1
package org.bouncycastle.cms.test;
3
import java.io.IOException;
4
import java.security.GeneralSecurityException;
5
import java.security.Key;
6
import java.security.KeyFactory;
7
import java.security.KeyPair;
8
import java.security.NoSuchAlgorithmException;
9
import java.security.NoSuchProviderException;
10
import java.security.PrivateKey;
11
import java.security.Security;
12
import java.security.cert.CertificateEncodingException;
13
import java.security.cert.X509Certificate;
14
import java.security.spec.PKCS8EncodedKeySpec;
15
import java.util.ArrayList;
16
import java.util.Arrays;
17
import java.util.Collection;
18
import java.util.Iterator;
20
import javax.crypto.SecretKey;
21
import javax.crypto.spec.SecretKeySpec;
23
import junit.framework.Test;
24
import junit.framework.TestCase;
25
import junit.framework.TestSuite;
26
import org.bouncycastle.asn1.ASN1InputStream;
27
import org.bouncycastle.asn1.ASN1Sequence;
28
import org.bouncycastle.asn1.DERObjectIdentifier;
29
import org.bouncycastle.asn1.DEROctetString;
30
import org.bouncycastle.asn1.kisa.KISAObjectIdentifiers;
31
import org.bouncycastle.asn1.nist.NISTObjectIdentifiers;
32
import org.bouncycastle.asn1.ntt.NTTObjectIdentifiers;
33
import org.bouncycastle.asn1.pkcs.PKCSObjectIdentifiers;
34
import org.bouncycastle.cms.CMSEnvelopedData;
35
import org.bouncycastle.cms.CMSEnvelopedDataGenerator;
36
import org.bouncycastle.cms.CMSException;
37
import org.bouncycastle.cms.CMSPBEKey;
38
import org.bouncycastle.cms.CMSProcessableByteArray;
39
import org.bouncycastle.cms.KeyTransRecipientInformation;
40
import org.bouncycastle.cms.PKCS5Scheme2PBEKey;
41
import org.bouncycastle.cms.PKCS5Scheme2UTF8PBEKey;
42
import org.bouncycastle.cms.PasswordRecipientInformation;
43
import org.bouncycastle.cms.RecipientId;
44
import org.bouncycastle.cms.RecipientInformation;
45
import org.bouncycastle.cms.RecipientInformationStore;
46
import org.bouncycastle.cms.jcajce.JceKeyAgreeRecipientId;
47
import org.bouncycastle.jce.provider.BouncyCastleProvider;
48
import org.bouncycastle.util.encoders.Base64;
49
import org.bouncycastle.util.encoders.Hex;
51
public class EnvelopedDataTest
54
private static final String BC = BouncyCastleProvider.PROVIDER_NAME;
56
private static String _signDN;
57
private static KeyPair _signKP;
58
private static X509Certificate _signCert;
60
private static String _origDN;
61
private static KeyPair _origKP;
62
private static X509Certificate _origCert;
64
private static String _reciDN;
65
private static String _reciDN2;
66
private static KeyPair _reciKP;
67
private static X509Certificate _reciCert;
69
private static KeyPair _origEcKP;
70
private static KeyPair _reciEcKP;
71
private static X509Certificate _reciEcCert;
72
private static KeyPair _reciEcKP2;
73
private static X509Certificate _reciEcCert2;
75
private static boolean _initialised = false;
77
private byte[] oldKEK = Base64.decode(
78
"MIAGCSqGSIb3DQEHA6CAMIACAQIxQaI/MD0CAQQwBwQFAQIDBAUwDQYJYIZIAWUDBAEFBQAEI"
79
+ "Fi2eHTPM4bQSjP4DUeDzJZLpfemW2gF1SPq7ZPHJi1mMIAGCSqGSIb3DQEHATAUBggqhkiG9w"
80
+ "0DBwQImtdGyUdGGt6ggAQYk9X9z01YFBkU7IlS3wmsKpm/zpZClTceAAAAAAAAAAAAAA==");
82
private byte[] ecKeyAgreeMsgAES256 = Base64.decode(
83
"MIAGCSqGSIb3DQEHA6CAMIACAQIxgcShgcECAQOgQ6FBMAsGByqGSM49AgEF"
84
+ "AAMyAAPdXlSTpub+qqno9hUGkUDl+S3/ABhPziIB5yGU4678tgOgU5CiKG9Z"
85
+ "kfnabIJ3nZYwGgYJK4EFEIZIPwACMA0GCWCGSAFlAwQBLQUAMFswWTAtMCgx"
86
+ "EzARBgNVBAMTCkFkbWluLU1EU0UxETAPBgNVBAoTCDRCQ1QtMklEAgEBBCi/"
87
+ "rJRLbFwEVW6PcLLmojjW9lI/xGD7CfZzXrqXFw8iHaf3hTRau1gYMIAGCSqG"
88
+ "SIb3DQEHATAdBglghkgBZQMEASoEEMtCnKKPwccmyrbgeSIlA3qggAQQDLw8"
89
+ "pNJR97bPpj6baG99bQQQwhEDsoj5Xg1oOxojHVcYzAAAAAAAAAAAAAA=");
91
private byte[] ecKeyAgreeMsgAES128 = Base64.decode(
92
"MIAGCSqGSIb3DQEHA6CAMIACAQIxgbShgbECAQOgQ6FBMAsGByqGSM49AgEF"
93
+ "AAMyAAL01JLEgKvKh5rbxI/hOxs/9WEezMIsAbUaZM4l5tn3CzXAN505nr5d"
94
+ "LhrcurMK+tAwGgYJK4EFEIZIPwACMA0GCWCGSAFlAwQBBQUAMEswSTAtMCgx"
95
+ "EzARBgNVBAMTCkFkbWluLU1EU0UxETAPBgNVBAoTCDRCQ1QtMklEAgEBBBhi"
96
+ "FLjc5g6aqDT3f8LomljOwl1WTrplUT8wgAYJKoZIhvcNAQcBMB0GCWCGSAFl"
97
+ "AwQBAgQQzXjms16Y69S/rB0EbHqRMaCABBAFmc/QdVW6LTKdEy97kaZzBBBa"
98
+ "fQuviUS03NycpojELx0bAAAAAAAAAAAAAA==");
100
private byte[] ecKeyAgreeMsgDESEDE = Base64.decode(
101
"MIAGCSqGSIb3DQEHA6CAMIACAQIxgcahgcMCAQOgQ6FBMAsGByqGSM49AgEF"
102
+ "AAMyAALIici6Nx1WN5f0ThH2A8ht9ovm0thpC5JK54t73E1RDzCifePaoQo0"
103
+ "xd6sUqoyGaYwHAYJK4EFEIZIPwACMA8GCyqGSIb3DQEJEAMGBQAwWzBZMC0w"
104
+ "KDETMBEGA1UEAxMKQWRtaW4tTURTRTERMA8GA1UEChMINEJDVC0ySUQCAQEE"
105
+ "KJuqZQ1NB1vXrKPOnb4TCpYOsdm6GscWdwAAZlm2EHMp444j0s55J9wwgAYJ"
106
+ "KoZIhvcNAQcBMBQGCCqGSIb3DQMHBAjwnsDMsafCrKCABBjyPvqFOVMKxxut"
107
+ "VfTx4fQlNGJN8S2ATRgECMcTQ/dsmeViAAAAAAAAAAAAAA==");
109
private byte[] ecMQVKeyAgreeMsgAES128 = Base64.decode(
110
"MIAGCSqGSIb3DQEHA6CAMIACAQIxgf2hgfoCAQOgQ6FBMAsGByqGSM49AgEF"
111
+ "AAMyAAPDKU+0H58tsjpoYmYCInMr/FayvCCkupebgsnpaGEB7qS9vzcNVUj6"
112
+ "mrnmiC2grpmhRwRFMEMwQTALBgcqhkjOPQIBBQADMgACZpD13z9c7DzRWx6S"
113
+ "0xdbq3S+EJ7vWO+YcHVjTD8NcQDcZcWASW899l1PkL936zsuMBoGCSuBBRCG"
114
+ "SD8AEDANBglghkgBZQMEAQUFADBLMEkwLTAoMRMwEQYDVQQDEwpBZG1pbi1N"
115
+ "RFNFMREwDwYDVQQKEwg0QkNULTJJRAIBAQQYFq58L71nyMK/70w3nc6zkkRy"
116
+ "RL7DHmpZMIAGCSqGSIb3DQEHATAdBglghkgBZQMEAQIEEDzRUpreBsZXWHBe"
117
+ "onxOtSmggAQQ7csAZXwT1lHUqoazoy8bhAQQq+9Zjj8iGdOWgyebbfj67QAA"
121
private byte[] ecKeyAgreeKey = Base64.decode(
122
"MIG2AgEAMBAGByqGSM49AgEGBSuBBAAiBIGeMIGbAgEBBDC8vp7xVTbKSgYVU5Wc"
123
+ "hGkWbzaj+yUFETIWP1Dt7+WSpq3ikSPdl7PpHPqnPVZfoIWhZANiAgSYHTgxf+Dd"
124
+ "Tt84dUvuSKkFy3RhjxJmjwIscK6zbEUzKhcPQG2GHzXhWK5x1kov0I74XpGhVkya"
125
+ "ElH5K6SaOXiXAzcyNGggTOk4+ZFnz5Xl0pBje3zKxPhYu0SnCw7Pcqw=");
127
private byte[] bobPrivRsaEncrypt = Base64.decode(
128
"MIIChQIBADANBgkqhkiG9w0BAQEFAASCAmAwggJcAgEAAoGBAKnhZ5g/OdVf"
129
+ "8qCTQV6meYmFyDVdmpFb+x0B2hlwJhcPvaUi0DWFbXqYZhRBXM+3twg7CcmR"
130
+ "uBlpN235ZR572akzJKN/O7uvRgGGNjQyywcDWVL8hYsxBLjMGAgUSOZPHPtd"
131
+ "YMTgXB9T039T2GkB8QX4enDRvoPGXzjPHCyqaqfrAgMBAAECgYBnzUhMmg2P"
132
+ "mMIbZf8ig5xt8KYGHbztpwOIlPIcaw+LNd4Ogngwy+e6alatd8brUXlweQqg"
133
+ "9P5F4Kmy9Bnah5jWMIR05PxZbMHGd9ypkdB8MKCixQheIXFD/A0HPfD6bRSe"
134
+ "TmPwF1h5HEuYHD09sBvf+iU7o8AsmAX2EAnYh9sDGQJBANDDIsbeopkYdo+N"
135
+ "vKZ11mY/1I1FUox29XLE6/BGmvE+XKpVC5va3Wtt+Pw7PAhDk7Vb/s7q/WiE"
136
+ "I2Kv8zHCueUCQQDQUfweIrdb7bWOAcjXq/JY1PeClPNTqBlFy2bKKBlf4hAr"
137
+ "84/sajB0+E0R9KfEILVHIdxJAfkKICnwJAiEYH2PAkA0umTJSChXdNdVUN5q"
138
+ "SO8bKlocSHseIVnDYDubl6nA7xhmqU5iUjiEzuUJiEiUacUgFJlaV/4jbOSn"
139
+ "I3vQgLeFAkEAni+zN5r7CwZdV+EJBqRd2ZCWBgVfJAZAcpw6iIWchw+dYhKI"
140
+ "FmioNRobQ+g4wJhprwMKSDIETukPj3d9NDAlBwJAVxhn1grStavCunrnVNqc"
141
+ "BU+B1O8BiR4yPWnLMcRSyFRVJQA7HCp8JlDV6abXd8vPFfXuC9WN7rOvTKF8"
142
+ "Y0ZB9qANMAsGA1UdDzEEAwIAEA==");
144
private byte[] rfc4134ex5_1 = Base64.decode(
145
"MIIBHgYJKoZIhvcNAQcDoIIBDzCCAQsCAQAxgcAwgb0CAQAwJjASMRAwDgYD"
146
+ "VQQDEwdDYXJsUlNBAhBGNGvHgABWvBHTbi7NXXHQMA0GCSqGSIb3DQEBAQUA"
147
+ "BIGAC3EN5nGIiJi2lsGPcP2iJ97a4e8kbKQz36zg6Z2i0yx6zYC4mZ7mX7FB"
148
+ "s3IWg+f6KgCLx3M1eCbWx8+MDFbbpXadCDgO8/nUkUNYeNxJtuzubGgzoyEd"
149
+ "8Ch4H/dd9gdzTd+taTEgS0ipdSJuNnkVY4/M652jKKHRLFf02hosdR8wQwYJ"
150
+ "KoZIhvcNAQcBMBQGCCqGSIb3DQMHBAgtaMXpRwZRNYAgDsiSf8Z9P43LrY4O"
151
+ "xUk660cu1lXeCSFOSOpOJ7FuVyU=");
153
private byte[] rfc4134ex5_2 = Base64.decode(
154
"MIIBZQYJKoZIhvcNAQcDoIIBVjCCAVICAQIxggEAMIG9AgEAMCYwEjEQMA4G"
155
+ "A1UEAxMHQ2FybFJTQQIQRjRrx4AAVrwR024uzV1x0DANBgkqhkiG9w0BAQEF"
156
+ "AASBgJQmQojGi7Z4IP+CVypBmNFoCDoEp87khtgyff2N4SmqD3RxPx+8hbLQ"
157
+ "t9i3YcMwcap+aiOkyqjMalT03VUC0XBOGv+HYI3HBZm/aFzxoq+YOXAWs5xl"
158
+ "GerZwTOc9j6AYlK4qXvnztR5SQ8TBjlzytm4V7zg+TGrnGVNQBNw47Ewoj4C"
159
+ "AQQwDQQLTWFpbExpc3RSQzIwEAYLKoZIhvcNAQkQAwcCAToEGHcUr5MSJ/g9"
160
+ "HnJVHsQ6X56VcwYb+OfojTBJBgkqhkiG9w0BBwEwGgYIKoZIhvcNAwIwDgIC"
161
+ "AKAECJwE0hkuKlWhgCBeKNXhojuej3org9Lt7n+wWxOhnky5V50vSpoYRfRR"
164
public EnvelopedDataTest()
168
private static void init()
175
_signDN = "O=Bouncy Castle, C=AU";
176
_signKP = CMSTestUtil.makeKeyPair();
177
_signCert = CMSTestUtil.makeCertificate(_signKP, _signDN, _signKP, _signDN);
179
_origDN = "CN=Bob, OU=Sales, O=Bouncy Castle, C=AU";
180
_origKP = CMSTestUtil.makeKeyPair();
181
_origCert = CMSTestUtil.makeCertificate(_origKP, _origDN, _signKP, _signDN);
183
_reciDN = "CN=Doug, OU=Sales, O=Bouncy Castle, C=AU";
184
_reciDN2 = "CN=Fred, OU=Sales, O=Bouncy Castle, C=AU";
185
_reciKP = CMSTestUtil.makeKeyPair();
186
_reciCert = CMSTestUtil.makeCertificate(_reciKP, _reciDN, _signKP, _signDN);
188
_origEcKP = CMSTestUtil.makeEcDsaKeyPair();
189
_reciEcKP = CMSTestUtil.makeEcDsaKeyPair();
190
_reciEcCert = CMSTestUtil.makeCertificate(_reciEcKP, _reciDN, _signKP, _signDN);
191
_reciEcKP2 = CMSTestUtil.makeEcDsaKeyPair();
192
_reciEcCert2 = CMSTestUtil.makeCertificate(_reciEcKP2, _reciDN2, _signKP, _signDN);
196
public static void main(
200
junit.textui.TestRunner.run(EnvelopedDataTest.suite());
203
public static Test suite()
208
return new CMSTestSetup(new TestSuite(EnvelopedDataTest.class));
211
public void testKeyTrans()
214
byte[] data = "WallaWallaWashington".getBytes();
216
CMSEnvelopedDataGenerator edGen = new CMSEnvelopedDataGenerator();
218
edGen.addKeyTransRecipient(_reciCert);
220
CMSEnvelopedData ed = edGen.generate(
221
new CMSProcessableByteArray(data),
222
CMSEnvelopedDataGenerator.DES_EDE3_CBC, BC);
224
RecipientInformationStore recipients = ed.getRecipientInfos();
227
assertEquals(ed.getEncryptionAlgOID(), CMSEnvelopedDataGenerator.DES_EDE3_CBC);
229
Collection c = recipients.getRecipients();
231
assertEquals(1, c.size());
233
Iterator it = c.iterator();
237
RecipientInformation recipient = (RecipientInformation)it.next();
239
assertEquals(recipient.getKeyEncryptionAlgOID(), PKCSObjectIdentifiers.rsaEncryption.getId());
241
byte[] recData = recipient.getContent(_reciKP.getPrivate(), BC);
243
assertEquals(true, Arrays.equals(data, recData));
247
public void testKeyTransCAST5SunJCE()
250
if (Security.getProvider("SunJCE") == null)
255
String version = System.getProperty("java.version");
256
if (version.startsWith("1.4") || version.startsWith("1.3"))
261
byte[] data = "WallaWallaWashington".getBytes();
263
CMSEnvelopedDataGenerator edGen = new CMSEnvelopedDataGenerator();
265
edGen.addKeyTransRecipient(_reciCert);
267
CMSEnvelopedData ed = edGen.generate(
268
new CMSProcessableByteArray(data),
269
CMSEnvelopedDataGenerator.CAST5_CBC, "SunJCE");
270
RecipientInformationStore recipients = ed.getRecipientInfos();
272
assertEquals(ed.getEncryptionAlgOID(), CMSEnvelopedDataGenerator.CAST5_CBC);
274
Collection c = recipients.getRecipients();
276
assertEquals(1, c.size());
278
Iterator it = c.iterator();
282
RecipientInformation recipient = (RecipientInformation)it.next();
284
assertEquals(recipient.getKeyEncryptionAlgOID(), PKCSObjectIdentifiers.rsaEncryption.getId());
286
byte[] recData = recipient.getContent(_reciKP.getPrivate(), "SunJCE");
288
assertEquals(true, Arrays.equals(data, recData));
292
public void testKeyTransRC4()
295
byte[] data = "WallaWallaBouncyCastle".getBytes();
297
CMSEnvelopedDataGenerator edGen = new CMSEnvelopedDataGenerator();
299
edGen.addKeyTransRecipient(_reciCert);
301
CMSEnvelopedData ed = edGen.generate(
302
new CMSProcessableByteArray(data),
303
"1.2.840.113549.3.4", BC);
305
RecipientInformationStore recipients = ed.getRecipientInfos();
307
assertEquals(ed.getEncryptionAlgOID(), "1.2.840.113549.3.4");
309
Collection c = recipients.getRecipients();
311
assertEquals(1, c.size());
313
Iterator it = c.iterator();
317
RecipientInformation recipient = (RecipientInformation)it.next();
319
byte[] recData = recipient.getContent(_reciKP.getPrivate(), BC);
321
assertEquals(true, Arrays.equals(data, recData));
325
public void testKeyTrans128RC4()
328
byte[] data = "WallaWallaBouncyCastle".getBytes();
330
CMSEnvelopedDataGenerator edGen = new CMSEnvelopedDataGenerator();
332
edGen.addKeyTransRecipient(_reciCert);
334
CMSEnvelopedData ed = edGen.generate(
335
new CMSProcessableByteArray(data),
336
"1.2.840.113549.3.4", 128, BC);
338
RecipientInformationStore recipients = ed.getRecipientInfos();
340
assertEquals(ed.getEncryptionAlgOID(), "1.2.840.113549.3.4");
342
Collection c = recipients.getRecipients();
343
Iterator it = c.iterator();
347
RecipientInformation recipient = (RecipientInformation)it.next();
349
byte[] recData = recipient.getContent(_reciKP.getPrivate(), BC);
351
assertEquals(true, Arrays.equals(data, recData));
355
fail("no recipient found");
359
public void testKeyTransODES()
362
byte[] data = "WallaWallaBouncyCastle".getBytes();
364
CMSEnvelopedDataGenerator edGen = new CMSEnvelopedDataGenerator();
366
edGen.addKeyTransRecipient(_reciCert);
368
CMSEnvelopedData ed = edGen.generate(
369
new CMSProcessableByteArray(data),
372
RecipientInformationStore recipients = ed.getRecipientInfos();
374
assertEquals(ed.getEncryptionAlgOID(), "1.3.14.3.2.7");
376
Collection c = recipients.getRecipients();
377
Iterator it = c.iterator();
381
RecipientInformation recipient = (RecipientInformation)it.next();
383
byte[] recData = recipient.getContent(_reciKP.getPrivate(), BC);
385
assertEquals(true, Arrays.equals(data, recData));
389
fail("no recipient found");
393
public void testKeyTransSmallAES()
396
byte[] data = new byte[] { 0, 1, 2, 3 };
398
CMSEnvelopedDataGenerator edGen = new CMSEnvelopedDataGenerator();
400
edGen.addKeyTransRecipient(_reciCert);
402
CMSEnvelopedData ed = edGen.generate(
403
new CMSProcessableByteArray(data),
404
CMSEnvelopedDataGenerator.AES128_CBC, BC);
406
RecipientInformationStore recipients = ed.getRecipientInfos();
408
assertEquals(ed.getEncryptionAlgOID(),
409
CMSEnvelopedDataGenerator.AES128_CBC);
411
Collection c = recipients.getRecipients();
412
Iterator it = c.iterator();
416
RecipientInformation recipient = (RecipientInformation)it.next();
418
byte[] recData = recipient.getContent(_reciKP.getPrivate(), BC);
419
assertEquals(true, Arrays.equals(data, recData));
423
fail("no recipient found");
427
public void testKeyTransCAST5()
430
tryKeyTrans(CMSEnvelopedDataGenerator.CAST5_CBC, new DERObjectIdentifier(CMSEnvelopedDataGenerator.CAST5_CBC), ASN1Sequence.class);
433
public void testKeyTransAES128()
436
tryKeyTrans(CMSEnvelopedDataGenerator.AES128_CBC, NISTObjectIdentifiers.id_aes128_CBC, DEROctetString.class);
439
public void testKeyTransAES192()
442
tryKeyTrans(CMSEnvelopedDataGenerator.AES192_CBC, NISTObjectIdentifiers.id_aes192_CBC, DEROctetString.class);
445
public void testKeyTransAES256()
448
tryKeyTrans(CMSEnvelopedDataGenerator.AES256_CBC, NISTObjectIdentifiers.id_aes256_CBC, DEROctetString.class);
451
public void testKeyTransSEED()
454
tryKeyTrans(CMSEnvelopedDataGenerator.SEED_CBC, KISAObjectIdentifiers.id_seedCBC, DEROctetString.class);
457
public void testKeyTransCamellia128()
460
tryKeyTrans(CMSEnvelopedDataGenerator.CAMELLIA128_CBC, NTTObjectIdentifiers.id_camellia128_cbc, DEROctetString.class);
463
public void testKeyTransCamellia192()
466
tryKeyTrans(CMSEnvelopedDataGenerator.CAMELLIA192_CBC, NTTObjectIdentifiers.id_camellia192_cbc, DEROctetString.class);
469
public void testKeyTransCamellia256()
472
tryKeyTrans(CMSEnvelopedDataGenerator.CAMELLIA256_CBC, NTTObjectIdentifiers.id_camellia256_cbc, DEROctetString.class);
475
private void tryKeyTrans(String generatorOID, DERObjectIdentifier checkOID, Class asn1Params)
478
byte[] data = "WallaWallaWashington".getBytes();
480
CMSEnvelopedDataGenerator edGen = new CMSEnvelopedDataGenerator();
482
edGen.addKeyTransRecipient(_reciCert);
484
CMSEnvelopedData ed = edGen.generate(
485
new CMSProcessableByteArray(data),
488
RecipientInformationStore recipients = ed.getRecipientInfos();
490
assertEquals(checkOID.getId(), ed.getEncryptionAlgOID());
492
if (asn1Params != null)
494
ASN1InputStream aIn = new ASN1InputStream(ed.getEncryptionAlgParams());
496
assertTrue(asn1Params.isAssignableFrom(aIn.readObject().getClass()));
499
Collection c = recipients.getRecipients();
501
assertEquals(1, c.size());
503
Iterator it = c.iterator();
507
fail("no recipients found");
512
RecipientInformation recipient = (RecipientInformation)it.next();
514
assertEquals(recipient.getKeyEncryptionAlgOID(), PKCSObjectIdentifiers.rsaEncryption.getId());
516
byte[] recData = recipient.getContent(_reciKP.getPrivate(), BC);
518
assertEquals(true, Arrays.equals(data, recData));
522
public void testErrorneousKEK()
525
byte[] data = "WallaWallaWashington".getBytes();
526
SecretKey kek = new SecretKeySpec(new byte[] { 1, 2, 3, 4, 5, 6, 7, 8, 9, 10, 11, 12, 13, 14, 15, 16 }, "AES");
528
CMSEnvelopedData ed = new CMSEnvelopedData(oldKEK);
530
RecipientInformationStore recipients = ed.getRecipientInfos();
532
assertEquals(ed.getEncryptionAlgOID(), CMSEnvelopedDataGenerator.DES_EDE3_CBC);
534
Collection c = recipients.getRecipients();
535
Iterator it = c.iterator();
539
RecipientInformation recipient = (RecipientInformation)it.next();
541
assertEquals(recipient.getKeyEncryptionAlgOID(), NISTObjectIdentifiers.id_aes128_wrap.getId());
543
byte[] recData = recipient.getContent(kek, BC);
545
assertEquals(true, Arrays.equals(data, recData));
549
fail("no recipient found");
553
public void testDESKEK()
556
tryKekAlgorithm(CMSTestUtil.makeDesede192Key(), new DERObjectIdentifier("1.2.840.113549.1.9.16.3.6"));
558
public void testRC2128KEK()
561
tryKekAlgorithm(CMSTestUtil.makeRC2128Key(), new DERObjectIdentifier("1.2.840.113549.1.9.16.3.7"));
564
public void testAES128KEK()
567
tryKekAlgorithm(CMSTestUtil.makeAESKey(128), NISTObjectIdentifiers.id_aes128_wrap);
570
public void testAES192KEK()
573
tryKekAlgorithm(CMSTestUtil.makeAESKey(192), NISTObjectIdentifiers.id_aes192_wrap);
576
public void testAES256KEK()
579
tryKekAlgorithm(CMSTestUtil.makeAESKey(256), NISTObjectIdentifiers.id_aes256_wrap);
582
public void testSEED128KEK()
585
tryKekAlgorithm(CMSTestUtil.makeSEEDKey(), KISAObjectIdentifiers.id_npki_app_cmsSeed_wrap);
588
public void testCamellia128KEK()
591
tryKekAlgorithm(CMSTestUtil.makeCamelliaKey(128), NTTObjectIdentifiers.id_camellia128_wrap);
594
public void testCamellia192KEK()
597
tryKekAlgorithm(CMSTestUtil.makeCamelliaKey(192), NTTObjectIdentifiers.id_camellia192_wrap);
600
public void testCamellia256KEK()
603
tryKekAlgorithm(CMSTestUtil.makeCamelliaKey(256), NTTObjectIdentifiers.id_camellia256_wrap);
606
private void tryKekAlgorithm(SecretKey kek, DERObjectIdentifier algOid)
607
throws NoSuchAlgorithmException, NoSuchProviderException, CMSException
609
byte[] data = "WallaWallaWashington".getBytes();
610
CMSEnvelopedDataGenerator edGen = new CMSEnvelopedDataGenerator();
612
byte[] kekId = new byte[] { 1, 2, 3, 4, 5 };
614
edGen.addKEKRecipient(kek, kekId);
616
CMSEnvelopedData ed = edGen.generate(
617
new CMSProcessableByteArray(data),
618
CMSEnvelopedDataGenerator.DES_EDE3_CBC, BC);
620
RecipientInformationStore recipients = ed.getRecipientInfos();
622
Collection c = recipients.getRecipients();
623
Iterator it = c.iterator();
625
assertEquals(ed.getEncryptionAlgOID(), CMSEnvelopedDataGenerator.DES_EDE3_CBC);
629
RecipientInformation recipient = (RecipientInformation)it.next();
631
assertEquals(algOid.getId(), recipient.getKeyEncryptionAlgOID());
633
byte[] recData = recipient.getContent(kek, BC);
635
assertTrue(Arrays.equals(data, recData));
639
fail("no recipient found");
643
public void testECKeyAgree()
646
byte[] data = Hex.decode("504b492d4320434d5320456e76656c6f706564446174612053616d706c65");
648
CMSEnvelopedDataGenerator edGen = new CMSEnvelopedDataGenerator();
650
edGen.addKeyAgreementRecipient(CMSEnvelopedDataGenerator.ECDH_SHA1KDF,
651
_origEcKP.getPrivate(), _origEcKP.getPublic(),
652
_reciEcCert, CMSEnvelopedDataGenerator.AES128_WRAP, BC);
654
CMSEnvelopedData ed = edGen.generate(
655
new CMSProcessableByteArray(data),
656
CMSEnvelopedDataGenerator.AES128_CBC, BC);
658
assertEquals(ed.getEncryptionAlgOID(), CMSEnvelopedDataGenerator.AES128_CBC);
660
RecipientInformationStore recipients = ed.getRecipientInfos();
662
confirmDataReceived(recipients, data, _reciEcCert, _reciEcKP.getPrivate(), BC);
663
confirmNumberRecipients(recipients, 1);
666
public void testECMQVKeyAgree()
669
byte[] data = Hex.decode("504b492d4320434d5320456e76656c6f706564446174612053616d706c65");
671
CMSEnvelopedDataGenerator edGen = new CMSEnvelopedDataGenerator();
673
edGen.addKeyAgreementRecipient(CMSEnvelopedDataGenerator.ECMQV_SHA1KDF,
674
_origEcKP.getPrivate(), _origEcKP.getPublic(),
675
_reciEcCert, CMSEnvelopedDataGenerator.AES128_WRAP, BC);
677
CMSEnvelopedData ed = edGen.generate(
678
new CMSProcessableByteArray(data),
679
CMSEnvelopedDataGenerator.AES128_CBC, BC);
681
assertEquals(ed.getEncryptionAlgOID(), CMSEnvelopedDataGenerator.AES128_CBC);
683
RecipientInformationStore recipients = ed.getRecipientInfos();
685
confirmDataReceived(recipients, data, _reciEcCert, _reciEcKP.getPrivate(), BC);
686
confirmNumberRecipients(recipients, 1);
689
public void testECMQVKeyAgreeMultiple()
692
byte[] data = Hex.decode("504b492d4320434d5320456e76656c6f706564446174612053616d706c65");
694
CMSEnvelopedDataGenerator edGen = new CMSEnvelopedDataGenerator();
696
ArrayList recipientCerts = new ArrayList();
697
recipientCerts.add(_reciEcCert);
698
recipientCerts.add(_reciEcCert2);
700
edGen.addKeyAgreementRecipients(CMSEnvelopedDataGenerator.ECMQV_SHA1KDF,
701
_origEcKP.getPrivate(), _origEcKP.getPublic(),
702
recipientCerts, CMSEnvelopedDataGenerator.AES128_WRAP, BC);
704
CMSEnvelopedData ed = edGen.generate(
705
new CMSProcessableByteArray(data),
706
CMSEnvelopedDataGenerator.AES128_CBC, BC);
708
assertEquals(ed.getEncryptionAlgOID(), CMSEnvelopedDataGenerator.AES128_CBC);
710
RecipientInformationStore recipients = ed.getRecipientInfos();
712
confirmDataReceived(recipients, data, _reciEcCert, _reciEcKP.getPrivate(), BC);
713
confirmDataReceived(recipients, data, _reciEcCert2, _reciEcKP2.getPrivate(), BC);
714
confirmNumberRecipients(recipients, 2);
717
private static void confirmDataReceived(RecipientInformationStore recipients,
718
byte[] expectedData, X509Certificate reciCert, PrivateKey reciPrivKey, String provider)
719
throws CMSException, NoSuchProviderException, CertificateEncodingException, IOException
721
RecipientId rid = new JceKeyAgreeRecipientId(reciCert);
723
RecipientInformation recipient = recipients.get(rid);
724
assertNotNull(recipient);
726
byte[] actualData = recipient.getContent(reciPrivKey, provider);
727
assertEquals(true, Arrays.equals(expectedData, actualData));
730
private static void confirmNumberRecipients(RecipientInformationStore recipients, int count)
732
assertEquals(count, recipients.getRecipients().size());
735
public void testECKeyAgreeVectors()
738
PKCS8EncodedKeySpec privSpec = new PKCS8EncodedKeySpec(ecKeyAgreeKey);
739
KeyFactory fact = KeyFactory.getInstance("ECDH", BC);
740
PrivateKey privKey = fact.generatePrivate(privSpec);
742
verifyECKeyAgreeVectors(privKey, "2.16.840.1.101.3.4.1.42", ecKeyAgreeMsgAES256);
743
verifyECKeyAgreeVectors(privKey, "2.16.840.1.101.3.4.1.2", ecKeyAgreeMsgAES128);
744
verifyECKeyAgreeVectors(privKey, "1.2.840.113549.3.7", ecKeyAgreeMsgDESEDE);
747
public void testECMQVKeyAgreeVectors()
750
PKCS8EncodedKeySpec privSpec = new PKCS8EncodedKeySpec(ecKeyAgreeKey);
751
KeyFactory fact = KeyFactory.getInstance("ECDH", BC);
752
PrivateKey privKey = fact.generatePrivate(privSpec);
754
verifyECMQVKeyAgreeVectors(privKey, "2.16.840.1.101.3.4.1.2", ecMQVKeyAgreeMsgAES128);
757
public void testPasswordAES256()
760
passwordTest(CMSEnvelopedDataGenerator.AES256_CBC);
761
passwordUTF8Test(CMSEnvelopedDataGenerator.AES256_CBC);
764
public void testPasswordDESEDE()
767
passwordTest(CMSEnvelopedDataGenerator.DES_EDE3_CBC);
768
passwordUTF8Test(CMSEnvelopedDataGenerator.DES_EDE3_CBC);
771
public void testRFC4134ex5_1()
774
byte[] data = Hex.decode("5468697320697320736f6d652073616d706c6520636f6e74656e742e");
776
KeyFactory kFact = KeyFactory.getInstance("RSA", BC);
777
Key key = kFact.generatePrivate(new PKCS8EncodedKeySpec(bobPrivRsaEncrypt));
779
CMSEnvelopedData ed = new CMSEnvelopedData(rfc4134ex5_1);
781
RecipientInformationStore recipients = ed.getRecipientInfos();
783
assertEquals("1.2.840.113549.3.7", ed.getEncryptionAlgOID());
785
Collection c = recipients.getRecipients();
786
Iterator it = c.iterator();
790
RecipientInformation recipient = (RecipientInformation)it.next();
792
byte[] recData = recipient.getContent(key, BC);
794
assertEquals(true, Arrays.equals(data, recData));
798
fail("no recipient found");
802
public void testRFC4134ex5_2()
805
byte[] data = Hex.decode("5468697320697320736f6d652073616d706c6520636f6e74656e742e");
807
KeyFactory kFact = KeyFactory.getInstance("RSA", BC);
808
Key key = kFact.generatePrivate(new PKCS8EncodedKeySpec(bobPrivRsaEncrypt));
810
CMSEnvelopedData ed = new CMSEnvelopedData(rfc4134ex5_2);
812
RecipientInformationStore recipients = ed.getRecipientInfos();
814
assertEquals("1.2.840.113549.3.2", ed.getEncryptionAlgOID());
816
Collection c = recipients.getRecipients();
817
Iterator it = c.iterator();
823
RecipientInformation recipient = (RecipientInformation)it.next();
826
if (recipient instanceof KeyTransRecipientInformation)
828
recData = recipient.getContent(key, BC);
830
assertEquals(true, Arrays.equals(data, recData));
836
fail("no recipient found");
840
public void testOriginatorInfo()
843
CMSEnvelopedData env = new CMSEnvelopedData(CMSSampleMessages.originatorMessage);
845
RecipientInformationStore recipients = env.getRecipientInfos();
847
assertEquals(CMSEnvelopedDataGenerator.DES_EDE3_CBC, env.getEncryptionAlgOID());
851
private void passwordTest(String algorithm)
854
byte[] data = Hex.decode("504b492d4320434d5320456e76656c6f706564446174612053616d706c65");
856
CMSEnvelopedDataGenerator edGen = new CMSEnvelopedDataGenerator();
858
edGen.addPasswordRecipient(new PKCS5Scheme2PBEKey("password".toCharArray(), new byte[20], 5), algorithm);
860
CMSEnvelopedData ed = edGen.generate(
861
new CMSProcessableByteArray(data),
862
CMSEnvelopedDataGenerator.AES128_CBC, BC);
864
RecipientInformationStore recipients = ed.getRecipientInfos();
866
assertEquals(ed.getEncryptionAlgOID(),
867
CMSEnvelopedDataGenerator.AES128_CBC);
869
Collection c = recipients.getRecipients();
870
Iterator it = c.iterator();
874
PasswordRecipientInformation recipient = (PasswordRecipientInformation)it.next();
876
CMSPBEKey key = new PKCS5Scheme2PBEKey("password".toCharArray(),
877
recipient.getKeyDerivationAlgParameters(BC));
879
byte[] recData = recipient.getContent(key, BC);
881
assertEquals(true, Arrays.equals(data, recData));
885
fail("no recipient found");
889
// try algorithm parameters constructor
893
RecipientInformation recipient = (RecipientInformation)it.next();
895
byte[] recData = recipient.getContent(new PKCS5Scheme2PBEKey("password".toCharArray(), ((PasswordRecipientInformation)recipient).getKeyDerivationAlgParameters(BC)), BC);
896
assertEquals(true, Arrays.equals(data, recData));
899
private void passwordUTF8Test(String algorithm)
902
byte[] data = Hex.decode("504b492d4320434d5320456e76656c6f706564446174612053616d706c65");
904
CMSEnvelopedDataGenerator edGen = new CMSEnvelopedDataGenerator();
906
edGen.addPasswordRecipient(new PKCS5Scheme2UTF8PBEKey("abc\u5639\u563b".toCharArray(), new byte[20], 5), algorithm);
908
CMSEnvelopedData ed = edGen.generate(
909
new CMSProcessableByteArray(data),
910
CMSEnvelopedDataGenerator.AES128_CBC, BC);
912
RecipientInformationStore recipients = ed.getRecipientInfos();
914
assertEquals(ed.getEncryptionAlgOID(),
915
CMSEnvelopedDataGenerator.AES128_CBC);
917
Collection c = recipients.getRecipients();
918
Iterator it = c.iterator();
922
RecipientInformation recipient = (RecipientInformation)it.next();
924
byte[] recData = recipient.getContent(new PKCS5Scheme2UTF8PBEKey("abc\u5639\u563b".toCharArray(), new byte[20], 5), BC);
925
assertEquals(true, Arrays.equals(data, recData));
929
fail("no recipient found");
933
// try algorithm parameters constructor
937
RecipientInformation recipient = (RecipientInformation)it.next();
939
byte[] recData = recipient.getContent(new PKCS5Scheme2UTF8PBEKey("abc\u5639\u563b".toCharArray(), ((PasswordRecipientInformation)recipient).getKeyDerivationAlgParameters(BC)), BC);
940
assertEquals(true, Arrays.equals(data, recData));
943
private void verifyECKeyAgreeVectors(PrivateKey privKey, String wrapAlg, byte[] message)
944
throws CMSException, GeneralSecurityException
946
byte[] data = Hex.decode("504b492d4320434d5320456e76656c6f706564446174612053616d706c65");
948
CMSEnvelopedData ed = new CMSEnvelopedData(message);
950
RecipientInformationStore recipients = ed.getRecipientInfos();
952
Collection c = recipients.getRecipients();
953
Iterator it = c.iterator();
955
assertEquals(wrapAlg, ed.getEncryptionAlgOID());
959
RecipientInformation recipient = (RecipientInformation)it.next();
961
assertEquals("1.3.133.16.840.63.0.2", recipient.getKeyEncryptionAlgOID());
963
byte[] recData = recipient.getContent(privKey, BC);
965
assertTrue(Arrays.equals(data, recData));
969
fail("no recipient found");
973
private void verifyECMQVKeyAgreeVectors(PrivateKey privKey, String wrapAlg, byte[] message)
974
throws CMSException, GeneralSecurityException
976
byte[] data = Hex.decode("504b492d4320434d5320456e76656c6f706564446174612053616d706c65");
978
CMSEnvelopedData ed = new CMSEnvelopedData(message);
980
RecipientInformationStore recipients = ed.getRecipientInfos();
982
Collection c = recipients.getRecipients();
983
Iterator it = c.iterator();
985
assertEquals(wrapAlg, ed.getEncryptionAlgOID());
989
RecipientInformation recipient = (RecipientInformation)it.next();
991
assertEquals("1.3.133.16.840.63.0.16", recipient.getKeyEncryptionAlgOID());
993
byte[] recData = recipient.getContent(privKey, BC);
995
assertTrue(Arrays.equals(data, recData));
999
fail("no recipient found");