List of usage examples for org.bouncycastle.asn1.x509 Certificate getEndDate
public Time getEndDate()
From source file:info.webid.ssl.keygen.bouncy.CertificateServiceTest.java
License:BSD License
/** * test the creation of an spkac certificate * * @throws Exception//from ww w .j a va 2 s . c om */ public void testSpkac() throws Exception { BouncyKeygenService srvc = new BouncyKeygenService(); srvc.initialize(); Certificate cert = srvc.createFromSpkac(spkac); PubKey spk = cert.getSubjectPublicKey(); assertNotNull(spk); assertTrue(spk instanceof RSAPubKey); assertEquals("the expected and real values don't match", "c16c47a74f601f081e73df17da1c729f194094df487a24aeed3d424abcb8\r\n" + "b8c3c292e8e47294e0d27ee87e11ef91efe4c25bfd4292bf2a8e207104c8\r\n" + "9d6bb74a5e6171174fd4abd14eaf957723e9d105134ad96b8b7b9831970e\r\n" + "0b9c9716a005572c115af403b4160c62daa929ccaf691a4a2910be969593\r\n" + "2236ef39281fcb85\r\n", ((RSAPubKey) spk).getHexModulus()); assertEquals("int exponent is not correct", "65537", ((RSAPubKey) spk).getIntExponent()); Date now = new Date(); cert.addDurationInDays("3"); cert.setSubjectCommonName("Test"); cert.setSubjectWebID(WEBID); CertSerialisation certByte = cert.getSerialisation(); //test that the returned certificate contains the correct values... Date endDate = cert.getEndDate(); assertTrue("end date is too early (we added 10 seconds)", endDate.getTime() < (now.getTime() + (3 * 24 * 60 * 60 * SECOND) + (10 * SECOND))); assertTrue("end date is too late (we removed 10 seconds)", endDate.getTime() > (now.getTime() + (3 * 24 * 60 * 60 * SECOND) - (10 * SECOND))); ByteArrayOutputStream bout = new ByteArrayOutputStream(certByte.getLength()); certByte.writeTo(bout); CertificateFactory cf = CertificateFactory.getInstance("X.509"); X509Certificate x509 = (X509Certificate) cf .generateCertificate(new ByteArrayInputStream(bout.toByteArray())); Collection<List<?>> sanlst = x509.getSubjectAlternativeNames(); assertNotNull(sanlst); assertEquals("only one SAN", 1, sanlst.size()); List<?> next = sanlst.iterator().next(); assertEquals("Uniform Resource identifiers is nbr 6", next.get(0), 6); assertEquals("testing WebId", next.get(1), WEBID); Date notAfter = x509.getNotAfter(); assertTrue("end date is too early (we added 10 seconds)", notAfter.getTime() < (now.getTime() + (3 * 24 * HOUR) + (10 * SECOND))); assertTrue("end date is too late (we removed 10 seconds)", notAfter.getTime() > (now.getTime() + (3 * 24 * HOUR) - (10 * SECOND))); System.out.println("not after=" + notAfter); Date notbefore = x509.getNotBefore(); assertTrue("start date is too early (we added 10 seconds)", notbefore.getTime() < (now.getTime() + (10 * SECOND))); assertTrue("start date is too late (we removed 10 seconds)", notbefore.getTime() > (now.getTime() - (10 * SECOND))); System.out.println("not before=" + notbefore); }
From source file:info.webid.ssl.keygen.bouncy.CertificateServiceTest.java
License:BSD License
/** * test the creation of an spkac certificate * * @throws Exception/*from w w w . ja v a2 s . c om*/ */ public void testSpkacOneYear() throws Exception { BouncyKeygenService srvc = new BouncyKeygenService(); srvc.initialize(); Certificate cert = srvc.createFromSpkac(spkac); PubKey spk = cert.getSubjectPublicKey(); assertNotNull(spk); assertTrue(spk instanceof RSAPubKey); assertEquals("the expected and real values don't match", "c16c47a74f601f081e73df17da1c729f194094df487a24aeed3d424abcb8\r\n" + "b8c3c292e8e47294e0d27ee87e11ef91efe4c25bfd4292bf2a8e207104c8\r\n" + "9d6bb74a5e6171174fd4abd14eaf957723e9d105134ad96b8b7b9831970e\r\n" + "0b9c9716a005572c115af403b4160c62daa929ccaf691a4a2910be969593\r\n" + "2236ef39281fcb85\r\n", ((RSAPubKey) spk).getHexModulus()); assertEquals("int exponent is not correct", "65537", ((RSAPubKey) spk).getIntExponent()); Date now = new Date(); cert.setSubjectCommonName("Test"); cert.setSubjectWebID(WEBID); cert.startEarlier("2"); CertSerialisation certByte = cert.getSerialisation(); //test that the returned certificate contains the correct values... Date endDate = cert.getEndDate(); long end10 = now.getTime() + YEAR + (10 * SECOND); assertTrue("end date (" + endDate + ") is too late . It should be before " + new Date(end10) + " - we added 10 seconds .", endDate.getTime() < end10); end10 = now.getTime() + YEAR - (10 * SECOND); assertTrue("end date (" + endDate + ") is too early. It should be after " + new Date(end10) + " - we removed 10 seconds .", endDate.getTime() > end10); Date startDate = cert.getStartDate(); long start10 = now.getTime() - (2 * HOUR) - (10 * SECOND); assertTrue("start date (" + startDate + ") is too early. It should be after " + new Date(start10) + "- we removed 2 hours and 10 seconds.", startDate.getTime() > start10); assertTrue( "start date (" + startDate + ") is too late It should be after " + new Date(start10) + "- we removed 10 secondes short of 2 hours.", startDate.getTime() < (now.getTime() - (2 * HOUR) + (10 * SECOND))); ByteArrayOutputStream bout = new ByteArrayOutputStream(certByte.getLength()); certByte.writeTo(bout); CertificateFactory cf = CertificateFactory.getInstance("X.509"); X509Certificate x509 = (X509Certificate) cf .generateCertificate(new ByteArrayInputStream(bout.toByteArray())); Collection<List<?>> sanlst = x509.getSubjectAlternativeNames(); assertNotNull(sanlst); assertEquals("only one SAN", 1, sanlst.size()); List<?> next = sanlst.iterator().next(); assertEquals("Uniform Resource identifiers is nbr 6", next.get(0), 6); assertEquals("testing WebId", next.get(1), WEBID); Date notAfter = x509.getNotAfter(); assertTrue("end date is too early (we added 10 seconds)", notAfter.getTime() < (now.getTime() + YEAR + (10 * SECOND))); assertTrue("end date is too late (we removed 10 seconds)", notAfter.getTime() > (now.getTime() + YEAR - (10 * SECOND))); System.out.println("not after=" + notAfter); Date notbefore = x509.getNotBefore(); end10 = now.getTime() - (2 * HOUR) - (10 * SECOND); assertTrue("NotBefore date of cert (" + notbefore + ") should be after " + new Date(end10) + "( ie, now less 2 hours and 10 sec )", notbefore.getTime() > end10); end10 = (now.getTime() - (2 * HOUR) + (10 * SECOND)); assertTrue("NotBefore date of cert (" + notbefore + ") should be before " + new Date(end10) + "( ie, now less 2 hours less 10 sec )", notbefore.getTime() < end10); System.out.println("not before=" + notbefore); }
From source file:net.wstech2.me.httpsclient.CertificateValidatorUtils.java
License:Apache License
/** * /*from w w w. ja v a 2 s.c o m*/ * Prints common certificate informations like signature, signature * algorithm, subject and issuer details, etc. * * @param cert * The X509CertificateStructure containing the information that * will be printed. * */ public static void printCertificateDetails(org.bouncycastle.asn1.x509.Certificate cert) { HttpsConnectionUtils.logDebug( "BEGIN CERTIFICATE DUMP FOR:[[" + CertificateValidatorUtils.extractCommonName(cert, true) + "]]"); HttpsConnectionUtils.logDebug("Certificate Signature:[[" + cert.getSignature().toString() + "]]"); HttpsConnectionUtils.logDebug( "Certificate Signature Algorithm OID:[[" + cert.getSignatureAlgorithm().getAlgorithm() + "]]"); HttpsConnectionUtils.logDebug("Certificate Subject Info:[[" + cert.getSubject().toString() + "]]"); HttpsConnectionUtils .logDebug("Certificate Subject common name (CN):[[" + extractCommonName(cert, false) + "]]"); HttpsConnectionUtils .logDebug("Certificate Subject short common name (CN):[[" + extractCommonName(cert, true) + "]]"); HttpsConnectionUtils.logDebug("Certificate Issuer Info:[[" + cert.getIssuer() + "]]"); HttpsConnectionUtils.logDebug("Certificate Start Date:[[" + cert.getStartDate().getTime() + "]]"); HttpsConnectionUtils.logDebug("Certificate End Date:[[" + cert.getEndDate().getTime() + "]]"); HttpsConnectionUtils.logDebug("Certificate ASN.1 Dump:[[" + ASN1Dump.dumpAsString(cert, true) + "]]"); HttpsConnectionUtils.logDebug( "END CERTIFICATE DUMP FOR:[[" + CertificateValidatorUtils.extractCommonName(cert, true) + "]]"); }
From source file:org.codice.ddf.security.ocsp.checker.OcspCheckerTest.java
License:Open Source License
@Test public void testConvertingX509CertificatesToBcCertificates() throws Exception { OcspChecker ocspChecker = new OcspChecker(factory, eventAdmin); Certificate certificate = ocspChecker.convertToBouncyCastleCert(trustedCertX509); assertThat(certificate, is(notNullValue())); assertThat(trustedCertX509.getSerialNumber(), equalTo(certificate.getSerialNumber().getValue())); assertThat(trustedCertX509.getNotAfter(), equalTo(certificate.getEndDate().getDate())); assertThat(trustedCertX509.getNotBefore(), equalTo(certificate.getStartDate().getDate())); X500Principal subjectX500Principal = trustedCertX509.getSubjectX500Principal(); X500Name x500name = new X500Name(subjectX500Principal.getName(X500Principal.RFC1779)); assertThat(x500name, equalTo(certificate.getSubject())); }
From source file:org.xipki.commons.security.shell.CertInfoCmd.java
License:Open Source License
@Override protected Object doExecute() throws Exception { Certificate cert = Certificate.getInstance(IoUtil.read(inFile)); if (serial != null && serial) { return getNumber(cert.getSerialNumber().getPositiveValue()); } else if (subject != null && subject) { return cert.getSubject().toString(); } else if (issuer != null && issuer) { return cert.getIssuer().toString(); } else if (notBefore != null && notBefore) { return toUtcTimeyyyyMMddhhmmssZ(cert.getStartDate().getDate()); } else if (notAfter != null && notAfter) { return toUtcTimeyyyyMMddhhmmssZ(cert.getEndDate().getDate()); } else if (fingerprint != null && fingerprint) { byte[] encoded = cert.getEncoded(); return HashAlgoType.getHashAlgoType(hashAlgo).hexHash(encoded); }//from w w w . j a v a2 s . c o m return null; }