/** * This method loads a certificate from a base 64 encoded String * * @param base64Encoded * the base64 encoded certificate * @return the certificate token */ public static CertificateToken loadCertificateFromBase64EncodedString(final String base64Encoded) { final byte[] bytes = Utils.fromBase64(base64Encoded); return loadCertificate(bytes); }
@Override public List<CertificateToken> getCertificates() { CertificateToken c1 = DSSUtils.loadCertificate(new File("src/test/resources/ecdsa.cer")); CertificateToken c2 = DSSUtils.loadCertificate(new File("src/test/resources/citizen_ca.cer")); CertificateToken c3 = DSSUtils.loadCertificate(new File("src/test/resources/sk_ca.cer")); CertificateToken c4 = DSSUtils.loadCertificate(new File("src/test/resources/TSA_BE.cer")); // c5 & c6 are different but have the same public key CertificateToken c5 = DSSUtils.loadCertificate(new File("src/test/resources/belgiumrs2.crt")); CertificateToken c6 = DSSUtils.loadCertificate(new File("src/test/resources/belgiumrs2-signed.crt")); return Collections.unmodifiableList(Arrays.asList(c1, c2, c3, c4, c5, c6)); }
@Before public void init() { certificateToken = DSSUtils.loadCertificate(new File("src/test/resources/ec.europa.eu.crt")); rootToken = DSSUtils.loadCertificate(new File("src/test/resources/CALT.crt")); }
@BeforeClass public static void init() { certificateWithAIA = DSSUtils.loadCertificate(new File("src/test/resources/TSP_Certificate_2014.crt")); assertNotNull(certificateWithAIA); }
@Test public void convertToPEM() { String convertToPEM = DSSUtils.convertToPEM(certificateWithAIA); assertFalse(DSSUtils.isStartWithASN1SequenceTag(new ByteArrayInputStream(convertToPEM.getBytes()))); CertificateToken certificate = DSSUtils.loadCertificate(convertToPEM.getBytes()); assertEquals(certificate, certificateWithAIA); byte[] certDER = DSSUtils.convertToDER(convertToPEM); assertTrue(DSSUtils.isStartWithASN1SequenceTag(new ByteArrayInputStream(certDER))); CertificateToken certificate2 = DSSUtils.loadCertificate(certDER); assertEquals(certificate2, certificateWithAIA); }
@Test public void getPublicKeySizeECDSA() { CertificateToken certificate = DSSUtils.loadCertificate(new File("src/test/resources/ecdsa.cer")); assertEquals(256, DSSPKUtils.getPublicKeySize(certificate.getPublicKey())); }
@Test public void getPublicKeyEncryptionAlgoECDSA() { CertificateToken certificate = DSSUtils.loadCertificate(new File("src/test/resources/ecdsa.cer")); assertEquals(EncryptionAlgorithm.ECDSA, EncryptionAlgorithm.forKey(certificate.getPublicKey())); }
@Test public void test() { CertificateToken token = DSSUtils.loadCertificate(this.getClass().getResourceAsStream("/BA-QC-Wurzel-CA-2_PN.txt")); Assert.assertTrue(token.isSelfSigned()); Assert.assertTrue(token.isSignedBy(token)); }
@Test public void testDontSkipCertificatesWhenMultipleAreFoundInP7c() throws IOException { try { DSSUtils.loadCertificate(new FileInputStream("src/test/resources/certchain.p7c")); fail("Should not load single certificate (first?)"); } catch (DSSException dssEx) { assertEquals("Could not parse certificate", dssEx.getMessage()); } }
@Test public void getAccessLocation() { CertificateToken certificate = DSSUtils.loadCertificate(new File("src/test/resources/ec.europa.eu.crt")); List<String> ocspAccessLocations = DSSASN1Utils.getOCSPAccessLocations(certificate); assertEquals(1, Utils.collectionSize(ocspAccessLocations)); assertEquals("http://ocsp.luxtrust.lu", ocspAccessLocations.get(0)); }
@Test public void getCrlUrls() { CertificateToken certificate = DSSUtils.loadCertificate(new File("src/test/resources/ec.europa.eu.crt")); List<String> crlUrls = DSSASN1Utils.getCrlUrls(certificate); assertEquals(1, Utils.collectionSize(crlUrls)); assertEquals("http://crl.luxtrust.lu/LTQCA.crl", crlUrls.get(0)); }
@Test public void getPublicKeyEncryptionAlgo() { CertificateToken certificate = DSSUtils.loadCertificate(new File("src/test/resources/BA-QC-Wurzel-CA-2_PN.txt")); assertEquals(EncryptionAlgorithm.RSA, EncryptionAlgorithm.forKey(certificate.getPublicKey())); }
@Test public void testGetOCSPCertificateIDAndMatch() throws IOException { CertificateToken certificate = DSSUtils.loadCertificate(new File("src/test/resources/citizen_ca.cer")); CertificateToken issuer = DSSUtils.loadCertificate(new File("src/test/resources/belgiumrs2.crt")); assertTrue(certificate.isSignedBy(issuer)); CertificateID certificateID = DSSRevocationUtils.getOCSPCertificateID(certificate, issuer); assertNotNull(certificateID); BasicOCSPResp basicOCSPResp = DSSRevocationUtils.loadOCSPBase64Encoded( "MIIHOgoBAKCCBzMwggcvBgkrBgEFBQcwAQEEggcgMIIHHDCCATOhRDBCMQswCQYDVQQGEwJERTEaMBgGA1UECgwRQnVuZGVzbmV0emFnZW50dXIxFzAVBgNVBAMMDjE0Ui1PQ1NQIDEyOlBOGA8yMDE2MDQyNjA5NDE0M1owgbUwgbIwOzAJBgUrDgMCGgUABBRAEkWUqHsHRftOoCVj8/DhlIT7BwQU/fNQhDCO7COa9TOy44EH3eTvgK4CAgM0gAAYDzIwMTUwOTI5MDkwOTI4WqFgMF4wXAYFKyQIAw0EUzBRMA0GCWCGSAFlAwQCAwUABED48AGg2Q8uukS9H0fDCz8LSLzuISU1he4/rk1s7xipORuO0L4BCE/uPEuEU3903zxw5ZRsbqRBysQE1tL8afTaoSIwIDAeBgkrBgEFBQcwAQYEERgPMTk4NjA0MjYwMDAwMDBaMA0GCSqGSIb3DQEBDQUAA4IBAQB3zLgjV0NAApajfNyGk2ijwzAxlTo87ktHjZyv4ccyEWYQoQf26a2K3BMNwZE/6GCY8ElXd4S7pyt5APeHDxjSjxp68OjEctF4lgghVedvMhI2BN57judwZcK9ytdfgp/vTvwVljemdFI3cNX8o1w7J6BE5IHtVuxcQfuFI/HaibvB0hbr+JLj1r/cEwBrma0O486JzfJsMH+ImIlvnAj12KAi/TSVppxycJptCaKQINjQjtM0wRNjhWI5izk8EdZV8NJi8/v8eKXUqZTbCEpbfBPZ4X3N6jDMYYEw/uCMzdvgxQGLilzW0W/CvOdHvxUAPJO5ChD0CRc98DSfVc+ooIIEzTCCBMkwggTFMIIDraADAgECAgIDNTANBgkqhkiG9w0BAQ0FADA/MQswCQYDVQQGEwJERTEaMBgGA1UECgwRQnVuZGVzbmV0emFnZW50dXIxFDASBgNVBAMMCzE0Ui1DQSAxOlBOMB4XDTExMDcyNTEyMzI0OVoXDTE2MDcyNDEyMzExOVowQjELMAkGA1UEBhMCREUxGjAYBgNVBAoMEUJ1bmRlc25ldHphZ2VudHVyMRcwFQYDVQQDDA4xNFItT0NTUCAxMjpQTjCCASMwDQYJKoZIhvcNAQEBBQADggEQADCCAQsCggEBAI0NFH6AJeiimQQGaAHc+PYwUtabavb3XzTr9ACmuO5NzcMmyIBWhpa05FKB2N/0z1a6VmvvhvvH13rTEsGCybHfFhNGGBHI2CwghyL1P5s7R0K7hCzJ5r0IBJzNTEiJsU1ad/XvjL74NPravNGfNL7rKvhIWy8+JyqcT9U22fBC7lZmqyrHAIdrit0KJ3vWGOj85QaSqLfPYmyMfaJjT2Vxp1SiUDosCosDcSmc39R+41Xn8ljFeIIkVad03CZn6WldmJvKjR53tIZjk2t0BfFXyK2unEIXx7tetM35QLBIlkIuR6tPbIFDwcjCGpXBG3VYtgy/ME+2jq8ARyo3lTMCBEAAAIGjggHFMIIBwTATBgNVHSUEDDAKBggrBgEFBQcDCTAOBgNVHQ8BAf8EBAMCBkAwGAYIKwYBBQUHAQMEDDAKMAgGBgQAjkYBATBKBggrBgEFBQcBAQQ+MDwwOgYIKwYBBQUHMAGGLmh0dHA6Ly9vY3NwLm5yY2EtZHMuZGU6ODA4MC9vY3NwLW9jc3ByZXNwb25kZXIwEgYDVR0gBAswCTAHBgUrJAgBATCBsQYDVR0fBIGpMIGmMIGjoIGgoIGdhoGabGRhcDovL2xkYXAubnJjYS1kcy5kZTozODkvQ049Q1JMLE89QnVuZGVzbmV0emFnZW50dXIsQz1ERSxkYz1sZGFwLGRjPW5yY2EtZHMsZGM9ZGU/Y2VydGlmaWNhdGVSZXZvY2F0aW9uTGlzdDtiaW5hcnk/YmFzZT9vYmplY3RDbGFzcz1jUkxEaXN0cmlidXRpb25Qb2ludDAbBgkrBgEEAcBtAwUEDjAMBgorBgEEAcBtAwUBMA8GA1UdEwEB/wQFMAMBAQAwHwYDVR0jBBgwFoAU/fNQhDCO7COa9TOy44EH3eTvgK4wHQYDVR0OBBYEFBFllODWsNReIMI/MM3rQ3+rIEBEMA0GCSqGSIb3DQEBDQUAA4IBAQAt3sYpIcdAKClBtX5zPG1+c9qwGq5VW0Q3AqClqI00OxY/GuK840FNUTf5RDt+aOgbgkTVb8n1lJBS05aQddFowA3k4fnxHtgyiR6KygYO3Fsl2MeEJCKgYlRaB0bqiN1A3hzMKXq3S7+l6yUKPnkNg5Nci6PoztZSe7z/TbbUyu8dY+CVYnjgy85AcUhT1tJwoa527ZfgNVDq/6GLLF3ZQzUNNebF90aZlwsW+sFtk9xkxAWuFcSkRq+IaKz/hDhVYlSYaIBlpgjR8YIIaqtky9xakC8bs8KWdBh1DcRxgdAUfLCqHMd3PwkWEw2PmLpqLZeuHFJzb7zeAcXvvVkP"); SingleResp[] responses = basicOCSPResp.getResponses(); assertFalse(DSSRevocationUtils.matches(certificateID, responses[0])); }
@Test public void getCertificateHolder() { CertificateToken token = DSSUtils.loadCertificate(new File("src/test/resources/ec.europa.eu.crt")); X509CertificateHolder certificateHolder = DSSASN1Utils.getX509CertificateHolder(token); assertNotNull(certificateHolder); CertificateToken token2 = DSSASN1Utils.getCertificate(certificateHolder); assertEquals(token, token2); }
@Test public void testHttpGet() { NativeHTTPDataLoader dataLoader = new NativeHTTPDataLoader(); byte[] bytesArray = dataLoader.get(HTTP_URL_TO_LOAD); CertificateToken certificate = DSSUtils.loadCertificate(bytesArray); assertNotNull(certificate); }
@Test public void testGet() { byte[] bytesArray = dataLoader.get(URL_TO_LOAD); NativeHTTPDataLoader dataLoader2 = new NativeHTTPDataLoader(); byte[] bytesArrays2 = dataLoader2.get(URL_TO_LOAD); assertTrue(Arrays.equals(bytesArray, bytesArrays2)); CertificateToken certificate = DSSUtils.loadCertificate(bytesArray); assertNotNull(certificate); }
@Test public void getPublicKeySize() { CertificateToken certificate = DSSUtils.loadCertificate(new File("src/test/resources/BA-QC-Wurzel-CA-2_PN.txt")); assertEquals(2048, DSSPKUtils.getPublicKeySize(certificate.getPublicKey())); assertEquals("2048", DSSPKUtils.getPublicKeySize(certificate)); }
@Test public void testCreateNewKeystore() throws IOException { KeyStoreCertificateSource kscs = new KeyStoreCertificateSource(KEYSTORE_TYPE, KEYSTORE_PASSWORD); CertificateToken token = DSSUtils.loadCertificate(new File("src/test/resources/citizen_ca.cer")); kscs.addCertificateToKeyStore(token); kscs.store(new FileOutputStream("target/new_keystore.jks")); KeyStoreCertificateSource kscs2 = new KeyStoreCertificateSource("target/new_keystore.jks", KEYSTORE_TYPE, KEYSTORE_PASSWORD); assertEquals(1, Utils.collectionSize(kscs2.getCertificates())); }
@Test public void getQCStatementsIdList() { List<String> qcStatementsIdList = DSSASN1Utils.getQCStatementsIdList(certificateWithAIA); assertTrue(Utils.isCollectionEmpty(qcStatementsIdList)); CertificateToken certificate = DSSUtils.loadCertificate(new File("src/test/resources/ec.europa.eu.crt")); qcStatementsIdList = DSSASN1Utils.getQCStatementsIdList(certificate); assertTrue(Utils.isCollectionNotEmpty(qcStatementsIdList)); assertTrue(qcStatementsIdList.contains(ETSIQCObjectIdentifiers.id_etsi_qcs_LimiteValue.getId())); }
@Test(expected = DSSException.class) public void wrongCertIssuer() throws IOException { FileDocument doc = new FileDocument("src/test/resources/crl/belgium2.crl"); FileDocument caCert = new FileDocument("src/test/resources/belgiumrs2.crt"); try (InputStream crlStream = doc.openStream()) { CRLValidity crlValidity = CRLUtils.isValidCRL(crlStream, DSSUtils.loadCertificate(caCert.openStream())); assertNotNull(crlValidity); assertTrue(crlValidity.isSignatureIntact()); assertTrue(crlValidity.isCrlSignKeyUsage()); assertTrue(crlValidity.isIssuerX509PrincipalMatches()); new CRLToken(DSSUtils.loadCertificate(caCert.openStream()), crlValidity); } }