1 /* 2 * Copyright (C) 2012 The Android Open Source Project 3 * 4 * Licensed under the Apache License, Version 2.0 (the "License"); 5 * you may not use this file except in compliance with the License. 6 * You may obtain a copy of the License at 7 * 8 * http://www.apache.org/licenses/LICENSE-2.0 9 * 10 * Unless required by applicable law or agreed to in writing, software 11 * distributed under the License is distributed on an "AS IS" BASIS, 12 * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. 13 * See the License for the specific language governing permissions and 14 * limitations under the License. 15 */ 16 17 package com.android.org.bouncycastle.jce.provider; 18 19 import java.io.ByteArrayInputStream; 20 import java.io.File; 21 import java.io.FileOutputStream; 22 import java.io.FileNotFoundException; 23 import java.io.InputStream; 24 import java.io.IOException; 25 import java.math.BigInteger; 26 import java.security.cert.CertificateFactory; 27 import java.security.cert.Certificate; 28 import java.security.cert.X509Certificate; 29 import java.security.MessageDigest; 30 import java.security.PrivateKey; 31 import java.security.PublicKey; 32 import java.util.HashSet; 33 import java.util.Set; 34 import junit.framework.TestCase; 35 import com.android.org.bouncycastle.jce.provider.CertBlacklist; 36 import com.android.org.bouncycastle.crypto.Digest; 37 import com.android.org.bouncycastle.util.encoders.Base64; 38 import com.android.org.bouncycastle.util.encoders.Hex; 39 40 public class CertBlacklistTest extends TestCase { 41 42 private File tmpFile; 43 44 private Set<String> DEFAULT_PUBKEYS; 45 private Set<String> DEFAULT_SERIALS; 46 47 public static final String TEST_CERT = "" + 48 "MIIDsjCCAxugAwIBAgIJAPLf2gS0zYGUMA0GCSqGSIb3DQEBBQUAMIGYMQswCQYDVQQGEwJVUzET" + 49 "MBEGA1UECBMKQ2FsaWZvcm5pYTEWMBQGA1UEBxMNTW91bnRhaW4gVmlldzEPMA0GA1UEChMGR29v" + 50 "Z2xlMRAwDgYDVQQLEwd0ZXN0aW5nMRYwFAYDVQQDEw1HZXJlbXkgQ29uZHJhMSEwHwYJKoZIhvcN" + 51 "AQkBFhJnY29uZHJhQGdvb2dsZS5jb20wHhcNMTIwNzE0MTc1MjIxWhcNMTIwODEzMTc1MjIxWjCB" + 52 "mDELMAkGA1UEBhMCVVMxEzARBgNVBAgTCkNhbGlmb3JuaWExFjAUBgNVBAcTDU1vdW50YWluIFZp" + 53 "ZXcxDzANBgNVBAoTBkdvb2dsZTEQMA4GA1UECxMHdGVzdGluZzEWMBQGA1UEAxMNR2VyZW15IENv" + 54 "bmRyYTEhMB8GCSqGSIb3DQEJARYSZ2NvbmRyYUBnb29nbGUuY29tMIGfMA0GCSqGSIb3DQEBAQUA" + 55 "A4GNADCBiQKBgQCjGGHATBYlmas+0sEECkno8LZ1KPglb/mfe6VpCT3GhSr+7br7NG/ZwGZnEhLq" + 56 "E7YIH4fxltHmQC3Tz+jM1YN+kMaQgRRjo/LBCJdOKaMwUbkVynAH6OYsKevjrOPk8lfM5SFQzJMG" + 57 "sA9+Tfopr5xg0BwZ1vA/+E3mE7Tr3M2UvwIDAQABo4IBADCB/TAdBgNVHQ4EFgQUhzkS9E6G+x8W" + 58 "L4EsmRjDxu28tHUwgc0GA1UdIwSBxTCBwoAUhzkS9E6G+x8WL4EsmRjDxu28tHWhgZ6kgZswgZgx" + 59 "CzAJBgNVBAYTAlVTMRMwEQYDVQQIEwpDYWxpZm9ybmlhMRYwFAYDVQQHEw1Nb3VudGFpbiBWaWV3" + 60 "MQ8wDQYDVQQKEwZHb29nbGUxEDAOBgNVBAsTB3Rlc3RpbmcxFjAUBgNVBAMTDUdlcmVteSBDb25k" + 61 "cmExITAfBgkqhkiG9w0BCQEWEmdjb25kcmFAZ29vZ2xlLmNvbYIJAPLf2gS0zYGUMAwGA1UdEwQF" + 62 "MAMBAf8wDQYJKoZIhvcNAQEFBQADgYEAYiugFDmbDOQ2U/+mqNt7o8ftlEo9SJrns6O8uTtK6AvR" + 63 "orDrR1AXTXkuxwLSbmVfedMGOZy7Awh7iZa8hw5x9XmUudfNxvmrKVEwGQY2DZ9PXbrnta/dwbhK" + 64 "mWfoepESVbo7CKIhJp8gRW0h1Z55ETXD57aGJRvQS4pxkP8ANhM="; 65 66 public static final String TURKTRUST_1 = "" + 67 "MIIFPTCCBCWgAwIBAgICCCcwDQYJKoZIhvcNAQEFBQAwgawxPTA7BgNVBAMMNFTDnFJLVFJVU1Qg" + 68 "RWxla3Ryb25payBTdW51Y3UgU2VydGlmaWthc8SxIEhpem1ldGxlcmkxCzAJBgNVBAYTAlRSMV4w" + 69 "XAYDVQQKDFVUw5xSS1RSVVNUIEJpbGdpIMSwbGV0acWfaW0gdmUgQmlsacWfaW0gR8O8dmVubGnE" + 70 "n2kgSGl6bWV0bGVyaSBBLsWeLiAoYykgS2FzxLFtICAyMDA1MB4XDTExMDgwODA3MDc1MVoXDTIx" + 71 "MDcwNjA3MDc1MVowbjELMAkGA1UEBhMCVFIxDzANBgNVBAgMBkFOS0FSQTEPMA0GA1UEBwwGQU5L" + 72 "QVJBMQwwCgYDVQQKDANFR08xGDAWBgNVBAsMD0VHTyBCSUxHSSBJU0xFTTEVMBMGA1UEAwwMKi5F" + 73 "R08uR09WLlRSMIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAv5zoj2Bpdl7R1M/zF6Qf" + 74 "4su2F8vDqISKvuTuyJhNAHhFGHCsHjaixGMHspuz0l3V50kq/ECWbN8kKaeTrB112QOrWTU276iu" + 75 "p1Gh+OlEOiR9vlQ4VAP00dWUjD6z9HQFCi8W3EsEtiiHiYOU9BcPpPkaUbECwP4nGVwR8aPwhB5P" + 76 "GBJc98romdvciYkUpSOOwkuSRtooA7tRlLFu72QaNpXN1NueB36I3aajPk0YyiXy2w8XlgK7QI4P" + 77 "SSBnSq+QblFocWVmLhF94je7py6lCnllrIFXpR3FWZLD5GcI6HKlBS78AQ+IMBLFHhsEVw5NQj90" + 78 "chSZClfBWBZzIaV9RwIDAQABo4IBpDCCAaAwHwYDVR0jBBgwFoAUq042AzDS29UKaL6HpVBs/PZw" + 79 "pSUwHQYDVR0OBBYEFGT7G4Y9uEryRIL5Vj3qJsD047M0MA4GA1UdDwEB/wQEAwIBBjBFBgNVHSAE" + 80 "PjA8MDoGCWCGGAMAAwEBATAtMCsGCCsGAQUFBwIBFh9odHRwOi8vd3d3LnR1cmt0cnVzdC5jb20u" + 81 "dHIvc3VlMA8GA1UdEwEB/wQFMAMBAf8wSQYDVR0fBEIwQDA+oDygOoY4aHR0cDovL3d3dy50dXJr" + 82 "dHJ1c3QuY29tLnRyL3NpbC9UVVJLVFJVU1RfU1NMX1NJTF9zMi5jcmwwgaoGCCsGAQUFBwEBBIGd" + 83 "MIGaMG4GCCsGAQUFBzAChmJodHRwOi8vd3d3LnR1cmt0cnVzdC5jb20udHIvc2VydGlmaWthbGFy" + 84 "L1RVUktUUlVTVF9FbGVrdHJvbmlrX1N1bnVjdV9TZXJ0aWZpa2FzaV9IaXptZXRsZXJpX3MyLmNy" + 85 "dDAoBggrBgEFBQcwAYYcaHR0cDovL29jc3AudHVya3RydXN0LmNvbS50cjANBgkqhkiG9w0BAQUF" + 86 "AAOCAQEAj89QCCyoW0S20EcYDZAnvFLFmougK97Bt68iV1OM622+Cyeyf4Sz+1LBk1f9ni3fGT0Q" + 87 "+RWZJYWq5YuSBiLVgk3NLcxnwe3wmnvErUgq1QDtAaNlBWMEMklOlWGfJ0eWaillUskJbDd4KwgZ" + 88 "HDEj7g/jYEQqU1t0zoJdwM/zNsnLHkhwcWZ5PQnnbpff1Ct/1LH/8pdy2eRDmRmqniLUh8r2lZfJ" + 89 "eudVZG6yIbxsqP3t2JCq5c2P1jDhAGF3g9DiskH0CzsRdbVpoWdr+PY1Xz/19G8XEpX9r+IBJhLd" + 90 "bkpVo0Qh0A10mzFP/GUk5f/8nho2HvLaVMhWv1qKcF8IhQ=="; 91 92 public static final String TURKTRUST_2 = "" + 93 "MIID8DCCAtigAwIBAgICCGQwDQYJKoZIhvcNAQEFBQAwgawxPTA7BgNVBAMMNFTDnFJLVFJVU1Qg" + 94 "RWxla3Ryb25payBTdW51Y3UgU2VydGlmaWthc8SxIEhpem1ldGxlcmkxCzAJBgNVBAYTAlRSMV4w" + 95 "XAYDVQQKDFVUw5xSS1RSVVNUIEJpbGdpIMSwbGV0acWfaW0gdmUgQmlsacWfaW0gR8O8dmVubGnE" + 96 "n2kgSGl6bWV0bGVyaSBBLsWeLiAoYykgS2FzxLFtICAyMDA1MB4XDTExMDgwODA3MDc1MVoXDTIx" + 97 "MDgwNTA3MDc1MVowgaMxCzAJBgNVBAYTAlRSMRAwDgYDVQQIEwdMZWZrb3NhMRAwDgYDVQQHEwdM" + 98 "ZWZrb3NhMRwwGgYDVQQKExNLS1RDIE1lcmtleiBCYW5rYXNpMSYwJAYDVQQDEx1lLWlzbGVtLmtr" + 99 "dGNtZXJrZXpiYW5rYXNpLm9yZzEqMCgGCSqGSIb3DQEJARYbaWxldGlAa2t0Y21lcmtlemJhbmth" + 100 "c2kub3JnMIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAw1hUpuRFY67NsZ6C9rzRAPCb" + 101 "9RVpi4nZzJIA1TvIfr4hMPM0X5jseMf5GvgJQ+cBMZtooDd7BbZNy2z7O5A+8PYFaMDdokCENx2e" + 102 "PIqAVuO6C5UAqM7J3n6RrhjOvqiw6dTQMbtXhjFao+YMuBVvRuuhGHBDK3Je64T/KLzcmAUlRJEu" + 103 "y+ZMe7AatUaSDr/jy5DMA5xEYOdsnS5Zo30lRG+9vqbxb8CQi+E97sNjY+W4lEgJKQWMNh5rCxo4" + 104 "Hinkm3CKyKX3PAS+DDVI3LQiCiIQUOMA2+1P5aTPTkpqlbjqhbWTWAPWOKCF9d83p3RMXOYt5Gah" + 105 "S8rg5u6+toEC1QIDAQABoyMwITAOBgNVHQ8BAf8EBAMCAQYwDwYDVR0TAQH/BAUwAwEB/zANBgkq" + 106 "hkiG9w0BAQUFAAOCAQEAwjWz5tsUvYORVW8KJSK/biHFrAnFotMtoTKEewRmnYaYjwXIr1IPaBqh" + 107 "jkGGviLN2eOH/v97Uli6HC4lzhKHfMQUS9KF/f5nGcH8iQBy/gmFsfJQ1KDC6GNM4CfMGIzyxjYh" + 108 "P0VzdUtKX3PAl5EqgMUcdqRDy6Ruz55+JkdvCL1nAC7xH+czJcZVwysTdGfLTCh6VtYPgIkeL6U8" + 109 "3xQAyMuOHm72exJljYFqIsiNvGE0KufCqCuH1PD97IXMrLlwGmKKg5jP349lySBpJjm6RDqCTT+6" + 110 "dUl2jkVbeNmco99Y7AOdtLsOdXBMCo5x8lK8zwQWFrzEms0joHXCpWfGWA=="; 111 112 public CertBlacklistTest() throws IOException { 113 tmpFile = File.createTempFile("test", ""); 114 DEFAULT_PUBKEYS = getDefaultPubkeys(); 115 DEFAULT_SERIALS = getDefaultSerials(); 116 tmpFile.delete(); 117 } 118 119 @Override 120 public void setUp() throws Exception { 121 super.setUp(); 122 tmpFile = File.createTempFile("test", ""); 123 } 124 125 @Override 126 public void tearDown() throws Exception { 127 try { 128 tmpFile.delete(); 129 } finally { 130 super.tearDown(); 131 } 132 } 133 134 private Set<String> getPubkeyBlacklist(String path) throws IOException { 135 // set our blacklist path 136 CertBlacklist bl = new CertBlacklist(path, CertBlacklist.DEFAULT_SERIAL_BLACKLIST_PATH); 137 // call readPubkeyBlacklist 138 Set<byte[]> arr = bl.pubkeyBlacklist; 139 // convert the results to a hashset of strings 140 Set<String> results = new HashSet<String>(); 141 for (byte[] value: arr) { 142 results.add(new String(value)); 143 } 144 return results; 145 } 146 147 private Set<String> getSerialBlacklist(String path) throws IOException { 148 // set our blacklist path 149 CertBlacklist bl = new CertBlacklist(CertBlacklist.DEFAULT_PUBKEY_BLACKLIST_PATH, path); 150 // call readPubkeyBlacklist 151 Set<BigInteger> arr = bl.serialBlacklist; 152 // convert the results to a hashset of strings 153 Set<String> results = new HashSet<String>(); 154 for (BigInteger value: arr) { 155 results.add(value.toString(16)); 156 } 157 return results; 158 } 159 160 private static String getHash(PublicKey publicKey) throws Exception { 161 byte[] encoded = publicKey.getEncoded(); 162 MessageDigest digest = MessageDigest.getInstance("SHA1"); 163 byte[] hexlifiedHash = Hex.encode(digest.digest(encoded)); 164 return new String(hexlifiedHash); 165 } 166 167 private Set<String> getDefaultPubkeys() throws IOException { 168 return getPubkeyBlacklist(""); 169 } 170 171 private Set<String> getDefaultSerials() throws IOException { 172 return getSerialBlacklist(""); 173 } 174 175 private Set<String> getCurrentPubkeyBlacklist() throws IOException { 176 return getPubkeyBlacklist(tmpFile.getCanonicalPath()); 177 } 178 179 private Set<String> getCurrentSerialBlacklist() throws IOException { 180 return getSerialBlacklist(tmpFile.getCanonicalPath()); 181 } 182 183 private void blacklistToFile(String blacklist) throws IOException { 184 FileOutputStream out = new FileOutputStream(tmpFile); 185 out.write(blacklist.toString().getBytes()); 186 out.close(); 187 } 188 189 private void writeBlacklist(HashSet<String> values) throws IOException { 190 StringBuilder result = new StringBuilder(); 191 // join the values into a string 192 for (String value : values) { 193 if (result.length() != 0) { 194 result.append(","); 195 } 196 result.append(value); 197 } 198 blacklistToFile(result.toString()); 199 } 200 201 private static PublicKey createPublicKey(String cert) throws Exception { 202 byte[] derCert = Base64.decode(cert.getBytes()); 203 InputStream istream = new ByteArrayInputStream(derCert); 204 CertificateFactory cf = CertificateFactory.getInstance("X.509"); 205 return cf.generateCertificate(istream).getPublicKey(); 206 } 207 208 private static BigInteger createSerialNumber(String cert) throws Exception { 209 byte[] derCert = Base64.decode(cert.getBytes()); 210 InputStream istream = new ByteArrayInputStream(derCert); 211 CertificateFactory cf = CertificateFactory.getInstance("X.509"); 212 X509Certificate xCert = (X509Certificate)cf.generateCertificate(istream); 213 return xCert.getSerialNumber(); 214 } 215 216 public void testPubkeyBlacklistLegit() throws Exception { 217 // build the blacklist 218 HashSet<String> bl = new HashSet<String>(); 219 bl.add("6ccabd7db47e94a5759901b6a7dfd45d1c091ccc"); 220 // write the blacklist 221 writeBlacklist(bl); 222 // add the default pubkeys into the bl 223 bl.addAll(DEFAULT_PUBKEYS); 224 // do the test 225 assertEquals(bl, getCurrentPubkeyBlacklist()); 226 } 227 228 public void testLegitPubkeyIsntBlacklisted() throws Exception { 229 // build the public key 230 PublicKey pk = createPublicKey(TEST_CERT); 231 // write that to the test blacklist 232 writeBlacklist(new HashSet<String>()); 233 // set our blacklist path 234 CertBlacklist bl = new CertBlacklist(tmpFile.getCanonicalPath(), 235 CertBlacklist.DEFAULT_SERIAL_BLACKLIST_PATH); 236 // check to make sure it isn't blacklisted 237 assertEquals(bl.isPublicKeyBlackListed(pk), false); 238 } 239 240 public void testPubkeyIsBlacklisted() throws Exception { 241 // build the public key 242 PublicKey pk = createPublicKey(TEST_CERT); 243 // get its hash 244 String hash = getHash(pk); 245 // write that to the test blacklist 246 HashSet<String> testBlackList = new HashSet<String>(); 247 testBlackList.add(hash); 248 writeBlacklist(testBlackList); 249 // set our blacklist path 250 CertBlacklist bl = new CertBlacklist(tmpFile.getCanonicalPath(), 251 CertBlacklist.DEFAULT_SERIAL_BLACKLIST_PATH); 252 // check to make sure it isn't blacklited 253 assertTrue(bl.isPublicKeyBlackListed(pk)); 254 } 255 256 public void testSerialBlacklistLegit() throws IOException { 257 // build the blacklist 258 HashSet<String> bl = new HashSet<String>(); 259 bl.add("22e514121e61c643b1e9b06bd4b9f7d0"); 260 // write the blacklist 261 writeBlacklist(bl); 262 // add the default serials into the bl 263 bl.addAll(DEFAULT_SERIALS); 264 // do the test 265 assertEquals(bl, getCurrentSerialBlacklist()); 266 } 267 268 public void testPubkeyBlacklistMultipleLegit() throws IOException { 269 // build the blacklist 270 HashSet<String> bl = new HashSet<String>(); 271 bl.add("6ccabd7db47e94a5759901b6a7dfd45d1c091ccc"); 272 bl.add("6ccabd7db47e94a5759901b6a7dfd45d1c091ccd"); 273 // write the blacklist 274 writeBlacklist(bl); 275 // add the default pubkeys into the bl 276 bl.addAll(DEFAULT_PUBKEYS); 277 // do the test 278 assertEquals(bl, getCurrentPubkeyBlacklist()); 279 } 280 281 public void testSerialBlacklistMultipleLegit() throws IOException { 282 // build the blacklist 283 HashSet<String> bl = new HashSet<String>(); 284 bl.add("22e514121e61c643b1e9b06bd4b9f7d0"); 285 bl.add("22e514121e61c643b1e9b06bd4b9f7d1"); 286 // write the blacklist 287 writeBlacklist(bl); 288 // add the default serials into the bl 289 bl.addAll(DEFAULT_SERIALS); 290 // do the test 291 assertEquals(bl, getCurrentSerialBlacklist()); 292 } 293 294 public void testPubkeyBlacklistMultipleBad() throws IOException { 295 // build the blacklist 296 HashSet<String> bl = new HashSet<String>(); 297 bl.add("6ccabd7db47e94a5759901b6a7dfd45d1c091ccc"); 298 bl.add(""); 299 bl.add("6ccabd7db47e94a5759901b6a7dfd45d1c091ccd"); 300 // write the blacklist 301 writeBlacklist(bl); 302 // add the default pubkeys into the bl 303 bl.addAll(DEFAULT_PUBKEYS); 304 // remove the bad one 305 bl.remove(""); 306 // do the test- results should be all but the bad one are handled 307 assertEquals(bl, getCurrentPubkeyBlacklist()); 308 } 309 310 public void testSerialBlacklistMultipleBad() throws IOException { 311 // build the blacklist 312 HashSet<String> bl = new HashSet<String>(); 313 bl.add("22e514121e61c643b1e9b06bd4b9f7d0"); 314 bl.add(""); 315 bl.add("22e514121e61c643b1e9b06bd4b9f7d1"); 316 // write the blacklist 317 writeBlacklist(bl); 318 // add the default serials into the bl 319 bl.addAll(DEFAULT_SERIALS); 320 // remove the bad one 321 bl.remove(""); 322 // do the test- results should be all but the bad one are handled 323 assertEquals(bl, getCurrentSerialBlacklist()); 324 } 325 326 public void testPubkeyBlacklistDoesntExist() throws IOException { 327 assertEquals(DEFAULT_PUBKEYS, getCurrentPubkeyBlacklist()); 328 } 329 330 public void testSerialBlacklistDoesntExist() throws IOException { 331 assertEquals(DEFAULT_SERIALS, getCurrentSerialBlacklist()); 332 } 333 334 public void testPubkeyBlacklistNotHexValues() throws IOException { 335 // build the blacklist 336 HashSet<String> bl = new HashSet<String>(); 337 bl.add("ZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZ"); 338 // write the blacklist 339 writeBlacklist(bl); 340 // do the test 341 assertEquals(DEFAULT_PUBKEYS, getCurrentPubkeyBlacklist()); 342 } 343 344 public void testSerialBlacklistNotHexValues() throws IOException { 345 // build the blacklist 346 HashSet<String> bl = new HashSet<String>(); 347 bl.add("ZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZ"); 348 // write the blacklist 349 writeBlacklist(bl); 350 // do the test 351 assertEquals(DEFAULT_SERIALS, getCurrentSerialBlacklist()); 352 } 353 354 public void testPubkeyBlacklistIncorrectLength() throws IOException { 355 // build the blacklist 356 HashSet<String> bl = new HashSet<String>(); 357 bl.add("6ccabd7db47e94a5759901b6a7dfd45d1c091cc"); 358 // write the blacklist 359 writeBlacklist(bl); 360 // do the test 361 assertEquals(DEFAULT_PUBKEYS, getCurrentPubkeyBlacklist()); 362 } 363 364 public void testSerialBlacklistZero() throws IOException { 365 // build the blacklist 366 HashSet<String> bl = new HashSet<String>(); 367 bl.add("0"); 368 // write the blacklist 369 writeBlacklist(bl); 370 // add the default serials 371 bl.addAll(DEFAULT_SERIALS); 372 // do the test 373 assertEquals(bl, getCurrentSerialBlacklist()); 374 } 375 376 public void testSerialBlacklistNegative() throws IOException { 377 // build the blacklist 378 HashSet<String> bl = new HashSet<String>(); 379 bl.add("-1"); 380 // write the blacklist 381 writeBlacklist(bl); 382 // add the default serials 383 bl.addAll(DEFAULT_SERIALS); 384 // do the test 385 assertEquals(bl, getCurrentSerialBlacklist()); 386 } 387 388 public void testTurkTrustIntermediate1SerialBlacklist() throws Exception { 389 CertBlacklist bl = new CertBlacklist(); 390 assertEquals(bl.isSerialNumberBlackListed(createSerialNumber(TURKTRUST_1)), true); 391 } 392 393 public void testTurkTrustIntermediate1PubkeyBlacklist() throws Exception { 394 // build the public key 395 PublicKey pk = createPublicKey(TURKTRUST_1); 396 // write that to the test blacklist 397 writeBlacklist(new HashSet<String>()); 398 // set our blacklist path 399 CertBlacklist bl = new CertBlacklist(); 400 // check to make sure it isn't blacklisted 401 assertEquals(bl.isPublicKeyBlackListed(pk), true); 402 } 403 404 public void testTurkTrustIntermediate2SerialBlacklist() throws Exception { 405 CertBlacklist bl = new CertBlacklist(); 406 assertEquals(bl.isSerialNumberBlackListed(createSerialNumber(TURKTRUST_2)), true); 407 } 408 409 public void testTurkTrustIntermediate2PubkeyBlacklist() throws Exception { 410 // build the public key 411 PublicKey pk = createPublicKey(TURKTRUST_2); 412 // set our blacklist path 413 CertBlacklist bl = new CertBlacklist(); 414 // check to make sure it isn't blacklisted 415 assertEquals(bl.isPublicKeyBlackListed(pk), true); 416 } 417 418 private static void printHash(String cert) throws Exception { 419 System.out.println("CERTIFICATE PUBLIC KEY HASH: " + getHash(createPublicKey(cert))); 420 } 421 422 private static void printSerial(String cert) throws Exception { 423 System.out.println("CERTIFICATE SERIAL NUMBER: " + createSerialNumber(cert).toString(16)); 424 } 425 } 426