Ejemplo n.º 1
0
  @Test
  public void testTrustStore()
      throws KeyStoreException, CertificateException, NoSuchAlgorithmException, IOException {
    File caPem = getTempFile("ca/cert.pem");
    KeyStore keystore = createKeyStore();

    KeyStoreUtil.updateWithCaPem(keystore, caPem);

    Enumeration<String> aliases = keystore.aliases();
    String alias = aliases.nextElement();
    assertFalse(aliases.hasMoreElements());
    assertTrue(alias.contains("ca.test.jolokia.org"));
    X509Certificate cert = (X509Certificate) keystore.getCertificate(alias);
    cert.checkValidity();
    assertTrue(cert.getSubjectDN().getName().contains(CA_CERT_SUBJECT_DN_CN));
    RSAPublicKey key = (RSAPublicKey) cert.getPublicKey();
    assertEquals(key.getAlgorithm(), "RSA");
  }
Ejemplo n.º 2
0
  @Test
  public void testBoth()
      throws CertificateException, NoSuchAlgorithmException, KeyStoreException, IOException,
          InvalidKeySpecException, InvalidKeyException, NoSuchProviderException,
          SignatureException {
    File caPem = getTempFile("ca/cert.pem");
    File serverPem = getTempFile("server/cert.pem");
    File keyPem = getTempFile("server/key.pem");

    KeyStore keystore = createKeyStore();
    KeyStoreUtil.updateWithCaPem(keystore, caPem);
    KeyStoreUtil.updateWithServerPems(keystore, serverPem, keyPem, "RSA", new char[0]);

    X509Certificate caCert = (X509Certificate) keystore.getCertificate(CA_ALIAS);
    X509Certificate serverCert = (X509Certificate) keystore.getCertificate(SERVER_ALIAS);

    // Check that server cert is signed by ca
    serverCert.verify(caCert.getPublicKey());
  }
Ejemplo n.º 3
0
  @Test
  public void testInvalid()
      throws IOException, CertificateException, NoSuchAlgorithmException, KeyStoreException,
          InvalidKeySpecException {

    for (String file :
        new String[] {"invalid/base64.pem", "invalid/begin.pem", "invalid/end.pem"}) {
      File invalidPem = getTempFile(file);

      KeyStore keystore = createKeyStore();
      try {
        KeyStoreUtil.updateWithCaPem(keystore, invalidPem);
        fail();
      } catch (Exception exp) {
      }
      try {
        KeyStoreUtil.updateWithServerPems(
            keystore, getTempFile("server/cert.pem"), invalidPem, "RSA", new char[0]);
        fail();
      } catch (Exception exp) {
      }
    }
  }