X509TestUtils xref


1   /* Copyright 2004, 2005 Acegi Technology Pty Limited
2    *
3    * Licensed under the Apache License, Version 2.0 (the "License");
4    * you may not use this file except in compliance with the License.
5    * You may obtain a copy of the License at
6    *
7    *     http://www.apache.org/licenses/LICENSE-2.0
8    *
9    * Unless required by applicable law or agreed to in writing, software
10   * distributed under the License is distributed on an "AS IS" BASIS,
11   * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
12   * See the License for the specific language governing permissions and
13   * limitations under the License.
14   */
15  
16  package org.acegisecurity.providers.x509;
17  
18  import java.security.cert.X509Certificate;
19  import java.security.cert.CertificateFactory;
20  import java.io.ByteArrayInputStream;
21  
22  /***
23   * @author Luke Taylor
24   */
25  public class X509TestUtils {
26  
27      public static X509AuthenticationToken createToken() throws Exception {
28          return new X509AuthenticationToken(buildTestCertificate());
29      }
30      /***
31        * Builds an X.509 certificate. In human-readable form it is:
32        * <pre>
33        * Certificate:
34        *   Data:
35        *      Version: 3 (0x2)
36        *      Serial Number: 1 (0x1)
37        *      Signature Algorithm: sha1WithRSAEncryption
38        *      Issuer: CN=Monkey Machine CA, C=UK, ST=Scotland, L=Glasgow,
39        *          O=monkeymachine.co.uk/emailAddress=ca@monkeymachine.co.uk
40        *      Validity
41        *          Not Before: Mar  6 23:28:22 2005 GMT
42        *          Not After : Mar  6 23:28:22 2006 GMT
43        *      Subject: C=UK, ST=Scotland, L=Glasgow, O=Monkey Machine Ltd,
44        *          OU=Open Source Development Lab., CN=Luke Taylor/emailAddress=luke@monkeymachine
45        *      Subject Public Key Info:
46        *          Public Key Algorithm: rsaEncryption
47        *          RSA Public Key: (512 bit)
48        *              [omitted]
49        *      X509v3 extensions:
50        *          X509v3 Basic Constraints:
51        *          CA:FALSE
52        *          Netscape Cert Type:
53        *          SSL Client
54        *          X509v3 Key Usage:
55        *          Digital Signature, Non Repudiation, Key Encipherment
56        *          X509v3 Subject Key Identifier:
57        *          6E:E6:5B:57:33:CF:0E:2F:15:C2:F4:DF:EC:14:BE:FB:CF:54:56:3C
58        *          X509v3 Authority Key Identifier:
59        *          keyid:AB:78:EC:AF:10:1B:8A:9B:1F:C7:B1:25:8F:16:28:F2:17:9A:AD:36
60        *          DirName:/CN=Monkey Machine CA/C=UK/ST=Scotland/L=Glasgow/O=monkeymachine.co.uk/emailAddress=ca@monkeymachine.co.uk
61        *          serial:00
62        *          Netscape CA Revocation Url:
63        *          https://monkeymachine.co.uk/ca-crl.pem
64        *   Signature Algorithm: sha1WithRSAEncryption
65        *             [signature omitted]
66        * </pre>
67        */
68       public static X509Certificate buildTestCertificate() throws Exception
69       {
70           String cert = "-----BEGIN CERTIFICATE-----\n" +
71                   "MIIEQTCCAymgAwIBAgIBATANBgkqhkiG9w0BAQUFADCBkzEaMBgGA1UEAxMRTW9u\n" +
72                   "a2V5IE1hY2hpbmUgQ0ExCzAJBgNVBAYTAlVLMREwDwYDVQQIEwhTY290bGFuZDEQ\n" +
73                   "MA4GA1UEBxMHR2xhc2dvdzEcMBoGA1UEChMTbW9ua2V5bWFjaGluZS5jby51azEl\n" +
74                   "MCMGCSqGSIb3DQEJARYWY2FAbW9ua2V5bWFjaGluZS5jby51azAeFw0wNTAzMDYy\n" +
75                   "MzI4MjJaFw0wNjAzMDYyMzI4MjJaMIGvMQswCQYDVQQGEwJVSzERMA8GA1UECBMI\n" +
76                   "U2NvdGxhbmQxEDAOBgNVBAcTB0dsYXNnb3cxGzAZBgNVBAoTEk1vbmtleSBNYWNo\n" +
77                   "aW5lIEx0ZDElMCMGA1UECxMcT3BlbiBTb3VyY2UgRGV2ZWxvcG1lbnQgTGFiLjEU\n" +
78                   "MBIGA1UEAxMLTHVrZSBUYXlsb3IxITAfBgkqhkiG9w0BCQEWEmx1a2VAbW9ua2V5\n" +
79                   "bWFjaGluZTBcMA0GCSqGSIb3DQEBAQUAA0sAMEgCQQDItxZr07mm65ttYH7RMaVo\n" +
80                   "VeMCq4ptfn+GFFEk4+54OkDuh1CHlk87gEc1jx3ZpQPJRTJx31z3YkiAcP+RDzxr\n" +
81                   "AgMBAAGjggFIMIIBRDAJBgNVHRMEAjAAMBEGCWCGSAGG+EIBAQQEAwIHgDALBgNV\n" +
82                   "HQ8EBAMCBeAwHQYDVR0OBBYEFG7mW1czzw4vFcL03+wUvvvPVFY8MIHABgNVHSME\n" +
83                   "gbgwgbWAFKt47K8QG4qbH8exJY8WKPIXmq02oYGZpIGWMIGTMRowGAYDVQQDExFN\n" +
84                   "b25rZXkgTWFjaGluZSBDQTELMAkGA1UEBhMCVUsxETAPBgNVBAgTCFNjb3RsYW5k\n" +
85                   "MRAwDgYDVQQHEwdHbGFzZ293MRwwGgYDVQQKExNtb25rZXltYWNoaW5lLmNvLnVr\n" +
86                   "MSUwIwYJKoZIhvcNAQkBFhZjYUBtb25rZXltYWNoaW5lLmNvLnVrggEAMDUGCWCG\n" +
87                   "SAGG+EIBBAQoFiZodHRwczovL21vbmtleW1hY2hpbmUuY28udWsvY2EtY3JsLnBl\n" +
88                   "bTANBgkqhkiG9w0BAQUFAAOCAQEAZ961bEgm2rOq6QajRLeoljwXDnt0S9BGEWL4\n" +
89                   "PMU2FXDog9aaPwfmZ5fwKaSebwH4HckTp11xwe/D9uBZJQ74Uf80UL9z2eo0GaSR\n" +
90                   "nRB3QPZfRvop0I4oPvwViKt3puLsi9XSSJ1w9yswnIf89iONT7ZyssPg48Bojo8q\n" +
91                   "lcKwXuDRBWciODK/xWhvQbaegGJ1BtXcEHtvNjrUJLwSMDSr+U5oUYdMohG0h1iJ\n" +
92                   "R+JQc49I33o2cTc77wfEWLtVdXAyYY4GSJR6VfgvV40x85ItaNS3HHfT/aXU1x4m\n" +
93                   "W9YQkWlA6t0blGlC+ghTOY1JbgWnEfXMmVgg9a9cWaYQ+NQwqA==\n" +
94                   "-----END CERTIFICATE-----";
95  
96           ByteArrayInputStream in = new ByteArrayInputStream(cert.getBytes());
97           CertificateFactory cf = CertificateFactory.getInstance("X.509");
98           return (X509Certificate)cf.generateCertificate(in);
99  
100      }
101 
102 }