@Test
public void shouldValidateCertWithApprovedCriticalExtentions() throws Exception {
CriticalExtensionRequiredRule validator = CriticalExtensionRule.requires("2.10.2");
X509Certificate cert =
createX509Certificate(
new X509ExtensionCustom() {
public void setup(X509v3CertificateBuilder v3CertGen) throws CertIOException {
v3CertGen.addExtension(new ASN1ObjectIdentifier("2.10.2"), true, new byte[3]);
}
});
validator.validate(cert);
}
@Test(expectedExceptions = FailedValidationException.class)
public void shouldInvalidateCertWithACriticalExtentionsThatIsNotApproved() throws Exception {
String approvedExtentionList = "2.10.2";
CriticalExtensionRequiredRule validator = CriticalExtensionRule.requires(approvedExtentionList);
X509Certificate cert =
createX509Certificate(
new X509ExtensionCustom() {
public void setup(X509v3CertificateBuilder v3CertGen) throws CertIOException {
String notApprovedExtention = "2.10.6";
boolean CRITICAL = true;
v3CertGen.addExtension(
new ASN1ObjectIdentifier(notApprovedExtention), CRITICAL, new byte[3]);
}
});
validator.validate(cert);
}
