org.bouncycastle.jce.provider.test
Class PKIXTest
java.lang.Object
org.bouncycastle.jce.provider.test.PKIXTest
- All Implemented Interfaces:
- Test
public class PKIXTest
- extends java.lang.Object
- implements Test
Field Summary |
(package private) static byte[] |
crlBin
This section contains an annotated hex dump of a version 2 CRL with
one extension (cRLNumber). |
(package private) static byte[] |
rootCertBin
C.1 Certificate
This section contains an annotated hex dump of a 699 byte version 3
certificate. |
(package private) static byte[] |
userCert1Bin
C.2 Certificate
This section contains an annotated hex dump of a 730 byte version 3
certificate. |
(package private) static byte[] |
userCert2Bin
C.3 End Entity Certificate Using RSA
This section contains an annotated hex dump of a 654 byte version 3
certificate. |
Methods inherited from class java.lang.Object |
clone, equals, finalize, getClass, hashCode, notify, notifyAll, toString, wait, wait, wait |
rootCertBin
static byte[] rootCertBin
- C.1 Certificate
This section contains an annotated hex dump of a 699 byte version 3
certificate. The certificate contains the following information:
(a) the serial number is 23 (17 hex);
(b) the certificate is signed with DSA and the SHA-1 hash algorithm;
(c) the issuer's distinguished name is OU=NIST; O=gov; C=US
(d) and the subject's distinguished name is OU=NIST; O=gov; C=US
(e) the certificate was issued on June 30, 1997 and will expire on
December 31, 1997;
(f) the certificate contains a 1024 bit DSA public key with
parameters;
(g) the certificate contains a subject key identifier extension
generated using method (1) of section 4.2.1.2; and
(h) the certificate is a CA certificate (as indicated through the
basic constraints extension.)
userCert1Bin
static byte[] userCert1Bin
- C.2 Certificate
This section contains an annotated hex dump of a 730 byte version 3
certificate. The certificate contains the following information:
(a the serial number is 18 (12 hex);
(b) the certificate is signed with DSA and the SHA-1 hash algorithm;
(c) the issuer's distinguished name is OU=nist; O=gov; C=US
(d) and the subject's distinguished name is CN=Tim Polk; OU=nist;
O=gov; C=US
(e) the certificate was valid from July 30, 1997 through December 1,
1997;
(f) the certificate contains a 1024 bit DSA public key;
(g) the certificate is an end entity certificate, as the basic
constraints extension is not present;
(h) the certificate contains an authority key identifier extension
matching the subject key identifier of the certificate in Appendix
C.1; and
(i) the certificate includes one alternative name - an RFC 822
address of "wpolk@nist.gov".
userCert2Bin
static byte[] userCert2Bin
- C.3 End Entity Certificate Using RSA
This section contains an annotated hex dump of a 654 byte version 3
certificate. The certificate contains the following information:
(a) the serial number is 256;
(b) the certificate is signed with RSA and the SHA-1 hash algorithm;
(c) the issuer's distinguished name is OU=NIST; O=gov; C=US
(d) and the subject's distinguished name is CN=Tim Polk; OU=NIST;
O=gov; C=US
(e) the certificate was issued on May 21, 1996 at 09:58:26 and
expired on May 21, 1997 at 09:58:26;
(f) the certificate contains a 1024 bit RSA public key;
(g) the certificate is an end entity certificate (not a CA
certificate);
(h) the certificate includes an alternative subject name of
"" and an
alternative issuer name of "" - both are URLs;
(i) the certificate include an authority key identifier extension
and a certificate policies extension psecifying the policy OID
2.16.840.1.101.3.2.1.48.9; and
(j) the certificate includes a critical key usage extension
specifying that the public key is intended for verification of
digital signatures.
crlBin
static byte[] crlBin
- This section contains an annotated hex dump of a version 2 CRL with
one extension (cRLNumber). The CRL was issued by OU=NIST; O=gov; C=US
on August 7, 1997; the next scheduled issuance was September 7, 1997.
The CRL includes one revoked certificates: serial number 18 (12 hex),
which was revoked on July 31, 1997 due to keyCompromise. The CRL
itself is number 18, and it was signed with DSA and SHA-1.
PKIXTest
public PKIXTest()
perform
public TestResult perform()
- Specified by:
perform
in interface Test
getName
public java.lang.String getName()
- Specified by:
getName
in interface Test
main
public static void main(java.lang.String[] args)