testmessages.java

一套JAVA的CA证书签发系统.

            "nBD/Kr1GMCAGCmCGSAGG+EUBCQUxEgQQbpDDbO95LE1U7ZbbEe2p8TAwBgpghkgB" +
            "hvhFAQkHMSITIDcwYjQ4NmZmZjJmMmViMWMwM2ZkYmI5YzlhYzZhNjJhMA0GCSqG" +
            "SIb3DQEBAQUABIGAfiGzBNxJiy4XI3DG13Osso4qV+7rvwg+CVbe0gqt01s1kd5A" +
            "LxwTYVhXXKG1spaBnebu+T9xZDZqvF9eY1ANJVNSIpNygKmJdhjsJivKFkD9Jz2y" +
            "F/BYZzv618HlvZQj9Sbv7PaODRU4xqGVifa6LllK/572uQdUQj3FTkssqFQAAAAA" +
            "AAAAAA==").getBytes());
    static byte[] p12 = Base64.decode(("MIACAQMwgAYJKoZIhvcNAQcBoIAkgASCAy4wgDCABgkqhkiG9w0BBwGggCSABIID" +
            "FjCCAxIwggMOBgsqhkiG9w0BDAoBAqCCArEwggKtMCcGCiqGSIb3DQEMAQMwGQQU" +
            "VnhToLFkCvaqCu8OkXi6Jljy/Y8CAWQEggKAv4LDUWwUi7eZKiCoYsqevVUAEOwE" +
            "dy8xOmtyjzEPO0W8pltybVk2nfEaS6CrPQLvi1aAQD/5NjkO0agfgwS8gOZPIRaX" +
            "HzETkxsR6tNd1eP5jGXOYfxhQGGL3laVvvGhrNFbx7AW/ugMgBPMj+OWRkuSMVBY" +
            "uZgmBX3CM14UFl1X4jVG/nX/eS1LKIdDI2hcebWvkpuOWR46LxH1yXgSqW0RYjCV" +
            "ZhNvsQtvQGfgMBgGOhjec+p6xMiw8OXSR6kfDVHJyJfFwqz2DTz1zIfi28WPVCSv" +
            "2TmMPvPFGjbE5bo8PlVh5Gu5sX9DzQQ41Vio/c1dxwBDe4CgAYuDfI0Fu0ZVSMZM" +
            "TSDt7lC4t/YoxqFCxSBn9pmYOCLBiBmQgtzJZfQYrMJSdaBqXWNx5vUibd+K/tzL" +
            "Hfik1SmH+MY8bjBC/PSlCz8cbAwAdqGKCN5kjT+RcPM5oRIAc4isXs+epApzf4jF" +
            "AKqgNFnHKfgTEabVT9E/QUEwS7PfDi2jzID/8a3LUQvjp95B9kD6DJH4nlIZVT+2" +
            "aHzOooZ2K54pqq2OlS6yeYKRo2GcGdVcm13zw+wBnw+2Zz34zrzd1Uq9wGuoduNF" +
            "VJNKqNkLvva94InFAaiPbHgAkH179pVF8oTeFOh0NXBTj4mZQgpgYPO1ASMZEvY7" +
            "5nC/Uf+6kyr92qc0s4GpAV1Sm2lsSyBdINAxSnzW2XSJ389RztAN5H6ycUcJBbaG" +
            "N9DfBSxK8kkFRW7b8dx7PXd2ofe9U/pIJgRlscPSC30cRRp4jT2JXvpW+D3EocI8" +
            "uUEzRSliEpec1zn2SrPUKCCQVc6BoBHsN62/I1LtM2+Wybx5fyRGsw7i4zFKMCMG" +
            "CSqGSIb3DQEJFDEWHhQAcAByAGkAdgBhAHQAZQBLAGUAeTAjBgkqhkiG9w0BCRUx" +
            "FgQUY3v0dqhUJI6ldKV3RKb0Xg9XklEABAEABAEABAEABAEABIIDAgAwgAYJKoZI" +
            "hvcNAQcGoIAwgAIBADCABgkqhkiG9w0BBwEwJwYKKoZIhvcNAQwBBjAZBBTDw4v0" +
            "l2xpgaM/AkWLRwcyAaI5lQIBZKCABIICsEY/4hTSq1sKzRlg+oP1Cu/fGipwALox" +
            "HFj5wvC+hN78ZMjFYAK3b61ft0hUKeqtmzDDzgbMn9qEjsV3WERKID1AqNy18a2j" +
            "i7MuR2sidbz7H7pOr2QrKajmiFf4IKiXXiqrx9qnF40l3HzUGaiGw36BvFZ1lXkJ" +
            "HRA97mTcuEczZXkp5N+U9e7sztQE0b7MYcGPYi01CpJzYSRryU4BRG4a0vRhEJFp" +
            "mHu+mfpaBux93HvOeOFD/bb59EUuoGgog2dYUFRL4ZTH99I0MpcHbRp/wIeNdMpJ" +
            "KOjzrw1OHzkkqLOTC/m4nI+da3OXShPdByTHHdZ29fNYCVxdOgqUtym1PP7cHsUn" +
            "Y5PThfXM5ZXV0G7pvC0zVz+qTS6G+Xg8bu91g07jh5HOSHOUfa/XMhhLZFUgYr9r" +
            "7ZId98C+lg7atW3LjhJ9FPawogXpDXp+wo/NNp2Lq7KHyevJSfwkrLMOeETo9tMY" +
            "NUv/zPPGpiVUZX75zNkOx+YlL0dUJ4VcorXpDRs/OwM7CEGJSuGytXLz7eNEYVak" +
            "iLhlb8vwJrkrlhFDd7vu9G5UAOb4Sp7IWwEooO/yo6/rDusXoT6+jFJ6bt27lEFj" +
            "3PUYSijBCbVtn7Wqd6sKWqeCd10RZjz5AME3xiOcKWPtIYfFsztJmvjuRBxM5gi0" +
            "QOwqdNd63apOv1I/nzPDgBYlIhH7kn+5jMb0RHJarMWuSTJQDpQYctRnpvPSM1HE" +
            "srjxQ8n4Ukbg+XoUHTS4VPuxGf0NYakW5CZDJeKaJ+a/R3oU37esYOikmMJPnSUa" +
            "PKZ1XJeHqK7kCrnbiw/WOYowaUw+BuIjpqSwgNyWktKLXWKreMtKjGtbxZ01BSsM" +
            "VhyB+EXgjzqMBGGnCxbJ0aA4AoSBS73XvqlB+S8FUbmi7XfzPvKM4XMABAEABAEA" +
            "BAEABAEABAEABAEABAEABAEABAEABAEABAEAAAAAAAAAMDwwITAJBgUrDgMCGgUA" +
            "BBQ/qUCCCV8/5FhF5438mA7FYj0eKQQUC1bpAMlQMV4fwFz/nNVuiJUqmkYCAWQA" + "AA==").getBytes());
    private PrivateKey privateKey = null;
    private X509Certificate caCert = null;
    private static Logger log = Logger.getLogger(TestMessages.class);

    /**
     * Creates a new TestMessages object.
     *
     * @param name name
     */
    public TestMessages(String name) {
        super(name);
    }

    protected void setUp() throws Exception {
        log.debug(">setUp()");

        // Install BouncyCastle provider
        CertTools.installBCProvider();

        KeyStore keyStore = KeyStore.getInstance("PKCS12", "BC");
        InputStream is = new ByteArrayInputStream(p12);
        String keyStorePass = "foo123";
        keyStore.load(is, keyStorePass.toCharArray());

        String privateKeyAlias = "privateKey";
        char[] pkPass = null;
        privateKey = (PrivateKey) keyStore.getKey(privateKeyAlias, pkPass);

        if (privateKey == null) {
            log.error("Cannot load key with alias '" + privateKeyAlias + "' from keystore.");
            throw new Exception("Cannot load key with alias '" + privateKeyAlias +
                "' from keystore.");
        }

        Certificate[] certchain = KeyTools.getCertChain(keyStore, privateKeyAlias);
        caCert = (X509Certificate) certchain[0];

        //System.out.println(caCert.toString());
        log.debug("<setUp()");
    }

    protected void tearDown() throws Exception {
    }

    /** Tests scep message from OpenScep
     * @throws Exception error
     */
    public void test01TestOpenScep() throws Exception {
        log.debug(">test01TestOpenScep()");
        ScepRequestMessage msg = new ScepRequestMessage(openscep);
        // You should be able to get issuer DN before anything else
        String issuerdn = msg.getIssuerDN();
        log.debug("IssuerDN: "+issuerdn);
        assertEquals("CN=TestCA,O=AnaTom,C=SE", issuerdn);
        if (msg.requireKeyInfo()) {
            msg.setKeyInfo(caCert, privateKey);
        }
        boolean ret = msg.verify();
        String dn = msg.getRequestDN();
        log.debug("DN: " + dn);
        assertEquals("C=Se,O=PrimeKey,CN=Tomas G", dn);
        String pwd = msg.getPassword();
        log.debug("Pwd: " + pwd);
        assertEquals("foo123", pwd);
        assertTrue("Failed to verify SCEP message from OpenSCEP.", ret);
        log.debug("<test01TestOpenScep()");
    }

    /** Tests scep message from Cisco PIX
     * @throws Exception error
     */
    public void test02TestPixScep() throws Exception {
        log.debug(">test02TestPixScep()");
        ScepRequestMessage msg = new ScepRequestMessage(pixscep);
        // You should be able to get issuer DN before anything else
        String issuerdn = msg.getIssuerDN();
        log.debug("IssuerDN: "+issuerdn);
        assertEquals("E=postmaster@tdconline.dk,CN=tdcoca,OU=Online Privat,O=TDC", issuerdn);
        if (msg.requireKeyInfo()) {
            msg.setKeyInfo(caCert, privateKey);
        }
        boolean ret = msg.verify();
        String dn = msg.getRequestDN();
        log.debug("DN: " + dn);
        assertEquals("C=Se,O=PrimeKey,CN=Tomas G", dn);
        String pwd = msg.getPassword();
        log.debug("Pwd: " + pwd);
        assertEquals("foo123", pwd);
        assertTrue("Failed to verify SCEP message from PIX.", ret);
        log.debug("<test02TestPixScep()");
    }
    
}