aboutsummaryrefslogtreecommitdiffstats
path: root/libraries/spongycastle/prov/src/test/java/org/spongycastle/jce/provider/test/KeyStoreTest.java
diff options
context:
space:
mode:
Diffstat (limited to 'libraries/spongycastle/prov/src/test/java/org/spongycastle/jce/provider/test/KeyStoreTest.java')
-rw-r--r--libraries/spongycastle/prov/src/test/java/org/spongycastle/jce/provider/test/KeyStoreTest.java424
1 files changed, 0 insertions, 424 deletions
diff --git a/libraries/spongycastle/prov/src/test/java/org/spongycastle/jce/provider/test/KeyStoreTest.java b/libraries/spongycastle/prov/src/test/java/org/spongycastle/jce/provider/test/KeyStoreTest.java
deleted file mode 100644
index dd25100bd..000000000
--- a/libraries/spongycastle/prov/src/test/java/org/spongycastle/jce/provider/test/KeyStoreTest.java
+++ /dev/null
@@ -1,424 +0,0 @@
-package org.spongycastle.jce.provider.test;
-
-import java.io.ByteArrayInputStream;
-import java.io.ByteArrayOutputStream;
-import java.io.IOException;
-import java.math.BigInteger;
-import java.security.Key;
-import java.security.KeyFactory;
-import java.security.KeyPair;
-import java.security.KeyPairGenerator;
-import java.security.KeyStore;
-import java.security.PrivateKey;
-import java.security.PublicKey;
-import java.security.SecureRandom;
-import java.security.Security;
-import java.security.cert.Certificate;
-import java.security.cert.CertificateFactory;
-import java.security.cert.X509Certificate;
-import java.security.interfaces.RSAPrivateKey;
-import java.security.interfaces.RSAPublicKey;
-import java.security.spec.PKCS8EncodedKeySpec;
-import java.security.spec.X509EncodedKeySpec;
-import java.util.Date;
-import java.util.Hashtable;
-import java.util.Vector;
-
-import org.spongycastle.jce.X509Principal;
-import org.spongycastle.jce.provider.BouncyCastleProvider;
-import org.spongycastle.jce.spec.ECParameterSpec;
-import org.spongycastle.math.ec.ECCurve;
-import org.spongycastle.util.encoders.Base64;
-import org.spongycastle.util.encoders.Hex;
-import org.spongycastle.util.test.SimpleTest;
-import org.spongycastle.x509.X509V3CertificateGenerator;
-
-/**
- * Exercise the various key stores, making sure we at least get back what we put in!
- * <p>
- * This tests both the BKS, and the UBER key store.
- */
-public class KeyStoreTest
- extends SimpleTest
-{
- static char[] passwd = { 'h', 'e', 'l', 'l', 'o', ' ', 'w', 'o', 'r', 'l', 'd' };
-
- byte[] v1BKS = Base64.decode(
- "AAAAAQAAABTqZbNMyPjsFazhFplWWDMBLPRdRAAABcYEAAdhbmRyb2lkAAAB"
- + "NOifkPwAAAAAAAAAPAAAABTZOLhcyhB0gKyfoDvyQbpzftB7GgAABEYPrZP8"
- + "q20AJLETjDv0K9C5rIl1erpyvpv20bqcbghK6wD0b8OP5/XzOz/8knhxmqJZ"
- + "3yRJMw==");
- byte[] v2BKS = Base64.decode(
- "AAAAAgAAABSkmTXz4VIznO1SSUqsIHdxWcxsuQAABFMEAAdhbmRyb2lkAAABN" +
- "OifkPwAAAAAAAAAPAAAABTZOLhcyhB0gKyfoDvyQbpzftB7GgAABEYPrZP8q2" +
- "0AJLETjDv0K9C5rIl1erpyvpv20bqcbghK6wBO59KOGPvSrmJpd32P6ZAh9qLZJw==");
-
- byte[] v1UBER = Base64.decode(
- "AAAAAQAAABRP0F6p2p3FyQKqyJiJt3NbvdybiwAAB2znqrO779YIW5gMtbt+"
- + "NUs96VPPcfZiKJPg7RKH7Yu3CQB0/g9nYsvgFB0fQ05mHcW3KjntN2/31A6G"
- + "i00n4ZnUTjJL16puZnQrloeGXxFy58tjwkFuwJ7V7ELYgiZlls0beHSdDGQW"
- + "iyYECwWs1la/");
- byte[] v2UBER = Base64.decode(
- "AAAAAgAAABQ/D9k3376OG/REg4Ams9Up332tLQAABujoVcsRcKWwhlo4mMg5"
- + "lF2vJfK+okIYecJGWCvdykF5r8kDn68llt52IDXDkpRXVXcNJ0/aD7sa7iZ0"
- + "SL0TAwcfp/9v4j/w8slj/qgO0i/76+zROrP0NGFIa5k/iOg5Z0Tj77muMaJf"
- + "n3vLlIHa4IsX");
-
- byte[] negSaltBKS = Base64.decode(
- "AAAAAv////+WnyglO06djy6JgCxGiIemnZdcOwAAB2AEAAdhbmRyb2lkAAAB" +
- "NOifkPwAAAAAAAAAPAAAABTZOLhcyhB0gKyfoDvyQbpzftB7GgAABEYPrZP8" +
- "q20AJLETjDv0K9C5rIl1erpyvpv20bqcbghK6wDrg6gUHsh27wNjUwkR+REe" +
- "NeFYBg==");
-
- char[] oldStorePass = "fredfred".toCharArray();
-
- public void ecStoreTest(
- String storeName)
- throws Exception
- {
- ECCurve curve = new ECCurve.Fp(
- new BigInteger("883423532389192164791648750360308885314476597252960362792450860609699839"), // q
- new BigInteger("7fffffffffffffffffffffff7fffffffffff8000000000007ffffffffffc", 16), // a
- new BigInteger("6b016c3bdcf18941d0d654921475ca71a9db2fb27d1d37796185c2942c0a", 16)); // b
-
- ECParameterSpec ecSpec = new ECParameterSpec(
- curve,
- curve.decodePoint(Hex.decode("020ffa963cdca8816ccc33b8642bedf905c3d358573d3f27fbbd3b3cb9aaaf")), // G
- new BigInteger("883423532389192164791648750360308884807550341691627752275345424702807307")); // n
-
- KeyPairGenerator g = KeyPairGenerator.getInstance("ECDSA", "SC");
-
- g.initialize(ecSpec, new SecureRandom());
-
- KeyPair keyPair = g.generateKeyPair();
-
- PublicKey pubKey = keyPair.getPublic();
- PrivateKey privKey = keyPair.getPrivate();
-
- //
- // distinguished name table.
- //
- Hashtable attrs = new Hashtable();
- Vector order = new Vector();
-
- attrs.put(X509Principal.C, "AU");
- attrs.put(X509Principal.O, "The Legion of the Bouncy Castle");
- attrs.put(X509Principal.L, "Melbourne");
- attrs.put(X509Principal.ST, "Victoria");
- attrs.put(X509Principal.E, "feedback-crypto@bouncycastle.org");
-
- order.addElement(X509Principal.C);
- order.addElement(X509Principal.O);
- order.addElement(X509Principal.L);
- order.addElement(X509Principal.ST);
- order.addElement(X509Principal.E);
-
- //
- // create the certificate - version 3
- //
- X509V3CertificateGenerator certGen = new X509V3CertificateGenerator();
-
- certGen.setSerialNumber(BigInteger.valueOf(1));
- certGen.setIssuerDN(new X509Principal(order, attrs));
- certGen.setNotBefore(new Date(System.currentTimeMillis() - 50000));
- certGen.setNotAfter(new Date(System.currentTimeMillis() + 50000));
- certGen.setSubjectDN(new X509Principal(order, attrs));
- certGen.setPublicKey(pubKey);
- certGen.setSignatureAlgorithm("ECDSAwithSHA1");
-
- Certificate[] chain = new Certificate[1];
-
- try
- {
- X509Certificate cert = certGen.generate(privKey);
-
- cert.checkValidity(new Date());
-
- cert.verify(pubKey);
-
- ByteArrayInputStream bIn = new ByteArrayInputStream(cert.getEncoded());
- CertificateFactory fact = CertificateFactory.getInstance("X.509", "SC");
-
- cert = (X509Certificate)fact.generateCertificate(bIn);
-
- chain[0] = cert;
- }
- catch (Exception e)
- {
- fail("error generating cert - " + e.toString());
- }
-
- KeyStore store = KeyStore.getInstance(storeName, "SC");
-
- store.load(null, null);
-
- store.setKeyEntry("private", privKey, passwd, chain);
-
- //
- // write out and read back store
- //
- ByteArrayOutputStream bOut = new ByteArrayOutputStream();
-
- store.store(bOut, passwd);
-
- ByteArrayInputStream bIn = new ByteArrayInputStream(bOut.toByteArray());
-
- //
- // start with a new key store
- //
- store = KeyStore.getInstance(storeName, "SC");
-
- store.load(bIn, passwd);
-
- //
- // load the private key
- //
- privKey = (PrivateKey)store.getKey("private", passwd);
-
- //
- // double public key encoding test
- //
- byte[] pubEnc = pubKey.getEncoded();
- KeyFactory keyFac = KeyFactory.getInstance(pubKey.getAlgorithm(), "SC");
- X509EncodedKeySpec pubX509 = new X509EncodedKeySpec(pubEnc);
-
- pubKey = (PublicKey)keyFac.generatePublic(pubX509);
-
- pubEnc = pubKey.getEncoded();
- keyFac = KeyFactory.getInstance(pubKey.getAlgorithm(), "SC");
- pubX509 = new X509EncodedKeySpec(pubEnc);
-
- pubKey = (PublicKey)keyFac.generatePublic(pubX509);
-
- //
- // double private key encoding test
- //
- byte[] privEnc = privKey.getEncoded();
-
- keyFac = KeyFactory.getInstance(privKey.getAlgorithm(), "SC");
-
- PKCS8EncodedKeySpec privPKCS8 = new PKCS8EncodedKeySpec(privEnc);
- privKey = (PrivateKey)keyFac.generatePrivate(privPKCS8);
-
- keyFac = KeyFactory.getInstance(privKey.getAlgorithm(), "SC");
- privPKCS8 = new PKCS8EncodedKeySpec(privEnc);
- privKey = (PrivateKey)keyFac.generatePrivate(privPKCS8);
- }
-
- public void keyStoreTest(
- String storeName)
- throws Exception
- {
- KeyStore store = KeyStore.getInstance(storeName, "SC");
-
- store.load(null, null);
-
- KeyPairGenerator gen = KeyPairGenerator.getInstance("RSA", "SC");
-
- gen.initialize(1024, new SecureRandom());
-
- KeyPair pair = gen.generateKeyPair();
- RSAPrivateKey privKey = (RSAPrivateKey)pair.getPrivate();
- RSAPublicKey pubKey = (RSAPublicKey)pair.getPublic();
- BigInteger modulus = privKey.getModulus();
- BigInteger privateExponent = privKey.getPrivateExponent();
-
-
- //
- // distinguished name table.
- //
- Hashtable attrs = new Hashtable();
- Vector order = new Vector();
-
- attrs.put(X509Principal.C, "AU");
- attrs.put(X509Principal.O, "The Legion of the Bouncy Castle");
- attrs.put(X509Principal.L, "Melbourne");
- attrs.put(X509Principal.ST, "Victoria");
- attrs.put(X509Principal.EmailAddress, "feedback-crypto@bouncycastle.org");
-
- order.addElement(X509Principal.C);
- order.addElement(X509Principal.O);
- order.addElement(X509Principal.L);
- order.addElement(X509Principal.ST);
- order.addElement(X509Principal.EmailAddress);
-
- //
- // extensions
- //
-
- //
- // create the certificate.
- //
- X509V3CertificateGenerator certGen = new X509V3CertificateGenerator();
-
- certGen.setSerialNumber(BigInteger.valueOf(1));
- certGen.setIssuerDN(new X509Principal(order, attrs));
- certGen.setNotBefore(new Date(System.currentTimeMillis() - 50000));
- certGen.setNotAfter(new Date(System.currentTimeMillis() + 50000));
- certGen.setSubjectDN(new X509Principal(order, attrs));
- certGen.setPublicKey(pubKey);
- certGen.setSignatureAlgorithm("MD5WithRSAEncryption");
-
- Certificate[] chain = new Certificate[1];
-
- try
- {
- X509Certificate cert = certGen.generate(privKey);
-
- cert.checkValidity(new Date());
-
- cert.verify(pubKey);
-
- ByteArrayInputStream bIn = new ByteArrayInputStream(cert.getEncoded());
- CertificateFactory fact = CertificateFactory.getInstance("X.509", "SC");
-
- cert = (X509Certificate)fact.generateCertificate(bIn);
-
- chain[0] = cert;
- }
- catch (Exception e)
- {
- fail("error generating cert - " + e.toString());
- }
-
- store.setKeyEntry("private", privKey, passwd, chain);
-
- //
- // write out and read back store
- //
- ByteArrayOutputStream bOut = new ByteArrayOutputStream();
-
- store.store(bOut, passwd);
-
- ByteArrayInputStream bIn = new ByteArrayInputStream(bOut.toByteArray());
-
- //
- // start with a new key store
- //
- store = KeyStore.getInstance(storeName, "SC");
-
- store.load(bIn, passwd);
-
- //
- // verify public key
- //
- privKey = (RSAPrivateKey)store.getKey("private", passwd);
-
- if (!privKey.getModulus().equals(modulus))
- {
- fail("private key modulus wrong");
- }
- else if (!privKey.getPrivateExponent().equals(privateExponent))
- {
- fail("private key exponent wrong");
- }
-
- //
- // verify certificate
- //
- Certificate cert = store.getCertificateChain("private")[0];
-
- cert.verify(pubKey);
- }
-
- private void oldStoreTest()
- throws Exception
- {
- checkStore(KeyStore.getInstance("BKS", "SC"), v1BKS);
- checkStore(KeyStore.getInstance("BKS", "SC"), v2BKS);
- checkStore(KeyStore.getInstance("UBER", "SC"), v1UBER);
- checkStore(KeyStore.getInstance("UBER", "SC"), v2UBER);
-
- checkOldStore(KeyStore.getInstance("BKS-V1", "SC"), v1BKS);
- checkOldStore(KeyStore.getInstance("BKS-V1", "SC"), v2BKS);
- }
-
- private void checkStore(KeyStore ks, byte[] data)
- throws Exception
- {
- ks.load(new ByteArrayInputStream(data), oldStorePass);
-
- if (!ks.containsAlias("android"))
- {
- fail("cannot find alias");
- }
-
- Key key = ks.getKey("android", oldStorePass);
- if (key == null)
- {
- fail("cannot find key");
- }
-
- ByteArrayOutputStream bOut = new ByteArrayOutputStream();
-
- ks.store(bOut, oldStorePass);
- }
-
- private void checkOldStore(KeyStore ks, byte[] data)
- throws Exception
- {
- ks.load(new ByteArrayInputStream(data), oldStorePass);
-
- if (!ks.containsAlias("android"))
- {
- fail("cannot find alias");
- }
-
- Key key = ks.getKey("android", oldStorePass);
- if (key == null)
- {
- fail("cannot find key");
- }
-
- ByteArrayOutputStream bOut = new ByteArrayOutputStream();
-
- ks.store(bOut, oldStorePass);
-
- if (data.length != bOut.toByteArray().length)
- {
- fail("Old version key store write incorrect");
- }
- }
-
- private void checkException()
- throws Exception
- {
- KeyStore ks = KeyStore.getInstance("BKS", "SC");
-
- try
- {
- ks.load(new ByteArrayInputStream(negSaltBKS), oldStorePass);
- }
- catch (IOException e)
- {
- if (!e.getMessage().equals("Invalid salt detected"))
- {
- fail("negative salt length not detected");
- }
- }
- }
-
- public String getName()
- {
- return "KeyStore";
- }
-
- public void performTest()
- throws Exception
- {
- keyStoreTest("BKS");
- keyStoreTest("UBER");
- keyStoreTest("BKS-V1");
- ecStoreTest("BKS");
- oldStoreTest();
- checkException();
- }
-
- public static void main(
- String[] args)
- {
- Security.addProvider(new BouncyCastleProvider());
-
- runTest(new KeyStoreTest());
- }
-}
generated by cgit v1.2.3 (git 2.25.1) at 2024-06-02 13:03:53 +0000