@Test public void testBoth() throws CertificateException, NoSuchAlgorithmException, KeyStoreException, IOException, InvalidKeySpecException, InvalidKeyException, NoSuchProviderException, SignatureException { File caPem = getTempFile("ca/cert.pem"); File serverPem = getTempFile("server/cert.pem"); File keyPem = getTempFile("server/key.pem"); KeyStore keystore = createKeyStore(); KeyStoreUtil.updateWithCaPem(keystore, caPem); KeyStoreUtil.updateWithServerPems(keystore, serverPem, keyPem, "RSA", new char[0]); X509Certificate caCert = (X509Certificate) keystore.getCertificate(CA_ALIAS); X509Certificate serverCert = (X509Certificate) keystore.getCertificate(SERVER_ALIAS); // Check that server cert is signed by ca serverCert.verify(caCert.getPublicKey()); }
@Test public void testInvalid() throws IOException, CertificateException, NoSuchAlgorithmException, KeyStoreException, InvalidKeySpecException { for (String file : new String[] {"invalid/base64.pem", "invalid/begin.pem", "invalid/end.pem"}) { File invalidPem = getTempFile(file); KeyStore keystore = createKeyStore(); try { KeyStoreUtil.updateWithCaPem(keystore, invalidPem); fail(); } catch (Exception exp) { } try { KeyStoreUtil.updateWithServerPems( keystore, getTempFile("server/cert.pem"), invalidPem, "RSA", new char[0]); fail(); } catch (Exception exp) { } } }
@Test public void testKeyStore() throws IOException, CertificateException, NoSuchAlgorithmException, KeyStoreException, InvalidKeySpecException, UnrecoverableKeyException { File serverPem = getTempFile("server/cert.pem"); File keyPem = getTempFile("server/key.pem"); KeyStore keystore = createKeyStore(); KeyStoreUtil.updateWithServerPems(keystore, serverPem, keyPem, "RSA", new char[0]); Enumeration<String> aliases = keystore.aliases(); String alias = aliases.nextElement(); assertFalse(aliases.hasMoreElements()); assertTrue(alias.contains("server")); X509Certificate cert = (X509Certificate) keystore.getCertificate(alias); cert.checkValidity(); assertEquals(cert.getSubjectDN().getName(), SERVER_CERT_SUBJECT_DN); RSAPrivateCrtKey key = (RSAPrivateCrtKey) keystore.getKey(alias, new char[0]); assertEquals("RSA", key.getAlgorithm()); RSAPublicKey pubKey = (RSAPublicKey) cert.getPublicKey(); assertEquals("RSA", pubKey.getAlgorithm()); }