Package org.opensaml.security.x509

Class X509SupportTest

java.lang.Object

org.opensaml.security.x509.X509SupportTest

public class X509SupportTest
extends Object

Tests the X509Support utility methods.

Field Summary

Fields

Modifier and Type	Field	Description
private String	altNameDNS
private String	altNameIP
private Integer	altNameTypeDNS
private Integer	altNameTypeIP
private Integer	altNameTypeURI
private String	altNameURL
private String	altNameURN
private String	certDER	A PEM encoded cert.
private String	certEC	An EC certificate.
private String	certPEM	A PEM encoded cert.
private String	crlDER	A PEM encoded CRL.
private String	crlPEM	A PEM encoded CRL.
private X509Certificate	entityCert
private X509Certificate	entityCert1AltNameDNS
private String	entityCert1AltNameDNSBase64
private X509Certificate	entityCert1AltNameIP
private String	entityCert1AltNameIPBase64
private X509Certificate	entityCert1AltNameURL
private String	entityCert1AltNameURLBase64
private X509Certificate	entityCert1AltNameURN
private String	entityCert1AltNameURNBase64
private X509Certificate	entityCert3AltNamesDNS_URL_IP
private String	entityCert3AltNamesDNS_URL_IPBase64
private X509Certificate	entityCert3AltNamesDNS_URN_IP
private String	entityCert3AltNamesDNS_URN_IPBase64
private String	entityCertBase64
private PrivateKey	entityPrivateKey
private String	entityPrivKeyBase64
private static String	INVALID_BASE64_TRAILING	Invalid base64 string as it has invalid trailing digits.
private String	keyEC	An EC private key.
private static String	subjectAltNameExtensionOID

Constructor Summary

Constructors

Constructor	Description
X509SupportTest()

Method Summary

Modifier and Type	Method	Description
private List<?>	getAltNames(X509Certificate cert, Set<Integer> nameTypes)	Get the alt names from the certificate.
protected void	setUp()
void	testDecodeCertDER()	Test decoding a DER encoded cert.
void	testDecodeCertPEM()	Test decoding a PEM encoded cert.
void	testDecodeCRLDER()	Test decoding a DER encoded CRL.
void	testDecodeCRLPEM()	Test decoding a PEM encoded CRL.
void	testDecodeCRLWithInvalidBase64()
void	testDetermineEntityCertificate()	Tests that the entity cert is correctly identified in the collection.
void	testEC()	Test decoding and matching EC keypair.
void	testGetCommonNames()	Test common name (CN) extraction from X500Principal.
void	testGetSubjectAltNames1NameDNS()	Test 1 alt name: DNS.
void	testGetSubjectAltNames1NameIP()	Test 1 alt name: IP.
void	testGetSubjectAltNames1NameURL()	Test 1 alt name: URI (URL).
void	testGetSubjectAltNames1NameURN()	Test 1 alt name: URI (URN).
void	testGetSubjectAltNames3NamesDNS_URL_IP()	Test 3 alt names: DNS, URI (URL), IP.
void	testGetSubjectAltNames3NamesDNS_URN_IP()	Test 3 alt names: DNS, URI (URN), IP.
void	testGetSubjectKeyIdentifier()	Test Subject Key Identifier (SKI) extraction from certificate.

Methods inherited from class java.lang.Object

clone, equals, finalize, getClass, hashCode, notify, notifyAll, toString, wait, wait, wait

Field Detail

entityPrivateKey

private PrivateKey entityPrivateKey

entityPrivKeyBase64

private String entityPrivKeyBase64

entityCert

private X509Certificate entityCert

entityCertBase64

private String entityCertBase64

entityCert3AltNamesDNS_URL_IP

private X509Certificate entityCert3AltNamesDNS_URL_IP

entityCert3AltNamesDNS_URL_IPBase64

private String entityCert3AltNamesDNS_URL_IPBase64

entityCert3AltNamesDNS_URN_IP

private X509Certificate entityCert3AltNamesDNS_URN_IP

entityCert3AltNamesDNS_URN_IPBase64

private String entityCert3AltNamesDNS_URN_IPBase64

entityCert1AltNameDNS

private X509Certificate entityCert1AltNameDNS

entityCert1AltNameDNSBase64

private String entityCert1AltNameDNSBase64

entityCert1AltNameURN

private X509Certificate entityCert1AltNameURN

entityCert1AltNameURNBase64

private String entityCert1AltNameURNBase64

entityCert1AltNameURL

private X509Certificate entityCert1AltNameURL

entityCert1AltNameURLBase64

private String entityCert1AltNameURLBase64

entityCert1AltNameIP

private X509Certificate entityCert1AltNameIP

entityCert1AltNameIPBase64

private String entityCert1AltNameIPBase64

altNameDNS

private String altNameDNS

altNameURN

private String altNameURN

altNameURL

private String altNameURL

altNameIP

private String altNameIP

altNameTypeDNS

private Integer altNameTypeDNS

altNameTypeURI

private Integer altNameTypeURI

altNameTypeIP

private Integer altNameTypeIP

subjectAltNameExtensionOID

private static String subjectAltNameExtensionOID

certPEM

private String certPEM

A PEM encoded cert.

certDER

private String certDER

A PEM encoded cert.

crlPEM

private String crlPEM

A PEM encoded CRL.

crlDER

private String crlDER

A PEM encoded CRL.

certEC

private String certEC

An EC certificate.

keyEC

private String keyEC

An EC private key.

INVALID_BASE64_TRAILING

private static final String INVALID_BASE64_TRAILING

Invalid base64 string as it has invalid trailing digits.

See Also:

Constant Field Values

Constructor Detail

X509SupportTest

public X509SupportTest()

Method Detail

setUp

@BeforeMethod
protected void setUp()
              throws Exception

Throws:

Exception

testGetCommonNames

public void testGetCommonNames()

Test common name (CN) extraction from X500Principal.

testGetSubjectKeyIdentifier

public void testGetSubjectKeyIdentifier()
                                 throws org.apache.commons.codec.DecoderException

Test Subject Key Identifier (SKI) extraction from certificate.

Throws:

org.apache.commons.codec.DecoderException - ...

testDetermineEntityCertificate

public void testDetermineEntityCertificate()
                                    throws Exception

Tests that the entity cert is correctly identified in the collection.

Throws:

Exception - if something goes wrong

testGetSubjectAltNames1NameDNS

public void testGetSubjectAltNames1NameDNS()
                                    throws org.opensaml.security.SecurityException,
                                           CertificateParsingException

Test 1 alt name: DNS.

Throws:

org.opensaml.security.SecurityException - ...

CertificateParsingException - ...

testGetSubjectAltNames1NameURN

public void testGetSubjectAltNames1NameURN()
                                    throws org.opensaml.security.SecurityException,
                                           CertificateParsingException

Test 1 alt name: URI (URN).

Throws:

org.opensaml.security.SecurityException - ...

CertificateParsingException - ...

testGetSubjectAltNames1NameURL

public void testGetSubjectAltNames1NameURL()
                                    throws org.opensaml.security.SecurityException,
                                           CertificateParsingException

Test 1 alt name: URI (URL).

Throws:

org.opensaml.security.SecurityException - ...

CertificateParsingException - ...

testGetSubjectAltNames1NameIP

public void testGetSubjectAltNames1NameIP()
                                   throws org.opensaml.security.SecurityException,
                                          CertificateParsingException

Test 1 alt name: IP.

Throws:

org.opensaml.security.SecurityException - ...

CertificateParsingException - ...

testGetSubjectAltNames3NamesDNS_URL_IP

public void testGetSubjectAltNames3NamesDNS_URL_IP()
                                            throws org.opensaml.security.SecurityException,
                                                   CertificateParsingException

Test 3 alt names: DNS, URI (URL), IP.

Throws:

org.opensaml.security.SecurityException - ...

CertificateParsingException - ...

testGetSubjectAltNames3NamesDNS_URN_IP

public void testGetSubjectAltNames3NamesDNS_URN_IP()
                                            throws org.opensaml.security.SecurityException,
                                                   CertificateParsingException

Test 3 alt names: DNS, URI (URN), IP.

Throws:

org.opensaml.security.SecurityException - ...

CertificateParsingException - ...

testDecodeCertPEM

public void testDecodeCertPEM()
                       throws Exception

Test decoding a PEM encoded cert.

Throws:

Exception - if something goes wrong

testDecodeCRLWithInvalidBase64

public void testDecodeCRLWithInvalidBase64()
                                    throws CertificateException,
                                           CRLException

Throws:

CertificateException

CRLException

testDecodeCertDER

public void testDecodeCertDER()
                       throws Exception

Test decoding a DER encoded cert.

Throws:

Exception - if something goes wrong

testDecodeCRLPEM

public void testDecodeCRLPEM()
                      throws Exception

Test decoding a PEM encoded CRL.

Throws:

Exception - if something goes wrong

testDecodeCRLDER

public void testDecodeCRLDER()
                      throws Exception

Test decoding a DER encoded CRL.

Throws:

Exception - if something goes wrong

testEC

public void testEC()
            throws Exception

Test decoding and matching EC keypair. TODO: enable once OpenJDK7/8 are unneeded.

Throws:

Exception - if something goes wrong

getAltNames

private List<?> getAltNames(X509Certificate cert,
                            Set<Integer> nameTypes)

Get the alt names from the certificate.

Parameters:

cert - the cert to process

nameTypes - set of Integers identifying which alt name types to extract

Returns:

list of alt name value Objects