diff options
author | David Hook <dgh@cryptoworkshop.com> | 2014-06-28 08:45:51 +0400 |
---|---|---|
committer | David Hook <dgh@cryptoworkshop.com> | 2014-06-28 08:45:51 +0400 |
commit | 0a698b5d94e064edeef78bf9e3b83cf17071c0e5 (patch) | |
tree | ecbebc8cc8db9c8bfcb1ae4bfd90054a2e18061a | |
parent | 0f1ecad50a46b0085d6f4be8b6d2aac480989f80 (diff) |
update
6 files changed, 173 insertions, 674 deletions
diff --git a/core/src/test/java/org/bouncycastle/math/ec/test/ECPointPerformanceTest.java b/core/src/test/java/org/bouncycastle/math/ec/test/ECPointPerformanceTest.java index a5e45dab..6db88a00 100644 --- a/core/src/test/java/org/bouncycastle/math/ec/test/ECPointPerformanceTest.java +++ b/core/src/test/java/org/bouncycastle/math/ec/test/ECPointPerformanceTest.java @@ -2,15 +2,16 @@ package org.bouncycastle.math.ec.test; import java.math.BigInteger; import java.security.SecureRandom; -import java.util.Collections; +import java.util.ArrayList; +import java.util.Enumeration; import java.util.HashSet; import java.util.Iterator; +import java.util.List; import java.util.Set; import java.util.SortedSet; import java.util.TreeSet; import junit.framework.TestCase; - import org.bouncycastle.asn1.ASN1ObjectIdentifier; import org.bouncycastle.asn1.x9.ECNamedCurveTable; import org.bouncycastle.asn1.x9.X9ECParameters; @@ -173,8 +174,8 @@ public class ECPointPerformanceTest extends TestCase public void testMultiply() throws Exception { - SortedSet names = new TreeSet(Collections.list(ECNamedCurveTable.getNames())); - names.addAll(Collections.list(CustomNamedCurves.getNames())); + SortedSet names = new TreeSet(enumToList(ECNamedCurveTable.getNames())); + names.addAll(enumToList(CustomNamedCurves.getNames())); Set oids = new HashSet(); @@ -195,4 +196,16 @@ public class ECPointPerformanceTest extends TestCase randMult(name); } } + + private List enumToList(Enumeration en) + { + List rv = new ArrayList(); + + while (en.hasMoreElements()) + { + rv.add(en.nextElement()); + } + + return rv; + } } diff --git a/core/src/test/java/org/bouncycastle/math/ec/test/ECPointTest.java b/core/src/test/java/org/bouncycastle/math/ec/test/ECPointTest.java index 4db9f4bd..1ad4d760 100644 --- a/core/src/test/java/org/bouncycastle/math/ec/test/ECPointTest.java +++ b/core/src/test/java/org/bouncycastle/math/ec/test/ECPointTest.java @@ -2,15 +2,16 @@ package org.bouncycastle.math.ec.test; import java.math.BigInteger; import java.security.SecureRandom; -import java.util.Collections; +import java.util.ArrayList; +import java.util.Enumeration; import java.util.HashSet; import java.util.Iterator; +import java.util.List; import java.util.Set; import junit.framework.Test; import junit.framework.TestCase; import junit.framework.TestSuite; - import org.bouncycastle.asn1.x9.ECNamedCurveTable; import org.bouncycastle.asn1.x9.X9ECParameters; import org.bouncycastle.crypto.ec.CustomNamedCurves; @@ -503,8 +504,8 @@ public class ECPointTest extends TestCase */ public void testAddSubtractMultiplyTwiceEncoding() { - Set names = new HashSet(Collections.list(ECNamedCurveTable.getNames())); - names.addAll(Collections.list(CustomNamedCurves.getNames())); + Set names = new HashSet(enumToList(ECNamedCurveTable.getNames())); + names.addAll(enumToList(CustomNamedCurves.getNames())); Iterator it = names.iterator(); while (it.hasNext()) @@ -525,6 +526,18 @@ public class ECPointTest extends TestCase } } + private List enumToList(Enumeration en) + { + List rv = new ArrayList(); + + while (en.hasMoreElements()) + { + rv.add(en.nextElement()); + } + + return rv; + } + private void assertPointsEqual(String message, ECPoint a, ECPoint b) { assertEquals(message, a, b); diff --git a/pkix/src/main/jdk1.3/org/bouncycastle/cert/jcajce/JcaX509ExtensionUtils.java b/pkix/src/main/jdk1.3/org/bouncycastle/cert/jcajce/JcaX509ExtensionUtils.java new file mode 100644 index 00000000..2878f44f --- /dev/null +++ b/pkix/src/main/jdk1.3/org/bouncycastle/cert/jcajce/JcaX509ExtensionUtils.java @@ -0,0 +1,138 @@ +package org.bouncycastle.cert.jcajce; + +import java.io.ByteArrayOutputStream; +import java.io.IOException; +import java.io.OutputStream; +import java.math.BigInteger; +import java.security.MessageDigest; +import java.security.NoSuchAlgorithmException; +import java.security.PublicKey; +import java.security.cert.CertificateEncodingException; +import java.security.cert.X509Certificate; + +import org.bouncycastle.asn1.ASN1OctetString; +import org.bouncycastle.asn1.ASN1Primitive; +import org.bouncycastle.asn1.oiw.OIWObjectIdentifiers; +import org.bouncycastle.asn1.x500.X500Name; +import org.bouncycastle.asn1.x509.AlgorithmIdentifier; +import org.bouncycastle.asn1.x509.AuthorityKeyIdentifier; +import org.bouncycastle.asn1.x509.GeneralName; +import org.bouncycastle.asn1.x509.GeneralNames; +import org.bouncycastle.asn1.x509.SubjectKeyIdentifier; +import org.bouncycastle.asn1.x509.SubjectPublicKeyInfo; +import org.bouncycastle.cert.X509ExtensionUtils; +import org.bouncycastle.operator.DigestCalculator; + +public class JcaX509ExtensionUtils + extends X509ExtensionUtils +{ + /** + * Create a utility class pre-configured with a SHA-1 digest calculator based on the + * default implementation. + * + * @throws java.security.NoSuchAlgorithmException + */ + public JcaX509ExtensionUtils() + throws NoSuchAlgorithmException + { + super(new SHA1DigestCalculator(MessageDigest.getInstance("SHA1"))); + } + + public JcaX509ExtensionUtils(DigestCalculator calculator) + { + super(calculator); + } + + public AuthorityKeyIdentifier createAuthorityKeyIdentifier( + X509Certificate cert) + throws CertificateEncodingException + { + return super.createAuthorityKeyIdentifier(new JcaX509CertificateHolder(cert)); + } + + public AuthorityKeyIdentifier createAuthorityKeyIdentifier( + PublicKey pubKey) + { + return super.createAuthorityKeyIdentifier(SubjectPublicKeyInfo.getInstance(pubKey.getEncoded())); + } + + public AuthorityKeyIdentifier createAuthorityKeyIdentifier(PublicKey pubKey, GeneralNames generalNames, BigInteger serial) + { + return super.createAuthorityKeyIdentifier(SubjectPublicKeyInfo.getInstance(pubKey.getEncoded()), generalNames, serial); + } + + /** + * Return a RFC 3280 type 1 key identifier. As in: + * <pre> + * (1) The keyIdentifier is composed of the 160-bit SHA-1 hash of the + * value of the BIT STRING subjectPublicKey (excluding the tag, + * length, and number of unused bits). + * </pre> + * @param publicKey the key object containing the key identifier is to be based on. + * @return the key identifier. + */ + public SubjectKeyIdentifier createSubjectKeyIdentifier( + PublicKey publicKey) + { + return super.createSubjectKeyIdentifier(SubjectPublicKeyInfo.getInstance(publicKey.getEncoded())); + } + + /** + * Return a RFC 3280 type 2 key identifier. As in: + * <pre> + * (2) The keyIdentifier is composed of a four bit type field with + * the value 0100 followed by the least significant 60 bits of the + * SHA-1 hash of the value of the BIT STRING subjectPublicKey. + * </pre> + * @param publicKey the key object of interest. + * @return the key identifier. + */ + public SubjectKeyIdentifier createTruncatedSubjectKeyIdentifier(PublicKey publicKey) + { + return super.createSubjectKeyIdentifier(SubjectPublicKeyInfo.getInstance(publicKey.getEncoded())); + } + + /** + * Return the ASN.1 object contained in a byte[] returned by a getExtensionValue() call. + * + * @param encExtValue DER encoded OCTET STRING containing the DER encoded extension object. + * @return an ASN.1 object + * @throws java.io.IOException on a parsing error. + */ + public static ASN1Primitive parseExtensionValue(byte[] encExtValue) + throws IOException + { + return ASN1Primitive.fromByteArray(ASN1OctetString.getInstance(encExtValue).getOctets()); + } + + private static class SHA1DigestCalculator + implements DigestCalculator + { + private ByteArrayOutputStream bOut = new ByteArrayOutputStream(); + private MessageDigest digest; + + public SHA1DigestCalculator(MessageDigest digest) + { + this.digest = digest; + } + + public AlgorithmIdentifier getAlgorithmIdentifier() + { + return new AlgorithmIdentifier(OIWObjectIdentifiers.idSHA1); + } + + public OutputStream getOutputStream() + { + return bOut; + } + + public byte[] getDigest() + { + byte[] bytes = digest.digest(bOut.toByteArray()); + + bOut.reset(); + + return bytes; + } + } +} diff --git a/prov/src/test/java/org/bouncycastle/jce/provider/test/X509StoreTest.java b/prov/src/test/java/org/bouncycastle/jce/provider/test/X509StoreTest.java deleted file mode 100644 index 6043fa27..00000000 --- a/prov/src/test/java/org/bouncycastle/jce/provider/test/X509StoreTest.java +++ /dev/null @@ -1,345 +0,0 @@ -package org.bouncycastle.jce.provider.test; - -import java.io.ByteArrayInputStream; -import java.math.BigInteger; -import java.security.Security; -import java.security.cert.CertificateFactory; -import java.security.cert.X509CRL; -import java.security.cert.X509Certificate; -import java.util.ArrayList; -import java.util.Collection; -import java.util.Collections; -import java.util.Date; -import java.util.List; - -import org.bouncycastle.jce.PrincipalUtil; -import org.bouncycastle.jce.X509Principal; -import org.bouncycastle.jce.provider.BouncyCastleProvider; -import org.bouncycastle.util.test.SimpleTest; -import org.bouncycastle.x509.X509AttributeCertStoreSelector; -import org.bouncycastle.x509.X509AttributeCertificate; -import org.bouncycastle.x509.X509CRLStoreSelector; -import org.bouncycastle.x509.X509CertPairStoreSelector; -import org.bouncycastle.x509.X509CertStoreSelector; -import org.bouncycastle.x509.X509CertificatePair; -import org.bouncycastle.x509.X509CollectionStoreParameters; -import org.bouncycastle.x509.X509Store; -import org.bouncycastle.x509.X509V2AttributeCertificate; - -public class X509StoreTest - extends SimpleTest -{ - private void certPairTest() - throws Exception - { - CertificateFactory cf = CertificateFactory.getInstance("X.509", - "BC"); - - X509Certificate rootCert = (X509Certificate)cf - .generateCertificate(new ByteArrayInputStream( - CertPathTest.rootCertBin)); - X509Certificate interCert = (X509Certificate)cf - .generateCertificate(new ByteArrayInputStream( - CertPathTest.interCertBin)); - X509Certificate finalCert = (X509Certificate)cf - .generateCertificate(new ByteArrayInputStream( - CertPathTest.finalCertBin)); - - // Testing CollectionCertStore generation from List - X509CertificatePair pair1 = new X509CertificatePair(rootCert, interCert); - List certList = new ArrayList(); - - certList.add(pair1); - certList.add(new X509CertificatePair(interCert, finalCert)); - - X509CollectionStoreParameters ccsp = new X509CollectionStoreParameters(certList); - - X509Store certStore = X509Store.getInstance("CertificatePair/Collection", ccsp, "BC"); - X509CertPairStoreSelector selector = new X509CertPairStoreSelector(); - X509CertStoreSelector fwSelector = new X509CertStoreSelector(); - - fwSelector.setSerialNumber(rootCert.getSerialNumber()); - fwSelector.setSubject(rootCert.getIssuerDN().getName()); - - selector.setForwardSelector(fwSelector); - - Collection col = certStore.getMatches(selector); - - if (col.size() != 1 || !col.contains(pair1)) - { - fail("failed pair1 test"); - } - - col = certStore.getMatches(null); - - if (col.size() != 2) - { - fail("failed null test"); - } - } - - public void performTest() - throws Exception - { - CertificateFactory cf = CertificateFactory.getInstance("X.509", - "BC"); - - X509Certificate rootCert = (X509Certificate)cf - .generateCertificate(new ByteArrayInputStream( - CertPathTest.rootCertBin)); - X509Certificate interCert = (X509Certificate)cf - .generateCertificate(new ByteArrayInputStream( - CertPathTest.interCertBin)); - X509Certificate finalCert = (X509Certificate)cf - .generateCertificate(new ByteArrayInputStream( - CertPathTest.finalCertBin)); - X509CRL rootCrl = (X509CRL)cf.generateCRL(new ByteArrayInputStream( - CertPathTest.rootCrlBin)); - X509CRL interCrl = (X509CRL)cf - .generateCRL(new ByteArrayInputStream( - CertPathTest.interCrlBin)); - - // Testing CollectionCertStore generation from List - List certList = new ArrayList(); - certList.add(rootCert); - certList.add(interCert); - certList.add(finalCert); - X509CollectionStoreParameters ccsp = new X509CollectionStoreParameters(certList); - X509Store certStore = X509Store.getInstance("Certificate/Collection", ccsp, "BC"); - // set default to be the same as for SUN X500 name - X509Principal.DefaultReverse = true; - - // Searching for rootCert by subjectDN - - X509CertStoreSelector targetConstraints = new X509CertStoreSelector(); - targetConstraints.setSubject(PrincipalUtil.getSubjectX509Principal(rootCert).getEncoded()); - Collection certs = certStore.getMatches(targetConstraints); - if (certs.size() != 1 || !certs.contains(rootCert)) - { - fail("rootCert not found by subjectDN"); - } - - // Searching for rootCert by subjectDN encoded as byte - targetConstraints = new X509CertStoreSelector(); - targetConstraints.setSubject(PrincipalUtil.getSubjectX509Principal(rootCert).getEncoded()); - certs = certStore.getMatches(targetConstraints); - if (certs.size() != 1 || !certs.contains(rootCert)) - { - fail("rootCert not found by encoded subjectDN"); - } - - X509Principal.DefaultReverse = false; - - // Searching for rootCert by public key encoded as byte - targetConstraints = new X509CertStoreSelector(); - targetConstraints.setSubjectPublicKey(rootCert.getPublicKey().getEncoded()); - certs = certStore.getMatches(targetConstraints); - if (certs.size() != 1 || !certs.contains(rootCert)) - { - fail("rootCert not found by encoded public key"); - } - - // Searching for interCert by issuerDN - targetConstraints = new X509CertStoreSelector(); - targetConstraints.setIssuer(PrincipalUtil.getSubjectX509Principal(rootCert).getEncoded()); - certs = certStore.getMatches(targetConstraints); - if (certs.size() != 2) - { - fail("did not found 2 certs"); - } - if (!certs.contains(rootCert)) - { - fail("rootCert not found"); - } - if (!certs.contains(interCert)) - { - fail("interCert not found"); - } - - // Searching for rootCrl by issuerDN - List crlList = new ArrayList(); - crlList.add(rootCrl); - crlList.add(interCrl); - ccsp = new X509CollectionStoreParameters(crlList); - X509Store store = X509Store.getInstance("CRL/Collection", ccsp, "BC"); - X509CRLStoreSelector targetConstraintsCRL = new X509CRLStoreSelector(); - targetConstraintsCRL.setIssuers(Collections.singleton(rootCrl.getIssuerX500Principal())); - Collection crls = store.getMatches(targetConstraintsCRL); - if (crls.size() != 1 || !crls.contains(rootCrl)) - { - fail("rootCrl not found"); - } - - crls = certStore.getMatches(targetConstraintsCRL); - if (crls.size() != 0) - { - fail("error using wrong selector (CRL)"); - } - certs = store.getMatches(targetConstraints); - if (certs.size() != 0) - { - fail("error using wrong selector (certs)"); - } - // Searching for attribute certificates - X509V2AttributeCertificate attrCert = new X509V2AttributeCertificate(AttrCertData.attrCert); - X509AttributeCertificate attrCert2 = new X509V2AttributeCertificate(AttrCertData.certWithBaseCertificateID); - - List attrList = new ArrayList(); - attrList.add(attrCert); - attrList.add(attrCert2); - ccsp = new X509CollectionStoreParameters(attrList); - store = X509Store.getInstance("AttributeCertificate/Collection", ccsp, "BC"); - X509AttributeCertStoreSelector attrSelector = new X509AttributeCertStoreSelector(); - attrSelector.setHolder(attrCert.getHolder()); - if (!attrSelector.getHolder().equals(attrCert.getHolder())) - { - fail("holder get not correct"); - } - Collection attrs = store.getMatches(attrSelector); - if (attrs.size() != 1 || !attrs.contains(attrCert)) - { - fail("attrCert not found on holder"); - } - attrSelector.setHolder(attrCert2.getHolder()); - if (attrSelector.getHolder().equals(attrCert.getHolder())) - { - fail("holder get not correct"); - } - attrs = store.getMatches(attrSelector); - if (attrs.size() != 1 || !attrs.contains(attrCert2)) - { - fail("attrCert2 not found on holder"); - } - attrSelector = new X509AttributeCertStoreSelector(); - attrSelector.setIssuer(attrCert.getIssuer()); - if (!attrSelector.getIssuer().equals(attrCert.getIssuer())) - { - fail("issuer get not correct"); - } - attrs = store.getMatches(attrSelector); - if (attrs.size() != 1 || !attrs.contains(attrCert)) - { - fail("attrCert not found on issuer"); - } - attrSelector.setIssuer(attrCert2.getIssuer()); - if (attrSelector.getIssuer().equals(attrCert.getIssuer())) - { - fail("issuer get not correct"); - } - attrs = store.getMatches(attrSelector); - if (attrs.size() != 1 || !attrs.contains(attrCert2)) - { - fail("attrCert2 not found on issuer"); - } - attrSelector = new X509AttributeCertStoreSelector(); - attrSelector.setAttributeCert(attrCert); - if (!attrSelector.getAttributeCert().equals(attrCert)) - { - fail("attrCert get not correct"); - } - attrs = store.getMatches(attrSelector); - if (attrs.size() != 1 || !attrs.contains(attrCert)) - { - fail("attrCert not found on attrCert"); - } - attrSelector = new X509AttributeCertStoreSelector(); - attrSelector.setSerialNumber(attrCert.getSerialNumber()); - if (!attrSelector.getSerialNumber().equals(attrCert.getSerialNumber())) - { - fail("serial number get not correct"); - } - attrs = store.getMatches(attrSelector); - if (attrs.size() != 1 || !attrs.contains(attrCert)) - { - fail("attrCert not found on serial number"); - } - attrSelector = (X509AttributeCertStoreSelector)attrSelector.clone(); - if (!attrSelector.getSerialNumber().equals(attrCert.getSerialNumber())) - { - fail("serial number get not correct"); - } - attrs = store.getMatches(attrSelector); - if (attrs.size() != 1 || !attrs.contains(attrCert)) - { - fail("attrCert not found on serial number"); - } - - attrSelector = new X509AttributeCertStoreSelector(); - attrSelector.setAttributeCertificateValid(attrCert.getNotBefore()); - if (!attrSelector.getAttributeCertificateValid().equals(attrCert.getNotBefore())) - { - fail("valid get not correct"); - } - attrs = store.getMatches(attrSelector); - if (attrs.size() != 1 || !attrs.contains(attrCert)) - { - fail("attrCert not found on valid"); - } - attrSelector = new X509AttributeCertStoreSelector(); - attrSelector.setAttributeCertificateValid(new Date(attrCert.getNotBefore().getTime() - 100)); - attrs = store.getMatches(attrSelector); - if (attrs.size() != 0) - { - fail("attrCert found on before"); - } - attrSelector.setAttributeCertificateValid(new Date(attrCert.getNotAfter().getTime() + 100)); - attrs = store.getMatches(attrSelector); - if (attrs.size() != 0) - { - fail("attrCert found on after"); - } - attrSelector.setSerialNumber(BigInteger.valueOf(10000)); - attrs = store.getMatches(attrSelector); - if (attrs.size() != 0) - { - fail("attrCert found on wrong serial number"); - } - - attrSelector.setAttributeCert(null); - attrSelector.setAttributeCertificateValid(null); - attrSelector.setHolder(null); - attrSelector.setIssuer(null); - attrSelector.setSerialNumber(null); - if (attrSelector.getAttributeCert() != null) - { - fail("null attrCert"); - } - if (attrSelector.getAttributeCertificateValid() != null) - { - fail("null attrCertValid"); - } - if (attrSelector.getHolder() != null) - { - fail("null attrCert holder"); - } - if (attrSelector.getIssuer() != null) - { - fail("null attrCert issuer"); - } - if (attrSelector.getSerialNumber() != null) - { - fail("null attrCert serial"); - } - - attrs = certStore.getMatches(attrSelector); - if (attrs.size() != 0) - { - fail("error using wrong selector (attrs)"); - } - - certPairTest(); - } - - public String getName() - { - return "X509Store"; - } - - public static void main(String[] args) - { - Security.addProvider(new BouncyCastleProvider()); - - runTest(new X509StoreTest()); - } - -} diff --git a/prov/src/test/jdk1.3/org/bouncycastle/jce/provider/test/CertTest.java b/prov/src/test/jdk1.3/org/bouncycastle/jce/provider/test/CertTest.java index 7b38b720..aa0c785b 100644 --- a/prov/src/test/jdk1.3/org/bouncycastle/jce/provider/test/CertTest.java +++ b/prov/src/test/jdk1.3/org/bouncycastle/jce/provider/test/CertTest.java @@ -2281,7 +2281,7 @@ public class CertTest ASN1EncodableVector certs = new ASN1EncodableVector(); certs.add(new ASN1InputStream(CertPathTest.rootCertBin).readObject()); - certs.add(new DERTaggedObject(false, 2, new ASN1InputStream(AttrCertTest.attrCert).readObject())); + certs.add(new DERTaggedObject(false, 2, new ASN1InputStream(AttrCertData.attrCert).readObject())); ASN1EncodableVector crls = new ASN1EncodableVector(); diff --git a/prov/src/test/jdk1.3/org/bouncycastle/jce/provider/test/X509StoreTest.java b/prov/src/test/jdk1.3/org/bouncycastle/jce/provider/test/X509StoreTest.java deleted file mode 100644 index 6524229f..00000000 --- a/prov/src/test/jdk1.3/org/bouncycastle/jce/provider/test/X509StoreTest.java +++ /dev/null @@ -1,320 +0,0 @@ -package org.bouncycastle.jce.provider.test; - -import org.bouncycastle.jce.PrincipalUtil; -import org.bouncycastle.jce.X509Principal; -import org.bouncycastle.jce.provider.BouncyCastleProvider; -import org.bouncycastle.util.test.SimpleTest; -import org.bouncycastle.x509.X509AttributeCertStoreSelector; -import org.bouncycastle.x509.X509AttributeCertificate; -import org.bouncycastle.x509.X509CRLStoreSelector; -import org.bouncycastle.x509.X509CertPairStoreSelector; -import org.bouncycastle.x509.X509CertStoreSelector; -import org.bouncycastle.x509.X509CertificatePair; -import org.bouncycastle.x509.X509CollectionStoreParameters; -import org.bouncycastle.x509.X509Store; -import org.bouncycastle.x509.X509V2AttributeCertificate; - -import java.io.ByteArrayInputStream; -import java.math.BigInteger; -import java.security.Security; -import java.security.cert.CertificateFactory; -import java.security.cert.X509CRL; -import java.security.cert.X509Certificate; -import java.util.ArrayList; -import java.util.Collection; -import java.util.Collections; -import java.util.Date; -import java.util.List; - -public class X509StoreTest - extends SimpleTest -{ - private void certPairTest() - throws Exception - { - CertificateFactory cf = CertificateFactory.getInstance("X.509", - "BC"); - - X509Certificate rootCert = (X509Certificate)cf - .generateCertificate(new ByteArrayInputStream( - CertPathTest.rootCertBin)); - X509Certificate interCert = (X509Certificate)cf - .generateCertificate(new ByteArrayInputStream( - CertPathTest.interCertBin)); - X509Certificate finalCert = (X509Certificate)cf - .generateCertificate(new ByteArrayInputStream( - CertPathTest.finalCertBin)); - - // Testing CollectionCertStore generation from List - X509CertificatePair pair1 = new X509CertificatePair(rootCert, interCert); - List certList = new ArrayList(); - - certList.add(pair1); - certList.add(new X509CertificatePair(interCert, finalCert)); - - X509CollectionStoreParameters ccsp = new X509CollectionStoreParameters(certList); - - X509Store certStore = X509Store.getInstance("CertificatePair/Collection", ccsp, "BC"); - X509CertPairStoreSelector selector = new X509CertPairStoreSelector(); - X509CertStoreSelector fwSelector = new X509CertStoreSelector(); - - fwSelector.setSerialNumber(rootCert.getSerialNumber()); - - selector.setForwardSelector(fwSelector); - - Collection col = certStore.getMatches(selector); - - if (col.size() != 1 || !col.contains(pair1)) - { - fail("failed pair1 test"); - } - - col = certStore.getMatches(null); - - if (col.size() != 2) - { - fail("failed null test"); - } - } - - public void performTest() - throws Exception - { - CertificateFactory cf = CertificateFactory.getInstance("X.509", - "BC"); - - X509Certificate rootCert = (X509Certificate)cf - .generateCertificate(new ByteArrayInputStream( - CertPathTest.rootCertBin)); - X509Certificate interCert = (X509Certificate)cf - .generateCertificate(new ByteArrayInputStream( - CertPathTest.interCertBin)); - X509Certificate finalCert = (X509Certificate)cf - .generateCertificate(new ByteArrayInputStream( - CertPathTest.finalCertBin)); - X509CRL rootCrl = (X509CRL)cf.generateCRL(new ByteArrayInputStream( - CertPathTest.rootCrlBin)); - X509CRL interCrl = (X509CRL)cf - .generateCRL(new ByteArrayInputStream( - CertPathTest.interCrlBin)); - - // Testing CollectionCertStore generation from List - List certList = new ArrayList(); - certList.add(rootCert); - certList.add(interCert); - certList.add(finalCert); - X509CollectionStoreParameters ccsp = new X509CollectionStoreParameters(certList); - X509Store certStore = X509Store.getInstance("Certificate/Collection", ccsp, "BC"); - // set default to be the same as for SUN X500 name - X509Principal.DefaultReverse = true; - - // Searching for rootCert by subjectDN - - X509CertStoreSelector targetConstraints = new X509CertStoreSelector(); - targetConstraints.setSubject(PrincipalUtil.getSubjectX509Principal(rootCert).getEncoded()); - Collection certs = certStore.getMatches(targetConstraints); - if (certs.size() != 1 || !certs.contains(rootCert)) - { - fail("rootCert not found by subjectDN"); - } - - // Searching for rootCert by subjectDN encoded as byte - targetConstraints = new X509CertStoreSelector(); - targetConstraints.setSubject(PrincipalUtil.getSubjectX509Principal(rootCert).getEncoded()); - certs = certStore.getMatches(targetConstraints); - if (certs.size() != 1 || !certs.contains(rootCert)) - { - fail("rootCert not found by encoded subjectDN"); - } - - X509Principal.DefaultReverse = false; - - // Searching for rootCert by public key encoded as byte - targetConstraints = new X509CertStoreSelector(); - targetConstraints.setSubjectPublicKey(rootCert.getPublicKey().getEncoded()); - certs = certStore.getMatches(targetConstraints); - if (certs.size() != 1 || !certs.contains(rootCert)) - { - fail("rootCert not found by encoded public key"); - } - - // Searching for interCert by issuerDN - targetConstraints = new X509CertStoreSelector(); - targetConstraints.setIssuer(PrincipalUtil.getSubjectX509Principal(rootCert).getEncoded()); - certs = certStore.getMatches(targetConstraints); - if (certs.size() != 2) - { - fail("did not found 2 certs"); - } - if (!certs.contains(rootCert)) - { - fail("rootCert not found"); - } - if (!certs.contains(interCert)) - { - fail("interCert not found"); - } - - // Searching for attribute certificates - X509V2AttributeCertificate attrCert = new X509V2AttributeCertificate(AttrCertTest.attrCert); - X509AttributeCertificate attrCert2 = new X509V2AttributeCertificate(AttrCertTest.certWithBaseCertificateID); - - List attrList = new ArrayList(); - attrList.add(attrCert); - attrList.add(attrCert2); - ccsp = new X509CollectionStoreParameters(attrList); - X509Store store = X509Store.getInstance("AttributeCertificate/Collection", ccsp, "BC"); - X509AttributeCertStoreSelector attrSelector = new X509AttributeCertStoreSelector(); - attrSelector.setHolder(attrCert.getHolder()); - if (!attrSelector.getHolder().equals(attrCert.getHolder())) - { - fail("holder get not correct"); - } - Collection attrs = store.getMatches(attrSelector); - if (attrs.size() != 1 || !attrs.contains(attrCert)) - { - fail("attrCert not found on holder"); - } - attrSelector.setHolder(attrCert2.getHolder()); - if (attrSelector.getHolder().equals(attrCert.getHolder())) - { - fail("holder get not correct"); - } - attrs = store.getMatches(attrSelector); - if (attrs.size() != 1 || !attrs.contains(attrCert2)) - { - fail("attrCert2 not found on holder"); - } - attrSelector = new X509AttributeCertStoreSelector(); - attrSelector.setIssuer(attrCert.getIssuer()); - if (!attrSelector.getIssuer().equals(attrCert.getIssuer())) - { - fail("issuer get not correct"); - } - attrs = store.getMatches(attrSelector); - if (attrs.size() != 1 || !attrs.contains(attrCert)) - { - fail("attrCert not found on issuer"); - } - attrSelector.setIssuer(attrCert2.getIssuer()); - if (attrSelector.getIssuer().equals(attrCert.getIssuer())) - { - fail("issuer get not correct"); - } - attrs = store.getMatches(attrSelector); - if (attrs.size() != 1 || !attrs.contains(attrCert2)) - { - fail("attrCert2 not found on issuer"); - } - attrSelector = new X509AttributeCertStoreSelector(); - attrSelector.setAttributeCert(attrCert); - if (!attrSelector.getAttributeCert().equals(attrCert)) - { - fail("attrCert get not correct"); - } - attrs = store.getMatches(attrSelector); - if (attrs.size() != 1 || !attrs.contains(attrCert)) - { - fail("attrCert not found on attrCert"); - } - attrSelector = new X509AttributeCertStoreSelector(); - attrSelector.setSerialNumber(attrCert.getSerialNumber()); - if (!attrSelector.getSerialNumber().equals(attrCert.getSerialNumber())) - { - fail("serial number get not correct"); - } - attrs = store.getMatches(attrSelector); - if (attrs.size() != 1 || !attrs.contains(attrCert)) - { - fail("attrCert not found on serial number"); - } - attrSelector = (X509AttributeCertStoreSelector)attrSelector.clone(); - if (!attrSelector.getSerialNumber().equals(attrCert.getSerialNumber())) - { - fail("serial number get not correct"); - } - attrs = store.getMatches(attrSelector); - if (attrs.size() != 1 || !attrs.contains(attrCert)) - { - fail("attrCert not found on serial number"); - } - - attrSelector = new X509AttributeCertStoreSelector(); - attrSelector.setAttributeCertificateValid(attrCert.getNotBefore()); - if (!attrSelector.getAttributeCertificateValid().equals(attrCert.getNotBefore())) - { - fail("valid get not correct"); - } - attrs = store.getMatches(attrSelector); - if (attrs.size() != 1 || !attrs.contains(attrCert)) - { - fail("attrCert not found on valid"); - } - attrSelector = new X509AttributeCertStoreSelector(); - attrSelector.setAttributeCertificateValid(new Date(attrCert.getNotBefore().getTime() - 100)); - attrs = store.getMatches(attrSelector); - if (attrs.size() != 0) - { - fail("attrCert found on before"); - } - attrSelector.setAttributeCertificateValid(new Date(attrCert.getNotAfter().getTime() + 100)); - attrs = store.getMatches(attrSelector); - if (attrs.size() != 0) - { - fail("attrCert found on after"); - } - attrSelector.setSerialNumber(BigInteger.valueOf(10000)); - attrs = store.getMatches(attrSelector); - if (attrs.size() != 0) - { - fail("attrCert found on wrong serial number"); - } - - attrSelector.setAttributeCert(null); - attrSelector.setAttributeCertificateValid(null); - attrSelector.setHolder(null); - attrSelector.setIssuer(null); - attrSelector.setSerialNumber(null); - if (attrSelector.getAttributeCert() != null) - { - fail("null attrCert"); - } - if (attrSelector.getAttributeCertificateValid() != null) - { - fail("null attrCertValid"); - } - if (attrSelector.getHolder() != null) - { - fail("null attrCert holder"); - } - if (attrSelector.getIssuer() != null) - { - fail("null attrCert issuer"); - } - if (attrSelector.getSerialNumber() != null) - { - fail("null attrCert serial"); - } - - attrs = certStore.getMatches(attrSelector); - if (attrs.size() != 0) - { - fail("error using wrong selector (attrs)"); - } - - certPairTest(); - } - - public String getName() - { - return "X509Store"; - } - - public static void main(String[] args) - { - Security.addProvider(new BouncyCastleProvider()); - - runTest(new X509StoreTest()); - } - -} |