diff options
Diffstat (limited to 'libraries/spongycastle/core/src/test/java/org/spongycastle/asn1/test/GenerationTest.java')
-rw-r--r-- | libraries/spongycastle/core/src/test/java/org/spongycastle/asn1/test/GenerationTest.java | 428 |
1 files changed, 0 insertions, 428 deletions
diff --git a/libraries/spongycastle/core/src/test/java/org/spongycastle/asn1/test/GenerationTest.java b/libraries/spongycastle/core/src/test/java/org/spongycastle/asn1/test/GenerationTest.java deleted file mode 100644 index 6febc0583..000000000 --- a/libraries/spongycastle/core/src/test/java/org/spongycastle/asn1/test/GenerationTest.java +++ /dev/null @@ -1,428 +0,0 @@ -package org.spongycastle.asn1.test; - -import java.io.ByteArrayInputStream; -import java.io.ByteArrayOutputStream; -import java.io.IOException; -import java.math.BigInteger; -import java.text.ParseException; -import java.util.Date; -import java.util.Hashtable; -import java.util.Vector; - -import org.spongycastle.asn1.ASN1EncodableVector; -import org.spongycastle.asn1.ASN1GeneralizedTime; -import org.spongycastle.asn1.ASN1InputStream; -import org.spongycastle.asn1.ASN1Integer; -import org.spongycastle.asn1.ASN1OutputStream; -import org.spongycastle.asn1.ASN1Primitive; -import org.spongycastle.asn1.DERNull; -import org.spongycastle.asn1.DEROctetString; -import org.spongycastle.asn1.DERSequence; -import org.spongycastle.asn1.oiw.ElGamalParameter; -import org.spongycastle.asn1.oiw.OIWObjectIdentifiers; -import org.spongycastle.asn1.pkcs.PKCSObjectIdentifiers; -import org.spongycastle.asn1.x500.X500Name; -import org.spongycastle.asn1.x509.AlgorithmIdentifier; -import org.spongycastle.asn1.x509.AuthorityKeyIdentifier; -import org.spongycastle.asn1.x509.CRLReason; -import org.spongycastle.asn1.x509.Extension; -import org.spongycastle.asn1.x509.Extensions; -import org.spongycastle.asn1.x509.ExtensionsGenerator; -import org.spongycastle.asn1.x509.GeneralName; -import org.spongycastle.asn1.x509.GeneralNames; -import org.spongycastle.asn1.x509.IssuingDistributionPoint; -import org.spongycastle.asn1.x509.KeyUsage; -import org.spongycastle.asn1.x509.RSAPublicKeyStructure; -import org.spongycastle.asn1.x509.SubjectKeyIdentifier; -import org.spongycastle.asn1.x509.SubjectPublicKeyInfo; -import org.spongycastle.asn1.x509.TBSCertList; -import org.spongycastle.asn1.x509.TBSCertificate; -import org.spongycastle.asn1.x509.Time; -import org.spongycastle.asn1.x509.V1TBSCertificateGenerator; -import org.spongycastle.asn1.x509.V2TBSCertListGenerator; -import org.spongycastle.asn1.x509.V3TBSCertificateGenerator; -import org.spongycastle.asn1.x509.X509Extension; -import org.spongycastle.asn1.x509.X509Extensions; -import org.spongycastle.asn1.x509.X509Name; -import org.spongycastle.util.Arrays; -import org.spongycastle.util.encoders.Base64; -import org.spongycastle.util.test.SimpleTest; - -public class GenerationTest - extends SimpleTest -{ - private byte[] v1Cert = Base64.decode( - "MIGtAgEBMA0GCSqGSIb3DQEBBAUAMCUxCzAJBgNVBAMMAkFVMRYwFAYDVQQKDA1Cb" - + "3VuY3kgQ2FzdGxlMB4XDTcwMDEwMTAwMDAwMVoXDTcwMDEwMTAwMDAxMlowNjELMA" - + "kGA1UEAwwCQVUxFjAUBgNVBAoMDUJvdW5jeSBDYXN0bGUxDzANBgNVBAsMBlRlc3Q" - + "gMTAaMA0GCSqGSIb3DQEBAQUAAwkAMAYCAQECAQI="); - - private byte[] v3Cert = Base64.decode( - "MIIBSKADAgECAgECMA0GCSqGSIb3DQEBBAUAMCUxCzAJBgNVBAMMAkFVMRYwFAYD" - + "VQQKDA1Cb3VuY3kgQ2FzdGxlMB4XDTcwMDEwMTAwMDAwMVoXDTcwMDEwMTAwMDAw" - + "MlowNjELMAkGA1UEAwwCQVUxFjAUBgNVBAoMDUJvdW5jeSBDYXN0bGUxDzANBgNV" - + "BAsMBlRlc3QgMjAYMBAGBisOBwIBATAGAgEBAgECAwQAAgEDo4GVMIGSMGEGA1Ud" - + "IwEB/wRXMFWAFDZPdpHPzKi7o8EJokkQU2uqCHRRoTqkODA2MQswCQYDVQQDDAJB" - + "VTEWMBQGA1UECgwNQm91bmN5IENhc3RsZTEPMA0GA1UECwwGVGVzdCAyggECMCAG" - + "A1UdDgEB/wQWBBQ2T3aRz8you6PBCaJJEFNrqgh0UTALBgNVHQ8EBAMCBBA="); - - private byte[] v3CertNullSubject = Base64.decode( - "MIHGoAMCAQICAQIwDQYJKoZIhvcNAQEEBQAwJTELMAkGA1UEAwwCQVUxFjAUBgNVB" - + "AoMDUJvdW5jeSBDYXN0bGUwHhcNNzAwMTAxMDAwMDAxWhcNNzAwMTAxMDAwMDAyWj" - + "AAMBgwEAYGKw4HAgEBMAYCAQECAQIDBAACAQOjSjBIMEYGA1UdEQEB/wQ8MDqkODA" - + "2MQswCQYDVQQDDAJBVTEWMBQGA1UECgwNQm91bmN5IENhc3RsZTEPMA0GA1UECwwG" - + "VGVzdCAy"); - - private byte[] v2CertList = Base64.decode( - "MIIBQwIBATANBgkqhkiG9w0BAQUFADAlMQswCQYDVQQDDAJBVTEWMBQGA1UECgwN" + - "Qm91bmN5IENhc3RsZRcNNzAwMTAxMDAwMDAwWhcNNzAwMTAxMDAwMDAyWjAiMCAC" + - "AQEXDTcwMDEwMTAwMDAwMVowDDAKBgNVHRUEAwoBCqCBxTCBwjBhBgNVHSMBAf8E" + - "VzBVgBQ2T3aRz8you6PBCaJJEFNrqgh0UaE6pDgwNjELMAkGA1UEAwwCQVUxFjAU" + - "BgNVBAoMDUJvdW5jeSBDYXN0bGUxDzANBgNVBAsMBlRlc3QgMoIBAjBDBgNVHRIE" + - "PDA6pDgwNjELMAkGA1UEAwwCQVUxFjAUBgNVBAoMDUJvdW5jeSBDYXN0bGUxDzAN" + - "BgNVBAsMBlRlc3QgMzAKBgNVHRQEAwIBATAMBgNVHRwBAf8EAjAA"); - - private void tbsV1CertGen() - throws IOException - { - V1TBSCertificateGenerator gen = new V1TBSCertificateGenerator(); - Date startDate = new Date(1000); - Date endDate = new Date(12000); - - gen.setSerialNumber(new ASN1Integer(1)); - - gen.setStartDate(new Time(startDate)); - gen.setEndDate(new Time(endDate)); - - gen.setIssuer(new X500Name("CN=AU,O=Bouncy Castle")); - gen.setSubject(new X500Name("CN=AU,O=Bouncy Castle,OU=Test 1")); - - gen.setSignature(new AlgorithmIdentifier(PKCSObjectIdentifiers.md5WithRSAEncryption, DERNull.INSTANCE)); - - SubjectPublicKeyInfo info = new SubjectPublicKeyInfo(new AlgorithmIdentifier(PKCSObjectIdentifiers.rsaEncryption, DERNull.INSTANCE), - new RSAPublicKeyStructure(BigInteger.valueOf(1), BigInteger.valueOf(2))); - - gen.setSubjectPublicKeyInfo(info); - - TBSCertificate tbs = gen.generateTBSCertificate(); - ByteArrayOutputStream bOut = new ByteArrayOutputStream(); - ASN1OutputStream aOut = new ASN1OutputStream(bOut); - - aOut.writeObject(tbs); - - if (!Arrays.areEqual(bOut.toByteArray(), v1Cert)) - { - fail("failed v1 cert generation"); - } - - // - // read back test - // - ASN1InputStream aIn = new ASN1InputStream(new ByteArrayInputStream(v1Cert)); - ASN1Primitive o = aIn.readObject(); - - bOut = new ByteArrayOutputStream(); - aOut = new ASN1OutputStream(bOut); - - aOut.writeObject(o); - - if (!Arrays.areEqual(bOut.toByteArray(), v1Cert)) - { - fail("failed v1 cert read back test"); - } - } - - private AuthorityKeyIdentifier createAuthorityKeyId( - SubjectPublicKeyInfo info, - X500Name name, - int sNumber) - { - GeneralName genName = new GeneralName(name); - ASN1EncodableVector v = new ASN1EncodableVector(); - - v.add(genName); - - return new AuthorityKeyIdentifier( - info, GeneralNames.getInstance(new DERSequence(v)), BigInteger.valueOf(sNumber)); - } - - private void tbsV3CertGen() - throws IOException - { - V3TBSCertificateGenerator gen = new V3TBSCertificateGenerator(); - Date startDate = new Date(1000); - Date endDate = new Date(2000); - - gen.setSerialNumber(new ASN1Integer(2)); - - gen.setStartDate(new Time(startDate)); - gen.setEndDate(new Time(endDate)); - - gen.setIssuer(new X500Name("CN=AU,O=Bouncy Castle")); - gen.setSubject(new X500Name("CN=AU,O=Bouncy Castle,OU=Test 2")); - - gen.setSignature(new AlgorithmIdentifier(PKCSObjectIdentifiers.md5WithRSAEncryption, DERNull.INSTANCE)); - - SubjectPublicKeyInfo info = new SubjectPublicKeyInfo(new AlgorithmIdentifier(OIWObjectIdentifiers.elGamalAlgorithm, new ElGamalParameter(BigInteger.valueOf(1), BigInteger.valueOf(2))), new ASN1Integer(3)); - - gen.setSubjectPublicKeyInfo(info); - - // - // add extensions - // - Vector order = new Vector(); - Hashtable extensions = new Hashtable(); - - order.addElement(X509Extension.authorityKeyIdentifier); - order.addElement(X509Extension.subjectKeyIdentifier); - order.addElement(X509Extension.keyUsage); - - extensions.put(X509Extension.authorityKeyIdentifier, new X509Extension(true, new DEROctetString(createAuthorityKeyId(info, new X500Name("CN=AU,O=Bouncy Castle,OU=Test 2"), 2)))); - extensions.put(X509Extension.subjectKeyIdentifier, new X509Extension(true, new DEROctetString(new SubjectKeyIdentifier(info)))); - extensions.put(X509Extension.keyUsage, new X509Extension(false, new DEROctetString(new KeyUsage(KeyUsage.dataEncipherment)))); - - X509Extensions ex = new X509Extensions(order, extensions); - - gen.setExtensions(ex); - - TBSCertificate tbs = gen.generateTBSCertificate(); - ByteArrayOutputStream bOut = new ByteArrayOutputStream(); - ASN1OutputStream aOut = new ASN1OutputStream(bOut); - - aOut.writeObject(tbs); - - if (!Arrays.areEqual(bOut.toByteArray(), v3Cert)) - { - fail("failed v3 cert generation"); - } - - // - // read back test - // - ASN1InputStream aIn = new ASN1InputStream(new ByteArrayInputStream(v3Cert)); - ASN1Primitive o = aIn.readObject(); - - bOut = new ByteArrayOutputStream(); - aOut = new ASN1OutputStream(bOut); - - aOut.writeObject(o); - - if (!Arrays.areEqual(bOut.toByteArray(), v3Cert)) - { - fail("failed v3 cert read back test"); - } - } - - private void tbsV3CertGenWithNullSubject() - throws IOException - { - V3TBSCertificateGenerator gen = new V3TBSCertificateGenerator(); - Date startDate = new Date(1000); - Date endDate = new Date(2000); - - gen.setSerialNumber(new ASN1Integer(2)); - - gen.setStartDate(new Time(startDate)); - gen.setEndDate(new Time(endDate)); - - gen.setIssuer(new X500Name("CN=AU,O=Bouncy Castle")); - - gen.setSignature(new AlgorithmIdentifier(PKCSObjectIdentifiers.md5WithRSAEncryption, DERNull.INSTANCE)); - - SubjectPublicKeyInfo info = new SubjectPublicKeyInfo(new AlgorithmIdentifier(OIWObjectIdentifiers.elGamalAlgorithm, new ElGamalParameter(BigInteger.valueOf(1), BigInteger.valueOf(2))), new ASN1Integer(3)); - - gen.setSubjectPublicKeyInfo(info); - - try - { - gen.generateTBSCertificate(); - fail("null subject not caught!"); - } - catch (IllegalStateException e) - { - if (!e.getMessage().equals("not all mandatory fields set in V3 TBScertificate generator")) - { - fail("unexpected exception", e); - } - } - - // - // add extensions - // - Vector order = new Vector(); - Hashtable extensions = new Hashtable(); - - order.addElement(X509Extension.subjectAlternativeName); - - extensions.put(X509Extension.subjectAlternativeName, new X509Extension(true, new DEROctetString(new GeneralNames(new GeneralName(new X509Name("CN=AU,O=Bouncy Castle,OU=Test 2")))))); - - X509Extensions ex = new X509Extensions(order, extensions); - - gen.setExtensions(ex); - - TBSCertificate tbs = gen.generateTBSCertificate(); - ByteArrayOutputStream bOut = new ByteArrayOutputStream(); - ASN1OutputStream aOut = new ASN1OutputStream(bOut); - - aOut.writeObject(tbs); - - if (!Arrays.areEqual(bOut.toByteArray(), v3CertNullSubject)) - { - fail("failed v3 null sub cert generation"); - } - - // - // read back test - // - ASN1InputStream aIn = new ASN1InputStream(new ByteArrayInputStream(v3CertNullSubject)); - ASN1Primitive o = aIn.readObject(); - - bOut = new ByteArrayOutputStream(); - aOut = new ASN1OutputStream(bOut); - - aOut.writeObject(o); - - if (!Arrays.areEqual(bOut.toByteArray(), v3CertNullSubject)) - { - fail("failed v3 null sub cert read back test"); - } - } - - private void tbsV2CertListGen() - throws IOException - { - V2TBSCertListGenerator gen = new V2TBSCertListGenerator(); - - gen.setIssuer(new X500Name("CN=AU,O=Bouncy Castle")); - - gen.addCRLEntry(new ASN1Integer(1), new Time(new Date(1000)), CRLReason.aACompromise); - - gen.setNextUpdate(new Time(new Date(2000))); - - gen.setThisUpdate(new Time(new Date(500))); - - gen.setSignature(new AlgorithmIdentifier(PKCSObjectIdentifiers.sha1WithRSAEncryption, DERNull.INSTANCE)); - - // - // extensions - // - SubjectPublicKeyInfo info = new SubjectPublicKeyInfo(new AlgorithmIdentifier(OIWObjectIdentifiers.elGamalAlgorithm, new ElGamalParameter(BigInteger.valueOf(1), BigInteger.valueOf(2))), new ASN1Integer(3)); - - ExtensionsGenerator extGen = new ExtensionsGenerator(); - - extGen.addExtension(Extension.authorityKeyIdentifier, true, createAuthorityKeyId(info, new X500Name("CN=AU,O=Bouncy Castle,OU=Test 2"), 2)); - extGen.addExtension(Extension.issuerAlternativeName, false, new GeneralNames(new GeneralName(new X500Name("CN=AU,O=Bouncy Castle,OU=Test 3")))); - extGen.addExtension(Extension.cRLNumber, false, new ASN1Integer(1)); - extGen.addExtension(Extension.issuingDistributionPoint, true, IssuingDistributionPoint.getInstance(new DERSequence())); - - Extensions ex = extGen.generate(); - - gen.setExtensions(ex); - - TBSCertList tbs = gen.generateTBSCertList(); - ByteArrayOutputStream bOut = new ByteArrayOutputStream(); - ASN1OutputStream aOut = new ASN1OutputStream(bOut); - - aOut.writeObject(tbs); - - if (!Arrays.areEqual(bOut.toByteArray(), v2CertList)) - { - System.out.println(new String(Base64.encode(bOut.toByteArray()))); - fail("failed v2 cert list generation"); - } - - // - // read back test - // - ASN1InputStream aIn = new ASN1InputStream(new ByteArrayInputStream(v2CertList)); - ASN1Primitive o = aIn.readObject(); - - bOut = new ByteArrayOutputStream(); - aOut = new ASN1OutputStream(bOut); - - aOut.writeObject(o); - - if (!Arrays.areEqual(bOut.toByteArray(), v2CertList)) - { - fail("failed v2 cert list read back test"); - } - - // - // check we can add a custom reason - // - gen.addCRLEntry(new ASN1Integer(1), new Time(new Date(1000)), CRLReason.aACompromise); - - // - // check invalidity date - gen.addCRLEntry(new ASN1Integer(2), new Time(new Date(1000)), CRLReason.affiliationChanged, new ASN1GeneralizedTime(new Date(2000))); - - TBSCertList crl = gen.generateTBSCertList(); - - TBSCertList.CRLEntry[] entries = crl.getRevokedCertificates(); - for (int i = 0; i != entries.length; i++) - { - TBSCertList.CRLEntry entry = entries[i]; - - if (entry.getUserCertificate().equals(new ASN1Integer(1))) - { - Extensions extensions = entry.getExtensions(); - Extension ext = extensions.getExtension(Extension.reasonCode); - - CRLReason r = CRLReason.getInstance(ext.getParsedValue()); - - if (r.getValue().intValue() != CRLReason.aACompromise) - { - fail("reason code mismatch"); - } - } - else if (entry.getUserCertificate().equals(new ASN1Integer(2))) - { - Extensions extensions = entry.getExtensions(); - Extension ext = extensions.getExtension(Extension.reasonCode); - - CRLReason r = CRLReason.getInstance(ext.getParsedValue()); - - if (r.getValue().intValue() != CRLReason.affiliationChanged) - { - fail("reason code mismatch"); - } - - ext = extensions.getExtension(Extension.invalidityDate); - - ASN1GeneralizedTime t = ASN1GeneralizedTime.getInstance(ext.getParsedValue()); - - try - { - if (!t.getDate().equals(new Date(2000))) - { - fail("invalidity date mismatch"); - } - } - catch (ParseException e) - { - fail("can't parse date", e); - } - } - } - } - - public void performTest() - throws Exception - { - tbsV1CertGen(); - tbsV3CertGen(); - tbsV3CertGenWithNullSubject(); - tbsV2CertListGen(); - } - - public String getName() - { - return "Generation"; - } - - public static void main( - String[] args) - { - runTest(new GenerationTest()); - } -} |