validateSignatureWithInvalidChainThrows() — netty Function Reference

Architecture documentation for the validateSignatureWithInvalidChainThrows() function in OcspClientTest.java from the netty codebase.

Function java Buffer Allocators

Entity Profile

Buffer→ Allocators→ validateSignatureWithInvalidChainThrows() — netty Function Reference

Dependency Diagram

graph TD
  a9350351_33dc_df12_238c_0a50d6db0b7a["validateSignatureWithInvalidChainThrows()"]
  3370da49_7453_ab40_8426_84084353f364["OcspClientTest"]
  a9350351_33dc_df12_238c_0a50d6db0b7a -->|defined in| 3370da49_7453_ab40_8426_84084353f364
  style a9350351_33dc_df12_238c_0a50d6db0b7a fill:#6366f1,stroke:#818cf8,color:#fff

Relationship Graph

Source Code

handler-ssl-ocsp/src/test/java/io/netty/handler/ssl/ocsp/OcspClientTest.java lines 109–148

    @Test
    void validateSignatureWithInvalidChainThrows() throws Exception {
        // Build an unrelated responder chain so nothing is signed by the provided issuer (using RSA)
        X509Bundle issuerBundle = new CertificateBuilder()
                .algorithm(CertificateBuilder.Algorithm.rsa2048)
                .subject("CN=Issuer")
                .setIsCertificateAuthority(true)
                .buildSelfSigned();

        // Different CA
        X509Bundle otherRoot = new CertificateBuilder()
                .algorithm(CertificateBuilder.Algorithm.rsa2048)
                .subject("CN=SomeRootCA")
                .setIsCertificateAuthority(true)
                .buildSelfSigned();

        X509Bundle otherIntermediate = new CertificateBuilder()
                .algorithm(CertificateBuilder.Algorithm.rsa2048)
                .subject("CN=SomeIntermediateCA")
                .setIsCertificateAuthority(true)
                .buildIssuedBy(otherRoot);

        X509Bundle otherResponder = new CertificateBuilder()
                .algorithm(CertificateBuilder.Algorithm.rsa2048)
                .subject("CN=SomeResponder")
                .buildIssuedBy(otherIntermediate);

        X509CertificateHolder responderHolder = new JcaX509CertificateHolder(otherResponder.getCertificate());
        X509CertificateHolder intermediateHolder = new JcaX509CertificateHolder(otherIntermediate.getCertificate());

        // Create actual OCSP response with untrusted chain
        BasicOCSPResp resp = createBasicOcspResponse(
                otherResponder,
                new X509CertificateHolder[]{responderHolder, intermediateHolder}
        );

        assertThrows(OCSPException.class, () ->
                OcspClient.validateSignature(resp, issuerBundle.getCertificate())
        );
    }

Domain

Buffer

Subdomains

Allocators

Defined In

handler-ssl-ocsp/src/test/java/io/netty/handler/ssl/ocsp/OcspClientTest.java

Source

View on GitHub

Frequently Asked Questions

What does validateSignatureWithInvalidChainThrows() do?

validateSignatureWithInvalidChainThrows() is a function in the netty codebase, defined in handler-ssl-ocsp/src/test/java/io/netty/handler/ssl/ocsp/OcspClientTest.java.

Where is validateSignatureWithInvalidChainThrows() defined?

validateSignatureWithInvalidChainThrows() is defined in handler-ssl-ocsp/src/test/java/io/netty/handler/ssl/ocsp/OcspClientTest.java at line 109.

Analyze Your Own Codebase

Get architecture documentation, dependency graphs, and domain analysis for your codebase in minutes.

Try Supermodel Free