jdk-sandbox: test/jdk/security/infra/java/security/cert/CertPathValidator/certification/ValidatePathWithParams.java@e84d8379815b (annotated)

48256 472f74fb6c6b 8189131: Open-source the Oracle JDK Root Certificates rhalade parents: diff changeset	1	/*
54803 293d45e5108b 8223555: Cleanups in cacerts tests clanger parents: 48256 diff changeset	2	* Copyright (c) 2017, 2019, Oracle and/or its affiliates. All rights reserved.
48256 472f74fb6c6b 8189131: Open-source the Oracle JDK Root Certificates rhalade parents: diff changeset	3	* DO NOT ALTER OR REMOVE COPYRIGHT NOTICES OR THIS FILE HEADER.
472f74fb6c6b 8189131: Open-source the Oracle JDK Root Certificates rhalade parents: diff changeset	4	*
472f74fb6c6b 8189131: Open-source the Oracle JDK Root Certificates rhalade parents: diff changeset	5	* This code is free software; you can redistribute it and/or modify it
472f74fb6c6b 8189131: Open-source the Oracle JDK Root Certificates rhalade parents: diff changeset	6	* under the terms of the GNU General Public License version 2 only, as
472f74fb6c6b 8189131: Open-source the Oracle JDK Root Certificates rhalade parents: diff changeset	7	* published by the Free Software Foundation.
472f74fb6c6b 8189131: Open-source the Oracle JDK Root Certificates rhalade parents: diff changeset	8	*
472f74fb6c6b 8189131: Open-source the Oracle JDK Root Certificates rhalade parents: diff changeset	9	* This code is distributed in the hope that it will be useful, but WITHOUT
472f74fb6c6b 8189131: Open-source the Oracle JDK Root Certificates rhalade parents: diff changeset	10	* ANY WARRANTY; without even the implied warranty of MERCHANTABILITY or
472f74fb6c6b 8189131: Open-source the Oracle JDK Root Certificates rhalade parents: diff changeset	11	* FITNESS FOR A PARTICULAR PURPOSE. See the GNU General Public License
472f74fb6c6b 8189131: Open-source the Oracle JDK Root Certificates rhalade parents: diff changeset	12	* version 2 for more details (a copy is included in the LICENSE file that
472f74fb6c6b 8189131: Open-source the Oracle JDK Root Certificates rhalade parents: diff changeset	13	* accompanied this code).
472f74fb6c6b 8189131: Open-source the Oracle JDK Root Certificates rhalade parents: diff changeset	14	*
472f74fb6c6b 8189131: Open-source the Oracle JDK Root Certificates rhalade parents: diff changeset	15	* You should have received a copy of the GNU General Public License version
472f74fb6c6b 8189131: Open-source the Oracle JDK Root Certificates rhalade parents: diff changeset	16	* 2 along with this work; if not, write to the Free Software Foundation,
472f74fb6c6b 8189131: Open-source the Oracle JDK Root Certificates rhalade parents: diff changeset	17	* Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA.
472f74fb6c6b 8189131: Open-source the Oracle JDK Root Certificates rhalade parents: diff changeset	18	*
472f74fb6c6b 8189131: Open-source the Oracle JDK Root Certificates rhalade parents: diff changeset	19	* Please contact Oracle, 500 Oracle Parkway, Redwood Shores, CA 94065 USA
472f74fb6c6b 8189131: Open-source the Oracle JDK Root Certificates rhalade parents: diff changeset	20	* or visit www.oracle.com if you need additional information or have any
472f74fb6c6b 8189131: Open-source the Oracle JDK Root Certificates rhalade parents: diff changeset	21	* questions.
472f74fb6c6b 8189131: Open-source the Oracle JDK Root Certificates rhalade parents: diff changeset	22	*/
472f74fb6c6b 8189131: Open-source the Oracle JDK Root Certificates rhalade parents: diff changeset	23
472f74fb6c6b 8189131: Open-source the Oracle JDK Root Certificates rhalade parents: diff changeset	24	import java.io.ByteArrayInputStream;
472f74fb6c6b 8189131: Open-source the Oracle JDK Root Certificates rhalade parents: diff changeset	25	import java.io.FileInputStream;
472f74fb6c6b 8189131: Open-source the Oracle JDK Root Certificates rhalade parents: diff changeset	26	import java.io.IOException;
472f74fb6c6b 8189131: Open-source the Oracle JDK Root Certificates rhalade parents: diff changeset	27	import java.io.PrintStream;
472f74fb6c6b 8189131: Open-source the Oracle JDK Root Certificates rhalade parents: diff changeset	28	import java.net.URI;
472f74fb6c6b 8189131: Open-source the Oracle JDK Root Certificates rhalade parents: diff changeset	29	import java.net.URISyntaxException;
472f74fb6c6b 8189131: Open-source the Oracle JDK Root Certificates rhalade parents: diff changeset	30	import java.security.InvalidAlgorithmParameterException;
472f74fb6c6b 8189131: Open-source the Oracle JDK Root Certificates rhalade parents: diff changeset	31	import java.security.KeyStore;
472f74fb6c6b 8189131: Open-source the Oracle JDK Root Certificates rhalade parents: diff changeset	32	import java.security.KeyStoreException;
472f74fb6c6b 8189131: Open-source the Oracle JDK Root Certificates rhalade parents: diff changeset	33	import java.security.NoSuchAlgorithmException;
472f74fb6c6b 8189131: Open-source the Oracle JDK Root Certificates rhalade parents: diff changeset	34	import java.security.Security;
472f74fb6c6b 8189131: Open-source the Oracle JDK Root Certificates rhalade parents: diff changeset	35	import java.security.cert.CertPath;
472f74fb6c6b 8189131: Open-source the Oracle JDK Root Certificates rhalade parents: diff changeset	36	import java.security.cert.CertPathValidator;
472f74fb6c6b 8189131: Open-source the Oracle JDK Root Certificates rhalade parents: diff changeset	37	import java.security.cert.CertPathValidatorException;
472f74fb6c6b 8189131: Open-source the Oracle JDK Root Certificates rhalade parents: diff changeset	38	import java.security.cert.CertificateException;
472f74fb6c6b 8189131: Open-source the Oracle JDK Root Certificates rhalade parents: diff changeset	39	import java.security.cert.CertificateExpiredException;
472f74fb6c6b 8189131: Open-source the Oracle JDK Root Certificates rhalade parents: diff changeset	40	import java.security.cert.CertificateFactory;
472f74fb6c6b 8189131: Open-source the Oracle JDK Root Certificates rhalade parents: diff changeset	41	import java.security.cert.CertificateRevokedException;
472f74fb6c6b 8189131: Open-source the Oracle JDK Root Certificates rhalade parents: diff changeset	42	import java.security.cert.PKIXParameters;
472f74fb6c6b 8189131: Open-source the Oracle JDK Root Certificates rhalade parents: diff changeset	43	import java.security.cert.PKIXRevocationChecker;
472f74fb6c6b 8189131: Open-source the Oracle JDK Root Certificates rhalade parents: diff changeset	44	import java.security.cert.X509Certificate;
472f74fb6c6b 8189131: Open-source the Oracle JDK Root Certificates rhalade parents: diff changeset	45	import java.text.DateFormat;
472f74fb6c6b 8189131: Open-source the Oracle JDK Root Certificates rhalade parents: diff changeset	46	import java.text.ParseException;
472f74fb6c6b 8189131: Open-source the Oracle JDK Root Certificates rhalade parents: diff changeset	47	import java.text.SimpleDateFormat;
472f74fb6c6b 8189131: Open-source the Oracle JDK Root Certificates rhalade parents: diff changeset	48	import java.util.ArrayList;
472f74fb6c6b 8189131: Open-source the Oracle JDK Root Certificates rhalade parents: diff changeset	49	import java.util.Date;
472f74fb6c6b 8189131: Open-source the Oracle JDK Root Certificates rhalade parents: diff changeset	50	import java.util.EnumSet;
472f74fb6c6b 8189131: Open-source the Oracle JDK Root Certificates rhalade parents: diff changeset	51	import java.util.Locale;
472f74fb6c6b 8189131: Open-source the Oracle JDK Root Certificates rhalade parents: diff changeset	52
472f74fb6c6b 8189131: Open-source the Oracle JDK Root Certificates rhalade parents: diff changeset	53	/**
472f74fb6c6b 8189131: Open-source the Oracle JDK Root Certificates rhalade parents: diff changeset	54	* Utility class to validate certificate path. It supports OCSP and/or CRL
472f74fb6c6b 8189131: Open-source the Oracle JDK Root Certificates rhalade parents: diff changeset	55	* validation.
472f74fb6c6b 8189131: Open-source the Oracle JDK Root Certificates rhalade parents: diff changeset	56	*/
472f74fb6c6b 8189131: Open-source the Oracle JDK Root Certificates rhalade parents: diff changeset	57	public class ValidatePathWithParams {
472f74fb6c6b 8189131: Open-source the Oracle JDK Root Certificates rhalade parents: diff changeset	58
472f74fb6c6b 8189131: Open-source the Oracle JDK Root Certificates rhalade parents: diff changeset	59	private static final String FS = System.getProperty("file.separator");
472f74fb6c6b 8189131: Open-source the Oracle JDK Root Certificates rhalade parents: diff changeset	60	private static final String CACERTS_STORE = System.getProperty("test.jdk")
472f74fb6c6b 8189131: Open-source the Oracle JDK Root Certificates rhalade parents: diff changeset	61	+ FS + "lib" + FS + "security" + FS + "cacerts";
472f74fb6c6b 8189131: Open-source the Oracle JDK Root Certificates rhalade parents: diff changeset	62
472f74fb6c6b 8189131: Open-source the Oracle JDK Root Certificates rhalade parents: diff changeset	63	private final String[] trustedRootCerts;
472f74fb6c6b 8189131: Open-source the Oracle JDK Root Certificates rhalade parents: diff changeset	64
472f74fb6c6b 8189131: Open-source the Oracle JDK Root Certificates rhalade parents: diff changeset	65	// use this for expired cert validation
472f74fb6c6b 8189131: Open-source the Oracle JDK Root Certificates rhalade parents: diff changeset	66	private Date validationDate = null;
472f74fb6c6b 8189131: Open-source the Oracle JDK Root Certificates rhalade parents: diff changeset	67
472f74fb6c6b 8189131: Open-source the Oracle JDK Root Certificates rhalade parents: diff changeset	68	// expected certificate status
472f74fb6c6b 8189131: Open-source the Oracle JDK Root Certificates rhalade parents: diff changeset	69	private Status expectedStatus = Status.UNKNOWN;
472f74fb6c6b 8189131: Open-source the Oracle JDK Root Certificates rhalade parents: diff changeset	70	private Date expectedRevDate = null;
472f74fb6c6b 8189131: Open-source the Oracle JDK Root Certificates rhalade parents: diff changeset	71
472f74fb6c6b 8189131: Open-source the Oracle JDK Root Certificates rhalade parents: diff changeset	72	private final CertPathValidator certPathValidator;
472f74fb6c6b 8189131: Open-source the Oracle JDK Root Certificates rhalade parents: diff changeset	73	private final PKIXRevocationChecker certPathChecker;
472f74fb6c6b 8189131: Open-source the Oracle JDK Root Certificates rhalade parents: diff changeset	74	private final CertificateFactory cf;
472f74fb6c6b 8189131: Open-source the Oracle JDK Root Certificates rhalade parents: diff changeset	75
472f74fb6c6b 8189131: Open-source the Oracle JDK Root Certificates rhalade parents: diff changeset	76	/**
472f74fb6c6b 8189131: Open-source the Oracle JDK Root Certificates rhalade parents: diff changeset	77	* Possible status values supported for EE certificate
472f74fb6c6b 8189131: Open-source the Oracle JDK Root Certificates rhalade parents: diff changeset	78	*/
472f74fb6c6b 8189131: Open-source the Oracle JDK Root Certificates rhalade parents: diff changeset	79	public static enum Status {
472f74fb6c6b 8189131: Open-source the Oracle JDK Root Certificates rhalade parents: diff changeset	80	UNKNOWN, GOOD, REVOKED, EXPIRED;
472f74fb6c6b 8189131: Open-source the Oracle JDK Root Certificates rhalade parents: diff changeset	81	}
472f74fb6c6b 8189131: Open-source the Oracle JDK Root Certificates rhalade parents: diff changeset	82
472f74fb6c6b 8189131: Open-source the Oracle JDK Root Certificates rhalade parents: diff changeset	83	/**
472f74fb6c6b 8189131: Open-source the Oracle JDK Root Certificates rhalade parents: diff changeset	84	* Constructor
472f74fb6c6b 8189131: Open-source the Oracle JDK Root Certificates rhalade parents: diff changeset	85	*
472f74fb6c6b 8189131: Open-source the Oracle JDK Root Certificates rhalade parents: diff changeset	86	* @param additionalTrustRoots trusted root certificates
472f74fb6c6b 8189131: Open-source the Oracle JDK Root Certificates rhalade parents: diff changeset	87	* @throws IOException
472f74fb6c6b 8189131: Open-source the Oracle JDK Root Certificates rhalade parents: diff changeset	88	* @throws CertificateException
472f74fb6c6b 8189131: Open-source the Oracle JDK Root Certificates rhalade parents: diff changeset	89	* @throws NoSuchAlgorithmException
472f74fb6c6b 8189131: Open-source the Oracle JDK Root Certificates rhalade parents: diff changeset	90	*/
472f74fb6c6b 8189131: Open-source the Oracle JDK Root Certificates rhalade parents: diff changeset	91	public ValidatePathWithParams(String[] additionalTrustRoots)
472f74fb6c6b 8189131: Open-source the Oracle JDK Root Certificates rhalade parents: diff changeset	92	throws IOException, CertificateException, NoSuchAlgorithmException {
472f74fb6c6b 8189131: Open-source the Oracle JDK Root Certificates rhalade parents: diff changeset	93
472f74fb6c6b 8189131: Open-source the Oracle JDK Root Certificates rhalade parents: diff changeset	94	cf = CertificateFactory.getInstance("X509");
472f74fb6c6b 8189131: Open-source the Oracle JDK Root Certificates rhalade parents: diff changeset	95	certPathValidator = CertPathValidator.getInstance("PKIX");
472f74fb6c6b 8189131: Open-source the Oracle JDK Root Certificates rhalade parents: diff changeset	96	certPathChecker
472f74fb6c6b 8189131: Open-source the Oracle JDK Root Certificates rhalade parents: diff changeset	97	= (PKIXRevocationChecker) certPathValidator.getRevocationChecker();
472f74fb6c6b 8189131: Open-source the Oracle JDK Root Certificates rhalade parents: diff changeset	98
472f74fb6c6b 8189131: Open-source the Oracle JDK Root Certificates rhalade parents: diff changeset	99	if ((additionalTrustRoots == null) \|\| (additionalTrustRoots[0] == null)) {
472f74fb6c6b 8189131: Open-source the Oracle JDK Root Certificates rhalade parents: diff changeset	100	trustedRootCerts = null;
472f74fb6c6b 8189131: Open-source the Oracle JDK Root Certificates rhalade parents: diff changeset	101	} else {
472f74fb6c6b 8189131: Open-source the Oracle JDK Root Certificates rhalade parents: diff changeset	102	trustedRootCerts = additionalTrustRoots.clone();
472f74fb6c6b 8189131: Open-source the Oracle JDK Root Certificates rhalade parents: diff changeset	103	}
472f74fb6c6b 8189131: Open-source the Oracle JDK Root Certificates rhalade parents: diff changeset	104	}
472f74fb6c6b 8189131: Open-source the Oracle JDK Root Certificates rhalade parents: diff changeset	105
472f74fb6c6b 8189131: Open-source the Oracle JDK Root Certificates rhalade parents: diff changeset	106	/**
472f74fb6c6b 8189131: Open-source the Oracle JDK Root Certificates rhalade parents: diff changeset	107	* Validate certificates
472f74fb6c6b 8189131: Open-source the Oracle JDK Root Certificates rhalade parents: diff changeset	108	*
472f74fb6c6b 8189131: Open-source the Oracle JDK Root Certificates rhalade parents: diff changeset	109	* @param certsToValidate Certificates to validate
472f74fb6c6b 8189131: Open-source the Oracle JDK Root Certificates rhalade parents: diff changeset	110	* @param st expected certificate status
472f74fb6c6b 8189131: Open-source the Oracle JDK Root Certificates rhalade parents: diff changeset	111	* @param revDate if revoked, expected revocation date
472f74fb6c6b 8189131: Open-source the Oracle JDK Root Certificates rhalade parents: diff changeset	112	* @param out PrintStream to log messages
472f74fb6c6b 8189131: Open-source the Oracle JDK Root Certificates rhalade parents: diff changeset	113	* @throws IOException
472f74fb6c6b 8189131: Open-source the Oracle JDK Root Certificates rhalade parents: diff changeset	114	* @throws CertificateException
472f74fb6c6b 8189131: Open-source the Oracle JDK Root Certificates rhalade parents: diff changeset	115	* @throws InvalidAlgorithmParameterException
472f74fb6c6b 8189131: Open-source the Oracle JDK Root Certificates rhalade parents: diff changeset	116	* @throws ParseException
472f74fb6c6b 8189131: Open-source the Oracle JDK Root Certificates rhalade parents: diff changeset	117	* @throws NoSuchAlgorithmException
472f74fb6c6b 8189131: Open-source the Oracle JDK Root Certificates rhalade parents: diff changeset	118	* @throws KeyStoreException
472f74fb6c6b 8189131: Open-source the Oracle JDK Root Certificates rhalade parents: diff changeset	119	*/
472f74fb6c6b 8189131: Open-source the Oracle JDK Root Certificates rhalade parents: diff changeset	120	public void validate(String[] certsToValidate,
472f74fb6c6b 8189131: Open-source the Oracle JDK Root Certificates rhalade parents: diff changeset	121	Status st,
472f74fb6c6b 8189131: Open-source the Oracle JDK Root Certificates rhalade parents: diff changeset	122	String revDate,
472f74fb6c6b 8189131: Open-source the Oracle JDK Root Certificates rhalade parents: diff changeset	123	PrintStream out)
472f74fb6c6b 8189131: Open-source the Oracle JDK Root Certificates rhalade parents: diff changeset	124	throws IOException, CertificateException,
472f74fb6c6b 8189131: Open-source the Oracle JDK Root Certificates rhalade parents: diff changeset	125	InvalidAlgorithmParameterException, ParseException,
472f74fb6c6b 8189131: Open-source the Oracle JDK Root Certificates rhalade parents: diff changeset	126	NoSuchAlgorithmException, KeyStoreException {
472f74fb6c6b 8189131: Open-source the Oracle JDK Root Certificates rhalade parents: diff changeset	127
472f74fb6c6b 8189131: Open-source the Oracle JDK Root Certificates rhalade parents: diff changeset	128	expectedStatus = st;
472f74fb6c6b 8189131: Open-source the Oracle JDK Root Certificates rhalade parents: diff changeset	129	if (expectedStatus == Status.REVOKED) {
472f74fb6c6b 8189131: Open-source the Oracle JDK Root Certificates rhalade parents: diff changeset	130	if (revDate != null) {
472f74fb6c6b 8189131: Open-source the Oracle JDK Root Certificates rhalade parents: diff changeset	131	expectedRevDate = new SimpleDateFormat("EEE MMM dd HH:mm:ss Z yyyy",
472f74fb6c6b 8189131: Open-source the Oracle JDK Root Certificates rhalade parents: diff changeset	132	Locale.US).parse(revDate);
472f74fb6c6b 8189131: Open-source the Oracle JDK Root Certificates rhalade parents: diff changeset	133	}
472f74fb6c6b 8189131: Open-source the Oracle JDK Root Certificates rhalade parents: diff changeset	134	}
472f74fb6c6b 8189131: Open-source the Oracle JDK Root Certificates rhalade parents: diff changeset	135
472f74fb6c6b 8189131: Open-source the Oracle JDK Root Certificates rhalade parents: diff changeset	136	Status certStatus = null;
472f74fb6c6b 8189131: Open-source the Oracle JDK Root Certificates rhalade parents: diff changeset	137	Date revocationDate = null;
472f74fb6c6b 8189131: Open-source the Oracle JDK Root Certificates rhalade parents: diff changeset	138
472f74fb6c6b 8189131: Open-source the Oracle JDK Root Certificates rhalade parents: diff changeset	139	logSettings(out);
472f74fb6c6b 8189131: Open-source the Oracle JDK Root Certificates rhalade parents: diff changeset	140
472f74fb6c6b 8189131: Open-source the Oracle JDK Root Certificates rhalade parents: diff changeset	141	try {
472f74fb6c6b 8189131: Open-source the Oracle JDK Root Certificates rhalade parents: diff changeset	142	doCertPathValidate(certsToValidate, out);
472f74fb6c6b 8189131: Open-source the Oracle JDK Root Certificates rhalade parents: diff changeset	143	certStatus = Status.GOOD;
472f74fb6c6b 8189131: Open-source the Oracle JDK Root Certificates rhalade parents: diff changeset	144	} catch (IOException ioe) {
472f74fb6c6b 8189131: Open-source the Oracle JDK Root Certificates rhalade parents: diff changeset	145	// Some machines don't have network setup correctly to be able to
472f74fb6c6b 8189131: Open-source the Oracle JDK Root Certificates rhalade parents: diff changeset	146	// reach outside world, skip such failures
472f74fb6c6b 8189131: Open-source the Oracle JDK Root Certificates rhalade parents: diff changeset	147	out.println("WARNING: Network setup issue, skip this test");
472f74fb6c6b 8189131: Open-source the Oracle JDK Root Certificates rhalade parents: diff changeset	148	ioe.printStackTrace(System.err);
472f74fb6c6b 8189131: Open-source the Oracle JDK Root Certificates rhalade parents: diff changeset	149	return;
472f74fb6c6b 8189131: Open-source the Oracle JDK Root Certificates rhalade parents: diff changeset	150	} catch (CertPathValidatorException cpve) {
472f74fb6c6b 8189131: Open-source the Oracle JDK Root Certificates rhalade parents: diff changeset	151	out.println("Received exception: " + cpve);
472f74fb6c6b 8189131: Open-source the Oracle JDK Root Certificates rhalade parents: diff changeset	152
472f74fb6c6b 8189131: Open-source the Oracle JDK Root Certificates rhalade parents: diff changeset	153	if (cpve.getCause() instanceof IOException) {
472f74fb6c6b 8189131: Open-source the Oracle JDK Root Certificates rhalade parents: diff changeset	154	out.println("WARNING: CertPathValidatorException caused by IO"
472f74fb6c6b 8189131: Open-source the Oracle JDK Root Certificates rhalade parents: diff changeset	155	+ " error, skip this test");
472f74fb6c6b 8189131: Open-source the Oracle JDK Root Certificates rhalade parents: diff changeset	156	return;
472f74fb6c6b 8189131: Open-source the Oracle JDK Root Certificates rhalade parents: diff changeset	157	}
472f74fb6c6b 8189131: Open-source the Oracle JDK Root Certificates rhalade parents: diff changeset	158
472f74fb6c6b 8189131: Open-source the Oracle JDK Root Certificates rhalade parents: diff changeset	159	if (cpve.getReason() == CertPathValidatorException.BasicReason.ALGORITHM_CONSTRAINED) {
472f74fb6c6b 8189131: Open-source the Oracle JDK Root Certificates rhalade parents: diff changeset	160	out.println("WARNING: CertPathValidatorException caused by"
472f74fb6c6b 8189131: Open-source the Oracle JDK Root Certificates rhalade parents: diff changeset	161	+ " restricted algorithm, skip this test");
472f74fb6c6b 8189131: Open-source the Oracle JDK Root Certificates rhalade parents: diff changeset	162	return;
472f74fb6c6b 8189131: Open-source the Oracle JDK Root Certificates rhalade parents: diff changeset	163	}
472f74fb6c6b 8189131: Open-source the Oracle JDK Root Certificates rhalade parents: diff changeset	164
472f74fb6c6b 8189131: Open-source the Oracle JDK Root Certificates rhalade parents: diff changeset	165	if (cpve.getReason() == CertPathValidatorException.BasicReason.REVOKED
472f74fb6c6b 8189131: Open-source the Oracle JDK Root Certificates rhalade parents: diff changeset	166	\|\| cpve.getCause() instanceof CertificateRevokedException) {
472f74fb6c6b 8189131: Open-source the Oracle JDK Root Certificates rhalade parents: diff changeset	167	certStatus = Status.REVOKED;
472f74fb6c6b 8189131: Open-source the Oracle JDK Root Certificates rhalade parents: diff changeset	168	if (cpve.getCause() instanceof CertificateRevokedException) {
472f74fb6c6b 8189131: Open-source the Oracle JDK Root Certificates rhalade parents: diff changeset	169	CertificateRevokedException cre
472f74fb6c6b 8189131: Open-source the Oracle JDK Root Certificates rhalade parents: diff changeset	170	= (CertificateRevokedException) cpve.getCause();
472f74fb6c6b 8189131: Open-source the Oracle JDK Root Certificates rhalade parents: diff changeset	171	revocationDate = cre.getRevocationDate();
472f74fb6c6b 8189131: Open-source the Oracle JDK Root Certificates rhalade parents: diff changeset	172	}
472f74fb6c6b 8189131: Open-source the Oracle JDK Root Certificates rhalade parents: diff changeset	173	} else if (cpve.getReason() == CertPathValidatorException.BasicReason.EXPIRED
472f74fb6c6b 8189131: Open-source the Oracle JDK Root Certificates rhalade parents: diff changeset	174	\|\| cpve.getCause() instanceof CertificateExpiredException) {
472f74fb6c6b 8189131: Open-source the Oracle JDK Root Certificates rhalade parents: diff changeset	175	certStatus = Status.EXPIRED;
472f74fb6c6b 8189131: Open-source the Oracle JDK Root Certificates rhalade parents: diff changeset	176	} else {
472f74fb6c6b 8189131: Open-source the Oracle JDK Root Certificates rhalade parents: diff changeset	177	throw new RuntimeException(
472f74fb6c6b 8189131: Open-source the Oracle JDK Root Certificates rhalade parents: diff changeset	178	"TEST FAILED: couldn't determine EE certificate status");
472f74fb6c6b 8189131: Open-source the Oracle JDK Root Certificates rhalade parents: diff changeset	179	}
472f74fb6c6b 8189131: Open-source the Oracle JDK Root Certificates rhalade parents: diff changeset	180	}
472f74fb6c6b 8189131: Open-source the Oracle JDK Root Certificates rhalade parents: diff changeset	181
472f74fb6c6b 8189131: Open-source the Oracle JDK Root Certificates rhalade parents: diff changeset	182	out.println("Expected Certificate status: " + expectedStatus);
472f74fb6c6b 8189131: Open-source the Oracle JDK Root Certificates rhalade parents: diff changeset	183	out.println("Certificate status after validation: " + certStatus.name());
472f74fb6c6b 8189131: Open-source the Oracle JDK Root Certificates rhalade parents: diff changeset	184
472f74fb6c6b 8189131: Open-source the Oracle JDK Root Certificates rhalade parents: diff changeset	185	// Don't want test to fail in case certificate is expired when not expected
472f74fb6c6b 8189131: Open-source the Oracle JDK Root Certificates rhalade parents: diff changeset	186	// Simply skip the test.
472f74fb6c6b 8189131: Open-source the Oracle JDK Root Certificates rhalade parents: diff changeset	187	if (expectedStatus != Status.EXPIRED && certStatus == Status.EXPIRED) {
472f74fb6c6b 8189131: Open-source the Oracle JDK Root Certificates rhalade parents: diff changeset	188	out.println("WARNING: Certificate expired, skip the test");
472f74fb6c6b 8189131: Open-source the Oracle JDK Root Certificates rhalade parents: diff changeset	189	return;
472f74fb6c6b 8189131: Open-source the Oracle JDK Root Certificates rhalade parents: diff changeset	190	}
472f74fb6c6b 8189131: Open-source the Oracle JDK Root Certificates rhalade parents: diff changeset	191
472f74fb6c6b 8189131: Open-source the Oracle JDK Root Certificates rhalade parents: diff changeset	192	if (certStatus != expectedStatus) {
472f74fb6c6b 8189131: Open-source the Oracle JDK Root Certificates rhalade parents: diff changeset	193	throw new RuntimeException(
472f74fb6c6b 8189131: Open-source the Oracle JDK Root Certificates rhalade parents: diff changeset	194	"TEST FAILED: unexpected status of EE certificate");
472f74fb6c6b 8189131: Open-source the Oracle JDK Root Certificates rhalade parents: diff changeset	195	}
472f74fb6c6b 8189131: Open-source the Oracle JDK Root Certificates rhalade parents: diff changeset	196
472f74fb6c6b 8189131: Open-source the Oracle JDK Root Certificates rhalade parents: diff changeset	197	if (certStatus == Status.REVOKED) {
472f74fb6c6b 8189131: Open-source the Oracle JDK Root Certificates rhalade parents: diff changeset	198	// Check revocation date
472f74fb6c6b 8189131: Open-source the Oracle JDK Root Certificates rhalade parents: diff changeset	199	if (revocationDate != null) {
472f74fb6c6b 8189131: Open-source the Oracle JDK Root Certificates rhalade parents: diff changeset	200	out.println(
472f74fb6c6b 8189131: Open-source the Oracle JDK Root Certificates rhalade parents: diff changeset	201	"Certificate revocation date:" + revocationDate.toString());
472f74fb6c6b 8189131: Open-source the Oracle JDK Root Certificates rhalade parents: diff changeset	202	if (expectedRevDate != null) {
472f74fb6c6b 8189131: Open-source the Oracle JDK Root Certificates rhalade parents: diff changeset	203	out.println(
472f74fb6c6b 8189131: Open-source the Oracle JDK Root Certificates rhalade parents: diff changeset	204	"Expected revocation date:" + expectedRevDate.toString());
472f74fb6c6b 8189131: Open-source the Oracle JDK Root Certificates rhalade parents: diff changeset	205	if (!expectedRevDate.equals(revocationDate)) {
472f74fb6c6b 8189131: Open-source the Oracle JDK Root Certificates rhalade parents: diff changeset	206	throw new RuntimeException(
472f74fb6c6b 8189131: Open-source the Oracle JDK Root Certificates rhalade parents: diff changeset	207	"TEST FAILED: unexpected revocation date");
472f74fb6c6b 8189131: Open-source the Oracle JDK Root Certificates rhalade parents: diff changeset	208	}
472f74fb6c6b 8189131: Open-source the Oracle JDK Root Certificates rhalade parents: diff changeset	209	}
472f74fb6c6b 8189131: Open-source the Oracle JDK Root Certificates rhalade parents: diff changeset	210	} else {
472f74fb6c6b 8189131: Open-source the Oracle JDK Root Certificates rhalade parents: diff changeset	211	throw new RuntimeException("TEST FAILED: no revocation date");
472f74fb6c6b 8189131: Open-source the Oracle JDK Root Certificates rhalade parents: diff changeset	212	}
472f74fb6c6b 8189131: Open-source the Oracle JDK Root Certificates rhalade parents: diff changeset	213	}
472f74fb6c6b 8189131: Open-source the Oracle JDK Root Certificates rhalade parents: diff changeset	214	}
472f74fb6c6b 8189131: Open-source the Oracle JDK Root Certificates rhalade parents: diff changeset	215
472f74fb6c6b 8189131: Open-source the Oracle JDK Root Certificates rhalade parents: diff changeset	216	private void logSettings(PrintStream out) {
472f74fb6c6b 8189131: Open-source the Oracle JDK Root Certificates rhalade parents: diff changeset	217	out.println();
472f74fb6c6b 8189131: Open-source the Oracle JDK Root Certificates rhalade parents: diff changeset	218	out.println("=====================================================");
472f74fb6c6b 8189131: Open-source the Oracle JDK Root Certificates rhalade parents: diff changeset	219	out.println("CONFIGURATION");
472f74fb6c6b 8189131: Open-source the Oracle JDK Root Certificates rhalade parents: diff changeset	220	out.println("=====================================================");
472f74fb6c6b 8189131: Open-source the Oracle JDK Root Certificates rhalade parents: diff changeset	221	out.println("http.proxyHost :" + System.getProperty("http.proxyHost"));
472f74fb6c6b 8189131: Open-source the Oracle JDK Root Certificates rhalade parents: diff changeset	222	out.println("http.proxyPort :" + System.getProperty("http.proxyPort"));
472f74fb6c6b 8189131: Open-source the Oracle JDK Root Certificates rhalade parents: diff changeset	223	out.println("https.proxyHost :" + System.getProperty("https.proxyHost"));
472f74fb6c6b 8189131: Open-source the Oracle JDK Root Certificates rhalade parents: diff changeset	224	out.println("https.proxyPort :" + System.getProperty("https.proxyPort"));
472f74fb6c6b 8189131: Open-source the Oracle JDK Root Certificates rhalade parents: diff changeset	225	out.println("https.socksProxyHost :"
472f74fb6c6b 8189131: Open-source the Oracle JDK Root Certificates rhalade parents: diff changeset	226	+ System.getProperty("https.socksProxyHost"));
472f74fb6c6b 8189131: Open-source the Oracle JDK Root Certificates rhalade parents: diff changeset	227	out.println("https.socksProxyPort :"
472f74fb6c6b 8189131: Open-source the Oracle JDK Root Certificates rhalade parents: diff changeset	228	+ System.getProperty("https.socksProxyPort"));
472f74fb6c6b 8189131: Open-source the Oracle JDK Root Certificates rhalade parents: diff changeset	229	out.println("jdk.certpath.disabledAlgorithms :"
472f74fb6c6b 8189131: Open-source the Oracle JDK Root Certificates rhalade parents: diff changeset	230	+ Security.getProperty("jdk.certpath.disabledAlgorithms"));
472f74fb6c6b 8189131: Open-source the Oracle JDK Root Certificates rhalade parents: diff changeset	231	out.println("Revocation options :" + certPathChecker.getOptions());
472f74fb6c6b 8189131: Open-source the Oracle JDK Root Certificates rhalade parents: diff changeset	232	out.println("OCSP responder set :" + certPathChecker.getOcspResponder());
472f74fb6c6b 8189131: Open-source the Oracle JDK Root Certificates rhalade parents: diff changeset	233	out.println("Trusted root set: " + (trustedRootCerts != null));
472f74fb6c6b 8189131: Open-source the Oracle JDK Root Certificates rhalade parents: diff changeset	234
472f74fb6c6b 8189131: Open-source the Oracle JDK Root Certificates rhalade parents: diff changeset	235	if (validationDate != null) {
472f74fb6c6b 8189131: Open-source the Oracle JDK Root Certificates rhalade parents: diff changeset	236	out.println("Validation Date:" + validationDate.toString());
472f74fb6c6b 8189131: Open-source the Oracle JDK Root Certificates rhalade parents: diff changeset	237	}
472f74fb6c6b 8189131: Open-source the Oracle JDK Root Certificates rhalade parents: diff changeset	238	out.println("Expected EE Status:" + expectedStatus.name());
472f74fb6c6b 8189131: Open-source the Oracle JDK Root Certificates rhalade parents: diff changeset	239	if (expectedStatus == Status.REVOKED && expectedRevDate != null) {
472f74fb6c6b 8189131: Open-source the Oracle JDK Root Certificates rhalade parents: diff changeset	240	out.println(
472f74fb6c6b 8189131: Open-source the Oracle JDK Root Certificates rhalade parents: diff changeset	241	"Expected EE Revocation Date:" + expectedRevDate.toString());
472f74fb6c6b 8189131: Open-source the Oracle JDK Root Certificates rhalade parents: diff changeset	242	}
472f74fb6c6b 8189131: Open-source the Oracle JDK Root Certificates rhalade parents: diff changeset	243	out.println("=====================================================");
472f74fb6c6b 8189131: Open-source the Oracle JDK Root Certificates rhalade parents: diff changeset	244	}
472f74fb6c6b 8189131: Open-source the Oracle JDK Root Certificates rhalade parents: diff changeset	245
472f74fb6c6b 8189131: Open-source the Oracle JDK Root Certificates rhalade parents: diff changeset	246	private void doCertPathValidate(String[] certsToValidate, PrintStream out)
472f74fb6c6b 8189131: Open-source the Oracle JDK Root Certificates rhalade parents: diff changeset	247	throws IOException, CertificateException,
472f74fb6c6b 8189131: Open-source the Oracle JDK Root Certificates rhalade parents: diff changeset	248	InvalidAlgorithmParameterException, ParseException,
472f74fb6c6b 8189131: Open-source the Oracle JDK Root Certificates rhalade parents: diff changeset	249	NoSuchAlgorithmException, CertPathValidatorException, KeyStoreException {
472f74fb6c6b 8189131: Open-source the Oracle JDK Root Certificates rhalade parents: diff changeset	250
472f74fb6c6b 8189131: Open-source the Oracle JDK Root Certificates rhalade parents: diff changeset	251	if (certsToValidate == null) {
472f74fb6c6b 8189131: Open-source the Oracle JDK Root Certificates rhalade parents: diff changeset	252	throw new RuntimeException("Require atleast one cert to validate");
472f74fb6c6b 8189131: Open-source the Oracle JDK Root Certificates rhalade parents: diff changeset	253	}
472f74fb6c6b 8189131: Open-source the Oracle JDK Root Certificates rhalade parents: diff changeset	254
472f74fb6c6b 8189131: Open-source the Oracle JDK Root Certificates rhalade parents: diff changeset	255	// Generate CertPath with certsToValidate
54803 293d45e5108b 8223555: Cleanups in cacerts tests clanger parents: 48256 diff changeset	256	ArrayList<X509Certificate> certs = new ArrayList<>();
48256 472f74fb6c6b 8189131: Open-source the Oracle JDK Root Certificates rhalade parents: diff changeset	257	for (String cert : certsToValidate) {
472f74fb6c6b 8189131: Open-source the Oracle JDK Root Certificates rhalade parents: diff changeset	258	if (cert != null) {
472f74fb6c6b 8189131: Open-source the Oracle JDK Root Certificates rhalade parents: diff changeset	259	certs.add(getCertificate(cert));
472f74fb6c6b 8189131: Open-source the Oracle JDK Root Certificates rhalade parents: diff changeset	260	}
472f74fb6c6b 8189131: Open-source the Oracle JDK Root Certificates rhalade parents: diff changeset	261	}
472f74fb6c6b 8189131: Open-source the Oracle JDK Root Certificates rhalade parents: diff changeset	262	CertPath certPath = (CertPath) cf.generateCertPath(certs);
472f74fb6c6b 8189131: Open-source the Oracle JDK Root Certificates rhalade parents: diff changeset	263
472f74fb6c6b 8189131: Open-source the Oracle JDK Root Certificates rhalade parents: diff changeset	264	// Set cacerts as anchor
472f74fb6c6b 8189131: Open-source the Oracle JDK Root Certificates rhalade parents: diff changeset	265	KeyStore cacerts = KeyStore.getInstance("JKS");
472f74fb6c6b 8189131: Open-source the Oracle JDK Root Certificates rhalade parents: diff changeset	266	try (FileInputStream fis = new FileInputStream(CACERTS_STORE)) {
472f74fb6c6b 8189131: Open-source the Oracle JDK Root Certificates rhalade parents: diff changeset	267	cacerts.load(fis, "changeit".toCharArray());
472f74fb6c6b 8189131: Open-source the Oracle JDK Root Certificates rhalade parents: diff changeset	268	} catch (IOException \| NoSuchAlgorithmException \| CertificateException ex) {
472f74fb6c6b 8189131: Open-source the Oracle JDK Root Certificates rhalade parents: diff changeset	269	throw new RuntimeException(ex);
472f74fb6c6b 8189131: Open-source the Oracle JDK Root Certificates rhalade parents: diff changeset	270	}
472f74fb6c6b 8189131: Open-source the Oracle JDK Root Certificates rhalade parents: diff changeset	271
472f74fb6c6b 8189131: Open-source the Oracle JDK Root Certificates rhalade parents: diff changeset	272	// Set additional trust certificates
472f74fb6c6b 8189131: Open-source the Oracle JDK Root Certificates rhalade parents: diff changeset	273	if (trustedRootCerts != null) {
472f74fb6c6b 8189131: Open-source the Oracle JDK Root Certificates rhalade parents: diff changeset	274	for (int i = 0; i < trustedRootCerts.length; i++) {
472f74fb6c6b 8189131: Open-source the Oracle JDK Root Certificates rhalade parents: diff changeset	275	X509Certificate rootCACert = getCertificate(trustedRootCerts[i]);
472f74fb6c6b 8189131: Open-source the Oracle JDK Root Certificates rhalade parents: diff changeset	276	cacerts.setCertificateEntry("tempca" + i, rootCACert);
472f74fb6c6b 8189131: Open-source the Oracle JDK Root Certificates rhalade parents: diff changeset	277	}
472f74fb6c6b 8189131: Open-source the Oracle JDK Root Certificates rhalade parents: diff changeset	278	}
472f74fb6c6b 8189131: Open-source the Oracle JDK Root Certificates rhalade parents: diff changeset	279
472f74fb6c6b 8189131: Open-source the Oracle JDK Root Certificates rhalade parents: diff changeset	280	PKIXParameters params;
472f74fb6c6b 8189131: Open-source the Oracle JDK Root Certificates rhalade parents: diff changeset	281	params = new PKIXParameters(cacerts);
472f74fb6c6b 8189131: Open-source the Oracle JDK Root Certificates rhalade parents: diff changeset	282	params.addCertPathChecker(certPathChecker);
472f74fb6c6b 8189131: Open-source the Oracle JDK Root Certificates rhalade parents: diff changeset	283
472f74fb6c6b 8189131: Open-source the Oracle JDK Root Certificates rhalade parents: diff changeset	284	// Set backdated validation if requested, if null, current date is set
472f74fb6c6b 8189131: Open-source the Oracle JDK Root Certificates rhalade parents: diff changeset	285	params.setDate(validationDate);
472f74fb6c6b 8189131: Open-source the Oracle JDK Root Certificates rhalade parents: diff changeset	286
472f74fb6c6b 8189131: Open-source the Oracle JDK Root Certificates rhalade parents: diff changeset	287	// Validate
472f74fb6c6b 8189131: Open-source the Oracle JDK Root Certificates rhalade parents: diff changeset	288	certPathValidator.validate(certPath, params);
472f74fb6c6b 8189131: Open-source the Oracle JDK Root Certificates rhalade parents: diff changeset	289	out.println("Successful CertPath validation");
472f74fb6c6b 8189131: Open-source the Oracle JDK Root Certificates rhalade parents: diff changeset	290	}
472f74fb6c6b 8189131: Open-source the Oracle JDK Root Certificates rhalade parents: diff changeset	291
472f74fb6c6b 8189131: Open-source the Oracle JDK Root Certificates rhalade parents: diff changeset	292	private X509Certificate getCertificate(String encodedCert)
472f74fb6c6b 8189131: Open-source the Oracle JDK Root Certificates rhalade parents: diff changeset	293	throws IOException, CertificateException {
472f74fb6c6b 8189131: Open-source the Oracle JDK Root Certificates rhalade parents: diff changeset	294	ByteArrayInputStream is
472f74fb6c6b 8189131: Open-source the Oracle JDK Root Certificates rhalade parents: diff changeset	295	= new ByteArrayInputStream(encodedCert.getBytes());
472f74fb6c6b 8189131: Open-source the Oracle JDK Root Certificates rhalade parents: diff changeset	296	X509Certificate cert = (X509Certificate) cf.generateCertificate(is);
472f74fb6c6b 8189131: Open-source the Oracle JDK Root Certificates rhalade parents: diff changeset	297	return cert;
472f74fb6c6b 8189131: Open-source the Oracle JDK Root Certificates rhalade parents: diff changeset	298	}
472f74fb6c6b 8189131: Open-source the Oracle JDK Root Certificates rhalade parents: diff changeset	299
472f74fb6c6b 8189131: Open-source the Oracle JDK Root Certificates rhalade parents: diff changeset	300	/**
472f74fb6c6b 8189131: Open-source the Oracle JDK Root Certificates rhalade parents: diff changeset	301	* Set list of disabled algorithms
472f74fb6c6b 8189131: Open-source the Oracle JDK Root Certificates rhalade parents: diff changeset	302	*
472f74fb6c6b 8189131: Open-source the Oracle JDK Root Certificates rhalade parents: diff changeset	303	* @param algos algorithms to disable
472f74fb6c6b 8189131: Open-source the Oracle JDK Root Certificates rhalade parents: diff changeset	304	*/
472f74fb6c6b 8189131: Open-source the Oracle JDK Root Certificates rhalade parents: diff changeset	305	public static void setDisabledAlgorithms(String algos) {
472f74fb6c6b 8189131: Open-source the Oracle JDK Root Certificates rhalade parents: diff changeset	306	Security.setProperty("jdk.certpath.disabledAlgorithms", algos);
472f74fb6c6b 8189131: Open-source the Oracle JDK Root Certificates rhalade parents: diff changeset	307	}
472f74fb6c6b 8189131: Open-source the Oracle JDK Root Certificates rhalade parents: diff changeset	308
472f74fb6c6b 8189131: Open-source the Oracle JDK Root Certificates rhalade parents: diff changeset	309	/**
472f74fb6c6b 8189131: Open-source the Oracle JDK Root Certificates rhalade parents: diff changeset	310	* Enable OCSP only revocation checks, treat network error as success
472f74fb6c6b 8189131: Open-source the Oracle JDK Root Certificates rhalade parents: diff changeset	311	*/
472f74fb6c6b 8189131: Open-source the Oracle JDK Root Certificates rhalade parents: diff changeset	312	public void enableOCSPCheck() {
472f74fb6c6b 8189131: Open-source the Oracle JDK Root Certificates rhalade parents: diff changeset	313	// OCSP is by default, disable fallback to CRL
472f74fb6c6b 8189131: Open-source the Oracle JDK Root Certificates rhalade parents: diff changeset	314	certPathChecker.setOptions(EnumSet.of(
472f74fb6c6b 8189131: Open-source the Oracle JDK Root Certificates rhalade parents: diff changeset	315	PKIXRevocationChecker.Option.NO_FALLBACK));
472f74fb6c6b 8189131: Open-source the Oracle JDK Root Certificates rhalade parents: diff changeset	316	}
472f74fb6c6b 8189131: Open-source the Oracle JDK Root Certificates rhalade parents: diff changeset	317
472f74fb6c6b 8189131: Open-source the Oracle JDK Root Certificates rhalade parents: diff changeset	318	/**
472f74fb6c6b 8189131: Open-source the Oracle JDK Root Certificates rhalade parents: diff changeset	319	* Enable CRL only revocation check, treat network error as success
472f74fb6c6b 8189131: Open-source the Oracle JDK Root Certificates rhalade parents: diff changeset	320	*/
472f74fb6c6b 8189131: Open-source the Oracle JDK Root Certificates rhalade parents: diff changeset	321	public void enableCRLCheck() {
472f74fb6c6b 8189131: Open-source the Oracle JDK Root Certificates rhalade parents: diff changeset	322	certPathChecker.setOptions(EnumSet.of(
472f74fb6c6b 8189131: Open-source the Oracle JDK Root Certificates rhalade parents: diff changeset	323	PKIXRevocationChecker.Option.PREFER_CRLS,
472f74fb6c6b 8189131: Open-source the Oracle JDK Root Certificates rhalade parents: diff changeset	324	PKIXRevocationChecker.Option.NO_FALLBACK));
472f74fb6c6b 8189131: Open-source the Oracle JDK Root Certificates rhalade parents: diff changeset	325	}
472f74fb6c6b 8189131: Open-source the Oracle JDK Root Certificates rhalade parents: diff changeset	326
472f74fb6c6b 8189131: Open-source the Oracle JDK Root Certificates rhalade parents: diff changeset	327	/**
472f74fb6c6b 8189131: Open-source the Oracle JDK Root Certificates rhalade parents: diff changeset	328	* Overrides OCSP responder URL in AIA extension of certificate
472f74fb6c6b 8189131: Open-source the Oracle JDK Root Certificates rhalade parents: diff changeset	329	*
472f74fb6c6b 8189131: Open-source the Oracle JDK Root Certificates rhalade parents: diff changeset	330	* @param url OCSP responder
472f74fb6c6b 8189131: Open-source the Oracle JDK Root Certificates rhalade parents: diff changeset	331	* @throws URISyntaxException
472f74fb6c6b 8189131: Open-source the Oracle JDK Root Certificates rhalade parents: diff changeset	332	*/
472f74fb6c6b 8189131: Open-source the Oracle JDK Root Certificates rhalade parents: diff changeset	333	public void setOCSPResponderURL(String url) throws URISyntaxException {
472f74fb6c6b 8189131: Open-source the Oracle JDK Root Certificates rhalade parents: diff changeset	334	certPathChecker.setOcspResponder(new URI(url));
472f74fb6c6b 8189131: Open-source the Oracle JDK Root Certificates rhalade parents: diff changeset	335	}
472f74fb6c6b 8189131: Open-source the Oracle JDK Root Certificates rhalade parents: diff changeset	336
472f74fb6c6b 8189131: Open-source the Oracle JDK Root Certificates rhalade parents: diff changeset	337	/**
472f74fb6c6b 8189131: Open-source the Oracle JDK Root Certificates rhalade parents: diff changeset	338	* Set validation date for EE certificate
472f74fb6c6b 8189131: Open-source the Oracle JDK Root Certificates rhalade parents: diff changeset	339	*
472f74fb6c6b 8189131: Open-source the Oracle JDK Root Certificates rhalade parents: diff changeset	340	* @param vDate string formatted date
472f74fb6c6b 8189131: Open-source the Oracle JDK Root Certificates rhalade parents: diff changeset	341	* @throws ParseException if vDate is incorrect
472f74fb6c6b 8189131: Open-source the Oracle JDK Root Certificates rhalade parents: diff changeset	342	*/
472f74fb6c6b 8189131: Open-source the Oracle JDK Root Certificates rhalade parents: diff changeset	343	public void setValidationDate(String vDate) throws ParseException {
472f74fb6c6b 8189131: Open-source the Oracle JDK Root Certificates rhalade parents: diff changeset	344	validationDate = DateFormat.getDateInstance(DateFormat.MEDIUM,
472f74fb6c6b 8189131: Open-source the Oracle JDK Root Certificates rhalade parents: diff changeset	345	Locale.US).parse(vDate);
472f74fb6c6b 8189131: Open-source the Oracle JDK Root Certificates rhalade parents: diff changeset	346	}
472f74fb6c6b 8189131: Open-source the Oracle JDK Root Certificates rhalade parents: diff changeset	347
472f74fb6c6b 8189131: Open-source the Oracle JDK Root Certificates rhalade parents: diff changeset	348	/**
472f74fb6c6b 8189131: Open-source the Oracle JDK Root Certificates rhalade parents: diff changeset	349	* Reset validation date for EE certificate to current date
472f74fb6c6b 8189131: Open-source the Oracle JDK Root Certificates rhalade parents: diff changeset	350	*/
472f74fb6c6b 8189131: Open-source the Oracle JDK Root Certificates rhalade parents: diff changeset	351	public void resetValidationDate() {
472f74fb6c6b 8189131: Open-source the Oracle JDK Root Certificates rhalade parents: diff changeset	352	validationDate = null;
472f74fb6c6b 8189131: Open-source the Oracle JDK Root Certificates rhalade parents: diff changeset	353	}
472f74fb6c6b 8189131: Open-source the Oracle JDK Root Certificates rhalade parents: diff changeset	354	}

author	rhalade
	Wed, 09 Oct 2019 12:21:28 -0700
changeset 58524	e84d8379815b
parent 54803	293d45e5108b
permissions	-rw-r--r--