1 /* 2 * Copyright (C) 2018 The Android Open Source Project 3 * 4 * Licensed under the Apache License, Version 2.0 (the "License"); 5 * you may not use this file except in compliance with the License. 6 * You may obtain a copy of the License at 7 * 8 * http://www.apache.org/licenses/LICENSE-2.0 9 * 10 * Unless required by applicable law or agreed to in writing, software 11 * distributed under the License is distributed on an "AS IS" BASIS, 12 * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. 13 * See the License for the specific language governing permissions and 14 * limitations under the License. 15 */ 16 17 package com.android.server.locksettings.recoverablekeystore; 18 19 import static com.google.common.truth.Truth.assertThat; 20 21 import com.android.server.locksettings.recoverablekeystore.certificate.CertUtils; 22 23 import java.io.ByteArrayInputStream; 24 import java.math.BigInteger; 25 import java.nio.charset.StandardCharsets; 26 import java.security.KeyFactory; 27 import java.security.PrivateKey; 28 import java.security.PublicKey; 29 import java.security.cert.CertificateFactory; 30 import java.security.cert.CertPath; 31 import java.security.spec.ECPrivateKeySpec; 32 import java.security.spec.PKCS8EncodedKeySpec; 33 import java.util.Base64; 34 35 import javax.crypto.KeyGenerator; 36 import javax.crypto.SecretKey; 37 38 public final class TestData { 39 40 private static final String KEY_ALGORITHM = "AES"; 41 private static final long DEFAULT_SERIAL = 10001; 42 private static final String CERT_PATH_ENCODING = "PkiPath"; 43 44 private static final String CERT_PATH_1_BASE64 = "" 45 + "MIIIXTCCBRowggMCoAMCAQICEB35ZwzVpI9ssXg9SAehnU0wDQYJKoZIhvcNAQEL" 46 + "BQAwMTEvMC0GA1UEAxMmR29vZ2xlIENsb3VkIEtleSBWYXVsdCBTZXJ2aWNlIFJv" 47 + "b3QgQ0EwHhcNMTgwNTA3MTg1ODEwWhcNMjgwNTA4MTg1ODEwWjA5MTcwNQYDVQQD" 48 + "Ey5Hb29nbGUgQ2xvdWQgS2V5IFZhdWx0IFNlcnZpY2UgSW50ZXJtZWRpYXRlIENB" 49 + "MIICIjANBgkqhkiG9w0BAQEFAAOCAg8AMIICCgKCAgEA73TrvH3j6zEimpcc32tx" 50 + "2iupWwfyzdE5l4Ejc5EBYzx0aZH6b/KDuutwustk0IoyjlGySMBz/21YgWejIm+n" 51 + "duAlpk7WY5kYHp0XWtzdmxZknmWTqugPeNZeiKEjoDmpyIbY6N+f13hQ2RVh+WDT" 52 + "EowQ/i04WBL75chshlIG+3A42g5Qr7DZEKdT9oJQqkntzj0cGyJ5X8BwjeTiJrvY" 53 + "k2Kn/0555/Kpp65G3Rf29VPPU3i67kthAT3SavLBpH03S4WZ+QlfrAiGQziydtz9" 54 + "t7mSk1xefjax5ZWAuJAfCbKfI3VWAcaUr4P57BzmDcSi0jgs1aM3t2BrPfAMRxWv" 55 + "35yDZnrC+HipzkjyDGBfHmFgoglyhc9e/Kj3mSusO0Rq1wguVXKs2hKXRoaGJuHt" 56 + "e3YIwTC1pLznqvolhD1nPoXf8rMzgHRzlc9H8iXsgB1p7975nh5WCPrMDX2eAmYd" 57 + "a0xTMccTeBzIM2ohxQsxlh5rsjXVNU3ihbWkHquzIiwFcAtldP3dMksj0dn/DnYD" 58 + "yokjEgU/z2I216E93x9hmKkEk6Pp7o8t/z6lwMT9FJIuzp7NREnWCSi+e5s2E7FD" 59 + "j6S7xY2zEIUHrmwuuJc0jzJnwdZ+0myinaTmBDvBXR5cU1cmEAZoheCAoRv9Z/6o" 60 + "ASczLF0C4uuVfA5GXcAm14cCAwEAAaMmMCQwDgYDVR0PAQH/BAQDAgGGMBIGA1Ud" 61 + "EwEB/wQIMAYBAf8CAQEwDQYJKoZIhvcNAQELBQADggIBAEPht79yQm8woQbPB1Bs" 62 + "eotkzJtTWTO9fnIWwNiRfQ3vJFXf69ghE77wUS13Ez3FlgNPj0Qxmg5ouE0d2yYV" 63 + "4AUrXnEGZELcyN2XHRXyNK0zXgnr3x6eZyY7QfgGKJgkyja5TS6ZPWGyaLKhClS0" 64 + "AYZSzWJtz0+AkGCdTbmyy7ShdXJ+GfnmssbndZA62VhcjeQmHsDq7V3PKAsp4/B9" 65 + "PzcnTrgkUFNnP1F1pr7JpUUX3xyRFy6gjIrUx1fcOFRxFYPWGLLMZ6P41rafm+M/" 66 + "CbBNr5CY7NrZjr34jLqWycfYes49o9OK44X/wPrxj0Sjg+VrW21+AJ9vrM7DS5hE" 67 + "QX1lDbDtQGkk3N1vgCTo6xt9LXsEu4xUT5bk7YAfpJqM0ltDFPwYAGCbjSkVT/M5" 68 + "JVZkKiUW668Us67x8yZc/5bxbvTA+5xrYhak/VYIBY6qub4J+bKwadw6uBgxnq4P" 69 + "hwgwjfaoJy9YAXCswjCtaE9GwkVmRnJE9vFjJ33IGf37hFTYEHBFy4FomVmQwRFZ" 70 + "TIe7tkKDq9i18F7lzBPJPO6wEG8bxi4csatrjcVHR9erpY5u6ebtkKG8qsan9qzh" 71 + "iWAgSytiT++HejZeoQ+RRgQWjupjdDo5/0oSdQqvaN8Ah6C2J+ecCZ12Lu0FwF+t" 72 + "t9Ie3pF6W8TzxzuMdFWq+afvMIIDOzCCASOgAwIBAgIRAOTj/iNQb6/Qit7zAW9n" 73 + "cL0wDQYJKoZIhvcNAQELBQAwOTE3MDUGA1UEAxMuR29vZ2xlIENsb3VkIEtleSBW" 74 + "YXVsdCBTZXJ2aWNlIEludGVybWVkaWF0ZSBDQTAeFw0xODA1MDcyMjE4MTFaFw0y" 75 + "MzA1MDgyMjE4MTFaMDIxMDAuBgNVBAMTJ0dvb2dsZSBDbG91ZCBLZXkgVmF1bHQg" 76 + "U2VydmljZSBFbmRwb2ludDBZMBMGByqGSM49AgEGCCqGSM49AwEHA0IABI4MEUp5" 77 + "IHwATNfpBuJYIUX6JMsHZt798YO0JlWYy6nVVa1lxf9c+xxONJh+T5aio370RlIE" 78 + "uiq5R7vCHt0VGsCjEDAOMAwGA1UdEwEB/wQCMAAwDQYJKoZIhvcNAQELBQADggIB" 79 + "AGf6QU58lU+gGzy8hnp0suR/ixC++CExtf39pDHkdfU/e3ui4ROR+pjQ5F7okDFW" 80 + "eKSCNcJZ7tyXMJ9g7/I0qVY8Bj/gRnlVokdl/wD5PiL9GIzqWfnHNe3T+xrAAAgO" 81 + "D0bEmjgwNYmekfUIYQczd04d7ZMGnmAkpVH/0O2mf9q5x9fMlbKuAygUqQ/gmnlg" 82 + "xKfl9DSRWi4oMBOqlKlCRP1XAh3anu92+M/EhsFbyc07CWZY0SByX5M/cHVMLhUX" 83 + "jZHvcYLyOmJWJmXznidgyNeIR6t9yDB55iCt7WSn3qMY+9vA9ELzt8jYpBNaKc0G" 84 + "bWQkRzYWegkf4kMis98eQ3SnAKbRz6669nmuAdxKs9/LK6BlFOFw1xvsTRQ96dBa" 85 + "oiX2XGhou+Im0Td/AMs0Aigz2N+Ujq/yW//35GZQfdGGIYtFbkcltStygjIJyAM1" 86 + "pBhyBBkJhOhRpO4fXh98aq8H5J7R9i5A9WpnDstAxPxcNCDWn0O/WxhPvVZkFTpi" 87 + "NXh9dnlJ/kZe+j+z5ZMaxW435drLPx2AQKjXA9GgGrFPltTUyGycmEGtuxLvSnm/" 88 + "zPlmk5FUk7x2wEr0+bZ3cx0JHHgAtgXpe0jkDi8Bw8O3X7mUOjxVhYU6auiYJezW" 89 + "9LGmweaKwYvS04UCWOReolUVexob9LI/VX1JrrwD3s7k"; 90 private static final String CERT_PATH_2_BASE64 = "" 91 + "MIIFMzCCBS8wggMXoAMCAQICAhAAMA0GCSqGSIb3DQEBCwUAMCAxHjAcBgNVBAMM" 92 + "FUdvb2dsZSBDcnlwdEF1dGhWYXVsdDAeFw0xODAyMDMwMDQyMDNaFw0yODAyMDEw" 93 + "MDQyMDNaMC0xKzApBgNVBAMMIkdvb2dsZSBDcnlwdEF1dGhWYXVsdCBJbnRlcm1l" 94 + "ZGlhdGUwggIiMA0GCSqGSIb3DQEBAQUAA4ICDwAwggIKAoICAQDckHib0X6rQyDq" 95 + "k4519b5du0OrCPk30XXKwz+Hz5y4cGZaWKGcHOHWS2X9YApRzO00/EbvFkWVUTVG" 96 + "27wJ54V+C3HHSOAUWHhEgfFWvvHwfn9HTDx1BEk79aQqJ7DuJ06Sn/WOiMtKVAT5" 97 + "6Mi8mekBxpMOrdZqwlcLrUVsZxEHsw5/ceZu4cSWzc7SzlnbNK1cCgyRDGqWf6Gp" 98 + "3hGE86kUOtM1i95RgUIpw+w/z0wxpF6kIyQTjK+KjiYH/RBOJIEcm6sSWZlMotKL" 99 + "Sn2lhf+XL8yUxExIHTosfeb077QWW4w2BB2NZM4wPAO3w4aw33FNigDQc2SQYmnU" 100 + "EYmIcD8kx77+JWCgCxBJc2zTHXtBxWuXAQ+iegt8RO+QD97pd6XKM9xPsAOkcWLp" 101 + "79o+AJol4P5fwvgYM69mM4lwH12v86RI4aptPQOag0KDIHXyKbjaQyAgv30l4KkD" 102 + "pf2uWODhOOTwNbVPYUm3sYUlhBcbyhTk8YqN9sPU4QAao5sKTAYZgB/mlheQypTU" 103 + "wyvqz6bRzGehVB3ltP9gCyKdI04VXEUuUBWk3STyV2REQen5/LKAns6v11Cz22Zr" 104 + "EdCvNLgetnyV7CJsOa/wD/GiUWL2Ta7pzshi9ahJqrrcNPRbAzOLcNKZkFexhzPp" 105 + "onuo/pNrcaRda1frepXxVkmbsgOULwIDAQABo2YwZDAdBgNVHQ4EFgQUd6md2hCP" 106 + "lmf3VkEX5FfDxKBLbaAwHwYDVR0jBBgwFoAUm2X66jmB+eBCaZHSjGYzHM/x6fgw" 107 + "EgYDVR0TAQH/BAgwBgEB/wIBATAOBgNVHQ8BAf8EBAMCAYYwDQYJKoZIhvcNAQEL" 108 + "BQADggIBAFgShhuW+WVTowN080PLf0TWPlHACHHUPghf7rFGxgUjJypCloE84Beg" 109 + "3ROpP5l19CDqZ9OyPzA1z6VAzeGXyFhZvby7G2tZDBRP/v0u8pnSAdC5F8l8Vh2Y" 110 + "GdgE3sZD25vpdBi7P0Ef6LYQetOJXn86PqgmgW1F6lzxDjKCsi9kpeU0AWwDdOVg" 111 + "748wku50o8UEzsVwxzFd9toGlge/nn3FH5J7EuGzAlFwToHqpwTVEegaAd0l9mr5" 112 + "+rS7Urd3X80BHDqCBcXE7Uqbtzw5Y+lmowMCnW0kFN02dC9dLt2c9IxC+9sPIA5e" 113 + "TkrZBkrkTVRGLj2r29j7nC9m5VaKcBqcLZDWy8pRna8yaZprgNdE8d/WTY9nVsic" 114 + "09N8zNF5Q0bhhWa3QonlB9XW5ZqDguiclvn+5TtREzSAtSOyxM+gfG3l0wjOywIk" 115 + "1aFa52RaqAWPL67KOM6G3vKNpMnW5hrmHrijuKxiarGIoZfkZMR5ijK0uFgv3/p6" 116 + "NHL/YQBaHJJhkKet5ThiPxwW9+1k/ZcXVeY26Xh+22Gp/8to7ZW8guPPiN1hfpD+" 117 + "7f1IdSmHDrsZQQ7bfzV0bppsyNNB7e2Ecyw+GQny27nytBLJDGdRBurbwQvzppQO" 118 + "6Qmlk0rfCszh7bGCoCQNxXmuDsQ5BC+pQUqJplTqds1smyi29xs3"; 119 120 private static final String THM_CERT_XML_BEFORE_SERIAL = "" 121 + "<certificate>\n" 122 + " <metadata>\n" 123 + " <serial>"; 124 private static final String THM_CERT_XML_AFTER_SERIAL = "" 125 + "</serial>\n" 126 + " <creation-time>1525817891</creation-time>\n" 127 + " <refresh-interval>2592000</refresh-interval>\n" 128 + " <previous>\n" 129 + " <serial>10000</serial>\n" 130 + " <hash>ahyI+59KW2tVxi0inRdUSo1Y8kmx5xK1isDvYfzxWbo=</hash>\n" 131 + " </previous>\n" 132 + " </metadata>\n" 133 + " <intermediates>\n" 134 + " <cert>MIIFGjCCAwKgAwIBAgIQHflnDNWkj2yxeD1IB6GdTTANBgkqhkiG9w0BAQsFADAxMS8wLQYDVQQDEyZHb29nbGUgQ2xvdWQgS2V5IFZhdWx0IFNlcnZpY2UgUm9vdCBDQTAeFw0xODA1MDcxODU4MTBaFw0yODA1MDgxODU4MTBaMDkxNzA1BgNVBAMTLkdvb2dsZSBDbG91ZCBLZXkgVmF1bHQgU2VydmljZSBJbnRlcm1lZGlhdGUgQ0EwggIiMA0GCSqGSIb3DQEBAQUAA4ICDwAwggIKAoICAQDvdOu8fePrMSKalxzfa3HaK6lbB/LN0TmXgSNzkQFjPHRpkfpv8oO663C6y2TQijKOUbJIwHP/bViBZ6Mib6d24CWmTtZjmRgenRda3N2bFmSeZZOq6A941l6IoSOgOanIhtjo35/XeFDZFWH5YNMSjBD+LThYEvvlyGyGUgb7cDjaDlCvsNkQp1P2glCqSe3OPRwbInlfwHCN5OImu9iTYqf/Tnnn8qmnrkbdF/b1U89TeLruS2EBPdJq8sGkfTdLhZn5CV+sCIZDOLJ23P23uZKTXF5+NrHllYC4kB8Jsp8jdVYBxpSvg/nsHOYNxKLSOCzVoze3YGs98AxHFa/fnINmesL4eKnOSPIMYF8eYWCiCXKFz178qPeZK6w7RGrXCC5VcqzaEpdGhoYm4e17dgjBMLWkvOeq+iWEPWc+hd/yszOAdHOVz0fyJeyAHWnv3vmeHlYI+swNfZ4CZh1rTFMxxxN4HMgzaiHFCzGWHmuyNdU1TeKFtaQeq7MiLAVwC2V0/d0ySyPR2f8OdgPKiSMSBT/PYjbXoT3fH2GYqQSTo+nujy3/PqXAxP0Uki7Ons1ESdYJKL57mzYTsUOPpLvFjbMQhQeubC64lzSPMmfB1n7SbKKdpOYEO8FdHlxTVyYQBmiF4IChG/1n/qgBJzMsXQLi65V8DkZdwCbXhwIDAQABoyYwJDAOBgNVHQ8BAf8EBAMCAYYwEgYDVR0TAQH/BAgwBgEB/wIBATANBgkqhkiG9w0BAQsFAAOCAgEAQ+G3v3JCbzChBs8HUGx6i2TMm1NZM71+chbA2JF9De8kVd/r2CETvvBRLXcTPcWWA0+PRDGaDmi4TR3bJhXgBStecQZkQtzI3ZcdFfI0rTNeCevfHp5nJjtB+AYomCTKNrlNLpk9YbJosqEKVLQBhlLNYm3PT4CQYJ1NubLLtKF1cn4Z+eayxud1kDrZWFyN5CYewOrtXc8oCynj8H0/NydOuCRQU2c/UXWmvsmlRRffHJEXLqCMitTHV9w4VHEVg9YYssxno/jWtp+b4z8JsE2vkJjs2tmOvfiMupbJx9h6zj2j04rjhf/A+vGPRKOD5WtbbX4An2+szsNLmERBfWUNsO1AaSTc3W+AJOjrG30tewS7jFRPluTtgB+kmozSW0MU/BgAYJuNKRVP8zklVmQqJRbrrxSzrvHzJlz/lvFu9MD7nGtiFqT9VggFjqq5vgn5srBp3Dq4GDGerg+HCDCN9qgnL1gBcKzCMK1oT0bCRWZGckT28WMnfcgZ/fuEVNgQcEXLgWiZWZDBEVlMh7u2QoOr2LXwXuXME8k87rAQbxvGLhyxq2uNxUdH16uljm7p5u2Qobyqxqf2rOGJYCBLK2JP74d6Nl6hD5FGBBaO6mN0Ojn/ShJ1Cq9o3wCHoLYn55wJnXYu7QXAX6230h7ekXpbxPPHO4x0Var5p+8=</cert>\n" 135 + " </intermediates>\n" 136 + " <endpoints>\n" 137 // The public key is chosen by using the following hash as the first 32 bytes (x-axis) 138 // SHA256("Google Cloud Key Vault Service Test Endpoint") = 8e0c114a79207c004cd7e906e2582145fa24cb0766defdf183b4265598cba9d5 139 // so its private key is unknown. 140 + " <cert>MIIDOzCCASOgAwIBAgIRAOTj/iNQb6/Qit7zAW9ncL0wDQYJKoZIhvcNAQELBQAwOTE3MDUGA1UEAxMuR29vZ2xlIENsb3VkIEtleSBWYXVsdCBTZXJ2aWNlIEludGVybWVkaWF0ZSBDQTAeFw0xODA1MDcyMjE4MTFaFw0yMzA1MDgyMjE4MTFaMDIxMDAuBgNVBAMTJ0dvb2dsZSBDbG91ZCBLZXkgVmF1bHQgU2VydmljZSBFbmRwb2ludDBZMBMGByqGSM49AgEGCCqGSM49AwEHA0IABI4MEUp5IHwATNfpBuJYIUX6JMsHZt798YO0JlWYy6nVVa1lxf9c+xxONJh+T5aio370RlIEuiq5R7vCHt0VGsCjEDAOMAwGA1UdEwEB/wQCMAAwDQYJKoZIhvcNAQELBQADggIBAGf6QU58lU+gGzy8hnp0suR/ixC++CExtf39pDHkdfU/e3ui4ROR+pjQ5F7okDFWeKSCNcJZ7tyXMJ9g7/I0qVY8Bj/gRnlVokdl/wD5PiL9GIzqWfnHNe3T+xrAAAgOD0bEmjgwNYmekfUIYQczd04d7ZMGnmAkpVH/0O2mf9q5x9fMlbKuAygUqQ/gmnlgxKfl9DSRWi4oMBOqlKlCRP1XAh3anu92+M/EhsFbyc07CWZY0SByX5M/cHVMLhUXjZHvcYLyOmJWJmXznidgyNeIR6t9yDB55iCt7WSn3qMY+9vA9ELzt8jYpBNaKc0GbWQkRzYWegkf4kMis98eQ3SnAKbRz6669nmuAdxKs9/LK6BlFOFw1xvsTRQ96dBaoiX2XGhou+Im0Td/AMs0Aigz2N+Ujq/yW//35GZQfdGGIYtFbkcltStygjIJyAM1pBhyBBkJhOhRpO4fXh98aq8H5J7R9i5A9WpnDstAxPxcNCDWn0O/WxhPvVZkFTpiNXh9dnlJ/kZe+j+z5ZMaxW435drLPx2AQKjXA9GgGrFPltTUyGycmEGtuxLvSnm/zPlmk5FUk7x2wEr0+bZ3cx0JHHgAtgXpe0jkDi8Bw8O3X7mUOjxVhYU6auiYJezW9LGmweaKwYvS04UCWOReolUVexob9LI/VX1JrrwD3s7k</cert>\n" 141 + " </endpoints>\n" 142 + "</certificate>\n"; 143 private static final String THM_SIG_XML = "" 144 + "<signature>\n" 145 + " <intermediates></intermediates>\n" 146 + " <certificate>MIIFGjCCAwKgAwIBAgIQHflnDNWkj2yxeD1IB6GdTTANBgkqhkiG9w0BAQsFADAxMS8wLQYDVQQDEyZHb29nbGUgQ2xvdWQgS2V5IFZhdWx0IFNlcnZpY2UgUm9vdCBDQTAeFw0xODA1MDcxODU4MTBaFw0yODA1MDgxODU4MTBaMDkxNzA1BgNVBAMTLkdvb2dsZSBDbG91ZCBLZXkgVmF1bHQgU2VydmljZSBJbnRlcm1lZGlhdGUgQ0EwggIiMA0GCSqGSIb3DQEBAQUAA4ICDwAwggIKAoICAQDvdOu8fePrMSKalxzfa3HaK6lbB/LN0TmXgSNzkQFjPHRpkfpv8oO663C6y2TQijKOUbJIwHP/bViBZ6Mib6d24CWmTtZjmRgenRda3N2bFmSeZZOq6A941l6IoSOgOanIhtjo35/XeFDZFWH5YNMSjBD+LThYEvvlyGyGUgb7cDjaDlCvsNkQp1P2glCqSe3OPRwbInlfwHCN5OImu9iTYqf/Tnnn8qmnrkbdF/b1U89TeLruS2EBPdJq8sGkfTdLhZn5CV+sCIZDOLJ23P23uZKTXF5+NrHllYC4kB8Jsp8jdVYBxpSvg/nsHOYNxKLSOCzVoze3YGs98AxHFa/fnINmesL4eKnOSPIMYF8eYWCiCXKFz178qPeZK6w7RGrXCC5VcqzaEpdGhoYm4e17dgjBMLWkvOeq+iWEPWc+hd/yszOAdHOVz0fyJeyAHWnv3vmeHlYI+swNfZ4CZh1rTFMxxxN4HMgzaiHFCzGWHmuyNdU1TeKFtaQeq7MiLAVwC2V0/d0ySyPR2f8OdgPKiSMSBT/PYjbXoT3fH2GYqQSTo+nujy3/PqXAxP0Uki7Ons1ESdYJKL57mzYTsUOPpLvFjbMQhQeubC64lzSPMmfB1n7SbKKdpOYEO8FdHlxTVyYQBmiF4IChG/1n/qgBJzMsXQLi65V8DkZdwCbXhwIDAQABoyYwJDAOBgNVHQ8BAf8EBAMCAYYwEgYDVR0TAQH/BAgwBgEB/wIBATANBgkqhkiG9w0BAQsFAAOCAgEAQ+G3v3JCbzChBs8HUGx6i2TMm1NZM71+chbA2JF9De8kVd/r2CETvvBRLXcTPcWWA0+PRDGaDmi4TR3bJhXgBStecQZkQtzI3ZcdFfI0rTNeCevfHp5nJjtB+AYomCTKNrlNLpk9YbJosqEKVLQBhlLNYm3PT4CQYJ1NubLLtKF1cn4Z+eayxud1kDrZWFyN5CYewOrtXc8oCynj8H0/NydOuCRQU2c/UXWmvsmlRRffHJEXLqCMitTHV9w4VHEVg9YYssxno/jWtp+b4z8JsE2vkJjs2tmOvfiMupbJx9h6zj2j04rjhf/A+vGPRKOD5WtbbX4An2+szsNLmERBfWUNsO1AaSTc3W+AJOjrG30tewS7jFRPluTtgB+kmozSW0MU/BgAYJuNKRVP8zklVmQqJRbrrxSzrvHzJlz/lvFu9MD7nGtiFqT9VggFjqq5vgn5srBp3Dq4GDGerg+HCDCN9qgnL1gBcKzCMK1oT0bCRWZGckT28WMnfcgZ/fuEVNgQcEXLgWiZWZDBEVlMh7u2QoOr2LXwXuXME8k87rAQbxvGLhyxq2uNxUdH16uljm7p5u2Qobyqxqf2rOGJYCBLK2JP74d6Nl6hD5FGBBaO6mN0Ojn/ShJ1Cq9o3wCHoLYn55wJnXYu7QXAX6230h7ekXpbxPPHO4x0Var5p+8=</certificate>\n" 147 + " <value>WkmYBCY4heNutMf3tEbyg+Omm+MvWF4EoDmv2vCd259oy3t8URqDqu5vEi3TqQguX0GO3r5mRKCcEYged121xJltC6zShbDMZZNAlB6sqvS6/vIVBBx5jKecUaEpRuQ4ruTyF93YXDi7DgaCNGaYCjkDrnr8lSAyelZl2tfe2BbpOMiwH1fNvI6Xmb++iyMmZGoJo91ovucC635SnnULNUtivL2CjLgU3mKb2uZMB8XPr1t1FOTJEA81ghDU+p3ZrPLxLB3KBTtfAwPQyqStRuY8+3bnPqi7VWeZgfoesvJiPF6q1PraoaL/inlRFo7wr37CS9EtNR/k5cq1UJ4/4Ernvj5k2Zw/IclzYHUGSd3ljCOTJJB6cDtR7WDqprlr1J4nr9hf1Ya4DFJmlX3FXix43Dw6lfk/1gCiWu0y2i1A2NCn0QRxuPh5b385Epj98QlZnd2roB2GfzchJTAxI+oeLc3CowkyLDS5jjuTMERbKbPpkhQu9gtskYtB0I4fEGOMn17+ZrXRcTPJexCS2NGgSqiF4X9Fwe+9XRg3Nk+SoUj9gBCysP8UeSz1POZHQIlZ24mQzxOK2hwGwDtxVchGCrNyf8rh5bZE2hUKHYNH9UWQ+YWrieKeulfP+o1wL9NLZOTz3SHcV/kCv5WqgynzkrKf382FwunxF56NapA=</value>\n" 148 + "</signature>\n"; 149 150 public static final CertPath CERT_PATH_1; 151 public static final CertPath CERT_PATH_2; 152 public static final PublicKey CERT_1_PUBLIC_KEY; 153 154 static { 155 try { 156 CERT_PATH_1 = decodeCertPath(CERT_PATH_1_BASE64); 157 CERT_PATH_2 = decodeCertPath(CERT_PATH_2_BASE64); 158 CERT_1_PUBLIC_KEY = CERT_PATH_1.getCertificates().get(0).getPublicKey(); 159 } catch (Exception e) { 160 throw new RuntimeException(e); 161 } 162 } 163 getCertXmlWithSerial(long serial)164 public static byte[] getCertXmlWithSerial(long serial) { 165 String xml = THM_CERT_XML_BEFORE_SERIAL + serial + THM_CERT_XML_AFTER_SERIAL; 166 return xml.getBytes(StandardCharsets.UTF_8); 167 } 168 getCertXml()169 public static byte[] getCertXml() { 170 return getCertXmlWithSerial(DEFAULT_SERIAL); 171 } 172 getSigXml()173 public static byte[] getSigXml() { 174 return THM_SIG_XML.getBytes(StandardCharsets.UTF_8); 175 } 176 generateKey()177 public static SecretKey generateKey() throws Exception { 178 KeyGenerator keyGenerator = KeyGenerator.getInstance(KEY_ALGORITHM); 179 keyGenerator.init(/*keySize=*/ 256); 180 return keyGenerator.generateKey(); 181 } 182 183 private static final String INSECURE_CERT_XML_HEADER = "" 184 + "<?xml version=\"1.0\" encoding=\"UTF-8\"?>\n" 185 + "<certificates>\n" 186 + " <metadata>\n" 187 + " <serial>\n"; 188 private static final String INSECURE_CERT_XML_BODY = "" 189 + " </serial>\n" 190 + " <creation-time>\n" 191 + " 1515697631\n" 192 + " </creation-time>\n" 193 + " <refresh-interval>\n" 194 + " 2592000\n" 195 + " </refresh-interval>\n" 196 + " <previous>\n" 197 + " <serial>\n" 198 + " 0\n" 199 + " </serial>\n" 200 + " <hash>\n" 201 + " 47DEQpj8HBSa+/TImW+5JCeuQeRkm5NMpJWZG3hSuFU=\n" 202 + " </hash>\n" 203 + " </previous>\n" 204 + " </metadata>\n" 205 + " <intermediates>\n" 206 + " <cert>\n" 207 + " MIIEQjCCAiqgAwIBAgICEAAwDQYJKoZIhvcNAQELBQAwLTErMCkGA1UEAwwiVGVz\n" 208 + " dCBPbmx5IFVuc2VjdXJlIEludGVybWVkaWF0ZSBDQTAeFw0xODAzMjgwNTA1MjNa\n" 209 + " Fw0yMzAzMDIwNTA1MjNaMDMxMTAvBgNVBAMMKFRlc3QgT25seSBVbnNlY3VyZSBJ\n" 210 + " bnRlci1JbnRlcm1lZGlhdGUgQ0EwggEiMA0GCSqGSIb3DQEBAQUAA4IBDwAwggEK\n" 211 + " AoIBAQDF3CyLIFWaNspHUwEr5hHDr6nmP5Iog73E6G7kBB1Xytt955AagHffmHze\n" 212 + " WZ/mAWBYHe6kJMsTLTfmb+kZLK8/s58AjUu/byrgPPIL92v7HgIa1148OePYmohX\n" 213 + " z0uNZQK5sYeb4kT2cyprKSWPBceyCcZDelTYpbleXd2yJSY/37XoiacmR8z6fEds\n" 214 + " ezqNLBpVApiVsVehizdIioYUCAtZlS2DnShacVGOq/FE/RCOC3wfKVcOV4HqaVBM\n" 215 + " JwwMOSL6YUIq34fi6VSNAunReeF7tckESUFu0pz52UmRyMhDZ/FCrjE5EIslxomD\n" 216 + " NJJttZyAmZDUB087SA6vNWhJOwynAgMBAAGjZjBkMB0GA1UdDgQWBBRcOlrOWbGw\n" 217 + " +UIwB8/P1ZRHsgEyvzAfBgNVHSMEGDAWgBQhLxSvWzSypPWVIcPdbtgiAphaNDAS\n" 218 + " BgNVHRMBAf8ECDAGAQH/AgEBMA4GA1UdDwEB/wQEAwIBhjANBgkqhkiG9w0BAQsF\n" 219 + " AAOCAgEAkI+gomTRa34s3lea8Amg+W9WeyitdVw2MxBF/jYLAELq9pIfgsI8EYRt\n" 220 + " rUGT05xzrcis+cqdwxDTAQNNcvOxHj3F/VkGiAHvCFapw7quxeq6+aHU9m2nnZ1O\n" 221 + " Ss9qz7Low32yWhf5jJSQRA5HPO139H+CquVFDYOx1oiny0JsBivBoVkhb35HJmBu\n" 222 + " dkabfKIVdKAesd0At7KHZM9Voitp4LQsYctsi63EzELNvmFZ/NujVyoLmXz1wmQg\n" 223 + " avdc2FdWHMD3CdJzDyYmfqvn7FPds8wdWEnBnfZ4A5izwFD2BJjMvMfVs4pPv/8z\n" 224 + " GFYPkjhgN43Rh8kakJ+QgSbZpoEY0Vb7WbjMNRbdTBUJCk5waAMSNvWK26wcAzok\n" 225 + " OWZ+j6SHj2cku6sAcDbWLrlaREy6KTLpvhMqsiLzivmfu/FGWCZMb/zX1rllzzGP\n" 226 + " v6tIF29ewYNOic+RT3E4H9I7YO+mSbEs2szoRl6HRoC24DIcgUxpQ24Z3WriuIdB\n" 227 + " XwdHXgDGeoD9NsI3Lt7KRoXePDAyzKTnxTUwo+G9au5+ldtLs645ijDKKcX7CmyJ\n" 228 + " zCnIMeTeU9j88ht5s4Yo50s1WBeQv/Tq+euzprXrdUzFaih4aOFDytuyoZIwAi02\n" 229 + " dr2Dw+CkExaY755XQtEAV3KNi8+oy9Qy6pkBE50KGD40exzOru8=\n" 230 + " </cert>\n" 231 + " <cert>\n" 232 + " MIIFNDCCAxygAwIBAgICEAAwDQYJKoZIhvcNAQENBQAwJTEjMCEGA1UEAwwaVGVz\n" 233 + " dCBPbmx5IFVuc2VjdXJlIFJvb3QgQ0EwHhcNMTgwMzI4MDAzNzE4WhcNMjgwMzI1\n" 234 + " MDAzNzE4WjAtMSswKQYDVQQDDCJUZXN0IE9ubHkgVW5zZWN1cmUgSW50ZXJtZWRp\n" 235 + " YXRlIENBMIICIjANBgkqhkiG9w0BAQEFAAOCAg8AMIICCgKCAgEA1dwb6jH2QBwA\n" 236 + " kj6W8lrprOvJRCJQhx/sAAnMqcvFMDIb5cY2PIwWglMENmZvtigzOiE6Je+QxHsh\n" 237 + " EYYm7D8XU9vRjOUBW7NQW3Lb/tsEX4FUDmsGWbm7pYRoXQheAy1PTyPRNCRBciUd\n" 238 + " z2mQq7oL03jNGkOIIRKAluo/QzZbXVnVep8nUJRikt3lYxUl8hwiM3Epzqs3+No8\n" 239 + " HGCwf5ohQYXvYcJF/KxnTUKyFHPDpHSME2IViYnmY8bfzRDBkNlHsAcSSXir3AEe\n" 240 + " BDI9/uaY7PlwoQwrG1qQ5MKqPM5eLm+uOFVs1kKwSLRLmPk7X4mu56o88CE2InTc\n" 241 + " zIz5PUcBWW1RvGhAA/FX9fChgXrDC8megGbAzQCE22pxcqR+RUIphXxe2PkhkvUH\n" 242 + " PI6JM4ijFVGhCum6leMkOeRmwtlAZ8mmTBJbGVdHUSaKVxYy6LcFR8Rt1stjQxTN\n" 243 + " BJKXfZsI/qvKf9pTkevvMtaUoMwwYAd8rTMhwuAml+uhrf39UtLRS6SAH/POaD6d\n" 244 + " 8Dnl9KeAGLb6P5pixd+TYDUfj/ZebuzDkuK/BfJbDB+qYiXWbD7EhYtyHFIoc9pF\n" 245 + " IXmE0sb+n0/WGtBpXipZWInJqnzV0LDRKoFPfhO1YtsUNtSTCtiPSJGouwn4PlCC\n" 246 + " 2rIm8cnA9Mo1qtBfLRLVcHWWM69c7W0CAwEAAaNmMGQwHQYDVR0OBBYEFCEvFK9b\n" 247 + " NLKk9ZUhw91u2CICmFo0MB8GA1UdIwQYMBaAFMMnjaWILF12L4fc9P5Ra42u7Ffr\n" 248 + " MBIGA1UdEwEB/wQIMAYBAf8CAQIwDgYDVR0PAQH/BAQDAgGGMA0GCSqGSIb3DQEB\n" 249 + " DQUAA4ICAQAj08SwC3OWKq3rmDOxdGeODLYwPJl/lfiOdFFQMOhzSKKQ4oBlwRAR\n" 250 + " F4T32KU95/0QhwjgYB2nFo/frDKwk2j3F7gZvZuc4ekuP6Vc1qSSgv99kqIIrk74\n" 251 + " UNUK2BmOIqrCunpW7WF99VQgS4FHS0TJbJdsecV7KNznT4l3dac/QOOXeid5HSeE\n" 252 + " QHGyqMUd0noDS0UjqNfhdbd1sWpsZYjWsIq+gsZ3ADDSTCESwjElHZOMVKz3uyIx\n" 253 + " 7i4HY1pzWV4Ob0NedLfYvaauAxnQSsktQMk56mGWqLaiBQA3FjNGh5J28oSws93Z\n" 254 + " e/OBUtUT92vlbVqbqsQCq6GiNgh7RGnsMFqV7+hrJsHjI1SUG5YlgCWIw9sPNdpW\n" 255 + " q4jR0pOR+WVBW8HY8C7HTOlTOh3K6Isdwx813XeU6xGxLhQuN/zEQolQRSD8wBto\n" 256 + " 2gmZF9MWTzS3YE68b7LwxR6ByghaLxxN7ULRR2cxoRAuJEbgeFRzaI4xiRqLOoS2\n" 257 + " dwsPp30sVx6meXqfhYUT9CebexrI31+sbryaTAktExoP4Gsnx1uCjLr8UUsde7Jq\n" 258 + " Ln0gg4Sv9tHz7GWm0TE5iwMHk59KCKyMFc+x8MHY9Cdhd+p7drrba3X+FC80DRoK\n" 259 + " uRQ0rcOVWaGNoK3KLAr22axFSgWJX2wrNPMNqRfz9/6/t83HO/5xiw==\n" 260 + " </cert>\n" 261 + " </intermediates>\n" 262 + " <endpoints>\n"; 263 private static final String INSECURE_CERT_XML_ENDPOINT1_CERT = "" 264 + " <cert>\n" 265 + " MIIDlDCCAXygAwIBAgICEAIwDQYJKoZIhvcNAQELBQAwLTErMCkGA1UEAwwiVGVz\n" 266 + " dCBPbmx5IFVuc2VjdXJlIEludGVybWVkaWF0ZSBDQTAeFw0xODAzMjgwNTIzMTZa\n" 267 + " Fw0yMjA1MDYwNTIzMTZaMCgxJjAkBgNVBAMMHVRlc3QgT25seSBVbnNlY3VyZSBF\n" 268 + " bmRwb2ludCAxMFkwEwYHKoZIzj0CAQYIKoZIzj0DAQcDQgAEt0uibX2wsl5S0gPl\n" 269 + " mR8JNEa9oXYyV8RniS57AG1ZBEpqBi/cBtkLctiJ6RUPYxRSR7xkfGu90TEFapjc\n" 270 + " cELxYaOBjTCBijAJBgNVHRMEAjAAMB0GA1UdDgQWBBTE4A58EAivi5Lf/fgO4tjh\n" 271 + " NgVFJjBOBgNVHSMERzBFgBQhLxSvWzSypPWVIcPdbtgiAphaNKEppCcwJTEjMCEG\n" 272 + " A1UEAwwaVGVzdCBPbmx5IFVuc2VjdXJlIFJvb3QgQ0GCAhAAMA4GA1UdDwEB/wQE\n" 273 + " AwIDCDANBgkqhkiG9w0BAQsFAAOCAgEAOCwjSvJ/6+gjTEgX3uFV3OiGb5C1UIlR\n" 274 + " StZq9h+65m5Rj4rAM/1RYkjYrIy25VZyGk85cJhcv+ZIFKz4gKwgTxhDUjtOtNFS\n" 275 + " rsY50IFwXOwFC+NaP/Z9d75Om5FSbbmXCnoMpb8ErtNvUaJs7CezOg0m19JD3/eq\n" 276 + " 9DsroSDY9+3HQluURv92YlfsIhZaByTgQU5X2e56RKR2pcij+AoQGTzmAHou1k3+\n" 277 + " aNkdvZz8YRS7UoVPMyrii1rNFYaYOBYwZHzP/zM8CLGZ3O6nC0Rq+5f6Twi5tiIR\n" 278 + " WNz5gWawOdvPicVfv66EfEBQRfu45HsOLqnPjnAwbLVLUOn2mw/PH+jffgswD8Jl\n" 279 + " AKHIhuS6zE7+ArXz0/Uz88wYSJMj2TU2g9S+KxHCElltf2gLX3aak6lNeOnfbVP3\n" 280 + " Ld+S9t43Vu058Ao7a4htNbT9/kTvaB2gWqL2GIXAtZ/lEcgmOedVIX0AEv5doB9Z\n" 281 + " Ygue5SlJy/uXKcYmSaY5BrjiDBSiXi0tM1fxJHyVTtzfawv6SFszFEqBRFRRZdqL\n" 282 + " aWrNV3jplyOa/8D8HU7e6PGJsnjLKM8yA1zgSfDnNUj0Z3Ovj+AlMiFMU/Schdjb\n" 283 + " YD0cjgViI/4bkUgF4YDzOT1xOxIc1C4pi+PvlKbGYXFluLUEf0qoBe9ZEJN5Cwv6\n" 284 + " puOfIKtVqtA=\n" 285 + " </cert>\n"; 286 private static final String INSECURE_CERT_XML_ENDPOINT2_CERT = "" 287 + " <cert>\n" 288 + " MIICojCCAYqgAwIBAgICEAAwDQYJKoZIhvcNAQELBQAwMzExMC8GA1UEAwwoVGVz\n" 289 + " dCBPbmx5IFVuc2VjdXJlIEludGVyLUludGVybWVkaWF0ZSBDQTAeFw0xODAzMjgw\n" 290 + " NTI0NDJaFw0yMjA1MDYwNTI0NDJaMCgxJjAkBgNVBAMMHVRlc3QgT25seSBVbnNl\n" 291 + " Y3VyZSBFbmRwb2ludCAyMFkwEwYHKoZIzj0CAQYIKoZIzj0DAQcDQgAEJFCmWFoj\n" 292 + " Y2neIsYdpWo/eeA2g+EsQayB7gYkt00eAS7bM+1bas0OqYUPeW4iHYF67jEbNg4b\n" 293 + " lzLWa76fzt/8AKOBlTCBkjAJBgNVHRMEAjAAMB0GA1UdDgQWBBS19DdRW13M4VHr\n" 294 + " UUagViNg9AxyujBWBgNVHSMETzBNgBRcOlrOWbGw+UIwB8/P1ZRHsgEyv6ExpC8w\n" 295 + " LTErMCkGA1UEAwwiVGVzdCBPbmx5IFVuc2VjdXJlIEludGVybWVkaWF0ZSBDQYIC\n" 296 + " EAAwDgYDVR0PAQH/BAQDAgMIMA0GCSqGSIb3DQEBCwUAA4IBAQB+0cAYzhkxfn5d\n" 297 + " XoyF6q0pxTNAREsJ6WtHa2wvtx4UnFIT9nxy3TuliGs2x6lR7knJxGmXC6XMYMwG\n" 298 + " suafjEhF3svAscGXXh7pwNZb3Q99/HFuxyCPKAOCwsoaZEm/xeuzvZqBVnVtNTVo\n" 299 + " PbqkTjsaYZNPd3X/hqLafHKA5Aq19vQQ9O9VgwSu9asDr2uv7A8xJY9629wMYRny\n" 300 + " FYWveJG124TEL2xGqdXkOG9lE5BJlC1D4lrqDwF6FQL2A8IRL3cQ5BRg+lFAR4PU\n" 301 + " IT7UgpPK4f4CnKcgpKPn5TXH44TdRlhNPMRyT9MnFOb5K/gV8K+nB2YMAxOMRld+\n" 302 + " 4VH7v7k6\n" 303 + " </cert>\n"; 304 private static final String INSECURE_CERT_XML_FOOTER = "" 305 + " </endpoints>\n" 306 + "</certificates>\n"; 307 308 private static final String INSECURE_CERT_PATH_FOR_ENDPOINT1_BASE64 = "" 309 + "MIII0DCCBTQwggMcoAMCAQICAhAAMA0GCSqGSIb3DQEBDQUAMCUxIzAhBgNVBAMM" 310 + "GlRlc3QgT25seSBVbnNlY3VyZSBSb290IENBMB4XDTE4MDMyODAwMzcxOFoXDTI4" 311 + "MDMyNTAwMzcxOFowLTErMCkGA1UEAwwiVGVzdCBPbmx5IFVuc2VjdXJlIEludGVy" 312 + "bWVkaWF0ZSBDQTCCAiIwDQYJKoZIhvcNAQEBBQADggIPADCCAgoCggIBANXcG+ox" 313 + "9kAcAJI+lvJa6azryUQiUIcf7AAJzKnLxTAyG+XGNjyMFoJTBDZmb7YoMzohOiXv" 314 + "kMR7IRGGJuw/F1Pb0YzlAVuzUFty2/7bBF+BVA5rBlm5u6WEaF0IXgMtT08j0TQk" 315 + "QXIlHc9pkKu6C9N4zRpDiCESgJbqP0M2W11Z1XqfJ1CUYpLd5WMVJfIcIjNxKc6r" 316 + "N/jaPBxgsH+aIUGF72HCRfysZ01CshRzw6R0jBNiFYmJ5mPG380QwZDZR7AHEkl4" 317 + "q9wBHgQyPf7mmOz5cKEMKxtakOTCqjzOXi5vrjhVbNZCsEi0S5j5O1+JrueqPPAh" 318 + "NiJ03MyM+T1HAVltUbxoQAPxV/XwoYF6wwvJnoBmwM0AhNtqcXKkfkVCKYV8Xtj5" 319 + "IZL1BzyOiTOIoxVRoQrpupXjJDnkZsLZQGfJpkwSWxlXR1EmilcWMui3BUfEbdbL" 320 + "Y0MUzQSSl32bCP6ryn/aU5Hr7zLWlKDMMGAHfK0zIcLgJpfroa39/VLS0UukgB/z" 321 + "zmg+nfA55fSngBi2+j+aYsXfk2A1H4/2Xm7sw5LivwXyWwwfqmIl1mw+xIWLchxS" 322 + "KHPaRSF5hNLG/p9P1hrQaV4qWViJyap81dCw0SqBT34TtWLbFDbUkwrYj0iRqLsJ" 323 + "+D5QgtqyJvHJwPTKNarQXy0S1XB1ljOvXO1tAgMBAAGjZjBkMB0GA1UdDgQWBBQh" 324 + "LxSvWzSypPWVIcPdbtgiAphaNDAfBgNVHSMEGDAWgBTDJ42liCxddi+H3PT+UWuN" 325 + "ruxX6zASBgNVHRMBAf8ECDAGAQH/AgECMA4GA1UdDwEB/wQEAwIBhjANBgkqhkiG" 326 + "9w0BAQ0FAAOCAgEAI9PEsAtzliqt65gzsXRnjgy2MDyZf5X4jnRRUDDoc0iikOKA" 327 + "ZcEQEReE99ilPef9EIcI4GAdpxaP36wysJNo9xe4Gb2bnOHpLj+lXNakkoL/fZKi" 328 + "CK5O+FDVCtgZjiKqwrp6Vu1hffVUIEuBR0tEyWyXbHnFeyjc50+Jd3WnP0Djl3on" 329 + "eR0nhEBxsqjFHdJ6A0tFI6jX4XW3dbFqbGWI1rCKvoLGdwAw0kwhEsIxJR2TjFSs" 330 + "97siMe4uB2Nac1leDm9DXnS32L2mrgMZ0ErJLUDJOephlqi2ogUANxYzRoeSdvKE" 331 + "sLPd2XvzgVLVE/dr5W1am6rEAquhojYIe0Rp7DBale/oaybB4yNUlBuWJYAliMPb" 332 + "DzXaVquI0dKTkfllQVvB2PAux0zpUzodyuiLHcMfNd13lOsRsS4ULjf8xEKJUEUg" 333 + "/MAbaNoJmRfTFk80t2BOvG+y8MUegcoIWi8cTe1C0UdnMaEQLiRG4HhUc2iOMYka" 334 + "izqEtncLD6d9LFcepnl6n4WFE/Qnm3sayN9frG68mkwJLRMaD+BrJ8dbgoy6/FFL" 335 + "HXuyai59IIOEr/bR8+xlptExOYsDB5OfSgisjBXPsfDB2PQnYXfqe3a622t1/hQv" 336 + "NA0aCrkUNK3DlVmhjaCtyiwK9tmsRUoFiV9sKzTzDakX8/f+v7fNxzv+cYswggOU" 337 + "MIIBfKADAgECAgIQAjANBgkqhkiG9w0BAQsFADAtMSswKQYDVQQDDCJUZXN0IE9u" 338 + "bHkgVW5zZWN1cmUgSW50ZXJtZWRpYXRlIENBMB4XDTE4MDMyODA1MjMxNloXDTIy" 339 + "MDUwNjA1MjMxNlowKDEmMCQGA1UEAwwdVGVzdCBPbmx5IFVuc2VjdXJlIEVuZHBv" 340 + "aW50IDEwWTATBgcqhkjOPQIBBggqhkjOPQMBBwNCAAS3S6JtfbCyXlLSA+WZHwk0" 341 + "Rr2hdjJXxGeJLnsAbVkESmoGL9wG2Qty2InpFQ9jFFJHvGR8a73RMQVqmNxwQvFh" 342 + "o4GNMIGKMAkGA1UdEwQCMAAwHQYDVR0OBBYEFMTgDnwQCK+Lkt/9+A7i2OE2BUUm" 343 + "ME4GA1UdIwRHMEWAFCEvFK9bNLKk9ZUhw91u2CICmFo0oSmkJzAlMSMwIQYDVQQD" 344 + "DBpUZXN0IE9ubHkgVW5zZWN1cmUgUm9vdCBDQYICEAAwDgYDVR0PAQH/BAQDAgMI" 345 + "MA0GCSqGSIb3DQEBCwUAA4ICAQA4LCNK8n/r6CNMSBfe4VXc6IZvkLVQiVFK1mr2" 346 + "H7rmblGPisAz/VFiSNisjLblVnIaTzlwmFy/5kgUrPiArCBPGENSO0600VKuxjnQ" 347 + "gXBc7AUL41o/9n13vk6bkVJtuZcKegylvwSu029RomzsJ7M6DSbX0kPf96r0Oyuh" 348 + "INj37cdCW5RG/3ZiV+wiFloHJOBBTlfZ7npEpHalyKP4ChAZPOYAei7WTf5o2R29" 349 + "nPxhFLtShU8zKuKLWs0Vhpg4FjBkfM//MzwIsZnc7qcLRGr7l/pPCLm2IhFY3PmB" 350 + "ZrA528+JxV+/roR8QFBF+7jkew4uqc+OcDBstUtQ6fabD88f6N9+CzAPwmUAociG" 351 + "5LrMTv4CtfPT9TPzzBhIkyPZNTaD1L4rEcISWW1/aAtfdpqTqU146d9tU/ct35L2" 352 + "3jdW7TnwCjtriG01tP3+RO9oHaBaovYYhcC1n+URyCY551UhfQAS/l2gH1liC57l" 353 + "KUnL+5cpxiZJpjkGuOIMFKJeLS0zV/EkfJVO3N9rC/pIWzMUSoFEVFFl2otpas1X" 354 + "eOmXI5r/wPwdTt7o8YmyeMsozzIDXOBJ8Oc1SPRnc6+P4CUyIUxT9JyF2NtgPRyO" 355 + "BWIj/huRSAXhgPM5PXE7EhzULimL4++UpsZhcWW4tQR/SqgF71kQk3kLC/qm458g" 356 + "q1Wq0A=="; 357 private static final String INSECURE_CERT_PATH_FOR_ENDPOINT2_BASE64 = "" 358 + "MIIMJDCCBTQwggMcoAMCAQICAhAAMA0GCSqGSIb3DQEBDQUAMCUxIzAhBgNVBAMM" 359 + "GlRlc3QgT25seSBVbnNlY3VyZSBSb290IENBMB4XDTE4MDMyODAwMzcxOFoXDTI4" 360 + "MDMyNTAwMzcxOFowLTErMCkGA1UEAwwiVGVzdCBPbmx5IFVuc2VjdXJlIEludGVy" 361 + "bWVkaWF0ZSBDQTCCAiIwDQYJKoZIhvcNAQEBBQADggIPADCCAgoCggIBANXcG+ox" 362 + "9kAcAJI+lvJa6azryUQiUIcf7AAJzKnLxTAyG+XGNjyMFoJTBDZmb7YoMzohOiXv" 363 + "kMR7IRGGJuw/F1Pb0YzlAVuzUFty2/7bBF+BVA5rBlm5u6WEaF0IXgMtT08j0TQk" 364 + "QXIlHc9pkKu6C9N4zRpDiCESgJbqP0M2W11Z1XqfJ1CUYpLd5WMVJfIcIjNxKc6r" 365 + "N/jaPBxgsH+aIUGF72HCRfysZ01CshRzw6R0jBNiFYmJ5mPG380QwZDZR7AHEkl4" 366 + "q9wBHgQyPf7mmOz5cKEMKxtakOTCqjzOXi5vrjhVbNZCsEi0S5j5O1+JrueqPPAh" 367 + "NiJ03MyM+T1HAVltUbxoQAPxV/XwoYF6wwvJnoBmwM0AhNtqcXKkfkVCKYV8Xtj5" 368 + "IZL1BzyOiTOIoxVRoQrpupXjJDnkZsLZQGfJpkwSWxlXR1EmilcWMui3BUfEbdbL" 369 + "Y0MUzQSSl32bCP6ryn/aU5Hr7zLWlKDMMGAHfK0zIcLgJpfroa39/VLS0UukgB/z" 370 + "zmg+nfA55fSngBi2+j+aYsXfk2A1H4/2Xm7sw5LivwXyWwwfqmIl1mw+xIWLchxS" 371 + "KHPaRSF5hNLG/p9P1hrQaV4qWViJyap81dCw0SqBT34TtWLbFDbUkwrYj0iRqLsJ" 372 + "+D5QgtqyJvHJwPTKNarQXy0S1XB1ljOvXO1tAgMBAAGjZjBkMB0GA1UdDgQWBBQh" 373 + "LxSvWzSypPWVIcPdbtgiAphaNDAfBgNVHSMEGDAWgBTDJ42liCxddi+H3PT+UWuN" 374 + "ruxX6zASBgNVHRMBAf8ECDAGAQH/AgECMA4GA1UdDwEB/wQEAwIBhjANBgkqhkiG" 375 + "9w0BAQ0FAAOCAgEAI9PEsAtzliqt65gzsXRnjgy2MDyZf5X4jnRRUDDoc0iikOKA" 376 + "ZcEQEReE99ilPef9EIcI4GAdpxaP36wysJNo9xe4Gb2bnOHpLj+lXNakkoL/fZKi" 377 + "CK5O+FDVCtgZjiKqwrp6Vu1hffVUIEuBR0tEyWyXbHnFeyjc50+Jd3WnP0Djl3on" 378 + "eR0nhEBxsqjFHdJ6A0tFI6jX4XW3dbFqbGWI1rCKvoLGdwAw0kwhEsIxJR2TjFSs" 379 + "97siMe4uB2Nac1leDm9DXnS32L2mrgMZ0ErJLUDJOephlqi2ogUANxYzRoeSdvKE" 380 + "sLPd2XvzgVLVE/dr5W1am6rEAquhojYIe0Rp7DBale/oaybB4yNUlBuWJYAliMPb" 381 + "DzXaVquI0dKTkfllQVvB2PAux0zpUzodyuiLHcMfNd13lOsRsS4ULjf8xEKJUEUg" 382 + "/MAbaNoJmRfTFk80t2BOvG+y8MUegcoIWi8cTe1C0UdnMaEQLiRG4HhUc2iOMYka" 383 + "izqEtncLD6d9LFcepnl6n4WFE/Qnm3sayN9frG68mkwJLRMaD+BrJ8dbgoy6/FFL" 384 + "HXuyai59IIOEr/bR8+xlptExOYsDB5OfSgisjBXPsfDB2PQnYXfqe3a622t1/hQv" 385 + "NA0aCrkUNK3DlVmhjaCtyiwK9tmsRUoFiV9sKzTzDakX8/f+v7fNxzv+cYswggRC" 386 + "MIICKqADAgECAgIQADANBgkqhkiG9w0BAQsFADAtMSswKQYDVQQDDCJUZXN0IE9u" 387 + "bHkgVW5zZWN1cmUgSW50ZXJtZWRpYXRlIENBMB4XDTE4MDMyODA1MDUyM1oXDTIz" 388 + "MDMwMjA1MDUyM1owMzExMC8GA1UEAwwoVGVzdCBPbmx5IFVuc2VjdXJlIEludGVy" 389 + "LUludGVybWVkaWF0ZSBDQTCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoCggEB" 390 + "AMXcLIsgVZo2ykdTASvmEcOvqeY/kiiDvcTobuQEHVfK233nkBqAd9+YfN5Zn+YB" 391 + "YFgd7qQkyxMtN+Zv6Rksrz+znwCNS79vKuA88gv3a/seAhrXXjw549iaiFfPS41l" 392 + "Armxh5viRPZzKmspJY8Fx7IJxkN6VNiluV5d3bIlJj/fteiJpyZHzPp8R2x7Oo0s" 393 + "GlUCmJWxV6GLN0iKhhQIC1mVLYOdKFpxUY6r8UT9EI4LfB8pVw5XgeppUEwnDAw5" 394 + "IvphQirfh+LpVI0C6dF54Xu1yQRJQW7SnPnZSZHIyENn8UKuMTkQiyXGiYM0km21" 395 + "nICZkNQHTztIDq81aEk7DKcCAwEAAaNmMGQwHQYDVR0OBBYEFFw6Ws5ZsbD5QjAH" 396 + "z8/VlEeyATK/MB8GA1UdIwQYMBaAFCEvFK9bNLKk9ZUhw91u2CICmFo0MBIGA1Ud" 397 + "EwEB/wQIMAYBAf8CAQEwDgYDVR0PAQH/BAQDAgGGMA0GCSqGSIb3DQEBCwUAA4IC" 398 + "AQCQj6CiZNFrfizeV5rwCaD5b1Z7KK11XDYzEEX+NgsAQur2kh+CwjwRhG2tQZPT" 399 + "nHOtyKz5yp3DENMBA01y87EePcX9WQaIAe8IVqnDuq7F6rr5odT2baednU5Kz2rP" 400 + "sujDfbJaF/mMlJBEDkc87Xf0f4Kq5UUNg7HWiKfLQmwGK8GhWSFvfkcmYG52Rpt8" 401 + "ohV0oB6x3QC3sodkz1WiK2ngtCxhy2yLrcTMQs2+YVn826NXKguZfPXCZCBq91zY" 402 + "V1YcwPcJ0nMPJiZ+q+fsU92zzB1YScGd9ngDmLPAUPYEmMy8x9Wzik+//zMYVg+S" 403 + "OGA3jdGHyRqQn5CBJtmmgRjRVvtZuMw1Ft1MFQkKTnBoAxI29YrbrBwDOiQ5Zn6P" 404 + "pIePZyS7qwBwNtYuuVpETLopMum+EyqyIvOK+Z+78UZYJkxv/NfWuWXPMY+/q0gX" 405 + "b17Bg06Jz5FPcTgf0jtg76ZJsSzazOhGXodGgLbgMhyBTGlDbhndauK4h0FfB0de" 406 + "AMZ6gP02wjcu3spGhd48MDLMpOfFNTCj4b1q7n6V20uzrjmKMMopxfsKbInMKcgx" 407 + "5N5T2PzyG3mzhijnSzVYF5C/9Or567Omtet1TMVqKHho4UPK27KhkjACLTZ2vYPD" 408 + "4KQTFpjvnldC0QBXco2Lz6jL1DLqmQETnQoYPjR7HM6u7zCCAqIwggGKoAMCAQIC" 409 + "AhAAMA0GCSqGSIb3DQEBCwUAMDMxMTAvBgNVBAMMKFRlc3QgT25seSBVbnNlY3Vy" 410 + "ZSBJbnRlci1JbnRlcm1lZGlhdGUgQ0EwHhcNMTgwMzI4MDUyNDQyWhcNMjIwNTA2" 411 + "MDUyNDQyWjAoMSYwJAYDVQQDDB1UZXN0IE9ubHkgVW5zZWN1cmUgRW5kcG9pbnQg" 412 + "MjBZMBMGByqGSM49AgEGCCqGSM49AwEHA0IABCRQplhaI2Np3iLGHaVqP3ngNoPh" 413 + "LEGsge4GJLdNHgEu2zPtW2rNDqmFD3luIh2Beu4xGzYOG5cy1mu+n87f/ACjgZUw" 414 + "gZIwCQYDVR0TBAIwADAdBgNVHQ4EFgQUtfQ3UVtdzOFR61FGoFYjYPQMcrowVgYD" 415 + "VR0jBE8wTYAUXDpazlmxsPlCMAfPz9WUR7IBMr+hMaQvMC0xKzApBgNVBAMMIlRl" 416 + "c3QgT25seSBVbnNlY3VyZSBJbnRlcm1lZGlhdGUgQ0GCAhAAMA4GA1UdDwEB/wQE" 417 + "AwIDCDANBgkqhkiG9w0BAQsFAAOCAQEAftHAGM4ZMX5+XV6MheqtKcUzQERLCelr" 418 + "R2tsL7ceFJxSE/Z8ct07pYhrNsepUe5JycRplwulzGDMBrLmn4xIRd7LwLHBl14e" 419 + "6cDWW90PffxxbscgjygDgsLKGmRJv8Xrs72agVZ1bTU1aD26pE47GmGTT3d1/4ai" 420 + "2nxygOQKtfb0EPTvVYMErvWrA69rr+wPMSWPetvcDGEZ8hWFr3iRtduExC9sRqnV" 421 + "5DhvZROQSZQtQ+Ja6g8BehUC9gPCES93EOQUYPpRQEeD1CE+1IKTyuH+ApynIKSj" 422 + "5+U1x+OE3UZYTTzEck/TJxTm+Sv4FfCvpwdmDAMTjEZXfuFR+7+5Og=="; 423 private static final String INSECURE_PRIVATE_KEY_FOR_ENDPOINT1_BASE64 = "" 424 + "MIGHAgEAMBMGByqGSM49AgEGCCqGSM49AwEHBG0wawIBAQQgdCqcARU7lWJVXKY/" 425 + "+DTlFC0dzcTvh1ufkfZdnoZoR7ShRANCAAS3S6JtfbCyXlLSA+WZHwk0Rr2hdjJX" 426 + "xGeJLnsAbVkESmoGL9wG2Qty2InpFQ9jFFJHvGR8a73RMQVqmNxwQvFh"; 427 getInsecureCertXmlBytesWithEndpoint1(int serial)428 public static byte[] getInsecureCertXmlBytesWithEndpoint1(int serial) { 429 String str = INSECURE_CERT_XML_HEADER; 430 str += serial; 431 str += INSECURE_CERT_XML_BODY; 432 str += INSECURE_CERT_XML_ENDPOINT1_CERT; 433 str += INSECURE_CERT_XML_FOOTER; 434 return str.getBytes(StandardCharsets.UTF_8); 435 } 436 getInsecureCertXmlBytesWithEndpoint2(int serial)437 public static byte[] getInsecureCertXmlBytesWithEndpoint2(int serial) { 438 String str = INSECURE_CERT_XML_HEADER; 439 str += serial; 440 str += INSECURE_CERT_XML_BODY; 441 str += INSECURE_CERT_XML_ENDPOINT2_CERT; 442 str += INSECURE_CERT_XML_FOOTER; 443 return str.getBytes(StandardCharsets.UTF_8); 444 } 445 getInsecureCertPathForEndpoint1()446 public static CertPath getInsecureCertPathForEndpoint1() throws Exception { 447 return decodeCertPath(INSECURE_CERT_PATH_FOR_ENDPOINT1_BASE64); 448 } 449 getInsecureCertPathForEndpoint2()450 public static CertPath getInsecureCertPathForEndpoint2() throws Exception { 451 return decodeCertPath(INSECURE_CERT_PATH_FOR_ENDPOINT2_BASE64); 452 } 453 getInsecurePrivateKeyForEndpoint1()454 public static PrivateKey getInsecurePrivateKeyForEndpoint1() throws Exception { 455 byte[] keyBytes = Base64.getDecoder().decode(INSECURE_PRIVATE_KEY_FOR_ENDPOINT1_BASE64); 456 KeyFactory kf = KeyFactory.getInstance("EC"); 457 PKCS8EncodedKeySpec skSpec = new PKCS8EncodedKeySpec(keyBytes); 458 return kf.generatePrivate(skSpec); 459 } 460 decodeCertPath(String base64CertPath)461 private static CertPath decodeCertPath(String base64CertPath) throws Exception { 462 byte[] certPathBytes = Base64.getDecoder().decode(base64CertPath); 463 CertificateFactory certFactory = CertificateFactory.getInstance("X.509"); 464 return certFactory.generateCertPath(new ByteArrayInputStream(certPathBytes), "PkiPath"); 465 } 466 } 467