List of usage examples for org.apache.commons.lang.time DateUtils addYears
public static Date addYears(Date date, int amount)
From source file:mitm.common.security.certificate.GenerateTestCertificates.java
/** * Generate a certificate without an email but with S/MIME extended key usage * //from w w w . j av a2 s . c o m * @throws Exception */ private void generateCertificateNoEmail() throws Exception { X509CertificateBuilder certificateBuilder = securityFactory.createX509CertificateBuilder(); String encodedPrivateKey = "30820277020100300d06092a864886f70d0101010500048202613082025d" + "0201000281810086246af6ba05ff48133e66771615a3e70742ff52d60db8" + "a4d808e73369d0c689fc21a2691ee7297311ad840fb7be841d813991f84e" + "9590f20a6e4d284d4d3775e646d7aed3a7142159281c9d0171bb98c1a659" + "b930f1e158df079136804d89864c0484e4f15482fa4c3b64c3ac58091dc4" + "83766b0283c2bd7c8ad12aa19c3b45020301000102818018291f0ae95e83" + "285c2ef50da5f0a7e0c8b20c82c3031daab32e8755ff4d17356b3033ac73" + "60775abe685e4ce66f6e24524e28386d0f0b584d00a8ed055f4f09ad206d" + "22f72a9b8b7724a43b42f0239c44e9db007652d1abf59e9d51731fda6153" + "3dd996c06af7761326ac57645be68f3ccc8a665aca9efc37d781c058e98f" + "51024100e294e1a1ddc5dbb20d09ef2113a1ddd864c444191c1b51917b69" + "fb9718fe6adb5bd29e9603c63d189ee79e194fa9c1484f9a5792f9a29b49" + "44f5efc403cd4fbb024100978f09d7c6a74c9a446510f203996b253df437" + "94c66e76209570ee5de5c33ee9cc09b75d06543d5b8127b7c9511253bcbf" + "2c74c0270c24ca36494954b02870ff024050a19eb1d594059c951b45e7c5" + "6ec2ddb0ee4f358855086ff7353dfd053df494df56526d1c26bdb3374941" + "6fcc73a27eb3253fa8e40143b58d3edff6274c36e502410088b05dfd38d2" + "3c5949e428f34ce1ba6bbd439c3956f9db1a2a0dcf3dea723c349a6c0cef" + "1e3d2d957097c4bf119a48e18b3dea123f65496d02a6f8372425653b0241" + "00bf58e07f459aa53487e6fb3b40caf2055e181c8505d2deb29cffffbde3" + "aeb5ccd0f2c353b47fe53cd3b488be85acaf55956a678ff6e37cca327f1b" + "b82044be77"; String encodedPublicKey = "30819f300d06092a864886f70d010101050003818d003081890281810086" + "246af6ba05ff48133e66771615a3e70742ff52d60db8a4d808e73369d0c6" + "89fc21a2691ee7297311ad840fb7be841d813991f84e9590f20a6e4d284d" + "4d3775e646d7aed3a7142159281c9d0171bb98c1a659b930f1e158df0791" + "36804d89864c0484e4f15482fa4c3b64c3ac58091dc483766b0283c2bd7c" + "8ad12aa19c3b450203010001"; PrivateKey privateKey = decodePrivateKey(encodedPrivateKey); PublicKey publicKey = decodePublicKey(encodedPublicKey); X500PrincipalBuilder subjectBuilder = new X500PrincipalBuilder(); subjectBuilder.setCommonName("No email"); subjectBuilder.setCountryCode("NL"); subjectBuilder.setLocality("Amsterdam"); subjectBuilder.setState("NH"); X500Principal subject = subjectBuilder.buildPrincipal(); Set<KeyUsageType> keyUsage = new TreeSet<KeyUsageType>(); keyUsage.add(KeyUsageType.DIGITALSIGNATURE); keyUsage.add(KeyUsageType.KEYENCIPHERMENT); keyUsage.add(KeyUsageType.NONREPUDIATION); Set<ExtendedKeyUsageType> extendedKeyUsage = new TreeSet<ExtendedKeyUsageType>(); extendedKeyUsage.add(ExtendedKeyUsageType.CLIENTAUTH); extendedKeyUsage.add(ExtendedKeyUsageType.EMAILPROTECTION); BigInteger serialNumber = new BigInteger("115fce43c64c3a7547678e8f0b67559", 16); Date now = DateFormat.getDateTimeInstance(DateFormat.MEDIUM, DateFormat.MEDIUM, Locale.UK) .parse("21-Nov-2007 11:39:35"); certificateBuilder.setSubject(subject); certificateBuilder.setKeyUsage(keyUsage, true); certificateBuilder.setExtendedKeyUsage(extendedKeyUsage, false); certificateBuilder.setNotBefore(DateUtils.addDays(now, -20)); certificateBuilder.setNotAfter(DateUtils.addYears(now, 20)); certificateBuilder.setPublicKey(publicKey); certificateBuilder.setSerialNumber(serialNumber); certificateBuilder.setSignatureAlgorithm("SHA1WithRSAEncryption"); certificateBuilder.addSubjectKeyIdentifier(true); X509Certificate certificate = certificateBuilder.generateCertificate(caPrivateKey, caCertificate); assertNotNull(certificate); certificates.add(certificate); Certificate[] chain = new Certificate[] { certificate, caCertificate, rootCertificate }; keyStore.setKeyEntry("noEmail", privateKey, null, chain); }
From source file:mitm.common.security.certificate.GenerateTestCertificates.java
/** * Generate a certificate with email in subject but not in AltNames * //from ww w . j a va2 s . c o m * @throws Exception */ private void generateCertificateEmailInSubjectNotInAltNames() throws Exception { X509CertificateBuilder certificateBuilder = securityFactory.createX509CertificateBuilder(); String encodedPrivateKey = "30820276020100300d06092a864886f70d0101010500048202603082025c" + "02010002818100d101622e0d0d3edb037b595281d54029fb4d5c0bc2025f" + "d378f7098b6cdf3a90450978cac7b699ab1457c361384d38278f62a2a3a0" + "42988d7ce079170c942ee8b6cbbf2cd2f85be52bd686f4b0d344c24d6acb" + "47f926034bfe312353893499bcb6eb6f9aa6e8b203768c93579c93e3234c" + "0a345dcfa5e0a3434a205f87dc6ec50203010001028180423a7d00f8b3cc" + "ca1bd5575d94b49d6b702d7850657ed91caac5252a202ab0650ceb4e727b" + "4c7a6f42b7f8ba72dbcd4283e60e81690411512c53f92afb9a6d2e4fd74d" + "bc4c34b73575e60b4e656f23f730a08436fb32bd89c44f120a73757e8fde" + "63a12fd9e7860406604acbf006fd235573be8bfb4ffcb3e55f2785cbb009" + "a1024100f90a4dbd692dd5948472e5d589fe52c58f85e5ec778ab22cf965" + "557e6ad46e08ff8e532e800fe58643c1eae5ef8c3bf1e3f746c0e51f8f97" + "4bfeed4dcdd89d69024100d6d8a918fffc750e02ecd443139515ce624e68" + "24b808f244e0aabcf00f5323fb0dfe54ffa56b1fcd5b90f6ddff639fea7b" + "0843debed0088a0f7dd42cb8802efd024075b569091dad8c45a654a84d45" + "ebef3371a2d809ec76a1c0a02045487b35eccc53fdf15309347a47fbbeac" + "4801f146640e5bd2155a3690a7f2438be63a6528010240772d644fcbe03d" + "0672b4f0e1ec80ecc1b96288fea55fc11458141e0e8451b849d16f5db31a" + "0d9c6c8bf894187d4cc42e8be4ffd115c3cc98d9131199651725f9024100" + "c74bca53cdd2650796285a3cd9ad48f25e9308532fa3ce3f366abe2a9e5c" + "b55dc7a1a7c9d6d30070eeb1584505e493a39515a3e306ed8299ccfcbc02" + "32984aef"; String encodedPublicKey = "30819f300d06092a864886f70d010101050003818d0030818902818100d1" + "01622e0d0d3edb037b595281d54029fb4d5c0bc2025fd378f7098b6cdf3a" + "90450978cac7b699ab1457c361384d38278f62a2a3a042988d7ce079170c" + "942ee8b6cbbf2cd2f85be52bd686f4b0d344c24d6acb47f926034bfe3123" + "53893499bcb6eb6f9aa6e8b203768c93579c93e3234c0a345dcfa5e0a343" + "4a205f87dc6ec50203010001"; PrivateKey privateKey = decodePrivateKey(encodedPrivateKey); PublicKey publicKey = decodePublicKey(encodedPublicKey); X500PrincipalBuilder subjectBuilder = new X500PrincipalBuilder(); String email = "test@example.com"; subjectBuilder.setCommonName("Email in Subject not in AltNames"); subjectBuilder.setEmail(email); subjectBuilder.setCountryCode("NL"); subjectBuilder.setLocality("Amsterdam"); subjectBuilder.setState("NH"); X500Principal subject = subjectBuilder.buildPrincipal(); Set<KeyUsageType> keyUsage = new TreeSet<KeyUsageType>(); keyUsage.add(KeyUsageType.DIGITALSIGNATURE); keyUsage.add(KeyUsageType.KEYENCIPHERMENT); keyUsage.add(KeyUsageType.NONREPUDIATION); Set<ExtendedKeyUsageType> extendedKeyUsage = new TreeSet<ExtendedKeyUsageType>(); extendedKeyUsage.add(ExtendedKeyUsageType.CLIENTAUTH); extendedKeyUsage.add(ExtendedKeyUsageType.EMAILPROTECTION); BigInteger serialNumber = new BigInteger("115fceb7f46b98775dbb8287965f838", 16); Date now = DateFormat.getDateTimeInstance(DateFormat.MEDIUM, DateFormat.MEDIUM, Locale.UK) .parse("21-Nov-2007 11:40:35"); certificateBuilder.setSubject(subject); certificateBuilder.setKeyUsage(keyUsage, true); certificateBuilder.setExtendedKeyUsage(extendedKeyUsage, false); certificateBuilder.setNotBefore(DateUtils.addDays(now, -20)); certificateBuilder.setNotAfter(DateUtils.addYears(now, 20)); certificateBuilder.setPublicKey(publicKey); certificateBuilder.setSerialNumber(serialNumber); certificateBuilder.setSignatureAlgorithm("SHA1WithRSAEncryption"); certificateBuilder.addSubjectKeyIdentifier(true); X509Certificate certificate = certificateBuilder.generateCertificate(caPrivateKey, caCertificate); assertNotNull(certificate); certificates.add(certificate); Certificate[] chain = new Certificate[] { certificate, caCertificate, rootCertificate }; keyStore.setKeyEntry("emailInSubjectNotInAltNames", privateKey, null, chain); }
From source file:mitm.common.security.certificate.GenerateTestCertificates.java
/** * Generate a certificate with email in AltNames but not in subject * /* ww w . j a va2s . c o m*/ * @throws Exception */ private void generateCertificateEmailInAltNamesNotInSubject() throws Exception { X509CertificateBuilder certificateBuilder = securityFactory.createX509CertificateBuilder(); String encodedPublicKey = "30819f300d06092a864886f70d010101050003818d003081890281810088" + "350aa5de312b8d6d2bcb1845ae426b52f53bed933d05c1914753651911dd" + "2f2e449e5ebf0a9708d16bbf7ad3ff7e56bf149e26eb37112e1d92989884" + "ec3f9c27d4a37efe804a55e97e3ec62aa30610952b3f60f8a3f7516cf00b" + "1bc1d3a75f5d4f5834962d091c5676f5ecd6a12ac4e4fbb6069048684696" + "bfbf72483feb210203010001"; String encodedPrivateKey = "30820275020100300d06092a864886f70d01010105000482025f3082025b" + "0201000281810088350aa5de312b8d6d2bcb1845ae426b52f53bed933d05" + "c1914753651911dd2f2e449e5ebf0a9708d16bbf7ad3ff7e56bf149e26eb" + "37112e1d92989884ec3f9c27d4a37efe804a55e97e3ec62aa30610952b3f" + "60f8a3f7516cf00b1bc1d3a75f5d4f5834962d091c5676f5ecd6a12ac4e4" + "fbb6069048684696bfbf72483feb2102030100010281802a20257be93d51" + "d7fab4b9aa771a8f063c710628d309e376db64b0e12aa0c0c4afcd9f2174" + "7a64fde02f2fd8602abbbb3e7bb4f21a7b3c8003bb6c2077b3cd741b4b83" + "37c1330742875962dc56a91ecd9b6ccbc54d9c86ac7533dae9d3b792844a" + "2135e35b7ce2720f4d2fc25e2013aaadecd35a93d74a08921f1d4991023b" + "05024100e5b57d7eeeef447c9ca66643f8b38d743a2e1247e0b2bbe6925f" + "1a6166c580d10d87dff02a15ffc963e0f192ea060862e4ad3d1a6afbd280" + "3e5b409ea283119b02410097cbef487d4309e5646303b1c75e88db469c8a" + "653f93eac9713d570fad45b85f583c2c0314f3a290e6cc8a5cce2ca60ad5" + "4ea549779c829429f1645530dc6ff302402daac0314d052a636fad312590" + "3afa034251c8769bb84cdcd0fab13eedf493e07bc52883118ae018449002" + "d6c749bdbf136151858001625ef686a3b925ebd2c30240698a333e55494d" + "121eeff0dba460880add576da9e3c07657c4d1ff3c391ee687f413320e9a" + "7ca2a4d8b391e7e0b98e60adda567574226f6f9091f34e8000641d024031" + "7135e36f1533cffe338cbd103f44cc8ca257a27682c41b50f5458f7d0fde" + "7fe60171fc6718614fca2a756648fe87c9b2551d54cf4162035d59e7730f" + "a0783d"; PrivateKey privateKey = decodePrivateKey(encodedPrivateKey); PublicKey publicKey = decodePublicKey(encodedPublicKey); X500PrincipalBuilder subjectBuilder = new X500PrincipalBuilder(); String email = "test@example.com"; subjectBuilder.setCommonName("Email in DN not in AltNames"); subjectBuilder.setCountryCode("NL"); subjectBuilder.setLocality("Amsterdam"); subjectBuilder.setState("NH"); AltNamesBuilder altNamesBuider = new AltNamesBuilder(); altNamesBuider.setRFC822Names(email); X500Principal subject = subjectBuilder.buildPrincipal(); GeneralNames altNames = altNamesBuider.buildAltNames(); Set<KeyUsageType> keyUsage = new TreeSet<KeyUsageType>(); keyUsage.add(KeyUsageType.DIGITALSIGNATURE); keyUsage.add(KeyUsageType.KEYENCIPHERMENT); keyUsage.add(KeyUsageType.NONREPUDIATION); Set<ExtendedKeyUsageType> extendedKeyUsage = new TreeSet<ExtendedKeyUsageType>(); extendedKeyUsage.add(ExtendedKeyUsageType.CLIENTAUTH); extendedKeyUsage.add(ExtendedKeyUsageType.EMAILPROTECTION); BigInteger serialNumber = new BigInteger("115fceeccd07fe8929f68cc6b359a5a", 16); Date now = DateFormat.getDateTimeInstance(DateFormat.MEDIUM, DateFormat.MEDIUM, Locale.UK) .parse("21-Nov-2007 11:41:35"); certificateBuilder.setSubject(subject); certificateBuilder.setAltNames(altNames, true); certificateBuilder.setKeyUsage(keyUsage, true); certificateBuilder.setExtendedKeyUsage(extendedKeyUsage, false); certificateBuilder.setNotBefore(DateUtils.addDays(now, -20)); certificateBuilder.setNotAfter(DateUtils.addYears(new Date(), 20)); certificateBuilder.setPublicKey(publicKey); certificateBuilder.setSerialNumber(serialNumber); certificateBuilder.setSignatureAlgorithm("SHA1WithRSAEncryption"); certificateBuilder.addSubjectKeyIdentifier(true); X509Certificate certificate = certificateBuilder.generateCertificate(caPrivateKey, caCertificate); assertNotNull(certificate); certificates.add(certificate); Certificate[] chain = new Certificate[] { certificate, caCertificate, rootCertificate }; keyStore.setKeyEntry("emailInAltNamesNotInSubject", privateKey, null, chain); }
From source file:mitm.common.security.certificate.GenerateTestCertificates.java
/** * Generates a certificate with javascript in the certificate fields to test XSS injections. * /*from w ww .ja v a 2 s. c o m*/ * @throws Exception */ private void generateCertificateXSS() throws Exception { X509CertificateBuilder certificateBuilder = securityFactory.createX509CertificateBuilder(); String encodedPublicKey = "30819f300d06092a864886f70d010101050003818d0030818902818100ab" + "c1cb1ce9ac2acef6ab4c6c6cfe38840f25095652038529aa34e21c36b1b9" + "833c8f91b34c97a803af002ed9dd6d79fc23d5e5190180a9235e61ec596d" + "b084ac78aef9f65e182977e918b9b8aa423c707bd4189e44eb9dfb68d585" + "a828ea6b16b22f382e6084140bde8a65391894b32cbd13d3b49a6a72adeb" + "49472da5995dc70203010001"; String encodedPrivateKey = "30820278020100300d06092a864886f70d0101010500048202623082025e" + "02010002818100abc1cb1ce9ac2acef6ab4c6c6cfe38840f250956520385" + "29aa34e21c36b1b9833c8f91b34c97a803af002ed9dd6d79fc23d5e51901" + "80a9235e61ec596db084ac78aef9f65e182977e918b9b8aa423c707bd418" + "9e44eb9dfb68d585a828ea6b16b22f382e6084140bde8a65391894b32cbd" + "13d3b49a6a72adeb49472da5995dc702030100010281810084959e52fd56" + "b7dcf7b117d782f363711db7bb53750fde95611c5d86e5f99f78dd20fe99" + "e80011e4760cb01de1be06b24a7f6cd036c6b8c9e2abb8a4f7f59113c67c" + "d06b3a642d67e3a4035a8cfccf0992184451adfcfccd3157e5a2f79ee0f1" + "8659c6ee801c5c081876cbd2db6390b3102b656adf7e249889ee108a4fb6" + "23f1024100d3beeecb8841cef45343138df276eb30293489ed74855dae41" + "c7b713dee7e6b4a8904fc24cab09e313f9968b4db6988fc5530da7b0f1b8" + "e71dfe26c09aed79f5024100cfa75532fa6fb39ae86dd8f05effdf9862e3" + "4ad51d71a9c6f15e6ec0d5618e7dcab1cbe93e5991fed42f913faca7d115" + "7fdcc255b6fec086070f04a736a7374b024100a619635693471421c2629e" + "a73da89d2b0557aa4e7395de7bc02bfae80276251a5814040ce57951e328" + "1b2445982b81175e719d078b1cc2afc16e4955d2f23035024100ca854b6d" + "dd9c0592062fe40d82c9909bc18e25d4b5d3be1e7e177872ef69271c7e0c" + "6b703ed402b482e32588f16df6583e8ce2a7d042a327d4488c643cc45703" + "02404b3b36fd231a6eab54303121dad4a66d732cc2d7d72b4a76108e2fc6" + "e1ee0080dd9733046009f19a96885cdad46bcd0a1ca1f62ce7eed073ca41" + "320fa140753f"; PrivateKey privateKey = decodePrivateKey(encodedPrivateKey); PublicKey publicKey = decodePublicKey(encodedPublicKey); X500PrincipalBuilder subjectBuilder = new X500PrincipalBuilder(); String email = "<script>alert('test')</script>"; subjectBuilder.setCommonName("<script>alert('test')</script>"); subjectBuilder.setEmail(email); subjectBuilder.setCountryCode("NL"); subjectBuilder.setLocality("<script>alert('test')</script>"); subjectBuilder.setState("<script>alert('test')</script>"); AltNamesBuilder altNamesBuider = new AltNamesBuilder(); altNamesBuider.setRFC822Names(email); X500Principal subject = subjectBuilder.buildPrincipal(); GeneralNames altNames = altNamesBuider.buildAltNames(); Set<KeyUsageType> keyUsage = new TreeSet<KeyUsageType>(); keyUsage.add(KeyUsageType.DIGITALSIGNATURE); keyUsage.add(KeyUsageType.KEYENCIPHERMENT); keyUsage.add(KeyUsageType.NONREPUDIATION); Set<ExtendedKeyUsageType> extendedKeyUsage = new TreeSet<ExtendedKeyUsageType>(); extendedKeyUsage.add(ExtendedKeyUsageType.CLIENTAUTH); extendedKeyUsage.add(ExtendedKeyUsageType.EMAILPROTECTION); BigInteger serialNumber = new BigInteger("115fd003be5a87522cb76cfab2ec85f", 16); Date now = DateFormat.getDateTimeInstance(DateFormat.MEDIUM, DateFormat.MEDIUM, Locale.UK) .parse("21-Nov-2007 11:45:35"); certificateBuilder.setSubject(subject); certificateBuilder.setAltNames(altNames, true); certificateBuilder.setKeyUsage(keyUsage, true); certificateBuilder.setExtendedKeyUsage(extendedKeyUsage, false); certificateBuilder.setNotBefore(DateUtils.addDays(now, -20)); certificateBuilder.setNotAfter(DateUtils.addYears(now, 20)); certificateBuilder.setPublicKey(publicKey); certificateBuilder.setSerialNumber(serialNumber); certificateBuilder.setSignatureAlgorithm("SHA1WithRSAEncryption"); certificateBuilder.addSubjectKeyIdentifier(true); X509Certificate certificate = certificateBuilder.generateCertificate(caPrivateKey, caCertificate); assertNotNull(certificate); certificates.add(certificate); Certificate[] chain = new Certificate[] { certificate, caCertificate, rootCertificate }; keyStore.setKeyEntry("certificateXSS", privateKey, null, chain); }
From source file:mitm.common.security.certificate.GenerateTestCertificates.java
/** * Generates a certificate without S/MIME extended key usage extension * /*w w w. jav a 2 s . co m*/ * @throws Exception */ private void generateCertificateNoSMIMEExtKeyUsage() throws Exception { X509CertificateBuilder certificateBuilder = securityFactory.createX509CertificateBuilder(); String encodedPublicKey = "30819f300d06092a864886f70d010101050003818d00308189028181008e" + "702f7941ce945a10c965ddd2113331506fb868c59760548bf8cedc35589e" + "9233e3552f518ce72e75fd22b01add0662502ade276d07f12cadfaeea440" + "edc01b0f7c01babad5ade01a759a908f5c3279c3fd02aae54940798d56a4" + "b8d3a8f3472ffa0fbad9a8d1348ec8b24cb0fc3283aac33f9bfd97b0a338" + "75b7fdea432f7b0203010001"; String encodedPrivateKey = "30820275020100300d06092a864886f70d01010105000482025f3082025b" + "020100028181008e702f7941ce945a10c965ddd2113331506fb868c59760" + "548bf8cedc35589e9233e3552f518ce72e75fd22b01add0662502ade276d" + "07f12cadfaeea440edc01b0f7c01babad5ade01a759a908f5c3279c3fd02" + "aae54940798d56a4b8d3a8f3472ffa0fbad9a8d1348ec8b24cb0fc3283aa" + "c33f9bfd97b0a33875b7fdea432f7b02030100010281807b8e43100b0e78" + "4f7c3a477bd86a051f24e8146e05e05eb65848b69ffc426822e891ad6603" + "76975f0d084cdbb821bc14f1f78d8763a3bd0805cf22cd266955f6972ba6" + "10280e6751a3219a4f89ef87faab1d4170b5d0af820844782f7317b025d2" + "9de7dcd271776d7c45da37ac5c190e9698ad84129f424d1df6bdd14c1027" + "59024100ccb868a0fe755d4327c8a02ef0a80306ee6a31726075748d04ef" + "713da09050931c0604bf2c93cca29afd65f7a56d5d501e80eac8775c5701" + "2a0ed48be3726af5024100b21df7637604312e4c80ebf2b4c04112b22938" + "611755f579d205e2c5826b32039d200cd37d1171639ee503748ac963d71c" + "f65df92a65bf6965764b7465548aaf0240388d5899e0b11b2a49fb2a04cd" + "861c0ff61c6fbc60d911714343c1cc7c66615bc20a0795a802cc2cbf13f0" + "ef104bbdd33c19f0c19ff76a317024d8a22c1a976102405ff2627c126ba9" + "ae7e098890422bba21ff14d34901d00d1ea53304784e8bbdf252669c6224" + "620c0994e35a9c21d2e0545546a5527e33370be85af3c46c7d410302401f" + "86906b598370b2fc4bc60be15521decaf16cd81d047242dc0dd316ba2902" + "baf93db44acf00d07c7762ccce97de2841fd565a9c8fee6e70da8e2779af" + "248bf1"; PrivateKey privateKey = decodePrivateKey(encodedPrivateKey); PublicKey publicKey = decodePublicKey(encodedPublicKey); X500PrincipalBuilder subjectBuilder = new X500PrincipalBuilder(); String email = "test@example.com"; subjectBuilder.setCommonName("No S/MIME extended key usage"); subjectBuilder.setEmail(email); subjectBuilder.setCountryCode("NL"); subjectBuilder.setLocality("Amsterdam"); subjectBuilder.setState("NH"); AltNamesBuilder altNamesBuider = new AltNamesBuilder(); altNamesBuider.setRFC822Names(email); X500Principal subject = subjectBuilder.buildPrincipal(); GeneralNames altNames = altNamesBuider.buildAltNames(); Set<KeyUsageType> keyUsage = new TreeSet<KeyUsageType>(); keyUsage.add(KeyUsageType.DIGITALSIGNATURE); keyUsage.add(KeyUsageType.KEYENCIPHERMENT); keyUsage.add(KeyUsageType.NONREPUDIATION); Set<ExtendedKeyUsageType> extendedKeyUsage = new TreeSet<ExtendedKeyUsageType>(); extendedKeyUsage.add(ExtendedKeyUsageType.CLIENTAUTH); BigInteger serialNumber = new BigInteger("115fd035ba042503bcc6ca44680f9f8", 16); Date now = DateFormat.getDateTimeInstance(DateFormat.MEDIUM, DateFormat.MEDIUM, Locale.UK) .parse("21-November-2007 11:46:35"); certificateBuilder.setSubject(subject); certificateBuilder.setAltNames(altNames, true); certificateBuilder.setKeyUsage(keyUsage, true); // make extended key usage critical certificateBuilder.setExtendedKeyUsage(extendedKeyUsage, true); certificateBuilder.setNotBefore(DateUtils.addDays(now, -20)); certificateBuilder.setNotAfter(DateUtils.addYears(now, 20)); certificateBuilder.setPublicKey(publicKey); certificateBuilder.setSerialNumber(serialNumber); certificateBuilder.setSignatureAlgorithm("SHA1WithRSAEncryption"); X509Certificate certificate = certificateBuilder.generateCertificate(caPrivateKey, caCertificate); assertNotNull(certificate); certificates.add(certificate); Certificate[] chain = new Certificate[] { certificate, caCertificate, rootCertificate }; keyStore.setKeyEntry("NoSMIMEExtKeyUsage", privateKey, null, chain); }
From source file:mitm.common.security.certificate.GenerateTestCertificates.java
/** * Generates a certificate without S/MIME extended key usage extension and ext key usage non critical * /*from ww w .ja v a 2 s . co m*/ * @throws Exception */ private void generateCertificateNoSMIMEExtKeyUsageNonCritical() throws Exception { X509CertificateBuilder certificateBuilder = securityFactory.createX509CertificateBuilder(); String encodedPublicKey = "30819f300d06092a864886f70d010101050003818d0030818902818100b3" + "98c84b2a2649ab19bf1c38d057b1f43429291b4f9d6bbc6172da71b1dd82" + "a253f31e4e295db6e6025f3bd09adbfd741557198b17e3f8a4ab9e13b617" + "b3e560e16f8f8d72fb95ad3a82c2c9e2baf7efa6e93b5a9bd1e6a9d39277" + "c0c9fae99ce7b66d1bbf238a4749a45f40ef5ce02106664ecff54cd64d99" + "03f2e8f949d2f70203010001"; String encodedPrivateKey = "30820275020100300d06092a864886f70d01010105000482025f3082025b" + "02010002818100b398c84b2a2649ab19bf1c38d057b1f43429291b4f9d6b" + "bc6172da71b1dd82a253f31e4e295db6e6025f3bd09adbfd741557198b17" + "e3f8a4ab9e13b617b3e560e16f8f8d72fb95ad3a82c2c9e2baf7efa6e93b" + "5a9bd1e6a9d39277c0c9fae99ce7b66d1bbf238a4749a45f40ef5ce02106" + "664ecff54cd64d9903f2e8f949d2f7020301000102818041056c66822110" + "84c8b27f16369fb946af67c38126c6d88d803e63c5cbde65803da2847349" + "d8aaf20523d37507cbe3ac1659cd5ea54c9ce5895896cc533287357b390d" + "0390da3b02ddae5dcd13527526664a127a2f3104ced7d6114020dd527d81" + "79a07e36705b29fb4256036e4c6912ca769bada9eb6083134c5f99ada34c" + "41024100e94021d2682b169f4aef370060793f28dafcbd375b92dc420368" + "402469952a9563df82001b910ceb38441e5d57790392aef97bf0e57c0203" + "06daa47850e53b97024100c51d0232655f3dd219e690b3cc99c79d0ef6c9" + "cfcf315952164ec81428c06d608723c0018d09af36bb64517146bbe4c3bb" + "80d362e415fc112157b3afec9a8fa1024012940d1d99367562d2b1230c60" + "a2c7a91568341a08ad35e5fc277d9468e47cb3d174a802222ff77b74cbd8" + "2f4f1c50708a874c9bef6b652da08a21b78399fe990240757619ef0a35bd" + "534c97f7370dffbdd23c2e9888bbc17ea6ca205c5e970244abb71c78b8f3" + "e10786a818d9e794ed371fe4c69a315e1633c5c986c7cf5841aac1024013" + "f17fd383e24562c322d2ef1780b93a4452c07dcda48db73f0e9aac9d42a5" + "ddfa9e1ffdbe4e8ba33891246e3f153f135bbd7da646dc04cb6b7755b92f" + "9dfe6b"; PrivateKey privateKey = decodePrivateKey(encodedPrivateKey); PublicKey publicKey = decodePublicKey(encodedPublicKey); X500PrincipalBuilder subjectBuilder = new X500PrincipalBuilder(); String email = "test@example.com"; subjectBuilder.setCommonName("No S/MIME extended key usage non critical"); subjectBuilder.setEmail(email); subjectBuilder.setCountryCode("NL"); subjectBuilder.setLocality("Amsterdam"); subjectBuilder.setState("NH"); AltNamesBuilder altNamesBuider = new AltNamesBuilder(); altNamesBuider.setRFC822Names(email); X500Principal subject = subjectBuilder.buildPrincipal(); GeneralNames altNames = altNamesBuider.buildAltNames(); Set<KeyUsageType> keyUsage = new TreeSet<KeyUsageType>(); keyUsage.add(KeyUsageType.DIGITALSIGNATURE); keyUsage.add(KeyUsageType.KEYENCIPHERMENT); keyUsage.add(KeyUsageType.NONREPUDIATION); Set<ExtendedKeyUsageType> extendedKeyUsage = new TreeSet<ExtendedKeyUsageType>(); extendedKeyUsage.add(ExtendedKeyUsageType.CLIENTAUTH); BigInteger serialNumber = new BigInteger("1178c30016df6384363585b394c6ca6", 16); Date now = DateFormat.getDateTimeInstance(DateFormat.MEDIUM, DateFormat.MEDIUM, Locale.UK) .parse("21-November-2007 11:46:35"); certificateBuilder.setSubject(subject); certificateBuilder.setAltNames(altNames, true); certificateBuilder.setKeyUsage(keyUsage, true); // make extended key usage critical certificateBuilder.setExtendedKeyUsage(extendedKeyUsage, false); certificateBuilder.setNotBefore(DateUtils.addDays(now, -20)); certificateBuilder.setNotAfter(DateUtils.addYears(now, 20)); certificateBuilder.setPublicKey(publicKey); certificateBuilder.setSerialNumber(serialNumber); certificateBuilder.setSignatureAlgorithm("SHA1WithRSAEncryption"); X509Certificate certificate = certificateBuilder.generateCertificate(caPrivateKey, caCertificate); assertNotNull(certificate); certificates.add(certificate); Certificate[] chain = new Certificate[] { certificate, caCertificate, rootCertificate }; keyStore.setKeyEntry("NoSMIMEExtKeyUsageNonCritical", privateKey, null, chain); }
From source file:mitm.common.security.certificate.GenerateTestCertificates.java
/** * Generates a certificate that is valid after 2027 * /*from w w w.j a v a 2s . c om*/ * @throws Exception */ private void generateCertificateNoYetValid() throws Exception { X509CertificateBuilder certificateBuilder = securityFactory.createX509CertificateBuilder(); String encodedPublicKey = "30819f300d06092a864886f70d010101050003818d00308189028181009f" + "b353317a507e1ce39272bc304111f8558ee76c16200464a98c6737c74059" + "5bfc72f5647799641da2bc7a629c1ac00da10f26da0f8a83c84e09eb68cc" + "d666e92f04f953722956c5f0cc2263c1d8c78c792aa91d53ad5df8616372" + "5db07065eb043fd4587dafdab1aff5bb21854525b49ece5eda2bb7c37d8b" + "b06c4e559efb230203010001"; String encodedPrivateKey = "30820277020100300d06092a864886f70d0101010500048202613082025d" + "020100028181009fb353317a507e1ce39272bc304111f8558ee76c162004" + "64a98c6737c740595bfc72f5647799641da2bc7a629c1ac00da10f26da0f" + "8a83c84e09eb68ccd666e92f04f953722956c5f0cc2263c1d8c78c792aa9" + "1d53ad5df86163725db07065eb043fd4587dafdab1aff5bb21854525b49e" + "ce5eda2bb7c37d8bb06c4e559efb2302030100010281806c96b090ca0c85" + "53fb618ee66b2133a8d9f44b63713fdffcda547fb2aba7139bba72286d61" + "ed48e7e5c9a6a5fa632e0796660912e8d2547d14a32610a2877e7d28925c" + "5f36025ef20c920ea380fe07fc44ffa3648991e511b6185a4105c229cde1" + "2be13929826bf4c55600dff4ce9a57df7422d0849f8c99ebd208dff3ce52" + "41024100d438b326a633789279d133fe742c91973879d652804ba1bbbd95" + "aa72beef2082a109e5ee4426cece04ae0d9091e36e0afbe02489f98d86f5" + "b39d4fcaea795491024100c0a5052b52e885e6a5e4444b686f4697def8dc" + "6b6913d211c3f38e87de4f7d395adedf4cd4827458947509aacaec6fb643" + "c31820bf41cb6b210ba0adac651e73024003a0746f54a7cc87b44d3ef63a" + "4608b6ece0282980c7ca1bcb41a388127b43b2f7cd93805ee9cadefa757f" + "05d97869890684ee1aed88dda5954c3af0dcd0f601024100be1e9df961bb" + "44da9a01ab3cd876692edcc8b18ff785ae1e064ac9f160ff05d0a2d3ad80" + "bf81779d2bf64d72170e3c399eaa5d9783e944fe1700c8b45d9cf5ed0241" + "00a1152fdcaa1f14bdd0c26c14feeb9e3e3627db371a4bb00afceb8ccebd" + "21a6e27f45fce087da5c029e1be352bbdd7ffbec8e511ea254df76a7ff19" + "4e262c16c0"; PrivateKey privateKey = decodePrivateKey(encodedPrivateKey); PublicKey publicKey = decodePublicKey(encodedPublicKey); X500PrincipalBuilder subjectBuilder = new X500PrincipalBuilder(); String email = "test@example.com"; subjectBuilder.setCommonName("Not yet valid"); subjectBuilder.setEmail(email); subjectBuilder.setCountryCode("NL"); subjectBuilder.setLocality("Amsterdam"); subjectBuilder.setState("NH"); AltNamesBuilder altNamesBuider = new AltNamesBuilder(); altNamesBuider.setRFC822Names(email); X500Principal subject = subjectBuilder.buildPrincipal(); GeneralNames altNames = altNamesBuider.buildAltNames(); Set<KeyUsageType> keyUsage = new TreeSet<KeyUsageType>(); keyUsage.add(KeyUsageType.DIGITALSIGNATURE); keyUsage.add(KeyUsageType.KEYENCIPHERMENT); keyUsage.add(KeyUsageType.NONREPUDIATION); Set<ExtendedKeyUsageType> extendedKeyUsage = new TreeSet<ExtendedKeyUsageType>(); extendedKeyUsage.add(ExtendedKeyUsageType.CLIENTAUTH); extendedKeyUsage.add(ExtendedKeyUsageType.EMAILPROTECTION); BigInteger serialNumber = new BigInteger("115fd064f8eac4ed5dd5e8728b36fd6", 16); Date now = DateFormat.getDateTimeInstance(DateFormat.MEDIUM, DateFormat.MEDIUM, Locale.UK) .parse("21-Nov-2007 11:49:35"); certificateBuilder.setSubject(subject); certificateBuilder.setAltNames(altNames, true); certificateBuilder.setKeyUsage(keyUsage, true); certificateBuilder.setExtendedKeyUsage(extendedKeyUsage, false); certificateBuilder.setNotBefore(DateUtils.addYears(now, 20)); certificateBuilder.setNotAfter(DateUtils.addYears(now, 30)); certificateBuilder.setPublicKey(publicKey); certificateBuilder.setSerialNumber(serialNumber); certificateBuilder.setSignatureAlgorithm("SHA1WithRSAEncryption"); X509Certificate certificate = certificateBuilder.generateCertificate(caPrivateKey, caCertificate); assertNotNull(certificate); certificates.add(certificate); Certificate[] chain = new Certificate[] { certificate, caCertificate, rootCertificate }; keyStore.setKeyEntry("NotYetValid", privateKey, null, chain); }
From source file:mitm.common.security.certificate.GenerateTestCertificates.java
/** * Generates a certificate without extended key usage * //from w w w . j a v a2s . co m * @throws Exception */ private void generateCertificateNoExtendedKeyUsage() throws Exception { X509CertificateBuilder certificateBuilder = securityFactory.createX509CertificateBuilder(); String encodedPublicKey = "30819f300d06092a864886f70d010101050003818d003081890281810080" + "5fea5eb9bb34314acd0569a985b89bbf79caca577bd186edf7d92be0d1a5" + "200d8b321ec3c5ea31bf71715c1744658f86ab65c4bf4e311179da255427" + "57b88052c4c9f73c7e288e5f2d17bc6624e39f7b53d07b21b7aca38592be" + "291510767ef112d10c9cf0bf39d5f6507a604e6fb128a10abb2bbe09a765" + "4001f93dd93f690203010001"; String encodedPrivateKey = "30820275020100300d06092a864886f70d01010105000482025f3082025b" + "02010002818100805fea5eb9bb34314acd0569a985b89bbf79caca577bd1" + "86edf7d92be0d1a5200d8b321ec3c5ea31bf71715c1744658f86ab65c4bf" + "4e311179da25542757b88052c4c9f73c7e288e5f2d17bc6624e39f7b53d0" + "7b21b7aca38592be291510767ef112d10c9cf0bf39d5f6507a604e6fb128" + "a10abb2bbe09a7654001f93dd93f690203010001028180456896a584b24c" + "f3e1c79c07971aafc7b5ed39d1d11f2718570dcca3c6b853195379512e05" + "17bb1a0eb25d62374a49c7223f05952d022fd18d1a7f5852b541118962de" + "41d5c15725f6ee7a36936883a24f8eb60b740252897779175b86762f5cca" + "37d5f0f2119abf720acebccf2395167bd1d651cb28511e893fec3c9526d9" + "21024100d984779af9de3816e02b90fa274af4e8fc6d8ff07d6a514bdd08" + "7b1de1ab114a89ee3bd2786b4297a816ff80103da18d7e7f2cb6dc654a9c" + "007775855c5cc21502410097161a6840cf62768e6b9756cd71cd7576fcfb" + "e078895c7892f2dae70904a104a6923cfe5273bcb1cec76d032bcf2ca700" + "c8740fe33ffa5e1970df9741e1e105024049fe6c09863277f6202ff1d387" + "0652a5e729062c131dd5a5eefcf194caadbce61461bc6bee96de4264e5dd" + "e89c9dba953d90d98f230e3a01338f6fa4fc3479b9024041152564f95e1c" + "75239e973fae1a32be41f6726ddc9e9735dd5f3e0abde8bf8fe84d207711" + "7f87ae347bd5aac309689bbc0b9d6b66a21db0c156cd0a3438201d024068" + "6d5cbd6457d3cb83eaa111a540b5878129d5e6abc3d219eaa0446d9afc54" + "3a113148957cc1e6c6da5d1a0ddb18af723f01f30fd0241bfe9541a8f691" + "4895e7"; PrivateKey privateKey = decodePrivateKey(encodedPrivateKey); PublicKey publicKey = decodePublicKey(encodedPublicKey); X500PrincipalBuilder subjectBuilder = new X500PrincipalBuilder(); String email = "test@example.com"; subjectBuilder.setCommonName("No extended key usage"); subjectBuilder.setEmail(email); subjectBuilder.setCountryCode("NL"); subjectBuilder.setLocality("Amsterdam"); subjectBuilder.setState("NH"); AltNamesBuilder altNamesBuider = new AltNamesBuilder(); altNamesBuider.setRFC822Names(email); X500Principal subject = subjectBuilder.buildPrincipal(); GeneralNames altNames = altNamesBuider.buildAltNames(); Set<KeyUsageType> keyUsage = new TreeSet<KeyUsageType>(); keyUsage.add(KeyUsageType.DIGITALSIGNATURE); keyUsage.add(KeyUsageType.KEYENCIPHERMENT); keyUsage.add(KeyUsageType.NONREPUDIATION); BigInteger serialNumber = new BigInteger("115fd08d3f0e6159746aea96a50c5d6", 16); Date now = DateFormat.getDateTimeInstance(DateFormat.MEDIUM, DateFormat.MEDIUM, Locale.UK) .parse("21-Nov-2007 11:50:35"); certificateBuilder.setSubject(subject); certificateBuilder.setAltNames(altNames, true); certificateBuilder.setKeyUsage(keyUsage, true); certificateBuilder.setNotBefore(DateUtils.addDays(now, -20)); certificateBuilder.setNotAfter(DateUtils.addYears(now, 20)); certificateBuilder.setPublicKey(publicKey); certificateBuilder.setSerialNumber(serialNumber); certificateBuilder.setSignatureAlgorithm("SHA1WithRSAEncryption"); X509Certificate certificate = certificateBuilder.generateCertificate(caPrivateKey, caCertificate); assertNotNull(certificate); certificates.add(certificate); Certificate[] chain = new Certificate[] { certificate, caCertificate, rootCertificate }; keyStore.setKeyEntry("NoExtendedKeyUsage", privateKey, null, chain); }
From source file:mitm.common.security.certificate.GenerateTestCertificates.java
/** * Generates a certificate without key usage * //from w w w . j a v a 2 s.c om * @throws Exception */ private void generateCertificateNoKeyUsage() throws Exception { X509CertificateBuilder certificateBuilder = securityFactory.createX509CertificateBuilder(); String encodedPublicKey = "30819f300d06092a864886f70d010101050003818d0030818902818100b2" + "0e2afe37e1235b93919e2c30207b3c52547a7ca4b5929d3ac63984b5d951" + "244d6ee103a1cf5fd1e57f67a4becd0cb1be3c5cfe884130c412c46fdc13" + "cb175b51b3d6707130a57063e6e98c92ec5ec274cbb3c53d29be5b02383a" + "ab5f26581a84b2a32e20c84a84d182720737ccd53d7b1331b7db0d816e9c" + "b85927158c288f0203010001"; String encodedPrivateKey = "30820276020100300d06092a864886f70d0101010500048202603082025c" + "02010002818100b20e2afe37e1235b93919e2c30207b3c52547a7ca4b592" + "9d3ac63984b5d951244d6ee103a1cf5fd1e57f67a4becd0cb1be3c5cfe88" + "4130c412c46fdc13cb175b51b3d6707130a57063e6e98c92ec5ec274cbb3" + "c53d29be5b02383aab5f26581a84b2a32e20c84a84d182720737ccd53d7b" + "1331b7db0d816e9cb85927158c288f020301000102818076054e1a138ff7" + "8fcbd0c9b7206f674024923a5e440ed68fc15582eaa45ed799e879864c92" + "0492cede000502fe358c2484a41e3fd8b0dd5219de7b06b557f8b242eb9a" + "0c7650dc8a9d68b20ab32aca5fbff4a01a15a2a3e90930d4040540e695ef" + "90c21fc7383364cb111f509aa559889830a9b3846777a9b8b755152482f8" + "81024100e8dfecea5ee39b456a552eed6c51f917c191dda274edbe2ea550" + "d1360bd531aed9a5e740ab9468fde289dbdb8d8b2cf57eea3317cf0b0a7f" + "89e6b8b17e6d2b7d024100c3bca3e3b3457ac7280902a3d5ab4a2a7f6f34" + "6f37e4e9f233d4498f336aea8169c2cccd702880e58432e43bbae9301283" + "093519c9a888bf744f3c3fb191a9fb0240361eec919f91e8211ed04342bc" + "7ce49627cf7da1e6e8e5dd33606feece9b329bbf4b764e2a52288070a8b7" + "66f42357448ac565307056d18ec87ecd87baa926850240130977cf1f9274" + "5c86524a05713495a4087ce256a6d306c5ddb099eee98b4e7f83afc4877e" + "8f11ea40af4a6f5cc06d427fa81798087af1c1dd280fae0a31269d024100" + "98982a55da07b7d2ed807e3f960265180ae755edd5cb8df393c7dfdc70ec" + "db9ce973f9aa9f14834c6bf92f9e36de5163b5e27a998a0935645f2f4ec2" + "d3e685c7"; PrivateKey privateKey = decodePrivateKey(encodedPrivateKey); PublicKey publicKey = decodePublicKey(encodedPublicKey); X500PrincipalBuilder subjectBuilder = new X500PrincipalBuilder(); String email = "test@example.com"; subjectBuilder.setCommonName("No key usage"); subjectBuilder.setEmail(email); subjectBuilder.setCountryCode("NL"); subjectBuilder.setLocality("Amsterdam"); subjectBuilder.setState("NH"); AltNamesBuilder altNamesBuider = new AltNamesBuilder(); altNamesBuider.setRFC822Names(email); X500Principal subject = subjectBuilder.buildPrincipal(); GeneralNames altNames = altNamesBuider.buildAltNames(); Set<ExtendedKeyUsageType> extendedKeyUsage = new TreeSet<ExtendedKeyUsageType>(); extendedKeyUsage.add(ExtendedKeyUsageType.CLIENTAUTH); extendedKeyUsage.add(ExtendedKeyUsageType.EMAILPROTECTION); BigInteger serialNumber = new BigInteger("115fd0bd417e7a6f347eeacb7ff3f38", 16); Date now = DateFormat.getDateTimeInstance(DateFormat.MEDIUM, DateFormat.MEDIUM, Locale.UK) .parse("21-Nov-2007 11:51:35"); certificateBuilder.setSubject(subject); certificateBuilder.setAltNames(altNames, true); certificateBuilder.setExtendedKeyUsage(extendedKeyUsage, false); certificateBuilder.setNotBefore(DateUtils.addDays(now, -20)); certificateBuilder.setNotAfter(DateUtils.addYears(now, 20)); certificateBuilder.setPublicKey(publicKey); certificateBuilder.setSerialNumber(serialNumber); certificateBuilder.setSignatureAlgorithm("SHA1WithRSAEncryption"); X509Certificate certificate = certificateBuilder.generateCertificate(caPrivateKey, caCertificate); assertNotNull(certificate); certificates.add(certificate); Certificate[] chain = new Certificate[] { certificate, caCertificate, rootCertificate }; keyStore.setKeyEntry("NoKeyUsage", privateKey, null, chain); }
From source file:mitm.common.security.certificate.GenerateTestCertificates.java
/** * Generates a certificate without a CN//from w ww . j av a2s .c o m * * @throws Exception */ private void generateCertificateNoCN() throws Exception { X509CertificateBuilder certificateBuilder = securityFactory.createX509CertificateBuilder(); String encodedPublicKey = "30819f300d06092a864886f70d010101050003818d00308189028181008c" + "853445a83b7993183d8ed24a1eb8448bde884755c51341a20168343d2a9b" + "ab59477e643a5717e5bbea935dac51caa3a3fbff89059be9d6bf6af8d739" + "5bde8c8c45f89aeb4530805387f3402491defcd523031f2ef7085c63db71" + "bfe9e25378929f5b3c0b53e0e073e5ed7321de1ed6564e387250cef278dd" + "15a7727824620f0203010001"; String encodedPrivateKey = "30820275020100300d06092a864886f70d01010105000482025f3082025b" + "020100028181008c853445a83b7993183d8ed24a1eb8448bde884755c513" + "41a20168343d2a9bab59477e643a5717e5bbea935dac51caa3a3fbff8905" + "9be9d6bf6af8d7395bde8c8c45f89aeb4530805387f3402491defcd52303" + "1f2ef7085c63db71bfe9e25378929f5b3c0b53e0e073e5ed7321de1ed656" + "4e387250cef278dd15a7727824620f02030100010281806efedcde54d7bd" + "dd71dd560e479be263cab3d9a3b75d372bb5c334c366b95c4349ff4e17ef" + "795218168a612331f55d824b0ac7bb3d21fde0b24cd60873775cdf2db306" + "a899f7733d36c11064b76efab7c1b9ab8a897737a5d0b4f05378a033ff71" + "a150ed772f1cdbba4cbf8d41025081c960072c07c1f62d7f20a76b6d549f" + "61024100cad28338a54224d1a56c32c9f1ad7e0f721e7059dd1bb0310d2b" + "04ecc900f57b8f58d773f908a8870ba8676b4363c6087fc44f516d21c9c7" + "ea761e07ac77363f024100b15cf740a7162c3bc998fbf57c2d5335e4426d" + "5085ed295a432084c1f4311da996a8d40768d3e064e2615e0b2660faf023" + "86ed0cbce55a1b4ef0aa6583ed003102402ea29ad3828423ed24892d606b" + "b6859ecd919c29bd82694fce044f3c96b726bac36a1d182871ca364b02ec" + "cca8111feec25a0416e7edf5f486bfa40605acdf87024064abff0fec8732" + "5e51448ba7406fbdae763c9a2dbd86eb14f7cb2a6fa8ba843ab1706cc133" + "e827933bc7c6888fa5366a3dd0251738d4f9fb4c28609fb46d3ed1024007" + "49ec34b3aa1be30efcc2bc5a18b7ed51ed7b670b9a215c05725ea5dea6da" + "6a71aa14e33ab2c8c5d05f4d8e33ed09e83b1df5cdeaf73571f87e67a412" + "864bde"; PrivateKey privateKey = decodePrivateKey(encodedPrivateKey); PublicKey publicKey = decodePublicKey(encodedPublicKey); X500PrincipalBuilder subjectBuilder = new X500PrincipalBuilder(); String email = "test@example.com"; subjectBuilder.setEmail(email); subjectBuilder.setCountryCode("NL"); subjectBuilder.setLocality("Amsterdam"); subjectBuilder.setState("NH"); AltNamesBuilder altNamesBuider = new AltNamesBuilder(); altNamesBuider.setRFC822Names(email); X500Principal subject = subjectBuilder.buildPrincipal(); GeneralNames altNames = altNamesBuider.buildAltNames(); Set<KeyUsageType> keyUsage = new TreeSet<KeyUsageType>(); keyUsage.add(KeyUsageType.DIGITALSIGNATURE); keyUsage.add(KeyUsageType.KEYENCIPHERMENT); keyUsage.add(KeyUsageType.NONREPUDIATION); Set<ExtendedKeyUsageType> extendedKeyUsage = new TreeSet<ExtendedKeyUsageType>(); extendedKeyUsage.add(ExtendedKeyUsageType.CLIENTAUTH); extendedKeyUsage.add(ExtendedKeyUsageType.EMAILPROTECTION); BigInteger serialNumber = new BigInteger("115fd0e5ee990d9426c93dea720e970", 16); Date now = DateFormat.getDateTimeInstance(DateFormat.MEDIUM, DateFormat.MEDIUM, Locale.UK) .parse("21-Nov-2007 11:52:35"); certificateBuilder.setSubject(subject); certificateBuilder.setAltNames(altNames, true); certificateBuilder.setKeyUsage(keyUsage, true); certificateBuilder.setExtendedKeyUsage(extendedKeyUsage, false); certificateBuilder.setNotBefore(DateUtils.addDays(now, -20)); certificateBuilder.setNotAfter(DateUtils.addYears(now, 20)); certificateBuilder.setPublicKey(publicKey); certificateBuilder.setSerialNumber(serialNumber); certificateBuilder.setSignatureAlgorithm("SHA1WithRSAEncryption"); X509Certificate certificate = certificateBuilder.generateCertificate(caPrivateKey, caCertificate); assertNotNull(certificate); certificates.add(certificate); Certificate[] chain = new Certificate[] { certificate, caCertificate, rootCertificate }; keyStore.setKeyEntry("NoCN", privateKey, null, chain); }