1 /* 2 * Copyright (c) 2017, 2019, Oracle and/or its affiliates. All rights reserved. 3 * DO NOT ALTER OR REMOVE COPYRIGHT NOTICES OR THIS FILE HEADER. 4 * 5 * This code is free software; you can redistribute it and/or modify it 6 * under the terms of the GNU General Public License version 2 only, as 7 * published by the Free Software Foundation. 8 * 9 * This code is distributed in the hope that it will be useful, but WITHOUT 10 * ANY WARRANTY; without even the implied warranty of MERCHANTABILITY or 11 * FITNESS FOR A PARTICULAR PURPOSE. See the GNU General Public License 12 * version 2 for more details (a copy is included in the LICENSE file that 13 * accompanied this code). 14 * 15 * You should have received a copy of the GNU General Public License version 16 * 2 along with this work; if not, write to the Free Software Foundation, 17 * Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA. 18 * 19 * Please contact Oracle, 500 Oracle Parkway, Redwood Shores, CA 94065 USA 20 * or visit www.oracle.com if you need additional information or have any 21 * questions. 22 */ 23 24 /** 25 * @test 26 * @bug 8175029 27 * @library /test/lib 28 * @summary check that default implementation of 29 * X509CRL.verify(PublicKey, Provider) works on custom X509CRL impl. 30 */ 31 32 import java.math.BigInteger; 33 import java.security.InvalidKeyException; 34 import java.security.NoSuchAlgorithmException; 35 import java.security.NoSuchProviderException; 36 import java.security.Principal; 37 import java.security.Provider; 38 import java.security.PublicKey; 39 import java.security.SignatureException; 40 import java.security.cert.Certificate; 41 import java.security.cert.CRLException; 42 import java.security.cert.X509Certificate; 43 import java.security.cert.X509CRL; 44 import java.security.cert.X509CRLEntry; 45 import java.util.Date; 46 import java.util.Set; 47 import jdk.test.lib.security.CertUtils; 48 49 public class VerifyDefault { 50 private static final String TEST_CRL = 51 "-----BEGIN X509 CRL-----\n" + 52 "MIIBGzCBhQIBATANBgkqhkiG9w0BAQQFADAfMQswCQYDVQQGEwJVUzEQMA4GA1UE\n" + 53 "ChMHRXhhbXBsZRcNMDkwNDI3MDIzODA0WhcNMjgwNjI2MDIzODA0WjAiMCACAQUX\n" + 54 "DTA5MDQyNzAyMzgwMFowDDAKBgNVHRUEAwoBBKAOMAwwCgYDVR0UBAMCAQIwDQYJ\n" + 55 "KoZIhvcNAQEEBQADgYEAoarfzXEtw3ZDi4f9U8eSvRIipHSyxOrJC7HR/hM5VhmY\n" + 56 "CErChny6x9lBVg9s57tfD/P9PSzBLusCcHwHMAbMOEcTltVVKUWZnnbumpywlYyg\n" + 57 "oKLrE9+yCOkYUOpiRlz43/3vkEL5hjIKMcDSZnPKBZi1h16Yj2hPe9GMibNip54=\n" + 58 "-----END X509 CRL-----"; 59 60 private static final String TEST_CERT = 61 "-----BEGIN CERTIFICATE-----\n" + 62 "MIICKzCCAZSgAwIBAgIBAjANBgkqhkiG9w0BAQQFADAfMQswCQYDVQQGEwJVUzEQ\n" + 63 "MA4GA1UEChMHRXhhbXBsZTAeFw0wOTA0MjcwMjI0MzNaFw0yOTAxMTIwMjI0MzNa\n" + 64 "MB8xCzAJBgNVBAYTAlVTMRAwDgYDVQQKEwdFeGFtcGxlMIGfMA0GCSqGSIb3DQEB\n" + 65 "AQUAA4GNADCBiQKBgQDMJeBMBybHykI/YpwUJ4O9euqDSLb1kpWpceBS8TVqvgBC\n" + 66 "SgUJWtFZL0i6bdvF6mMdlbuBkGzhXqHiVAi96/zRLbUC9F8SMEJ6MuD+YhQ0ZFTQ\n" + 67 "atKy8zf8O9XzztelLJ26Gqb7QPV133WY3haAqHtCXOhEKkCN16NOYNC37DTaJwID\n" + 68 "AQABo3cwdTAdBgNVHQ4EFgQULXSWzXzUOIpOJpzbSCpW42IJUugwRwYDVR0jBEAw\n" + 69 "PoAUgiXdIaZeT3QA/SGUvh854OJVyxuhI6QhMB8xCzAJBgNVBAYTAlVTMRAwDgYD\n" + 70 "VQQKEwdFeGFtcGxlggEAMAsGA1UdDwQEAwIBAjANBgkqhkiG9w0BAQQFAAOBgQAY\n" + 71 "eMnf5AHSNlyUlzXk8o2S0h4gCuvKX6C3kFfKuZcWvFAbx4yQOWLS2s15/nzR4+AP\n" + 72 "FGX3lgJjROyAh7fGedTQK+NFWwkM2ag1g3hXktnlnT1qHohi0w31nVBJxXEDO/Ck\n" + 73 "uJTpJGt8XxxbFaw5v7cHy7XuTAeU/sekvjEiNHW00Q==\n" + 74 "-----END CERTIFICATE-----"; 75 76 private static class TestX509CRL extends X509CRL { 77 private final X509CRL crl; 78 TestX509CRL(X509CRL crl) { 79 this.crl = crl; 80 } 81 public Set<String> getCriticalExtensionOIDs() { 82 return crl.getCriticalExtensionOIDs(); 83 } 84 public byte[] getExtensionValue(String oid) { 85 return crl.getExtensionValue(oid); 86 } 87 public Set<String> getNonCriticalExtensionOIDs() { 88 return crl.getNonCriticalExtensionOIDs(); 89 } 90 public boolean hasUnsupportedCriticalExtension() { 91 return crl.hasUnsupportedCriticalExtension(); 92 } 93 public Set<? extends X509CRLEntry> getRevokedCertificates() { 94 return crl.getRevokedCertificates(); 95 } 96 public X509CRLEntry getRevokedCertificate(BigInteger serialNumber) { 97 return crl.getRevokedCertificate(serialNumber); 98 } 99 public boolean isRevoked(Certificate cert) { 100 return crl.isRevoked(cert); 101 } 102 public Date getNextUpdate() { return crl.getNextUpdate(); } 103 public Date getThisUpdate() { return crl.getThisUpdate(); } 104 public int getVersion() { return crl.getVersion(); } 105 public Principal getIssuerDN() { return crl.getIssuerDN(); } 106 public byte[] getTBSCertList() throws CRLException { 107 return crl.getTBSCertList(); 108 } 109 public byte[] getSignature() { return crl.getSignature(); } 110 public String getSigAlgName() { return crl.getSigAlgName(); } 111 public String getSigAlgOID() { return crl.getSigAlgOID(); } 112 public byte[] getSigAlgParams() { return crl.getSigAlgParams(); } 113 public byte[] getEncoded() throws CRLException { 114 return crl.getEncoded(); 115 } 116 public void verify(PublicKey key) throws CRLException, 117 InvalidKeyException, NoSuchAlgorithmException, 118 NoSuchProviderException, SignatureException { 119 crl.verify(key); 120 } 121 public void verify(PublicKey key, String sigProvider) throws 122 CRLException, InvalidKeyException, NoSuchAlgorithmException, 123 NoSuchProviderException, SignatureException { 124 crl.verify(key, sigProvider); 125 } 126 public String toString() { return crl.toString(); } 127 } 128 129 public static void main(String[] args) throws Exception { 130 X509Certificate cert = CertUtils.getCertFromString(TEST_CERT); 131 X509CRL crl = CertUtils.getCRLFromString(TEST_CRL); 132 new TestX509CRL(crl).verify(cert.getPublicKey(), (Provider)null); 133 } 134 }