certchain.add(interCert);
CertPath cp = CertificateFactory.getInstance("X.509","BC").generateCertPath(certchain);
Set trust = new HashSet();
trust.add(new TrustAnchor(rootCert, null));
CertPathValidator cpv = CertPathValidator.getInstance("PKIX","BC");
PKIXParameters param = new PKIXParameters(trust);
param.addCertStore(store);
param.setDate(validDate.getTime());
MyChecker checker = new MyChecker();
param.addCertPathChecker(checker);
PKIXCertPathValidatorResult result =
(PKIXCertPathValidatorResult) cpv.validate(cp, param);
PolicyNode policyTree = result.getPolicyTree();
PublicKey subjectPublicKey = result.getPublicKey();
if (checker.getCount() != 2)
{
fail("checker not evaluated for each certificate");
}
if (!subjectPublicKey.equals(finalCert.getPublicKey()))
{
fail("wrong public key returned");
}
//
// invalid path containing a valid one test
//
try
{
// initialise CertStore
rootCert = (X509Certificate)cf.generateCertificate(new ByteArrayInputStream(AC_RAIZ_ICPBRASIL));
interCert = (X509Certificate)cf.generateCertificate(new ByteArrayInputStream(AC_PR));
finalCert = (X509Certificate)cf.generateCertificate(new ByteArrayInputStream(schefer));
list = new ArrayList();
list.add(rootCert);
list.add(interCert);
list.add(finalCert);
ccsp = new CollectionCertStoreParameters(list);
store = CertStore.getInstance("Collection", ccsp);
validDate = Calendar.getInstance();
validDate.set(2004,2,21,2,21,10);
//validating path
certchain = new ArrayList();
certchain.add(finalCert);
certchain.add(interCert);
cp = CertificateFactory.getInstance("X.509","BC").generateCertPath(certchain);
trust = new HashSet();
trust.add(new TrustAnchor(rootCert, null));
cpv = CertPathValidator.getInstance("PKIX","BC");
param = new PKIXParameters(trust);
param.addCertStore(store);
param.setRevocationEnabled(false);
param.setDate(validDate.getTime());
result =(PKIXCertPathValidatorResult) cpv.validate(cp, param);
policyTree = result.getPolicyTree();
subjectPublicKey = result.getPublicKey();
fail("Invalid path validated");
}