List of usage examples for java.security.cert X509CertSelector setIssuer
public void setIssuer(byte[] issuerDN) throws IOException
From source file:mitm.common.security.crl.PKITSTest.java
@Test public void test_4_4_1_Missing_CRL_Test1() throws Exception { // add certificates addCertificates(new File(testBase, "certs/NoCRLCACert.crt"), certStoreParams.getCertStore()); addCertificates(new File(testBase, "certs/InvalidMissingCRLTest1EE.crt"), certStoreParams.getCertStore()); // add crls// w w w . j a va 2s.c om addCRL(new File(testBase, "crls/TrustAnchorRootCRL.crl"), certStoreParams.getCRLStore()); X509CertSelector selector = new X509CertSelector(); selector.setSerialNumber(new BigInteger("1")); selector.setIssuer("CN=No CRL CA, O=Test Certificates, C=US"); PKIXCertPathBuilderResult result = getCertPathBuilderResult(selector); CertPath certPath = result.getCertPath(); TrustAnchor trustAnchor = result.getTrustAnchor(); assertNotNull(trustAnchor); assertEquals("CN=Trust Anchor, O=Test Certificates, C=US", trustAnchor.getTrustedCert().getSubjectX500Principal().toString()); PKIXRevocationChecker revocationChecker = new PKIXRevocationChecker(certStoreParams.getCRLStore()); RevocationResult revocationResult = revocationChecker.getRevocationStatus(certPath, trustAnchor, testDate); assertEquals(RevocationStatus.UNKNOWN, revocationResult.getStatus()); assertEquals(null, revocationResult.getReason()); RevocationDetail[] detail = revocationResult.getDetails(); assertEquals(detail.length, 2); assertEquals(RevocationStatus.UNKNOWN, detail[0].getStatus()); assertEquals(RevocationStatus.NOT_REVOKED, detail[1].getStatus()); }
From source file:mitm.common.security.crl.PKITSTest.java
@Test public void test_4_4_15_Invalid_Negative_Serial_Number_Test15() throws Exception { // add certificates addCertificates(new File(testBase, "certs/NegativeSerialNumberCACert.crt"), certStoreParams.getCertStore()); addCertificates(new File(testBase, "certs/InvalidNegativeSerialNumberTest15EE.crt"), certStoreParams.getCertStore()); // add crls/*from ww w . ja v a2 s . c o m*/ addCRL(new File(testBase, "crls/TrustAnchorRootCRL.crl"), certStoreParams.getCRLStore()); addCRL(new File(testBase, "crls/NegativeSerialNumberCACRL.crl"), certStoreParams.getCRLStore()); X509CertSelector selector = new X509CertSelector(); selector.setSerialNumber(new BigInteger("-1")); selector.setIssuer("CN=Negative Serial Number CA, O=Test Certificates, C=US"); PKIXCertPathBuilderResult result = getCertPathBuilderResult(selector); CertPath certPath = result.getCertPath(); TrustAnchor trustAnchor = result.getTrustAnchor(); assertNotNull(trustAnchor); assertEquals("CN=Trust Anchor, O=Test Certificates, C=US", trustAnchor.getTrustedCert().getSubjectX500Principal().toString()); PKIXRevocationChecker revocationChecker = new PKIXRevocationChecker(certStoreParams.getCRLStore()); RevocationResult revocationResult = revocationChecker.getRevocationStatus(certPath, trustAnchor, testDate); assertEquals(RevocationStatus.REVOKED, revocationResult.getStatus()); assertEquals(RevocationReason.KEY_COMPROMISE, revocationResult.getReason()); RevocationDetail[] detail = revocationResult.getDetails(); assertEquals(detail.length, 2); assertEquals(RevocationStatus.REVOKED, detail[0].getStatus()); assertEquals(RevocationStatus.UNKNOWN, detail[1].getStatus()); }
From source file:mitm.common.security.crl.PKITSTest.java
@Test public void test_4_4_2_Invalid_Revoked_CA_Test2() throws Exception { // add certificates addCertificates(new File(testBase, "certs/GoodCACert.crt"), certStoreParams.getCertStore()); addCertificates(new File(testBase, "certs/RevokedsubCACert.crt"), certStoreParams.getCertStore()); addCertificates(new File(testBase, "certs/InvalidRevokedCATest2EE.crt"), certStoreParams.getCertStore()); // add crls/*from w w w. j ava 2s . co m*/ addCRL(new File(testBase, "crls/TrustAnchorRootCRL.crl"), certStoreParams.getCRLStore()); addCRL(new File(testBase, "crls/GoodCACRL.crl"), certStoreParams.getCRLStore()); addCRL(new File(testBase, "crls/RevokedsubCACRL.crl"), certStoreParams.getCRLStore()); X509CertSelector selector = new X509CertSelector(); selector.setSerialNumber(new BigInteger("1")); selector.setIssuer("CN=Revoked subCA, O=Test Certificates, C=US"); PKIXCertPathBuilderResult result = getCertPathBuilderResult(selector); CertPath certPath = result.getCertPath(); TrustAnchor trustAnchor = result.getTrustAnchor(); assertNotNull(trustAnchor); assertEquals("CN=Trust Anchor, O=Test Certificates, C=US", trustAnchor.getTrustedCert().getSubjectX500Principal().toString()); PKIXRevocationChecker revocationChecker = new PKIXRevocationChecker(certStoreParams.getCRLStore()); RevocationResult revocationResult = revocationChecker.getRevocationStatus(certPath, trustAnchor, testDate); assertEquals(RevocationStatus.REVOKED, revocationResult.getStatus()); assertEquals(RevocationReason.KEY_COMPROMISE, revocationResult.getReason()); RevocationDetail[] detail = revocationResult.getDetails(); assertEquals(detail.length, 3); assertEquals(RevocationStatus.NOT_REVOKED, detail[0].getStatus()); assertEquals(RevocationStatus.REVOKED, detail[1].getStatus()); assertEquals(RevocationStatus.UNKNOWN, detail[2].getStatus()); }
From source file:mitm.common.security.crl.PKITSTest.java
@Test public void test_4_7_4_Invalid_keyUsage_Critical_cRLSign_False_Test4() throws Exception { // add certificates addCertificates(new File(testBase, "certs/keyUsageCriticalcRLSignFalseCACert.crt"), certStoreParams.getCertStore()); addCertificates(new File(testBase, "certs/InvalidkeyUsageCriticalcRLSignFalseTest4EE.crt"), certStoreParams.getCertStore()); // add crls/*w w w .j av a 2 s. c o m*/ addCRL(new File(testBase, "crls/TrustAnchorRootCRL.crl"), certStoreParams.getCRLStore()); addCRL(new File(testBase, "crls/keyUsageCriticalcRLSignFalseCACRL.crl"), certStoreParams.getCRLStore()); X509CertSelector selector = new X509CertSelector(); selector.setSerialNumber(BigIntegerUtils.hexDecode("1")); selector.setIssuer("CN=keyUsage Critical cRLSign False CA, O=Test Certificates, C=US"); PKIXCertPathBuilderResult result = getCertPathBuilderResult(selector); CertPath certPath = result.getCertPath(); TrustAnchor trustAnchor = result.getTrustAnchor(); assertNotNull(trustAnchor); assertEquals("CN=Trust Anchor, O=Test Certificates, C=US", trustAnchor.getTrustedCert().getSubjectX500Principal().toString()); PKIXRevocationChecker revocationChecker = new PKIXRevocationChecker(certStoreParams.getCRLStore()); RevocationResult revocationResult = revocationChecker.getRevocationStatus(certPath, trustAnchor, testDate); assertEquals(RevocationStatus.UNKNOWN, revocationResult.getStatus()); }
From source file:mitm.common.security.crl.PKITSTest.java
@Test public void test_4_7_5_Invalid_keyUsage_Not_Critical_cRLSign_False_Test5() throws Exception { // add certificates addCertificates(new File(testBase, "certs/keyUsageNotCriticalcRLSignFalseCACert.crt"), certStoreParams.getCertStore()); addCertificates(new File(testBase, "certs/InvalidkeyUsageNotCriticalcRLSignFalseTest5EE.crt"), certStoreParams.getCertStore()); // add crls//from w w w .ja va 2s. com addCRL(new File(testBase, "crls/TrustAnchorRootCRL.crl"), certStoreParams.getCRLStore()); addCRL(new File(testBase, "crls/keyUsageNotCriticalcRLSignFalseCACRL.crl"), certStoreParams.getCRLStore()); X509CertSelector selector = new X509CertSelector(); selector.setSerialNumber(BigIntegerUtils.hexDecode("1")); selector.setIssuer("CN=keyUsage Not Critical cRLSign False CA, O=Test Certificates, C=US"); PKIXCertPathBuilderResult result = getCertPathBuilderResult(selector); CertPath certPath = result.getCertPath(); TrustAnchor trustAnchor = result.getTrustAnchor(); assertNotNull(trustAnchor); assertEquals("CN=Trust Anchor, O=Test Certificates, C=US", trustAnchor.getTrustedCert().getSubjectX500Principal().toString()); PKIXRevocationChecker revocationChecker = new PKIXRevocationChecker(certStoreParams.getCRLStore()); RevocationResult revocationResult = revocationChecker.getRevocationStatus(certPath, trustAnchor, testDate); assertEquals(RevocationStatus.UNKNOWN, revocationResult.getStatus()); }
From source file:mitm.common.security.crl.PKITSTest.java
@Test public void test_4_4_3_Invalid_Revoked_EE_Test3() throws Exception { // add certificates addCertificates(new File(testBase, "certs/GoodCACert.crt"), certStoreParams.getCertStore()); addCertificates(new File(testBase, "certs/InvalidRevokedEETest3EE.crt"), certStoreParams.getCertStore()); // add crls/*from w w w. ja v a 2s . c o m*/ addCRL(new File(testBase, "crls/TrustAnchorRootCRL.crl"), certStoreParams.getCRLStore()); addCRL(new File(testBase, "crls/GoodCACRL.crl"), certStoreParams.getCRLStore()); X509CertSelector selector = new X509CertSelector(); selector.setSerialNumber(BigIntegerUtils.hexDecode("F")); selector.setIssuer("CN=Good CA, O=Test Certificates, C=US"); PKIXCertPathBuilderResult result = getCertPathBuilderResult(selector); CertPath certPath = result.getCertPath(); TrustAnchor trustAnchor = result.getTrustAnchor(); assertNotNull(trustAnchor); assertEquals("CN=Trust Anchor, O=Test Certificates, C=US", trustAnchor.getTrustedCert().getSubjectX500Principal().toString()); PKIXRevocationChecker revocationChecker = new PKIXRevocationChecker(certStoreParams.getCRLStore()); RevocationResult revocationResult = revocationChecker.getRevocationStatus(certPath, trustAnchor, testDate); assertEquals(RevocationStatus.REVOKED, revocationResult.getStatus()); assertEquals(RevocationReason.KEY_COMPROMISE, revocationResult.getReason()); RevocationDetail[] detail = revocationResult.getDetails(); assertEquals(detail.length, 2); assertEquals(RevocationStatus.REVOKED, detail[0].getStatus()); assertEquals(RevocationStatus.UNKNOWN, detail[1].getStatus()); }
From source file:mitm.common.security.crl.PKITSTest.java
@Test public void test_4_14_15_Invalid_onlySomeReasons_Test15() throws Exception { // add certificates addCertificates(new File(testBase, "certs/onlySomeReasonsCA1Cert.crt"), certStoreParams.getCertStore()); addCertificates(new File(testBase, "certs/InvalidonlySomeReasonsTest15EE.crt"), certStoreParams.getCertStore()); // add crls/*from w ww . j ava 2 s.c o m*/ addCRL(new File(testBase, "crls/TrustAnchorRootCRL.crl"), certStoreParams.getCRLStore()); addCRL(new File(testBase, "crls/onlySomeReasonsCA1compromiseCRL.crl"), certStoreParams.getCRLStore()); addCRL(new File(testBase, "crls/onlySomeReasonsCA1otherreasonsCRL.crl"), certStoreParams.getCRLStore()); X509CertSelector selector = new X509CertSelector(); selector.setSerialNumber(BigIntegerUtils.hexDecode("1")); selector.setIssuer("CN=onlySomeReasons CA1, O=Test Certificates, C=US"); PKIXCertPathBuilderResult result = getCertPathBuilderResult(selector); CertPath certPath = result.getCertPath(); TrustAnchor trustAnchor = result.getTrustAnchor(); assertNotNull(trustAnchor); PKIXRevocationChecker revocationChecker = new PKIXRevocationChecker(certStoreParams.getCRLStore()); RevocationResult revocationResult = revocationChecker.getRevocationStatus(certPath, trustAnchor, testDate); assertEquals(RevocationStatus.REVOKED, revocationResult.getStatus()); assertEquals(RevocationReason.KEY_COMPROMISE, revocationResult.getReason()); RevocationDetail[] detail = revocationResult.getDetails(); assertEquals(detail.length, 2); assertEquals(RevocationStatus.REVOKED, detail[0].getStatus()); assertEquals(RevocationStatus.UNKNOWN, detail[1].getStatus()); }
From source file:mitm.common.security.crl.PKITSTest.java
@Test public void test_4_14_16_Invalid_onlySomeReasons_Test16() throws Exception { // add certificates addCertificates(new File(testBase, "certs/onlySomeReasonsCA1Cert.crt"), certStoreParams.getCertStore()); addCertificates(new File(testBase, "certs/InvalidonlySomeReasonsTest16EE.crt"), certStoreParams.getCertStore()); // add crls//from w w w .j a v a 2 s . c o m addCRL(new File(testBase, "crls/TrustAnchorRootCRL.crl"), certStoreParams.getCRLStore()); addCRL(new File(testBase, "crls/onlySomeReasonsCA1compromiseCRL.crl"), certStoreParams.getCRLStore()); addCRL(new File(testBase, "crls/onlySomeReasonsCA1otherreasonsCRL.crl"), certStoreParams.getCRLStore()); X509CertSelector selector = new X509CertSelector(); selector.setSerialNumber(BigIntegerUtils.hexDecode("2")); selector.setIssuer("CN=onlySomeReasons CA1, O=Test Certificates, C=US"); PKIXCertPathBuilderResult result = getCertPathBuilderResult(selector); CertPath certPath = result.getCertPath(); TrustAnchor trustAnchor = result.getTrustAnchor(); assertNotNull(trustAnchor); PKIXRevocationChecker revocationChecker = new PKIXRevocationChecker(certStoreParams.getCRLStore()); RevocationResult revocationResult = revocationChecker.getRevocationStatus(certPath, trustAnchor, testDate); assertEquals(RevocationStatus.REVOKED, revocationResult.getStatus()); assertEquals(RevocationReason.CERTIFICATE_HOLD, revocationResult.getReason()); RevocationDetail[] detail = revocationResult.getDetails(); assertEquals(detail.length, 2); assertEquals(RevocationStatus.REVOKED, detail[0].getStatus()); assertEquals(RevocationStatus.UNKNOWN, detail[1].getStatus()); }
From source file:mitm.common.security.crl.PKITSTest.java
@Test public void test_4_14_17_Invalid_onlySomeReasons_Test17() throws Exception { // add certificates addCertificates(new File(testBase, "certs/onlySomeReasonsCA2Cert.crt"), certStoreParams.getCertStore()); addCertificates(new File(testBase, "certs/InvalidonlySomeReasonsTest17EE.crt"), certStoreParams.getCertStore()); // add crls/*from ww w .ja v a2s .c om*/ addCRL(new File(testBase, "crls/TrustAnchorRootCRL.crl"), certStoreParams.getCRLStore()); addCRL(new File(testBase, "crls/onlySomeReasonsCA2CRL1.crl"), certStoreParams.getCRLStore()); addCRL(new File(testBase, "crls/onlySomeReasonsCA2CRL2.crl"), certStoreParams.getCRLStore()); X509CertSelector selector = new X509CertSelector(); selector.setSerialNumber(BigIntegerUtils.hexDecode("1")); selector.setIssuer("CN=onlySomeReasons CA2, O=Test Certificates, C=US"); PKIXCertPathBuilderResult result = getCertPathBuilderResult(selector); CertPath certPath = result.getCertPath(); TrustAnchor trustAnchor = result.getTrustAnchor(); assertNotNull(trustAnchor); PKIXRevocationChecker revocationChecker = new PKIXRevocationChecker(certStoreParams.getCRLStore()); RevocationResult revocationResult = revocationChecker.getRevocationStatus(certPath, trustAnchor, testDate); assertEquals(RevocationStatus.UNKNOWN, revocationResult.getStatus()); assertEquals(null, revocationResult.getReason()); RevocationDetail[] detail = revocationResult.getDetails(); assertEquals(detail.length, 2); assertEquals(RevocationStatus.UNKNOWN, detail[0].getStatus()); assertEquals(RevocationStatus.NOT_REVOKED, detail[1].getStatus()); }
From source file:mitm.common.security.crl.PKITSTest.java
@Test public void test_4_14_18_Valid_onlySomeReasons_Test18() throws Exception { // add certificates addCertificates(new File(testBase, "certs/onlySomeReasonsCA3Cert.crt"), certStoreParams.getCertStore()); addCertificates(new File(testBase, "certs/ValidonlySomeReasonsTest18EE.crt"), certStoreParams.getCertStore()); // add crls//www . j a v a 2s . c o m addCRL(new File(testBase, "crls/TrustAnchorRootCRL.crl"), certStoreParams.getCRLStore()); addCRL(new File(testBase, "crls/onlySomeReasonsCA3compromiseCRL.crl"), certStoreParams.getCRLStore()); addCRL(new File(testBase, "crls/onlySomeReasonsCA3otherreasonsCRL.crl"), certStoreParams.getCRLStore()); X509CertSelector selector = new X509CertSelector(); selector.setSerialNumber(BigIntegerUtils.hexDecode("1")); selector.setIssuer("OU=onlySomeReasons CA3, O=Test Certificates, C=US"); PKIXCertPathBuilderResult result = getCertPathBuilderResult(selector); CertPath certPath = result.getCertPath(); TrustAnchor trustAnchor = result.getTrustAnchor(); assertNotNull(trustAnchor); PKIXRevocationChecker revocationChecker = new PKIXRevocationChecker(certStoreParams.getCRLStore()); RevocationResult revocationResult = revocationChecker.getRevocationStatus(certPath, trustAnchor, testDate); assertEquals(RevocationStatus.NOT_REVOKED, revocationResult.getStatus()); assertEquals(null, revocationResult.getReason()); RevocationDetail[] detail = revocationResult.getDetails(); assertEquals(detail.length, 2); assertEquals(RevocationStatus.NOT_REVOKED, detail[0].getStatus()); assertEquals(RevocationStatus.NOT_REVOKED, detail[1].getStatus()); }