diff options
Diffstat (limited to 'pkix/src/test/java/org/spongycastle/cms/test/MiscDataStreamTest.java')
-rw-r--r-- | pkix/src/test/java/org/spongycastle/cms/test/MiscDataStreamTest.java | 265 |
1 files changed, 265 insertions, 0 deletions
diff --git a/pkix/src/test/java/org/spongycastle/cms/test/MiscDataStreamTest.java b/pkix/src/test/java/org/spongycastle/cms/test/MiscDataStreamTest.java new file mode 100644 index 00000000..d01b68e3 --- /dev/null +++ b/pkix/src/test/java/org/spongycastle/cms/test/MiscDataStreamTest.java @@ -0,0 +1,265 @@ +package org.spongycastle.cms.test; + +import java.io.ByteArrayInputStream; +import java.io.ByteArrayOutputStream; +import java.io.OutputStream; +import java.security.KeyPair; +import java.security.MessageDigest; +import java.security.Security; +import java.security.cert.X509CRL; +import java.security.cert.X509Certificate; +import java.util.ArrayList; +import java.util.Collection; +import java.util.Iterator; +import java.util.List; + +import junit.framework.Test; +import junit.framework.TestCase; +import junit.framework.TestSuite; +import org.spongycastle.cert.X509CertificateHolder; +import org.spongycastle.cert.jcajce.JcaCRLStore; +import org.spongycastle.cert.jcajce.JcaCertStore; +import org.spongycastle.cms.CMSCompressedDataStreamGenerator; +import org.spongycastle.cms.CMSDigestedData; +import org.spongycastle.cms.CMSSignedDataParser; +import org.spongycastle.cms.CMSSignedDataStreamGenerator; +import org.spongycastle.cms.CMSTypedStream; +import org.spongycastle.cms.SignerInformation; +import org.spongycastle.cms.SignerInformationStore; +import org.spongycastle.cms.jcajce.JcaSignerInfoVerifierBuilder; +import org.spongycastle.cms.jcajce.JcaSimpleSignerInfoGeneratorBuilder; +import org.spongycastle.cms.jcajce.JcaX509CertSelectorConverter; +import org.spongycastle.cms.jcajce.ZlibCompressor; +import org.spongycastle.jce.provider.BouncyCastleProvider; +import org.spongycastle.operator.DigestCalculatorProvider; +import org.spongycastle.operator.OperatorCreationException; +import org.spongycastle.operator.jcajce.JcaDigestCalculatorProviderBuilder; +import org.spongycastle.util.Arrays; +import org.spongycastle.util.Store; +import org.spongycastle.util.encoders.Base64; + +public class MiscDataStreamTest + extends TestCase +{ + private static final String BC = BouncyCastleProvider.PROVIDER_NAME; + + private static byte[] data = Base64.decode( + "TUlNRS1WZXJzaW9uOiAxLjAKQ29udGVudC1UeXBlOiBhcHBsaWNhdGlvbi9v" + + "Y3RldC1zdHJlYW0KQ29udGVudC1UcmFuc2Zlci1FbmNvZGluZzogYmluYXJ5" + + "CkNvbnRlbnQtRGlzcG9zaXRpb246IGF0dGFjaG1lbnQ7IGZpbGVuYW1lPWRv" + + "Yy5iaW4KClRoaXMgaXMgYSB2ZXJ5IGh1Z2Ugc2VjcmV0LCBtYWRlIHdpdGgg" + + "b3BlbnNzbAoKCgo="); + + private static byte[] digestedData = Base64.decode( + "MIIBGAYJKoZIhvcNAQcFoIIBCTCCAQUCAQAwCwYJYIZIAWUDBAIBMIHQBgkq" + + "hkiG9w0BBwGggcIEgb9NSU1FLVZlcnNpb246IDEuMApDb250ZW50LVR5cGU6" + + "IGFwcGxpY2F0aW9uL29jdGV0LXN0cmVhbQpDb250ZW50LVRyYW5zZmVyLUVu" + + "Y29kaW5nOiBiaW5hcnkKQ29udGVudC1EaXNwb3NpdGlvbjogYXR0YWNobWVu" + + "dDsgZmlsZW5hbWU9ZG9jLmJpbgoKVGhpcyBpcyBhIHZlcnkgaHVnZSBzZWNy" + + "ZXQsIG1hZGUgd2l0aCBvcGVuc3NsCgoKCgQgHLG72tSYW0LgcxOA474iwdCv" + + "KyhnaV4RloWTAvkq+do="); + + private static final String TEST_MESSAGE = "Hello World!"; + private static String _signDN; + private static KeyPair _signKP; + private static X509Certificate _signCert; + + private static String _origDN; + private static KeyPair _origKP; + private static X509Certificate _origCert; + + private static String _reciDN; + private static KeyPair _reciKP; + private static X509Certificate _reciCert; + + private static KeyPair _origDsaKP; + private static X509Certificate _origDsaCert; + + private static X509CRL _signCrl; + private static X509CRL _origCrl; + + private static boolean _initialised = false; + + private static final JcaX509CertSelectorConverter selectorConverter = new JcaX509CertSelectorConverter(); + + private static final DigestCalculatorProvider digCalcProv; + + static + { + try + { + digCalcProv = new JcaDigestCalculatorProviderBuilder().build(); + } + catch (OperatorCreationException e) + { + throw new IllegalStateException("can't create default provider!!!"); + } + } + + public MiscDataStreamTest(String name) + { + super(name); + } + + private static void init() + throws Exception + { + if (!_initialised) + { + _initialised = true; + Security.addProvider(new org.spongycastle.jce.provider.BouncyCastleProvider()); + + _signDN = "O=Bouncy Castle, C=AU"; + _signKP = CMSTestUtil.makeKeyPair(); + _signCert = CMSTestUtil.makeCertificate(_signKP, _signDN, _signKP, _signDN); + + _origDN = "CN=Bob, OU=Sales, O=Bouncy Castle, C=AU"; + _origKP = CMSTestUtil.makeKeyPair(); + _origCert = CMSTestUtil.makeCertificate(_origKP, _origDN, _signKP, _signDN); + + _origDsaKP = CMSTestUtil.makeDsaKeyPair(); + _origDsaCert = CMSTestUtil.makeCertificate(_origDsaKP, _origDN, _signKP, _signDN); + + _reciDN = "CN=Doug, OU=Sales, O=Bouncy Castle, C=AU"; + _reciKP = CMSTestUtil.makeKeyPair(); + _reciCert = CMSTestUtil.makeCertificate(_reciKP, _reciDN, _signKP, _signDN); + + _signCrl = CMSTestUtil.makeCrl(_signKP); + _origCrl = CMSTestUtil.makeCrl(_origKP); + } + } + + private void verifySignatures(CMSSignedDataParser sp, byte[] contentDigest) + throws Exception + { + Store certStore = sp.getCertificates(); + SignerInformationStore signers = sp.getSignerInfos(); + + Collection c = signers.getSigners(); + Iterator it = c.iterator(); + + while (it.hasNext()) + { + SignerInformation signer = (SignerInformation)it.next(); + Collection certCollection = certStore.getMatches(signer.getSID()); + + Iterator certIt = certCollection.iterator(); + X509CertificateHolder cert = (X509CertificateHolder)certIt.next(); + + assertEquals(true, signer.verify(new JcaSignerInfoVerifierBuilder(digCalcProv).setProvider(BC).build(cert))); + + if (contentDigest != null) + { + assertTrue(MessageDigest.isEqual(contentDigest, signer.getContentDigest())); + } + } + } + + private void verifySignatures(CMSSignedDataParser sp) + throws Exception + { + verifySignatures(sp, null); + } + + private void verifyEncodedData(ByteArrayOutputStream bOut) + throws Exception + { + CMSSignedDataParser sp; + sp = new CMSSignedDataParser(digCalcProv, bOut.toByteArray()); + + sp.getSignedContent().drain(); + + verifySignatures(sp); + + sp.close(); + } + + private void checkSigParseable(byte[] sig) + throws Exception + { + CMSSignedDataParser sp = new CMSSignedDataParser(digCalcProv, sig); + sp.getVersion(); + CMSTypedStream sc = sp.getSignedContent(); + if (sc != null) + { + sc.drain(); + } + sp.getCertificates(); + sp.getSignerInfos(); + sp.close(); + } + + public void testSHA1WithRSA() + throws Exception + { + List certList = new ArrayList(); + List crlList = new ArrayList(); + ByteArrayOutputStream bOut = new ByteArrayOutputStream(); + + certList.add(_origCert); + certList.add(_signCert); + + crlList.add(_signCrl); + crlList.add(_origCrl); + + CMSSignedDataStreamGenerator gen = new CMSSignedDataStreamGenerator(); + + gen.addSignerInfoGenerator(new JcaSimpleSignerInfoGeneratorBuilder().setProvider(BC).build("SHA1withRSA", _origKP.getPrivate(), _origCert)); + + gen.addCertificates(new JcaCertStore(certList)); + gen.addCRLs(new JcaCRLStore(crlList)); + + OutputStream sigOut = gen.open(bOut); + + CMSCompressedDataStreamGenerator cGen = new CMSCompressedDataStreamGenerator(); + + OutputStream cOut = cGen.open(sigOut, new ZlibCompressor()); + + cOut.write(TEST_MESSAGE.getBytes()); + + cOut.close(); + + sigOut.close(); + + checkSigParseable(bOut.toByteArray()); + + // generate compressed stream + ByteArrayOutputStream cDataOut = new ByteArrayOutputStream(); + + cOut = cGen.open(cDataOut, new ZlibCompressor()); + + cOut.write(TEST_MESSAGE.getBytes()); + + cOut.close(); + + CMSSignedDataParser sp = new CMSSignedDataParser(digCalcProv, + new CMSTypedStream(new ByteArrayInputStream(cDataOut.toByteArray())), bOut.toByteArray()); + + sp.getSignedContent().drain(); + + // + // compute expected content digest + // + MessageDigest md = MessageDigest.getInstance("SHA1", BC); + + verifySignatures(sp, md.digest(cDataOut.toByteArray())); + } + + public void testDigestedData() + throws Exception + { + CMSDigestedData digData = new CMSDigestedData(digestedData); + + assertTrue(Arrays.areEqual(data, (byte[])digData.getDigestedContent().getContent())); + + assertTrue(digData.verify(new JcaDigestCalculatorProviderBuilder().setProvider(BC).build())); + } + + public static Test suite() + throws Exception + { + init(); + + return new CMSTestSetup(new TestSuite(MiscDataStreamTest.class)); + } +}
\ No newline at end of file |