diff options
Diffstat (limited to 'pkix/src/test/java/org/spongycastle/tsp/test/CMSTimeStampedDataGeneratorTest.java')
-rw-r--r-- | pkix/src/test/java/org/spongycastle/tsp/test/CMSTimeStampedDataGeneratorTest.java | 309 |
1 files changed, 309 insertions, 0 deletions
diff --git a/pkix/src/test/java/org/spongycastle/tsp/test/CMSTimeStampedDataGeneratorTest.java b/pkix/src/test/java/org/spongycastle/tsp/test/CMSTimeStampedDataGeneratorTest.java new file mode 100644 index 00000000..2af0992a --- /dev/null +++ b/pkix/src/test/java/org/spongycastle/tsp/test/CMSTimeStampedDataGeneratorTest.java @@ -0,0 +1,309 @@ +package org.spongycastle.tsp.test; + +import java.io.ByteArrayInputStream; +import java.io.ByteArrayOutputStream; +import java.io.InputStream; +import java.math.BigInteger; +import java.security.KeyPair; +import java.security.PrivateKey; +import java.security.Security; +import java.security.cert.X509Certificate; +import java.util.ArrayList; +import java.util.Date; +import java.util.List; + +import junit.framework.TestCase; +import org.spongycastle.asn1.ASN1ObjectIdentifier; +import org.spongycastle.asn1.nist.NISTObjectIdentifiers; +import org.spongycastle.asn1.x509.AlgorithmIdentifier; +import org.spongycastle.cert.jcajce.JcaCertStore; +import org.spongycastle.cms.jcajce.JcaSimpleSignerInfoGeneratorBuilder; +import org.spongycastle.jce.provider.BouncyCastleProvider; +import org.spongycastle.operator.DigestCalculator; +import org.spongycastle.operator.DigestCalculatorProvider; +import org.spongycastle.operator.bc.BcDigestCalculatorProvider; +import org.spongycastle.tsp.TSPAlgorithms; +import org.spongycastle.tsp.TimeStampRequest; +import org.spongycastle.tsp.TimeStampRequestGenerator; +import org.spongycastle.tsp.TimeStampResponse; +import org.spongycastle.tsp.TimeStampResponseGenerator; +import org.spongycastle.tsp.TimeStampToken; +import org.spongycastle.tsp.TimeStampTokenGenerator; +import org.spongycastle.tsp.cms.CMSTimeStampedData; +import org.spongycastle.tsp.cms.CMSTimeStampedDataGenerator; +import org.spongycastle.tsp.cms.CMSTimeStampedDataParser; +import org.spongycastle.util.Arrays; +import org.spongycastle.util.Store; +import org.spongycastle.util.io.Streams; + +public class CMSTimeStampedDataGeneratorTest + extends TestCase +{ + + BouncyCastleProvider bouncyCastleProvider; + CMSTimeStampedDataGenerator cmsTimeStampedDataGenerator = null; + String fileInput = "FileDaFirmare.data"; + byte[] baseData; + + protected void setUp() + throws Exception + { + bouncyCastleProvider = new BouncyCastleProvider(); + if (Security.getProvider(bouncyCastleProvider.getName()) == null) + { + Security.addProvider(bouncyCastleProvider); + } + + cmsTimeStampedDataGenerator = new CMSTimeStampedDataGenerator(); + ByteArrayOutputStream origStream = new ByteArrayOutputStream(); + InputStream in = this.getClass().getResourceAsStream(fileInput); + int ch; + + while ((ch = in.read()) >= 0) + { + origStream.write(ch); + } + + origStream.close(); + + this.baseData = origStream.toByteArray(); + + } + + protected void tearDown() + throws Exception + { + cmsTimeStampedDataGenerator = null; + Security.removeProvider(bouncyCastleProvider.getName()); + } + + public void testGenerate() + throws Exception + { + BcDigestCalculatorProvider calculatorProvider = new BcDigestCalculatorProvider(); + ASN1ObjectIdentifier algOID = new ASN1ObjectIdentifier("2.16.840.1.101.3.4.2.1"); // SHA-256 + DigestCalculator hashCalculator = calculatorProvider.get(new AlgorithmIdentifier(algOID)); + + cmsTimeStampedDataGenerator.initialiseMessageImprintDigestCalculator(hashCalculator); + + hashCalculator.getOutputStream().write(baseData); + hashCalculator.getOutputStream().close(); + + TimeStampToken timeStampToken = createTimeStampToken(hashCalculator.getDigest(), NISTObjectIdentifiers.id_sha256); + CMSTimeStampedData cmsTimeStampedData = cmsTimeStampedDataGenerator.generate(timeStampToken, baseData); + + for (int i = 0; i < 3; i++) + { + byte[] newRequestData = cmsTimeStampedData.calculateNextHash(hashCalculator); + TimeStampToken newTimeStampToken = createTimeStampToken(newRequestData, NISTObjectIdentifiers.id_sha256); + cmsTimeStampedData = cmsTimeStampedData.addTimeStamp(newTimeStampToken); + } + byte[] timeStampedData = cmsTimeStampedData.getEncoded(); + + // verify + DigestCalculatorProvider newCalculatorProvider = new BcDigestCalculatorProvider(); + DigestCalculator imprintCalculator = cmsTimeStampedData.getMessageImprintDigestCalculator(newCalculatorProvider); + CMSTimeStampedData newCMSTimeStampedData = new CMSTimeStampedData(timeStampedData); + byte[] newContent = newCMSTimeStampedData.getContent(); + assertEquals("Content expected and verified are different", true, Arrays.areEqual(newContent, baseData)); + + imprintCalculator.getOutputStream().write(newContent); + + byte[] digest = imprintCalculator.getDigest(); + + TimeStampToken[] tokens = cmsTimeStampedData.getTimeStampTokens(); + assertEquals("TimeStampToken expected and verified are different", 4, tokens.length); + for (int i = 0; i < tokens.length; i++) + { + cmsTimeStampedData.validate(newCalculatorProvider, digest, tokens[i]); + } + } + + public void testGenerateWithMetadata() + throws Exception + { + cmsTimeStampedDataGenerator.setMetaData(true, fileInput, "TXT"); + + BcDigestCalculatorProvider calculatorProvider = new BcDigestCalculatorProvider(); + ASN1ObjectIdentifier algOID = new ASN1ObjectIdentifier("2.16.840.1.101.3.4.2.1"); // SHA-256 + DigestCalculator hashCalculator = calculatorProvider.get(new AlgorithmIdentifier(algOID)); + + cmsTimeStampedDataGenerator.initialiseMessageImprintDigestCalculator(hashCalculator); + + hashCalculator.getOutputStream().write(baseData); + hashCalculator.getOutputStream().close(); + + TimeStampToken timeStampToken = createTimeStampToken(hashCalculator.getDigest(), NISTObjectIdentifiers.id_sha256); + CMSTimeStampedData cmsTimeStampedData = cmsTimeStampedDataGenerator.generate(timeStampToken, baseData); + + for (int i = 0; i <= 3; i++) + { + byte[] newRequestData = cmsTimeStampedData.calculateNextHash(hashCalculator); + TimeStampToken newTimeStampToken = createTimeStampToken(newRequestData, NISTObjectIdentifiers.id_sha256); + cmsTimeStampedData = cmsTimeStampedData.addTimeStamp(newTimeStampToken); + } + byte[] timeStampedData = cmsTimeStampedData.getEncoded(); + + metadataCheck(timeStampedData); + metadataParserCheck(timeStampedData); + } + + public void testGenerateWithMetadataAndDifferentAlgorithmIdentifier() + throws Exception + { + cmsTimeStampedDataGenerator.setMetaData(true, fileInput, "TXT"); + + BcDigestCalculatorProvider calculatorProvider = new BcDigestCalculatorProvider(); + + ASN1ObjectIdentifier algIdentifier = NISTObjectIdentifiers.id_sha224; + + DigestCalculator hashCalculator = calculatorProvider.get(new AlgorithmIdentifier(algIdentifier)); + cmsTimeStampedDataGenerator.initialiseMessageImprintDigestCalculator(hashCalculator); + hashCalculator.getOutputStream().write(baseData); + hashCalculator.getOutputStream().close(); + + byte[] requestData = hashCalculator.getDigest(); + TimeStampToken timeStampToken = createTimeStampToken(requestData, algIdentifier); + + CMSTimeStampedData cmsTimeStampedData = cmsTimeStampedDataGenerator.generate(timeStampToken, baseData); + + for (int i = 0; i <= 3; i++) { + switch (i) { + case 0: + algIdentifier = NISTObjectIdentifiers.id_sha224; + break; + case 1: + algIdentifier = NISTObjectIdentifiers.id_sha256; + break; + case 2: + algIdentifier = NISTObjectIdentifiers.id_sha384; + break; + case 3: + algIdentifier = NISTObjectIdentifiers.id_sha512; + break; + } + hashCalculator = calculatorProvider.get(new AlgorithmIdentifier(algIdentifier)); + byte[] newRequestData = cmsTimeStampedData.calculateNextHash(hashCalculator); + TimeStampToken newTimeStampToken = createTimeStampToken(newRequestData, algIdentifier); + cmsTimeStampedData = cmsTimeStampedData.addTimeStamp(newTimeStampToken); + } + byte[] timeStampedData = cmsTimeStampedData.getEncoded(); + + metadataCheck(timeStampedData); + metadataParserCheck(timeStampedData); + + } + + + private void metadataCheck(byte[] timeStampedData) + throws Exception + { + CMSTimeStampedData cmsTspData = new CMSTimeStampedData(timeStampedData); + DigestCalculatorProvider newCalculatorProvider = new BcDigestCalculatorProvider(); + DigestCalculator imprintCalculator = cmsTspData.getMessageImprintDigestCalculator(newCalculatorProvider); + + byte[] newContent = cmsTspData.getContent(); + assertEquals("Content expected and verified are different", true, Arrays.areEqual(newContent, baseData)); + + imprintCalculator.getOutputStream().write(newContent); + + assertEquals(fileInput, cmsTspData.getFileName()); + assertEquals("TXT", cmsTspData.getMediaType()); + + byte[] digest = imprintCalculator.getDigest(); + + TimeStampToken[] tokens = cmsTspData.getTimeStampTokens(); + assertEquals("TimeStampToken expected and verified are different", 5, tokens.length); + for (int i = 0; i < tokens.length; i++) + { + cmsTspData.validate(newCalculatorProvider, digest, tokens[i]); + } + } + + private void metadataParserCheck(byte[] timeStampedData) + throws Exception + { + CMSTimeStampedDataParser cmsTspData = new CMSTimeStampedDataParser(timeStampedData); + DigestCalculatorProvider newCalculatorProvider = new BcDigestCalculatorProvider(); + + InputStream input = cmsTspData.getContent(); + ByteArrayOutputStream bOut = new ByteArrayOutputStream(); + + Streams.pipeAll(input, bOut); + + assertEquals("Content expected and verified are different", true, Arrays.areEqual(bOut.toByteArray(), baseData)); + + DigestCalculator imprintCalculator = cmsTspData.getMessageImprintDigestCalculator(newCalculatorProvider); + + Streams.pipeAll(new ByteArrayInputStream(bOut.toByteArray()), imprintCalculator.getOutputStream()); + + assertEquals(fileInput, cmsTspData.getFileName()); + assertEquals("TXT", cmsTspData.getMediaType()); + + byte[] digest = imprintCalculator.getDigest(); + + TimeStampToken[] tokens = cmsTspData.getTimeStampTokens(); + assertEquals("TimeStampToken expected and verified are different", 5, tokens.length); + for (int i = 0; i < tokens.length; i++) + { + cmsTspData.validate(newCalculatorProvider, digest, tokens[i]); + } + } + + private TimeStampToken createTimeStampToken(byte[] hash, ASN1ObjectIdentifier hashAlg) + throws Exception + { + String algorithmName = null; + if (hashAlg.equals(NISTObjectIdentifiers.id_sha224)) + { + algorithmName = "SHA224withRSA"; + } + else if (hashAlg.equals(NISTObjectIdentifiers.id_sha256)) + { + algorithmName = "SHA256withRSA"; + } + else if (hashAlg.equals(NISTObjectIdentifiers.id_sha384)) + { + algorithmName = "SHA384withRSA"; + } + else if (hashAlg.equals(NISTObjectIdentifiers.id_sha512)) + { + algorithmName = "SHA512withRSA"; + } + + String signDN = "O=Bouncy Castle, C=AU"; + KeyPair signKP = TSPTestUtil.makeKeyPair(); + X509Certificate signCert = TSPTestUtil.makeCACertificate(signKP, + signDN, signKP, signDN); + + String origDN = "CN=Eric H. Echidna, E=eric@bouncycastle.org, O=Bouncy Castle, C=AU"; + KeyPair origKP = TSPTestUtil.makeKeyPair(); + X509Certificate cert = TSPTestUtil.makeCertificate(origKP, + origDN, signKP, signDN); + + PrivateKey privateKey = origKP.getPrivate(); + + List certList = new ArrayList(); + certList.add(cert); + certList.add(signCert); + + Store certs = new JcaCertStore(certList); + + + TimeStampTokenGenerator tsTokenGen = new TimeStampTokenGenerator( + new JcaSimpleSignerInfoGeneratorBuilder().build(algorithmName, privateKey, cert), new SHA1DigestCalculator(), new ASN1ObjectIdentifier("1.2")); + + tsTokenGen.addCertificates(certs); + + TimeStampRequestGenerator reqGen = new TimeStampRequestGenerator(); + TimeStampRequest request = reqGen.generate(hashAlg, hash); + + TimeStampResponseGenerator tsRespGen = new TimeStampResponseGenerator(tsTokenGen, TSPAlgorithms.ALLOWED); + + TimeStampResponse tsResp = tsRespGen.generate(request, new BigInteger("23"), new Date()); + + tsResp = new TimeStampResponse(tsResp.getEncoded()); + + return tsResp.getTimeStampToken(); + } +} |