Example 6 with X509CertificateExtension
use of com.unboundid.util.ssl.cert.X509CertificateExtension in project ldapsdk by pingidentity.
the class PromptTrustManagerProcessorTestCase method testSelfSignedCertificateWithInvalidSignature.
/**
* Tests the behavior with a self-signed certificate that has an invalid
* signature.
*
* @throws Exception If an unexpected problem occurs.
*/
@Test()
public void testSelfSignedCertificateWithInvalidSignature() throws Exception {
final ObjectPair<X509Certificate, KeyPair> p = X509Certificate.generateSelfSignedCertificate(SignatureAlgorithmIdentifier.SHA_256_WITH_RSA, PublicKeyAlgorithmIdentifier.RSA, 2048, new DN("CN=ldap.example.com,O=Example Corporation,C=US"), System.currentTimeMillis(), System.currentTimeMillis() + TimeUnit.DAYS.toMillis(365L));
final X509Certificate c = p.getFirst();
final X509CertificateExtension[] extensions = new X509CertificateExtension[c.getExtensions().size()];
c.getExtensions().toArray(extensions);
final X509Certificate cert = InternalCertHelper.createX509Certificate(c.getVersion(), c.getSerialNumber(), c.getSignatureAlgorithmOID(), c.getSignatureAlgorithmParameters(), new ASN1BitString(ASN1BitString.getBitsForBytes(new byte[256])), c.getIssuerDN(), c.getNotBeforeTime(), c.getNotAfterTime(), c.getSubjectDN(), c.getPublicKeyAlgorithmOID(), null, c.getEncodedPublicKey(), c.getDecodedPublicKey(), c.getIssuerUniqueID(), c.getSubjectUniqueID(), extensions);
// Invoke the shouldPrompt method and examine the result.
final ObjectPair<Boolean, List<String>> promptResult = PromptTrustManagerProcessor.shouldPrompt(PromptTrustManager.getCacheKey(cert.toCertificate()), new X509Certificate[] { cert }, true, true, Collections.<String, Boolean>emptyMap(), null);
assertNotNull(promptResult.getFirst());
assertEquals(promptResult.getFirst(), Boolean.TRUE);
assertNotNull(promptResult.getSecond());
assertFalse(promptResult.getSecond().isEmpty());
assertEquals(promptResult.getSecond().size(), 2);
}
Also used :
X509CertificateExtension(com.unboundid.util.ssl.cert.X509CertificateExtension)
KeyPair(java.security.KeyPair)
DN(com.unboundid.ldap.sdk.DN)
List(java.util.List)
X509Certificate(com.unboundid.util.ssl.cert.X509Certificate)
ASN1BitString(com.unboundid.asn1.ASN1BitString)
Test(org.testng.annotations.Test)
Aggregations
X509CertificateExtension (com.unboundid.util.ssl.cert.X509CertificateExtension)6
ASN1BitString (com.unboundid.asn1.ASN1BitString)3
X509Certificate (com.unboundid.util.ssl.cert.X509Certificate)3
List (java.util.List)3
Test (org.testng.annotations.Test)3
ASN1OctetString (com.unboundid.asn1.ASN1OctetString)2
AuthorityKeyIdentifierExtension (com.unboundid.util.ssl.cert.AuthorityKeyIdentifierExtension)2
File (java.io.File)2
FileInputStream (java.io.FileInputStream)2
KeyStore (java.security.KeyStore)2
Certificate (java.security.cert.Certificate)2
CertificateException (java.security.cert.CertificateException)2
CertificateExpiredException (java.security.cert.CertificateExpiredException)2
CertificateNotYetValidException (java.security.cert.CertificateNotYetValidException)2
X509Certificate (java.security.cert.X509Certificate)2
DN (com.unboundid.ldap.sdk.DN)1
RDN (com.unboundid.ldap.sdk.RDN)1
NotNull (com.unboundid.util.NotNull)1
Nullable (com.unboundid.util.Nullable)1
ObjectPair (com.unboundid.util.ObjectPair)1
