker();
        if (first == second) {
            throw new Exception("FAILED: CertPathCheckers not new instances");
        }
        CertPathBuilder cpb = CertPathBuilder.getInstance("PKIX");
        first = cpb.getRevocationChecker();
        second = cpb.getRevocationChecker();
        if (first == second) {
            throw new Exception("FAILED: CertPathCheckers not new instances");
        }
    }
 
Example #20
Source File: UnitTest.java    From openjdk-8 with GNU General Public License v2.0 4 votes vote down vote up
public static void main(String[] args) throws Exception {

        CertPathValidator cpv = CertPathValidator.getInstance("PKIX");
        CertPathChecker cpc = cpv.getRevocationChecker();
        PKIXRevocationChecker prc = (PKIXRevocationChecker)cpc;

        prc.init(false);

        System.out.println("Testing that get methods return null or " +
                           "empty lists/sets/maps");
        requireNull(prc.getOcspResponder(), "getOcspResponder()");
        requireNull(prc.getOcspResponderCert(), "getOcspResponderCert()");
        requireEmpty(prc.getOcspExtensions(), "getOcspExtensions()");
        requireEmpty(prc.getOcspResponses(), "getOcspResponses()");
        requireEmpty(prc.getOptions(), "getOptions()");
        requireEmpty(prc.getSoftFailExceptions(), "getSoftFailExceptions()");

        System.out.println("Testing that get methods return same parameters " +
                           "that are passed to set methods");
        URI uri = new URI("http://localhost");
        prc.setOcspResponder(uri);
        requireEquals(uri, prc.getOcspResponder(), "getOcspResponder()");

        X509Certificate cert = getCert();
        prc.setOcspResponderCert(cert);
        requireEquals(cert, prc.getOcspResponderCert(),
                      "getOcspResponderCert()");

        List<Extension> exts = new ArrayList<>();
        for (String oid : cert.getNonCriticalExtensionOIDs()) {
            System.out.println(oid);
            exts.add(new ExtensionImpl(oid,
                                       cert.getExtensionValue(oid), false));
        }
        prc.setOcspExtensions(exts);
        requireEquals(exts, prc.getOcspExtensions(), "getOcspExtensions()");

        Set<Option> options = EnumSet.of(Option.ONLY_END_ENTITY);
        prc.setOptions(options);
        requireEquals(options, prc.getOptions(), "getOptions()");

        System.out.println("Testing that parameters are re-initialized to " +
                           "default values if null is passed to set methods");
        prc.setOcspResponder(null);
        requireNull(prc.getOcspResponder(), "getOcspResponder()");
        prc.setOcspResponderCert(null);
        requireNull(prc.getOcspResponderCert(), "getOcspResponderCert()");
        prc.setOcspExtensions(null);
        requireEmpty(prc.getOcspExtensions(), "getOcspExtensions()");
        prc.setOcspResponses(null);
        requireEmpty(prc.getOcspResponses(), "getOcspResponses()");
        prc.setOptions(null);
        requireEmpty(prc.getOptions(), "getOptions()");

        System.out.println("Testing that getRevocationChecker returns new " +
                           "instance each time");
        CertPathChecker first = cpv.getRevocationChecker();
        CertPathChecker second = cpv.getRevocationChecker();
        if (first == second) {
            throw new Exception("FAILED: CertPathCheckers not new instances");
        }
        CertPathBuilder cpb = CertPathBuilder.getInstance("PKIX");
        first = cpb.getRevocationChecker();
        second = cpb.getRevocationChecker();
        if (first == second) {
            throw new Exception("FAILED: CertPathCheckers not new instances");
        }
    }
 
Example #21
Source File: UnitTest.java    From openjdk-8-source with GNU General Public License v2.0 4 votes vote down vote up
public static void main(String[] args) throws Exception {

        CertPathValidator cpv = CertPathValidator.getInstance("PKIX");
        CertPathChecker cpc = cpv.getRevocationChecker();
        PKIXRevocationChecker prc = (PKIXRevocationChecker)cpc;

        prc.init(false);

        System.out.println("Testing that get methods return null or " +
                           "empty lists/sets/maps");
        requireNull(prc.getOcspResponder(), "getOcspResponder()");
        requireNull(prc.getOcspResponderCert(), "getOcspResponderCert()");
        requireEmpty(prc.getOcspExtensions(), "getOcspExtensions()");
        requireEmpty(prc.getOcspResponses(), "getOcspResponses()");
        requireEmpty(prc.getOptions(), "getOptions()");
        requireEmpty(prc.getSoftFailExceptions(), "getSoftFailExceptions()");

        System.out.println("Testing that get methods return same parameters " +
                           "that are passed to set methods");
        URI uri = new URI("http://localhost");
        prc.setOcspResponder(uri);
        requireEquals(uri, prc.getOcspResponder(), "getOcspResponder()");

        X509Certificate cert = getCert();
        prc.setOcspResponderCert(cert);
        requireEquals(cert, prc.getOcspResponderCert(),
                      "getOcspResponderCert()");

        List<Extension> exts = new ArrayList<>();
        for (String oid : cert.getNonCriticalExtensionOIDs()) {
            System.out.println(oid);
            exts.add(new ExtensionImpl(oid,
                                       cert.getExtensionValue(oid), false));
        }
        prc.setOcspExtensions(exts);
        requireEquals(exts, prc.getOcspExtensions(), "getOcspExtensions()");

        Set<Option> options = EnumSet.of(Option.ONLY_END_ENTITY);
        prc.setOptions(options);
        requireEquals(options, prc.getOptions(), "getOptions()");

        System.out.println("Testing that parameters are re-initialized to " +
                           "default values if null is passed to set methods");
        prc.setOcspResponder(null);
        requireNull(prc.getOcspResponder(), "getOcspResponder()");
        prc.setOcspResponderCert(null);
        requireNull(prc.getOcspResponderCert(), "getOcspResponderCert()");
        prc.setOcspExtensions(null);
        requireEmpty(prc.getOcspExtensions(), "getOcspExtensions()");
        prc.setOcspResponses(null);
        requireEmpty(prc.getOcspResponses(), "getOcspResponses()");
        prc.setOptions(null);
        requireEmpty(prc.getOptions(), "getOptions()");

        System.out.println("Testing that getRevocationChecker returns new " +
                           "instance each time");
        CertPathChecker first = cpv.getRevocationChecker();
        CertPathChecker second = cpv.getRevocationChecker();
        if (first == second) {
            throw new Exception("FAILED: CertPathCheckers not new instances");
        }
        CertPathBuilder cpb = CertPathBuilder.getInstance("PKIX");
        first = cpb.getRevocationChecker();
        second = cpb.getRevocationChecker();
        if (first == second) {
            throw new Exception("FAILED: CertPathCheckers not new instances");
        }
    }
 
Example #22
Source File: UnitTest.java    From openjdk-jdk8u with GNU General Public License v2.0 4 votes vote down vote up
public static void main(String[] args) throws Exception {

        CertPathValidator cpv = CertPathValidator.getInstance("PKIX");
        CertPathChecker cpc = cpv.getRevocationChecker();
        PKIXRevocationChecker prc = (PKIXRevocationChecker)cpc;

        prc.init(false);

        System.out.println("Testing that get methods return null or " +
                           "empty lists/sets/maps");
        requireNull(prc.getOcspResponder(), "getOcspResponder()");
        requireNull(prc.getOcspResponderCert(), "getOcspResponderCert()");
        requireEmpty(prc.getOcspExtensions(), "getOcspExtensions()");
        requireEmpty(prc.getOcspResponses(), "getOcspResponses()");
        requireEmpty(prc.getOptions(), "getOptions()");
        requireEmpty(prc.getSoftFailExceptions(), "getSoftFailExceptions()");

        System.out.println("Testing that get methods return same parameters " +
                           "that are passed to set methods");
        URI uri = new URI("http://localhost");
        prc.setOcspResponder(uri);
        requireEquals(uri, prc.getOcspResponder(), "getOcspResponder()");

        X509Certificate cert = getCert();
        prc.setOcspResponderCert(cert);
        requireEquals(cert, prc.getOcspResponderCert(),
                      "getOcspResponderCert()");

        List<Extension> exts = new ArrayList<>();
        for (String oid : cert.getNonCriticalExtensionOIDs()) {
            System.out.println(oid);
            exts.add(new ExtensionImpl(oid,
                                       cert.getExtensionValue(oid), false));
        }
        prc.setOcspExtensions(exts);
        requireEquals(exts, prc.getOcspExtensions(), "getOcspExtensions()");

        Set<Option> options = EnumSet.of(Option.ONLY_END_ENTITY);
        prc.setOptions(options);
        requireEquals(options, prc.getOptions(), "getOptions()");

        System.out.println("Testing that parameters are re-initialized to " +
                           "default values if null is passed to set methods");
        prc.setOcspResponder(null);
        requireNull(prc.getOcspResponder(), "getOcspResponder()");
        prc.setOcspResponderCert(null);
        requireNull(prc.getOcspResponderCert(), "getOcspResponderCert()");
        prc.setOcspExtensions(null);
        requireEmpty(prc.getOcspExtensions(), "getOcspExtensions()");
        prc.setOcspResponses(null);
        requireEmpty(prc.getOcspResponses(), "getOcspResponses()");
        prc.setOptions(null);
        requireEmpty(prc.getOptions(), "getOptions()");

        System.out.println("Testing that getRevocationChecker returns new " +
                           "instance each time");
        CertPathChecker first = cpv.getRevocationChecker();
        CertPathChecker second = cpv.getRevocationChecker();
        if (first == second) {
            throw new Exception("FAILED: CertPathCheckers not new instances");
        }
        CertPathBuilder cpb = CertPathBuilder.getInstance("PKIX");
        first = cpb.getRevocationChecker();
        second = cpb.getRevocationChecker();
        if (first == second) {
            throw new Exception("FAILED: CertPathCheckers not new instances");
        }
    }
 
Example #23
Source File: UnitTest.java    From hottub with GNU General Public License v2.0 4 votes vote down vote up
public static void main(String[] args) throws Exception {

        CertPathValidator cpv = CertPathValidator.getInstance("PKIX");
        CertPathChecker cpc = cpv.getRevocationChecker();
        PKIXRevocationChecker prc = (PKIXRevocationChecker)cpc;

        prc.init(false);

        System.out.println("Testing that get methods return null or " +
                           "empty lists/sets/maps");
        requireNull(prc.getOcspResponder(), "getOcspResponder()");
        requireNull(prc.getOcspResponderCert(), "getOcspResponderCert()");
        requireEmpty(prc.getOcspExtensions(), "getOcspExtensions()");
        requireEmpty(prc.getOcspResponses(), "getOcspResponses()");
        requireEmpty(prc.getOptions(), "getOptions()");
        requireEmpty(prc.getSoftFailExceptions(), "getSoftFailExceptions()");

        System.out.println("Testing that get methods return same parameters " +
                           "that are passed to set methods");
        URI uri = new URI("http://localhost");
        prc.setOcspResponder(uri);
        requireEquals(uri, prc.getOcspResponder(), "getOcspResponder()");

        X509Certificate cert = getCert();
        prc.setOcspResponderCert(cert);
        requireEquals(cert, prc.getOcspResponderCert(),
                      "getOcspResponderCert()");

        List<Extension> exts = new ArrayList<>();
        for (String oid : cert.getNonCriticalExtensionOIDs()) {
            System.out.println(oid);
            exts.add(new ExtensionImpl(oid,
                                       cert.getExtensionValue(oid), false));
        }
        prc.setOcspExtensions(exts);
        requireEquals(exts, prc.getOcspExtensions(), "getOcspExtensions()");

        Set<Option> options = EnumSet.of(Option.ONLY_END_ENTITY);
        prc.setOptions(options);
        requireEquals(options, prc.getOptions(), "getOptions()");

        System.out.println("Testing that parameters are re-initialized to " +
                           "default values if null is passed to set methods");
        prc.setOcspResponder(null);
        requireNull(prc.getOcspResponder(), "getOcspResponder()");
        prc.setOcspResponderCert(null);
        requireNull(prc.getOcspResponderCert(), "getOcspResponderCert()");
        prc.setOcspExtensions(null);
        requireEmpty(prc.getOcspExtensions(), "getOcspExtensions()");
        prc.setOcspResponses(null);
        requireEmpty(prc.getOcspResponses(), "getOcspResponses()");
        prc.setOptions(null);
        requireEmpty(prc.getOptions(), "getOptions()");

        System.out.println("Testing that getRevocationChecker returns new " +
                           "instance each time");
        CertPathChecker first = cpv.getRevocationChecker();
        CertPathChecker second = cpv.getRevocationChecker();
        if (first == second) {
            throw new Exception("FAILED: CertPathCheckers not new instances");
        }
        CertPathBuilder cpb = CertPathBuilder.getInstance("PKIX");
        first = cpb.getRevocationChecker();
        second = cpb.getRevocationChecker();
        if (first == second) {
            throw new Exception("FAILED: CertPathCheckers not new instances");
        }
    }
 
Example #24
Source File: UnitTest.java    From jdk8u-jdk with GNU General Public License v2.0 4 votes vote down vote up
public static void main(String[] args) throws Exception {

        CertPathValidator cpv = CertPathValidator.getInstance("PKIX");
        CertPathChecker cpc = cpv.getRevocationChecker();
        PKIXRevocationChecker prc = (PKIXRevocationChecker)cpc;

        prc.init(false);

        System.out.println("Testing that get methods return null or " +
                           "empty lists/sets/maps");
        requireNull(prc.getOcspResponder(), "getOcspResponder()");
        requireNull(prc.getOcspResponderCert(), "getOcspResponderCert()");
        requireEmpty(prc.getOcspExtensions(), "getOcspExtensions()");
        requireEmpty(prc.getOcspResponses(), "getOcspResponses()");
        requireEmpty(prc.getOptions(), "getOptions()");
        requireEmpty(prc.getSoftFailExceptions(), "getSoftFailExceptions()");

        System.out.println("Testing that get methods return same parameters " +
                           "that are passed to set methods");
        URI uri = new URI("http://localhost");
        prc.setOcspResponder(uri);
        requireEquals(uri, prc.getOcspResponder(), "getOcspResponder()");

        X509Certificate cert = getCert();
        prc.setOcspResponderCert(cert);
        requireEquals(cert, prc.getOcspResponderCert(),
                      "getOcspResponderCert()");

        List<Extension> exts = new ArrayList<>();
        for (String oid : cert.getNonCriticalExtensionOIDs()) {
            System.out.println(oid);
            exts.add(new ExtensionImpl(oid,
                                       cert.getExtensionValue(oid), false));
        }
        prc.setOcspExtensions(exts);
        requireEquals(exts, prc.getOcspExtensions(), "getOcspExtensions()");

        Set<Option> options = EnumSet.of(Option.ONLY_END_ENTITY);
        prc.setOptions(options);
        requireEquals(options, prc.getOptions(), "getOptions()");

        System.out.println("Testing that parameters are re-initialized to " +
                           "default values if null is passed to set methods");
        prc.setOcspResponder(null);
        requireNull(prc.getOcspResponder(), "getOcspResponder()");
        prc.setOcspResponderCert(null);
        requireNull(prc.getOcspResponderCert(), "getOcspResponderCert()");
        prc.setOcspExtensions(null);
        requireEmpty(prc.getOcspExtensions(), "getOcspExtensions()");
        prc.setOcspResponses(null);
        requireEmpty(prc.getOcspResponses(), "getOcspResponses()");
        prc.setOptions(null);
        requireEmpty(prc.getOptions(), "getOptions()");

        System.out.println("Testing that getRevocationChecker returns new " +
                           "instance each time");
        CertPathChecker first = cpv.getRevocationChecker();
        CertPathChecker second = cpv.getRevocationChecker();
        if (first == second) {
            throw new Exception("FAILED: CertPathCheckers not new instances");
        }
        CertPathBuilder cpb = CertPathBuilder.getInstance("PKIX");
        first = cpb.getRevocationChecker();
        second = cpb.getRevocationChecker();
        if (first == second) {
            throw new Exception("FAILED: CertPathCheckers not new instances");
        }
    }
 
Example #25
Source File: SSLSocketWithStapling.java    From openjdk-jdk9 with GNU General Public License v2.0 4 votes vote down vote up
/**
 * Test a case where client-side stapling is attempted, but does not
 * occur because OCSP responders are unreachable.  Client-side OCSP
 * checking is enabled for this, with SOFT_FAIL.
 */
static void testSoftFailFallback() throws Exception {
    ClientParameters cliParams = new ClientParameters();
    ServerParameters servParams = new ServerParameters();
    serverReady = false;

    // make OCSP responders reject connections
    intOcsp.rejectConnections();
    rootOcsp.rejectConnections();

    System.out.println("=======================================");
    System.out.println("Stapling enbled in client and server,");
    System.out.println("but OCSP responders disabled.");
    System.out.println("PKIXParameters with Revocation checking");
    System.out.println("enabled and SOFT_FAIL.");
    System.out.println("=======================================");

    Security.setProperty("ocsp.enable", "true");
    cliParams.pkixParams = new PKIXBuilderParameters(trustStore,
            new X509CertSelector());
    cliParams.pkixParams.setRevocationEnabled(true);
    CertPathValidator cpv = CertPathValidator.getInstance("PKIX");
    cliParams.revChecker =
            (PKIXRevocationChecker)cpv.getRevocationChecker();
    cliParams.revChecker.setOptions(EnumSet.of(Option.SOFT_FAIL));

    SSLSocketWithStapling sslTest = new SSLSocketWithStapling(cliParams,
            servParams);
    TestResult tr = sslTest.getResult();
    if (tr.clientExc != null) {
        throw tr.clientExc;
    } else if (tr.serverExc != null) {
        throw tr.serverExc;
    }

    System.out.println("                 PASS");
    System.out.println("=======================================\n");

    // Make OCSP responders accept connections
    intOcsp.acceptConnections();
    rootOcsp.acceptConnections();

    // Wait 5 seconds for server ready
    for (int i = 0; (i < 100 && (!intOcsp.isServerReady() || !rootOcsp.isServerReady())); i++) {
        Thread.sleep(50);
    }
    if (!intOcsp.isServerReady() || !rootOcsp.isServerReady()) {
        throw new RuntimeException("Server not ready yet");
    }
}
 
Example #26
Source File: UnitTest.java    From openjdk-jdk8u-backup with GNU General Public License v2.0 4 votes vote down vote up
public static void main(String[] args) throws Exception {

        CertPathValidator cpv = CertPathValidator.getInstance("PKIX");
        CertPathChecker cpc = cpv.getRevocationChecker();
        PKIXRevocationChecker prc = (PKIXRevocationChecker)cpc;

        prc.init(false);

        System.out.println("Testing that get methods return null or " +
                           "empty lists/sets/maps");
        requireNull(prc.getOcspResponder(), "getOcspResponder()");
        requireNull(prc.getOcspResponderCert(), "getOcspResponderCert()");
        requireEmpty(prc.getOcspExtensions(), "getOcspExtensions()");
        requireEmpty(prc.getOcspResponses(), "getOcspResponses()");
        requireEmpty(prc.getOptions(), "getOptions()");
        requireEmpty(prc.getSoftFailExceptions(), "getSoftFailExceptions()");

        System.out.println("Testing that get methods return same parameters " +
                           "that are passed to set methods");
        URI uri = new URI("http://localhost");
        prc.setOcspResponder(uri);
        requireEquals(uri, prc.getOcspResponder(), "getOcspResponder()");

        X509Certificate cert = getCert();
        prc.setOcspResponderCert(cert);
        requireEquals(cert, prc.getOcspResponderCert(),
                      "getOcspResponderCert()");

        List<Extension> exts = new ArrayList<>();
        for (String oid : cert.getNonCriticalExtensionOIDs()) {
            System.out.println(oid);
            exts.add(new ExtensionImpl(oid,
                                       cert.getExtensionValue(oid), false));
        }
        prc.setOcspExtensions(exts);
        requireEquals(exts, prc.getOcspExtensions(), "getOcspExtensions()");

        Set<Option> options = EnumSet.of(Option.ONLY_END_ENTITY);
        prc.setOptions(options);
        requireEquals(options, prc.getOptions(), "getOptions()");

        System.out.println("Testing that parameters are re-initialized to " +
                           "default values if null is passed to set methods");
        prc.setOcspResponder(null);
        requireNull(prc.getOcspResponder(), "getOcspResponder()");
        prc.setOcspResponderCert(null);
        requireNull(prc.getOcspResponderCert(), "getOcspResponderCert()");
        prc.setOcspExtensions(null);
        requireEmpty(prc.getOcspExtensions(), "getOcspExtensions()");
        prc.setOcspResponses(null);
        requireEmpty(prc.getOcspResponses(), "getOcspResponses()");
        prc.setOptions(null);
        requireEmpty(prc.getOptions(), "getOptions()");

        System.out.println("Testing that getRevocationChecker returns new " +
                           "instance each time");
        CertPathChecker first = cpv.getRevocationChecker();
        CertPathChecker second = cpv.getRevocationChecker();
        if (first == second) {
            throw new Exception("FAILED: CertPathCheckers not new instances");
        }
        CertPathBuilder cpb = CertPathBuilder.getInstance("PKIX");
        first = cpb.getRevocationChecker();
        second = cpb.getRevocationChecker();
        if (first == second) {
            throw new Exception("FAILED: CertPathCheckers not new instances");
        }
    }
 
Example #27
Source File: UnitTest.java    From openjdk-jdk9 with GNU General Public License v2.0 4 votes vote down vote up
public static void main(String[] args) throws Exception {

        CertPathValidator cpv = CertPathValidator.getInstance("PKIX");
        CertPathChecker cpc = cpv.getRevocationChecker();
        PKIXRevocationChecker prc = (PKIXRevocationChecker)cpc;

        prc.init(false);

        System.out.println("Testing that get methods return null or " +
                           "empty lists/sets/maps");
        requireNull(prc.getOcspResponder(), "getOcspResponder()");
        requireNull(prc.getOcspResponderCert(), "getOcspResponderCert()");
        requireEmpty(prc.getOcspExtensions(), "getOcspExtensions()");
        requireEmpty(prc.getOcspResponses(), "getOcspResponses()");
        requireEmpty(prc.getOptions(), "getOptions()");
        requireEmpty(prc.getSoftFailExceptions(), "getSoftFailExceptions()");

        System.out.println("Testing that get methods return same parameters " +
                           "that are passed to set methods");
        URI uri = new URI("http://localhost");
        prc.setOcspResponder(uri);
        requireEquals(uri, prc.getOcspResponder(), "getOcspResponder()");

        X509Certificate cert = getCert();
        prc.setOcspResponderCert(cert);
        requireEquals(cert, prc.getOcspResponderCert(),
                      "getOcspResponderCert()");

        List<Extension> exts = new ArrayList<>();
        for (String oid : cert.getNonCriticalExtensionOIDs()) {
            System.out.println(oid);
            exts.add(new ExtensionImpl(oid,
                                       cert.getExtensionValue(oid), false));
        }
        prc.setOcspExtensions(exts);
        requireEquals(exts, prc.getOcspExtensions(), "getOcspExtensions()");

        Set<Option> options = EnumSet.of(Option.ONLY_END_ENTITY);
        prc.setOptions(options);
        requireEquals(options, prc.getOptions(), "getOptions()");

        System.out.println("Testing that parameters are re-initialized to " +
                           "default values if null is passed to set methods");
        prc.setOcspResponder(null);
        requireNull(prc.getOcspResponder(), "getOcspResponder()");
        prc.setOcspResponderCert(null);
        requireNull(prc.getOcspResponderCert(), "getOcspResponderCert()");
        prc.setOcspExtensions(null);
        requireEmpty(prc.getOcspExtensions(), "getOcspExtensions()");
        prc.setOcspResponses(null);
        requireEmpty(prc.getOcspResponses(), "getOcspResponses()");
        prc.setOptions(null);
        requireEmpty(prc.getOptions(), "getOptions()");

        System.out.println("Testing that getRevocationChecker returns new " +
                           "instance each time");
        CertPathChecker first = cpv.getRevocationChecker();
        CertPathChecker second = cpv.getRevocationChecker();
        if (first == second) {
            throw new Exception("FAILED: CertPathCheckers not new instances");
        }
        CertPathBuilder cpb = CertPathBuilder.getInstance("PKIX");
        first = cpb.getRevocationChecker();
        second = cpb.getRevocationChecker();
        if (first == second) {
            throw new Exception("FAILED: CertPathCheckers not new instances");
        }
    }