List of usage examples for org.bouncycastle.jce X509KeyUsage cRLSign
int cRLSign
To view the source code for org.bouncycastle.jce X509KeyUsage cRLSign.
Click Source Link
From source file:org.ejbca.core.protocol.cmp.CrmfRequestTest.java
License:Open Source License
public CrmfRequestTest() throws Exception { this.cmpConfiguration = (CmpConfiguration) this.globalConfigurationSession .getCachedConfiguration(CmpConfiguration.CMP_CONFIGURATION_ID); int keyusage = X509KeyUsage.digitalSignature + X509KeyUsage.keyCertSign + X509KeyUsage.cRLSign; this.testx509ca = CaTestUtils.createTestX509CA(ISSUER_DN, null, false, keyusage); this.caid = this.testx509ca.getCAId(); this.cacert = (X509Certificate) this.testx509ca.getCACertificate(); this.keys = KeyTools.genKeys("512", AlgorithmConstants.KEYALGORITHM_RSA); }
From source file:org.ejbca.core.protocol.cmp.EndEntityCertAuthModuleTest.java
License:Open Source License
public EndEntityCertAuthModuleTest() throws Exception { nonce = CmpMessageHelper.createSenderNonce(); transid = CmpMessageHelper.createSenderNonce(); int keyusage = X509KeyUsage.digitalSignature + X509KeyUsage.keyCertSign + X509KeyUsage.cRLSign; adminca = CaTestUtils.createTestX509CA("CN=" + AUTH_PARAM_CA, "foo123".toCharArray(), false, keyusage); if (!caSession.existsCa(adminca.getCAId())) { caSession.addCA(ADMIN, adminca); }//from w ww .j a va 2s . c o m ra1adminkeys = KeyTools.genKeys("512", AlgorithmConstants.KEYALGORITHM_RSA); AuthenticationToken ra1admin = createAdminToken(ra1adminkeys, RA1_ADMIN, "CN=" + RA1_ADMIN, adminca.getCAId(), SecConst.EMPTY_ENDENTITYPROFILE, CertificateProfileConstants.CERTPROFILE_FIXED_ENDUSER); ra1admincert = getCertFromAuthenticationToken(ra1admin); ra2adminkeys = KeyTools.genKeys("512", AlgorithmConstants.KEYALGORITHM_RSA); AuthenticationToken ra2admin = createAdminToken(ra2adminkeys, RA2_ADMIN, "CN=" + RA2_ADMIN, adminca.getCAId(), SecConst.EMPTY_ENDENTITYPROFILE, CertificateProfileConstants.CERTPROFILE_FIXED_ENDUSER); ra2admincert = getCertFromAuthenticationToken(ra2admin); cmpConfiguration = (CmpConfiguration) globalConfigurationSession .getCachedConfiguration(CmpConfiguration.CMP_CONFIGURATION_ID); }
From source file:org.ejbca.core.protocol.cmp.EndEntityCertAuthModuleTest.java
License:Open Source License
@Override @Before/* www . j a v a 2 s . co m*/ public void setUp() throws Exception { super.setUp(); int keyusage = X509KeyUsage.digitalSignature + X509KeyUsage.keyCertSign + X509KeyUsage.cRLSign; ca1 = CaTestUtils.createTestX509CA("CN=" + CA1, null, false, keyusage); ca2 = CaTestUtils.createTestX509CA("CN=" + CA2, null, false, keyusage); // Add CA, CP and EEP for RA1 if (!caSession.existsCa(ca1.getCAId())) { caSession.addCA(ADMIN, ca1); } if (certProfileSession.getCertificateProfile(CP1) == null) { final CertificateProfile cp = new CertificateProfile( CertificateProfileConstants.CERTPROFILE_FIXED_ENDUSER); List<Integer> availablecas = new ArrayList<Integer>(); availablecas.add(ca1.getCAId()); cp.setAvailableCAs(availablecas); try { certProfileSession.addCertificateProfile(ADMIN, CP1, cp); } catch (CertificateProfileExistsException e) { e.printStackTrace(); fail(e.getMessage()); } } int cp1Id = certProfileSession.getCertificateProfileId(CP1); if (endEntityProfileSession.getEndEntityProfile(EEP1) == null) { final EndEntityProfile eep = new EndEntityProfile(true); eep.setValue(EndEntityProfile.AVAILCERTPROFILES, 0, "" + cp1Id); eep.setValue(EndEntityProfile.DEFAULTCERTPROFILE, 0, "" + cp1Id); eep.setValue(EndEntityProfile.AVAILCAS, 0, "" + ca1.getCAId()); eep.setValue(EndEntityProfile.DEFAULTCA, 0, "" + ca1.getCAId()); try { endEntityProfileSession.addEndEntityProfile(ADMIN, EEP1, eep); } catch (EndEntityProfileExistsException e) { e.printStackTrace(); fail(e.getMessage()); } } final int eepId = endEntityProfileSession.getEndEntityProfileId(EEP1); // Configure CMP alias for RA1 cmpConfiguration.addAlias(RA1_ALIAS); cmpConfiguration.setRAMode(RA1_ALIAS, true); cmpConfiguration.setAuthenticationModule(RA1_ALIAS, CmpConfiguration.AUTHMODULE_ENDENTITY_CERTIFICATE); cmpConfiguration.setAuthenticationParameters(RA1_ALIAS, AUTH_PARAM_CA); cmpConfiguration.setRAEEProfile(RA1_ALIAS, String.valueOf(eepId)); cmpConfiguration.setRACertProfile(RA1_ALIAS, CP1); cmpConfiguration.setRACAName(RA1_ALIAS, CA1); cmpConfiguration.setExtractUsernameComponent(RA1_ALIAS, "CN"); globalConfigurationSession.saveConfiguration(ADMIN, cmpConfiguration); // Add CA, CP and EEP for RA2 if (!caSession.existsCa(ca2.getCAId())) { caSession.addCA(ADMIN, ca2); } if (certProfileSession.getCertificateProfile(CP2) == null) { final CertificateProfile cp = new CertificateProfile( CertificateProfileConstants.CERTPROFILE_FIXED_ENDUSER); List<Integer> availablecas = new ArrayList<Integer>(); availablecas.add(ca2.getCAId()); cp.setAvailableCAs(availablecas); try { certProfileSession.addCertificateProfile(ADMIN, CP2, cp); } catch (CertificateProfileExistsException e) { e.printStackTrace(); fail(e.getMessage()); } } final int cp2Id = certProfileSession.getCertificateProfileId(CP2); if (endEntityProfileSession.getEndEntityProfile(EEP2) == null) { final EndEntityProfile eep = new EndEntityProfile(true); eep.setValue(EndEntityProfile.AVAILCERTPROFILES, 0, "" + cp2Id); eep.setValue(EndEntityProfile.DEFAULTCERTPROFILE, 0, "" + cp2Id); eep.setValue(EndEntityProfile.AVAILCAS, 0, "" + ca2.getCAId()); eep.setValue(EndEntityProfile.DEFAULTCA, 0, "" + ca2.getCAId()); try { endEntityProfileSession.addEndEntityProfile(ADMIN, EEP2, eep); } catch (EndEntityProfileExistsException e) { e.printStackTrace(); fail(e.getMessage()); } } final int eep2Id = endEntityProfileSession.getEndEntityProfileId(EEP2); // Configure CMP alias for RA2 cmpConfiguration.addAlias(RA2_ALIAS); cmpConfiguration.setRAMode(RA2_ALIAS, true); cmpConfiguration.setAuthenticationModule(RA2_ALIAS, CmpConfiguration.AUTHMODULE_ENDENTITY_CERTIFICATE); cmpConfiguration.setAuthenticationParameters(RA2_ALIAS, AUTH_PARAM_CA); cmpConfiguration.setRAEEProfile(RA2_ALIAS, String.valueOf(eep2Id)); cmpConfiguration.setRACertProfile(RA2_ALIAS, CP2); cmpConfiguration.setRACAName(RA2_ALIAS, CA2); cmpConfiguration.setExtractUsernameComponent(RA2_ALIAS, "CN"); globalConfigurationSession.saveConfiguration(ADMIN, cmpConfiguration); // Create AdminRoles for RA1 and RA2 RoleData ra1role = roleManagementSession.create(ADMIN, RA1_ADMIN_ROLE); RoleData ra2role = roleManagementSession.create(ADMIN, RA2_ADMIN_ROLE); // Add Admins to roles RA1 and RA2 List<AccessUserAspectData> accessUsers = new ArrayList<AccessUserAspectData>(); accessUsers.add(new AccessUserAspectData(RA1_ADMIN_ROLE, adminca.getCAId(), X500PrincipalAccessMatchValue.WITH_COMMONNAME, AccessMatchType.TYPE_EQUALCASEINS, RA1_ADMIN)); roleManagementSession.addSubjectsToRole(ADMIN, ra1role, accessUsers); accessUsers = new ArrayList<AccessUserAspectData>(); accessUsers.add(new AccessUserAspectData(RA2_ADMIN_ROLE, adminca.getCAId(), X500PrincipalAccessMatchValue.WITH_COMMONNAME, AccessMatchType.TYPE_EQUALCASEINS, RA2_ADMIN)); roleManagementSession.addSubjectsToRole(ADMIN, ra2role, accessUsers); int eep1id = endEntityProfileSession.getEndEntityProfileId(EEP1); // Add access rules to roles List<AccessRuleData> accessRules = new ArrayList<AccessRuleData>(); accessRules.add(new AccessRuleData(RA1_ADMIN_ROLE, AccessRulesConstants.ROLE_ADMINISTRATOR, AccessRuleState.RULE_ACCEPT, false)); accessRules.add(new AccessRuleData(RA1_ADMIN_ROLE, AccessRulesConstants.REGULAR_VIEWCERTIFICATE, AccessRuleState.RULE_ACCEPT, false)); accessRules.add(new AccessRuleData(RA1_ADMIN_ROLE, StandardRules.CREATECERT.resource(), AccessRuleState.RULE_ACCEPT, false)); accessRules.add(new AccessRuleData(RA1_ADMIN_ROLE, AccessRulesConstants.REGULAR_VIEWENDENTITY, AccessRuleState.RULE_ACCEPT, false)); accessRules.add(new AccessRuleData(RA1_ADMIN_ROLE, AccessRulesConstants.REGULAR_CREATEENDENTITY, AccessRuleState.RULE_ACCEPT, false)); accessRules.add(new AccessRuleData(RA1_ADMIN_ROLE, AccessRulesConstants.REGULAR_EDITENDENTITY, AccessRuleState.RULE_ACCEPT, false)); accessRules.add(new AccessRuleData(RA1_ADMIN_ROLE, AccessRulesConstants.REGULAR_DELETEENDENTITY, AccessRuleState.RULE_ACCEPT, false)); accessRules.add(new AccessRuleData(RA1_ADMIN_ROLE, AccessRulesConstants.REGULAR_REVOKEENDENTITY, AccessRuleState.RULE_ACCEPT, false)); accessRules.add(new AccessRuleData(RA1_ADMIN_ROLE, AccessRulesConstants.REGULAR_VIEWENDENTITYHISTORY, AccessRuleState.RULE_ACCEPT, false)); accessRules.add(new AccessRuleData(RA1_ADMIN_ROLE, StandardRules.CAACCESS.resource() + ca1.getCAId(), AccessRuleState.RULE_ACCEPT, false)); accessRules.add(new AccessRuleData(RA1_ADMIN_ROLE, AccessRulesConstants.ENDENTITYPROFILEPREFIX + eep1id, AccessRuleState.RULE_ACCEPT, false)); accessRules.add(new AccessRuleData(RA1_ADMIN_ROLE, AccessRulesConstants.ENDENTITYPROFILEPREFIX + eep1id + AccessRulesConstants.VIEW_END_ENTITY, AccessRuleState.RULE_ACCEPT, false)); accessRules.add(new AccessRuleData(RA1_ADMIN_ROLE, AccessRulesConstants.ENDENTITYPROFILEPREFIX + eep1id + AccessRulesConstants.EDIT_END_ENTITY, AccessRuleState.RULE_ACCEPT, false)); accessRules.add(new AccessRuleData(RA1_ADMIN_ROLE, AccessRulesConstants.ENDENTITYPROFILEPREFIX + eep1id + AccessRulesConstants.CREATE_END_ENTITY, AccessRuleState.RULE_ACCEPT, false)); accessRules.add(new AccessRuleData(RA1_ADMIN_ROLE, AccessRulesConstants.ENDENTITYPROFILEPREFIX + eep1id + AccessRulesConstants.DELETE_END_ENTITY, AccessRuleState.RULE_ACCEPT, false)); accessRules.add(new AccessRuleData(RA1_ADMIN_ROLE, AccessRulesConstants.ENDENTITYPROFILEPREFIX + eep1id + AccessRulesConstants.REVOKE_END_ENTITY, AccessRuleState.RULE_ACCEPT, false)); accessRules.add(new AccessRuleData(RA1_ADMIN_ROLE, AccessRulesConstants.ENDENTITYPROFILEPREFIX + eep1id + AccessRulesConstants.VIEW_END_ENTITY_HISTORY, AccessRuleState.RULE_ACCEPT, false)); roleManagementSession.addAccessRulesToRole(ADMIN, ra1role, accessRules); int eep2id = endEntityProfileSession.getEndEntityProfileId(EEP2); accessRules = new ArrayList<AccessRuleData>(); accessRules.add(new AccessRuleData(RA2_ADMIN_ROLE, AccessRulesConstants.ROLE_ADMINISTRATOR, AccessRuleState.RULE_ACCEPT, false)); accessRules.add(new AccessRuleData(RA2_ADMIN_ROLE, AccessRulesConstants.REGULAR_VIEWCERTIFICATE, AccessRuleState.RULE_ACCEPT, false)); accessRules.add(new AccessRuleData(RA2_ADMIN_ROLE, StandardRules.CREATECERT.resource(), AccessRuleState.RULE_ACCEPT, false)); accessRules.add(new AccessRuleData(RA2_ADMIN_ROLE, AccessRulesConstants.REGULAR_VIEWENDENTITY, AccessRuleState.RULE_ACCEPT, false)); accessRules.add(new AccessRuleData(RA2_ADMIN_ROLE, AccessRulesConstants.REGULAR_CREATEENDENTITY, AccessRuleState.RULE_ACCEPT, false)); accessRules.add(new AccessRuleData(RA2_ADMIN_ROLE, AccessRulesConstants.REGULAR_EDITENDENTITY, AccessRuleState.RULE_ACCEPT, false)); accessRules.add(new AccessRuleData(RA2_ADMIN_ROLE, AccessRulesConstants.REGULAR_DELETEENDENTITY, AccessRuleState.RULE_ACCEPT, false)); accessRules.add(new AccessRuleData(RA2_ADMIN_ROLE, AccessRulesConstants.REGULAR_REVOKEENDENTITY, AccessRuleState.RULE_ACCEPT, false)); accessRules.add(new AccessRuleData(RA2_ADMIN_ROLE, AccessRulesConstants.REGULAR_VIEWENDENTITYHISTORY, AccessRuleState.RULE_ACCEPT, false)); accessRules.add(new AccessRuleData(RA2_ADMIN_ROLE, StandardRules.CAACCESS.resource() + ca2.getCAId(), AccessRuleState.RULE_ACCEPT, false)); accessRules.add(new AccessRuleData(RA2_ADMIN_ROLE, AccessRulesConstants.ENDENTITYPROFILEPREFIX + eep2id, AccessRuleState.RULE_ACCEPT, false)); accessRules.add(new AccessRuleData(RA2_ADMIN_ROLE, AccessRulesConstants.ENDENTITYPROFILEPREFIX + eep2id + AccessRulesConstants.VIEW_END_ENTITY, AccessRuleState.RULE_ACCEPT, false)); accessRules.add(new AccessRuleData(RA2_ADMIN_ROLE, AccessRulesConstants.ENDENTITYPROFILEPREFIX + eep2id + AccessRulesConstants.EDIT_END_ENTITY, AccessRuleState.RULE_ACCEPT, false)); accessRules.add(new AccessRuleData(RA2_ADMIN_ROLE, AccessRulesConstants.ENDENTITYPROFILEPREFIX + eep2id + AccessRulesConstants.CREATE_END_ENTITY, AccessRuleState.RULE_ACCEPT, false)); accessRules.add(new AccessRuleData(RA2_ADMIN_ROLE, AccessRulesConstants.ENDENTITYPROFILEPREFIX + eep2id + AccessRulesConstants.DELETE_END_ENTITY, AccessRuleState.RULE_ACCEPT, false)); accessRules.add(new AccessRuleData(RA2_ADMIN_ROLE, AccessRulesConstants.ENDENTITYPROFILEPREFIX + eep2id + AccessRulesConstants.REVOKE_END_ENTITY, AccessRuleState.RULE_ACCEPT, false)); accessRules.add(new AccessRuleData(RA2_ADMIN_ROLE, AccessRulesConstants.ENDENTITYPROFILEPREFIX + eep2id + AccessRulesConstants.VIEW_END_ENTITY_HISTORY, AccessRuleState.RULE_ACCEPT, false)); roleManagementSession.addAccessRulesToRole(ADMIN, ra2role, accessRules); }
From source file:org.ejbca.core.protocol.cmp.NestedMessageContentTest.java
License:Open Source License
public NestedMessageContentTest() throws Exception { this.cmpConfiguration = (CmpConfiguration) this.globalConfigurationSession .getCachedConfiguration(CmpConfiguration.CMP_CONFIGURATION_ID); this.issuerDN = "CN=TestCA"; int keyusage = X509KeyUsage.digitalSignature + X509KeyUsage.keyCertSign + X509KeyUsage.cRLSign; this.testx509ca = CaTestUtils.createTestX509CA(this.issuerDN, null, false, keyusage); this.caid = this.testx509ca.getCAId(); this.cacert = this.testx509ca.getCACertificate(); }
From source file:org.ejbca.ui.cli.ca.CaImportCaCertCommandTest.java
License:Open Source License
@Before public void setUp() throws Exception { temp = File.createTempFile("chain", ".pem"); caInitCommand = new CaInitCommand(); caImportCaCertCommand = new CaImportCACertCommand(); CaTestCase.removeTestCA(CA_NAME);//from w w w . j av a 2 s . c om // Create a handmade External CA KeyPair keys = KeyTools.genKeys("1024", "RSA"); X509Certificate externalCACert = CertTools.genSelfCert("CN=External CA", 365, null, keys.getPrivate(), keys.getPublic(), AlgorithmConstants.SIGALG_SHA1_WITH_RSA, true); ArrayList<Certificate> mylist = new ArrayList<Certificate>(); mylist.add(externalCACert); FileOutputStream fos = new FileOutputStream(temp); fos.write(CertTools.getPemFromCertificateChain(mylist)); fos.close(); SIGNED_BY_EXTERNAL_ARGS[SIGNED_BY_EXTERNAL_ARGS.length - 1] = temp.getAbsolutePath(); assertEquals(CommandResult.SUCCESS, caInitCommand.execute(SIGNED_BY_EXTERNAL_ARGS)); CAInfo cainfo = caSession.getCAInfo(admin, CA_NAME); assertNotNull("CA signed by external CA was not created.", cainfo); assertEquals( "Creating a CA signed by an external CA should initially create it in status 'waiting for certificate response'", CAConstants.CA_WAITING_CERTIFICATE_RESPONSE, cainfo.getStatus()); // Read the generated CSR, requires knowledge of what filename it creates byte[] bytes = FileTools.readFiletoBuffer(CA_NAME + "_csr.der"); PKCS10RequestMessage msg = new PKCS10RequestMessage(bytes); // Create a new certificate with the subjectDN and publicKey from the request Date firstDate = new Date(); Date lastDate = new Date(); lastDate.setTime(lastDate.getTime() + (365 * (24 * 60 * 60 * 1000))); byte[] serno = new byte[8]; Random random = new Random(); random.setSeed(firstDate.getTime()); random.nextBytes(serno); final SubjectPublicKeyInfo pkinfo = SubjectPublicKeyInfo .getInstance(msg.getRequestPublicKey().getEncoded()); X509v3CertificateBuilder certbuilder = new X509v3CertificateBuilder( CertTools.stringToBcX500Name(externalCACert.getSubjectDN().toString()), new BigInteger(serno).abs(), firstDate, lastDate, CertTools.stringToBcX500Name(msg.getRequestDN()), pkinfo); BasicConstraints bc = new BasicConstraints(true); certbuilder.addExtension(Extension.basicConstraints, true, bc); X509KeyUsage ku = new X509KeyUsage(X509KeyUsage.keyCertSign + X509KeyUsage.cRLSign); certbuilder.addExtension(Extension.keyUsage, true, ku); final ContentSigner signer = new BufferingContentSigner(new JcaContentSignerBuilder("SHA1WithRSA") .setProvider(BouncyCastleProvider.PROVIDER_NAME).build(keys.getPrivate()), 20480); final X509CertificateHolder certHolder = certbuilder.build(signer); cert = CertTools.getCertfromByteArray(certHolder.getEncoded(), X509Certificate.class); }
From source file:org.ejbca.ui.cli.ca.CaInitCommandTest.java
License:Open Source License
/** Test happy path for creating a CA signed by an external CA. */ @Test/*from w w w .jav a 2 s . c o m*/ public void testCASignedByExternal() throws Exception { // Create a handmade External CA KeyPair keys = KeyTools.genKeys("1024", "RSA"); X509Certificate externalCACert = CertTools.genSelfCert("CN=External CA", 365, null, keys.getPrivate(), keys.getPublic(), AlgorithmConstants.SIGALG_SHA1_WITH_RSA, true); final String fp1 = CertTools.getFingerprintAsString(externalCACert); String fp2 = null; File temp = File.createTempFile("chain", ".pem"); File csr = new File(CA_NAME + "_csr.der"); File certfile = new File(CA_NAME + "_cert.der"); try { ArrayList<Certificate> mylist = new ArrayList<Certificate>(); mylist.add(externalCACert); FileOutputStream fos = new FileOutputStream(temp); fos.write(CertTools.getPemFromCertificateChain(mylist)); fos.close(); SIGNED_BY_EXTERNAL_ARGS[SIGNED_BY_EXTERNAL_ARGS.length - 1] = temp.getAbsolutePath(); assertEquals(CommandResult.SUCCESS, caInitCommand.execute(SIGNED_BY_EXTERNAL_ARGS)); CAInfo cainfo = caSession.getCAInfo(admin, CA_NAME); assertNotNull("CA signed by external CA was not created.", cainfo); assertEquals( "Creating a CA signed by an external CA should initially create it in status 'waiting for certificate response'", CAConstants.CA_WAITING_CERTIFICATE_RESPONSE, cainfo.getStatus()); // Read the generated CSR, requires knowledge of what filename it creates byte[] bytes = FileTools.readFiletoBuffer(CA_NAME + "_csr.der"); PKCS10RequestMessage msg = new PKCS10RequestMessage(bytes); // Create a new certificate with the subjectDN and publicKey from the request Date firstDate = new Date(); Date lastDate = new Date(); lastDate.setTime(lastDate.getTime() + (365 * (24 * 60 * 60 * 1000))); byte[] serno = new byte[8]; Random random = new Random(); random.setSeed(firstDate.getTime()); random.nextBytes(serno); final SubjectPublicKeyInfo pkinfo = new SubjectPublicKeyInfo( (ASN1Sequence) ASN1Primitive.fromByteArray(msg.getRequestPublicKey().getEncoded())); X509v3CertificateBuilder certbuilder = new X509v3CertificateBuilder( CertTools.stringToBcX500Name(externalCACert.getSubjectDN().toString()), new java.math.BigInteger(serno).abs(), firstDate, lastDate, CertTools.stringToBcX500Name(msg.getRequestDN()), pkinfo); BasicConstraints bc = new BasicConstraints(true); certbuilder.addExtension(Extension.basicConstraints, true, bc); X509KeyUsage ku = new X509KeyUsage(X509KeyUsage.keyCertSign + X509KeyUsage.cRLSign); certbuilder.addExtension(Extension.keyUsage, true, ku); final ContentSigner signer = new BufferingContentSigner(new JcaContentSignerBuilder("SHA1WithRSA") .setProvider(BouncyCastleProvider.PROVIDER_NAME).build(keys.getPrivate()), 20480); final X509CertificateHolder certHolder = certbuilder.build(signer); final X509Certificate cert = (X509Certificate) CertTools.getCertfromByteArray(certHolder.getEncoded()); fp2 = CertTools.getFingerprintAsString(cert); // Now we have issued a certificate, import it mylist = new ArrayList<Certificate>(); mylist.add(cert); fos = new FileOutputStream(certfile); fos.write(CertTools.getPemFromCertificateChain(mylist)); fos.close(); IMPORT_SIGNED_BY_EXTERNAL_ARGS[IMPORT_SIGNED_BY_EXTERNAL_ARGS.length - 1] = certfile.getAbsolutePath(); assertEquals(CommandResult.SUCCESS, caImportCaCertCommand.execute(IMPORT_SIGNED_BY_EXTERNAL_ARGS)); cainfo = caSession.getCAInfo(admin, CA_NAME); assertNotNull("CA signed by external CA does not exist.", cainfo); assertEquals( "importing a certificate to a CA signed by an external CA should result in status 'active'", CAConstants.CA_ACTIVE, cainfo.getStatus()); } finally { temp.deleteOnExit(); csr.deleteOnExit(); certfile.deleteOnExit(); // Clean up imported certificates from database internalCertStoreSession.removeCertificate(fp1); internalCertStoreSession.removeCertificate(fp2); } }
From source file:org.ejbca.ui.cli.ra.AddEndEntityCommandTest.java
License:Open Source License
@Before public void setUp() throws Exception { int keyusage = X509KeyUsage.digitalSignature + X509KeyUsage.keyCertSign + X509KeyUsage.cRLSign; testx509ca = CaTestUtils.createTestX509CA("CN=" + CA_NAME, null, false, keyusage); caSession.addCA(admin, testx509ca);//from w w w . ja v a2s.com command0 = new AddEndEntityCommand(); command1 = new SetPasswordCommand(); command2 = new SetCleartextPasswordCommand(); }
From source file:org.ejbca.ui.cli.ra.RenameEndEntityCommandTest.java
License:Open Source License
@Before public void setUp() throws Exception { final int keyusage = X509KeyUsage.digitalSignature + X509KeyUsage.keyCertSign + X509KeyUsage.cRLSign; testx509ca = CaTestUtils.createTestX509CA("CN=" + CA_NAME, null, false, keyusage); caSession.addCA(admin, testx509ca);/*ww w . j a va2s.c o m*/ renameEndEntityCommand = new RenameEndEntityCommand(); }
From source file:org.ejbca.ui.cli.roles.RemoveAdminCommandTest.java
License:Open Source License
@Test public void testRemoveAccessUser() throws Exception { int keyusage = X509KeyUsage.digitalSignature + X509KeyUsage.keyCertSign + X509KeyUsage.cRLSign; CA testx509ca = CaTestUtils.createTestX509CA("CN=TestCA", null, false, keyusage); final int caId = testx509ca.getCAId(); caSession.addCA(internalAdmin, testx509ca); Collection<AccessUserAspectData> subjects = new ArrayList<AccessUserAspectData>(); final String matchValue = "foo"; subjects.add(new AccessUserAspectData(ROLENAME, caId, X500PrincipalAccessMatchValue.WITH_COMMONNAME, AccessMatchType.TYPE_EQUALCASE, matchValue)); roleManagementSession.addSubjectsToRole(internalAdmin, role, subjects); String[] args = { ROLENAME, "TestCA", "WITH_COMMONNAME", "TYPE_EQUALCASE", "foo" }; command.execute(args);/*from w w w .j av a2s . c o m*/ assertNull("User aspect was not removed via CLI command", accessUserAspectManagerTestSession.find(AccessUserAspectData.generatePrimaryKey(ROLENAME, caId, X500PrincipalAccessMatchValue.WITH_COMMONNAME, AccessMatchType.TYPE_EQUALCASE, matchValue))); CryptoTokenTestUtils.removeCryptoToken(null, testx509ca.getCAToken().getCryptoTokenId()); caSession.removeCA(internalAdmin, caId); }
From source file:org.ejbca.ui.web.pub.HttpMethodsTest.java
License:Open Source License
@Before public void setUp() throws Exception { httpHost = SystemTestsConfiguration.getRemoteHost("127.0.0.1"); httpPort = SystemTestsConfiguration/*from w w w. j av a 2s . c o m*/ .getRemotePortHttp(configurationSession.getProperty(WebConfiguration.CONFIG_HTTPSERVERPUBHTTP)); httpBaseUrl = "http://" + httpHost + ":" + httpPort; int keyusage = X509KeyUsage.digitalSignature + X509KeyUsage.keyCertSign + X509KeyUsage.cRLSign; testx509ca = CaTestUtils.createTestX509CA("CN=TestCA", null, false, keyusage); caSession.addCA(admin, testx509ca); }