📄 x509ldapcertstoretest.java
字号:
coll = cs.getCertificates(sl); if (coll.isEmpty() || !coll.iterator().next().equals(xcert)) { fail("certificate could not be picked from LDAP directory."); } X509CRLSelector sl2 = new X509CRLSelector(); X509CRL crl = (X509CRL)cf.generateCRL(new ByteArrayInputStream(directCRL)); sl2.addIssuerName(getCRLIssuer(crl).getEncoded()); coll = cs.getCRLs(sl2); if (!coll.iterator().hasNext()) { fail("CRL could not be picked from LDAP directory."); } // System.out.println(coll.toArray()[0]); cs = CertStore.getInstance("X509LDAP", params2, "BC"); sl = new X509CertSelector(); xcert = (X509Certificate)cf .generateCertificate(new ByteArrayInputStream(cert2)); sl.setCertificate(xcert); coll = cs.getCertificates(sl); if (coll.isEmpty() || !coll.iterator().next().equals(xcert)) { fail("Certificate could not be picked from LDAP directory."); } // System.out.println(coll.toArray()[0]); cs = CertStore.getInstance("X509LDAP", params3, "BC"); sl = new X509CertSelector(); xcert = (X509Certificate)cf .generateCertificate(new ByteArrayInputStream(cert3)); sl.setCertificate(xcert); coll = cs.getCertificates(sl); if (coll.isEmpty() || !coll.iterator().next().equals(xcert)) { fail("Certificate could not be picked from LDAP directory."); } // System.out.println(coll.toArray()[0]); xcert = (X509Certificate)cf .generateCertificate(new ByteArrayInputStream(caCert3)); sl = new X509CertSelector(); sl.setSubject(getSubject(xcert).getEncoded()); coll = cs.getCertificates(sl); boolean found = false; if (coll.isEmpty()) { fail("Certificate could not be picked from LDAP directory."); } for (Iterator it = coll.iterator(); it.hasNext();) { if (it.next().equals(xcert)) { found = true; break; } } if (!found) { fail("Certificate could not be picked from LDAP directory."); } // System.out.println(coll.toArray()[0]); sl = new X509CertSelector(); xcert = (X509Certificate)cf .generateCertificate(new ByteArrayInputStream(crossCert3)); sl = new X509CertSelector(); sl.setSubject(getSubject(xcert).getEncoded()); coll = cs.getCertificates(sl); if (coll.isEmpty()) { fail("Cross certificate pair could not be picked from LDAP directory."); } found = false; for (Iterator it = coll.iterator(); it.hasNext();) { if (it.next().equals(xcert)) { found = true; break; } } if (!found) { fail("Cross certificate pair could not be picked from LDAP directory."); } // System.out.println(coll.toArray()[0]); } private void x509StoreTest() throws Exception { X509Store cs = X509Store.getInstance("CERTIFICATE/LDAP", params1, "BC"); X509CertStoreSelector sl = new X509CertStoreSelector(); CertificateFactory cf = CertificateFactory.getInstance("X.509", "BC"); X509Certificate xcert = (X509Certificate)cf .generateCertificate(new ByteArrayInputStream(cert1)); sl.setCertificate(xcert); Collection coll = cs.getMatches(sl); if (coll.isEmpty() || !coll.iterator().next().equals(xcert)) { fail("certificate could not be picked from LDAP directory."); } // System.out.println(coll.toArray()[0]); sl.setCertificate(null); sl.setSubject(getSubject(xcert).getEncoded()); coll = cs.getMatches(sl); if (coll.isEmpty() || !coll.iterator().next().equals(xcert)) { fail("certificate could not be picked from LDAP directory."); } X509CRLStoreSelector sl2 = new X509CRLStoreSelector(); X509CRL crl = (X509CRL)cf.generateCRL(new ByteArrayInputStream(directCRL)); sl2.setIssuers(Collections.singleton(crl.getIssuerX500Principal())); cs = X509Store.getInstance("CRL/LDAP", params1, "BC"); coll = cs.getMatches(sl2); if (!coll.iterator().hasNext()) { fail("CRL could not be picked from LDAP directory."); } // System.out.println(coll.toArray()[0]); cs = X509Store.getInstance("CERTIFICATE/LDAP", params2, "BC"); sl = new X509CertStoreSelector(); xcert = (X509Certificate)cf .generateCertificate(new ByteArrayInputStream(cert2)); sl.setCertificate(xcert); coll = cs.getMatches(sl); if (coll.isEmpty() || !coll.iterator().next().equals(xcert)) { fail("Certificate could not be picked from LDAP directory."); } // System.out.println(coll.toArray()[0]); cs = X509Store.getInstance("CERTIFICATE/LDAP", params3, "BC"); sl = new X509CertStoreSelector(); xcert = (X509Certificate)cf .generateCertificate(new ByteArrayInputStream(cert3)); sl.setCertificate(xcert); coll = cs.getMatches(sl); if (coll.isEmpty() || !coll.iterator().next().equals(xcert)) { fail("Certificate could not be picked from LDAP directory."); } // System.out.println(coll.toArray()[0]); xcert = (X509Certificate)cf .generateCertificate(new ByteArrayInputStream(caCert3)); sl = new X509CertStoreSelector(); sl.setSubject(getSubject(xcert).getEncoded()); coll = cs.getMatches(sl); boolean found = false; if (coll.isEmpty()) { fail("Certificate could not be picked from LDAP directory."); } for (Iterator it = coll.iterator(); it.hasNext();) { if (it.next().equals(xcert)) { found = true; break; } } if (!found) { fail("Certificate could not be picked from LDAP directory."); } // System.out.println(coll.toArray()[0]); sl = new X509CertStoreSelector(); xcert = (X509Certificate)cf .generateCertificate(new ByteArrayInputStream(crossCert3)); sl.setSubject(getSubject(xcert).getEncoded()); coll = cs.getMatches(sl); if (coll.isEmpty()) { fail("Cross certificate pair could not be picked from LDAP directory."); } found = false; for (Iterator it = coll.iterator(); it.hasNext();) { if (it.next().equals(xcert)) { found = true; break; } } if (!found) { fail("Cross certificate pair could not be picked from LDAP directory."); } // System.out.println(coll.toArray()[0]); } private X509Principal getSubject(X509Certificate cert) throws CertificateEncodingException { return PrincipalUtil.getSubjectX509Principal(cert); } private X509Principal getCRLIssuer(X509CRL crl) throws CRLException { return PrincipalUtil.getIssuerX509Principal(crl); } public String getName() { return "LDAPCertStoreTest"; } public static void main(String[] args) { Security.addProvider(new BouncyCastleProvider()); runTest(new X509LDAPCertStoreTest()); }}⌨️ 快捷键说明
复制代码
Ctrl + C
搜索代码
Ctrl + F
全屏模式
F11
切换主题
Ctrl + Shift + D
显示快捷键
?
增大字号
Ctrl + =
减小字号
Ctrl + -