use of com.mindbright.asn1.ASN1BitString in project ldapsdk by pingidentity.
the class X509CertificateTestCase method testStringRepresentationOfCertWithUnknownKeyEvenNumberOfBytes.
/**
* Tests the behavior when trying to create the string representation of a
* certificate with an unknown public key type and a public key whose number
* of bits is a multiple of eight.
*
* @throws Exception If an unexpected problem occurs.
*/
@Test()
public void testStringRepresentationOfCertWithUnknownKeyEvenNumberOfBytes() throws Exception {
final long notBefore = System.currentTimeMillis();
final long notAfter = notBefore + (365L * 24L * 60L * 60L * 1000L);
final X509Certificate c = new X509Certificate(X509CertificateVersion.V3, BigInteger.valueOf(987654321L), new OID("1.2.3.4"), new ASN1Null(), new ASN1BitString(new boolean[256]), new DN("CN=Issuer,O=Example Corp,C=US"), notBefore, notAfter, new DN("CN=ldap.example.com,O=Example Corp,C=US"), new OID("1.2.3.5"), new ASN1Null(), new ASN1BitString(new boolean[256]), null, null, null);
assertNotNull(c.toString());
assertNotNull(c.toPEM());
assertFalse(c.toPEM().isEmpty());
assertNotNull(c.toPEMString());
assertNotNull(c.getX509CertificateBytes());
assertNotNull(c.getSHA1Fingerprint());
assertNotNull(c.getSHA256Fingerprint());
}
use of com.mindbright.asn1.ASN1BitString in project ldapsdk by pingidentity.
the class X509CertificateTestCase method testDecodeValidityMalformedNotAfter.
/**
* Tests the behavior when trying to decode a certificate with a validity
* sequence whose second element is neither a UTCTime nor a GeneralizedTime.
*
* @throws Exception If an unexpected problem occurs.
*/
@Test(expectedExceptions = { CertException.class })
public void testDecodeValidityMalformedNotAfter() throws Exception {
final long notBefore = System.currentTimeMillis();
final long notAfter = notBefore + (365L * 24L * 60L * 60L * 1000L);
final ASN1Sequence valueSequence = new ASN1Sequence(new ASN1Sequence(new ASN1Element((byte) 0xA0, new ASN1Integer(2).encode()), new ASN1BigInteger(12435L), new ASN1Sequence(new ASN1ObjectIdentifier(new OID("1.2.3.4")), new ASN1Null()), X509Certificate.encodeName(new DN("CN=issuer")), new ASN1Sequence(new ASN1GeneralizedTime(notBefore), new ASN1OctetString("malformed notAfter")), X509Certificate.encodeName(new DN("CN=ldap.example.com")), new ASN1Sequence(new ASN1Sequence(new ASN1ObjectIdentifier(new OID("1.2.3.5")), new ASN1Null()), new ASN1BitString(new boolean[1024]))), new ASN1Sequence(new ASN1ObjectIdentifier(new OID("1.2.3.4")), new ASN1Null()), new ASN1BitString(new boolean[1024]));
new X509Certificate(valueSequence.encode());
}
use of com.mindbright.asn1.ASN1BitString in project ldapsdk by pingidentity.
the class X509CertificateTestCase method testVerifySignatureMalformedPublicKey.
/**
* Tests the behavior of the {@code verifySignature} method with a malformed
* public key.
*
* @throws Exception If an unexpected problem occurs.
*/
@Test(expectedExceptions = { CertException.class })
public void testVerifySignatureMalformedPublicKey() throws Exception {
final X509Certificate cert = new X509Certificate(X509CertificateVersion.V3, BigInteger.valueOf(12345L), SignatureAlgorithmIdentifier.SHA_256_WITH_RSA.getOID(), null, new ASN1BitString(true, false, true, false, true), new DN("CN=Example Issuer,O=Example Corporation,C=US"), System.currentTimeMillis(), System.currentTimeMillis() + TimeUnit.DAYS.toMillis(365L), new DN("CN=Example Issuer,O=Example Corporation,C=US"), PublicKeyAlgorithmIdentifier.RSA.getOID(), null, new ASN1BitString(false, true, false, true, false), null, null, null);
cert.verifySignature(null);
}
use of com.mindbright.asn1.ASN1BitString in project ldapsdk by pingidentity.
the class X509CertificateTestCase method testVerifySignatureInvalidSignatureAlgorithm.
/**
* Tests the behavior of the {@code verifySignature} method with a signature
* algorithm OID that isn't a valid OID.
*
* @throws Exception If an unexpected problem occurs.
*/
@Test(expectedExceptions = { CertException.class })
public void testVerifySignatureInvalidSignatureAlgorithm() throws Exception {
final ObjectPair<X509Certificate, KeyPair> p = X509Certificate.generateSelfSignedCertificate(SignatureAlgorithmIdentifier.SHA_256_WITH_RSA, PublicKeyAlgorithmIdentifier.RSA, 2048, new DN("CN=ldap.example.com,O=Example Corporation,C=US"), System.currentTimeMillis(), System.currentTimeMillis() + TimeUnit.DAYS.toMillis(365L), new SubjectAlternativeNameExtension(false, new GeneralNamesBuilder().addDNSName("ldap.example.com").build()));
final X509Certificate c = p.getFirst();
final X509CertificateExtension[] extensions = new X509CertificateExtension[c.getExtensions().size()];
c.getExtensions().toArray(extensions);
final X509Certificate cert = new X509Certificate(c.getVersion(), c.getSerialNumber(), new OID("1234.5678"), c.getSignatureAlgorithmParameters(), new ASN1BitString(true, false, true, false, true), c.getIssuerDN(), c.getNotBeforeTime(), c.getNotAfterTime(), c.getSubjectDN(), c.getPublicKeyAlgorithmOID(), null, c.getEncodedPublicKey(), c.getDecodedPublicKey(), c.getIssuerUniqueID(), c.getSubjectUniqueID(), extensions);
cert.verifySignature(null);
}
use of com.mindbright.asn1.ASN1BitString in project ldapsdk by pingidentity.
the class X509CertificateTestCase method testVerifySignatureInvalidNullIssuer.
/**
* Tests the behavior of the {@code verifySignature} method with a
* {@code null} issuer for a non-self-signed certificate.
*
* @throws Exception If an unexpected problem occurs.
*/
@Test(expectedExceptions = { CertException.class })
public void testVerifySignatureInvalidNullIssuer() throws Exception {
final X509Certificate cert = new X509Certificate(X509CertificateVersion.V3, BigInteger.valueOf(12345L), SignatureAlgorithmIdentifier.SHA_256_WITH_RSA.getOID(), null, new ASN1BitString(true, false, true, false, true), new DN("CN=Example Issuer,O=Example Corporation,C=US"), System.currentTimeMillis(), System.currentTimeMillis() + TimeUnit.DAYS.toMillis(365L), new DN("CN=ldap.example.com,O=Example Corporation,C=US"), PublicKeyAlgorithmIdentifier.RSA.getOID(), null, new ASN1BitString(false, true, false, true, false), null, null, null);
cert.verifySignature(null);
}
Aggregations