1 13 14 package org.ejbca.util; 15 16 import java.security.cert.X509Certificate ; 17 import java.util.ArrayList ; 18 import java.util.Collection ; 19 20 import junit.framework.TestCase; 21 22 import org.apache.log4j.Logger; 23 import org.bouncycastle.asn1.DEREncodable; 24 import org.bouncycastle.asn1.DERIA5String; 25 import org.bouncycastle.asn1.x509.GeneralName; 26 import org.bouncycastle.asn1.x509.GeneralNames; 27 import org.bouncycastle.asn1.x509.X509Name; 28 import org.bouncycastle.asn1.x509.qualified.ETSIQCObjectIdentifiers; 29 import org.bouncycastle.asn1.x509.qualified.RFC3739QCObjectIdentifiers; 30 import org.bouncycastle.util.encoders.Hex; 31 import org.ejbca.util.cert.QCStatementExtension; 32 import org.ejbca.util.cert.SubjectDirAttrExtension; 33 34 import com.novell.ldap.LDAPDN; 35 36 37 42 public class TestCertTools extends TestCase { 43 private static Logger log = Logger.getLogger(TestCertTools.class); 44 private static byte[] testcert = Base64.decode(("MIIDATCCAmqgAwIBAgIIczEoghAwc3EwDQYJKoZIhvcNAQEFBQAwLzEPMA0GA1UE" 45 + "AxMGVGVzdENBMQ8wDQYDVQQKEwZBbmFUb20xCzAJBgNVBAYTAlNFMB4XDTAzMDky" 46 + "NDA2NDgwNFoXDTA1MDkyMzA2NTgwNFowMzEQMA4GA1UEAxMHcDEydGVzdDESMBAG" 47 + "A1UEChMJUHJpbWVUZXN0MQswCQYDVQQGEwJTRTCBnTANBgkqhkiG9w0BAQEFAAOB" 48 + "iwAwgYcCgYEAnPAtfpU63/0h6InBmesN8FYS47hMvq/sliSBOMU0VqzlNNXuhD8a" 49 + "3FypGfnPXvjJP5YX9ORu1xAfTNao2sSHLtrkNJQBv6jCRIMYbjjo84UFab2qhhaJ" 50 + "wqJgkQNKu2LHy5gFUztxD8JIuFPoayp1n9JL/gqFDv6k81UnDGmHeFcCARGjggEi" 51 + "MIIBHjAPBgNVHRMBAf8EBTADAQEAMA8GA1UdDwEB/wQFAwMHoAAwOwYDVR0lBDQw" 52 + "MgYIKwYBBQUHAwEGCCsGAQUFBwMCBggrBgEFBQcDBAYIKwYBBQUHAwUGCCsGAQUF" 53 + "BwMHMB0GA1UdDgQWBBTnT1aQ9I0Ud4OEfNJkSOgJSrsIoDAfBgNVHSMEGDAWgBRj" 54 + "e/R2qFQkjqV0pXdEpvReD1eSUTAiBgNVHREEGzAZoBcGCisGAQQBgjcUAgOgCQwH" 55 + "Zm9vQGZvbzASBgNVHSAECzAJMAcGBSkBAQEBMEUGA1UdHwQ+MDwwOqA4oDaGNGh0" 56 + "dHA6Ly8xMjcuMC4wLjE6ODA4MC9lamJjYS93ZWJkaXN0L2NlcnRkaXN0P2NtZD1j" 57 + "cmwwDQYJKoZIhvcNAQEFBQADgYEAU4CCcLoSUDGXJAOO9hGhvxQiwjGD2rVKCLR4" 58 + "emox1mlQ5rgO9sSel6jHkwceaq4A55+qXAjQVsuy76UJnc8ncYX8f98uSYKcjxo/" 59 + "ifn1eHMbL8dGLd5bc2GNBZkmhFIEoDvbfn9jo7phlS8iyvF2YhC4eso8Xb+T7+BZ" 60 + "QUOBOvc=").getBytes()); 61 62 private static byte[] guidcert = Base64.decode( 63 ("MIIC+zCCAmSgAwIBAgIIBW0F4eGmH0YwDQYJKoZIhvcNAQEFBQAwMTERMA8GA1UE" 64 +"AxMIQWRtaW5DQTExDzANBgNVBAoTBkFuYVRvbTELMAkGA1UEBhMCU0UwHhcNMDQw" 65 +"OTE2MTc1NzQ1WhcNMDYwOTE2MTgwNzQ1WjAyMRQwEgYKCZImiZPyLGQBARMEZ3Vp" 66 +"ZDENMAsGA1UEAxMER3VpZDELMAkGA1UEBhMCU0UwgZ8wDQYJKoZIhvcNAQEBBQAD" 67 +"gY0AMIGJAoGBANdjsBcLJKUN4hzJU1p3cqaXhPgEjGul62/3xv+Gow+7oOYePcK8" 68 +"bM5VO4zdQVWEhuGOZFaZ70YbXhei4F9kvqlN7xuG47g7DNZ0/fnRzvGY0BHmIR4Y" 69 +"/U87oMEDa2Giy0WTjsmT14uzy4luFgqb2ZA3USGcyJ9hoT6j1WDyOxitAgMBAAGj" 70 +"ggEZMIIBFTAMBgNVHRMBAf8EAjAAMA4GA1UdDwEB/wQEAwIFoDA7BgNVHSUENDAy" 71 +"BggrBgEFBQcDAQYIKwYBBQUHAwIGCCsGAQUFBwMEBggrBgEFBQcDBQYIKwYBBQUH" 72 +"AwcwHQYDVR0OBBYEFJlDddj88zI7tz3SPfdig0gw5IWvMB8GA1UdIwQYMBaAFI1k" 73 +"9WhE1WXpeezZx/kM0qsoZyqVMHgGA1UdEQRxMG+BDGd1aWRAZm9vLmNvbYIMZ3Vp" 74 +"ZC5mb28uY29thhRodHRwOi8vZ3VpZC5mb28uY29tL4cECgwNDqAcBgorBgEEAYI3" 75 +"FAIDoA4MDGd1aWRAZm9vLmNvbaAXBgkrBgEEAYI3GQGgCgQIEjRWeJCrze8wDQYJ" 76 +"KoZIhvcNAQEFBQADgYEAq39n6CZJgJnW0CH+QkcuU5F4RQveNPGiJzIJxUeOQ1yQ" 77 +"gSkt3hvNwG4kLBmmwe9YLdS83dgNImMWL/DgID/47aENlBNai14CvtMceokik4IN" 78 +"sacc7x/Vp3xezHLuBMcf3E3VSo4FwqcUYFmu7Obke3ebmB08nC6gnQHkzjNsmQw=").getBytes()); 79 80 private static byte[] altNameCert = Base64.decode( 81 ("MIIDDzCCAfegAwIBAgIIPiL0klmu1uIwDQYJKoZIhvcNAQEFBQAwNzERMA8GA1UE" 82 +"AxMIQWRtaW5DQTExFTATBgNVBAoTDEVKQkNBIFNhbXBsZTELMAkGA1UEBhMCU0Uw" 83 +"HhcNMDUwODAyMTAxOTQ5WhcNMDcwODAyMTAyOTQ5WjAsMQwwCgYDVQQDEwNmb28x" 84 +"DzANBgNVBAoTBkFuYVRvbTELMAkGA1UEBhMCU0UwXDANBgkqhkiG9w0BAQEFAANL" 85 +"ADBIAkEAmMVWkkEMLbDNoB/NG3kJ22eC18syXqaHWRWc4DldFeCMGeLzfB2NklNv" 86 +"hmr2kgIJcK+wyFpMkYm46dSMOrvovQIDAQABo4HxMIHuMAwGA1UdEwEB/wQCMAAw" 87 +"DgYDVR0PAQH/BAQDAgWgMDsGA1UdJQQ0MDIGCCsGAQUFBwMBBggrBgEFBQcDAgYI" 88 +"KwYBBQUHAwQGCCsGAQUFBwMFBggrBgEFBQcDBzAdBgNVHQ4EFgQUIV/Fck/+UVnw" 89 +"tJigtZIF5OuuhlIwHwYDVR0jBBgwFoAUB/2KRYNOZxRDkJ5oChjNeXgwtCcwUQYD" 90 +"VR0RBEowSIEKdG9tYXNAYS5zZYIId3d3LmEuc2WGEGh0dHA6Ly93d3cuYS5zZS+H" 91 +"BAoBAQGgGAYKKwYBBAGCNxQCA6AKDAhmb29AYS5zZTANBgkqhkiG9w0BAQUFAAOC" 92 +"AQEAfAGJM0/s+Yi1Ewmvt9Z/9w8X/T/02bF8P8MJG2H2eiIMCs/tkNhnlFGYYGhD" 93 +"Km8ynveQZbdYvKFioOr/D19gMis/HNy9UDfOMrJdeGWiwxUHvKKbtcSlOPH3Hm0t" 94 +"LSKomWdKfjTksfj69Tf01S0oNonprvwGxIdsa1uA9BC/MjkkPt1qEWkt/FWCfq9u" 95 +"8Xyj2tZEJKjLgAW6qJ3ye81pEVKHgMmapWTQU2uI1qyEPYxoT9WkQtSObGI1wCqO" 96 +"YmKglnd5BIUBPO9LOryyHlSRTID5z0UgDlrTAaNYuN8QOYF+DZEQxm4bSXTDooGX" 97 +"rHjSjn/7Urb31CXWAxq0Zhk3fg==").getBytes()); 98 99 private static byte[] altNameCertWithDirectoryName = Base64.decode(("MIIFkjCCBPugAwIBAgIIBzGqGNsLMqwwDQYJKoZIhvcNAQEFBQAwWTEYMBYGA1UEAwwPU1VCX0NBX1dJTkRPV1MzMQ8wDQYDVQQLEwZQS0lHVkExHzAdBgNVBAoTFkdlbmVyYWxpdGF0IFZhbGVuY2lhbmExCzAJBgNVBAYTAkVTMB4XDTA2MDQyMTA5NDQ0OVoXDTA4MDQyMDA5NTQ0OVowcTEbMBkGCgmSJomT8ixkAQETC3Rlc3REaXJOYW1lMRQwEgYDVQQDEwt0ZXN0RGlyTmFtZTEOMAwGA1UECxMFbG9nb24xHzAdBgNVBAoTFkdlbmVyYWxpdGF0IFZhbGVuY2lhbmExCzAJBgNVBAYTAkVTMIGfMA0GCSqGSIb3DQEBAQUAA4GNADCBiQKBgQCDLxMhz40RxCm21HoCBNa9x1UyPmhVkPdtt2V7dixgjOYz+ffKeebjn/jSd4nfXgd7fxpzezB8t673F2OtC3ENl1zek5Msj2KoinVu8vvZ78KMRq/H1rDFguhjSL0o19Cpob0qQFB/ukPZMNoKBNnMVnR1C4juB1eJVXWmHyJxIwIDAQABo4IDSTCCA0UwDAYDVR0TAQH/BAIwADAOBgNVHQ8BAf8EBAMCBaAwMwYDVR0lBCwwKgYIKwYBBQUHAwIGCCsGAQUFBwMEBggrBgEFBQcDBwYKKwYBBAGCNxQCAjAdBgNVHQ4EFgQUZz4hrh3dr6VWvEbAPe8pg7szNi4wHwYDVR0jBBgwFoAUTuOaap9UBpQ8dqwOufYoOQucfUowXAYDVR0RBFUwU6QhMB8xHTAbBgNVBAMMFHRlc3REaXJOYW1lfGRpcnxuYW1loC4GCisGAQQBgjcUAgOgIAwedGVzdERpck5hbWVAamFtYWRvci5wa2kuZ3ZhLmVzMIIBtgYDVR0gBIIBrTCCAakwggGlBgsrBgEEAb9VAwoBADCCAZQwggFeBggrBgEFBQcCAjCCAVAeggFMAEMAZQByAHQAaQBmAGkAYwBhAGQAbwAgAHIAZQBjAG8AbgBvAGMAaQBkAG8AIABkAGUAIABFAG4AdABpAGQAYQBkACAAZQB4AHAAZQBkAGkAZABvACAAcABvAHIAIABsAGEAIABBAHUAdABvAHIAaQBkAGEAZAAgAGQAZQAgAEMAZQByAHQAaQBmAGkAYwBhAGMAaQDzAG4AIABkAGUAIABsAGEAIABDAG8AbQB1AG4AaQB0AGEAdAAgAFYAYQBsAGUAbgBjAGkAYQBuAGEAIAAoAFAAbAAuACAATQBhAG4AaQBzAGUAcwAgADEALgAgAEMASQBGACAAUwA0ADYAMQAxADAAMAAxAEEAKQAuACAAQwBQAFMAIAB5ACAAQwBQACAAZQBuACAAaAB0AHQAcAA6AC8ALwB3AHcAdwAuAGEAYwBjAHYALgBlAHMwMAYIKwYBBQUHAgEWJGh0dHA6Ly93d3cuYWNjdi5lcy9sZWdpc2xhY2lvbl9jLmh0bTBDBgNVHR8EPDA6MDigNqA0hjJodHRwOi8vemFyYXRob3MuamFtYWRvci5ndmEuZXMvU1VCX0NBX1dJTkRPV1MzLmNybDBTBggrBgEFBQcBAQRHMEUwQwYIKwYBBQUHMAGGN2h0dHA6Ly91bGlrLnBraS5ndmEuZXM6ODA4MC9lamJjYS9wdWJsaWN3ZWIvc3RhdHVzL29jc3AwDQYJKoZIhvcNAQEFBQADgYEASofgaj06BOE847RTEgVba52lmPWADgeWxKHZAk1t9LdNzuFJ8B/SC3gi0rsAA/lQGSd4WzPbkmJKkVZ6Q9ybpqg4AJRaIZBkoQw1KNXPYAcgt5XLeIhUACdKIPhfPQr+vQtaC1wi5xV8EBCLpLmpzN9bpZdze/724UB4Y94KhII=").getBytes()); 100 101 102 private static byte[] qcRefCert = Base64.decode( 103 ("MIIDEDCCAnmgAwIBAgIESZYC0jANBgkqhkiG9w0BAQUFADBIMQswCQYDVQQGEwJE" 104 +"RTE5MDcGA1UECgwwR01EIC0gRm9yc2NodW5nc3plbnRydW0gSW5mb3JtYXRpb25z" 105 +"dGVjaG5payBHbWJIMB4XDTA0MDIwMTEwMDAwMFoXDTA4MDIwMTEwMDAwMFowZTEL" 106 +"MAkGA1UEBhMCREUxNzA1BgNVBAoMLkdNRCBGb3JzY2h1bmdzemVudHJ1bSBJbmZv" 107 +"cm1hdGlvbnN0ZWNobmlrIEdtYkgxHTAMBgNVBCoMBVBldHJhMA0GA1UEBAwGQmFy" 108 +"emluMIGfMA0GCSqGSIb3DQEBAQUAA4GNADCBiQKBgQDc50zVodVa6wHPXswg88P8" 109 +"p4fPy1caIaqKIK1d/wFRMN5yTl7T+VOS57sWxKcdDzGzqZJqjwjqAP3DqPK7AW3s" 110 +"o7lBG6JZmiqMtlXG3+olv+3cc7WU+qDv5ZXGEqauW4x/DKGc7E/nq2BUZ2hLsjh9" 111 +"Xy9+vbw+8KYE9rQEARdpJQIDAQABo4HpMIHmMGQGA1UdCQRdMFswEAYIKwYBBQUH" 112 +"CQQxBBMCREUwDwYIKwYBBQUHCQMxAxMBRjAdBggrBgEFBQcJATERGA8xOTcxMTAx" 113 +"NDEyMDAwMFowFwYIKwYBBQUHCQIxCwwJRGFybXN0YWR0MA4GA1UdDwEB/wQEAwIG" 114 +"QDASBgNVHSAECzAJMAcGBSskCAEBMB8GA1UdIwQYMBaAFAABAgMEBQYHCAkKCwwN" 115 +"Dg/+3LqYMDkGCCsGAQUFBwEDBC0wKzApBggrBgEFBQcLAjAdMBuBGW11bmljaXBh" 116 +"bGl0eUBkYXJtc3RhZHQuZGUwDQYJKoZIhvcNAQEFBQADgYEAj4yAu7LYa3X04h+C" 117 +"7+DyD2xViJCm5zEYg1m5x4znHJIMZsYAU/vJJIJQkPKVsIgm6vP/H1kXyAu0g2Ep" 118 +"z+VWPnhZK1uw+ay1KRXw8rw2mR8hQ2Ug6QZHYdky2HH3H/69rWSPp888G8CW8RLU" 119 +"uIKzn+GhapCuGoC4qWdlGLWqfpc=").getBytes()); 120 121 private static byte[] qcPrimeCert = Base64.decode( 122 ("MIIDMDCCAhigAwIBAgIIUDIxBvlO2qcwDQYJKoZIhvcNAQEFBQAwNzERMA8GA1UE" 123 +"AxMIQWRtaW5DQTExFTATBgNVBAoTDEVKQkNBIFNhbXBsZTELMAkGA1UEBhMCU0Uw" 124 +"HhcNMDYwMTIyMDgxNTU0WhcNMDgwMTIyMDgyNTU0WjAOMQwwCgYDVQQDEwNxYzIw" 125 +"gZ8wDQYJKoZIhvcNAQEBBQADgY0AMIGJAoGBAKkuPOqOEWCJH9xb11sS++vfKb/z" 126 +"gHf2clwyf2vSFWTSDzQHOa2j5rwZ/F23X/mZl96fFAIfTBmr5dCwt0xAXZvTcKfO" 127 +"RAcKl7ZBXvsAYvwl1KIUpA8NqEbgjwA+OaTdND2vpAhII7PoU4CkoNajy44EuL3Y" 128 +"xP6KNWTMiks9KP5vAgMBAAGjgewwgekwDAYDVR0TAQH/BAIwADAOBgNVHQ8BAf8E" 129 +"BAMCBPAwJwYDVR0lBCAwHgYIKwYBBQUHAwIGCCsGAQUFBwMEBggrBgEFBQcDBzAd" 130 +"BgNVHQ4EFgQUZsj/dUVp1FmOJpYZ2j5fYKIdXYowHwYDVR0jBBgwFoAUs8UBsa9O" 131 +"S1c8/I07DHYFJp0po0AwYAYIKwYBBQUHAQMEVDBSMCMGCCsGAQUFBwsBMBcGAykB" 132 +"AjAQgQ5xY0BwcmltZWtleS5zZTAIBgYEAI5GAQEwFwYGBACORgECMA0TA1NFSwID" 133 +"AMNQAgEAMAgGBgQAjkYBBDANBgkqhkiG9w0BAQUFAAOCAQEAjmL27XY5Wt0/axsI" 134 +"PbtcfrJ6xEm5PlYabM+T3I6lksov6Rz1+/n/L1S5poGPG8iOdJCExcnR0HbNkeB+" 135 +"2oPltqSaxyoSfGugVn/Oufz2BfFd7OCWe14dPsA181oC7/nq+mzhBpQ7App9JirA" 136 +"aeJQrcRDNK7vVOmg2LZ2oSYno/TuRTFq0GxsEVjEdzAxpAxY7N8ff6gY7IHd7+hc" 137 +"4GiFY+NnNp9Dvf6mOYTXLxsOc+093S7uK2ohhq99aYCkzJmrngtrImtKi0y/LMjq" 138 +"oviMCQmzMLY2Ifcw+CsOyQZx7nxwafZ7BAzm6vIvSeiIe3VlskRGzYDM66NJJNNo" 139 +"C2HsPA==").getBytes()); 140 141 private static byte[] aiaCert = Base64.decode( 142 ("MIIDTTCCAjWgAwIBAgIIepmLoJzsjC8wDQYJKoZIhvcNAQEFBQAwNzERMA8GA1UE" 143 +"AxMIQWRtaW5DQTExFTATBgNVBAoTDEVKQkNBIFNhbXBsZTELMAkGA1UEBhMCU0Uw" 144 +"HhcNMDYwMjA5MTA0OTA1WhcNMDgwMjA5MTA1OTA1WjAqMQ0wCwYDVQQDEwRmb280" 145 +"MQwwCgYDVQQKEwNGb28xCzAJBgNVBAYTAlNFMIGfMA0GCSqGSIb3DQEBAQUAA4GN" 146 +"ADCBiQKBgQCSsptDGz1XODuTKBGGCY/Y6B6bfw22LVxaIbCx9Ih+qghlwJ2HYRcl" 147 +"OpyGiMMsiTZADH4hL8WRam/8aq0x45YfQ8wSdxUkWSoVL0oahAbvY4h5J4S0hLrv" 148 +"8Z9CVcUvuH/StTtWHOh4af0klTvLwcnyGhswkSrwM8a3grQvGSIN5wIDAQABo4Ht" 149 +"MIHqMAwGA1UdEwEB/wQCMAAwDgYDVR0PAQH/BAQDAgWgMDsGA1UdJQQ0MDIGCCsG" 150 +"AQUFBwMBBggrBgEFBQcDAgYIKwYBBQUHAwQGCCsGAQUFBwMFBggrBgEFBQcDBzAd" 151 +"BgNVHQ4EFgQUCFwQPEQjTdWh27GEMxmV/onyADgwHwYDVR0jBBgwFoAUB/2KRYNO" 152 +"ZxRDkJ5oChjNeXgwtCcwTQYIKwYBBQUHAQEEQTA/MD0GCCsGAQUFBzABhjFodHRw" 153 +"Oi8vbG9jYWxob3N0OjgwODAvZWpiY2EvcHVibGljd2ViL3N0YXR1cy9vY3NwMA0G" 154 +"CSqGSIb3DQEBBQUAA4IBAQAe6ild0bNz6wD0bPhuumG5j5+9rDaPFebaYqV/AoEU" 155 +"4kovLzvqhPqUR/zQOEx9SSFFs+pxY6YMYDYha7mFrjpCSWr9wGNyv4BRAOMAl2YX" 156 +"P3DfYh/etqUySTuYLzDi65SOSRuvYPP9jJPWt0Ucsm10A10yqJITcAFVajTfNj0r" 157 +"WtTQ4Hbz/U5xkThvzCcx9Z3vIg1k0b5i3qs0JlDFxdWnTGCAn0TGBdsFFvAcSlJR" 158 +"UBSOmiFi7edaayqV8qMyNirSA2tOdOzcTr8zyGfozaHRVmMqTmpSOe1t/LyIK5uh" 159 +"tjsFYZQuz5pxRzvzXKmhKwzRTaJLPezBsIvhIZh41qTu").getBytes()); 160 161 private static byte[] subjDirAttrCert = Base64.decode( 162 ("MIIGmTCCBYGgAwIBAgIQGMYCpWmOBXXOL2ODrM8FHzANBgkqhkiG9w0BAQUFADBx" 163 +"MQswCQYDVQQGEwJUUjEoMCYGA1UEChMfRWxla3Ryb25payBCaWxnaSBHdXZlbmxp" 164 +"Z2kgQS5TLjE4MDYGA1UEAxMvZS1HdXZlbiBFbGVrdHJvbmlrIFNlcnRpZmlrYSBI" 165 +"aXptZXQgU2FnbGF5aWNpc2kwHhcNMDYwMzI4MDAwMDAwWhcNMDcwMzI4MjM1OTU5" 166 +"WjCCAR0xCzAJBgNVBAYTAlRSMSgwJgYDVQQKDB9FbGVrdHJvbmlrIEJpbGdpIEd1" 167 +"dmVubGlnaSBBLlMuMQ8wDQYDVQQLDAZHS05FU0kxFDASBgNVBAUTCzIyOTI0NTQ1" 168 +"MDkyMRswGQYDVQQLDBJEb2d1bSBZZXJpIC0gQlVSU0ExIjAgBgNVBAsMGURvZ3Vt" 169 +"IFRhcmloaSAtIDAxLjA4LjE5NzcxPjA8BgNVBAsMNU1hZGRpIFPEsW7EsXIgLSA1" 170 +"MC4wMDAgWVRMLTIuMTYuNzkyLjEuNjEuMC4xLjUwNzAuMS4yMRcwFQYDVQQDDA5Z" 171 +"QVPEsE4gQkVDRU7EsDEjMCEGCSqGSIb3DQEJARYUeWFzaW5AdHVya2VrdWwuYXYu" 172 +"dHIwgZ8wDQYJKoZIhvcNAQEBBQADgY0AMIGJAoGBAKaJXVLvXC7qyjiqTAlM582X" 173 +"GPdQJxUfRxgTm6jlBZKtEhbWN5hbH4ASJTzmXWryGricejdKM+JBJECFdelyWPHs" 174 +"UkEL/U0uft3KLIdYo72oTibaL3j4vkEhjyubikSdl9CywkY6WS8nV9JNc66QOYxE" 175 +"5ZdE5CR19ScIYcOh7YpxAgMBAAGjggMBMIIC/TAJBgNVHRMEAjAAMAsGA1UdDwQE" 176 +"AwIGwDBWBgNVHR8ETzBNMEugSaBHhkVodHRwOi8vY3JsLmUtZ3V2ZW4uY29tL0Vs" 177 +"ZWt0cm9uaWtCaWxnaUd1dmVubGlnaUFTR0tORVNJL0xhdGVzdENSTC5jcmwwHwYD" 178 +"VR0jBBgwFoAUyT6jfNNisqvczhIzwmTXZTTyfrowggEcBgNVHSAEggETMIIBDzCB" 179 +"/wYJYIYYAwABAQECMIHxMDYGCCsGAQUFBwIBFipodHRwczovL3d3dy5lLWd1dmVu" 180 +"LmNvbS9lLWltemEvYmlsZ2lkZXBvc3UwgbYGCCsGAQUFBwICMIGpGoGmQnUgc2Vy" 181 +"dGlmaWthLCA1MDcwIHNhef1s/SBFbGVrdHJvbmlrIN1temEgS2FudW51bmEgZ/Zy" 182 +"ZSBuaXRlbGlrbGkgZWxla3Ryb25payBzZXJ0aWZpa2Fk/XIuIE9JRDogMi4xNi43" 183 +"OTIuMS42MS4wLjEuNTA3MC4xLjEgLSBPSUQ6IDAuNC4wLjE0NTYuMS4yIC0gT0lE" 184 +"OiAwLjQuMC4xODYyLjEuMTALBglghhgDAAEBBQQwgaEGCCsGAQUFBwEDBIGUMIGR" 185 +"MHYGCCsGAQUFBwsBMGoGC2CGGAE9AAGnTgEBMFuGWUJ1IFNlcnRpZmlrYSA1MDcw" 186 +"IHNhef1s/SBFbGVrdHJvbmlrIN1temEgS2FudW51bmEgZ/ZyZSBuaXRlbGlrbGkg" 187 +"ZWxla3Ryb25payBzZXJ0aWZpa2Fk/XIuMBcGBgQAjkYBAjANEwNZVEwCAwDDUAIB" 188 +"ADB2BggrBgEFBQcBAQRqMGgwIwYIKwYBBQUHMAGGF2h0dHA6Ly9vY3NwLmUtZ3V2" 189 +"ZW4uY29tMCIGCCsGAQUFBzAChhZodHRwOi8vd3d3LmUtZ3V2ZW4uY29tMB0GAytv" 190 +"DoYWaHR0cDovL3d3dy5lLWd1dmVuLmNvbTAbBgNVHQkEFDASMBAGCCsGAQUFBwkE" 191 +"MQQTAlRSMBEGCWCGSAGG+EIBAQQEAwIHgDANBgkqhkiG9w0BAQUFAAOCAQEA3yVY" 192 +"rURakBcrfv1hJjhDg7+ylCjXf9q6yP2E03kG4t606TLIyqWoqGkrndMtanp+a440" 193 +"rLPIe456XfRJBilj99H0NjzKACAVfLMTL8h/JBGLDYJJYA1S8PzBnMLHA8dhfBJ7" 194 +"StYEPM9BKW/WuBfOOdBNrRZtYKCHwGK2JANfM/JlfzOyG4A+XDQcgjiNoosjes1P" 195 +"qUHsaccIy0MM7FLMVV0HJNNQ84N9CuKIrBSSWopOudkajVqNtI3+FCcy+yXiH6LX" 196 +"fmpHZ346zprcafcjQmAiKfzPSljruvGDIVI3WN7S7WOMrx6MDq54626cZzQl9GFT" 197 +"D1gNo3fjOFhK33DY1Q==").getBytes()); 198 199 private static byte[] subjDirAttrCert2 = Base64.decode( 200 ("MIIEsjCCA5qgAwIBAgIIFsYK/Jx7XEEwDQYJKoZIhvcNAQEFBQAwNzERMA8GA1UE" 201 +"AxMIQWRtaW5DQTExFTATBgNVBAoTDEVKQkNBIFNhbXBsZTELMAkGA1UEBhMCU0Uw" 202 +"HhcNMDYwNTMwMDcxNjU2WhcNMDgwNTI5MDcyNjU2WjA5MRkwFwYDVQQDExBUb21h" 203 +"cyBHdXN0YXZzc29uMQ8wDQYDVQQKEwZGb29PcmcxCzAJBgNVBAYTAlNFMIGfMA0G" 204 +"CSqGSIb3DQEBAQUAA4GNADCBiQKBgQCvhUYzNVW6iG5TpYi2Dr9VX37g05jcGEyP" 205 +"Lix05oxs3FnzPUf6ykxGy4nUYO12PfC6u9Gh+zelFfg6nKNQqYI48D4ufJc928Nx" 206 +"dZQZi41UmnFT5UXn3JcG4DQe0wZp+BKCch/UbtRjuE6iNxH24R//8W4wXc1R++FG" 207 +"5V6CQzHxXwIDAQABo4ICQjCCAj4wDAYDVR0TAQH/BAIwADAOBgNVHQ8BAf8EBAMC" 208 +"BPAwHQYDVR0lBBYwFAYIKwYBBQUHAwEGCCsGAQUFBwMCMB0GA1UdDgQWBBQ54I1p" 209 +"TGNwAeQEdnmcjNT+XMMjsjAfBgNVHSMEGDAWgBRzBo+b/XQZqq0DU6J10x17GoKS" 210 +"sDBMBgNVHSAERTBDMEEGAykBATA6MB4GCCsGAQUFBwICMBIeEABGAPYA9gBCAGEA" 211 +"cgDkAOQwGAYIKwYBBQUHAgEWDGh0dHA6LzExMS5zZTBuBgNVHR8EZzBlMGOgYaBf" 212 +"hl1odHRwOi8vbG9jYWxob3N0OjgwODAvZWpiY2EvcHVibGljd2ViL3dlYmRpc3Qv" 213 +"Y2VydGRpc3Q/Y21kPWNybCZpc3N1ZXI9Q049VGVzdENBLE89QW5hVG9tLEM9U0Uw" 214 +"TQYIKwYBBQUHAQEEQTA/MD0GCCsGAQUFBzABhjFodHRwOi8vbG9jYWxob3N0Ojgw" 215 +"ODAvZWpiY2EvcHVibGljd2ViL3N0YXR1cy9vY3NwMDoGCCsGAQUFBwEDBC4wLDAg" 216 +"BggrBgEFBQcLAjAUMBKBEHJhQGNvbW1maWRlcy5jb20wCAYGBACORgEBMHYGA1Ud" 217 +"CQRvMG0wEAYIKwYBBQUHCQUxBBMCU0UwEAYIKwYBBQUHCQQxBBMCU0UwDwYIKwYB" 218 +"BQUHCQMxAxMBTTAXBggrBgEFBQcJAjELEwlTdG9ja2hvbG0wHQYIKwYBBQUHCQEx" 219 +"ERgPMTk3MTA0MjUxMjAwMDBaMA0GCSqGSIb3DQEBBQUAA4IBAQA+vgNnGjw29xEs" 220 +"cnJi7wInUBvtTzQ4+SVSBPTzNA/ZEk+CJVsr/2xbPl+SShZ0SHObj9un1kwKst4n" 221 +"zcNqsnBorrluM92Z5gYwDN3mRGF0szbYEshr/KezMhY2MdXkE+i3nEx6awdemuCG" 222 +"g+LAfL4ODLAzAJJI4MfF+fz0IK7Zeobo1aVGS6Ii9sEnDdQOsLbdfHBNccrT353d" 223 +"NAwxPGnfunGBQ+Los6vjDApy/szMT32NFJDe4WTmkDxqYJQqQjhdrHTxpFEr0VQB" 224 +"s7KRRCYjga/Z52XytwwDBLFM9CPZJfyKxZTV9I9i6e0xSn2xEW8NRplY1HOKa/2B" 225 +"VzvWW9G5").getBytes()); 226 227 232 public TestCertTools(String name) { 233 super(name); 234 } 235 236 protected void setUp() throws Exception { 237 log.debug(">setUp()"); 238 CertTools.installBCProvider(); 239 log.debug("<setUp()"); 240 } 241 242 protected void tearDown() throws Exception { 243 } 244 245 250 public void test01GetPartFromDN() throws Exception { 251 log.debug(">test01GetPartFromDN()"); 252 253 String dn0 = "C=SE, O=AnaTom, CN=foo"; 255 assertEquals(CertTools.getPartFromDN(dn0, "CN"), "foo"); 256 assertEquals(CertTools.getPartFromDN(dn0, "O"), "AnaTom"); 257 assertEquals(CertTools.getPartFromDN(dn0, "C"), "SE"); 258 assertEquals(CertTools.getPartFromDN(dn0, "cn"), "foo"); 259 assertEquals(CertTools.getPartFromDN(dn0, "o"), "AnaTom"); 260 assertEquals(CertTools.getPartFromDN(dn0, "c"), "SE"); 261 262 String dn1 = "c=SE, o=AnaTom, cn=foo"; 263 assertEquals(CertTools.getPartFromDN(dn1, "CN"), "foo"); 264 assertEquals(CertTools.getPartFromDN(dn1, "O"), "AnaTom"); 265 assertEquals(CertTools.getPartFromDN(dn1, "C"), "SE"); 266 assertEquals(CertTools.getPartFromDN(dn1, "cn"), "foo"); 267 assertEquals(CertTools.getPartFromDN(dn1, "o"), "AnaTom"); 268 assertEquals(CertTools.getPartFromDN(dn1, "c"), "SE"); 269 270 String dn2 = "C=SE, O=AnaTom, CN=cn"; 271 assertEquals(CertTools.getPartFromDN(dn2, "CN"), "cn"); 272 273 String dn3 = "C=SE, O=AnaTom, CN=CN"; 274 assertEquals(CertTools.getPartFromDN(dn3, "CN"), "CN"); 275 276 String dn4 = "C=CN, O=AnaTom, CN=foo"; 277 assertEquals(CertTools.getPartFromDN(dn4, "CN"), "foo"); 278 279 String dn5 = "C=cn, O=AnaTom, CN=foo"; 280 assertEquals(CertTools.getPartFromDN(dn5, "CN"), "foo"); 281 282 String dn6 = "CN=foo, O=PrimeKey, C=SE"; 283 assertEquals(CertTools.getPartFromDN(dn6, "CN"), "foo"); 284 assertEquals(CertTools.getPartFromDN(dn6, "O"), "PrimeKey"); 285 assertEquals(CertTools.getPartFromDN(dn6, "C"), "SE"); 286 287 String dn7 = "CN=foo, O=PrimeKey, C=cn"; 288 assertEquals(CertTools.getPartFromDN(dn7, "CN"), "foo"); 289 assertEquals(CertTools.getPartFromDN(dn7, "C"), "cn"); 290 291 String dn8 = "CN=foo, O=PrimeKey, C=CN"; 292 assertEquals(CertTools.getPartFromDN(dn8, "CN"), "foo"); 293 assertEquals(CertTools.getPartFromDN(dn8, "C"), "CN"); 294 295 String dn9 = "CN=foo, O=CN, C=CN"; 296 assertEquals(CertTools.getPartFromDN(dn9, "CN"), "foo"); 297 assertEquals(CertTools.getPartFromDN(dn9, "O"), "CN"); 298 299 String dn10 = "CN=foo, CN=bar,O=CN, C=CN"; 300 assertEquals(CertTools.getPartFromDN(dn10, "CN"), "foo"); 301 assertEquals(CertTools.getPartFromDN(dn10, "O"), "CN"); 302 303 String dn11 = "CN=foo,CN=bar, O=CN, C=CN"; 304 assertEquals(CertTools.getPartFromDN(dn11, "CN"), "foo"); 305 assertEquals(CertTools.getPartFromDN(dn11, "O"), "CN"); 306 307 String dn12 = "CN=\"foo, OU=bar\", O=baz\\\\\\, quux,C=C"; 308 assertEquals(CertTools.getPartFromDN(dn12, "CN"), "foo, OU=bar"); 309 assertEquals(CertTools.getPartFromDN(dn12, "O"), "baz\\, quux"); 310 assertNull(CertTools.getPartFromDN(dn12, "OU")); 311 312 String dn13 = "C=SE, O=PrimeKey, EmailAddress=foo@primekey.se"; 313 ArrayList emails = CertTools.getEmailFromDN(dn13); 314 assertEquals((String )emails.get(0), "foo@primekey.se"); 315 316 String dn14 = "C=SE, E=foo@primekey.se, O=PrimeKey"; 317 emails = CertTools.getEmailFromDN(dn14); 318 assertEquals((String )emails.get(0), "foo@primekey.se"); 319 320 String dn15 = "C=SE, E=foo@primekey.se, O=PrimeKey, EmailAddress=bar@primekey.se"; 321 emails = CertTools.getEmailFromDN(dn15); 322 assertEquals((String )emails.get(0), "bar@primekey.se"); 323 324 log.debug("<test01GetPartFromDN()"); 325 } 326 327 332 public void test02StringToBCDNString() throws Exception { 333 log.debug(">test02StringToBCDNString()"); 334 335 String dn1 = "C=SE, O=AnaTom, CN=foo"; 337 assertEquals(CertTools.stringToBCDNString(dn1), "CN=foo,O=AnaTom,C=SE"); 338 339 String dn2 = "C=SE, O=AnaTom, CN=cn"; 340 assertEquals(CertTools.stringToBCDNString(dn2), "CN=cn,O=AnaTom,C=SE"); 341 342 String dn3 = "CN=foo, O=PrimeKey, C=SE"; 343 assertEquals(CertTools.stringToBCDNString(dn3), "CN=foo,O=PrimeKey,C=SE"); 344 345 String dn4 = "cn=foo, o=PrimeKey, c=SE"; 346 assertEquals(CertTools.stringToBCDNString(dn4), "CN=foo,O=PrimeKey,C=SE"); 347 348 String dn5 = "cn=foo,o=PrimeKey,c=SE"; 349 assertEquals(CertTools.stringToBCDNString(dn5), "CN=foo,O=PrimeKey,C=SE"); 350 351 String dn6 = "C=SE, O=AnaTom, CN=CN"; 352 assertEquals(CertTools.stringToBCDNString(dn6), "CN=CN,O=AnaTom,C=SE"); 353 354 String dn7 = "C=CN, O=AnaTom, CN=foo"; 355 assertEquals(CertTools.stringToBCDNString(dn7), "CN=foo,O=AnaTom,C=CN"); 356 357 String dn8 = "C=cn, O=AnaTom, CN=foo"; 358 assertEquals(CertTools.stringToBCDNString(dn8), "CN=foo,O=AnaTom,C=cn"); 359 360 String dn9 = "CN=foo, O=PrimeKey, C=CN"; 361 assertEquals(CertTools.stringToBCDNString(dn9), "CN=foo,O=PrimeKey,C=CN"); 362 363 String dn10 = "CN=foo, O=PrimeKey, C=cn"; 364 assertEquals(CertTools.stringToBCDNString(dn10), "CN=foo,O=PrimeKey,C=cn"); 365 366 String dn11 = "CN=foo, O=CN, C=CN"; 367 assertEquals(CertTools.stringToBCDNString(dn11), "CN=foo,O=CN,C=CN"); 368 369 String dn12 = "O=PrimeKey,C=SE,CN=CN"; 370 assertEquals(CertTools.stringToBCDNString(dn12), "CN=CN,O=PrimeKey,C=SE"); 371 372 String dn13 = "O=PrimeKey,C=SE,CN=CN, OU=FooOU"; 373 assertEquals(CertTools.stringToBCDNString(dn13), "CN=CN,OU=FooOU,O=PrimeKey,C=SE"); 374 375 String dn14 = "O=PrimeKey,C=CN,CN=CN, OU=FooOU"; 376 assertEquals(CertTools.stringToBCDNString(dn14), "CN=CN,OU=FooOU,O=PrimeKey,C=CN"); 377 378 String dn15 = "O=PrimeKey,C=CN,CN=cn, OU=FooOU"; 379 assertEquals(CertTools.stringToBCDNString(dn15), "CN=cn,OU=FooOU,O=PrimeKey,C=CN"); 380 381 String dn16 = "CN=foo, CN=bar,O=CN, C=CN"; 382 assertEquals(CertTools.stringToBCDNString(dn16), "CN=foo,CN=bar,O=CN,C=CN"); 383 384 String dn17 = "CN=foo,CN=bar, O=CN, O=C, C=CN"; 385 assertEquals(CertTools.stringToBCDNString(dn17), "CN=foo,CN=bar,O=CN,O=C,C=CN"); 386 387 String dn18 = "cn=jean,cn=EJBCA,dc=home,dc=jean"; 388 assertEquals(CertTools.stringToBCDNString(dn18), "CN=jean,CN=EJBCA,DC=home,DC=jean"); 389 390 String dn19 = "cn=bar, cn=foo,o=oo, O=EJBCA,DC=DC2, dc=dc1, C=SE"; 391 assertEquals(CertTools.stringToBCDNString(dn19), "CN=bar,CN=foo,O=oo,O=EJBCA,DC=DC2,DC=dc1,C=SE"); 392 393 String dn20 = " CN=\"foo, OU=bar\", O=baz\\\\\\, quux,C=SE "; 394 assertEquals(CertTools.stringToBCDNString(dn20), "CN=foo\\, OU=bar,O=baz\\\\\\, quux,C=SE"); 396 397 String dn21 = "C=SE,O=Foo\\, Inc, OU=Foo\\, Dep, CN=Foo\\'"; 398 String bcdn21 = CertTools.stringToBCDNString(dn21); 399 assertEquals(bcdn21, "CN=Foo\',OU=Foo\\, Dep,O=Foo\\, Inc,C=SE"); 400 assertEquals(StringTools.strip(bcdn21), "CN=Foo',OU=Foo\\, Dep,O=Foo\\, Inc,C=SE"); 402 403 String dn22 = "C=SE,O=Foo\\, Inc, OU=Foo, Dep, CN=Foo'"; 404 String bcdn22 = CertTools.stringToBCDNString(dn22); 405 assertEquals(bcdn22, "CN=Foo',OU=Foo,O=Foo\\, Inc,C=SE"); 406 assertEquals(StringTools.strip(bcdn22), "CN=Foo',OU=Foo,O=Foo\\, Inc,C=SE"); 407 408 String dn23 = "C=SE,O=Foo, OU=FooOU, CN=Foo, DN=qualf"; 409 String bcdn23 = CertTools.stringToBCDNString(dn23); 410 assertEquals(bcdn23, "DN=qualf,CN=Foo,OU=FooOU,O=Foo,C=SE"); 411 assertEquals(StringTools.strip(bcdn23), "DN=qualf,CN=Foo,OU=FooOU,O=Foo,C=SE"); 412 413 log.debug("<test02StringToBCDNString()"); 414 } 415 416 421 public void test03AltNames() throws Exception { 422 log.debug(">test03AltNames()"); 423 424 String alt1 = "rfc822Name=ejbca@primekey.se, dNSName=www.primekey.se, uri=http://www.primekey.se/ejbca"; 426 assertEquals(CertTools.getPartFromDN(alt1, CertTools.EMAIL), "ejbca@primekey.se"); 427 assertNull(CertTools.getPartFromDN(alt1, CertTools.EMAIL1)); 428 assertNull(CertTools.getPartFromDN(alt1, CertTools.EMAIL2)); 429 assertEquals(CertTools.getPartFromDN(alt1, CertTools.DNS), "www.primekey.se"); 430 assertNull(CertTools.getPartFromDN(alt1, CertTools.URI)); 431 assertEquals(CertTools.getPartFromDN(alt1, CertTools.URI1), "http://www.primekey.se/ejbca"); 432 433 String alt2 = "email=ejbca@primekey.se, dNSName=www.primekey.se, uniformResourceIdentifier=http://www.primekey.se/ejbca"; 434 assertEquals(CertTools.getPartFromDN(alt2, CertTools.EMAIL1), "ejbca@primekey.se"); 435 assertEquals(CertTools.getPartFromDN(alt2, CertTools.URI), "http://www.primekey.se/ejbca"); 436 437 String alt3 = "EmailAddress=ejbca@primekey.se, dNSName=www.primekey.se, uniformResourceIdentifier=http://www.primekey.se/ejbca"; 438 assertEquals(CertTools.getPartFromDN(alt3, CertTools.EMAIL2), "ejbca@primekey.se"); 439 440 X509Certificate cert = CertTools.getCertfromByteArray(guidcert); 441 String upn = CertTools.getUPNAltName(cert); 442 assertEquals(upn, "guid@foo.com"); 443 String guid = CertTools.getGuidAltName(cert); 444 assertEquals(guid, "1234567890abcdef"); 445 446 String customAlt = "rfc822Name=foo@bar.com"; 447 ArrayList oids = CertTools.getCustomOids(customAlt); 448 assertEquals(0, oids.size()); 449 customAlt = "rfc822Name=foo@bar.com, 1.1.1.1.2=foobar, 1.2.2.2.2=barfoo"; 450 oids = CertTools.getCustomOids(customAlt); 451 assertEquals(2, oids.size()); 452 String oid1 = (String )oids.get(0); 453 assertEquals("1.1.1.1.2", oid1); 454 String oid2 = (String )oids.get(1); 455 assertEquals("1.2.2.2.2", oid2); 456 String val1 = CertTools.getPartFromDN(customAlt, oid1); 457 assertEquals("foobar", val1); 458 String val2 = CertTools.getPartFromDN(customAlt, oid2); 459 assertEquals("barfoo", val2); 460 461 log.debug("<test03AltNames()"); 462 } 463 464 469 public void test04DNComponents() throws Exception { 470 log.debug(">test04DNComponents()"); 471 472 String dn1 = "CN=CommonName, O=Org, OU=OrgUnit, SerialNumber=SerialNumber, SurName=SurName, GivenName=GivenName, Initials=Initials, C=SE"; 474 String bcdn1 = CertTools.stringToBCDNString(dn1); 475 log.debug("dn1: " + dn1); 476 log.debug("bcdn1: " + bcdn1); 477 assertEquals(bcdn1, 478 "CN=CommonName,SN=SerialNumber,GIVENNAME=GivenName,INITIALS=Initials,SURNAME=SurName,OU=OrgUnit,O=Org,C=SE"); 479 480 dn1 = "CN=CommonName, O=Org, OU=OrgUnit, SerialNumber=SerialNumber, SurName=SurName, GivenName=GivenName, Initials=Initials, C=SE, 1.1.1.1=1111Oid, 2.2.2.2=2222Oid"; 481 bcdn1 = CertTools.stringToBCDNString(dn1); 482 log.debug("dn1: " + dn1); 483 log.debug("bcdn1: " + bcdn1); 484 assertEquals(bcdn1, 485 "CN=CommonName,SN=SerialNumber,GIVENNAME=GivenName,INITIALS=Initials,SURNAME=SurName,OU=OrgUnit,O=Org,C=SE,2.2.2.2=2222Oid,1.1.1.1=1111Oid"); 486 487 dn1 = "CN=CommonName, 3.3.3.3=3333Oid,O=Org, OU=OrgUnit, SerialNumber=SerialNumber, SurName=SurName, GivenName=GivenName, Initials=Initials, C=SE, 1.1.1.1=1111Oid, 2.2.2.2=2222Oid"; 488 bcdn1 = CertTools.stringToBCDNString(dn1); 489 log.debug("dn1: " + dn1); 490 log.debug("bcdn1: " + bcdn1); 491 assertEquals(bcdn1,"CN=CommonName,SN=SerialNumber,GIVENNAME=GivenName,INITIALS=Initials,SURNAME=SurName,OU=OrgUnit,O=Org,C=SE,2.2.2.2=2222Oid,1.1.1.1=1111Oid"); 493 494 dn1 = "CN=CommonName, 2.3.3.3=3333Oid,O=Org, K=KKK, OU=OrgUnit, SerialNumber=SerialNumber, SurName=SurName, GivenName=GivenName, Initials=Initials, C=SE, 1.1.1.1=1111Oid, 2.2.2.2=2222Oid"; 495 bcdn1 = CertTools.stringToBCDNString(dn1); 496 log.debug("dn1: " + dn1); 497 log.debug("bcdn1: " + bcdn1); 498 assertEquals(bcdn1, 499 "CN=CommonName,SN=SerialNumber,GIVENNAME=GivenName,INITIALS=Initials,SURNAME=SurName,OU=OrgUnit,O=Org,C=SE,2.2.2.2=2222Oid,1.1.1.1=1111Oid,2.3.3.3=3333Oid"); 500 501 log.debug("<test04DNComponents()"); 502 } 503 504 508 public void test05IntlChars() throws Exception { 509 log.debug(">test05IntlChars()"); 510 String dn1 = "CN=Tomas?????????, O=?????????-Org, OU=??????-Unit, C=SE"; 512 String bcdn1 = CertTools.stringToBCDNString(dn1); 513 log.debug("dn1: " + dn1); 514 log.debug("bcdn1: " + bcdn1); 515 assertEquals("CN=Tomas?????????,OU=??????-Unit,O=?????????-Org,C=SE", bcdn1); 516 log.debug("<test05IntlChars()"); 517 } 518 519 523 public void test06CertOps() throws Exception { 524 log.debug(">test06CertOps()"); 525 X509Certificate cert = CertTools.getCertfromByteArray(testcert); 526 X509Certificate gcert = CertTools.getCertfromByteArray(guidcert); 527 assertEquals("Wrong issuerDN", CertTools.getIssuerDN(cert), CertTools.stringToBCDNString("CN=TestCA,O=AnaTom,C=SE")); 528 assertEquals("Wrong subjectDN", CertTools.getSubjectDN(cert), CertTools.stringToBCDNString("CN=p12test,O=PrimeTest,C=SE")); 529 assertEquals("Wrong subject key id", new String (Hex.encode(CertTools.getSubjectKeyId(cert))), "E74F5690F48D147783847CD26448E8094ABB08A0".toLowerCase()); 530 assertEquals("Wrong authority key id", new String (Hex.encode(CertTools.getAuthorityKeyId(cert))), "637BF476A854248EA574A57744A6F45E0F579251".toLowerCase()); 531 assertEquals("Wrong upn alt name", "foo@foo", CertTools.getUPNAltName(cert)); 532 assertEquals("Wrong guid alt name", "1234567890abcdef", CertTools.getGuidAltName(gcert)); 533 assertEquals("Wrong certificate policy", "1.1.1.1.1.1", CertTools.getCertificatePolicyId(cert, 0)); 534 assertNull("Not null policy", CertTools.getCertificatePolicyId(cert, 1)); 535 log.debug("<test06CertOps()"); 540 } 541 542 546 public void test07TestDC() throws Exception { 547 log.debug(">test07TestDC()"); 548 String dn1 = "dc=bigcorp,dc=com,dc=se,ou=users,cn=Mike Jackson"; 550 String bcdn1 = CertTools.stringToBCDNString(dn1); 551 log.debug("dn1: " + dn1); 552 log.debug("bcdn1: " + bcdn1); 553 String dn2 = "cn=Mike Jackson,ou=users,dc=se,dc=bigcorp,dc=com"; 555 String bcdn2 = CertTools.stringToBCDNString(dn2); 556 log.debug("dn2: " + dn2); 557 log.debug("bcdn2: " + bcdn2); 558 assertEquals("CN=Mike Jackson,OU=users,DC=se,DC=bigcorp,DC=com", bcdn2); 559 log.debug("<test07TestDC()"); 560 } 561 562 566 public void test08TestUnstructured() throws Exception { 567 log.debug(">test08TestUnstructured()"); 568 String dn1 = "C=SE,O=PrimeKey,unstructuredName=10.1.1.2,unstructuredAddress=foo.bar.se,cn=test"; 570 String bcdn1 = CertTools.stringToBCDNString(dn1); 571 log.debug("dn1: " + dn1); 572 log.debug("bcdn1: " + bcdn1); 573 assertEquals("unstructuredAddress=foo.bar.se,unstructuredName=10.1.1.2,CN=test,O=PrimeKey,C=SE", bcdn1); 574 log.debug("<test08TestUnstructured()"); 575 } 576 577 581 public void test09TestReverse() throws Exception { 582 log.debug(">test09TestReverse()"); 583 String dn1 = "dc=com,dc=bigcorp,dc=se,ou=orgunit,ou=users,cn=Tomas G"; 585 String dn2 = "cn=Tomas G,ou=users,ou=orgunit,dc=se,dc=bigcorp,dc=com"; 586 assertTrue(CertTools.isDNReversed(dn1)); 587 assertTrue(!CertTools.isDNReversed(dn2)); 588 assertTrue(CertTools.isDNReversed("C=SE,CN=Foo")); 589 assertTrue(!CertTools.isDNReversed("CN=Foo,O=FooO")); 590 String revdn1 = CertTools.reverseDN(dn1); 591 log.debug("dn1: " + dn1); 592 log.debug("revdn1: " + revdn1); 593 assertEquals(dn2, revdn1); 594 595 log.debug("<test09TestReverse()"); 596 } 597 601 public void test10TestMultipleReversed() throws Exception { 602 log.debug(">test10TestMultipleReversed()"); 603 String dn1 = "dc=com,dc=bigcorp,dc=se,ou=orgunit,ou=users,cn=Tomas G"; 605 String bcdn1 = CertTools.stringToBCDNString(dn1); 606 log.debug("dn1: " + dn1); 607 log.debug("bcdn1: " + bcdn1); 608 assertEquals("CN=Tomas G,OU=users,OU=orgunit,DC=se,DC=bigcorp,DC=com", bcdn1); 609 610 String dn19 = "C=SE, dc=dc1,DC=DC2,O=EJBCA, O=oo, cn=foo, cn=bar"; 611 assertEquals("CN=bar,CN=foo,O=oo,O=EJBCA,DC=DC2,DC=dc1,C=SE", CertTools.stringToBCDNString(dn19)); 612 String dn20 = " C=SE,CN=\"foo, OU=bar\", O=baz\\\\\\, quux "; 613 assertEquals("CN=foo\\, OU=bar,O=baz\\\\\\, quux,C=SE", CertTools.stringToBCDNString(dn20)); 615 616 String dn21 = "C=SE,O=Foo\\, Inc, OU=Foo\\, Dep, CN=Foo\\'"; 617 String bcdn21 = CertTools.stringToBCDNString(dn21); 618 assertEquals("CN=Foo\',OU=Foo\\, Dep,O=Foo\\, Inc,C=SE", bcdn21); 619 assertEquals("CN=Foo',OU=Foo\\, Dep,O=Foo\\, Inc,C=SE", StringTools.strip(bcdn21)); 620 log.debug("<test10TestMultipleReversed()"); 621 } 622 623 627 public void test11TestInsertCNPostfix() throws Exception { 628 log.debug(">test11TestInsertCNPostfix()"); 629 630 String dn1 = "CN=Tomas G,OU=users,OU=orgunit,DC=se,DC=bigcorp,DC=com"; 632 String cnpostfix1 = " (VPN)"; 633 String newdn1 = CertTools.insertCNPostfix(dn1,cnpostfix1); 634 assertEquals("CN=Tomas G (VPN),OU=users,OU=orgunit,DC=se,DC=bigcorp,DC=com", newdn1); 635 636 String dn2 = "OU=users,OU=orgunit,DC=se,DC=bigcorp,DC=com"; 638 String newdn2 = CertTools.insertCNPostfix(dn2,cnpostfix1); 639 assertEquals("OU=users,OU=orgunit,DC=se,DC=bigcorp,DC=com", newdn2); 640 641 String dn3 = "CN=Tomas G,CN=Bagare,OU=users,OU=orgunit,DC=se,DC=bigcorp,DC=com"; 643 String newdn3 = CertTools.insertCNPostfix(dn3,cnpostfix1); 644 assertEquals("CN=Tomas G (VPN),CN=Bagare,OU=users,OU=orgunit,DC=se,DC=bigcorp,DC=com", newdn3); 645 646 String dn4 = "dc=com,dc=bigcorp,dc=se,ou=orgunit,ou=users,cn=Tomas G,CN=Bagare"; 648 String newdn4 = CertTools.insertCNPostfix(dn4,cnpostfix1); 649 assertEquals("dc=com,dc=bigcorp,dc=se,ou=orgunit,ou=users,cn=Tomas G (VPN),CN=Bagare", newdn4); 650 651 String dn5 = "UID=tomas,CN=tomas,OU=users,OU=orgunit,DC=se,DC=bigcorp,DC=com"; 653 String cnpostfix5 = " (VPN)"; 654 String newdn5 = CertTools.insertCNPostfix(dn5,cnpostfix5); 655 assertEquals("UID=tomas,CN=tomas (VPN),OU=users,OU=orgunit,DC=se,DC=bigcorp,DC=com", newdn5); 656 657 log.debug("<test11TestInsertCNPostfix()"); 658 } 659 660 662 public void test12GetPartsFromDN() throws Exception { 663 log.debug(">test01GetPartFromDN()"); 664 665 String dn0 = "C=SE, O=AnaTom, CN=foo"; 667 assertEquals(CertTools.getPartsFromDN(dn0, "CN").size(), 1); 668 assertTrue(CertTools.getPartsFromDN(dn0, "CN").contains("foo")); 669 assertEquals(CertTools.getPartsFromDN(dn0, "O").size(), 1); 670 assertTrue(CertTools.getPartsFromDN(dn0, "O").contains("AnaTom")); 671 assertEquals(CertTools.getPartsFromDN(dn0, "C").size(), 1); 672 assertTrue(CertTools.getPartsFromDN(dn0, "C").contains("SE")); 673 assertEquals(CertTools.getPartsFromDN(dn0, "cn").size(), 1); 674 assertTrue(CertTools.getPartsFromDN(dn0, "cn").contains("foo")); 675 assertEquals(CertTools.getPartsFromDN(dn0, "o").size(), 1); 676 assertTrue(CertTools.getPartsFromDN(dn0, "o").contains("AnaTom")); 677 assertEquals(CertTools.getPartsFromDN(dn0, "c").size(), 1); 678 assertTrue(CertTools.getPartsFromDN(dn0, "c").contains("SE")); 679 680 String dn1 = "uri=http://www.a.se, C=SE, O=AnaTom, CN=foo"; 681 assertEquals(CertTools.getPartsFromDN(dn1, "CN").size(), 1); 682 assertTrue(CertTools.getPartsFromDN(dn1, "CN").contains("foo")); 683 assertEquals(CertTools.getPartsFromDN(dn1, CertTools.URI).size(), 0); 684 assertEquals(CertTools.getPartsFromDN(dn1, CertTools.URI1).size(), 1); 685 assertTrue(CertTools.getPartsFromDN(dn1, CertTools.URI1).contains("http://www.a.se")); 686 687 String dn2 = "uri=http://www.a.se, uri=http://www.b.se, C=SE, O=AnaTom, CN=foo"; 688 assertEquals(CertTools.getPartsFromDN(dn2, "CN").size(), 1); 689 assertTrue(CertTools.getPartsFromDN(dn2, "CN").contains("foo")); 690 assertEquals(CertTools.getPartsFromDN(dn2, CertTools.URI1).size(), 2); 691 assertTrue(CertTools.getPartsFromDN(dn2, CertTools.URI1).contains("http://www.a.se")); 692 assertTrue(CertTools.getPartsFromDN(dn2, CertTools.URI1).contains("http://www.b.se")); 693 694 log.debug("<test12GetPartsFromDN()"); 695 } 696 697 public void test13GetSubjectAltNameString() throws Exception { 698 log.debug(">test13GetSubjectAltNameString()"); 699 700 String altNames = CertTools.getSubjectAlternativeName(CertTools.getCertfromByteArray(altNameCert)); 701 log.debug(altNames); 702 String name = CertTools.getPartFromDN(altNames,CertTools.UPN); 703 assertEquals("foo@a.se", name); 704 assertEquals("foo@a.se", CertTools.getUPNAltName(CertTools.getCertfromByteArray(altNameCert))); 705 name = CertTools.getPartFromDN(altNames,CertTools.URI); 706 assertEquals("http://www.a.se/", name); 707 name = CertTools.getPartFromDN(altNames,CertTools.EMAIL); 708 assertEquals("tomas@a.se", name); 709 name = CertTools.getEMailAddress(CertTools.getCertfromByteArray(altNameCert)); 710 assertEquals("tomas@a.se", name); 711 name = CertTools.getEMailAddress(CertTools.getCertfromByteArray(testcert)); 712 assertNull(name); 713 name = CertTools.getEMailAddress(null); 714 assertNull(name); 715 name = CertTools.getPartFromDN(altNames,CertTools.DNS); 716 assertEquals("www.a.se", name); 717 name = CertTools.getPartFromDN(altNames,CertTools.IPADDR); 718 assertEquals("10.1.1.1", name); 719 log.debug("<test13GetSubjectAltNameString()"); 720 } 721 722 public void test14QCStatement() throws Exception { 723 X509Certificate cert = CertTools.getCertfromByteArray(qcRefCert); 724 assertEquals("rfc822name=municipality@darmstadt.de", QCStatementExtension.getQcStatementAuthorities(cert)); 726 Collection ids = QCStatementExtension.getQcStatementIds(cert); 727 assertTrue(ids.contains(RFC3739QCObjectIdentifiers.id_qcs_pkixQCSyntax_v2.getId())); 728 X509Certificate cert2 = CertTools.getCertfromByteArray(qcPrimeCert); 729 assertEquals("rfc822name=qc@primekey.se", QCStatementExtension.getQcStatementAuthorities(cert2)); 730 ids = QCStatementExtension.getQcStatementIds(cert2); 731 assertTrue(ids.contains(RFC3739QCObjectIdentifiers.id_qcs_pkixQCSyntax_v1.getId())); 732 assertTrue(ids.contains(ETSIQCObjectIdentifiers.id_etsi_qcs_QcCompliance.getId())); 733 assertTrue(ids.contains(ETSIQCObjectIdentifiers.id_etsi_qcs_QcSSCD.getId())); 734 assertTrue(ids.contains(ETSIQCObjectIdentifiers.id_etsi_qcs_LimiteValue.getId())); 735 String limit = QCStatementExtension.getQcStatementValueLimit(cert2); 736 assertEquals("50000 SEK", limit); 737 } 738 public void test15AiaOcspUri() throws Exception { 739 X509Certificate cert = CertTools.getCertfromByteArray(aiaCert); 740 assertEquals("http://localhost:8080/ejbca/publicweb/status/ocsp", CertTools.getAuthorityInformationAccessOcspUrl(cert)); 742 } 743 public void test16GetSubjectAltNameStringWithDirectoryName() throws Exception { 744 log.debug(">test16GetSubjectAltNameStringWithDirectoryName()"); 745 746 X509Certificate cer = CertTools.getCertfromByteArray(altNameCertWithDirectoryName); 747 String altNames = CertTools.getSubjectAlternativeName(cer); 748 log.debug(altNames); 749 750 String name = CertTools.getPartFromDN(altNames, CertTools.UPN); 751 assertEquals("testDirName@jamador.pki.gva.es", name); 752 assertEquals("testDirName@jamador.pki.gva.es", CertTools.getUPNAltName(cer)); 753 754 name = CertTools.getPartFromDN(altNames, CertTools.DIRECTORYNAME); 755 assertEquals("CN=testDirName|dir|name", name); 756 assertEquals(name.substring("CN=".length()), new X509Name("CN=testDirName|dir|name").getValues().get(0)); 757 758 String altName = "rfc822name=foo@bar.se, uri=http://foo.bar.se, directoryName="+LDAPDN.escapeRDN("CN=testDirName, O=Foo, OU=Bar, C=SE")+", dnsName=foo.bar.se"; 759 GeneralNames san = CertTools.getGeneralNamesFromAltName(altName); 760 GeneralName[] gns = san.getNames(); 761 boolean found = false; 762 for (int i = 0;i < gns.length; i++) { 763 int tag = gns[i].getTagNo(); 764 if (tag == 4) { 765 found = true; 766 DEREncodable enc = gns[i].getName(); 767 X509Name dir = (X509Name)enc; 768 String str = dir.toString(); 769 log.debug("DirectoryName: "+str); 770 assertEquals("CN=testDirName,O=Foo,OU=Bar,C=SE", str); 771 } 772 773 } 774 assertTrue(found); 775 776 altName = "rfc822name=foo@bar.se, rfc822name=foo@bar.com, uri=http://foo.bar.se, directoryName="+LDAPDN.escapeRDN("CN=testDirName, O=Foo, OU=Bar, C=SE")+", dnsName=foo.bar.se, dnsName=foo.bar.com"; 777 san = CertTools.getGeneralNamesFromAltName(altName); 778 gns = san.getNames(); 779 int dnscount = 0; 780 int rfc822count = 0; 781 for (int i = 0;i < gns.length; i++) { 782 int tag = gns[i].getTagNo(); 783 if (tag == 2) { 784 dnscount++; 785 DEREncodable enc = gns[i].getName(); 786 DERIA5String dir = (DERIA5String)enc; 787 String str = dir.getString(); 788 log.info("DnsName: "+str); 789 } 790 if (tag == 1) { 791 rfc822count++; 792 DEREncodable enc = gns[i].getName(); 793 DERIA5String dir = (DERIA5String)enc; 794 String str = dir.getString(); 795 log.info("Rfc822Name: "+str); 796 } 797 798 } 799 assertEquals(2, dnscount); 800 assertEquals(2, rfc822count); 801 log.debug("<test16GetSubjectAltNameStringWithDirectoryName()"); 802 } 803 804 public void test17SubjectDirectoryAttributes() throws Exception { 805 log.debug(">test17SubjectDirectoryAttributes()"); 806 X509Certificate cer = CertTools.getCertfromByteArray(subjDirAttrCert); 807 String ret = SubjectDirAttrExtension.getSubjectDirectoryAttributes(cer); 808 assertEquals("countryOfCitizenship=TR", ret); 809 cer = CertTools.getCertfromByteArray(subjDirAttrCert2); 810 ret = SubjectDirAttrExtension.getSubjectDirectoryAttributes(cer); 811 assertEquals("countryOfResidence=SE, countryOfCitizenship=SE, gender=M, placeOfBirth=Stockholm, dateOfBirth=19710425", ret); 812 log.debug("<test17SubjectDirectoryAttributes()"); 813 } 814 } 815 | Popular Tags |