List of usage examples for org.bouncycastle.asn1.x509 CRLReason PRIVILEGE_WITHDRAWN
int PRIVILEGE_WITHDRAWN
To view the source code for org.bouncycastle.asn1.x509 CRLReason PRIVILEGE_WITHDRAWN.
Click Source Link
From source file:gov.nih.nci.cabig.ctms.acegi.grid.authentication.GridProxyValidatorTest.java
License:BSD License
public void testValidate() { try {/* w ww. ja v a2 s . c om*/ // Create directory structure File trustedCertsDir = new File("test/temp/certs"); trustedCertsDir.mkdirs(); File crlsDir = new File("test/temp/certs"); crlsDir.mkdirs(); // Create a CA cert File certFile = new File(trustedCertsDir.getAbsolutePath() + "/testCA.0"); String caDN = "O=test,OU=test,CN=testCA"; KeyPair caPair = KeyUtil.generateRSAKeyPair1024(); GregorianCalendar date = new GregorianCalendar(TimeZone.getTimeZone("GMT")); date.add(Calendar.MINUTE, -5); Date start = new Date(date.getTimeInMillis()); date.add(Calendar.MINUTE, 5); date.add(Calendar.DAY_OF_MONTH, 5); Date end = new Date(date.getTimeInMillis()); X509Certificate caCert = CertUtil.generateCACertificate(new X509Name(caDN), start, end, caPair); // Write to trusted certs dir CertUtil.writeCertificate(caCert, certFile); // Create an end cert String userSubj = "CN=testUser"; KeyPair userPair = KeyUtil.generateRSAKeyPair1024(); PKCS10CertificationRequest request = CertUtil.generateCertficateRequest(userSubj, userPair); date = new GregorianCalendar(TimeZone.getTimeZone("GMT")); start = new Date(date.getTimeInMillis()); date.add(Calendar.DAY_OF_MONTH, 4); end = new Date(date.getTimeInMillis()); X509Certificate userCert = CertUtil.signCertificateRequest(request, start, end, caCert, caPair.getPrivate(), null); // Create proxy KeyPair proxyPair = KeyUtil.generateRSAKeyPair512(); X509Certificate[] proxyChain = ProxyCreator.createImpersonationProxyCertificate(userCert, userPair.getPrivate(), proxyPair.getPublic(), 12, 0, 0); GlobusCredential proxy = new GlobusCredential(proxyPair.getPrivate(), proxyChain); ByteArrayOutputStream buf = new ByteArrayOutputStream(); proxy.save(buf); String proxyStr = buf.toString(); GridProxyValidatorImpl validator = new GridProxyValidatorImpl(); validator.setTrustedCertsLocations(trustedCertsDir.getAbsolutePath()); validator.setCrlLocations(crlsDir.getAbsolutePath()); assertTrue("Proxy should be valid", validator.validate(proxyStr)); // Create CRL File crlFile = new File(crlsDir.getAbsolutePath() + "/testCRL.r1"); CRLEntry[] crlEntries = new CRLEntry[] { new CRLEntry(userCert.getSerialNumber(), CRLReason.PRIVILEGE_WITHDRAWN) }; X509CRL crl = CertUtil.createCRL(caCert, caPair.getPrivate(), crlEntries, caCert.getNotAfter()); CertUtil.writeCRL(crl, crlFile); assertTrue("Proxy should NOT be valid", !validator.validate(proxyStr)); certFile.delete(); crlFile.delete(); } catch (Exception ex) { ex.printStackTrace(); fail("Error encountered: " + ex.getMessage()); } }