← Back to branch summary

~brian-thomason/+junk/bouncycastle

« back to all changes in this revision

Viewing changes to test/src/org/bouncycastle/asn1/test/GenerationTest.java

  • Committer: Brian Thomason
  • Date: 2011-12-20 17:20:32 UTC
  • Revision ID: brian.thomason@canonical.com-20111220172032-rdtm13jgdxtksacr
Initial import

Show diffs side-by-side

added added

removed removed

Lines of Context:
test/src/org/bouncycastle/asn1/test/GenerationTest.java
 
1
package org.bouncycastle.asn1.test;
 
2
 
 
3
import org.bouncycastle.asn1.ASN1EncodableVector;
 
4
import org.bouncycastle.asn1.ASN1InputStream;
 
5
import org.bouncycastle.asn1.ASN1OutputStream;
 
6
import org.bouncycastle.asn1.DERInteger;
 
7
import org.bouncycastle.asn1.DERNull;
 
8
import org.bouncycastle.asn1.DERObject;
 
9
import org.bouncycastle.asn1.DEROctetString;
 
10
import org.bouncycastle.asn1.DERSequence;
 
11
import org.bouncycastle.asn1.oiw.ElGamalParameter;
 
12
import org.bouncycastle.asn1.oiw.OIWObjectIdentifiers;
 
13
import org.bouncycastle.asn1.pkcs.PKCSObjectIdentifiers;
 
14
import org.bouncycastle.asn1.x509.AlgorithmIdentifier;
 
15
import org.bouncycastle.asn1.x509.AuthorityKeyIdentifier;
 
16
import org.bouncycastle.asn1.x509.GeneralName;
 
17
import org.bouncycastle.asn1.x509.GeneralNames;
 
18
import org.bouncycastle.asn1.x509.IssuingDistributionPoint;
 
19
import org.bouncycastle.asn1.x509.KeyUsage;
 
20
import org.bouncycastle.asn1.x509.RSAPublicKeyStructure;
 
21
import org.bouncycastle.asn1.x509.ReasonFlags;
 
22
import org.bouncycastle.asn1.x509.SubjectKeyIdentifier;
 
23
import org.bouncycastle.asn1.x509.SubjectPublicKeyInfo;
 
24
import org.bouncycastle.asn1.x509.TBSCertList;
 
25
import org.bouncycastle.asn1.x509.TBSCertificateStructure;
 
26
import org.bouncycastle.asn1.x509.Time;
 
27
import org.bouncycastle.asn1.x509.V1TBSCertificateGenerator;
 
28
import org.bouncycastle.asn1.x509.V2TBSCertListGenerator;
 
29
import org.bouncycastle.asn1.x509.V3TBSCertificateGenerator;
 
30
import org.bouncycastle.asn1.x509.X509Extension;
 
31
import org.bouncycastle.asn1.x509.X509Extensions;
 
32
import org.bouncycastle.asn1.x509.X509Name;
 
33
import org.bouncycastle.util.Arrays;
 
34
import org.bouncycastle.util.encoders.Base64;
 
35
import org.bouncycastle.util.test.SimpleTest;
 
36
 
 
37
import java.io.ByteArrayInputStream;
 
38
import java.io.ByteArrayOutputStream;
 
39
import java.io.IOException;
 
40
import java.math.BigInteger;
 
41
import java.util.Date;
 
42
import java.util.Hashtable;
 
43
import java.util.Vector;
 
44
 
 
45
public class GenerationTest
 
46
    extends SimpleTest
 
47
{
 
48
    private byte[] v1Cert = Base64.decode(
 
49
          "MIGtAgEBMA0GCSqGSIb3DQEBBAUAMCUxCzAJBgNVBAMMAkFVMRYwFAYDVQQKDA1Cb"
 
50
        + "3VuY3kgQ2FzdGxlMB4XDTcwMDEwMTAwMDAwMVoXDTcwMDEwMTAwMDAxMlowNjELMA"
 
51
        + "kGA1UEAwwCQVUxFjAUBgNVBAoMDUJvdW5jeSBDYXN0bGUxDzANBgNVBAsMBlRlc3Q"
 
52
        + "gMTAaMA0GCSqGSIb3DQEBAQUAAwkAMAYCAQECAQI=");
 
53
 
 
54
    private byte[] v3Cert = Base64.decode(
 
55
          "MIIBSKADAgECAgECMA0GCSqGSIb3DQEBBAUAMCUxCzAJBgNVBAMMAkFVMRYwFAYD"
 
56
        + "VQQKDA1Cb3VuY3kgQ2FzdGxlMB4XDTcwMDEwMTAwMDAwMVoXDTcwMDEwMTAwMDAw"
 
57
        + "MlowNjELMAkGA1UEAwwCQVUxFjAUBgNVBAoMDUJvdW5jeSBDYXN0bGUxDzANBgNV"
 
58
        + "BAsMBlRlc3QgMjAYMBAGBisOBwIBATAGAgEBAgECAwQAAgEDo4GVMIGSMGEGA1Ud"
 
59
        + "IwEB/wRXMFWAFDZPdpHPzKi7o8EJokkQU2uqCHRRoTqkODA2MQswCQYDVQQDDAJB"
 
60
        + "VTEWMBQGA1UECgwNQm91bmN5IENhc3RsZTEPMA0GA1UECwwGVGVzdCAyggECMCAG"
 
61
        + "A1UdDgEB/wQWBBQ2T3aRz8you6PBCaJJEFNrqgh0UTALBgNVHQ8EBAMCBBA=");
 
62
 
 
63
    private byte[] v3CertNullSubject = Base64.decode(
 
64
          "MIHGoAMCAQICAQIwDQYJKoZIhvcNAQEEBQAwJTELMAkGA1UEAwwCQVUxFjAUBgNVB"
 
65
        + "AoMDUJvdW5jeSBDYXN0bGUwHhcNNzAwMTAxMDAwMDAxWhcNNzAwMTAxMDAwMDAyWj"
 
66
        + "AAMBgwEAYGKw4HAgEBMAYCAQECAQIDBAACAQOjSjBIMEYGA1UdEQEB/wQ8MDqkODA"
 
67
        + "2MQswCQYDVQQDDAJBVTEWMBQGA1UECgwNQm91bmN5IENhc3RsZTEPMA0GA1UECwwG"
 
68
        + "VGVzdCAy");
 
69
 
 
70
    private byte[] v2CertList = Base64.decode(
 
71
          "MIIBRQIBATANBgkqhkiG9w0BAQUFADAlMQswCQYDVQQDDAJBVTEWMBQGA1UECgwN"
 
72
        + "Qm91bmN5IENhc3RsZRcNNzAwMTAxMDAwMDAwWhcNNzAwMTAxMDAwMDAyWjAkMCIC"
 
73
        + "AQEXDTcwMDEwMTAwMDAwMVowDjAMBgNVHRUEBQoDAIAAoIHFMIHCMGEGA1UdIwEB"
 
74
        + "/wRXMFWAFDZPdpHPzKi7o8EJokkQU2uqCHRRoTqkODA2MQswCQYDVQQDDAJBVTEW"
 
75
        + "MBQGA1UECgwNQm91bmN5IENhc3RsZTEPMA0GA1UECwwGVGVzdCAyggECMEMGA1Ud"
 
76
        + "EgQ8MDqkODA2MQswCQYDVQQDDAJBVTEWMBQGA1UECgwNQm91bmN5IENhc3RsZTEP"
 
77
        + "MA0GA1UECwwGVGVzdCAzMAoGA1UdFAQDAgEBMAwGA1UdHAEB/wQCMAA=");
 
78
    
 
79
    private void tbsV1CertGen()
 
80
        throws IOException
 
81
    {
 
82
        V1TBSCertificateGenerator   gen = new V1TBSCertificateGenerator();
 
83
        Date                        startDate = new Date(1000);
 
84
        Date                        endDate = new Date(12000);
 
85
 
 
86
        gen.setSerialNumber(new DERInteger(1));
 
87
 
 
88
        gen.setStartDate(new Time(startDate));
 
89
        gen.setEndDate(new Time(endDate));
 
90
 
 
91
        gen.setIssuer(new X509Name("CN=AU,O=Bouncy Castle"));
 
92
        gen.setSubject(new X509Name("CN=AU,O=Bouncy Castle,OU=Test 1"));
 
93
 
 
94
        gen.setSignature(new AlgorithmIdentifier(PKCSObjectIdentifiers.md5WithRSAEncryption, new DERNull()));
 
95
 
 
96
        SubjectPublicKeyInfo    info = new SubjectPublicKeyInfo(new AlgorithmIdentifier(PKCSObjectIdentifiers.rsaEncryption, new DERNull()),
 
97
                                                     new RSAPublicKeyStructure(BigInteger.valueOf(1), BigInteger.valueOf(2)));
 
98
 
 
99
        gen.setSubjectPublicKeyInfo(info);
 
100
 
 
101
        TBSCertificateStructure     tbs = gen.generateTBSCertificate();
 
102
        ByteArrayOutputStream       bOut = new ByteArrayOutputStream();
 
103
        ASN1OutputStream            aOut = new ASN1OutputStream(bOut);
 
104
 
 
105
        aOut.writeObject(tbs);
 
106
 
 
107
        if (!Arrays.areEqual(bOut.toByteArray(), v1Cert))
 
108
        {
 
109
            fail("failed v1 cert generation");
 
110
        }
 
111
 
 
112
        //
 
113
        // read back test
 
114
        //
 
115
        ASN1InputStream aIn = new ASN1InputStream(new ByteArrayInputStream(v1Cert));
 
116
        DERObject       o = aIn.readObject();
 
117
 
 
118
        bOut = new ByteArrayOutputStream();
 
119
        aOut = new ASN1OutputStream(bOut);
 
120
 
 
121
        aOut.writeObject(o);
 
122
 
 
123
        if (!Arrays.areEqual(bOut.toByteArray(), v1Cert))
 
124
        {
 
125
            fail("failed v1 cert read back test");
 
126
        }
 
127
    }
 
128
    
 
129
    private AuthorityKeyIdentifier createAuthorityKeyId(
 
130
        SubjectPublicKeyInfo    info,
 
131
        X509Name                name,
 
132
        int                     sNumber)
 
133
    {
 
134
        GeneralName             genName = new GeneralName(name);
 
135
        ASN1EncodableVector     v = new ASN1EncodableVector();
 
136
 
 
137
        v.add(genName);
 
138
 
 
139
        return new AuthorityKeyIdentifier(
 
140
            info, new GeneralNames(new DERSequence(v)), BigInteger.valueOf(sNumber));
 
141
    }
 
142
    
 
143
    private void tbsV3CertGen()
 
144
        throws IOException
 
145
    {
 
146
        V3TBSCertificateGenerator   gen = new V3TBSCertificateGenerator();
 
147
        Date                        startDate = new Date(1000);
 
148
        Date                        endDate = new Date(2000);
 
149
 
 
150
        gen.setSerialNumber(new DERInteger(2));
 
151
 
 
152
        gen.setStartDate(new Time(startDate));
 
153
        gen.setEndDate(new Time(endDate));
 
154
 
 
155
        gen.setIssuer(new X509Name("CN=AU,O=Bouncy Castle"));
 
156
        gen.setSubject(new X509Name("CN=AU,O=Bouncy Castle,OU=Test 2"));
 
157
 
 
158
        gen.setSignature(new AlgorithmIdentifier(PKCSObjectIdentifiers.md5WithRSAEncryption, new DERNull()));
 
159
 
 
160
        SubjectPublicKeyInfo    info = new SubjectPublicKeyInfo(new AlgorithmIdentifier(OIWObjectIdentifiers.elGamalAlgorithm, new ElGamalParameter(BigInteger.valueOf(1), BigInteger.valueOf(2))), new DERInteger(3));
 
161
 
 
162
        gen.setSubjectPublicKeyInfo(info);
 
163
 
 
164
        //
 
165
        // add extensions
 
166
        //
 
167
        Vector          order = new Vector();
 
168
        Hashtable       extensions = new Hashtable();
 
169
 
 
170
        order.addElement(X509Extensions.AuthorityKeyIdentifier);
 
171
        order.addElement(X509Extensions.SubjectKeyIdentifier);
 
172
        order.addElement(X509Extensions.KeyUsage);
 
173
 
 
174
        extensions.put(X509Extensions.AuthorityKeyIdentifier, new X509Extension(true, new DEROctetString(createAuthorityKeyId(info, new X509Name("CN=AU,O=Bouncy Castle,OU=Test 2"), 2))));
 
175
        extensions.put(X509Extensions.SubjectKeyIdentifier, new X509Extension(true, new DEROctetString(new SubjectKeyIdentifier(info))));
 
176
        extensions.put(X509Extensions.KeyUsage, new X509Extension(false, new DEROctetString(new KeyUsage(KeyUsage.dataEncipherment))));
 
177
 
 
178
        X509Extensions  ex = new X509Extensions(order, extensions);
 
179
 
 
180
        gen.setExtensions(ex);
 
181
 
 
182
        TBSCertificateStructure     tbs = gen.generateTBSCertificate();
 
183
        ByteArrayOutputStream       bOut = new ByteArrayOutputStream();
 
184
        ASN1OutputStream            aOut = new ASN1OutputStream(bOut);
 
185
 
 
186
        aOut.writeObject(tbs);
 
187
 
 
188
        if (!Arrays.areEqual(bOut.toByteArray(), v3Cert))
 
189
        {
 
190
            fail("failed v3 cert generation");
 
191
        }
 
192
 
 
193
        //
 
194
        // read back test
 
195
        //
 
196
        ASN1InputStream aIn = new ASN1InputStream(new ByteArrayInputStream(v3Cert));
 
197
        DERObject       o = aIn.readObject();
 
198
 
 
199
        bOut = new ByteArrayOutputStream();
 
200
        aOut = new ASN1OutputStream(bOut);
 
201
 
 
202
        aOut.writeObject(o);
 
203
 
 
204
        if (!Arrays.areEqual(bOut.toByteArray(), v3Cert))
 
205
        {
 
206
            fail("failed v3 cert read back test");
 
207
        }
 
208
    }
 
209
 
 
210
    private void tbsV3CertGenWithNullSubject()
 
211
        throws IOException
 
212
    {
 
213
        V3TBSCertificateGenerator   gen = new V3TBSCertificateGenerator();
 
214
        Date                        startDate = new Date(1000);
 
215
        Date                        endDate = new Date(2000);
 
216
 
 
217
        gen.setSerialNumber(new DERInteger(2));
 
218
 
 
219
        gen.setStartDate(new Time(startDate));
 
220
        gen.setEndDate(new Time(endDate));
 
221
 
 
222
        gen.setIssuer(new X509Name("CN=AU,O=Bouncy Castle"));
 
223
 
 
224
        gen.setSignature(new AlgorithmIdentifier(PKCSObjectIdentifiers.md5WithRSAEncryption, new DERNull()));
 
225
 
 
226
        SubjectPublicKeyInfo    info = new SubjectPublicKeyInfo(new AlgorithmIdentifier(OIWObjectIdentifiers.elGamalAlgorithm, new ElGamalParameter(BigInteger.valueOf(1), BigInteger.valueOf(2))), new DERInteger(3));
 
227
 
 
228
        gen.setSubjectPublicKeyInfo(info);
 
229
 
 
230
        try
 
231
        {
 
232
            gen.generateTBSCertificate();
 
233
            fail("null subject not caught!");
 
234
        }
 
235
        catch (IllegalStateException e)
 
236
        {
 
237
            if (!e.getMessage().equals("not all mandatory fields set in V3 TBScertificate generator"))
 
238
            {
 
239
                fail("unexpected exception", e);
 
240
            }
 
241
        }
 
242
 
 
243
        //
 
244
        // add extensions
 
245
        //
 
246
        Vector          order = new Vector();
 
247
        Hashtable       extensions = new Hashtable();
 
248
 
 
249
        order.addElement(X509Extensions.SubjectAlternativeName);
 
250
 
 
251
        extensions.put(X509Extensions.SubjectAlternativeName, new X509Extension(true, new DEROctetString(new GeneralNames(new GeneralName(new X509Name("CN=AU,O=Bouncy Castle,OU=Test 2"))))));
 
252
 
 
253
        X509Extensions  ex = new X509Extensions(order, extensions);
 
254
 
 
255
        gen.setExtensions(ex);
 
256
 
 
257
        TBSCertificateStructure     tbs = gen.generateTBSCertificate();
 
258
        ByteArrayOutputStream       bOut = new ByteArrayOutputStream();
 
259
        ASN1OutputStream            aOut = new ASN1OutputStream(bOut);
 
260
 
 
261
        aOut.writeObject(tbs);
 
262
 
 
263
        if (!Arrays.areEqual(bOut.toByteArray(), v3CertNullSubject))
 
264
        {
 
265
            fail("failed v3 null sub cert generation");
 
266
        }
 
267
 
 
268
        //
 
269
        // read back test
 
270
        //
 
271
        ASN1InputStream aIn = new ASN1InputStream(new ByteArrayInputStream(v3CertNullSubject));
 
272
        DERObject       o = aIn.readObject();
 
273
 
 
274
        bOut = new ByteArrayOutputStream();
 
275
        aOut = new ASN1OutputStream(bOut);
 
276
 
 
277
        aOut.writeObject(o);
 
278
 
 
279
        if (!Arrays.areEqual(bOut.toByteArray(), v3CertNullSubject))
 
280
        {
 
281
            fail("failed v3 null sub cert read back test");
 
282
        }
 
283
    }
 
284
 
 
285
    private void tbsV2CertListGen()
 
286
        throws IOException
 
287
    {
 
288
        V2TBSCertListGenerator  gen = new V2TBSCertListGenerator();
 
289
 
 
290
        gen.setIssuer(new X509Name("CN=AU,O=Bouncy Castle"));
 
291
 
 
292
        gen.addCRLEntry(new DERInteger(1), new Time(new Date(1000)), ReasonFlags.aACompromise);
 
293
 
 
294
        gen.setNextUpdate(new Time(new Date(2000)));
 
295
 
 
296
        gen.setThisUpdate(new Time(new Date(500)));
 
297
 
 
298
        gen.setSignature(new AlgorithmIdentifier(PKCSObjectIdentifiers.sha1WithRSAEncryption, new DERNull()));
 
299
 
 
300
        //
 
301
        // extensions
 
302
        //
 
303
        Vector                  order = new Vector();
 
304
        Hashtable               extensions = new Hashtable();
 
305
        SubjectPublicKeyInfo    info = new SubjectPublicKeyInfo(new AlgorithmIdentifier(OIWObjectIdentifiers.elGamalAlgorithm, new ElGamalParameter(BigInteger.valueOf(1), BigInteger.valueOf(2))), new DERInteger(3));
 
306
 
 
307
        order.addElement(X509Extensions.AuthorityKeyIdentifier);
 
308
        order.addElement(X509Extensions.IssuerAlternativeName);
 
309
        order.addElement(X509Extensions.CRLNumber);
 
310
        order.addElement(X509Extensions.IssuingDistributionPoint);
 
311
 
 
312
        extensions.put(X509Extensions.AuthorityKeyIdentifier, new X509Extension(true, new DEROctetString(createAuthorityKeyId(info, new X509Name("CN=AU,O=Bouncy Castle,OU=Test 2"), 2))));
 
313
        extensions.put(X509Extensions.IssuerAlternativeName, new X509Extension(false, new DEROctetString(new GeneralNames(new DERSequence(new GeneralName(new X509Name("CN=AU,O=Bouncy Castle,OU=Test 3")))))));
 
314
        extensions.put(X509Extensions.CRLNumber, new X509Extension(false, new DEROctetString(new DERInteger(1))));
 
315
        extensions.put(X509Extensions.IssuingDistributionPoint, new X509Extension(true, new DEROctetString(new IssuingDistributionPoint(new DERSequence()))));
 
316
 
 
317
        X509Extensions          ex = new X509Extensions(order, extensions);
 
318
 
 
319
        gen.setExtensions(ex);
 
320
 
 
321
        TBSCertList                 tbs = gen.generateTBSCertList();
 
322
        ByteArrayOutputStream       bOut = new ByteArrayOutputStream();
 
323
        ASN1OutputStream            aOut = new ASN1OutputStream(bOut);
 
324
 
 
325
        aOut.writeObject(tbs);
 
326
 
 
327
        if (!Arrays.areEqual(bOut.toByteArray(), v2CertList))
 
328
        {
 
329
            fail("failed v2 cert list generation");
 
330
        }
 
331
 
 
332
        //
 
333
        // read back test
 
334
        //
 
335
        ASN1InputStream aIn = new ASN1InputStream(new ByteArrayInputStream(v2CertList));
 
336
        DERObject       o = aIn.readObject();
 
337
 
 
338
        bOut = new ByteArrayOutputStream();
 
339
        aOut = new ASN1OutputStream(bOut);
 
340
 
 
341
        aOut.writeObject(o);
 
342
 
 
343
        if (!Arrays.areEqual(bOut.toByteArray(), v2CertList))
 
344
        {
 
345
            fail("failed v2 cert list read back test");
 
346
        }
 
347
    }
 
348
    
 
349
    public void performTest()
 
350
        throws Exception
 
351
    {
 
352
        tbsV1CertGen();
 
353
        tbsV3CertGen();
 
354
        tbsV3CertGenWithNullSubject();
 
355
        tbsV2CertListGen();
 
356
    }
 
357
 
 
358
    public String getName()
 
359
    {
 
360
        return "Generation";
 
361
    }
 
362
    
 
363
    public static void main(
 
364
        String[] args)
 
365
    {
 
366
        runTest(new GenerationTest());
 
367
    }
 
368
}