List of usage examples for org.bouncycastle.jce.provider BouncyCastleProvider getPublicKey
public static PublicKey getPublicKey(SubjectPublicKeyInfo publicKeyInfo) throws IOException
From source file:ca.trustpoint.m2m.ecqv.EcqvProvider.java
License:Apache License
/** * Reconstruct the public key from the implicit certificate and the CA's public key * * @param identifyingInfo the identity portion of the implicit certificate * @param reconstructionPoint the reconstruction point for the implicit certificate * @param qCa the CA's public key/*from w w w . j a v a 2 s.c o m*/ * * @return the public key reconstructed from the implicit certificate * * @throws IOException errors in provided data */ public PublicKey reconstructPublicKey(byte[] identifyingInfo, byte[] reconstructionPoint, PublicKey qCa) throws IOException { // Reconstruct the point Pu from the reconstruction point ECPoint rPoint = ((BCECPublicKey) BouncyCastleProvider .getPublicKey(new SubjectPublicKeyInfo(algorithmId, reconstructionPoint))).getQ(); BigInteger n = curveParameters.getN(); // curve point order ECPoint caPoint = ((BCECPublicKey) qCa).getQ(); // Massage caPublicKey bytes into ECPoint // Calculate H(Certu) for (byte b : identifyingInfo) { digest.update(b); } for (byte b : reconstructionPoint) { digest.update(b); } // Hash the implicit certificate Certu and compute the integer e from H(Certu) BigInteger e = calculateE(n, digest.digest()).mod(n); // compute the point Qu = ePu + Qca SubjectPublicKeyInfo publicKeyInfo = new SubjectPublicKeyInfo(algorithmId, rPoint.multiply(e).add(caPoint).getEncoded(false)); return BouncyCastleProvider.getPublicKey(publicKeyInfo); }
From source file:ca.trustpoint.m2m.M2mCertificateTest.java
License:Apache License
/** * Test method for {@link ca.trustpoint.m2m.M2mCertificate#setPublicKey(byte[])}. *//* ww w.j a v a 2 s .co m*/ @Test public void testSetPublicKey() throws Exception { M2mCertificate cert = new M2mCertificate(); X962Parameters params = new X962Parameters(X9ObjectIdentifiers.prime256v1); AlgorithmIdentifier algId = new AlgorithmIdentifier(X9ObjectIdentifiers.id_ecPublicKey, params.toASN1Primitive()); SubjectPublicKeyInfo info = new SubjectPublicKeyInfo(algId, Hex.decode("029e3073ff1d303346fd486db4012e6d822fd11216bf1198d51b090e4447078c51")); PublicKey expectedValue = BouncyCastleProvider.getPublicKey(info); cert.setPublicKey(expectedValue); assertEquals(0, cert.getVersion()); assertNull(cert.getSerialNumber()); assertNull(cert.getCaKeyDefinition()); assertNull(cert.getIssuer()); assertNull(cert.getValidFrom()); assertNull(cert.getValidDuration()); assertNull(cert.getSubject()); assertNull(cert.getPublicKeyDefinition()); assertEquals(expectedValue, cert.getPublicKey()); assertNull(cert.getAuthorityKeyIdentifier()); assertNull(cert.getSubjectKeyIdentifier()); assertNull(cert.getKeyUsage()); assertNull(cert.getBasicConstraints()); assertNull(cert.getCertificatePolicy()); assertNull(cert.getSubjectAlternativeName()); assertNull(cert.getIssuerAlternativeName()); assertNull(cert.getExtendedKeyUsage()); assertNull(cert.getAuthenticationInfoAccessOcsp()); assertNull(cert.getCrlDistributionPointUri()); assertTrue(cert.getCriticalExtensionOIDs().isEmpty()); assertTrue(cert.getNonCriticalExtensionOIDs().isEmpty()); assertNull(cert.getCaCalcValue()); cert.setPublicKey(null); assertEquals(0, cert.getVersion()); assertNull(cert.getSerialNumber()); assertNull(cert.getCaKeyDefinition()); assertNull(cert.getIssuer()); assertNull(cert.getValidFrom()); assertNull(cert.getValidDuration()); assertNull(cert.getSubject()); assertNull(cert.getPublicKeyDefinition()); assertNull(cert.getPublicKey()); assertNull(cert.getAuthorityKeyIdentifier()); assertNull(cert.getSubjectKeyIdentifier()); assertNull(cert.getKeyUsage()); assertNull(cert.getBasicConstraints()); assertNull(cert.getCertificatePolicy()); assertNull(cert.getSubjectAlternativeName()); assertNull(cert.getIssuerAlternativeName()); assertNull(cert.getExtendedKeyUsage()); assertNull(cert.getAuthenticationInfoAccessOcsp()); assertNull(cert.getCrlDistributionPointUri()); assertTrue(cert.getCriticalExtensionOIDs().isEmpty()); assertTrue(cert.getNonCriticalExtensionOIDs().isEmpty()); assertNull(cert.getCaCalcValue()); }
From source file:ca.trustpoint.m2m.M2mCertificateTest.java
License:Apache License
/** * Test method for {@link ca.trustpoint.m2m.M2mCertificate#getTBSCertificate()}. *//* w ww . j a va 2 s .com*/ @Test public void testGetTBSCertificate() throws Exception { boolean exceptionThrown = false; M2mCertificate certificate = new M2mCertificate(); try { certificate.getTBSCertificate(); } catch (IOException ex) { exceptionThrown = true; } assertTrue(exceptionThrown); EntityName subject = new EntityName(); subject.addAttribute(new EntityNameAttribute(EntityNameAttributeId.CommonName, "M2M Library Testing")); subject.addAttribute(new EntityNameAttribute(EntityNameAttributeId.Locality, "Waterloo")); subject.addAttribute(new EntityNameAttribute(EntityNameAttributeId.StateOrProvince, "ON")); subject.addAttribute(new EntityNameAttribute(EntityNameAttributeId.Country, "CA")); byte[] expectedEncoding = new byte[] { 0x30, 0x32, (byte) 0x81, 0x07, 0x00, 0x73, 0x68, (byte) 0xA3, (byte) 0xDC, 0x6E, 0x4F, (byte) 0xA7, 0x27, (byte) 0x86, 0x13, 0x4D, 0x32, 0x4D, 0x20, 0x4C, 0x69, 0x62, 0x72, 0x61, 0x72, 0x79, 0x20, 0x54, 0x65, 0x73, 0x74, 0x69, 0x6E, 0x67, (byte) 0x85, 0x08, 0x57, 0x61, 0x74, 0x65, 0x72, 0x6C, 0x6F, 0x6F, (byte) 0x84, 0x02, 0x4F, 0x4E, (byte) 0x80, 0x02, 0x43, 0x41 }; certificate.setSerialNumber(Hex.decode("007368a3dc6e4f")); certificate.setSubject(subject); assertArrayEquals(expectedEncoding, certificate.getTBSCertificate()); KeyAlgorithmDefinition caKeyDefinition = new KeyAlgorithmDefinition(); caKeyDefinition.setAlgorithm(M2mSignatureAlgorithmOids.ECDSA_SHA256_SECP256R1); expectedEncoding = new byte[] { 0x30, 0x39, (byte) 0x81, 0x07, 0x00, 0x73, 0x68, (byte) 0xA3, (byte) 0xDC, 0x6E, 0x4F, (byte) 0x82, 0x05, 0x2B, (byte) 0x81, 0x3A, 0x01, 0x09, (byte) 0xA7, 0x27, (byte) 0x86, 0x13, 0x4D, 0x32, 0x4D, 0x20, 0x4C, 0x69, 0x62, 0x72, 0x61, 0x72, 0x79, 0x20, 0x54, 0x65, 0x73, 0x74, 0x69, 0x6E, 0x67, (byte) 0x85, 0x08, 0x57, 0x61, 0x74, 0x65, 0x72, 0x6C, 0x6F, 0x6F, (byte) 0x84, 0x02, 0x4F, 0x4E, (byte) 0x80, 0x02, 0x43, 0x41 }; certificate.setCaKeyDefinition(caKeyDefinition); assertArrayEquals(expectedEncoding, certificate.getTBSCertificate()); caKeyDefinition.setParameters(Hex.decode("018d56aab63fc2b7")); expectedEncoding = new byte[] { 0x30, 0x43, (byte) 0x81, 0x07, 0x00, 0x73, 0x68, (byte) 0xA3, (byte) 0xDC, 0x6E, 0x4F, (byte) 0x82, 0x05, 0x2B, (byte) 0x81, 0x3A, 0x01, 0x09, (byte) 0x83, 0x08, 0x01, (byte) 0x8D, 0x56, (byte) 0xAA, (byte) 0xB6, 0x3F, (byte) 0xC2, (byte) 0xB7, (byte) 0xA7, 0x27, (byte) 0x86, 0x13, 0x4D, 0x32, 0x4D, 0x20, 0x4C, 0x69, 0x62, 0x72, 0x61, 0x72, 0x79, 0x20, 0x54, 0x65, 0x73, 0x74, 0x69, 0x6E, 0x67, (byte) 0x85, 0x08, 0x57, 0x61, 0x74, 0x65, 0x72, 0x6C, 0x6F, 0x6F, (byte) 0x84, 0x02, 0x4F, 0x4E, (byte) 0x80, 0x02, 0x43, 0x41 }; certificate.setCaKeyDefinition(caKeyDefinition); assertArrayEquals(expectedEncoding, certificate.getTBSCertificate()); EntityName issuer = new EntityName(); issuer.addAttribute(new EntityNameAttribute(EntityNameAttributeId.CommonName, "Test Issuer")); issuer.addAttribute(new EntityNameAttribute(EntityNameAttributeId.Organization, "TrustPoint Innovation")); expectedEncoding = new byte[] { 0x30, 0x69, (byte) 0x81, 0x07, 0x00, 0x73, 0x68, (byte) 0xA3, (byte) 0xDC, 0x6E, 0x4F, (byte) 0x82, 0x05, 0x2B, (byte) 0x81, 0x3A, 0x01, 0x09, (byte) 0x83, 0x08, 0x01, (byte) 0x8D, 0x56, (byte) 0xAA, (byte) 0xB6, 0x3F, (byte) 0xC2, (byte) 0xB7, (byte) 0xA4, 0x24, (byte) 0x86, 0x0B, 0x54, 0x65, 0x73, 0x74, 0x20, 0x49, 0x73, 0x73, 0x75, 0x65, 0x72, (byte) 0x81, 0x15, 0x54, 0x72, 0x75, 0x73, 0x74, 0x50, 0x6F, 0x69, 0x6E, 0x74, 0x20, 0x49, 0x6E, 0x6E, 0x6F, 0x76, 0x61, 0x74, 0x69, 0x6F, 0x6E, (byte) 0xA7, 0x27, (byte) 0x86, 0x13, 0x4D, 0x32, 0x4D, 0x20, 0x4C, 0x69, 0x62, 0x72, 0x61, 0x72, 0x79, 0x20, 0x54, 0x65, 0x73, 0x74, 0x69, 0x6E, 0x67, (byte) 0x85, 0x08, 0x57, 0x61, 0x74, 0x65, 0x72, 0x6C, 0x6F, 0x6F, (byte) 0x84, 0x02, 0x4F, 0x4E, (byte) 0x80, 0x02, 0x43, 0x41 }; certificate.setIssuer(issuer); assertArrayEquals(expectedEncoding, certificate.getTBSCertificate()); Calendar validFromDate = new GregorianCalendar(TimeZone.getTimeZone("UTC")); validFromDate.set(2000, 0, 1, 0, 0, 0); validFromDate.set(Calendar.MILLISECOND, 0); Date validFrom = validFromDate.getTime(); expectedEncoding = new byte[] { 0x30, 0x6F, (byte) 0x81, 0x07, 0x00, 0x73, 0x68, (byte) 0xA3, (byte) 0xDC, 0x6E, 0x4F, (byte) 0x82, 0x05, 0x2B, (byte) 0x81, 0x3A, 0x01, 0x09, (byte) 0x83, 0x08, 0x01, (byte) 0x8D, 0x56, (byte) 0xAA, (byte) 0xB6, 0x3F, (byte) 0xC2, (byte) 0xB7, (byte) 0xA4, 0x24, (byte) 0x86, 0x0B, 0x54, 0x65, 0x73, 0x74, 0x20, 0x49, 0x73, 0x73, 0x75, 0x65, 0x72, (byte) 0x81, 0x15, 0x54, 0x72, 0x75, 0x73, 0x74, 0x50, 0x6F, 0x69, 0x6E, 0x74, 0x20, 0x49, 0x6E, 0x6E, 0x6F, 0x76, 0x61, 0x74, 0x69, 0x6F, 0x6E, (byte) 0x85, 0x04, 0x38, 0x6D, 0x43, (byte) 0x80, (byte) 0xA7, 0x27, (byte) 0x86, 0x13, 0x4D, 0x32, 0x4D, 0x20, 0x4C, 0x69, 0x62, 0x72, 0x61, 0x72, 0x79, 0x20, 0x54, 0x65, 0x73, 0x74, 0x69, 0x6E, 0x67, (byte) 0x85, 0x08, 0x57, 0x61, 0x74, 0x65, 0x72, 0x6C, 0x6F, 0x6F, (byte) 0x84, 0x02, 0x4F, 0x4E, (byte) 0x80, 0x02, 0x43, 0x41 }; certificate.setValidFrom(validFrom); assertArrayEquals(expectedEncoding, certificate.getTBSCertificate()); expectedEncoding = new byte[] { 0x30, 0x75, (byte) 0x81, 0x07, 0x00, 0x73, 0x68, (byte) 0xA3, (byte) 0xDC, 0x6E, 0x4F, (byte) 0x82, 0x05, 0x2B, (byte) 0x81, 0x3A, 0x01, 0x09, (byte) 0x83, 0x08, 0x01, (byte) 0x8D, 0x56, (byte) 0xAA, (byte) 0xB6, 0x3F, (byte) 0xC2, (byte) 0xB7, (byte) 0xA4, 0x24, (byte) 0x86, 0x0B, 0x54, 0x65, 0x73, 0x74, 0x20, 0x49, 0x73, 0x73, 0x75, 0x65, 0x72, (byte) 0x81, 0x15, 0x54, 0x72, 0x75, 0x73, 0x74, 0x50, 0x6F, 0x69, 0x6E, 0x74, 0x20, 0x49, 0x6E, 0x6E, 0x6F, 0x76, 0x61, 0x74, 0x69, 0x6F, 0x6E, (byte) 0x85, 0x04, 0x38, 0x6D, 0x43, (byte) 0x80, (byte) 0x86, 0x04, 0x01, (byte) 0xE1, 0x33, (byte) 0x80, (byte) 0xA7, 0x27, (byte) 0x86, 0x13, 0x4D, 0x32, 0x4D, 0x20, 0x4C, 0x69, 0x62, 0x72, 0x61, 0x72, 0x79, 0x20, 0x54, 0x65, 0x73, 0x74, 0x69, 0x6E, 0x67, (byte) 0x85, 0x08, 0x57, 0x61, 0x74, 0x65, 0x72, 0x6C, 0x6F, 0x6F, (byte) 0x84, 0x02, 0x4F, 0x4E, (byte) 0x80, 0x02, 0x43, 0x41 }; certificate.setValidDuration(31536000); // One year in seconds. (365 * 24 * 60 * 60) assertArrayEquals(expectedEncoding, certificate.getTBSCertificate()); KeyAlgorithmDefinition publicKeyDefinition = new KeyAlgorithmDefinition(); publicKeyDefinition.setAlgorithm(M2mSignatureAlgorithmOids.ECQV_SHA256_SECP256R1); expectedEncoding = new byte[] { 0x30, 0x7C, (byte) 0x81, 0x07, 0x00, 0x73, 0x68, (byte) 0xA3, (byte) 0xDC, 0x6E, 0x4F, (byte) 0x82, 0x05, 0x2B, (byte) 0x81, 0x3A, 0x01, 0x09, (byte) 0x83, 0x08, 0x01, (byte) 0x8D, 0x56, (byte) 0xAA, (byte) 0xB6, 0x3F, (byte) 0xC2, (byte) 0xB7, (byte) 0xA4, 0x24, (byte) 0x86, 0x0B, 0x54, 0x65, 0x73, 0x74, 0x20, 0x49, 0x73, 0x73, 0x75, 0x65, 0x72, (byte) 0x81, 0x15, 0x54, 0x72, 0x75, 0x73, 0x74, 0x50, 0x6F, 0x69, 0x6E, 0x74, 0x20, 0x49, 0x6E, 0x6E, 0x6F, 0x76, 0x61, 0x74, 0x69, 0x6F, 0x6E, (byte) 0x85, 0x04, 0x38, 0x6D, 0x43, (byte) 0x80, (byte) 0x86, 0x04, 0x01, (byte) 0xE1, 0x33, (byte) 0x80, (byte) 0xA7, 0x27, (byte) 0x86, 0x13, 0x4D, 0x32, 0x4D, 0x20, 0x4C, 0x69, 0x62, 0x72, 0x61, 0x72, 0x79, 0x20, 0x54, 0x65, 0x73, 0x74, 0x69, 0x6E, 0x67, (byte) 0x85, 0x08, 0x57, 0x61, 0x74, 0x65, 0x72, 0x6C, 0x6F, 0x6F, (byte) 0x84, 0x02, 0x4F, 0x4E, (byte) 0x80, 0x02, 0x43, 0x41, (byte) 0x88, 0x05, 0x2B, (byte) 0x81, 0x3A, 0x01, 0x0A }; certificate.setPublicKeyDefinition(publicKeyDefinition); assertArrayEquals(expectedEncoding, certificate.getTBSCertificate()); publicKeyDefinition.setParameters(Hex.decode("00f965ea33ab9810")); expectedEncoding = new byte[] { 0x30, (byte) 0x81, (byte) 0x86, (byte) 0x81, 0x07, 0x00, 0x73, 0x68, (byte) 0xA3, (byte) 0xDC, 0x6E, 0x4F, (byte) 0x82, 0x05, 0x2B, (byte) 0x81, 0x3A, 0x01, 0x09, (byte) 0x83, 0x08, 0x01, (byte) 0x8D, 0x56, (byte) 0xAA, (byte) 0xB6, 0x3F, (byte) 0xC2, (byte) 0xB7, (byte) 0xA4, 0x24, (byte) 0x86, 0x0B, 0x54, 0x65, 0x73, 0x74, 0x20, 0x49, 0x73, 0x73, 0x75, 0x65, 0x72, (byte) 0x81, 0x15, 0x54, 0x72, 0x75, 0x73, 0x74, 0x50, 0x6F, 0x69, 0x6E, 0x74, 0x20, 0x49, 0x6E, 0x6E, 0x6F, 0x76, 0x61, 0x74, 0x69, 0x6F, 0x6E, (byte) 0x85, 0x04, 0x38, 0x6D, 0x43, (byte) 0x80, (byte) 0x86, 0x04, 0x01, (byte) 0xE1, 0x33, (byte) 0x80, (byte) 0xA7, 0x27, (byte) 0x86, 0x13, 0x4D, 0x32, 0x4D, 0x20, 0x4C, 0x69, 0x62, 0x72, 0x61, 0x72, 0x79, 0x20, 0x54, 0x65, 0x73, 0x74, 0x69, 0x6E, 0x67, (byte) 0x85, 0x08, 0x57, 0x61, 0x74, 0x65, 0x72, 0x6C, 0x6F, 0x6F, (byte) 0x84, 0x02, 0x4F, 0x4E, (byte) 0x80, 0x02, 0x43, 0x41, (byte) 0x88, 0x05, 0x2B, (byte) 0x81, 0x3A, 0x01, 0x0A, (byte) 0x89, 0x08, 0x00, (byte) 0xF9, 0x65, (byte) 0xEA, 0x33, (byte) 0xAB, (byte) 0x98, 0x10 }; certificate.setPublicKeyDefinition(publicKeyDefinition); assertArrayEquals(expectedEncoding, certificate.getTBSCertificate()); X962Parameters params = new X962Parameters(X9ObjectIdentifiers.prime256v1); AlgorithmIdentifier algId = new AlgorithmIdentifier(X9ObjectIdentifiers.id_ecPublicKey, params.toASN1Primitive()); SubjectPublicKeyInfo info = new SubjectPublicKeyInfo(algId, Hex.decode("029e3073ff1d303346fd486db4012e6d822fd11216bf1198d51b090e4447078c51")); expectedEncoding = new byte[] { 0x30, (byte) 0x81, (byte) 0xC9, (byte) 0x81, 0x07, 0x00, 0x73, 0x68, (byte) 0xA3, (byte) 0xDC, 0x6E, 0x4F, (byte) 0x82, 0x05, 0x2B, (byte) 0x81, 0x3A, 0x01, 0x09, (byte) 0x83, 0x08, 0x01, (byte) 0x8D, 0x56, (byte) 0xAA, (byte) 0xB6, 0x3F, (byte) 0xC2, (byte) 0xB7, (byte) 0xA4, 0x24, (byte) 0x86, 0x0B, 0x54, 0x65, 0x73, 0x74, 0x20, 0x49, 0x73, 0x73, 0x75, 0x65, 0x72, (byte) 0x81, 0x15, 0x54, 0x72, 0x75, 0x73, 0x74, 0x50, 0x6F, 0x69, 0x6E, 0x74, 0x20, 0x49, 0x6E, 0x6E, 0x6F, 0x76, 0x61, 0x74, 0x69, 0x6F, 0x6E, (byte) 0x85, 0x04, 0x38, 0x6D, 0x43, (byte) 0x80, (byte) 0x86, 0x04, 0x01, (byte) 0xE1, 0x33, (byte) 0x80, (byte) 0xA7, 0x27, (byte) 0x86, 0x13, 0x4D, 0x32, 0x4D, 0x20, 0x4C, 0x69, 0x62, 0x72, 0x61, 0x72, 0x79, 0x20, 0x54, 0x65, 0x73, 0x74, 0x69, 0x6E, 0x67, (byte) 0x85, 0x08, 0x57, 0x61, 0x74, 0x65, 0x72, 0x6C, 0x6F, 0x6F, (byte) 0x84, 0x02, 0x4F, 0x4E, (byte) 0x80, 0x02, 0x43, 0x41, (byte) 0x88, 0x05, 0x2B, (byte) 0x81, 0x3A, 0x01, 0x0A, (byte) 0x89, 0x08, 0x00, (byte) 0xF9, 0x65, (byte) 0xEA, 0x33, (byte) 0xAB, (byte) 0x98, 0x10, (byte) 0x8A, 0x41, 0x04, (byte) 0x9E, 0x30, 0x73, (byte) 0xFF, 0x1D, 0x30, 0x33, 0x46, (byte) 0xFD, 0x48, 0x6D, (byte) 0xB4, 0x01, 0x2E, 0x6D, (byte) 0x82, 0x2F, (byte) 0xD1, 0x12, 0x16, (byte) 0xBF, 0x11, (byte) 0x98, (byte) 0xD5, 0x1B, 0x09, 0x0E, 0x44, 0x47, 0x07, (byte) 0x8C, 0x51, (byte) 0xA9, 0x56, 0x10, 0x70, 0x1F, 0x6A, (byte) 0xC3, 0x44, 0x7D, (byte) 0xE6, (byte) 0xAF, (byte) 0x90, 0x39, (byte) 0x98, (byte) 0xBE, (byte) 0xF9, 0x07, 0x1B, 0x7F, 0x79, (byte) 0xFB, (byte) 0x8C, (byte) 0xE5, (byte) 0xEC, (byte) 0xC8, (byte) 0xED, (byte) 0xC6, 0x4A, 0x61, (byte) 0x8C, 0x1E, 0x72 }; certificate.setPublicKey(BouncyCastleProvider.getPublicKey(info)); assertArrayEquals(expectedEncoding, certificate.getTBSCertificate()); AuthorityKeyIdentifier authKeyId = new AuthorityKeyIdentifier(); authKeyId.setKeyIdentifier(Hex.decode("8dff22379a")); expectedEncoding = new byte[] { 0x30, (byte) 0x81, (byte) 0xD2, (byte) 0x81, 0x07, 0x00, 0x73, 0x68, (byte) 0xA3, (byte) 0xDC, 0x6E, 0x4F, (byte) 0x82, 0x05, 0x2B, (byte) 0x81, 0x3A, 0x01, 0x09, (byte) 0x83, 0x08, 0x01, (byte) 0x8D, 0x56, (byte) 0xAA, (byte) 0xB6, 0x3F, (byte) 0xC2, (byte) 0xB7, (byte) 0xA4, 0x24, (byte) 0x86, 0x0B, 0x54, 0x65, 0x73, 0x74, 0x20, 0x49, 0x73, 0x73, 0x75, 0x65, 0x72, (byte) 0x81, 0x15, 0x54, 0x72, 0x75, 0x73, 0x74, 0x50, 0x6F, 0x69, 0x6E, 0x74, 0x20, 0x49, 0x6E, 0x6E, 0x6F, 0x76, 0x61, 0x74, 0x69, 0x6F, 0x6E, (byte) 0x85, 0x04, 0x38, 0x6D, 0x43, (byte) 0x80, (byte) 0x86, 0x04, 0x01, (byte) 0xE1, 0x33, (byte) 0x80, (byte) 0xA7, 0x27, (byte) 0x86, 0x13, 0x4D, 0x32, 0x4D, 0x20, 0x4C, 0x69, 0x62, 0x72, 0x61, 0x72, 0x79, 0x20, 0x54, 0x65, 0x73, 0x74, 0x69, 0x6E, 0x67, (byte) 0x85, 0x08, 0x57, 0x61, 0x74, 0x65, 0x72, 0x6C, 0x6F, 0x6F, (byte) 0x84, 0x02, 0x4F, 0x4E, (byte) 0x80, 0x02, 0x43, 0x41, (byte) 0x88, 0x05, 0x2B, (byte) 0x81, 0x3A, 0x01, 0x0A, (byte) 0x89, 0x08, 0x00, (byte) 0xF9, 0x65, (byte) 0xEA, 0x33, (byte) 0xAB, (byte) 0x98, 0x10, (byte) 0x8A, 0x41, 0x04, (byte) 0x9E, 0x30, 0x73, (byte) 0xFF, 0x1D, 0x30, 0x33, 0x46, (byte) 0xFD, 0x48, 0x6D, (byte) 0xB4, 0x01, 0x2E, 0x6D, (byte) 0x82, 0x2F, (byte) 0xD1, 0x12, 0x16, (byte) 0xBF, 0x11, (byte) 0x98, (byte) 0xD5, 0x1B, 0x09, 0x0E, 0x44, 0x47, 0x07, (byte) 0x8C, 0x51, (byte) 0xA9, 0x56, 0x10, 0x70, 0x1F, 0x6A, (byte) 0xC3, 0x44, 0x7D, (byte) 0xE6, (byte) 0xAF, (byte) 0x90, 0x39, (byte) 0x98, (byte) 0xBE, (byte) 0xF9, 0x07, 0x1B, 0x7F, 0x79, (byte) 0xFB, (byte) 0x8C, (byte) 0xE5, (byte) 0xEC, (byte) 0xC8, (byte) 0xED, (byte) 0xC6, 0x4A, 0x61, (byte) 0x8C, 0x1E, 0x72, (byte) 0xAB, 0x07, (byte) 0x80, 0x05, (byte) 0x8D, (byte) 0xFF, 0x22, 0x37, (byte) 0x9A }; certificate.setAuthorityKeyIdentifier(authKeyId); assertArrayEquals(expectedEncoding, certificate.getTBSCertificate()); expectedEncoding = new byte[] { 0x30, (byte) 0x81, (byte) 0xD9, (byte) 0x81, 0x07, 0x00, 0x73, 0x68, (byte) 0xA3, (byte) 0xDC, 0x6E, 0x4F, (byte) 0x82, 0x05, 0x2B, (byte) 0x81, 0x3A, 0x01, 0x09, (byte) 0x83, 0x08, 0x01, (byte) 0x8D, 0x56, (byte) 0xAA, (byte) 0xB6, 0x3F, (byte) 0xC2, (byte) 0xB7, (byte) 0xA4, 0x24, (byte) 0x86, 0x0B, 0x54, 0x65, 0x73, 0x74, 0x20, 0x49, 0x73, 0x73, 0x75, 0x65, 0x72, (byte) 0x81, 0x15, 0x54, 0x72, 0x75, 0x73, 0x74, 0x50, 0x6F, 0x69, 0x6E, 0x74, 0x20, 0x49, 0x6E, 0x6E, 0x6F, 0x76, 0x61, 0x74, 0x69, 0x6F, 0x6E, (byte) 0x85, 0x04, 0x38, 0x6D, 0x43, (byte) 0x80, (byte) 0x86, 0x04, 0x01, (byte) 0xE1, 0x33, (byte) 0x80, (byte) 0xA7, 0x27, (byte) 0x86, 0x13, 0x4D, 0x32, 0x4D, 0x20, 0x4C, 0x69, 0x62, 0x72, 0x61, 0x72, 0x79, 0x20, 0x54, 0x65, 0x73, 0x74, 0x69, 0x6E, 0x67, (byte) 0x85, 0x08, 0x57, 0x61, 0x74, 0x65, 0x72, 0x6C, 0x6F, 0x6F, (byte) 0x84, 0x02, 0x4F, 0x4E, (byte) 0x80, 0x02, 0x43, 0x41, (byte) 0x88, 0x05, 0x2B, (byte) 0x81, 0x3A, 0x01, 0x0A, (byte) 0x89, 0x08, 0x00, (byte) 0xF9, 0x65, (byte) 0xEA, 0x33, (byte) 0xAB, (byte) 0x98, 0x10, (byte) 0x8A, 0x41, 0x04, (byte) 0x9E, 0x30, 0x73, (byte) 0xFF, 0x1D, 0x30, 0x33, 0x46, (byte) 0xFD, 0x48, 0x6D, (byte) 0xB4, 0x01, 0x2E, 0x6D, (byte) 0x82, 0x2F, (byte) 0xD1, 0x12, 0x16, (byte) 0xBF, 0x11, (byte) 0x98, (byte) 0xD5, 0x1B, 0x09, 0x0E, 0x44, 0x47, 0x07, (byte) 0x8C, 0x51, (byte) 0xA9, 0x56, 0x10, 0x70, 0x1F, 0x6A, (byte) 0xC3, 0x44, 0x7D, (byte) 0xE6, (byte) 0xAF, (byte) 0x90, 0x39, (byte) 0x98, (byte) 0xBE, (byte) 0xF9, 0x07, 0x1B, 0x7F, 0x79, (byte) 0xFB, (byte) 0x8C, (byte) 0xE5, (byte) 0xEC, (byte) 0xC8, (byte) 0xED, (byte) 0xC6, 0x4A, 0x61, (byte) 0x8C, 0x1E, 0x72, (byte) 0xAB, 0x07, (byte) 0x80, 0x05, (byte) 0x8D, (byte) 0xFF, 0x22, 0x37, (byte) 0x9A, (byte) 0x8C, 0x05, 0x30, 0x00, 0x57, (byte) 0xD2, (byte) 0x8A }; certificate.setSubjectKeyIdentifier(Hex.decode("300057d28a")); assertArrayEquals(expectedEncoding, certificate.getTBSCertificate()); KeyUsage usage = new KeyUsage(); usage.setKeyEncipherment(true); usage.setKeyAgreement(true); expectedEncoding = new byte[] { 0x30, (byte) 0x81, (byte) 0xDC, (byte) 0x81, 0x07, 0x00, 0x73, 0x68, (byte) 0xA3, (byte) 0xDC, 0x6E, 0x4F, (byte) 0x82, 0x05, 0x2B, (byte) 0x81, 0x3A, 0x01, 0x09, (byte) 0x83, 0x08, 0x01, (byte) 0x8D, 0x56, (byte) 0xAA, (byte) 0xB6, 0x3F, (byte) 0xC2, (byte) 0xB7, (byte) 0xA4, 0x24, (byte) 0x86, 0x0B, 0x54, 0x65, 0x73, 0x74, 0x20, 0x49, 0x73, 0x73, 0x75, 0x65, 0x72, (byte) 0x81, 0x15, 0x54, 0x72, 0x75, 0x73, 0x74, 0x50, 0x6F, 0x69, 0x6E, 0x74, 0x20, 0x49, 0x6E, 0x6E, 0x6F, 0x76, 0x61, 0x74, 0x69, 0x6F, 0x6E, (byte) 0x85, 0x04, 0x38, 0x6D, 0x43, (byte) 0x80, (byte) 0x86, 0x04, 0x01, (byte) 0xE1, 0x33, (byte) 0x80, (byte) 0xA7, 0x27, (byte) 0x86, 0x13, 0x4D, 0x32, 0x4D, 0x20, 0x4C, 0x69, 0x62, 0x72, 0x61, 0x72, 0x79, 0x20, 0x54, 0x65, 0x73, 0x74, 0x69, 0x6E, 0x67, (byte) 0x85, 0x08, 0x57, 0x61, 0x74, 0x65, 0x72, 0x6C, 0x6F, 0x6F, (byte) 0x84, 0x02, 0x4F, 0x4E, (byte) 0x80, 0x02, 0x43, 0x41, (byte) 0x88, 0x05, 0x2B, (byte) 0x81, 0x3A, 0x01, 0x0A, (byte) 0x89, 0x08, 0x00, (byte) 0xF9, 0x65, (byte) 0xEA, 0x33, (byte) 0xAB, (byte) 0x98, 0x10, (byte) 0x8A, 0x41, 0x04, (byte) 0x9E, 0x30, 0x73, (byte) 0xFF, 0x1D, 0x30, 0x33, 0x46, (byte) 0xFD, 0x48, 0x6D, (byte) 0xB4, 0x01, 0x2E, 0x6D, (byte) 0x82, 0x2F, (byte) 0xD1, 0x12, 0x16, (byte) 0xBF, 0x11, (byte) 0x98, (byte) 0xD5, 0x1B, 0x09, 0x0E, 0x44, 0x47, 0x07, (byte) 0x8C, 0x51, (byte) 0xA9, 0x56, 0x10, 0x70, 0x1F, 0x6A, (byte) 0xC3, 0x44, 0x7D, (byte) 0xE6, (byte) 0xAF, (byte) 0x90, 0x39, (byte) 0x98, (byte) 0xBE, (byte) 0xF9, 0x07, 0x1B, 0x7F, 0x79, (byte) 0xFB, (byte) 0x8C, (byte) 0xE5, (byte) 0xEC, (byte) 0xC8, (byte) 0xED, (byte) 0xC6, 0x4A, 0x61, (byte) 0x8C, 0x1E, 0x72, (byte) 0xAB, 0x07, (byte) 0x80, 0x05, (byte) 0x8D, (byte) 0xFF, 0x22, 0x37, (byte) 0x9A, (byte) 0x8C, 0x05, 0x30, 0x00, 0x57, (byte) 0xD2, (byte) 0x8A, (byte) 0x8D, 0x01, 0x28 }; certificate.setKeyUsage(usage); assertArrayEquals(expectedEncoding, certificate.getTBSCertificate()); expectedEncoding = new byte[] { 0x30, (byte) 0x81, (byte) 0xDF, (byte) 0x81, 0x07, 0x00, 0x73, 0x68, (byte) 0xA3, (byte) 0xDC, 0x6E, 0x4F, (byte) 0x82, 0x05, 0x2B, (byte) 0x81, 0x3A, 0x01, 0x09, (byte) 0x83, 0x08, 0x01, (byte) 0x8D, 0x56, (byte) 0xAA, (byte) 0xB6, 0x3F, (byte) 0xC2, (byte) 0xB7, (byte) 0xA4, 0x24, (byte) 0x86, 0x0B, 0x54, 0x65, 0x73, 0x74, 0x20, 0x49, 0x73, 0x73, 0x75, 0x65, 0x72, (byte) 0x81, 0x15, 0x54, 0x72, 0x75, 0x73, 0x74, 0x50, 0x6F, 0x69, 0x6E, 0x74, 0x20, 0x49, 0x6E, 0x6E, 0x6F, 0x76, 0x61, 0x74, 0x69, 0x6F, 0x6E, (byte) 0x85, 0x04, 0x38, 0x6D, 0x43, (byte) 0x80, (byte) 0x86, 0x04, 0x01, (byte) 0xE1, 0x33, (byte) 0x80, (byte) 0xA7, 0x27, (byte) 0x86, 0x13, 0x4D, 0x32, 0x4D, 0x20, 0x4C, 0x69, 0x62, 0x72, 0x61, 0x72, 0x79, 0x20, 0x54, 0x65, 0x73, 0x74, 0x69, 0x6E, 0x67, (byte) 0x85, 0x08, 0x57, 0x61, 0x74, 0x65, 0x72, 0x6C, 0x6F, 0x6F, (byte) 0x84, 0x02, 0x4F, 0x4E, (byte) 0x80, 0x02, 0x43, 0x41, (byte) 0x88, 0x05, 0x2B, (byte) 0x81, 0x3A, 0x01, 0x0A, (byte) 0x89, 0x08, 0x00, (byte) 0xF9, 0x65, (byte) 0xEA, 0x33, (byte) 0xAB, (byte) 0x98, 0x10, (byte) 0x8A, 0x41, 0x04, (byte) 0x9E, 0x30, 0x73, (byte) 0xFF, 0x1D, 0x30, 0x33, 0x46, (byte) 0xFD, 0x48, 0x6D, (byte) 0xB4, 0x01, 0x2E, 0x6D, (byte) 0x82, 0x2F, (byte) 0xD1, 0x12, 0x16, (byte) 0xBF, 0x11, (byte) 0x98, (byte) 0xD5, 0x1B, 0x09, 0x0E, 0x44, 0x47, 0x07, (byte) 0x8C, 0x51, (byte) 0xA9, 0x56, 0x10, 0x70, 0x1F, 0x6A, (byte) 0xC3, 0x44, 0x7D, (byte) 0xE6, (byte) 0xAF, (byte) 0x90, 0x39, (byte) 0x98, (byte) 0xBE, (byte) 0xF9, 0x07, 0x1B, 0x7F, 0x79, (byte) 0xFB, (byte) 0x8C, (byte) 0xE5, (byte) 0xEC, (byte) 0xC8, (byte) 0xED, (byte) 0xC6, 0x4A, 0x61, (byte) 0x8C, 0x1E, 0x72, (byte) 0xAB, 0x07, (byte) 0x80, 0x05, (byte) 0x8D, (byte) 0xFF, 0x22, 0x37, (byte) 0x9A, (byte) 0x8C, 0x05, 0x30, 0x00, 0x57, (byte) 0xD2, (byte) 0x8A, (byte) 0x8D, 0x01, 0x28, (byte) 0x8E, 0x01, 0x03 }; certificate.setBasicConstraints(3); assertArrayEquals(expectedEncoding, certificate.getTBSCertificate()); expectedEncoding = new byte[] { 0x30, (byte) 0x81, (byte) 0xE6, (byte) 0x81, 0x07, 0x00, 0x73, 0x68, (byte) 0xA3, (byte) 0xDC, 0x6E, 0x4F, (byte) 0x82, 0x05, 0x2B, (byte) 0x81, 0x3A, 0x01, 0x09, (byte) 0x83, 0x08, 0x01, (byte) 0x8D, 0x56, (byte) 0xAA, (byte) 0xB6, 0x3F, (byte) 0xC2, (byte) 0xB7, (byte) 0xA4, 0x24, (byte) 0x86, 0x0B, 0x54, 0x65, 0x73, 0x74, 0x20, 0x49, 0x73, 0x73, 0x75, 0x65, 0x72, (byte) 0x81, 0x15, 0x54, 0x72, 0x75, 0x73, 0x74, 0x50, 0x6F, 0x69, 0x6E, 0x74, 0x20, 0x49, 0x6E, 0x6E, 0x6F, 0x76, 0x61, 0x74, 0x69, 0x6F, 0x6E, (byte) 0x85, 0x04, 0x38, 0x6D, 0x43, (byte) 0x80, (byte) 0x86, 0x04, 0x01, (byte) 0xE1, 0x33, (byte) 0x80, (byte) 0xA7, 0x27, (byte) 0x86, 0x13, 0x4D, 0x32, 0x4D, 0x20, 0x4C, 0x69, 0x62, 0x72, 0x61, 0x72, 0x79, 0x20, 0x54, 0x65, 0x73, 0x74, 0x69, 0x6E, 0x67, (byte) 0x85, 0x08, 0x57, 0x61, 0x74, 0x65, 0x72, 0x6C, 0x6F, 0x6F, (byte) 0x84, 0x02, 0x4F, 0x4E, (byte) 0x80, 0x02, 0x43, 0x41, (byte) 0x88, 0x05, 0x2B, (byte) 0x81, 0x3A, 0x01, 0x0A, (byte) 0x89, 0x08, 0x00, (byte) 0xF9, 0x65, (byte) 0xEA, 0x33, (byte) 0xAB, (byte) 0x98, 0x10, (byte) 0x8A, 0x41, 0x04, (byte) 0x9E, 0x30, 0x73, (byte) 0xFF, 0x1D, 0x30, 0x33, 0x46, (byte) 0xFD, 0x48, 0x6D, (byte) 0xB4, 0x01, 0x2E, 0x6D, (byte) 0x82, 0x2F, (byte) 0xD1, 0x12, 0x16, (byte) 0xBF, 0x11, (byte) 0x98, (byte) 0xD5, 0x1B, 0x09, 0x0E, 0x44, 0x47, 0x07, (byte) 0x8C, 0x51, (byte) 0xA9, 0x56, 0x10, 0x70, 0x1F, 0x6A, (byte) 0xC3, 0x44, 0x7D, (byte) 0xE6, (byte) 0xAF, (byte) 0x90, 0x39, (byte) 0x98, (byte) 0xBE, (byte) 0xF9, 0x07, 0x1B, 0x7F, 0x79, (byte) 0xFB, (byte) 0x8C, (byte) 0xE5, (byte) 0xEC, (byte) 0xC8, (byte) 0xED, (byte) 0xC6, 0x4A, 0x61, (byte) 0x8C, 0x1E, 0x72, (byte) 0xAB, 0x07, (byte) 0x80, 0x05, (byte) 0x8D, (byte) 0xFF, 0x22, 0x37, (byte) 0x9A, (byte) 0x8C, 0x05, 0x30, 0x00, 0x57, (byte) 0xD2, (byte) 0x8A, (byte) 0x8D, 0x01, 0x28, (byte) 0x8E, 0x01, 0x03, (byte) 0x8F, 0x05, 0x2B, 0x0B, (byte) 0xA4, 0x18, 0x51 }; certificate.setCertificatePolicy("1.3.11.4632.81"); assertArrayEquals(expectedEncoding, certificate.getTBSCertificate()); GeneralName subjectAltName = new GeneralName(); subjectAltName.setAttributeId(GeneralNameAttributeId.DnsName); subjectAltName.setValue("testing"); expectedEncoding = new byte[] { 0x30, (byte) 0x81, (byte) 0xF1, (byte) 0x81, 0x07, 0x00, 0x73, 0x68, (byte) 0xA3, (byte) 0xDC, 0x6E, 0x4F, (byte) 0x82, 0x05, 0x2B, (byte) 0x81, 0x3A, 0x01, 0x09, (byte) 0x83, 0x08, 0x01, (byte) 0x8D, 0x56, (byte) 0xAA, (byte) 0xB6, 0x3F, (byte) 0xC2, (byte) 0xB7, (byte) 0xA4, 0x24, (byte) 0x86, 0x0B, 0x54, 0x65, 0x73, 0x74, 0x20, 0x49, 0x73, 0x73, 0x75, 0x65, 0x72, (byte) 0x81, 0x15, 0x54, 0x72, 0x75, 0x73, 0x74, 0x50, 0x6F, 0x69, 0x6E, 0x74, 0x20, 0x49, 0x6E, 0x6E, 0x6F, 0x76, 0x61, 0x74, 0x69, 0x6F, 0x6E, (byte) 0x85, 0x04, 0x38, 0x6D, 0x43, (byte) 0x80, (byte) 0x86, 0x04, 0x01, (byte) 0xE1, 0x33, (byte) 0x80, (byte) 0xA7, 0x27, (byte) 0x86, 0x13, 0x4D, 0x32, 0x4D, 0x20, 0x4C, 0x69, 0x62, 0x72, 0x61, 0x72, 0x79, 0x20, 0x54, 0x65, 0x73, 0x74, 0x69, 0x6E, 0x67, (byte) 0x85, 0x08, 0x57, 0x61, 0x74, 0x65, 0x72, 0x6C, 0x6F, 0x6F, (byte) 0x84, 0x02, 0x4F, 0x4E, (byte) 0x80, 0x02, 0x43, 0x41, (byte) 0x88, 0x05, 0x2B, (byte) 0x81, 0x3A, 0x01, 0x0A, (byte) 0x89, 0x08, 0x00, (byte) 0xF9, 0x65, (byte) 0xEA, 0x33, (byte) 0xAB, (byte) 0x98, 0x10, (byte) 0x8A, 0x41, 0x04, (byte) 0x9E, 0x30, 0x73, (byte) 0xFF, 0x1D, 0x30, 0x33, 0x46, (byte) 0xFD, 0x48, 0x6D, (byte) 0xB4, 0x01, 0x2E, 0x6D, (byte) 0x82, 0x2F, (byte) 0xD1, 0x12, 0x16, (byte) 0xBF, 0x11, (byte) 0x98, (byte) 0xD5, 0x1B, 0x09, 0x0E, 0x44, 0x47, 0x07, (byte) 0x8C, 0x51, (byte) 0xA9, 0x56, 0x10, 0x70, 0x1F, 0x6A, (byte) 0xC3, 0x44, 0x7D, (byte) 0xE6, (byte) 0xAF, (byte) 0x90, 0x39, (byte) 0x98, (byte) 0xBE, (byte) 0xF9, 0x07, 0x1B, 0x7F, 0x79, (byte) 0xFB, (byte) 0x8C, (byte) 0xE5, (byte) 0xEC, (byte) 0xC8, (byte) 0xED, (byte) 0xC6, 0x4A, 0x61, (byte) 0x8C, 0x1E, 0x72, (byte) 0xAB, 0x07, (byte) 0x80, 0x05, (byte) 0x8D, (byte) 0xFF, 0x22, 0x37, (byte) 0x9A, (byte) 0x8C, 0x05, 0x30, 0x00, 0x57, (byte) 0xD2, (byte) 0x8A, (byte) 0x8D, 0x01, 0x28, (byte) 0x8E, 0x01, 0x03, (byte) 0x8F, 0x05, 0x2B, 0x0B, (byte) 0xA4, 0x18, 0x51, (byte) 0xB0, 0x09, (byte) 0x81, 0x07, 0x74, 0x65, 0x73, 0x74, 0x69, 0x6E, 0x67 }; certificate.setSubjectAlternativeName(subjectAltName); assertArrayEquals(expectedEncoding, certificate.getTBSCertificate()); GeneralName issuerAltName = new GeneralName(); issuerAltName.setAttributeId(GeneralNameAttributeId.Uri); issuerAltName.setValue("http://testing.trustpoint.ca"); expectedEncoding = new byte[] { 0x30, (byte) 0x82, 0x01, 0x11, (byte) 0x81, 0x07, 0x00, 0x73, 0x68, (byte) 0xA3, (byte) 0xDC, 0x6E, 0x4F, (byte) 0x82, 0x05, 0x2B, (byte) 0x81, 0x3A, 0x01, 0x09, (byte) 0x83, 0x08, 0x01, (byte) 0x8D, 0x56, (byte) 0xAA, (byte) 0xB6, 0x3F, (byte) 0xC2, (byte) 0xB7, (byte) 0xA4, 0x24, (byte) 0x86, 0x0B, 0x54, 0x65, 0x73, 0x74, 0x20, 0x49, 0x73, 0x73, 0x75, 0x65, 0x72, (byte) 0x81, 0x15, 0x54, 0x72, 0x75, 0x73, 0x74, 0x50, 0x6F, 0x69, 0x6E, 0x74, 0x20, 0x49, 0x6E, 0x6E, 0x6F, 0x76, 0x61, 0x74, 0x69, 0x6F, 0x6E, (byte) 0x85, 0x04, 0x38, 0x6D, 0x43, (byte) 0x80, (byte) 0x86, 0x04, 0x01, (byte) 0xE1, 0x33, (byte) 0x80, (byte) 0xA7, 0x27, (byte) 0x86, 0x13, 0x4D, 0x32, 0x4D, 0x20, 0x4C, 0x69, 0x62, 0x72, 0x61, 0x72, 0x79, 0x20, 0x54, 0x65, 0x73, 0x74, 0x69, 0x6E, 0x67, (byte) 0x85, 0x08, 0x57, 0x61, 0x74, 0x65, 0x72, 0x6C, 0x6F, 0x6F, (byte) 0x84, 0x02, 0x4F, 0x4E, (byte) 0x80, 0x02, 0x43, 0x41, (byte) 0x88, 0x05, 0x2B, (byte) 0x81, 0x3A, 0x01, 0x0A, (byte) 0x89, 0x08, 0x00, (byte) 0xF9, 0x65, (byte) 0xEA, 0x33, (byte) 0xAB, (byte) 0x98, 0x10, (byte) 0x8A, 0x41, 0x04, (byte) 0x9E, 0x30, 0x73, (byte) 0xFF, 0x1D, 0x30, 0x33, 0x46, (byte) 0xFD, 0x48, 0x6D, (byte) 0xB4, 0x01, 0x2E, 0x6D, (byte) 0x82, 0x2F, (byte) 0xD1, 0x12, 0x16, (byte) 0xBF, 0x11, (byte) 0x98, (byte) 0xD5, 0x1B, 0x09, 0x0E, 0x44, 0x47, 0x07, (byte) 0x8C, 0x51, (byte) 0xA9, 0x56, 0x10, 0x70, 0x1F, 0x6A, (byte) 0xC3, 0x44, 0x7D, (byte) 0xE6, (byte) 0xAF, (byte) 0x90, 0x39, (byte) 0x98, (byte) 0xBE, (byte) 0xF9, 0x07, 0x1B, 0x7F, 0x79, (byte) 0xFB, (byte) 0x8C, (byte) 0xE5, (byte) 0xEC, (byte) 0xC8, (byte) 0xED, (byte) 0xC6, 0x4A, 0x61, (byte) 0x8C, 0x1E, 0x72, (byte) 0xAB, 0x07, (byte) 0x80, 0x05, (byte) 0x8D, (byte) 0xFF, 0x22, 0x37, (byte) 0x9A, (byte) 0x8C, 0x05, 0x30, 0x00, 0x57, (byte) 0xD2, (byte) 0x8A, (byte) 0x8D, 0x01, 0x28, (byte) 0x8E, 0x01, 0x03, (byte) 0x8F, 0x05, 0x2B, 0x0B, (byte) 0xA4, 0x18, 0x51, (byte) 0xB0, 0x09, (byte) 0x81, 0x07, 0x74, 0x65, 0x73, 0x74, 0x69, 0x6E, 0x67, (byte) 0xB1, 0x1E, (byte) 0x83, 0x1C, 0x68, 0x74, 0x74, 0x70, 0x3A, 0x2F, 0x2F, 0x74, 0x65, 0x73, 0x74, 0x69, 0x6E, 0x67, 0x2E, 0x74, 0x72, 0x75, 0x73, 0x74, 0x70, 0x6F, 0x69, 0x6E, 0x74, 0x2E, 0x63, 0x61 }; certificate.setIssuerAlternativeName(issuerAltName); assertArrayEquals(expectedEncoding, certificate.getTBSCertificate()); expectedEncoding = new byte[] { 0x30, (byte) 0x82, 0x01, 0x1D, (byte) 0x81, 0x07, 0x00, 0x73, 0x68, (byte) 0xA3, (byte) 0xDC, 0x6E, 0x4F, (byte) 0x82, 0x05, 0x2B, (byte) 0x81, 0x3A, 0x01, 0x09, (byte) 0x83, 0x08, 0x01, (byte) 0x8D, 0x56, (byte) 0xAA, (byte) 0xB6, 0x3F, (byte) 0xC2, (byte) 0xB7, (byte) 0xA4, 0x24, (byte) 0x86, 0x0B, 0x54, 0x65, 0x73, 0x74, 0x20, 0x49, 0x73, 0x73, 0x75, 0x65, 0x72, (byte) 0x81, 0x15, 0x54, 0x72, 0x75, 0x73, 0x74, 0x50, 0x6F, 0x69, 0x6E, 0x74, 0x20, 0x49, 0x6E, 0x6E, 0x6F, 0x76, 0x61, 0x74, 0x69, 0x6F, 0x6E, (byte) 0x85, 0x04, 0x38, 0x6D, 0x43, (byte) 0x80, (byte) 0x86, 0x04, 0x01, (byte) 0xE1, 0x33, (byte) 0x80, (byte) 0xA7, 0x27, (byte) 0x86, 0x13, 0x4D, 0x32, 0x4D, 0x20, 0x4C, 0x69, 0x62, 0x72, 0x61, 0x72, 0x79, 0x20, 0x54, 0x65, 0x73, 0x74, 0x69, 0x6E, 0x67, (byte) 0x85, 0x08, 0x57, 0x61, 0x74, 0x65, 0x72, 0x6C, 0x6F, 0x6F, (byte) 0x84, 0x02, 0x4F, 0x4E, (byte) 0x80, 0x02, 0x43, 0x41, (byte) 0x88, 0x05, 0x2B, (byte) 0x81, 0x3A, 0x01, 0x0A, (byte) 0x89, 0x08, 0x00, (byte) 0xF9, 0x65, (byte) 0xEA, 0x33, (byte) 0xAB, (byte) 0x98, 0x10, (byte) 0x8A, 0x41, 0x04, (byte) 0x9E, 0x30, 0x73, (byte) 0xFF, 0x1D, 0x30, 0x33, 0x46, (byte) 0xFD, 0x48, 0x6D, (byte) 0xB4, 0x01, 0x2E, 0x6D, (byte) 0x82, 0x2F, (byte) 0xD1, 0x12, 0x16, (byte) 0xBF, 0x11, (byte) 0x98, (byte) 0xD5, 0x1B, 0x09, 0x0E, 0x44, 0x47, 0x07, (byte) 0x8C, 0x51, (byte) 0xA9, 0x56, 0x10, 0x70, 0x1F, 0x6A, (byte) 0xC3, 0x44, 0x7D, (byte) 0xE6, (byte) 0xAF, (byte) 0x90, 0x39, (byte) 0x98, (byte) 0xBE, (byte) 0xF9, 0x07, 0x1B, 0x7F, 0x79, (byte) 0xFB, (byte) 0x8C, (byte) 0xE5, (byte) 0xEC, (byte) 0xC8, (byte) 0xED, (byte) 0xC6, 0x4A, 0x61, (byte) 0x8C, 0x1E, 0x72, (byte) 0xAB, 0x07, (byte) 0x80, 0x05, (byte) 0x8D, (byte) 0xFF, 0x22, 0x37, (byte) 0x9A, (byte) 0x8C, 0x05, 0x30, 0x00, 0x57, (byte) 0xD2, (byte) 0x8A, (byte) 0x8D, 0x01, 0x28, (byte) 0x8E, 0x01, 0x03, (byte) 0x8F, 0x05, 0x2B, 0x0B, (byte) 0xA4, 0x18, 0x51, (byte) 0xB0, 0x09, (byte) 0x81, 0x07, 0x74, 0x65, 0x73, 0x74, 0x69, 0x6E, 0x67, (byte) 0xB1, 0x1E, (byte) 0x83, 0x1C, 0x68, 0x74, 0x74, 0x70, 0x3A, 0x2F, 0x2F, 0x74, 0x65, 0x73, 0x74, 0x69, 0x6E, 0x67, 0x2E, 0x74, 0x72, 0x75, 0x73, 0x74, 0x70, 0x6F, 0x69, 0x6E, 0x74, 0x2E, 0x63, 0x61, (byte) 0x92, 0x0A, 0x60, (byte) 0x86, 0x48, 0x01, (byte) 0x86, (byte) 0xFE, 0x51, 0x1D, 0x25, 0x05 }; certificate.setExtendedKeyUsage("2.16.840.1.114513.29.37.5"); assertArrayEquals(expectedEncoding, certificate.getTBSCertificate()); expectedEncoding = new byte[] { 0x30, (byte) 0x82, 0x01, 0x3C, (byte) 0x81, 0x07, 0x00, 0x73, 0x68, (byte) 0xA3, (byte) 0xDC, 0x6E, 0x4F, (byte) 0x82, 0x05, 0x2B, (byte) 0x81, 0x3A, 0x01, 0x09, (byte) 0x83, 0x08, 0x01, (byte) 0x8D, 0x56, (byte) 0xAA, (byte) 0xB6, 0x3F, (byte) 0xC2, (byte) 0xB7, (byte) 0xA4, 0x24, (byte) 0x86, 0x0B, 0x54, 0x65, 0x73, 0x74, 0x20, 0x49, 0x73, 0x73, 0x75, 0x65, 0x72, (byte) 0x81, 0x15, 0x54, 0x72, 0x75, 0x73, 0x74, 0x50, 0x6F, 0x69, 0x6E, 0x74, 0x20, 0x49, 0x6E, 0x6E, 0x6F, 0x76, 0x61, 0x74, 0x69, 0x6F, 0x6E, (byte) 0x85, 0x04, 0x38, 0x6D, 0x43, (byte) 0x80, (byte) 0x86, 0x04, 0x01, (byte) 0xE1, 0x33, (byte) 0x80, (byte) 0xA7, 0x27, (byte) 0x86, 0x13, 0x4D, 0x32, 0x4D, 0x20, 0x4C, 0x69, 0x62, 0x72, 0x61, 0x72, 0x79, 0x20, 0x54, 0x65, 0x73, 0x74, 0x69, 0x6E, 0x67, (byte) 0x85, 0x08, 0x57, 0x61, 0x74, 0x65, 0x72, 0x6C, 0x6F, 0x6F, (byte) 0x84, 0x02, 0x4F, 0x4E, (byte) 0x80, 0x02, 0x43, 0x41, (byte) 0x88, 0x05, 0x2B, (byte) 0x81, 0x3A, 0x01, 0x0A, (byte) 0x89, 0x08, 0x00, (byte) 0xF9, 0x65, (byte) 0xEA, 0x33, (byte) 0xAB, (byte) 0x98, 0x10, (byte) 0x8A, 0x41, 0x04, (byte) 0x9E, 0x30, 0x73, (byte) 0xFF, 0x1D, 0x30, 0x33, 0x46, (byte) 0xFD, 0x48, 0x6D, (byte) 0xB4, 0x01, 0x2E, 0x6D, (byte) 0x82, 0x2F, (byte) 0xD1, 0x12, 0x16, (byte) 0xBF, 0x11, (byte) 0x98, (byte) 0xD5, 0x1B, 0x09, 0x0E, 0x44, 0x47, 0x07, (byte) 0x8C, 0x51, (byte) 0xA9, 0x56, 0x10, 0x70, 0x1F, 0x6A, (byte) 0xC3, 0x44, 0x7D, (byte) 0xE6, (byte) 0xAF, (byte) 0x90, 0x39, (byte) 0x98, (byte) 0xBE, (byte) 0xF9, 0x07, 0x1B, 0x7F, 0x79, (byte) 0xFB, (byte) 0x8C, (byte) 0xE5, (byte) 0xEC, (byte) 0xC8, (byte) 0xED, (byte) 0xC6, 0x4A, 0x61, (byte) 0x8C, 0x1E, 0x72, (byte) 0xAB, 0x07, (byte) 0x80, 0x05, (byte) 0x8D, (byte) 0xFF, 0x22, 0x37, (byte) 0x9A, (byte) 0x8C, 0x05, 0x30, 0x00, 0x57, (byte) 0xD2, (byte) 0x8A, (byte) 0x8D, 0x01, 0x28, (byte) 0x8E, 0x01, 0x03, (byte) 0x8F, 0x05, 0x2B, 0x0B, (byte) 0xA4, 0x18, 0x51, (byte) 0xB0, 0x09, (byte) 0x81, 0x07, 0x74, 0x65, 0x73, 0x74, 0x69, 0x6E, 0x67, (byte) 0xB1, 0x1E, (byte) 0x83, 0x1C, 0x68, 0x74, 0x74, 0x70, 0x3A, 0x2F, 0x2F, 0x74, 0x65, 0x73, 0x74, 0x69, 0x6E, 0x67, 0x2E, 0x74, 0x72, 0x75, 0x73, 0x74, 0x70, 0x6F, 0x69, 0x6E, 0x74, 0x2E, 0x63, 0x61, (byte) 0x92, 0x0A, 0x60, (byte) 0x86, 0x48, 0x01, (byte) 0x86, (byte) 0xFE, 0x51, 0x1D, 0x25, 0x05, (byte) 0x93, 0x1D, 0x68, 0x74, 0x74, 0x70, 0x3A, 0x2F, 0x2F, 0x74, 0x65, 0x73, 0x74, 0x6F, 0x63, 0x73, 0x70, 0x2E, 0x74, 0x72, 0x75, 0x73, 0x74, 0x70, 0x6F, 0x69, 0x6E, 0x74, 0x2E, 0x63, 0x61 }; certificate.setAuthenticationInfoAccessOcsp(new URI("http://testocsp.trustpoint.ca")); assertArrayEquals(expectedEncoding, certificate.getTBSCertificate()); expectedEncoding = new byte[] { 0x30, (byte) 0x82, 0x01, 0x5A, (byte) 0x81, 0x07, 0x00, 0x73, 0x68, (byte) 0xA3, (byte) 0xDC, 0x6E, 0x4F, (byte) 0x82, 0x05, 0x2B, (byte) 0x81, 0x3A, 0x01, 0x09, (byte) 0x83, 0x08, 0x01, (byte) 0x8D, 0x56, (byte) 0xAA, (byte) 0xB6, 0x3F, (byte) 0xC2, (byte) 0xB7, (byte) 0xA4, 0x24, (byte) 0x86, 0x0B, 0x54, 0x65, 0x73, 0x74, 0x20, 0x49, 0x73, 0x73, 0x75, 0x65, 0x72, (byte) 0x81, 0x15, 0x54, 0x72, 0x75, 0x73, 0x74, 0x50, 0x6F, 0x69, 0x6E, 0x74, 0x20, 0x49, 0x6E, 0x6E, 0x6F, 0x76, 0x61, 0x74, 0x69, 0x6F, 0x6E, (byte) 0x85, 0x04, 0x38, 0x6D, 0x43, (byte) 0x80, (byte) 0x86, 0x04, 0x01, (byte) 0xE1, 0x33, (byte) 0x80, (byte) 0xA7, 0x27, (byte) 0x86, 0x13, 0x4D, 0x32, 0x4D, 0x20, 0x4C, 0x69, 0x62, 0x72, 0x61, 0x72, 0x79, 0x20, 0x54, 0x65, 0x73, 0x74, 0x69, 0x6E, 0x67, (byte) 0x85, 0x08, 0x57, 0x61, 0x74, 0x65, 0x72, 0x6C, 0x6F, 0x6F, (byte) 0x84, 0x02, 0x4F, 0x4E, (byte) 0x80, 0x02, 0x43, 0x41, (byte) 0x88, 0x05, 0x2B, (byte) 0x81, 0x3A, 0x01, 0x0A, (byte) 0x89, 0x08, 0x00, (byte) 0xF9, 0x65, (byte) 0xEA, 0x33, (byte) 0xAB, (byte) 0x98, 0x10, (byte) 0x8A, 0x41, 0x04, (byte) 0x9E, 0x30, 0x73, (byte) 0xFF, 0x1D, 0x30, 0x33, 0x46, (byte) 0xFD, 0x48, 0x6D, (byte) 0xB4, 0x01, 0x2E, 0x6D, (byte) 0x82, 0x2F, (byte) 0xD1, 0x12, 0x16, (byte) 0xBF, 0x11, (byte) 0x98, (byte) 0xD5, 0x1B, 0x09, 0x0E, 0x44, 0x47, 0x07, (byte) 0x8C, 0x51, (byte) 0xA9, 0x56, 0x10, 0x70, 0x1F, 0x6A, (byte) 0xC3, 0x44, 0x7D, (byte) 0xE6, (byte) 0xAF, (byte) 0x90, 0x39, (byte) 0x98, (byte) 0xBE, (byte) 0xF9, 0x07, 0x1B, 0x7F, 0x79, (byte) 0xFB, (byte) 0x8C, (byte) 0xE5, (byte) 0xEC, (byte) 0xC8, (byte) 0xED, (byte) 0xC6, 0x4A, 0x61, (byte) 0x8C, 0x1E, 0x72, (byte) 0xAB, 0x07, (byte) 0x80, 0x05, (byte) 0x8D, (byte) 0xFF, 0x22, 0x37, (byte) 0x9A, (byte) 0x8C, 0x05, 0x30, 0x00, 0x57, (byte) 0xD2, (byte) 0x8A, (byte) 0x8D, 0x01, 0x28, (byte) 0x8E, 0x01, 0x03, (byte) 0x8F, 0x05, 0x2B, 0x0B, (byte) 0xA4, 0x18, 0x51, (byte) 0xB0, 0x09, (byte) 0x81, 0x07, 0x74, 0x65, 0x73, 0x74, 0x69, 0x6E, 0x67, (byte) 0xB1, 0x1E, (byte) 0x83, 0x1C, 0x68, 0x74, 0x74, 0x70, 0x3A, 0x2F, 0x2F, 0x74, 0x65, 0x73, 0x74, 0x69, 0x6E, 0x67, 0x2E, 0x74, 0x72, 0x75, 0x73, 0x74, 0x70, 0x6F, 0x69, 0x6E, 0x74, 0x2E, 0x63, 0x61, (byte) 0x92, 0x0A, 0x60, (byte) 0x86, 0x48, 0x01, (byte) 0x86, (byte) 0xFE, 0x51, 0x1D, 0x25, 0x05, (byte) 0x93, 0x1D, 0x68, 0x74, 0x74, 0x70, 0x3A, 0x2F, 0x2F, 0x74, 0x65, 0x73, 0x74, 0x6F, 0x63, 0x73, 0x70, 0x2E, 0x74, 0x72, 0x75, 0x73, 0x74, 0x70, 0x6F, 0x69, 0x6E, 0x74, 0x2E, 0x63, 0x61, (byte) 0x94, 0x1C, 0x68, 0x74, 0x74, 0x70, 0x3A, 0x2F, 0x2F, 0x74, 0x65, 0x73, 0x74, 0x63, 0x72, 0x6C, 0x2E, 0x74, 0x72, 0x75, 0x73, 0x74, 0x70, 0x6F, 0x69, 0x6E, 0x74, 0x2E, 0x63, 0x61 }; certificate.setCrlDistributionPointUri(new URI("http://testcrl.trustpoint.ca")); assertArrayEquals(expectedEncoding, certificate.getTBSCertificate()); expectedEncoding = new byte[] { 0x30, (byte) 0x82, 0x01, 0x7D, (byte) 0x81, 0x07, 0x00, 0x73, 0x68, (byte) 0xA3, (byte) 0xDC, 0x6E, 0x4F, (byte) 0x82, 0x05, 0x2B, (byte) 0x81, 0x3A, 0x01, 0x09, (byte) 0x83, 0x08, 0x01, (byte) 0x8D, 0x56, (byte) 0xAA, (byte) 0xB6, 0x3F, (byte) 0xC2, (byte) 0xB7, (byte) 0xA4, 0x24, (byte) 0x86, 0x0B, 0x54, 0x65, 0x73, 0x74, 0x20, 0x49, 0x73, 0x73, 0x75, 0x65, 0x72, (byte) 0x81, 0x15, 0x54, 0x72, 0x75, 0x73, 0x74, 0x50, 0x6F, 0x69, 0x6E, 0x74, 0x20, 0x49, 0x6E, 0x6E, 0x6F, 0x76, 0x61, 0x74, 0x69, 0x6F, 0x6E, (byte) 0x85, 0x04, 0x38, 0x6D, 0x43, (byte) 0x80, (byte) 0x86, 0x04, 0x01, (byte) 0xE1, 0x33, (byte) 0x80, (byte) 0xA7, 0x27, (byte) 0x86, 0x13, 0x4D, 0x32, 0x4D, 0x20, 0x4C, 0x69, 0x62, 0x72, 0x61, 0x72, 0x79, 0x20, 0x54, 0x65, 0x73, 0x74, 0x69, 0x6E, 0x67, (byte) 0x85, 0x08, 0x57, 0x61, 0x74, 0x65, 0x72, 0x6C, 0x6F, 0x6F, (byte) 0x84, 0x02, 0x4F, 0x4E, (byte) 0x80, 0x02, 0x43, 0x41, (byte) 0x88, 0x05, 0x2B, (byte) 0x81, 0x3A, 0x01, 0x0A, (byte) 0x89, 0x08, 0x00, (byte) 0xF9, 0x65, (byte) 0xEA, 0x33, (byte) 0xAB, (byte) 0x98, 0x10, (byte) 0x8A, 0x41, 0x04, (byte) 0x9E, 0x30, 0x73, (byte) 0xFF, 0x1D, 0x30, 0x33, 0x46, (byte) 0xFD, 0x48, 0x6D, (byte) 0xB4, 0x01, 0x2E, 0x6D, (byte) 0x82, 0x2F, (byte) 0xD1, 0x12, 0x16, (byte) 0xBF, 0x11, (byte) 0x98, (byte) 0xD5, 0x1B, 0x09, 0x0E, 0x44, 0x47, 0x07, (byte) 0x8C, 0x51, (byte) 0xA9, 0x56, 0x10, 0x70, 0x1F, 0x6A, (byte) 0xC3, 0x44, 0x7D, (byte) 0xE6, (byte) 0xAF, (byte) 0x90, 0x39, (byte) 0x98, (byte) 0xBE, (byte) 0xF9, 0x07, 0x1B, 0x7F, 0x79, (byte) 0xFB, (byte) 0x8C, (byte) 0xE5, (byte) 0xEC, (byte) 0xC8, (byte) 0xED, (byte) 0xC6, 0x4A, 0x61, (byte) 0x8C, 0x1E, 0x72, (byte) 0xAB, 0x07, (byte) 0x80, 0x05, (byte) 0x8D, (byte) 0xFF, 0x22, 0x37, (byte) 0x9A, (byte) 0x8C, 0x05, 0x30, 0x00, 0x57, (byte) 0xD2, (byte) 0x8A, (byte) 0x8D, 0x01, 0x28, (byte) 0x8E, 0x01, 0x03, (byte) 0x8F, 0x05, 0x2B, 0x0B, (byte) 0xA4, 0x18, 0x51, (byte) 0xB0, 0x09, (byte) 0x81, 0x07, 0x74, 0x65, 0x73, 0x74, 0x69, 0x6E, 0x67, (byte) 0xB1, 0x1E, (byte) 0x83, 0x1C, 0x68, 0x74, 0x74, 0x70, 0x3A, 0x2F, 0x2F, 0x74, 0x65, 0x73, 0x74, 0x69, 0x6E, 0x67, 0x2E, 0x74, 0x72, 0x75, 0x73, 0x74, 0x70, 0x6F, 0x69, 0x6E, 0x74, 0x2E, 0x63, 0x61, (byte) 0x92, 0x0A, 0x60, (byte) 0x86, 0x48, 0x01, (byte) 0x86, (byte) 0xFE, 0x51, 0x1D, 0x25, 0x05, (byte) 0x93, 0x1D, 0x68, 0x74, 0x74, 0x70, 0x3A, 0x2F, 0x2F, 0x74, 0x65, 0x73, 0x74, 0x6F, 0x63, 0x73, 0x70, 0x2E, 0x74, 0x72, 0x75, 0x73, 0x74, 0x70, 0x6F, 0x69, 0x6E, 0x74, 0x2E, 0x63, 0x61, (byte) 0x94, 0x1C, 0x68, 0x74, 0x74, 0x70, 0x3A, 0x2F, 0x2F, 0x74, 0x65, 0x73, 0x74, 0x63, 0x72, 0x6C, 0x2E, 0x74, 0x72, 0x75, 0x73, 0x74, 0x70, 0x6F, 0x69, 0x6E, 0x74, 0x2E, 0x63, 0x61, (byte) 0xB5, 0x21, 0x30, 0x0E, (byte) 0x80, 0x03, 0x55, 0x1D, 0x21, (byte) 0x82, 0x07, 0x23, (byte) 0xD6, (byte) 0xF1, (byte) 0x90, 0x00, 0x28, (byte) 0xA4, 0x30, 0x0F, (byte) 0x80, 0x03, 0x55, 0x1D, 0x24, (byte) 0x81, 0x01, (byte) 0xFF, (byte) 0x82, 0x05, 0x00, (byte) 0xB7, 0x3A, 0x49, 0x2F }; certificate.addExtension("2.5.29.33", false, Hex.decode("23d6f1900028a4")); certificate.addExtension("2.5.29.36", true, Hex.decode("00b73a492f")); assertArrayEquals(expectedEncoding, certificate.getTBSCertificate()); }
From source file:ca.trustpoint.m2m.M2mCertificateTest.java
License:Apache License
/** * Test method for {@link ca.trustpoint.m2m.M2mCertificate#getEncoded()}. */// w w w .jav a2 s . c om @Test public void testGetEncoded() throws Exception { boolean exceptionThrown = false; M2mCertificate certificate = new M2mCertificate(); try { certificate.getEncoded(); } catch (CertificateEncodingException ex) { exceptionThrown = true; } assertTrue(exceptionThrown); KeyAlgorithmDefinition caKeyDefinition = new KeyAlgorithmDefinition(); caKeyDefinition.setAlgorithm(M2mSignatureAlgorithmOids.ECDSA_SHA256_SECP256R1); caKeyDefinition.setParameters(Hex.decode("018d56aab63fc2b7")); EntityName issuer = new EntityName(); issuer.addAttribute(new EntityNameAttribute(EntityNameAttributeId.CommonName, "Test Issuer")); issuer.addAttribute(new EntityNameAttribute(EntityNameAttributeId.Organization, "TrustPoint Innovation")); Calendar validFromDate = new GregorianCalendar(TimeZone.getTimeZone("UTC")); validFromDate.set(2000, 0, 1, 0, 0, 0); validFromDate.set(Calendar.MILLISECOND, 0); Date validFrom = validFromDate.getTime(); EntityName subject = new EntityName(); subject.addAttribute(new EntityNameAttribute(EntityNameAttributeId.CommonName, "M2M Library Testing")); subject.addAttribute(new EntityNameAttribute(EntityNameAttributeId.Locality, "Waterloo")); subject.addAttribute(new EntityNameAttribute(EntityNameAttributeId.StateOrProvince, "ON")); subject.addAttribute(new EntityNameAttribute(EntityNameAttributeId.Country, "CA")); KeyAlgorithmDefinition publicKeyDefinition = new KeyAlgorithmDefinition(); publicKeyDefinition.setAlgorithm(M2mSignatureAlgorithmOids.ECQV_SHA256_SECP256R1); publicKeyDefinition.setParameters(Hex.decode("00f965ea33ab9810")); X962Parameters params = new X962Parameters(X9ObjectIdentifiers.prime256v1); AlgorithmIdentifier algId = new AlgorithmIdentifier(X9ObjectIdentifiers.id_ecPublicKey, params.toASN1Primitive()); SubjectPublicKeyInfo info = new SubjectPublicKeyInfo(algId, Hex.decode("029e3073ff1d303346fd486db4012e6d822fd11216bf1198d51b090e4447078c51")); AuthorityKeyIdentifier authKeyId = new AuthorityKeyIdentifier(); authKeyId.setKeyIdentifier(Hex.decode("8dff22379a")); KeyUsage usage = new KeyUsage(); usage.setKeyEncipherment(true); usage.setKeyAgreement(true); GeneralName subjectAltName = new GeneralName(); subjectAltName.setAttributeId(GeneralNameAttributeId.DnsName); subjectAltName.setValue("testing"); GeneralName issuerAltName = new GeneralName(); issuerAltName.setAttributeId(GeneralNameAttributeId.Uri); issuerAltName.setValue("http://testing.trustpoint.ca"); certificate.setSerialNumber(Hex.decode("007368a3dc6e4f")); certificate.setCaKeyDefinition(caKeyDefinition); certificate.setIssuer(issuer); certificate.setValidFrom(validFrom); certificate.setValidDuration(31536000); // One year in seconds. (365 * 24 * 60 * 60) certificate.setSubject(subject); certificate.setPublicKeyDefinition(publicKeyDefinition); certificate.setPublicKey(BouncyCastleProvider.getPublicKey(info)); certificate.setAuthorityKeyIdentifier(authKeyId); certificate.setSubjectKeyIdentifier(Hex.decode("300057d28a")); certificate.setKeyUsage(usage); certificate.setBasicConstraints(3); certificate.setCertificatePolicy("1.3.11.4632.81"); certificate.setSubjectAlternativeName(subjectAltName); certificate.setIssuerAlternativeName(issuerAltName); certificate.setExtendedKeyUsage("2.16.840.1.114513.29.37.5"); certificate.setAuthenticationInfoAccessOcsp(new URI("http://testocsp.trustpoint.ca")); certificate.setCrlDistributionPointUri(new URI("http://testcrl.trustpoint.ca")); certificate.addExtension("2.5.29.33", false, Hex.decode("23d6f1900028a4")); certificate.addExtension("2.5.29.36", true, Hex.decode("00b73a492f")); exceptionThrown = false; try { certificate.getEncoded(); } catch (CertificateEncodingException ex) { exceptionThrown = true; } assertTrue(exceptionThrown); certificate.setCaCalcValue(Hex.decode("00e34a98c2ae3bb12093675518d1da608782134781acc52deef288031901029a")); byte[] expectedEncoding = new byte[] { 0x74, (byte) 0x82, 0x01, (byte) 0xA3, (byte) 0xA0, (byte) 0x82, 0x01, 0x7D, (byte) 0x81, 0x07, 0x00, 0x73, 0x68, (byte) 0xA3, (byte) 0xDC, 0x6E, 0x4F, (byte) 0x82, 0x05, 0x2B, (byte) 0x81, 0x3A, 0x01, 0x09, (byte) 0x83, 0x08, 0x01, (byte) 0x8D, 0x56, (byte) 0xAA, (byte) 0xB6, 0x3F, (byte) 0xC2, (byte) 0xB7, (byte) 0xA4, 0x24, (byte) 0x86, 0x0B, 0x54, 0x65, 0x73, 0x74, 0x20, 0x49, 0x73, 0x73, 0x75, 0x65, 0x72, (byte) 0x81, 0x15, 0x54, 0x72, 0x75, 0x73, 0x74, 0x50, 0x6F, 0x69, 0x6E, 0x74, 0x20, 0x49, 0x6E, 0x6E, 0x6F, 0x76, 0x61, 0x74, 0x69, 0x6F, 0x6E, (byte) 0x85, 0x04, 0x38, 0x6D, 0x43, (byte) 0x80, (byte) 0x86, 0x04, 0x01, (byte) 0xE1, 0x33, (byte) 0x80, (byte) 0xA7, 0x27, (byte) 0x86, 0x13, 0x4D, 0x32, 0x4D, 0x20, 0x4C, 0x69, 0x62, 0x72, 0x61, 0x72, 0x79, 0x20, 0x54, 0x65, 0x73, 0x74, 0x69, 0x6E, 0x67, (byte) 0x85, 0x08, 0x57, 0x61, 0x74, 0x65, 0x72, 0x6C, 0x6F, 0x6F, (byte) 0x84, 0x02, 0x4F, 0x4E, (byte) 0x80, 0x02, 0x43, 0x41, (byte) 0x88, 0x05, 0x2B, (byte) 0x81, 0x3A, 0x01, 0x0A, (byte) 0x89, 0x08, 0x00, (byte) 0xF9, 0x65, (byte) 0xEA, 0x33, (byte) 0xAB, (byte) 0x98, 0x10, (byte) 0x8A, 0x41, 0x04, (byte) 0x9E, 0x30, 0x73, (byte) 0xFF, 0x1D, 0x30, 0x33, 0x46, (byte) 0xFD, 0x48, 0x6D, (byte) 0xB4, 0x01, 0x2E, 0x6D, (byte) 0x82, 0x2F, (byte) 0xD1, 0x12, 0x16, (byte) 0xBF, 0x11, (byte) 0x98, (byte) 0xD5, 0x1B, 0x09, 0x0E, 0x44, 0x47, 0x07, (byte) 0x8C, 0x51, (byte) 0xA9, 0x56, 0x10, 0x70, 0x1F, 0x6A, (byte) 0xC3, 0x44, 0x7D, (byte) 0xE6, (byte) 0xAF, (byte) 0x90, 0x39, (byte) 0x98, (byte) 0xBE, (byte) 0xF9, 0x07, 0x1B, 0x7F, 0x79, (byte) 0xFB, (byte) 0x8C, (byte) 0xE5, (byte) 0xEC, (byte) 0xC8, (byte) 0xED, (byte) 0xC6, 0x4A, 0x61, (byte) 0x8C, 0x1E, 0x72, (byte) 0xAB, 0x07, (byte) 0x80, 0x05, (byte) 0x8D, (byte) 0xFF, 0x22, 0x37, (byte) 0x9A, (byte) 0x8C, 0x05, 0x30, 0x00, 0x57, (byte) 0xD2, (byte) 0x8A, (byte) 0x8D, 0x01, 0x28, (byte) 0x8E, 0x01, 0x03, (byte) 0x8F, 0x05, 0x2B, 0x0B, (byte) 0xA4, 0x18, 0x51, (byte) 0xB0, 0x09, (byte) 0x81, 0x07, 0x74, 0x65, 0x73, 0x74, 0x69, 0x6E, 0x67, (byte) 0xB1, 0x1E, (byte) 0x83, 0x1C, 0x68, 0x74, 0x74, 0x70, 0x3A, 0x2F, 0x2F, 0x74, 0x65, 0x73, 0x74, 0x69, 0x6E, 0x67, 0x2E, 0x74, 0x72, 0x75, 0x73, 0x74, 0x70, 0x6F, 0x69, 0x6E, 0x74, 0x2E, 0x63, 0x61, (byte) 0x92, 0x0A, 0x60, (byte) 0x86, 0x48, 0x01, (byte) 0x86, (byte) 0xFE, 0x51, 0x1D, 0x25, 0x05, (byte) 0x93, 0x1D, 0x68, 0x74, 0x74, 0x70, 0x3A, 0x2F, 0x2F, 0x74, 0x65, 0x73, 0x74, 0x6F, 0x63, 0x73, 0x70, 0x2E, 0x74, 0x72, 0x75, 0x73, 0x74, 0x70, 0x6F, 0x69, 0x6E, 0x74, 0x2E, 0x63, 0x61, (byte) 0x94, 0x1C, 0x68, 0x74, 0x74, 0x70, 0x3A, 0x2F, 0x2F, 0x74, 0x65, 0x73, 0x74, 0x63, 0x72, 0x6C, 0x2E, 0x74, 0x72, 0x75, 0x73, 0x74, 0x70, 0x6F, 0x69, 0x6E, 0x74, 0x2E, 0x63, 0x61, (byte) 0xB5, 0x21, 0x30, 0x0E, (byte) 0x80, 0x03, 0x55, 0x1D, 0x21, (byte) 0x82, 0x07, 0x23, (byte) 0xD6, (byte) 0xF1, (byte) 0x90, 0x00, 0x28, (byte) 0xA4, 0x30, 0x0F, (byte) 0x80, 0x03, 0x55, 0x1D, 0x24, (byte) 0x81, 0x01, (byte) 0xFF, (byte) 0x82, 0x05, 0x00, (byte) 0xB7, 0x3A, 0x49, 0x2F, (byte) 0x81, 0x20, 0x00, (byte) 0xE3, 0x4A, (byte) 0x98, (byte) 0xC2, (byte) 0xAE, 0x3B, (byte) 0xB1, 0x20, (byte) 0x93, 0x67, 0x55, 0x18, (byte) 0xD1, (byte) 0xDA, 0x60, (byte) 0x87, (byte) 0x82, 0x13, 0x47, (byte) 0x81, (byte) 0xAC, (byte) 0xC5, 0x2D, (byte) 0xEE, (byte) 0xF2, (byte) 0x88, 0x03, 0x19, 0x01, 0x02, (byte) 0x9A }; assertArrayEquals(expectedEncoding, certificate.getEncoded()); }
From source file:ca.trustpoint.m2m.M2mCertificateTest.java
License:Apache License
/** * Test method for {@link ca.trustpoint.m2m.M2mCertificate#verify(java.security.PublicKey)}. *///from w w w. java 2 s .c o m @Test public void testVerifyPublicKey() throws Exception { boolean exceptionThrown = false; M2mCertificate certificate = new M2mCertificate(); KeyAlgorithmDefinition caKeyDefinition = new KeyAlgorithmDefinition(); caKeyDefinition.setAlgorithm(M2mSignatureAlgorithmOids.ECDSA_SHA512_SECP521R1); EntityName issuer = new EntityName(); issuer.addAttribute(new EntityNameAttribute(EntityNameAttributeId.CommonName, "blueline")); long secondsSinceEpoch = new BigInteger(Hex.decode("57AA2B20")).longValue() * 1000; Date validFrom = new Date(secondsSinceEpoch); int validDuration = new BigInteger(Hex.decode("01E13380")).intValue(); EntityName subject = new EntityName(); subject.addAttribute(new EntityNameAttribute(EntityNameAttributeId.CommonName, "C (P256 ECDSA)")); KeyAlgorithmDefinition publicKeyDefinition = new KeyAlgorithmDefinition(); publicKeyDefinition.setAlgorithm(M2mSignatureAlgorithmOids.ECDSA_SHA256_SECP256R1); X962Parameters params = new X962Parameters(X9ObjectIdentifiers.prime256v1); AlgorithmIdentifier algId = new AlgorithmIdentifier(X9ObjectIdentifiers.id_ecPublicKey, params.toASN1Primitive()); SubjectPublicKeyInfo info = new SubjectPublicKeyInfo(algId, Hex.decode("040B7733A4ABF6024D9901C3EE26718E0F22AA6FD75CE4CACCE896689E39D629A005655E9088ADDE" + "AC1DFC16EC26A722064C54F006EAF9A93763E16582DFA81937")); certificate.setSerialNumber(Hex.decode("0E")); certificate.setCaKeyDefinition(caKeyDefinition); certificate.setIssuer(issuer); certificate.setValidFrom(validFrom); certificate.setValidDuration(validDuration); certificate.setSubject(subject); certificate.setPublicKeyDefinition(publicKeyDefinition); certificate.setPublicKey(BouncyCastleProvider.getPublicKey(info)); certificate.setCaCalcValue( Hex.decode("308188024200E6E20956572B988A8CD20F099ACB1758378B61F03C2EAABCA819D9CF59EFD427E5A71402" + "C3890B76C2E900E860E55CCBCAB060971BD2ED066402D22DD3BC5C8D9C0242017492DFD4CDF1C0BF535D" + "1E284E15F2357FD8C9FF688354A6B0597A1701414B571BEA82FB788094C41B407CADB4B421DBE56D1D68" + "756B961FD702B02CC7C9FA9367")); params = new X962Parameters(SECObjectIdentifiers.secp521r1); algId = new AlgorithmIdentifier(X9ObjectIdentifiers.id_ecPublicKey, params.toASN1Primitive()); SubjectPublicKeyInfo caKeyInfo = new SubjectPublicKeyInfo(algId, Hex.decode("040043FF2A9FE4C5DDA97D82D43082AFEC8B26A925F833287C279DFA555CCB57DACF3119163470" + "8FB7F02FFB5E1DF26E92E8D6617DA0134B2AA652622C725FA569795E016B2C5C7593CC381F61DD63" + "B49DBB19ABA7D5C7FD8921F79DE0CABDF1D9D9728A360E51DFBA09F33787B31F97103B31AF057628" + "F3E56B6C4F1089EA6F299604670E")); certificate.verify(BouncyCastleProvider.getPublicKey(caKeyInfo)); certificate.setSerialNumber(Hex.decode("FF")); try { certificate.verify(BouncyCastleProvider.getPublicKey(caKeyInfo)); } catch (Exception ex) { exceptionThrown = true; } assertTrue(exceptionThrown); }
From source file:ca.trustpoint.m2m.M2mCertificateTest.java
License:Apache License
/** * Test method for/* w w w . ja v a 2s.co m*/ * {@link ca.trustpoint.m2m.M2mCertificate#verify(java.security.PublicKey, java.lang.String)}. */ @Test public void testVerifyPublicKeyString() throws Exception { boolean exceptionThrown = false; M2mCertificate certificate = new M2mCertificate(); KeyAlgorithmDefinition caKeyDefinition = new KeyAlgorithmDefinition(); caKeyDefinition.setAlgorithm(M2mSignatureAlgorithmOids.ECDSA_SHA512_SECP521R1); EntityName issuer = new EntityName(); issuer.addAttribute(new EntityNameAttribute(EntityNameAttributeId.CommonName, "blueline")); long secondsSinceEpoch = new BigInteger(Hex.decode("57AA2B20")).longValue() * 1000; Date validFrom = new Date(secondsSinceEpoch); int validDuration = new BigInteger(Hex.decode("01E13380")).intValue(); EntityName subject = new EntityName(); subject.addAttribute(new EntityNameAttribute(EntityNameAttributeId.CommonName, "C (P256 ECDSA)")); KeyAlgorithmDefinition publicKeyDefinition = new KeyAlgorithmDefinition(); publicKeyDefinition.setAlgorithm(M2mSignatureAlgorithmOids.ECDSA_SHA256_SECP256R1); X962Parameters params = new X962Parameters(X9ObjectIdentifiers.prime256v1); AlgorithmIdentifier algId = new AlgorithmIdentifier(X9ObjectIdentifiers.id_ecPublicKey, params.toASN1Primitive()); SubjectPublicKeyInfo info = new SubjectPublicKeyInfo(algId, Hex.decode("040B7733A4ABF6024D9901C3EE26718E0F22AA6FD75CE4CACCE896689E39D629A005655E9088ADDE" + "AC1DFC16EC26A722064C54F006EAF9A93763E16582DFA81937")); certificate.setSerialNumber(Hex.decode("0E")); certificate.setCaKeyDefinition(caKeyDefinition); certificate.setIssuer(issuer); certificate.setValidFrom(validFrom); certificate.setValidDuration(validDuration); certificate.setSubject(subject); certificate.setPublicKeyDefinition(publicKeyDefinition); certificate.setPublicKey(BouncyCastleProvider.getPublicKey(info)); certificate.setCaCalcValue( Hex.decode("308188024200E6E20956572B988A8CD20F099ACB1758378B61F03C2EAABCA819D9CF59EFD427E5A71402" + "C3890B76C2E900E860E55CCBCAB060971BD2ED066402D22DD3BC5C8D9C0242017492DFD4CDF1C0BF535D" + "1E284E15F2357FD8C9FF688354A6B0597A1701414B571BEA82FB788094C41B407CADB4B421DBE56D1D68" + "756B961FD702B02CC7C9FA9367")); params = new X962Parameters(SECObjectIdentifiers.secp521r1); algId = new AlgorithmIdentifier(X9ObjectIdentifiers.id_ecPublicKey, params.toASN1Primitive()); SubjectPublicKeyInfo caKeyInfo = new SubjectPublicKeyInfo(algId, Hex.decode("040043FF2A9FE4C5DDA97D82D43082AFEC8B26A925F833287C279DFA555CCB57DACF3119163470" + "8FB7F02FFB5E1DF26E92E8D6617DA0134B2AA652622C725FA569795E016B2C5C7593CC381F61DD63" + "B49DBB19ABA7D5C7FD8921F79DE0CABDF1D9D9728A360E51DFBA09F33787B31F97103B31AF057628" + "F3E56B6C4F1089EA6F299604670E")); certificate.verify(BouncyCastleProvider.getPublicKey(caKeyInfo), BouncyCastleProvider.PROVIDER_NAME); certificate.setSerialNumber(Hex.decode("FF")); try { certificate.verify(BouncyCastleProvider.getPublicKey(caKeyInfo), BouncyCastleProvider.PROVIDER_NAME); } catch (Exception ex) { exceptionThrown = true; } assertTrue(exceptionThrown); }
From source file:ca.trustpoint.m2m.M2mCertificateTest.java
License:Apache License
/** * Test method for//from www .jav a 2s . c om * {@link ca.trustpoint.m2m.M2mCertificate#reconstructPublicKey(java.security.PublicKey)}. */ @Test public void testReconstructPublicKey() throws Exception { M2mCertificate certificate = new M2mCertificate(); //set M2mSignatureAlgorithmOid KeyAlgorithmDefinition caKeyDefinition = new KeyAlgorithmDefinition(); caKeyDefinition.setAlgorithm(M2mSignatureAlgorithmOids.ECQV_SHA256_SECP256R1); //set issuer EntityName issuer = new EntityName(); issuer.addAttribute(new EntityNameAttribute(EntityNameAttributeId.CommonName, "C (P256 ECQV)")); //set validFrom: 2016-09-12 14:10:14 long secondsSinceEpoch = new BigInteger(Hex.decode("57D6B746")).longValue() * 1000; Date validFrom = new Date(secondsSinceEpoch); //set validDuration: 24 Months int validDuration = new BigInteger(Hex.decode("03C26700")).intValue(); EntityName subject = new EntityName(); subject.addAttribute(new EntityNameAttribute(EntityNameAttributeId.CommonName, "test")); subject.addAttribute(new EntityNameAttribute(EntityNameAttributeId.Organization, "test")); //call setters for ECQV cert certificate.setSerialNumber(Hex.decode("01")); certificate.setCaKeyDefinition(caKeyDefinition); certificate.setIssuer(issuer); certificate.setValidFrom(validFrom); certificate.setValidDuration(validDuration); certificate.setSubject(subject); certificate .setCaCalcValue(Hex.decode("03F3171B68FE9EAAE211325DC2BD84A1FE50C07221CDBE038967B28CD06EB0CBFB")); //configure CA certificate X962Parameters params = new X962Parameters(X9ObjectIdentifiers.prime256v1); AlgorithmIdentifier algId = new AlgorithmIdentifier(X9ObjectIdentifiers.id_ecPublicKey, params.toASN1Primitive()); SubjectPublicKeyInfo caKeyInfo = new SubjectPublicKeyInfo(algId, Hex.decode("04B10BD183820F3F32B7C000BAC7A480C8041998CFBE211DDA811B915FD03CED9EE7653551B" + "7AFB30725C5617FD0AF767385CC9778ED3385A84DEEE6EFE64660CF")); //test is assumed to pass if reconstructPublicKey() call does not throw an exception certificate.reconstructPublicKey(BouncyCastleProvider.getPublicKey(caKeyInfo)); }
From source file:ca.trustpoint.m2m.M2mCertificateTest.java
License:Apache License
/** * Negative Test method for//www. ja v a 2 s . c om * {@link com.trustpoint.m2m.M2MCertificate#reconstructPublicKey(java.security.PublicKey)}. * @throws IOException * @throws NoSuchAlgorithmException * @throws InvalidKeyException */ @Test(expected = NoSuchAlgorithmException.class) //test should throw a NoSuchAlgorithmException public void testReconstructPublicKeyWithNonECQVCertificate() throws Exception { M2mCertificate certificate = new M2mCertificate(); //test when Certificate is not a ECQV certificate KeyAlgorithmDefinition caKeyDefinition = new KeyAlgorithmDefinition(); caKeyDefinition.setAlgorithm(M2mSignatureAlgorithmOids.ECDSA_SHA512_SECP521R1); EntityName issuer = new EntityName(); issuer.addAttribute(new EntityNameAttribute(EntityNameAttributeId.CommonName, "blueline")); long secondsSinceEpoch = new BigInteger(Hex.decode("57AA2B20")).longValue() * 1000; Date validFrom = new Date(secondsSinceEpoch); int validDuration = new BigInteger(Hex.decode("01E13380")).intValue(); EntityName subject = new EntityName(); subject.addAttribute(new EntityNameAttribute(EntityNameAttributeId.CommonName, "C (P256 ECDSA)")); KeyAlgorithmDefinition publicKeyDefinition = new KeyAlgorithmDefinition(); publicKeyDefinition.setAlgorithm(M2mSignatureAlgorithmOids.ECDSA_SHA256_SECP256R1); X962Parameters params = new X962Parameters(X9ObjectIdentifiers.prime256v1); AlgorithmIdentifier algId = new AlgorithmIdentifier(X9ObjectIdentifiers.id_ecPublicKey, params.toASN1Primitive()); SubjectPublicKeyInfo info = new SubjectPublicKeyInfo(algId, Hex.decode("040B7733A4ABF6024D9901C3EE26718E0F22AA6FD75CE4CACCE896689E39D629A005655E9088ADD" + "EAC1DFC16EC26A722064C54F006EAF9A93763E16582DFA81937")); certificate.setSerialNumber(Hex.decode("0E")); certificate.setCaKeyDefinition(caKeyDefinition); certificate.setIssuer(issuer); certificate.setValidFrom(validFrom); certificate.setValidDuration(validDuration); certificate.setSubject(subject); certificate.setPublicKeyDefinition(publicKeyDefinition); certificate.setPublicKey(BouncyCastleProvider.getPublicKey(info)); //throws a NoSuchAlgorithmException which is what the test expects certificate.reconstructPublicKey(certificate.getPublicKey()); }
From source file:ca.trustpoint.m2m.M2mCertPathTest.java
License:Apache License
@BeforeClass public static void initializeTests() throws Exception { Security.addProvider(new BouncyCastleProvider()); KeyAlgorithmDefinition caAlgorithm = new KeyAlgorithmDefinition(); caAlgorithm.setAlgorithm(M2mSignatureAlgorithmOids.ECDSA_SHA512_SECP521R1); EntityName issuer = new EntityName(); issuer.addAttribute(new EntityNameAttribute(EntityNameAttributeId.CommonName, "blueline")); Date validFrom = new Date((new BigInteger(Hex.decode("5797C511"))).longValue() * 1000); int validDuration = (new BigInteger(Hex.decode("01E13380"))).intValue(); EntityName subject = new EntityName(); subject.addAttribute(new EntityNameAttribute(EntityNameAttributeId.CommonName, "blueline")); KeyAlgorithmDefinition pkAlgorithm = new KeyAlgorithmDefinition(); pkAlgorithm.setAlgorithm(M2mSignatureAlgorithmOids.ECDSA_SHA512_SECP521R1); X962Parameters keyParams = new X962Parameters(SECObjectIdentifiers.secp521r1); AlgorithmIdentifier algId = new AlgorithmIdentifier(X9ObjectIdentifiers.id_ecPublicKey, keyParams.toASN1Primitive()); SubjectPublicKeyInfo publicKeyInfo = new SubjectPublicKeyInfo(algId, Hex.decode("040078EF059D605AB85B6A25A6EF31A1A73A632D3CB04DC606A8CA0B5823966168CFAF6131D8D9B5" + "3F6BDF6B62946EC4B41D618FA3FF7F8BBFACBFD4F64FE3C33DA9D200A47AE528DC50B6F3876D7F5B" + "A3C082D9927751E1A8C4F934D90942B35C57DFE311B2663E8D0187AD4EDE31BF9CD2AD8317107360" + "522FDB6975AB2CD66DC029981F")); PublicKey publicKey = BouncyCastleProvider.getPublicKey(publicKeyInfo); byte[] signature = Hex .decode("3081880242014F15CAF8EF38626B2C7CFA85B9544E028668290CADB45F62E2153EAAF5A9D51AF5BF0D02" + "F2C057D3856B5CBFB3529C25B8481405924039FA612D422AE9A1A85591024201868D3DFE5FC2BEDD2F74" + "68B0B17ED2708E76CD0D37C44F4D0BB88693752046FCFC56D9818B32533B8992923C2C81499400AC44FB" + "BECD6324D8AE1DD41EC73A0B2A"); rootCertificate.setSerialNumber(new byte[] { 0x02 }); rootCertificate.setCaKeyDefinition(caAlgorithm); rootCertificate.setIssuer(issuer);//from www . j a v a2 s. com rootCertificate.setValidFrom(validFrom); rootCertificate.setValidDuration(validDuration); rootCertificate.setSubject(subject); rootCertificate.setPublicKeyDefinition(pkAlgorithm); rootCertificate.setPublicKey(publicKey); rootCertificate.setCaCalcValue(signature); caAlgorithm = new KeyAlgorithmDefinition(); caAlgorithm.setAlgorithm(M2mSignatureAlgorithmOids.ECDSA_SHA512_SECP521R1); issuer = new EntityName(); issuer.addAttribute(new EntityNameAttribute(EntityNameAttributeId.CommonName, "blueline")); validFrom = new Date((new BigInteger(Hex.decode("57990E5F"))).longValue() * 1000); validDuration = (new BigInteger(Hex.decode("03C26700"))).intValue(); subject = new EntityName(); subject.addAttribute(new EntityNameAttribute(EntityNameAttributeId.CommonName, "MyIssuer")); pkAlgorithm = new KeyAlgorithmDefinition(); pkAlgorithm.setAlgorithm(M2mSignatureAlgorithmOids.ECDSA_SHA256_SECP256R1); keyParams = new X962Parameters(SECObjectIdentifiers.secp256r1); algId = new AlgorithmIdentifier(X9ObjectIdentifiers.id_ecPublicKey, keyParams.toASN1Primitive()); publicKeyInfo = new SubjectPublicKeyInfo(algId, Hex.decode("0461591E779EE482541CF63EF2A0709D3D04CEBE1F621D4764EFECC4FF374864305E3742DAB2690E" + "889B84906A7D2EAB444B9E03B546393BFCF9B2B3B87658C6FA")); publicKey = BouncyCastleProvider.getPublicKey(publicKeyInfo); signature = Hex .decode("3081870242016A8F50899193BD85FF36965129F86F64290B64FAD40E755CA367D31B3484F2A5552DDAB0" + "5B1246304CFC4164E29950D56DEA04BB4D9A3D489E07106D1D3F34669D0241631ED08CD7EEAFE6114189" + "53C64F1A6097B45D1ABB5FB9390A3CEAEDAB3C47FF3E7A1A754E1E0D53B2C2FEE90EB14EBDA0B4F15260" + "C375FFC1868A7569B505FF08"); issuerCertificate.setSerialNumber(new byte[] { 0x65 }); issuerCertificate.setCaKeyDefinition(caAlgorithm); issuerCertificate.setIssuer(issuer); issuerCertificate.setValidFrom(validFrom); issuerCertificate.setValidDuration(validDuration); issuerCertificate.setSubject(subject); issuerCertificate.setPublicKeyDefinition(pkAlgorithm); issuerCertificate.setPublicKey(publicKey); issuerCertificate.setCaCalcValue(signature); caAlgorithm = new KeyAlgorithmDefinition(); caAlgorithm.setAlgorithm(M2mSignatureAlgorithmOids.ECDSA_SHA256_SECP256R1); issuer = new EntityName(); issuer.addAttribute(new EntityNameAttribute(EntityNameAttributeId.CommonName, "MyIssuer")); validFrom = new Date((new BigInteger(Hex.decode("57A26BCC"))).longValue() * 1000); validDuration = (new BigInteger(Hex.decode("03C26700"))).intValue(); subject = new EntityName(); subject.addAttribute(new EntityNameAttribute(EntityNameAttributeId.CommonName, "MySigner")); keyParams = new X962Parameters(SECObjectIdentifiers.secp256r1); algId = new AlgorithmIdentifier(X9ObjectIdentifiers.id_ecPublicKey, keyParams.toASN1Primitive()); publicKeyInfo = new SubjectPublicKeyInfo(algId, Hex.decode("0463C779CFF44EB3C97D7CDF9AB3AD9A6ED0DCB6F3F1A3155DF674109A3AAD0A757FCAF2F01E53CD" + "ED25707ADC38C2271E90BB554DB4ED47B65B25BB478E9E3BF8")); publicKey = BouncyCastleProvider.getPublicKey(publicKeyInfo); signature = Hex .decode("3045022100CBD969EEEB637A03D60B3271BD7320E7A3DDA1B1EF014E641F6C32BF897EEAC6022030FF7F" + "FD3A59C9B16F2F335716B47402A3CFF3EE667767A89017D218203CD66E"); signerCertificate.setSerialNumber(new byte[] { 0x68 }); signerCertificate.setCaKeyDefinition(caAlgorithm); signerCertificate.setIssuer(issuer); signerCertificate.setValidFrom(validFrom); signerCertificate.setValidDuration(validDuration); signerCertificate.setSubject(subject); signerCertificate.setPublicKey(publicKey); signerCertificate.setCaCalcValue(signature); }
From source file:ca.trustpoint.m2m.M2mCertPathValidatorTest.java
License:Apache License
@BeforeClass public static void initializeTests() throws Exception { Security.addProvider(new BouncyCastleProvider()); KeyAlgorithmDefinition caAlgorithm = new KeyAlgorithmDefinition(); caAlgorithm.setAlgorithm(M2mSignatureAlgorithmOids.ECDSA_SHA512_SECP521R1); EntityName issuer = new EntityName(); issuer.addAttribute(new EntityNameAttribute(EntityNameAttributeId.CommonName, "blueline")); Date validFrom = new Date((new BigInteger(Hex.decode("5797C511"))).longValue() * 1000); int validDuration = (new BigInteger(Hex.decode("01E13380"))).intValue(); EntityName subject = new EntityName(); subject.addAttribute(new EntityNameAttribute(EntityNameAttributeId.CommonName, "blueline")); KeyAlgorithmDefinition pkAlgorithm = new KeyAlgorithmDefinition(); pkAlgorithm.setAlgorithm(M2mSignatureAlgorithmOids.ECDSA_SHA512_SECP521R1); X962Parameters keyParams = new X962Parameters(SECObjectIdentifiers.secp521r1); AlgorithmIdentifier algId = new AlgorithmIdentifier(X9ObjectIdentifiers.id_ecPublicKey, keyParams.toASN1Primitive()); SubjectPublicKeyInfo publicKeyInfo = new SubjectPublicKeyInfo(algId, Hex.decode("040078EF059D605AB85B6A25A6EF31A1A73A632D3CB04DC606A8CA0B5823966168CFAF6131D8D9B5" + "3F6BDF6B62946EC4B41D618FA3FF7F8BBFACBFD4F64FE3C33DA9D200A47AE528DC50B6F3876D7F5B" + "A3C082D9927751E1A8C4F934D90942B35C57DFE311B2663E8D0187AD4EDE31BF9CD2AD8317107360" + "522FDB6975AB2CD66DC029981F")); PublicKey publicKey = BouncyCastleProvider.getPublicKey(publicKeyInfo); byte[] signature = Hex .decode("3081880242014F15CAF8EF38626B2C7CFA85B9544E028668290CADB45F62E2153EAAF5A9D51AF5BF0D02" + "F2C057D3856B5CBFB3529C25B8481405924039FA612D422AE9A1A85591024201868D3DFE5FC2BEDD2F74" + "68B0B17ED2708E76CD0D37C44F4D0BB88693752046FCFC56D9818B32533B8992923C2C81499400AC44FB" + "BECD6324D8AE1DD41EC73A0B2A"); rootCertificate.setSerialNumber(new byte[] { 0x02 }); rootCertificate.setCaKeyDefinition(caAlgorithm); rootCertificate.setIssuer(issuer);// w w w . ja v a 2 s.c o m rootCertificate.setValidFrom(validFrom); rootCertificate.setValidDuration(validDuration); rootCertificate.setSubject(subject); rootCertificate.setPublicKeyDefinition(pkAlgorithm); rootCertificate.setPublicKey(publicKey); rootCertificate.setCaCalcValue(signature); caAlgorithm = new KeyAlgorithmDefinition(); caAlgorithm.setAlgorithm(M2mSignatureAlgorithmOids.ECDSA_SHA512_SECP521R1); issuer = new EntityName(); issuer.addAttribute(new EntityNameAttribute(EntityNameAttributeId.CommonName, "blueline")); validFrom = new Date((new BigInteger(Hex.decode("57990E5F"))).longValue() * 1000); validDuration = (new BigInteger(Hex.decode("03C26700"))).intValue(); subject = new EntityName(); subject.addAttribute(new EntityNameAttribute(EntityNameAttributeId.CommonName, "MyIssuer")); pkAlgorithm = new KeyAlgorithmDefinition(); pkAlgorithm.setAlgorithm(M2mSignatureAlgorithmOids.ECDSA_SHA256_SECP256R1); keyParams = new X962Parameters(SECObjectIdentifiers.secp256r1); algId = new AlgorithmIdentifier(X9ObjectIdentifiers.id_ecPublicKey, keyParams.toASN1Primitive()); publicKeyInfo = new SubjectPublicKeyInfo(algId, Hex.decode("0461591E779EE482541CF63EF2A0709D3D04CEBE1F621D4764EFECC4FF374864305E3742DAB2690E" + "889B84906A7D2EAB444B9E03B546393BFCF9B2B3B87658C6FA")); publicKey = BouncyCastleProvider.getPublicKey(publicKeyInfo); signature = Hex .decode("3081870242016A8F50899193BD85FF36965129F86F64290B64FAD40E755CA367D31B3484F2A5552DDAB0" + "5B1246304CFC4164E29950D56DEA04BB4D9A3D489E07106D1D3F34669D0241631ED08CD7EEAFE6114189" + "53C64F1A6097B45D1ABB5FB9390A3CEAEDAB3C47FF3E7A1A754E1E0D53B2C2FEE90EB14EBDA0B4F15260" + "C375FFC1868A7569B505FF08"); issuerCertificate.setSerialNumber(new byte[] { 0x65 }); issuerCertificate.setCaKeyDefinition(caAlgorithm); issuerCertificate.setIssuer(issuer); issuerCertificate.setValidFrom(validFrom); issuerCertificate.setValidDuration(validDuration); issuerCertificate.setSubject(subject); issuerCertificate.setPublicKeyDefinition(pkAlgorithm); issuerCertificate.setPublicKey(publicKey); issuerCertificate.setCaCalcValue(signature); caAlgorithm = new KeyAlgorithmDefinition(); caAlgorithm.setAlgorithm(M2mSignatureAlgorithmOids.ECDSA_SHA256_SECP256R1); issuer = new EntityName(); issuer.addAttribute(new EntityNameAttribute(EntityNameAttributeId.CommonName, "MyIssuer")); validFrom = new Date((new BigInteger(Hex.decode("57A26BCC"))).longValue() * 1000); validDuration = (new BigInteger(Hex.decode("03C26700"))).intValue(); subject = new EntityName(); subject.addAttribute(new EntityNameAttribute(EntityNameAttributeId.CommonName, "MySigner")); keyParams = new X962Parameters(SECObjectIdentifiers.secp256r1); algId = new AlgorithmIdentifier(X9ObjectIdentifiers.id_ecPublicKey, keyParams.toASN1Primitive()); publicKeyInfo = new SubjectPublicKeyInfo(algId, Hex.decode("0463C779CFF44EB3C97D7CDF9AB3AD9A6ED0DCB6F3F1A3155DF674109A3AAD0A757FCAF2F01E53CD" + "ED25707ADC38C2271E90BB554DB4ED47B65B25BB478E9E3BF8")); publicKey = BouncyCastleProvider.getPublicKey(publicKeyInfo); signature = Hex .decode("3045022100CBD969EEEB637A03D60B3271BD7320E7A3DDA1B1EF014E641F6C32BF897EEAC6022030FF7F" + "FD3A59C9B16F2F335716B47402A3CFF3EE667767A89017D218203CD66E"); signerCertificate.setSerialNumber(new byte[] { 0x68 }); signerCertificate.setCaKeyDefinition(caAlgorithm); signerCertificate.setIssuer(issuer); signerCertificate.setValidFrom(validFrom); signerCertificate.setValidDuration(validDuration); signerCertificate.setSubject(subject); signerCertificate.setPublicKey(publicKey); signerCertificate.setCaCalcValue(signature); caAlgorithm = new KeyAlgorithmDefinition(); caAlgorithm.setAlgorithm(NfcSignatureAlgorithmOids.RSA_SHA256_RSA); issuer = new EntityName(); issuer.addAttribute(new EntityNameAttribute(EntityNameAttributeId.Country, "US")); issuer.addAttribute(new EntityNameAttribute(EntityNameAttributeId.Organization, "NFC Forum Test RSA CA")); validFrom = new Date((new BigInteger(Hex.decode("5418AEDA"))).longValue() * 1000); validDuration = (new BigInteger(Hex.decode("05A497A0"))).intValue(); subject = new EntityName(); subject.addAttribute(new EntityNameAttribute(EntityNameAttributeId.Country, "US")); subject.addAttribute(new EntityNameAttribute(EntityNameAttributeId.StateOrProvince, "UT")); subject.addAttribute( new EntityNameAttribute(EntityNameAttributeId.Organization, "NFC Forum RSA Test M2M EE 1")); algId = new AlgorithmIdentifier(PKCSObjectIdentifiers.rsaEncryption, new DERSet(DERNull.INSTANCE)); publicKeyInfo = new SubjectPublicKeyInfo(algId, Hex.decode("3082010A0282010100E93D3E174F587784C53A4B01C05D2F73CFEC22CCCD1FBCF1B1C5B49A118CE6" + "B323640F28DFE1D5882FAFAEFDE9BB9A20347C44347D69F431AEEF5788D2EAE2131E49E3B9FD6A94" + "BCE34AFCF88C603BAA8EADBC5E6BC558D1459064F9FF6F6157C472739E90B9A312A5DE67176A03FB" + "A77981A6F89F1CA9C0733C67797ED6DB766FC99ABEE0C8D3641D69A9C6FD1E6F33CEE29344374146" + "E9A8E3CB141163798FDD9217CF58D93E836EA735D5A7F642F203DE097C1623EB855AB72D81330014" + "26163E671C747DB54629C0EAF37342CF16923FCAD53B5CAF2CECCB3876853CE003C3753FA72C1F39" + "9A9B5FA7A232792FBE38C995B55B9D105F3C0AC536D841068B0203010001")); publicKey = BouncyCastleProvider.getPublicKey(publicKeyInfo); signature = Hex.decode("B6A683AF9B20715210CA38D0DAA647F48270DBF67EDF3E043BFBD02265A035540D50540F877179D6" + "1349B9F872AFA41646835F8353CF90049551941B89D79B3FC61B1AADE00E8BA474A4342BDAACA5CD" + "28AFC9DD7C505127857224D0278A6E5C9AC4344B3FA36B7FD6E5E54D4D92FBCD717AD4D2FE73C2E6" + "2219D6A097970BB4F956AAA948501E4083137992EEBCFA41308687F36DBE8CEC54579C76DE4DE54A" + "1D6E007AD22F83BEE86CDEF39A37B4BCCD71D5B0A364C258B94D0B953DC3DA5637874157C3AD7CEC" + "3367F3075FA1D8939B27F4062DFBE436F871AECDC6D2A3098793A1212ED192F6B128648FFE764C4D" + "3176D64E6594DB295400465395781A37"); rsaTestCertificate.setSerialNumber(Hex.decode("034F3F184941B948A47F3D59EE625F09")); rsaTestCertificate.setCaKeyDefinition(caAlgorithm); rsaTestCertificate.setIssuer(issuer); rsaTestCertificate.setValidFrom(validFrom); rsaTestCertificate.setValidDuration(validDuration); rsaTestCertificate.setSubject(subject); rsaTestCertificate.setPublicKey(publicKey); rsaTestCertificate.setKeyUsage(new KeyUsage((byte) 0xA0)); rsaTestCertificate.setExtendedKeyUsage("2.16.840.1.114513.29.37"); rsaTestCertificate.setCrlDistributionPointUri(new URI("http://crl.nfctest.example.com/nfctestrsaca.crl")); rsaTestCertificate.setCaCalcValue(signature); CertificateFactory x509Factory = CertificateFactory.getInstance("X.509", BouncyCastleProvider.PROVIDER_NAME); FileInputStream fileInput = new FileInputStream("testdata/digicert_batch_2/NFC Forum Test RSA CA.cer"); x509Ca = (X509Certificate) x509Factory.generateCertificate(fileInput); fileInput.close(); }