libraries/spongycastle/prov/src/test/java/org/spongycastle/jce/provider/test/rsa3/RSA3CertTest.java


1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
76
77
78
79
80
81
82
83
84
85
86
87
88
89
90
91
92
93
94
95
96
97
98
99
100
101
102
103
104
105
106
107
108
109
110
111
112
113
114
115
116
117
118
119
120
121
122
123
124
125
126
127
128
129
130
131

package org.spongycastle.jce.provider.test.rsa3;

import java.security.Security;
import java.security.Signature;
import java.security.cert.CertificateFactory;
import java.security.cert.X509Certificate;

import junit.framework.Test;
import junit.framework.TestCase;
import junit.framework.TestSuite;

/**
 * Marius Schilder's Bleichenbacher's Forgery Attack Tests
 */
public class RSA3CertTest
    extends TestCase
{
    public void setUp()
    {
        if (Security.getProvider("SC") == null)
        {
            Security.addProvider(new org.spongycastle.jce.provider.BouncyCastleProvider());
        }
    }
    
    public void testA()
        throws Exception
    {
        doTest("self-testcase-A.pem");
    }

    public void testB()
        throws Exception
    {
        doTest("self-testcase-B.pem");
    }
    
    public void testC()
        throws Exception
    {
        doTest("self-testcase-C.pem");
    }
    
    public void testD()
        throws Exception
    {
        doTest("self-testcase-D.pem");
    }
    
    public void testE()
        throws Exception
    {
        doTest("self-testcase-E.pem");
    }
    
    public void testF()
        throws Exception
    {
        doTest("self-testcase-F.pem");
    }
    
    public void testG()
        throws Exception
    {
        doTest("self-testcase-G.pem");
    }
    
    public void testH()
        throws Exception
    {
        doTest("self-testcase-H.pem");
    }
    
    public void testI()
        throws Exception
    {
        doTest("self-testcase-I.pem");
    }
    
    public void testJ()
        throws Exception
    {
        doTest("self-testcase-J.pem");
    }
    
    public void testL()
        throws Exception
    {
        doTest("self-testcase-L.pem");
    }
    
    private void doTest(
        String      certName)
        throws Exception
    {
        X509Certificate  cert = loadCert(certName);
        byte[]           tbs = cert.getTBSCertificate();
        Signature        sig = Signature.getInstance(cert.getSigAlgName(), "SC");
        
        sig.initVerify(cert.getPublicKey());
        
        sig.update(tbs);
        
        assertFalse(sig.verify(cert.getSignature()));
    }

    private X509Certificate loadCert(
        String certName)
        throws Exception
    {
        CertificateFactory rd = CertificateFactory.getInstance("X.509", "SC");
        
        return (X509Certificate)rd.generateCertificate(getClass().getResourceAsStream(certName));
    }
    
    public static void main (String[] args) 
        throws Exception
    {
        junit.textui.TestRunner.run(suite());
    }
    
    public static Test suite() 
        throws Exception
    {   
        TestSuite suite = new TestSuite("Bleichenbacher's Forgery Attack Tests");
        
        suite.addTestSuite(RSA3CertTest.class);
        
        return suite;
    }
}