Example 1 with ObjectIdentifier
use of sun.security.util.ObjectIdentifier in project OpenAttestation by OpenAttestation.
the class X509Builder method extKeyUsage.
public X509Builder extKeyUsage(ObjectIdentifier oid) {
try {
v3();
if (extendedKeyUsageExtensionList == null) {
extendedKeyUsageExtensionList = new Vector<ObjectIdentifier>();
}
extendedKeyUsageExtensionList.add(oid);
extendedKeyUsageExtension = new ExtendedKeyUsageExtension(extendedKeyUsageExtensionIsCritical, extendedKeyUsageExtensionList);
if (certificateExtensions == null) {
certificateExtensions = new CertificateExtensions();
}
certificateExtensions.set(extendedKeyUsageExtension.getExtensionId().toString(), extendedKeyUsageExtension);
info.set(X509CertInfo.EXTENSIONS, certificateExtensions);
} catch (Exception e) {
fault(e, "extKeyUsage(%s)", oid.toString());
}
return this;
}
Also used :
ExtendedKeyUsageExtension(sun.security.x509.ExtendedKeyUsageExtension)
CertificateExtensions(sun.security.x509.CertificateExtensions)
ObjectIdentifier(sun.security.util.ObjectIdentifier)
Example 2 with ObjectIdentifier
use of sun.security.util.ObjectIdentifier in project OpenAM by OpenRock.
the class Cert method getTokenFromSubjectAltExt.
private void getTokenFromSubjectAltExt(X509Certificate cert) throws AuthLoginException {
try {
X509CertImpl certImpl = new X509CertImpl(cert.getEncoded());
X509CertInfo cinfo = new X509CertInfo(certImpl.getTBSCertificate());
CertificateExtensions exts = (CertificateExtensions) cinfo.get(X509CertInfo.EXTENSIONS);
SubjectAlternativeNameExtension altNameExt = (SubjectAlternativeNameExtension) exts.get(SubjectAlternativeNameExtension.NAME);
if (altNameExt != null) {
GeneralNames names = (GeneralNames) altNameExt.get(SubjectAlternativeNameExtension.SUBJECT_NAME);
GeneralName generalname = null;
ObjectIdentifier upnoid = new ObjectIdentifier(UPNOID);
Iterator itr = (Iterator) names.iterator();
while ((userTokenId == null) && itr.hasNext()) {
generalname = (GeneralName) itr.next();
if (generalname != null) {
if (amAuthCert_subjectAltExtMapper.equalsIgnoreCase("UPN") && (generalname.getType() == GeneralNameInterface.NAME_ANY)) {
OtherName othername = (OtherName) generalname.getName();
if (upnoid.equals((Object) (othername.getOID()))) {
byte[] nval = othername.getNameValue();
DerValue derValue = new DerValue(nval);
userTokenId = derValue.getData().getUTF8String();
}
} else if (amAuthCert_subjectAltExtMapper.equalsIgnoreCase("RFC822Name") && (generalname.getType() == GeneralNameInterface.NAME_RFC822)) {
RFC822Name email = (RFC822Name) generalname.getName();
userTokenId = email.getName();
}
}
}
}
} catch (Exception e) {
debug.error("Certificate - " + "Error in getTokenFromSubjectAltExt = ", e);
throw new AuthLoginException(amAuthCert, "CertNoReg", null);
}
}
Also used :
X509CertInfo(sun.security.x509.X509CertInfo)
SubjectAlternativeNameExtension(sun.security.x509.SubjectAlternativeNameExtension)
OtherName(sun.security.x509.OtherName)
AuthLoginException(com.sun.identity.authentication.spi.AuthLoginException)
CertificateExtensions(sun.security.x509.CertificateExtensions)
UnsupportedCallbackException(javax.security.auth.callback.UnsupportedCallbackException)
AuthLoginException(com.sun.identity.authentication.spi.AuthLoginException)
GeneralNames(sun.security.x509.GeneralNames)
RFC822Name(sun.security.x509.RFC822Name)
X509CertImpl(sun.security.x509.X509CertImpl)
DerValue(sun.security.util.DerValue)
Iterator(java.util.Iterator)
GeneralName(sun.security.x509.GeneralName)
ObjectIdentifier(sun.security.util.ObjectIdentifier)
Example 3 with ObjectIdentifier
use of sun.security.util.ObjectIdentifier in project jdk8u_jdk by JetBrains.
the class NotPreferredMech method main.
public static void main(String[] argv) throws Exception {
// Generates a NegTokenInit mechTypes field, with an
// unsupported mech as the preferred.
DerOutputStream mech = new DerOutputStream();
mech.write(new Oid("1.2.3.4").getDER());
mech.write(GSSUtil.GSS_KRB5_MECH_OID.getDER());
DerOutputStream mechTypeList = new DerOutputStream();
mechTypeList.write(DerValue.tag_Sequence, mech);
// Generates a NegTokenInit mechToken field for 1.2.3.4 mech
GSSHeader h1 = new GSSHeader(new ObjectIdentifier("1.2.3.4"), 1);
ByteArrayOutputStream bout = new ByteArrayOutputStream();
h1.encode(bout);
bout.write(new byte[1]);
// Generates the NegTokenInit token
Constructor<NegTokenInit> ctor = NegTokenInit.class.getDeclaredConstructor(byte[].class, BitArray.class, byte[].class, byte[].class);
ctor.setAccessible(true);
NegTokenInit initToken = ctor.newInstance(mechTypeList.toByteArray(), new BitArray(0), bout.toByteArray(), null);
Method m = Class.forName("sun.security.jgss.spnego.SpNegoToken").getDeclaredMethod("getEncoded");
m.setAccessible(true);
byte[] spnegoToken = (byte[]) m.invoke(initToken);
// and wraps it into a GSSToken
GSSHeader h = new GSSHeader(new ObjectIdentifier(GSSUtil.GSS_SPNEGO_MECH_OID.toString()), spnegoToken.length);
bout = new ByteArrayOutputStream();
h.encode(bout);
bout.write(spnegoToken);
byte[] token = bout.toByteArray();
// and feeds it to a GSS acceptor
GSSManager man = GSSManager.getInstance();
GSSContext ctxt = man.createContext((GSSCredential) null);
token = ctxt.acceptSecContext(token, 0, token.length);
NegTokenTarg targ = new NegTokenTarg(token);
// Make sure it's a GO-ON message
Method m2 = NegTokenTarg.class.getDeclaredMethod("getNegotiatedResult");
m2.setAccessible(true);
int negResult = (int) m2.invoke(targ);
if (negResult != 1) /* ACCEPT_INCOMPLETE */
{
throw new Exception("Not a continue");
}
}
Also used :
NegTokenTarg(sun.security.jgss.spnego.NegTokenTarg)
ByteArrayOutputStream(java.io.ByteArrayOutputStream)
Method(java.lang.reflect.Method)
DerOutputStream(sun.security.util.DerOutputStream)
NegTokenInit(sun.security.jgss.spnego.NegTokenInit)
BitArray(sun.security.util.BitArray)
ObjectIdentifier(sun.security.util.ObjectIdentifier)
Example 4 with ObjectIdentifier
use of sun.security.util.ObjectIdentifier in project jdk8u_jdk by JetBrains.
the class S11N method out.
// Gets the serialized form for this java
private static byte[] out(String oid) throws Exception {
ByteArrayOutputStream bout = new ByteArrayOutputStream();
new ObjectOutputStream(bout).writeObject(new ObjectIdentifier(oid));
return bout.toByteArray();
}
Also used :
ByteArrayOutputStream(java.io.ByteArrayOutputStream)
ObjectOutputStream(java.io.ObjectOutputStream)
ObjectIdentifier(sun.security.util.ObjectIdentifier)
Example 5 with ObjectIdentifier
use of sun.security.util.ObjectIdentifier in project jdk8u_jdk by JetBrains.
the class HumanInputStream method v3extTest.
void v3extTest(String keyAlg) throws Exception {
KeyStore ks;
remove("x.jks");
String simple = "-keystore x.jks -storepass changeit -keypass changeit -noprompt -keyalg " + keyAlg + " ";
String pre = simple + "-genkeypair -dname CN=Olala -alias ";
// Version and SKID
testOK("", pre + "o1");
ks = loadStore("x.jks", "changeit", "JKS");
assertTrue(((X509Certificate) ks.getCertificate("o1")).getVersion() == 3);
assertTrue(((X509CertImpl) ks.getCertificate("o1")).getSubjectKeyIdentifierExtension() != null);
// BC
testOK("", pre + "b1 -ext BC:critical");
testOK("", pre + "b2 -ext BC");
testOK("", pre + "b3 -ext bc");
testOK("", pre + "b4 -ext BasicConstraints");
testOK("", pre + "b5 -ext basicconstraints");
testOK("", pre + "b6 -ext BC=ca:true,pathlen:12");
testOK("", pre + "b7 -ext BC=ca:false");
testOK("", pre + "b8 -ext BC:critical=ca:false");
testOK("", pre + "b9 -ext BC=12");
ks = loadStore("x.jks", "changeit", "JKS");
assertTrue(((X509CertImpl) ks.getCertificate("b1")).getBasicConstraintsExtension().isCritical());
assertTrue(!((X509CertImpl) ks.getCertificate("b2")).getBasicConstraintsExtension().isCritical());
assertTrue(((X509CertImpl) ks.getCertificate("b8")).getBasicConstraintsExtension().isCritical());
assertTrue(((X509Certificate) ks.getCertificate("b1")).getBasicConstraints() == Integer.MAX_VALUE);
assertTrue(((X509Certificate) ks.getCertificate("b2")).getBasicConstraints() == Integer.MAX_VALUE);
assertTrue(((X509Certificate) ks.getCertificate("b3")).getBasicConstraints() == Integer.MAX_VALUE);
assertTrue(((X509Certificate) ks.getCertificate("b4")).getBasicConstraints() == Integer.MAX_VALUE);
assertTrue(((X509Certificate) ks.getCertificate("b5")).getBasicConstraints() == Integer.MAX_VALUE);
assertTrue(((X509Certificate) ks.getCertificate("b6")).getBasicConstraints() == 12);
assertTrue(((X509Certificate) ks.getCertificate("b7")).getBasicConstraints() == -1);
assertTrue(((X509Certificate) ks.getCertificate("b9")).getBasicConstraints() == 12);
// KU
testOK("", pre + "ku1 -ext KeyUsage:critical=digitalsignature");
testOK("", pre + "ku2 -ext KU=digitalSignature");
testOK("", pre + "ku3 -ext KU=ds");
testOK("", pre + "ku4 -ext KU=dig");
// ambigous value
testFail("", pre + "ku5 -ext KU=d");
// cRLSign cannot be cs
testFail("", pre + "ku6 -ext KU=cs");
testOK("", pre + "ku11 -ext KU=nr");
// ke also means keyAgreement
testFail("", pre + "ku12 -ext KU=ke");
testOK("", pre + "ku12 -ext KU=keyE");
// de also means decipherOnly
testFail("", pre + "ku13 -ext KU=de");
testOK("", pre + "ku13 -ext KU=dataE");
testOK("", pre + "ku14 -ext KU=ka");
testOK("", pre + "ku15 -ext KU=kcs");
testOK("", pre + "ku16 -ext KU=crls");
testOK("", pre + "ku17 -ext KU=eo");
testOK("", pre + "ku18 -ext KU=do");
testOK("", pre + "ku19 -ext KU=cc");
testOK("", pre + "ku017 -ext KU=ds,cc,eo");
testOK("", pre + "ku135 -ext KU=nr,dataEncipherment,keyCertSign");
testOK("", pre + "ku246 -ext KU=keyEnc,cRL,keyA");
testOK("", pre + "ku1234 -ext KU=ka,da,keyE,nonR");
ks = loadStore("x.jks", "changeit", "JKS");
class CheckKU {
void check(KeyStore ks, String alias, int... pos) throws Exception {
System.err.print("x");
boolean[] bs = ((X509Certificate) ks.getCertificate(alias)).getKeyUsage();
bs = Arrays.copyOf(bs, 9);
for (int i = 0; i < bs.length; i++) {
boolean found = false;
for (int p : pos) {
if (p == i)
found = true;
}
if (!found ^ bs[i]) {
// OK
} else {
throw new RuntimeException("KU not match at " + i + ": " + found + " vs " + bs[i]);
}
}
}
}
CheckKU c = new CheckKU();
assertTrue(((X509CertImpl) ks.getCertificate("ku1")).getExtension(PKIXExtensions.KeyUsage_Id).isCritical());
assertTrue(!((X509CertImpl) ks.getCertificate("ku2")).getExtension(PKIXExtensions.KeyUsage_Id).isCritical());
c.check(ks, "ku1", 0);
c.check(ks, "ku2", 0);
c.check(ks, "ku3", 0);
c.check(ks, "ku4", 0);
c.check(ks, "ku11", 1);
c.check(ks, "ku12", 2);
c.check(ks, "ku13", 3);
c.check(ks, "ku14", 4);
c.check(ks, "ku15", 5);
c.check(ks, "ku16", 6);
c.check(ks, "ku17", 7);
c.check(ks, "ku18", 8);
c.check(ks, "ku19", 1);
c.check(ks, "ku11", 1);
c.check(ks, "ku11", 1);
c.check(ks, "ku11", 1);
c.check(ks, "ku017", 0, 1, 7);
c.check(ks, "ku135", 1, 3, 5);
c.check(ks, "ku246", 6, 2, 4);
c.check(ks, "ku1234", 1, 2, 3, 4);
// EKU
testOK("", pre + "eku1 -ext EKU:critical=sa");
testOK("", pre + "eku2 -ext ExtendedKeyUsage=ca");
testOK("", pre + "eku3 -ext EKU=cs");
testOK("", pre + "eku4 -ext EKU=ep");
testOK("", pre + "eku8 -ext EKU=ts");
testFail("", pre + "eku9 -ext EKU=os");
testOK("", pre + "eku9 -ext EKU=ocsps");
testOK("", pre + "eku10 -ext EKU=any");
testOK("", pre + "eku11 -ext EKU=1.2.3.4,1.3.5.7,ep");
testFail("", pre + "eku12 -ext EKU=c");
testFail("", pre + "eku12 -ext EKU=nothing");
ks = loadStore("x.jks", "changeit", "JKS");
class CheckEKU {
void check(KeyStore ks, String alias, String... pos) throws Exception {
System.err.print("x");
List<String> bs = ((X509Certificate) ks.getCertificate(alias)).getExtendedKeyUsage();
int found = 0;
for (String p : pos) {
if (bs.contains(p)) {
found++;
} else {
throw new RuntimeException("EKU: not included " + p);
}
}
if (found != bs.size()) {
throw new RuntimeException("EKU: more items than expected");
}
}
}
CheckEKU cx = new CheckEKU();
assertTrue(((X509CertImpl) ks.getCertificate("eku1")).getExtension(PKIXExtensions.ExtendedKeyUsage_Id).isCritical());
assertTrue(!((X509CertImpl) ks.getCertificate("eku2")).getExtension(PKIXExtensions.ExtendedKeyUsage_Id).isCritical());
cx.check(ks, "eku1", "1.3.6.1.5.5.7.3.1");
cx.check(ks, "eku2", "1.3.6.1.5.5.7.3.2");
cx.check(ks, "eku3", "1.3.6.1.5.5.7.3.3");
cx.check(ks, "eku4", "1.3.6.1.5.5.7.3.4");
cx.check(ks, "eku8", "1.3.6.1.5.5.7.3.8");
cx.check(ks, "eku9", "1.3.6.1.5.5.7.3.9");
cx.check(ks, "eku10", "2.5.29.37.0");
cx.check(ks, "eku11", "1.3.6.1.5.5.7.3.4", "1.2.3.4", "1.3.5.7");
// SAN
testOK("", pre + "san1 -ext san:critical=email:me@me.org");
testOK("", pre + "san2 -ext san=uri:http://me.org");
testOK("", pre + "san3 -ext san=dns:me.org");
testOK("", pre + "san4 -ext san=ip:192.168.0.1");
testOK("", pre + "san5 -ext san=oid:1.2.3.4");
testOK("", pre + "san235 -ext san=uri:http://me.org,dns:me.org,oid:1.2.3.4");
ks = loadStore("x.jks", "changeit", "JKS");
class CheckSAN {
// Please sort items with name type
void check(KeyStore ks, String alias, int type, Object... items) throws Exception {
int pos = 0;
System.err.print("x");
Object[] names = null;
if (type == 0)
names = ((X509Certificate) ks.getCertificate(alias)).getSubjectAlternativeNames().toArray();
else
names = ((X509Certificate) ks.getCertificate(alias)).getIssuerAlternativeNames().toArray();
Arrays.sort(names, new Comparator() {
public int compare(Object o1, Object o2) {
int i1 = (Integer) ((List) o1).get(0);
int i2 = (Integer) ((List) o2).get(0);
return i1 - i2;
}
});
for (Object o : names) {
List l = (List) o;
for (Object o2 : l) {
if (!items[pos++].equals(o2)) {
throw new RuntimeException("Not equals at " + pos + ": " + items[pos - 1] + " vs " + o2);
}
}
}
if (pos != items.length) {
throw new RuntimeException("Extra items, pos is " + pos);
}
}
}
CheckSAN csan = new CheckSAN();
assertTrue(((X509CertImpl) ks.getCertificate("san1")).getSubjectAlternativeNameExtension().isCritical());
assertTrue(!((X509CertImpl) ks.getCertificate("san2")).getSubjectAlternativeNameExtension().isCritical());
csan.check(ks, "san1", 0, 1, "me@me.org");
csan.check(ks, "san2", 0, 6, "http://me.org");
csan.check(ks, "san3", 0, 2, "me.org");
csan.check(ks, "san4", 0, 7, "192.168.0.1");
csan.check(ks, "san5", 0, 8, "1.2.3.4");
csan.check(ks, "san235", 0, 2, "me.org", 6, "http://me.org", 8, "1.2.3.4");
// IAN
testOK("", pre + "ian1 -ext ian:critical=email:me@me.org");
testOK("", pre + "ian2 -ext ian=uri:http://me.org");
testOK("", pre + "ian3 -ext ian=dns:me.org");
testOK("", pre + "ian4 -ext ian=ip:192.168.0.1");
testOK("", pre + "ian5 -ext ian=oid:1.2.3.4");
testOK("", pre + "ian235 -ext ian=uri:http://me.org,dns:me.org,oid:1.2.3.4");
ks = loadStore("x.jks", "changeit", "JKS");
assertTrue(((X509CertImpl) ks.getCertificate("ian1")).getIssuerAlternativeNameExtension().isCritical());
assertTrue(!((X509CertImpl) ks.getCertificate("ian2")).getIssuerAlternativeNameExtension().isCritical());
csan.check(ks, "ian1", 1, 1, "me@me.org");
csan.check(ks, "ian2", 1, 6, "http://me.org");
csan.check(ks, "ian3", 1, 2, "me.org");
csan.check(ks, "ian4", 1, 7, "192.168.0.1");
csan.check(ks, "ian5", 1, 8, "1.2.3.4");
csan.check(ks, "ian235", 1, 2, "me.org", 6, "http://me.org", 8, "1.2.3.4");
// SIA
testOK("", pre + "sia1 -ext sia=care:uri:ldap://ca.com/cn=CA");
testOK("", pre + "sia2 -ext sia=ts:email:ts@ca.com");
testFail("SIA never critical", pre + "sia3 -ext sia:critical=ts:email:ts@ca.com");
ks = loadStore("x.jks", "changeit", "JKS");
class CheckSia {
void check(KeyStore ks, String alias, int type, Object... items) throws Exception {
int pos = 0;
System.err.print("x");
AccessDescription[] ads = null;
if (type == 0) {
SubjectInfoAccessExtension siae = (SubjectInfoAccessExtension) ((X509CertImpl) ks.getCertificate(alias)).getExtension(PKIXExtensions.SubjectInfoAccess_Id);
ads = siae.getAccessDescriptions().toArray(new AccessDescription[0]);
} else {
AuthorityInfoAccessExtension aiae = (AuthorityInfoAccessExtension) ((X509CertImpl) ks.getCertificate(alias)).getExtension(PKIXExtensions.AuthInfoAccess_Id);
ads = aiae.getAccessDescriptions().toArray(new AccessDescription[0]);
}
Arrays.sort(ads, new Comparator<AccessDescription>() {
@Override
public int compare(AccessDescription o1, AccessDescription o2) {
return o1.getAccessMethod().toString().compareTo(o2.getAccessMethod().toString());
}
});
for (AccessDescription ad : ads) {
if (!ad.getAccessMethod().equals(items[pos++]) || !new Integer(ad.getAccessLocation().getType()).equals(items[pos++])) {
throw new RuntimeException("Not same type at " + pos);
}
String name = null;
switch(ad.getAccessLocation().getType()) {
case 1:
name = ((RFC822Name) ad.getAccessLocation().getName()).getName();
break;
case 6:
name = ((URIName) ad.getAccessLocation().getName()).getURI().toString();
break;
default:
throw new RuntimeException("Not implemented: " + ad);
}
if (!name.equals(items[pos++])) {
throw new Exception("Name not same for " + ad + " at pos " + pos);
}
}
}
}
CheckSia csia = new CheckSia();
assertTrue(!((X509CertImpl) ks.getCertificate("sia1")).getExtension(PKIXExtensions.SubjectInfoAccess_Id).isCritical());
csia.check(ks, "sia1", 0, AccessDescription.Ad_CAREPOSITORY_Id, 6, "ldap://ca.com/cn=CA");
csia.check(ks, "sia2", 0, AccessDescription.Ad_TIMESTAMPING_Id, 1, "ts@ca.com");
// AIA
testOK("", pre + "aia1 -ext aia=cai:uri:ldap://ca.com/cn=CA");
testOK("", pre + "aia2 -ext aia=ocsp:email:ocsp@ca.com");
testFail("AIA never critical", pre + "aia3 -ext aia:critical=ts:email:ts@ca.com");
ks = loadStore("x.jks", "changeit", "JKS");
assertTrue(!((X509CertImpl) ks.getCertificate("aia1")).getExtension(PKIXExtensions.AuthInfoAccess_Id).isCritical());
csia.check(ks, "aia1", 1, AccessDescription.Ad_CAISSUERS_Id, 6, "ldap://ca.com/cn=CA");
csia.check(ks, "aia2", 1, AccessDescription.Ad_OCSP_Id, 1, "ocsp@ca.com");
// OID
testOK("", pre + "oid1 -ext 1.2.3:critical=0102");
testOK("", pre + "oid2 -ext 1.2.3");
testOK("", pre + "oid12 -ext 1.2.3 -ext 1.2.4=01:02:03");
ks = loadStore("x.jks", "changeit", "JKS");
class CheckOid {
void check(KeyStore ks, String alias, String oid, byte[] value) throws Exception {
int pos = 0;
System.err.print("x");
Extension ex = ((X509CertImpl) ks.getCertificate(alias)).getExtension(new ObjectIdentifier(oid));
if (!Arrays.equals(value, ex.getValue())) {
throw new RuntimeException("Not same content in " + alias + " for " + oid);
}
}
}
CheckOid coid = new CheckOid();
assertTrue(((X509CertImpl) ks.getCertificate("oid1")).getExtension(new ObjectIdentifier("1.2.3")).isCritical());
assertTrue(!((X509CertImpl) ks.getCertificate("oid2")).getExtension(new ObjectIdentifier("1.2.3")).isCritical());
coid.check(ks, "oid1", "1.2.3", new byte[] { 1, 2 });
coid.check(ks, "oid2", "1.2.3", new byte[] {});
coid.check(ks, "oid12", "1.2.3", new byte[] {});
coid.check(ks, "oid12", "1.2.4", new byte[] { 1, 2, 3 });
// honored
testOK("", pre + "ca");
testOK("", pre + "a");
// request: BC,KU,1.2.3,1.2.4,1.2.5
testOK("", simple + "-alias a -certreq " + "-ext BC=1 -ext KU=crl " + "-ext 1.2.3=01 -ext 1.2.4:critical=0102 -ext 1.2.5=010203 " + "-rfc -file test.req");
// printcertreq
testOK("", "-printcertreq -file test.req");
checkPem("test.req");
// issue: deny KU, change criticality of 1.2.3 and 1.2.4,
// change content of BC, add 2.3.4
testOK("", simple + "-gencert -alias ca -infile test.req -ext " + "honored=all,-KU,1.2.3:critical,1.2.4:non-critical " + "-ext BC=2 -ext 2.3.4=01020304 " + "-debug -rfc -outfile test.cert");
checkPem("test.cert");
testOK("", simple + "-importcert -file test.cert -alias a");
ks = loadStore("x.jks", "changeit", "JKS");
X509CertImpl a = (X509CertImpl) ks.getCertificate("a");
assertTrue(a.getAuthorityKeyIdentifierExtension() != null);
assertTrue(a.getSubjectKeyIdentifierExtension() != null);
assertTrue(a.getKeyUsage() == null);
assertTrue(a.getExtension(new ObjectIdentifier("1.2.3")).isCritical());
assertTrue(!a.getExtension(new ObjectIdentifier("1.2.4")).isCritical());
assertTrue(!a.getExtension(new ObjectIdentifier("1.2.5")).isCritical());
assertTrue(a.getExtensionValue("1.2.3").length == 3);
assertTrue(a.getExtensionValue("1.2.4").length == 4);
assertTrue(a.getExtensionValue("1.2.5").length == 5);
assertTrue(a.getBasicConstraints() == 2);
assertTrue(!a.getExtension(new ObjectIdentifier("2.3.4")).isCritical());
assertTrue(a.getExtensionValue("2.3.4").length == 6);
remove("x.jks");
remove("test.req");
remove("test.cert");
}
Also used :
ObjectIdentifier(sun.security.util.ObjectIdentifier)
KeyStore(java.security.KeyStore)
X509Certificate(java.security.cert.X509Certificate)
NoSuchAlgorithmException(java.security.NoSuchAlgorithmException)
Aggregations
ObjectIdentifier (sun.security.util.ObjectIdentifier)76
IOException (java.io.IOException)27
DerValue (sun.security.util.DerValue)17
AlgorithmId (sun.security.x509.AlgorithmId)17
DerInputStream (sun.security.util.DerInputStream)16
CertificateException (java.security.cert.CertificateException)14
KeyStoreException (java.security.KeyStoreException)12
NoSuchAlgorithmException (java.security.NoSuchAlgorithmException)11
UnrecoverableEntryException (java.security.UnrecoverableEntryException)10
UnrecoverableKeyException (java.security.UnrecoverableKeyException)10
AlgorithmParameters (java.security.AlgorithmParameters)9
X509Certificate (java.security.cert.X509Certificate)9
SecretKey (javax.crypto.SecretKey)9
DerOutputStream (sun.security.util.DerOutputStream)9
ASN1InputStream (com.android.org.bouncycastle.asn1.ASN1InputStream)8
PrivateKeyInfo (com.android.org.bouncycastle.asn1.pkcs.PrivateKeyInfo)8
ByteArrayInputStream (java.io.ByteArrayInputStream)8
Date (java.util.Date)8
DestroyFailedException (javax.security.auth.DestroyFailedException)8
Cipher (javax.crypto.Cipher)7
