Class NistCertPathTest2
- java.lang.Object
-
- junit.framework.Assert
-
- junit.framework.TestCase
-
- org.bouncycastle.jce.provider.test.nist.NistCertPathTest2
-
- All Implemented Interfaces:
junit.framework.Test
public class NistCertPathTest2 extends junit.framework.TestCase
-
-
Constructor Summary
Constructors Constructor Description NistCertPathTest2()
-
Method Summary
All Methods Instance Methods Concrete Methods Modifier and Type Method Description voidsetUp()voidtest4_1_1()4.1.1 Valid Signatures Test1voidtest4_1_2()4.1.2 Invalid CA Signature Test2voidtest4_1_3()4.1.3 Invalid EE Signature Test3voidtest4_1_4()4.1.4 Valid DSA Signatures Test4voidtest4_1_5()4.1.5 Valid DSA Parameter Inheritance Test5voidtest4_1_6()4.1.6 Invalid DSA Signature Test6voidtest4_10_1()4.10.1 Valid Policy Mapping Test1voidtest4_10_10()4.10.10 Invalid Policy Mapping Test10voidtest4_10_11()4.10.11 Valid Policy Mapping Test11voidtest4_10_12()4.10.12 Valid Policy Mapping Test12voidtest4_10_13()4.10.13 Valid Policy Mapping Test13voidtest4_10_14()4.10.14 Valid Policy Mapping Test14voidtest4_10_2()4.10.2 Invalid Policy Mapping Test2voidtest4_10_3()4.10.3 Valid Policy Mapping Test3voidtest4_10_4()4.10.4 Invalid Policy Mapping Test4voidtest4_10_5()4.10.5 Valid Policy Mapping Test5voidtest4_10_6()4.10.6 Valid Policy Mapping Test6voidtest4_10_7()4.10.7 Invalid Mapping From anyPolicy Test7voidtest4_10_8()4.10.8 Invalid Mapping To anyPolicy Test8voidtest4_10_9()4.10.9 Valid Policy Mapping Test9voidtest4_11_1()4.11.1 Invalid inhibitPolicyMapping Test1voidtest4_11_10()4.11.10 Invalid Self-Issued inhibitPolicyMapping Test10voidtest4_11_11()4.11.11 Invalid Self-Issued inhibitPolicyMapping Test11voidtest4_11_2()4.11.2 Valid inhibitPolicyMapping Test2voidtest4_11_3()4.11.3 Invalid inhibitPolicyMapping Test3voidtest4_11_4()4.11.4 Valid inhibitPolicyMapping Test4voidtest4_11_5()4.11.5 Invalid inhibitPolicyMapping Test5voidtest4_11_6()4.11.6 Invalid inhibitPolicyMapping Test6voidtest4_11_7()4.11.7 Valid Self-Issued inhibitPolicyMapping Test7voidtest4_11_8()4.11.8 Invalid Self-Issued inhibitPolicyMapping Test8voidtest4_11_9()4.11.9 Invalid Self-Issued inhibitPolicyMapping Test9voidtest4_12_1()4.12.1 Invalid inhibitAnyPolicy Test1voidtest4_12_10()4.12.10 Invalid Self-Issued inhibitAnyPolicy Test10voidtest4_12_2()4.12.2 Valid inhibitAnyPolicy Test2voidtest4_12_3()4.12.3 inhibitAnyPolicy Test3voidtest4_12_4()4.12.4 Invalid inhibitAnyPolicy Test4voidtest4_12_5()4.12.5 Invalid inhibitAnyPolicy Test5voidtest4_12_6()4.12.6 Invalid inhibitAnyPolicy Test6voidtest4_12_7()4.12.7 Valid Self-Issued inhibitAnyPolicy Test7voidtest4_12_8()4.12.8 Invalid Self-Issued inhibitAnyPolicy Test8voidtest4_12_9()4.12.9 Valid Self-Issued inhibitAnyPolicy Test9voidtest4_13_1()4.13.1 Valid DN nameConstraints Test1voidtest4_13_10()4.13.10 Invalid DN nameConstraints Test10voidtest4_13_11()4.13.11 Valid DN nameConstraints Test11voidtest4_13_12()4.13.12 Invalid DN nameConstraints Test12voidtest4_13_13()4.13.13 Invalid DN nameConstraints Test13voidtest4_13_14()4.13.14 Valid DN nameConstraints Test14voidtest4_13_15()4.13.15 Invalid DN nameConstraints Test15voidtest4_13_16()4.13.16 Invalid DN nameConstraints Test16voidtest4_13_17()4.13.17 Invalid DN nameConstraints Test17voidtest4_13_18()4.13.18 Valid DN nameConstraints Test18voidtest4_13_19()4.13.19 Valid Self-Issued DN nameConstraints Test19voidtest4_13_2()4.13.2 Invalid DN nameConstraints Test2voidtest4_13_20()4.13.20 Invalid Self-Issued DN nameConstraints Test20voidtest4_13_21()4.13.21 Valid RFC822 nameConstraints Test21voidtest4_13_22()4.13.22 Invalid RFC822 nameConstraints Test22voidtest4_13_23()4.13.23 Valid RFC822 nameConstraints Test23voidtest4_13_24()4.13.24 Invalid RFC822 nameConstraints Test24voidtest4_13_25()4.13.25 Valid RFC822 nameConstraints Test25voidtest4_13_26()4.13.26 Invalid RFC822 nameConstraints Test26voidtest4_13_27()4.13.27 Valid DN and RFC822 nameConstraints Test27voidtest4_13_28()4.13.28 Invalid DN and RFC822 nameConstraints Test28voidtest4_13_29()4.13.29 Invalid DN and RFC822 nameConstraints Test29voidtest4_13_3()4.13.3 Invalid DN nameConstraints Test3voidtest4_13_30()4.13.30 Valid DNS nameConstraints Test30voidtest4_13_31()4.13.31 Invalid DNS nameConstraints Test31voidtest4_13_32()4.13.32 Valid DNS nameConstraints Test32voidtest4_13_33()4.13.33 Invalid DNS nameConstraints Test33voidtest4_13_34()4.13.34 Valid URI nameConstraints Test34voidtest4_13_35()4.13.35 Invalid URI nameConstraints Test35voidtest4_13_36()4.13.36 Valid URI nameConstraints Test36voidtest4_13_37()4.13.37 Invalid URI nameConstraints Test37voidtest4_13_38()4.13.38 Invalid DNS nameConstraints Test38voidtest4_13_4()4.13.4 Valid DN nameConstraints Test4voidtest4_13_5()4.13.5 Valid DN nameConstraints Test5voidtest4_13_6()4.13.6 Valid DN nameConstraints Test6voidtest4_13_7()4.13.7 Invalid DN nameConstraints Test7voidtest4_13_8()4.13.8 Invalid DN nameConstraints Test8voidtest4_13_9()4.13.9 Invalid DN nameConstraints Test9voidtest4_14_1()4.14.1 Valid distributionPoint Test1voidtest4_14_10()4.14.10 Valid No issuingDistributionPoint Test10voidtest4_14_11()4.14.11 Invalid onlyContainsUserCerts CRL Test11voidtest4_14_12()4.14.12 Invalid onlyContainsCACerts CRL Test12voidtest4_14_13()4.14.13 Valid onlyContainsCACerts CRL Test13voidtest4_14_14()4.14.14 Invalid onlyContainsAttributeCerts Test14voidtest4_14_15()4.14.15 Invalid onlySomeReasons Test15voidtest4_14_16()4.14.16 Invalid onlySomeReasons Test16voidtest4_14_17()4.14.17 Invalid onlySomeReasons Test17voidtest4_14_18()4.14.18 Valid onlySomeReasons Test18voidtest4_14_19()4.14.19 Valid onlySomeReasons Test19voidtest4_14_2()4.14.2 Invalid distributionPoint Test2voidtest4_14_20()4.14.20 Invalid onlySomeReasons Test20voidtest4_14_21()4.14.21 Invalid onlySomeReasons Test21voidtest4_14_22()4.14.22 Valid IDP with indirectCRL Test22voidtest4_14_23()4.14.23 Invalid IDP with indirectCRL Test23voidtest4_14_3()4.14.3 Invalid distributionPoint Test3voidtest4_14_34()4.14.34 Invalid cRLIssuer Test34voidtest4_14_35()4.14.35 Invalid cRLIssuer Test35voidtest4_14_4()4.14.4 Valid distributionPoint Test4voidtest4_14_5()4.14.5 Valid distributionPoint Test5voidtest4_14_6()4.14.6 Invalid distributionPoint Test6voidtest4_14_7()4.14.7 Valid distributionPoint Test7voidtest4_14_8()4.14.8 Invalid distributionPoint Test8voidtest4_14_9()4.14.9 Invalid distributionPoint Test9voidtest4_15_1()4.15.1 Invalid deltaCRLIndicator No Base Test1voidtest4_15_10()4.15.10 Invalid delta-CRL Test10voidtest4_15_2()4.15.2 Valid delta-CRL Test2voidtest4_15_3()4.15.3 Invalid delta-CRL Test3voidtest4_15_4()4.15.4 Invalid delta-CRL Test4voidtest4_15_5()4.15.5 Valid delta-CRL Test5voidtest4_15_6()4.15.6 Invalid delta-CRL Test6voidtest4_15_7()4.15.7 Valid delta-CRL Test7voidtest4_15_8()4.15.8 Valid delta-CRL Test8voidtest4_15_9()4.15.9 Invalid delta-CRL Test9voidtest4_16_1()4.16.1 Valid Unknown Not Critical Certificate Extension Test1voidtest4_16_2()4.16.2 Invalid Unknown Critical Certificate Extension Test2voidtest4_2_1()4.2.1 Invalid CA notBefore Date Test1voidtest4_2_2()4.2.2 Invalid EE notBefore Date Test2voidtest4_2_3()4.2.3 Valid pre2000 UTC notBefore Date Test3voidtest4_2_4()4.2.4 Valid GeneralizedTime notBefore Date Test4voidtest4_2_5()4.2.5 Invalid CA notAfter Date Test5voidtest4_2_6()4.2.6 Invalid EE notAfter Date Test6voidtest4_2_7()4.2.7 Invalid pre2000 UTC EE notAfter Date Test7voidtest4_2_8()4.2.8 Valid GeneralizedTime notAfter Date Test8voidtest4_3_1()4.3.1 Invalid Name Chaining EE Test1voidtest4_3_10()4.3.10 Valid Rollover from PrintableString to UTF8String Test10voidtest4_3_11()4.3.11 Valid UTF8String Case Insensitive Match Test11voidtest4_3_2()4.3.2 Invalid Name Chaining Order Test2voidtest4_3_3()4.3.3 Valid Name Chaining Whitespace Test3voidtest4_3_4()4.3.4 Valid Name Chaining Whitespace Test4voidtest4_3_5()4.3.5 Valid Name Chaining Capitalization Test5voidtest4_3_6()4.3.6 Valid Name Chaining UIDs Test6voidtest4_3_7()4.3.7 Valid RFC3280 Mandatory Attribute Types Test7voidtest4_3_8()4.3.8 Valid RFC3280 Optional Attribute Types Test8voidtest4_3_9()4.3.9 Valid UTF8String Encoded Names Test9voidtest4_4_1()4.4.1 Missing CRL Test1voidtest4_4_10()4.4.10 Invalid Unknown CRL Extension Test10voidtest4_4_11()4.4.11 Invalid Old CRL nextUpdate Test11voidtest4_4_12()4.4.12 Invalid pre2000 CRL nextUpdate Test12voidtest4_4_13()4.4.13 Valid GeneralizedTime CRL nextUpdate Test13voidtest4_4_14()4.4.14 Valid Negative Serial Number Test14voidtest4_4_15()4.4.15 Invalid Negative Serial Number Test15voidtest4_4_16()4.4.16 Valid Long Serial Number Test16voidtest4_4_17()4.4.17 Valid Long Serial Number Test17voidtest4_4_18()4.4.18 Invalid Long Serial Number Test18voidtest4_4_2()4.4.2 Invalid Revoked CA Test2voidtest4_4_3()4.4.3 Invalid Revoked EE Test3voidtest4_4_4()4.4.4 Invalid Bad CRL Signature Test4voidtest4_4_5()4.4.5 Invalid Bad CRL Issuer Name Test5voidtest4_4_6()4.4.6 Invalid Wrong CRL Test6voidtest4_4_7()4.4.7 Valid Two CRLs Test7voidtest4_4_8()4.4.8 Invalid Unknown CRL Entry Extension Test8voidtest4_4_9()4.4.9 Invalid Unknown CRL Extension Test9voidtest4_5_1()4.5.1 Valid Basic Self-Issued Old With New Test1voidtest4_5_2()4.5.2 Invalid Basic Self-Issued Old With New Test2voidtest4_5_3()4.5.3 Valid Basic Self-Issued New With Old Test3voidtest4_5_8()4.5.8 Invalid Basic Self-Issued CRL Signing Key Test8voidtest4_6_1()4.6.1 Invalid Missing basicConstraints Test1voidtest4_6_10()4.6.10 Invalid pathLenConstraint Test10voidtest4_6_11()4.6.11 Invalid pathLenConstraint Test11voidtest4_6_12()4.6.12 Invalid pathLenConstraint Test12voidtest4_6_13()4.6.13 Valid pathLenConstraint Test13voidtest4_6_14()4.6.14 Valid pathLenConstraint Test14voidtest4_6_15()4.6.15 Valid Self-Issued pathLenConstraint Test15voidtest4_6_16()4.6.16 Invalid Self-Issued pathLenConstraint Test16voidtest4_6_17()4.6.17 Valid Self-Issued pathLenConstraint Test17voidtest4_6_2()4.6.2 Invalid cA False Test2voidtest4_6_3()4.6.3 Invalid cA False Test3voidtest4_6_4()4.6.4 Valid basicConstraints Not Critical Test4voidtest4_6_5()4.6.5 Invalid pathLenConstraint Test5voidtest4_6_6()4.6.6 Invalid pathLenConstraint Test6voidtest4_6_7()4.6.7 Valid pathLenConstraint Test7voidtest4_6_8()4.6.8 Valid pathLenConstraint Test8voidtest4_6_9()4.6.9 Invalid pathLenConstraint Test9voidtest4_7_1()4.7.1 Invalid keyUsage Critical keyCertSign False Test1voidtest4_7_2()4.7.2 Invalid keyUsage Not Critical keyCertSign False Test2voidtest4_7_3()4.7.3 Valid keyUsage Not Critical Test3voidtest4_7_4()4.7.4 Invalid keyUsage Critical cRLSign False Test4voidtest4_7_5()4.7.5 Invalid keyUsage Not Critical cRLSign False Test5voidtest4_8_1()4.8.1 All Certificates Same Policy Test1voidtest4_8_10()4.8.10 All Certificates Same Policies Test10voidtest4_8_11()4.8.11 All Certificates AnyPolicy Test11voidtest4_8_12()4.8.12 Different Policies Test12voidtest4_8_13()4.8.13 All Certificates Same Policies Test13voidtest4_8_14()4.8.14 AnyPolicy Test14voidtest4_8_15()4.8.15 User Notice Qualifier Test15voidtest4_8_16()4.8.16 User Notice Qualifier Test16voidtest4_8_17()4.8.17 User Notice Qualifier Test17voidtest4_8_18()4.8.18 User Notice Qualifier Test18voidtest4_8_19()4.8.19 User Notice Qualifier Test19voidtest4_8_2()4.8.2 All Certificates No Policies Test2voidtest4_8_20()4.8.20 CPS Pointer Qualifier Test20voidtest4_8_3()4.8.3 Different Policies Test3voidtest4_8_4()4.8.4 Different Policies Test4voidtest4_8_5()4.8.5 Different Policies Test5voidtest4_8_6()4.8.6 Overlapping Policies Test6voidtest4_8_7()4.8.7 Different Policies Test7voidtest4_8_8()4.8.8 Different Policies Test8voidtest4_8_9()4.8.9 Different Policies Test9voidtest4_9_1()4.9.1 Valid RequireExplicitPolicy Test1voidtest4_9_2()4.9.2 Valid RequireExplicitPolicy Test2voidtest4_9_3()4.9.3 Invalid RequireExplicitPolicy Test3voidtest4_9_4()4.9.4 Valid RequireExplicitPolicy Test4voidtest4_9_5()4.9.5 Invalid RequireExplicitPolicy Test5voidtest4_9_6()4.9.6 Valid Self-Issued requireExplicitPolicy Test6voidtest4_9_7()4.9.7 Invalid Self-Issued requireExplicitPolicy Test7voidtest4_9_8()4.9.8 Invalid Self-Issued requireExplicitPolicy Test8voidxtest4_14_24()4.14.24 Valid IDP with indirectCRL Test24voidxtest4_14_25()4.14.25 Valid IDP with indirectCRL Test25voidxtest4_14_26()4.14.26 Invalid IDP with indirectCRL Test26voidxtest4_14_27()4.14.27 Invalid cRLIssuer Test27voidxtest4_14_28()4.14.28 Valid cRLIssuer Test28voidxtest4_14_29()4.14.29 Valid cRLIssuer Test29voidxtest4_14_30()4.14.30 Valid cRLIssuer Test30voidxtest4_14_31()4.14.31 Invalid cRLIssuer Test31voidxtest4_14_32()4.14.32 Invalid cRLIssuer Test32voidxtest4_14_33()4.14.33 Valid cRLIssuer Test33voidxtest4_4_19()4.4.19 Valid Separate Certificate and CRL Keys Test19voidxtest4_4_20()4.4.20 Invalid Separate Certificate and CRL Keys Test20voidxtest4_4_21()4.4.21 Invalid Separate Certificate and CRL Keys Test21voidxtest4_5_4()4.5.4 Valid Basic Self-Issued New With Old Test4voidxtest4_5_5()4.5.5 Invalid Basic Self-Issued New With Old Test5voidxtest4_5_6()4.5.6 Valid Basic Self-Issued CRL Signing Key Test6voidxtest4_5_7()4.5.7 Invalid Basic Self-Issued CRL Signing Key Test7-
Methods inherited from class junit.framework.TestCase
assertEquals, assertEquals, assertEquals, assertEquals, assertEquals, assertEquals, assertEquals, assertEquals, assertEquals, assertEquals, assertEquals, assertEquals, assertEquals, assertEquals, assertEquals, assertEquals, assertEquals, assertEquals, assertEquals, assertEquals, assertFalse, assertFalse, assertNotNull, assertNotNull, assertNotSame, assertNotSame, assertNull, assertNull, assertSame, assertSame, assertTrue, assertTrue, countTestCases, createResult, fail, fail, failNotEquals, failNotSame, failSame, format, getName, run, run, runBare, runTest, setName, tearDown, toString
-
-
-
-
Method Detail
-
setUp
public void setUp()
- Overrides:
setUpin classjunit.framework.TestCase
-
test4_1_1
public void test4_1_1() throws java.lang.Exception4.1.1 Valid Signatures Test1The purpose of this test is to verify an application's ability to name chain, signature chain, and check validity dates, on certificates in a certification path. It also tests processing of the basic constraints and key usage extensions in intermediate certificates.
- Throws:
java.lang.Exception
-
test4_1_2
public void test4_1_2() throws java.lang.Exception4.1.2 Invalid CA Signature Test2The purpose of this test is to verify an application's ability to recognize an invalid signature on an intermediate certificate in a certification path.
- Throws:
java.lang.Exception
-
test4_1_3
public void test4_1_3() throws java.lang.Exception4.1.3 Invalid EE Signature Test3The purpose of this test is to verify an application's ability to recognize an invalid signature on an end entity certificate in a certification path.
- Throws:
java.lang.Exception
-
test4_1_4
public void test4_1_4() throws java.lang.Exception4.1.4 Valid DSA Signatures Test4The purpose of this test is to verify an application's ability to validate certificate in which DSA signatures are used. The intermediate CA and the end entity have DSA key pairs.
- Throws:
java.lang.Exception
-
test4_1_5
public void test4_1_5() throws java.lang.Exception4.1.5 Valid DSA Parameter Inheritance Test5The purpose of this test is to verify an application's ability to validate DSA signatures when the DSA parameters are not included in a certificate and need to be inherited from a previous certificate in the path. The intermediate CAs and the end entity have DSA key pairs.
- Throws:
java.lang.Exception
-
test4_1_6
public void test4_1_6() throws java.lang.Exception4.1.6 Invalid DSA Signature Test6The purpose of this test is to verify an application's ability to determine when a DSA signature is invalid. The intermediate CA and the end entity have DSA key pairs.
- Throws:
java.lang.Exception
-
test4_2_1
public void test4_2_1() throws java.lang.Exception4.2.1 Invalid CA notBefore Date Test1In this test, the intermediate certificate's notBefore date is after the current date.
- Throws:
java.lang.Exception
-
test4_2_2
public void test4_2_2() throws java.lang.Exception4.2.2 Invalid EE notBefore Date Test2In this test, the end entity certificate's notBefore date is after the current date.
- Throws:
java.lang.Exception
-
test4_2_3
public void test4_2_3() throws java.lang.Exception4.2.3 Valid pre2000 UTC notBefore Date Test3In this test, the end entity certificate's notBefore date is set to 1950 and is encoded in UTCTime.
- Throws:
java.lang.Exception
-
test4_2_4
public void test4_2_4() throws java.lang.Exception4.2.4 Valid GeneralizedTime notBefore Date Test4In this test, the end entity certificate's notBefore date is specified in GeneralizedTime.
- Throws:
java.lang.Exception
-
test4_2_5
public void test4_2_5() throws java.lang.Exception4.2.5 Invalid CA notAfter Date Test5In this test, the intermediate certificate's notAfter date is before the current date. 9
- Throws:
java.lang.Exception
-
test4_2_6
public void test4_2_6() throws java.lang.Exception4.2.6 Invalid EE notAfter Date Test6In this test, the end entity certificate's notAfter date is before the current date.
- Throws:
java.lang.Exception
-
test4_2_7
public void test4_2_7() throws java.lang.Exception4.2.7 Invalid pre2000 UTC EE notAfter Date Test7In this test, the end entity certificate's notAfter date is 1999 and is encoded in UTCTime.
- Throws:
java.lang.Exception
-
test4_2_8
public void test4_2_8() throws java.lang.Exception4.2.8 Valid GeneralizedTime notAfter Date Test8In this test, the end entity certificate's notAfter date is 2050 and is encoded in GeneralizedTime.
- Throws:
java.lang.Exception
-
test4_3_1
public void test4_3_1() throws java.lang.Exception4.3.1 Invalid Name Chaining EE Test1In this test, the common name (cn=) portion of the issuer's name in the end entity certificate does not match the common name portion of the subject's name in the preceding intermediate certificate.
- Throws:
java.lang.Exception
-
test4_3_2
public void test4_3_2() throws java.lang.Exception4.3.2 Invalid Name Chaining Order Test2In this test, the issuer's name in the end entity certificate and the subject's name in the preceding intermediate certificate contain the same relative distinguished names (RDNs), but their ordering is different.
- Throws:
java.lang.Exception
-
test4_3_3
public void test4_3_3() throws java.lang.Exception4.3.3 Valid Name Chaining Whitespace Test3In this test, the issuer's name in the end entity certificate and the subject's name in the preceding intermediate certificate differ in internal whitespace, but match once the internal whitespace is compressed.
- Throws:
java.lang.Exception
-
test4_3_4
public void test4_3_4() throws java.lang.Exception4.3.4 Valid Name Chaining Whitespace Test4In this test, the issuer's name in the end entity certificate and the subject's name in the preceding intermediate certificate differ in leading and trailing whitespace, but match once all leading and trailing whitespace is removed.
- Throws:
java.lang.Exception
-
test4_3_5
public void test4_3_5() throws java.lang.Exception4.3.5 Valid Name Chaining Capitalization Test5In this test, the issuer's name in the end entity certificate and the subject's name in the preceding intermediate certificate differ in capitalization, but match when a case insensitive match is performed.
- Throws:
java.lang.Exception
-
test4_3_6
public void test4_3_6() throws java.lang.Exception4.3.6 Valid Name Chaining UIDs Test6In this test, the intermediate certificate includes a subjectUniqueID and the end entity certificate includes a matching issuerUniqueID. 12
- Throws:
java.lang.Exception
-
test4_3_7
public void test4_3_7() throws java.lang.Exception4.3.7 Valid RFC3280 Mandatory Attribute Types Test7In this test, this intermediate certificate includes a subject name that includes the attribute types distinguished name qualifier, state or province name, serial number, domain component, organization, and country.
- Throws:
java.lang.Exception
-
test4_3_8
public void test4_3_8() throws java.lang.Exception4.3.8 Valid RFC3280 Optional Attribute Types Test8In this test, this intermediate certificate includes a subject name that includes the attribute types locality, title, surname, given name, initials, pseudonym, generation qualifier, organization, and country.
- Throws:
java.lang.Exception
-
test4_3_9
public void test4_3_9() throws java.lang.Exception4.3.9 Valid UTF8String Encoded Names Test9In this test, the attribute values for the common name and organization attribute types in the subject fields of the intermediate and end certificates and the issuer fields of the end certificate and the intermediate certificate's CRL are encoded in UTF8String. 13
- Throws:
java.lang.Exception
-
test4_3_10
public void test4_3_10() throws java.lang.Exception4.3.10 Valid Rollover from PrintableString to UTF8String Test10In this test, the attribute values for the common name and organization attribute types in the issuer and subject fields of the end certificate and the issuer field of the intermediate certificate's CRL are encoded in UTF8String. However, these attribute types are encoded in PrintableString in the subject field of the intermediate certificate.
- Throws:
java.lang.Exception
-
test4_3_11
public void test4_3_11() throws java.lang.Exception4.3.11 Valid UTF8String Case Insensitive Match Test11In this test, the attribute values for the common name and organization attribute types in the subject fields of the intermediate and end certificates and the issuer fields of the end certificate and the intermediate certificate's CRL are encoded in UTF8String. The subject of the intermediate certificate and the issuer of the end certificate differ in capitalization and whitespace, but match when a case insensitive match is performed.
- Throws:
java.lang.Exception
-
test4_4_1
public void test4_4_1() throws java.lang.Exception4.4.1 Missing CRL Test1In this test, there is no revocation information available from the intermediate CA, making it impossible to determine the status of the end certificate.
- Throws:
java.lang.Exception
-
test4_4_2
public void test4_4_2() throws java.lang.Exception4.4.2 Invalid Revoked CA Test2In this test, the CRL issued by the first intermediate CA indicates that the second intermediate certificate in the path has been revoked.
- Throws:
java.lang.Exception
-
test4_4_3
public void test4_4_3() throws java.lang.Exception4.4.3 Invalid Revoked EE Test3In this test, the CRL issued by the intermediate CA indicates that the end entity certificate has been revoked.
- Throws:
java.lang.Exception
-
test4_4_4
public void test4_4_4() throws java.lang.Exception4.4.4 Invalid Bad CRL Signature Test4In this test, the signature on the CRL issued by the intermediate CA is invalid.
- Throws:
java.lang.Exception
-
test4_4_5
public void test4_4_5() throws java.lang.Exception4.4.5 Invalid Bad CRL Issuer Name Test5In this test, the issuer name in the CRL signed by the intermediate CA does not match the issuer name in the end entity's certificate.
- Throws:
java.lang.Exception
-
test4_4_6
public void test4_4_6() throws java.lang.Exception4.4.6 Invalid Wrong CRL Test6In this test, the wrong CRL is in the intermediate certificate's directory entry. There is no CRL available from the intermediate CA making it impossible to determine the status of the end entity's certificate.
- Throws:
java.lang.Exception
-
test4_4_7
public void test4_4_7() throws java.lang.Exception4.4.7 Valid Two CRLs Test7In this test, there are two CRLs in the intermediate CAs directory entry, one that is correct and one that contains the wrong issuer name. The correct CRL does not list any certificates as revoked. The incorrect CRL includes the serial number of the end entity's certificate on its list of revoked certificates.
- Throws:
java.lang.Exception
-
test4_4_8
public void test4_4_8() throws java.lang.Exception4.4.8 Invalid Unknown CRL Entry Extension Test8In this test, the end entity's certificate has been revoked. In the intermediate CA's CRL, there is a made up critical crlEntryExtension associated with the end entity certificate's serial number. [X.509 7.3] When an implementation processing a CRL encounters the serial number of the certificate of interest in a CRL entry, but does not recognize a critical extension in the crlEntryExtensions field from that CRL entry, that CRL cannot be used to determine the status of the certificate.
- Throws:
java.lang.Exception
-
test4_4_9
public void test4_4_9() throws java.lang.Exception4.4.9 Invalid Unknown CRL Extension Test9In this test, the end entity's certificate has been revoked. In the intermediate CA's CRL, there is a made up critical extension in the crlExtensions field. [X.509 7.3] When an implementation does not recognize a critical extension in the crlExtensions field, that CRL cannot be used to determine the status of the certificate, regardless of whether the serial number of the certificate of interest appears in that CRL or not.
- Throws:
java.lang.Exception
-
test4_4_10
public void test4_4_10() throws java.lang.Exception4.4.10 Invalid Unknown CRL Extension Test10In this test the intermediate CA's CRL contains a made up critical extension in the crlExtensions field. The end entity certificate's serial number is not listed on the CRL, however, due to the presence of an unknown critical CRL extension, the relying party can not be sure that the list of serial numbers on the revokedCertificates list includes all certificates that have been revoked by the intermediate CA. As a result, the relying party can not verify that the end entity's certificate has not been revoked. 18
- Throws:
java.lang.Exception
-
test4_4_11
public void test4_4_11() throws java.lang.Exception4.4.11 Invalid Old CRL nextUpdate Test11In this test the intermediate CA's CRL has a nextUpdate time that is far in the past (January 2010), indicating that the CA has already issued updated revocation information. Since the information in the CRL is out-of-date and a more up-to-date CRL (that should have already been issued) can not be obtained, the certification path should be treated as if the status of the end entity certificate can not be determined.3
- Throws:
java.lang.Exception
-
test4_4_12
public void test4_4_12() throws java.lang.Exception4.4.12 Invalid pre2000 CRL nextUpdate Test12In this test the intermediate CA's CRL has a nextUpdate time that is in 1999 indicating that the CA has already issued updated revocation information. Since the information in the CRL is outof-date and a more up-to-date CRL (that should have already been issued) can not be obtained, the certification path should be treated as if the status of the end entity certificate can not be determined.
- Throws:
java.lang.Exception
-
test4_4_13
public void test4_4_13() throws java.lang.Exception4.4.13 Valid GeneralizedTime CRL nextUpdate Test13In this test the intermediate CA's CRL has a nextUpdate time that is in 2050. Since the nextUpdate time is in the future, this CRL may contain the most up-to-date certificate status information that is available from the intermediate CA and so the relying party may use this CRL to determine the status of the end entity certificate.
- Throws:
java.lang.Exception
-
test4_4_14
public void test4_4_14() throws java.lang.Exception4.4.14 Valid Negative Serial Number Test14RFC 3280 mandates that certificate serial numbers be positive integers, but states that relying parties should be prepared to gracefully handle certificates with serial numbers that are negative, or zero. In this test, the end entity's certificate has a serial number of 255 (DER encoded as "00 FF") and the corresponding CRL lists the certificate with serial number -1 (DER encoded as "FF") as revoked.
- Throws:
java.lang.Exception
-
test4_4_15
public void test4_4_15() throws java.lang.Exception4.4.15 Invalid Negative Serial Number Test15RFC 3280 mandates that certificate serial numbers be positive integers, but states that relying parties should be prepared to gracefully handle certificates with serial numbers that are negative, or zero. In this test, the end entity's certificate has a serial number of -1 (DER encoded as "FF") and the corresponding CRL lists this certificate as revoked.
- Throws:
java.lang.Exception
-
test4_4_16
public void test4_4_16() throws java.lang.Exception4.4.16 Valid Long Serial Number Test16RFC 3280 mandates that certificate users be able to handle serial number values up to 20 octets long. In this test, the end entity's certificate has a 20 octet serial number that is not listed on the corresponding CRL, but the serial number matches the serial number listed on the CRL in all but the least significant octet.
- Throws:
java.lang.Exception
-
test4_4_17
public void test4_4_17() throws java.lang.Exception4.4.17 Valid Long Serial Number Test17RFC 3280 mandates that certificate users be able to handle serial number values up to 20 octets long. In this test, the end entity's certificate has a 20 octet serial number that is not listed on the corresponding CRL, but the serial number matches the serial number listed on the CRL in all but the most significant octet.
- Throws:
java.lang.Exception
-
test4_4_18
public void test4_4_18() throws java.lang.Exception4.4.18 Invalid Long Serial Number Test18RFC 3280 mandates that certificate users be able to handle serial number values up to 20 octets long. In this test, the end entity's certificate has a 20 octet serial number and the certificate's serial number is listed on the corresponding CRL.
- Throws:
java.lang.Exception
-
xtest4_4_19
public void xtest4_4_19() throws java.lang.Exception4.4.19 Valid Separate Certificate and CRL Keys Test19In this test, the intermediate CA uses different keys to sign certificates and CRLs. The Trust Anchor CA has issued two certificates to the intermediate CA, one for each key. The end entity's certificate was signed using the intermediate CA's certificate signing key.
- Throws:
java.lang.Exception
-
xtest4_4_20
public void xtest4_4_20() throws java.lang.Exception4.4.20 Invalid Separate Certificate and CRL Keys Test20In this test, the intermediate CA uses different keys to sign certificates and CRLs. The Trust Anchor CA has issued two certificates to the intermediate CA, one for each key. The end entity's certificate was signed using the intermediate CA's certificate signing key. The CRL issued by the intermediate CA lists the end entity's certificate as revoked.
- Throws:
java.lang.Exception
-
xtest4_4_21
public void xtest4_4_21() throws java.lang.Exception4.4.21 Invalid Separate Certificate and CRL Keys Test21In this test, the intermediate CA uses different keys to sign certificates and CRLs. The Trust Anchor CA has issued two certificates to the intermediate CA, one for each key. The certificate issued to the intermediate CA's CRL verification key has been revoked. The end entity's certificate was signed using the intermediate CA's certificate signing key.
- Throws:
java.lang.Exception
-
test4_5_1
public void test4_5_1() throws java.lang.Exception4.5.1 Valid Basic Self-Issued Old With New Test1In this test, the Trust Anchor CA has issued a certificate to the intermediate CA that contains the intermediate CA's new public key. The end entity's certificate was signed using the intermediate CA's old private key, requiring the relying party to use the CA's old-signed-with-new self-issued certificate in order to validate the end entity's certificate. The intermediate CA issues one CRL, signed with its new private key, that covers all of the unexpired certificates that it has issued.
- Throws:
java.lang.Exception
-
test4_5_2
public void test4_5_2() throws java.lang.Exception4.5.2 Invalid Basic Self-Issued Old With New Test2In this test, the Trust Anchor CA has issued a certificate to the intermediate CA that contains the intermediate CA's new public key. The end entity's certificate was signed using the intermediate CA's old private key, requiring the relying party to use the CA's old-signed-with-new self-issued certificate in order to validate the end entity's certificate. The intermediate CA issues one CRL, signed with its new private key, that covers all of the unexpired certificates that it has issued. This CRL indicates that the end entity's certificate has been revoked.
- Throws:
java.lang.Exception
-
test4_5_3
public void test4_5_3() throws java.lang.Exception4.5.3 Valid Basic Self-Issued New With Old Test3In this test, the Trust Anchor CA has issued a certificate to the intermediate CA that contains the intermediate CA's old public key. The end entity's certificate and a CRL covering all certificates issued by the intermediate CA was signed using the intermediate CA's new private key, requiring the relying party to use the CA's new-signed-with-old self-issued certificate in order to validate both the end entity's certificate and the intermediate CA's CRL. There is a second CRL, signed using the intermediate CA's old private key that only covers the new-signed-with-old self-issued certificate.
- Throws:
java.lang.Exception
-
xtest4_5_4
public void xtest4_5_4() throws java.lang.Exception4.5.4 Valid Basic Self-Issued New With Old Test4In this test, the Trust Anchor CA has issued a certificate to the intermediate CA that contains the intermediate CA's old public key. The end entity's certificate was signed using the intermediate CA's old private key, so there is no need to use a self-issued certificate to create a certification path from the Trust Anchor to the end entity. However, the CRL covering all certificates issued by the intermediate CA was signed using the intermediate CA's new private key, requiring the relying party to use the CA's new-signed-with-old self-issued certificate in order to validate the intermediate CA's CRL. This CRL must be validated in order to determine the status of the end entity's certificate. There is a second CRL, signed using the intermediate CA's old private key that only covers the new-signed-with-old self-issued certificate.
- Throws:
java.lang.Exception
-
xtest4_5_5
public void xtest4_5_5() throws java.lang.Exception4.5.5 Invalid Basic Self-Issued New With Old Test5In this test, the Trust Anchor CA has issued a certificate to the intermediate CA that contains the intermediate CA's old public key. The end entity's certificate was signed using the intermediate CA's old private key, so there is no need to use a self-issued certificate to create a certification path from the Trust Anchor to the end entity. However, the CRL covering all certificates issued by the intermediate CA was signed using the intermediate CA's new private key, requiring the relying party to use the CA's new-signed-with-old self-issued certificate in order to validate the intermediate CA's CRL. This CRL must be validated in order to determine the status of the end entity's certificate. There is a second CRL, signed using the intermediate CA's old private key that only covers the new-signed-with-old self-issued certificate. The end entity's certificate has been revoked.
- Throws:
java.lang.Exception
-
xtest4_5_6
public void xtest4_5_6() throws java.lang.Exception4.5.6 Valid Basic Self-Issued CRL Signing Key Test6In this test, the intermediate CA maintains two key pairs, one for signing certificates and the other for signing CRLs. The Trust Anchor CA has issued a certificate to the intermediate CA that contains the intermediate CA's certificate verification public key, and the intermediate CA has issued a self-issued certificate that contains its CRL verification key. The intermediate CA's certificate signing private key has been used to sign a CRL that only covers the self-issued certificate.
- Throws:
java.lang.Exception
-
xtest4_5_7
public void xtest4_5_7() throws java.lang.Exception4.5.7 Invalid Basic Self-Issued CRL Signing Key Test7In this test, the intermediate CA maintains two key pairs, one for signing certificates and the other for signing CRLs. The Trust Anchor CA has issued a certificate to the intermediate CA that contains the intermediate CA's certificate verification public key, and the intermediate CA has issued a self-issued certificate that contains its CRL verification key. The intermediate CA's certificate signing private key has been used to sign a CRL that only covers the self-issued certificate. The end entity's certificate has been revoked.
- Throws:
java.lang.Exception
-
test4_5_8
public void test4_5_8() throws java.lang.Exception4.5.8 Invalid Basic Self-Issued CRL Signing Key Test8In this test, the intermediate CA maintains two key pairs, one for signing certificates and the other for signing CRLs. The Trust Anchor CA has issued a certificate to the intermediate CA that contains the intermediate CA's certificate verification public key, and the intermediate CA has issued a self-issued certificate that contains its CRL verification key. The intermediate CA's certificate signing private key has been used to sign a CRL that only covers the self-issued certificate. The end entity's certificate was signed using the CRL signing key.
- Throws:
java.lang.Exception
-
test4_6_1
public void test4_6_1() throws java.lang.Exception4.6.1 Invalid Missing basicConstraints Test1In this test, the intermediate certificate does not have a basicConstraints extension.
- Throws:
java.lang.Exception
-
test4_6_2
public void test4_6_2() throws java.lang.Exception4.6.2 Invalid cA False Test2In this test, the basicConstraints extension is present in the intermediate certificate and is marked critical, but the cA component is false, indicating that the subject public key may not be used to verify signatures on certificates.
- Throws:
java.lang.Exception
-
test4_6_3
public void test4_6_3() throws java.lang.Exception4.6.3 Invalid cA False Test3In this test, the basicConstraints extension is present in the intermediate certificate and is marked not critical, but the cA component is false, indicating that the subject public key may not be used to verify signatures on certificates. As specified in section 8.4.2.1 of X.509, the application must reject the path either because the application does not recognize the basicConstraints extension or because cA is set to false.
- Throws:
java.lang.Exception
-
test4_6_4
public void test4_6_4() throws java.lang.Exception4.6.4 Valid basicConstraints Not Critical Test4In this test, the basicConstraints extension is present in the intermediate certificate and the cA component is true, but the extension is marked not critical.
- Throws:
java.lang.Exception
-
test4_6_5
public void test4_6_5() throws java.lang.Exception4.6.5 Invalid pathLenConstraint Test5In this test, the first certificate in the path includes a basicConstraints extension with a pathLenConstraint of 0 (allowing 0 additional intermediate certificates in the path). This is followed by a second intermediate certificate and a end entity certificate.
- Throws:
java.lang.Exception
-
test4_6_6
public void test4_6_6() throws java.lang.Exception4.6.6 Invalid pathLenConstraint Test6In this test, the first certificate in the path includes a basicConstraints extension with a pathLenConstraint of 0 (allowing 0 additional intermediate certificates in the path). This is followed by two more CA certificates, the second of which is the end certificate in the path.
- Throws:
java.lang.Exception
-
test4_6_7
public void test4_6_7() throws java.lang.Exception4.6.7 Valid pathLenConstraint Test7In this test, the first certificate in the path includes a basicConstraints extension with a pathLenConstraint of 0 (allowing 0 additional intermediate certificates in the path). This is followed by the end entity certificate.
- Throws:
java.lang.Exception
-
test4_6_8
public void test4_6_8() throws java.lang.Exception4.6.8 Valid pathLenConstraint Test8In this test, the first certificate in the path includes a basicConstraints extension with a pathLenConstraint of 0 (allowing 0 additional intermediate certificates in the path). This is followed by the end entity certificate, which is a CA certificate.
- Throws:
java.lang.Exception
-
test4_6_9
public void test4_6_9() throws java.lang.Exception4.6.9 Invalid pathLenConstraint Test9This test consists of a certification path of length 4. The first certificate in the path includes a pathLenConstraint of 6, the second a pathLenConstraint of 0, and the third a pathLenConstraint of 0. The fourth certificate is an end entity certificate.
- Throws:
java.lang.Exception
-
test4_6_10
public void test4_6_10() throws java.lang.Exception4.6.10 Invalid pathLenConstraint Test10This test consists of a certification path of length 4. The first certificate in the path includes a pathLenConstraint of 6, the second a pathLenConstraint of 0, and the third a pathLenConstraint of 0. The end entity certificate is a CA certificate.
- Throws:
java.lang.Exception
-
test4_6_11
public void test4_6_11() throws java.lang.Exception4.6.11 Invalid pathLenConstraint Test11This test consists of a certification path of length 5. The first certificate in the path includes a pathLenConstraint of 6, the second a pathLenConstraint of 1, and the third a pathLenConstraint of 1. The fourth certificate does not include a pathLenConstraint. The fifth certificate is an end entity certificate.
- Throws:
java.lang.Exception
-
test4_6_12
public void test4_6_12() throws java.lang.Exception4.6.12 Invalid pathLenConstraint Test12This test consists of a certification path of length 5. The first certificate in the path includes a pathLenConstraint of 6, the second a pathLenConstraint of 1, and the third a pathLenConstraint of 1. The fourth certificate does not include a pathLenConstraint. The end entity certificate is a CA certificate.
- Throws:
java.lang.Exception
-
test4_6_13
public void test4_6_13() throws java.lang.Exception4.6.13 Valid pathLenConstraint Test13This test consists of a certification path of length 5. The first certificate in the path includes a pathLenConstraint of 6, the second a pathLenConstraint of 4, and the third a pathLenConstraint of 1. The fourth certificate does not include a pathLenConstraint. The fifth certificate is an end entity certificate.
- Throws:
java.lang.Exception
-
test4_6_14
public void test4_6_14() throws java.lang.Exception4.6.14 Valid pathLenConstraint Test14This test consists of a certification path of length 5. The first certificate in the path includes a pathLenConstraint of 6, the second a pathLenConstraint of 4, and the third a pathLenConstraint of 1. The fourth certificate does not include a pathLenConstraint. The end entity certificate is a CA certificate.
- Throws:
java.lang.Exception
-
test4_6_15
public void test4_6_15() throws java.lang.Exception4.6.15 Valid Self-Issued pathLenConstraint Test15In this test, the first certificate in the path includes a basicConstraints extension with a pathLenConstraint of 0 (allowing 0 additional non-self-issued intermediate certificates in the path). This is followed by a self-issued certificate and the end entity certificate. 32
- Throws:
java.lang.Exception
-
test4_6_16
public void test4_6_16() throws java.lang.Exception4.6.16 Invalid Self-Issued pathLenConstraint Test16In this test, the first certificate in the path includes a basicConstraints extension with a pathLenConstraint of 0 (allowing 0 additional non-self-issued intermediate certificates in the path). This is followed by a self-issued certificate, an non-self-issued certificate, and the end entity certificate.
- Throws:
java.lang.Exception
-
test4_6_17
public void test4_6_17() throws java.lang.Exception4.6.17 Valid Self-Issued pathLenConstraint Test17In this test, the first certificate in the path includes a basicConstraints extension with a pathLenConstraint of 1 (allowing 1 additional non-self-issued intermediate certificate in the path). This is followed by a self-issued certificate, a non-self-issued certificate, another self-issued certificate, and the end entity certificate.
- Throws:
java.lang.Exception
-
test4_7_1
public void test4_7_1() throws java.lang.Exception4.7.1 Invalid keyUsage Critical keyCertSign False Test1In this test, the intermediate certificate includes a critical keyUsage extension in which keyCertSign is false.
- Throws:
java.lang.Exception
-
test4_7_2
public void test4_7_2() throws java.lang.Exception4.7.2 Invalid keyUsage Not Critical keyCertSign False Test2In this test, the intermediate certificate includes a non-critical keyUsage extension in which keyCertSign is false.
- Throws:
java.lang.Exception
-
test4_7_3
public void test4_7_3() throws java.lang.Exception4.7.3 Valid keyUsage Not Critical Test3In this test, the intermediate certificate includes a non-critical keyUsage extension. 34
- Throws:
java.lang.Exception
-
test4_7_4
public void test4_7_4() throws java.lang.Exception4.7.4 Invalid keyUsage Critical cRLSign False Test4In this test, the intermediate certificate includes a critical keyUsage extension in which cRLSign is false.
- Throws:
java.lang.Exception
-
test4_7_5
public void test4_7_5() throws java.lang.Exception4.7.5 Invalid keyUsage Not Critical cRLSign False Test5In this test, the intermediate certificate includes a non-critical keyUsage extension in which cRLSign is false.
- Throws:
java.lang.Exception
-
test4_8_1
public void test4_8_1() throws java.lang.Exception4.8.1 All Certificates Same Policy Test1In this test, every certificate in the path asserts the same policy, NIST-test-policy-1. The certification path in this test is the same certification path as in Valid Signatures Test1. If possible, it is recommended that the certification path in this test be validated using the following inputs: 1. default settings, but with initial-explicit-policy set. The path should validate successfully. 2. default settings, but with initial-explicit-policy set and initial-policy-set = {NIST-test-policy-1}. The path should validate successfully. 3. default settings, but with initial-explicit-policy set and initial-policy-set = {NIST-test-policy-2}. The path should not validate successfully. 4. default settings, but with initial-explicit-policy set and initial-policy-set = {NIST-test-policy-1, NIST-test-policy-2}. The path should validate successfully.
- Throws:
java.lang.Exception
-
test4_8_2
public void test4_8_2() throws java.lang.Exception4.8.2 All Certificates No Policies Test2In this test, the certificatePolicies extension is omitted from every certificate in the path. If possible, it is recommended that the certification path in this test be validated using the following inputs: 1. default settings. The path should validate successfully. 2. default settings, but with initial-explicit-policy set . The path should not validate successfully.
- Throws:
java.lang.Exception
-
test4_8_3
public void test4_8_3() throws java.lang.Exception4.8.3 Different Policies Test3In this test, every certificate in the path asserts the same certificate policy except the first certificate in the path. If possible, it is recommended that the certification path in this test be validated using the following inputs: 1. default settings. The path should validate successfully. 2. default settings, but with initial-explicit-policy set . The path should not validate successfully. 3. default settings, but with initial-explicit-policy set and initial-policy-set = {NIST-test-policy-1, NIST-test-policy-2}. The path should not validate successfully.
- Throws:
java.lang.Exception
-
test4_8_4
public void test4_8_4() throws java.lang.Exception4.8.4 Different Policies Test4In this test, every certificate in the path asserts the same certificate policy except the end entity certificate.
- Throws:
java.lang.Exception
-
test4_8_5
public void test4_8_5() throws java.lang.Exception4.8.5 Different Policies Test5In this test, every certificate in the path except the second certificate asserts the same policy.
- Throws:
java.lang.Exception
-
test4_8_6
public void test4_8_6() throws java.lang.Exception4.8.6 Overlapping Policies Test6The following path is such that the intersection of certificate policies among all the certificates has exactly one policy, NIST-test-policy-1. The final certificate in the path is a CA certificate. If possible, it is recommended that the certification path in this test be validated using the following inputs: 1. default settings. The path should validate successfully. 2. default settings, but with initial-policy-set = {NIST-test-policy-1}. The path should validate successfully. 3. default settings, but with initial-policy-set = {NIST-test-policy-2}. The path should not validate successfully.
- Throws:
java.lang.Exception
-
test4_8_7
public void test4_8_7() throws java.lang.Exception4.8.7 Different Policies Test7The following path is such that the intersection of certificate policies among all the certificates is empty. The final certificate in the path is a CA certificate.
- Throws:
java.lang.Exception
-
test4_8_8
public void test4_8_8() throws java.lang.Exception4.8.8 Different Policies Test8The following path is such that the intersection of certificate policies among all the certificates is empty. The final certificate in the path is a CA certificate.
- Throws:
java.lang.Exception
-
test4_8_9
public void test4_8_9() throws java.lang.Exception4.8.9 Different Policies Test9The following path is such that the intersection of certificate policies among all the certificates is empty.
- Throws:
java.lang.Exception
-
test4_8_10
public void test4_8_10() throws java.lang.Exception4.8.10 All Certificates Same Policies Test10In this test, every certificate in the path asserts the same policies, NIST-test-policy-1 and NISTtest-policy-2. If possible, it is recommended that the certification path in this test be validated using the following inputs: 1. default settings. The path should validate successfully. 2. default settings, but with initial-policy-set = {NIST-test-policy-1}. The path should validate successfully. 3. default settings, but with initial-policy-set = {NIST-test-policy-2}. The path should validate successfully.
- Throws:
java.lang.Exception
-
test4_8_11
public void test4_8_11() throws java.lang.Exception4.8.11 All Certificates AnyPolicy Test11In this test, every certificate in the path asserts the special policy anyPolicy. If possible, it is recommended that the certification path in this test be validated using the following inputs: 1. default settings. The path should validate successfully. 2. default settings, but with initial-policy-set = {NIST-test-policy-1}. The path should validate successfully.
- Throws:
java.lang.Exception
-
test4_8_12
public void test4_8_12() throws java.lang.Exception4.8.12 Different Policies Test12In this test, the path consists of two certificates, each of which asserts a different certificate policy.
- Throws:
java.lang.Exception
-
test4_8_13
public void test4_8_13() throws java.lang.Exception4.8.13 All Certificates Same Policies Test13In this test, every certificate in the path asserts the same policies, NIST-test-policy-1, NIST-testpolicy-2, and NIST-test-policy-3. If possible, it is recommended that the certification path in this test be validated using the following inputs: 1. default settings, but with initial-policy-set = {NIST-test-policy-1}. The path should validate successfully. 2. default settings, but with initial-policy-set = {NIST-test-policy-2}. The path should validate successfully. 3. default settings, but with initial-policy-set = {NIST-test-policy-3}. The path should validate successfully.
- Throws:
java.lang.Exception
-
test4_8_14
public void test4_8_14() throws java.lang.Exception4.8.14 AnyPolicy Test14In this test, the intermediate certificate asserts anyPolicy and the end entity certificate asserts NIST-test-policy-1. If possible, it is recommended that the certification path in this test be validated using the following inputs: 1. default settings, but with initial-policy-set = {NIST-test-policy-1}. The path should validate successfully. 2. default settings, but with initial-policy-set = {NIST-test-policy-2}. The path should not validate successfully.
- Throws:
java.lang.Exception
-
test4_8_15
public void test4_8_15() throws java.lang.Exception4.8.15 User Notice Qualifier Test15In this test, the path consists of a single certificate. The certificate asserts the policy NIST-testpolicy-1 and includes a user notice policy qualifier.
Display of user notice beyond CertPath API at the moment.
- Throws:
java.lang.Exception
-
test4_8_16
public void test4_8_16() throws java.lang.Exception4.8.16 User Notice Qualifier Test16In this test, the path consists of an intermediate certificate and an end entity certificate. The intermediate certificate asserts the policy NIST-test-policy-1. The end entity certificate asserts both NIST-test-policy-1 and NIST-test-policy-2. Each policy in the end entity certificate has a different user notice qualifier associated with it.
Display of user notice beyond CertPath API at the moment.
- Throws:
java.lang.Exception
-
test4_8_17
public void test4_8_17() throws java.lang.Exception4.8.17 User Notice Qualifier Test17In this test, the path consists of an intermediate certificate and an end entity certificate. The intermediate certificate asserts the policy NIST-test-policy-1. The end entity certificate asserts anyPolicy. There is a user notice policy qualifier associated with anyPolicy in the end entity certificate.
Display of user notice beyond CertPath API at the moment.
- Throws:
java.lang.Exception
-
test4_8_18
public void test4_8_18() throws java.lang.Exception4.8.18 User Notice Qualifier Test18In this test, the intermediate certificate asserts policies NIST-test-policy-1 and NIST-test-policy-2. The end certificate asserts NIST-test-policy-1 and anyPolicy. Each of the policies in the end entity certificate asserts a different user notice policy qualifier. If possible, it is recommended that the certification path in this test be validated using the following inputs: 1. default settings, but with initial-policy-set = {NIST-test-policy-1}. The path should validate successfully and the qualifier associated with NIST-test-policy-1 in the end entity certificate should be displayed. 2. default settings, but with initial-policy-set = {NIST-test-policy-2}. The path should validate successfully and the qualifier associated with anyPolicy in the end entity certificate should be displayed. 45
Display of policy messages beyond CertPath API at the moment.
- Throws:
java.lang.Exception
-
test4_8_19
public void test4_8_19() throws java.lang.Exception4.8.19 User Notice Qualifier Test19In this test, the path consists of a single certificate. The certificate asserts the policy NIST-testpolicy-1 and includes a user notice policy qualifier. The user notice qualifier contains explicit text that is longer than 200 bytes. [RFC 3280 4.2.1.5] Note: While the explicitText has a maximum size of 200 characters, some non-conforming CAs exceed this limit. Therefore, certificate users SHOULD gracefully handle explicitText with more than 200 characters.
- Throws:
java.lang.Exception
-
test4_8_20
public void test4_8_20() throws java.lang.Exception4.8.20 CPS Pointer Qualifier Test20In this test, the path consists of an intermediate certificate and an end entity certificate, both of which assert the policy NIST-test-policy-1. There is a CPS pointer policy qualifier associated with NIST-test-policy-1 in the end entity certificate.
- Throws:
java.lang.Exception
-
test4_9_1
public void test4_9_1() throws java.lang.Exception4.9.1 Valid RequireExplicitPolicy Test1In this test, the first certificate in the path includes a policyConstraints extension with requireExplicitPolicy set to 10. This is followed by three more intermediate certificates and an end entity certificate. The end entity certificate does not include a certificatePolicies extension. 47
- Throws:
java.lang.Exception
-
test4_9_2
public void test4_9_2() throws java.lang.Exception4.9.2 Valid RequireExplicitPolicy Test2In this test, the first certificate in the path includes a policyConstraints extension with requireExplicitPolicy set to 5. This is followed by three more intermediate certificates and an end entity certificate. The end entity certificate does not include a certificatePolicies extension.
- Throws:
java.lang.Exception
-
test4_9_3
public void test4_9_3() throws java.lang.Exception4.9.3 Invalid RequireExplicitPolicy Test3In this test, the first certificate in the path includes a policyConstraints extension with requireExplicitPolicy set to 4. This is followed by three more intermediate certificates and an end entity certificate. The end entity certificate does not include a certificatePolicies extension.
- Throws:
java.lang.Exception
-
test4_9_4
public void test4_9_4() throws java.lang.Exception4.9.4 Valid RequireExplicitPolicy Test4In this test, the first certificate in the path includes a policyConstraints extension with requireExplicitPolicy set to 0. This is followed by three more intermediate certificates and an end entity certificate.
- Throws:
java.lang.Exception
-
test4_9_5
public void test4_9_5() throws java.lang.Exception4.9.5 Invalid RequireExplicitPolicy Test5In this test, the first certificate in the path includes a policyConstraints extension with requireExplicitPolicy set to 7. The second certificate in the path includes a policyConstraints extension with requireExplicitPolicy set to 2. The third certificate in the path includes a policyConstraints extension with requireExplicitPolicy set to 4. This is followed by one more intermediate certificate and an end entity certificate. The end entity certificate does not include a certificatePolicies extension.
- Throws:
java.lang.Exception
-
test4_9_6
public void test4_9_6() throws java.lang.Exception4.9.6 Valid Self-Issued requireExplicitPolicy Test6In this test, the first certificate in the path includes a policyConstraints extension with requireExplicitPolicy set to 2. This is followed by a self-issued intermediate certificate and an end entity certificate. The end entity certificate does not include a certificatePolicies extension.
- Throws:
java.lang.Exception
-
test4_9_7
public void test4_9_7() throws java.lang.Exception4.9.7 Invalid Self-Issued requireExplicitPolicy Test7In this test, the first certificate in the path includes a policyConstraints extension with requireExplicitPolicy set to 2. This is followed by a self-issued intermediate certificate, a nonself-issued intermediate certificate, and an end entity certificate. The end entity certificate does not include a certificatePolicies extension.
- Throws:
java.lang.Exception
-
test4_9_8
public void test4_9_8() throws java.lang.Exception4.9.8 Invalid Self-Issued requireExplicitPolicy Test8In this test, the first certificate in the path includes a policyConstraints extension with requireExplicitPolicy set to 2. This is followed by a self-issued intermediate certificate, a nonself-issued intermediate certificate, a self-issued intermediate certificate, and an end entity certificate. The end entity certificate does not include a certificatePolicies extension. 50
- Throws:
java.lang.Exception
-
test4_10_1
public void test4_10_1() throws java.lang.Exception4.10.1 Valid Policy Mapping Test1In this test, the intermediate certificate asserts NIST-test-policy-1 and maps NIST-test-policy-1 to NIST-test-policy-2. The end entity certificate asserts NIST-test-policy-2. If possible, it is recommended that the certification path in this test be validated using the following inputs: 1. default settings, but with initial-policy-set = {NIST-test-policy-1}. The path should validate successfully. 2. default settings, but with initial-policy-set = {NIST-test-policy-2}. The path should not validate successfully. 3. default settings, but with initial-policy-mapping-inhibit set. The path should not validate successfully.
- Throws:
java.lang.Exception
-
test4_10_2
public void test4_10_2() throws java.lang.Exception4.10.2 Invalid Policy Mapping Test2In this test, the intermediate certificate asserts NIST-test-policy-1 and maps NIST-test-policy-1 to NIST-test-policy-2. The end entity certificate asserts NIST-test-policy-1. If possible, it is recommended that the certification path in this test be validated using the following inputs: 1. default settings. The path should not validate successfully. 2. default settings, but with initial-policy-mapping-inhibit set. The path should not validate successfully.
- Throws:
java.lang.Exception
-
test4_10_3
public void test4_10_3() throws java.lang.Exception4.10.3 Valid Policy Mapping Test3In this test, the path is valid under NIST-test-policy-2 as a result of policy mappings. If possible, it is recommended that the certification path in this test be validated using the following inputs: 1. default settings, but with initial-policy-set = {NIST-test-policy-1}. The path should not validate successfully. 2. default settings, but with initial-policy-set = {NIST-test-policy-2}. The path should validate successfully.
- Throws:
java.lang.Exception
-
test4_10_4
public void test4_10_4() throws java.lang.Exception4.10.4 Invalid Policy Mapping Test4In this test, the policy asserted in the end entity certificate is not in the authorities-constrainedpolicy-set.
- Throws:
java.lang.Exception
-
test4_10_5
public void test4_10_5() throws java.lang.Exception4.10.5 Valid Policy Mapping Test5In this test, the path is valid under NIST-test-policy-1 as a result of policy mappings. If possible, it is recommended that the certification path in this test be validated using the following inputs: 1. default settings, but with initial-policy-set = {NIST-test-policy-1}. The path should validate successfully. 2. default settings, but with initial-policy-set = {NIST-test-policy-6}. The path should not validate successfully.
- Throws:
java.lang.Exception
-
test4_10_6
public void test4_10_6() throws java.lang.Exception4.10.6 Valid Policy Mapping Test6In this test, the path is valid under NIST-test-policy-1 as a result of policy mappings. If possible, it is recommended that the certification path in this test be validated using the following inputs: 1. default settings, but with initial-policy-set = {NIST-test-policy-1}. The path should validate successfully. 2. default settings, but with initial-policy-set = {NIST-test-policy-6}. The path should not validate successfully.
- Throws:
java.lang.Exception
-
test4_10_7
public void test4_10_7() throws java.lang.Exception4.10.7 Invalid Mapping From anyPolicy Test7In this test, the intermediate certificate includes a policyMappings extension that includes a mapping in which the issuerDomainPolicy is anyPolicy. The intermediate certificate also includes a critical policyConstraints extension with requireExplicitPolicy set to 0. [RFC 3280 6.1.4] (a) If a policy mapping extension is present, verify that the special value anyPolicy does not appear as an issuerDomainPolicy or a subjectDomainPolicy.
- Throws:
java.lang.Exception
-
test4_10_8
public void test4_10_8() throws java.lang.Exception4.10.8 Invalid Mapping To anyPolicy Test8In this test, the intermediate certificate includes a policyMappings extension that includes a mapping in which the subjectDomainPolicy is anyPolicy. The intermediate certificate also includes a critical policyConstraints extension with requireExplicitPolicy set to 0. [RFC 3280 6.1.4] (a) If a policy mapping extension is present, verify that the special value anyPolicy does not appear as an issuerDomainPolicy or a subjectDomainPolicy.
- Throws:
java.lang.Exception
-
test4_10_9
public void test4_10_9() throws java.lang.Exception4.10.9 Valid Policy Mapping Test9In this test, the intermediate certificate asserts anyPolicy and maps NIST-test-policy-1 to NISTtest-policy-2. The end entity certificate asserts NIST-test-policy-1. 55
- Throws:
java.lang.Exception
-
test4_10_10
public void test4_10_10() throws java.lang.Exception4.10.10 Invalid Policy Mapping Test10In this test, the first intermediate certificate asserts NIST-test-policy-1. The second intermediate certificate asserts anyPolicy and maps NIST-test-policy-1 to NIST-test-policy-2. The end entity certificate asserts NIST-test-policy-1.
- Throws:
java.lang.Exception
-
test4_10_11
public void test4_10_11() throws java.lang.Exception4.10.11 Valid Policy Mapping Test11In this test, the first intermediate certificate asserts NIST-test-policy-1. The second intermediate certificate asserts anyPolicy and maps NIST-test-policy-1 to NIST-test-policy-2. The end entity certificate asserts NIST-test-policy-2.
- Throws:
java.lang.Exception
-
test4_10_12
public void test4_10_12() throws java.lang.Exception4.10.12 Valid Policy Mapping Test12In this test, the intermediate certificate asserts NIST-test-policy-1 and NIST-test-policy-2 and maps NIST-test-policy-1 to NIST-test-policy-3. The end entity certificate asserts anyPolicy and NIST-test-policy-3, each with a different user notice policy qualifier. If possible, it is recommended that the certification path in this test be validated using the following inputs: 1. default settings, but with initial-policy-set = {NIST-test-policy-1}. The path should validate successfully and the application should display the user notice associated with NIST-test-policy-3 in the end entity certificate. 2. default settings, but with initial-policy-set = {NIST-test-policy-2}. The path should validate successfully and the application should display the user notice associated with anyPolicy in the end entity certificate.
- Throws:
java.lang.Exception
-
test4_10_13
public void test4_10_13() throws java.lang.Exception4.10.13 Valid Policy Mapping Test13In this test, the intermediate certificate asserts NIST-test-policy-1 and anyPolicy and maps NISTtest-policy-1 to NIST-test-policy-2. There is a user notice policy qualifier associated with each of 57 the policies. The end entity certificate asserts NIST-test-policy-2.
- Throws:
java.lang.Exception
-
test4_10_14
public void test4_10_14() throws java.lang.Exception4.10.14 Valid Policy Mapping Test14In this test, the intermediate certificate asserts NIST-test-policy-1 and anyPolicy and maps NISTtest-policy-1 to NIST-test-policy-2. There is a user notice policy qualifier associated with each of the policies. The end entity certificate asserts NIST-test-policy-1.
- Throws:
java.lang.Exception
-
test4_11_1
public void test4_11_1() throws java.lang.Exception4.11.1 Invalid inhibitPolicyMapping Test1In this test, the first intermediate certificate asserts NIST-test-policy-1 and includes a policyConstraints extension with inhibitPolicyMapping set to 0. The second intermediate certificate asserts NIST-test-policy-1 and maps NIST-test-policy-1 to NIST-test-policy-2. The end entity certificate asserts NIST-test-policy-1 and NIST-test-policy-2.
- Throws:
java.lang.Exception
-
test4_11_2
public void test4_11_2() throws java.lang.Exception4.11.2 Valid inhibitPolicyMapping Test2In this test, the first intermediate certificate asserts NIST-test-policy-1 and NIST-test-policy-2 and includes a policyConstraints extension with inhibitPolicyMapping set to 1. The second intermediate certificate asserts NIST-test-policy-1 and NIST-test-policy-2 and maps NIST-testpolicy-1 to NIST-test-policy-3 and NIST-test-policy-2 to NIST-test-policy-4. The end entity certificate asserts NIST-test-policy-3. 59
- Throws:
java.lang.Exception
-
test4_11_3
public void test4_11_3() throws java.lang.Exception4.11.3 Invalid inhibitPolicyMapping Test3In this test, the first intermediate certificate asserts NIST-test-policy-1 and NIST-test-policy-2 and includes a policyConstraints extension with inhibitPolicyMapping set to 1. The second intermediate certificate asserts NIST-test-policy-1 and NIST-test-policy-2 and maps NIST-testpolicy-1 to NIST-test-policy-3 and NIST-test-policy-2 to NIST-test-policy-4. The third intermediate certificate asserts NIST-test-policy-3 and NIST-test-policy-4 and maps NIST-testpolicy-3 to NIST-test-policy-5. The end entity certificate asserts NIST-test-policy-5.
- Throws:
java.lang.Exception
-
test4_11_4
public void test4_11_4() throws java.lang.Exception4.11.4 Valid inhibitPolicyMapping Test4In this test, the first intermediate certificate asserts NIST-test-policy-1 and NIST-test-policy-2 and includes a policyConstraints extension with inhibitPolicyMapping set to 1. The second intermediate certificate asserts NIST-test-policy-1 and NIST-test-policy-2 and maps NIST-testpolicy-1 to NIST-test-policy-3 and NIST-test-policy-2 to NIST-test-policy-4. The third intermediate certificate asserts NIST-test-policy-3 and NIST-test-policy-4 and maps NIST-testpolicy-3 to NIST-test-policy-5. The end entity certificate asserts NIST-test-policy-4. 60
- Throws:
java.lang.Exception
-
test4_11_5
public void test4_11_5() throws java.lang.Exception4.11.5 Invalid inhibitPolicyMapping Test5In this test, the first intermediate certificate asserts NIST-test-policy-1 and includes a policyConstraints extension with inhibitPolicyMapping set to 5. The second intermediate certificate asserts NIST-test-policy-1 and includes a policyConstraints extension with inhibitPolicyMapping set to 1. The third intermediate certificate asserts NIST-test-policy-1. The fourth intermediate certificate asserts NIST-test-policy-1 and maps NIST-test-policy-1 to NISTtest-policy-2. The end entity certificate asserts NIST-test-policy-2.
- Throws:
java.lang.Exception
-
test4_11_6
public void test4_11_6() throws java.lang.Exception4.11.6 Invalid inhibitPolicyMapping Test6In this test, the first intermediate certificate asserts NIST-test-policy-1 and NIST-test-policy-2 and includes a policyConstraints extension with inhibitPolicyMapping set to 1. The second intermediate certificate asserts NIST-test-policy-1 and NIST-test-policy-2 and includes a policyConstraints extension with inhibitPolicyMapping set to 5. The third intermediate certificate asserts NIST-test-policy-1 and NIST-test-policy-2 and maps NIST-test-policy-1 to NIST-test-policy-3. The end entity certificate asserts NIST-test-policy-3. 61
- Throws:
java.lang.Exception
-
test4_11_7
public void test4_11_7() throws java.lang.Exception4.11.7 Valid Self-Issued inhibitPolicyMapping Test7In this test, the first intermediate certificate asserts NIST-test-policy-1 and includes a policyConstraints extension with inhibitPolicyMapping set to 1. The second intermediate certificate is a self-issued certificate that asserts NIST-test-policy-1. The third intermediate certificate asserts NIST-test-policy-1 and maps NIST-test-policy-1 to NIST-test-policy-2. The end entity certificate asserts NIST-test-policy-2.
- Throws:
java.lang.Exception
-
test4_11_8
public void test4_11_8() throws java.lang.Exception4.11.8 Invalid Self-Issued inhibitPolicyMapping Test8In this test, the first intermediate certificate asserts NIST-test-policy-1 and includes a policyConstraints extension with inhibitPolicyMapping set to 1. The second intermediate certificate is a self-issued certificate that asserts NIST-test-policy-1. The third intermediate certificate asserts NIST-test-policy-1 and maps NIST-test-policy-1 to NIST-test-policy-2. The fourth intermediate certificate asserts NIST-test-policy-2 and maps NIST-test-policy-2 to NISTtest-policy-3. The end entity certificate asserts NIST-test-policy-3. 62
- Throws:
java.lang.Exception
-
test4_11_9
public void test4_11_9() throws java.lang.Exception4.11.9 Invalid Self-Issued inhibitPolicyMapping Test9In this test, the first intermediate certificate asserts NIST-test-policy-1 and includes a policyConstraints extension with inhibitPolicyMapping set to 1. The second intermediate certificate is a self-issued certificate that asserts NIST-test-policy-1. The third intermediate certificate asserts NIST-test-policy-1 and maps NIST-test-policy-1 to NIST-test-policy-2. The fourth intermediate certificate asserts NIST-test-policy-2 and maps NIST-test-policy-2 to NISTtest-policy-3. The end entity certificate asserts NIST-test-policy-2.
- Throws:
java.lang.Exception
-
test4_11_10
public void test4_11_10() throws java.lang.Exception4.11.10 Invalid Self-Issued inhibitPolicyMapping Test10In this test, the first intermediate certificate asserts NIST-test-policy-1 and includes a policyConstraints extension with inhibitPolicyMapping set to 1. The second intermediate certificate is a self-issued certificate that asserts NIST-test-policy-1. The third intermediate certificate asserts NIST-test-policy-1 and maps NIST-test-policy-1 to NIST-test-policy-2. The fourth intermediate certificate is a self-issued certificate that asserts NIST-test-policy-2 and maps NIST-test-policy-2 to NIST-test-policy-3. The end entity certificate asserts NIST-test-policy-3. 63
- Throws:
java.lang.Exception
-
test4_11_11
public void test4_11_11() throws java.lang.Exception4.11.11 Invalid Self-Issued inhibitPolicyMapping Test11In this test, the first intermediate certificate asserts NIST-test-policy-1 and includes a policyConstraints extension with inhibitPolicyMapping set to 1. The second intermediate certificate is a self-issued certificate that asserts NIST-test-policy-1. The third intermediate certificate asserts NIST-test-policy-1 and maps NIST-test-policy-1 to NIST-test-policy-2. The fourth intermediate certificate is a self-issued certificate that asserts NIST-test-policy-2 and maps NIST-test-policy-2 to NIST-test-policy-3. The end entity certificate asserts NIST-test-policy-2.
- Throws:
java.lang.Exception
-
test4_12_1
public void test4_12_1() throws java.lang.Exception4.12.1 Invalid inhibitAnyPolicy Test1In this test, the intermediate certificate asserts NIST-test-policy-1 and includes an inhibitAnyPolicy extension set to 0. The end entity certificate asserts anyPolicy.
- Throws:
java.lang.Exception
-
test4_12_2
public void test4_12_2() throws java.lang.Exception4.12.2 Valid inhibitAnyPolicy Test2In this test, the intermediate certificate asserts NIST-test-policy-1 and includes an inhibitAnyPolicy extension set to 0. The end entity certificate asserts anyPolicy and NIST-testpolicy-1.
- Throws:
java.lang.Exception
-
test4_12_3
public void test4_12_3() throws java.lang.Exception4.12.3 inhibitAnyPolicy Test3In this test, the first intermediate certificate asserts NIST-test-policy-1 and includes an inhibitAnyPolicy extension set to 1. The second intermediate certificate asserts anyPolicy. The end entity certificate asserts NIST-test-policy-1. If possible, it is recommended that the certification path in this test be validated using the following inputs: 1. default settings. The path should validate successfully. 2. default settings, but with initial-inhibit-any-policy set. The path should not validate successfully.
- Throws:
java.lang.Exception
-
test4_12_4
public void test4_12_4() throws java.lang.Exception4.12.4 Invalid inhibitAnyPolicy Test4In this test, the first intermediate certificate asserts NIST-test-policy-1 and includes an inhibitAnyPolicy extension set to 1. The second intermediate certificate asserts anyPolicy. The end entity certificate asserts anyPolicy. 66
- Throws:
java.lang.Exception
-
test4_12_5
public void test4_12_5() throws java.lang.Exception4.12.5 Invalid inhibitAnyPolicy Test5In this test, the first intermediate certificate asserts NIST-test-policy-1 and includes an inhibitAnyPolicy extension set to 5. The second intermediate certificate asserts NIST-test-policy1 and includes an inhibitAnyPolicy extension set to 1. The third intermediate certificate asserts NIST-test-policy-1 and the end entity certificate asserts anyPolicy.
- Throws:
java.lang.Exception
-
test4_12_6
public void test4_12_6() throws java.lang.Exception4.12.6 Invalid inhibitAnyPolicy Test6In this test, the first intermediate certificate asserts NIST-test-policy-1 and includes an inhibitAnyPolicy extension set to 1. The second intermediate certificate asserts NIST-test-policy1 and includes an inhibitAnyPolicy extension set to 5. The end entity certificate asserts anyPolicy.
- Throws:
java.lang.Exception
-
test4_12_7
public void test4_12_7() throws java.lang.Exception4.12.7 Valid Self-Issued inhibitAnyPolicy Test7In this test, the first intermediate certificate asserts NIST-test-policy-1 and includes an inhibitAnyPolicy extension set to 1. The second intermediate certificate is a self-issued certificate that asserts NIST-test-policy-1. The third intermediate certificate asserts anyPolicy and the end entity certificate asserts NIST-test-policy-1.
- Throws:
java.lang.Exception
-
test4_12_8
public void test4_12_8() throws java.lang.Exception4.12.8 Invalid Self-Issued inhibitAnyPolicy Test8In this test, the first intermediate certificate asserts NIST-test-policy-1 and includes an inhibitAnyPolicy extension set to 1. The second intermediate certificate is a self-issued certificate that asserts NIST-test-policy-1. The third and fourth intermediate certificates assert anyPolicy and the end entity certificate asserts NIST-test-policy-1. 68
- Throws:
java.lang.Exception
-
test4_12_9
public void test4_12_9() throws java.lang.Exception4.12.9 Valid Self-Issued inhibitAnyPolicy Test9In this test, the first intermediate certificate asserts NIST-test-policy-1 and includes an inhibitAnyPolicy extension set to 1. The second intermediate certificate is a self-issued certificate that asserts NIST-test-policy-1. The third intermediate certificate asserts anyPolicy. The fourth intermediate certificate is a self-issued certificate that asserts anyPolicy. The end entity certificate asserts NIST-test-policy-1.
- Throws:
java.lang.Exception
-
test4_12_10
public void test4_12_10() throws java.lang.Exception4.12.10 Invalid Self-Issued inhibitAnyPolicy Test10In this test, the first intermediate certificate asserts NIST-test-policy-1 and includes an inhibitAnyPolicy extension set to 1. The second intermediate certificate is a self-issued certificate that asserts NIST-test-policy-1. The third intermediate certificate asserts anyPolicy. The end entity certificate is a self-issued CA certificate that asserts anyPolicy.
- Throws:
java.lang.Exception
-
test4_13_1
public void test4_13_1() throws java.lang.Exception4.13.1 Valid DN nameConstraints Test1In this test, the intermediate certificate includes a nameConstraints extension that specifies a single permitted subtree. The end entity certificate includes a subject name that falls within that subtree. 70
- Throws:
java.lang.Exception
-
test4_13_2
public void test4_13_2() throws java.lang.Exception4.13.2 Invalid DN nameConstraints Test2In this test, the intermediate certificate includes a nameConstraints extension that specifies a single permitted subtree. The end entity certificate includes a subject name that falls outside that subtree.
- Throws:
java.lang.Exception
-
test4_13_3
public void test4_13_3() throws java.lang.Exception4.13.3 Invalid DN nameConstraints Test3In this test, the intermediate certificate includes a nameConstraints extension that specifies a single permitted subtree. The end entity certificate includes a subject name that falls within that subtree and a subjectAltName extension with a DN that falls outside the subtree.
- Throws:
java.lang.Exception
-
test4_13_4
public void test4_13_4() throws java.lang.Exception4.13.4 Valid DN nameConstraints Test4In this test, the intermediate certificate includes a nameConstraints extension that specifies a single permitted subtree. The end entity certificate includes a subject name that falls within that subtree and a subjectAltName extension with an e-mail address. 71
- Throws:
java.lang.Exception
-
test4_13_5
public void test4_13_5() throws java.lang.Exception4.13.5 Valid DN nameConstraints Test5In this test, the intermediate certificate includes a nameConstraints extension that specifies two permitted subtrees. The end entity certificate includes a subject name that falls within one of the subtrees and a subjectAltName extension with a DN that falls within the other subtree.
- Throws:
java.lang.Exception
-
test4_13_6
public void test4_13_6() throws java.lang.Exception4.13.6 Valid DN nameConstraints Test6In this test, the intermediate certificate includes a nameConstraints extension that specifies a single excluded subtree. The end entity certificate includes a subject name that falls outside that subtree.
- Throws:
java.lang.Exception
-
test4_13_7
public void test4_13_7() throws java.lang.Exception4.13.7 Invalid DN nameConstraints Test7In this test, the intermediate certificate includes a nameConstraints extension that specifies a single excluded subtree. The end entity certificate includes a subject name that falls within that subtree. 72
- Throws:
java.lang.Exception
-
test4_13_8
public void test4_13_8() throws java.lang.Exception4.13.8 Invalid DN nameConstraints Test8In this test, the intermediate certificate includes a nameConstraints extension that specifies two excluded subtrees. The end entity certificate includes a subject name that falls within the first subtree.
- Throws:
java.lang.Exception
-
test4_13_9
public void test4_13_9() throws java.lang.Exception4.13.9 Invalid DN nameConstraints Test9In this test, the intermediate certificate includes a nameConstraints extension that specifies two excluded subtrees. The end entity certificate includes a subject name that falls within the second subtree.
- Throws:
java.lang.Exception
-
test4_13_10
public void test4_13_10() throws java.lang.Exception4.13.10 Invalid DN nameConstraints Test10In this test, the intermediate certificate includes a nameConstraints extension that specifies a permitted subtree and an excluded subtree. The excluded subtree specifies a subset of the name space specified by the permitted subtree. The end entity certificate includes a subject name that falls within both the permitted and excluded subtrees. 73
- Throws:
java.lang.Exception
-
test4_13_11
public void test4_13_11() throws java.lang.Exception4.13.11 Valid DN nameConstraints Test11In this test, the intermediate certificate includes a nameConstraints extension that specifies a permitted subtree and an excluded subtree. The excluded subtree specifies a subset of the name space specified by the permitted subtree. The end entity certificate includes a subject name that falls within the permitted subtree but falls outside the excluded subtree.
- Throws:
java.lang.Exception
-
test4_13_12
public void test4_13_12() throws java.lang.Exception4.13.12 Invalid DN nameConstraints Test12In this test, the first intermediate certificate includes a nameConstraints extension that specifies a single permitted subtree. The second intermediate certificate includes a subject name that falls within that subtree and a nameConstraints extension that specifies a permitted subtree that is a subtree of the constraint specified in the first intermediate certificate. The end entity certificate includes a subject name that falls within the subtree specified by the first intermediate certificate but outside the subtree specified by the second intermediate certificate.
- Throws:
java.lang.Exception
-
test4_13_13
public void test4_13_13() throws java.lang.Exception4.13.13 Invalid DN nameConstraints Test13In this test, the first intermediate certificate includes a nameConstraints extension that specifies a single permitted subtree. The second intermediate certificate includes a subject name that falls within that subtree and a nameConstraints extension that specifies a permitted subtree that does not overlap with the permitted subtree specified in the first intermediate certificate. The end entity certificate includes a subject name that falls within the subtree specified by the first intermediate certificate.
- Throws:
java.lang.Exception
-
test4_13_14
public void test4_13_14() throws java.lang.Exception4.13.14 Valid DN nameConstraints Test14In this test, the first intermediate certificate includes a nameConstraints extension that specifies a single permitted subtree. The second intermediate certificate includes a subject name that falls within that subtree and a nameConstraints extension that specifies a permitted subtree that does not overlap with the permitted subtree specified in the first intermediate certificate. The end entity certificate has a null subject name (i.e., the subject name is a sequence of zero relative distinguished names) and a critical subjectAltName extension with an e-mail address.
- Throws:
java.lang.Exception
-
test4_13_15
public void test4_13_15() throws java.lang.Exception4.13.15 Invalid DN nameConstraints Test15In this test, the first intermediate certificate includes a nameConstraints extension that specifies a single excluded subtree. The second intermediate certificate has a subject name that falls outside that subtree and includes a nameConstraints extension that specifies an excluded subtree that does not overlap with the subtree specified in the first intermediate certificate. The end entity certificate includes a subject name that falls within the subtree specified in the first intermediate certificate.
- Throws:
java.lang.Exception
-
test4_13_16
public void test4_13_16() throws java.lang.Exception4.13.16 Invalid DN nameConstraints Test16In this test, the first intermediate certificate includes a nameConstraints extension that specifies a single excluded subtree. The second intermediate certificate has a subject name that falls outside that subtree and includes a nameConstraints extension that specifies an excluded subtree that does not overlap with the subtree specified in the first intermediate certificate. The end entity certificate includes a subject name that falls within the subtree specified in the second intermediate certificate.
- Throws:
java.lang.Exception
-
test4_13_17
public void test4_13_17() throws java.lang.Exception4.13.17 Invalid DN nameConstraints Test17In this test, the first intermediate certificate includes a nameConstraints extension that specifies a single excluded subtree. The second intermediate certificate has a subject name that falls outside that subtree and includes a nameConstraints extension that specifies a permitted subtree that is a superset of the subtree specified in the first intermediate certificate. The end entity certificate includes a subject name that falls within the excluded subtree specified in the first intermediate certificate.
- Throws:
java.lang.Exception
-
test4_13_18
public void test4_13_18() throws java.lang.Exception4.13.18 Valid DN nameConstraints Test18In this test, the first intermediate certificate includes a nameConstraints extension that specifies a single excluded subtree. The second intermediate certificate has a subject name that falls outside that subtree and includes a nameConstraints extension that specifies a permitted subtree that is a superset of the subtree specified in the first intermediate certificate. The end entity certificate includes a subject name that falls within the permitted subtree specified in the second intermediate certificate but outside the excluded subtree specified in the first intermediate certificate.
- Throws:
java.lang.Exception
-
test4_13_19
public void test4_13_19() throws java.lang.Exception4.13.19 Valid Self-Issued DN nameConstraints Test19In this test, the first intermediate certificate includes a nameConstraints extension that specifies a single permitted subtree. The second intermediate certificate is a self-issued certificate. The subject name in the self-issued certificate does not fall within the permitted subtree specified in the first intermediate certificate. The end entity certificate includes a subject name that falls within the permitted subtree specified in the first intermediate certificate.
- Throws:
java.lang.Exception
-
test4_13_20
public void test4_13_20() throws java.lang.Exception4.13.20 Invalid Self-Issued DN nameConstraints Test20In this test, the intermediate certificate includes a nameConstraints extension that specifies a single permitted subtree. The end entity certificate is a self-issued certificate. The subject name in the self-issued certificate does not fall within the permitted subtree specified in the intermediate certificate.
- Throws:
java.lang.Exception
-
test4_13_21
public void test4_13_21() throws java.lang.Exception4.13.21 Valid RFC822 nameConstraints Test21� In this test, the intermediate certificate includes a nameConstraints extension that specifies a single permitted subtree. The end entity certificate includes a subjectAltName extension with an e-mail address that falls within that subtree.
- Throws:
java.lang.Exception
-
test4_13_22
public void test4_13_22() throws java.lang.Exception4.13.22 Invalid RFC822 nameConstraints Test22In this test, the intermediate certificate includes a nameConstraints extension that specifies a single permitted subtree. The end entity certificate includes a subjectAltName extension with an e-mail address that falls outside that subtree.
- Throws:
java.lang.Exception
-
test4_13_23
public void test4_13_23() throws java.lang.Exception4.13.23 Valid RFC822 nameConstraints Test23In this test, the intermediate certificate includes a nameConstraints extension that specifies a single permitted subtree. The end entity certificate includes a subjectAltName extension with an e-mail address that falls within that subtree.
- Throws:
java.lang.Exception
-
test4_13_24
public void test4_13_24() throws java.lang.Exception4.13.24 Invalid RFC822 nameConstraints Test24� In this test, the intermediate certificate includes a nameConstraints extension that specifies a single permitted subtree. The end entity certificate includes a subjectAltName extension with an e-mail address that falls outside that subtree.
- Throws:
java.lang.Exception
-
test4_13_25
public void test4_13_25() throws java.lang.Exception4.13.25 Valid RFC822 nameConstraints Test25In this test, the intermediate certificate includes a nameConstraints extension that specifies a single excluded subtree. The end entity certificate includes a subjectAltName extension with an e-mail address that falls outside that subtree.
- Throws:
java.lang.Exception
-
test4_13_26
public void test4_13_26() throws java.lang.Exception4.13.26 Invalid RFC822 nameConstraints Test26In this test, the intermediate certificate includes a nameConstraints extension that specifies a single excluded subtree. The end entity certificate includes a subjectAltName extension with an e-mail address that falls within that subtree.
- Throws:
java.lang.Exception
-
test4_13_27
public void test4_13_27() throws java.lang.Exception4.13.27 Valid DN and RFC822 nameConstraints Test27In this test, the first intermediate certificate includes a nameConstraints extension that specifies a single permitted subtree of type directoryName. The second intermediate certificate includes a subject name that falls within that subtree and a nameConstraints extension that specifies a permitted subtree of type rfc822Name. The end entity certificate includes a subject name that falls within the subtree specified by the first intermediate certificate and an e-mail address that falls within the permitted subtree specified by the second intermediate certificate.
- Throws:
java.lang.Exception
-
test4_13_28
public void test4_13_28() throws java.lang.Exception4.13.28 Invalid DN and RFC822 nameConstraints Test28In this test, the first intermediate certificate includes a nameConstraints extension that specifies a single permitted subtree of type directoryName. The second intermediate certificate includes a subject name that falls within that subtree and a nameConstraints extension that specifies a permitted subtree of type rfc822Name. The end entity certificate includes a subject name that falls within the subtree specified by the first intermediate certificate and an e-mail address that falls outside the permitted subtree specified by the second intermediate certificate.
- Throws:
java.lang.Exception
-
test4_13_29
public void test4_13_29() throws java.lang.Exception4.13.29 Invalid DN and RFC822 nameConstraints Test29In this test, the first intermediate certificate includes a nameConstraints extension that specifies a single permitted subtree of type directoryName. The second intermediate certificate includes a subject name that falls within that subtree and a nameConstraints extension that specifies a permitted subtree of type rfc822Name. The end entity certificate includes a subject name that falls within the subtree specified by the first intermediate certificate but the subject name includes an attribute of type EmailAddress whose value falls outside the permitted subtree specified in the second intermediate certificate.
- Throws:
java.lang.Exception
-
test4_13_30
public void test4_13_30() throws java.lang.Exception4.13.30 Valid DNS nameConstraints Test30In this test, the intermediate certificate includes a nameConstraints extension that specifies a single permitted subtree. The end entity certificate includes a subjectAltName extension with a dNSName that falls within that subtree.
- Throws:
java.lang.Exception
-
test4_13_31
public void test4_13_31() throws java.lang.Exception4.13.31 Invalid DNS nameConstraints Test31In this test, the intermediate certificate includes a nameConstraints extension that specifies a single permitted subtree. The end entity certificate includes a subjectAltName extension with a dNSName that falls outside that subtree.
- Throws:
java.lang.Exception
-
test4_13_32
public void test4_13_32() throws java.lang.Exception4.13.32 Valid DNS nameConstraints Test32In this test, the intermediate certificate includes a nameConstraints extension that specifies a single excluded subtree. The end entity certificate includes a subjectAltName extension with a dNSName that falls outside that subtree.
- Throws:
java.lang.Exception
-
test4_13_33
public void test4_13_33() throws java.lang.Exception4.13.33 Invalid DNS nameConstraints Test33In this test, the intermediate certificate includes a nameConstraints extension that specifies a single excluded subtree. The end entity certificate includes a subjectAltName extension with a dNSName that falls within that subtree.
- Throws:
java.lang.Exception
-
test4_13_34
public void test4_13_34() throws java.lang.Exception4.13.34 Valid URI nameConstraints Test34In this test, the intermediate certificate includes a nameConstraints extension that specifies a single permitted subtree. The end entity certificate includes a subjectAltName extension with a uniformResourceIdentifier that falls within that subtree.
- Throws:
java.lang.Exception
-
test4_13_35
public void test4_13_35() throws java.lang.Exception4.13.35 Invalid URI nameConstraints Test35In this test, the intermediate certificate includes a nameConstraints extension that specifies a single permitted subtree. The end entity certificate includes a subjectAltName extension with a uniformResourceIdentifier that falls outside that subtree.
- Throws:
java.lang.Exception
-
test4_13_36
public void test4_13_36() throws java.lang.Exception4.13.36 Valid URI nameConstraints Test36� In this test, the intermediate certificate includes a nameConstraints extension that specifies a single excluded subtree. The end entity certificate includes a subjectAltName extension with a uniformResourceIdentifier that falls outside that subtree.
- Throws:
java.lang.Exception
-
test4_13_37
public void test4_13_37() throws java.lang.Exception4.13.37 Invalid URI nameConstraints Test37In this test, the intermediate certificate includes a nameConstraints extension that specifies a single excluded subtree. The end entity certificate includes a subjectAltName extension with a uniformResourceIdentifier that falls within that subtree.
- Throws:
java.lang.Exception
-
test4_13_38
public void test4_13_38() throws java.lang.Exception4.13.38 Invalid DNS nameConstraints Test38In this test, the intermediate certificate includes a nameConstraints extension that specifies a single permitted subtree. The end entity certificate includes a subjectAltName extension with a dNSName that falls outside that subtree. The permitted subtree is “testcertificates.gov” and the subjectAltName is “mytestcertificates.gov”.
- Throws:
java.lang.Exception
-
test4_14_1
public void test4_14_1() throws java.lang.Exception4.14.1 Valid distributionPoint Test1In this test, the end entity certificate includes a cRLDistributionPoints extension with a single DistributionPoint consisting of a distributionPoint with a distinguished name. The CRL that covers the end entity certificate includes an issuingDistributionPoint extension with a matching distributionPoint.
- Throws:
java.lang.Exception
-
test4_14_2
public void test4_14_2() throws java.lang.Exception4.14.2 Invalid distributionPoint Test2In this test, the end entity certificate includes a cRLDistributionPoints extension with a single DistributionPoint consisting of a distributionPoint with a distinguished name. The CRL that covers the end entity certificate includes an issuingDistributionPoint extension with a matching distributionPoint. The CRL lists the end entity certificate as being revoked.
- Throws:
java.lang.Exception
-
test4_14_3
public void test4_14_3() throws java.lang.Exception4.14.3 Invalid distributionPoint Test3In this test, the end entity certificate includes a cRLDistributionPoints extension with a single DistributionPoint consisting of a distributionPoint with a distinguished name. The only CRL available from the issuer of the end entity certificate includes an issuingDistributionPoint extension with a distributionPoint that does not match the distributionPoint specified in the end entity certificate.
- Throws:
java.lang.Exception
-
test4_14_4
public void test4_14_4() throws java.lang.Exception4.14.4 Valid distributionPoint Test4In this test, the end entity certificate includes a cRLDistributionPoints extension with a single DistributionPoint consisting of a distributionPoint with a distinguished name. The CRL that covers the end entity certificate includes an issuingDistributionPoint extension with a matching distributionPoint. The distributionPoint in the end entity certificate is specified as a nameRelativeToCRLIssuer while the distributionPoint in the CRL is specified as a fullName.
- Throws:
java.lang.Exception
-
test4_14_5
public void test4_14_5() throws java.lang.Exception4.14.5 Valid distributionPoint Test5In this test, the end entity certificate includes a cRLDistributionPoints extension with a single DistributionPoint consisting of a distributionPoint with a distinguished name. The CRL that covers the end entity certificate includes an issuingDistributionPoint extension with a matching distributionPoint. The distributionPoint in both the end entity certificate and the CRL are specified as a nameRelativeToCRLIssuer. 85
- Throws:
java.lang.Exception
-
test4_14_6
public void test4_14_6() throws java.lang.Exception4.14.6 Invalid distributionPoint Test6In this test, the end entity certificate includes a cRLDistributionPoints extension with a single DistributionPoint consisting of a distributionPoint with a distinguished name. The CRL that covers the end entity certificate includes an issuingDistributionPoint extension with a matching distributionPoint. The distributionPoint in both the end entity certificate and the CRL are specified as a nameRelativeToCRLIssuer. The CRL lists the end entity certificate as being revoked.
- Throws:
java.lang.Exception
-
test4_14_7
public void test4_14_7() throws java.lang.Exception4.14.7 Valid distributionPoint Test7In this test, the end entity certificate includes a cRLDistributionPoints extension with a single DistributionPoint consisting of a distributionPoint with a distinguished name. The CRL that covers the end entity certificate includes an issuingDistributionPoint extension with a matching distributionPoint. The distributionPoint in the CRL is specified as a nameRelativeToCRLIssuer and the distributionPoint in the end entity certificate is specified as a fullName.
- Throws:
java.lang.Exception
-
test4_14_8
public void test4_14_8() throws java.lang.Exception4.14.8 Invalid distributionPoint Test8In this test, the end entity certificate includes a cRLDistributionPoints extension with a single DistributionPoint consisting of a distributionPoint with a distinguished name. The CRL that covers the end entity certificate includes an issuingDistributionPoint extension with a distributionPoint that does not match. The distributionPoint in the CRL is specified as a nameRelativeToCRLIssuer and the distributionPoint in the end entity certificate is specified as a fullName.
- Throws:
java.lang.Exception
-
test4_14_9
public void test4_14_9() throws java.lang.Exception4.14.9 Invalid distributionPoint Test9In this test, the CRL that covers the end entity certificate includes an issuingDistributionPoint extension with a distributionPoint. The distributionPoint does not match the CRL issuer's name. The end entity certificate does not include a cRLDistributionPoints extension
- Throws:
java.lang.Exception
-
test4_14_10
public void test4_14_10() throws java.lang.Exception4.14.10 Valid No issuingDistributionPoint Test10In this test, the CRL that covers the end entity certificate does not include an issuingDistributionPoint extension. The end entity certificate includes a cRLDistributionPoints extension with a distributionPoint name.
- Throws:
java.lang.Exception
-
test4_14_11
public void test4_14_11() throws java.lang.Exception4.14.11 Invalid onlyContainsUserCerts CRL Test11In this test, the only CRL issued by the intermediate CA includes an issuingDistributionPoint extension with onlyContainsUserCerts set to TRUE. The final certificate in the path is a CA certificate.
- Throws:
java.lang.Exception
-
test4_14_12
public void test4_14_12() throws java.lang.Exception4.14.12 Invalid onlyContainsCACerts CRL Test12In this test, the only CRL issued by the intermediate CA includes an issuingDistributionPoint extension with onlyContainsCACerts set to TRUE.
- Throws:
java.lang.Exception
-
test4_14_13
public void test4_14_13() throws java.lang.Exception4.14.13 Valid onlyContainsCACerts CRL Test13In this test, the only CRL issued by the intermediate CA includes an issuingDistributionPoint extension with onlyContainsCACerts set to TRUE. The final certificate in the path is a CA certificate.
- Throws:
java.lang.Exception
-
test4_14_14
public void test4_14_14() throws java.lang.Exception4.14.14 Invalid onlyContainsAttributeCerts Test14In this test, the only CRL issued by the intermediate CA includes an issuingDistributionPoint extension with onlyContainsAttributeCerts set to TRUE.
- Throws:
java.lang.Exception
-
test4_14_15
public void test4_14_15() throws java.lang.Exception4.14.15 Invalid onlySomeReasons Test15In this test, the intermediate certificate has issued two CRLs, one covering the keyCompromise and cACompromise reason codes and the other covering the remaining reason codes. The end entity certificate has been revoked for key compromise.
- Throws:
java.lang.Exception
-
test4_14_16
public void test4_14_16() throws java.lang.Exception4.14.16 Invalid onlySomeReasons Test16In this test, the intermediate certificate has issued two CRLs, one covering the keyCompromise and cACompromise reason codes and the other covering the remaining reason codes. The end entity certificate has been placed on hold.
- Throws:
java.lang.Exception
-
test4_14_17
public void test4_14_17() throws java.lang.Exception4.14.17 Invalid onlySomeReasons Test17In this test, the intermediate certificate has issued two CRLs, one covering the affiliationChanged and superseded reason codes and the other covering the cessationOfOperation and certificateHold reason codes. The end entity certificate is not listed on either CRL.
- Throws:
java.lang.Exception
-
test4_14_18
public void test4_14_18() throws java.lang.Exception4.14.18 Valid onlySomeReasons Test18In this test, the intermediate certificate has issued two CRLs, one covering the keyCompromise and cACompromise reason codes and the other covering the remaining reason codes. Both CRLs include an issuingDistributionPoint extension with the same distributionPoint name. The end entity certificate includes a cRLDistributionPoints extension with the same distributionPoint name.
- Throws:
java.lang.Exception
-
test4_14_19
public void test4_14_19() throws java.lang.Exception4.14.19 Valid onlySomeReasons Test19In this test, the intermediate certificate has issued two CRLs, one covering the keyCompromise and cACompromise reason codes and the other covering the remaining reason codes. Both CRLs include an issuingDistributionPoint extension with a different distributionPoint name. The end entity certificate includes a cRLDistributionPoints extension with two DistributionPoints, one for each CRL.
- Throws:
java.lang.Exception
-
test4_14_20
public void test4_14_20() throws java.lang.Exception4.14.20 Invalid onlySomeReasons Test20In this test, the intermediate certificate has issued two CRLs, one covering the keyCompromise and cACompromise reason codes and the other covering the remaining reason codes. Both CRLs include an issuingDistributionPoint extension with a different distributionPoint name. The end entity certificate includes a cRLDistributionPoints extension with two DistributionPoints, one for each CRL. The end entity certificate has been revoked for key compromise.
- Throws:
java.lang.Exception
-
test4_14_21
public void test4_14_21() throws java.lang.Exception4.14.21 Invalid onlySomeReasons Test21In this test, the intermediate certificate has issued two CRLs, one covering the keyCompromise and cACompromise reason codes and the other covering the remaining reason codes. Both CRLs include an issuingDistributionPoint extension with a different distributionPoint name. The end entity certificate includes a cRLDistributionPoints extension with two DistributionPoints, one for each CRL. The end entity certificate has been revoked as a result of a change in affiliation.
- Throws:
java.lang.Exception
-
test4_14_22
public void test4_14_22() throws java.lang.Exception4.14.22 Valid IDP with indirectCRL Test22In this test, the intermediate CA has issued a CRL that contains an issuingDistributionPoint extension with the indirectCRL flag set. The end entity certificate was issued by the intermediate CA. 91
- Throws:
java.lang.Exception
-
test4_14_23
public void test4_14_23() throws java.lang.Exception4.14.23 Invalid IDP with indirectCRL Test23In this test, the intermediate CA has issued a CRL that contains an issuingDistributionPoint extension with the indirectCRL flag set. The end entity certificate was issued by the intermediate CA and is listed as revoked on the CRL.
- Throws:
java.lang.Exception
-
xtest4_14_24
public void xtest4_14_24() throws java.lang.Exception4.14.24 Valid IDP with indirectCRL Test24In this test, the end entity certificate includes a cRLDistributionPoints extension with a cRLIssuer field indicating that the CRL is issued by an entity other than the certificate issuer. The public key needed to validate the indirect CRL is in a certificate issued by the Trust Anchor.
- Throws:
java.lang.Exception
-
xtest4_14_25
public void xtest4_14_25() throws java.lang.Exception4.14.25 Valid IDP with indirectCRL Test25In this test, the end entity certificate includes a cRLDistributionPoints extension with a cRLIssuer field indicating that the CRL is issued by an entity other than the certificate issuer. The public key needed to validate the indirect CRL is in a certificate issued by the Trust Anchor. The end entity's serial number is listed on the CRL, but there is no certificateIssuer CRL entry extension, indicating that the revoked certificate was one issued by the CRL issuer. 92
- Throws:
java.lang.Exception
-
xtest4_14_26
public void xtest4_14_26() throws java.lang.Exception4.14.26 Invalid IDP with indirectCRL Test26In this test, the end entity certificate includes a cRLDistributionPoints extension with a cRLIssuer field indicating that the CRL is issued by an entity other than the certificate issuer. The entity specified in the cRLIssuer field does not exist.
- Throws:
java.lang.Exception
-
xtest4_14_27
public void xtest4_14_27() throws java.lang.Exception4.14.27 Invalid cRLIssuer Test27In this test, the end entity certificate includes a cRLDistributionPoints extension with a cRLIssuer field indicating that the CRL is issued by an entity other than the certificate issuer. The CRL issued by the entity specified in the cRLIssuer field does not include an issuingDistributionPoint extension.
- Throws:
java.lang.Exception
-
xtest4_14_28
public void xtest4_14_28() throws java.lang.Exception4.14.28 Valid cRLIssuer Test28In this test, the end entity certificate includes a cRLDistributionPoints extension with a
cRLIssuer field indicating that the CRL is issued by an entity other than the certificate issuer. The indirect CRL issuer has been issued a certificate by the issuer of the end entity certificate. The certificate issued to the CRL issuer is covered by a CRL issued by the issuer of the end entity certificate.
- Throws:
java.lang.Exception
-
xtest4_14_29
public void xtest4_14_29() throws java.lang.Exception4.14.29 Valid cRLIssuer Test29In this test, the end entity certificate includes a cRLDistributionPoints extension with a cRLIssuer field indicating that the CRL is issued by an entity other than the certificate issuer. The distributionPoint in the end entity certificate is specified as nameRelativeToCRLIssuer. The indirect CRL issuer has been issued a certificate by the issuer of the end entity certificate. The certificate issued to the CRL issuer is covered by a CRL issued by the issuer of the end entity certificate.
- Throws:
java.lang.Exception
-
xtest4_14_30
public void xtest4_14_30() throws java.lang.Exception4.14.30 Valid cRLIssuer Test30In this test, the end entity certificate includes a cRLDistributionPoints extension with a cRLIssuer field indicating that the CRL is issued by an entity other than the certificate issuer. The indirect CRL issuer has been issued a certificate by the issuer of the end entity certificate. Both the end entity certificate and the certificate issued to the CRL issuer are covered by the indirect CRL issued by the CRL issuer.
- Throws:
java.lang.Exception
-
xtest4_14_31
public void xtest4_14_31() throws java.lang.Exception4.14.31 Invalid cRLIssuer Test31In this test, the end entity certificate includes a cRLDistributionPoints extension with a cRLIssuer field indicating that the CRL is issued by an entity other than the certificate issuer. The indirect CRL contains a CRL entry listing the end entity certificate's serial number that includes a certificateIssuer extension specifying the end entity certificate's issuer.
- Throws:
java.lang.Exception
-
xtest4_14_32
public void xtest4_14_32() throws java.lang.Exception4.14.32 Invalid cRLIssuer Test32In this test, the end entity certificate includes a cRLDistributionPoints extension with a cRLIssuer field indicating that the CRL is issued by an entity other than the certificate issuer. The indirect CRL contains a CRL entry listing the end entity certificate's serial number and the preceding CRL entry includes a certificateIssuer extension specifying the end entity certificate's issuer.
- Throws:
java.lang.Exception
-
xtest4_14_33
public void xtest4_14_33() throws java.lang.Exception4.14.33 Valid cRLIssuer Test33In this test, the end entity certificate includes a cRLDistributionPoints extension with a cRLIssuer field indicating that the CRL is issued by an entity other than the certificate issuer. The indirect CRL contains a CRL entry listing the end entity certificate's serial number, but the most recent CRL entry to include a certificateIssuer extension specified a different certificate issuer.
- Throws:
java.lang.Exception
-
test4_14_34
public void test4_14_34() throws java.lang.Exception4.14.34 Invalid cRLIssuer Test34In this test, the end entity certificate is issued by the same CA that issues the corresponding CRL, but the CRL is also an indirect CRL for other CAs. The end entity certificate's serial number is listed on the CRL and the most recent CRL entry to include a certificateIssuer extension specifies the end entity certificate's issuer.
- Throws:
java.lang.Exception
-
test4_14_35
public void test4_14_35() throws java.lang.Exception4.14.35 Invalid cRLIssuer Test35In this test, the end entity certificate includes a cRLDistributionPoints extension with both a distributionPoint name and a cRLIssuer field indicating that the CRL is issued by an entity other than the certificate issuer. There is no CRL available from the entity specified in cRLIssuer, but the certificate issuer has issued a CRL with an issuingDistributionPoint extension that includes a distributionPoint that matches the distributionPoint in the certificate.
- Throws:
java.lang.Exception
-
test4_15_1
public void test4_15_1() throws java.lang.Exception4.15.1 Invalid deltaCRLIndicator No Base Test1In this test, the CRL covering the end entity certificate includes a deltaCRLIndicator extension, but no other CRLs are available for the intermediate certificate.
- Throws:
java.lang.Exception
-
test4_15_2
public void test4_15_2() throws java.lang.Exception4.15.2 Valid delta-CRL Test2In this test, the intermediate CA has issued a complete CRL and a delta-CRL. The delta-CRL refers to the complete CRL as its base CRL.
- Throws:
java.lang.Exception
-
test4_15_3
public void test4_15_3() throws java.lang.Exception4.15.3 Invalid delta-CRL Test3In this test, the intermediate CA has issued a complete CRL and a delta-CRL. The delta-CRL refers to the complete CRL as its base CRL. The end entity certificate is listed as revoked on the complete CRL. 97
- Throws:
java.lang.Exception
-
test4_15_4
public void test4_15_4() throws java.lang.Exception4.15.4 Invalid delta-CRL Test4In this test, the intermediate CA has issued a complete CRL and a delta-CRL. The delta-CRL refers to the complete CRL as its base CRL. The end entity certificate is listed as revoked on the delta-CRL.
- Throws:
java.lang.Exception
-
test4_15_5
public void test4_15_5() throws java.lang.Exception4.15.5 Valid delta-CRL Test5In this test, the intermediate CA has issued a complete CRL and a delta-CRL. The delta-CRL refers to the complete CRL as its base CRL. The end entity certificate is listed as on hold on the complete CRL, but the delta-CRL indicates that it should be removed from the CRL.
- Throws:
java.lang.Exception
-
test4_15_6
public void test4_15_6() throws java.lang.Exception4.15.6 Invalid delta-CRL Test6In this test, the intermediate CA has issued a complete CRL and a delta-CRL. The delta-CRL refers to the complete CRL as its base CRL. The end entity certificate is listed as on hold on the complete CRL and the delta-CRL indicates that it has been revoked.
- Throws:
java.lang.Exception
-
test4_15_7
public void test4_15_7() throws java.lang.Exception4.15.7 Valid delta-CRL Test7In this test, the intermediate CA has issued a complete CRL and a delta-CRL. The delta-CRL refers to the complete CRL as its base CRL. The end entity certificate is not listed on the complete CRL and is listed on the delta-CRL as removeFromCRL.
- Throws:
java.lang.Exception
-
test4_15_8
public void test4_15_8() throws java.lang.Exception4.15.8 Valid delta-CRL Test8In this test, the intermediate CA has issued a complete CRL and a delta-CRL. The delta-CRL refers to a CRL that was issued earlier than the complete CRL as its base CRL. The end entity certificate is not listed on either the complete CRL or the delta-CRL.
- Throws:
java.lang.Exception
-
test4_15_9
public void test4_15_9() throws java.lang.Exception4.15.9 Invalid delta-CRL Test9In this test, the intermediate CA has issued a complete CRL and a delta-CRL. The delta-CRL refers to a CRL that was issued earlier than the complete CRL as its base CRL. The end entity certificate is listed as revoked on both the complete CRL and the delta-CRL.
- Throws:
java.lang.Exception
-
test4_15_10
public void test4_15_10() throws java.lang.Exception4.15.10 Invalid delta-CRL Test10In this test, the intermediate CA has issued a complete CRL and a delta-CRL. The delta-CRL refers to a CRL that was issued later than the complete CRL as its base CRL. The end entity certificate is not listed as revoked on either the complete CRL or the delta-CRL, but the delta-CRL can not be used in conjunction with the provided complete CRL. The complete CRL has a nextUpdate time that is in the past.
- Throws:
java.lang.Exception
-
test4_16_1
public void test4_16_1() throws java.lang.Exception4.16.1 Valid Unknown Not Critical Certificate Extension Test1In this test, the end entity certificate contains a private, non-critical certificate extension.
- Throws:
java.lang.Exception
-
test4_16_2
public void test4_16_2() throws java.lang.Exception4.16.2 Invalid Unknown Critical Certificate Extension Test2In this test, the end entity certificate contains a private, critical certificate extension.
- Throws:
java.lang.Exception
-
-