/*
* Copyright (C) 2012 The Android Open Source Project
*
* Licensed under the Apache License, Version 2.0 (the "License");
* you may not use this file except in compliance with the License.
* You may obtain a copy of the License at
*
* http://www.apache.org/licenses/LICENSE-2.0
*
* Unless required by applicable law or agreed to in writing, software
* distributed under the License is distributed on an "AS IS" BASIS,
* WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
* See the License for the specific language governing permissions and
* limitations under the License.
*/
package com.android.org.bouncycastle.jce.provider;
import java.io.ByteArrayInputStream;
import java.io.File;
import java.io.FileOutputStream;
import java.io.FileNotFoundException;
import java.io.InputStream;
import java.io.IOException;
import java.math.BigInteger;
import java.security.cert.CertificateFactory;
import java.security.cert.Certificate;
import java.security.cert.X509Certificate;
import java.security.MessageDigest;
import java.security.PrivateKey;
import java.security.PublicKey;
import java.util.HashSet;
import java.util.Set;
import junit.framework.TestCase;
import com.android.org.bouncycastle.jce.provider.CertBlacklist;
import com.android.org.bouncycastle.crypto.Digest;
import com.android.org.bouncycastle.util.encoders.Base64;
import com.android.org.bouncycastle.util.encoders.Hex;
public class CertBlacklistTest extends TestCase {
private File tmpFile;
private Set<String> DEFAULT_PUBKEYS;
private Set<String> DEFAULT_SERIALS;
public static final String TEST_CERT = "" +
"MIIDsjCCAxugAwIBAgIJAPLf2gS0zYGUMA0GCSqGSIb3DQEBBQUAMIGYMQswCQYDVQQGEwJVUzET" +
"MBEGA1UECBMKQ2FsaWZvcm5pYTEWMBQGA1UEBxMNTW91bnRhaW4gVmlldzEPMA0GA1UEChMGR29v" +
"Z2xlMRAwDgYDVQQLEwd0ZXN0aW5nMRYwFAYDVQQDEw1HZXJlbXkgQ29uZHJhMSEwHwYJKoZIhvcN" +
"AQkBFhJnY29uZHJhQGdvb2dsZS5jb20wHhcNMTIwNzE0MTc1MjIxWhcNMTIwODEzMTc1MjIxWjCB" +
"mDELMAkGA1UEBhMCVVMxEzARBgNVBAgTCkNhbGlmb3JuaWExFjAUBgNVBAcTDU1vdW50YWluIFZp" +
"ZXcxDzANBgNVBAoTBkdvb2dsZTEQMA4GA1UECxMHdGVzdGluZzEWMBQGA1UEAxMNR2VyZW15IENv" +
"bmRyYTEhMB8GCSqGSIb3DQEJARYSZ2NvbmRyYUBnb29nbGUuY29tMIGfMA0GCSqGSIb3DQEBAQUA" +
"A4GNADCBiQKBgQCjGGHATBYlmas+0sEECkno8LZ1KPglb/mfe6VpCT3GhSr+7br7NG/ZwGZnEhLq" +
"E7YIH4fxltHmQC3Tz+jM1YN+kMaQgRRjo/LBCJdOKaMwUbkVynAH6OYsKevjrOPk8lfM5SFQzJMG" +
"sA9+Tfopr5xg0BwZ1vA/+E3mE7Tr3M2UvwIDAQABo4IBADCB/TAdBgNVHQ4EFgQUhzkS9E6G+x8W" +
"L4EsmRjDxu28tHUwgc0GA1UdIwSBxTCBwoAUhzkS9E6G+x8WL4EsmRjDxu28tHWhgZ6kgZswgZgx" +
"CzAJBgNVBAYTAlVTMRMwEQYDVQQIEwpDYWxpZm9ybmlhMRYwFAYDVQQHEw1Nb3VudGFpbiBWaWV3" +
"MQ8wDQYDVQQKEwZHb29nbGUxEDAOBgNVBAsTB3Rlc3RpbmcxFjAUBgNVBAMTDUdlcmVteSBDb25k" +
"cmExITAfBgkqhkiG9w0BCQEWEmdjb25kcmFAZ29vZ2xlLmNvbYIJAPLf2gS0zYGUMAwGA1UdEwQF" +
"MAMBAf8wDQYJKoZIhvcNAQEFBQADgYEAYiugFDmbDOQ2U/+mqNt7o8ftlEo9SJrns6O8uTtK6AvR" +
"orDrR1AXTXkuxwLSbmVfedMGOZy7Awh7iZa8hw5x9XmUudfNxvmrKVEwGQY2DZ9PXbrnta/dwbhK" +
"mWfoepESVbo7CKIhJp8gRW0h1Z55ETXD57aGJRvQS4pxkP8ANhM=";
public static final String TURKTRUST_1 = "" +
"MIIFPTCCBCWgAwIBAgICCCcwDQYJKoZIhvcNAQEFBQAwgawxPTA7BgNVBAMMNFTDnFJLVFJVU1Qg" +
"RWxla3Ryb25payBTdW51Y3UgU2VydGlmaWthc8SxIEhpem1ldGxlcmkxCzAJBgNVBAYTAlRSMV4w" +
"XAYDVQQKDFVUw5xSS1RSVVNUIEJpbGdpIMSwbGV0acWfaW0gdmUgQmlsacWfaW0gR8O8dmVubGnE" +
"n2kgSGl6bWV0bGVyaSBBLsWeLiAoYykgS2FzxLFtICAyMDA1MB4XDTExMDgwODA3MDc1MVoXDTIx" +
"MDcwNjA3MDc1MVowbjELMAkGA1UEBhMCVFIxDzANBgNVBAgMBkFOS0FSQTEPMA0GA1UEBwwGQU5L" +
"QVJBMQwwCgYDVQQKDANFR08xGDAWBgNVBAsMD0VHTyBCSUxHSSBJU0xFTTEVMBMGA1UEAwwMKi5F" +
"R08uR09WLlRSMIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAv5zoj2Bpdl7R1M/zF6Qf" +
"4su2F8vDqISKvuTuyJhNAHhFGHCsHjaixGMHspuz0l3V50kq/ECWbN8kKaeTrB112QOrWTU276iu" +
"p1Gh+OlEOiR9vlQ4VAP00dWUjD6z9HQFCi8W3EsEtiiHiYOU9BcPpPkaUbECwP4nGVwR8aPwhB5P" +
"GBJc98romdvciYkUpSOOwkuSRtooA7tRlLFu72QaNpXN1NueB36I3aajPk0YyiXy2w8XlgK7QI4P" +
"SSBnSq+QblFocWVmLhF94je7py6lCnllrIFXpR3FWZLD5GcI6HKlBS78AQ+IMBLFHhsEVw5NQj90" +
"chSZClfBWBZzIaV9RwIDAQABo4IBpDCCAaAwHwYDVR0jBBgwFoAUq042AzDS29UKaL6HpVBs/PZw" +
"pSUwHQYDVR0OBBYEFGT7G4Y9uEryRIL5Vj3qJsD047M0MA4GA1UdDwEB/wQEAwIBBjBFBgNVHSAE" +
"PjA8MDoGCWCGGAMAAwEBATAtMCsGCCsGAQUFBwIBFh9odHRwOi8vd3d3LnR1cmt0cnVzdC5jb20u" +
"dHIvc3VlMA8GA1UdEwEB/wQFMAMBAf8wSQYDVR0fBEIwQDA+oDygOoY4aHR0cDovL3d3dy50dXJr" +
"dHJ1c3QuY29tLnRyL3NpbC9UVVJLVFJVU1RfU1NMX1NJTF9zMi5jcmwwgaoGCCsGAQUFBwEBBIGd" +
"MIGaMG4GCCsGAQUFBzAChmJodHRwOi8vd3d3LnR1cmt0cnVzdC5jb20udHIvc2VydGlmaWthbGFy" +
"L1RVUktUUlVTVF9FbGVrdHJvbmlrX1N1bnVjdV9TZXJ0aWZpa2FzaV9IaXptZXRsZXJpX3MyLmNy" +
"dDAoBggrBgEFBQcwAYYcaHR0cDovL29jc3AudHVya3RydXN0LmNvbS50cjANBgkqhkiG9w0BAQUF" +
"AAOCAQEAj89QCCyoW0S20EcYDZAnvFLFmougK97Bt68iV1OM622+Cyeyf4Sz+1LBk1f9ni3fGT0Q" +
"+RWZJYWq5YuSBiLVgk3NLcxnwe3wmnvErUgq1QDtAaNlBWMEMklOlWGfJ0eWaillUskJbDd4KwgZ" +
"HDEj7g/jYEQqU1t0zoJdwM/zNsnLHkhwcWZ5PQnnbpff1Ct/1LH/8pdy2eRDmRmqniLUh8r2lZfJ" +
"eudVZG6yIbxsqP3t2JCq5c2P1jDhAGF3g9DiskH0CzsRdbVpoWdr+PY1Xz/19G8XEpX9r+IBJhLd" +
"bkpVo0Qh0A10mzFP/GUk5f/8nho2HvLaVMhWv1qKcF8IhQ==";
public static final String TURKTRUST_2 = "" +
"MIID8DCCAtigAwIBAgICCGQwDQYJKoZIhvcNAQEFBQAwgawxPTA7BgNVBAMMNFTDnFJLVFJVU1Qg" +
"RWxla3Ryb25payBTdW51Y3UgU2VydGlmaWthc8SxIEhpem1ldGxlcmkxCzAJBgNVBAYTAlRSMV4w" +
"XAYDVQQKDFVUw5xSS1RSVVNUIEJpbGdpIMSwbGV0acWfaW0gdmUgQmlsacWfaW0gR8O8dmVubGnE" +
"n2kgSGl6bWV0bGVyaSBBLsWeLiAoYykgS2FzxLFtICAyMDA1MB4XDTExMDgwODA3MDc1MVoXDTIx" +
"MDgwNTA3MDc1MVowgaMxCzAJBgNVBAYTAlRSMRAwDgYDVQQIEwdMZWZrb3NhMRAwDgYDVQQHEwdM" +
"ZWZrb3NhMRwwGgYDVQQKExNLS1RDIE1lcmtleiBCYW5rYXNpMSYwJAYDVQQDEx1lLWlzbGVtLmtr" +
"dGNtZXJrZXpiYW5rYXNpLm9yZzEqMCgGCSqGSIb3DQEJARYbaWxldGlAa2t0Y21lcmtlemJhbmth" +
"c2kub3JnMIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAw1hUpuRFY67NsZ6C9rzRAPCb" +
"9RVpi4nZzJIA1TvIfr4hMPM0X5jseMf5GvgJQ+cBMZtooDd7BbZNy2z7O5A+8PYFaMDdokCENx2e" +
"PIqAVuO6C5UAqM7J3n6RrhjOvqiw6dTQMbtXhjFao+YMuBVvRuuhGHBDK3Je64T/KLzcmAUlRJEu" +
"y+ZMe7AatUaSDr/jy5DMA5xEYOdsnS5Zo30lRG+9vqbxb8CQi+E97sNjY+W4lEgJKQWMNh5rCxo4" +
"Hinkm3CKyKX3PAS+DDVI3LQiCiIQUOMA2+1P5aTPTkpqlbjqhbWTWAPWOKCF9d83p3RMXOYt5Gah" +
"S8rg5u6+toEC1QIDAQABoyMwITAOBgNVHQ8BAf8EBAMCAQYwDwYDVR0TAQH/BAUwAwEB/zANBgkq" +
"hkiG9w0BAQUFAAOCAQEAwjWz5tsUvYORVW8KJSK/biHFrAnFotMtoTKEewRmnYaYjwXIr1IPaBqh" +
"jkGGviLN2eOH/v97Uli6HC4lzhKHfMQUS9KF/f5nGcH8iQBy/gmFsfJQ1KDC6GNM4CfMGIzyxjYh" +
"P0VzdUtKX3PAl5EqgMUcdqRDy6Ruz55+JkdvCL1nAC7xH+czJcZVwysTdGfLTCh6VtYPgIkeL6U8" +
"3xQAyMuOHm72exJljYFqIsiNvGE0KufCqCuH1PD97IXMrLlwGmKKg5jP349lySBpJjm6RDqCTT+6" +
"dUl2jkVbeNmco99Y7AOdtLsOdXBMCo5x8lK8zwQWFrzEms0joHXCpWfGWA==";
public static final String ANSSI = "" +
"MIIDbDCCAlSgAwIBAgIDAx2nMA0GCSqGSIb3DQEBBQUAMEsxCzAJBgNVBAYTAkZSMQ4wDAYDVQQK" +
"EwVER1RQRTEsMCoGA1UEAxMjQUMgREdUUEUgU2lnbmF0dXJlIEF1dGhlbnRpZmljYXRpb24wHhcN" +
"MTMwNzE4MTAwNTI4WhcNMTQwNzE4MTAwNTI4WjA+MQswCQYDVQQGEwJGUjETMBEGA1UECgwKREcg" +
"VHLDqXNvcjEaMBgGA1UEAwwRQUMgREcgVHLDqXNvciBTU0wwggEiMA0GCSqGSIb3DQEBAQUAA4IB" +
"DwAwggEKAoIBAQDI0WFSUyY+MmtFkqFjTefoFyDgh9b1C/2YvSIvT8oCH62JWT5rpeTCZwaXbqWc" +
"jaNfzggqaFsokqfhBif43HNHNtNJmvKE32VcuLB0SpsLR/1VeTd9F99C1JeHVa+nelumOHEfouX8" +
"rRFrxNXNIYTVeiENT8Y2YqRb/XAril9g7i674uFzLiNR/t/N/F8Exujv9U8m8rmgud/+tG9WDRaD" +
"Jwoj3ZFCOnL5qLnSUEcS6TzWpozLmC2JVO5GZKGGd7qC9FjdBkVilkbVIEGSrYvz2Uz2v5IGqMBI" +
"QaFL/kSYWxGTaedTOk2drFEApp9AEPTfv1NwCWBfegsGQrHUROM3AgMBAAGjZjBkMBIGA1UdEwEB" +
"/wQIMAYBAf8CAQQwHQYDVR0OBBYEFAAMW8lJqJW0DtAv5p3Mjogxvh9lMB8GA1UdIwQYMBaAFOnb" +
"kI/9W5nkFTvwYlyn5A1Y6IeZMA4GA1UdDwEB/wQEAwIBBjANBgkqhkiG9w0BAQUFAAOCAQEAtDfG" +
"HkHOLW2d9fiMtwtkEwDauISJLJyCjoRmawzmQbIZXq7HaLliVfE0sdfKUm0iQ0im1/CpnJLPoTeK" +
"yBHvNu1ubLc2m+9dabAYhF3pVdKC+gNaAzBXZ9Gt0p1CLk1lf8Hg+R10HN2IPCv7V/crz2Ga+c23" +
"4P3pfwYW8+Nd7alGCuvqot6UYXOlheF7zWUkHn6z6tvY+9oMDHKSUAthhA/FB50JgJU89zyTv1eg" +
"Y3ldKwvYBW3W3yNZdTHbPyNsPJdhqA55mDNsteE5YTp1PyySDb1MSVrbxDEruoH6ZE99Hob4Ih8A" +
"mn7MHZatGClECgjXWFZ2Gxa7OUCaQpcH8g==";
public CertBlacklistTest() throws IOException {
tmpFile = File.createTempFile("test", "");
DEFAULT_PUBKEYS = getDefaultPubkeys();
DEFAULT_SERIALS = getDefaultSerials();
tmpFile.delete();
}
@Override
public void setUp() throws Exception {
super.setUp();
tmpFile = File.createTempFile("test", "");
}
@Override
public void tearDown() throws Exception {
try {
tmpFile.delete();
} finally {
super.tearDown();
}
}
private Set<String> getPubkeyBlacklist(String path) throws IOException {
// set our blacklist path
CertBlacklist bl = new CertBlacklist(path, "");
// call readPubkeyBlacklist
Set<byte[]> arr = bl.pubkeyBlacklist;
// convert the results to a hashset of strings
Set<String> results = new HashSet<String>();
for (byte[] value: arr) {
results.add(new String(value));
}
return results;
}
private Set<String> getSerialBlacklist(String path) throws IOException {
// set our blacklist path
CertBlacklist bl = new CertBlacklist("", path);
// call readPubkeyBlacklist
Set<BigInteger> arr = bl.serialBlacklist;
// convert the results to a hashset of strings
Set<String> results = new HashSet<String>();
for (BigInteger value: arr) {
results.add(value.toString(16));
}
return results;
}
private static String getHash(PublicKey publicKey) throws Exception {
byte[] encoded = publicKey.getEncoded();
MessageDigest digest = MessageDigest.getInstance("SHA1");
byte[] hexlifiedHash = Hex.encode(digest.digest(encoded));
return new String(hexlifiedHash);
}
private Set<String> getDefaultPubkeys() throws IOException {
return getPubkeyBlacklist("");
}
private Set<String> getDefaultSerials() throws IOException {
return getSerialBlacklist("");
}
private Set<String> getCurrentPubkeyBlacklist() throws IOException {
return getPubkeyBlacklist(tmpFile.getCanonicalPath());
}
private Set<String> getCurrentSerialBlacklist() throws IOException {
return getSerialBlacklist(tmpFile.getCanonicalPath());
}
private void blacklistToFile(String blacklist) throws IOException {
FileOutputStream out = new FileOutputStream(tmpFile);
out.write(blacklist.toString().getBytes());
out.close();
}
private void writeBlacklist(HashSet<String> values) throws IOException {
StringBuilder result = new StringBuilder();
// join the values into a string
for (String value : values) {
if (result.length() != 0) {
result.append(",");
}
result.append(value);
}
blacklistToFile(result.toString());
}
private static PublicKey createPublicKey(String cert) throws Exception {
byte[] derCert = Base64.decode(cert.getBytes());
InputStream istream = new ByteArrayInputStream(derCert);
CertificateFactory cf = CertificateFactory.getInstance("X.509");
return cf.generateCertificate(istream).getPublicKey();
}
private static BigInteger createSerialNumber(String cert) throws Exception {
byte[] derCert = Base64.decode(cert.getBytes());
InputStream istream = new ByteArrayInputStream(derCert);
CertificateFactory cf = CertificateFactory.getInstance("X.509");
X509Certificate xCert = (X509Certificate)cf.generateCertificate(istream);
return xCert.getSerialNumber();
}
public void testPubkeyBlacklistLegit() throws Exception {
// build the blacklist
HashSet<String> bl = new HashSet<String>();
bl.add("6ccabd7db47e94a5759901b6a7dfd45d1c091ccc");
// write the blacklist
writeBlacklist(bl);
// add the default pubkeys into the bl
bl.addAll(DEFAULT_PUBKEYS);
// do the test
assertEquals(bl, getCurrentPubkeyBlacklist());
}
public void testLegitPubkeyIsntBlacklisted() throws Exception {
// build the public key
PublicKey pk = createPublicKey(TEST_CERT);
// write that to the test blacklist
writeBlacklist(new HashSet<String>());
// set our blacklist path
CertBlacklist bl = new CertBlacklist(tmpFile.getCanonicalPath(), "");
// check to make sure it isn't blacklisted
assertEquals(bl.isPublicKeyBlackListed(pk), false);
}
public void testPubkeyIsBlacklisted() throws Exception {
// build the public key
PublicKey pk = createPublicKey(TEST_CERT);
// get its hash
String hash = getHash(pk);
// write that to the test blacklist
HashSet<String> testBlackList = new HashSet<String>();
testBlackList.add(hash);
writeBlacklist(testBlackList);
// set our blacklist path
CertBlacklist bl = new CertBlacklist(tmpFile.getCanonicalPath(), "");
// check to make sure it isn't blacklited
assertTrue(bl.isPublicKeyBlackListed(pk));
}
public void testSerialBlacklistLegit() throws IOException {
// build the blacklist
HashSet<String> bl = new HashSet<String>();
bl.add("22e514121e61c643b1e9b06bd4b9f7d0");
// write the blacklist
writeBlacklist(bl);
// add the default serials into the bl
bl.addAll(DEFAULT_SERIALS);
// do the test
assertEquals(bl, getCurrentSerialBlacklist());
}
public void testPubkeyBlacklistMultipleLegit() throws IOException {
// build the blacklist
HashSet<String> bl = new HashSet<String>();
bl.add("6ccabd7db47e94a5759901b6a7dfd45d1c091ccc");
bl.add("6ccabd7db47e94a5759901b6a7dfd45d1c091ccd");
// write the blacklist
writeBlacklist(bl);
// add the default pubkeys into the bl
bl.addAll(DEFAULT_PUBKEYS);
// do the test
assertEquals(bl, getCurrentPubkeyBlacklist());
}
public void testSerialBlacklistMultipleLegit() throws IOException {
// build the blacklist
HashSet<String> bl = new HashSet<String>();
bl.add("22e514121e61c643b1e9b06bd4b9f7d0");
bl.add("22e514121e61c643b1e9b06bd4b9f7d1");
// write the blacklist
writeBlacklist(bl);
// add the default serials into the bl
bl.addAll(DEFAULT_SERIALS);
// do the test
assertEquals(bl, getCurrentSerialBlacklist());
}
public void testPubkeyBlacklistMultipleBad() throws IOException {
// build the blacklist
HashSet<String> bl = new HashSet<String>();
bl.add("6ccabd7db47e94a5759901b6a7dfd45d1c091ccc");
bl.add("");
bl.add("6ccabd7db47e94a5759901b6a7dfd45d1c091ccd");
// write the blacklist
writeBlacklist(bl);
// add the default pubkeys into the bl
bl.addAll(DEFAULT_PUBKEYS);
// remove the bad one
bl.remove("");
// do the test- results should be all but the bad one are handled
assertEquals(bl, getCurrentPubkeyBlacklist());
}
public void testSerialBlacklistMultipleBad() throws IOException {
// build the blacklist
HashSet<String> bl = new HashSet<String>();
bl.add("22e514121e61c643b1e9b06bd4b9f7d0");
bl.add("");
bl.add("22e514121e61c643b1e9b06bd4b9f7d1");
// write the blacklist
writeBlacklist(bl);
// add the default serials into the bl
bl.addAll(DEFAULT_SERIALS);
// remove the bad one
bl.remove("");
// do the test- results should be all but the bad one are handled
assertEquals(bl, getCurrentSerialBlacklist());
}
public void testPubkeyBlacklistDoesntExist() throws IOException {
assertEquals(DEFAULT_PUBKEYS, getCurrentPubkeyBlacklist());
}
public void testSerialBlacklistDoesntExist() throws IOException {
assertEquals(DEFAULT_SERIALS, getCurrentSerialBlacklist());
}
public void testPubkeyBlacklistNotHexValues() throws IOException {
// build the blacklist
HashSet<String> bl = new HashSet<String>();
bl.add("ZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZ");
// write the blacklist
writeBlacklist(bl);
// do the test
assertEquals(DEFAULT_PUBKEYS, getCurrentPubkeyBlacklist());
}
public void testSerialBlacklistNotHexValues() throws IOException {
// build the blacklist
HashSet<String> bl = new HashSet<String>();
bl.add("ZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZ");
// write the blacklist
writeBlacklist(bl);
// do the test
assertEquals(DEFAULT_SERIALS, getCurrentSerialBlacklist());
}
public void testPubkeyBlacklistIncorrectLength() throws IOException {
// build the blacklist
HashSet<String> bl = new HashSet<String>();
bl.add("6ccabd7db47e94a5759901b6a7dfd45d1c091cc");
// write the blacklist
writeBlacklist(bl);
// do the test
assertEquals(DEFAULT_PUBKEYS, getCurrentPubkeyBlacklist());
}
public void testSerialBlacklistZero() throws IOException {
// build the blacklist
HashSet<String> bl = new HashSet<String>();
bl.add("0");
// write the blacklist
writeBlacklist(bl);
// add the default serials
bl.addAll(DEFAULT_SERIALS);
// do the test
assertEquals(bl, getCurrentSerialBlacklist());
}
public void testSerialBlacklistNegative() throws IOException {
// build the blacklist
HashSet<String> bl = new HashSet<String>();
bl.add("-1");
// write the blacklist
writeBlacklist(bl);
// add the default serials
bl.addAll(DEFAULT_SERIALS);
// do the test
assertEquals(bl, getCurrentSerialBlacklist());
}
public void testTurkTrustIntermediate1PubkeyBlacklist() throws Exception {
// build the public key
PublicKey pk = createPublicKey(TURKTRUST_1);
// write that to the test blacklist
writeBlacklist(new HashSet<String>());
// set our blacklist path
CertBlacklist bl = new CertBlacklist();
// check to make sure it isn't blacklisted
assertEquals(bl.isPublicKeyBlackListed(pk), true);
}
public void testTurkTrustIntermediate2PubkeyBlacklist() throws Exception {
// build the public key
PublicKey pk = createPublicKey(TURKTRUST_2);
// set our blacklist path
CertBlacklist bl = new CertBlacklist();
// check to make sure it isn't blacklisted
assertEquals(bl.isPublicKeyBlackListed(pk), true);
}
public void testANSSIIntermediatePubkeyBlacklist() throws Exception {
// build the public key
PublicKey pk = createPublicKey(ANSSI);
// set our blacklist path
CertBlacklist bl = new CertBlacklist();
// check to make sure it isn't blacklisted
assertEquals(bl.isPublicKeyBlackListed(pk), true);
}
private static void printHash(String cert) throws Exception {
System.out.println("CERTIFICATE PUBLIC KEY HASH: " + getHash(createPublicKey(cert)));
}
private static void printSerial(String cert) throws Exception {
System.out.println("CERTIFICATE SERIAL NUMBER: " + createSerialNumber(cert).toString(16));
}
}