diff options
Diffstat (limited to 'prov/src/test/jdk1.4/org/spongycastle/jce/provider/test')
8 files changed, 2624 insertions, 0 deletions
diff --git a/prov/src/test/jdk1.4/org/spongycastle/jce/provider/test/DHTest.java b/prov/src/test/jdk1.4/org/spongycastle/jce/provider/test/DHTest.java new file mode 100644 index 00000000..3112e9f3 --- /dev/null +++ b/prov/src/test/jdk1.4/org/spongycastle/jce/provider/test/DHTest.java @@ -0,0 +1,558 @@ +package org.spongycastle.jce.provider.test; + +import java.io.ByteArrayInputStream; +import java.io.ByteArrayOutputStream; +import java.io.ObjectInputStream; +import java.io.ObjectOutputStream; +import java.math.BigInteger; +import java.security.AlgorithmParameterGenerator; +import java.security.AlgorithmParameters; +import java.security.Key; +import java.security.KeyFactory; +import java.security.KeyPair; +import java.security.KeyPairGenerator; +import java.security.SecureRandom; +import java.security.Security; +import java.security.spec.PKCS8EncodedKeySpec; +import java.security.spec.X509EncodedKeySpec; + +import javax.crypto.KeyAgreement; +import javax.crypto.interfaces.DHPrivateKey; +import javax.crypto.interfaces.DHPublicKey; +import javax.crypto.spec.DHParameterSpec; + +import org.spongycastle.jce.interfaces.ECPrivateKey; +import org.spongycastle.jce.interfaces.ECPublicKey; +import org.spongycastle.jce.provider.BouncyCastleProvider; +import org.spongycastle.jce.spec.ECParameterSpec; +import org.spongycastle.math.ec.ECCurve; +import org.spongycastle.util.encoders.Hex; +import org.spongycastle.util.test.SimpleTestResult; +import org.spongycastle.util.test.Test; +import org.spongycastle.util.test.TestResult; + +public class DHTest + implements Test +{ + private BigInteger g512 = new BigInteger("153d5d6172adb43045b68ae8e1de1070b6137005686d29d3d73a7749199681ee5b212c9b96bfdcfa5b20cd5e3fd2044895d609cf9b410b7a0f12ca1cb9a428cc", 16); + private BigInteger p512 = new BigInteger("9494fec095f3b85ee286542b3836fc81a5dd0a0349b4c239dd38744d488cf8e31db8bcb7d33b41abb9e5a33cca9144b1cef332c94bf0573bf047a3aca98cdf3b", 16); + + private BigInteger g768 = new BigInteger("7c240073c1316c621df461b71ebb0cdcc90a6e5527e5e126633d131f87461c4dc4afc60c2cb0f053b6758871489a69613e2a8b4c8acde23954c08c81cbd36132cfd64d69e4ed9f8e51ed6e516297206672d5c0a69135df0a5dcf010d289a9ca1", 16); + private BigInteger p768 = new BigInteger("8c9dd223debed1b80103b8b309715be009d48860ed5ae9b9d5d8159508efd802e3ad4501a7f7e1cfec78844489148cd72da24b21eddd01aa624291c48393e277cfc529e37075eccef957f3616f962d15b44aeab4039d01b817fde9eaa12fd73f", 16); + + private BigInteger g1024 = new BigInteger("1db17639cdf96bc4eabba19454f0b7e5bd4e14862889a725c96eb61048dcd676ceb303d586e30f060dbafd8a571a39c4d823982117da5cc4e0f89c77388b7a08896362429b94a18a327604eb7ff227bffbc83459ade299e57b5f77b50fb045250934938efa145511166e3197373e1b5b1e52de713eb49792bedde722c6717abf", 16); + private BigInteger p1024 = new BigInteger("a00e283b3c624e5b2b4d9fbc2653b5185d99499b00fd1bf244c6f0bb817b4d1c451b2958d62a0f8a38caef059fb5ecd25d75ed9af403f5b5bdab97a642902f824e3c13789fed95fa106ddfe0ff4a707c85e2eb77d49e68f2808bcea18ce128b178cd287c6bc00efa9a1ad2a673fe0dceace53166f75b81d6709d5f8af7c66bb7", 16); + + public String getName() + { + return "DH"; + } + + private TestResult testGP( + int size, + BigInteger g, + BigInteger p) + { + DHParameterSpec dhParams = new DHParameterSpec(p, g); + + try + { + KeyPairGenerator keyGen = KeyPairGenerator.getInstance("DH", "SC"); + + keyGen.initialize(dhParams); + + // + // a side + // + KeyPair aKeyPair = keyGen.generateKeyPair(); + + KeyAgreement aKeyAgree = KeyAgreement.getInstance("DH", "SC"); + + aKeyAgree.init(aKeyPair.getPrivate()); + + // + // b side + // + KeyPair bKeyPair = keyGen.generateKeyPair(); + + KeyAgreement bKeyAgree = KeyAgreement.getInstance("DH", "SC"); + + bKeyAgree.init(bKeyPair.getPrivate()); + + // + // agreement + // + aKeyAgree.doPhase(bKeyPair.getPublic(), true); + bKeyAgree.doPhase(aKeyPair.getPublic(), true); + + BigInteger k1 = new BigInteger(aKeyAgree.generateSecret()); + BigInteger k2 = new BigInteger(bKeyAgree.generateSecret()); + + if (!k1.equals(k2)) + { + return new SimpleTestResult(false, size + " bit 2-way test failed"); + } + + // + // public key encoding test + // + byte[] pubEnc = aKeyPair.getPublic().getEncoded(); + KeyFactory keyFac = KeyFactory.getInstance("DH", "SC"); + X509EncodedKeySpec pubX509 = new X509EncodedKeySpec(pubEnc); + DHPublicKey pubKey = (DHPublicKey)keyFac.generatePublic(pubX509); + DHParameterSpec spec = pubKey.getParams(); + + if (!spec.getG().equals(dhParams.getG()) || !spec.getP().equals(dhParams.getP())) + { + return new SimpleTestResult(false, size + " bit public key encoding/decoding test failed on parameters"); + } + + if (!((DHPublicKey)aKeyPair.getPublic()).getY().equals(pubKey.getY())) + { + return new SimpleTestResult(false, size + " bit public key encoding/decoding test failed on y value"); + } + + // + // public key serialisation test + // + ByteArrayOutputStream bOut = new ByteArrayOutputStream(); + ObjectOutputStream oOut = new ObjectOutputStream(bOut); + + oOut.writeObject(aKeyPair.getPublic()); + + ByteArrayInputStream bIn = new ByteArrayInputStream(bOut.toByteArray()); + ObjectInputStream oIn = new ObjectInputStream(bIn); + + pubKey = (DHPublicKey)oIn.readObject(); + spec = pubKey.getParams(); + + if (!spec.getG().equals(dhParams.getG()) || !spec.getP().equals(dhParams.getP())) + { + return new SimpleTestResult(false, size + " bit public key serialisation test failed on parameters"); + } + + if (!((DHPublicKey)aKeyPair.getPublic()).getY().equals(pubKey.getY())) + { + return new SimpleTestResult(false, size + " bit public key serialisation test failed on y value"); + } + + // + // private key encoding test + // + byte[] privEnc = aKeyPair.getPrivate().getEncoded(); + PKCS8EncodedKeySpec privPKCS8 = new PKCS8EncodedKeySpec(privEnc); + DHPrivateKey privKey = (DHPrivateKey)keyFac.generatePrivate(privPKCS8); + + spec = privKey.getParams(); + + if (!spec.getG().equals(dhParams.getG()) || !spec.getP().equals(dhParams.getP())) + { + return new SimpleTestResult(false, size + " bit private key encoding/decoding test failed on parameters"); + } + + if (!((DHPrivateKey)aKeyPair.getPrivate()).getX().equals(privKey.getX())) + { + return new SimpleTestResult(false, size + " bit private key encoding/decoding test failed on y value"); + } + + // + // private key serialisation test + // + bOut = new ByteArrayOutputStream(); + oOut = new ObjectOutputStream(bOut); + + oOut.writeObject(aKeyPair.getPrivate()); + + bIn = new ByteArrayInputStream(bOut.toByteArray()); + oIn = new ObjectInputStream(bIn); + + privKey = (DHPrivateKey)oIn.readObject(); + spec = privKey.getParams(); + + if (!spec.getG().equals(dhParams.getG()) || !spec.getP().equals(dhParams.getP())) + { + return new SimpleTestResult(false, size + " bit private key serialisation test failed on parameters"); + } + + if (!((DHPrivateKey)aKeyPair.getPrivate()).getX().equals(privKey.getX())) + { + return new SimpleTestResult(false, size + " bit private key serialisation test failed on y value"); + } + + // + // three party test + // + KeyPairGenerator aPairGen = KeyPairGenerator.getInstance("DH", "SC"); + aPairGen.initialize(spec); + KeyPair aPair = aPairGen.generateKeyPair(); + + KeyPairGenerator bPairGen = KeyPairGenerator.getInstance("DH", "SC"); + bPairGen.initialize(spec); + KeyPair bPair = bPairGen.generateKeyPair(); + + KeyPairGenerator cPairGen = KeyPairGenerator.getInstance("DH", "SC"); + cPairGen.initialize(spec); + KeyPair cPair = cPairGen.generateKeyPair(); + + aKeyAgree.init(aPair.getPrivate()); + + bKeyAgree.init(bPair.getPrivate()); + + KeyAgreement cKeyAgree = KeyAgreement.getInstance("DH", "SC"); + cKeyAgree.init(cPair.getPrivate()); + + Key ac = aKeyAgree.doPhase(cPair.getPublic(), false); + + Key ba = bKeyAgree.doPhase(aPair.getPublic(), false); + + Key cb = cKeyAgree.doPhase(bPair.getPublic(), false); + + aKeyAgree.doPhase(cb, true); + + bKeyAgree.doPhase(ac, true); + + cKeyAgree.doPhase(ba, true); + + BigInteger aShared = new BigInteger(aKeyAgree.generateSecret()); + BigInteger bShared = new BigInteger(bKeyAgree.generateSecret()); + BigInteger cShared = new BigInteger(cKeyAgree.generateSecret()); + + if (!aShared.equals(bShared)) + { + return new SimpleTestResult(false, size + " bit 3-way test failed (a and b differ)"); + } + + if (!cShared.equals(bShared)) + { + return new SimpleTestResult(false, size + " bit 3-way test failed (c and b differ)"); + } + } + catch (Exception e) + { + return new SimpleTestResult(false, size + " bit 2-way test failed - exception: " + e); + } + + return new SimpleTestResult(true, this.getName() + ": Okay"); + } + + private TestResult testRandom( + int size) + { + try + { + AlgorithmParameterGenerator a = AlgorithmParameterGenerator.getInstance("DH", "SC"); + a.init(size, new SecureRandom()); + AlgorithmParameters params = a.generateParameters(); + + byte[] encodeParams = params.getEncoded(); + + AlgorithmParameters a2 = AlgorithmParameters.getInstance("DH", "SC"); + a2.init(encodeParams); + + // a and a2 should be equivalent! + byte[] encodeParams_2 = a2.getEncoded(); + + if (!arrayEquals(encodeParams, encodeParams_2)) + { + return new SimpleTestResult(false, this.getName() + ": encode/decode parameters failed"); + } + + DHParameterSpec dhP = (DHParameterSpec)params.getParameterSpec(DHParameterSpec.class); + + return testGP(size, dhP.getG(), dhP.getP()); + } + catch (Exception e) + { + return new SimpleTestResult(false, this.getName() + ": exception - " + e.toString()); + } + } + + private TestResult testECDH() + { + try + { + KeyPairGenerator g = KeyPairGenerator.getInstance("ECDH", "SC"); + + ECCurve curve = new ECCurve.Fp( + new BigInteger("883423532389192164791648750360308885314476597252960362792450860609699839"), // q + new BigInteger("7fffffffffffffffffffffff7fffffffffff8000000000007ffffffffffc", 16), // a + new BigInteger("6b016c3bdcf18941d0d654921475ca71a9db2fb27d1d37796185c2942c0a", 16)); // b + + ECParameterSpec ecSpec = new ECParameterSpec( + curve, + curve.decodePoint(Hex.decode("020ffa963cdca8816ccc33b8642bedf905c3d358573d3f27fbbd3b3cb9aaaf")), // G + new BigInteger("883423532389192164791648750360308884807550341691627752275345424702807307")); // n + + g.initialize(ecSpec, new SecureRandom()); + + // + // a side + // + KeyPair aKeyPair = g.generateKeyPair(); + + KeyAgreement aKeyAgree = KeyAgreement.getInstance("ECDH", "SC"); + + aKeyAgree.init(aKeyPair.getPrivate()); + + // + // b side + // + KeyPair bKeyPair = g.generateKeyPair(); + + KeyAgreement bKeyAgree = KeyAgreement.getInstance("ECDH", "SC"); + + bKeyAgree.init(bKeyPair.getPrivate()); + + // + // agreement + // + aKeyAgree.doPhase(bKeyPair.getPublic(), true); + bKeyAgree.doPhase(aKeyPair.getPublic(), true); + + BigInteger k1 = new BigInteger(aKeyAgree.generateSecret()); + BigInteger k2 = new BigInteger(bKeyAgree.generateSecret()); + + if (!k1.equals(k2)) + { + return new SimpleTestResult(false, "ECDH 2-way test failed"); + } + + // + // public key encoding test + // + byte[] pubEnc = aKeyPair.getPublic().getEncoded(); + KeyFactory keyFac = KeyFactory.getInstance("ECDH", "SC"); + X509EncodedKeySpec pubX509 = new X509EncodedKeySpec(pubEnc); + ECPublicKey pubKey = (ECPublicKey)keyFac.generatePublic(pubX509); + + if (!pubKey.getQ().equals(((ECPublicKey)aKeyPair.getPublic()).getQ())) + { + return new SimpleTestResult(false, "ECDH public key encoding (Q test) failed"); + } + + if (!pubKey.getParameters().getG().equals(((ECPublicKey)aKeyPair.getPublic()).getParameters().getG())) + { + return new SimpleTestResult(false, "ECDH public key encoding (G test) failed"); + } + + // + // private key encoding test + // + byte[] privEnc = aKeyPair.getPrivate().getEncoded(); + PKCS8EncodedKeySpec privPKCS8 = new PKCS8EncodedKeySpec(privEnc); + ECPrivateKey privKey = (ECPrivateKey)keyFac.generatePrivate(privPKCS8); + + if (!privKey.getD().equals(((ECPrivateKey)aKeyPair.getPrivate()).getD())) + { + return new SimpleTestResult(false, "ECDH private key encoding (D test) failed"); + } + + if (!privKey.getParameters().getG().equals(((ECPrivateKey)aKeyPair.getPrivate()).getParameters().getG())) + { + return new SimpleTestResult(false, "ECDH private key encoding (G test) failed"); + } + } + catch (Exception e) + { + return new SimpleTestResult(false, "ECDH 2-way test failed - exception: " + e); + } + + return new SimpleTestResult(true, this.getName() + ": Okay"); + } + + private TestResult testECDHC() + { + try + { + KeyPairGenerator g = KeyPairGenerator.getInstance("ECDH", "SC"); + + ECCurve curve = new ECCurve.Fp( + new BigInteger("883423532389192164791648750360308885314476597252960362792450860609699839"), // q + new BigInteger("7fffffffffffffffffffffff7fffffffffff8000000000007ffffffffffc", 16), // a + new BigInteger("6b016c3bdcf18941d0d654921475ca71a9db2fb27d1d37796185c2942c0a", 16)); // b + + ECParameterSpec ecSpec = new ECParameterSpec( + curve, + curve.decodePoint(Hex.decode("020ffa963cdca8816ccc33b8642bedf905c3d358573d3f27fbbd3b3cb9aaaf")), // G + new BigInteger("883423532389192164791648750360308884807550341691627752275345424702807307")); // n + + g.initialize(ecSpec, new SecureRandom()); + + // + // a side + // + KeyPair aKeyPair = g.generateKeyPair(); + + KeyAgreement aKeyAgree = KeyAgreement.getInstance("ECDHC", "SC"); + + aKeyAgree.init(aKeyPair.getPrivate()); + + // + // b side + // + KeyPair bKeyPair = g.generateKeyPair(); + + KeyAgreement bKeyAgree = KeyAgreement.getInstance("ECDHC", "SC"); + + bKeyAgree.init(bKeyPair.getPrivate()); + + // + // agreement + // + aKeyAgree.doPhase(bKeyPair.getPublic(), true); + bKeyAgree.doPhase(aKeyPair.getPublic(), true); + + BigInteger k1 = new BigInteger(aKeyAgree.generateSecret()); + BigInteger k2 = new BigInteger(bKeyAgree.generateSecret()); + + if (!k1.equals(k2)) + { + return new SimpleTestResult(false, "ECDHC 2-way test failed"); + } + + // + // public key encoding test + // + byte[] pubEnc = aKeyPair.getPublic().getEncoded(); + KeyFactory keyFac = KeyFactory.getInstance("ECDH", "SC"); + X509EncodedKeySpec pubX509 = new X509EncodedKeySpec(pubEnc); + ECPublicKey pubKey = (ECPublicKey)keyFac.generatePublic(pubX509); + + if (!pubKey.getQ().equals(((ECPublicKey)aKeyPair.getPublic()).getQ())) + { + return new SimpleTestResult(false, "ECDH public key encoding (Q test) failed"); + } + + if (!pubKey.getParameters().getN().equals(((ECPublicKey)aKeyPair.getPublic()).getParameters().getN())) + { + return new SimpleTestResult(false, "ECDH public key encoding (N test) failed"); + } + + // + // private key encoding test + // + byte[] privEnc = aKeyPair.getPrivate().getEncoded(); + PKCS8EncodedKeySpec privPKCS8 = new PKCS8EncodedKeySpec(privEnc); + ECPrivateKey privKey = (ECPrivateKey)keyFac.generatePrivate(privPKCS8); + + if (!privKey.getD().equals(((ECPrivateKey)aKeyPair.getPrivate()).getD())) + { + return new SimpleTestResult(false, "ECDH private key encoding (D test) failed"); + } + + if (!privKey.getParameters().getN().equals(((ECPrivateKey)aKeyPair.getPrivate()).getParameters().getN())) + { + return new SimpleTestResult(false, "ECDH private key encoding (N test) failed"); + } + } + catch (Exception e) + { + return new SimpleTestResult(false, "ECDHC 2-way test failed - exception: " + e); + } + + return new SimpleTestResult(true, this.getName() + ": Okay"); + } + + private TestResult testExceptions() + { + DHParameterSpec dhParams = new DHParameterSpec(p512, g512); + + try + { + KeyAgreement aKeyAgree = KeyAgreement.getInstance("DH", "SC"); + + aKeyAgree.generateSecret("DES"); + } + catch (IllegalStateException e) + { + // okay + } + catch (Exception e) + { + return new SimpleTestResult(false, "Unexpected exception: " + e, e); + } + + return new SimpleTestResult(true, this.getName() + ": Okay"); + } + + private boolean arrayEquals( + byte[] a, + byte[] b) + { + if (a.length != b.length) + { + return false; + } + + for (int i = 0; i != a.length; i++) + { + if (a[i] != b[i]) + { + return false; + } + } + + return true; + } + + + public TestResult perform() + { + TestResult result; + + result = testGP(512, g512, p512); + if (!result.isSuccessful()) + { + return result; + } + + result = testGP(768, g768, p768); + if (!result.isSuccessful()) + { + return result; + } + + result = testGP(1024, g1024, p1024); + if (!result.isSuccessful()) + { + return result; + } + + result = testRandom(256); + if (!result.isSuccessful()) + { + return result; + } + + result = testECDH(); + if (!result.isSuccessful()) + { + return result; + } + + result = testECDHC(); + if (!result.isSuccessful()) + { + return result; + } + + result = testExceptions(); + if (!result.isSuccessful()) + { + return result; + } + + return result; + } + + public static void main( + String[] args) + { + Security.addProvider(new BouncyCastleProvider()); + + DHTest test = new DHTest(); + TestResult result = test.perform(); + + System.out.println(result); + } +} diff --git a/prov/src/test/jdk1.4/org/spongycastle/jce/provider/test/ECIESTest.java b/prov/src/test/jdk1.4/org/spongycastle/jce/provider/test/ECIESTest.java new file mode 100644 index 00000000..25af8f54 --- /dev/null +++ b/prov/src/test/jdk1.4/org/spongycastle/jce/provider/test/ECIESTest.java @@ -0,0 +1,248 @@ +package org.spongycastle.jce.provider.test; + +import java.math.BigInteger; +import java.security.AlgorithmParameters; +import java.security.KeyPair; +import java.security.KeyPairGenerator; +import java.security.PrivateKey; +import java.security.PublicKey; +import java.security.SecureRandom; +import java.security.Security; + +import javax.crypto.Cipher; + +import org.spongycastle.jce.provider.BouncyCastleProvider; +import org.spongycastle.jce.spec.ECParameterSpec; +import org.spongycastle.jce.spec.IEKeySpec; +import org.spongycastle.jce.spec.IESParameterSpec; +import org.spongycastle.math.ec.ECCurve; +import org.spongycastle.util.encoders.Hex; +import org.spongycastle.util.test.SimpleTestResult; +import org.spongycastle.util.test.Test; +import org.spongycastle.util.test.TestResult; + +/** + * test for ECIES - Elliptic Curve Integrated Encryption Scheme + */ +public class ECIESTest + implements Test +{ + ECIESTest() + { + } + + public String getName() + { + return "ECIES"; + } + + private boolean sameAs( + byte[] a, + byte[] b) + { + if (a.length != b.length) + { + return false; + } + + for (int i = 0; i != a.length; i++) + { + if (a[i] != b[i]) + { + return false; + } + } + + return true; + } + + public TestResult perform() + { + TestResult res; + + try + { + KeyPairGenerator g = KeyPairGenerator.getInstance("ECIES", "SC"); + + ECCurve curve = new ECCurve.Fp( + new BigInteger("883423532389192164791648750360308885314476597252960362792450860609699839"), // q + new BigInteger("7fffffffffffffffffffffff7fffffffffff8000000000007ffffffffffc", 16), // a + new BigInteger("6b016c3bdcf18941d0d654921475ca71a9db2fb27d1d37796185c2942c0a", 16)); // b + + ECParameterSpec ecSpec = new ECParameterSpec( + curve, + curve.decodePoint(Hex.decode("020ffa963cdca8816ccc33b8642bedf905c3d358573d3f27fbbd3b3cb9aaaf")), // G + new BigInteger("883423532389192164791648750360308884807550341691627752275345424702807307")); // n + + g.initialize(ecSpec, new SecureRandom()); + + res = performTest(g); + if (!res.isSuccessful()) + { + return res; + } + + g = KeyPairGenerator.getInstance("ECIES", "SC"); + + g.initialize(192, new SecureRandom()); + + res = performTest(g); + if (!res.isSuccessful()) + { + return res; + } + + g = KeyPairGenerator.getInstance("ECIES", "SC"); + + g.initialize(239, new SecureRandom()); + + res = performTest(g); + if (!res.isSuccessful()) + { + return res; + } + + g = KeyPairGenerator.getInstance("ECIES", "SC"); + + g.initialize(256, new SecureRandom()); + + res = performTest(g); + if (!res.isSuccessful()) + { + return res; + } + + res = performDefTest(g); + if (!res.isSuccessful()) + { + return res; + } + } + catch (Exception ex) + { + return new SimpleTestResult(false, this.getName() + ": stream cipher test exception " + ex.toString()); + } + + return new SimpleTestResult(true, this.getName() + ": Okay"); + } + + public TestResult performTest( + KeyPairGenerator g) + { + try + { + // + // a side + // + KeyPair aKeyPair = g.generateKeyPair(); + PublicKey aPub = aKeyPair.getPublic(); + PrivateKey aPriv = aKeyPair.getPrivate(); + + // + // b side + // + KeyPair bKeyPair = g.generateKeyPair(); + PublicKey bPub = bKeyPair.getPublic(); + PrivateKey bPriv = bKeyPair.getPrivate(); + + // + // stream test + // + Cipher c1 = Cipher.getInstance("ECIES", "SC"); + Cipher c2 = Cipher.getInstance("ECIES", "SC"); + + IEKeySpec c1Key = new IEKeySpec(aPriv, bPub); + IEKeySpec c2Key = new IEKeySpec(bPriv, aPub); + + byte[] d = new byte[] { 1, 2, 3, 4, 5, 6, 7, 8 }; + byte[] e = new byte[] { 8, 7, 6, 5, 4, 3, 2, 1 }; + + IESParameterSpec param = new IESParameterSpec(d, e, 128); + + c1.init(Cipher.ENCRYPT_MODE, c1Key, param); + + c2.init(Cipher.DECRYPT_MODE, c2Key, param); + + byte[] message = Hex.decode("1234567890abcdef"); + + byte[] out1 = c1.doFinal(message, 0, message.length); + + byte[] out2 = c2.doFinal(out1, 0, out1.length); + + if (!sameAs(out2, message)) + { + return new SimpleTestResult(false, this.getName() + ": stream cipher test failed"); + } + } + catch (Exception ex) + { + return new SimpleTestResult(false, this.getName() + ": stream cipher test exception " + ex.toString()); + } + + return new SimpleTestResult(true, this.getName() + ": Okay"); + } + + public TestResult performDefTest( + KeyPairGenerator g) + { + try + { + // + // a side + // + KeyPair aKeyPair = g.generateKeyPair(); + PublicKey aPub = aKeyPair.getPublic(); + PrivateKey aPriv = aKeyPair.getPrivate(); + + // + // b side + // + KeyPair bKeyPair = g.generateKeyPair(); + PublicKey bPub = bKeyPair.getPublic(); + PrivateKey bPriv = bKeyPair.getPrivate(); + + // + // stream test + // + Cipher c1 = Cipher.getInstance("ECIES", "SC"); + Cipher c2 = Cipher.getInstance("ECIES", "SC"); + + IEKeySpec c1Key = new IEKeySpec(aPriv, bPub); + IEKeySpec c2Key = new IEKeySpec(bPriv, aPub); + + c1.init(Cipher.ENCRYPT_MODE, c1Key); + + AlgorithmParameters param = c1.getParameters(); + + c2.init(Cipher.DECRYPT_MODE, c2Key, param); + + byte[] message = Hex.decode("1234567890abcdef"); + + byte[] out1 = c1.doFinal(message, 0, message.length); + + byte[] out2 = c2.doFinal(out1, 0, out1.length); + + if (!sameAs(out2, message)) + { + return new SimpleTestResult(false, this.getName() + ": stream cipher test failed"); + } + } + catch (Exception ex) + { + return new SimpleTestResult(false, this.getName() + ": stream cipher test exception " + ex.toString()); + } + + return new SimpleTestResult(true, this.getName() + ": Okay"); + } + + public static void main( + String[] args) + { + Security.addProvider(new BouncyCastleProvider()); + + ECIESTest test = new ECIESTest(); + TestResult result = test.perform(); + + System.out.println(result); + } +} diff --git a/prov/src/test/jdk1.4/org/spongycastle/jce/provider/test/ImplicitlyCaTest.java b/prov/src/test/jdk1.4/org/spongycastle/jce/provider/test/ImplicitlyCaTest.java new file mode 100644 index 00000000..8ecfeb43 --- /dev/null +++ b/prov/src/test/jdk1.4/org/spongycastle/jce/provider/test/ImplicitlyCaTest.java @@ -0,0 +1,231 @@ +package org.spongycastle.jce.provider.test; + +import java.math.BigInteger; +import java.security.KeyFactory; +import java.security.KeyPair; +import java.security.KeyPairGenerator; +import java.security.SecureRandom; +import java.security.Security; +import java.security.Signature; +import java.security.spec.PKCS8EncodedKeySpec; +import java.security.spec.X509EncodedKeySpec; + +import org.spongycastle.asn1.ASN1InputStream; +import org.spongycastle.asn1.DERNull; +import org.spongycastle.asn1.pkcs.PrivateKeyInfo; +import org.spongycastle.asn1.x509.SubjectPublicKeyInfo; +import org.spongycastle.jcajce.provider.config.ConfigurableProvider; +import org.spongycastle.jce.interfaces.ECPrivateKey; +import org.spongycastle.jce.interfaces.ECPublicKey; +import org.spongycastle.jce.provider.BouncyCastleProvider; +import org.spongycastle.jce.spec.ECParameterSpec; +import org.spongycastle.jce.spec.ECPrivateKeySpec; +import org.spongycastle.jce.spec.ECPublicKeySpec; +import org.spongycastle.math.ec.ECCurve; +import org.spongycastle.util.encoders.Hex; +import org.spongycastle.util.test.FixedSecureRandom; +import org.spongycastle.util.test.SimpleTest; + +public class ImplicitlyCaTest + extends SimpleTest +{ + byte[] k1 = Hex.decode("d5014e4b60ef2ba8b6211b4062ba3224e0427dd3"); + byte[] k2 = Hex.decode("345e8d05c075c3a508df729a1685690e68fcfb8c8117847e89063bca1f85d968fd281540b6e13bd1af989a1fbf17e06462bf511f9d0b140fb48ac1b1baa5bded"); + + SecureRandom random = new FixedSecureRandom(new byte[][] { k1, k2 }); + + public void performTest() + throws Exception + { + + KeyPairGenerator g = KeyPairGenerator.getInstance("ECDSA", "SC"); + + ECCurve curve = new ECCurve.Fp( + new BigInteger("883423532389192164791648750360308885314476597252960362792450860609699839"), // q + new BigInteger("7fffffffffffffffffffffff7fffffffffff8000000000007ffffffffffc", 16), // a + new BigInteger("6b016c3bdcf18941d0d654921475ca71a9db2fb27d1d37796185c2942c0a", 16)); // b + + ECParameterSpec ecSpec = new ECParameterSpec( + curve, + curve.decodePoint(Hex.decode("020ffa963cdca8816ccc33b8642bedf905c3d358573d3f27fbbd3b3cb9aaaf")), // G + new BigInteger("883423532389192164791648750360308884807550341691627752275345424702807307")); // n + + ConfigurableProvider config = (ConfigurableProvider)Security.getProvider("SC"); + + config.setParameter(ConfigurableProvider.EC_IMPLICITLY_CA, ecSpec); + + g.initialize(null, new SecureRandom()); + + KeyPair p = g.generateKeyPair(); + + ECPrivateKey sKey = (ECPrivateKey)p.getPrivate(); + ECPublicKey vKey = (ECPublicKey)p.getPublic(); + + testECDSA(sKey, vKey); + + testBCParamsAndQ(sKey, vKey); + + testEncoding(sKey, vKey); + + testKeyFactory(); + } + + private void testKeyFactory() + throws Exception + { + KeyPairGenerator g = KeyPairGenerator.getInstance("ECDSA", "SC"); + + ECCurve curve = new ECCurve.Fp( + new BigInteger("883423532389192164791648750360308885314476597252960362792450860609699839"), // q + new BigInteger("7fffffffffffffffffffffff7fffffffffff8000000000007ffffffffffc", 16), // a + new BigInteger("6b016c3bdcf18941d0d654921475ca71a9db2fb27d1d37796185c2942c0a", 16)); // b + + ECParameterSpec ecSpec = new ECParameterSpec( + curve, + curve.decodePoint(Hex.decode("020ffa963cdca8816ccc33b8642bedf905c3d358573d3f27fbbd3b3cb9aaaf")), // G + new BigInteger("883423532389192164791648750360308884807550341691627752275345424702807307")); // n + + ConfigurableProvider config = (ConfigurableProvider)Security.getProvider("SC"); + + config.setParameter(ConfigurableProvider.EC_IMPLICITLY_CA, ecSpec); + + g.initialize(null, new SecureRandom()); + + KeyPair p = g.generateKeyPair(); + + ECPrivateKey sKey = (ECPrivateKey)p.getPrivate(); + ECPublicKey vKey = (ECPublicKey)p.getPublic(); + + KeyFactory fact = KeyFactory.getInstance("ECDSA", "SC"); + + vKey = (ECPublicKey)fact.generatePublic(new ECPublicKeySpec(vKey.getQ(), null)); + sKey = (ECPrivateKey)fact.generatePrivate(new ECPrivateKeySpec(sKey.getD(), null)); + + testECDSA(sKey, vKey); + + testBCParamsAndQ(sKey, vKey); + + testEncoding(sKey, vKey); + + ECPublicKey vKey2 = (ECPublicKey)fact.generatePublic(new ECPublicKeySpec(vKey.getQ(), ecSpec)); + ECPrivateKey sKey2 = (ECPrivateKey)fact.generatePrivate(new ECPrivateKeySpec(sKey.getD(), ecSpec)); + + if (!vKey.equals(vKey2) || vKey.hashCode() != vKey2.hashCode()) + { + fail("private equals/hashCode failed"); + } + + if (!sKey.equals(sKey2) || sKey.hashCode() != sKey2.hashCode()) + { + fail("private equals/hashCode failed"); + } + } + + private void testECDSA( + ECPrivateKey sKey, + ECPublicKey vKey) + throws Exception + { + byte[] data = { 1, 2, 3, 4, 5, 6, 7, 8, 9, 0 }; + Signature s = Signature.getInstance("ECDSA", "SC"); + + s.initSign(sKey); + + s.update(data); + + byte[] sigBytes = s.sign(); + + s = Signature.getInstance("ECDSA", "SC"); + + s.initVerify(vKey); + + s.update(data); + + if (!s.verify(sigBytes)) + { + fail("ECDSA verification failed"); + } + } + + private void testEncoding( + ECPrivateKey privKey, + ECPublicKey pubKey) + throws Exception + { + KeyFactory kFact = KeyFactory.getInstance("ECDSA", "SC"); + + byte[] bytes = privKey.getEncoded(); + + PrivateKeyInfo sInfo = PrivateKeyInfo.getInstance(new ASN1InputStream(bytes).readObject()); + + if (!sInfo.getAlgorithmId().getParameters().equals(DERNull.INSTANCE)) + { + fail("private key parameters wrong"); + } + + ECPrivateKey sKey = (ECPrivateKey)kFact.generatePrivate(new PKCS8EncodedKeySpec(bytes)); + + if (!sKey.equals(privKey)) + { + fail("private equals failed"); + } + + if (sKey.hashCode() != privKey.hashCode()) + { + fail("private hashCode failed"); + } + + bytes = pubKey.getEncoded(); + + SubjectPublicKeyInfo vInfo = SubjectPublicKeyInfo.getInstance(new ASN1InputStream(bytes).readObject()); + + if (!vInfo.getAlgorithmId().getParameters().equals(DERNull.INSTANCE)) + { + fail("public key parameters wrong"); + } + + ECPublicKey vKey = (ECPublicKey)kFact.generatePublic(new X509EncodedKeySpec(bytes)); + + if (!vKey.equals(pubKey) || vKey.hashCode() != pubKey.hashCode()) + { + fail("public equals/hashCode failed"); + } + + testBCParamsAndQ(sKey, vKey); + + testECDSA(sKey, vKey); + } + + private void testBCParamsAndQ( + ECPrivateKey sKey, + ECPublicKey vKey) + { + if (sKey.getParameters() != null) + { + fail("parameters exposed in private key"); + } + + if (vKey.getParameters() != null) + { + fail("parameters exposed in public key"); + } + + if (vKey.getQ().getCurve() != null) + { + fail("curve exposed in public point"); + } + } + + public String getName() + { + return "ImplicitlyCA"; + } + + public static void main( + String[] args) + { + Security.addProvider(new BouncyCastleProvider()); + + runTest(new ImplicitlyCaTest()); + } +} diff --git a/prov/src/test/jdk1.4/org/spongycastle/jce/provider/test/NamedCurveTest.java b/prov/src/test/jdk1.4/org/spongycastle/jce/provider/test/NamedCurveTest.java new file mode 100644 index 00000000..9cb7ca1a --- /dev/null +++ b/prov/src/test/jdk1.4/org/spongycastle/jce/provider/test/NamedCurveTest.java @@ -0,0 +1,160 @@ +package org.spongycastle.jce.provider.test; + +import java.math.BigInteger; +import java.security.KeyFactory; +import java.security.KeyPair; +import java.security.KeyPairGenerator; +import java.security.SecureRandom; +import java.security.Security; +import java.security.spec.PKCS8EncodedKeySpec; +import java.security.spec.X509EncodedKeySpec; + +import javax.crypto.KeyAgreement; + +import org.spongycastle.jce.ECNamedCurveTable; +import org.spongycastle.jce.interfaces.ECPrivateKey; +import org.spongycastle.jce.interfaces.ECPublicKey; +import org.spongycastle.jce.provider.BouncyCastleProvider; +import org.spongycastle.jce.spec.ECNamedCurveParameterSpec; +import org.spongycastle.jce.spec.ECParameterSpec; +import org.spongycastle.util.test.SimpleTestResult; +import org.spongycastle.util.test.Test; +import org.spongycastle.util.test.TestResult; + +public class NamedCurveTest + implements Test +{ + private String name; + + NamedCurveTest() + { + this("prime192v1"); + } + + NamedCurveTest( + String name) + { + this.name = name; + } + + public TestResult perform() + { + try + { + ECParameterSpec ecSpec = ECNamedCurveTable.getParameterSpec(name); + + if (ecSpec == null) + { + return new SimpleTestResult(false, getName() + " no curve for " + name + " found."); + } + + KeyPairGenerator g = KeyPairGenerator.getInstance("ECDH", "SC"); + + g.initialize(ecSpec, new SecureRandom()); + + // + // a side + // + KeyPair aKeyPair = g.generateKeyPair(); + + KeyAgreement aKeyAgree = KeyAgreement.getInstance("ECDHC", "SC"); + + aKeyAgree.init(aKeyPair.getPrivate()); + + // + // b side + // + KeyPair bKeyPair = g.generateKeyPair(); + + KeyAgreement bKeyAgree = KeyAgreement.getInstance("ECDHC", "SC"); + + bKeyAgree.init(bKeyPair.getPrivate()); + + // + // agreement + // + aKeyAgree.doPhase(bKeyPair.getPublic(), true); + bKeyAgree.doPhase(aKeyPair.getPublic(), true); + + BigInteger k1 = new BigInteger(aKeyAgree.generateSecret()); + BigInteger k2 = new BigInteger(bKeyAgree.generateSecret()); + + if (!k1.equals(k2)) + { + return new SimpleTestResult(false, getName() + " 2-way test failed"); + } + + // + // public key encoding test + // + byte[] pubEnc = aKeyPair.getPublic().getEncoded(); + KeyFactory keyFac = KeyFactory.getInstance("ECDH", "SC"); + X509EncodedKeySpec pubX509 = new X509EncodedKeySpec(pubEnc); + ECPublicKey pubKey = (ECPublicKey)keyFac.generatePublic(pubX509); + + if (!pubKey.getQ().equals(((ECPublicKey)aKeyPair.getPublic()).getQ())) + { + return new SimpleTestResult(false, getName() + ": public key encoding (Q test) failed"); + } + + if (!(pubKey.getParameters() instanceof ECNamedCurveParameterSpec)) + { + return new SimpleTestResult(false, getName() + ": public key encoding not named curve"); + } + + // + // private key encoding test + // + byte[] privEnc = aKeyPair.getPrivate().getEncoded(); + PKCS8EncodedKeySpec privPKCS8 = new PKCS8EncodedKeySpec(privEnc); + ECPrivateKey privKey = (ECPrivateKey)keyFac.generatePrivate(privPKCS8); + + if (!privKey.getD().equals(((ECPrivateKey)aKeyPair.getPrivate()).getD())) + { + return new SimpleTestResult(false, getName() + ": private key encoding (D test) failed"); + } + + if (!(privKey.getParameters() instanceof ECNamedCurveParameterSpec)) + { + return new SimpleTestResult(false, getName() + ": private key encoding not named curve"); + } + + if (!((ECNamedCurveParameterSpec)privKey.getParameters()).getName().equals(name)) + { + return new SimpleTestResult(false, getName() + ": private key encoding wrong named curve"); + } + + return new SimpleTestResult(true, getName() + ": Okay"); + } + catch (Exception e) + { + return new SimpleTestResult(false, getName() + ": exception - " + e.toString()); + } + } + + public String getName() + { + return "NamedCurve"; + } + + public static void main( + String[] args) + { + Security.addProvider(new BouncyCastleProvider()); + + Test test; + + if (args.length == 0) + { + test = new NamedCurveTest(); + } + else + { + test = new NamedCurveTest(args[0]); + } + + TestResult result = test.perform(); + + System.out.println(result.toString()); + } +} diff --git a/prov/src/test/jdk1.4/org/spongycastle/jce/provider/test/PKCS12StoreTest.java b/prov/src/test/jdk1.4/org/spongycastle/jce/provider/test/PKCS12StoreTest.java new file mode 100644 index 00000000..0dac6cf1 --- /dev/null +++ b/prov/src/test/jdk1.4/org/spongycastle/jce/provider/test/PKCS12StoreTest.java @@ -0,0 +1,737 @@ +package org.spongycastle.jce.provider.test; + +import java.io.ByteArrayInputStream; +import java.io.ByteArrayOutputStream; +import java.math.BigInteger; +import java.security.KeyFactory; +import java.security.KeyStore; +import java.security.PrivateKey; +import java.security.PublicKey; +import java.security.Security; +import java.security.cert.Certificate; +import java.security.cert.X509Certificate; +import java.security.interfaces.RSAPrivateKey; +import java.security.spec.RSAPrivateCrtKeySpec; +import java.security.spec.RSAPublicKeySpec; +import java.util.Date; +import java.util.Enumeration; +import java.util.Hashtable; + +import org.spongycastle.jce.X509Principal; +import org.spongycastle.x509.X509V3CertificateGenerator; +import org.spongycastle.jce.provider.BouncyCastleProvider; +import org.spongycastle.util.encoders.Base64; +import org.spongycastle.util.test.SimpleTest; + +/** + * Exercise the various key stores, making sure we at least get back what we put in! + * <p> + * This tests both the PKCS12 key store. + */ +public class PKCS12StoreTest + extends SimpleTest +{ + static char[] passwd = { 'h', 'e', 'l', 'l', 'o', ' ', 'w', 'o', 'r', 'l', 'd' }; + + // + // pkcs-12 pfx-pdu + // + byte[] pkcs12 = Base64.decode( + "MIACAQMwgAYJKoZIhvcNAQcBoIAkgAQBMAQBgAQBMAQBgAQBBgQBCQQJKoZI" + + "hvcNAQcBBAGgBAGABAEkBAGABAEEBAEBBAEwBAEEBAEDBAOCAzQEAQQEAQEE" + + "ATAEAQQEAQMEA4IDMAQBBAQBAQQBBgQBBAQBAQQBCwQBBAQBCwQLKoZIhvcN" + + "AQwKAQIEAQQEAQEEAaAEAQQEAQMEA4ICpQQBBAQBAQQBMAQBBAQBAwQDggKh" + + "BAEEBAEBBAEwBAEEBAEBBAEbBAEEBAEBBAEGBAEEBAEBBAEKBAEEBAEKBAoq" + + "hkiG9w0BDAEDBAEEBAEPBA8wDQQIoagiwNZPJR4CAQEEAQQEAQEEAQQEAQQE" + + "AQMEA4ICgAQBBAQDggKABIICgEPG0XlhMFyrs4ZWDrvEzl51ICfXd6K2ql2l" + + "nnxhszUbigtSj6x49VEx4PfOB9fQFeidc5L5An+nKp646NBMIY0UwXGs8BLQ" + + "au59jtOs987+l7QYIvl6fdGUIuLPhVSnZZDyqD+HQjU/0/ccKFHRif4tlEQq" + + "aErvZbFeH0pg4ijf1HfgX6gBJGRKdO+msa4qKGnZdHCSLZehyyxvxAmURetg" + + "yhtEl7RmedTB+4TDs7atekqxkNlD9tfwDUX6sb0IH6qbEA6P/DlVMdaD54Cl" + + "QDxRzOfIIjklZhv5OMFWtPK0aYPcqyxzLpw1qRAyoTVXpidkj/hpIpgCVBP/" + + "k5s2+WdGbLgA/4/zSrF6feRCE5llzM2IGxiHVq4oPzzngl3R+Fi5VCPDMcuW" + + "NRuIOzJA+RNV2NPOE/P3knThDnwiImq+rfxmvZ1u6T06s20RmWK6cxp7fTEw" + + "lQ9BOsv+mmyV8dr6cYJq4IlRzHdFOyEUBDwfHThyribNKKobO50xh2f93xYj" + + "Rn5UMOQBJIe3b7OKZt5HOIMrJSZO02IZgvImi9yQWi96PnWa419D1cAsLWvM" + + "xiN0HqZMbDFfxVM2BZmsxiexLhkHWKwLqfQDzRjJfmVww8fnXpWZhFXKyut9" + + "gMGEyCNoba4RU3QI/wHKWYaK74qtJpsucuLWBH6UcsHsCry6VZkwRxWwC0lb" + + "/F3Bm5UKHax5n9JHJ2amQm9zW3WJ0S5stpPObfmg5ArhbPY+pVOsTqBRlop1" + + "bYJLD/X8Qbs468Bwzej0FhoEU59ZxFrbjLSBsMUYrVrwD83JE9kEazMLVchc" + + "uCB9WT1g0hxYb7VA0BhOrWhL8F5ZH72RMCYLPI0EAQQEAQEEATEEAQQEAQEE" + + "AXgEAQQEAQEEATAEAQQEAQEEAVEEAQQEAQEEAQYEAQQEAQEEAQkEAQQEAQkE" + + "CSqGSIb3DQEJFAQBBAQBAQQBMQQBBAQBAQQBRAQBBAQBAQQBHgQBBAQBAQQB" + + "QgQBBAQBQgRCAEQAYQB2AGkAZAAgAEcALgAgAEgAbwBvAGsAJwBzACAAVgBl" + + "AHIAaQBTAGkAZwBuACwAIABJAG4AYwAuACAASQBEBAEEBAEBBAEwBAEEBAEB" + + "BAEjBAEEBAEBBAEGBAEEBAEBBAEJBAEEBAEJBAkqhkiG9w0BCRUEAQQEAQEE" + + "ATEEAQQEAQEEARYEAQQEAQEEAQQEAQQEAQEEARQEAQQEARQEFKEcMJ798oZL" + + "FkH0OnpbUBnrTLgWBAIAAAQCAAAEAgAABAEwBAGABAEGBAEJBAkqhkiG9w0B" + + "BwYEAaAEAYAEATAEAYAEAQIEAQEEAQAEATAEAYAEAQYEAQkECSqGSIb3DQEH" + + "AQQBMAQBGwQBBgQBCgQKKoZIhvcNAQwBBgQPMA0ECEE7euvmxxwYAgEBBAGg" + + "BAGABAEEBAEIBAgQIWDGlBWxnwQBBAQBCAQI2WsMhavhSCcEAQQEAQgECPol" + + "uHJy9bm/BAEEBAEQBBCiRxtllKXkJS2anKD2q3FHBAEEBAEIBAjKy6BRFysf" + + "7gQBBAQDggMwBIIDMJWRGu2ZLZild3oz7UBdpBDUVMOA6eSoWiRIfVTo4++l" + + "RUBm8TpmmGrVkV32PEoLkoV+reqlyWCvqqSjRzi3epQiVwPQ6PV+ccLqxDhV" + + "pGWDRQ5UttDBC2+u4fUQVZi2Z1i1g2tsk6SzB3MKUCrjoWKvaDUUwXo5k9Vz" + + "qSLWCLTZCjs3RaY+jg3NbLZYtfMDdYovhCU2jMYV9adJ8MxxmJRz+zPWAJph" + + "LH8hhfkKG+wJOSszqk9BqGZUa/mnZyzeQSMTEFga1ZB/kt2e8SZFWrTZEBgJ" + + "oszsL5MObbwMDowNurnZsnS+Mf7xi01LeG0VT1fjd6rn9BzVwuMwhoqyoCNo" + + "ziUqSUyLEwnGTYYpvXLxzhNiYzW8546KdoEKDkEjhfYsc4XqSjm9NYy/BW/M" + + "qR+aL92j8hqnkrWkrWyvocUe3mWaiqt7/oOzNZiMTcV2dgjjh9HfnjSHjFGe" + + "CVhnEWzV7dQIVyc/qvNzOuND8X5IyJ28xb6a/i1vScwGuo/UDgPAaMjGw28f" + + "siOZBShzde0Kj82y8NilfYLHHeIGRW+N/grUFWhW25mAcBReXDd5JwOqM/eF" + + "y+4+zBzlO84ws88T1pkSifwtMldglN0APwr4hvUH0swfiqQOWtwyeM4t+bHd" + + "5buAlXOkSeF5rrLzZ2/Lx+JJmI2pJ/CQx3ej3bxPlx/BmarUGAxaI4le5go4" + + "KNfs4GV8U+dbEHQz+yDYL+ksYNs1eb+DjI2khbl28jhoeAFKBtu2gGOL5M9M" + + "CIP/JDOCHimu1YZRuOTAf6WISnG/0Ri3pYZsgQ0i4cXj+WfYwYVjhKX5AcDj" + + "UKnc4/Cxp+TbbgZqEKRcYVb2q0kOAxkeaNo3WCm+qvUYrwAmKp4nVB+/24rK" + + "khHiyYJQsETxtOEyvJkVxAS01djY4amuJ4jL0sYnXIhW3Ag93eavbzksGT7W" + + "Fg1ywpr1x1xpXWIIuVt1k4e+g9fy7Yx7rx0IK1qCSjNwU3QPWbaef1rp0Q/X" + + "P9IVXYkqo1g/T3SyXqrbZLO+sDjiG4IT3z3fJJqt81sRSVT0QN1ND8l93BG4" + + "QKzghYw8sZ4FwKPtLky1dDcVTgQBBAQBCAQIK/85VMKWDWYEAQQEAQgECGsO" + + "Q85CcFwPBAEEBAEIBAhaup6ot9XnQAQBBAQCgaAEgaCeCMadSm5fkLfhErYQ" + + "DgePZl/rrjP9FQ3VJZ13XrjTSjTRknAbXi0DEu2tvAbmCf0sdoVNuZIZ92W0" + + "iyaa2/A3RHA2RLPNQz5meTi1RE2N361yR0q181dC3ztkkJ8PLyd74nCtgPUX" + + "0JlsvLRrdSjPBpBQ14GiM8VjqeIY7EVFy3vte6IbPzodxaviuSc70iXM4Yko" + + "fQq6oaSjNBFRqkHrBAEEBAEIBAjlIvOf8SnfugQBBAQBCAQIutCF3Jovvl0E" + + "AQQEAQgECO7jxbucdp/3BAEEBAEIBAidxK3XDLj+BwQBBAQBCAQI3m/HMbd3" + + "TwwEAQQEA4ICOASCAjgtoCiMfTkjpCRuMhF5gNLRBiNv+xjg6GvZftR12qiJ" + + "dLeCERI5bvXbh9GD6U+DjTUfhEab/37TbiI7VOFzsI/R137sYy9Tbnu7qkSx" + + "u0bTvyXSSmio6sMRiWIcakmDbv+TDWR/xgtj7+7C6p+1jfUGXn/RjB3vlyjL" + + "Q9lFe5F84qkZjnADo66p9gor2a48fgGm/nkABIUeyzFWCiTp9v6FEzuBfeuP" + + "T9qoKSnCitaXRCru5qekF6L5LJHLNXLtIMSrbO0bS3hZK58FZAUVMaqawesJ" + + "e/sVfQip9x/aFQ6U3KlSpJkmZK4TAqp9jIfxBC8CclbuwmoXPMomiCH57ykr" + + "vkFHOGcxRcCxax5HySCwSyPDr8I4+6Kocty61i/1Xr4xJjb+3oyFStIpB24x" + + "+ALb0Mz6mUa1ls76o+iQv0VM2YFwnx+TC8KC1+O4cNOE/gKeh0ircenVX83h" + + "GNez8C5Ltg81g6p9HqZPc2pkwsneX2sJ4jMsjDhewV7TyyS3x3Uy3vTpZPek" + + "VdjYeVIcgAz8VLJOpsIjyHMB57AyT7Yj87hVVy//VODnE1T88tRXZb+D+fCg" + + "lj2weQ/bZtFzDX0ReiEQP6+yklGah59omeklIy9wctGV1o9GNZnGBSLvQ5NI" + + "61e9zmQTJD2iDjihvQA/6+edKswCjGRX6rMjRWXT5Jv436l75DVoUj09tgR9" + + "ytXSathCjQUL9MNXzUMtr7mgEUPETjM/kYBR7CNrsc+gWTWHYaSWuqKVBAEE" + + "BAEIBAh6slfZ6iqkqwQBBAQBCAQI9McJKl5a+UwEAQQEATgEOBelrmiYMay3" + + "q0OW2x2a8QQodYqdUs1TCUU4JhfFGFRy+g3yU1cP/9ZSI8gcI4skdPc31cFG" + + "grP7BAEEBAEIBAhzv/wSV+RBJQQBBAQBCAQI837ImVqqlr4EAQQEAQgECGeU" + + "gjULLnylBAEEBAEIBAjD3P4hlSBCvQQBBAQBCAQISP/qivIzf50EAQQEAQgE" + + "CKIDMX9PKxICBAEEBAOCBOgEggTocP5VVT1vWvpAV6koZupKN1btJ3C01dR6" + + "16g1zJ5FK5xL1PTdA0r6iAwVtgYdxQYnU8tht3bkNXdPJC1BdsC9oTkBg9Nr" + + "dqlF5cCzXWIezcR3ObjGLpXu49SAHvChH4emT5rytv81MYxZ7bGmlQfp8BNa" + + "0cMZz05A56LXw//WWDEzZcbKSk4tCsfMXBdGk/ngs7aILZ4FGM620PBPtD92" + + "pz2Ui/tUZqtQ0WKdLzwga1E/rl02a/x78/OdlVRNeaIYWJWLmLavX98w0PhY" + + "ha3Tbj/fqq+H3ua6Vv2Ff4VeXazkXpp4tTiqUxhc6aAGiRYckwZaP7OPSbos" + + "RKFlRLVofSGu1IVSKO+7faxV4IrVaAAzqRwLGkpJZLV7NkzkU1BwgvsAZAI4" + + "WClPDF228ygbhLwrSN2NK0s+5bKhTCNAR/LCUf3k7uip3ZSe18IwEkUMWiaZ" + + "ayktcTYn2ZjmfIfV7wIxHgWPkP1DeB+RMS7VZe9zEgJKOA16L+9SNBwJSSs9" + + "5Sb1+nmhquZmnAltsXMgwOrR12JLIgdfyyqGcNq997U0/KuHybqBVDVu0Fyr" + + "6O+q5oRmQZq6rju7h+Hb/ZUqRxRoTTSPjGD4Cu9vUqkoNVgwYOT+88FIMYun" + + "g9eChhio2kwPYwU/9BNGGzh+hAvAKcUpO016mGLImYin+FpQxodJXfpNCFpG" + + "4v4HhIwKh71OOfL6ocM/518dYwuU4Ds2/JrDhYYFsn+KprLftjrnTBnSsfYS" + + "t68b+Xr16qv9r6sseEkXbsaNbrGiZAhfHEVBOxQ4lchHrMp4zpduxG4crmpc" + + "+Jy4SadvS0uaJvADgI03DpsDYffUdriECUqAfOg/Hr7HHyr6Q9XMo1GfIarz" + + "eUHBgi1Ny0nDTWkdb7I3bIajG+Unr3KfK6dZz5Lb3g5NeclU5zintB1045Jr" + + "j9fvGGk0/2lG0n17QViBiOzGs2poTlhn7YxmiskwlkRKVafxPZNPxKILpN9s" + + "YaWGz93qER/pGMJarGJxu8sFi3+yt6FZ4pVPkvKE8JZMEPBBrmH41batS3sw" + + "sfnJ5CicAkwd8bluQpoc6qQd81HdNpS6u7djaRSDwPtYnZWu/8Hhj4DXisje" + + "FJBAjQdn2nK4MV7WKVwr+mNcVgOdc5IuOZbRLOfc3Sff6kYVuQFfcCGgAFpd" + + "nbprF/FnYXR/rghWE7fT1gfzSMNv+z5UjZ5Rtg1S/IQfUM/P7t0UqQ01/w58" + + "bTlMGihTxHiJ4Qf3o5GUzNmAyryLvID+nOFqxpr5es6kqSN4GPRHsmUIpB9t" + + "f9Nw952vhsXI9uVkhQap3JvmdAKJaIyDz6Qi7JBZvhxpghVIDh73BQTaAFP9" + + "5GUcPbYOYJzKaU5MeYEsorGoanSqPDeKDeZxjxJD4xFsqJCoutyssqIxnXUN" + + "Y3Uojbz26IJOhqIBLaUn6QVFX79buWYjJ5ZkDS7D8kq6DZeqZclt5711AO5U" + + "uz/eDSrx3d4iVHR+kSeopxFKsrK+KCH3CbBUMIFGX/GE9WPhDWCtjjNKEe8W" + + "PinQtxvv8MlqGXtv3v7ObJ2BmfIfLD0rh3EB5WuRNKL7Ssxaq14KZGEBvc7G" + + "Fx7jXLOW6ZV3SH+C3deJGlKM2kVhDdIVjjODvQzD8qw8a/ZKqDO5hGGKUTGD" + + "Psdd7O/k/Wfn+XdE+YuKIhcEAQQEAQgECJJCZNJdIshRBAEEBAEIBAiGGrlG" + + "HlKwrAQBBAQBCAQIkdvKinJYjJcEAQQEAUAEQBGiIgN/s1bvPQr+p1aQNh/X" + + "UQFmay6Vm5HIvPhoNrX86gmMjr6/sg28/WCRtSfyuYjwQkK91n7MwFLOBaU3" + + "RrsEAQQEAQgECLRqESFR50+zBAEEBAEIBAguqbAEWMTiPwQBBAQBGAQYKzUv" + + "EetQEAe3cXEGlSsY4a/MNTbzu1WbBAEEBAEIBAiVpOv1dOWZ1AQCAAAEAgAA" + + "BAIAAAQCAAAEAgAABAIAAAAAAAAAADA1MCEwCQYFKw4DAhoFAAQUvMkeVqe6" + + "D4UmMHGEQwcb8O7ZwhgEEGiX9DeqtRwQnVi+iY/6Re8AAA=="); + + byte[] certUTF = Base64.decode( + "MIIGVQIBAzCCBg8GCSqGSIb3DQEHAaCCBgAEggX8MIIF+DCCAsUGCSqGSIb3" + + "DQEHAaCCArYEggKyMIICrjCCAqoGCyqGSIb3DQEMCgEDoIIChTCCAoEGCiqG" + + "SIb3DQEJFgGgggJxBIICbTCCAmkwggHSoAMCAQICAQcwDQYJKoZIhvcNAQEF" + + "BQAwOTEPMA0GA1UEBxMGTGV1dmVuMRkwFwYDVQQKExBVdGltYWNvIFN1YiBD" + + "QSAyMQswCQYDVQQGEwJCRTAeFw05OTEyMzEyMzAwMDBaFw0xOTEyMzEyMzAw" + + "MDBaMFcxCzAJBgNVBAYTAkJFMQ8wDQYDVQQHEwZIYWFjaHQxEDAOBgNVBAoT" + + "B1V0aW1hY28xDDAKBgNVBAsMA1ImRDEXMBUGA1UEAxMOR2VlcnQgRGUgUHJp" + + "bnMwgZ8wDQYJKoZIhvcNAQEBBQADgY0AMIGJAoGBANYGIyhTn/p0IA41ElLD" + + "fZ44PS88AAcDCiOd2DIMLck56ea+5nhI0JLyz1XgPHecc8SLFdl7vSIBA0eb" + + "tm/A7WIqIp0lcvgoyQ0qsak/dvzs+xw6r2xLCVogku4+/To6UebtfRsukXNI" + + "ckP5lWV/Ui4l+XvGdmENlEE9/BvOZIvLAgMBAAGjYzBhMBEGA1UdIwQKMAiA" + + "BlN1YkNBMjAQBgNVHQ4ECQQHVXNlcklEMjAOBgNVHQ8BAf8EBAMCBLAwGQYD" + + "VR0RBBIwEIEOVXNlcklEMkB1dGkuYmUwDwYDVR0TAQH/BAUwAwEBADANBgkq" + + "hkiG9w0BAQUFAAOBgQACS7iLLgMV4O5gFdriI7dqX55l7Qn6HiRNxlSH2kCX" + + "41X82gae4MHFc41qqsC4qm6KZWi1yvTN9XgSBCXTaw1SXGTK7SuNdoYh6ufC" + + "KuAwy5lsaetyARDksRiOIrNV9j+MRIjJMjPNg+S+ysIHTWZo2NTUuVuZ01D2" + + "jDtYPhcDFDESMBAGCSqGSIb3DQEJFTEDBAE3MIIDKwYJKoZIhvcNAQcGoIID" + + "HDCCAxgCAQAwggMRBgkqhkiG9w0BBwEwKAYKKoZIhvcNAQwBAzAaBBS5KxQC" + + "BMuZ1To+yed2j/TT45td6gICCACAggLYxQS+fu7W2sLQTkslI0EoNxLoH/WO" + + "L8NgiIgZ5temV3mgC2q0MxjVVq+SCvG89ZSTfptxOaSmYV772irFdzlrtotZ" + + "wmYk1axuFDYQ1gH0M6i9FWuhOnbk7qHclmOroXqrrbP6g3IsjwztH0+iwBCg" + + "39f63V0rr8DHiu7zZ2hBkU4/RHEsXLjaCBVNTUSssWhVLisLh2sqBJccPC2E" + + "1lw4c4WrshGQ+syLGG38ttFgXT1c+xYNpUKqJiJTLVouOH9kK3nH1hPRHKMN" + + "9CucBdUzibvkcRk1L53F3MfvjhCSNeWEmd9PKN+FtUtzRWQG3L84VGTM37Ws" + + "YcxaDwDFGcw3u1W8WFsCCkjpZecKN8P2Kp/ai/iugcXY77bYwAwpETDvQFvD" + + "nnL9oGi03HYdfeiXglC7x7dlojvnpkXDbE0nJiFwhe8Mxpx8GVlGHtP+siXg" + + "tklubg1eTCSoG9m1rsBJM717ZHXUGf32HNun2dn4vOWGocgBmokZ46KKMb9v" + + "reT39JTxi8Jlp+2cYb6Qr/oBzudR+D4iAiiVhhhEbJKPNHa61YyxF810fNI2" + + "GWlNIyN3KcI8XU6WJutm/0H3X8Y+iCSWrJ2exUktj8GiqNQ6Yx0YgEk9HI7W" + + "t9UVTIsPCgCqrV4SWCOPf6so1JqnpvlPvvNyNxSsAJ7DaJx1+oD2QQfhowk/" + + "bygkKnRo5Y15ThrTsIyQKsJHTIVy+6K5uFZnlT1DGV3DcNpuk3AY26hrAzWO" + + "TuWXsULZe7M6h6U2hTT/eplZ/mwHlXdF1VErIuusaCdkSI0doY4/Q223H40L" + + "BNU3pTezl41PLceSll00WGVr2MunlNeXKnXDJW06lnfs9BmnpV2+Lkfmf30W" + + "Pn4RKJQc+3D3SV4fCoQLIGrKiZLFfEdGJcMlySr+dJYcEtoZPuo6i/hb5xot" + + "le63h65ihNtXlEDrNpYSQqnfhjOzk5/+ZvYEcOtDObEwPTAhMAkGBSsOAwIa" + + "BQAEFMIeDI9l2Da24mtA1fbQIPc6+4dUBBQ8a4lD7j1CA1vRLhdEgPM+5hpD" + + "RgICCAA="); + + byte[] pkcs12noFriendly = Base64.decode( + "MIACAQMwgAYJKoZIhvcNAQcBoIAkgASCBAAwgDCABgkqhkiG9w0BBwGggCSA" + + "BIICvjCCArowggK2BgsqhkiG9w0BDAoBAqCCAqUwggKhMBsGCiqGSIb3DQEM" + + "AQMwDQQIyJDupEHvySECAQEEggKAupvM7RuZL3G4qNeJM3afElt03TVfynRT" + + "xUxAZOfx+zekHJTlnEuHJ+a16cOV6dQUgYfyMw1xcq4E+l59rVeMX9V3Zr0K" + + "tsMN9VYB/9zn62Kw6LQnY0rMlWYf4bt9Ut5ysq0hE5t9FL+NZ5FbFdWBOKsj" + + "/3oC6eNXOkOFyrY2haPJtD1hVHUosrlC0ffecV0YxPDsReeyx0R4CiYZpAUy" + + "ZD7rkxL+mSX7zTsShRiga2Q/NEhC1KZpbhO/qbyOgvH0r7CRumSMvijzDgaV" + + "IGqtrIZ2E2k5kscjcuFTW0x3OZTLAW/UnAh4JXJzC6isbdiWuswbAEBHifUC" + + "rk2f+bDJKe2gkH67J2K0yDQ3YSSibpjDX/bVfbtfmOoggK9MKQwqEeE0nbYE" + + "jzInH2OK5jPtmwppjmVA7i3Uk25w2+z7b/suUbft9hPCNjxFvzdbyCcXK4Vv" + + "xAgEbVWnIkvOQNbyaQi+DEF/4P26GwgJgXuJpMBn0zzsSZSIDLNl8eJHoKp2" + + "ZXknTi0SZkLaYlBxZlNhFoyXLfvQd6TI2aR5aCVqg1aZMBXyOWfz5t0JTVX8" + + "HTIcdXKis91iEsLB7vjcxIOASTAjKARr5tRp6OvaVterAyDOn2awYQJLLic5" + + "pQfditRAlsLkTxlDdu0/QBMXSPptO8g3R+dS7ntvCjXgZZyxpOeKkssS2l5v" + + "/B2EsfKmYA9hU4aBdW1S9o/PcF1wpVqABd8664TGJ77tCAkbdHe0VJ3Bop2X" + + "lNxlWeEeD0v0QUZLqkJoMEwi5SUE6HAWjbqGhRuHyey9E+UsdCVnQ8AxXQzL" + + "2UKOmIrXc6R25GsLPCysXuXPRFBB2Tul0V3re3hPcAAAAAAAADCABgkqhkiG" + + "9w0BBwaggDCAAgEAMIAGCSqGSIb3DQEHATAbBgoqhkiG9w0BDAEGMA0ECDXn" + + "UZu6xckzAgEBoIAEggTYQMbzAoGnRVJMbCaJJUYgaARJ4zMfxt2e12H4pX/e" + + "vnZrR1eKAMck5c2vJoEasr0i2VUcAcK12AntVIEnBwuRBcA2WrZnC28WR+O7" + + "rLdu9ymG2V3zmk66aTizaB6rcHAzs2lD74n+/zJhZNaDMBfu9LzAdWb/u6Rb" + + "AThmbw764Zyv9802pET6xrB8ureffgyvQAdlcGHM+yxaOV3ZEtS0cp7i+pb/" + + "NTiET4jAFoO1tbBrWGJSRrMKvx4ZREppMhG3e/pYglfMFl+1ejbDsOvEUKSt" + + "H+MVrgDgAv4NsUtNmBu+BIIEAIOCjrBSK3brtV0NZOWsa6hZSSGBhflbEY8s" + + "U1bDsgZIW4ZaJJvSYEXLmiWSBOgq9VxojMfjowY+zj6ePJJMyI3E7AcFa+on" + + "zZjeKxkKypER+TtpBeraqUfgf01b6olH8L2i4+1yotCQ0PS+15qRYPK6D+d3" + + "S+R4veOA6wEsNRijVcB3oQsBCi0FVdf+6MVDvjNzBCZXj0heVi+x0EE106Sz" + + "B3HaDbB/KNHMPZvvs3J3z2lWLj5w7YZ9eVmrVJKsgG2HRKxtt2IQquRj4BkS" + + "upFnMTBVgWxXgwXycauC9bgYZurs+DbijqhHfWpUrttDfavsP8aX6+i3gabK" + + "DH4LQRL7xrTcKkcUHxOTcPHLgDPhi+RevkV+BX9tdajbk4tqw1d+0wOkf1pW" + + "aTG8fUp0lUpra7EJ0lGy8t/MB3NEk/5tLk9qA2nsKKdNoEdZWiEBE0fMrH1o" + + "tWJDew3VhspT+Lkor2dLN5ydjcr3wkb76OETPeMxS91onNj5mrAMUBt66vb6" + + "Gx4CL8FTRNZ/l8Kzngzdv9PmmKPTIXbhYbn3XRGg3od2tC/oVfsqYlGAMgFO" + + "STt+BZ1BR9Phyi4jsiy8R0seCEDRWYQLbwgwVj0V8Rx9VptqRoCnB4XhGJoJ" + + "TdAz/MT7KOSxIh2F2FymTJpyImcV6X4Kcj9iY0AZQ4zj712g4yMR6xKGzRu6" + + "oIBDkFW2bdA3Lb9ePpo5GFtNyA7IbggIko6VOeeOKxaq9nALS2gsZc1yaYtp" + + "aKL8kB+dVTCXiLgQniO6eMzgonsuwFnG+42XM1vhEpAvFzeJRC0CYzebEK9n" + + "nGXKCPoqPFuw3gcPMn57NCZJ8MjT/p0wANIEm6AsgqrdFKwTRVJ1ytB/X9Ri" + + "ysmjMBs9zbFKjU9jVDg1vGBNtb7YnYg9IrYHa3e4yTu2wUJKGP2XWHVgjDR7" + + "6RtzlO4ljw0kkSMMEDle2ZbGZ6lVXbFwV0wPNPmGA6+XGJRxcddTnrM6R/41" + + "zqksFLgoNL2BdofMXwv7SzxGyvFhHdRRdBZ5dKj2K9OfXakEcm/asZGu87u8" + + "y9m7Cckw8ilSNPMdvYiFRoThICx9NiwYl1IIKGcWlb9p6RAx6XNSkY6ZZ6pE" + + "Vla1E26rbd7is1ssSeqxLXXV9anuG5HDwMIt+CIbD8fZmNTcWMzZRiaFajvR" + + "gXdyTu/UhVdhiQPF+lrxp4odgF0cXrpcGaKvOtPq04F4ad3O5EkSGucI210Q" + + "pR/jQs07Yp5xDPzsXAb8naHb84FvK1iONAEjWbfhDxqtH7KGrBbW4KEzJrv3" + + "B8GLDp+wOAFjGEdGDPkOx3y2L2HuI1XiS9LwL+psCily/A96OiUyRU8yEz4A" + + "AAAAAAAAAAAEAwAAAAAAAAAAADAtMCEwCQYFKw4DAhoFAAQU1NQjgVRH6Vg3" + + "tTy3wnQisALy9aYECKiM2gZrLi+fAAA="); + + static char[] noFriendlyPassword = "sschette12".toCharArray(); + + byte[] pkcs12StorageIssue = Base64.decode( + "MIIO8QIBAzCCDrEGCSqGSIb3DQEHAaCCDqIEgg6eMIIOmjCCBBMGCSqGSIb3" + + "DQEHAaCCBAQEggQAMIID/DCCA/gGCyqGSIb3DQEMCgECoIICtjCCArIwHAYK" + + "KoZIhvcNAQwBAzAOBAgURJ+/5hA2pgICB9AEggKQYZ4POE8clgH9Bjd1XO8m" + + "sr6NiRBiA08CllHSOn2RzyAgHTa+cKaWrEVVJ9mCd9XveSUCoBF9E1C3jSl0" + + "XIqLNgYd6mWK9BpeMRImM/5crjy///K4ab9kymzkc5qc0pIpdCQCZ04YmtFP" + + "B80VCgyaoh2xoxqgjBCIgdSg5XdepdA5nXkG9EsQ1oVUyCykv20lKgKKRseG" + + "Jo23AX8YUYR7ANqP2gz9lvlX6RBczuoZ62ujopUexiQgt5SZx97sgo3o/b/C" + + "px17A2L4wLdeAYCMCsZhC2UeaqnZCHSsvnPZfRGiuSEGbV5gHLmXszLDaEdQ" + + "Bo873GTpKTTzBfRFzNCtYtZRqh2AUsInWZWQUcCeX6Ogwa0wTonkp18/tqsh" + + "Fj1fVpnsRmjJTTXFxkPtUw5GPJnDAM0t1xqV7kOjN76XnZrMyk2azQ1Mf3Hn" + + "sGpF+VRGH6JtxbM0Jm5zD9uHcmkSfNR3tP/+vHOB1mkIR9tD2cHvBg7pAlPD" + + "RfDVWynhS+UBNlQ0SEM/pgR7PytRSUoKc/hhe3N8VerF7VL3BwWfBLlZFYZH" + + "FvPQg4coxF7+We7nrSQfXvdVBP9Zf0PTdf3pbZelGCPVjOzbzY/o/cB23IwC" + + "ONxlY8SC1nJDXrPZ5sY51cg/qUqor056YqipRlI6I+FoTMmMDKPAiV1V5ibo" + + "DNQJkyv/CAbTX4+oFlxgddTwYcPZgd/GoGjiP9yBHHdRISatHwMcM06CzXJS" + + "s3MhzXWD4aNxvvSpXAngDLdlB7cm4ja2klmMzL7IuxzLXFQFFvYf7IF5I1pC" + + "YZOmTlJgp0efL9bHjuHFnh0S0lPtlGDOjJ/4YpWvSKDplcPiXhaFVjsUtclE" + + "oxCC5xppRm8QWS8xggEtMA0GCSsGAQQBgjcRAjEAMBMGCSqGSIb3DQEJFTEG" + + "BAQBAAAAMGkGCSsGAQQBgjcRATFcHloATQBpAGMAcgBvAHMAbwBmAHQAIABS" + + "AFMAQQAgAFMAQwBoAGEAbgBuAGUAbAAgAEMAcgB5AHAAdABvAGcAcgBhAHAA" + + "aABpAGMAIABQAHIAbwB2AGkAZABlAHIwgZsGCSqGSIb3DQEJFDGBjR6BigA3" + + "AGQAZQBmADUAYgA0ADMANgBjAGEAYgBkADAAMAAyAGQAZAAyADkAMAAzAGIA" + + "MQA2ADgANgBjADcAOQA0ADgAXwA0ADYAZgAyADYAZgBkADQALQA4ADEAMgBk" + + "AC0ANABlAGYAYgAtADgAMAA4ADgALQA0ADUAYQBiADkAMQA5ADEAMAA3AGMA" + + "YzCCCn8GCSqGSIb3DQEHBqCCCnAwggpsAgEAMIIKZQYJKoZIhvcNAQcBMBwG" + + "CiqGSIb3DQEMAQYwDgQIbr2xdnQ9inMCAgfQgIIKOHg9VKz+jlM+3abi3cp6" + + "/XMathxDSEJLrxJs6j5DAVX17S4sw1Q/1pptjdMdd8QtTfUB6JpfgJ5Kpn+h" + + "gZMf6M8wWue0U/RZN0D9w7o+2n+X3ItdEXu80eJVDOm7I2p8qiXtijbMbXRL" + + "Cup1lgfPM5uv2D63/hmWRXLeG8eySrJnKENngpM559V8TI2JcTUBy1ZP3kcH" + + "KbcJ/tVPnIIe4qguxfsTmDtAQviGvWUohbt+RGFmtqfgntK7o6b+S8uRSwEs" + + "fOU/pnVE9M1ugtNJZI/xeGJq6umZWXA/OrAcK7feWUwqRvfivDGQJEoggByd" + + "4/g92PhK1JGkwlCb1HdfhOOKKChowQ4zVvSOm+uBxARGhk2i5uW9I20I0vSJ" + + "px42O2VFVJweOchfp+wBtSHBKYP1ZXyXWMvOtULClosSeesbYMAwvyBfpYEz" + + "3rQt/1iZkqDmEisXk8X1aEKG1KSWaSPyb/+6glWikDm+YdQw3Khu7IZt1l/H" + + "qWGecccel+R9mT4YjRzHlahUYk4U+RNVasVpH1Kxz2j3CZqL+b3jQOwSAPd/" + + "hKI+S/pjIpBPfiC4WxORAzGZzY2j+a79B70h1DO1D9jGur3vJDbdmGBNgs6d" + + "nonE1B527SICcGeXY1MtnZCLOPvySih0AvOekbN9x2CJg+Hp9e7A3Fxni53/" + + "oMLr9wGRRDki72eXCXW98mU8VJofoWYS1/VBLXGf/f+tJ9J02PpzxleqPH9T" + + "4mE+YHnZId6cqjCXmwvMr2cMw2clDVfvkbAJRE3eZHzL7IWSO8+giXzzrTsl" + + "VbMuXVkT4oniTN7TSRsBCT3zVVmCy1QL2hPBD6KsVc+bvLgAHRov84FPrI3f" + + "kY/oJufT36VE34Eu+QjzULlvVsLE3lhjutOerVIGSP//FM4LE99hp214P0JF" + + "DgBK+3J+ihmFdW8hUXOt6BU8/MBeiroiJMWo1/f/XcduekG2ZsdGv+GNPzXI" + + "PyHRpCgAgmck1+qoUPXxHRJuNqv223OZ5MN14X7iLl5OZ+f8IWfxUnZeZ9gj" + + "HNeceElwZ+YOup1CAi3haD9jxRWhZG4NDfB4IYi4Bc/TAkXE3jCPkYEvIbj9" + + "ExaU1Ts0+lqOOcwRmBoYjVrz0xbtfR/OWlopyrDHbeL5iQcQCW/loYRapWCZ" + + "E4ekHknpX9yoAwT355vtTkl0VKXeSZHE8jREhN95aY9zCoLYwbTQDTw7qUR5" + + "UamabLew0oS0XALtuOrfX4OUOZZUstUsGBle/Pw1TE3Bhe1clhrikp0F+Xgb" + + "Xx90KqxZX/36RMnCMAD7/q+57rV7WXp2Y5tT0AUgyUMjy1F1X/b1olUfqO1u" + + "rlWIUTl2znmQ3D9uO3W4ytfgGd5DpKcl2w84MBAT9qGwKuQg/UYKbP4K/+4L" + + "Y1DWCy3utmohQ28IJtlIUkPL1G7lHX1tfq/VA+bRNTJIhMrNn06ZJpuEJHDs" + + "/ferdlMFt/d6MrwVivmPVYkb8mSbHSiI8jZOFE44sA974depsDyXafFaSsl0" + + "bVzqOAu0C/n9dIednU0xxxgDF/djdZ/QhbaDIg2VJf11wx0nw9n76B0+eeyu" + + "QLaapzxCpQNDVOAM9doBb5F1I5pXQHFQqzTNtLmqDC4x0g8IH7asyk5LCglT" + + "b1pwMqPJOL2vGWKRLhPzT+9OfSpCmYGKytf593hmGmwIgEO13hQrw31F5TYt" + + "btkbDr+Q5XilOKEczhEM+Ug7YHU7bxkckOAbxu0YeRp/57GdGLokeLJ0dRlQ" + + "+V2CfQvWJoVC6PS4PUQtjwgK2p/LU10QsEFwM/S621fGq9zGrv7+FPBATRDb" + + "k4E9D/WaRylnW11ZTrOlTchQkoHcOh0xztlFxU8jzuIuDrPQQWkoqdl6B+yf" + + "lykRNJKKxwzFiPl40nLC3nEdIzCEvR4r/9QHiWQxAVSc/wQX+an5vakUmSXS" + + "oLFjgVdY1jmvdsx2r5BQPuOR8ONGmw/muvVSMaHV85brA4uk0lxn00HD9/a0" + + "A1LCeFkabNLn9wJT8RaJeOSNmFFllLR70OHaoPSb3GyzHpvd1e6aeaimdyVH" + + "BQWJ6Ufx+HjbOGuOiN46WyE6Q27dnWxx8qF89dKB4T/J0mEXqueiUjAUnnnR" + + "Cs4zPaX53hmNBdrZGaLs+xNG8xy+iyBUJIWWfQAQjCjfHYlT9nygiUWIbVQq" + + "RHkGkAN62jsSNLgHvWVzQPNNsYq0U8TPhyyci/vc8MJytujjptcz8FPqUjg2" + + "TPv34ef9buErsm4vsdEv/8Z+9aDaNex+O3Lo3N0Aw7M5NcntFBHjFY/nBFNZ" + + "whH5YA4gQ8PLZ5qshlGvb0DFXHV/9zxnsdPkLwH47ERm5IlEAuoaWtZFxg27" + + "BjLfwU1Opk+ybDSb5WZVZrs7ljsU85p3Vaf3a//yoyr9ITYj15tTXxSPoct0" + + "fDUy1I6LjJH/+eZXKA1WSda9mDQlRocvJ0IIIlI4weJpTdm8aHIJ8OngCqOF" + + "TufcSLDM41+nxEK1LqXeAScVy74kVvvqngj6mIrbylrINZOHheEgTXrUWEc0" + + "uXS8l1YqY6K6Ru5km2jVyWi/ujrDGb6QGShC09oiDYUuUGy4gwJ3XLVX/dR3" + + "pmMExohTGiVefFP400wVZaxB9g1BQmjSEZxIaW1U1K6fk8Yni8yWB3/L/PuD" + + "0+OV+98i1sQGaPe35crIpEc7R2XJdngL0Ol1ZuvCIBfy5DQwGIawTtBnjPdi" + + "hy//QTt/isdu7C5pGaJDkZFMrfxMibr6c3xXr7wwR75sTzPNmS8mquEdLsmG" + + "h8gTUnB8/K6V11JtUExMqTimTbUw+j8PggpeBelG36breWJIz1O+dmCTGuLM" + + "x/sK/i8eiUeRvWjqYpq5DYt4URWg2WlcpcKiUxQp07/NMx0svDC+mlQGwMnJ" + + "8KOJMW1qr3TGEJ/VVKKVn6sXn/RxA+VPofYzhwZByRX87XmNdPeQKC2DHQsW" + + "6v83dua5gcnv0cv/smXt7Yr/c12i0fbIaQvj3qjtUCDucjARoBey3eCyG5H6" + + "5VHSsFnPZ2HCTum+jRSw/ENsu/77XU4BIM2fjAfswp7iIr2Xi4OZWKIj6o6q" + + "+fNgnOJjemDYHAFK+hWxClrG8b+9Eaf21o4zcHkhCfBlYv4d+xcZOIDsDPwI" + + "sf+4V+CfoBLALsa2K0pXlPplGom/a8h7CjlyaICbWpEDItqwu7NQwdMRCa7i" + + "yAyM1sVjXUdcZByS1bjOFSeBe7ygAvEl78vApLxqt8Cw11XSsOtmwssecUN/" + + "pb7iHE4OMyOgsYx9u7rZ2hMyl42n3c29IwDYMumiNqk9cwCBpQTJAQEv4VzO" + + "QE5xYDBY9SEozni+4f7B7e2Wj/LOGb3vfNVYGNpDczBFxvr2FXTQla0lNYD/" + + "aePuC++QW4KvwiGL1Zx4Jo0eoDKWYlYj0qiNlQbWfVw+raaaFnlrq+je0W6P" + + "+BrKZCncho145y+CFKRLZrN5yl/cDxwsePMVhAIMr1DzVhgBXzA3MB8wBwYF" + + "Kw4DAhoEFN4Cwj9AtArnRbOIAsRhaaoZlTNJBBTIVPqCrloqLns145CWXjb0" + + "g141BQ=="); + + static char[] storagePassword = "pass".toCharArray(); + + byte[] pkcs12nopass = Base64.decode( + "MIIMvgIBAzCCDIQGCSqGSIb3DQEHAaCCDHUEggxxMIIMbTCCCS8GCSqGSIb3" + + "DQEHBqCCCSAwggkcAgEAMIIJFQYJKoZIhvcNAQcBMBwGCiqGSIb3DQEMAQYw" + + "DgQIfnlhuZRR6/YCAggAgIII6DYgeRwq5n9kzvohZ3JuK+fB+9jZ7Or6EGBA" + + "GDxtBfHmSNUBWJEV/I8wV1zrKKoW/CaoZfA61pyrVZRd/roaqBx/koTFoh/g" + + "woyyWTRV9gYTXSVqPQgCH+e2dISAa6UGO+/YOWOOwG2X3t8tS+3FduFQFLt5" + + "cvUP98zENdm57Aef5pKpBSZDLIAoTASfmqwszWABRh2p/wKOHcCQ9Aj2e2vs" + + "pls/ntIv81MqPuxHttwX8e+3dKWGFrJRztLpCD2aua8VkSsHFsPxEHkezX4O" + + "6/VCjMCRFGophTS4dgKKtQIhZ9i/ESlr6sGKgIpyG99ALFpNEhtTKe+T3boE" + + "sEkhGDquSpu4PGz2m0W5sej1DyFkKX4zIbeMDAb1y3O7aP0F+Llo9QSeGsOA" + + "aCwND3NUAKBMOHzwdyNQcuCGCqY8j5rrSt99A5FMs3UVW3XU6hRCx7JlzO05" + + "PNCkcPRSnKSNzBhIR5W0qj4PAZnQTfX+wbtUaDLIqsObX4Muh2l3gl+JmdpO" + + "53U7ILqN8PAPly1eT+fIrUmlMmFhvo6LbTB7B2K728wsA/5wROlud/mOQz4s" + + "quS288YsnVc9ExSZKodWa3Pqcdb/cgKNJYDxrR6/eBHOj+0RLK/1yTK9ghj7" + + "IPYHoEqQbw768WK92RjM+RFGlXASkQhR9y4weWj/388uAWMIbQ+R2Zi4nb31" + + "knjqRPFThysG1bsRL04/9PgysaasfS9KYOeAlLqp+Ar4gJrof5fytBuY+6wm" + + "/J8eEdNw7VPV1cz/4rhrd2sfJQwDEN/iZoy8rTwe7wozpwZI0lwH11BBbav+" + + "1AMfI79jjxhqOeo7uxE2NzUmSd05JYI7a94tcRzGQyGEKpGxYCRamzFW23qb" + + "vG5Hcqi7Tdd7eTxw4c60l/vQLSo38g6ST5yZrK3URLiAtpioPyjrq2jnVfie" + + "QLsiAHhpHF01+t+OcKv3UjwdEyBmQ34h9klwiG7iwBFXZaPXFCF2Np1TqFVG" + + "jjBzmB+hRddEiYwN+XGCKB2Cvgc5ZMQ8LG9jQmEKLmOjuumz1ciAVY2qtl1s" + + "HYSvfNsIAV/gGzHshOVF19JmGtcQt3pMtupoRh+sh8jY2/x5eIKrj2Jx6HPd" + + "p/6IPUr54j0xSd6j7gWuXMj/eKp/utMNuBzAhkydnhXYedvTDYIj7SyPPIHa" + + "qtam8rxTDWn2AOxp7OXTgPmo1GU2zW1OLL1D3MFlS+oaRMfhgNrhW+QP5ay6" + + "ge4QLijpnSM+p0CbFAOClwzgdJV56bBVV09sDqSBXnG9MeEv5nDaH3I+GpPA" + + "UgDkaI4zT61kaGgk0uNMf3czy2ycoQzTx0iHDTXSdSqvUC1yFza8UG4AYaKz" + + "14gtSL7StvZtK0Y8oI084BINI1LgrWyrOLj7vkds4WrKhXm21BtM1GbN/pFh" + + "XI41h+XoD8KnEPqJ36rAgBo1uHqTNJCC7YikDE/dEvq6MkOx+Nug1YZRHEyi" + + "3AHry5u1HJHtxT34HXBwRXvnstuFhvU6cjc1WY1dJhu1p82TGnx7OBo/QbcM" + + "8MRrWmWuU5eW4jWbriGNGYfvZy+tHnGwy0bIeqrsHOG6/JwvfmYYXe64sryH" + + "5Qo96SZtcTJZaNFwuBY+bFUuOWm8YrT1L7Gl2Muf3pEVtNHLeYARBo1jEAym" + + "Cb4jw0oodZqbPKdyyzUZu69fdTJiQkMUcKDfHJEGK0Li9SvtdqJLiiJs57Tb" + + "YfOvn+TIuC40ssJFtmtlGCVH/0vtKLWYeW1NYAMzgI/nlhQ7W6Aroh8sZnqv" + + "SwxeQmRJaVLxiV6YveTKuVlCbqNVLeEtKYAujgnJtPemGCPbwZpwlBw6V+Dz" + + "oXveOBcUqATztWJeNv7RbU0Mk7k057+DNxXBIU+eHRGquyHQSBXxBbA+OFuu" + + "4SPfEAyoYed0HEaoKN9lIsBW1xTROI30MZvaJXvPdLsa8izXGPLnTGmoI+fv" + + "tJ644HtBCCCr3Reu82ZsTSDMxspZ9aa4ro9Oza+R5eULXDhVXedbhJBYiPPo" + + "J37El5lRqOgu2SEilhhVQq3ZCugsinCaY9P/RtWG4CFnH1IcIT5+/mivB48I" + + "2XfH6Xq6ziJdj2/r86mhEnz9sKunNvYPBDGlOvI7xucEf9AiEQoTR1xyFDbW" + + "ljL4BsJqgsHN02LyUzLwqMstwv+/JH1wUuXSK40Kik/N7+jEFW2C+/N8tN7l" + + "RPKSLaTjxVuTfdv/BH1dkV4iGFgpQrdWkWgkb+VZP9xE2mLz715eIAg13x6+" + + "n97tc9Hh375xZJqwr3QyYTXWpsK/vx04RThv8p0qMdqKvf3jVQWwnCnoeBv2" + + "L4h/uisOLY18qka/Y48ttympG+6DpmzXTwD1LycoG2SOWckCMmJhZK40+zr3" + + "NVmWf6iJtbLGMxI/kzTqbTaOfXc2MroertyM1rILRSpgnJFxJfai5Enspr9b" + + "SCwlP718jG2lQsnYlw8CuxoZAiaNy4MmC5Y3qNl3hlcggcHeLodyGkSyRsBg" + + "cEiKSL7JNvqr0X/nUeW28zVxkmQsWlp3KmST8agf+r+sQvw52fXNLdYznGZV" + + "rJrwgNOoRj0Z70MwTns3s/tCqDEsy5Sv/5dZW2uQEe7/wvmsP2WLu73Rwplg" + + "1dwi/Uo9lO9dkEzmoIK5wMPCDINxL1K+0Y79q0tIAEMDgaIxmtRpEh8/TEsA" + + "UwyEErkDsQqgGviH+ePmawJ/yehYHTRfYUgdUflwApJxRx65pDeSYkiYboMU" + + "8WSAQY2nh/p9hLlS4zbz9dCK2tzVyRkJgqNy/c4IpiHEx2l1iipW9vENglqx" + + "dYP4uqD8e3OOLjDQKizWx2t1u7GRwoEVQ3d3QzzOvsRcv7h+6vNsmYqE6phe" + + "wKFZLctpSn21zkyut444ij4sSr1OG68dEXLY0t0mATfTmXXy5GJBsdK/lLfk" + + "YTIPYYeDMle9aEicDqaKqkZUuYPnVchGp8UFMJ3M0n48OMDdDvpzBLTxxZeW" + + "cK5v/m3OEo3jgxy9wXfZdz//J3zXXqvX8LpMy1K9X0uCBTz6ERlawviMQhg1" + + "1okD5zCCAzYGCSqGSIb3DQEHAaCCAycEggMjMIIDHzCCAxsGCyqGSIb3DQEM" + + "CgECoIICpjCCAqIwHAYKKoZIhvcNAQwBAzAOBAj3QoojTSbZqgICCAAEggKA" + + "YOSp5XGdnG1pdm9CfvlAaUSHRCOyNLndoUTqteTZjHTEM9bGwNXAx4/R5H2Q" + + "PnPm5HB/ynVSXX0uKdW6YlbqUyAdV3eqE4X3Nl+K7ZoXmgAFnMr0tveBhT1b" + + "7rTi0TN4twjJzBTkKcxT8XKjvpVizUxGo+Ss5Wk8FrWLHAiC5dZvgRemtGcM" + + "w5S09Pwj+qXpjUhX1pB5/63qWPrjVf+Bfmlz4bWcqogGk0i7eg+OdTeWMrW0" + + "KR9nD1+/uNEyc4FdGtdIPnM+ax0E+vcco0ExQpTXe0xoX4JW7O71d550Wp89" + + "hAVPNrJA5eUbSWNsuz+38gjUJ+4XaAEhcA7HZIp6ZyxtzSJUoh7oqpRktoxu" + + "3cSVqVxIqAEqlNn6j0vbKfW91Od5DI5L+BIxY4xqXS7fdwipj9r6qWA8t9QU" + + "C2r1A+xXpZ4jEh6inHW9qlfACBBrYf8pSDakSR6yTbaA07LExw0IXz5oiQYt" + + "s7yx231CZlOH88bBmruLOIZsJjeg/lf63zI7Gg4F85QG3RqEJnY2pinLUTP7" + + "R62VErFZPc2a85r2dbFH1mSQIj/rT1IKe32zIW8xoHC4VwrPkT3bcLFAu2TH" + + "5k5zSI/gZUKjPDxb2dwLM4pvsj3gJ9vcFZp6BCuLkZc5rd7CyD8HK9PrBLKd" + + "H3Yngy4A08W4U3XUtIux95WE+5O/UEmSF7fr2vT//DwZArGUpBPq4Bikb8cv" + + "0wpOwUv8r0DXveeaPsxdipXlt29Ayywcs6KIidLtCaCX6/0u/XtMsGNFS+ah" + + "OlumTGBFpbLnagvIf0GKNhbg2lTjflACnxIj8d+QWsnrIU1uC1JRRKCnhpi2" + + "veeWd1m8GUb3aTFiMCMGCSqGSIb3DQEJFTEWBBS9g+Xmq/8B462FWFfaLWd/" + + "rlFxOTA7BgkqhkiG9w0BCRQxLh4sAEMAZQByAHQAeQBmAGkAawBhAHQAIAB1" + + "AHoAeQB0AGsAbwB3AG4AaQBrAGEwMTAhMAkGBSsOAwIaBQAEFKJpUOIj0OtI" + + "j2CPp38YIFBEqvjsBAi8G+yhJe3A/wICCAA="); + + /** + * we generate a self signed certificate for the sake of testing - RSA + */ + public Certificate createCert( + PublicKey pubKey, + PrivateKey privKey) + throws Exception + { + // + // distinguished name table. + // + Hashtable attrs = new Hashtable(); + + attrs.put(X509Principal.C, "AU"); + attrs.put(X509Principal.O, "The Legion of the Bouncy Castle"); + attrs.put(X509Principal.L, "Melbourne"); + attrs.put(X509Principal.ST, "Victoria"); + attrs.put(X509Principal.EmailAddress, "feedback-crypto@bouncycastle.org"); + + // + // extensions + // + + // + // create the certificate - version 3 + // + X509V3CertificateGenerator certGen = new X509V3CertificateGenerator(); + + certGen.setSerialNumber(BigInteger.valueOf(1)); + certGen.setIssuerDN(new X509Principal(attrs)); + certGen.setNotBefore(new Date(System.currentTimeMillis() - 1000L * 60 * 60 * 24 * 30)); + certGen.setNotAfter(new Date(System.currentTimeMillis() + (1000L * 60 * 60 * 24 * 30))); + certGen.setSubjectDN(new X509Principal(attrs)); + certGen.setPublicKey(pubKey); + certGen.setSignatureAlgorithm("MD5WithRSAEncryption"); + + X509Certificate cert = certGen.generateX509Certificate(privKey); + + cert.checkValidity(new Date()); + + cert.verify(pubKey); + + return cert; + } + + public void testPKCS12Store() + throws Exception + { + BigInteger mod = new BigInteger("bb1be8074e4787a8d77967f1575ef72dd7582f9b3347724413c021beafad8f32dba5168e280cbf284df722283dad2fd4abc750e3d6487c2942064e2d8d80641aa5866d1f6f1f83eec26b9b46fecb3b1c9856a303148a5cc899c642fb16f3d9d72f52526c751dc81622c420c82e2cfda70fe8d13f16cc7d6a613a5b2a2b5894d1", 16); + KeyStore store = KeyStore.getInstance("PKCS12", "SC"); + ByteArrayInputStream stream = new ByteArrayInputStream(pkcs12); + + store.load(stream, passwd); + + Enumeration en = store.aliases(); + String pName = null; + + while (en.hasMoreElements()) + { + String n = (String)en.nextElement(); + if (store.isKeyEntry(n)) + { + pName = n; + } + } + + PrivateKey key = (PrivateKey)store.getKey(pName, null); + + if (!((RSAPrivateKey)key).getModulus().equals(mod)) + { + fail("Modulus doesn't match."); + } + + Certificate[] ch = store.getCertificateChain(pName); + + if (ch.length != 3) + { + fail("chain was wrong length"); + } + + if (!((X509Certificate)ch[0]).getSerialNumber().equals(new BigInteger("96153094170511488342715101755496684211"))) + { + fail("chain[0] wrong certificate."); + } + + if (!((X509Certificate)ch[1]).getSerialNumber().equals(new BigInteger("279751514312356623147411505294772931957"))) + { + fail("chain[1] wrong certificate."); + } + + if (!((X509Certificate)ch[2]).getSerialNumber().equals(new BigInteger("11341398017"))) + { + fail("chain[2] wrong certificate."); + } + + // + // save test + // + ByteArrayOutputStream bOut = new ByteArrayOutputStream(); + + store.store(bOut, passwd); + + stream = new ByteArrayInputStream(bOut.toByteArray()); + + store.load(stream, passwd); + + key = (PrivateKey)store.getKey(pName, null); + + if (!((RSAPrivateKey)key).getModulus().equals(mod)) + { + fail("Modulus doesn't match."); + } + + store.deleteEntry(pName); + + if (store.getKey(pName, null) != null) + { + fail("Failed deletion test."); + } + + // + // cert chain test + // + store.setCertificateEntry("testCert", ch[2]); + + if (store.getCertificateChain("testCert") != null) + { + fail("Failed null chain test."); + } + + // + // UTF 8 single cert test + // + store = KeyStore.getInstance("PKCS12", "SC"); + stream = new ByteArrayInputStream(certUTF); + + store.load(stream, "user".toCharArray()); + + if (store.getCertificate("37") == null) + { + fail("Failed to find UTF cert."); + } + + // + // try for a self generated certificate + // + RSAPublicKeySpec pubKeySpec = new RSAPublicKeySpec( + new BigInteger("b4a7e46170574f16a97082b22be58b6a2a629798419be12872a4bdba626cfae9900f76abfb12139dce5de56564fab2b6543165a040c606887420e33d91ed7ed7", 16), + new BigInteger("11", 16)); + + RSAPrivateCrtKeySpec privKeySpec = new RSAPrivateCrtKeySpec( + new BigInteger("b4a7e46170574f16a97082b22be58b6a2a629798419be12872a4bdba626cfae9900f76abfb12139dce5de56564fab2b6543165a040c606887420e33d91ed7ed7", 16), + new BigInteger("11", 16), + new BigInteger("9f66f6b05410cd503b2709e88115d55daced94d1a34d4e32bf824d0dde6028ae79c5f07b580f5dce240d7111f7ddb130a7945cd7d957d1920994da389f490c89", 16), + new BigInteger("c0a0758cdf14256f78d4708c86becdead1b50ad4ad6c5c703e2168fbf37884cb", 16), + new BigInteger("f01734d7960ea60070f1b06f2bb81bfac48ff192ae18451d5e56c734a5aab8a5", 16), + new BigInteger("b54bb9edff22051d9ee60f9351a48591b6500a319429c069a3e335a1d6171391", 16), + new BigInteger("d3d83daf2a0cecd3367ae6f8ae1aeb82e9ac2f816c6fc483533d8297dd7884cd", 16), + new BigInteger("b8f52fc6f38593dabb661d3f50f8897f8106eee68b1bce78a95b132b4e5b5d19", 16)); + + // + // set up the keys + // + PrivateKey privKey = null; + PublicKey pubKey = null; + + try + { + KeyFactory fact = KeyFactory.getInstance("RSA", "SC"); + + privKey = fact.generatePrivate(privKeySpec); + pubKey = fact.generatePublic(pubKeySpec); + } + catch (Exception e) + { + fail("error setting up keys - " + e.toString()); + } + + Certificate[] chain = new Certificate[1]; + + chain[0] = createCert(pubKey, privKey); + + store = KeyStore.getInstance("PKCS12", "SC"); + + store.load(null, null); + + store.setKeyEntry("privateKey", privKey, null, chain); + + if (!store.containsAlias("privateKey")) + { + fail("couldn't find alias privateKey"); + } + + if (store.isCertificateEntry("privateKey")) + { + fail("cert identified as certificate entry"); + } + + if (!store.isKeyEntry("privateKey")) + { + fail("cert not dentified as key entry"); + } + + if (!"privateKey".equals(store.getCertificateAlias(chain[0]))) + { + fail("Did not return alias for key certificate privateKey"); + } + + store.store(new ByteArrayOutputStream(), passwd); + + // + // no friendly name test + // + store = KeyStore.getInstance("PKCS12", "SC"); + stream = new ByteArrayInputStream(pkcs12noFriendly); + + store.load(stream, noFriendlyPassword); + + en = store.aliases(); + pName = null; + + while (en.hasMoreElements()) + { + String n = (String)en.nextElement(); + + if (store.isKeyEntry(n)) + { + pName = n; + } + } + + ch = store.getCertificateChain(pName); + + for (int i = 0; i != ch.length; i++) + { + //System.out.println(ch[i]); + } + + if (ch.length != 1) + { + fail("no cert found in pkcs12noFriendly"); + } + + // + // failure tests + // + ch = store.getCertificateChain("dummy"); + + store.getCertificate("dummy"); + + // + // storage test + // + store = KeyStore.getInstance("PKCS12", "SC"); + stream = new ByteArrayInputStream(pkcs12StorageIssue); + + store.load(stream, storagePassword); + + en = store.aliases(); + pName = null; + + while (en.hasMoreElements()) + { + String n = (String)en.nextElement(); + + if (store.isKeyEntry(n)) + { + pName = n; + } + } + + ch = store.getCertificateChain(pName); + if (ch.length != 2) + { + fail("Certificate chain wrong length"); + } + + store.store(new ByteArrayOutputStream(), storagePassword); + + // + // basic certificate check + // + store.setCertificateEntry("cert", ch[1]); + + if (!store.containsAlias("cert")) + { + fail("couldn't find alias cert"); + } + + if (!store.isCertificateEntry("cert")) + { + fail("cert not identified as certificate entry"); + } + + if (store.isKeyEntry("cert")) + { + fail("cert identified as key entry"); + } + + if (!"cert".equals(store.getCertificateAlias(ch[1]))) + { + fail("Did not return alias for certificate entry"); + } + + // + // test of reading incorrect zero-length encoding + // + store = KeyStore.getInstance("PKCS12", "SC"); + stream = new ByteArrayInputStream(pkcs12nopass); + + store.load(stream, "".toCharArray()); + } + + public String getName() + { + return "PKCS12Store"; + } + + public void performTest() + throws Exception + { + testPKCS12Store(); + } + + public static void main( + String[] args) + { + Security.addProvider(new BouncyCastleProvider()); + + runTest(new PKCS12StoreTest()); + } +} diff --git a/prov/src/test/jdk1.4/org/spongycastle/jce/provider/test/PSSTest.java b/prov/src/test/jdk1.4/org/spongycastle/jce/provider/test/PSSTest.java new file mode 100644 index 00000000..6eb2bf8c --- /dev/null +++ b/prov/src/test/jdk1.4/org/spongycastle/jce/provider/test/PSSTest.java @@ -0,0 +1,213 @@ +package org.spongycastle.jce.provider.test; + +import java.math.BigInteger; +import java.security.AlgorithmParameters; +import java.security.KeyFactory; +import java.security.KeyPair; +import java.security.KeyPairGenerator; +import java.security.PrivateKey; +import java.security.PublicKey; +import java.security.SecureRandom; +import java.security.Security; +import java.security.Signature; +import java.security.spec.PSSParameterSpec; +import java.security.spec.RSAPrivateCrtKeySpec; +import java.security.spec.RSAPublicKeySpec; + +import org.spongycastle.jce.provider.BouncyCastleProvider; +import org.spongycastle.util.encoders.Hex; +import org.spongycastle.util.test.SimpleTestResult; +import org.spongycastle.util.test.Test; +import org.spongycastle.util.test.TestResult; + +public class PSSTest + implements Test +{ + private class FixedRandom + extends SecureRandom + { + byte[] vals; + + FixedRandom( + byte[] vals) + { + this.vals = vals; + } + + public void nextBytes( + byte[] bytes) + { + System.arraycopy(vals, 0, bytes, 0, vals.length); + } + } + + private boolean arrayEquals( + byte[] a, + byte[] b) + { + if (a.length != b.length) + { + return false; + } + + for (int i = 0; i != a.length; i++) + { + if (a[i] != b[i]) + { + return false; + } + } + + return true; + } + + + private RSAPublicKeySpec pubKeySpec = new RSAPublicKeySpec( + new BigInteger("a56e4a0e701017589a5187dc7ea841d156f2ec0e36ad52a44dfeb1e61f7ad991d8c51056ffedb162b4c0f283a12a88a394dff526ab7291cbb307ceabfce0b1dfd5cd9508096d5b2b8b6df5d671ef6377c0921cb23c270a70e2598e6ff89d19f105acc2d3f0cb35f29280e1386b6f64c4ef22e1e1f20d0ce8cffb2249bd9a2137",16), + new BigInteger("010001",16)); + + private RSAPrivateCrtKeySpec privKeySpec = new RSAPrivateCrtKeySpec( + new BigInteger("a56e4a0e701017589a5187dc7ea841d156f2ec0e36ad52a44dfeb1e61f7ad991d8c51056ffedb162b4c0f283a12a88a394dff526ab7291cbb307ceabfce0b1dfd5cd9508096d5b2b8b6df5d671ef6377c0921cb23c270a70e2598e6ff89d19f105acc2d3f0cb35f29280e1386b6f64c4ef22e1e1f20d0ce8cffb2249bd9a2137",16), + new BigInteger("010001",16), + new BigInteger("33a5042a90b27d4f5451ca9bbbd0b44771a101af884340aef9885f2a4bbe92e894a724ac3c568c8f97853ad07c0266c8c6a3ca0929f1e8f11231884429fc4d9ae55fee896a10ce707c3ed7e734e44727a39574501a532683109c2abacaba283c31b4bd2f53c3ee37e352cee34f9e503bd80c0622ad79c6dcee883547c6a3b325",16), + new BigInteger("e7e8942720a877517273a356053ea2a1bc0c94aa72d55c6e86296b2dfc967948c0a72cbccca7eacb35706e09a1df55a1535bd9b3cc34160b3b6dcd3eda8e6443",16), + new BigInteger("b69dca1cf7d4d7ec81e75b90fcca874abcde123fd2700180aa90479b6e48de8d67ed24f9f19d85ba275874f542cd20dc723e6963364a1f9425452b269a6799fd",16), + new BigInteger("28fa13938655be1f8a159cbaca5a72ea190c30089e19cd274a556f36c4f6e19f554b34c077790427bbdd8dd3ede2448328f385d81b30e8e43b2fffa027861979",16), + new BigInteger("1a8b38f398fa712049898d7fb79ee0a77668791299cdfa09efc0e507acb21ed74301ef5bfd48be455eaeb6e1678255827580a8e4e8e14151d1510a82a3f2e729",16), + new BigInteger("27156aba4126d24a81f3a528cbfb27f56886f840a9f6e86e17a44b94fe9319584b8e22fdde1e5a2e3bd8aa5ba8d8584194eb2190acf832b847f13a3d24a79f4d",16)); + + // PSSExample1.1 + + private byte[] msg1a = Hex.decode("cdc87da223d786df3b45e0bbbc721326d1ee2af806cc315475cc6f0d9c66e1b62371d45ce2392e1ac92844c310102f156a0d8d52c1f4c40ba3aa65095786cb769757a6563ba958fed0bcc984e8b517a3d5f515b23b8a41e74aa867693f90dfb061a6e86dfaaee64472c00e5f20945729cbebe77f06ce78e08f4098fba41f9d6193c0317e8b60d4b6084acb42d29e3808a3bc372d85e331170fcbf7cc72d0b71c296648b3a4d10f416295d0807aa625cab2744fd9ea8fd223c42537029828bd16be02546f130fd2e33b936d2676e08aed1b73318b750a0167d0"); + + private byte[] slt1a = Hex.decode("dee959c7e06411361420ff80185ed57f3e6776af"); + + private byte[] sig1a = Hex.decode("9074308fb598e9701b2294388e52f971faac2b60a5145af185df5287b5ed2887e57ce7fd44dc8634e407c8e0e4360bc226f3ec227f9d9e54638e8d31f5051215df6ebb9c2f9579aa77598a38f914b5b9c1bd83c4e2f9f382a0d0aa3542ffee65984a601bc69eb28deb27dca12c82c2d4c3f66cd500f1ff2b994d8a4e30cbb33c"); + + private byte[] sig1b = Hex.decode("96ea348db4db2947aee807bd687411a880913706f21b383a1002b97e43656e5450a9d1812efbedd1ed159f8307986adf48bada66a8efd14bd9e2f6f6f458e73b50c8ce6e3079011c5b4bd1600a2601a66198a1582574a43f13e0966c6c2337e6ca0886cd9e1b1037aeadef1382117d22b35e7e4403f90531c8cfccdf223f98e4"); + + private byte[] sig1c = Hex.decode("9e64cc1062c537b142480bc5af407b55904ead970e20e0f8f6664279c96c6da6b03522160f224a85cc413dfe6bd00621485b665abac6d90ff38c9af06f4ddd6c7c81540439e5795601a1343d9feb465712ff8a5f5150391522fb5a9b8e2225a555f4efaa5e5c0ed7a19b27074c2d9f6dbbd0c893ba02c4a35b115d337bccd7a2"); + + public TestResult perform() + { + try + { + KeyFactory fact = KeyFactory.getInstance("RSA", "SC"); + + PrivateKey privKey = fact.generatePrivate(privKeySpec); + PublicKey pubKey = fact.generatePublic(pubKeySpec); + + Signature s = Signature.getInstance("SHA1withRSA/PSS", "SC"); + + s.initSign(privKey, new FixedRandom(slt1a)); + s.update(msg1a); + byte[] sig = s.sign(); + + if (!arrayEquals(sig1a, sig)) + { + return new SimpleTestResult(false, "PSS Sign test expected " + new String(Hex.encode(sig1a)) + " got " + new String(Hex.encode(sig))); + } + + s = Signature.getInstance("SHA1withRSAandMGF1", "SC"); + + s.initVerify(pubKey); + s.update(msg1a); + if (!s.verify(sig1a)) + { + return new SimpleTestResult(false, "SHA1 signature verification failed"); + } + + s = Signature.getInstance("SHA1withRSAandMGF1", "SC"); + + s.setParameter(new PSSParameterSpec(20)); + + s.initVerify(pubKey); + s.update(msg1a); + if (!s.verify(sig1a)) + { + return new SimpleTestResult(false, "SHA1 signature verification with default parameters failed"); + } + + AlgorithmParameters pss = s.getParameters(); + if (!arrayEquals(pss.getEncoded(), new byte[] { 0x30, 0x00 })) + { + return new SimpleTestResult(false, "failed default encoding test."); + } + + s = Signature.getInstance("SHA256withRSA/PSS", "SC"); + + s.initSign(privKey, new FixedRandom(slt1a)); + s.update(msg1a); + sig = s.sign(); + + pss = s.getParameters(); + + if (!arrayEquals(sig1b, sig)) + { + return new SimpleTestResult(false, "PSS Sign test expected " + new String(Hex.encode(sig1b)) + " got " + new String(Hex.encode(sig))); + } + + s = Signature.getInstance("SHA256withRSAandMGF1", "SC"); + + s.setParameter(pss.getParameterSpec(PSSParameterSpec.class)); + + s.initVerify(pubKey); + s.update(msg1a); + if (!s.verify(sig1b)) + { + return new SimpleTestResult(false, "SHA256 signature verification failed"); + } + + // + // 512 test -with zero salt length + // + s = Signature.getInstance("SHA512withRSAandMGF1", "SC"); + + s.setParameter(new PSSParameterSpec(0)); + s.initSign(privKey); + + s.update(msg1a); + sig = s.sign(); + + pss = s.getParameters(); + + if (!arrayEquals(sig1c, sig)) + { + return new SimpleTestResult(false, "PSS Sign test expected " + new String(Hex.encode(sig1c)) + " got " + new String(Hex.encode(sig))); + } + + s = Signature.getInstance("SHA512withRSAandMGF1", "SC"); + + s.setParameter(pss.getParameterSpec(PSSParameterSpec.class)); + + s.initVerify(pubKey); + s.update(msg1a); + if (!s.verify(sig1c)) + { + return new SimpleTestResult(false, "SHA512 signature verification failed"); + } + + return new SimpleTestResult(true, getName() + ": Okay"); + } + catch (Exception e) + { + return new SimpleTestResult(false, getName() + ": exception - " + e.toString(), e); + } + } + + public String getName() + { + return "PSSTest"; + } + + public static void main( + String[] args) + { + Security.addProvider(new BouncyCastleProvider()); + + Test test = new PSSTest(); + TestResult result = test.perform(); + + System.out.println(result.toString()); + } +} diff --git a/prov/src/test/jdk1.4/org/spongycastle/jce/provider/test/RSATest.java b/prov/src/test/jdk1.4/org/spongycastle/jce/provider/test/RSATest.java new file mode 100644 index 00000000..7b484d60 --- /dev/null +++ b/prov/src/test/jdk1.4/org/spongycastle/jce/provider/test/RSATest.java @@ -0,0 +1,404 @@ +package org.spongycastle.jce.provider.test; + +import java.math.BigInteger; +import java.security.KeyFactory; +import java.security.KeyPair; +import java.security.KeyPairGenerator; +import java.security.PrivateKey; +import java.security.PublicKey; +import java.security.SecureRandom; +import java.security.Security; +import java.security.interfaces.RSAPublicKey; +import java.security.spec.RSAKeyGenParameterSpec; +import java.security.spec.RSAPrivateCrtKeySpec; +import java.security.spec.RSAPrivateKeySpec; +import java.security.spec.RSAPublicKeySpec; + +import javax.crypto.Cipher; + +import org.spongycastle.jce.provider.BouncyCastleProvider; +import org.spongycastle.util.encoders.Hex; +import org.spongycastle.util.test.SimpleTest; + +public class RSATest + extends SimpleTest +{ + /** + * a fake random number generator - we just want to make sure the random numbers + * aren't random so that we get the same output, while still getting to test the + * key generation facilities. + */ + private class FixedSecureRandom + extends SecureRandom + { + byte[] seed = { + (byte)0xaa, (byte)0xfd, (byte)0x12, (byte)0xf6, (byte)0x59, + (byte)0xca, (byte)0xe6, (byte)0x34, (byte)0x89, (byte)0xb4, + (byte)0x79, (byte)0xe5, (byte)0x07, (byte)0x6d, (byte)0xde, + (byte)0xc2, (byte)0xf0, (byte)0x6c, (byte)0xb5, (byte)0x8f + }; + + public void nextBytes( + byte[] bytes) + { + int offset = 0; + + while ((offset + seed.length) < bytes.length) + { + System.arraycopy(seed, 0, bytes, offset, seed.length); + offset += seed.length; + } + + System.arraycopy(seed, 0, bytes, offset, bytes.length - offset); + } + } + + private RSAPublicKeySpec pubKeySpec = new RSAPublicKeySpec( + new BigInteger("b4a7e46170574f16a97082b22be58b6a2a629798419be12872a4bdba626cfae9900f76abfb12139dce5de56564fab2b6543165a040c606887420e33d91ed7ed7", 16), + new BigInteger("11", 16)); + + private RSAPrivateCrtKeySpec privKeySpec = new RSAPrivateCrtKeySpec( + new BigInteger("b4a7e46170574f16a97082b22be58b6a2a629798419be12872a4bdba626cfae9900f76abfb12139dce5de56564fab2b6543165a040c606887420e33d91ed7ed7", 16), + new BigInteger("11", 16), + new BigInteger("9f66f6b05410cd503b2709e88115d55daced94d1a34d4e32bf824d0dde6028ae79c5f07b580f5dce240d7111f7ddb130a7945cd7d957d1920994da389f490c89", 16), + new BigInteger("c0a0758cdf14256f78d4708c86becdead1b50ad4ad6c5c703e2168fbf37884cb", 16), + new BigInteger("f01734d7960ea60070f1b06f2bb81bfac48ff192ae18451d5e56c734a5aab8a5", 16), + new BigInteger("b54bb9edff22051d9ee60f9351a48591b6500a319429c069a3e335a1d6171391", 16), + new BigInteger("d3d83daf2a0cecd3367ae6f8ae1aeb82e9ac2f816c6fc483533d8297dd7884cd", 16), + new BigInteger("b8f52fc6f38593dabb661d3f50f8897f8106eee68b1bce78a95b132b4e5b5d19", 16)); + + private RSAPublicKeySpec isoPubKeySpec = new RSAPublicKeySpec( + new BigInteger("0100000000000000000000000000000000bba2d15dbb303c8a21c5ebbcbae52b7125087920dd7cdf358ea119fd66fb064012ec8ce692f0a0b8e8321b041acd40b7", 16), + new BigInteger("03", 16)); + + private RSAPrivateKeySpec isoPrivKeySpec = new RSAPrivateKeySpec( + new BigInteger("0100000000000000000000000000000000bba2d15dbb303c8a21c5ebbcbae52b7125087920dd7cdf358ea119fd66fb064012ec8ce692f0a0b8e8321b041acd40b7", 16), + new BigInteger("2aaaaaaaaaaaaaaaaaaaaaaaaaaaaaaac9f0783a49dd5f6c5af651f4c9d0dc9281c96a3f16a85f9572d7cc3f2d0f25a9dbf1149e4cdc32273faadd3fda5dcda7", 16)); + + private RSAPublicKeySpec pub2048KeySpec = new RSAPublicKeySpec( + new BigInteger("a7295693155b1813bb84877fb45343556e0568043de5910872a3a518cc11e23e2db74eaf4545068c4e3d258a2718fbacdcc3eafa457695b957e88fbf110aed049a992d9c430232d02f3529c67a3419935ea9b569f85b1bcd37de6b899cd62697e843130ff0529d09c97d813cb15f293751ff56f943fbdabb63971cc7f4f6d5bff1594416b1f5907bde5a84a44f9802ef29b43bda1960f948f8afb8766c1ab80d32eec88ed66d0b65aebe44a6d0b3c5e0ab051aaa1b912fbcc17b8e751ddecc5365b6db6dab0020c3057db4013a51213a5798a3aab67985b0f4d88627a54a0f3f0285fbcb4afdfeb65cb153af66825656d43238b75503231500753f4e421e3c57", 16), + new BigInteger("10001", 16)); + + private RSAPrivateCrtKeySpec priv2048KeySpec = new RSAPrivateCrtKeySpec( + new BigInteger("a7295693155b1813bb84877fb45343556e0568043de5910872a3a518cc11e23e2db74eaf4545068c4e3d258a2718fbacdcc3eafa457695b957e88fbf110aed049a992d9c430232d02f3529c67a3419935ea9b569f85b1bcd37de6b899cd62697e843130ff0529d09c97d813cb15f293751ff56f943fbdabb63971cc7f4f6d5bff1594416b1f5907bde5a84a44f9802ef29b43bda1960f948f8afb8766c1ab80d32eec88ed66d0b65aebe44a6d0b3c5e0ab051aaa1b912fbcc17b8e751ddecc5365b6db6dab0020c3057db4013a51213a5798a3aab67985b0f4d88627a54a0f3f0285fbcb4afdfeb65cb153af66825656d43238b75503231500753f4e421e3c57", 16), + new BigInteger("10001", 16), + new BigInteger("65dad56ac7df7abb434e4cb5eeadb16093aa6da7f0033aad3815289b04757d32bfee6ade7749c8e4a323b5050a2fb9e2a99e23469e1ed4ba5bab54336af20a5bfccb8b3424cc6923db2ffca5787ed87aa87aa614cd04cedaebc8f623a2d2063017910f436dff18bb06f01758610787f8b258f0a8efd8bd7de30007c47b2a1031696c7d6523bc191d4d918927a7e0b09584ed205bd2ff4fc4382678df82353f7532b3bbb81d69e3f39070aed3fb64fce032a089e8e64955afa5213a6eb241231bd98d702fba725a9b205952fda186412d9e0d9344d2998c455ad8c2bae85ee672751466d5288304032b5b7e02f7e558c7af82c7fbf58eea0bb4ef0f001e6cd0a9", 16), + new BigInteger("d4fd9ac3474fb83aaf832470643609659e511b322632b239b688f3cd2aad87527d6cf652fb9c9ca67940e84789444f2e99b0cb0cfabbd4de95396106c865f38e2fb7b82b231260a94df0e01756bf73ce0386868d9c41645560a81af2f53c18e4f7cdf3d51d80267372e6e0216afbf67f655c9450769cca494e4f6631b239ce1b", 16), + new BigInteger("c8eaa0e2a1b3a4412a702bccda93f4d150da60d736c99c7c566fdea4dd1b401cbc0d8c063daaf0b579953d36343aa18b33dbf8b9eae94452490cc905245f8f7b9e29b1a288bc66731a29e1dd1a45c9fd7f8238ff727adc49fff73991d0dc096206b9d3a08f61e7462e2b804d78cb8c5eccdb9b7fbd2ad6a8fea46c1053e1be75", 16), + new BigInteger("10edcb544421c0f9e123624d1099feeb35c72a8b34e008ac6fa6b90210a7543f293af4e5299c8c12eb464e70092805c7256e18e5823455ba0f504d36f5ccacac1b7cd5c58ff710f9c3f92646949d88fdd1e7ea5fed1081820bb9b0d2a8cd4b093fecfdb96dabd6e28c3a6f8c186dc86cddc89afd3e403e0fcf8a9e0bcb27af0b", 16), + new BigInteger("97fc25484b5a415eaa63c03e6efa8dafe9a1c8b004d9ee6e80548fefd6f2ce44ee5cb117e77e70285798f57d137566ce8ea4503b13e0f1b5ed5ca6942537c4aa96b2a395782a4cb5b58d0936e0b0fa63b1192954d39ced176d71ef32c6f42c84e2e19f9d4dd999c2151b032b97bd22aa73fd8c5bcd15a2dca4046d5acc997021", 16), + new BigInteger("4bb8064e1eff7e9efc3c4578fcedb59ca4aef0993a8312dfdcb1b3decf458aa6650d3d0866f143cbf0d3825e9381181170a0a1651eefcd7def786b8eb356555d9fa07c85b5f5cbdd74382f1129b5e36b4166b6cc9157923699708648212c484958351fdc9cf14f218dbe7fbf7cbd93a209a4681fe23ceb44bab67d66f45d1c9d", 16)); + + public void performTest() + throws Exception + { + KeyFactory fact; + byte[] input = new byte[] + { (byte)0x54, (byte)0x85, (byte)0x9b, (byte)0x34, (byte)0x2c, (byte)0x49, (byte)0xea, (byte)0x2a }; + byte[][] output = new byte[][] + { + Hex.decode("8b427f781a2e59dd9def386f1956b996ee07f48c96880e65a368055ed8c0a8831669ef7250b40918b2b1d488547e72c84540e42bd07b03f14e226f04fbc2d929"), + Hex.decode("2ec6e1a1711b6c7b8cd3f6a25db21ab8bb0a5f1d6df2ef375fa708a43997730ffc7c98856dbbe36edddcdd1b2d2a53867d8355af94fea3aeec128da908e08f4c"), + Hex.decode("0850ac4e5a8118323200c8ed1e5aaa3d5e635172553ccac66a8e4153d35c79305c4440f11034ab147fccce21f18a50cf1c0099c08a577eb68237a91042278965"), + Hex.decode("1c9649bdccb51056751fe43837f4eb43bada472accf26f65231666d5de7d11950d8379b3596dfdf75c6234274896fa8d18ad0865d3be2ac4d6687151abdf01e93941dcef18fa63186c9351d1506c89d09733c5ff4304208c812bdd21a50f56fde115e629e0e973721c9fcc87e89295a79853dee613962a0b2f2fc57163fd99057a3c776f13c20c26407eb8863998d7e53b543ba8d0a295a9a68d1a149833078c9809ad6a6dad7fc22a95ad615a73138c54c018f40d99bf8eeecd45f5be526f2d6b01aeb56381991c1ab31a2e756f15e052b9cd5638b2eff799795c5bae493307d5eb9f8c21d438de131fe505a4e7432547ab19224094f9e4be1968bd0793b79d"), + Hex.decode("4c4afc0c24dddaedd4f9a3b23be30d35d8e005ffd36b3defc5d18acc830c3ed388ce20f43a00e614fd087c814197bc9fc2eff9ad4cc474a7a2ef3ed9c0f0a55eb23371e41ee8f2e2ed93ea3a06ca482589ab87e0d61dcffda5eea1241408e43ea1108726cdb87cc3aa5e9eaaa9f72507ca1352ac54a53920c94dccc768147933d8c50aefd9d1da10522a40133cd33dbc0524669e70f771a88d65c4716d471cd22b08b9f01f24e4e9fc7ffbcfa0e0a7aed47b345826399b26a73be112eb9c5e06fc6742fc3d0ef53d43896403c5105109cfc12e6deeaf4a48ba308e039774b9bdb31a9b9e133c81c321630cf0b4b2d1f90717b24c3268e1fea681ea9cdc709342"), + Hex.decode("06b5b26bd13515f799e5e37ca43cace15cd82fd4bf36b25d285a6f0998d97c8cb0755a28f0ae66618b1cd03e27ac95eaaa4882bc6dc0078cd457d4f7de4154173a9c7a838cfc2ac2f74875df462aae0cfd341645dc51d9a01da9bdb01507f140fa8a016534379d838cc3b2a53ac33150af1b242fc88013cb8d914e66c8182864ee6de88ce2879d4c05dd125409620a96797c55c832fb2fb31d4310c190b8ed2c95fdfda2ed87f785002faaec3f35ec05cf70a3774ce185e4882df35719d582dd55ac31257344a9cba95189dcbea16e8c6cb7a235a0384bc83b6183ca8547e670fe33b1b91725ae0c250c9eca7b5ba78bd77145b70270bf8ac31653006c02ca9c"), + Hex.decode("135f1be3d045526235bf9d5e43499d4ee1bfdf93370769ae56e85dbc339bc5b7ea3bee49717497ee8ac3f7cd6adb6fc0f17812390dcd65ac7b87fef7970d9ff9"), + Hex.decode("00319bb9becb49f3ed1bca26d0fcf09b0b0a508e4d0bd43b350f959b72cd25b3af47d608fdcd248eada74fbe19990dbeb9bf0da4b4e1200243a14e5cab3f7e610c") + }; + SecureRandom rand = new FixedSecureRandom(); + + + fact = KeyFactory.getInstance("RSA", "SC"); + + PrivateKey privKey = fact.generatePrivate(privKeySpec); + PublicKey pubKey = fact.generatePublic(pubKeySpec); + + PrivateKey priv2048Key = fact.generatePrivate(priv2048KeySpec); + PublicKey pub2048Key = fact.generatePublic(pub2048KeySpec); + + // + // No Padding + // + Cipher c = Cipher.getInstance("RSA", "SC"); + + c.init(Cipher.ENCRYPT_MODE, pubKey, rand); + + byte[] out = c.doFinal(input); + + if (!areEqual(out, output[0])) + { + fail("NoPadding test failed on encrypt expected " + new String(Hex.encode(output[0])) + " got " + new String(Hex.encode(out))); + } + + c.init(Cipher.DECRYPT_MODE, privKey); + + out = c.doFinal(out); + + if (!areEqual(out, input)) + { + fail("NoPadding test failed on decrypt expected " + new String(Hex.encode(input)) + " got " + new String(Hex.encode(out))); + } + + // + // No Padding - incremental + // + c = Cipher.getInstance("RSA", "SC"); + + c.init(Cipher.ENCRYPT_MODE, pubKey, rand); + + c.update(input); + + out = c.doFinal(); + + if (!areEqual(out, output[0])) + { + fail("NoPadding test failed on encrypt expected " + new String(Hex.encode(output[0])) + " got " + new String(Hex.encode(out))); + } + + c.init(Cipher.DECRYPT_MODE, privKey); + + out = c.doFinal(out); + + if (!areEqual(out, input)) + { + fail("NoPadding test failed on decrypt expected " + new String(Hex.encode(input)) + " got " + new String(Hex.encode(out))); + } + + // + // No Padding - maximum length + // + c = Cipher.getInstance("RSA", "SC"); + + byte[] modBytes = ((RSAPublicKey)pubKey).getModulus().toByteArray(); + byte[] maxInput = new byte[modBytes.length - 1]; + + maxInput[0] |= 0x7f; + + c.init(Cipher.ENCRYPT_MODE, pubKey, rand); + + out = c.doFinal(maxInput); + + c.init(Cipher.DECRYPT_MODE, privKey); + + out = c.doFinal(out); + + if (!areEqual(out, maxInput)) + { + fail("NoPadding test failed on decrypt expected " + new String(Hex.encode(input)) + " got " + new String(Hex.encode(out))); + } + + // + // PKCS1 V 1.5 + // + c = Cipher.getInstance("RSA/ECB/PKCS1Padding", "SC"); + + c.init(Cipher.ENCRYPT_MODE, pubKey, rand); + + out = c.doFinal(input); + + if (!areEqual(out, output[1])) + { + fail("PKCS1 test failed on encrypt expected " + new String(Hex.encode(output[1])) + " got " + new String(Hex.encode(out))); + } + + c.init(Cipher.DECRYPT_MODE, privKey); + + out = c.doFinal(out); + + if (!areEqual(out, input)) + { + fail("PKCS1 test failed on decrypt expected " + new String(Hex.encode(input)) + " got " + new String(Hex.encode(out))); + } + + // + // OAEP - SHA1 + // + c = Cipher.getInstance("RSA/NONE/OAEPPadding", "SC"); + + c.init(Cipher.ENCRYPT_MODE, pubKey, rand); + + out = c.doFinal(input); + + if (!areEqual(out, output[2])) + { + fail("OAEP test failed on encrypt expected " + new String(Hex.encode(output[2])) + " got " + new String(Hex.encode(out))); + } + + c = Cipher.getInstance("RSA/NONE/OAEPWithSHA1AndMGF1Padding", "SC"); + + c.init(Cipher.DECRYPT_MODE, privKey); + + out = c.doFinal(out); + + if (!areEqual(out, input)) + { + fail("OAEP test failed on decrypt expected " + new String(Hex.encode(input)) + " got " + new String(Hex.encode(out))); + } + + // + // OAEP - SHA224 + // + c = Cipher.getInstance("RSA/NONE/OAEPWithSHA224AndMGF1Padding", "SC"); + + c.init(Cipher.ENCRYPT_MODE, pub2048Key, rand); + + out = c.doFinal(input); + + if (!areEqual(out, output[3])) + { + fail("OAEP SHA-224 test failed on encrypt expected " + new String(Hex.encode(output[2])) + " got " + new String(Hex.encode(out))); + } + + c.init(Cipher.DECRYPT_MODE, priv2048Key); + + out = c.doFinal(out); + + if (!areEqual(out, input)) + { + fail("OAEP SHA-224 test failed on decrypt expected " + new String(Hex.encode(input)) + " got " + new String(Hex.encode(out))); + } + + // + // OAEP - SHA 256 + // + c = Cipher.getInstance("RSA/NONE/OAEPWithSHA256AndMGF1Padding", "SC"); + + c.init(Cipher.ENCRYPT_MODE, pub2048Key, rand); + + out = c.doFinal(input); + + if (!areEqual(out, output[4])) + { + fail("OAEP SHA-256 test failed on encrypt expected " + new String(Hex.encode(output[2])) + " got " + new String(Hex.encode(out))); + } + + c.init(Cipher.DECRYPT_MODE, priv2048Key); + + out = c.doFinal(out); + + if (!areEqual(out, input)) + { + fail("OAEP SHA-256 test failed on decrypt expected " + new String(Hex.encode(input)) + " got " + new String(Hex.encode(out))); + } + + // + // OAEP - SHA 384 + // + c = Cipher.getInstance("RSA/NONE/OAEPWithSHA384AndMGF1Padding", "SC"); + + c.init(Cipher.ENCRYPT_MODE, pub2048Key, rand); + + out = c.doFinal(input); + + if (!areEqual(out, output[5])) + { + fail("OAEP SHA-384 test failed on encrypt expected " + new String(Hex.encode(output[2])) + " got " + new String(Hex.encode(out))); + } + + c.init(Cipher.DECRYPT_MODE, priv2048Key); + + out = c.doFinal(out); + + if (!areEqual(out, input)) + { + fail("OAEP SHA-384 test failed on decrypt expected " + new String(Hex.encode(input)) + " got " + new String(Hex.encode(out))); + } + + // + // OAEP - MD5 + // + c = Cipher.getInstance("RSA/NONE/OAEPWithMD5AndMGF1Padding", "SC"); + + c.init(Cipher.ENCRYPT_MODE, pubKey, rand); + + out = c.doFinal(input); + + if (!areEqual(out, output[6])) + { + fail("OAEP MD5 test failed on encrypt expected " + new String(Hex.encode(output[2])) + " got " + new String(Hex.encode(out))); + } + + c.init(Cipher.DECRYPT_MODE, privKey); + + out = c.doFinal(out); + + if (!areEqual(out, input)) + { + fail("OAEP MD5 test failed on decrypt expected " + new String(Hex.encode(input)) + " got " + new String(Hex.encode(out))); + } + + // + // ISO9796-1 + // + byte[] isoInput = Hex.decode("fedcba9876543210fedcba9876543210fedcba9876543210fedcba9876543210"); + PrivateKey isoPrivKey = fact.generatePrivate(isoPrivKeySpec); + PublicKey isoPubKey = fact.generatePublic(isoPubKeySpec); + + c = Cipher.getInstance("RSA/NONE/ISO9796-1Padding", "SC"); + + c.init(Cipher.ENCRYPT_MODE, isoPrivKey); + + out = c.doFinal(isoInput); + + if (!areEqual(out, output[7])) + { + fail("ISO9796-1 test failed on encrypt expected " + new String(Hex.encode(output[3])) + " got " + new String(Hex.encode(out))); + } + + c.init(Cipher.DECRYPT_MODE, isoPubKey); + + out = c.doFinal(out); + + if (!areEqual(out, isoInput)) + { + fail("ISO9796-1 test failed on decrypt expected " + new String(Hex.encode(input)) + " got " + new String(Hex.encode(out))); + } + + // + // + // generation with parameters test. + // + KeyPairGenerator keyPairGen = + KeyPairGenerator.getInstance("RSA", "SC"); + + // + // 768 bit RSA with e = 2^16-1 + // + keyPairGen.initialize( + new RSAKeyGenParameterSpec(768, + BigInteger.valueOf(65537)), + new SecureRandom()); + + KeyPair kp = keyPairGen.generateKeyPair(); + + pubKey = kp.getPublic(); + privKey = kp.getPrivate(); + + c.init(Cipher.ENCRYPT_MODE, pubKey, rand); + + out = c.doFinal(input); + + c.init(Cipher.DECRYPT_MODE, privKey); + + out = c.doFinal(out); + + if (!areEqual(out, input)) + { + fail("key generation test failed on decrypt expected " + new String(Hex.encode(input)) + " got " + new String(Hex.encode(out))); + } + } + + public String getName() + { + return "RSATest"; + } + + public static void main( + String[] args) + { + Security.addProvider(new BouncyCastleProvider()); + + runTest(new RSATest()); + } +} diff --git a/prov/src/test/jdk1.4/org/spongycastle/jce/provider/test/RegressionTest.java b/prov/src/test/jdk1.4/org/spongycastle/jce/provider/test/RegressionTest.java new file mode 100644 index 00000000..b4e3209f --- /dev/null +++ b/prov/src/test/jdk1.4/org/spongycastle/jce/provider/test/RegressionTest.java @@ -0,0 +1,73 @@ +package org.spongycastle.jce.provider.test; + +import java.security.Security; + +import org.spongycastle.jce.provider.BouncyCastleProvider; +import org.spongycastle.util.test.SimpleTestResult; +import org.spongycastle.util.test.Test; +import org.spongycastle.util.test.TestResult; + +public class RegressionTest +{ + public static Test[] tests = { + new FIPSDESTest(), + new DESedeTest(), + new AESTest(), + new AESSICTest(), + new GOST28147Test(), + new PBETest(), + new BlockCipherTest(), + new MacTest(), + new HMacTest(), + new SealedTest(), + new RSATest(), + new DHTest(), + new DSATest(), + new ImplicitlyCaTest(), + new GOST3410Test(), + new ElGamalTest(), + new ECIESTest(), + new SigTest(), + new CertTest(), + new PKCS10CertRequestTest(), + new EncryptedPrivateKeyInfoTest(), + new KeyStoreTest(), + new PKCS12StoreTest(), + new DigestTest(), + new PSSTest(), + new WrapTest(), + new DoFinalTest(), + new CipherStreamTest(), + new NamedCurveTest(), + new PKIXTest(), + new PKIXPolicyMappingTest(), + new NetscapeCertRequestTest(), + new CertPathTest(), + new CertStoreTest(), + // new CertPathValidatorTest(), + new CertPathBuilderTest(), + new NISTCertPathTest(), + new SerialisationTest() + }; + + public static void main( + String[] args) + { + Security.addProvider(new BouncyCastleProvider()); + + System.out.println("Testing " + Security.getProvider("SC").getInfo() + " version: " + Security.getProvider("SC").getVersion()); + + for (int i = 0; i != tests.length; i++) + { + TestResult result = tests[i].perform(); + + if (((SimpleTestResult)result).getException() != null) + { + ((SimpleTestResult)result).getException().printStackTrace(); + } + + System.out.println(result); + } + } +} + |