📄 certificatetest.java
字号:
} public void checkCertificate( int id, byte[] cert) throws Exception { ByteArrayInputStream bIn; ASN1InputStream aIn; String dump = ""; bIn = new ByteArrayInputStream(cert); aIn = new ASN1InputStream(bIn); ASN1Sequence seq = (ASN1Sequence)aIn.readObject(); dump = ASN1Dump.dumpAsString(seq); X509CertificateStructure obj = new X509CertificateStructure(seq); TBSCertificateStructure tbsCert = obj.getTBSCertificate(); if (!tbsCert.getSubject().toString().equals(subjects[id - 1])) { fail("failed subject test for certificate id " + id + " got " + tbsCert.getSubject().toString()); } if (tbsCert.getVersion() == 3) { X509Extensions ext = tbsCert.getExtensions(); if (ext != null) { Enumeration en = ext.oids(); while (en.hasMoreElements()) { DERObjectIdentifier oid = (DERObjectIdentifier)en.nextElement(); X509Extension extVal = ext.getExtension(oid); ASN1OctetString oct = extVal.getValue(); ASN1InputStream extIn = new ASN1InputStream(new ByteArrayInputStream(oct.getOctets())); if (oid.equals(X509Extensions.SubjectKeyIdentifier)) { SubjectKeyIdentifier si = SubjectKeyIdentifier.getInstance(extIn.readObject()); } else if (oid.equals(X509Extensions.KeyUsage)) { DERBitString ku = KeyUsage.getInstance(extIn.readObject()); } else if (oid.equals(X509Extensions.ExtendedKeyUsage)) { ExtendedKeyUsage ku = ExtendedKeyUsage.getInstance(extIn.readObject()); ASN1Sequence sq = (ASN1Sequence)ku.getDERObject(); for (int i = 0; i != sq.size(); i++) { DERObjectIdentifier p = KeyPurposeId.getInstance(sq.getObjectAt(i)); } } else if (oid.equals(X509Extensions.SubjectAlternativeName)) { GeneralNames gn = GeneralNames.getInstance(extIn.readObject()); ASN1Sequence sq = (ASN1Sequence)gn.getDERObject(); for (int i = 0; i != sq.size(); i++) { GeneralName n = GeneralName.getInstance(sq.getObjectAt(i)); } } else if (oid.equals(X509Extensions.IssuerAlternativeName)) { GeneralNames gn = GeneralNames.getInstance(extIn.readObject()); ASN1Sequence sq = (ASN1Sequence)gn.getDERObject(); for (int i = 0; i != sq.size(); i++) { GeneralName n = GeneralName.getInstance(sq.getObjectAt(i)); } } else if (oid.equals(X509Extensions.CRLDistributionPoints)) { CRLDistPoint p = CRLDistPoint.getInstance(extIn.readObject()); DistributionPoint[] points = p.getDistributionPoints(); for (int i = 0; i != points.length; i++) { // do nothing } } else if (oid.equals(X509Extensions.CertificatePolicies)) { ASN1Sequence cp = (ASN1Sequence)extIn.readObject(); for (int i = 0; i != cp.size(); i++) { PolicyInformation.getInstance(cp.getObjectAt(i)); } } else if (oid.equals(X509Extensions.AuthorityKeyIdentifier)) { AuthorityKeyIdentifier auth = AuthorityKeyIdentifier.getInstance(extIn.readObject()); } else if (oid.equals(X509Extensions.BasicConstraints)) { BasicConstraints bc = BasicConstraints.getInstance(extIn.readObject()); } else { //System.out.println(oid.getId()); } } } } } public void checkAttributeCertificate( int id, byte[] cert) throws Exception { ByteArrayInputStream bIn; ASN1InputStream aIn; String dump = ""; bIn = new ByteArrayInputStream(cert); aIn = new ASN1InputStream(bIn); ASN1Sequence seq = (ASN1Sequence) aIn.readObject(); dump = ASN1Dump.dumpAsString(seq); AttributeCertificate obj = new AttributeCertificate(seq); AttributeCertificateInfo acInfo = obj.getAcinfo(); // Version if (!(acInfo.getVersion().equals(new DERInteger(1))) && (!(acInfo.getVersion().equals(new DERInteger(2))))) { fail( "failed AC Version test for id " + id); } // Holder Holder h = acInfo.getHolder(); if (h == null) { fail( "failed AC Holder test, it's null, for id " + id); } // Issuer AttCertIssuer aci = acInfo.getIssuer(); if (aci == null) { fail( "failed AC Issuer test, it's null, for id " + id); } // Signature AlgorithmIdentifier sig = acInfo.getSignature(); if (sig == null) { fail( "failed AC Signature test for id " + id); } // Serial DERInteger serial = acInfo.getSerialNumber(); // Validity AttCertValidityPeriod validity = acInfo.getAttrCertValidityPeriod(); if (validity == null) { fail("failed AC AttCertValidityPeriod test for id " + id); } // Attributes ASN1Sequence attribSeq = acInfo.getAttributes(); Attribute att[] = new Attribute[attribSeq.size()]; for (int i = 0; i < attribSeq.size(); i++) { att[i] = Attribute.getInstance(attribSeq.getObjectAt(i)); } // IssuerUniqueId // TODO, how to best test? // X509 Extensions X509Extensions ext = acInfo.getExtensions(); if (ext != null) { Enumeration en = ext.oids(); while (en.hasMoreElements()) { DERObjectIdentifier oid = (DERObjectIdentifier) en .nextElement(); X509Extension extVal = ext.getExtension(oid); } } } public void performTest() throws Exception { checkCertificate(1, cert1); checkCertificate(2, cert2); checkCertificate(3, cert3); checkCertificate(4, cert4); checkCertificate(5, cert5); checkCertificate(6, cert6); checkCertificate(7, cert7); checkAttributeCertificate(8,cert8); } public static void main( String[] args) { runTest(new CertificateTest()); }}⌨️ 快捷键说明
复制代码
Ctrl + C
搜索代码
Ctrl + F
全屏模式
F11
切换主题
Ctrl + Shift + D
显示快捷键
?
增大字号
Ctrl + =
减小字号
Ctrl + -