useKeyWithType.setApplication(XKMSConstants.USEKEYWITH_TLSHTTP);
useKeyWithType.setIdentifier(username1);
validateRequestType.getRespondWith().add(XKMSConstants.RESPONDWITH_X509CHAIN);
QueryKeyBindingType queryKeyBindingType = xKMSObjectFactory.createQueryKeyBindingType();
queryKeyBindingType.getUseKeyWith().add(useKeyWithType);
validateRequestType.setQueryKeyBinding(queryKeyBindingType);
ValidateResultType validateResultType = xKMSInvoker.validate(validateRequestType, null, null);
assertTrue(validateResultType.getKeyBinding().size() > 0);
assertTrue(validateResultType.getKeyBinding().get(0).getStatus().getValidReason().contains(XKMSConstants.STATUSREASON_VALIDITYINTERVAL));
assertTrue(validateResultType.getKeyBinding().get(0).getStatus().getValidReason().contains(XKMSConstants.STATUSREASON_ISSUERTRUST));
assertTrue(validateResultType.getKeyBinding().get(0).getStatus().getValidReason().contains(XKMSConstants.STATUSREASON_SIGNATURE));
assertTrue(validateResultType.getKeyBinding().get(0).getStatus().getValidReason().contains(XKMSConstants.STATUSREASON_REVOCATIONSTATUS));
// Test with known certificate.
validateRequestType = xKMSObjectFactory.createValidateRequestType();
validateRequestType.setId("201");
useKeyWithType = xKMSObjectFactory.createUseKeyWithType();
useKeyWithType.setApplication(XKMSConstants.USEKEYWITH_TLSHTTP);
useKeyWithType.setIdentifier(username1);
validateRequestType.getRespondWith().add(XKMSConstants.RESPONDWITH_X509CERT);
queryKeyBindingType = xKMSObjectFactory.createQueryKeyBindingType();
X509DataType x509DataType = sigFactory.createX509DataType();
x509DataType.getX509IssuerSerialOrX509SKIOrX509SubjectName().add(sigFactory.createX509DataTypeX509Certificate(cert1.getEncoded()));
KeyInfoType keyInfoType = sigFactory.createKeyInfoType();
keyInfoType.getContent().add(sigFactory.createX509Data(x509DataType));
queryKeyBindingType.setKeyInfo(keyInfoType);
queryKeyBindingType.getUseKeyWith().add(useKeyWithType);
validateRequestType.setQueryKeyBinding(queryKeyBindingType);
validateResultType = xKMSInvoker.validate(validateRequestType, null, null);
assertTrue(validateResultType.getKeyBinding().size() > 0);
assertTrue(validateResultType.getKeyBinding().get(0).getStatus().getValidReason().contains(XKMSConstants.STATUSREASON_VALIDITYINTERVAL));
assertTrue(validateResultType.getKeyBinding().get(0).getStatus().getValidReason().contains(XKMSConstants.STATUSREASON_ISSUERTRUST));
assertTrue(validateResultType.getKeyBinding().get(0).getStatus().getValidReason().contains(XKMSConstants.STATUSREASON_SIGNATURE));
assertTrue(validateResultType.getKeyBinding().get(0).getStatus().getValidReason().contains(XKMSConstants.STATUSREASON_REVOCATIONSTATUS));
// Test with unknown certificate.
validateRequestType = xKMSObjectFactory.createValidateRequestType();
validateRequestType.setId("202");
useKeyWithType = xKMSObjectFactory.createUseKeyWithType();
useKeyWithType.setApplication(XKMSConstants.USEKEYWITH_TLSHTTP);
useKeyWithType.setIdentifier(username1);
validateRequestType.getRespondWith().add(XKMSConstants.RESPONDWITH_X509CERT);
queryKeyBindingType = xKMSObjectFactory.createQueryKeyBindingType();
x509DataType = sigFactory.createX509DataType();
x509DataType.getX509IssuerSerialOrX509SKIOrX509SubjectName().add(sigFactory.createX509DataTypeX509Certificate(certbytes));
keyInfoType = sigFactory.createKeyInfoType();
keyInfoType.getContent().add(sigFactory.createX509Data(x509DataType));
queryKeyBindingType.setKeyInfo(keyInfoType);
queryKeyBindingType.getUseKeyWith().add(useKeyWithType);
validateRequestType.setQueryKeyBinding(queryKeyBindingType);
validateResultType = xKMSInvoker.validate(validateRequestType, null, null);
assertTrue(validateResultType.getResultMajor().equals(XKMSConstants.RESULTMAJOR_SUCCESS));
assertTrue(validateResultType.getResultMinor().equals(XKMSConstants.RESULTMINOR_NOMATCH));
// Revoke certificate
Admin administrator = new Admin(Admin.TYPE_RA_USER);
certificateStoreSession.revokeCertificate(administrator, cert1, new ArrayList(), RevokedCertInfo.REVOCATION_REASON_UNSPECIFIED, null);
// Validate with revoked certificate
validateRequestType = xKMSObjectFactory.createValidateRequestType();
validateRequestType.setId("203");
useKeyWithType = xKMSObjectFactory.createUseKeyWithType();
useKeyWithType.setApplication(XKMSConstants.USEKEYWITH_TLSHTTP);
useKeyWithType.setIdentifier(username1);
validateRequestType.getRespondWith().add(XKMSConstants.RESPONDWITH_X509CERT);
queryKeyBindingType = xKMSObjectFactory.createQueryKeyBindingType();
x509DataType = sigFactory.createX509DataType();
x509DataType.getX509IssuerSerialOrX509SKIOrX509SubjectName().add(sigFactory.createX509DataTypeX509Certificate(cert1.getEncoded()));
keyInfoType = sigFactory.createKeyInfoType();
keyInfoType.getContent().add(sigFactory.createX509Data(x509DataType));
queryKeyBindingType.setKeyInfo(keyInfoType);
queryKeyBindingType.getUseKeyWith().add(useKeyWithType);
validateRequestType.setQueryKeyBinding(queryKeyBindingType);
validateResultType = xKMSInvoker.validate(validateRequestType, null, null);
assertTrue(validateResultType.getKeyBinding().size() > 0);