/
CertificateValidatorBuilderTest.java
98 lines (86 loc) · 4.27 KB
/
CertificateValidatorBuilderTest.java
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
76
77
78
79
80
81
82
83
84
85
86
87
88
89
90
91
92
93
94
95
96
97
98
package org.digidoc4j;
import eu.europa.esig.dss.model.x509.CertificateToken;
import org.digidoc4j.exceptions.CertificateValidationException;
import org.digidoc4j.impl.asic.tsl.TSLCertificateSourceImpl;
import org.junit.Assert;
import org.junit.Test;
import java.nio.file.Paths;
/**
* Created by Janar Rahumeel (CGI Estonia)
*/
public class CertificateValidatorBuilderTest extends AbstractTest {
@Test
public void testCertificateStatusGood() {
CertificateValidator validator = new CertificateValidatorBuilder().withConfiguration(this.configuration).build();
validator.getCertificateSource().addCertificate(new CertificateToken(this.openX509Certificate(Paths.get
("src/test/resources/testFiles/certs/TESTofEECertificationCentreRootCA.crt"))));
validator.validate(
this.openX509Certificate(Paths.get("src/test/resources/testFiles/certs/TESTofESTEID-SK2011.crt")));
}
@Test
public void testCertificateStatusUntrusted() {
CertificateValidator validator = new CertificateValidatorBuilder().withConfiguration(this.configuration).build();
try {
validator.validate(
this.openX509Certificate(Paths.get("src/test/resources/testFiles/certs/TESTofESTEID-SK2011.crt")));
} catch (CertificateValidationException e) {
Assert.assertEquals("Not equals", CertificateValidationException.CertificateValidationStatus.UNTRUSTED, e
.getCertificateStatus());
}
}
@Test
public void testCertificateStatusRevoked() {
CertificateValidator validator = new CertificateValidatorBuilder().withConfiguration(this.configuration).build();
validator.getCertificateSource().addCertificate(new CertificateToken(this.openX509Certificate(Paths.get
("src/test/resources/testFiles/certs/TESTofESTEID-SK2011.crt"))));
try {
validator.validate(
this.openX509Certificate(Paths.get("src/test/resources/testFiles/certs/TESTofStatusRevoked.cer")));
} catch (CertificateValidationException e) {
Assert.assertEquals("Not equals", CertificateValidationException.CertificateValidationStatus.REVOKED, e
.getCertificateStatus());
}
}
@Test
public void testProductionCertificateStatusUntrustedWithMissingOCSPResponseCertificate() {
this.configuration = Configuration.of(Configuration.Mode.PROD);
this.configuration.setTSL(new TSLCertificateSourceImpl());
CertificateValidator validator = new CertificateValidatorBuilder().withConfiguration(this.configuration).build();
try {
validator.getCertificateSource().addCertificate(new CertificateToken(this.openX509Certificate(Paths.get
("src/test/resources/testFiles/certs/TESTofESTEID-SK2011.crt"))));
validator.validate(
this.openX509Certificate(Paths.get("src/test/resources/testFiles/certs/TESTofStatusRevoked.cer")));
} catch (CertificateValidationException e) {
Assert.assertEquals("Not equals", CertificateValidationException.CertificateValidationStatus.UNTRUSTED, e
.getCertificateStatus());
}
}
@Test
public void testProductionCertificateStatusUnknownWithOCSPResponseVerificationCertificate() {
this.configuration = Configuration.of(Configuration.Mode.PROD);
CertificateValidator validator = new CertificateValidatorBuilder().withConfiguration(this.configuration).build();
try {
validator.getCertificateSource().addCertificate(new CertificateToken(this.openX509Certificate(Paths.get
("src/test/resources/testFiles/certs/TESTofESTEID-SK2011.crt"))));
validator.validate(
this.openX509Certificate(Paths.get("src/test/resources/testFiles/certs/TESTofStatusRevoked.cer")));
} catch (CertificateValidationException e) {
Assert.assertEquals("Not equals", CertificateValidationException.CertificateValidationStatus.UNKNOWN, e
.getCertificateStatus());
}
}
@Test
public void testLoadingOCSPIntermediateCertificatesFromCustomLocation() {
ExtendedCertificateSource source = CertificateValidatorBuilder.getDefaultCertificateSource();
source.importFromPath(Paths.get("src/test/resources/testFiles/certs"));
Assert.assertEquals("Not equals", 10, source.getCertificatePool().getNumberOfCertificates());
}
/*
* RESTRICTED METHODS
*/
@Override
protected void before() {
this.configuration = new Configuration(Configuration.Mode.TEST);
}
}