Merge pull request #6016 from yatendragoel/master

BAEL-2307: Added Code to add SAN needed by Chrome to the X509 Certifi…
This commit is contained in:
Loredana Crusoveanu 2018-12-29 12:16:19 +02:00 committed by GitHub
commit bb435c3cbf
No known key found for this signature in database
GPG Key ID: 4AEE18F83AFDEB23
1 changed files with 27 additions and 0 deletions

View File

@ -4,15 +4,24 @@ import org.junit.After;
import org.junit.Assert;
import org.junit.Before;
import org.junit.Test;
import sun.security.x509.AlgorithmId;
import sun.security.x509.CertificateAlgorithmId;
import sun.security.x509.CertificateSerialNumber;
import sun.security.x509.CertificateValidity;
import sun.security.x509.CertificateVersion;
import sun.security.x509.CertificateX509Key;
import sun.security.x509.SubjectAlternativeNameExtension;
import sun.security.x509.X500Name;
import sun.security.x509.X509CertImpl;
import sun.security.x509.X509CertInfo;
import sun.security.x509.CertificateExtensions;
import sun.security.x509.GeneralNames;
import sun.security.x509.GeneralName;
import sun.security.x509.GeneralNameInterface;
import sun.security.x509.DNSName;
import sun.security.x509.IPAddressName;
import sun.security.util.DerOutputStream;
import javax.crypto.KeyGenerator;
import javax.crypto.SecretKey;
@ -189,6 +198,23 @@ public class JavaKeyStoreUnitTest {
CertificateValidity validity = new CertificateValidity(validFrom, validTo);
certInfo.set(X509CertInfo.VALIDITY, validity);
GeneralNameInterface dnsName = new DNSName("baeldung.com");
DerOutputStream dnsNameOutputStream = new DerOutputStream();
dnsName.encode(dnsNameOutputStream);
GeneralNameInterface ipAddress = new IPAddressName("127.0.0.1");
DerOutputStream ipAddressOutputStream = new DerOutputStream();
ipAddress.encode(ipAddressOutputStream);
GeneralNames generalNames = new GeneralNames();
generalNames.add(new GeneralName(dnsName));
generalNames.add(new GeneralName(ipAddress));
CertificateExtensions ext = new CertificateExtensions();
ext.set(SubjectAlternativeNameExtension.NAME, new SubjectAlternativeNameExtension(generalNames));
certInfo.set(X509CertInfo.EXTENSIONS, ext);
// Create certificate and sign it
X509CertImpl cert = new X509CertImpl(certInfo);
cert.sign(keyPair.getPrivate(), SHA1WITHRSA);
@ -202,4 +228,5 @@ public class JavaKeyStoreUnitTest {
return newCert;
}
}