예제 #1
0
파일: CA.java 프로젝트: NCIP/cagrid
 public CA(String dn) throws Exception {
   Calendar c = new GregorianCalendar();
   Date now = c.getTime();
   c.add(Calendar.YEAR, 5);
   Date expires = c.getTime();
   KeyPair pair = KeyUtil.generateRSAKeyPair512();
   this.key = pair.getPrivate();
   cert = CertUtil.generateCACertificate(new X509Name(dn), now, expires, pair);
 }
예제 #2
0
파일: CA.java 프로젝트: NCIP/cagrid
 public Credential createIdentityCertificate(String id) throws Exception {
   String dn = getCertificate().getSubjectDN().getName();
   int index = dn.indexOf("CN=");
   dn = dn.substring(0, index + 3) + id;
   KeyPair pair = KeyUtil.generateRSAKeyPair512();
   Date now = new Date();
   Date end = getCertificate().getNotAfter();
   return new Credential(
       CertUtil.generateCertificate(
           new X509Name(dn), now, end, pair.getPublic(), getCertificate(), getPrivateKey(), null),
       pair.getPrivate());
 }
  public void testAutoCredentialCreationNoRenewal() {

    AssertionCredentialsManager cm = null;
    try {
      IdentityProviderProperties props = Utils.getIdentityProviderProperties();
      props.setAutoRenewAssertingCredentials(false);
      cm = new AssertionCredentialsManager(props, ca, db);
      X509Certificate cert = cm.getIdPCertificate();
      assertNotNull(cert);
      assertNotNull(cm.getIdPKey());
      String expectedSub = Utils.CA_SUBJECT_PREFIX + ",CN=" + AssertionCredentialsManager.CERT_DN;
      assertEquals(expectedSub, cert.getSubjectDN().toString());

      String subject = cert.getSubjectDN().toString();
      KeyPair pair = KeyUtil.generateRSAKeyPair1024();
      GregorianCalendar cal = new GregorianCalendar();
      Date start = cal.getTime();
      cal.add(Calendar.SECOND, 2);
      Date end = cal.getTime();
      cm.deleteAssertingCredentials();
      X509Certificate shortCert = ca.signCertificate(subject, pair.getPublic(), start, end);
      cm.storeCredentials(shortCert, pair.getPrivate());
      if (cert.equals(shortCert)) {
        assertTrue(false);
      }

      Thread.sleep(2500);
      assertTrue(CertUtil.isExpired(shortCert));

      try {
        cm.getIdPCertificate();
        assertTrue(false);
      } catch (DorianInternalFault fault) {

      }

    } catch (Exception e) {
      FaultUtil.printFault(e);
      assertTrue(false);
    } finally {
      try {
        cm.clearDatabase();
      } catch (Exception e) {
        e.printStackTrace();
      }
    }
  }
예제 #4
0
파일: CA.java 프로젝트: NCIP/cagrid
 public CA(String dn, Date start, Date expires) throws Exception {
   KeyPair pair = KeyUtil.generateRSAKeyPair512();
   this.key = pair.getPrivate();
   cert = CertUtil.generateCACertificate(new X509Name(dn), start, expires, pair);
 }
  public void testAutoCredentialCreationRenew() {
    AssertionCredentialsManager cm = null;
    try {
      cm = Utils.getAssertionCredentialsManager();
      X509Certificate cert = cm.getIdPCertificate();
      assertNotNull(cert);
      assertNotNull(cm.getIdPKey());
      String expectedSub = Utils.CA_SUBJECT_PREFIX + ",CN=" + AssertionCredentialsManager.CERT_DN;
      assertEquals(expectedSub, cert.getSubjectDN().toString());

      String subject = cert.getSubjectDN().toString();
      KeyPair pair = KeyUtil.generateRSAKeyPair1024();
      GregorianCalendar cal = new GregorianCalendar();
      Date start = cal.getTime();
      cal.add(Calendar.SECOND, 6);
      Date end = cal.getTime();
      cm.deleteAssertingCredentials();
      X509Certificate shortCert = ca.signCertificate(subject, pair.getPublic(), start, end);

      cm.storeCredentials(shortCert, pair.getPrivate());

      X509Certificate idpShortCert = cm.getIdPCertificate();

      assertEquals(shortCert, idpShortCert);
      if (cert.equals(idpShortCert)) {
        assertTrue(false);
      }

      Thread.sleep(6500);
      assertTrue(CertUtil.isExpired(idpShortCert));
      X509Certificate renewedCert = cm.getIdPCertificate();
      assertNotNull(renewedCert);

      PrivateKey renewedKey = cm.getIdPKey();
      assertNotNull(renewedKey);

      assertTrue(!CertUtil.isExpired(renewedCert));

      if (renewedCert.equals(idpShortCert)) {
        assertTrue(false);
      }

      if (renewedKey.equals(pair.getPrivate())) {
        assertTrue(false);
      }

      SAMLAssertion saml =
          cm.getAuthenticationAssertion(TEST_UID, TEST_FIRST_NAME, TEST_LAST_NAME, TEST_EMAIL);
      verifySAMLAssertion(saml, cm);
      String xml = SAMLUtils.samlAssertionToString(saml);
      SAMLAssertion saml2 = SAMLUtils.stringToSAMLAssertion(xml);
      verifySAMLAssertion(saml2, cm);

    } catch (Exception e) {
      FaultUtil.printFault(e);
      assertTrue(false);
    } finally {
      try {
        cm.clearDatabase();
      } catch (Exception e) {
        e.printStackTrace();
      }
    }
  }