1
package org.bouncycastle.jce.provider.test;
3
import org.bouncycastle.jce.PrincipalUtil;
4
import org.bouncycastle.jce.X509Principal;
5
import org.bouncycastle.jce.provider.BouncyCastleProvider;
6
import org.bouncycastle.util.test.SimpleTest;
7
import org.bouncycastle.x509.X509AttributeCertStoreSelector;
8
import org.bouncycastle.x509.X509AttributeCertificate;
9
import org.bouncycastle.x509.X509CRLStoreSelector;
10
import org.bouncycastle.x509.X509CertPairStoreSelector;
11
import org.bouncycastle.x509.X509CertStoreSelector;
12
import org.bouncycastle.x509.X509CertificatePair;
13
import org.bouncycastle.x509.X509CollectionStoreParameters;
14
import org.bouncycastle.x509.X509Store;
15
import org.bouncycastle.x509.X509V2AttributeCertificate;
17
import java.io.ByteArrayInputStream;
18
import java.math.BigInteger;
19
import java.security.Security;
20
import java.security.cert.CertificateFactory;
21
import java.security.cert.X509CRL;
22
import java.security.cert.X509Certificate;
23
import java.util.ArrayList;
24
import java.util.Collection;
25
import java.util.Collections;
26
import java.util.Date;
27
import java.util.List;
29
public class X509StoreTest
32
private void certPairTest()
35
CertificateFactory cf = CertificateFactory.getInstance("X.509",
38
X509Certificate rootCert = (X509Certificate)cf
39
.generateCertificate(new ByteArrayInputStream(
40
CertPathTest.rootCertBin));
41
X509Certificate interCert = (X509Certificate)cf
42
.generateCertificate(new ByteArrayInputStream(
43
CertPathTest.interCertBin));
44
X509Certificate finalCert = (X509Certificate)cf
45
.generateCertificate(new ByteArrayInputStream(
46
CertPathTest.finalCertBin));
48
// Testing CollectionCertStore generation from List
49
X509CertificatePair pair1 = new X509CertificatePair(rootCert, interCert);
50
List certList = new ArrayList();
53
certList.add(new X509CertificatePair(interCert, finalCert));
55
X509CollectionStoreParameters ccsp = new X509CollectionStoreParameters(certList);
57
X509Store certStore = X509Store.getInstance("CertificatePair/Collection", ccsp, "BC");
58
X509CertPairStoreSelector selector = new X509CertPairStoreSelector();
59
X509CertStoreSelector fwSelector = new X509CertStoreSelector();
61
fwSelector.setSerialNumber(rootCert.getSerialNumber());
63
selector.setForwardSelector(fwSelector);
65
Collection col = certStore.getMatches(selector);
67
if (col.size() != 1 || !col.contains(pair1))
69
fail("failed pair1 test");
72
col = certStore.getMatches(null);
76
fail("failed null test");
80
public void performTest()
83
CertificateFactory cf = CertificateFactory.getInstance("X.509",
86
X509Certificate rootCert = (X509Certificate)cf
87
.generateCertificate(new ByteArrayInputStream(
88
CertPathTest.rootCertBin));
89
X509Certificate interCert = (X509Certificate)cf
90
.generateCertificate(new ByteArrayInputStream(
91
CertPathTest.interCertBin));
92
X509Certificate finalCert = (X509Certificate)cf
93
.generateCertificate(new ByteArrayInputStream(
94
CertPathTest.finalCertBin));
95
X509CRL rootCrl = (X509CRL)cf.generateCRL(new ByteArrayInputStream(
96
CertPathTest.rootCrlBin));
97
X509CRL interCrl = (X509CRL)cf
98
.generateCRL(new ByteArrayInputStream(
99
CertPathTest.interCrlBin));
101
// Testing CollectionCertStore generation from List
102
List certList = new ArrayList();
103
certList.add(rootCert);
104
certList.add(interCert);
105
certList.add(finalCert);
106
X509CollectionStoreParameters ccsp = new X509CollectionStoreParameters(certList);
107
X509Store certStore = X509Store.getInstance("Certificate/Collection", ccsp, "BC");
108
// set default to be the same as for SUN X500 name
109
X509Principal.DefaultReverse = true;
111
// Searching for rootCert by subjectDN
113
X509CertStoreSelector targetConstraints = new X509CertStoreSelector();
114
targetConstraints.setSubject(PrincipalUtil.getSubjectX509Principal(rootCert).getEncoded());
115
Collection certs = certStore.getMatches(targetConstraints);
116
if (certs.size() != 1 || !certs.contains(rootCert))
118
fail("rootCert not found by subjectDN");
121
// Searching for rootCert by subjectDN encoded as byte
122
targetConstraints = new X509CertStoreSelector();
123
targetConstraints.setSubject(PrincipalUtil.getSubjectX509Principal(rootCert).getEncoded());
124
certs = certStore.getMatches(targetConstraints);
125
if (certs.size() != 1 || !certs.contains(rootCert))
127
fail("rootCert not found by encoded subjectDN");
130
X509Principal.DefaultReverse = false;
132
// Searching for rootCert by public key encoded as byte
133
targetConstraints = new X509CertStoreSelector();
134
targetConstraints.setSubjectPublicKey(rootCert.getPublicKey().getEncoded());
135
certs = certStore.getMatches(targetConstraints);
136
if (certs.size() != 1 || !certs.contains(rootCert))
138
fail("rootCert not found by encoded public key");
141
// Searching for interCert by issuerDN
142
targetConstraints = new X509CertStoreSelector();
143
targetConstraints.setIssuer(PrincipalUtil.getSubjectX509Principal(rootCert).getEncoded());
144
certs = certStore.getMatches(targetConstraints);
145
if (certs.size() != 2)
147
fail("did not found 2 certs");
149
if (!certs.contains(rootCert))
151
fail("rootCert not found");
153
if (!certs.contains(interCert))
155
fail("interCert not found");
158
// Searching for attribute certificates
159
X509V2AttributeCertificate attrCert = new X509V2AttributeCertificate(AttrCertTest.attrCert);
160
X509AttributeCertificate attrCert2 = new X509V2AttributeCertificate(AttrCertTest.certWithBaseCertificateID);
162
List attrList = new ArrayList();
163
attrList.add(attrCert);
164
attrList.add(attrCert2);
165
ccsp = new X509CollectionStoreParameters(attrList);
166
X509Store store = X509Store.getInstance("AttributeCertificate/Collection", ccsp, "BC");
167
X509AttributeCertStoreSelector attrSelector = new X509AttributeCertStoreSelector();
168
attrSelector.setHolder(attrCert.getHolder());
169
if (!attrSelector.getHolder().equals(attrCert.getHolder()))
171
fail("holder get not correct");
173
Collection attrs = store.getMatches(attrSelector);
174
if (attrs.size() != 1 || !attrs.contains(attrCert))
176
fail("attrCert not found on holder");
178
attrSelector.setHolder(attrCert2.getHolder());
179
if (attrSelector.getHolder().equals(attrCert.getHolder()))
181
fail("holder get not correct");
183
attrs = store.getMatches(attrSelector);
184
if (attrs.size() != 1 || !attrs.contains(attrCert2))
186
fail("attrCert2 not found on holder");
188
attrSelector = new X509AttributeCertStoreSelector();
189
attrSelector.setIssuer(attrCert.getIssuer());
190
if (!attrSelector.getIssuer().equals(attrCert.getIssuer()))
192
fail("issuer get not correct");
194
attrs = store.getMatches(attrSelector);
195
if (attrs.size() != 1 || !attrs.contains(attrCert))
197
fail("attrCert not found on issuer");
199
attrSelector.setIssuer(attrCert2.getIssuer());
200
if (attrSelector.getIssuer().equals(attrCert.getIssuer()))
202
fail("issuer get not correct");
204
attrs = store.getMatches(attrSelector);
205
if (attrs.size() != 1 || !attrs.contains(attrCert2))
207
fail("attrCert2 not found on issuer");
209
attrSelector = new X509AttributeCertStoreSelector();
210
attrSelector.setAttributeCert(attrCert);
211
if (!attrSelector.getAttributeCert().equals(attrCert))
213
fail("attrCert get not correct");
215
attrs = store.getMatches(attrSelector);
216
if (attrs.size() != 1 || !attrs.contains(attrCert))
218
fail("attrCert not found on attrCert");
220
attrSelector = new X509AttributeCertStoreSelector();
221
attrSelector.setSerialNumber(attrCert.getSerialNumber());
222
if (!attrSelector.getSerialNumber().equals(attrCert.getSerialNumber()))
224
fail("serial number get not correct");
226
attrs = store.getMatches(attrSelector);
227
if (attrs.size() != 1 || !attrs.contains(attrCert))
229
fail("attrCert not found on serial number");
231
attrSelector = (X509AttributeCertStoreSelector)attrSelector.clone();
232
if (!attrSelector.getSerialNumber().equals(attrCert.getSerialNumber()))
234
fail("serial number get not correct");
236
attrs = store.getMatches(attrSelector);
237
if (attrs.size() != 1 || !attrs.contains(attrCert))
239
fail("attrCert not found on serial number");
242
attrSelector = new X509AttributeCertStoreSelector();
243
attrSelector.setAttributeCertificateValid(attrCert.getNotBefore());
244
if (!attrSelector.getAttributeCertificateValid().equals(attrCert.getNotBefore()))
246
fail("valid get not correct");
248
attrs = store.getMatches(attrSelector);
249
if (attrs.size() != 1 || !attrs.contains(attrCert))
251
fail("attrCert not found on valid");
253
attrSelector = new X509AttributeCertStoreSelector();
254
attrSelector.setAttributeCertificateValid(new Date(attrCert.getNotBefore().getTime() - 100));
255
attrs = store.getMatches(attrSelector);
256
if (attrs.size() != 0)
258
fail("attrCert found on before");
260
attrSelector.setAttributeCertificateValid(new Date(attrCert.getNotAfter().getTime() + 100));
261
attrs = store.getMatches(attrSelector);
262
if (attrs.size() != 0)
264
fail("attrCert found on after");
266
attrSelector.setSerialNumber(BigInteger.valueOf(10000));
267
attrs = store.getMatches(attrSelector);
268
if (attrs.size() != 0)
270
fail("attrCert found on wrong serial number");
273
attrSelector.setAttributeCert(null);
274
attrSelector.setAttributeCertificateValid(null);
275
attrSelector.setHolder(null);
276
attrSelector.setIssuer(null);
277
attrSelector.setSerialNumber(null);
278
if (attrSelector.getAttributeCert() != null)
280
fail("null attrCert");
282
if (attrSelector.getAttributeCertificateValid() != null)
284
fail("null attrCertValid");
286
if (attrSelector.getHolder() != null)
288
fail("null attrCert holder");
290
if (attrSelector.getIssuer() != null)
292
fail("null attrCert issuer");
294
if (attrSelector.getSerialNumber() != null)
296
fail("null attrCert serial");
299
attrs = certStore.getMatches(attrSelector);
300
if (attrs.size() != 0)
302
fail("error using wrong selector (attrs)");
308
public String getName()
313
public static void main(String[] args)
315
Security.addProvider(new BouncyCastleProvider());
317
runTest(new X509StoreTest());