← Back to branch summary

~brian-thomason/+junk/bouncycastle

« back to all changes in this revision

Viewing changes to test/src/org/bouncycastle/cms/test/EnvelopedDataTest.java

  • Committer: Brian Thomason
  • Date: 2011-12-20 17:20:32 UTC
  • Revision ID: brian.thomason@canonical.com-20111220172032-rdtm13jgdxtksacr
Initial import

Show diffs side-by-side

added added

removed removed

Lines of Context:
test/src/org/bouncycastle/cms/test/EnvelopedDataTest.java
 
1
package org.bouncycastle.cms.test;
 
2
 
 
3
import java.io.IOException;
 
4
import java.security.GeneralSecurityException;
 
5
import java.security.Key;
 
6
import java.security.KeyFactory;
 
7
import java.security.KeyPair;
 
8
import java.security.NoSuchAlgorithmException;
 
9
import java.security.NoSuchProviderException;
 
10
import java.security.PrivateKey;
 
11
import java.security.Security;
 
12
import java.security.cert.CertificateEncodingException;
 
13
import java.security.cert.X509Certificate;
 
14
import java.security.spec.PKCS8EncodedKeySpec;
 
15
import java.util.ArrayList;
 
16
import java.util.Arrays;
 
17
import java.util.Collection;
 
18
import java.util.Iterator;
 
19
 
 
20
import javax.crypto.SecretKey;
 
21
import javax.crypto.spec.SecretKeySpec;
 
22
 
 
23
import junit.framework.Test;
 
24
import junit.framework.TestCase;
 
25
import junit.framework.TestSuite;
 
26
import org.bouncycastle.asn1.ASN1InputStream;
 
27
import org.bouncycastle.asn1.ASN1Sequence;
 
28
import org.bouncycastle.asn1.DERObjectIdentifier;
 
29
import org.bouncycastle.asn1.DEROctetString;
 
30
import org.bouncycastle.asn1.kisa.KISAObjectIdentifiers;
 
31
import org.bouncycastle.asn1.nist.NISTObjectIdentifiers;
 
32
import org.bouncycastle.asn1.ntt.NTTObjectIdentifiers;
 
33
import org.bouncycastle.asn1.pkcs.PKCSObjectIdentifiers;
 
34
import org.bouncycastle.cms.CMSEnvelopedData;
 
35
import org.bouncycastle.cms.CMSEnvelopedDataGenerator;
 
36
import org.bouncycastle.cms.CMSException;
 
37
import org.bouncycastle.cms.CMSPBEKey;
 
38
import org.bouncycastle.cms.CMSProcessableByteArray;
 
39
import org.bouncycastle.cms.KeyTransRecipientInformation;
 
40
import org.bouncycastle.cms.PKCS5Scheme2PBEKey;
 
41
import org.bouncycastle.cms.PKCS5Scheme2UTF8PBEKey;
 
42
import org.bouncycastle.cms.PasswordRecipientInformation;
 
43
import org.bouncycastle.cms.RecipientId;
 
44
import org.bouncycastle.cms.RecipientInformation;
 
45
import org.bouncycastle.cms.RecipientInformationStore;
 
46
import org.bouncycastle.cms.jcajce.JceKeyAgreeRecipientId;
 
47
import org.bouncycastle.jce.provider.BouncyCastleProvider;
 
48
import org.bouncycastle.util.encoders.Base64;
 
49
import org.bouncycastle.util.encoders.Hex;
 
50
 
 
51
public class EnvelopedDataTest
 
52
    extends TestCase 
 
53
{
 
54
    private static final String BC = BouncyCastleProvider.PROVIDER_NAME;
 
55
 
 
56
    private static String          _signDN;
 
57
    private static KeyPair         _signKP;  
 
58
    private static X509Certificate _signCert;
 
59
 
 
60
    private static String          _origDN;
 
61
    private static KeyPair         _origKP;
 
62
    private static X509Certificate _origCert;
 
63
 
 
64
    private static String          _reciDN;
 
65
    private static String          _reciDN2;
 
66
    private static KeyPair         _reciKP;
 
67
    private static X509Certificate _reciCert;
 
68
 
 
69
    private static KeyPair         _origEcKP;
 
70
    private static KeyPair         _reciEcKP;
 
71
    private static X509Certificate _reciEcCert;
 
72
    private static KeyPair         _reciEcKP2;
 
73
    private static X509Certificate _reciEcCert2;
 
74
 
 
75
    private static boolean         _initialised = false;
 
76
 
 
77
    private byte[] oldKEK = Base64.decode(
 
78
                          "MIAGCSqGSIb3DQEHA6CAMIACAQIxQaI/MD0CAQQwBwQFAQIDBAUwDQYJYIZIAWUDBAEFBQAEI"
 
79
                        + "Fi2eHTPM4bQSjP4DUeDzJZLpfemW2gF1SPq7ZPHJi1mMIAGCSqGSIb3DQEHATAUBggqhkiG9w"
 
80
                        + "0DBwQImtdGyUdGGt6ggAQYk9X9z01YFBkU7IlS3wmsKpm/zpZClTceAAAAAAAAAAAAAA==");
 
81
 
 
82
    private byte[] ecKeyAgreeMsgAES256 = Base64.decode(
 
83
           "MIAGCSqGSIb3DQEHA6CAMIACAQIxgcShgcECAQOgQ6FBMAsGByqGSM49AgEF"
 
84
         + "AAMyAAPdXlSTpub+qqno9hUGkUDl+S3/ABhPziIB5yGU4678tgOgU5CiKG9Z"
 
85
         + "kfnabIJ3nZYwGgYJK4EFEIZIPwACMA0GCWCGSAFlAwQBLQUAMFswWTAtMCgx"
 
86
         + "EzARBgNVBAMTCkFkbWluLU1EU0UxETAPBgNVBAoTCDRCQ1QtMklEAgEBBCi/"
 
87
         + "rJRLbFwEVW6PcLLmojjW9lI/xGD7CfZzXrqXFw8iHaf3hTRau1gYMIAGCSqG"
 
88
         + "SIb3DQEHATAdBglghkgBZQMEASoEEMtCnKKPwccmyrbgeSIlA3qggAQQDLw8"
 
89
         + "pNJR97bPpj6baG99bQQQwhEDsoj5Xg1oOxojHVcYzAAAAAAAAAAAAAA=");
 
90
 
 
91
    private byte[] ecKeyAgreeMsgAES128 = Base64.decode(
 
92
           "MIAGCSqGSIb3DQEHA6CAMIACAQIxgbShgbECAQOgQ6FBMAsGByqGSM49AgEF"
 
93
         + "AAMyAAL01JLEgKvKh5rbxI/hOxs/9WEezMIsAbUaZM4l5tn3CzXAN505nr5d"
 
94
         + "LhrcurMK+tAwGgYJK4EFEIZIPwACMA0GCWCGSAFlAwQBBQUAMEswSTAtMCgx"
 
95
         + "EzARBgNVBAMTCkFkbWluLU1EU0UxETAPBgNVBAoTCDRCQ1QtMklEAgEBBBhi"
 
96
         + "FLjc5g6aqDT3f8LomljOwl1WTrplUT8wgAYJKoZIhvcNAQcBMB0GCWCGSAFl"
 
97
         + "AwQBAgQQzXjms16Y69S/rB0EbHqRMaCABBAFmc/QdVW6LTKdEy97kaZzBBBa"
 
98
         + "fQuviUS03NycpojELx0bAAAAAAAAAAAAAA==");
 
99
 
 
100
    private byte[] ecKeyAgreeMsgDESEDE = Base64.decode(
 
101
           "MIAGCSqGSIb3DQEHA6CAMIACAQIxgcahgcMCAQOgQ6FBMAsGByqGSM49AgEF"
 
102
         + "AAMyAALIici6Nx1WN5f0ThH2A8ht9ovm0thpC5JK54t73E1RDzCifePaoQo0"
 
103
         + "xd6sUqoyGaYwHAYJK4EFEIZIPwACMA8GCyqGSIb3DQEJEAMGBQAwWzBZMC0w"
 
104
         + "KDETMBEGA1UEAxMKQWRtaW4tTURTRTERMA8GA1UEChMINEJDVC0ySUQCAQEE"
 
105
         + "KJuqZQ1NB1vXrKPOnb4TCpYOsdm6GscWdwAAZlm2EHMp444j0s55J9wwgAYJ"
 
106
         + "KoZIhvcNAQcBMBQGCCqGSIb3DQMHBAjwnsDMsafCrKCABBjyPvqFOVMKxxut"
 
107
         + "VfTx4fQlNGJN8S2ATRgECMcTQ/dsmeViAAAAAAAAAAAAAA==");
 
108
 
 
109
   private byte[] ecMQVKeyAgreeMsgAES128 = Base64.decode(
 
110
          "MIAGCSqGSIb3DQEHA6CAMIACAQIxgf2hgfoCAQOgQ6FBMAsGByqGSM49AgEF"
 
111
        + "AAMyAAPDKU+0H58tsjpoYmYCInMr/FayvCCkupebgsnpaGEB7qS9vzcNVUj6"
 
112
        + "mrnmiC2grpmhRwRFMEMwQTALBgcqhkjOPQIBBQADMgACZpD13z9c7DzRWx6S"
 
113
        + "0xdbq3S+EJ7vWO+YcHVjTD8NcQDcZcWASW899l1PkL936zsuMBoGCSuBBRCG"
 
114
        + "SD8AEDANBglghkgBZQMEAQUFADBLMEkwLTAoMRMwEQYDVQQDEwpBZG1pbi1N"
 
115
        + "RFNFMREwDwYDVQQKEwg0QkNULTJJRAIBAQQYFq58L71nyMK/70w3nc6zkkRy"
 
116
        + "RL7DHmpZMIAGCSqGSIb3DQEHATAdBglghkgBZQMEAQIEEDzRUpreBsZXWHBe"
 
117
        + "onxOtSmggAQQ7csAZXwT1lHUqoazoy8bhAQQq+9Zjj8iGdOWgyebbfj67QAA"
 
118
        + "AAAAAAAAAAA=");
 
119
 
 
120
 
 
121
    private byte[] ecKeyAgreeKey = Base64.decode(
 
122
        "MIG2AgEAMBAGByqGSM49AgEGBSuBBAAiBIGeMIGbAgEBBDC8vp7xVTbKSgYVU5Wc"
 
123
      + "hGkWbzaj+yUFETIWP1Dt7+WSpq3ikSPdl7PpHPqnPVZfoIWhZANiAgSYHTgxf+Dd"
 
124
      + "Tt84dUvuSKkFy3RhjxJmjwIscK6zbEUzKhcPQG2GHzXhWK5x1kov0I74XpGhVkya"
 
125
      + "ElH5K6SaOXiXAzcyNGggTOk4+ZFnz5Xl0pBje3zKxPhYu0SnCw7Pcqw=");
 
126
 
 
127
    private byte[] bobPrivRsaEncrypt = Base64.decode(
 
128
       "MIIChQIBADANBgkqhkiG9w0BAQEFAASCAmAwggJcAgEAAoGBAKnhZ5g/OdVf"
 
129
     + "8qCTQV6meYmFyDVdmpFb+x0B2hlwJhcPvaUi0DWFbXqYZhRBXM+3twg7CcmR"
 
130
     + "uBlpN235ZR572akzJKN/O7uvRgGGNjQyywcDWVL8hYsxBLjMGAgUSOZPHPtd"
 
131
     + "YMTgXB9T039T2GkB8QX4enDRvoPGXzjPHCyqaqfrAgMBAAECgYBnzUhMmg2P"
 
132
     + "mMIbZf8ig5xt8KYGHbztpwOIlPIcaw+LNd4Ogngwy+e6alatd8brUXlweQqg"
 
133
     + "9P5F4Kmy9Bnah5jWMIR05PxZbMHGd9ypkdB8MKCixQheIXFD/A0HPfD6bRSe"
 
134
     + "TmPwF1h5HEuYHD09sBvf+iU7o8AsmAX2EAnYh9sDGQJBANDDIsbeopkYdo+N"
 
135
     + "vKZ11mY/1I1FUox29XLE6/BGmvE+XKpVC5va3Wtt+Pw7PAhDk7Vb/s7q/WiE"
 
136
     + "I2Kv8zHCueUCQQDQUfweIrdb7bWOAcjXq/JY1PeClPNTqBlFy2bKKBlf4hAr"
 
137
     + "84/sajB0+E0R9KfEILVHIdxJAfkKICnwJAiEYH2PAkA0umTJSChXdNdVUN5q"
 
138
     + "SO8bKlocSHseIVnDYDubl6nA7xhmqU5iUjiEzuUJiEiUacUgFJlaV/4jbOSn"
 
139
     + "I3vQgLeFAkEAni+zN5r7CwZdV+EJBqRd2ZCWBgVfJAZAcpw6iIWchw+dYhKI"
 
140
     + "FmioNRobQ+g4wJhprwMKSDIETukPj3d9NDAlBwJAVxhn1grStavCunrnVNqc"
 
141
     + "BU+B1O8BiR4yPWnLMcRSyFRVJQA7HCp8JlDV6abXd8vPFfXuC9WN7rOvTKF8"
 
142
     + "Y0ZB9qANMAsGA1UdDzEEAwIAEA==");
 
143
 
 
144
    private byte[] rfc4134ex5_1 = Base64.decode(
 
145
          "MIIBHgYJKoZIhvcNAQcDoIIBDzCCAQsCAQAxgcAwgb0CAQAwJjASMRAwDgYD"
 
146
        + "VQQDEwdDYXJsUlNBAhBGNGvHgABWvBHTbi7NXXHQMA0GCSqGSIb3DQEBAQUA"
 
147
        + "BIGAC3EN5nGIiJi2lsGPcP2iJ97a4e8kbKQz36zg6Z2i0yx6zYC4mZ7mX7FB"
 
148
        + "s3IWg+f6KgCLx3M1eCbWx8+MDFbbpXadCDgO8/nUkUNYeNxJtuzubGgzoyEd"
 
149
        + "8Ch4H/dd9gdzTd+taTEgS0ipdSJuNnkVY4/M652jKKHRLFf02hosdR8wQwYJ"
 
150
        + "KoZIhvcNAQcBMBQGCCqGSIb3DQMHBAgtaMXpRwZRNYAgDsiSf8Z9P43LrY4O"
 
151
        + "xUk660cu1lXeCSFOSOpOJ7FuVyU=");
 
152
 
 
153
    private byte[] rfc4134ex5_2 = Base64.decode(
 
154
            "MIIBZQYJKoZIhvcNAQcDoIIBVjCCAVICAQIxggEAMIG9AgEAMCYwEjEQMA4G"
 
155
         + "A1UEAxMHQ2FybFJTQQIQRjRrx4AAVrwR024uzV1x0DANBgkqhkiG9w0BAQEF"
 
156
         + "AASBgJQmQojGi7Z4IP+CVypBmNFoCDoEp87khtgyff2N4SmqD3RxPx+8hbLQ"
 
157
         + "t9i3YcMwcap+aiOkyqjMalT03VUC0XBOGv+HYI3HBZm/aFzxoq+YOXAWs5xl"
 
158
         + "GerZwTOc9j6AYlK4qXvnztR5SQ8TBjlzytm4V7zg+TGrnGVNQBNw47Ewoj4C"
 
159
         + "AQQwDQQLTWFpbExpc3RSQzIwEAYLKoZIhvcNAQkQAwcCAToEGHcUr5MSJ/g9"
 
160
         + "HnJVHsQ6X56VcwYb+OfojTBJBgkqhkiG9w0BBwEwGgYIKoZIhvcNAwIwDgIC"
 
161
         + "AKAECJwE0hkuKlWhgCBeKNXhojuej3org9Lt7n+wWxOhnky5V50vSpoYRfRR"
 
162
         + "yw==");
 
163
    
 
164
    public EnvelopedDataTest()
 
165
    {
 
166
    }
 
167
 
 
168
    private static void init()
 
169
        throws Exception
 
170
    {
 
171
        if (!_initialised)
 
172
        {
 
173
            _initialised = true;
 
174
            
 
175
            _signDN   = "O=Bouncy Castle, C=AU";
 
176
            _signKP   = CMSTestUtil.makeKeyPair();  
 
177
            _signCert = CMSTestUtil.makeCertificate(_signKP, _signDN, _signKP, _signDN);
 
178
 
 
179
            _origDN   = "CN=Bob, OU=Sales, O=Bouncy Castle, C=AU";
 
180
            _origKP   = CMSTestUtil.makeKeyPair();
 
181
            _origCert = CMSTestUtil.makeCertificate(_origKP, _origDN, _signKP, _signDN);
 
182
 
 
183
            _reciDN   = "CN=Doug, OU=Sales, O=Bouncy Castle, C=AU";
 
184
            _reciDN2  = "CN=Fred, OU=Sales, O=Bouncy Castle, C=AU";
 
185
            _reciKP   = CMSTestUtil.makeKeyPair();
 
186
            _reciCert = CMSTestUtil.makeCertificate(_reciKP, _reciDN, _signKP, _signDN);
 
187
 
 
188
            _origEcKP = CMSTestUtil.makeEcDsaKeyPair();
 
189
            _reciEcKP = CMSTestUtil.makeEcDsaKeyPair();
 
190
            _reciEcCert = CMSTestUtil.makeCertificate(_reciEcKP, _reciDN, _signKP, _signDN);
 
191
            _reciEcKP2 = CMSTestUtil.makeEcDsaKeyPair();
 
192
            _reciEcCert2 = CMSTestUtil.makeCertificate(_reciEcKP2, _reciDN2, _signKP, _signDN);
 
193
        }
 
194
    }
 
195
    
 
196
    public static void main(
 
197
        String args[])
 
198
        throws Exception
 
199
    {
 
200
        junit.textui.TestRunner.run(EnvelopedDataTest.suite());
 
201
    }
 
202
 
 
203
    public static Test suite() 
 
204
        throws Exception
 
205
    {
 
206
        init();
 
207
        
 
208
        return new CMSTestSetup(new TestSuite(EnvelopedDataTest.class));
 
209
    }
 
210
 
 
211
    public void testKeyTrans()
 
212
        throws Exception
 
213
    {
 
214
        byte[]          data     = "WallaWallaWashington".getBytes();
 
215
 
 
216
        CMSEnvelopedDataGenerator edGen = new CMSEnvelopedDataGenerator();
 
217
 
 
218
        edGen.addKeyTransRecipient(_reciCert);
 
219
 
 
220
        CMSEnvelopedData ed = edGen.generate(
 
221
                                new CMSProcessableByteArray(data),
 
222
                                CMSEnvelopedDataGenerator.DES_EDE3_CBC, BC);
 
223
 
 
224
        RecipientInformationStore  recipients = ed.getRecipientInfos();
 
225
 
 
226
 
 
227
        assertEquals(ed.getEncryptionAlgOID(), CMSEnvelopedDataGenerator.DES_EDE3_CBC);
 
228
        
 
229
        Collection  c = recipients.getRecipients();
 
230
 
 
231
        assertEquals(1, c.size());
 
232
 
 
233
        Iterator    it = c.iterator();
 
234
 
 
235
        while (it.hasNext())
 
236
        {
 
237
            RecipientInformation   recipient = (RecipientInformation)it.next();
 
238
 
 
239
            assertEquals(recipient.getKeyEncryptionAlgOID(), PKCSObjectIdentifiers.rsaEncryption.getId());
 
240
            
 
241
            byte[] recData = recipient.getContent(_reciKP.getPrivate(), BC);
 
242
 
 
243
            assertEquals(true, Arrays.equals(data, recData));
 
244
        }
 
245
    }
 
246
 
 
247
    public void testKeyTransCAST5SunJCE()
 
248
        throws Exception
 
249
    {
 
250
        if (Security.getProvider("SunJCE") == null)
 
251
        {
 
252
            return;
 
253
        }
 
254
        
 
255
        String version = System.getProperty("java.version");
 
256
        if (version.startsWith("1.4") || version.startsWith("1.3"))
 
257
        {
 
258
            return;
 
259
        }
 
260
        
 
261
        byte[]          data     = "WallaWallaWashington".getBytes();
 
262
    
 
263
        CMSEnvelopedDataGenerator edGen = new CMSEnvelopedDataGenerator();
 
264
    
 
265
        edGen.addKeyTransRecipient(_reciCert);
 
266
 
 
267
        CMSEnvelopedData ed = edGen.generate(
 
268
                                new CMSProcessableByteArray(data),
 
269
                                CMSEnvelopedDataGenerator.CAST5_CBC, "SunJCE");
 
270
        RecipientInformationStore  recipients = ed.getRecipientInfos();
 
271
        
 
272
        assertEquals(ed.getEncryptionAlgOID(), CMSEnvelopedDataGenerator.CAST5_CBC);
 
273
 
 
274
        Collection  c = recipients.getRecipients();
 
275
 
 
276
        assertEquals(1, c.size());
 
277
 
 
278
        Iterator    it = c.iterator();
 
279
        
 
280
        while (it.hasNext())
 
281
        {
 
282
            RecipientInformation   recipient = (RecipientInformation)it.next();
 
283
    
 
284
            assertEquals(recipient.getKeyEncryptionAlgOID(), PKCSObjectIdentifiers.rsaEncryption.getId());
 
285
            
 
286
            byte[] recData = recipient.getContent(_reciKP.getPrivate(), "SunJCE");
 
287
    
 
288
            assertEquals(true, Arrays.equals(data, recData));
 
289
        }
 
290
    }
 
291
 
 
292
    public void testKeyTransRC4()
 
293
        throws Exception
 
294
    {
 
295
        byte[]          data     = "WallaWallaBouncyCastle".getBytes();
 
296
 
 
297
        CMSEnvelopedDataGenerator edGen = new CMSEnvelopedDataGenerator();
 
298
 
 
299
        edGen.addKeyTransRecipient(_reciCert);
 
300
 
 
301
        CMSEnvelopedData ed = edGen.generate(
 
302
                                new CMSProcessableByteArray(data),
 
303
                                "1.2.840.113549.3.4", BC);
 
304
 
 
305
        RecipientInformationStore  recipients = ed.getRecipientInfos();
 
306
 
 
307
        assertEquals(ed.getEncryptionAlgOID(), "1.2.840.113549.3.4");
 
308
        
 
309
        Collection  c = recipients.getRecipients();
 
310
 
 
311
        assertEquals(1, c.size());
 
312
 
 
313
        Iterator    it = c.iterator();
 
314
 
 
315
        while (it.hasNext())
 
316
        {
 
317
            RecipientInformation   recipient = (RecipientInformation)it.next();
 
318
 
 
319
            byte[] recData = recipient.getContent(_reciKP.getPrivate(), BC);
 
320
 
 
321
            assertEquals(true, Arrays.equals(data, recData));
 
322
        }
 
323
    }
 
324
    
 
325
    public void testKeyTrans128RC4()
 
326
        throws Exception
 
327
    {
 
328
        byte[]          data     = "WallaWallaBouncyCastle".getBytes();
 
329
 
 
330
        CMSEnvelopedDataGenerator edGen = new CMSEnvelopedDataGenerator();
 
331
 
 
332
        edGen.addKeyTransRecipient(_reciCert);
 
333
 
 
334
        CMSEnvelopedData ed = edGen.generate(
 
335
                                new CMSProcessableByteArray(data),
 
336
                                "1.2.840.113549.3.4", 128, BC);
 
337
 
 
338
        RecipientInformationStore  recipients = ed.getRecipientInfos();
 
339
 
 
340
        assertEquals(ed.getEncryptionAlgOID(), "1.2.840.113549.3.4");
 
341
        
 
342
        Collection  c = recipients.getRecipients();
 
343
        Iterator    it = c.iterator();
 
344
 
 
345
        if (it.hasNext())
 
346
        {
 
347
            RecipientInformation   recipient = (RecipientInformation)it.next();
 
348
 
 
349
            byte[] recData = recipient.getContent(_reciKP.getPrivate(), BC);
 
350
 
 
351
            assertEquals(true, Arrays.equals(data, recData));
 
352
        }
 
353
        else
 
354
        {
 
355
            fail("no recipient found");
 
356
        }
 
357
    }
 
358
    
 
359
    public void testKeyTransODES()
 
360
        throws Exception
 
361
    {
 
362
        byte[]          data     = "WallaWallaBouncyCastle".getBytes();
 
363
 
 
364
        CMSEnvelopedDataGenerator edGen = new CMSEnvelopedDataGenerator();
 
365
 
 
366
        edGen.addKeyTransRecipient(_reciCert);
 
367
 
 
368
        CMSEnvelopedData ed = edGen.generate(
 
369
                                new CMSProcessableByteArray(data),
 
370
                                "1.3.14.3.2.7", BC);
 
371
 
 
372
        RecipientInformationStore  recipients = ed.getRecipientInfos();
 
373
 
 
374
        assertEquals(ed.getEncryptionAlgOID(), "1.3.14.3.2.7");
 
375
        
 
376
        Collection  c = recipients.getRecipients();
 
377
        Iterator    it = c.iterator();
 
378
 
 
379
        if (it.hasNext())
 
380
        {
 
381
            RecipientInformation   recipient = (RecipientInformation)it.next();
 
382
 
 
383
            byte[] recData = recipient.getContent(_reciKP.getPrivate(), BC);
 
384
 
 
385
            assertEquals(true, Arrays.equals(data, recData));
 
386
        }
 
387
        else
 
388
        {
 
389
            fail("no recipient found");
 
390
        }
 
391
    }
 
392
 
 
393
    public void testKeyTransSmallAES()
 
394
        throws Exception
 
395
    {
 
396
        byte[]          data     = new byte[] { 0, 1, 2, 3 };
 
397
 
 
398
        CMSEnvelopedDataGenerator edGen = new CMSEnvelopedDataGenerator();
 
399
 
 
400
        edGen.addKeyTransRecipient(_reciCert);
 
401
 
 
402
        CMSEnvelopedData ed = edGen.generate(
 
403
                              new CMSProcessableByteArray(data),
 
404
                              CMSEnvelopedDataGenerator.AES128_CBC, BC);
 
405
 
 
406
        RecipientInformationStore  recipients = ed.getRecipientInfos();
 
407
 
 
408
        assertEquals(ed.getEncryptionAlgOID(),
 
409
                                   CMSEnvelopedDataGenerator.AES128_CBC);
 
410
        
 
411
        Collection  c = recipients.getRecipients();
 
412
        Iterator    it = c.iterator();
 
413
 
 
414
        if (it.hasNext())
 
415
        {
 
416
            RecipientInformation   recipient = (RecipientInformation)it.next();
 
417
 
 
418
            byte[] recData = recipient.getContent(_reciKP.getPrivate(), BC);
 
419
            assertEquals(true, Arrays.equals(data, recData));
 
420
        }
 
421
        else
 
422
        {
 
423
            fail("no recipient found");
 
424
        }
 
425
    }
 
426
 
 
427
    public void testKeyTransCAST5()
 
428
        throws Exception
 
429
    {
 
430
        tryKeyTrans(CMSEnvelopedDataGenerator.CAST5_CBC, new DERObjectIdentifier(CMSEnvelopedDataGenerator.CAST5_CBC), ASN1Sequence.class);
 
431
    }
 
432
 
 
433
    public void testKeyTransAES128()
 
434
        throws Exception
 
435
    {
 
436
        tryKeyTrans(CMSEnvelopedDataGenerator.AES128_CBC, NISTObjectIdentifiers.id_aes128_CBC, DEROctetString.class);
 
437
    }
 
438
 
 
439
    public void testKeyTransAES192()
 
440
        throws Exception
 
441
    {
 
442
        tryKeyTrans(CMSEnvelopedDataGenerator.AES192_CBC, NISTObjectIdentifiers.id_aes192_CBC, DEROctetString.class);
 
443
    }
 
444
 
 
445
    public void testKeyTransAES256()
 
446
        throws Exception
 
447
    {
 
448
        tryKeyTrans(CMSEnvelopedDataGenerator.AES256_CBC, NISTObjectIdentifiers.id_aes256_CBC, DEROctetString.class);
 
449
    }
 
450
 
 
451
    public void testKeyTransSEED()
 
452
        throws Exception
 
453
    {
 
454
        tryKeyTrans(CMSEnvelopedDataGenerator.SEED_CBC, KISAObjectIdentifiers.id_seedCBC, DEROctetString.class);
 
455
    }
 
456
 
 
457
    public void testKeyTransCamellia128()
 
458
        throws Exception
 
459
    {
 
460
        tryKeyTrans(CMSEnvelopedDataGenerator.CAMELLIA128_CBC, NTTObjectIdentifiers.id_camellia128_cbc, DEROctetString.class);
 
461
    }
 
462
 
 
463
    public void testKeyTransCamellia192()
 
464
        throws Exception
 
465
    {
 
466
        tryKeyTrans(CMSEnvelopedDataGenerator.CAMELLIA192_CBC, NTTObjectIdentifiers.id_camellia192_cbc, DEROctetString.class);
 
467
    }
 
468
 
 
469
    public void testKeyTransCamellia256()
 
470
        throws Exception
 
471
    {
 
472
        tryKeyTrans(CMSEnvelopedDataGenerator.CAMELLIA256_CBC, NTTObjectIdentifiers.id_camellia256_cbc, DEROctetString.class);
 
473
    }
 
474
 
 
475
    private void tryKeyTrans(String generatorOID, DERObjectIdentifier checkOID, Class asn1Params)
 
476
        throws Exception
 
477
    {
 
478
        byte[]          data     = "WallaWallaWashington".getBytes();
 
479
 
 
480
        CMSEnvelopedDataGenerator edGen = new CMSEnvelopedDataGenerator();
 
481
 
 
482
        edGen.addKeyTransRecipient(_reciCert);
 
483
 
 
484
        CMSEnvelopedData ed = edGen.generate(
 
485
                                new CMSProcessableByteArray(data),
 
486
                                generatorOID, BC);
 
487
 
 
488
        RecipientInformationStore  recipients = ed.getRecipientInfos();
 
489
 
 
490
        assertEquals(checkOID.getId(), ed.getEncryptionAlgOID());
 
491
 
 
492
        if (asn1Params != null)
 
493
        {
 
494
            ASN1InputStream aIn = new ASN1InputStream(ed.getEncryptionAlgParams());
 
495
 
 
496
            assertTrue(asn1Params.isAssignableFrom(aIn.readObject().getClass()));
 
497
        }
 
498
 
 
499
        Collection  c = recipients.getRecipients();
 
500
 
 
501
        assertEquals(1, c.size());
 
502
 
 
503
        Iterator    it = c.iterator();
 
504
 
 
505
        if (!it.hasNext())
 
506
        {
 
507
            fail("no recipients found");
 
508
        }
 
509
 
 
510
        while (it.hasNext())
 
511
        {
 
512
            RecipientInformation   recipient = (RecipientInformation)it.next();
 
513
 
 
514
            assertEquals(recipient.getKeyEncryptionAlgOID(), PKCSObjectIdentifiers.rsaEncryption.getId());
 
515
 
 
516
            byte[] recData = recipient.getContent(_reciKP.getPrivate(), BC);
 
517
 
 
518
            assertEquals(true, Arrays.equals(data, recData));
 
519
        }
 
520
    }
 
521
 
 
522
    public void testErrorneousKEK()
 
523
        throws Exception
 
524
    {
 
525
        byte[]    data = "WallaWallaWashington".getBytes();
 
526
        SecretKey kek  = new SecretKeySpec(new byte[] { 1, 2, 3, 4, 5, 6, 7, 8, 9, 10, 11, 12, 13, 14, 15, 16 }, "AES");
 
527
 
 
528
        CMSEnvelopedData ed = new CMSEnvelopedData(oldKEK);
 
529
 
 
530
        RecipientInformationStore  recipients = ed.getRecipientInfos();
 
531
 
 
532
        assertEquals(ed.getEncryptionAlgOID(), CMSEnvelopedDataGenerator.DES_EDE3_CBC);
 
533
 
 
534
        Collection  c = recipients.getRecipients();
 
535
        Iterator    it = c.iterator();
 
536
 
 
537
        if (it.hasNext())
 
538
        {
 
539
            RecipientInformation   recipient = (RecipientInformation)it.next();
 
540
 
 
541
            assertEquals(recipient.getKeyEncryptionAlgOID(), NISTObjectIdentifiers.id_aes128_wrap.getId());
 
542
 
 
543
            byte[] recData = recipient.getContent(kek, BC);
 
544
 
 
545
            assertEquals(true, Arrays.equals(data, recData));
 
546
        }
 
547
        else
 
548
        {
 
549
            fail("no recipient found");
 
550
        }
 
551
    }
 
552
 
 
553
    public void testDESKEK()
 
554
        throws Exception
 
555
    {
 
556
        tryKekAlgorithm(CMSTestUtil.makeDesede192Key(), new DERObjectIdentifier("1.2.840.113549.1.9.16.3.6"));
 
557
    }
 
558
    public void testRC2128KEK()
 
559
        throws Exception
 
560
    {
 
561
        tryKekAlgorithm(CMSTestUtil.makeRC2128Key(), new DERObjectIdentifier("1.2.840.113549.1.9.16.3.7"));
 
562
    }
 
563
 
 
564
    public void testAES128KEK()
 
565
        throws Exception
 
566
    {
 
567
        tryKekAlgorithm(CMSTestUtil.makeAESKey(128), NISTObjectIdentifiers.id_aes128_wrap);
 
568
    }
 
569
 
 
570
    public void testAES192KEK()
 
571
        throws Exception
 
572
    {
 
573
        tryKekAlgorithm(CMSTestUtil.makeAESKey(192), NISTObjectIdentifiers.id_aes192_wrap);
 
574
    }
 
575
 
 
576
    public void testAES256KEK()
 
577
        throws Exception
 
578
    {
 
579
        tryKekAlgorithm(CMSTestUtil.makeAESKey(256), NISTObjectIdentifiers.id_aes256_wrap);
 
580
    }
 
581
 
 
582
    public void testSEED128KEK()
 
583
        throws Exception
 
584
    {
 
585
        tryKekAlgorithm(CMSTestUtil.makeSEEDKey(), KISAObjectIdentifiers.id_npki_app_cmsSeed_wrap);
 
586
    }
 
587
 
 
588
    public void testCamellia128KEK()
 
589
        throws Exception
 
590
    {
 
591
        tryKekAlgorithm(CMSTestUtil.makeCamelliaKey(128), NTTObjectIdentifiers.id_camellia128_wrap);
 
592
    }
 
593
 
 
594
    public void testCamellia192KEK()
 
595
        throws Exception
 
596
    {
 
597
        tryKekAlgorithm(CMSTestUtil.makeCamelliaKey(192), NTTObjectIdentifiers.id_camellia192_wrap);
 
598
    }
 
599
 
 
600
    public void testCamellia256KEK()
 
601
        throws Exception
 
602
    {
 
603
        tryKekAlgorithm(CMSTestUtil.makeCamelliaKey(256), NTTObjectIdentifiers.id_camellia256_wrap);
 
604
    }
 
605
 
 
606
    private void tryKekAlgorithm(SecretKey kek, DERObjectIdentifier algOid)
 
607
        throws NoSuchAlgorithmException, NoSuchProviderException, CMSException
 
608
    {
 
609
        byte[]    data = "WallaWallaWashington".getBytes();
 
610
        CMSEnvelopedDataGenerator edGen = new CMSEnvelopedDataGenerator();
 
611
 
 
612
        byte[]  kekId = new byte[] { 1, 2, 3, 4, 5 };
 
613
 
 
614
        edGen.addKEKRecipient(kek, kekId);
 
615
 
 
616
        CMSEnvelopedData ed = edGen.generate(
 
617
                                new CMSProcessableByteArray(data),
 
618
                                CMSEnvelopedDataGenerator.DES_EDE3_CBC, BC);
 
619
 
 
620
        RecipientInformationStore recipients = ed.getRecipientInfos();
 
621
 
 
622
        Collection c = recipients.getRecipients();
 
623
        Iterator it = c.iterator();
 
624
 
 
625
        assertEquals(ed.getEncryptionAlgOID(), CMSEnvelopedDataGenerator.DES_EDE3_CBC);
 
626
 
 
627
        if (it.hasNext())
 
628
        {
 
629
            RecipientInformation recipient = (RecipientInformation)it.next();
 
630
 
 
631
            assertEquals(algOid.getId(), recipient.getKeyEncryptionAlgOID());
 
632
 
 
633
            byte[] recData = recipient.getContent(kek, BC);
 
634
 
 
635
            assertTrue(Arrays.equals(data, recData));
 
636
        }
 
637
        else
 
638
        {
 
639
            fail("no recipient found");
 
640
        }
 
641
    }
 
642
 
 
643
    public void testECKeyAgree()
 
644
        throws Exception
 
645
    {
 
646
        byte[] data = Hex.decode("504b492d4320434d5320456e76656c6f706564446174612053616d706c65");
 
647
 
 
648
        CMSEnvelopedDataGenerator edGen = new CMSEnvelopedDataGenerator();
 
649
 
 
650
        edGen.addKeyAgreementRecipient(CMSEnvelopedDataGenerator.ECDH_SHA1KDF,
 
651
            _origEcKP.getPrivate(), _origEcKP.getPublic(),
 
652
            _reciEcCert, CMSEnvelopedDataGenerator.AES128_WRAP, BC);
 
653
 
 
654
        CMSEnvelopedData ed = edGen.generate(
 
655
            new CMSProcessableByteArray(data),
 
656
            CMSEnvelopedDataGenerator.AES128_CBC, BC);
 
657
 
 
658
        assertEquals(ed.getEncryptionAlgOID(), CMSEnvelopedDataGenerator.AES128_CBC);
 
659
 
 
660
        RecipientInformationStore recipients = ed.getRecipientInfos();
 
661
 
 
662
        confirmDataReceived(recipients, data, _reciEcCert, _reciEcKP.getPrivate(), BC);
 
663
        confirmNumberRecipients(recipients, 1);
 
664
    }
 
665
 
 
666
    public void testECMQVKeyAgree()
 
667
        throws Exception
 
668
    {
 
669
        byte[] data = Hex.decode("504b492d4320434d5320456e76656c6f706564446174612053616d706c65");
 
670
 
 
671
        CMSEnvelopedDataGenerator edGen = new CMSEnvelopedDataGenerator();
 
672
 
 
673
        edGen.addKeyAgreementRecipient(CMSEnvelopedDataGenerator.ECMQV_SHA1KDF,
 
674
            _origEcKP.getPrivate(), _origEcKP.getPublic(),
 
675
            _reciEcCert, CMSEnvelopedDataGenerator.AES128_WRAP, BC);
 
676
 
 
677
        CMSEnvelopedData ed = edGen.generate(
 
678
            new CMSProcessableByteArray(data),
 
679
            CMSEnvelopedDataGenerator.AES128_CBC, BC);
 
680
 
 
681
        assertEquals(ed.getEncryptionAlgOID(), CMSEnvelopedDataGenerator.AES128_CBC);
 
682
 
 
683
        RecipientInformationStore recipients = ed.getRecipientInfos();
 
684
 
 
685
        confirmDataReceived(recipients, data, _reciEcCert, _reciEcKP.getPrivate(), BC);
 
686
        confirmNumberRecipients(recipients, 1);
 
687
    }
 
688
 
 
689
    public void testECMQVKeyAgreeMultiple()
 
690
        throws Exception
 
691
    {
 
692
        byte[] data = Hex.decode("504b492d4320434d5320456e76656c6f706564446174612053616d706c65");
 
693
 
 
694
        CMSEnvelopedDataGenerator edGen = new CMSEnvelopedDataGenerator();
 
695
 
 
696
        ArrayList recipientCerts = new ArrayList();
 
697
        recipientCerts.add(_reciEcCert);
 
698
        recipientCerts.add(_reciEcCert2);
 
699
 
 
700
        edGen.addKeyAgreementRecipients(CMSEnvelopedDataGenerator.ECMQV_SHA1KDF,
 
701
            _origEcKP.getPrivate(), _origEcKP.getPublic(),
 
702
            recipientCerts, CMSEnvelopedDataGenerator.AES128_WRAP, BC);
 
703
 
 
704
        CMSEnvelopedData ed = edGen.generate(
 
705
            new CMSProcessableByteArray(data),
 
706
            CMSEnvelopedDataGenerator.AES128_CBC, BC);
 
707
 
 
708
        assertEquals(ed.getEncryptionAlgOID(), CMSEnvelopedDataGenerator.AES128_CBC);
 
709
 
 
710
        RecipientInformationStore recipients = ed.getRecipientInfos();
 
711
 
 
712
        confirmDataReceived(recipients, data, _reciEcCert, _reciEcKP.getPrivate(), BC);
 
713
        confirmDataReceived(recipients, data, _reciEcCert2, _reciEcKP2.getPrivate(), BC);
 
714
        confirmNumberRecipients(recipients, 2);
 
715
    }
 
716
 
 
717
    private static void confirmDataReceived(RecipientInformationStore recipients,
 
718
        byte[] expectedData, X509Certificate reciCert, PrivateKey reciPrivKey, String provider)
 
719
        throws CMSException, NoSuchProviderException, CertificateEncodingException, IOException
 
720
    {
 
721
        RecipientId rid = new JceKeyAgreeRecipientId(reciCert);
 
722
 
 
723
        RecipientInformation recipient = recipients.get(rid);
 
724
        assertNotNull(recipient);
 
725
 
 
726
        byte[] actualData = recipient.getContent(reciPrivKey, provider);
 
727
        assertEquals(true, Arrays.equals(expectedData, actualData));
 
728
    }
 
729
 
 
730
    private static void confirmNumberRecipients(RecipientInformationStore recipients, int count)
 
731
    {
 
732
        assertEquals(count, recipients.getRecipients().size());
 
733
    }
 
734
 
 
735
    public void testECKeyAgreeVectors()
 
736
        throws Exception
 
737
    {
 
738
        PKCS8EncodedKeySpec privSpec = new PKCS8EncodedKeySpec(ecKeyAgreeKey);
 
739
        KeyFactory          fact = KeyFactory.getInstance("ECDH", BC);
 
740
        PrivateKey          privKey = fact.generatePrivate(privSpec);
 
741
 
 
742
        verifyECKeyAgreeVectors(privKey, "2.16.840.1.101.3.4.1.42", ecKeyAgreeMsgAES256);
 
743
        verifyECKeyAgreeVectors(privKey, "2.16.840.1.101.3.4.1.2", ecKeyAgreeMsgAES128);
 
744
        verifyECKeyAgreeVectors(privKey, "1.2.840.113549.3.7", ecKeyAgreeMsgDESEDE);
 
745
    }
 
746
 
 
747
    public void testECMQVKeyAgreeVectors()
 
748
        throws Exception
 
749
    {
 
750
        PKCS8EncodedKeySpec privSpec = new PKCS8EncodedKeySpec(ecKeyAgreeKey);
 
751
        KeyFactory          fact = KeyFactory.getInstance("ECDH", BC);
 
752
        PrivateKey          privKey = fact.generatePrivate(privSpec);
 
753
 
 
754
        verifyECMQVKeyAgreeVectors(privKey, "2.16.840.1.101.3.4.1.2", ecMQVKeyAgreeMsgAES128);
 
755
    }
 
756
 
 
757
    public void testPasswordAES256()
 
758
        throws Exception
 
759
    {
 
760
        passwordTest(CMSEnvelopedDataGenerator.AES256_CBC);
 
761
        passwordUTF8Test(CMSEnvelopedDataGenerator.AES256_CBC);
 
762
    }
 
763
 
 
764
    public void testPasswordDESEDE()
 
765
        throws Exception
 
766
    {
 
767
        passwordTest(CMSEnvelopedDataGenerator.DES_EDE3_CBC);
 
768
        passwordUTF8Test(CMSEnvelopedDataGenerator.DES_EDE3_CBC);
 
769
    }
 
770
 
 
771
    public void testRFC4134ex5_1()
 
772
        throws Exception
 
773
    {
 
774
        byte[] data = Hex.decode("5468697320697320736f6d652073616d706c6520636f6e74656e742e");
 
775
 
 
776
        KeyFactory kFact = KeyFactory.getInstance("RSA", BC);
 
777
        Key key = kFact.generatePrivate(new PKCS8EncodedKeySpec(bobPrivRsaEncrypt));
 
778
 
 
779
        CMSEnvelopedData ed = new CMSEnvelopedData(rfc4134ex5_1);
 
780
 
 
781
        RecipientInformationStore  recipients = ed.getRecipientInfos();
 
782
 
 
783
        assertEquals("1.2.840.113549.3.7", ed.getEncryptionAlgOID());
 
784
 
 
785
        Collection  c = recipients.getRecipients();
 
786
        Iterator    it = c.iterator();
 
787
 
 
788
        if (it.hasNext())
 
789
        {
 
790
            RecipientInformation   recipient = (RecipientInformation)it.next();
 
791
 
 
792
            byte[] recData = recipient.getContent(key, BC);
 
793
 
 
794
            assertEquals(true, Arrays.equals(data, recData));
 
795
        }
 
796
        else
 
797
        {
 
798
            fail("no recipient found");
 
799
        }
 
800
    }
 
801
 
 
802
    public void testRFC4134ex5_2()
 
803
        throws Exception
 
804
    {
 
805
        byte[] data = Hex.decode("5468697320697320736f6d652073616d706c6520636f6e74656e742e");
 
806
 
 
807
        KeyFactory kFact = KeyFactory.getInstance("RSA", BC);
 
808
        Key key = kFact.generatePrivate(new PKCS8EncodedKeySpec(bobPrivRsaEncrypt));
 
809
 
 
810
        CMSEnvelopedData ed = new CMSEnvelopedData(rfc4134ex5_2);
 
811
 
 
812
        RecipientInformationStore  recipients = ed.getRecipientInfos();
 
813
 
 
814
        assertEquals("1.2.840.113549.3.2", ed.getEncryptionAlgOID());
 
815
 
 
816
        Collection  c = recipients.getRecipients();
 
817
        Iterator    it = c.iterator();
 
818
 
 
819
        if (it.hasNext())
 
820
        {
 
821
            while (it.hasNext())
 
822
            {
 
823
                RecipientInformation   recipient = (RecipientInformation)it.next();
 
824
                byte[] recData;
 
825
 
 
826
                if (recipient instanceof KeyTransRecipientInformation)
 
827
                {
 
828
                    recData = recipient.getContent(key, BC);
 
829
 
 
830
                    assertEquals(true, Arrays.equals(data, recData));
 
831
                }
 
832
            }
 
833
        }
 
834
        else
 
835
        {
 
836
            fail("no recipient found");
 
837
        }
 
838
    }
 
839
 
 
840
    public void testOriginatorInfo()
 
841
        throws Exception
 
842
    {
 
843
        CMSEnvelopedData env = new CMSEnvelopedData(CMSSampleMessages.originatorMessage);
 
844
 
 
845
        RecipientInformationStore  recipients = env.getRecipientInfos();
 
846
 
 
847
        assertEquals(CMSEnvelopedDataGenerator.DES_EDE3_CBC, env.getEncryptionAlgOID());
 
848
 
 
849
    }
 
850
 
 
851
    private void passwordTest(String algorithm)
 
852
        throws Exception
 
853
    {
 
854
        byte[] data = Hex.decode("504b492d4320434d5320456e76656c6f706564446174612053616d706c65");
 
855
 
 
856
        CMSEnvelopedDataGenerator edGen = new CMSEnvelopedDataGenerator();
 
857
 
 
858
        edGen.addPasswordRecipient(new PKCS5Scheme2PBEKey("password".toCharArray(), new byte[20], 5), algorithm);
 
859
 
 
860
        CMSEnvelopedData ed = edGen.generate(
 
861
                              new CMSProcessableByteArray(data),
 
862
                              CMSEnvelopedDataGenerator.AES128_CBC, BC);
 
863
 
 
864
        RecipientInformationStore  recipients = ed.getRecipientInfos();
 
865
 
 
866
        assertEquals(ed.getEncryptionAlgOID(),
 
867
                                   CMSEnvelopedDataGenerator.AES128_CBC);
 
868
 
 
869
        Collection  c = recipients.getRecipients();
 
870
        Iterator    it = c.iterator();
 
871
 
 
872
        if (it.hasNext())
 
873
        {
 
874
            PasswordRecipientInformation recipient = (PasswordRecipientInformation)it.next();
 
875
 
 
876
            CMSPBEKey key = new PKCS5Scheme2PBEKey("password".toCharArray(),
 
877
                recipient.getKeyDerivationAlgParameters(BC));
 
878
 
 
879
            byte[] recData = recipient.getContent(key, BC);
 
880
 
 
881
            assertEquals(true, Arrays.equals(data, recData));
 
882
        }
 
883
        else
 
884
        {
 
885
            fail("no recipient found");
 
886
        }
 
887
 
 
888
        //
 
889
        // try algorithm parameters constructor
 
890
        //
 
891
        it = c.iterator();
 
892
 
 
893
        RecipientInformation   recipient = (RecipientInformation)it.next();
 
894
 
 
895
        byte[] recData = recipient.getContent(new PKCS5Scheme2PBEKey("password".toCharArray(), ((PasswordRecipientInformation)recipient).getKeyDerivationAlgParameters(BC)), BC);
 
896
        assertEquals(true, Arrays.equals(data, recData));
 
897
    }
 
898
 
 
899
    private void passwordUTF8Test(String algorithm)
 
900
        throws Exception
 
901
    {
 
902
        byte[] data = Hex.decode("504b492d4320434d5320456e76656c6f706564446174612053616d706c65");
 
903
 
 
904
        CMSEnvelopedDataGenerator edGen = new CMSEnvelopedDataGenerator();
 
905
 
 
906
        edGen.addPasswordRecipient(new PKCS5Scheme2UTF8PBEKey("abc\u5639\u563b".toCharArray(), new byte[20], 5), algorithm);
 
907
 
 
908
        CMSEnvelopedData ed = edGen.generate(
 
909
                              new CMSProcessableByteArray(data),
 
910
                              CMSEnvelopedDataGenerator.AES128_CBC, BC);
 
911
 
 
912
        RecipientInformationStore  recipients = ed.getRecipientInfos();
 
913
 
 
914
        assertEquals(ed.getEncryptionAlgOID(),
 
915
                                   CMSEnvelopedDataGenerator.AES128_CBC);
 
916
 
 
917
        Collection  c = recipients.getRecipients();
 
918
        Iterator    it = c.iterator();
 
919
 
 
920
        if (it.hasNext())
 
921
        {
 
922
            RecipientInformation   recipient = (RecipientInformation)it.next();
 
923
 
 
924
            byte[] recData = recipient.getContent(new PKCS5Scheme2UTF8PBEKey("abc\u5639\u563b".toCharArray(), new byte[20], 5), BC);
 
925
            assertEquals(true, Arrays.equals(data, recData));
 
926
        }
 
927
        else
 
928
        {
 
929
            fail("no recipient found");
 
930
        }
 
931
 
 
932
        //
 
933
        // try algorithm parameters constructor
 
934
        //
 
935
        it = c.iterator();
 
936
 
 
937
        RecipientInformation   recipient = (RecipientInformation)it.next();
 
938
 
 
939
        byte[] recData = recipient.getContent(new PKCS5Scheme2UTF8PBEKey("abc\u5639\u563b".toCharArray(), ((PasswordRecipientInformation)recipient).getKeyDerivationAlgParameters(BC)), BC);
 
940
        assertEquals(true, Arrays.equals(data, recData));
 
941
    }
 
942
 
 
943
    private void verifyECKeyAgreeVectors(PrivateKey privKey, String wrapAlg, byte[] message)
 
944
        throws CMSException, GeneralSecurityException
 
945
    {
 
946
        byte[] data = Hex.decode("504b492d4320434d5320456e76656c6f706564446174612053616d706c65");
 
947
 
 
948
        CMSEnvelopedData ed = new CMSEnvelopedData(message);
 
949
 
 
950
        RecipientInformationStore  recipients = ed.getRecipientInfos();
 
951
 
 
952
        Collection  c = recipients.getRecipients();
 
953
        Iterator    it = c.iterator();
 
954
 
 
955
        assertEquals(wrapAlg, ed.getEncryptionAlgOID());
 
956
 
 
957
        if (it.hasNext())
 
958
        {
 
959
            RecipientInformation   recipient = (RecipientInformation)it.next();
 
960
 
 
961
            assertEquals("1.3.133.16.840.63.0.2", recipient.getKeyEncryptionAlgOID());
 
962
 
 
963
            byte[] recData = recipient.getContent(privKey, BC);
 
964
 
 
965
            assertTrue(Arrays.equals(data, recData));
 
966
        }
 
967
        else
 
968
        {
 
969
            fail("no recipient found");
 
970
        }
 
971
    }
 
972
 
 
973
    private void verifyECMQVKeyAgreeVectors(PrivateKey privKey, String wrapAlg, byte[] message)
 
974
        throws CMSException, GeneralSecurityException
 
975
    {
 
976
        byte[] data = Hex.decode("504b492d4320434d5320456e76656c6f706564446174612053616d706c65");
 
977
 
 
978
        CMSEnvelopedData ed = new CMSEnvelopedData(message);
 
979
 
 
980
        RecipientInformationStore  recipients = ed.getRecipientInfos();
 
981
 
 
982
        Collection  c = recipients.getRecipients();
 
983
        Iterator    it = c.iterator();
 
984
 
 
985
        assertEquals(wrapAlg, ed.getEncryptionAlgOID());
 
986
 
 
987
        if (it.hasNext())
 
988
        {
 
989
            RecipientInformation   recipient = (RecipientInformation)it.next();
 
990
 
 
991
            assertEquals("1.3.133.16.840.63.0.16", recipient.getKeyEncryptionAlgOID());
 
992
 
 
993
            byte[] recData = recipient.getContent(privKey, BC);
 
994
 
 
995
            assertTrue(Arrays.equals(data, recData));
 
996
        }
 
997
        else
 
998
        {
 
999
            fail("no recipient found");
 
1000
        }
 
1001
    }
 
1002
}