Welcome to mirror list, hosted at ThFree Co, Russian Federation.

gitlab.com/quite/humla-spongycastle.git - Unnamed repository; edit this file 'description' to name the repository.
summaryrefslogtreecommitdiff
path: root/pkix/src/test/jdk1.3/org/spongycastle/openssl/test/ParserTest.java
diff options
context:
space:
mode:
Diffstat (limited to 'pkix/src/test/jdk1.3/org/spongycastle/openssl/test/ParserTest.java')
-rw-r--r--pkix/src/test/jdk1.3/org/spongycastle/openssl/test/ParserTest.java492
1 files changed, 492 insertions, 0 deletions
diff --git a/pkix/src/test/jdk1.3/org/spongycastle/openssl/test/ParserTest.java b/pkix/src/test/jdk1.3/org/spongycastle/openssl/test/ParserTest.java
new file mode 100644
index 00000000..b4f932c4
--- /dev/null
+++ b/pkix/src/test/jdk1.3/org/spongycastle/openssl/test/ParserTest.java
@@ -0,0 +1,492 @@
+package org.spongycastle.openssl.test;
+
+import java.io.BufferedReader;
+import java.io.ByteArrayInputStream;
+import java.io.ByteArrayOutputStream;
+import java.io.IOException;
+import java.io.InputStream;
+import java.io.InputStreamReader;
+import java.io.OutputStreamWriter;
+import java.io.Reader;
+import java.math.BigInteger;
+import java.security.KeyPair;
+import java.security.KeyPairGenerator;
+import java.security.PrivateKey;
+import java.security.PublicKey;
+import java.security.SecureRandom;
+import java.security.Security;
+import java.security.Signature;
+import java.security.interfaces.DSAPrivateKey;
+import java.security.interfaces.RSAPrivateCrtKey;
+import java.security.interfaces.RSAPrivateKey;
+
+import org.spongycastle.asn1.ASN1ObjectIdentifier;
+import org.spongycastle.asn1.cms.CMSObjectIdentifiers;
+import org.spongycastle.asn1.cms.ContentInfo;
+import org.spongycastle.asn1.pkcs.PrivateKeyInfo;
+import org.spongycastle.asn1.x509.SubjectPublicKeyInfo;
+import org.spongycastle.asn1.x9.ECNamedCurveTable;
+import org.spongycastle.asn1.x9.X9ECParameters;
+import org.spongycastle.cert.X509CertificateHolder;
+import org.spongycastle.jce.provider.BouncyCastleProvider;
+import org.spongycastle.openssl.PEMDecryptorProvider;
+import org.spongycastle.openssl.PEMEncryptedKeyPair;
+import org.spongycastle.openssl.PEMKeyPair;
+import org.spongycastle.openssl.PEMParser;
+import org.spongycastle.openssl.PEMWriter;
+import org.spongycastle.openssl.PasswordFinder;
+import org.spongycastle.openssl.jcajce.JcaPEMKeyConverter;
+import org.spongycastle.openssl.jcajce.JceOpenSSLPKCS8DecryptorProviderBuilder;
+import org.spongycastle.openssl.jcajce.JcePEMDecryptorProviderBuilder;
+import org.spongycastle.operator.InputDecryptorProvider;
+import org.spongycastle.pkcs.PKCS8EncryptedPrivateKeyInfo;
+import org.spongycastle.util.test.SimpleTest;
+
+/**
+ * basic class for reading test.pem - the password is "secret"
+ */
+public class ParserTest
+ extends SimpleTest
+{
+ private static class Password
+ implements PasswordFinder
+ {
+ char[] password;
+
+ Password(
+ char[] word)
+ {
+ this.password = word;
+ }
+
+ public char[] getPassword()
+ {
+ return password;
+ }
+ }
+
+ public String getName()
+ {
+ return "PEMParserTest";
+ }
+
+ private PEMParser openPEMResource(
+ String fileName)
+ {
+ InputStream res = this.getClass().getResourceAsStream(fileName);
+ Reader fRd = new BufferedReader(new InputStreamReader(res));
+ return new PEMParser(fRd);
+ }
+
+ public void performTest()
+ throws Exception
+ {
+ PEMParser pemRd = openPEMResource("test.pem");
+ Object o;
+ PEMKeyPair pemPair;
+ KeyPair pair;
+
+ while ((o = pemRd.readObject()) != null)
+ {
+ if (o instanceof KeyPair)
+ {
+ //pair = (KeyPair)o;
+
+ //System.out.println(pair.getPublic());
+ //System.out.println(pair.getPrivate());
+ }
+ else
+ {
+ //System.out.println(o.toString());
+ }
+ }
+
+ // test bogus lines before begin are ignored.
+ pemRd = openPEMResource("extratest.pem");
+
+ while ((o = pemRd.readObject()) != null)
+ {
+ if (!(o instanceof X509CertificateHolder))
+ {
+ fail("wrong object found");
+ }
+ }
+
+ //
+ // pkcs 7 data
+ //
+ pemRd = openPEMResource("pkcs7.pem");
+ ContentInfo d = (ContentInfo)pemRd.readObject();
+
+ if (!d.getContentType().equals(CMSObjectIdentifiers.envelopedData))
+ {
+ fail("failed envelopedData check");
+ }
+
+ //
+ // ECKey
+ //
+ pemRd = openPEMResource("eckey.pem");
+ ASN1ObjectIdentifier ecOID = (ASN1ObjectIdentifier)pemRd.readObject();
+ X9ECParameters ecSpec = ECNamedCurveTable.getByOID(ecOID);
+
+ if (ecSpec == null)
+ {
+ fail("ecSpec not found for named curve");
+ }
+
+ pemPair = (PEMKeyPair)pemRd.readObject();
+
+ pair = new JcaPEMKeyConverter().setProvider("SC").getKeyPair(pemPair);
+
+ Signature sgr = Signature.getInstance("ECDSA", "SC");
+
+ sgr.initSign(pair.getPrivate());
+
+ byte[] message = new byte[] { (byte)'a', (byte)'b', (byte)'c' };
+
+ sgr.update(message);
+
+ byte[] sigBytes = sgr.sign();
+
+ sgr.initVerify(pair.getPublic());
+
+ sgr.update(message);
+
+ if (!sgr.verify(sigBytes))
+ {
+ fail("EC verification failed");
+ }
+
+ if (!pair.getPublic().getAlgorithm().equals("ECDSA"))
+ {
+ fail("wrong algorithm name on public got: " + pair.getPublic().getAlgorithm());
+ }
+
+ if (!pair.getPrivate().getAlgorithm().equals("ECDSA"))
+ {
+ fail("wrong algorithm name on private");
+ }
+
+ //
+ // ECKey -- explicit parameters
+ //
+ pemRd = openPEMResource("ecexpparam.pem");
+ ecSpec = (X9ECParameters)pemRd.readObject();
+
+ pemPair = (PEMKeyPair)pemRd.readObject();
+
+ pair = new JcaPEMKeyConverter().setProvider("SC").getKeyPair(pemPair);
+
+ sgr = Signature.getInstance("ECDSA", "SC");
+
+ sgr.initSign(pair.getPrivate());
+
+ message = new byte[] { (byte)'a', (byte)'b', (byte)'c' };
+
+ sgr.update(message);
+
+ sigBytes = sgr.sign();
+
+ sgr.initVerify(pair.getPublic());
+
+ sgr.update(message);
+
+ if (!sgr.verify(sigBytes))
+ {
+ fail("EC verification failed");
+ }
+
+ if (!pair.getPublic().getAlgorithm().equals("ECDSA"))
+ {
+ fail("wrong algorithm name on public got: " + pair.getPublic().getAlgorithm());
+ }
+
+ if (!pair.getPrivate().getAlgorithm().equals("ECDSA"))
+ {
+ fail("wrong algorithm name on private");
+ }
+
+ //
+ // writer/parser test
+ //
+ KeyPairGenerator kpGen = KeyPairGenerator.getInstance("RSA", "SC");
+
+ pair = kpGen.generateKeyPair();
+
+ keyPairTest("RSA", pair);
+
+ kpGen = KeyPairGenerator.getInstance("DSA", "SC");
+ kpGen.initialize(512, new SecureRandom());
+ pair = kpGen.generateKeyPair();
+
+ keyPairTest("DSA", pair);
+
+ //
+ // PKCS7
+ //
+ ByteArrayOutputStream bOut = new ByteArrayOutputStream();
+ PEMWriter pWrt = new PEMWriter(new OutputStreamWriter(bOut));
+
+ pWrt.writeObject(d);
+
+ pWrt.close();
+
+ pemRd = new PEMParser(new InputStreamReader(new ByteArrayInputStream(bOut.toByteArray())));
+ d = (ContentInfo)pemRd.readObject();
+
+ if (!d.getContentType().equals(CMSObjectIdentifiers.envelopedData))
+ {
+ fail("failed envelopedData recode check");
+ }
+
+
+ // OpenSSL test cases (as embedded resources)
+ doOpenSslDsaTest("unencrypted");
+ doOpenSslRsaTest("unencrypted");
+
+ doOpenSslTests("aes128");
+ doOpenSslTests("aes192");
+ doOpenSslTests("aes256");
+ doOpenSslTests("blowfish");
+ doOpenSslTests("des1");
+ doOpenSslTests("des2");
+ doOpenSslTests("des3");
+ doOpenSslTests("rc2_128");
+
+ doOpenSslDsaTest("rc2_40_cbc");
+ doOpenSslRsaTest("rc2_40_cbc");
+ doOpenSslDsaTest("rc2_64_cbc");
+ doOpenSslRsaTest("rc2_64_cbc");
+
+ doDudPasswordTest("7fd98", 0, "corrupted stream - out of bounds length found");
+ doDudPasswordTest("ef677", 1, "corrupted stream - out of bounds length found");
+ doDudPasswordTest("800ce", 2, "unknown tag 26 encountered");
+ doDudPasswordTest("b6cd8", 3, "DEF length 81 object truncated by 56");
+ doDudPasswordTest("28ce09", 4, "DEF length 110 object truncated by 28");
+ doDudPasswordTest("2ac3b9", 5, "DER length more than 4 bytes: 11");
+ doDudPasswordTest("2cba96", 6, "DEF length 100 object truncated by 35");
+ doDudPasswordTest("2e3354", 7, "DEF length 42 object truncated by 9");
+ doDudPasswordTest("2f4142", 8, "DER length more than 4 bytes: 14");
+ doDudPasswordTest("2fe9bb", 9, "DER length more than 4 bytes: 65");
+ doDudPasswordTest("3ee7a8", 10, "DER length more than 4 bytes: 57");
+ doDudPasswordTest("41af75", 11, "unknown tag 16 encountered");
+ doDudPasswordTest("1704a5", 12, "corrupted stream detected");
+ doDudPasswordTest("1c5822", 13, "unknown object in getInstance: org.spongycastle.asn1.DERUTF8String");
+ doDudPasswordTest("5a3d16", 14, "corrupted stream detected");
+ doDudPasswordTest("8d0c97", 15, "corrupted stream detected");
+ doDudPasswordTest("bc0daf", 16, "corrupted stream detected");
+ doDudPasswordTest("aaf9c4d",17, "corrupted stream - out of bounds length found");
+
+ doNoPasswordTest();
+
+ // encrypted private key test
+ InputDecryptorProvider pkcs8Prov = new JceOpenSSLPKCS8DecryptorProviderBuilder().build("password".toCharArray());
+ pemRd = openPEMResource("enckey.pem");
+
+ PKCS8EncryptedPrivateKeyInfo encPrivKeyInfo = (PKCS8EncryptedPrivateKeyInfo)pemRd.readObject();
+ JcaPEMKeyConverter converter = new JcaPEMKeyConverter().setProvider("SC");
+
+ RSAPrivateCrtKey privKey = (RSAPrivateCrtKey)converter.getPrivateKey(encPrivKeyInfo.decryptPrivateKeyInfo(pkcs8Prov));
+
+ if (!privKey.getPublicExponent().equals(new BigInteger("10001", 16)))
+ {
+ fail("decryption of private key data check failed");
+ }
+
+ // general PKCS8 test
+
+ pemRd = openPEMResource("pkcs8test.pem");
+
+ Object privInfo;
+
+ while ((privInfo = pemRd.readObject()) != null)
+ {
+ if (privInfo instanceof PrivateKeyInfo)
+ {
+ privKey = (RSAPrivateCrtKey)converter.getPrivateKey(PrivateKeyInfo.getInstance(privInfo));
+ }
+ else
+ {
+ privKey = (RSAPrivateCrtKey)converter.getPrivateKey(((PKCS8EncryptedPrivateKeyInfo)privInfo).decryptPrivateKeyInfo(pkcs8Prov));
+ }
+ if (!privKey.getPublicExponent().equals(new BigInteger("10001", 16)))
+ {
+ fail("decryption of private key data check failed");
+ }
+ }
+ }
+
+ private void keyPairTest(
+ String name,
+ KeyPair pair)
+ throws IOException
+ {
+ PEMParser pemRd;
+ ByteArrayOutputStream bOut = new ByteArrayOutputStream();
+ PEMWriter pWrt = new PEMWriter(new OutputStreamWriter(bOut));
+
+ pWrt.writeObject(pair.getPublic());
+
+ pWrt.close();
+
+ pemRd = new PEMParser(new InputStreamReader(new ByteArrayInputStream(bOut.toByteArray())));
+
+ SubjectPublicKeyInfo pub = SubjectPublicKeyInfo.getInstance(pemRd.readObject());
+ JcaPEMKeyConverter converter = new JcaPEMKeyConverter().setProvider("SC");
+
+ PublicKey k = converter.getPublicKey(pub);
+
+ if (!k.equals(pair.getPublic()))
+ {
+ fail("Failed public key read: " + name);
+ }
+
+ bOut = new ByteArrayOutputStream();
+ pWrt = new PEMWriter(new OutputStreamWriter(bOut));
+
+ pWrt.writeObject(pair.getPrivate());
+
+ pWrt.close();
+
+ pemRd = new PEMParser(new InputStreamReader(new ByteArrayInputStream(bOut.toByteArray())));
+
+ KeyPair kPair = converter.getKeyPair((PEMKeyPair)pemRd.readObject());
+ if (!kPair.getPrivate().equals(pair.getPrivate()))
+ {
+ fail("Failed private key read: " + name);
+ }
+
+ if (!kPair.getPublic().equals(pair.getPublic()))
+ {
+ fail("Failed private key public read: " + name);
+ }
+ }
+
+ private void doOpenSslTests(
+ String baseName)
+ throws IOException
+ {
+ doOpenSslDsaModesTest(baseName);
+ doOpenSslRsaModesTest(baseName);
+ }
+
+ private void doOpenSslDsaModesTest(
+ String baseName)
+ throws IOException
+ {
+ doOpenSslDsaTest(baseName + "_cbc");
+ doOpenSslDsaTest(baseName + "_cfb");
+ doOpenSslDsaTest(baseName + "_ecb");
+ doOpenSslDsaTest(baseName + "_ofb");
+ }
+
+ private void doOpenSslRsaModesTest(
+ String baseName)
+ throws IOException
+ {
+ doOpenSslRsaTest(baseName + "_cbc");
+ doOpenSslRsaTest(baseName + "_cfb");
+ doOpenSslRsaTest(baseName + "_ecb");
+ doOpenSslRsaTest(baseName + "_ofb");
+ }
+
+ private void doOpenSslDsaTest(
+ String name)
+ throws IOException
+ {
+ String fileName = "dsa/openssl_dsa_" + name + ".pem";
+
+ doOpenSslTestFile(fileName, DSAPrivateKey.class);
+ }
+
+ private void doOpenSslRsaTest(
+ String name)
+ throws IOException
+ {
+ String fileName = "rsa/openssl_rsa_" + name + ".pem";
+
+ doOpenSslTestFile(fileName, RSAPrivateKey.class);
+ }
+
+ private void doOpenSslTestFile(
+ String fileName,
+ Class expectedPrivKeyClass)
+ throws IOException
+ {
+ JcaPEMKeyConverter converter = new JcaPEMKeyConverter().setProvider("SC");
+ PEMDecryptorProvider decProv = new JcePEMDecryptorProviderBuilder().setProvider("SC").build("changeit".toCharArray());
+ PEMParser pr = openPEMResource("data/" + fileName);
+ Object o = pr.readObject();
+
+ if (o == null || !((o instanceof PEMKeyPair) || (o instanceof PEMEncryptedKeyPair)))
+ {
+ fail("Didn't find OpenSSL key");
+ }
+
+ KeyPair kp = (o instanceof PEMEncryptedKeyPair) ?
+ converter.getKeyPair(((PEMEncryptedKeyPair)o).decryptKeyPair(decProv)) : converter.getKeyPair((PEMKeyPair)o);
+
+ PrivateKey privKey = kp.getPrivate();
+
+ if (!expectedPrivKeyClass.isInstance(privKey))
+ {
+ fail("Returned key not of correct type");
+ }
+ }
+
+ private void doDudPasswordTest(String password, int index, String message)
+ {
+ // illegal state exception check - in this case the wrong password will
+ // cause an underlying class cast exception.
+ try
+ {
+ PEMDecryptorProvider decProv = new JcePEMDecryptorProviderBuilder().setProvider("SC").build(password.toCharArray());
+
+ PEMParser pemRd = openPEMResource("test.pem");
+ Object o;
+
+ while ((o = pemRd.readObject()) != null)
+ {
+ if (o instanceof PEMEncryptedKeyPair)
+ {
+ ((PEMEncryptedKeyPair)o).decryptKeyPair(decProv);
+ }
+ }
+
+ fail("issue not detected: " + index);
+ }
+ catch (IOException e)
+ {
+ // ignore
+ }
+ }
+
+ private void doNoPasswordTest()
+ throws IOException
+ {
+ PEMDecryptorProvider decProv = new JcePEMDecryptorProviderBuilder().setProvider("SC").build("".toCharArray());
+
+ PEMParser pemRd = openPEMResource("smimenopw.pem");
+ Object o;
+ PrivateKeyInfo key = null;
+
+ while ((o = pemRd.readObject()) != null)
+ {
+ key = (PrivateKeyInfo)o;
+ }
+
+ if (key == null)
+ {
+ fail("private key not detected");
+ }
+ }
+
+ public static void main(
+ String[] args)
+ {
+ Security.addProvider(new BouncyCastleProvider());
+
+ runTest(new ParserTest());
+ }
+}
generated by cgit v1.2.3 (git 2.25.1) at 2024-05-23 09:22:36 +0300