test/sun/security/x509/X509CertImpl/V3Certificate.java

Print this page




  25 import java.io.FileInputStream;
  26 import java.io.FileOutputStream;
  27 import java.io.IOException;
  28 import java.io.InputStream;
  29 import java.io.OutputStream;
  30 import java.io.PrintWriter;
  31 import static java.lang.System.out;
  32 import java.security.InvalidKeyException;
  33 import java.security.KeyPair;
  34 import java.security.KeyPairGenerator;
  35 import java.security.MessageDigest;
  36 import java.security.NoSuchAlgorithmException;
  37 import java.security.NoSuchProviderException;
  38 import java.security.PrivateKey;
  39 import java.security.PublicKey;
  40 import java.security.Signature;
  41 import java.security.SignatureException;
  42 import java.security.cert.CertificateException;
  43 import java.security.cert.CertificateFactory;
  44 import java.security.cert.X509Certificate;

  45 import java.util.Calendar;
  46 import java.util.Date;
  47 import java.util.TimeZone;
  48 import sun.misc.BASE64Encoder;
  49 import sun.security.util.BitArray;
  50 import sun.security.util.ObjectIdentifier;
  51 import sun.security.x509.*;
  52 
  53 /**
  54  * @test
  55  * @bug 8049237
  56  * @modules java.base/sun.security.x509
  57  *          java.base/sun.security.util
  58  *          java.base/sun.misc
  59  * @summary This test generates V3 certificate with all the supported
  60  * extensions. Writes back the generated certificate in to a file and checks for
  61  * equality with the original certificate.
  62  */
  63 public class V3Certificate {
  64 
  65     public static final String V3_FILE = "certV3";
  66     public static final String V3_B64_FILE = "certV3.b64";
  67 
  68     public static void main(String[] args) throws IOException,
  69             NoSuchAlgorithmException, InvalidKeyException, CertificateException,
  70             NoSuchProviderException, SignatureException {
  71 
  72         boolean success = true;
  73 
  74         success &= test("RSA", "SHA256withRSA", 2048);
  75         success &= test("DSA", "SHA256withDSA", 2048);
  76         success &= test("EC", "SHA256withECDSA", 384);
  77 
  78         if (!success) {


 207         exts.set(SubjectKeyIdentifierExtension.NAME, ski);
 208         exts.set(BasicConstraintsExtension.NAME, cons);
 209         exts.set(PolicyConstraintsExtension.NAME, pce);
 210         cert.set(X509CertInfo.EXTENSIONS, exts);
 211 
 212         // Generate and sign X509CertImpl
 213         X509CertImpl crt = new X509CertImpl(cert);
 214         crt.sign(privateKey, sigAlg);
 215         crt.verify(publicKey);
 216 
 217         try (FileOutputStream fos = new FileOutputStream(new File(V3_FILE));
 218                 FileOutputStream fos_b64
 219                 = new FileOutputStream(new File(V3_B64_FILE));
 220                 PrintWriter pw = new PrintWriter(fos_b64)) {
 221             crt.encode((OutputStream) fos);
 222             fos.flush();
 223 
 224             // Certificate boundaries/
 225             pw.println("-----BEGIN CERTIFICATE-----");
 226             pw.flush();
 227             new BASE64Encoder().encodeBuffer(crt.getEncoded(), fos_b64);
 228             fos_b64.flush();
 229             pw.println("-----END CERTIFICATE-----");
 230         }
 231 
 232         out.println("*** Certificate ***");
 233         out.println(crt);
 234         out.println("*** End Certificate ***");
 235 
 236         X509Certificate x2 = generateCertificate(V3_FILE);
 237         if (!x2.equals(crt)) {
 238             out.println("*** Certificate mismatch ***");
 239             testResult = false;
 240         }
 241 
 242         X509Certificate x3 = generateCertificate(V3_B64_FILE);
 243         if (!x3.equals(crt)) {
 244             out.println("*** Certificate mismatch ***");
 245             testResult = false;
 246         }
 247 


  25 import java.io.FileInputStream;
  26 import java.io.FileOutputStream;
  27 import java.io.IOException;
  28 import java.io.InputStream;
  29 import java.io.OutputStream;
  30 import java.io.PrintWriter;
  31 import static java.lang.System.out;
  32 import java.security.InvalidKeyException;
  33 import java.security.KeyPair;
  34 import java.security.KeyPairGenerator;
  35 import java.security.MessageDigest;
  36 import java.security.NoSuchAlgorithmException;
  37 import java.security.NoSuchProviderException;
  38 import java.security.PrivateKey;
  39 import java.security.PublicKey;
  40 import java.security.Signature;
  41 import java.security.SignatureException;
  42 import java.security.cert.CertificateException;
  43 import java.security.cert.CertificateFactory;
  44 import java.security.cert.X509Certificate;
  45 import java.util.Base64;
  46 import java.util.Calendar;
  47 import java.util.Date;
  48 import java.util.TimeZone;

  49 import sun.security.util.BitArray;
  50 import sun.security.util.ObjectIdentifier;
  51 import sun.security.x509.*;
  52 
  53 /**
  54  * @test
  55  * @bug 8049237
  56  * @modules java.base/sun.security.x509
  57  *          java.base/sun.security.util

  58  * @summary This test generates V3 certificate with all the supported
  59  * extensions. Writes back the generated certificate in to a file and checks for
  60  * equality with the original certificate.
  61  */
  62 public class V3Certificate {
  63 
  64     public static final String V3_FILE = "certV3";
  65     public static final String V3_B64_FILE = "certV3.b64";
  66 
  67     public static void main(String[] args) throws IOException,
  68             NoSuchAlgorithmException, InvalidKeyException, CertificateException,
  69             NoSuchProviderException, SignatureException {
  70 
  71         boolean success = true;
  72 
  73         success &= test("RSA", "SHA256withRSA", 2048);
  74         success &= test("DSA", "SHA256withDSA", 2048);
  75         success &= test("EC", "SHA256withECDSA", 384);
  76 
  77         if (!success) {


 206         exts.set(SubjectKeyIdentifierExtension.NAME, ski);
 207         exts.set(BasicConstraintsExtension.NAME, cons);
 208         exts.set(PolicyConstraintsExtension.NAME, pce);
 209         cert.set(X509CertInfo.EXTENSIONS, exts);
 210 
 211         // Generate and sign X509CertImpl
 212         X509CertImpl crt = new X509CertImpl(cert);
 213         crt.sign(privateKey, sigAlg);
 214         crt.verify(publicKey);
 215 
 216         try (FileOutputStream fos = new FileOutputStream(new File(V3_FILE));
 217                 FileOutputStream fos_b64
 218                 = new FileOutputStream(new File(V3_B64_FILE));
 219                 PrintWriter pw = new PrintWriter(fos_b64)) {
 220             crt.encode((OutputStream) fos);
 221             fos.flush();
 222 
 223             // Certificate boundaries/
 224             pw.println("-----BEGIN CERTIFICATE-----");
 225             pw.flush();
 226             fos_b64.write(Base64.getMimeEncoder().encode(crt.getEncoded()));
 227             fos_b64.flush();
 228             pw.println("-----END CERTIFICATE-----");
 229         }
 230 
 231         out.println("*** Certificate ***");
 232         out.println(crt);
 233         out.println("*** End Certificate ***");
 234 
 235         X509Certificate x2 = generateCertificate(V3_FILE);
 236         if (!x2.equals(crt)) {
 237             out.println("*** Certificate mismatch ***");
 238             testResult = false;
 239         }
 240 
 241         X509Certificate x3 = generateCertificate(V3_B64_FILE);
 242         if (!x3.equals(crt)) {
 243             out.println("*** Certificate mismatch ***");
 244             testResult = false;
 245         }
 246