@Test public void shouldValidateCertWithApprovedCriticalExtentions() throws Exception { CriticalExtensionRequiredRule validator = CriticalExtensionRule.requires("2.10.2"); X509Certificate cert = createX509Certificate( new X509ExtensionCustom() { public void setup(X509v3CertificateBuilder v3CertGen) throws CertIOException { v3CertGen.addExtension(new ASN1ObjectIdentifier("2.10.2"), true, new byte[3]); } }); validator.validate(cert); }
@Test(expectedExceptions = FailedValidationException.class) public void shouldInvalidateCertWithACriticalExtentionsThatIsNotApproved() throws Exception { String approvedExtentionList = "2.10.2"; CriticalExtensionRequiredRule validator = CriticalExtensionRule.requires(approvedExtentionList); X509Certificate cert = createX509Certificate( new X509ExtensionCustom() { public void setup(X509v3CertificateBuilder v3CertGen) throws CertIOException { String notApprovedExtention = "2.10.6"; boolean CRITICAL = true; v3CertGen.addExtension( new ASN1ObjectIdentifier(notApprovedExtention), CRITICAL, new byte[3]); } }); validator.validate(cert); }