use of org.commonjava.indy.httprox.util.CertificateAndKeys in project indy by Commonjava.
the class CertUtilsTest method testSubjectCertificateSignedByIssuerCertificateWithoutExtensionIsValid.
@Test
public void testSubjectCertificateSignedByIssuerCertificateWithoutExtensionIsValid() throws Exception, CertificateException, OperatorCreationException, CertificateEncodingException, CertException {
PrivateKey caKey = CertUtils.getPrivateKey("src/test/resources/ca.der");
X509Certificate caCert = CertUtils.loadX509Certificate(new File("src/test/resources", "ca.crt"));
String subjectCN = "CN=testcase.org, O=Test Org";
CertificateAndKeys certificateAndKeys = CertUtils.createSignedCertificateAndKey(subjectCN, caCert, caKey, false);
PublicKey publicKey = certificateAndKeys.getPublicKey();
X509CertificateHolder certHolder = new X509CertificateHolder(certificateAndKeys.getCertificate().getEncoded());
JcaContentVerifierProviderBuilder verifierBuilder = new JcaContentVerifierProviderBuilder().setProvider(BouncyCastleProvider.PROVIDER_NAME);
logger.debug(">>>>>>> caCert >>>>>" + caCert + "<<<<<<<<<<");
logger.debug(">>>>>>> generated and signed cert >>>>>" + certificateAndKeys.getCertificate() + "<<<<<<<<<<<<<");
assertTrue(certHolder.isSignatureValid(verifierBuilder.build(caCert)));
Extension ext = certHolder.getExtension(Extension.basicConstraints);
assertNull(ext);
}
use of org.commonjava.indy.httprox.util.CertificateAndKeys in project indy by Commonjava.
the class CertUtilsTest method testIntermediateSignedCertificateWithExtension.
@Test
public void testIntermediateSignedCertificateWithExtension() throws Exception, CertificateException, OperatorCreationException, CertificateEncodingException, CertException {
PrivateKey caKey = CertUtils.getPrivateKey("src/test/resources/ca.der");
X509Certificate caCert = CertUtils.loadX509Certificate(new File("src/test/resources", "ca.crt"));
String subjectCN = "CN=testcase.org, O=Test Org";
CertificateAndKeys certificateAndKeys = CertUtils.createSignedCertificateAndKey(subjectCN, caCert, caKey, true);
PublicKey publicKey = certificateAndKeys.getPublicKey();
X509CertificateHolder certHolder = new X509CertificateHolder(certificateAndKeys.getCertificate().getEncoded());
Extension ext = certHolder.getExtension(Extension.basicConstraints);
assertNotNull(ext);
assertEquals(ext.getExtnId(), Extension.basicConstraints);
assertEquals(ext.getParsedValue(), new BasicConstraints(-1));
}
use of org.commonjava.indy.httprox.util.CertificateAndKeys in project indy by Commonjava.
the class ProxyMITMSSLServer method getKeyStore.
private KeyStore getKeyStore(String host) throws Exception {
PrivateKey caKey = getPrivateKey(config.getMITMCAKey());
X509Certificate caCert = loadX509Certificate(new File(config.getMITMCACert()));
// e.g., "CN=<host>, O=Test Org"
String dn = config.getMITMDNTemplate().replace("<host>", host);
CertificateAndKeys certificateAndKeys = createSignedCertificateAndKey(dn, caCert, caKey, false);
Certificate signedCertificate = certificateAndKeys.getCertificate();
logger.debug("Create signed cert:\n" + signedCertificate.toString());
KeyStore ks = createKeyStore();
String alias = host;
ks.setKeyEntry(alias, certificateAndKeys.getPrivateKey(), keystorePassword, new Certificate[] { signedCertificate, caCert });
return ks;
}
Aggregations