Java > Open Source Codes > org > ejbca > core > protocol > xkms > TestXKMSKRSS


1 /*************************************************************************
2  * *
3  * EJBCA: The OpenSource Certificate Authority *
4  * *
5  * This software is free software; you can redistribute it and/or *
6  * modify it under the terms of the GNU Lesser General Public *
7  * License as published by the Free Software Foundation; either *
8  * version 2.1 of the License, or any later version. *
9  * *
10  * See terms of license at gnu.org. *
11  * *
12  *************************************************************************/
13
14 package org.ejbca.core.protocol.xkms;
15
16 import java.security.KeyPair ;
17 import java.security.KeyPairGenerator ;
18 import java.security.PrivateKey ;
19 import java.security.cert.X509Certificate ;
20 import java.security.interfaces.RSAPrivateKey ;
21 import java.security.interfaces.RSAPublicKey ;
22 import java.util.Arrays ;
23 import java.util.Iterator ;
24 import java.util.Random ;
25
26 import javax.naming.Context ;
27 import javax.naming.NamingException ;
28 import javax.xml.bind.JAXBContext;
29 import javax.xml.bind.JAXBElement;
30 import javax.xml.bind.JAXBException;
31 import javax.xml.bind.Marshaller;
32 import javax.xml.bind.PropertyException;
33 import javax.xml.parsers.DocumentBuilderFactory ;
34
35 import junit.framework.TestCase;
36
37 import org.apache.log4j.Logger;
38 import org.ejbca.core.ejb.ca.store.ICertificateStoreSessionHome;
39 import org.ejbca.core.ejb.ca.store.ICertificateStoreSessionRemote;
40 import org.ejbca.core.ejb.keyrecovery.IKeyRecoverySessionHome;
41 import org.ejbca.core.ejb.keyrecovery.IKeyRecoverySessionRemote;
42 import org.ejbca.core.ejb.ra.IUserAdminSessionHome;
43 import org.ejbca.core.ejb.ra.IUserAdminSessionRemote;
44 import org.ejbca.core.ejb.ra.raadmin.IRaAdminSessionHome;
45 import org.ejbca.core.ejb.ra.raadmin.IRaAdminSessionRemote;
46 import org.ejbca.core.model.SecConst;
47 import org.ejbca.core.model.ca.certificateprofiles.CertificateProfile;
48 import org.ejbca.core.model.ca.certificateprofiles.EndUserCertificateProfile;
49 import org.ejbca.core.model.log.Admin;
50 import org.ejbca.core.model.ra.UserDataConstants;
51 import org.ejbca.core.model.ra.raadmin.EndEntityProfile;
52 import org.ejbca.core.model.ra.raadmin.GlobalConfiguration;
53 import org.ejbca.core.protocol.xkms.client.XKMSInvoker;
54 import org.ejbca.core.protocol.xkms.common.XKMSConstants;
55 import org.ejbca.core.protocol.xkms.common.XKMSNamespacePrefixMapper;
56 import org.ejbca.core.protocol.xkms.common.XKMSUtil;
57 import org.ejbca.util.CertTools;
58 import org.w3._2000._09.xmldsig_.KeyInfoType;
59 import org.w3._2000._09.xmldsig_.RSAKeyValueType;
60 import org.w3._2000._09.xmldsig_.X509DataType;
61 import org.w3._2002._03.xkms_.AuthenticationType;
62 import org.w3._2002._03.xkms_.KeyBindingType;
63 import org.w3._2002._03.xkms_.NotBoundAuthenticationType;
64 import org.w3._2002._03.xkms_.ObjectFactory;
65 import org.w3._2002._03.xkms_.PrototypeKeyBindingType;
66 import org.w3._2002._03.xkms_.RecoverRequestType;
67 import org.w3._2002._03.xkms_.RecoverResultType;
68 import org.w3._2002._03.xkms_.RegisterRequestType;
69 import org.w3._2002._03.xkms_.RegisterResultType;
70 import org.w3._2002._03.xkms_.ReissueRequestType;
71 import org.w3._2002._03.xkms_.ReissueResultType;
72 import org.w3._2002._03.xkms_.RevokeRequestType;
73 import org.w3._2002._03.xkms_.RevokeResultType;
74 import org.w3._2002._03.xkms_.UseKeyWithType;
75
76 /**
77  *
78  *
79  *
80  * @author Philip Vendil 2006 sep 27
81  *
82  * @version $Id: TestXKMSKRSS.java,v 1.2.2.1 2007/02/02 09:34:02 anatom Exp $
83  */
84
85 public class TestXKMSKRSS extends TestCase {
86     
87     private static Logger log = Logger.getLogger(TestXKMSKRSS.class);
88
89     static{
90         org.apache.xml.security.Init.init();
91     }
92     
93     private XKMSInvoker xKMSInvoker = new XKMSInvoker("http://localhost:8080/ejbca/xkms/xkms",null);
94         
95     private ObjectFactory xKMSObjectFactory = new ObjectFactory();
96     private org.w3._2000._09.xmldsig_.ObjectFactory sigFactory = new org.w3._2000._09.xmldsig_.ObjectFactory();
97
98     private static String baseUsername;
99     private IUserAdminSessionRemote cacheAdmin;
100     private IUserAdminSessionHome cacheHome;
101     private ICertificateStoreSessionRemote certStore;
102     private IRaAdminSessionRemote raAdmin;
103     private IKeyRecoverySessionRemote keyAdmin;
104     
105     private static Admin administrator = new Admin(Admin.TYPE_RA_USER);
106     
107     private int caid;
108     private static String username1 = null;
109     private static String username2 = null;
110     private static String username3 = null;
111
112     private static String issuerdn = null;
113     
114     private int userNo;
115     
116     private static String dn1;
117     private static String dn2;
118     private static String dn3;
119     
120     private static KeyPair keys1;
121     private static KeyPair keys3;
122     
123     private static X509Certificate cert1;
124     private static X509Certificate cert2;
125     
126     private static String certprofilename1 = null;
127     private static String certprofilename2 = null;
128     private static String endentityprofilename = null;
129     
130     private static GlobalConfiguration orgGlobalConfig = null;
131     
132     private static int endEntityProfileId;
133     
134     private static JAXBContext jAXBContext = null;
135     private static Marshaller marshaller = null;
136     //private static Unmarshaller unmarshaller = null;
137 private static DocumentBuilderFactory dbf = null;
138     
139     static{
140         try {
141             CertTools.installBCProvider();
142             org.apache.xml.security.Init.init();
143
144             jAXBContext = JAXBContext.newInstance("org.w3._2002._03.xkms_:org.w3._2001._04.xmlenc_:org.w3._2000._09.xmldsig_");
145             marshaller = jAXBContext.createMarshaller();
146             try {
147                 marshaller.setProperty("com.sun.xml.bind.namespacePrefixMapper",new XKMSNamespacePrefixMapper());
148             } catch( PropertyException e ) {
149                 log.error("Error registering namespace mapper property",e);
150             }
151             dbf = DocumentBuilderFactory.newInstance();
152             dbf.setNamespaceAware(true);
153             //unmarshaller = jAXBContext.createUnmarshaller();
154
155         } catch (JAXBException e) {
156             log.error("Error initializing RequestAbstractTypeResponseGenerator",e);
157         }
158
159     }
160     
161     protected void setUp() throws Exception {
162         log.debug(">setUp()");
163         CertTools.installBCProvider();
164
165         
166         if (cacheAdmin == null) {
167             if (cacheHome == null) {
168                 Context jndiContext = getInitialContext();
169                 Object obj1 = jndiContext.lookup("UserAdminSession");
170                 cacheHome = (IUserAdminSessionHome) javax.rmi.PortableRemoteObject.narrow(obj1, IUserAdminSessionHome.class);
171                 
172                 
173                 Object obj2 = jndiContext.lookup("CertificateStoreSession");
174                 ICertificateStoreSessionHome certhome = (ICertificateStoreSessionHome) javax.rmi.PortableRemoteObject.narrow(obj2, ICertificateStoreSessionHome.class);
175                 certStore = certhome.create();
176                 
177                 Object obj3 = jndiContext.lookup("RaAdminSession");
178                 IRaAdminSessionHome raAdminHome = (IRaAdminSessionHome) javax.rmi.PortableRemoteObject.narrow(obj3, IRaAdminSessionHome.class);
179                 raAdmin = raAdminHome.create();
180                 
181                 Object obj4 = jndiContext.lookup("KeyRecoverySession");
182                 IKeyRecoverySessionHome keyAdminHome = (IKeyRecoverySessionHome) javax.rmi.PortableRemoteObject.narrow(obj4, IKeyRecoverySessionHome.class);
183                 keyAdmin = keyAdminHome.create();
184                 
185                 issuerdn = "CN=AdminCA1,O=EJBCA Sample,C=SE";
186                 caid = issuerdn.hashCode();
187                 
188             }
189
190             cacheAdmin = cacheHome.create();
191         }
192
193         
194         Random ran = new Random ();
195         if(baseUsername == null){
196           baseUsername = "xkmstestuser" + (ran.nextInt() % 1000) + "-";
197         }
198         
199         log.debug("<setUp()");
200     }
201
202     protected void tearDown() throws Exception {
203     }
204     
205     public void test00SetupDatabase() throws Exception {
206         
207
208         certprofilename1 = "XKMSTESTSIGN" + baseUsername;
209         certprofilename2 = "XKMSTESTEXCHANDENC" + baseUsername;
210         endentityprofilename = "XKMSTESTPROFILE" + baseUsername;
211         
212         orgGlobalConfig = raAdmin.loadGlobalConfiguration(administrator);
213         
214         GlobalConfiguration newGlobalConfig = raAdmin.loadGlobalConfiguration(administrator);
215         newGlobalConfig.setEnableKeyRecovery(true);
216         raAdmin.saveGlobalConfiguration(administrator, newGlobalConfig);
217         
218         
219         // Setup with two new Certificate profiles.
220 EndUserCertificateProfile profile1 = new EndUserCertificateProfile();
221         profile1.setKeyUsage(CertificateProfile.DIGITALSIGNATURE,false);
222         profile1.setKeyUsage(CertificateProfile.KEYENCIPHERMENT,false);
223         profile1.setKeyUsage(CertificateProfile.NONREPUDIATION,true);
224         
225         EndUserCertificateProfile profile2 = new EndUserCertificateProfile();
226         profile2.setKeyUsage(CertificateProfile.DATAENCIPHERMENT,true);
227         
228         certStore.addCertificateProfile(administrator, certprofilename1, profile1);
229         certStore.addCertificateProfile(administrator, certprofilename2, profile2);
230         
231         int profile1Id = certStore.getCertificateProfileId(administrator, certprofilename1);
232         int profile2Id = certStore.getCertificateProfileId(administrator, certprofilename2);
233         
234         EndEntityProfile endentityprofile = new EndEntityProfile(true);
235         
236         endentityprofile.setValue(EndEntityProfile.AVAILCAS, 0, ""+caid);
237         endentityprofile.setValue(EndEntityProfile.AVAILCERTPROFILES, 0, ""+SecConst.CERTPROFILE_FIXED_ENDUSER +";" + profile1Id + ";" + profile2Id );
238         
239         endentityprofile.setUse(EndEntityProfile.KEYRECOVERABLE, 0, true);
240         
241         raAdmin.addEndEntityProfile(administrator, endentityprofilename, endentityprofile);
242         endEntityProfileId = raAdmin.getEndEntityProfileId(administrator, endentityprofilename);
243         
244         
245         username1 = genUserName();
246         String pwd = "foo123";
247         int type = SecConst.USER_ENDUSER ;
248         int token = SecConst.TOKEN_SOFT_BROWSERGEN;
249         int certificatetypeid = SecConst.CERTPROFILE_FIXED_ENDUSER;
250         int hardtokenissuerid = SecConst.NO_HARDTOKENISSUER;
251         dn1 = "C=SE, O=AnaTom, CN=" + username1;
252         String subjectaltname1 = "RFC822NAME=" + username1 + "@foo.se";
253         String email1 = username1 + "@foo.se";
254         if (cacheAdmin.findUser(administrator, username1) != null) {
255             System.out.println("Error : User already exists in the database.");
256         }
257         cacheAdmin.addUser(administrator, username1, pwd, CertTools.stringToBCDNString(dn1), subjectaltname1, email1, false, endEntityProfileId, certificatetypeid,
258                 type, token, hardtokenissuerid, caid);
259         cacheAdmin.setClearTextPassword(administrator, username1, pwd);
260  
261         username2 = genUserName();
262         dn2 = "C=SE, O=AnaTom, CN=" + username2;
263         type = SecConst.USER_ENDUSER | SecConst.USER_KEYRECOVERABLE;
264         token = SecConst.TOKEN_SOFT_P12;
265         String subjectaltname2 = "RFC822NAME=" + username2 + "@foo.se,UNIFORMRESOURCEIDENTIFIER=http://www.test.com/"+username2+",IPADDRESS=10.0.0.1,DNSNAME="+username2+".test.com";
266         String email2 = username2 + "@foo.se";
267         if (cacheAdmin.findUser(administrator, username2) != null) {
268             System.out.println("Error : User already exists in the database.");
269         }
270         cacheAdmin.addUser(administrator, username2, pwd, CertTools.stringToBCDNString(dn2), subjectaltname2, email2, false, endEntityProfileId, profile1Id,
271                 type, token, hardtokenissuerid, caid);
272         cacheAdmin.setClearTextPassword(administrator, username2, pwd);
273
274         username3 = genUserName();
275         dn3 = "C=SE, O=AnaTom, CN=" + username3;
276         String subjectaltname3 = "RFC822NAME=" + username3 + "@foo.se";
277         String email3 = username3 + "@foo.se";
278         if (cacheAdmin.findUser(administrator, username3) != null) {
279             System.out.println("Error : User already exists in the database.");
280         }
281         cacheAdmin.addUser(administrator, username3, pwd, CertTools.stringToBCDNString(dn3), subjectaltname3, email3, false, endEntityProfileId, profile2Id,
282                 type, token, hardtokenissuerid, caid);
283         cacheAdmin.setClearTextPassword(administrator, username3, pwd);
284
285     }
286     
287     public void test01SimpleRegistration() throws Exception {
288         
289         keys1 = genKeys();
290         RegisterRequestType registerRequestType = xKMSObjectFactory.createRegisterRequestType();
291         registerRequestType.setId("600");
292             
293         UseKeyWithType useKeyWithType = xKMSObjectFactory.createUseKeyWithType();
294         useKeyWithType.setApplication(XKMSConstants.USEKEYWITH_PKIX);
295         useKeyWithType.setIdentifier(dn1);
296         
297         registerRequestType.getRespondWith().add(XKMSConstants.RESPONDWITH_X509CHAIN);
298         
299         KeyInfoType keyInfoType = sigFactory.createKeyInfoType();
300         RSAKeyValueType rsaKeyValueType = sigFactory.createRSAKeyValueType();
301         rsaKeyValueType.setExponent(((RSAPublicKey ) keys1.getPublic()).getPublicExponent().toByteArray());
302         rsaKeyValueType.setModulus(((RSAPublicKey ) keys1.getPublic()).getModulus().toByteArray());
303         JAXBElement<RSAKeyValueType> rsaKeyValue = sigFactory.createRSAKeyValue(rsaKeyValueType);
304         keyInfoType.getContent().add(rsaKeyValue);
305         PrototypeKeyBindingType prototypeKeyBindingType = xKMSObjectFactory.createPrototypeKeyBindingType();
306         prototypeKeyBindingType.getUseKeyWith().add(useKeyWithType);
307         prototypeKeyBindingType.setKeyInfo(keyInfoType);
308         prototypeKeyBindingType.setId("100231");
309         registerRequestType.setPrototypeKeyBinding(prototypeKeyBindingType);
310                 
311         
312         byte[] first = XKMSUtil.getSecretKeyFromPassphrase("UsersRevokationCodeIdentifier", true,20, XKMSUtil.KEY_REVOCATIONCODEIDENTIFIER_PASS1).getEncoded();
313         byte[] second = XKMSUtil.getSecretKeyFromPassphrase(new String (first, "ISO8859-1"), false,20, XKMSUtil.KEY_REVOCATIONCODEIDENTIFIER_PASS2).getEncoded();
314         prototypeKeyBindingType.setRevocationCodeIdentifier(second);
315         
316         RegisterResultType registerResultType = xKMSInvoker.register(registerRequestType, null, null, "foo123", keys1.getPrivate(), prototypeKeyBindingType.getId());
317         
318         assertTrue(registerResultType.getResultMajor().equals(XKMSConstants.RESULTMAJOR_SUCCESS));
319
320         assertTrue(registerResultType.getKeyBinding().size() == 1);
321         KeyBindingType keyBindingType = registerResultType.getKeyBinding().get(0);
322         assertTrue(keyBindingType.getStatus().getValidReason().size() == 4);
323         
324         JAXBElement<X509DataType> jAXBX509Data = (JAXBElement<X509DataType>) keyBindingType.getKeyInfo().getContent().get(0);
325         assertTrue(jAXBX509Data.getValue().getX509IssuerSerialOrX509SKIOrX509SubjectName().size() == 2);
326         Iterator iter2 = jAXBX509Data.getValue().getX509IssuerSerialOrX509SKIOrX509SubjectName().iterator();
327         while(iter2.hasNext()){
328             JAXBElement next = (JAXBElement) iter2.next();
329             assertTrue(next.getName().getLocalPart().equals("X509Certificate"));
330             byte[] encoded = (byte[]) next.getValue();
331             X509Certificate nextCert = CertTools.getCertfromByteArray(encoded);
332             
333             assertTrue(CertTools.stringToBCDNString(nextCert.getSubjectDN().toString()).equals(CertTools.stringToBCDNString(dn1)) ||
334                        CertTools.stringToBCDNString(nextCert.getSubjectDN().toString()).equals(CertTools.stringToBCDNString(issuerdn)));
335             if(CertTools.getSubjectDN(nextCert).equals(CertTools.stringToBCDNString(dn1))){
336                 assertTrue(Arrays.equals(keys1.getPublic().getEncoded(), nextCert.getPublicKey().getEncoded()));
337                 cert1 = nextCert;
338             }
339         }
340     }
341     
342     public void test02ServerGenRegistration() throws Exception {
343         RegisterRequestType registerRequestType = xKMSObjectFactory.createRegisterRequestType();
344         registerRequestType.setId("601");
345             
346         UseKeyWithType useKeyWithType = xKMSObjectFactory.createUseKeyWithType();
347         useKeyWithType.setApplication(XKMSConstants.USEKEYWITH_PKIX);
348         useKeyWithType.setIdentifier(dn2);
349         
350         registerRequestType.getRespondWith().add(XKMSConstants.RESPONDWITH_X509CERT);
351         
352       
353         PrototypeKeyBindingType prototypeKeyBindingType = xKMSObjectFactory.createPrototypeKeyBindingType();
354         prototypeKeyBindingType.getUseKeyWith().add(useKeyWithType);
355       
356         prototypeKeyBindingType.setId("100231");
357         registerRequestType.setPrototypeKeyBinding(prototypeKeyBindingType);
358
359         byte[] first = XKMSUtil.getSecretKeyFromPassphrase("UsersRevokationCodeId1234", true,20, XKMSUtil.KEY_REVOCATIONCODEIDENTIFIER_PASS1).getEncoded();
360         byte[] second = XKMSUtil.getSecretKeyFromPassphrase(new String (first,"ISO8859-1"), false,20, XKMSUtil.KEY_REVOCATIONCODEIDENTIFIER_PASS2).getEncoded();
361         prototypeKeyBindingType.setRevocationCodeIdentifier(second);
362         
363         
364         RegisterResultType registerResultType = xKMSInvoker.register(registerRequestType, null, null, "foo123", null, prototypeKeyBindingType.getId());
365         
366         assertTrue(registerResultType.getResultMajor().equals(XKMSConstants.RESULTMAJOR_SUCCESS));
367
368         assertTrue(registerResultType.getKeyBinding().size() == 1);
369         KeyBindingType keyBindingType = registerResultType.getKeyBinding().get(0);
370         assertTrue(keyBindingType.getStatus().getValidReason().size() == 4);
371         
372         JAXBElement<X509DataType> jAXBX509Data = (JAXBElement<X509DataType>) keyBindingType.getKeyInfo().getContent().get(0);
373         assertTrue(jAXBX509Data.getValue().getX509IssuerSerialOrX509SKIOrX509SubjectName().size() == 1);
374         Iterator iter2 = jAXBX509Data.getValue().getX509IssuerSerialOrX509SKIOrX509SubjectName().iterator();
375         
376         while(iter2.hasNext()){
377             JAXBElement next = (JAXBElement) iter2.next();
378             assertTrue(next.getName().getLocalPart().equals("X509Certificate"));
379             byte[] encoded = (byte[]) next.getValue();
380             X509Certificate nextCert = CertTools.getCertfromByteArray(encoded);
381             
382             assertTrue(CertTools.stringToBCDNString(nextCert.getSubjectDN().toString()).equals(CertTools.stringToBCDNString(dn2)));
383             if(CertTools.getSubjectDN(nextCert).equals(CertTools.stringToBCDNString(dn2))){
384                 cert2 = nextCert;
385                 
386             }
387         }
388         
389         assertTrue(registerResultType.getPrivateKey() != null);
390         PrivateKey privateKey = XKMSUtil.getPrivateKeyFromEncryptedXML(registerResultType.getPrivateKey(), "foo123");
391         
392         X509Certificate testCert = CertTools.genSelfCert("CN=sdf", 12, null, privateKey, cert2.getPublicKey(), "SHA1WithRSA", false);
393         testCert.verify(cert2.getPublicKey());
394         
395     }
396     
397     public void test03RegisterWithWrongDN() throws Exception {
398         keys3 = genKeys();
399         RegisterRequestType registerRequestType = xKMSObjectFactory.createRegisterRequestType();
400         registerRequestType.setId("602");
401             
402         UseKeyWithType useKeyWithType = xKMSObjectFactory.createUseKeyWithType();
403         useKeyWithType.setApplication(XKMSConstants.USEKEYWITH_PKIX);
404         useKeyWithType.setIdentifier("CN=wrong");
405         
406         registerRequestType.getRespondWith().add(XKMSConstants.RESPONDWITH_X509CHAIN);
407         
408         KeyInfoType keyInfoType = sigFactory.createKeyInfoType();
409         RSAKeyValueType rsaKeyValueType = sigFactory.createRSAKeyValueType();
410         rsaKeyValueType.setExponent(((RSAPublicKey ) keys3.getPublic()).getPublicExponent().toByteArray());
411         rsaKeyValueType.setModulus(((RSAPublicKey ) keys3.getPublic()).getModulus().toByteArray());
412         JAXBElement<RSAKeyValueType> rsaKeyValue = sigFactory.createRSAKeyValue(rsaKeyValueType);
413         keyInfoType.getContent().add(rsaKeyValue);
414         PrototypeKeyBindingType prototypeKeyBindingType = xKMSObjectFactory.createPrototypeKeyBindingType();
415         prototypeKeyBindingType.getUseKeyWith().add(useKeyWithType);
416         prototypeKeyBindingType.setKeyInfo(keyInfoType);
417         prototypeKeyBindingType.setId("100231");
418         registerRequestType.setPrototypeKeyBinding(prototypeKeyBindingType);
419         
420         RegisterResultType registerResultType = xKMSInvoker.register(registerRequestType, null, null, "foo123", keys3.getPrivate(), prototypeKeyBindingType.getId());
421         
422         assertTrue(registerResultType.getResultMajor().equals(XKMSConstants.RESULTMAJOR_SENDER));
423         assertTrue(registerResultType.getResultMinor().equals(XKMSConstants.RESULTMINOR_NOMATCH));
424
425     }
426     
427     public void test04RegisterWithWrongStatus() throws Exception {
428         KeyPair keys = genKeys();
429         RegisterRequestType registerRequestType = xKMSObjectFactory.createRegisterRequestType();
430         registerRequestType.setId("603");
431             
432         UseKeyWithType useKeyWithType = xKMSObjectFactory.createUseKeyWithType();
433         useKeyWithType.setApplication(XKMSConstants.USEKEYWITH_PKIX);
434         useKeyWithType.setIdentifier(dn1);
435         
436         registerRequestType.getRespondWith().add(XKMSConstants.RESPONDWITH_X509CHAIN);
437         
438         KeyInfoType keyInfoType = sigFactory.createKeyInfoType();
439         RSAKeyValueType rsaKeyValueType = sigFactory.createRSAKeyValueType();
440         rsaKeyValueType.setExponent(((RSAPublicKey ) keys.getPublic()).getPublicExponent().toByteArray());
441         rsaKeyValueType.setModulus(((RSAPublicKey ) keys.getPublic()).getModulus().toByteArray());
442         JAXBElement<RSAKeyValueType> rsaKeyValue = sigFactory.createRSAKeyValue(rsaKeyValueType);
443         keyInfoType.getContent().add(rsaKeyValue);
444         PrototypeKeyBindingType prototypeKeyBindingType = xKMSObjectFactory.createPrototypeKeyBindingType();
445         prototypeKeyBindingType.getUseKeyWith().add(useKeyWithType);
446         prototypeKeyBindingType.setKeyInfo(keyInfoType);
447         prototypeKeyBindingType.setId("100231");
448         registerRequestType.setPrototypeKeyBinding(prototypeKeyBindingType);
449         
450         RegisterResultType registerResultType = xKMSInvoker.register(registerRequestType, null, null, "foo123", keys.getPrivate(), prototypeKeyBindingType.getId());
451         
452         assertTrue(registerResultType.getResultMajor().equals(XKMSConstants.RESULTMAJOR_SENDER));
453         assertTrue(registerResultType.getResultMinor().equals(XKMSConstants.RESULTMINOR_REFUSED));
454
455         
456     }
457     
458     public void test05RegisterWithWrongPassword() throws Exception {
459         KeyPair keys = genKeys();
460         RegisterRequestType registerRequestType = xKMSObjectFactory.createRegisterRequestType();
461         registerRequestType.setId("604");
462             
463         UseKeyWithType useKeyWithType = xKMSObjectFactory.createUseKeyWithType();
464         useKeyWithType.setApplication(XKMSConstants.USEKEYWITH_PKIX);
465         useKeyWithType.setIdentifier(dn3);
466         
467         registerRequestType.getRespondWith().add(XKMSConstants.RESPONDWITH_X509CHAIN);
468         
469         KeyInfoType keyInfoType = sigFactory.createKeyInfoType();
470         RSAKeyValueType rsaKeyValueType = sigFactory.createRSAKeyValueType();
471         rsaKeyValueType.setExponent(((RSAPublicKey ) keys.getPublic()).getPublicExponent().toByteArray());
472         rsaKeyValueType.setModulus(((RSAPublicKey ) keys.getPublic()).getModulus().toByteArray());
473         JAXBElement<RSAKeyValueType> rsaKeyValue = sigFactory.createRSAKeyValue(rsaKeyValueType);
474         keyInfoType.getContent().add(rsaKeyValue);
475         PrototypeKeyBindingType prototypeKeyBindingType = xKMSObjectFactory.createPrototypeKeyBindingType();
476         prototypeKeyBindingType.getUseKeyWith().add(useKeyWithType);
477         prototypeKeyBindingType.setKeyInfo(keyInfoType);
478         prototypeKeyBindingType.setId("100231");
479         registerRequestType.setPrototypeKeyBinding(prototypeKeyBindingType);
480         
481         RegisterResultType registerResultType = xKMSInvoker.register(registerRequestType, null, null, "foo124", keys.getPrivate(), prototypeKeyBindingType.getId());
482         
483         assertTrue(registerResultType.getResultMajor().equals(XKMSConstants.RESULTMAJOR_SENDER));
484         assertTrue(registerResultType.getResultMinor().equals(XKMSConstants.RESULTMINOR_NOAUTHENTICATION));
485
486         
487     }
488     
489     public void test06RegisterWithNoPOP() throws Exception {
490         KeyPair keys = genKeys();
491         RegisterRequestType registerRequestType = xKMSObjectFactory.createRegisterRequestType();
492         registerRequestType.setId("605");
493             
494         UseKeyWithType useKeyWithType = xKMSObjectFactory.createUseKeyWithType();
495         useKeyWithType.setApplication(XKMSConstants.USEKEYWITH_PKIX);
496         useKeyWithType.setIdentifier(dn3);
497         
498         registerRequestType.getRespondWith().add(XKMSConstants.RESPONDWITH_X509CHAIN);
499         
500         KeyInfoType keyInfoType = sigFactory.createKeyInfoType();
501         RSAKeyValueType rsaKeyValueType = sigFactory.createRSAKeyValueType();
502         rsaKeyValueType.setExponent(((RSAPublicKey ) keys.getPublic()).getPublicExponent().toByteArray());
503         rsaKeyValueType.setModulus(((RSAPublicKey ) keys.getPublic()).getModulus().toByteArray());
504         JAXBElement<RSAKeyValueType> rsaKeyValue = sigFactory.createRSAKeyValue(rsaKeyValueType);
505         keyInfoType.getContent().add(rsaKeyValue);
506         PrototypeKeyBindingType prototypeKeyBindingType = xKMSObjectFactory.createPrototypeKeyBindingType();
507         prototypeKeyBindingType.getUseKeyWith().add(useKeyWithType);
508         prototypeKeyBindingType.setKeyInfo(keyInfoType);
509         prototypeKeyBindingType.setId("100231");
510         registerRequestType.setPrototypeKeyBinding(prototypeKeyBindingType);
511         
512         RegisterResultType registerResultType = xKMSInvoker.register(registerRequestType, null, null, "foo123", null, prototypeKeyBindingType.getId());
513         
514         assertTrue(registerResultType.getResultMajor().equals(XKMSConstants.RESULTMAJOR_SENDER));
515         assertTrue(registerResultType.getResultMinor().equals(XKMSConstants.RESULTMINOR_POPREQUIRED));
516
517         
518     }
519     
520     public void test07RegisterWithBasicAuthentication() throws Exception {
521         KeyPair keys = genKeys();
522         RegisterRequestType registerRequestType = xKMSObjectFactory.createRegisterRequestType();
523         registerRequestType.setId("606");
524             
525         UseKeyWithType useKeyWithType = xKMSObjectFactory.createUseKeyWithType();
526         useKeyWithType.setApplication(XKMSConstants.USEKEYWITH_PKIX);
527         useKeyWithType.setIdentifier(dn3);
528         
529         registerRequestType.getRespondWith().add(XKMSConstants.RESPONDWITH_X509CHAIN);
530         
531         KeyInfoType keyInfoType = sigFactory.createKeyInfoType();
532         RSAKeyValueType rsaKeyValueType = sigFactory.createRSAKeyValueType();
533         rsaKeyValueType.setExponent(((RSAPublicKey ) keys.getPublic()).getPublicExponent().toByteArray());
534         rsaKeyValueType.setModulus(((RSAPublicKey ) keys.getPublic()).getModulus().toByteArray());
535         JAXBElement<RSAKeyValueType> rsaKeyValue = sigFactory.createRSAKeyValue(rsaKeyValueType);
536         keyInfoType.getContent().add(rsaKeyValue);
537         PrototypeKeyBindingType prototypeKeyBindingType = xKMSObjectFactory.createPrototypeKeyBindingType();
538         prototypeKeyBindingType.getUseKeyWith().add(useKeyWithType);
539         prototypeKeyBindingType.setKeyInfo(keyInfoType);
540         prototypeKeyBindingType.setId("100231");
541         registerRequestType.setPrototypeKeyBinding(prototypeKeyBindingType);
542         
543         AuthenticationType authenticationType = xKMSObjectFactory.createAuthenticationType();
544         NotBoundAuthenticationType notBoundAuthenticationType = xKMSObjectFactory.createNotBoundAuthenticationType();
545         notBoundAuthenticationType.setProtocol("NOTUSED");
546         notBoundAuthenticationType.setValue("foo123".getBytes());
547         authenticationType.setNotBoundAuthentication(notBoundAuthenticationType);
548         registerRequestType.setAuthentication(authenticationType);
549         
550         RegisterResultType registerResultType = xKMSInvoker.register(registerRequestType, null, null, null, keys.getPrivate(), prototypeKeyBindingType.getId());
551         
552         assertTrue(registerResultType.getResultMajor().equals(XKMSConstants.RESULTMAJOR_SUCCESS));
553
554         assertTrue(registerResultType.getKeyBinding().size() == 1);
555         KeyBindingType keyBindingType = registerResultType.getKeyBinding().get(0);
556         assertTrue(keyBindingType.getStatus().getValidReason().size() == 4);
557         
558     }
559     
560     public void test08SimpleReissue() throws Exception {
561         cacheAdmin.setUserStatus(administrator, username1, 10);
562         cacheAdmin.setClearTextPassword(administrator, username1, "ReissuePassword");
563         ReissueRequestType reissueRequestType = xKMSObjectFactory.createReissueRequestType();
564         reissueRequestType.setId("607");
565                            
566         reissueRequestType.getRespondWith().add(XKMSConstants.RESPONDWITH_X509CHAIN);
567              
568         X509DataType x509DataType = sigFactory.createX509DataType();
569         x509DataType.getX509IssuerSerialOrX509SKIOrX509SubjectName().add(sigFactory.createX509DataTypeX509Certificate(cert1.getEncoded()));
570         KeyInfoType keyInfoType = sigFactory.createKeyInfoType();
571         keyInfoType.getContent().add(sigFactory.createX509Data(x509DataType));
572         
573         KeyBindingType keyBindingType = xKMSObjectFactory.createKeyBindingType();
574         keyBindingType.setKeyInfo(keyInfoType);
575         keyBindingType.setId("100123122");
576         reissueRequestType.setReissueKeyBinding(keyBindingType);
577         
578         AuthenticationType authenticationType = xKMSObjectFactory.createAuthenticationType();
579         NotBoundAuthenticationType notBoundAuthenticationType = xKMSObjectFactory.createNotBoundAuthenticationType();
580         notBoundAuthenticationType.setProtocol("NOTUSED");
581         notBoundAuthenticationType.setValue("ReissuePassword".getBytes());
582         authenticationType.setNotBoundAuthentication(notBoundAuthenticationType);
583         reissueRequestType.setAuthentication(authenticationType);
584         
585         ReissueResultType reissueResultType = xKMSInvoker.reissue(reissueRequestType, null, null, null, keys1.getPrivate(), keyBindingType.getId());
586         
587         assertTrue(reissueResultType.getResultMajor().equals(XKMSConstants.RESULTMAJOR_SUCCESS));
588         assertTrue(reissueResultType.getResultMinor() == null);
589
590         assertTrue(reissueResultType.getKeyBinding().size() == 1);
591         keyBindingType = reissueResultType.getKeyBinding().get(0);
592         assertTrue(keyBindingType.getStatus().getValidReason().size() == 4);
593         
594         JAXBElement<X509DataType> jAXBX509Data = (JAXBElement<X509DataType>) keyBindingType.getKeyInfo().getContent().get(0);
595         assertTrue(jAXBX509Data.getValue().getX509IssuerSerialOrX509SKIOrX509SubjectName().size() == 2);
596         Iterator iter2 = jAXBX509Data.getValue().getX509IssuerSerialOrX509SKIOrX509SubjectName().iterator();
597         while(iter2.hasNext()){
598             JAXBElement next = (JAXBElement) iter2.next();
599             assertTrue(next.getName().getLocalPart().equals("X509Certificate"));
600             byte[] encoded = (byte[]) next.getValue();
601             X509Certificate nextCert = CertTools.getCertfromByteArray(encoded);
602             
603             assertTrue(CertTools.stringToBCDNString(nextCert.getSubjectDN().toString()).equals(CertTools.stringToBCDNString(dn1)) ||
604                        CertTools.stringToBCDNString(nextCert.getSubjectDN().toString()).equals(CertTools.stringToBCDNString(issuerdn)));
605             if(CertTools.getSubjectDN(nextCert).equals(CertTools.stringToBCDNString(dn1))){
606                 assertTrue(Arrays.equals(keys1.getPublic().getEncoded(), nextCert.getPublicKey().getEncoded()));
607                 assertFalse(cert1.getSerialNumber().equals(nextCert.getSerialNumber()));
608             }
609         }
610     }
611     
612     public void test09ReissueWrongPassword() throws Exception {
613         cacheAdmin.setUserStatus(administrator, username1, 10);
614         cacheAdmin.setClearTextPassword(administrator, username1, "ReissuePassword");
615         ReissueRequestType reissueRequestType = xKMSObjectFactory.createReissueRequestType();
616         reissueRequestType.setId("608");
617                            
618         reissueRequestType.getRespondWith().add(XKMSConstants.RESPONDWITH_X509CHAIN);
619              
620         X509DataType x509DataType = sigFactory.createX509DataType();
621         x509DataType.getX509IssuerSerialOrX509SKIOrX509SubjectName().add(sigFactory.createX509DataTypeX509Certificate(cert1.getEncoded()));
622         KeyInfoType keyInfoType = sigFactory.createKeyInfoType();
623         keyInfoType.getContent().add(sigFactory.createX509Data(x509DataType));
624         
625         KeyBindingType keyBindingType = xKMSObjectFactory.createKeyBindingType();
626         keyBindingType.setKeyInfo(keyInfoType);
627         keyBindingType.setId("100123122");
628         reissueRequestType.setReissueKeyBinding(keyBindingType);
629         
630         AuthenticationType authenticationType = xKMSObjectFactory.createAuthenticationType();
631         NotBoundAuthenticationType notBoundAuthenticationType = xKMSObjectFactory.createNotBoundAuthenticationType();
632         notBoundAuthenticationType.setProtocol("NOTUSED");
633         notBoundAuthenticationType.setValue("Wrong".getBytes());
634         authenticationType.setNotBoundAuthentication(notBoundAuthenticationType);
635         reissueRequestType.setAuthentication(authenticationType);
636         
637         ReissueResultType reissueResultType = xKMSInvoker.reissue(reissueRequestType, null, null, null, keys1.getPrivate(), keyBindingType.getId());
638         
639         assertTrue(reissueResultType.getResultMajor().equals(XKMSConstants.RESULTMAJOR_SENDER));
640         assertTrue(reissueResultType.getResultMinor().equals(XKMSConstants.RESULTMINOR_NOAUTHENTICATION));
641
642         
643     }
644     
645     public void test10ReissueWrongStatus() throws Exception {
646         cacheAdmin.setUserStatus(administrator, username1, 40);
647         cacheAdmin.setClearTextPassword(administrator, username1, "ReissuePassword");
648         ReissueRequestType reissueRequestType = xKMSObjectFactory.createReissueRequestType();
649         reissueRequestType.setId("609");
650                            
651         reissueRequestType.getRespondWith().add(XKMSConstants.RESPONDWITH_X509CHAIN);
652              
653         X509DataType x509DataType = sigFactory.createX509DataType();
654         x509DataType.getX509IssuerSerialOrX509SKIOrX509SubjectName().add(sigFactory.createX509DataTypeX509Certificate(cert1.getEncoded()));
655         KeyInfoType keyInfoType = sigFactory.createKeyInfoType();
656         keyInfoType.getContent().add(sigFactory.createX509Data(x509DataType));
657         
658         KeyBindingType keyBindingType = xKMSObjectFactory.createKeyBindingType();
659         keyBindingType.setKeyInfo(keyInfoType);
660         keyBindingType.setId("100123122");
661         reissueRequestType.setReissueKeyBinding(keyBindingType);
662         
663         AuthenticationType authenticationType = xKMSObjectFactory.createAuthenticationType();
664         NotBoundAuthenticationType notBoundAuthenticationType = xKMSObjectFactory.createNotBoundAuthenticationType();
665         notBoundAuthenticationType.setProtocol("NOTUSED");
666         notBoundAuthenticationType.setValue("ReissuePassword".getBytes());
667         authenticationType.setNotBoundAuthentication(notBoundAuthenticationType);
668         reissueRequestType.setAuthentication(authenticationType);
669         
670         ReissueResultType reissueResultType = xKMSInvoker.reissue(reissueRequestType, null, null, null, keys1.getPrivate(), keyBindingType.getId());
671         
672         assertTrue(reissueResultType.getResultMajor().equals(XKMSConstants.RESULTMAJOR_SENDER));
673         assertTrue(reissueResultType.getResultMinor().equals(XKMSConstants.RESULTMINOR_REFUSED));
674     }
675     
676     public void test11ReissueWrongCert() throws Exception {
677         
678         cacheAdmin.setUserStatus(administrator, username1, 10);
679         cacheAdmin.setClearTextPassword(administrator, username1, "ReissuePassword");
680         ReissueRequestType reissueRequestType = xKMSObjectFactory.createReissueRequestType();
681         reissueRequestType.setId("610");
682                            
683         reissueRequestType.getRespondWith().add(XKMSConstants.RESPONDWITH_X509CHAIN);
684              
685         X509DataType x509DataType = sigFactory.createX509DataType();
686         x509DataType.getX509IssuerSerialOrX509SKIOrX509SubjectName().add(sigFactory.createX509DataTypeX509Certificate(Constants.getUserCert().getEncoded()));
687         KeyInfoType keyInfoType = sigFactory.createKeyInfoType();
688         keyInfoType.getContent().add(sigFactory.createX509Data(x509DataType));
689         
690         KeyBindingType keyBindingType = xKMSObjectFactory.createKeyBindingType();
691         keyBindingType.setKeyInfo(keyInfoType);
692         keyBindingType.setId("100123122");
693         reissueRequestType.setReissueKeyBinding(keyBindingType);
694         
695         AuthenticationType authenticationType = xKMSObjectFactory.createAuthenticationType();
696         NotBoundAuthenticationType notBoundAuthenticationType = xKMSObjectFactory.createNotBoundAuthenticationType();
697         notBoundAuthenticationType.setProtocol("NOTUSED");
698         notBoundAuthenticationType.setValue("ReissuePassword".getBytes());
699         authenticationType.setNotBoundAuthentication(notBoundAuthenticationType);
700         reissueRequestType.setAuthentication(authenticationType);
701         
702         ReissueResultType reissueResultType = xKMSInvoker.reissue(reissueRequestType, null, null, null, keys1.getPrivate(), keyBindingType.getId());
703         
704         assertTrue(reissueResultType.getResultMajor().equals(XKMSConstants.RESULTMAJOR_SENDER));
705         assertTrue(reissueResultType.getResultMinor().equals(XKMSConstants.RESULTMINOR_REFUSED));
706     }
707     
708     public void test12SimpleRecover() throws Exception {
709         keyAdmin.markAsRecoverable(administrator, cert2, endEntityProfileId);
710         cacheAdmin.setClearTextPassword(administrator, username2, "RerecoverPassword");
711         RecoverRequestType recoverRequestType = xKMSObjectFactory.createRecoverRequestType();
712         recoverRequestType.setId("700");
713                            
714         recoverRequestType.getRespondWith().add(XKMSConstants.RESPONDWITH_X509CHAIN);
715         recoverRequestType.getRespondWith().add(XKMSConstants.RESPONDWITH_PRIVATEKEY);
716              
717         
718         X509DataType x509DataType = sigFactory.createX509DataType();
719         x509DataType.getX509IssuerSerialOrX509SKIOrX509SubjectName().add(sigFactory.createX509DataTypeX509Certificate(cert2.getEncoded()));
720         KeyInfoType keyInfoType = sigFactory.createKeyInfoType();
721         keyInfoType.getContent().add(sigFactory.createX509Data(x509DataType));
722         
723         KeyBindingType keyBindingType = xKMSObjectFactory.createKeyBindingType();
724         keyBindingType.setKeyInfo(keyInfoType);
725         keyBindingType.setId("100123123422");
726         recoverRequestType.setRecoverKeyBinding(keyBindingType);
727         
728         AuthenticationType authenticationType = xKMSObjectFactory.createAuthenticationType();
729         NotBoundAuthenticationType notBoundAuthenticationType = xKMSObjectFactory.createNotBoundAuthenticationType();
730         notBoundAuthenticationType.setProtocol("NOTUSED");
731         notBoundAuthenticationType.setValue("RerecoverPassword".getBytes());
732         authenticationType.setNotBoundAuthentication(notBoundAuthenticationType);
733         recoverRequestType.setAuthentication(authenticationType);
734         
735         RecoverResultType recoverResultType = xKMSInvoker.recover(recoverRequestType, null, null, null, keyBindingType.getId());
736         
737         assertTrue(recoverResultType.getResultMajor().equals(XKMSConstants.RESULTMAJOR_SUCCESS));
738         assertTrue(recoverResultType.getResultMinor() == null);
739         
740         assertTrue(recoverResultType.getKeyBinding().size() == 1);
741         keyBindingType = recoverResultType.getKeyBinding().get(0);
742         assertTrue(keyBindingType.getStatus().getValidReason().size() == 4);
743         
744         JAXBElement<X509DataType> jAXBX509Data = (JAXBElement<X509DataType>) keyBindingType.getKeyInfo().getContent().get(0);
745         assertTrue(jAXBX509Data.getValue().getX509IssuerSerialOrX509SKIOrX509SubjectName().size() == 2);
746         Iterator iter2 = jAXBX509Data.getValue().getX509IssuerSerialOrX509SKIOrX509SubjectName().iterator();
747         
748         while(iter2.hasNext()){
749             JAXBElement next = (JAXBElement) iter2.next();
750             assertTrue(next.getName().getLocalPart().equals("X509Certificate"));
751             byte[] encoded = (byte[]) next.getValue();
752             X509Certificate nextCert = CertTools.getCertfromByteArray(encoded);
753             
754             if(CertTools.getSubjectDN(nextCert).equals(CertTools.stringToBCDNString(dn2))){
755                 cert2 = nextCert;
756                 
757             }
758         }
759         
760         assertTrue(recoverResultType.getPrivateKey() != null);
761         PrivateKey privateKey = XKMSUtil.getPrivateKeyFromEncryptedXML(recoverResultType.getPrivateKey(), "RerecoverPassword");
762         
763         X509Certificate testCert = CertTools.genSelfCert("CN=sdf", 12, null, privateKey, cert2.getPublicKey(), "SHA1WithRSA", false);
764         testCert.verify(cert2.getPublicKey());
765         
766         
767     }
768     
769     public void test13RecoverWrongPassword() throws Exception {
770         keyAdmin.markAsRecoverable(administrator, cert2, endEntityProfileId);
771         cacheAdmin.setClearTextPassword(administrator, username2, "RerecoverPassword");
772         RecoverRequestType recoverRequestType = xKMSObjectFactory.createRecoverRequestType();
773         recoverRequestType.setId("701");
774                            
775         recoverRequestType.getRespondWith().add(XKMSConstants.RESPONDWITH_X509CHAIN);
776         recoverRequestType.getRespondWith().add(XKMSConstants.RESPONDWITH_PRIVATEKEY);
777         
778         X509DataType x509DataType = sigFactory.createX509DataType();
779         x509DataType.getX509IssuerSerialOrX509SKIOrX509SubjectName().add(sigFactory.createX509DataTypeX509Certificate(cert2.getEncoded()));
780         KeyInfoType keyInfoType = sigFactory.createKeyInfoType();
781         keyInfoType.getContent().add(sigFactory.createX509Data(x509DataType));
782         
783         KeyBindingType keyBindingType = xKMSObjectFactory.createKeyBindingType();
784         keyBindingType.setKeyInfo(keyInfoType);
785         keyBindingType.setId("100123123422");
786         recoverRequestType.setRecoverKeyBinding(keyBindingType);
787         
788         AuthenticationType authenticationType = xKMSObjectFactory.createAuthenticationType();
789         NotBoundAuthenticationType notBoundAuthenticationType = xKMSObjectFactory.createNotBoundAuthenticationType();
790         notBoundAuthenticationType.setProtocol("NOTUSED");
791         notBoundAuthenticationType.setValue("Wrong".getBytes());
792         authenticationType.setNotBoundAuthentication(notBoundAuthenticationType);
793         recoverRequestType.setAuthentication(authenticationType);
794         
795         RecoverResultType recoverResultType = xKMSInvoker.recover(recoverRequestType, null, null, null, keyBindingType.getId());
796         
797         assertTrue(recoverResultType.getResultMajor().equals(XKMSConstants.RESULTMAJOR_SENDER));
798         assertTrue(recoverResultType.getResultMinor().equals(XKMSConstants.RESULTMINOR_NOAUTHENTICATION));
799     
800     }
801   
802     public void test14RecoverWrongStatus() throws Exception {
803         cacheAdmin.setUserStatus(administrator, username2, 10);
804         cacheAdmin.setClearTextPassword(administrator, username2, "RerecoverPassword");
805         RecoverRequestType recoverRequestType = xKMSObjectFactory.createRecoverRequestType();
806         recoverRequestType.setId("702");
807                            
808         recoverRequestType.getRespondWith().add(XKMSConstants.RESPONDWITH_X509CHAIN);
809         recoverRequestType.getRespondWith().add(XKMSConstants.RESPONDWITH_PRIVATEKEY);
810              
811         
812         X509DataType x509DataType = sigFactory.createX509DataType();
813         x509DataType.getX509IssuerSerialOrX509SKIOrX509SubjectName().add(sigFactory.createX509DataTypeX509Certificate(cert2.getEncoded()));
814         KeyInfoType keyInfoType = sigFactory.createKeyInfoType();
815         keyInfoType.getContent().add(sigFactory.createX509Data(x509DataType));
816         
817         KeyBindingType keyBindingType = xKMSObjectFactory.createKeyBindingType();
818         keyBindingType.setKeyInfo(keyInfoType);
819         keyBindingType.setId("100123123422");
820         recoverRequestType.setRecoverKeyBinding(keyBindingType);
821         
822         AuthenticationType authenticationType = xKMSObjectFactory.createAuthenticationType();
823         NotBoundAuthenticationType notBoundAuthenticationType = xKMSObjectFactory.createNotBoundAuthenticationType();
824         notBoundAuthenticationType.setProtocol("NOTUSED");
825         notBoundAuthenticationType.setValue("RerecoverPassword".getBytes());
826         authenticationType.setNotBoundAuthentication(notBoundAuthenticationType);
827         recoverRequestType.setAuthentication(authenticationType);
828         
829         RecoverResultType recoverResultType = xKMSInvoker.recover(recoverRequestType, null, null, null, keyBindingType.getId());
830         
831         assertTrue(recoverResultType.getResultMajor().equals(XKMSConstants.RESULTMAJOR_SENDER));
832         assertTrue(recoverResultType.getResultMinor().equals(XKMSConstants.RESULTMINOR_REFUSED));
833
834     }
835     
836     public void test15RecoverWrongCert() throws Exception {
837         cacheAdmin.setUserStatus(administrator, username2, UserDataConstants.STATUS_KEYRECOVERY);
838         cacheAdmin.setClearTextPassword(administrator, username2, "RerecoverPassword");
839         RecoverRequestType recoverRequestType = xKMSObjectFactory.createRecoverRequestType();
840         recoverRequestType.setId("703");
841                            
842         recoverRequestType.getRespondWith().add(XKMSConstants.RESPONDWITH_X509CHAIN);
843         recoverRequestType.getRespondWith().add(XKMSConstants.RESPONDWITH_PRIVATEKEY);
844              
845         
846         X509DataType x509DataType = sigFactory.createX509DataType();
847         x509DataType.getX509IssuerSerialOrX509SKIOrX509SubjectName().add(sigFactory.createX509DataTypeX509Certificate(Constants.getUserCert().getEncoded()));
848         KeyInfoType keyInfoType = sigFactory.createKeyInfoType();
849         keyInfoType.getContent().add(sigFactory.createX509Data(x509DataType));
850         
851         KeyBindingType keyBindingType = xKMSObjectFactory.createKeyBindingType();
852         keyBindingType.setKeyInfo(keyInfoType);
853         keyBindingType.setId("100123123422");
854         recoverRequestType.setRecoverKeyBinding(keyBindingType);
855         
856         AuthenticationType authenticationType = xKMSObjectFactory.createAuthenticationType();
857         NotBoundAuthenticationType notBoundAuthenticationType = xKMSObjectFactory.createNotBoundAuthenticationType();
858         notBoundAuthenticationType.setProtocol("NOTUSED");
859         notBoundAuthenticationType.setValue("RerecoverPassword".getBytes());
860         authenticationType.setNotBoundAuthentication(notBoundAuthenticationType);
861         recoverRequestType.setAuthentication(authenticationType);
862         
863         RecoverResultType recoverResultType = xKMSInvoker.recover(recoverRequestType, null, null, null, keyBindingType.getId());
864         
865         assertTrue(recoverResultType.getResultMajor().equals(XKMSConstants.RESULTMAJOR_SENDER));
866         assertTrue(recoverResultType.getResultMinor().equals(XKMSConstants.RESULTMINOR_NOMATCH));
867
868     }
869     
870     public void test16CertNotMarked() throws Exception {
871         keyAdmin.unmarkUser(administrator, username2);
872         cacheAdmin.setUserStatus(administrator, username2, 40);
873         cacheAdmin.setClearTextPassword(administrator, username2, "RerecoverPassword");
874         RecoverRequestType recoverRequestType = xKMSObjectFactory.createRecoverRequestType();
875         recoverRequestType.setId("704");
876                            
877         recoverRequestType.getRespondWith().add(XKMSConstants.RESPONDWITH_X509CHAIN);
878         recoverRequestType.getRespondWith().add(XKMSConstants.RESPONDWITH_PRIVATEKEY);
879              
880         
881         X509DataType x509DataType = sigFactory.createX509DataType();
882         x509DataType.getX509IssuerSerialOrX509SKIOrX509SubjectName().add(sigFactory.createX509DataTypeX509Certificate(cert2.getEncoded()));
883         KeyInfoType keyInfoType = sigFactory.createKeyInfoType();
884         keyInfoType.getContent().add(sigFactory.createX509Data(x509DataType));
885         
886         KeyBindingType keyBindingType = xKMSObjectFactory.createKeyBindingType();
887         keyBindingType.setKeyInfo(keyInfoType);
888         keyBindingType.setId("100123123422");
889         recoverRequestType.setRecoverKeyBinding(keyBindingType);
890         
891         AuthenticationType authenticationType = xKMSObjectFactory.createAuthenticationType();
892         NotBoundAuthenticationType notBoundAuthenticationType = xKMSObjectFactory.createNotBoundAuthenticationType();
893         notBoundAuthenticationType.setProtocol("NOTUSED");
894         notBoundAuthenticationType.setValue("RerecoverPassword".getBytes());
895         authenticationType.setNotBoundAuthentication(notBoundAuthenticationType);
896         recoverRequestType.setAuthentication(authenticationType);
897         
898         RecoverResultType recoverResultType = xKMSInvoker.recover(recoverRequestType, null, null, null, keyBindingType.getId());
899         
900         assertTrue(recoverResultType.getResultMajor().equals(XKMSConstants.RESULTMAJOR_SENDER));
901         assertTrue(recoverResultType.getResultMinor().equals(XKMSConstants.RESULTMINOR_REFUSED));
902
903     }
904     
905     public void test17SimpleRevoke() throws Exception {
906         RevokeRequestType revokeRequestType = xKMSObjectFactory.createRevokeRequestType();
907         revokeRequestType.setId("800");
908                            
909
910         X509DataType x509DataType = sigFactory.createX509DataType();
911         x509DataType.getX509IssuerSerialOrX509SKIOrX509SubjectName().add(sigFactory.createX509DataTypeX509Certificate(cert1.getEncoded()));
912         KeyInfoType keyInfoType = sigFactory.createKeyInfoType();
913         keyInfoType.getContent().add(sigFactory.createX509Data(x509DataType));
914         
915         KeyBindingType keyBindingType = xKMSObjectFactory.createKeyBindingType();
916         keyBindingType.setKeyInfo(keyInfoType);
917         keyBindingType.setId("100123123422");
918         revokeRequestType.setRevokeKeyBinding(keyBindingType);
919         
920         byte[] first = XKMSUtil.getSecretKeyFromPassphrase("UsersRevokationCodeIdentifier", true,20, XKMSUtil.KEY_REVOCATIONCODEIDENTIFIER_PASS1).getEncoded();
921         revokeRequestType.setRevocationCode(first);
922         
923         
924         RevokeResultType revokeResultType = xKMSInvoker.revoke(revokeRequestType, null, null, null, keyBindingType.getId());
925         
926         assertTrue(revokeResultType.getResultMajor().equals(XKMSConstants.RESULTMAJOR_SUCCESS));
927         assertTrue(revokeResultType.getResultMinor() == null );
928
929     }
930     
931     public void test18RevokeWrongPassword() throws Exception {
932         RevokeRequestType revokeRequestType = xKMSObjectFactory.createRevokeRequestType();
933         revokeRequestType.setId("801");
934                            
935
936         X509DataType x509DataType = sigFactory.createX509DataType();
937         x509DataType.getX509IssuerSerialOrX509SKIOrX509SubjectName().add(sigFactory.createX509DataTypeX509Certificate(cert2.getEncoded()));
938         KeyInfoType keyInfoType = sigFactory.createKeyInfoType();
939         keyInfoType.getContent().add(sigFactory.createX509Data(x509DataType));
940         
941         KeyBindingType keyBindingType = xKMSObjectFactory.createKeyBindingType();
942         keyBindingType.setKeyInfo(keyInfoType);
943         keyBindingType.setId("100123123422");
944         revokeRequestType.setRevokeKeyBinding(keyBindingType);
945         
946         revokeRequestType.getRespondWith().add(XKMSConstants.RESPONDWITH_X509CERT);
947
948         byte[] first = XKMSUtil.getSecretKeyFromPassphrase("Wrong", true,20, XKMSUtil.KEY_REVOCATIONCODEIDENTIFIER_PASS1).getEncoded();
949         revokeRequestType.setRevocationCode(first);
950         
951         
952         RevokeResultType revokeResultType = xKMSInvoker.revoke(revokeRequestType, null, null, null, keyBindingType.getId());
953         
954         assertTrue(revokeResultType.getResultMajor().equals(XKMSConstants.RESULTMAJOR_SENDER));
955         assertTrue(revokeResultType.getResultMinor().equals(XKMSConstants.RESULTMINOR_NOAUTHENTICATION));
956     }
957     
958     public void test19RevokeWithResult() throws Exception {
959         RevokeRequestType revokeRequestType = xKMSObjectFactory.createRevokeRequestType();
960         revokeRequestType.setId("802");
961                            
962
963         X509DataType x509DataType = sigFactory.createX509DataType();
964         x509DataType.getX509IssuerSerialOrX509SKIOrX509SubjectName().add(sigFactory.createX509DataTypeX509Certificate(cert2.getEncoded()));
965         KeyInfoType keyInfoType = sigFactory.createKeyInfoType();
966         keyInfoType.getContent().add(sigFactory.createX509Data(x509DataType));
967         
968         KeyBindingType keyBindingType = xKMSObjectFactory.createKeyBindingType();
969         keyBindingType.setKeyInfo(keyInfoType);
970         keyBindingType.setId("100123123422");
971         revokeRequestType.setRevokeKeyBinding(keyBindingType);
972         
973         revokeRequestType.getRespondWith().add(XKMSConstants.RESPONDWITH_X509CERT);
974         
975
976         byte[] first = XKMSUtil.getSecretKeyFromPassphrase("UsersRevokationCodeId1234", true,20, XKMSUtil.KEY_REVOCATIONCODEIDENTIFIER_PASS1).getEncoded();
977         revokeRequestType.setRevocationCode(first);
978         
979         RevokeResultType revokeResultType = xKMSInvoker.revoke(revokeRequestType, null, null, null, keyBindingType.getId());
980         
981         assertTrue(revokeResultType.getResultMajor().equals(XKMSConstants.RESULTMAJOR_SUCCESS));
982         assertTrue(revokeResultType.getResultMinor() == null );
983         
984         assertTrue(revokeResultType.getKeyBinding().size() == 1);
985         keyBindingType = revokeResultType.getKeyBinding().get(0);
986         assertTrue(keyBindingType.getStatus().getValidReason().size() == 3);
987         assertTrue(keyBindingType.getStatus().getInvalidReason().size() == 1);
988         
989         JAXBElement<X509DataType> jAXBX509Data = (JAXBElement<X509DataType>) keyBindingType.getKeyInfo().getContent().get(0);
990         assertTrue(jAXBX509Data.getValue().getX509IssuerSerialOrX509SKIOrX509SubjectName().size() == 1);
991         Iterator iter2 = jAXBX509Data.getValue().getX509IssuerSerialOrX509SKIOrX509SubjectName().iterator();
992         
993         while(iter2.hasNext()){
994             JAXBElement next = (JAXBElement) iter2.next();
995             assertTrue(next.getName().getLocalPart().equals("X509Certificate"));
996             byte[] encoded = (byte[]) next.getValue();
997             X509Certificate nextCert = CertTools.getCertfromByteArray(encoded);
998             
999             assertTrue(CertTools.stringToBCDNString(nextCert.getSubjectDN().toString()).equals(CertTools.stringToBCDNString(dn2)));
1000            
1001        }
1002    }
1003    
1004    public void test20RevokeAlreadyRevoked() throws Exception {
1005        RevokeRequestType revokeRequestType = xKMSObjectFactory.createRevokeRequestType();
1006        revokeRequestType.setId("804");
1007                           
1008
1009        X509DataType x509DataType = sigFactory.createX509DataType();
1010        x509DataType.getX509IssuerSerialOrX509SKIOrX509SubjectName().add(sigFactory.createX509DataTypeX509Certificate(cert2.getEncoded()));
1011        KeyInfoType keyInfoType = sigFactory.createKeyInfoType();
1012        keyInfoType.getContent().add(sigFactory.createX509Data(x509DataType));
1013        
1014        KeyBindingType keyBindingType = xKMSObjectFactory.createKeyBindingType();
1015        keyBindingType.setKeyInfo(keyInfoType);
1016        keyBindingType.setId("100123123422");
1017        revokeRequestType.setRevokeKeyBinding(keyBindingType);
1018        
1019        revokeRequestType.getRespondWith().add(XKMSConstants.RESPONDWITH_X509CERT);
1020        
1021        
1022        byte[] first = XKMSUtil.getSecretKeyFromPassphrase("UsersRevokationCodeId1234", true,20, XKMSUtil.KEY_REVOCATIONCODEIDENTIFIER_PASS1).getEncoded();
1023        revokeRequestType.setRevocationCode(first);
1024        
1025        RevokeResultType revokeResultType = xKMSInvoker.revoke(revokeRequestType, null, null, null, keyBindingType.getId());
1026        
1027        assertTrue(revokeResultType.getResultMajor().equals(XKMSConstants.RESULTMAJOR_SENDER));
1028        assertTrue(revokeResultType.getResultMinor().equals(XKMSConstants.RESULTMINOR_REFUSED));
1029    }
1030     
1031    public void test99CleanDatabase() throws Exception {
1032        Admin administrator = new Admin(Admin.TYPE_RA_USER);
1033        cacheAdmin.deleteUser(administrator, username1);
1034        cacheAdmin.deleteUser(administrator, username2);
1035        cacheAdmin.deleteUser(administrator, username3);
1036        
1037        raAdmin.removeEndEntityProfile(administrator, endentityprofilename);
1038        
1039        certStore.removeCertificateProfile(administrator, certprofilename1);
1040        certStore.removeCertificateProfile(administrator, certprofilename2);
1041        
1042        raAdmin.saveGlobalConfiguration(administrator, orgGlobalConfig);
1043    }
1044    
1045    
1046    private Context getInitialContext() throws NamingException {
1047        log.debug(">getInitialContext");
1048
1049        Context ctx = new javax.naming.InitialContext ();
1050        log.debug("<getInitialContext");
1051
1052        return ctx;
1053    }
1054    
1055    private String genUserName() throws Exception {
1056        // Gen new user
1057 userNo++;
1058
1059        return baseUsername + userNo;
1060    } // genRandomUserName
1061
1062    private static KeyPair genKeys() throws Exception {
1063        KeyPairGenerator keygen = KeyPairGenerator.getInstance("RSA", "BC");
1064        keygen.initialize(1024);
1065        log.debug("Generating keys, please wait...");
1066        KeyPair rsaKeys = keygen.generateKeyPair();
1067        log.debug("Generated " + rsaKeys.getPrivate().getAlgorithm() + " keys with length" +
1068                ((RSAPrivateKey ) rsaKeys.getPrivate()).getModulus().bitLength());
1069
1070        return rsaKeys;
1071    } // genKeys
1072}
1073

A to Z: JavaDoc & Examples

---

Daily Java News & Articles

---

Open Source Projects

---

Open Source Codes

---

Free Computer Books

---

Remove Frame

---

Popular Tags