KickJava   Java API By Example, From Geeks To Geeks.

Java > Open Source Codes > se > anatom > ejbca > protocol > ProtocolOcspHttpStandaloneTest


1 /*************************************************************************
2  * *
3  * EJBCA: The OpenSource Certificate Authority *
4  * *
5  * This software is free software; you can redistribute it and/or *
6  * modify it under the terms of the GNU Lesser General Public *
7  * License as published by the Free Software Foundation; either *
8  * version 2.1 of the License, or any later version. *
9  * *
10  * See terms of license at gnu.org. *
11  * *
12  *************************************************************************/

13
14 package se.anatom.ejbca.protocol;
15
16 import java.rmi.RemoteException JavaDoc;
17 import java.security.cert.X509Certificate JavaDoc;
18 import java.util.Collection JavaDoc;
19 import java.util.Iterator JavaDoc;
20
21 import javax.ejb.CreateException JavaDoc;
22
23 import junit.framework.TestSuite;
24
25 import org.apache.log4j.Logger;
26 import org.bouncycastle.ocsp.CertificateID;
27 import org.bouncycastle.ocsp.OCSPReq;
28 import org.bouncycastle.ocsp.OCSPReqGenerator;
29 import org.bouncycastle.ocsp.RevokedStatus;
30 import org.bouncycastle.ocsp.SingleResp;
31 import org.ejbca.core.ejb.ca.caadmin.ICAAdminSessionRemote;
32 import org.ejbca.core.ejb.ca.store.CertificateDataPK;
33 import org.ejbca.core.ejb.ca.store.ICertificateStoreSessionRemote;
34 import org.ejbca.core.model.ca.crl.RevokedCertInfo;
35 import org.ejbca.util.CertTools;
36
37 /** Tests http pages of a standalone ocsp
38  * To run this test you must create a user named ocspTest that has at least two certificates and
39  * at least one of them must be revoked.
40  *
41  * Change the adress 127.0.0.1 to where you standalone OCSP server is running.
42  * Change caid to the CA that ocspTest blongs to
43  **/

44 public class ProtocolOcspHttpStandaloneTest extends ProtocolOcspHttpTest {
45     private static final Logger log = Logger.getLogger(ProtocolOcspHttpStandaloneTest.class);
46
47     private static final int myCaId = 1584670546;
48     private static final String JavaDoc myOcspIp = "127.0.0.1";
49     
50     public static void main(String JavaDoc args[]) {
51         junit.textui.TestRunner.run(suite());
52     }
53
54
55     public static TestSuite suite() {
56         return new TestSuite(ProtocolOcspHttpStandaloneTest.class);
57     }
58
59
60     public ProtocolOcspHttpStandaloneTest(String JavaDoc name) throws Exception JavaDoc {
61         super(name, "http://"+myOcspIp+":8080/ejbca", "publicweb/status/ocsp");
62     }
63
64     protected void setCAID(ICAAdminSessionRemote casession) {
65         caid = myCaId;
66     }
67     
68     public void test01Access() throws Exception JavaDoc {
69         super.test01Access();
70     }
71
72     /** Tests ocsp message
73      * @throws Exception error
74      */

75     public void test02OcspGood() throws Exception JavaDoc {
76         log.debug(">test02OcspGood()");
77
78         // And an OCSP request
79
OCSPReqGenerator gen = new OCSPReqGenerator();
80         final X509Certificate JavaDoc ocspTestCert = getTestCert(false);
81         gen.addRequest(new CertificateID(CertificateID.HASH_SHA1, cacert, ocspTestCert.getSerialNumber()));
82         OCSPReq req = gen.generate();
83
84         // Send the request and receive a singleResponse
85
SingleResp singleResp = sendOCSPPost(req.getEncoded(), null);
86         
87         CertificateID certId = singleResp.getCertID();
88         assertEquals("Serno in response does not match serno in request.", certId.getSerialNumber(), ocspTestCert.getSerialNumber());
89         Object JavaDoc status = singleResp.getCertStatus();
90         assertEquals("Status is not null (good)", status, null);
91         log.debug("<test02OcspGood()");
92     }
93     private X509Certificate JavaDoc getTestCert( boolean isRevoked ) throws RemoteException JavaDoc, CreateException JavaDoc {
94         ICertificateStoreSessionRemote store = storehome.create();
95         Collection JavaDoc certs = store.findCertificatesByUsername(admin, "ocspTest");
96         Iterator JavaDoc i = certs.iterator();
97         while ( i.hasNext() ) {
98             X509Certificate JavaDoc cert = (X509Certificate JavaDoc)i.next();
99             if ( isRevoked==(store.isRevoked(admin, cert.getIssuerDN().toString(), cert.getSerialNumber()).getReason()!=RevokedCertInfo.NOT_REVOKED) )
100                 return cert;
101         }
102         assertNotNull("Misslyckades hämta cert", null);
103         return null;
104     }
105
106     /** Tests ocsp message
107      * @throws Exception error
108      */

109     public void test03OcspRevoked() throws Exception JavaDoc {
110         log.debug(">test03OcspRevoked()");
111         // Now revoke the certificate and try again
112
CertificateDataPK pk = new CertificateDataPK();
113         final X509Certificate JavaDoc ocspTestCert = getTestCert(true);
114         pk.fingerprint = CertTools.getFingerprintAsString(ocspTestCert);
115         ICertificateStoreSessionRemote store = storehome.create();
116         store.revokeCertificate(admin, ocspTestCert,null,RevokedCertInfo.REVOKATION_REASON_KEYCOMPROMISE);
117         // And an OCSP request
118
OCSPReqGenerator gen = new OCSPReqGenerator();
119         gen.addRequest(new CertificateID(CertificateID.HASH_SHA1, cacert, ocspTestCert.getSerialNumber()));
120         OCSPReq req = gen.generate();
121
122         // Send the request and receive a singleResponse
123
SingleResp singleResp = sendOCSPPost(req.getEncoded(), null);
124
125         CertificateID certId = singleResp.getCertID();
126         assertEquals("Serno in response does not match serno in request.", certId.getSerialNumber(), ocspTestCert.getSerialNumber());
127         Object JavaDoc status = singleResp.getCertStatus();
128         assertTrue("Status is not RevokedStatus", status instanceof RevokedStatus);
129         RevokedStatus rev = (RevokedStatus) status;
130         assertTrue("Status does not have reason", rev.hasRevocationReason());
131         int reason = rev.getRevocationReason();
132         assertEquals("Wrong revocation reason", reason, RevokedCertInfo.REVOKATION_REASON_KEYCOMPROMISE);
133         log.debug("<test03OcspRevoked()");
134     }
135
136 }
137
Popular Tags