java.security.cert.X509CertSelector#setSubject()源码实例Demo

下面列出了java.security.cert.X509CertSelector#setSubject() 实例代码,或者点击链接到github查看源代码,也可以在右侧发表评论。

@Test
public void testValidateNist() throws Exception
{
    System.out.println("validateNist");

    FileSystemDirectoryCertStore certStore = new FileSystemDirectoryCertStore("./src/test/cert/csrc.nist");
    KeyStore ks = KeyStore.getInstance("jks");
    FileInputStream fis = new FileInputStream("./src/test/cert/csrc.nist/trustAnchor");
    ks.load(fis, "password".toCharArray());
    fis.close();

    X509CertSelector certSelector = new X509CertSelector();
    certSelector.setSubject(new X500Principal("CN = User1-CP.02.01,OU = Testing,OU = DoD,O = U.S. Government,C = US"));
    Collection<X509Certificate> otherCerts = Collections.emptyList();

    PKIXCertificateValidationProvider instance = new PKIXCertificateValidationProvider(ks, true, certStore.getStore());
    ValidationData result = instance.validate(certSelector, new Date(), otherCerts);
    assertEquals(result.getCerts().size(), 4);
    assertEquals(result.getCrls().size(), 3);
}
 
@Test
public void testValidateMy() throws Exception
{
    System.out.println("validateMy");

    FileSystemDirectoryCertStore certStore = new FileSystemDirectoryCertStore("./src/test/cert/my");
    KeyStore ks = KeyStore.getInstance("jks");
    FileInputStream fis = new FileInputStream("./src/test/cert/my/myStore");
    ks.load(fis, "mystorepass".toCharArray());
    fis.close();

    X509CertSelector certSelector = new X509CertSelector();
    certSelector.setSubject(new X500Principal("CN = Luis Goncalves,OU = CC,O = ISEL,C = PT"));
    Collection<X509Certificate> otherCerts = Collections.emptyList();

    PKIXCertificateValidationProvider instance = new PKIXCertificateValidationProvider(ks, false, certStore.getStore());
    ValidationData result = instance.validate(certSelector, new Date(), otherCerts);
    assertEquals(result.getCerts().size(), 3);
}
 
源代码3 项目: dragonwell8_jdk   文件: X509CertSelectorTest.java
private void testSubject() throws IOException {
    System.out.println("X.509 Certificate Match on subject");
    // bad match
    X509CertSelector selector = new X509CertSelector();
    selector.setSubject("ou=bogus,ou=east,o=sun,c=us");
    checkMatch(selector, cert, false);

    // good match
    selector.setSubject(cert.getSubjectX500Principal().getName("RFC2253"));
    checkMatch(selector, cert, true);
}
 
源代码4 项目: TencentKona-8   文件: NoExtensions.java
private void doBuild(X509Certificate userCert) throws Exception {
        // get the set of trusted CA certificates (only one in this instance)
        HashSet trustAnchors = new HashSet();
        X509Certificate trustedCert = getTrustedCertificate();
        trustAnchors.add(new TrustAnchor(trustedCert, null));

        // put together a CertStore (repository of the certificates and CRLs)
        ArrayList certs = new ArrayList();
        certs.add(trustedCert);
        certs.add(userCert);
        CollectionCertStoreParameters certStoreParams = new CollectionCertStoreParameters(certs);
        CertStore certStore = CertStore.getInstance("Collection", certStoreParams);

        // specify the target certificate via a CertSelector
        X509CertSelector certSelector = new X509CertSelector();
        certSelector.setCertificate(userCert);
        certSelector.setSubject(userCert.getSubjectDN().getName()); // seems to be required

        // build a valid cerificate path
        CertPathBuilder certPathBuilder = CertPathBuilder.getInstance("PKIX", "SUN");
        PKIXBuilderParameters certPathBuilderParams = new PKIXBuilderParameters(trustAnchors, certSelector);
        certPathBuilderParams.addCertStore(certStore);
        certPathBuilderParams.setRevocationEnabled(false);
        CertPathBuilderResult result = certPathBuilder.build(certPathBuilderParams);

        // get and show cert path
        CertPath certPath = result.getCertPath();
//        System.out.println(certPath.toString());
    }
 
源代码5 项目: openjdk-jdk8u   文件: NoExtensions.java
private void doBuild(X509Certificate userCert) throws Exception {
        // get the set of trusted CA certificates (only one in this instance)
        HashSet trustAnchors = new HashSet();
        X509Certificate trustedCert = getTrustedCertificate();
        trustAnchors.add(new TrustAnchor(trustedCert, null));

        // put together a CertStore (repository of the certificates and CRLs)
        ArrayList certs = new ArrayList();
        certs.add(trustedCert);
        certs.add(userCert);
        CollectionCertStoreParameters certStoreParams = new CollectionCertStoreParameters(certs);
        CertStore certStore = CertStore.getInstance("Collection", certStoreParams);

        // specify the target certificate via a CertSelector
        X509CertSelector certSelector = new X509CertSelector();
        certSelector.setCertificate(userCert);
        certSelector.setSubject(userCert.getSubjectDN().getName()); // seems to be required

        // build a valid cerificate path
        CertPathBuilder certPathBuilder = CertPathBuilder.getInstance("PKIX", "SUN");
        PKIXBuilderParameters certPathBuilderParams = new PKIXBuilderParameters(trustAnchors, certSelector);
        certPathBuilderParams.addCertStore(certStore);
        certPathBuilderParams.setRevocationEnabled(false);
        CertPathBuilderResult result = certPathBuilder.build(certPathBuilderParams);

        // get and show cert path
        CertPath certPath = result.getCertPath();
//        System.out.println(certPath.toString());
    }
 
源代码6 项目: jdk8u-dev-jdk   文件: NoExtensions.java
private void doBuild(X509Certificate userCert) throws Exception {
        // get the set of trusted CA certificates (only one in this instance)
        HashSet trustAnchors = new HashSet();
        X509Certificate trustedCert = getTrustedCertificate();
        trustAnchors.add(new TrustAnchor(trustedCert, null));

        // put together a CertStore (repository of the certificates and CRLs)
        ArrayList certs = new ArrayList();
        certs.add(trustedCert);
        certs.add(userCert);
        CollectionCertStoreParameters certStoreParams = new CollectionCertStoreParameters(certs);
        CertStore certStore = CertStore.getInstance("Collection", certStoreParams);

        // specify the target certificate via a CertSelector
        X509CertSelector certSelector = new X509CertSelector();
        certSelector.setCertificate(userCert);
        certSelector.setSubject(userCert.getSubjectDN().getName()); // seems to be required

        // build a valid cerificate path
        CertPathBuilder certPathBuilder = CertPathBuilder.getInstance("PKIX", "SUN");
        PKIXBuilderParameters certPathBuilderParams = new PKIXBuilderParameters(trustAnchors, certSelector);
        certPathBuilderParams.addCertStore(certStore);
        certPathBuilderParams.setRevocationEnabled(false);
        CertPathBuilderResult result = certPathBuilder.build(certPathBuilderParams);

        // get and show cert path
        CertPath certPath = result.getCertPath();
//        System.out.println(certPath.toString());
    }
 
源代码7 项目: openjdk-jdk8u-backup   文件: NoExtensions.java
private void doBuild(X509Certificate userCert) throws Exception {
        // get the set of trusted CA certificates (only one in this instance)
        HashSet trustAnchors = new HashSet();
        X509Certificate trustedCert = getTrustedCertificate();
        trustAnchors.add(new TrustAnchor(trustedCert, null));

        // put together a CertStore (repository of the certificates and CRLs)
        ArrayList certs = new ArrayList();
        certs.add(trustedCert);
        certs.add(userCert);
        CollectionCertStoreParameters certStoreParams = new CollectionCertStoreParameters(certs);
        CertStore certStore = CertStore.getInstance("Collection", certStoreParams);

        // specify the target certificate via a CertSelector
        X509CertSelector certSelector = new X509CertSelector();
        certSelector.setCertificate(userCert);
        certSelector.setSubject(userCert.getSubjectDN().getName()); // seems to be required

        // build a valid cerificate path
        CertPathBuilder certPathBuilder = CertPathBuilder.getInstance("PKIX", "SUN");
        PKIXBuilderParameters certPathBuilderParams = new PKIXBuilderParameters(trustAnchors, certSelector);
        certPathBuilderParams.addCertStore(certStore);
        certPathBuilderParams.setRevocationEnabled(false);
        CertPathBuilderResult result = certPathBuilder.build(certPathBuilderParams);

        // get and show cert path
        CertPath certPath = result.getCertPath();
//        System.out.println(certPath.toString());
    }
 
源代码8 项目: jdk8u-jdk   文件: NoExtensions.java
private void doBuild(X509Certificate userCert) throws Exception {
        // get the set of trusted CA certificates (only one in this instance)
        HashSet trustAnchors = new HashSet();
        X509Certificate trustedCert = getTrustedCertificate();
        trustAnchors.add(new TrustAnchor(trustedCert, null));

        // put together a CertStore (repository of the certificates and CRLs)
        ArrayList certs = new ArrayList();
        certs.add(trustedCert);
        certs.add(userCert);
        CollectionCertStoreParameters certStoreParams = new CollectionCertStoreParameters(certs);
        CertStore certStore = CertStore.getInstance("Collection", certStoreParams);

        // specify the target certificate via a CertSelector
        X509CertSelector certSelector = new X509CertSelector();
        certSelector.setCertificate(userCert);
        certSelector.setSubject(userCert.getSubjectDN().getName()); // seems to be required

        // build a valid cerificate path
        CertPathBuilder certPathBuilder = CertPathBuilder.getInstance("PKIX", "SUN");
        PKIXBuilderParameters certPathBuilderParams = new PKIXBuilderParameters(trustAnchors, certSelector);
        certPathBuilderParams.addCertStore(certStore);
        certPathBuilderParams.setRevocationEnabled(false);
        CertPathBuilderResult result = certPathBuilder.build(certPathBuilderParams);

        // get and show cert path
        CertPath certPath = result.getCertPath();
//        System.out.println(certPath.toString());
    }
 
源代码9 项目: openjdk-jdk9   文件: NoExtensions.java
private void doBuild(X509Certificate userCert) throws Exception {
        // get the set of trusted CA certificates (only one in this instance)
        HashSet trustAnchors = new HashSet();
        X509Certificate trustedCert = getTrustedCertificate();
        trustAnchors.add(new TrustAnchor(trustedCert, null));

        // put together a CertStore (repository of the certificates and CRLs)
        ArrayList certs = new ArrayList();
        certs.add(trustedCert);
        certs.add(userCert);
        CollectionCertStoreParameters certStoreParams = new CollectionCertStoreParameters(certs);
        CertStore certStore = CertStore.getInstance("Collection", certStoreParams);

        // specify the target certificate via a CertSelector
        X509CertSelector certSelector = new X509CertSelector();
        certSelector.setCertificate(userCert);
        certSelector.setSubject(userCert.getSubjectDN().getName()); // seems to be required

        // build a valid cerificate path
        CertPathBuilder certPathBuilder = CertPathBuilder.getInstance("PKIX", "SUN");
        PKIXBuilderParameters certPathBuilderParams = new PKIXBuilderParameters(trustAnchors, certSelector);
        certPathBuilderParams.addCertStore(certStore);
        certPathBuilderParams.setRevocationEnabled(false);
        CertPathBuilderResult result = certPathBuilder.build(certPathBuilderParams);

        // get and show cert path
        CertPath certPath = result.getCertPath();
//        System.out.println(certPath.toString());
    }
 
源代码10 项目: openjdk-jdk9   文件: X509CertSelectorTest.java
private void testSubject() throws IOException {
    System.out.println("X.509 Certificate Match on subject");
    // bad match
    X509CertSelector selector = new X509CertSelector();
    selector.setSubject("ou=bogus,ou=east,o=sun,c=us");
    checkMatch(selector, cert, false);

    // good match
    selector.setSubject(cert.getSubjectX500Principal().getName("RFC2253"));
    checkMatch(selector, cert, true);
}
 
源代码11 项目: jdk8u-jdk   文件: NoExtensions.java
private void doBuild(X509Certificate userCert) throws Exception {
        // get the set of trusted CA certificates (only one in this instance)
        HashSet trustAnchors = new HashSet();
        X509Certificate trustedCert = getTrustedCertificate();
        trustAnchors.add(new TrustAnchor(trustedCert, null));

        // put together a CertStore (repository of the certificates and CRLs)
        ArrayList certs = new ArrayList();
        certs.add(trustedCert);
        certs.add(userCert);
        CollectionCertStoreParameters certStoreParams = new CollectionCertStoreParameters(certs);
        CertStore certStore = CertStore.getInstance("Collection", certStoreParams);

        // specify the target certificate via a CertSelector
        X509CertSelector certSelector = new X509CertSelector();
        certSelector.setCertificate(userCert);
        certSelector.setSubject(userCert.getSubjectDN().getName()); // seems to be required

        // build a valid cerificate path
        CertPathBuilder certPathBuilder = CertPathBuilder.getInstance("PKIX", "SUN");
        PKIXBuilderParameters certPathBuilderParams = new PKIXBuilderParameters(trustAnchors, certSelector);
        certPathBuilderParams.addCertStore(certStore);
        certPathBuilderParams.setRevocationEnabled(false);
        CertPathBuilderResult result = certPathBuilder.build(certPathBuilderParams);

        // get and show cert path
        CertPath certPath = result.getCertPath();
//        System.out.println(certPath.toString());
    }
 
源代码12 项目: jdk8u-jdk   文件: X509CertSelectorTest.java
private void testSubject() throws IOException {
    System.out.println("X.509 Certificate Match on subject");
    // bad match
    X509CertSelector selector = new X509CertSelector();
    selector.setSubject("ou=bogus,ou=east,o=sun,c=us");
    checkMatch(selector, cert, false);

    // good match
    selector.setSubject(cert.getSubjectX500Principal().getName("RFC2253"));
    checkMatch(selector, cert, true);
}
 
源代码13 项目: hottub   文件: NoExtensions.java
private void doBuild(X509Certificate userCert) throws Exception {
        // get the set of trusted CA certificates (only one in this instance)
        HashSet trustAnchors = new HashSet();
        X509Certificate trustedCert = getTrustedCertificate();
        trustAnchors.add(new TrustAnchor(trustedCert, null));

        // put together a CertStore (repository of the certificates and CRLs)
        ArrayList certs = new ArrayList();
        certs.add(trustedCert);
        certs.add(userCert);
        CollectionCertStoreParameters certStoreParams = new CollectionCertStoreParameters(certs);
        CertStore certStore = CertStore.getInstance("Collection", certStoreParams);

        // specify the target certificate via a CertSelector
        X509CertSelector certSelector = new X509CertSelector();
        certSelector.setCertificate(userCert);
        certSelector.setSubject(userCert.getSubjectDN().getName()); // seems to be required

        // build a valid cerificate path
        CertPathBuilder certPathBuilder = CertPathBuilder.getInstance("PKIX", "SUN");
        PKIXBuilderParameters certPathBuilderParams = new PKIXBuilderParameters(trustAnchors, certSelector);
        certPathBuilderParams.addCertStore(certStore);
        certPathBuilderParams.setRevocationEnabled(false);
        CertPathBuilderResult result = certPathBuilder.build(certPathBuilderParams);

        // get and show cert path
        CertPath certPath = result.getCertPath();
//        System.out.println(certPath.toString());
    }
 
源代码14 项目: openjdk-8-source   文件: NoExtensions.java
private void doBuild(X509Certificate userCert) throws Exception {
        // get the set of trusted CA certificates (only one in this instance)
        HashSet trustAnchors = new HashSet();
        X509Certificate trustedCert = getTrustedCertificate();
        trustAnchors.add(new TrustAnchor(trustedCert, null));

        // put together a CertStore (repository of the certificates and CRLs)
        ArrayList certs = new ArrayList();
        certs.add(trustedCert);
        certs.add(userCert);
        CollectionCertStoreParameters certStoreParams = new CollectionCertStoreParameters(certs);
        CertStore certStore = CertStore.getInstance("Collection", certStoreParams);

        // specify the target certificate via a CertSelector
        X509CertSelector certSelector = new X509CertSelector();
        certSelector.setCertificate(userCert);
        certSelector.setSubject(userCert.getSubjectDN().getName()); // seems to be required

        // build a valid cerificate path
        CertPathBuilder certPathBuilder = CertPathBuilder.getInstance("PKIX", "SUN");
        PKIXBuilderParameters certPathBuilderParams = new PKIXBuilderParameters(trustAnchors, certSelector);
        certPathBuilderParams.addCertStore(certStore);
        certPathBuilderParams.setRevocationEnabled(false);
        CertPathBuilderResult result = certPathBuilder.build(certPathBuilderParams);

        // get and show cert path
        CertPath certPath = result.getCertPath();
//        System.out.println(certPath.toString());
    }
 
源代码15 项目: openjdk-8   文件: NoExtensions.java
private void doBuild(X509Certificate userCert) throws Exception {
        // get the set of trusted CA certificates (only one in this instance)
        HashSet trustAnchors = new HashSet();
        X509Certificate trustedCert = getTrustedCertificate();
        trustAnchors.add(new TrustAnchor(trustedCert, null));

        // put together a CertStore (repository of the certificates and CRLs)
        ArrayList certs = new ArrayList();
        certs.add(trustedCert);
        certs.add(userCert);
        CollectionCertStoreParameters certStoreParams = new CollectionCertStoreParameters(certs);
        CertStore certStore = CertStore.getInstance("Collection", certStoreParams);

        // specify the target certificate via a CertSelector
        X509CertSelector certSelector = new X509CertSelector();
        certSelector.setCertificate(userCert);
        certSelector.setSubject(userCert.getSubjectDN().getName()); // seems to be required

        // build a valid cerificate path
        CertPathBuilder certPathBuilder = CertPathBuilder.getInstance("PKIX", "SUN");
        PKIXBuilderParameters certPathBuilderParams = new PKIXBuilderParameters(trustAnchors, certSelector);
        certPathBuilderParams.addCertStore(certStore);
        certPathBuilderParams.setRevocationEnabled(false);
        CertPathBuilderResult result = certPathBuilder.build(certPathBuilderParams);

        // get and show cert path
        CertPath certPath = result.getCertPath();
//        System.out.println(certPath.toString());
    }
 
源代码16 项目: jdk8u_jdk   文件: NoExtensions.java
private void doBuild(X509Certificate userCert) throws Exception {
        // get the set of trusted CA certificates (only one in this instance)
        HashSet trustAnchors = new HashSet();
        X509Certificate trustedCert = getTrustedCertificate();
        trustAnchors.add(new TrustAnchor(trustedCert, null));

        // put together a CertStore (repository of the certificates and CRLs)
        ArrayList certs = new ArrayList();
        certs.add(trustedCert);
        certs.add(userCert);
        CollectionCertStoreParameters certStoreParams = new CollectionCertStoreParameters(certs);
        CertStore certStore = CertStore.getInstance("Collection", certStoreParams);

        // specify the target certificate via a CertSelector
        X509CertSelector certSelector = new X509CertSelector();
        certSelector.setCertificate(userCert);
        certSelector.setSubject(userCert.getSubjectDN().getName()); // seems to be required

        // build a valid cerificate path
        CertPathBuilder certPathBuilder = CertPathBuilder.getInstance("PKIX", "SUN");
        PKIXBuilderParameters certPathBuilderParams = new PKIXBuilderParameters(trustAnchors, certSelector);
        certPathBuilderParams.addCertStore(certStore);
        certPathBuilderParams.setRevocationEnabled(false);
        CertPathBuilderResult result = certPathBuilder.build(certPathBuilderParams);

        // get and show cert path
        CertPath certPath = result.getCertPath();
//        System.out.println(certPath.toString());
    }
 
源代码17 项目: jdk8u_jdk   文件: X509CertSelectorTest.java
private void testSubject() throws IOException {
    System.out.println("X.509 Certificate Match on subject");
    // bad match
    X509CertSelector selector = new X509CertSelector();
    selector.setSubject("ou=bogus,ou=east,o=sun,c=us");
    checkMatch(selector, cert, false);

    // good match
    selector.setSubject(cert.getSubjectX500Principal().getName("RFC2253"));
    checkMatch(selector, cert, true);
}
 
源代码18 项目: RipplePower   文件: PKIXCertPathReviewer.java
protected Collection getTrustAnchors(X509Certificate cert, Set trustanchors) throws CertPathReviewerException
{
    Collection trustColl = new ArrayList();
    Iterator it = trustanchors.iterator();
    
    X509CertSelector certSelectX509 = new X509CertSelector();

    try
    {
        certSelectX509.setSubject(getEncodedIssuerPrincipal(cert).getEncoded());
        byte[] ext = cert.getExtensionValue(X509Extensions.AuthorityKeyIdentifier.getId());

        if (ext != null)
        {
            ASN1OctetString oct = (ASN1OctetString)ASN1Primitive.fromByteArray(ext);
            AuthorityKeyIdentifier authID = AuthorityKeyIdentifier.getInstance(ASN1Primitive.fromByteArray(oct.getOctets()));

            certSelectX509.setSerialNumber(authID.getAuthorityCertSerialNumber());
            byte[] keyID = authID.getKeyIdentifier();
            if (keyID != null)
            {
                certSelectX509.setSubjectKeyIdentifier(new DEROctetString(keyID).getEncoded());
            }
        }
    }
    catch (IOException ex)
    {
        ErrorBundle msg = new ErrorBundle(RESOURCE_NAME,"CertPathReviewer.trustAnchorIssuerError");
        throw new CertPathReviewerException(msg);
    }

    while (it.hasNext())
    {
        TrustAnchor trust = (TrustAnchor) it.next();
        if (trust.getTrustedCert() != null)
        {
            if (certSelectX509.match(trust.getTrustedCert()))
            {
                trustColl.add(trust);
            }
        }
        else if (trust.getCAName() != null && trust.getCAPublicKey() != null)
        {
            X500Principal certIssuer = getEncodedIssuerPrincipal(cert);
            X500Principal caName = new X500Principal(trust.getCAName());
            if (certIssuer.equals(caName))
            {
                trustColl.add(trust);
            }
        }
    }
    return trustColl;
}
 
源代码19 项目: ripple-lib-java   文件: PKIXCertPathReviewer.java
protected Collection getTrustAnchors(X509Certificate cert, Set trustanchors) throws CertPathReviewerException
{
    Collection trustColl = new ArrayList();
    Iterator it = trustanchors.iterator();
    
    X509CertSelector certSelectX509 = new X509CertSelector();

    try
    {
        certSelectX509.setSubject(getEncodedIssuerPrincipal(cert).getEncoded());
        byte[] ext = cert.getExtensionValue(X509Extensions.AuthorityKeyIdentifier.getId());

        if (ext != null)
        {
            ASN1OctetString oct = (ASN1OctetString)ASN1Primitive.fromByteArray(ext);
            AuthorityKeyIdentifier authID = AuthorityKeyIdentifier.getInstance(ASN1Primitive.fromByteArray(oct.getOctets()));

            certSelectX509.setSerialNumber(authID.getAuthorityCertSerialNumber());
            byte[] keyID = authID.getKeyIdentifier();
            if (keyID != null)
            {
                certSelectX509.setSubjectKeyIdentifier(new DEROctetString(keyID).getEncoded());
            }
        }
    }
    catch (IOException ex)
    {
        ErrorBundle msg = new ErrorBundle(RESOURCE_NAME,"CertPathReviewer.trustAnchorIssuerError");
        throw new CertPathReviewerException(msg);
    }

    while (it.hasNext())
    {
        TrustAnchor trust = (TrustAnchor) it.next();
        if (trust.getTrustedCert() != null)
        {
            if (certSelectX509.match(trust.getTrustedCert()))
            {
                trustColl.add(trust);
            }
        }
        else if (trust.getCAName() != null && trust.getCAPublicKey() != null)
        {
            X500Principal certIssuer = getEncodedIssuerPrincipal(cert);
            X500Principal caName = new X500Principal(trust.getCAName());
            if (certIssuer.equals(caName))
            {
                trustColl.add(trust);
            }
        }
    }
    return trustColl;
}
 
源代码20 项目: openjdk-jdk9   文件: ConstructorTest.java
public static void testCtorByPKIXBuilderParams(Set<X509Certificate> certSet)
        throws Exception {
    Set<TrustAnchor> taSet = makeTrustAnchorSet(certSet);
    Validator valOK;
    Validator valNoGood;
    X509Certificate[] chain = new X509Certificate[1];
    Set<X509Certificate> intermeds = new HashSet<>();

    // Case 7: Make a PKIXValidator with valid arguments
    // Expected result: Well-formed PKIXValidator object
    System.out.println("Constructor test 7: Valid inputs");

    // Set up the PKIXBuilderParameters
    X509CertSelector sel = new X509CertSelector();
    sel.setSubject("CN=User");
    PKIXBuilderParameters pbParams = new PKIXBuilderParameters(taSet, sel);
    pbParams.setRevocationEnabled(false);
    pbParams.setDate(new Date(1426399200000L)); // 03-15-2014 6:00:00 GMT

    valOK = Validator.getInstance(Validator.TYPE_PKIX,
            Validator.VAR_GENERIC, pbParams);

    // Convert our user cert from PEM format, then do the same for
    // its intermediate signer and add that as a helper for path building
    chain[0] = makeCertFromPEM(USER);
    intermeds.add(makeCertFromPEM(INTERMED));

    showValidatedChain(valOK, chain, intermeds);

    // Case 8: Make a PKIXValidator but provide a null PKIXBuilderParameters
    // Expected result: throw NullPointerException
    System.out.println("Constructor test 8: null params");
    try {
        valNoGood = Validator.getInstance(Validator.TYPE_PKIX,
                Validator.VAR_GENERIC, (PKIXBuilderParameters)null);
        // Throw something non Runtime-related to indicate we shouldn't
        // have succeeded on construction.
        throw new IOException(
                "Constructor did not throw NullPointerException");
    } catch (NullPointerException npe) {
        System.out.println("\tCaught RuntimeException (" + npe.toString() +
                ") [PASS])");
    }
}