userdatas.get(0).setStatus(UserDataVOWS.STATUS_NEW);
userdatas.get(0).setPassword("foo456");
userdatas.get(0).setClearPwd(true);
ejbcaraws.editUser(userdatas.get(0));
KeyStore ksenv = null;
try {
ksenv = ejbcaraws.pkcs12Req(CA1_WSTESTUSER1, "foo456", null, "1024", AlgorithmConstants.KEYALGORITHM_RSA);
} catch (EjbcaException_Exception e) {
assertTrue(e.getMessage(), false);
}
assertNotNull(ksenv);
java.security.KeyStore ks = KeyStoreHelper.getKeyStore(ksenv.getKeystoreData(), "PKCS12", "foo456");
assertNotNull(ks);
Enumeration<String> en = ks.aliases();
String alias = en.nextElement();
X509Certificate cert = (X509Certificate) ks.getCertificate(alias);
assertEquals(cert.getSubjectDN().toString(), getDN(CA1_WSTESTUSER1));
PrivateKey privK1 = (PrivateKey) ks.getKey(alias, "foo456".toCharArray());
log.info("test04GeneratePkcs12() Certificate " + cert.getSubjectDN().toString() + " equals " + getDN(CA1_WSTESTUSER1));
// Generate a new one and make sure it is a new one and that key
// recovery does not kick in by mistake
// Set status to new
usermatch = new UserMatch();
usermatch.setMatchwith(UserMatch.MATCH_WITH_USERNAME);
usermatch.setMatchtype(UserMatch.MATCH_TYPE_EQUALS);
usermatch.setMatchvalue(CA1_WSTESTUSER1);
userdatas = ejbcaraws.findUser(usermatch);
assertTrue(userdatas != null);
assertTrue(userdatas.size() == 1);
userdatas.get(0).setStatus(UserDataVOWS.STATUS_NEW);
userdatas.get(0).setPassword("foo456");
userdatas.get(0).setClearPwd(true);
ejbcaraws.editUser(userdatas.get(0));
// A new PK12 request now should return the same key and certificate
KeyStore ksenv2 = ejbcaraws.pkcs12Req(CA1_WSTESTUSER1, "foo456", null, "1024", AlgorithmConstants.KEYALGORITHM_RSA);
java.security.KeyStore ks2 = KeyStoreHelper.getKeyStore(ksenv2.getKeystoreData(), "PKCS12", "foo456");
assertNotNull(ks2);
en = ks2.aliases();
alias = (String) en.nextElement();
X509Certificate cert2 = (X509Certificate) ks2.getCertificate(alias);
assertEquals(cert2.getSubjectDN().toString(), getDN(CA1_WSTESTUSER1));
PrivateKey privK2 = (PrivateKey) ks2.getKey(alias, "foo456".toCharArray());
// Compare certificates, must not be the same
assertFalse(cert.getSerialNumber().toString(16).equals(cert2.getSerialNumber().toString(16)));
// Compare keys, must not be the same
String key1 = new String(Hex.encode(privK1.getEncoded()));
String key2 = new String(Hex.encode(privK2.getEncoded()));
assertFalse(key1.equals(key2));
// Test the method for adding/editing and requesting a PKCS#12 KeyStore
// in a single transaction
ksenv2 = ejbcaraws.softTokenRequest(userdatas.get(0), null, "1024", AlgorithmConstants.KEYALGORITHM_RSA);
ks2 = KeyStoreHelper.getKeyStore(ksenv2.getKeystoreData(), "PKCS12", "foo456");
assertNotNull(ks2);
en = ks2.aliases();
alias = (String) en.nextElement();
cert2 = (X509Certificate) ks2.getCertificate(alias);
assertEquals(cert2.getSubjectDN().toString(), getDN(CA1_WSTESTUSER1));
privK2 = (PrivateKey) ks2.getKey(alias, "foo456".toCharArray());
// Test the method for adding/editing and requesting a JKS KeyStore in a
// single transaction
userdatas.get(0).setTokenType(UserDataVOWS.TOKEN_TYPE_JKS);
ksenv2 = ejbcaraws.softTokenRequest(userdatas.get(0), null, "1024", AlgorithmConstants.KEYALGORITHM_RSA);
ks2 = KeyStoreHelper.getKeyStore(ksenv2.getKeystoreData(), "JKS", "foo456");
assertNotNull(ks2);
en = ks2.aliases();
alias = (String) en.nextElement();
cert2 = (X509Certificate) ks2.getCertificate(alias);
assertEquals(cert2.getSubjectX500Principal().getName(), getReversedDN(CA1_WSTESTUSER1));