List of usage examples for java.security.cert X509CertSelector setSerialNumber
public void setSerialNumber(BigInteger serial)
From source file:mitm.common.security.crl.PKITSTest.java
@Test public void test_4_14_3_Invalid_distributionPoint_Test3() throws Exception { // add certificates addCertificates(new File(testBase, "certs/distributionPoint1CACert.crt"), certStoreParams.getCertStore()); addCertificates(new File(testBase, "certs/InvaliddistributionPointTest3EE.crt"), certStoreParams.getCertStore()); // add crls// w w w . jav a2s .com addCRL(new File(testBase, "crls/TrustAnchorRootCRL.crl"), certStoreParams.getCRLStore()); addCRL(new File(testBase, "crls/distributionPoint1CACRL.crl"), certStoreParams.getCRLStore()); X509CertSelector selector = new X509CertSelector(); selector.setSerialNumber(BigIntegerUtils.hexDecode("3")); selector.setIssuer("OU=distributionPoint1 CA, O=Test Certificates, C=US"); PKIXCertPathBuilderResult result = getCertPathBuilderResult(selector); CertPath certPath = result.getCertPath(); TrustAnchor trustAnchor = result.getTrustAnchor(); assertNotNull(trustAnchor); assertEquals("CN=Trust Anchor, O=Test Certificates, C=US", trustAnchor.getTrustedCert().getSubjectX500Principal().toString()); PKIXRevocationChecker revocationChecker = new PKIXRevocationChecker(certStoreParams.getCRLStore()); RevocationResult revocationResult = revocationChecker.getRevocationStatus(certPath, trustAnchor, testDate); assertEquals(RevocationStatus.UNKNOWN, revocationResult.getStatus()); assertEquals(null, revocationResult.getReason()); RevocationDetail[] detail = revocationResult.getDetails(); assertEquals(detail.length, 2); assertEquals(RevocationStatus.UNKNOWN, detail[0].getStatus()); assertEquals(RevocationStatus.NOT_REVOKED, detail[1].getStatus()); }
From source file:mitm.common.security.crl.PKITSTest.java
@Test public void test_4_14_4_Valid_distributionPoint_Test4() throws Exception { // add certificates addCertificates(new File(testBase, "certs/distributionPoint1CACert.crt"), certStoreParams.getCertStore()); addCertificates(new File(testBase, "certs/ValiddistributionPointTest4EE.crt"), certStoreParams.getCertStore()); // add crls//from www .java 2 s .c om addCRL(new File(testBase, "crls/TrustAnchorRootCRL.crl"), certStoreParams.getCRLStore()); addCRL(new File(testBase, "crls/distributionPoint1CACRL.crl"), certStoreParams.getCRLStore()); X509CertSelector selector = new X509CertSelector(); selector.setSerialNumber(BigIntegerUtils.hexDecode("4")); selector.setIssuer("OU=distributionPoint1 CA, O=Test Certificates, C=US"); PKIXCertPathBuilderResult result = getCertPathBuilderResult(selector); CertPath certPath = result.getCertPath(); TrustAnchor trustAnchor = result.getTrustAnchor(); assertNotNull(trustAnchor); assertEquals("CN=Trust Anchor, O=Test Certificates, C=US", trustAnchor.getTrustedCert().getSubjectX500Principal().toString()); PKIXRevocationChecker revocationChecker = new PKIXRevocationChecker(certStoreParams.getCRLStore()); RevocationResult revocationResult = revocationChecker.getRevocationStatus(certPath, trustAnchor, testDate); assertEquals(RevocationStatus.NOT_REVOKED, revocationResult.getStatus()); assertEquals(null, revocationResult.getReason()); RevocationDetail[] detail = revocationResult.getDetails(); assertEquals(detail.length, 2); assertEquals(RevocationStatus.NOT_REVOKED, detail[0].getStatus()); assertEquals(RevocationStatus.NOT_REVOKED, detail[1].getStatus()); }
From source file:mitm.common.security.crl.PKITSTest.java
@Test public void test_4_14_5_Valid_distributionPoint_Test5() throws Exception { // add certificates addCertificates(new File(testBase, "certs/distributionPoint2CACert.crt"), certStoreParams.getCertStore()); addCertificates(new File(testBase, "certs/ValiddistributionPointTest5EE.crt"), certStoreParams.getCertStore()); // add crls/*from w ww. j a v a 2 s. c o m*/ addCRL(new File(testBase, "crls/TrustAnchorRootCRL.crl"), certStoreParams.getCRLStore()); addCRL(new File(testBase, "crls/distributionPoint2CACRL.crl"), certStoreParams.getCRLStore()); X509CertSelector selector = new X509CertSelector(); selector.setSerialNumber(BigIntegerUtils.hexDecode("1")); selector.setIssuer("OU=distributionPoint2 CA, O=Test Certificates, C=US"); PKIXCertPathBuilderResult result = getCertPathBuilderResult(selector); CertPath certPath = result.getCertPath(); TrustAnchor trustAnchor = result.getTrustAnchor(); assertNotNull(trustAnchor); assertEquals("CN=Trust Anchor, O=Test Certificates, C=US", trustAnchor.getTrustedCert().getSubjectX500Principal().toString()); PKIXRevocationChecker revocationChecker = new PKIXRevocationChecker(certStoreParams.getCRLStore()); RevocationResult revocationResult = revocationChecker.getRevocationStatus(certPath, trustAnchor, testDate); assertEquals(RevocationStatus.NOT_REVOKED, revocationResult.getStatus()); assertEquals(null, revocationResult.getReason()); RevocationDetail[] detail = revocationResult.getDetails(); assertEquals(detail.length, 2); assertEquals(RevocationStatus.NOT_REVOKED, detail[0].getStatus()); assertEquals(RevocationStatus.NOT_REVOKED, detail[1].getStatus()); }
From source file:mitm.common.security.crl.PKITSTest.java
@Test public void test_4_14_6_Invalid_distributionPoint_Test6() throws Exception { // add certificates addCertificates(new File(testBase, "certs/distributionPoint2CACert.crt"), certStoreParams.getCertStore()); addCertificates(new File(testBase, "certs/InvaliddistributionPointTest6EE.crt"), certStoreParams.getCertStore()); // add crls// w w w. j av a 2s . c om addCRL(new File(testBase, "crls/TrustAnchorRootCRL.crl"), certStoreParams.getCRLStore()); addCRL(new File(testBase, "crls/distributionPoint2CACRL.crl"), certStoreParams.getCRLStore()); X509CertSelector selector = new X509CertSelector(); selector.setSerialNumber(BigIntegerUtils.hexDecode("2")); selector.setIssuer("OU=distributionPoint2 CA, O=Test Certificates, C=US"); PKIXCertPathBuilderResult result = getCertPathBuilderResult(selector); CertPath certPath = result.getCertPath(); TrustAnchor trustAnchor = result.getTrustAnchor(); assertNotNull(trustAnchor); assertEquals("CN=Trust Anchor, O=Test Certificates, C=US", trustAnchor.getTrustedCert().getSubjectX500Principal().toString()); PKIXRevocationChecker revocationChecker = new PKIXRevocationChecker(certStoreParams.getCRLStore()); RevocationResult revocationResult = revocationChecker.getRevocationStatus(certPath, trustAnchor, testDate); assertEquals(RevocationStatus.REVOKED, revocationResult.getStatus()); assertEquals(RevocationReason.KEY_COMPROMISE, revocationResult.getReason()); RevocationDetail[] detail = revocationResult.getDetails(); assertEquals(detail.length, 2); assertEquals(RevocationStatus.REVOKED, detail[0].getStatus()); assertEquals(RevocationStatus.UNKNOWN, detail[1].getStatus()); }
From source file:mitm.common.security.crl.PKITSTest.java
@Test public void test_4_14_7_Valid_distributionPoint_Test7() throws Exception { // add certificates addCertificates(new File(testBase, "certs/distributionPoint2CACert.crt"), certStoreParams.getCertStore()); addCertificates(new File(testBase, "certs/ValiddistributionPointTest7EE.crt"), certStoreParams.getCertStore()); // add crls//from w w w . ja v a2 s . c om addCRL(new File(testBase, "crls/TrustAnchorRootCRL.crl"), certStoreParams.getCRLStore()); addCRL(new File(testBase, "crls/distributionPoint2CACRL.crl"), certStoreParams.getCRLStore()); X509CertSelector selector = new X509CertSelector(); selector.setSerialNumber(BigIntegerUtils.hexDecode("3")); selector.setIssuer("OU=distributionPoint2 CA, O=Test Certificates, C=US"); PKIXCertPathBuilderResult result = getCertPathBuilderResult(selector); CertPath certPath = result.getCertPath(); TrustAnchor trustAnchor = result.getTrustAnchor(); assertNotNull(trustAnchor); assertEquals("CN=Trust Anchor, O=Test Certificates, C=US", trustAnchor.getTrustedCert().getSubjectX500Principal().toString()); PKIXRevocationChecker revocationChecker = new PKIXRevocationChecker(certStoreParams.getCRLStore()); RevocationResult revocationResult = revocationChecker.getRevocationStatus(certPath, trustAnchor, testDate); assertEquals(RevocationStatus.NOT_REVOKED, revocationResult.getStatus()); assertEquals(null, revocationResult.getReason()); RevocationDetail[] detail = revocationResult.getDetails(); assertEquals(detail.length, 2); assertEquals(RevocationStatus.NOT_REVOKED, detail[0].getStatus()); assertEquals(RevocationStatus.NOT_REVOKED, detail[1].getStatus()); }
From source file:mitm.common.security.crl.PKITSTest.java
@Test public void test_4_14_8_Invalid_distributionPoint_Test8() throws Exception { // add certificates addCertificates(new File(testBase, "certs/distributionPoint2CACert.crt"), certStoreParams.getCertStore()); addCertificates(new File(testBase, "certs/InvaliddistributionPointTest8EE.crt"), certStoreParams.getCertStore()); // add crls// www. jav a 2s .c o m addCRL(new File(testBase, "crls/TrustAnchorRootCRL.crl"), certStoreParams.getCRLStore()); addCRL(new File(testBase, "crls/distributionPoint2CACRL.crl"), certStoreParams.getCRLStore()); X509CertSelector selector = new X509CertSelector(); selector.setSerialNumber(BigIntegerUtils.hexDecode("4")); selector.setIssuer("OU=distributionPoint2 CA, O=Test Certificates, C=US"); PKIXCertPathBuilderResult result = getCertPathBuilderResult(selector); CertPath certPath = result.getCertPath(); TrustAnchor trustAnchor = result.getTrustAnchor(); assertNotNull(trustAnchor); assertEquals("CN=Trust Anchor, O=Test Certificates, C=US", trustAnchor.getTrustedCert().getSubjectX500Principal().toString()); PKIXRevocationChecker revocationChecker = new PKIXRevocationChecker(certStoreParams.getCRLStore()); RevocationResult revocationResult = revocationChecker.getRevocationStatus(certPath, trustAnchor, testDate); assertEquals(RevocationStatus.UNKNOWN, revocationResult.getStatus()); assertEquals(null, revocationResult.getReason()); RevocationDetail[] detail = revocationResult.getDetails(); assertEquals(detail.length, 2); assertEquals(RevocationStatus.UNKNOWN, detail[0].getStatus()); assertEquals(RevocationStatus.NOT_REVOKED, detail[1].getStatus()); }
From source file:mitm.common.security.crl.PKITSTest.java
@Test public void test_4_14_9_Invalid_distributionPoint_Test9() throws Exception { // add certificates addCertificates(new File(testBase, "certs/distributionPoint2CACert.crt"), certStoreParams.getCertStore()); addCertificates(new File(testBase, "certs/InvaliddistributionPointTest9EE.crt"), certStoreParams.getCertStore()); // add crls//from w w w .j av a2 s. c o m addCRL(new File(testBase, "crls/TrustAnchorRootCRL.crl"), certStoreParams.getCRLStore()); addCRL(new File(testBase, "crls/distributionPoint2CACRL.crl"), certStoreParams.getCRLStore()); X509CertSelector selector = new X509CertSelector(); selector.setSerialNumber(BigIntegerUtils.hexDecode("5")); selector.setIssuer("OU=distributionPoint2 CA, O=Test Certificates, C=US"); PKIXCertPathBuilderResult result = getCertPathBuilderResult(selector); CertPath certPath = result.getCertPath(); TrustAnchor trustAnchor = result.getTrustAnchor(); assertNotNull(trustAnchor); assertEquals("CN=Trust Anchor, O=Test Certificates, C=US", trustAnchor.getTrustedCert().getSubjectX500Principal().toString()); PKIXRevocationChecker revocationChecker = new PKIXRevocationChecker(certStoreParams.getCRLStore()); RevocationResult revocationResult = revocationChecker.getRevocationStatus(certPath, trustAnchor, testDate); assertEquals(RevocationStatus.UNKNOWN, revocationResult.getStatus()); assertEquals(null, revocationResult.getReason()); RevocationDetail[] detail = revocationResult.getDetails(); assertEquals(detail.length, 2); assertEquals(RevocationStatus.UNKNOWN, detail[0].getStatus()); assertEquals(RevocationStatus.NOT_REVOKED, detail[1].getStatus()); }
From source file:mitm.common.security.crl.PKITSTest.java
@Test public void test_4_14_12_Invalid_onlyContainsCACerts_CRL_Test12() throws Exception { // add certificates addCertificates(new File(testBase, "certs/onlyContainsCACertsCACert.crt"), certStoreParams.getCertStore()); addCertificates(new File(testBase, "certs/InvalidonlyContainsCACertsTest12EE.crt"), certStoreParams.getCertStore()); // add crls/*from ww w . ja v a 2 s. c om*/ addCRL(new File(testBase, "crls/TrustAnchorRootCRL.crl"), certStoreParams.getCRLStore()); addCRL(new File(testBase, "crls/onlyContainsCACertsCACRL.crl"), certStoreParams.getCRLStore()); X509CertSelector selector = new X509CertSelector(); selector.setSerialNumber(BigIntegerUtils.hexDecode("1")); selector.setIssuer("CN=onlyContainsCACerts CA, O=Test Certificates, C=US"); PKIXCertPathBuilderResult result = getCertPathBuilderResult(selector); CertPath certPath = result.getCertPath(); TrustAnchor trustAnchor = result.getTrustAnchor(); assertNotNull(trustAnchor); assertEquals("CN=Trust Anchor, O=Test Certificates, C=US", trustAnchor.getTrustedCert().getSubjectX500Principal().toString()); PKIXRevocationChecker revocationChecker = new PKIXRevocationChecker(certStoreParams.getCRLStore()); RevocationResult revocationResult = revocationChecker.getRevocationStatus(certPath, trustAnchor, testDate); assertEquals(RevocationStatus.UNKNOWN, revocationResult.getStatus()); assertEquals(null, revocationResult.getReason()); RevocationDetail[] detail = revocationResult.getDetails(); assertEquals(detail.length, 2); assertEquals(RevocationStatus.UNKNOWN, detail[0].getStatus()); assertEquals(RevocationStatus.NOT_REVOKED, detail[1].getStatus()); }
From source file:mitm.common.security.crl.PKITSTest.java
@Test public void test_4_14_13_Valid_onlyContainsCACerts_CRL_Test13() throws Exception { // add certificates addCertificates(new File(testBase, "certs/onlyContainsCACertsCACert.crt"), certStoreParams.getCertStore()); addCertificates(new File(testBase, "certs/ValidonlyContainsCACertsTest13EE.crt"), certStoreParams.getCertStore()); // add crls/*from w w w. j a v a2 s .c o m*/ addCRL(new File(testBase, "crls/TrustAnchorRootCRL.crl"), certStoreParams.getCRLStore()); addCRL(new File(testBase, "crls/onlyContainsCACertsCACRL.crl"), certStoreParams.getCRLStore()); X509CertSelector selector = new X509CertSelector(); selector.setSerialNumber(BigIntegerUtils.hexDecode("2")); selector.setIssuer("CN=onlyContainsCACerts CA, O=Test Certificates, C=US"); PKIXCertPathBuilderResult result = getCertPathBuilderResult(selector); CertPath certPath = result.getCertPath(); TrustAnchor trustAnchor = result.getTrustAnchor(); assertNotNull(trustAnchor); assertEquals("CN=Trust Anchor, O=Test Certificates, C=US", trustAnchor.getTrustedCert().getSubjectX500Principal().toString()); PKIXRevocationChecker revocationChecker = new PKIXRevocationChecker(certStoreParams.getCRLStore()); RevocationResult revocationResult = revocationChecker.getRevocationStatus(certPath, trustAnchor, testDate); assertEquals(RevocationStatus.NOT_REVOKED, revocationResult.getStatus()); assertEquals(null, revocationResult.getReason()); RevocationDetail[] detail = revocationResult.getDetails(); assertEquals(detail.length, 2); assertEquals(RevocationStatus.NOT_REVOKED, detail[0].getStatus()); assertEquals(RevocationStatus.NOT_REVOKED, detail[1].getStatus()); }
From source file:mitm.common.security.crl.PKITSTest.java
@Test public void test_4_4_4_Invalid_Bad_CRL_Signature_Test4() throws Exception { // add certificates addCertificates(new File(testBase, "certs/BadCRLSignatureCACert.crt"), certStoreParams.getCertStore()); addCertificates(new File(testBase, "certs/InvalidBadCRLSignatureTest4EE.crt"), certStoreParams.getCertStore()); // add crls//from w w w. j av a 2 s . com addCRL(new File(testBase, "crls/TrustAnchorRootCRL.crl"), certStoreParams.getCRLStore()); addCRL(new File(testBase, "crls/BadCRLSignatureCACRL.crl"), certStoreParams.getCRLStore()); X509CertSelector selector = new X509CertSelector(); selector.setSerialNumber(BigIntegerUtils.hexDecode("1")); selector.setIssuer("CN=Bad CRL Signature CA, O=Test Certificates, C=US"); PKIXCertPathBuilderResult result = getCertPathBuilderResult(selector); CertPath certPath = result.getCertPath(); TrustAnchor trustAnchor = result.getTrustAnchor(); assertNotNull(trustAnchor); assertEquals("CN=Trust Anchor, O=Test Certificates, C=US", trustAnchor.getTrustedCert().getSubjectX500Principal().toString()); PKIXRevocationChecker revocationChecker = new PKIXRevocationChecker(certStoreParams.getCRLStore()); RevocationResult revocationResult = revocationChecker.getRevocationStatus(certPath, trustAnchor, testDate); assertEquals(RevocationStatus.UNKNOWN, revocationResult.getStatus()); assertEquals(null, revocationResult.getReason()); RevocationDetail[] detail = revocationResult.getDetails(); assertEquals(detail.length, 2); // unknown because the CRLs signature was invalid and therefore not included in the search assertEquals(RevocationStatus.UNKNOWN, detail[0].getStatus()); assertEquals(RevocationStatus.NOT_REVOKED, detail[1].getStatus()); }