1 /*
2 * Copyright (c) 2017, 2019, Oracle and/or its affiliates. All rights reserved.
3 * DO NOT ALTER OR REMOVE COPYRIGHT NOTICES OR THIS FILE HEADER.
4 *
5 * This code is free software; you can redistribute it and/or modify it
6 * under the terms of the GNU General Public License version 2 only, as
7 * published by the Free Software Foundation.
8 *
9 * This code is distributed in the hope that it will be useful, but WITHOUT
10 * ANY WARRANTY; without even the implied warranty of MERCHANTABILITY or
11 * FITNESS FOR A PARTICULAR PURPOSE. See the GNU General Public License
12 * version 2 for more details (a copy is included in the LICENSE file that
13 * accompanied this code).
14 *
15 * You should have received a copy of the GNU General Public License version
16 * 2 along with this work; if not, write to the Free Software Foundation,
17 * Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA.
18 *
19 * Please contact Oracle, 500 Oracle Parkway, Redwood Shores, CA 94065 USA
20 * or visit www.oracle.com if you need additional information or have any
21 * questions.
22 */
23
24 /**
25 * @test
26 * @bug 8175029
27 * @library /test/lib
28 * @summary check that default implementation of
29 * X509CRL.verify(PublicKey, Provider) works on custom X509CRL impl.
30 */
31
32 import java.math.BigInteger;
33 import java.security.InvalidKeyException;
34 import java.security.NoSuchAlgorithmException;
35 import java.security.NoSuchProviderException;
36 import java.security.Principal;
37 import java.security.Provider;
38 import java.security.PublicKey;
39 import java.security.SignatureException;
40 import java.security.cert.Certificate;
41 import java.security.cert.CRLException;
42 import java.security.cert.X509Certificate;
43 import java.security.cert.X509CRL;
44 import java.security.cert.X509CRLEntry;
45 import java.util.Date;
46 import java.util.Set;
47 import jdk.test.lib.security.CertUtils;
48
49 public class VerifyDefault {
50 private static final String TEST_CRL =
51 "-----BEGIN X509 CRL-----\n" +
52 "MIIBGzCBhQIBATANBgkqhkiG9w0BAQQFADAfMQswCQYDVQQGEwJVUzEQMA4GA1UE\n" +
53 "ChMHRXhhbXBsZRcNMDkwNDI3MDIzODA0WhcNMjgwNjI2MDIzODA0WjAiMCACAQUX\n" +
54 "DTA5MDQyNzAyMzgwMFowDDAKBgNVHRUEAwoBBKAOMAwwCgYDVR0UBAMCAQIwDQYJ\n" +
55 "KoZIhvcNAQEEBQADgYEAoarfzXEtw3ZDi4f9U8eSvRIipHSyxOrJC7HR/hM5VhmY\n" +
56 "CErChny6x9lBVg9s57tfD/P9PSzBLusCcHwHMAbMOEcTltVVKUWZnnbumpywlYyg\n" +
57 "oKLrE9+yCOkYUOpiRlz43/3vkEL5hjIKMcDSZnPKBZi1h16Yj2hPe9GMibNip54=\n" +
58 "-----END X509 CRL-----";
59
60 private static final String TEST_CERT =
61 "-----BEGIN CERTIFICATE-----\n" +
62 "MIICKzCCAZSgAwIBAgIBAjANBgkqhkiG9w0BAQQFADAfMQswCQYDVQQGEwJVUzEQ\n" +
63 "MA4GA1UEChMHRXhhbXBsZTAeFw0wOTA0MjcwMjI0MzNaFw0yOTAxMTIwMjI0MzNa\n" +
64 "MB8xCzAJBgNVBAYTAlVTMRAwDgYDVQQKEwdFeGFtcGxlMIGfMA0GCSqGSIb3DQEB\n" +
65 "AQUAA4GNADCBiQKBgQDMJeBMBybHykI/YpwUJ4O9euqDSLb1kpWpceBS8TVqvgBC\n" +
66 "SgUJWtFZL0i6bdvF6mMdlbuBkGzhXqHiVAi96/zRLbUC9F8SMEJ6MuD+YhQ0ZFTQ\n" +
67 "atKy8zf8O9XzztelLJ26Gqb7QPV133WY3haAqHtCXOhEKkCN16NOYNC37DTaJwID\n" +
68 "AQABo3cwdTAdBgNVHQ4EFgQULXSWzXzUOIpOJpzbSCpW42IJUugwRwYDVR0jBEAw\n" +
69 "PoAUgiXdIaZeT3QA/SGUvh854OJVyxuhI6QhMB8xCzAJBgNVBAYTAlVTMRAwDgYD\n" +
70 "VQQKEwdFeGFtcGxlggEAMAsGA1UdDwQEAwIBAjANBgkqhkiG9w0BAQQFAAOBgQAY\n" +
71 "eMnf5AHSNlyUlzXk8o2S0h4gCuvKX6C3kFfKuZcWvFAbx4yQOWLS2s15/nzR4+AP\n" +
72 "FGX3lgJjROyAh7fGedTQK+NFWwkM2ag1g3hXktnlnT1qHohi0w31nVBJxXEDO/Ck\n" +
73 "uJTpJGt8XxxbFaw5v7cHy7XuTAeU/sekvjEiNHW00Q==\n" +
74 "-----END CERTIFICATE-----";
75
76 private static class TestX509CRL extends X509CRL {
77 private final X509CRL crl;
78 TestX509CRL(X509CRL crl) {
79 this.crl = crl;
80 }
81 public Set<String> getCriticalExtensionOIDs() {
82 return crl.getCriticalExtensionOIDs();
83 }
84 public byte[] getExtensionValue(String oid) {
85 return crl.getExtensionValue(oid);
86 }
87 public Set<String> getNonCriticalExtensionOIDs() {
88 return crl.getNonCriticalExtensionOIDs();
89 }
90 public boolean hasUnsupportedCriticalExtension() {
91 return crl.hasUnsupportedCriticalExtension();
92 }
93 public Set<? extends X509CRLEntry> getRevokedCertificates() {
94 return crl.getRevokedCertificates();
95 }
96 public X509CRLEntry getRevokedCertificate(BigInteger serialNumber) {
97 return crl.getRevokedCertificate(serialNumber);
98 }
99 public boolean isRevoked(Certificate cert) {
100 return crl.isRevoked(cert);
101 }
102 public Date getNextUpdate() { return crl.getNextUpdate(); }
103 public Date getThisUpdate() { return crl.getThisUpdate(); }
104 public int getVersion() { return crl.getVersion(); }
105 public Principal getIssuerDN() { return crl.getIssuerDN(); }
106 public byte[] getTBSCertList() throws CRLException {
107 return crl.getTBSCertList();
108 }
109 public byte[] getSignature() { return crl.getSignature(); }
110 public String getSigAlgName() { return crl.getSigAlgName(); }
111 public String getSigAlgOID() { return crl.getSigAlgOID(); }
112 public byte[] getSigAlgParams() { return crl.getSigAlgParams(); }
113 public byte[] getEncoded() throws CRLException {
114 return crl.getEncoded();
115 }
116 public void verify(PublicKey key) throws CRLException,
117 InvalidKeyException, NoSuchAlgorithmException,
118 NoSuchProviderException, SignatureException {
119 crl.verify(key);
120 }
121 public void verify(PublicKey key, String sigProvider) throws
122 CRLException, InvalidKeyException, NoSuchAlgorithmException,
123 NoSuchProviderException, SignatureException {
124 crl.verify(key, sigProvider);
125 }
126 public String toString() { return crl.toString(); }
127 }
128
129 public static void main(String[] args) throws Exception {
130 X509Certificate cert = CertUtils.getCertFromString(TEST_CERT);
131 X509CRL crl = CertUtils.getCRLFromString(TEST_CRL);
132 new TestX509CRL(crl).verify(cert.getPublicKey(), (Provider)null);
133 }
134 }