org.bouncycastle.eac.test.AllTests Maven / Gradle / Ivy
Go to download
Show more of this group Show more artifacts with this name
Show all versions of bcpkix-jdk15on Show documentation
Show all versions of bcpkix-jdk15on Show documentation
The Bouncy Castle Java APIs for CMS, PKCS, EAC, TSP, CMP, CRMF, OCSP, and certificate generation. This jar contains APIs for JDK 1.5 and up. The APIs can be used in conjunction with a JCE/JCA provider such as the one provided with the Bouncy Castle Cryptography APIs.
The newest version!
package org.bouncycastle.eac.test;
import java.io.IOException;
import java.security.InvalidAlgorithmParameterException;
import java.security.KeyPair;
import java.security.KeyPairGenerator;
import java.security.NoSuchAlgorithmException;
import java.security.NoSuchProviderException;
import java.security.PublicKey;
import java.security.SecureRandom;
import java.security.Security;
import junit.framework.Test;
import junit.framework.TestCase;
import junit.framework.TestSuite;
import org.bouncycastle.asn1.eac.CertificateHolderAuthorization;
import org.bouncycastle.asn1.eac.CertificateHolderReference;
import org.bouncycastle.asn1.eac.CertificationAuthorityReference;
import org.bouncycastle.asn1.eac.EACObjectIdentifiers;
import org.bouncycastle.asn1.eac.PackedDate;
import org.bouncycastle.eac.EACCertificateBuilder;
import org.bouncycastle.eac.EACCertificateHolder;
import org.bouncycastle.eac.EACCertificateRequestHolder;
import org.bouncycastle.eac.jcajce.JcaPublicKeyConverter;
import org.bouncycastle.eac.operator.EACSignatureVerifier;
import org.bouncycastle.eac.operator.EACSigner;
import org.bouncycastle.eac.operator.jcajce.JcaEACSignatureVerifierBuilder;
import org.bouncycastle.eac.operator.jcajce.JcaEACSignerBuilder;
import org.bouncycastle.jce.ECNamedCurveTable;
import org.bouncycastle.jce.provider.BouncyCastleProvider;
import org.bouncycastle.jce.spec.ECParameterSpec;
import org.bouncycastle.util.Arrays;
import org.bouncycastle.util.io.Streams;
public class AllTests
extends TestCase
{
private static final String BC = BouncyCastleProvider.PROVIDER_NAME;
public void setUp()
{
if (Security.getProvider(BC) != null)
{
Security.addProvider(new BouncyCastleProvider());
}
}
public void testLoadCertificate() throws Exception
{
EACCertificateHolder certHolder = new EACCertificateHolder(getInput("Belgique CVCA-02032010.7816.cvcert"));
PublicKey pubKey = new JcaPublicKeyConverter().setProvider(BC).getKey(certHolder.getPublicKeyDataObject());
EACSignatureVerifier verifier = new JcaEACSignatureVerifierBuilder().build(certHolder.getPublicKeyDataObject().getUsage(), pubKey);
if (!certHolder.isSignatureValid(verifier))
{
fail("signature test failed");
}
}
private byte[] getInput(String name)
throws IOException
{
return Streams.readAll(getClass().getResourceAsStream(name));
}
public void testLoadInvalidRequest() throws Exception
{
// this request contains invalid unsigned integers (see D 2.1.1)
EACCertificateRequestHolder requestHolder = new EACCertificateRequestHolder(getInput("REQ_18102010.csr"));
PublicKey pubKey = new JcaPublicKeyConverter().setProvider(BC).getKey(requestHolder.getPublicKeyDataObject());
EACSignatureVerifier verifier = new JcaEACSignatureVerifierBuilder().build(requestHolder.getPublicKeyDataObject().getUsage(), pubKey);
if (requestHolder.isInnerSignatureValid(verifier))
{
fail("signature test failed");
}
}
public void testLoadCSR() throws Exception
{
// this request contains invalid unsigned integers (see D 2.1.1)
byte[] input = getInput("UTIS00100072.csr");
EACCertificateRequestHolder requestHolder = new EACCertificateRequestHolder(input);
PublicKey pubKey = new JcaPublicKeyConverter().setProvider(BC).getKey(requestHolder.getPublicKeyDataObject());
EACSignatureVerifier verifier = new JcaEACSignatureVerifierBuilder().build(requestHolder.getPublicKeyDataObject().getUsage(), pubKey);
TestCase.assertTrue("signature test failed", requestHolder.isInnerSignatureValid(verifier));
TestCase.assertTrue("comparison failed", Arrays.areEqual(input, requestHolder.toASN1Structure().getEncoded()));
}
public void testLoadRefCert() throws Exception
{
EACCertificateHolder certHolder = new EACCertificateHolder(getInput("at_cert_19a.cvcert"));
}
public void testGenerateEC()
throws Exception
{
ECParameterSpec ecSpec = ECNamedCurveTable.getParameterSpec("prime256v1");
KeyPair kp = generateECKeyPair(ecSpec);
JcaEACSignerBuilder signerBuilder = new JcaEACSignerBuilder().setProvider(BC);
EACSigner signer = signerBuilder.build("SHA256withECDSA", kp.getPrivate());
int role = CertificateHolderAuthorization.CVCA;
int rights = CertificateHolderAuthorization.RADG3 | CertificateHolderAuthorization.RADG4;
EACCertificateBuilder certBuilder = new EACCertificateBuilder(
new CertificationAuthorityReference("AU", "BC TEST", "12345"),
new JcaPublicKeyConverter().getPublicKeyDataObject(signer.getUsageIdentifier(), kp.getPublic()),
new CertificateHolderReference("AU", "BC TEST", "12345"),
new CertificateHolderAuthorization(EACObjectIdentifiers.id_EAC_ePassport, role | rights),
new PackedDate("110101"),
new PackedDate("120101"));
EACCertificateHolder certHolder = certBuilder.build(signer);
EACSignatureVerifier verifier = new JcaEACSignatureVerifierBuilder().build(certHolder.getPublicKeyDataObject().getUsage(), kp.getPublic());
if (!certHolder.isSignatureValid(verifier))
{
fail("first signature test failed");
}
PublicKey pubKey = new JcaPublicKeyConverter().setProvider(BC).getKey(certHolder.getPublicKeyDataObject());
verifier = new JcaEACSignatureVerifierBuilder().build(certHolder.getPublicKeyDataObject().getUsage(), pubKey);
if (!certHolder.isSignatureValid(verifier))
{
fail("second signature test failed");
}
}
public void testGenerateRSA()
throws Exception
{
KeyPair kp = generateRSAKeyPair();
JcaEACSignerBuilder signerBuilder = new JcaEACSignerBuilder().setProvider(BC);
EACSigner signer = signerBuilder.build("SHA256withRSA", kp.getPrivate());
int role = CertificateHolderAuthorization.CVCA;
int rights = CertificateHolderAuthorization.RADG3 | CertificateHolderAuthorization.RADG4;
EACCertificateBuilder certBuilder = new EACCertificateBuilder(
new CertificationAuthorityReference("AU", "BC TEST", "12345"),
new JcaPublicKeyConverter().getPublicKeyDataObject(signer.getUsageIdentifier(), kp.getPublic()),
new CertificateHolderReference("AU", "BC TEST", "12345"),
new CertificateHolderAuthorization(EACObjectIdentifiers.id_EAC_ePassport, role | rights),
new PackedDate("110101"),
new PackedDate("120101"));
EACCertificateHolder certHolder = certBuilder.build(signer);
EACSignatureVerifier verifier = new JcaEACSignatureVerifierBuilder().build(certHolder.getPublicKeyDataObject().getUsage(), kp.getPublic());
if (!certHolder.isSignatureValid(verifier))
{
fail("first signature test failed");
}
PublicKey pubKey = new JcaPublicKeyConverter().setProvider(BC).getKey(certHolder.getPublicKeyDataObject());
verifier = new JcaEACSignatureVerifierBuilder().build(certHolder.getPublicKeyDataObject().getUsage(), pubKey);
if (!certHolder.isSignatureValid(verifier))
{
fail("second signature test failed");
}
}
private KeyPair generateECKeyPair(ECParameterSpec spec) throws NoSuchAlgorithmException, NoSuchProviderException, InvalidAlgorithmParameterException
{
KeyPairGenerator gen = KeyPairGenerator.getInstance("ECDSA",BC);
gen.initialize(spec, new SecureRandom());
KeyPair generatedKeyPair = gen.generateKeyPair();
return generatedKeyPair;
}
private KeyPair generateRSAKeyPair() throws NoSuchAlgorithmException, NoSuchProviderException, InvalidAlgorithmParameterException
{
KeyPairGenerator gen = KeyPairGenerator.getInstance("RSA",BC);
gen.initialize(1024, new SecureRandom());
KeyPair generatedKeyPair = gen.generateKeyPair();
return generatedKeyPair;
}
public static void main(String[] args)
throws Exception
{
Security.addProvider(new BouncyCastleProvider());
junit.textui.TestRunner.run(suite());
}
public static Test suite()
throws Exception
{
TestSuite suite = new TestSuite("EAC tests");
suite.addTestSuite(AllTests.class);
return new EACTestSetup(suite);
}
}