1011 }
1012 }
1013 CheckEKU cx = new CheckEKU();
1014 assertTrue(((X509CertImpl)ks.getCertificate("eku1")).getExtension(PKIXExtensions.ExtendedKeyUsage_Id).isCritical());
1015 assertTrue(!((X509CertImpl)ks.getCertificate("eku2")).getExtension(PKIXExtensions.ExtendedKeyUsage_Id).isCritical());
1016 cx.check(ks, "eku1", "1.3.6.1.5.5.7.3.1");
1017 cx.check(ks, "eku2", "1.3.6.1.5.5.7.3.2");
1018 cx.check(ks, "eku3", "1.3.6.1.5.5.7.3.3");
1019 cx.check(ks, "eku4", "1.3.6.1.5.5.7.3.4");
1020 cx.check(ks, "eku8", "1.3.6.1.5.5.7.3.8");
1021 cx.check(ks, "eku9", "1.3.6.1.5.5.7.3.9");
1022 cx.check(ks, "eku10", "2.5.29.37.0");
1023 cx.check(ks, "eku11", "1.3.6.1.5.5.7.3.4", "1.2.3.4", "1.3.5.7");
1024
1025 // SAN
1026 testOK("", pre+"san1 -ext san:critical=email:me@me.org");
1027 testOK("", pre+"san2 -ext san=uri:http://me.org");
1028 testOK("", pre+"san3 -ext san=dns:me.org");
1029 testOK("", pre+"san4 -ext san=ip:192.168.0.1");
1030 testOK("", pre+"san5 -ext san=oid:1.2.3.4");
1031 testOK("", pre+"san235 -ext san=uri:http://me.org,dns:me.org,oid:1.2.3.4");
1032
1033 ks = loadStore("x.jks", "changeit", "JKS");
1034 class CheckSAN {
1035 // Please sort items with name type
1036 void check(KeyStore ks, String alias, int type, Object... items) throws Exception {
1037 int pos = 0;
1038 System.err.print("x");
1039 Object[] names = null;
1040 if (type == 0) names = ((X509Certificate)ks.getCertificate(alias)).getSubjectAlternativeNames().toArray();
1041 else names = ((X509Certificate)ks.getCertificate(alias)).getIssuerAlternativeNames().toArray();
1042 Arrays.sort(names, new Comparator() {
1043 public int compare(Object o1, Object o2) {
1044 int i1 = (Integer)((List)o1).get(0);
1045 int i2 = (Integer)((List)o2).get(0);
1046 return i1 - i2;
1047 }
1048 });
1049 for (Object o: names) {
1050 List l = (List)o;
|
1011 }
1012 }
1013 CheckEKU cx = new CheckEKU();
1014 assertTrue(((X509CertImpl)ks.getCertificate("eku1")).getExtension(PKIXExtensions.ExtendedKeyUsage_Id).isCritical());
1015 assertTrue(!((X509CertImpl)ks.getCertificate("eku2")).getExtension(PKIXExtensions.ExtendedKeyUsage_Id).isCritical());
1016 cx.check(ks, "eku1", "1.3.6.1.5.5.7.3.1");
1017 cx.check(ks, "eku2", "1.3.6.1.5.5.7.3.2");
1018 cx.check(ks, "eku3", "1.3.6.1.5.5.7.3.3");
1019 cx.check(ks, "eku4", "1.3.6.1.5.5.7.3.4");
1020 cx.check(ks, "eku8", "1.3.6.1.5.5.7.3.8");
1021 cx.check(ks, "eku9", "1.3.6.1.5.5.7.3.9");
1022 cx.check(ks, "eku10", "2.5.29.37.0");
1023 cx.check(ks, "eku11", "1.3.6.1.5.5.7.3.4", "1.2.3.4", "1.3.5.7");
1024
1025 // SAN
1026 testOK("", pre+"san1 -ext san:critical=email:me@me.org");
1027 testOK("", pre+"san2 -ext san=uri:http://me.org");
1028 testOK("", pre+"san3 -ext san=dns:me.org");
1029 testOK("", pre+"san4 -ext san=ip:192.168.0.1");
1030 testOK("", pre+"san5 -ext san=oid:1.2.3.4");
1031 testOK("", pre+"san6 -ext san=dns:1abc.com"); //begin with digit
1032 testOK("", pre+"san235 -ext san=uri:http://me.org,dns:me.org,oid:1.2.3.4");
1033
1034 ks = loadStore("x.jks", "changeit", "JKS");
1035 class CheckSAN {
1036 // Please sort items with name type
1037 void check(KeyStore ks, String alias, int type, Object... items) throws Exception {
1038 int pos = 0;
1039 System.err.print("x");
1040 Object[] names = null;
1041 if (type == 0) names = ((X509Certificate)ks.getCertificate(alias)).getSubjectAlternativeNames().toArray();
1042 else names = ((X509Certificate)ks.getCertificate(alias)).getIssuerAlternativeNames().toArray();
1043 Arrays.sort(names, new Comparator() {
1044 public int compare(Object o1, Object o2) {
1045 int i1 = (Integer)((List)o1).get(0);
1046 int i2 = (Integer)((List)o2).get(0);
1047 return i1 - i2;
1048 }
1049 });
1050 for (Object o: names) {
1051 List l = (List)o;
|