eu.peppol.security.x509.CertificateTest.java Source code

Java tutorial

  1. HOME
  2. Java
  3. eu.peppol.security.x509.CertificateTest.java

Introduction

Here is the source code for eu.peppol.security.x509.CertificateTest.java

Source

/*
 * Copyright 2010-2017 Norwegian Agency for Public Management and eGovernment (Difi)
 *
 * Licensed under the EUPL, Version 1.1 or  as soon they
 * will be approved by the European Commission - subsequent
 * versions of the EUPL (the "Licence");
 *
 * You may not use this work except in compliance with the Licence.
 *
 * You may obtain a copy of the Licence at:
 *
 * https://joinup.ec.europa.eu/community/eupl/og_page/eupl
 *
 * Unless required by applicable law or agreed to in
 * writing, software distributed under the Licence is
 * distributed on an "AS IS" basis,
 * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either
 * express or implied.
 * See the Licence for the specific language governing
 * permissions and limitations under the Licence.
 */

package eu.peppol.security.x509;

import no.difi.oxalis.commons.bouncycastle.BCHelper;
import org.bouncycastle.asn1.x500.X500Name;
import org.bouncycastle.asn1.x509.SubjectPublicKeyInfo;
import org.bouncycastle.cert.X509CertificateHolder;
import org.bouncycastle.cert.X509v3CertificateBuilder;
import org.bouncycastle.cert.jcajce.JcaX509CertificateConverter;
import org.bouncycastle.jce.provider.BouncyCastleProvider;
import org.bouncycastle.operator.ContentSigner;
import org.bouncycastle.operator.OperatorCreationException;
import org.bouncycastle.operator.jcajce.JcaContentSignerBuilder;
import org.testng.annotations.Test;

import java.io.InputStream;
import java.math.BigInteger;
import java.security.*;
import java.security.cert.*;
import java.security.cert.Certificate;
import java.util.Arrays;
import java.util.Date;

import static org.testng.Assert.assertEquals;
import static org.testng.Assert.assertNotNull;

/**
 * @author steinar
 *         Date: 21.05.13
 *         Time: 16:16
 */
public class CertificateTest {

    static {
        BCHelper.registerProvider();
    }

    @Test
    public void loadCertificate() throws Exception {

        InputStream inputStream = CertificateTest.class.getClassLoader()
                .getResourceAsStream("unit4-accesspoint.cer");
        if (inputStream == null) {
            throw new IllegalStateException("Unable to find SR certificate");
        }

        CertificateFactory certificateFactory = CertificateFactory.getInstance("X.509");

        Certificate certificate = certificateFactory.generateCertificate(inputStream);
        assertNotNull(certificate, "No certificate generated");
        assertEquals(certificate.getType(), "X.509");

        X509Certificate x509Certificate = (X509Certificate) certificate;
        x509Certificate.checkValidity(new Date());

        CertPath certPath = certificateFactory.generateCertPath(Arrays.asList(x509Certificate));
        CertPathValidator certPathValidator = CertPathValidator.getInstance("PKIX");
    }

    /**
     * Creates a X509 V3 certificate using Bouncy Castle
     *
     * @throws NoSuchAlgorithmException
     * @throws OperatorCreationException
     * @throws CertificateException
     * @throws NoSuchProviderException
     */
    @Test(enabled = false)
    public void createSampleCertificate() throws NoSuchAlgorithmException, OperatorCreationException,
            CertificateException, NoSuchProviderException {
        KeyPair keyPair = generateKeyPair();

        ContentSigner sigGen = new JcaContentSignerBuilder("SHA256WithRSAEncryption")
                .setProvider(BouncyCastleProvider.PROVIDER_NAME).build(keyPair.getPrivate());

        Date startDate = new Date(System.currentTimeMillis() - 24 * 60 * 60 * 1000);
        Date endDate = new Date(System.currentTimeMillis() + 365 * 24 * 60 * 60 * 1000);

        SubjectPublicKeyInfo subjectPublicKeyInfo = SubjectPublicKeyInfo
                .getInstance(keyPair.getPublic().getEncoded());

        X509v3CertificateBuilder x509v3CertificateBuilder = new X509v3CertificateBuilder(
                new X500Name("CN=AP_UNIT_TEST"), BigInteger.ONE, startDate, endDate,
                new X500Name("CN=AP_UNIT_TEST"), subjectPublicKeyInfo);
        X509CertificateHolder x509CertificateHolder = x509v3CertificateBuilder.build(sigGen);
        X509Certificate cert = new JcaX509CertificateConverter().setProvider(BouncyCastleProvider.PROVIDER_NAME)
                .getCertificate(x509CertificateHolder);

    }

    protected KeyPair generateKeyPair() throws NoSuchAlgorithmException {
        KeyPairGenerator keyPairGenerator = KeyPairGenerator.getInstance("RSA");
        SecureRandom secureRandom = SecureRandom.getInstanceStrong();

        keyPairGenerator.initialize(2048, secureRandom);
        return keyPairGenerator.generateKeyPair();
    }
}