1 files changed, 178 insertions, 0 deletions

diff --git a/libraries/spongycastle/prov/src/test/java/org/spongycastle/jce/provider/test/CertUniqueIDTest.java b/libraries/spongycastle/prov/src/test/java/org/spongycastle/jce/provider/test/CertUniqueIDTest.java
new file mode 100644
index 000000000..c12d08cff
--- /dev/null
+++ b/libraries/spongycastle/prov/src/test/java/org/spongycastle/jce/provider/test/CertUniqueIDTest.java
@@ -0,0 +1,178 @@
+package org.spongycastle.jce.provider.test;
+
+import java.math.BigInteger;
+import java.security.KeyFactory;
+import java.security.PrivateKey;
+import java.security.PublicKey;
+import java.security.Security;
+import java.security.cert.X509Certificate;
+import java.security.spec.RSAPrivateCrtKeySpec;
+import java.security.spec.RSAPublicKeySpec;
+import java.util.Date;
+import java.util.Set;
+import java.util.Vector;
+
+import org.spongycastle.jce.X509Principal;
+import org.spongycastle.jce.provider.BouncyCastleProvider;
+import org.spongycastle.util.Arrays;
+import org.spongycastle.util.test.SimpleTest;
+import org.spongycastle.x509.X509V3CertificateGenerator;
+
+public class CertUniqueIDTest
+    extends SimpleTest
+{
+  public String getName()
+  {
+      return "CertUniqueID";
+  }
+
+  public void performTest() throws Exception
+  {
+    checkCreation1();
+  }
+
+  /**
+   * we generate a self signed certificate for the sake of testing - RSA
+   */
+  public void checkCreation1()
+      throws Exception
+  {
+      //
+      // a sample key pair.
+      //
+      RSAPublicKeySpec pubKeySpec = new RSAPublicKeySpec(
+          new BigInteger("b4a7e46170574f16a97082b22be58b6a2a629798419be12872a4bdba626cfae9900f76abfb12139dce5de56564fab2b6543165a040c606887420e33d91ed7ed7", 16),
+          new BigInteger("11", 16));
+
+      RSAPrivateCrtKeySpec privKeySpec = new RSAPrivateCrtKeySpec(
+          new BigInteger("b4a7e46170574f16a97082b22be58b6a2a629798419be12872a4bdba626cfae9900f76abfb12139dce5de56564fab2b6543165a040c606887420e33d91ed7ed7", 16),
+          new BigInteger("11", 16),
+          new BigInteger("9f66f6b05410cd503b2709e88115d55daced94d1a34d4e32bf824d0dde6028ae79c5f07b580f5dce240d7111f7ddb130a7945cd7d957d1920994da389f490c89", 16),
+          new BigInteger("c0a0758cdf14256f78d4708c86becdead1b50ad4ad6c5c703e2168fbf37884cb", 16),
+          new BigInteger("f01734d7960ea60070f1b06f2bb81bfac48ff192ae18451d5e56c734a5aab8a5", 16),
+          new BigInteger("b54bb9edff22051d9ee60f9351a48591b6500a319429c069a3e335a1d6171391", 16),
+          new BigInteger("d3d83daf2a0cecd3367ae6f8ae1aeb82e9ac2f816c6fc483533d8297dd7884cd", 16),
+          new BigInteger("b8f52fc6f38593dabb661d3f50f8897f8106eee68b1bce78a95b132b4e5b5d19", 16));
+
+      //
+      // set up the keys
+      //
+      PrivateKey          privKey;
+      PublicKey           pubKey;
+
+      KeyFactory  fact = KeyFactory.getInstance("RSA", "SC");
+
+      privKey = fact.generatePrivate(privKeySpec);
+      pubKey = fact.generatePublic(pubKeySpec);
+
+      //
+      // distinguished name table.
+      //
+      Vector                      ord = new Vector();
+      Vector                      values = new Vector();
+
+      ord.addElement(X509Principal.C);
+      ord.addElement(X509Principal.O);
+      ord.addElement(X509Principal.L);
+      ord.addElement(X509Principal.ST);
+      ord.addElement(X509Principal.E);
+
+      values.addElement("AU");
+      values.addElement("The Legion of the Bouncy Castle");
+      values.addElement("Melbourne");
+      values.addElement("Victoria");
+      values.addElement("feedback-crypto@bouncycastle.org");
+
+      //
+      // extensions
+      //
+
+      //
+      // create the certificate - version 3 - without subject unique ID
+      //
+      X509V3CertificateGenerator  certGen = new X509V3CertificateGenerator();
+
+      certGen.setSerialNumber(BigInteger.valueOf(1));
+      certGen.setIssuerDN(new X509Principal(ord, values));
+      certGen.setNotBefore(new Date(System.currentTimeMillis() - 50000));
+      certGen.setNotAfter(new Date(System.currentTimeMillis() + 50000));
+      certGen.setSubjectDN(new X509Principal(ord, values));
+      certGen.setPublicKey(pubKey);
+      certGen.setSignatureAlgorithm("SHA256WithRSAEncryption");
+
+      X509Certificate cert = certGen.generate(privKey);
+
+      cert.checkValidity(new Date());
+
+      cert.verify(pubKey);
+
+      Set dummySet = cert.getNonCriticalExtensionOIDs();
+      if (dummySet != null)
+      {
+          fail("non-critical oid set should be null");
+      }
+      dummySet = cert.getCriticalExtensionOIDs();
+      if (dummySet != null)
+      {
+          fail("critical oid set should be null");
+      }
+
+      //
+      // create the certificate - version 3 - with subject unique ID
+      //
+      certGen = new X509V3CertificateGenerator();
+
+      certGen.setSerialNumber(BigInteger.valueOf(1));
+      certGen.setIssuerDN(new X509Principal(ord, values));
+      certGen.setNotBefore(new Date(System.currentTimeMillis() - 50000));
+      certGen.setNotAfter(new Date(System.currentTimeMillis() + 50000));
+      certGen.setSubjectDN(new X509Principal(ord, values));
+      certGen.setPublicKey(pubKey);
+      certGen.setSignatureAlgorithm("MD5WithRSAEncryption");
+
+      boolean[] subjectUniqID = {true, false, false, false, true, false, false, true, false, true, true};
+
+      certGen.setSubjectUniqueID(subjectUniqID);
+
+      boolean[] issuerUniqID = {false, false, true, false, true, false, false, false, true, false, false, true, false, true, true};
+
+      certGen.setIssuerUniqueID(issuerUniqID);
+
+      cert = certGen.generate(privKey);
+
+      cert.checkValidity(new Date());
+
+      cert.verify(pubKey);
+
+      boolean[] subjectUniqueId = cert.getSubjectUniqueID();
+      if (!Arrays.areEqual(subjectUniqID, subjectUniqueId))
+      {
+          fail("Subject unique id is not correct, original: "+arrayToString(subjectUniqID)+", from cert: "+arrayToString(subjectUniqueId));
+      }
+
+      boolean[] issuerUniqueId = cert.getIssuerUniqueID();
+      if (!Arrays.areEqual(issuerUniqID, issuerUniqueId))
+      {
+          fail("Issuer unique id is not correct, original: "+arrayToString(issuerUniqID)+", from cert: "+arrayToString(subjectUniqueId));
+      }
+  }
+
+  private String arrayToString(boolean[] array)
+  {
+      StringBuffer b = new StringBuffer();
+
+      for (int i = 0; i != array.length; i++)
+      {
+          b.append(array[i] ? "1" : "0");
+      }
+
+      return b.toString();
+  }
+  public static void main(
+      String[]    args)
+  {
+      Security.addProvider(new BouncyCastleProvider());
+
+      runTest(new CertUniqueIDTest());
+  }
+}