@Test
public void testDefaultPwdOrNot() throws Exception {
CryptoToken catoken = createSoftToken(true);
// Should not work, we need to activate
try {
catoken.generateKeyPair("1024", "foo");
assertTrue("Should throw", false);
} catch (CryptoTokenOfflineException e) {
// NOPMD
}
catoken.activate("bar123".toCharArray());
catoken.generateKeyPair("1024", "foo");
KeyTools.testKey(catoken.getPrivateKey("foo"), catoken.getPublicKey("foo"), null);
// Use default password
catoken = createSoftToken(false);
// Should work, auto-password
catoken.generateKeyPair("1024", "foo");
KeyTools.testKey(catoken.getPrivateKey("foo"), catoken.getPublicKey("foo"), null);
catoken.deactivate();
// Should still work, auto-password
catoken.generateKeyPair("1024", "foo");
KeyTools.testKey(catoken.getPrivateKey("foo"), catoken.getPublicKey("foo"), null);
// Should not work, wrong password, default is foo123
try {
catoken.activate("bar123".toCharArray());
assertTrue("should throw", false);
} catch (CryptoTokenAuthenticationFailedException e) {
// NOPMD
}
catoken.activate("foo123".toCharArray());
catoken.generateKeyPair("1024", "foo");
KeyTools.testKey(catoken.getPrivateKey("foo"), catoken.getPublicKey("foo"), null);
}
@BeforeClass
public static void beforeClass() throws Exception {
CryptoProviderTools.installBCProvider();
// Set up base role that can edit roles
setUpAuthTokenAndRole(PublishingCrlSessionTest.class.getSimpleName());
keys = KeyTools.genKeys("512", AlgorithmConstants.KEYALGORITHM_RSA);
testx509ca = CaTestUtils.createTestX509CA(X509CADN, null, false);
}
private void createCertificate(int certificateProfileId) throws Exception {
KeyPair keys = KeyTools.genKeys("1024", "RSA");
cert =
(X509Certificate)
signSession.createCertificate(
admin,
USERNAME,
PASSWORD,
new PublicKeyWrapper(keys.getPublic()),
-1,
null,
null,
certificateProfileId,
SecConst.CAID_USEUSERDEFINED);
certificatesToRemove.add(cert);
fingerprint = CertTools.getFingerprintAsString(cert);
X509Certificate ce =
(X509Certificate) certificateStoreSession.findCertificateByFingerprint(fingerprint);
if (ce == null) {
throw new Exception("Cannot find certificate with fp=" + fingerprint);
}
info = certificateStoreSession.getCertificateInfo(fingerprint);
if (!fingerprint.equals(info.getFingerprint())) {
throw new Exception("fingerprint does not match.");
}
if (!cert.getSerialNumber().equals(info.getSerialNumber())) {
throw new Exception("serialnumber does not match.");
}
if (!CertTools.getIssuerDN(cert).equals(info.getIssuerDN())) {
throw new Exception("issuerdn does not match.");
}
if (!CertTools.getSubjectDN(cert).equals(info.getSubjectDN())) {
throw new Exception("subjectdn does not match.");
}
// The cert was just stored above with status INACTIVE
if (!(CertificateConstants.CERT_ACTIVE == info.getStatus())) {
throw new Exception("status does not match.");
}
}
