diff options
author | Roberto Tyley <roberto.tyley@gmail.com> | 2014-07-15 01:38:01 +0400 |
---|---|---|
committer | Roberto Tyley <roberto.tyley@gmail.com> | 2014-07-26 11:23:17 +0400 |
commit | 7cb752aaf746dc0b473afeb9e892b7fbc12666c5 (patch) | |
tree | cc4f91ddc18332b5adbe82e3fcb040d976c90105 /prov/src/test/jdk1.1/org/spongycastle/jce/provider/test/KeyStoreTest.java | |
parent | 551830f8ea5177042af2c7dd1fc90888bc67387d (diff) |
Execute become-spongy.sh
https://github.com/rtyley/spongycastle/blob/3040af/become-spongy.sh
Diffstat (limited to 'prov/src/test/jdk1.1/org/spongycastle/jce/provider/test/KeyStoreTest.java')
-rw-r--r-- | prov/src/test/jdk1.1/org/spongycastle/jce/provider/test/KeyStoreTest.java | 186 |
1 files changed, 186 insertions, 0 deletions
diff --git a/prov/src/test/jdk1.1/org/spongycastle/jce/provider/test/KeyStoreTest.java b/prov/src/test/jdk1.1/org/spongycastle/jce/provider/test/KeyStoreTest.java new file mode 100644 index 00000000..0560ffdc --- /dev/null +++ b/prov/src/test/jdk1.1/org/spongycastle/jce/provider/test/KeyStoreTest.java @@ -0,0 +1,186 @@ +package org.spongycastle.jce.provider.test; + +import java.io.ByteArrayInputStream; +import java.io.ByteArrayOutputStream; +import java.math.BigInteger; +import java.security.KeyPair; +import java.security.KeyPairGenerator; +import java.security.KeyStore; +import java.security.SecureRandom; +import java.security.Security; +import java.security.cert.Certificate; +import java.security.cert.CertificateFactory; +import java.security.cert.X509Certificate; +import java.security.interfaces.RSAPrivateKey; +import java.security.interfaces.RSAPublicKey; +import java.util.Date; +import java.util.Hashtable; + +import org.spongycastle.jce.X509Principal; +import org.spongycastle.jce.provider.BouncyCastleProvider; +import org.spongycastle.util.test.SimpleTestResult; +import org.spongycastle.util.test.Test; +import org.spongycastle.util.test.TestResult; +import org.spongycastle.x509.X509V3CertificateGenerator; + +/** + * Exercise the various key stores, making sure we at least get back what we put in! + * <p> + * This tests both the BKS, and the UBER key store. + */ +public class KeyStoreTest + implements Test +{ + static char[] passwd = { 'h', 'e', 'l', 'l', 'o', ' ', 'w', 'o', 'r', 'l', 'd' }; + + public TestResult keyStoreTest( + String storeName) + { + try + { + KeyStore store = KeyStore.getInstance(storeName, "SC"); + + store.load(null, null); + + KeyPairGenerator gen = KeyPairGenerator.getInstance("RSA", "SC"); + + gen.initialize(1024, new SecureRandom()); + + KeyPair pair = gen.generateKeyPair(); + RSAPrivateKey privKey = (RSAPrivateKey)pair.getPrivate(); + RSAPublicKey pubKey = (RSAPublicKey)pair.getPublic(); + BigInteger modulus = privKey.getModulus(); + BigInteger privateExponent = privKey.getPrivateExponent(); + + + // + // distinguished name table. + // + Hashtable attrs = new Hashtable(); + + attrs.put(X509Principal.C, "AU"); + attrs.put(X509Principal.O, "The Legion of the Bouncy Castle"); + attrs.put(X509Principal.L, "Melbourne"); + attrs.put(X509Principal.ST, "Victoria"); + attrs.put(X509Principal.EmailAddress, "feedback-crypto@bouncycastle.org"); + + // + // extensions + // + + // + // create the certificate. + // + X509V3CertificateGenerator certGen = new X509V3CertificateGenerator(); + + certGen.setSerialNumber(BigInteger.valueOf(1)); + certGen.setIssuerDN(new X509Principal(attrs)); + certGen.setNotBefore(new Date(System.currentTimeMillis() - 50000)); + certGen.setNotAfter(new Date(System.currentTimeMillis() + 50000)); + certGen.setSubjectDN(new X509Principal(attrs)); + certGen.setPublicKey(pubKey); + certGen.setSignatureAlgorithm("MD5WithRSAEncryption"); + + Certificate[] chain = new Certificate[1]; + + try + { + X509Certificate cert = certGen.generateX509Certificate(privKey); + + cert.checkValidity(new Date()); + + cert.verify(pubKey); + + ByteArrayInputStream bIn = new ByteArrayInputStream(cert.getEncoded()); + CertificateFactory fact = CertificateFactory.getInstance("X.509", "SC"); + + cert = (X509Certificate)fact.generateCertificate(bIn); + + chain[0] = cert; + } + catch (Exception e) + { + return new SimpleTestResult(false, getName() + ": error generating cert - " + e.toString()); + } + + store.setKeyEntry("private", privKey, passwd, chain); + + // + // write out and read back store + // + ByteArrayOutputStream bOut = new ByteArrayOutputStream(); + + store.store(bOut, passwd); + + ByteArrayInputStream bIn = new ByteArrayInputStream(bOut.toByteArray()); + + // + // start with a new key store + // + store = KeyStore.getInstance(storeName, "SC"); + + store.load(bIn, passwd); + + // + // verify public key + // + privKey = (RSAPrivateKey)store.getKey("private", passwd); + + if (!privKey.getModulus().equals(modulus)) + { + return new SimpleTestResult(false, getName() + ": private key modulus wrong"); + } + else if (!privKey.getPrivateExponent().equals(privateExponent)) + { + return new SimpleTestResult(false, getName() + ": private key exponent wrong"); + } + + // + // verify certificate + // + Certificate cert = store.getCertificateChain("private")[0]; + + cert.verify(pubKey); + + return new SimpleTestResult(true, getName() + ": Okay"); + } + catch (Exception e) + { + return new SimpleTestResult(false, getName() + ": exception - " + e.toString()); + } + } + + public String getName() + { + return "KeyStore"; + } + + public TestResult perform() + { + TestResult result = keyStoreTest("BKS"); + if (!result.isSuccessful()) + { + return result; + } + + result = keyStoreTest("UBER"); + + if (!result.isSuccessful()) + { + return result; + } + + return new SimpleTestResult(true, getName() + ": Okay"); + } + + public static void main( + String[] args) + { + Security.addProvider(new BouncyCastleProvider()); + + Test test = new KeyStoreTest(); + TestResult result = test.perform(); + + System.out.println(result.toString()); + } +} |