diff --git a/src/test/java/com/siemens/pki/cmpracomponent/test/framework/CmpCaMock.java b/src/test/java/com/siemens/pki/cmpracomponent/test/framework/CmpCaMock.java index 191b9384..20779135 100644 --- a/src/test/java/com/siemens/pki/cmpracomponent/test/framework/CmpCaMock.java +++ b/src/test/java/com/siemens/pki/cmpracomponent/test/framework/CmpCaMock.java @@ -53,6 +53,7 @@ import org.bouncycastle.asn1.x500.X500Name; import org.bouncycastle.asn1.x509.BasicConstraints; import org.bouncycastle.asn1.x509.Extension; +import org.bouncycastle.asn1.x509.Extensions; import org.bouncycastle.asn1.x509.SubjectPublicKeyInfo; import org.bouncycastle.cert.CertIOException; import org.bouncycastle.cert.X509v3CertificateBuilder; @@ -93,7 +94,10 @@ public CmpCaMock(final String enrollmentCredentials, final String protectionCred } private CMPCertificate createCertificate( - final X500Name subject, final SubjectPublicKeyInfo publicKey, final X509Certificate issuingCert) + final X500Name subject, + final SubjectPublicKeyInfo publicKey, + final X509Certificate issuingCert, + Extensions extensionsFromTemplate) throws PEMException, NoSuchAlgorithmException, CertIOException, CertificateException, OperatorCreationException { final long now = System.currentTimeMillis(); @@ -107,6 +111,16 @@ private CMPCertificate createCertificate( pubKey); final JcaX509ExtensionUtils extUtils = new JcaX509ExtensionUtils(); + if (extensionsFromTemplate != null) { + Arrays.stream(extensionsFromTemplate.getExtensionOIDs()).forEach(oid -> { + try { + v3CertBldr.addExtension(extensionsFromTemplate.getExtension(oid)); + } catch (final CertIOException e) { + // TODO Auto-generated catch block + e.printStackTrace(); + } + }); + } v3CertBldr.addExtension(Extension.subjectKeyIdentifier, false, extUtils.createSubjectKeyIdentifier(pubKey)); v3CertBldr.addExtension( Extension.authorityKeyIdentifier, false, extUtils.createAuthorityKeyIdentifier(issuingCert)); @@ -155,7 +169,8 @@ private PKIMessage handleCrmfCerticateRequest(final PKIMessage receivedMessage) .getCertTemplate(); final SubjectPublicKeyInfo publicKey = requestTemplate.getPublicKey(); final X500Name subject = requestTemplate.getSubject(); - final CMPCertificate cmpCertificateFromCertificate = createCertificate(subject, publicKey, issuingCert); + final CMPCertificate cmpCertificateFromCertificate = + createCertificate(subject, publicKey, issuingCert, requestTemplate.getExtensions()); // drop root certificate from copy issuingChain.remove(issuingChain.size() - 1); @@ -177,7 +192,10 @@ CMPCertificate handleP10CerticateRequest(final PKCS10CertificationRequest certif final List issuingChain = enrollmentCredentials.getCertificateChain(); final X509Certificate issuingCert = issuingChain.get(0); return createCertificate( - certificationRequest.getSubject(), certificationRequest.getSubjectPublicKeyInfo(), issuingCert); + certificationRequest.getSubject(), + certificationRequest.getSubjectPublicKeyInfo(), + issuingCert, + certificationRequest.getRequestedExtensions()); } private PKIMessage handleP10CerticateRequest(final PKIMessage receivedMessage) throws Exception { @@ -188,7 +206,10 @@ private PKIMessage handleP10CerticateRequest(final PKIMessage receivedMessage) t final CertificationRequestInfo certificationRequestInfo = ((CertificationRequest) receivedMessage.getBody().getContent()).getCertificationRequestInfo(); final CMPCertificate cmpCertificateFromCertificate = createCertificate( - certificationRequestInfo.getSubject(), certificationRequestInfo.getSubjectPublicKeyInfo(), issuingCert); + certificationRequestInfo.getSubject(), + certificationRequestInfo.getSubjectPublicKeyInfo(), + issuingCert, + null); // drop root certificate from copy issuingChain.remove(issuingChain.size() - 1);