コード例 #1
0
  @Test
  public void addSubjectKeyIdentifierFieldTest() {
    Boolean CRITICAL = false;

    profile =
        testSupport.createEmptyProfile(
            "addSubjectKeyIdentifierFieldTest", TestConst.PROFILE_DESCRIPTION);
    BaseCertificateField subjectKeyIdentifier = new SubjectKeyIdentifierField(profile, CRITICAL);
    profile.addField(subjectKeyIdentifier);

    certificateProfileService.saveProfile(profile);

    profile = certificateProfileService.getProfile(profile);
    subjectKeyIdentifier = profile.getField(FieldType.SUBJECT_KEY_IDENTIFIER);
    assertNotNull(subjectKeyIdentifier);
    assertEquals(CRITICAL, subjectKeyIdentifier.getCritical());
  }
コード例 #2
0
  @Test
  public void addExtendedKeyUsageFieldTest() {
    Boolean CRITICAL = true;
    profile =
        testSupport.createEmptyProfile(
            "addExtendedKeyUsageFieldTest", TestConst.PROFILE_DESCRIPTION);
    BaseCertificateField extendedKeyUsageField = new ExtendedKeyUsageField(profile, CRITICAL);
    extendedKeyUsageField.addValue(
        new ExtendedKeyUsageFieldValue(ExtendedKeyUsageType.ID_KP_CODE_SIGNING));
    extendedKeyUsageField.addValue(
        new ExtendedKeyUsageFieldValue(ExtendedKeyUsageType.ID_KP_IPSEC_IKE));
    profile.addField(extendedKeyUsageField);
    certificateProfileService.saveProfile(profile);

    profile = certificateProfileService.getProfile(profile);
    extendedKeyUsageField = profile.getField(FieldType.EXTENDED_KEY_USAGE);

    assertEquals(CRITICAL, extendedKeyUsageField.getCritical());
    for (int i = 0; i < extendedKeyUsageField.getValues().size(); i++) {
      if ((((ExtendedKeyUsageFieldValue) extendedKeyUsageField.getValues().get(i))
                  .getExtendedKeyUsage()
              != ExtendedKeyUsageType.ID_KP_CODE_SIGNING)
          && (((ExtendedKeyUsageFieldValue) extendedKeyUsageField.getValues().get(i))
                  .getExtendedKeyUsage()
              != ExtendedKeyUsageType.ID_KP_IPSEC_IKE)) {
        fail();
      }
    }
  }
コード例 #3
0
  @Test
  public void addNetscapeCertificateTypeFieldTest() {

    Boolean CRITICAL = true;
    profile =
        testSupport.createEmptyProfile(
            "addNetscapeCertificateTypeFieldTest", TestConst.PROFILE_DESCRIPTION);
    BaseCertificateField netscapeCertificateTypeField =
        new NetscapeCertificateTypeField(profile, CRITICAL);
    netscapeCertificateTypeField.addValue(
        new NetscapeCertificateTypeFieldValue(NetscapeCertificateTypeType.OBJECT_SIGNING));
    netscapeCertificateTypeField.addValue(
        new NetscapeCertificateTypeFieldValue(NetscapeCertificateTypeType.SMIME));
    profile.addField(netscapeCertificateTypeField);
    certificateProfileService.saveProfile(profile);

    profile = certificateProfileService.getProfile(profile);
    netscapeCertificateTypeField = profile.getField(FieldType.NETSCAPE_CERTIFICATE_TYPE);

    assertEquals(CRITICAL, netscapeCertificateTypeField.getCritical());
    for (int i = 0; i < netscapeCertificateTypeField.getValues().size(); i++) {
      if ((((NetscapeCertificateTypeFieldValue) netscapeCertificateTypeField.getValues().get(i))
                  .getNetscapeCertificateType()
              != NetscapeCertificateTypeType.OBJECT_SIGNING)
          && (((NetscapeCertificateTypeFieldValue) netscapeCertificateTypeField.getValues().get(i))
                  .getNetscapeCertificateType()
              != NetscapeCertificateTypeType.SMIME)) {
        fail();
      }
    }
  }
コード例 #4
0
  @Test
  public void addAuthorityKeyIdentifierFieldTest() {
    Boolean CRITICAL = false;
    profile =
        testSupport.createEmptyProfile(
            "addAuthorityKeyIdentifierFieldTest", TestConst.PROFILE_DESCRIPTION);

    BaseCertificateField authorityKeyIdentifier =
        new AuthorityKeyIdentifierField(profile, CRITICAL);
    authorityKeyIdentifier.addValue(
        new AuthorityKeyIdentifierFieldValue(AuthorityKeyIdentifierType.KEY_IDENTIFIER));
    authorityKeyIdentifier.addValue(
        new AuthorityKeyIdentifierFieldValue(
            AuthorityKeyIdentifierType.AUTH_CERT_ISSUER_AUTH_CERT_SERIAL_NUMBER));
    profile.addField(authorityKeyIdentifier);
    certificateProfileService.saveProfile(profile);

    profile = certificateProfileService.getProfile(profile);
    authorityKeyIdentifier = profile.getField(FieldType.AUTHORITY_KEY_IDENTIFIER);
    assertEquals(CRITICAL, authorityKeyIdentifier.getCritical());
    assertEquals(2, authorityKeyIdentifier.getValues().size());

    for (int i = 0; i < authorityKeyIdentifier.getValues().size(); i++) {
      AuthorityKeyIdentifierFieldValue aiaFieldValue =
          (AuthorityKeyIdentifierFieldValue) authorityKeyIdentifier.getValues().get(i);

      if (aiaFieldValue.getAuthorityKeyIdentifier() == AuthorityKeyIdentifierType.KEY_IDENTIFIER) {
        continue;
      } else if (aiaFieldValue.getAuthorityKeyIdentifier()
          == AuthorityKeyIdentifierType.AUTH_CERT_ISSUER_AUTH_CERT_SERIAL_NUMBER) {
        continue;
      }
      fail();
    }
  }
コード例 #5
0
  @Test
  public void addAIAFieldTest() {

    Boolean CRITICAL = false;

    profile = testSupport.createEmptyProfile("addAIAFieldTest", TestConst.PROFILE_DESCRIPTION);

    BaseCertificateField authorityInformationAccess =
        new AuthorityInformationAccessField(profile, CRITICAL);
    authorityInformationAccess.addValue(
        new AuthorityInformationAccessFieldValue(AIAType.ID_AD_OCSP, TestConst.AIA_OCSP_URL));
    authorityInformationAccess.addValue(
        new AuthorityInformationAccessFieldValue(AIAType.ID_AD_CA_ISSUERS, TestConst.AIA_CA_URL));
    profile.addField(authorityInformationAccess);
    certificateProfileService.saveProfile(profile);

    profile = certificateProfileService.getProfile(profile);
    authorityInformationAccess = profile.getField(FieldType.AUTHORITY_INFORMATION_ACCESS);
    assertEquals(CRITICAL, authorityInformationAccess.getCritical());
    assertEquals(2, authorityInformationAccess.getValues().size());

    for (int i = 0; i < authorityInformationAccess.getValues().size(); i++) {
      AuthorityInformationAccessFieldValue aiaFieldValue =
          (AuthorityInformationAccessFieldValue) authorityInformationAccess.getValues().get(i);

      if (aiaFieldValue.getAiaType() == AIAType.ID_AD_OCSP) {
        assertEquals(TestConst.AIA_OCSP_URL, aiaFieldValue.getAiaValue());
        continue;
      } else if (aiaFieldValue.getAiaType() == AIAType.ID_AD_CA_ISSUERS) {
        assertEquals(TestConst.AIA_CA_URL, aiaFieldValue.getAiaValue());
        continue;
      }
      fail();
    }
  }
コード例 #6
0
  @Test
  public void addQualifiedCertificateStatementsTest() {
    Boolean CRITICAL = false;
    String CURRENCY_CODE = "EUR";
    Integer VALUE = 100;

    profile = testSupport.createEmptyProfile("addQCStatementsTest", TestConst.PROFILE_DESCRIPTION);
    BaseCertificateField qcStatements = new QCStatementField(profile, CRITICAL);
    qcStatements.addValue(new QCStatementFieldValue(QCStatementType.ID_QCS_PKIXQCSYNTAX_V1));
    qcStatements.addValue(
        new QCStatementFieldValue(QCStatementType.ID_ETSI_QCS_LIMITE_VALUE, CURRENCY_CODE, VALUE));

    profile.addField(qcStatements);
    certificateProfileService.saveProfile(profile);

    profile = certificateProfileService.getProfile(profile);
    qcStatements = profile.getField(FieldType.QUALIFIED_CERTIFICATE_STATEMENT);

    assertEquals(CRITICAL, qcStatements.getCritical());
    for (int i = 0; i < qcStatements.getValues().size(); i++) {
      QCStatementFieldValue qcsValue = (QCStatementFieldValue) qcStatements.getValues().get(i);
      if ((qcsValue.getQCStatement() != QCStatementType.ID_QCS_PKIXQCSYNTAX_V1)
          && (qcsValue.getQCStatement() != QCStatementType.ID_ETSI_QCS_LIMITE_VALUE)) {
        fail();
      } else {
        if (qcsValue.getQCStatement() == QCStatementType.ID_ETSI_QCS_LIMITE_VALUE) {
          assertEquals(CURRENCY_CODE, qcsValue.getCurrencyCode());
          assertEquals(VALUE, qcsValue.getLimiteValue());
        }
      }
    }
  }
コード例 #7
0
  @Test
  public void addBasicConstraintTest() {
    Boolean CRITICAL = false;
    Boolean ISCA = false;
    Integer PATH_LENGTH = 0;
    profile =
        testSupport.createEmptyProfile(
            "addCertificatePolicyFieldTest", TestConst.PROFILE_DESCRIPTION);

    BaseCertificateField basicConstraint =
        new BasicConstraintField(profile, ISCA, PATH_LENGTH, CRITICAL);

    profile.addField(basicConstraint);
    certificateProfileService.saveProfile(profile);

    profile = certificateProfileService.getProfile(profile);
    basicConstraint = profile.getField(FieldType.BASIC_CONSTRAINT);

    assertEquals(ISCA, ((BasicConstraintField) basicConstraint).getIsCA());
    assertEquals(PATH_LENGTH, ((BasicConstraintField) basicConstraint).getPathLength());
    assertEquals(CRITICAL, basicConstraint.getCritical());
  }
コード例 #8
0
  @Test
  public void addSubjectDirectoryAttributesFieldTest() {
    Boolean CRITICAL = false;
    String RESIDENCE_COUNTRY_CODE = "ES";
    String NATIVE_COUNTRY_CODE = "UK";
    profile =
        testSupport.createEmptyProfile(
            "addSubjectDirectoryAttributesFieldTest", TestConst.PROFILE_DESCRIPTION);

    BaseCertificateField subjectDirectoryAttributes =
        new SubjectDirectoryAttributeField(profile, CRITICAL);
    subjectDirectoryAttributes.addValue(
        new SubjectDirectoryAttributeFieldValue(
            SubjectDirectoryAttributeType.COUNTRY_OF_CITIZENSHIP, RESIDENCE_COUNTRY_CODE));
    subjectDirectoryAttributes.addValue(
        new SubjectDirectoryAttributeFieldValue(
            SubjectDirectoryAttributeType.COUNTRY_OF_RESIDENCE, NATIVE_COUNTRY_CODE));
    profile.addField(subjectDirectoryAttributes);

    certificateProfileService.saveProfile(profile);

    profile = certificateProfileService.getProfile(profile);
    subjectDirectoryAttributes = profile.getField(FieldType.SUBJECT_DIRECTORY_ATTRIBUTE);

    for (int i = 0; i < subjectDirectoryAttributes.getValues().size(); i++) {
      SubjectDirectoryAttributeFieldValue sdaFieldValue =
          (SubjectDirectoryAttributeFieldValue) subjectDirectoryAttributes.getValues().get(i);
      if (sdaFieldValue.getSubjectDirectoryAttribute()
          == SubjectDirectoryAttributeType.COUNTRY_OF_CITIZENSHIP) {
        assertEquals(RESIDENCE_COUNTRY_CODE, sdaFieldValue.getValue());
      } else if (sdaFieldValue.getSubjectDirectoryAttribute()
          == SubjectDirectoryAttributeType.COUNTRY_OF_RESIDENCE) {
        assertEquals(NATIVE_COUNTRY_CODE, sdaFieldValue.getValue());
      } else {
        fail();
      }
    }
  }
コード例 #9
0
  public X509v3CertificateBuilder applyExtension(X509v3CertificateBuilder certificateGenerator)
      throws CertIOException {

    BasicConstraints bc = null;

    if (((BasicConstraintField) certificateField).getIsCA() == false) {
      bc = new BasicConstraints(false);
    } else {
      bc = new BasicConstraints(((BasicConstraintField) certificateField).getPathLength());
    }

    certificateGenerator.addExtension(
        X509Extension.basicConstraints, certificateField.getCritical(), bc);
    return (certificateGenerator);
  }
コード例 #10
0
  private void testSubjectIssuer(
      String profileName,
      String pattern,
      String cn_key,
      String cn_value,
      String o_key,
      String o_value,
      boolean isSubject) {

    profile = testSupport.createEmptyProfile(profileName, TestConst.PROFILE_DESCRIPTION);
    BaseCertificateField field2Test;

    if (isSubject == true) {
      field2Test = new SubjectField(profile, pattern);
      field2Test.addValue(new SubjectFieldValue(cn_key, cn_value));
      field2Test.addValue(new SubjectFieldValue(o_key, o_value));
    } else {
      field2Test = new IssuerField(profile, pattern);
      field2Test.addValue(new IssuerFieldValue(cn_key, cn_value));
      field2Test.addValue(new IssuerFieldValue(o_key, o_value));
    }

    profile.addField(field2Test);
    profile = certificateProfileService.saveProfile(profile);

    CertificateProfile profile2 = new CertificateProfile();
    profile2.setProfileId(profile.getProfileId());
    profile2 = certificateProfileService.getProfile(profile2);
    if (isSubject == true) {
      field2Test = profile2.getField(FieldType.SUBJECT);
    } else {
      field2Test = profile2.getField(FieldType.ISSUER);
    }
    assertNotNull(field2Test);

    assertEquals(2, field2Test.getValues().size());
    testSupport.checkFieldValue(
        field2Test.getValues(), Arrays.asList(cn_key, o_key), true, isSubject);
    testSupport.checkFieldValue(
        field2Test.getValues(), Arrays.asList(cn_value, o_value), false, isSubject);
  }
コード例 #11
0
  @Test
  public void addIssuerAlternativeNameFieldTest() {
    Boolean CRITICAL = true;

    profile =
        testSupport.createEmptyProfile(
            "addIssuerAlternativeNameFieldTest", TestConst.PROFILE_DESCRIPTION);
    BaseCertificateField issuerAlternativeName = new IssuerAlternativeNameField(profile, CRITICAL);
    issuerAlternativeName.addValue(
        new IssuerAlternativeNameFieldValue(
            AlternativeNameType.RFC822NAME, TestConst.IAN_RFC822NAME_VALUE));
    issuerAlternativeName.addValue(
        new IssuerAlternativeNameFieldValue(
            AlternativeNameType.DIRECTORY_NAME, TestConst.IAN_DIRECTORY_NAME_VALUE));
    profile.addField(issuerAlternativeName);

    certificateProfileService.saveProfile(profile);

    profile = certificateProfileService.getProfile(profile);
    issuerAlternativeName = profile.getField(FieldType.ISSUER_ALTERNATIVE_NAME);
    assertEquals(CRITICAL, issuerAlternativeName.getCritical());
    for (int i = 0; i < issuerAlternativeName.getValues().size(); i++) {
      IssuerAlternativeNameFieldValue issuerAlternativeNameFieldValue =
          (IssuerAlternativeNameFieldValue) issuerAlternativeName.getValues().get(i);
      if ((issuerAlternativeNameFieldValue.getAlternativeNameType()
              == AlternativeNameType.RFC822NAME)
          && (issuerAlternativeNameFieldValue
                  .getValue()
                  .equalsIgnoreCase(TestConst.IAN_RFC822NAME_VALUE)
              == true)) {
        continue;
      }

      if ((issuerAlternativeNameFieldValue.getAlternativeNameType()
              == AlternativeNameType.DIRECTORY_NAME)
          && (issuerAlternativeNameFieldValue
                  .getValue()
                  .equalsIgnoreCase(TestConst.IAN_DIRECTORY_NAME_VALUE)
              == true)) {
        continue;
      }

      fail();
    }
  }
コード例 #12
0
  @Test
  public void addSubjectAlternativeNameFieldTest() {
    Boolean CRITICAL = false;
    String RFC822NAME_VALUE = "*****@*****.**";
    String DIRECTORY_NAME_VALUE = "SERIALNUMBER=$sn, CN=$cn";

    profile =
        testSupport.createEmptyProfile(
            "addSubjectAlternativeNameFieldTest", TestConst.PROFILE_DESCRIPTION);
    BaseCertificateField subjectAlternativeName =
        new SubjectAlternativeNameField(profile, CRITICAL);
    subjectAlternativeName.addValue(
        new SubjectAlternativeNameFieldValue(AlternativeNameType.RFC822NAME, RFC822NAME_VALUE));
    subjectAlternativeName.addValue(
        new SubjectAlternativeNameFieldValue(
            AlternativeNameType.DIRECTORY_NAME, DIRECTORY_NAME_VALUE));
    profile.addField(subjectAlternativeName);

    certificateProfileService.saveProfile(profile);

    profile = certificateProfileService.getProfile(profile);
    subjectAlternativeName = profile.getField(FieldType.SUBJECT_ALTERNATIVE_NAME);
    assertEquals(CRITICAL, subjectAlternativeName.getCritical());
    for (int i = 0; i < subjectAlternativeName.getValues().size(); i++) {
      SubjectAlternativeNameFieldValue subjectAlternativeNameFieldValue =
          (SubjectAlternativeNameFieldValue) subjectAlternativeName.getValues().get(i);
      if ((subjectAlternativeNameFieldValue.getAlternativeNameType()
              == AlternativeNameType.RFC822NAME)
          && (subjectAlternativeNameFieldValue.getValue().equalsIgnoreCase(RFC822NAME_VALUE)
              == true)) {
        continue;
      }

      if ((subjectAlternativeNameFieldValue.getAlternativeNameType()
              == AlternativeNameType.DIRECTORY_NAME)
          && (subjectAlternativeNameFieldValue.getValue().equalsIgnoreCase(DIRECTORY_NAME_VALUE)
              == true)) {
        continue;
      }

      fail();
    }
  }
コード例 #13
0
  @Test
  public void addCRLDistributionPointFieldTest() {
    Boolean CRITICAL = false;
    profile =
        testSupport.createEmptyProfile(
            "addCRLDistributionPointFieldTest", TestConst.PROFILE_DESCRIPTION);

    BaseCertificateField crlDistributionPoint = new CRLDistributionPointField(profile, CRITICAL);
    crlDistributionPoint.addValue(
        new CRLDistributionPointFieldValue(
            Arrays.asList(TestConst.CRLDP1_URL1, TestConst.CRLDP1_URL2)));
    crlDistributionPoint.addValue(
        new CRLDistributionPointFieldValue(
            Arrays.asList(TestConst.CRLDP2_URL1, TestConst.CRLDP2_URL2)));
    profile.addField(crlDistributionPoint);

    certificateProfileService.saveProfile(profile);
    crlDistributionPoint = profile.getField(FieldType.CRL_DISTRIBUTION_POINT);
    assertEquals(2, crlDistributionPoint.getValues().size());
    assertEquals(CRITICAL, crlDistributionPoint.getCritical());

    for (int i = 0; i < crlDistributionPoint.getValues().size(); i++) {
      CRLDistributionPointFieldValue crlDpFieldValue =
          (CRLDistributionPointFieldValue) crlDistributionPoint.getValues().get(i);

      if ((crlDpFieldValue.getValues().get(0).equalsIgnoreCase(TestConst.CRLDP1_URL1) == true)
          && (crlDpFieldValue.getValues().get(1).equalsIgnoreCase(TestConst.CRLDP1_URL2) == true)) {
        continue;
      } else if ((crlDpFieldValue.getValues().get(0).equalsIgnoreCase(TestConst.CRLDP2_URL1)
              == true)
          && (crlDpFieldValue.getValues().get(1).equalsIgnoreCase(TestConst.CRLDP2_URL2) == true)) {
        continue;
      }

      fail();
    }
  }
コード例 #14
0
  @Test
  public void addKeyUsageFieldTest() {

    Boolean CRITICAL = true;
    profile = testSupport.createEmptyProfile("addKeyUsageFieldTest", TestConst.PROFILE_DESCRIPTION);
    BaseCertificateField keyUsageField = new KeyUsageField(profile, CRITICAL);
    keyUsageField.addValue(new KeyUsageFieldValue(KeyUsageType.CRL_SIGN));
    keyUsageField.addValue(new KeyUsageFieldValue(KeyUsageType.DIGITAL_SIGNATURE));
    profile.addField(keyUsageField);
    certificateProfileService.saveProfile(profile);

    profile = certificateProfileService.getProfile(profile);
    keyUsageField = profile.getField(FieldType.KEY_USAGE);

    assertEquals(CRITICAL, keyUsageField.getCritical());
    for (int i = 0; i < keyUsageField.getValues().size(); i++) {
      if ((((KeyUsageFieldValue) keyUsageField.getValues().get(i)).getKeyUsage()
              != KeyUsageType.CRL_SIGN)
          && (((KeyUsageFieldValue) keyUsageField.getValues().get(i)).getKeyUsage()
              != KeyUsageType.DIGITAL_SIGNATURE)) {
        fail();
      }
    }
  }
コード例 #15
0
  @Test
  public void addCertificatePolicyFieldTest() {

    Boolean CRITICAL = true;

    profile =
        testSupport.createEmptyProfile(
            "addCertificatePolicyFieldTest", TestConst.PROFILE_DESCRIPTION);
    BaseCertificateField certificatePolicy =
        new CertificatePolicyField(profile, TestConst.POLICY_OID, CRITICAL);
    certificatePolicy.addValue(
        new CertificatePolicyFieldValue(CertificatePolicyType.CPS, TestConst.CPS));
    certificatePolicy.addValue(
        new CertificatePolicyFieldValue(CertificatePolicyType.USER_NOTICE, TestConst.USER_NOTICE));
    profile.addField(certificatePolicy);
    certificateProfileService.saveProfile(profile);

    profile = certificateProfileService.getProfile(profile);
    certificatePolicy = profile.getField(FieldType.CERTIFICATE_POLICY);
    assertEquals(TestConst.POLICY_OID, ((CertificatePolicyField) certificatePolicy).getPolicyOid());
    assertEquals(CRITICAL, ((CertificatePolicyField) certificatePolicy).getCritical());
    assertEquals(2, certificatePolicy.getValues().size());

    for (int i = 0; i < certificatePolicy.getValues().size(); i++) {
      CertificatePolicyFieldValue certificateFieldValue =
          ((CertificatePolicyFieldValue) certificatePolicy.getValues().get(i));
      if (certificateFieldValue.getCertificatePolicyType() == CertificatePolicyType.CPS) {
        assertEquals(TestConst.CPS, certificateFieldValue.getCertificatePolicy());
        continue;
      } else if (certificateFieldValue.getCertificatePolicyType()
          == CertificatePolicyType.USER_NOTICE) {
        assertEquals(TestConst.USER_NOTICE, certificateFieldValue.getCertificatePolicy());
        continue;
      }

      fail();
    }
  }