BuildOddSel.java revision 0:37a05a11f281
1/* 2 * Copyright 2001 Sun Microsystems, Inc. All Rights Reserved. 3 * DO NOT ALTER OR REMOVE COPYRIGHT NOTICES OR THIS FILE HEADER. 4 * 5 * This code is free software; you can redistribute it and/or modify it 6 * under the terms of the GNU General Public License version 2 only, as 7 * published by the Free Software Foundation. 8 * 9 * This code is distributed in the hope that it will be useful, but WITHOUT 10 * ANY WARRANTY; without even the implied warranty of MERCHANTABILITY or 11 * FITNESS FOR A PARTICULAR PURPOSE. See the GNU General Public License 12 * version 2 for more details (a copy is included in the LICENSE file that 13 * accompanied this code). 14 * 15 * You should have received a copy of the GNU General Public License version 16 * 2 along with this work; if not, write to the Free Software Foundation, 17 * Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA. 18 * 19 * Please contact Sun Microsystems, Inc., 4150 Network Circle, Santa Clara, 20 * CA 95054 USA or visit www.sun.com if you need additional information or 21 * have any questions. 22 */ 23 24/** 25 * @test 26 * @bug 4459538 27 * @summary make sure a PKIX CertPathBuilder throws an 28 * InvalidAlgorithmParameterException if the target constraints 29 * specified in the PKIXBuilderParameters is not an instance of 30 * X509CertSelector. 31 */ 32 33import java.io.File; 34import java.io.FileInputStream; 35import java.io.IOException; 36 37import java.security.InvalidAlgorithmParameterException; 38import java.security.cert.Certificate; 39import java.security.cert.CertificateFactory; 40import java.security.cert.CertPathBuilder; 41import java.security.cert.CertPathBuilderResult; 42import java.security.cert.PKIXBuilderParameters; 43import java.security.cert.TrustAnchor; 44import java.security.cert.X509Certificate; 45import java.security.cert.CertSelector; 46 47import java.util.Collections; 48import java.util.Set; 49 50/** 51 * BuildOddSel tries to perform a simple build of a certification path 52 * using the PKIX algorithm and a bogus target constraints CertSelector 53 * (one that is not an instance of X509CertSelector). On success, it should 54 * throw an InvalidAlgorithmParameterException. 55 * 56 * @author Steve Hanna 57 * @author Sean Mullan 58 */ 59public final class BuildOddSel { 60 61 private static PKIXBuilderParameters params; 62 private static CertSelector sel; 63 64 public static void main(String[] args) throws Exception { 65 66 try { 67 createParams(); 68 build(params); 69 throw new Exception 70 ("CertPath should not have been built successfully"); 71 } catch (InvalidAlgorithmParameterException iape) { 72 } 73 } 74 75 /** 76 * CertSelector class that should cause SunCertPathBuilder to 77 * throw an InvalidAlgorithmParameterException. 78 */ 79 static class OddSel implements CertSelector { 80 public Object clone() { 81 try { 82 return super.clone(); 83 } catch (CloneNotSupportedException e) { 84 throw new UnknownError(); 85 } 86 } 87 public boolean match(Certificate cert) { 88 return(false); 89 } 90 } 91 92 public static void createParams() throws Exception { 93 TrustAnchor anchor = new TrustAnchor(getCertFromFile("sun.cer"), null); 94 Set anchors = Collections.singleton(anchor); 95 // Create odd CertSelector 96 sel = new OddSel(); 97 params = new PKIXBuilderParameters(anchors, sel); 98 params.setRevocationEnabled(false); 99 } 100 101 /** 102 * Get a DER-encoded X.509 certificate from a file. 103 * 104 * @param certFilePath path to file containing DER-encoded certificate 105 * @return X509Certificate 106 * @throws IOException on error 107 */ 108 public static X509Certificate getCertFromFile(String certFilePath) 109 throws IOException { 110 X509Certificate cert = null; 111 try { 112 File certFile = new File(System.getProperty("test.src", "."), 113 certFilePath); 114 FileInputStream certFileInputStream = 115 new FileInputStream(certFile); 116 CertificateFactory cf = CertificateFactory.getInstance("X509"); 117 cert = (X509Certificate) 118 cf.generateCertificate(certFileInputStream); 119 } catch (Exception e) { 120 e.printStackTrace(); 121 throw new IOException("Can't construct X509Certificate: " + 122 e.getMessage()); 123 } 124 return cert; 125 } 126 127 /** 128 * Perform a PKIX build. 129 * 130 * @param params PKIXBuilderParameters to use in building 131 * @throws Exception on error 132 */ 133 public static void build(PKIXBuilderParameters params) 134 throws Exception { 135 CertPathBuilder builder = 136 CertPathBuilder.getInstance("PKIX"); 137 CertPathBuilderResult cpbr = builder.build(params); 138 } 139} 140