List of usage examples for java.security.cert X509CertSelector setSerialNumber
public void setSerialNumber(BigInteger serial)
From source file:MainClass.java
public static void main(String args[]) throws Exception { X509CertSelector selec = new X509CertSelector(); CertificateFactory cf = CertificateFactory.getInstance("X.509"); FileInputStream in = new FileInputStream(args[0]); Certificate c = cf.generateCertificate(in); System.out.println(selec.match(c)); selec.setIssuer("CN=Peter,OU=Network Center," + "O=University,L=ZB,ST=Vancouver,C=CN"); System.out.println(selec.match(c)); Calendar cld = Calendar.getInstance(); int year = Integer.parseInt(args[1]); int month = Integer.parseInt(args[2]) - 1; int day = Integer.parseInt(args[3]); cld.set(year, month, day);// w w w . j a v a 2 s.co m Date d = cld.getTime(); selec.setCertificateValid(d); System.out.println(selec.match(c)); BigInteger sn = new BigInteger("1039056963"); selec.setSerialNumber(sn); System.out.println(selec.match(c)); }
From source file:mitm.common.security.cms.KeyTransRecipientIdImpl.java
@Override public CertSelector getSelector() throws IOException { X509CertSelector selector = new X509CertSelector(); selector.setIssuer(issuer);//from w ww .j ava2s. c o m selector.setSerialNumber(serialNumber); if (subjectKeyIdentifier != null) { /* * X509CertSelector expects a DER encoded subjectKeyIdentifier. */ X509CertSelectorBuilder.setSubjectKeyIdentifier(selector, subjectKeyIdentifier); } return selector; }
From source file:mitm.common.security.certpath.CertPathBuilderSpeedTest.java
@Test public void testBuildPathManyCertificates() throws Exception { int tries = 1000; TrustAnchorBuilder trustAnchorBuilder = new CertStoreTrustAnchorBuilder(rootStoreParams.getCertStore(), 10 * DateUtils.MILLIS_PER_SECOND); long start = System.currentTimeMillis(); Set<TrustAnchor> trustAnchors = trustAnchorBuilder.getTrustAnchors(); for (int i = 0; i < tries; i++) { X509CertSelector selector = new X509CertSelector(); selector.setSerialNumber(BigIntegerUtils.hexDecode("116A448F117FF69FE4F2D4D38F689D7")); selector.setIssuer("EMAILADDRESS=ca@example.com, CN=MITM Test CA, L=Amsterdam, ST=NH, C=NL"); CertificatePathBuilder builder = new PKIXCertificatePathBuilder(); //Set<TrustAnchor> trustAnchors = trustAnchorBuilder.getTrustAnchors(); trustAnchors = trustAnchorBuilder.getTrustAnchors(); builder.setTrustAnchors(trustAnchors); builder.addCertPathChecker(new SMIMEExtendedKeyUsageCertPathChecker()); builder.addCertStore(certStore); builder.setRevocationEnabled(false); CertPathBuilderResult result = builder.buildPath(selector); assertEquals(2, result.getCertPath().getCertificates().size()); }/*from w w w .j a v a 2s .c o m*/ long diff = System.currentTimeMillis() - start; double secondsPerBuild = diff * 0.001 / tries; System.out.println("Seconds / build: " + secondsPerBuild); if (secondsPerBuild > 0.03) { /*************************************************** * Note: This might fail on slower systems!! ***************************************************/ fail("Seconds / build too slow. Note: This might fail on slower systems!!!"); } }
From source file:mitm.common.security.certpath.CertPathBuilderTest.java
@Test public void testAlgorithmIdentifierComparisonFailed() throws Exception { addCertificates("AC_MINEFI_DPMA.cer", certStoreParams.getCertStore()); addCertificates("MINEFI_AUTORITE_DE_CERTIFICATION_RACINE.cer", rootStoreParams.getCertStore()); CertificatePathBuilder builder = new PKIXCertificatePathBuilder(); builder.addCertStore(certStore);/* w w w . j av a 2s . c o m*/ builder.setTrustAnchors(getTrustAnchors()); X509CertSelector selector = new X509CertSelector(); selector.setSerialNumber(BigIntegerUtils.hexDecode("30303031303935373731383130383135")); selector.setIssuer("CN=MINEFI-AUTORITE DE CERTIFICATION RACINE, OU=AGENCE AUTORITE, O=MINEFI, C=FR"); CertPathBuilderResult results = builder.buildPath(selector); assertNotNull(results.getCertPath()); assertEquals(1, results.getCertPath().getCertificates().size()); }
From source file:mitm.common.security.certpath.CertPathBuilderTest.java
@Test public void testNoTrustAnchors() throws Exception { addCertificates("windows-xp-all-intermediates.p7b", certStoreParams.getCertStore()); addCertificates("mitm-test-ca.cer", certStoreParams.getCertStore()); addCertificates("testCertificates.p7b", certStoreParams.getCertStore()); CertificatePathBuilder builder = new PKIXCertificatePathBuilder(); builder.addCertStore(certStore);//from w ww .j a v a 2 s . c o m X509CertSelector selector = new X509CertSelector(); selector.setSerialNumber(BigIntegerUtils.hexDecode("115FD110A82F742D0AE14A71B651962")); selector.setIssuer("EMAILADDRESS=ca@example.com, CN=MITM Test CA, L=Amsterdam, ST=NH, C=NL"); try { builder.buildPath(selector); fail("Should have failed"); } catch (CertPathBuilderException e) { assertEquals(PKIXCertificatePathBuilder.NO_ROOTS_ERROR_MESSAGE, e.getMessage()); } }
From source file:mitm.common.security.certpath.CertPathBuilderTest.java
@Test public void testBuildPathEKUCriticalCertPathCheckerAdded() throws Exception { // add roots/*from w ww.ja v a 2 s . c o m*/ addCertificates("mitm-test-root.cer", rootStoreParams.getCertStore()); addCertificates("mitm-test-ca.cer", certStoreParams.getCertStore()); addCertificates("testCertificates.p7b", certStoreParams.getCertStore()); addCRL("test-ca.crl", certStoreParams.getCRLStore()); addCRL("test-root-ca-not-revoked.crl", certStoreParams.getCRLStore()); trustAnchors = getTrustAnchors(); X509CertSelector selector = new X509CertSelector(); selector.setSerialNumber(BigIntegerUtils.hexDecode("116A448F117FF69FE4F2D4D38F689D7")); selector.setIssuer("EMAILADDRESS=ca@example.com, CN=MITM Test CA, L=Amsterdam, ST=NH, C=NL"); CertificatePathBuilder builder = new PKIXCertificatePathBuilder(); builder.setTrustAnchors(trustAnchors); builder.addCertPathChecker(new SMIMEExtendedKeyUsageCertPathChecker()); builder.addCertStore(certStore); builder.setRevocationEnabled(true); CertPathBuilderResult result = builder.buildPath(selector); assertEquals(2, result.getCertPath().getCertificates().size()); }
From source file:mitm.common.security.certpath.CertPathBuilderTest.java
@Test public void testBuildPathRootNotFound() throws Exception { // root store cannot be empty so we just load something addCertificates("dod-mega-crl.cer", rootStoreParams.getCertStore()); addCertificates("mitm-test-ca.cer", certStoreParams.getCertStore()); addCertificates("testCertificates.p7b", certStoreParams.getCertStore()); addCRL("test-ca.crl", certStoreParams.getCRLStore()); addCRL("test-root-ca-not-revoked.crl", certStoreParams.getCRLStore()); trustAnchors = getTrustAnchors();// w w w. j ava 2 s .c o m X509CertSelector selector = new X509CertSelector(); selector.setSerialNumber(BigIntegerUtils.hexDecode("115FCD741088707366E9727452C9770")); selector.setIssuer("EMAILADDRESS=ca@example.com, CN=MITM Test CA, L=Amsterdam, ST=NH, C=NL"); CertificatePathBuilder builder = new PKIXCertificatePathBuilder(); builder.setTrustAnchors(trustAnchors); builder.addCertStore(certStore); try { builder.buildPath(selector); fail(); } catch (CertPathBuilderException e) { assertEquals("No issuer certificate for certificate in certification path found.", e.getMessage()); } }
From source file:mitm.common.security.certpath.CertPathBuilderTest.java
@Test public void testBuildPathTargetNotFound() throws Exception { // add roots// w w w . ja va2 s.c o m addCertificates("mitm-test-root.cer", rootStoreParams.getCertStore()); addCertificates("mitm-test-ca.cer", certStoreParams.getCertStore()); addCertificates("testCertificates.p7b", certStoreParams.getCertStore()); addCRL("test-ca.crl", certStoreParams.getCRLStore()); addCRL("test-root-ca-not-revoked.crl", certStoreParams.getCRLStore()); trustAnchors = getTrustAnchors(); X509CertSelector selector = new X509CertSelector(); selector.setSerialNumber(BigIntegerUtils.hexDecode("123")); selector.setIssuer("EMAILADDRESS=ca@example.com, CN=MITM Test CA, L=Amsterdam, ST=NH, C=NL"); CertificatePathBuilder builder = new PKIXCertificatePathBuilder(); builder.setTrustAnchors(trustAnchors); builder.addCertStore(certStore); try { builder.buildPath(selector); fail(); } catch (CertPathBuilderException e) { assertEquals("No certificate found matching targetContraints.", e.getMessage()); } }
From source file:mitm.common.security.certpath.CertPathBuilderTest.java
@Test public void testBuildPathCRLSignedByIncorrectKeyAndCorrectKey() throws Exception { // add roots//from ww w. j a va2 s .c om addCertificates("windows-xp-all-roots.p7b", rootStoreParams.getCertStore()); addCertificates("mitm-test-root.cer", rootStoreParams.getCertStore()); addCertificates("windows-xp-all-intermediates.p7b", certStoreParams.getCertStore()); addCertificates("mitm-test-ca.cer", certStoreParams.getCertStore()); addCertificates("testCertificates.p7b", certStoreParams.getCertStore()); addCRL("test-root-ca-not-revoked.crl", certStoreParams.getCRLStore()); addCRL("test-ca.crl", certStoreParams.getCRLStore()); addCRL("test-ca-signed-incorrect-key.crl", certStoreParams.getCRLStore()); trustAnchors = getTrustAnchors(); X509CertSelector selector = new X509CertSelector(); selector.setSerialNumber(BigIntegerUtils.hexDecode("115FD110A82F742D0AE14A71B651962")); selector.setIssuer("EMAILADDRESS=ca@example.com, CN=MITM Test CA, L=Amsterdam, ST=NH, C=NL"); CertificatePathBuilder builder = new PKIXCertificatePathBuilder(); builder.setTrustAnchors(trustAnchors); builder.addCertPathChecker(new SMIMEExtendedKeyUsageCertPathChecker()); builder.addCertStore(certStore); builder.setRevocationEnabled(true); CertPathBuilderResult result = builder.buildPath(selector); assertEquals(2, result.getCertPath().getCertificates().size()); }
From source file:mitm.common.security.certpath.CertPathBuilderTest.java
@Test public void testBuildPathCRLUnavailable() throws Exception { // add roots/*from w w w.j a v a 2s . co m*/ addCertificates("windows-xp-all-roots.p7b", rootStoreParams.getCertStore()); addCertificates("mitm-test-root.cer", rootStoreParams.getCertStore()); addCertificates("windows-xp-all-intermediates.p7b", certStoreParams.getCertStore()); addCertificates("mitm-test-ca.cer", certStoreParams.getCertStore()); addCertificates("testCertificates.p7b", certStoreParams.getCertStore()); trustAnchors = getTrustAnchors(); X509CertSelector selector = new X509CertSelector(); selector.setSerialNumber(BigIntegerUtils.hexDecode("115FD110A82F742D0AE14A71B651962")); selector.setIssuer("EMAILADDRESS=ca@example.com, CN=MITM Test CA, L=Amsterdam, ST=NH, C=NL"); CertificatePathBuilder builder = new PKIXCertificatePathBuilder(); builder.setTrustAnchors(trustAnchors); builder.addCertPathChecker(new SMIMEExtendedKeyUsageCertPathChecker()); builder.addCertStore(certStore); builder.setRevocationEnabled(true); try { builder.buildPath(selector); fail(); } catch (CertPathBuilderException e) { Throwable cause = ExceptionUtils.getCause(e); assertTrue(cause.getMessage().startsWith("No CRLs found")); } }