Examples of CertificateInfo

Examples of org.ejbca.core.model.ca.store.CertificateInfo

102
103
104
105
106
107
108
109
110
111
112
113
114
115
116
117
118
119
120
121
122
123
124
125
126
127
128
129
130
131
132
133
134
135
136
137
138
139
140
141
142
143
144
145
146
147
148
149
150
151
152
153
154
155
156
157
158
159
160
161
162
163
164
        assertNotNull("Failed to create certificate", cert);

        String fp = CertTools.getFingerprintAsString(cert);
        X509Certificate ce = (X509Certificate) certificateStoreSession.findCertificateByFingerprint(admin, fp);
        assertNotNull("Cannot find certificate with fp=" + fp, ce);
        CertificateInfo info = certificateStoreSession.getCertificateInfo(admin, fp);
        // log.info("Got certificate info for cert with fp="+fp);
        assertEquals("fingerprint does not match.", fp, info.getFingerprint());
        assertEquals("serialnumber does not match.", cert.getSerialNumber(), info.getSerialNumber());
        assertEquals("issuerdn does not match.", CertTools.getIssuerDN(cert), info.getIssuerDN());
        assertEquals("subjectdn does not match.", CertTools.getSubjectDN(cert), info.getSubjectDN());
        // The cert was just stored above with status INACTIVE
        assertEquals("status does not match.", SecConst.CERT_ACTIVE, info.getStatus());
        long seconds = (cert.getNotAfter().getTime() - new Date().getTime()) / 1000l;
        log.debug("ceritificate OK in store, expires in " + seconds + " seconds");

        // Create a new UserPasswordExpireService
        ServiceConfiguration config = new ServiceConfiguration();
        config.setActive(true);
        config.setDescription("This is a description");
        // No mailsending for this Junit test service
        config.setActionClassPath(NoAction.class.getName());
        config.setActionProperties(null);
        config.setIntervalClassPath(PeriodicalInterval.class.getName());
        Properties intervalprop = new Properties();
        // Run the service every 3:rd second
        intervalprop.setProperty(PeriodicalInterval.PROP_VALUE, "3");
        intervalprop.setProperty(PeriodicalInterval.PROP_UNIT, PeriodicalInterval.UNIT_SECONDS);
        config.setIntervalProperties(intervalprop);
        config.setWorkerClassPath(CertificateExpirationNotifierWorker.class.getName());
        Properties workerprop = new Properties();
        workerprop.setProperty(EmailSendingWorkerConstants.PROP_SENDTOADMINS, "FALSE");
        workerprop.setProperty(EmailSendingWorkerConstants.PROP_SENDTOENDUSERS, "FALSE");
        workerprop.setProperty(BaseWorker.PROP_CAIDSTOCHECK, String.valueOf(caid));
        workerprop.setProperty(BaseWorker.PROP_TIMEBEFOREEXPIRING, String.valueOf(seconds - 10));
        workerprop.setProperty(BaseWorker.PROP_TIMEUNIT, BaseWorker.UNIT_SECONDS);
        config.setWorkerProperties(workerprop);

        if (serviceSession.getService(admin, CERTIFICATE_EXPIRATION_SERVICE) == null) {
            serviceSession.addService(admin, 4711, CERTIFICATE_EXPIRATION_SERVICE, config);
        }
        serviceSession.activateServiceTimer(admin, CERTIFICATE_EXPIRATION_SERVICE);

        // The service will run... the cert should still be active after 5 seconds..
        Thread.sleep(5000);
        info = certificateStoreSession.getCertificateInfo(admin, fp);
        assertEquals("status dotes not match.", SecConst.CERT_ACTIVE, info.getStatus());
 
        // The service will run...We need some tolerance since timers cannot
        // be guaranteed to executed at the exact interval.
        Thread.sleep(4000);
        int tries = 0;
        while (info.getStatus() != SecConst.CERT_NOTIFIEDABOUTEXPIRATION && tries<5) {
          Thread.sleep(1000);
          info = certificateStoreSession.getCertificateInfo(admin, fp);
          tries++;
        }
        info = certificateStoreSession.getCertificateInfo(admin, fp);
        assertEquals("Status does not match.", SecConst.CERT_NOTIFIEDABOUTEXPIRATION, info.getStatus());
      log.debug("It took >" + (9+tries) + " seconds before the certificate was expired!");

        log.trace("<test01CreateNewUser()");
    }
View Full Code Here

Examples of org.ejbca.core.model.ca.store.CertificateInfo

329
330
331
332
333
334
335
336
337
338
339
340
341
342
343
344
345
346
347
348
349
350
       
        long date = new Date().getTime();
        ret = publisherSession.storeCertificate(admin, publishers, cert, "test05", "foo123", null, null, SecConst.CERT_ACTIVE, SecConst.CERTTYPE_ENDENTITY, -1, RevokedCertInfo.NOT_REVOKED, "foo", SecConst.CERTPROFILE_FIXED_ENDUSER, date, null);
        assertTrue("Error storing certificate to external ocsp publisher", ret);

        CertificateInfo info = certificateStoreSession.getCertificateInfo(admin, CertTools.getFingerprintAsString(cert));
        assertEquals(SecConst.CERTPROFILE_FIXED_ENDUSER, info.getCertificateProfileId());
        assertEquals("foo", info.getTag());
        assertEquals(date, info.getUpdateTime().getTime());

        date = date + 12345;
        publisherSession.revokeCertificate(admin, publishers, cert, "test05", null, null, SecConst.CERTTYPE_ENDENTITY, RevokedCertInfo.REVOCATION_REASON_CACOMPROMISE, new Date().getTime(), "foobar", 12345, date);

        info = certificateStoreSession.getCertificateInfo(admin, CertTools.getFingerprintAsString(cert));
        assertEquals(12345, info.getCertificateProfileId());
        assertEquals("foobar", info.getTag());
        assertEquals(date, info.getUpdateTime().getTime());

        // Test storing and updating CRLs as well
        publisherSession.storeCRL(admin, publishers, testcrl, "test05", 1, null);
        publisherSession.storeCRL(admin, publishers, testcrl, "test05", 1, null);
       
View Full Code Here

Examples of org.ejbca.core.model.ca.store.CertificateInfo

399
400
401
402
403
404
405
406
407
408
409
410
            caAdminSession.editCA(admin, cainfo);
            ca = caSession.getCA(admin, caid);
            // Create new CRL's
            crlCreateSession.run(admin, ca);
            // Verify that status is not archived
            CertificateInfo certinfo = certificateStoreSession.getCertificateInfo(admin, CertTools.getFingerprintAsString(cert));
            assertFalse("Non Expired Revoked Certificate was archived", certinfo.getStatus() == SecConst.CERT_ARCHIVED);
        } finally {
            // Restore CRL Period
            cainfo.setCRLPeriod(tempCRLPeriod);
            caAdminSession.editCA(admin, cainfo);
            ca = caSession.getCA(admin, caid);
View Full Code Here

Examples of org.ejbca.core.model.ca.store.CertificateInfo

67
68
69
70
71
72
73
74
75
76
77
78
79
80
        retval = new ExtRAResponse(submessage.getRequestId(),false,"An authentication cert, a signature cert, an authentication request and a signature request are required");
      } else {
        BigInteger serno = CertTools.getSerialNumber(authcert);
        String issuerDN = CertTools.getIssuerDN(authcert);
                // Verify the certificates with CA cert, and then verify the pcks10 requests
                CertificateInfo authInfo = certificateStoreSession.getCertificateInfo(admin, CertTools.getFingerprintAsString(authcert));
                Certificate authcacert = certificateStoreSession.findCertificateByFingerprint(admin, authInfo.getCAFingerprint());
                CertificateInfo signInfo = certificateStoreSession.getCertificateInfo(admin, CertTools.getFingerprintAsString(signcert));
                Certificate signcacert = certificateStoreSession.findCertificateByFingerprint(admin, signInfo.getCAFingerprint());
                // Verify certificate
                try {
                    authcert.verify(authcacert.getPublicKey());                   
                } catch (Exception e) {
                    log.error("Error verifying authentication certificate: ", e);
View Full Code Here

Examples of org.ejbca.core.model.ca.store.CertificateInfo

374
375
376
377
378
379
380
381
382
383
384
385
386
387
388
389
390
391
392
393
394
395
396
397
398
399
400
401
402
403
404
405
406
      username = certreqhist.getUserDataVO().getUsername();
      password = certreqhist.getUserDataVO().getPassword();
      dn = certreqhist.getUserDataVO().getDN();
      ei = certreqhist.getUserDataVO().getExtendedinformation();
    }
    final CertificateInfo certinfo = certificatesession.getCertificateInfo(administrator, CertTools.getFingerprintAsString(certificate));
    if (certinfo != null) {
      // If we are missing Certificate Request History for this certificate, we can at least recover some of this info
      if (certificateProfileId == SecConst.CERTPROFILE_NO_PROFILE) {
        certificateProfileId = certinfo.getCertificateProfileId();
      }
      if (username == null) {
        username = certinfo.getUsername();
      }
      if (dn == null) {
        dn = certinfo.getSubjectDN();
      }
    }
    if (certificateProfileId == SecConst.CERTPROFILE_NO_PROFILE) {
      // If there is no cert req history and the cert profile was not defined in the CertificateData row, so we can't do anything about it..
      returnval = "CERTREQREPUBLISHFAILED";
    } else {
      final CertificateProfile certprofile = certificateProfileSession.getCertificateProfile(administrator, certificateProfileId);
      if (certprofile != null) {
        if (certprofile.getPublisherList().size() > 0) {
          if (publishersession.storeCertificate(administrator, certprofile.getPublisherList(), certificatedata.getCertificate(), username, password, dn,
              certinfo.getCAFingerprint(), certinfo.getStatus() , certinfo.getType(), certinfo.getRevocationDate().getTime(), certinfo.getRevocationReason(),
              certinfo.getTag(), certificateProfileId, certinfo.getUpdateTime().getTime(), ei)) {
            returnval = "CERTREPUBLISHEDSUCCESS";
          }
        } else {
          returnval = "NOPUBLISHERSDEFINED";
        }
View Full Code Here

Examples of org.ejbca.core.model.ca.store.CertificateInfo

102
103
104
105
106
107
108
109
110
111
112
113
114
115
116
117
118
119
120
121
122
123
124
125
126
127
128
129
130
131
132
133
        log.trace(">test02FindAndChange()");
        String fp = CertTools.getFingerprintAsString(cert);

        X509Certificate ce = (X509Certificate) certificateStoreSession.findCertificateByFingerprint(admin, fp);
        assertNotNull("Cannot find certificate with fp=" + fp, ce);
        CertificateInfo info = certificateStoreSession.getCertificateInfo(admin, fp);
        // log.info("Got certificate info for cert with fp="+fp);
        assertEquals("fingerprint does not match.", fp, info.getFingerprint());
        assertEquals("CAfingerprint does not match.", "1234", info.getCAFingerprint());
        assertEquals("serialnumber does not match.", ce.getSerialNumber(), info.getSerialNumber());
        assertEquals("issuerdn does not match.", CertTools.getIssuerDN(ce), info.getIssuerDN());
        assertEquals("subjectdn does not match.", CertTools.getSubjectDN(ce), info.getSubjectDN());
        // The cert was just stored above with status INACTIVE
        assertEquals("status does not match.", SecConst.CERT_INACTIVE, info.getStatus());
        assertEquals("type does not match.", SecConst.CERT_TYPE_ENCRYPTION, info.getType());
        assertEquals("exiredate does not match.", ce.getNotAfter(), info.getExpireDate());
        // We just stored it above, not revoked
        assertEquals("revocation reason does not match.", RevokedCertInfo.NOT_REVOKED, info.getRevocationReason());
        log.info("revocationdate (before rev)=" + info.getRevocationDate());
        assertEquals(SecConst.CERTPROFILE_FIXED_ENDUSER, info.getCertificateProfileId());
        assertEquals("footag", info.getTag());
        Date now = new Date();
        assertNotNull(info.getUpdateTime());
        assertTrue(now.after(info.getUpdateTime()));
        certificateStoreSession.revokeCertificate(admin, ce, null, RevokedCertInfo.REVOCATION_REASON_KEYCOMPROMISE, null);
        CertificateInfo info1 = certificateStoreSession.getCertificateInfo(admin, fp);
        assertEquals("revocation reason does not match.", RevokedCertInfo.REVOCATION_REASON_KEYCOMPROMISE, info1.getRevocationReason());
        log.info("revocationdate (after rev)=" + info1.getRevocationDate());
        assertTrue("Revocation date in future.", new Date().compareTo(info1.getRevocationDate()) >= 0);

        log.trace("<test02FindAndChange()");
    }
View Full Code Here

Examples of org.ejbca.core.model.ca.store.CertificateInfo

187
188
189
190
191
192
193
194
195
196
197
198
199
        // Verify that cert are revoked
        Iterator<Certificate> iter = certfps.iterator();
        while (iter.hasNext()) {
            Certificate cert = iter.next();
            String fp = CertTools.getFingerprintAsString(cert);
            CertificateInfo rev = certificateStoreSession.getCertificateInfo(admin, fp);
            log.info("revocationdate (after rev)=" + rev.getRevocationDate());
            assertTrue("Revocation date in future.", new Date().compareTo(rev.getRevocationDate()) >= 0);
            assertTrue(rev.getStatus() == SecConst.CERT_REVOKED);
        }

        log.trace("<test04CheckRevoked()");
    }
View Full Code Here

Examples of org.ejbca.core.model.ca.store.CertificateInfo

205
206
207
208
209
210
211
212
213
214
215
216
217
218
219
220
221
222
223
224
225
226
227
228
229
230
231
     *             error
     */
    public void test05FindAgain() throws Exception {
        log.trace(">test05FindAgain()");
        String fp = CertTools.getFingerprintAsString(cert);
        CertificateInfo data3 = certificateStoreSession.getCertificateInfo(admin, fp);
        assertNotNull("Failed to find cert", data3);
        log.debug("found by key! =" + data3);
        log.debug("fp=" + data3.getFingerprint());
        log.debug("issuer=" + data3.getIssuerDN());
        log.debug("subject=" + data3.getSubjectDN());
        log.debug("cafp=" + data3.getCAFingerprint());
        assertNotNull("wrong CAFingerprint", data3.getCAFingerprint());
        log.debug("status=" + data3.getStatus());
        assertTrue("wrong status", data3.getStatus() == SecConst.CERT_REVOKED);
        log.debug("type=" + data3.getType());
        assertTrue("wrong type", (data3.getType() & SecConst.USER_ENDUSER) == SecConst.USER_ENDUSER);
        log.debug("serno=" + data3.getSerialNumber());
        log.debug("expiredate=" + data3.getExpireDate());
        log.debug("revocationdate=" + data3.getRevocationDate());
        log.debug("revocationreason=" + data3.getRevocationReason());
        assertEquals("Wrong revocation reason", data3.getRevocationReason(), RevokedCertInfo.REVOCATION_REASON_KEYCOMPROMISE);

        log.debug("Looking for cert with DN=" + CertTools.getSubjectDN(cert));
        Collection<Certificate> certs = certificateStoreSession.findCertificatesBySubjectAndIssuer(admin, CertTools.getSubjectDN(cert),
                CertTools.getIssuerDN(cert));
        Iterator<Certificate> iter = certs.iterator();
View Full Code Here

Examples of org.ejbca.core.model.ca.store.CertificateInfo

245
246
247
248
249
250
251
252
253
254
255
256
257
258
259
260
261
262
263
264
265
266
267
268
269
270
271
272
     */
    public void test06FindByExpireTime() throws Exception {
        log.trace(">test06FindByExpireTime()");
        String fp = CertTools.getFingerprintAsString(cert);

        CertificateInfo data = certificateStoreSession.getCertificateInfo(admin, fp);
        assertNotNull("Failed to find cert", data);
        log.debug("expiredate=" + data.getExpireDate());

        // Seconds in a year
        long yearmillis = 365 * 24 * 60 * 60 * 1000;
        long findDateSecs = data.getExpireDate().getTime() - (yearmillis * 200);
        Date findDate = new Date(findDateSecs);

        log.info("1. Looking for cert with expireDate=" + findDate);

        Collection<Certificate> certs = certificateStoreSession.findCertificatesByExpireTimeWithLimit(admin, findDate);
        log.debug("findCertificatesByExpireTime returned " + certs.size() + " certs.");
        assertTrue("No certs should have expired before this date", certs.size() == 0);
        Collection<String> usernames = certificateStoreSession.findUsernamesByExpireTimeWithLimit(admin, findDate);
        log.debug("findUsernamesByExpireTimeWithLimit returned " + usernames.size() + " usernames.");
        assertTrue("No certs should have expired before this date", usernames.size() == 0);
        findDateSecs = data.getExpireDate().getTime() + 10000;
        findDate = new Date(findDateSecs);
        log.info("2. Looking for cert with expireDate=" + findDate);
        certs = certificateStoreSession.findCertificatesByExpireTimeWithLimit(admin, findDate);
        log.debug("findCertificatesByExpireTime returned " + certs.size() + " certs.");
        assertTrue("Some certs should have expired before this date", certs.size() != 0);
View Full Code Here

Examples of org.ejbca.core.model.ca.store.CertificateInfo

295
296
297
298
299
300
301
302
303
304
305
    public void test07FindByIssuerAndSerno() throws Exception {
        log.trace(">test07FindByIssuerAndSerno()");

        String issuerDN = CertTools.getIssuerDN(cert);
        String fp = CertTools.getFingerprintAsString(cert);
        CertificateInfo data3 = certificateStoreSession.getCertificateInfo(admin, fp);
        assertNotNull("Failed to find cert", data3);

        log.debug("Looking for cert with DN:" + CertTools.getIssuerDN(cert) + " and serno " + cert.getSerialNumber());
        Certificate fcert = certificateStoreSession.findCertificateByIssuerAndSerno(admin, issuerDN, cert.getSerialNumber());
        assertNotNull("Cant find by issuer and serno", fcert);
View Full Code Here
TOP
Copyright © 2018 www.massapi.com. All rights reserved.
All source code are property of their respective owners. Java is a trademark of Sun Microsystems, Inc and owned by ORACLE Inc. Contact coftware#gmail.com.