Пример #1
0
  @Test
  public void testBoth()
      throws CertificateException, NoSuchAlgorithmException, KeyStoreException, IOException,
          InvalidKeySpecException, InvalidKeyException, NoSuchProviderException,
          SignatureException {
    File caPem = getTempFile("ca/cert.pem");
    File serverPem = getTempFile("server/cert.pem");
    File keyPem = getTempFile("server/key.pem");

    KeyStore keystore = createKeyStore();
    KeyStoreUtil.updateWithCaPem(keystore, caPem);
    KeyStoreUtil.updateWithServerPems(keystore, serverPem, keyPem, "RSA", new char[0]);

    X509Certificate caCert = (X509Certificate) keystore.getCertificate(CA_ALIAS);
    X509Certificate serverCert = (X509Certificate) keystore.getCertificate(SERVER_ALIAS);

    // Check that server cert is signed by ca
    serverCert.verify(caCert.getPublicKey());
  }
Пример #2
0
 @Test
 public void testSelfSignedCertificate() throws Exception {
   KeyStore keystore = createKeyStore();
   KeyStoreUtil.updateWithSelfSignedServerCertificate(keystore);
   X509Certificate cert = (X509Certificate) keystore.getCertificate("jolokia-agent");
   assertNotNull(cert);
   assertEquals(
       cert.getSubjectDN().getName(),
       "CN=Jolokia Agent "
           + Version.getAgentVersion()
           + ", OU=JVM, O=jolokia.org, L=Pegnitz, ST=Franconia, C=DE");
   assertEquals(cert.getSubjectDN(), cert.getIssuerDN());
 }
Пример #3
0
  @Test
  public void testInvalid()
      throws IOException, CertificateException, NoSuchAlgorithmException, KeyStoreException,
          InvalidKeySpecException {

    for (String file :
        new String[] {"invalid/base64.pem", "invalid/begin.pem", "invalid/end.pem"}) {
      File invalidPem = getTempFile(file);

      KeyStore keystore = createKeyStore();
      try {
        KeyStoreUtil.updateWithCaPem(keystore, invalidPem);
        fail();
      } catch (Exception exp) {
      }
      try {
        KeyStoreUtil.updateWithServerPems(
            keystore, getTempFile("server/cert.pem"), invalidPem, "RSA", new char[0]);
        fail();
      } catch (Exception exp) {
      }
    }
  }
Пример #4
0
  @Test
  public void testTrustStore()
      throws KeyStoreException, CertificateException, NoSuchAlgorithmException, IOException {
    File caPem = getTempFile("ca/cert.pem");
    KeyStore keystore = createKeyStore();

    KeyStoreUtil.updateWithCaPem(keystore, caPem);

    Enumeration<String> aliases = keystore.aliases();
    String alias = aliases.nextElement();
    assertFalse(aliases.hasMoreElements());
    assertTrue(alias.contains("ca.test.jolokia.org"));
    X509Certificate cert = (X509Certificate) keystore.getCertificate(alias);
    cert.checkValidity();
    assertTrue(cert.getSubjectDN().getName().contains(CA_CERT_SUBJECT_DN_CN));
    RSAPublicKey key = (RSAPublicKey) cert.getPublicKey();
    assertEquals(key.getAlgorithm(), "RSA");
  }
Пример #5
0
  @Test
  public void testKeyStore()
      throws IOException, CertificateException, NoSuchAlgorithmException, KeyStoreException,
          InvalidKeySpecException, UnrecoverableKeyException {
    File serverPem = getTempFile("server/cert.pem");
    File keyPem = getTempFile("server/key.pem");
    KeyStore keystore = createKeyStore();

    KeyStoreUtil.updateWithServerPems(keystore, serverPem, keyPem, "RSA", new char[0]);

    Enumeration<String> aliases = keystore.aliases();
    String alias = aliases.nextElement();
    assertFalse(aliases.hasMoreElements());

    assertTrue(alias.contains("server"));

    X509Certificate cert = (X509Certificate) keystore.getCertificate(alias);
    cert.checkValidity();
    assertEquals(cert.getSubjectDN().getName(), SERVER_CERT_SUBJECT_DN);
    RSAPrivateCrtKey key = (RSAPrivateCrtKey) keystore.getKey(alias, new char[0]);
    assertEquals("RSA", key.getAlgorithm());
    RSAPublicKey pubKey = (RSAPublicKey) cert.getPublicKey();
    assertEquals("RSA", pubKey.getAlgorithm());
  }