/** creates new crl */ @Test public void testCreateNewCRL() throws Exception { publishingCrlSessionRemote.forceCRL(roleMgmgToken, testx509ca.getCAId()); X509CRL x509crl = null; // Get number of last CRL int number = crlStoreSession.getLastCRLNumber(testx509ca.getSubjectDN(), false); log.debug("Last CRLNumber = " + number); byte[] crl = crlStoreSession.getLastCRL(testx509ca.getSubjectDN(), false); assertNotNull("Could not get CRL", crl); x509crl = CertTools.getCRLfromByteArray(crl); BigInteger num = CrlExtensions.getCrlNumber(x509crl); // Create a new CRL again to see that the number increases publishingCrlSessionRemote.forceCRL(roleMgmgToken, testx509ca.getCAId()); int number1 = crlStoreSession.getLastCRLNumber(testx509ca.getSubjectDN(), false); assertEquals(number + 1, number1); byte[] crl1 = crlStoreSession.getLastCRL(testx509ca.getSubjectDN(), false); X509CRL x509crl1 = CertTools.getCRLfromByteArray(crl1); BigInteger num1 = CrlExtensions.getCrlNumber(x509crl1); assertEquals(num.intValue() + 1, num1.intValue()); /* * check revoked certificates */ // Get number of last CRL Collection<RevokedCertInfo> revfp = certificateStoreSession.listRevokedCertInfo(testx509ca.getSubjectDN(), -1); log.debug("Number of revoked certificates=" + revfp.size()); crl = crlStoreSession.getLastCRL(testx509ca.getSubjectDN(), false); assertNotNull("Could not get CRL", crl); x509crl = CertTools.getCRLfromByteArray(crl); Set<? extends X509CRLEntry> revset = x509crl.getRevokedCertificates(); // Revset will be null if there are no revoked certificates if (revset != null) { int revsize = revset.size(); assertEquals(revfp.size(), revsize); } else { assertEquals(0, revfp.size()); } }