Package org.ejbca.core.model.ca.caadmin

Examples of org.ejbca.core.model.ca.caadmin.X509CAInfo


                pw.println(NFastCAToken.SLOT_LABEL_KEY+" "+new String(keyStoreID));
                pw.close();
                catokeninfo.setProperties(sw.toString());
            }
            catokeninfo.setClassPath(org.ejbca.core.model.ca.catoken.NFastCAToken.class.getName());
            X509CAInfo cainfo = new X509CAInfo(dn,
                                             caname, SecConst.CA_ACTIVE, new Date(),
                                             "", SecConst.CERTPROFILE_FIXED_ROOTCA,
                                             validity,
                                             null, // Expiretime                                            
                                             CAInfo.CATYPE_X509,
View Full Code Here


        catokeninfo.setEncryptionAlgorithm(AlgorithmConstants.SIGALG_SHA1_WITH_RSA);
        ((SoftCATokenInfo) catokeninfo).setEncKeyAlgorithm(AlgorithmConstants.KEYALGORITHM_RSA);
        ((SoftCATokenInfo) catokeninfo).setEncKeySpec("1024");
        ArrayList<Integer> approvalSettings = new ArrayList<Integer>();
        approvalSettings.add(approvalRequirementType);
        X509CAInfo cainfo = new X509CAInfo("CN=" + nameOfCA, nameOfCA, SecConst.CA_ACTIVE, new Date(), "", SecConst.CERTPROFILE_FIXED_ROOTCA, 365, new Date(
                System.currentTimeMillis() + 364 * 24 * 3600 * 1000), CAInfo.CATYPE_X509, CAInfo.SELFSIGNED, null, catokeninfo, "Used for testing approvals",
                -1, null, null, 24, 0, 10, 0, new ArrayList(), true, false, true, false, "", "", "", "", true, new ArrayList(), false, approvalSettings, 1,
                false, true, false, false, true, true, true, false, true, true, true, null);
        int caID = cainfo.getCAId();
        try {
            caAdminSession.revokeCA(internalAdmin, caID, RevokedCertInfo.REVOCATION_REASON_UNSPECIFIED);
            caSession.removeCA(internalAdmin, caID);
        } catch (Exception e) {
        }
View Full Code Here

        catokeninfo.setEncKeyAlgorithm(AlgorithmConstants.KEYALGORITHM_RSA);
        catokeninfo.setEncKeySpec("1024");
        List<Integer> approvalSettings = approvalRequirementTypes.length == 0 ? new ArrayList<Integer>() : Arrays.asList(approvalRequirementTypes);
        log.info("approvalSettings: " + approvalSettings);

        X509CAInfo cainfo = new X509CAInfo("CN=" + nameOfCA, nameOfCA, SecConst.CA_ACTIVE, new Date(), "", certProfileId, 365, new Date(System
                .currentTimeMillis()
                + 364 * 24 * 3600 * 1000), CAInfo.CATYPE_X509, CAInfo.SELFSIGNED, null, catokeninfo, "Used for testing approvals", -1, null, null, 24, 0, 10,
                0, new ArrayList<Integer>(), true, false, true, false, "", "", "", "", true, new ArrayList<ExtendedCAServiceInfo>(), false, approvalSettings, 1, false, true, false, false,
                true, true, true, false, true, true, true, null);
        int caID = cainfo.getCAId();
        try {
            caAdminSession.revokeCA(internalAdmin, caID, RevokedCertInfo.REVOCATION_REASON_UNSPECIFIED);
            caSession.removeCA(internalAdmin, caID);
        } catch (Exception e) {
        }
        caAdminSession.createCA(internalAdmin, cainfo);
        cainfo = (X509CAInfo) caAdminSession.getCAInfo(internalAdmin, caID);
        assertNotNull(cainfo);

        log.info("cainfo has " + cainfo.getApprovalSettings() + "  and with  " + cainfo.getNumOfReqApprovals());

        return caID;
    }
View Full Code Here

                                          "",
                                          keySpec,
                                          keytype));
             
           
            X509CAInfo cainfo = new X509CAInfo(dn,
                                             caname, SecConst.CA_ACTIVE, new Date(),
                                             "", profileId,
                                             validity,
                                             null, // Expiretime                                            
                                             CAInfo.CATYPE_X509,
View Full Code Here

     */
    public void test06CRLDistPointOnCRL() throws Exception {
        log.trace(">test06CRLDistPointOnCRL()");

        final String cdpURL = "http://www.ejbca.org/foo/bar.crl";
        X509CAInfo cainfo = (X509CAInfo) ca.getCAInfo();
        X509CRL x509crl;
        byte[] cdpDER;

        cainfo.setUseCrlDistributionPointOnCrl(true);
        cainfo.setDefaultCRLDistPoint(cdpURL);
        caAdminSession.editCA(admin, cainfo);
        ca = caSession.getCA(admin, caid);
        crlCreateSession.run(admin, ca);
        x509crl = CertTools.getCRLfromByteArray(crlSession.getLastCRL(admin, cainfo.getSubjectDN(), false));
        cdpDER = x509crl.getExtensionValue(X509Extensions.IssuingDistributionPoint.getId());
        assertNotNull("CRL has no distribution points", cdpDER);

        ASN1InputStream aIn = new ASN1InputStream(new ByteArrayInputStream(cdpDER));
        ASN1OctetString octs = (ASN1OctetString) aIn.readObject();
        aIn = new ASN1InputStream(new ByteArrayInputStream(octs.getOctets()));
        IssuingDistributionPoint cdp = new IssuingDistributionPoint((ASN1Sequence) aIn.readObject());
        DistributionPointName distpoint = cdp.getDistributionPoint();

        assertEquals("CRL distribution point is different", cdpURL, ((DERIA5String) ((GeneralNames) distpoint.getName()).getNames()[0].getName()).getString());

        cainfo.setUseCrlDistributionPointOnCrl(false);
        cainfo.setDefaultCRLDistPoint("");
        caAdminSession.editCA(admin, cainfo);
        ca = caSession.getCA(admin, caid);
        crlCreateSession.run(admin, ca);
        x509crl = CertTools.getCRLfromByteArray(crlSession.getLastCRL(admin, cainfo.getSubjectDN(), false));
        assertNull("CRL has distribution points", x509crl.getExtensionValue(X509Extensions.CRLDistributionPoints.getId()));

        log.trace("<test06CRLDistPointOnCRL()");
    }
View Full Code Here

    public void test07CRLFreshestCRL() throws Exception {
        log.trace(">test07CRLFreshestCRL()");

        final String cdpURL = "http://www.ejbca.org/foo/bar.crl";
        final String freshestCdpURL = "http://www.ejbca.org/foo/delta.crl";
        X509CAInfo cainfo = (X509CAInfo) caAdminSession.getCAInfo(admin, caid);
        X509CRL x509crl;
        byte[] cFreshestDpDER;

        cainfo.setUseCrlDistributionPointOnCrl(true);
        cainfo.setDefaultCRLDistPoint(cdpURL);
        cainfo.setCADefinedFreshestCRL(freshestCdpURL);
        caAdminSession.editCA(admin, cainfo);
        ca = caSession.getCA(admin, caid);
        crlCreateSession.run(admin, ca);
        x509crl = CertTools.getCRLfromByteArray(crlSession.getLastCRL(admin, cainfo.getSubjectDN(), false));
        cFreshestDpDER = x509crl.getExtensionValue(X509Extensions.FreshestCRL.getId());
        assertNotNull("CRL has no Freshest Distribution Point", cFreshestDpDER);

        ASN1InputStream aIn = new ASN1InputStream(new ByteArrayInputStream(cFreshestDpDER));
        ASN1OctetString octs = (ASN1OctetString) aIn.readObject();
View Full Code Here

        log.trace("<test08TestCRLStore()");
    }

    public void test09CrlGenerateForAll() throws Exception {
        log.trace(">test09CrlGenerateForAll()");
        final X509CAInfo cainfo = (X509CAInfo) caAdminSession.getCAInfo(admin, caid);
        cainfo.setCRLIssueInterval(1)// Issue very often..
        cainfo.setDeltaCRLPeriod(1)// Issue very often..
        caAdminSession.editCA(admin, cainfo);
        ca = caSession.getCA(admin, caid);
        Thread.sleep(1000);
        final X509CRL x509crl = CertTools.getCRLfromByteArray(crlSession.getLastCRL(admin, cainfo.getSubjectDN(), false));
        crlCreateSession.createCRLs(admin);
        final X509CRL x509crlAfter = CertTools.getCRLfromByteArray(crlSession.getLastCRL(admin, cainfo.getSubjectDN(), false));
        assertTrue("Did not generate a newer CRL.", x509crlAfter.getThisUpdate().after(x509crl.getThisUpdate()));
        final X509CRL x509deltaCrl = CertTools.getCRLfromByteArray(crlSession.getLastCRL(admin, cainfo.getSubjectDN(), true));
        crlCreateSession.createDeltaCRLs(admin);
        final X509CRL x509deltaCrlAfter = CertTools.getCRLfromByteArray(crlSession.getLastCRL(admin, cainfo.getSubjectDN(), true));
        assertTrue("Did not generate a newer Delta CRL.", x509deltaCrlAfter.getThisUpdate().after(x509deltaCrl.getThisUpdate()));
        // Try a similar thing when we specify which CA IDs to generate CRLs for
        // Compare CRL numbers instead of Dates, since these CRLs might have been generated the same second as the last ones
        final Collection<Integer> caids = new ArrayList<Integer>();
        caids.add(Integer.valueOf(caid));
        crlCreateSession.createCRLs(admin, caids, 2);
        final X509CRL x509crlAfter2 = CertTools.getCRLfromByteArray(crlSession.getLastCRL(admin, cainfo.getSubjectDN(), false));
        assertTrue("Did not generate a newer CRL.", CrlExtensions.getCrlNumber(x509crlAfter2).intValue() > CrlExtensions.getCrlNumber(x509crlAfter).intValue());
        crlCreateSession.createDeltaCRLs(admin, caids, 2);
        final X509CRL x509deltaCrlAfter2 = CertTools.getCRLfromByteArray(crlSession.getLastCRL(admin, cainfo.getSubjectDN(), true));
        assertTrue("Did not generate a newer Delta CRL.", CrlExtensions.getCrlNumber(x509deltaCrlAfter2).intValue() > CrlExtensions.getCrlNumber(x509deltaCrlAfter).intValue());
        log.trace("<test09CrlGenerateForAll()");
    }
View Full Code Here

  private X509Certificate setupCA(String caName, String pbeSecret) throws Exception {
    LOG.trace(">setupCA");
    assertTrue("Failed to create " + caName, createTestCA(caName, 512));
    X509CA x509Ca = (X509CA) InterfaceCache.getCaSession().getCA(ADMIN, getTestCAId(caName));
    X509CAInfo x509CaInfo = (X509CAInfo) x509Ca.getCAInfo();
    x509CaInfo.setCmpRaAuthSecret(pbeSecret);
    x509CaInfo.setUseCertReqHistory(false)// Disable storage of certificate history, to save some clean up
    InterfaceCache.getCAAdminSession().editCA(ADMIN, x509CaInfo);
    X509Certificate ret = (X509Certificate) x509Ca.getCertificateChain().iterator().next();
    assertNotNull("CA certificate was null.", ret);
    LOG.trace("<setupCA");
    return ret;
View Full Code Here

            extendedcaservices.add(new OCSPCAServiceInfo(ExtendedCAServiceInfo.STATUS_ACTIVE));

            ArrayList<CertificatePolicy> policies = new ArrayList<CertificatePolicy>(1);
            policies.add(new CertificatePolicy("2.5.29.32.0", "", ""));

            X509CAInfo cainfo = new X509CAInfo(dn, dn, SecConst.CA_ACTIVE, new Date(), "", SecConst.CERTPROFILE_FIXED_ROOTCA, 365, null, // Expiretime
                    CAInfo.CATYPE_X509, CAInfo.SELFSIGNED, (Collection<Certificate>) null, catokeninfo, "JUnit ECDSA CA", -1, null, policies, // PolicyId
                    24, // CRLPeriod
                    0, // CRLIssueInterval
                    10, // CRLOverlapTime
                    0, // DeltaCRLPeriod
View Full Code Here

            extendedcaservices.add(new OCSPCAServiceInfo(ExtendedCAServiceInfo.STATUS_ACTIVE));

            ArrayList<CertificatePolicy> policies = new ArrayList<CertificatePolicy>(1);
            policies.add(new CertificatePolicy("2.5.29.32.0", "", ""));

            X509CAInfo cainfo = new X509CAInfo(dn, dn, SecConst.CA_ACTIVE, new Date(), "", SecConst.CERTPROFILE_FIXED_ROOTCA, 365, null, // Expiretime
                    CAInfo.CATYPE_X509, CAInfo.SELFSIGNED, (Collection<Certificate>) null, catokeninfo, "JUnit DSA CA", -1, null, policies, // PolicyId
                    24, // CRLPeriod
                    0, // CRLIssueInterval
                    10, // CRLOverlapTime
                    0, // DeltaCRLPeriod
View Full Code Here

TOP

Related Classes of org.ejbca.core.model.ca.caadmin.X509CAInfo

Copyright © 2018 www.massapicom. All rights reserved.
All source code are property of their respective owners. Java is a trademark of Sun Microsystems, Inc and owned by ORACLE Inc. Contact coftware#gmail.com.