KickJava   Java API By Example, From Geeks To Geeks.

Java > Open Source Codes > org > ejbca > util > TestCertTools


1 /*************************************************************************
2  * *
3  * EJBCA: The OpenSource Certificate Authority *
4  * *
5  * This software is free software; you can redistribute it and/or *
6  * modify it under the terms of the GNU Lesser General Public *
7  * License as published by the Free Software Foundation; either *
8  * version 2.1 of the License, or any later version. *
9  * *
10  * See terms of license at gnu.org. *
11  * *
12  *************************************************************************/

13
14 package org.ejbca.util;
15
16 import java.security.cert.X509Certificate JavaDoc;
17 import java.util.ArrayList JavaDoc;
18 import java.util.Collection JavaDoc;
19
20 import junit.framework.TestCase;
21
22 import org.apache.log4j.Logger;
23 import org.bouncycastle.asn1.DEREncodable;
24 import org.bouncycastle.asn1.DERIA5String;
25 import org.bouncycastle.asn1.x509.GeneralName;
26 import org.bouncycastle.asn1.x509.GeneralNames;
27 import org.bouncycastle.asn1.x509.X509Name;
28 import org.bouncycastle.asn1.x509.qualified.ETSIQCObjectIdentifiers;
29 import org.bouncycastle.asn1.x509.qualified.RFC3739QCObjectIdentifiers;
30 import org.bouncycastle.util.encoders.Hex;
31 import org.ejbca.util.cert.QCStatementExtension;
32 import org.ejbca.util.cert.SubjectDirAttrExtension;
33
34 import com.novell.ldap.LDAPDN;
35
36
37 /**
38  * Tests the CertTools class .
39  *
40  * @version $Id: TestCertTools.java,v 1.5 2007/01/04 14:29:05 anatom Exp $
41  */

42 public class TestCertTools extends TestCase {
43     private static Logger log = Logger.getLogger(TestCertTools.class);
44     private static byte[] testcert = Base64.decode(("MIIDATCCAmqgAwIBAgIIczEoghAwc3EwDQYJKoZIhvcNAQEFBQAwLzEPMA0GA1UE"
45             + "AxMGVGVzdENBMQ8wDQYDVQQKEwZBbmFUb20xCzAJBgNVBAYTAlNFMB4XDTAzMDky"
46             + "NDA2NDgwNFoXDTA1MDkyMzA2NTgwNFowMzEQMA4GA1UEAxMHcDEydGVzdDESMBAG"
47             + "A1UEChMJUHJpbWVUZXN0MQswCQYDVQQGEwJTRTCBnTANBgkqhkiG9w0BAQEFAAOB"
48             + "iwAwgYcCgYEAnPAtfpU63/0h6InBmesN8FYS47hMvq/sliSBOMU0VqzlNNXuhD8a"
49             + "3FypGfnPXvjJP5YX9ORu1xAfTNao2sSHLtrkNJQBv6jCRIMYbjjo84UFab2qhhaJ"
50             + "wqJgkQNKu2LHy5gFUztxD8JIuFPoayp1n9JL/gqFDv6k81UnDGmHeFcCARGjggEi"
51             + "MIIBHjAPBgNVHRMBAf8EBTADAQEAMA8GA1UdDwEB/wQFAwMHoAAwOwYDVR0lBDQw"
52             + "MgYIKwYBBQUHAwEGCCsGAQUFBwMCBggrBgEFBQcDBAYIKwYBBQUHAwUGCCsGAQUF"
53             + "BwMHMB0GA1UdDgQWBBTnT1aQ9I0Ud4OEfNJkSOgJSrsIoDAfBgNVHSMEGDAWgBRj"
54             + "e/R2qFQkjqV0pXdEpvReD1eSUTAiBgNVHREEGzAZoBcGCisGAQQBgjcUAgOgCQwH"
55             + "Zm9vQGZvbzASBgNVHSAECzAJMAcGBSkBAQEBMEUGA1UdHwQ+MDwwOqA4oDaGNGh0"
56             + "dHA6Ly8xMjcuMC4wLjE6ODA4MC9lamJjYS93ZWJkaXN0L2NlcnRkaXN0P2NtZD1j"
57             + "cmwwDQYJKoZIhvcNAQEFBQADgYEAU4CCcLoSUDGXJAOO9hGhvxQiwjGD2rVKCLR4"
58             + "emox1mlQ5rgO9sSel6jHkwceaq4A55+qXAjQVsuy76UJnc8ncYX8f98uSYKcjxo/"
59             + "ifn1eHMbL8dGLd5bc2GNBZkmhFIEoDvbfn9jo7phlS8iyvF2YhC4eso8Xb+T7+BZ"
60             + "QUOBOvc=").getBytes());
61
62     private static byte[] guidcert = Base64.decode(
63             ("MIIC+zCCAmSgAwIBAgIIBW0F4eGmH0YwDQYJKoZIhvcNAQEFBQAwMTERMA8GA1UE"
64             +"AxMIQWRtaW5DQTExDzANBgNVBAoTBkFuYVRvbTELMAkGA1UEBhMCU0UwHhcNMDQw"
65             +"OTE2MTc1NzQ1WhcNMDYwOTE2MTgwNzQ1WjAyMRQwEgYKCZImiZPyLGQBARMEZ3Vp"
66             +"ZDENMAsGA1UEAxMER3VpZDELMAkGA1UEBhMCU0UwgZ8wDQYJKoZIhvcNAQEBBQAD"
67             +"gY0AMIGJAoGBANdjsBcLJKUN4hzJU1p3cqaXhPgEjGul62/3xv+Gow+7oOYePcK8"
68             +"bM5VO4zdQVWEhuGOZFaZ70YbXhei4F9kvqlN7xuG47g7DNZ0/fnRzvGY0BHmIR4Y"
69             +"/U87oMEDa2Giy0WTjsmT14uzy4luFgqb2ZA3USGcyJ9hoT6j1WDyOxitAgMBAAGj"
70             +"ggEZMIIBFTAMBgNVHRMBAf8EAjAAMA4GA1UdDwEB/wQEAwIFoDA7BgNVHSUENDAy"
71             +"BggrBgEFBQcDAQYIKwYBBQUHAwIGCCsGAQUFBwMEBggrBgEFBQcDBQYIKwYBBQUH"
72             +"AwcwHQYDVR0OBBYEFJlDddj88zI7tz3SPfdig0gw5IWvMB8GA1UdIwQYMBaAFI1k"
73             +"9WhE1WXpeezZx/kM0qsoZyqVMHgGA1UdEQRxMG+BDGd1aWRAZm9vLmNvbYIMZ3Vp"
74             +"ZC5mb28uY29thhRodHRwOi8vZ3VpZC5mb28uY29tL4cECgwNDqAcBgorBgEEAYI3"
75             +"FAIDoA4MDGd1aWRAZm9vLmNvbaAXBgkrBgEEAYI3GQGgCgQIEjRWeJCrze8wDQYJ"
76             +"KoZIhvcNAQEFBQADgYEAq39n6CZJgJnW0CH+QkcuU5F4RQveNPGiJzIJxUeOQ1yQ"
77             +"gSkt3hvNwG4kLBmmwe9YLdS83dgNImMWL/DgID/47aENlBNai14CvtMceokik4IN"
78             +"sacc7x/Vp3xezHLuBMcf3E3VSo4FwqcUYFmu7Obke3ebmB08nC6gnQHkzjNsmQw=").getBytes());
79
80     private static byte[] altNameCert = Base64.decode(
81             ("MIIDDzCCAfegAwIBAgIIPiL0klmu1uIwDQYJKoZIhvcNAQEFBQAwNzERMA8GA1UE"
82              +"AxMIQWRtaW5DQTExFTATBgNVBAoTDEVKQkNBIFNhbXBsZTELMAkGA1UEBhMCU0Uw"
83              +"HhcNMDUwODAyMTAxOTQ5WhcNMDcwODAyMTAyOTQ5WjAsMQwwCgYDVQQDEwNmb28x"
84              +"DzANBgNVBAoTBkFuYVRvbTELMAkGA1UEBhMCU0UwXDANBgkqhkiG9w0BAQEFAANL"
85              +"ADBIAkEAmMVWkkEMLbDNoB/NG3kJ22eC18syXqaHWRWc4DldFeCMGeLzfB2NklNv"
86              +"hmr2kgIJcK+wyFpMkYm46dSMOrvovQIDAQABo4HxMIHuMAwGA1UdEwEB/wQCMAAw"
87              +"DgYDVR0PAQH/BAQDAgWgMDsGA1UdJQQ0MDIGCCsGAQUFBwMBBggrBgEFBQcDAgYI"
88              +"KwYBBQUHAwQGCCsGAQUFBwMFBggrBgEFBQcDBzAdBgNVHQ4EFgQUIV/Fck/+UVnw"
89              +"tJigtZIF5OuuhlIwHwYDVR0jBBgwFoAUB/2KRYNOZxRDkJ5oChjNeXgwtCcwUQYD"
90              +"VR0RBEowSIEKdG9tYXNAYS5zZYIId3d3LmEuc2WGEGh0dHA6Ly93d3cuYS5zZS+H"
91              +"BAoBAQGgGAYKKwYBBAGCNxQCA6AKDAhmb29AYS5zZTANBgkqhkiG9w0BAQUFAAOC"
92              +"AQEAfAGJM0/s+Yi1Ewmvt9Z/9w8X/T/02bF8P8MJG2H2eiIMCs/tkNhnlFGYYGhD"
93              +"Km8ynveQZbdYvKFioOr/D19gMis/HNy9UDfOMrJdeGWiwxUHvKKbtcSlOPH3Hm0t"
94              +"LSKomWdKfjTksfj69Tf01S0oNonprvwGxIdsa1uA9BC/MjkkPt1qEWkt/FWCfq9u"
95              +"8Xyj2tZEJKjLgAW6qJ3ye81pEVKHgMmapWTQU2uI1qyEPYxoT9WkQtSObGI1wCqO"
96              +"YmKglnd5BIUBPO9LOryyHlSRTID5z0UgDlrTAaNYuN8QOYF+DZEQxm4bSXTDooGX"
97              +"rHjSjn/7Urb31CXWAxq0Zhk3fg==").getBytes());
98     
99     private static byte[] altNameCertWithDirectoryName = Base64.decode(("MIIFkjCCBPugAwIBAgIIBzGqGNsLMqwwDQYJKoZIhvcNAQEFBQAwWTEYMBYGA1UEAwwPU1VCX0NBX1dJTkRPV1MzMQ8wDQYDVQQLEwZQS0lHVkExHzAdBgNVBAoTFkdlbmVyYWxpdGF0IFZhbGVuY2lhbmExCzAJBgNVBAYTAkVTMB4XDTA2MDQyMTA5NDQ0OVoXDTA4MDQyMDA5NTQ0OVowcTEbMBkGCgmSJomT8ixkAQETC3Rlc3REaXJOYW1lMRQwEgYDVQQDEwt0ZXN0RGlyTmFtZTEOMAwGA1UECxMFbG9nb24xHzAdBgNVBAoTFkdlbmVyYWxpdGF0IFZhbGVuY2lhbmExCzAJBgNVBAYTAkVTMIGfMA0GCSqGSIb3DQEBAQUAA4GNADCBiQKBgQCDLxMhz40RxCm21HoCBNa9x1UyPmhVkPdtt2V7dixgjOYz+ffKeebjn/jSd4nfXgd7fxpzezB8t673F2OtC3ENl1zek5Msj2KoinVu8vvZ78KMRq/H1rDFguhjSL0o19Cpob0qQFB/ukPZMNoKBNnMVnR1C4juB1eJVXWmHyJxIwIDAQABo4IDSTCCA0UwDAYDVR0TAQH/BAIwADAOBgNVHQ8BAf8EBAMCBaAwMwYDVR0lBCwwKgYIKwYBBQUHAwIGCCsGAQUFBwMEBggrBgEFBQcDBwYKKwYBBAGCNxQCAjAdBgNVHQ4EFgQUZz4hrh3dr6VWvEbAPe8pg7szNi4wHwYDVR0jBBgwFoAUTuOaap9UBpQ8dqwOufYoOQucfUowXAYDVR0RBFUwU6QhMB8xHTAbBgNVBAMMFHRlc3REaXJOYW1lfGRpcnxuYW1loC4GCisGAQQBgjcUAgOgIAwedGVzdERpck5hbWVAamFtYWRvci5wa2kuZ3ZhLmVzMIIBtgYDVR0gBIIBrTCCAakwggGlBgsrBgEEAb9VAwoBADCCAZQwggFeBggrBgEFBQcCAjCCAVAeggFMAEMAZQByAHQAaQBmAGkAYwBhAGQAbwAgAHIAZQBjAG8AbgBvAGMAaQBkAG8AIABkAGUAIABFAG4AdABpAGQAYQBkACAAZQB4AHAAZQBkAGkAZABvACAAcABvAHIAIABsAGEAIABBAHUAdABvAHIAaQBkAGEAZAAgAGQAZQAgAEMAZQByAHQAaQBmAGkAYwBhAGMAaQDzAG4AIABkAGUAIABsAGEAIABDAG8AbQB1AG4AaQB0AGEAdAAgAFYAYQBsAGUAbgBjAGkAYQBuAGEAIAAoAFAAbAAuACAATQBhAG4AaQBzAGUAcwAgADEALgAgAEMASQBGACAAUwA0ADYAMQAxADAAMAAxAEEAKQAuACAAQwBQAFMAIAB5ACAAQwBQACAAZQBuACAAaAB0AHQAcAA6AC8ALwB3AHcAdwAuAGEAYwBjAHYALgBlAHMwMAYIKwYBBQUHAgEWJGh0dHA6Ly93d3cuYWNjdi5lcy9sZWdpc2xhY2lvbl9jLmh0bTBDBgNVHR8EPDA6MDigNqA0hjJodHRwOi8vemFyYXRob3MuamFtYWRvci5ndmEuZXMvU1VCX0NBX1dJTkRPV1MzLmNybDBTBggrBgEFBQcBAQRHMEUwQwYIKwYBBQUHMAGGN2h0dHA6Ly91bGlrLnBraS5ndmEuZXM6ODA4MC9lamJjYS9wdWJsaWN3ZWIvc3RhdHVzL29jc3AwDQYJKoZIhvcNAQEFBQADgYEASofgaj06BOE847RTEgVba52lmPWADgeWxKHZAk1t9LdNzuFJ8B/SC3gi0rsAA/lQGSd4WzPbkmJKkVZ6Q9ybpqg4AJRaIZBkoQw1KNXPYAcgt5XLeIhUACdKIPhfPQr+vQtaC1wi5xV8EBCLpLmpzN9bpZdze/724UB4Y94KhII=").getBytes());
100
101     /** The reference certificate from RFC3739 */
102     private static byte[] qcRefCert = Base64.decode(
103             ("MIIDEDCCAnmgAwIBAgIESZYC0jANBgkqhkiG9w0BAQUFADBIMQswCQYDVQQGEwJE"
104             +"RTE5MDcGA1UECgwwR01EIC0gRm9yc2NodW5nc3plbnRydW0gSW5mb3JtYXRpb25z"
105             +"dGVjaG5payBHbWJIMB4XDTA0MDIwMTEwMDAwMFoXDTA4MDIwMTEwMDAwMFowZTEL"
106             +"MAkGA1UEBhMCREUxNzA1BgNVBAoMLkdNRCBGb3JzY2h1bmdzemVudHJ1bSBJbmZv"
107             +"cm1hdGlvbnN0ZWNobmlrIEdtYkgxHTAMBgNVBCoMBVBldHJhMA0GA1UEBAwGQmFy"
108             +"emluMIGfMA0GCSqGSIb3DQEBAQUAA4GNADCBiQKBgQDc50zVodVa6wHPXswg88P8"
109             +"p4fPy1caIaqKIK1d/wFRMN5yTl7T+VOS57sWxKcdDzGzqZJqjwjqAP3DqPK7AW3s"
110             +"o7lBG6JZmiqMtlXG3+olv+3cc7WU+qDv5ZXGEqauW4x/DKGc7E/nq2BUZ2hLsjh9"
111             +"Xy9+vbw+8KYE9rQEARdpJQIDAQABo4HpMIHmMGQGA1UdCQRdMFswEAYIKwYBBQUH"
112             +"CQQxBBMCREUwDwYIKwYBBQUHCQMxAxMBRjAdBggrBgEFBQcJATERGA8xOTcxMTAx"
113             +"NDEyMDAwMFowFwYIKwYBBQUHCQIxCwwJRGFybXN0YWR0MA4GA1UdDwEB/wQEAwIG"
114             +"QDASBgNVHSAECzAJMAcGBSskCAEBMB8GA1UdIwQYMBaAFAABAgMEBQYHCAkKCwwN"
115             +"Dg/+3LqYMDkGCCsGAQUFBwEDBC0wKzApBggrBgEFBQcLAjAdMBuBGW11bmljaXBh"
116             +"bGl0eUBkYXJtc3RhZHQuZGUwDQYJKoZIhvcNAQEFBQADgYEAj4yAu7LYa3X04h+C"
117             +"7+DyD2xViJCm5zEYg1m5x4znHJIMZsYAU/vJJIJQkPKVsIgm6vP/H1kXyAu0g2Ep"
118             +"z+VWPnhZK1uw+ay1KRXw8rw2mR8hQ2Ug6QZHYdky2HH3H/69rWSPp888G8CW8RLU"
119             +"uIKzn+GhapCuGoC4qWdlGLWqfpc=").getBytes());
120     
121     private static byte[] qcPrimeCert = Base64.decode(
122             ("MIIDMDCCAhigAwIBAgIIUDIxBvlO2qcwDQYJKoZIhvcNAQEFBQAwNzERMA8GA1UE"
123             +"AxMIQWRtaW5DQTExFTATBgNVBAoTDEVKQkNBIFNhbXBsZTELMAkGA1UEBhMCU0Uw"
124             +"HhcNMDYwMTIyMDgxNTU0WhcNMDgwMTIyMDgyNTU0WjAOMQwwCgYDVQQDEwNxYzIw"
125             +"gZ8wDQYJKoZIhvcNAQEBBQADgY0AMIGJAoGBAKkuPOqOEWCJH9xb11sS++vfKb/z"
126             +"gHf2clwyf2vSFWTSDzQHOa2j5rwZ/F23X/mZl96fFAIfTBmr5dCwt0xAXZvTcKfO"
127             +"RAcKl7ZBXvsAYvwl1KIUpA8NqEbgjwA+OaTdND2vpAhII7PoU4CkoNajy44EuL3Y"
128             +"xP6KNWTMiks9KP5vAgMBAAGjgewwgekwDAYDVR0TAQH/BAIwADAOBgNVHQ8BAf8E"
129             +"BAMCBPAwJwYDVR0lBCAwHgYIKwYBBQUHAwIGCCsGAQUFBwMEBggrBgEFBQcDBzAd"
130             +"BgNVHQ4EFgQUZsj/dUVp1FmOJpYZ2j5fYKIdXYowHwYDVR0jBBgwFoAUs8UBsa9O"
131             +"S1c8/I07DHYFJp0po0AwYAYIKwYBBQUHAQMEVDBSMCMGCCsGAQUFBwsBMBcGAykB"
132             +"AjAQgQ5xY0BwcmltZWtleS5zZTAIBgYEAI5GAQEwFwYGBACORgECMA0TA1NFSwID"
133             +"AMNQAgEAMAgGBgQAjkYBBDANBgkqhkiG9w0BAQUFAAOCAQEAjmL27XY5Wt0/axsI"
134             +"PbtcfrJ6xEm5PlYabM+T3I6lksov6Rz1+/n/L1S5poGPG8iOdJCExcnR0HbNkeB+"
135             +"2oPltqSaxyoSfGugVn/Oufz2BfFd7OCWe14dPsA181oC7/nq+mzhBpQ7App9JirA"
136             +"aeJQrcRDNK7vVOmg2LZ2oSYno/TuRTFq0GxsEVjEdzAxpAxY7N8ff6gY7IHd7+hc"
137             +"4GiFY+NnNp9Dvf6mOYTXLxsOc+093S7uK2ohhq99aYCkzJmrngtrImtKi0y/LMjq"
138             +"oviMCQmzMLY2Ifcw+CsOyQZx7nxwafZ7BAzm6vIvSeiIe3VlskRGzYDM66NJJNNo"
139             +"C2HsPA==").getBytes());
140
141     private static byte[] aiaCert = Base64.decode(
142             ("MIIDTTCCAjWgAwIBAgIIepmLoJzsjC8wDQYJKoZIhvcNAQEFBQAwNzERMA8GA1UE"
143             +"AxMIQWRtaW5DQTExFTATBgNVBAoTDEVKQkNBIFNhbXBsZTELMAkGA1UEBhMCU0Uw"
144             +"HhcNMDYwMjA5MTA0OTA1WhcNMDgwMjA5MTA1OTA1WjAqMQ0wCwYDVQQDEwRmb280"
145             +"MQwwCgYDVQQKEwNGb28xCzAJBgNVBAYTAlNFMIGfMA0GCSqGSIb3DQEBAQUAA4GN"
146             +"ADCBiQKBgQCSsptDGz1XODuTKBGGCY/Y6B6bfw22LVxaIbCx9Ih+qghlwJ2HYRcl"
147             +"OpyGiMMsiTZADH4hL8WRam/8aq0x45YfQ8wSdxUkWSoVL0oahAbvY4h5J4S0hLrv"
148             +"8Z9CVcUvuH/StTtWHOh4af0klTvLwcnyGhswkSrwM8a3grQvGSIN5wIDAQABo4Ht"
149             +"MIHqMAwGA1UdEwEB/wQCMAAwDgYDVR0PAQH/BAQDAgWgMDsGA1UdJQQ0MDIGCCsG"
150             +"AQUFBwMBBggrBgEFBQcDAgYIKwYBBQUHAwQGCCsGAQUFBwMFBggrBgEFBQcDBzAd"
151             +"BgNVHQ4EFgQUCFwQPEQjTdWh27GEMxmV/onyADgwHwYDVR0jBBgwFoAUB/2KRYNO"
152             +"ZxRDkJ5oChjNeXgwtCcwTQYIKwYBBQUHAQEEQTA/MD0GCCsGAQUFBzABhjFodHRw"
153             +"Oi8vbG9jYWxob3N0OjgwODAvZWpiY2EvcHVibGljd2ViL3N0YXR1cy9vY3NwMA0G"
154             +"CSqGSIb3DQEBBQUAA4IBAQAe6ild0bNz6wD0bPhuumG5j5+9rDaPFebaYqV/AoEU"
155             +"4kovLzvqhPqUR/zQOEx9SSFFs+pxY6YMYDYha7mFrjpCSWr9wGNyv4BRAOMAl2YX"
156             +"P3DfYh/etqUySTuYLzDi65SOSRuvYPP9jJPWt0Ucsm10A10yqJITcAFVajTfNj0r"
157             +"WtTQ4Hbz/U5xkThvzCcx9Z3vIg1k0b5i3qs0JlDFxdWnTGCAn0TGBdsFFvAcSlJR"
158             +"UBSOmiFi7edaayqV8qMyNirSA2tOdOzcTr8zyGfozaHRVmMqTmpSOe1t/LyIK5uh"
159             +"tjsFYZQuz5pxRzvzXKmhKwzRTaJLPezBsIvhIZh41qTu").getBytes());
160
161     private static byte[] subjDirAttrCert = Base64.decode(
162             ("MIIGmTCCBYGgAwIBAgIQGMYCpWmOBXXOL2ODrM8FHzANBgkqhkiG9w0BAQUFADBx"
163 +"MQswCQYDVQQGEwJUUjEoMCYGA1UEChMfRWxla3Ryb25payBCaWxnaSBHdXZlbmxp"
164 +"Z2kgQS5TLjE4MDYGA1UEAxMvZS1HdXZlbiBFbGVrdHJvbmlrIFNlcnRpZmlrYSBI"
165 +"aXptZXQgU2FnbGF5aWNpc2kwHhcNMDYwMzI4MDAwMDAwWhcNMDcwMzI4MjM1OTU5"
166 +"WjCCAR0xCzAJBgNVBAYTAlRSMSgwJgYDVQQKDB9FbGVrdHJvbmlrIEJpbGdpIEd1"
167 +"dmVubGlnaSBBLlMuMQ8wDQYDVQQLDAZHS05FU0kxFDASBgNVBAUTCzIyOTI0NTQ1"
168 +"MDkyMRswGQYDVQQLDBJEb2d1bSBZZXJpIC0gQlVSU0ExIjAgBgNVBAsMGURvZ3Vt"
169 +"IFRhcmloaSAtIDAxLjA4LjE5NzcxPjA8BgNVBAsMNU1hZGRpIFPEsW7EsXIgLSA1"
170 +"MC4wMDAgWVRMLTIuMTYuNzkyLjEuNjEuMC4xLjUwNzAuMS4yMRcwFQYDVQQDDA5Z"
171 +"QVPEsE4gQkVDRU7EsDEjMCEGCSqGSIb3DQEJARYUeWFzaW5AdHVya2VrdWwuYXYu"
172 +"dHIwgZ8wDQYJKoZIhvcNAQEBBQADgY0AMIGJAoGBAKaJXVLvXC7qyjiqTAlM582X"
173 +"GPdQJxUfRxgTm6jlBZKtEhbWN5hbH4ASJTzmXWryGricejdKM+JBJECFdelyWPHs"
174 +"UkEL/U0uft3KLIdYo72oTibaL3j4vkEhjyubikSdl9CywkY6WS8nV9JNc66QOYxE"
175 +"5ZdE5CR19ScIYcOh7YpxAgMBAAGjggMBMIIC/TAJBgNVHRMEAjAAMAsGA1UdDwQE"
176 +"AwIGwDBWBgNVHR8ETzBNMEugSaBHhkVodHRwOi8vY3JsLmUtZ3V2ZW4uY29tL0Vs"
177 +"ZWt0cm9uaWtCaWxnaUd1dmVubGlnaUFTR0tORVNJL0xhdGVzdENSTC5jcmwwHwYD"
178 +"VR0jBBgwFoAUyT6jfNNisqvczhIzwmTXZTTyfrowggEcBgNVHSAEggETMIIBDzCB"
179 +"/wYJYIYYAwABAQECMIHxMDYGCCsGAQUFBwIBFipodHRwczovL3d3dy5lLWd1dmVu"
180 +"LmNvbS9lLWltemEvYmlsZ2lkZXBvc3UwgbYGCCsGAQUFBwICMIGpGoGmQnUgc2Vy"
181 +"dGlmaWthLCA1MDcwIHNhef1s/SBFbGVrdHJvbmlrIN1temEgS2FudW51bmEgZ/Zy"
182 +"ZSBuaXRlbGlrbGkgZWxla3Ryb25payBzZXJ0aWZpa2Fk/XIuIE9JRDogMi4xNi43"
183 +"OTIuMS42MS4wLjEuNTA3MC4xLjEgLSBPSUQ6IDAuNC4wLjE0NTYuMS4yIC0gT0lE"
184 +"OiAwLjQuMC4xODYyLjEuMTALBglghhgDAAEBBQQwgaEGCCsGAQUFBwEDBIGUMIGR"
185 +"MHYGCCsGAQUFBwsBMGoGC2CGGAE9AAGnTgEBMFuGWUJ1IFNlcnRpZmlrYSA1MDcw"
186 +"IHNhef1s/SBFbGVrdHJvbmlrIN1temEgS2FudW51bmEgZ/ZyZSBuaXRlbGlrbGkg"
187 +"ZWxla3Ryb25payBzZXJ0aWZpa2Fk/XIuMBcGBgQAjkYBAjANEwNZVEwCAwDDUAIB"
188 +"ADB2BggrBgEFBQcBAQRqMGgwIwYIKwYBBQUHMAGGF2h0dHA6Ly9vY3NwLmUtZ3V2"
189 +"ZW4uY29tMCIGCCsGAQUFBzAChhZodHRwOi8vd3d3LmUtZ3V2ZW4uY29tMB0GAytv"
190 +"DoYWaHR0cDovL3d3dy5lLWd1dmVuLmNvbTAbBgNVHQkEFDASMBAGCCsGAQUFBwkE"
191 +"MQQTAlRSMBEGCWCGSAGG+EIBAQQEAwIHgDANBgkqhkiG9w0BAQUFAAOCAQEA3yVY"
192 +"rURakBcrfv1hJjhDg7+ylCjXf9q6yP2E03kG4t606TLIyqWoqGkrndMtanp+a440"
193 +"rLPIe456XfRJBilj99H0NjzKACAVfLMTL8h/JBGLDYJJYA1S8PzBnMLHA8dhfBJ7"
194 +"StYEPM9BKW/WuBfOOdBNrRZtYKCHwGK2JANfM/JlfzOyG4A+XDQcgjiNoosjes1P"
195 +"qUHsaccIy0MM7FLMVV0HJNNQ84N9CuKIrBSSWopOudkajVqNtI3+FCcy+yXiH6LX"
196 +"fmpHZ346zprcafcjQmAiKfzPSljruvGDIVI3WN7S7WOMrx6MDq54626cZzQl9GFT"
197 +"D1gNo3fjOFhK33DY1Q==").getBytes());
198
199     private static byte[] subjDirAttrCert2 = Base64.decode(
200             ("MIIEsjCCA5qgAwIBAgIIFsYK/Jx7XEEwDQYJKoZIhvcNAQEFBQAwNzERMA8GA1UE"
201 +"AxMIQWRtaW5DQTExFTATBgNVBAoTDEVKQkNBIFNhbXBsZTELMAkGA1UEBhMCU0Uw"
202 +"HhcNMDYwNTMwMDcxNjU2WhcNMDgwNTI5MDcyNjU2WjA5MRkwFwYDVQQDExBUb21h"
203 +"cyBHdXN0YXZzc29uMQ8wDQYDVQQKEwZGb29PcmcxCzAJBgNVBAYTAlNFMIGfMA0G"
204 +"CSqGSIb3DQEBAQUAA4GNADCBiQKBgQCvhUYzNVW6iG5TpYi2Dr9VX37g05jcGEyP"
205 +"Lix05oxs3FnzPUf6ykxGy4nUYO12PfC6u9Gh+zelFfg6nKNQqYI48D4ufJc928Nx"
206 +"dZQZi41UmnFT5UXn3JcG4DQe0wZp+BKCch/UbtRjuE6iNxH24R//8W4wXc1R++FG"
207 +"5V6CQzHxXwIDAQABo4ICQjCCAj4wDAYDVR0TAQH/BAIwADAOBgNVHQ8BAf8EBAMC"
208 +"BPAwHQYDVR0lBBYwFAYIKwYBBQUHAwEGCCsGAQUFBwMCMB0GA1UdDgQWBBQ54I1p"
209 +"TGNwAeQEdnmcjNT+XMMjsjAfBgNVHSMEGDAWgBRzBo+b/XQZqq0DU6J10x17GoKS"
210 +"sDBMBgNVHSAERTBDMEEGAykBATA6MB4GCCsGAQUFBwICMBIeEABGAPYA9gBCAGEA"
211 +"cgDkAOQwGAYIKwYBBQUHAgEWDGh0dHA6LzExMS5zZTBuBgNVHR8EZzBlMGOgYaBf"
212 +"hl1odHRwOi8vbG9jYWxob3N0OjgwODAvZWpiY2EvcHVibGljd2ViL3dlYmRpc3Qv"
213 +"Y2VydGRpc3Q/Y21kPWNybCZpc3N1ZXI9Q049VGVzdENBLE89QW5hVG9tLEM9U0Uw"
214 +"TQYIKwYBBQUHAQEEQTA/MD0GCCsGAQUFBzABhjFodHRwOi8vbG9jYWxob3N0Ojgw"
215 +"ODAvZWpiY2EvcHVibGljd2ViL3N0YXR1cy9vY3NwMDoGCCsGAQUFBwEDBC4wLDAg"
216 +"BggrBgEFBQcLAjAUMBKBEHJhQGNvbW1maWRlcy5jb20wCAYGBACORgEBMHYGA1Ud"
217 +"CQRvMG0wEAYIKwYBBQUHCQUxBBMCU0UwEAYIKwYBBQUHCQQxBBMCU0UwDwYIKwYB"
218 +"BQUHCQMxAxMBTTAXBggrBgEFBQcJAjELEwlTdG9ja2hvbG0wHQYIKwYBBQUHCQEx"
219 +"ERgPMTk3MTA0MjUxMjAwMDBaMA0GCSqGSIb3DQEBBQUAA4IBAQA+vgNnGjw29xEs"
220 +"cnJi7wInUBvtTzQ4+SVSBPTzNA/ZEk+CJVsr/2xbPl+SShZ0SHObj9un1kwKst4n"
221 +"zcNqsnBorrluM92Z5gYwDN3mRGF0szbYEshr/KezMhY2MdXkE+i3nEx6awdemuCG"
222 +"g+LAfL4ODLAzAJJI4MfF+fz0IK7Zeobo1aVGS6Ii9sEnDdQOsLbdfHBNccrT353d"
223 +"NAwxPGnfunGBQ+Los6vjDApy/szMT32NFJDe4WTmkDxqYJQqQjhdrHTxpFEr0VQB"
224 +"s7KRRCYjga/Z52XytwwDBLFM9CPZJfyKxZTV9I9i6e0xSn2xEW8NRplY1HOKa/2B"
225 +"VzvWW9G5").getBytes());
226
227     /**
228      * Creates a new TestCertTools object.
229      *
230      * @param name DOCUMENT ME!
231      */

232     public TestCertTools(String JavaDoc name) {
233         super(name);
234     }
235
236     protected void setUp() throws Exception JavaDoc {
237         log.debug(">setUp()");
238         CertTools.installBCProvider();
239         log.debug("<setUp()");
240     }
241
242     protected void tearDown() throws Exception JavaDoc {
243     }
244
245     /**
246      * DOCUMENT ME!
247      *
248      * @throws Exception DOCUMENT ME!
249      */

250     public void test01GetPartFromDN() throws Exception JavaDoc {
251         log.debug(">test01GetPartFromDN()");
252
253         // We try to examine the general case and som special cases, which we want to be able to handle
254
String JavaDoc dn0 = "C=SE, O=AnaTom, CN=foo";
255         assertEquals(CertTools.getPartFromDN(dn0, "CN"), "foo");
256         assertEquals(CertTools.getPartFromDN(dn0, "O"), "AnaTom");
257         assertEquals(CertTools.getPartFromDN(dn0, "C"), "SE");
258         assertEquals(CertTools.getPartFromDN(dn0, "cn"), "foo");
259         assertEquals(CertTools.getPartFromDN(dn0, "o"), "AnaTom");
260         assertEquals(CertTools.getPartFromDN(dn0, "c"), "SE");
261
262         String JavaDoc dn1 = "c=SE, o=AnaTom, cn=foo";
263         assertEquals(CertTools.getPartFromDN(dn1, "CN"), "foo");
264         assertEquals(CertTools.getPartFromDN(dn1, "O"), "AnaTom");
265         assertEquals(CertTools.getPartFromDN(dn1, "C"), "SE");
266         assertEquals(CertTools.getPartFromDN(dn1, "cn"), "foo");
267         assertEquals(CertTools.getPartFromDN(dn1, "o"), "AnaTom");
268         assertEquals(CertTools.getPartFromDN(dn1, "c"), "SE");
269
270         String JavaDoc dn2 = "C=SE, O=AnaTom, CN=cn";
271         assertEquals(CertTools.getPartFromDN(dn2, "CN"), "cn");
272
273         String JavaDoc dn3 = "C=SE, O=AnaTom, CN=CN";
274         assertEquals(CertTools.getPartFromDN(dn3, "CN"), "CN");
275
276         String JavaDoc dn4 = "C=CN, O=AnaTom, CN=foo";
277         assertEquals(CertTools.getPartFromDN(dn4, "CN"), "foo");
278
279         String JavaDoc dn5 = "C=cn, O=AnaTom, CN=foo";
280         assertEquals(CertTools.getPartFromDN(dn5, "CN"), "foo");
281
282         String JavaDoc dn6 = "CN=foo, O=PrimeKey, C=SE";
283         assertEquals(CertTools.getPartFromDN(dn6, "CN"), "foo");
284         assertEquals(CertTools.getPartFromDN(dn6, "O"), "PrimeKey");
285         assertEquals(CertTools.getPartFromDN(dn6, "C"), "SE");
286
287         String JavaDoc dn7 = "CN=foo, O=PrimeKey, C=cn";
288         assertEquals(CertTools.getPartFromDN(dn7, "CN"), "foo");
289         assertEquals(CertTools.getPartFromDN(dn7, "C"), "cn");
290
291         String JavaDoc dn8 = "CN=foo, O=PrimeKey, C=CN";
292         assertEquals(CertTools.getPartFromDN(dn8, "CN"), "foo");
293         assertEquals(CertTools.getPartFromDN(dn8, "C"), "CN");
294
295         String JavaDoc dn9 = "CN=foo, O=CN, C=CN";
296         assertEquals(CertTools.getPartFromDN(dn9, "CN"), "foo");
297         assertEquals(CertTools.getPartFromDN(dn9, "O"), "CN");
298
299         String JavaDoc dn10 = "CN=foo, CN=bar,O=CN, C=CN";
300         assertEquals(CertTools.getPartFromDN(dn10, "CN"), "foo");
301         assertEquals(CertTools.getPartFromDN(dn10, "O"), "CN");
302
303         String JavaDoc dn11 = "CN=foo,CN=bar, O=CN, C=CN";
304         assertEquals(CertTools.getPartFromDN(dn11, "CN"), "foo");
305         assertEquals(CertTools.getPartFromDN(dn11, "O"), "CN");
306
307         String JavaDoc dn12 = "CN=\"foo, OU=bar\", O=baz\\\\\\, quux,C=C";
308         assertEquals(CertTools.getPartFromDN(dn12, "CN"), "foo, OU=bar");
309         assertEquals(CertTools.getPartFromDN(dn12, "O"), "baz\\, quux");
310         assertNull(CertTools.getPartFromDN(dn12, "OU"));
311
312         String JavaDoc dn13 = "C=SE, O=PrimeKey, EmailAddress=foo@primekey.se";
313         ArrayList JavaDoc emails = CertTools.getEmailFromDN(dn13);
314         assertEquals((String JavaDoc)emails.get(0), "foo@primekey.se");
315
316         String JavaDoc dn14 = "C=SE, E=foo@primekey.se, O=PrimeKey";
317         emails = CertTools.getEmailFromDN(dn14);
318         assertEquals((String JavaDoc)emails.get(0), "foo@primekey.se");
319
320         String JavaDoc dn15 = "C=SE, E=foo@primekey.se, O=PrimeKey, EmailAddress=bar@primekey.se";
321         emails = CertTools.getEmailFromDN(dn15);
322         assertEquals((String JavaDoc)emails.get(0), "bar@primekey.se");
323
324         log.debug("<test01GetPartFromDN()");
325     }
326
327     /**
328      * DOCUMENT ME!
329      *
330      * @throws Exception DOCUMENT ME!
331      */

332     public void test02StringToBCDNString() throws Exception JavaDoc {
333         log.debug(">test02StringToBCDNString()");
334
335         // We try to examine the general case and som special cases, which we want to be able to handle
336
String JavaDoc dn1 = "C=SE, O=AnaTom, CN=foo";
337         assertEquals(CertTools.stringToBCDNString(dn1), "CN=foo,O=AnaTom,C=SE");
338
339         String JavaDoc dn2 = "C=SE, O=AnaTom, CN=cn";
340         assertEquals(CertTools.stringToBCDNString(dn2), "CN=cn,O=AnaTom,C=SE");
341
342         String JavaDoc dn3 = "CN=foo, O=PrimeKey, C=SE";
343         assertEquals(CertTools.stringToBCDNString(dn3), "CN=foo,O=PrimeKey,C=SE");
344
345         String JavaDoc dn4 = "cn=foo, o=PrimeKey, c=SE";
346         assertEquals(CertTools.stringToBCDNString(dn4), "CN=foo,O=PrimeKey,C=SE");
347
348         String JavaDoc dn5 = "cn=foo,o=PrimeKey,c=SE";
349         assertEquals(CertTools.stringToBCDNString(dn5), "CN=foo,O=PrimeKey,C=SE");
350
351         String JavaDoc dn6 = "C=SE, O=AnaTom, CN=CN";
352         assertEquals(CertTools.stringToBCDNString(dn6), "CN=CN,O=AnaTom,C=SE");
353
354         String JavaDoc dn7 = "C=CN, O=AnaTom, CN=foo";
355         assertEquals(CertTools.stringToBCDNString(dn7), "CN=foo,O=AnaTom,C=CN");
356
357         String JavaDoc dn8 = "C=cn, O=AnaTom, CN=foo";
358         assertEquals(CertTools.stringToBCDNString(dn8), "CN=foo,O=AnaTom,C=cn");
359
360         String JavaDoc dn9 = "CN=foo, O=PrimeKey, C=CN";
361         assertEquals(CertTools.stringToBCDNString(dn9), "CN=foo,O=PrimeKey,C=CN");
362
363         String JavaDoc dn10 = "CN=foo, O=PrimeKey, C=cn";
364         assertEquals(CertTools.stringToBCDNString(dn10), "CN=foo,O=PrimeKey,C=cn");
365
366         String JavaDoc dn11 = "CN=foo, O=CN, C=CN";
367         assertEquals(CertTools.stringToBCDNString(dn11), "CN=foo,O=CN,C=CN");
368
369         String JavaDoc dn12 = "O=PrimeKey,C=SE,CN=CN";
370         assertEquals(CertTools.stringToBCDNString(dn12), "CN=CN,O=PrimeKey,C=SE");
371
372         String JavaDoc dn13 = "O=PrimeKey,C=SE,CN=CN, OU=FooOU";
373         assertEquals(CertTools.stringToBCDNString(dn13), "CN=CN,OU=FooOU,O=PrimeKey,C=SE");
374
375         String JavaDoc dn14 = "O=PrimeKey,C=CN,CN=CN, OU=FooOU";
376         assertEquals(CertTools.stringToBCDNString(dn14), "CN=CN,OU=FooOU,O=PrimeKey,C=CN");
377
378         String JavaDoc dn15 = "O=PrimeKey,C=CN,CN=cn, OU=FooOU";
379         assertEquals(CertTools.stringToBCDNString(dn15), "CN=cn,OU=FooOU,O=PrimeKey,C=CN");
380
381         String JavaDoc dn16 = "CN=foo, CN=bar,O=CN, C=CN";
382         assertEquals(CertTools.stringToBCDNString(dn16), "CN=foo,CN=bar,O=CN,C=CN");
383
384         String JavaDoc dn17 = "CN=foo,CN=bar, O=CN, O=C, C=CN";
385         assertEquals(CertTools.stringToBCDNString(dn17), "CN=foo,CN=bar,O=CN,O=C,C=CN");
386
387         String JavaDoc dn18 = "cn=jean,cn=EJBCA,dc=home,dc=jean";
388         assertEquals(CertTools.stringToBCDNString(dn18), "CN=jean,CN=EJBCA,DC=home,DC=jean");
389
390         String JavaDoc dn19 = "cn=bar, cn=foo,o=oo, O=EJBCA,DC=DC2, dc=dc1, C=SE";
391         assertEquals(CertTools.stringToBCDNString(dn19), "CN=bar,CN=foo,O=oo,O=EJBCA,DC=DC2,DC=dc1,C=SE");
392
393         String JavaDoc dn20 = " CN=\"foo, OU=bar\", O=baz\\\\\\, quux,C=SE ";
394         // BC always escapes with backslash, it doesn't use quotes.
395
assertEquals(CertTools.stringToBCDNString(dn20), "CN=foo\\, OU=bar,O=baz\\\\\\, quux,C=SE");
396
397         String JavaDoc dn21 = "C=SE,O=Foo\\, Inc, OU=Foo\\, Dep, CN=Foo\\'";
398         String JavaDoc bcdn21 = CertTools.stringToBCDNString(dn21);
399         assertEquals(bcdn21, "CN=Foo\',OU=Foo\\, Dep,O=Foo\\, Inc,C=SE");
400         // it is allowed to escape ,
401
assertEquals(StringTools.strip(bcdn21), "CN=Foo',OU=Foo\\, Dep,O=Foo\\, Inc,C=SE");
402
403         String JavaDoc dn22 = "C=SE,O=Foo\\, Inc, OU=Foo, Dep, CN=Foo'";
404         String JavaDoc bcdn22 = CertTools.stringToBCDNString(dn22);
405         assertEquals(bcdn22, "CN=Foo',OU=Foo,O=Foo\\, Inc,C=SE");
406         assertEquals(StringTools.strip(bcdn22), "CN=Foo',OU=Foo,O=Foo\\, Inc,C=SE");
407         
408         String JavaDoc dn23 = "C=SE,O=Foo, OU=FooOU, CN=Foo, DN=qualf";
409         String JavaDoc bcdn23 = CertTools.stringToBCDNString(dn23);
410         assertEquals(bcdn23, "DN=qualf,CN=Foo,OU=FooOU,O=Foo,C=SE");
411         assertEquals(StringTools.strip(bcdn23), "DN=qualf,CN=Foo,OU=FooOU,O=Foo,C=SE");
412
413         log.debug("<test02StringToBCDNString()");
414     }
415
416     /**
417      * DOCUMENT ME!
418      *
419      * @throws Exception DOCUMENT ME!
420      */

421     public void test03AltNames() throws Exception JavaDoc {
422         log.debug(">test03AltNames()");
423
424         // We try to examine the general case and som special cases, which we want to be able to handle
425
String JavaDoc alt1 = "rfc822Name=ejbca@primekey.se, dNSName=www.primekey.se, uri=http://www.primekey.se/ejbca";
426         assertEquals(CertTools.getPartFromDN(alt1, CertTools.EMAIL), "ejbca@primekey.se");
427         assertNull(CertTools.getPartFromDN(alt1, CertTools.EMAIL1));
428         assertNull(CertTools.getPartFromDN(alt1, CertTools.EMAIL2));
429         assertEquals(CertTools.getPartFromDN(alt1, CertTools.DNS), "www.primekey.se");
430         assertNull(CertTools.getPartFromDN(alt1, CertTools.URI));
431         assertEquals(CertTools.getPartFromDN(alt1, CertTools.URI1), "http://www.primekey.se/ejbca");
432
433         String JavaDoc alt2 = "email=ejbca@primekey.se, dNSName=www.primekey.se, uniformResourceIdentifier=http://www.primekey.se/ejbca";
434         assertEquals(CertTools.getPartFromDN(alt2, CertTools.EMAIL1), "ejbca@primekey.se");
435         assertEquals(CertTools.getPartFromDN(alt2, CertTools.URI), "http://www.primekey.se/ejbca");
436
437         String JavaDoc alt3 = "EmailAddress=ejbca@primekey.se, dNSName=www.primekey.se, uniformResourceIdentifier=http://www.primekey.se/ejbca";
438         assertEquals(CertTools.getPartFromDN(alt3, CertTools.EMAIL2), "ejbca@primekey.se");
439
440         X509Certificate JavaDoc cert = CertTools.getCertfromByteArray(guidcert);
441         String JavaDoc upn = CertTools.getUPNAltName(cert);
442         assertEquals(upn, "guid@foo.com");
443         String JavaDoc guid = CertTools.getGuidAltName(cert);
444         assertEquals(guid, "1234567890abcdef");
445         
446         String JavaDoc customAlt = "rfc822Name=foo@bar.com";
447         ArrayList JavaDoc oids = CertTools.getCustomOids(customAlt);
448         assertEquals(0, oids.size());
449         customAlt = "rfc822Name=foo@bar.com, 1.1.1.1.2=foobar, 1.2.2.2.2=barfoo";
450         oids = CertTools.getCustomOids(customAlt);
451         assertEquals(2, oids.size());
452         String JavaDoc oid1 = (String JavaDoc)oids.get(0);
453         assertEquals("1.1.1.1.2", oid1);
454         String JavaDoc oid2 = (String JavaDoc)oids.get(1);
455         assertEquals("1.2.2.2.2", oid2);
456         String JavaDoc val1 = CertTools.getPartFromDN(customAlt, oid1);
457         assertEquals("foobar", val1);
458         String JavaDoc val2 = CertTools.getPartFromDN(customAlt, oid2);
459         assertEquals("barfoo", val2);
460         
461         log.debug("<test03AltNames()");
462     }
463
464     /**
465      * DOCUMENT ME!
466      *
467      * @throws Exception DOCUMENT ME!
468      */

469     public void test04DNComponents() throws Exception JavaDoc {
470         log.debug(">test04DNComponents()");
471
472         // We try to examine the general case and som special cases, which we want to be able to handle
473
String JavaDoc dn1 = "CN=CommonName, O=Org, OU=OrgUnit, SerialNumber=SerialNumber, SurName=SurName, GivenName=GivenName, Initials=Initials, C=SE";
474         String JavaDoc bcdn1 = CertTools.stringToBCDNString(dn1);
475         log.debug("dn1: " + dn1);
476         log.debug("bcdn1: " + bcdn1);
477         assertEquals(bcdn1,
478                 "CN=CommonName,SN=SerialNumber,GIVENNAME=GivenName,INITIALS=Initials,SURNAME=SurName,OU=OrgUnit,O=Org,C=SE");
479
480         dn1 = "CN=CommonName, O=Org, OU=OrgUnit, SerialNumber=SerialNumber, SurName=SurName, GivenName=GivenName, Initials=Initials, C=SE, 1.1.1.1=1111Oid, 2.2.2.2=2222Oid";
481         bcdn1 = CertTools.stringToBCDNString(dn1);
482         log.debug("dn1: " + dn1);
483         log.debug("bcdn1: " + bcdn1);
484         assertEquals(bcdn1,
485                 "CN=CommonName,SN=SerialNumber,GIVENNAME=GivenName,INITIALS=Initials,SURNAME=SurName,OU=OrgUnit,O=Org,C=SE,2.2.2.2=2222Oid,1.1.1.1=1111Oid");
486
487         dn1 = "CN=CommonName, 3.3.3.3=3333Oid,O=Org, OU=OrgUnit, SerialNumber=SerialNumber, SurName=SurName, GivenName=GivenName, Initials=Initials, C=SE, 1.1.1.1=1111Oid, 2.2.2.2=2222Oid";
488         bcdn1 = CertTools.stringToBCDNString(dn1);
489         log.debug("dn1: " + dn1);
490         log.debug("bcdn1: " + bcdn1);
491         // 3.3.3.3 is not a valid OID so it should be silently dropped
492
assertEquals(bcdn1,"CN=CommonName,SN=SerialNumber,GIVENNAME=GivenName,INITIALS=Initials,SURNAME=SurName,OU=OrgUnit,O=Org,C=SE,2.2.2.2=2222Oid,1.1.1.1=1111Oid");
493
494         dn1 = "CN=CommonName, 2.3.3.3=3333Oid,O=Org, K=KKK, OU=OrgUnit, SerialNumber=SerialNumber, SurName=SurName, GivenName=GivenName, Initials=Initials, C=SE, 1.1.1.1=1111Oid, 2.2.2.2=2222Oid";
495         bcdn1 = CertTools.stringToBCDNString(dn1);
496         log.debug("dn1: " + dn1);
497         log.debug("bcdn1: " + bcdn1);
498         assertEquals(bcdn1,
499                 "CN=CommonName,SN=SerialNumber,GIVENNAME=GivenName,INITIALS=Initials,SURNAME=SurName,OU=OrgUnit,O=Org,C=SE,2.2.2.2=2222Oid,1.1.1.1=1111Oid,2.3.3.3=3333Oid");
500
501         log.debug("<test04DNComponents()");
502     }
503
504     /** Tests string coding/decoding international (swedish characters)
505      *
506      * @throws Exception if error...
507      */

508     public void test05IntlChars() throws Exception JavaDoc {
509         log.debug(">test05IntlChars()");
510         // We try to examine the general case and som special cases, which we want to be able to handle
511
String JavaDoc dn1 = "CN=Tomas?????????, O=?????????-Org, OU=??????-Unit, C=SE";
512         String JavaDoc bcdn1 = CertTools.stringToBCDNString(dn1);
513         log.debug("dn1: " + dn1);
514         log.debug("bcdn1: " + bcdn1);
515         assertEquals("CN=Tomas?????????,OU=??????-Unit,O=?????????-Org,C=SE", bcdn1);
516         log.debug("<test05IntlChars()");
517     }
518
519     /** Tests some of the other methods of CertTools
520      *
521      * @throws Exception if error...
522      */

523     public void test06CertOps() throws Exception JavaDoc {
524         log.debug(">test06CertOps()");
525         X509Certificate JavaDoc cert = CertTools.getCertfromByteArray(testcert);
526         X509Certificate JavaDoc gcert = CertTools.getCertfromByteArray(guidcert);
527         assertEquals("Wrong issuerDN", CertTools.getIssuerDN(cert), CertTools.stringToBCDNString("CN=TestCA,O=AnaTom,C=SE"));
528         assertEquals("Wrong subjectDN", CertTools.getSubjectDN(cert), CertTools.stringToBCDNString("CN=p12test,O=PrimeTest,C=SE"));
529         assertEquals("Wrong subject key id", new String JavaDoc(Hex.encode(CertTools.getSubjectKeyId(cert))), "E74F5690F48D147783847CD26448E8094ABB08A0".toLowerCase());
530         assertEquals("Wrong authority key id", new String JavaDoc(Hex.encode(CertTools.getAuthorityKeyId(cert))), "637BF476A854248EA574A57744A6F45E0F579251".toLowerCase());
531         assertEquals("Wrong upn alt name", "foo@foo", CertTools.getUPNAltName(cert));
532         assertEquals("Wrong guid alt name", "1234567890abcdef", CertTools.getGuidAltName(gcert));
533         assertEquals("Wrong certificate policy", "1.1.1.1.1.1", CertTools.getCertificatePolicyId(cert, 0));
534         assertNull("Not null policy", CertTools.getCertificatePolicyId(cert, 1));
535 // System.out.println(cert);
536
// FileOutputStream fos = new FileOutputStream("foo.cert");
537
// fos.write(cert.getEncoded());
538
// fos.close();
539
log.debug("<test06CertOps()");
540     }
541
542     /** Tests the handling of DC components
543      *
544      * @throws Exception if error...
545      */

546     public void test07TestDC() throws Exception JavaDoc {
547         log.debug(">test07TestDC()");
548         // We try to examine the that we handle modern dc components for ldap correctly
549
String JavaDoc dn1 = "dc=bigcorp,dc=com,dc=se,ou=users,cn=Mike Jackson";
550         String JavaDoc bcdn1 = CertTools.stringToBCDNString(dn1);
551         log.debug("dn1: " + dn1);
552         log.debug("bcdn1: " + bcdn1);
553         //assertEquals("CN=Mike Jackson,OU=users,DC=se,DC=bigcorp,DC=com", bcdn1);
554
String JavaDoc dn2 = "cn=Mike Jackson,ou=users,dc=se,dc=bigcorp,dc=com";
555         String JavaDoc bcdn2 = CertTools.stringToBCDNString(dn2);
556         log.debug("dn2: " + dn2);
557         log.debug("bcdn2: " + bcdn2);
558         assertEquals("CN=Mike Jackson,OU=users,DC=se,DC=bigcorp,DC=com", bcdn2);
559         log.debug("<test07TestDC()");
560     }
561
562     /** Tests the handling of unstructuredName/Address
563      *
564      * @throws Exception if error...
565      */

566     public void test08TestUnstructured() throws Exception JavaDoc {
567         log.debug(">test08TestUnstructured()");
568         // We try to examine the that we handle modern dc components for ldap correctly
569
String JavaDoc dn1 = "C=SE,O=PrimeKey,unstructuredName=10.1.1.2,unstructuredAddress=foo.bar.se,cn=test";
570         String JavaDoc bcdn1 = CertTools.stringToBCDNString(dn1);
571         log.debug("dn1: " + dn1);
572         log.debug("bcdn1: " + bcdn1);
573         assertEquals("unstructuredAddress=foo.bar.se,unstructuredName=10.1.1.2,CN=test,O=PrimeKey,C=SE", bcdn1);
574         log.debug("<test08TestUnstructured()");
575     }
576
577     /** Tests the reversing of a DN
578     *
579     * @throws Exception if error...
580     */

581    public void test09TestReverse() throws Exception JavaDoc {
582        log.debug(">test09TestReverse()");
583        // We try to examine the that we handle modern dc components for ldap correctly
584
String JavaDoc dn1 = "dc=com,dc=bigcorp,dc=se,ou=orgunit,ou=users,cn=Tomas G";
585        String JavaDoc dn2 = "cn=Tomas G,ou=users,ou=orgunit,dc=se,dc=bigcorp,dc=com";
586        assertTrue(CertTools.isDNReversed(dn1));
587        assertTrue(!CertTools.isDNReversed(dn2));
588        assertTrue(CertTools.isDNReversed("C=SE,CN=Foo"));
589        assertTrue(!CertTools.isDNReversed("CN=Foo,O=FooO"));
590        String JavaDoc revdn1 = CertTools.reverseDN(dn1);
591        log.debug("dn1: " + dn1);
592        log.debug("revdn1: " + revdn1);
593        assertEquals(dn2, revdn1);
594        
595        log.debug("<test09TestReverse()");
596    }
597     /** Tests the handling of DC components
598     *
599     * @throws Exception if error...
600     */

601    public void test10TestMultipleReversed() throws Exception JavaDoc {
602        log.debug(">test10TestMultipleReversed()");
603        // We try to examine the that we handle modern dc components for ldap correctly
604
String JavaDoc dn1 = "dc=com,dc=bigcorp,dc=se,ou=orgunit,ou=users,cn=Tomas G";
605        String JavaDoc bcdn1 = CertTools.stringToBCDNString(dn1);
606        log.debug("dn1: " + dn1);
607        log.debug("bcdn1: " + bcdn1);
608        assertEquals("CN=Tomas G,OU=users,OU=orgunit,DC=se,DC=bigcorp,DC=com", bcdn1);
609
610        String JavaDoc dn19 = "C=SE, dc=dc1,DC=DC2,O=EJBCA, O=oo, cn=foo, cn=bar";
611        assertEquals("CN=bar,CN=foo,O=oo,O=EJBCA,DC=DC2,DC=dc1,C=SE", CertTools.stringToBCDNString(dn19));
612        String JavaDoc dn20 = " C=SE,CN=\"foo, OU=bar\", O=baz\\\\\\, quux ";
613        // BC always escapes with backslash, it doesn't use quotes.
614
assertEquals("CN=foo\\, OU=bar,O=baz\\\\\\, quux,C=SE", CertTools.stringToBCDNString(dn20));
615
616        String JavaDoc dn21 = "C=SE,O=Foo\\, Inc, OU=Foo\\, Dep, CN=Foo\\'";
617        String JavaDoc bcdn21 = CertTools.stringToBCDNString(dn21);
618        assertEquals("CN=Foo\',OU=Foo\\, Dep,O=Foo\\, Inc,C=SE", bcdn21);
619        assertEquals("CN=Foo',OU=Foo\\, Dep,O=Foo\\, Inc,C=SE", StringTools.strip(bcdn21));
620        log.debug("<test10TestMultipleReversed()");
621    }
622    
623    /** Tests the insertCNPostfix function
624    *
625    * @throws Exception if error...
626    */

627   public void test11TestInsertCNPostfix() throws Exception JavaDoc {
628       log.debug(">test11TestInsertCNPostfix()");
629       
630       // Test the regular case with one CN beging replaced with " (VPN)" postfix
631
String JavaDoc dn1 = "CN=Tomas G,OU=users,OU=orgunit,DC=se,DC=bigcorp,DC=com";
632       String JavaDoc cnpostfix1 = " (VPN)";
633       String JavaDoc newdn1 = CertTools.insertCNPostfix(dn1,cnpostfix1);
634       assertEquals("CN=Tomas G (VPN),OU=users,OU=orgunit,DC=se,DC=bigcorp,DC=com", newdn1);
635       
636       // Test case when CN doesn't exist
637
String JavaDoc dn2 = "OU=users,OU=orgunit,DC=se,DC=bigcorp,DC=com";
638       String JavaDoc newdn2 = CertTools.insertCNPostfix(dn2,cnpostfix1);
639       assertEquals("OU=users,OU=orgunit,DC=se,DC=bigcorp,DC=com", newdn2);
640       
641       // Test case with two CNs in DN only first one should be replaced.
642
String JavaDoc dn3 = "CN=Tomas G,CN=Bagare,OU=users,OU=orgunit,DC=se,DC=bigcorp,DC=com";
643       String JavaDoc newdn3 = CertTools.insertCNPostfix(dn3,cnpostfix1);
644       assertEquals("CN=Tomas G (VPN),CN=Bagare,OU=users,OU=orgunit,DC=se,DC=bigcorp,DC=com", newdn3);
645  
646       // Test case with two CNs in reversed DN
647
String JavaDoc dn4 = "dc=com,dc=bigcorp,dc=se,ou=orgunit,ou=users,cn=Tomas G,CN=Bagare";
648       String JavaDoc newdn4 = CertTools.insertCNPostfix(dn4,cnpostfix1);
649       assertEquals("dc=com,dc=bigcorp,dc=se,ou=orgunit,ou=users,cn=Tomas G (VPN),CN=Bagare", newdn4);
650
651       // Test case with two CNs in reversed DN
652
String JavaDoc dn5 = "UID=tomas,CN=tomas,OU=users,OU=orgunit,DC=se,DC=bigcorp,DC=com";
653       String JavaDoc cnpostfix5 = " (VPN)";
654       String JavaDoc newdn5 = CertTools.insertCNPostfix(dn5,cnpostfix5);
655       assertEquals("UID=tomas,CN=tomas (VPN),OU=users,OU=orgunit,DC=se,DC=bigcorp,DC=com", newdn5);
656       
657       log.debug("<test11TestInsertCNPostfix()");
658   }
659   
660   /**
661    */

662   public void test12GetPartsFromDN() throws Exception JavaDoc {
663       log.debug(">test01GetPartFromDN()");
664
665       // We try to examine the general case and som special cases, which we want to be able to handle
666
String JavaDoc dn0 = "C=SE, O=AnaTom, CN=foo";
667       assertEquals(CertTools.getPartsFromDN(dn0, "CN").size(), 1);
668       assertTrue(CertTools.getPartsFromDN(dn0, "CN").contains("foo"));
669       assertEquals(CertTools.getPartsFromDN(dn0, "O").size(), 1);
670       assertTrue(CertTools.getPartsFromDN(dn0, "O").contains("AnaTom"));
671       assertEquals(CertTools.getPartsFromDN(dn0, "C").size(), 1);
672       assertTrue(CertTools.getPartsFromDN(dn0, "C").contains("SE"));
673       assertEquals(CertTools.getPartsFromDN(dn0, "cn").size(), 1);
674       assertTrue(CertTools.getPartsFromDN(dn0, "cn").contains("foo"));
675       assertEquals(CertTools.getPartsFromDN(dn0, "o").size(), 1);
676       assertTrue(CertTools.getPartsFromDN(dn0, "o").contains("AnaTom"));
677       assertEquals(CertTools.getPartsFromDN(dn0, "c").size(), 1);
678       assertTrue(CertTools.getPartsFromDN(dn0, "c").contains("SE"));
679
680       String JavaDoc dn1 = "uri=http://www.a.se, C=SE, O=AnaTom, CN=foo";
681       assertEquals(CertTools.getPartsFromDN(dn1, "CN").size(), 1);
682       assertTrue(CertTools.getPartsFromDN(dn1, "CN").contains("foo"));
683       assertEquals(CertTools.getPartsFromDN(dn1, CertTools.URI).size(), 0);
684       assertEquals(CertTools.getPartsFromDN(dn1, CertTools.URI1).size(), 1);
685       assertTrue(CertTools.getPartsFromDN(dn1, CertTools.URI1).contains("http://www.a.se"));
686
687       String JavaDoc dn2 = "uri=http://www.a.se, uri=http://www.b.se, C=SE, O=AnaTom, CN=foo";
688       assertEquals(CertTools.getPartsFromDN(dn2, "CN").size(), 1);
689       assertTrue(CertTools.getPartsFromDN(dn2, "CN").contains("foo"));
690       assertEquals(CertTools.getPartsFromDN(dn2, CertTools.URI1).size(), 2);
691       assertTrue(CertTools.getPartsFromDN(dn2, CertTools.URI1).contains("http://www.a.se"));
692       assertTrue(CertTools.getPartsFromDN(dn2, CertTools.URI1).contains("http://www.b.se"));
693
694       log.debug("<test12GetPartsFromDN()");
695   }
696   
697   public void test13GetSubjectAltNameString() throws Exception JavaDoc {
698       log.debug(">test13GetSubjectAltNameString()");
699       
700       String JavaDoc altNames = CertTools.getSubjectAlternativeName(CertTools.getCertfromByteArray(altNameCert));
701       log.debug(altNames);
702       String JavaDoc name = CertTools.getPartFromDN(altNames,CertTools.UPN);
703       assertEquals("foo@a.se", name);
704       assertEquals("foo@a.se", CertTools.getUPNAltName(CertTools.getCertfromByteArray(altNameCert)));
705       name = CertTools.getPartFromDN(altNames,CertTools.URI);
706       assertEquals("http://www.a.se/", name);
707       name = CertTools.getPartFromDN(altNames,CertTools.EMAIL);
708       assertEquals("tomas@a.se", name);
709       name = CertTools.getEMailAddress(CertTools.getCertfromByteArray(altNameCert));
710       assertEquals("tomas@a.se", name);
711       name = CertTools.getEMailAddress(CertTools.getCertfromByteArray(testcert));
712       assertNull(name);
713       name = CertTools.getEMailAddress(null);
714       assertNull(name);
715       name = CertTools.getPartFromDN(altNames,CertTools.DNS);
716       assertEquals("www.a.se", name);
717       name = CertTools.getPartFromDN(altNames,CertTools.IPADDR);
718       assertEquals("10.1.1.1", name);
719       log.debug("<test13GetSubjectAltNameString()");
720   }
721
722   public void test14QCStatement() throws Exception JavaDoc {
723       X509Certificate JavaDoc cert = CertTools.getCertfromByteArray(qcRefCert);
724       //System.out.println(cert);
725
assertEquals("rfc822name=municipality@darmstadt.de", QCStatementExtension.getQcStatementAuthorities(cert));
726       Collection JavaDoc ids = QCStatementExtension.getQcStatementIds(cert);
727       assertTrue(ids.contains(RFC3739QCObjectIdentifiers.id_qcs_pkixQCSyntax_v2.getId()));
728       X509Certificate JavaDoc cert2 = CertTools.getCertfromByteArray(qcPrimeCert);
729       assertEquals("rfc822name=qc@primekey.se", QCStatementExtension.getQcStatementAuthorities(cert2));
730       ids = QCStatementExtension.getQcStatementIds(cert2);
731       assertTrue(ids.contains(RFC3739QCObjectIdentifiers.id_qcs_pkixQCSyntax_v1.getId()));
732       assertTrue(ids.contains(ETSIQCObjectIdentifiers.id_etsi_qcs_QcCompliance.getId()));
733       assertTrue(ids.contains(ETSIQCObjectIdentifiers.id_etsi_qcs_QcSSCD.getId()));
734       assertTrue(ids.contains(ETSIQCObjectIdentifiers.id_etsi_qcs_LimiteValue.getId()));
735       String JavaDoc limit = QCStatementExtension.getQcStatementValueLimit(cert2);
736       assertEquals("50000 SEK", limit);
737   }
738   public void test15AiaOcspUri() throws Exception JavaDoc {
739       X509Certificate JavaDoc cert = CertTools.getCertfromByteArray(aiaCert);
740       //System.out.println(cert);
741
assertEquals("http://localhost:8080/ejbca/publicweb/status/ocsp", CertTools.getAuthorityInformationAccessOcspUrl(cert));
742   }
743   public void test16GetSubjectAltNameStringWithDirectoryName() throws Exception JavaDoc {
744         log.debug(">test16GetSubjectAltNameStringWithDirectoryName()");
745
746         X509Certificate JavaDoc cer = CertTools.getCertfromByteArray(altNameCertWithDirectoryName);
747         String JavaDoc altNames = CertTools.getSubjectAlternativeName(cer);
748         log.debug(altNames);
749         
750         String JavaDoc name = CertTools.getPartFromDN(altNames, CertTools.UPN);
751         assertEquals("testDirName@jamador.pki.gva.es", name);
752         assertEquals("testDirName@jamador.pki.gva.es", CertTools.getUPNAltName(cer));
753         
754         name = CertTools.getPartFromDN(altNames, CertTools.DIRECTORYNAME);
755         assertEquals("CN=testDirName|dir|name", name);
756         assertEquals(name.substring("CN=".length()), new X509Name("CN=testDirName|dir|name").getValues().get(0));
757         
758         String JavaDoc altName = "rfc822name=foo@bar.se, uri=http://foo.bar.se, directoryName="+LDAPDN.escapeRDN("CN=testDirName, O=Foo, OU=Bar, C=SE")+", dnsName=foo.bar.se";
759         GeneralNames san = CertTools.getGeneralNamesFromAltName(altName);
760         GeneralName[] gns = san.getNames();
761         boolean found = false;
762         for (int i = 0;i < gns.length; i++) {
763             int tag = gns[i].getTagNo();
764             if (tag == 4) {
765                 found = true;
766                 DEREncodable enc = gns[i].getName();
767                 X509Name dir = (X509Name)enc;
768                 String JavaDoc str = dir.toString();
769                 log.debug("DirectoryName: "+str);
770                 assertEquals("CN=testDirName,O=Foo,OU=Bar,C=SE", str);
771             }
772             
773         }
774         assertTrue(found);
775         
776         altName = "rfc822name=foo@bar.se, rfc822name=foo@bar.com, uri=http://foo.bar.se, directoryName="+LDAPDN.escapeRDN("CN=testDirName, O=Foo, OU=Bar, C=SE")+", dnsName=foo.bar.se, dnsName=foo.bar.com";
777         san = CertTools.getGeneralNamesFromAltName(altName);
778         gns = san.getNames();
779         int dnscount = 0;
780         int rfc822count = 0;
781         for (int i = 0;i < gns.length; i++) {
782             int tag = gns[i].getTagNo();
783             if (tag == 2) {
784                 dnscount++;
785                 DEREncodable enc = gns[i].getName();
786                 DERIA5String dir = (DERIA5String)enc;
787                 String JavaDoc str = dir.getString();
788                 log.info("DnsName: "+str);
789             }
790             if (tag == 1) {
791                 rfc822count++;
792                 DEREncodable enc = gns[i].getName();
793                 DERIA5String dir = (DERIA5String)enc;
794                 String JavaDoc str = dir.getString();
795                 log.info("Rfc822Name: "+str);
796             }
797             
798         }
799         assertEquals(2, dnscount);
800         assertEquals(2, rfc822count);
801         log.debug("<test16GetSubjectAltNameStringWithDirectoryName()");
802       }
803
804   public void test17SubjectDirectoryAttributes() throws Exception JavaDoc {
805       log.debug(">test17SubjectDirectoryAttributes()");
806       X509Certificate JavaDoc cer = CertTools.getCertfromByteArray(subjDirAttrCert);
807       String JavaDoc ret = SubjectDirAttrExtension.getSubjectDirectoryAttributes(cer);
808       assertEquals("countryOfCitizenship=TR", ret);
809       cer = CertTools.getCertfromByteArray(subjDirAttrCert2);
810       ret = SubjectDirAttrExtension.getSubjectDirectoryAttributes(cer);
811       assertEquals("countryOfResidence=SE, countryOfCitizenship=SE, gender=M, placeOfBirth=Stockholm, dateOfBirth=19710425", ret);
812       log.debug("<test17SubjectDirectoryAttributes()");
813   }
814 }
815
Popular Tags