use of de.carne.certmgr.certs.x509.UpdateCRLRequest in project certmgr by hdecarne.
the class UserCertStoreTest method testAccessStore.
/**
* Test access store operations.
*/
@Test
public void testAccessStore() {
try {
UserCertStore store = UserCertStore.openStore(testStorePath.get());
Assert.assertEquals(11, store.size());
Assert.assertEquals(TestCerts.TEST_STORE_NAME, store.storeName());
Assert.assertEquals(11, store.getEntries().size());
Assert.assertEquals(1, traverseStore(store.getRootEntries()));
// Check preferences access
UserCertStorePreferences loadPreferences = Check.notNull(store.storePreferences());
Assert.assertEquals(Integer.valueOf(365), loadPreferences.defaultCRTValidityPeriod.get());
Assert.assertEquals(Integer.valueOf(30), loadPreferences.defaultCRLUpdatePeriod.get());
Assert.assertEquals("EC", loadPreferences.defaultKeyPairAlgorithm.get());
Assert.assertEquals(Integer.valueOf(384), loadPreferences.defaultKeySize.get());
Assert.assertEquals("SHA256WITHECDSA", loadPreferences.defaultSignatureAlgorithm.get());
UserCertStorePreferences setPreferences = Check.notNull(store.storePreferences());
setPreferences.defaultCRTValidityPeriod.putInt(180);
setPreferences.defaultCRLUpdatePeriod.putInt(7);
setPreferences.defaultKeyPairAlgorithm.put("EC");
setPreferences.defaultKeySize.putInt(521);
setPreferences.defaultSignatureAlgorithm.put("SHA256WITHECDSA");
setPreferences.sync();
UserCertStorePreferences getPreferences = Check.notNull(store.storePreferences());
Assert.assertEquals(Integer.valueOf(180), getPreferences.defaultCRTValidityPeriod.get());
Assert.assertEquals(Integer.valueOf(7), getPreferences.defaultCRLUpdatePeriod.get());
Assert.assertEquals("EC", getPreferences.defaultKeyPairAlgorithm.get());
Assert.assertEquals(Integer.valueOf(521), getPreferences.defaultKeySize.get());
Assert.assertEquals("SHA256WITHECDSA", getPreferences.defaultSignatureAlgorithm.get());
// Import access (with already existing entries)
UserCertStore importStore = UserCertStore.createFromFiles(collectDirectoryFiles(testStorePath.get()), TestCerts.password());
for (UserCertStoreEntry importStoreEntry : importStore.getEntries()) {
store.importEntry(importStoreEntry, TestCerts.password(), "Imported");
}
Assert.assertEquals(11, store.size());
// Revoke access
for (UserCertStoreEntry storeEntry : store.getEntries()) {
if (storeEntry.hasCRT() && !storeEntry.isSelfSigned() && !storeEntry.isRevoked()) {
UserCertStoreEntry issuerEntry = storeEntry.issuer();
if (issuerEntry.canIssue()) {
Date lastUpdate = new Date(System.currentTimeMillis());
Date nextUpdate = new Date(lastUpdate.getTime() + 1000);
SignatureAlgorithm signatureAlgorithm = SignatureAlgorithm.getDefaultSet(issuerEntry.getPublicKey().getAlgorithm(), storeEntry.getCRT().getSigAlgName(), false).getDefault();
Assert.assertNotNull(signatureAlgorithm);
UpdateCRLRequest updateCRLRequest = new UpdateCRLRequest(lastUpdate, nextUpdate, signatureAlgorithm);
updateCRLRequest.addRevokeEntry(storeEntry.getCRT().getSerialNumber(), ReasonFlag.PRIVILEGE_WITHDRAWN);
issuerEntry.updateCRL(updateCRLRequest, TestCerts.password());
Assert.assertTrue(storeEntry.isRevoked());
}
}
}
// Delete access
List<UserCertStoreEntryId> deleteIds = new ArrayList<>();
for (UserCertStoreEntry storeEntry : store.getEntries()) {
deleteIds.add(storeEntry.id());
}
for (UserCertStoreEntryId deleteId : deleteIds) {
store.deleteEntry(deleteId);
}
Assert.assertEquals(0, store.size());
// Import access (now with empty store)
for (UserCertStoreEntry importStoreEntry : importStore.getEntries()) {
store.importEntry(importStoreEntry, TestCerts.password(), "Imported");
}
Assert.assertEquals(11, store.size());
} catch (IOException | BackingStoreException e) {
e.printStackTrace();
Assert.fail(e.getMessage());
}
}
use of de.carne.certmgr.certs.x509.UpdateCRLRequest in project certmgr by hdecarne.
the class CRLOptionsController method onCmdUpdate.
@SuppressWarnings("unused")
@FXML
void onCmdUpdate(ActionEvent evt) {
try {
UpdateCRLRequest updateRequest = validateAndGetUpdateRequest();
getExecutorService().submit(new UpdateCRLTask(updateRequest));
} catch (ValidationException e) {
ValidationAlerts.error(e).showAndWait();
}
}
use of de.carne.certmgr.certs.x509.UpdateCRLRequest in project certmgr by hdecarne.
the class CRLOptionsController method validateAndGetUpdateRequest.
private UpdateCRLRequest validateAndGetUpdateRequest() throws ValidationException {
Date lastUpdate = validateAndGetLastUpdate();
Date nextUpdate = validateAndGetNextUpdate(lastUpdate);
SignatureAlgorithm sigAlg = validateAndGetSigAlg();
UpdateCRLRequest updateRequest = new UpdateCRLRequest(lastUpdate, nextUpdate, sigAlg);
for (CRLEntryModel entryItem : this.ctlEntryOptions.getItems()) {
if (entryItem.getRevoked()) {
updateRequest.addRevokeEntry(entryItem.getSerial(), entryItem.getReason());
}
}
return updateRequest;
}
Aggregations