SignedDataTestpublic class SignedDataTest extends TestCase
| Fields Summary |
|---|
| boolean | DEBUG | | private static String | _origDN | | private static KeyPair | _origKP | | private static X509Certificate | _origCert | | private static String | _signDN | | private static KeyPair | _signKP | | private static X509Certificate | _signCert | | private static KeyPair | _signGostKP | | private static X509Certificate | _signGostCert | | private static KeyPair | _signEcDsaKP | | private static X509Certificate | _signEcDsaCert | | private static KeyPair | _signEcGostKP | | private static X509Certificate | _signEcGostCert | | private static KeyPair | _signDsaKP | | private static X509Certificate | _signDsaCert | | private static String | _reciDN | | private static KeyPair | _reciKP | | private static X509Certificate | _reciCert | | private static X509CRL | _signCrl | | private static boolean | _initialised | | private byte[] | disorderedMessage | | private byte[] | disorderedSet |
| Constructors Summary |
|---|
public SignedDataTest(String name)
/*
*
* INFRASTRUCTURE
*
*/
super(name);
|
| Methods Summary |
|---|
| private void | checkSignerStoreReplacement(org.bouncycastle.cms.CMSSignedData orig, org.bouncycastle.cms.SignerInformationStore signers)
CMSSignedData s = CMSSignedData.replaceSigners(orig, signers);
CertStore certs = s.getCertificatesAndCRLs("Collection", "BC");
signers = s.getSignerInfos();
Collection c = signers.getSigners();
Iterator it = c.iterator();
while (it.hasNext())
{
SignerInformation signer = (SignerInformation)it.next();
Collection certCollection = certs.getCertificates(signer.getSID());
Iterator certIt = certCollection.iterator();
X509Certificate cert = (X509Certificate)certIt.next();
assertEquals(true, signer.verify(cert, "BC"));
}
| | private void | encapsulatedTest(java.security.KeyPair signaturePair, java.security.cert.X509Certificate signatureCert, java.lang.String digestAlgorithm)
List certList = new ArrayList();
CMSProcessable msg = new CMSProcessableByteArray("Hello World!".getBytes());
certList.add(signatureCert);
certList.add(_origCert);
certList.add(_signCrl);
CertStore certsAndCrls = CertStore.getInstance("Collection",
new CollectionCertStoreParameters(certList), "BC");
CMSSignedDataGenerator gen = new CMSSignedDataGenerator();
gen.addSigner(signaturePair.getPrivate(), signatureCert, digestAlgorithm);
gen.addCertificatesAndCRLs(certsAndCrls);
CMSSignedData s = gen.generate(msg, true, "BC");
ByteArrayInputStream bIn = new ByteArrayInputStream(s.getEncoded());
ASN1InputStream aIn = new ASN1InputStream(bIn);
s = new CMSSignedData(ContentInfo.getInstance(aIn.readObject()));
certsAndCrls = s.getCertificatesAndCRLs("Collection", "BC");
SignerInformationStore signers = s.getSignerInfos();
Collection c = signers.getSigners();
Iterator it = c.iterator();
while (it.hasNext())
{
SignerInformation signer = (SignerInformation)it.next();
Collection certCollection = certsAndCrls.getCertificates(signer.getSID());
Iterator certIt = certCollection.iterator();
X509Certificate cert = (X509Certificate)certIt.next();
assertEquals(true, signer.verify(cert, "BC"));
}
//
// check for CRLs
//
Collection crls = certsAndCrls.getCRLs(null);
assertEquals(1, crls.size());
assertTrue(crls.contains(_signCrl));
//
// try using existing signer
//
gen = new CMSSignedDataGenerator();
gen.addSigners(s.getSignerInfos());
gen.addCertificatesAndCRLs(s.getCertificatesAndCRLs("Collection", "BC"));
s = gen.generate(msg, true, "BC");
bIn = new ByteArrayInputStream(s.getEncoded());
aIn = new ASN1InputStream(bIn);
s = new CMSSignedData(ContentInfo.getInstance(aIn.readObject()));
certsAndCrls = s.getCertificatesAndCRLs("Collection", "BC");
signers = s.getSignerInfos();
c = signers.getSigners();
it = c.iterator();
while (it.hasNext())
{
SignerInformation signer = (SignerInformation)it.next();
Collection certCollection = certsAndCrls.getCertificates(signer.getSID());
Iterator certIt = certCollection.iterator();
X509Certificate cert = (X509Certificate)certIt.next();
assertEquals(true, signer.verify(cert, "BC"));
}
checkSignerStoreReplacement(s, signers);
| | private static void | init()
if (!_initialised)
{
_initialised = true;
_origDN = "O=Bouncy Castle, C=AU";
_origKP = CMSTestUtil.makeKeyPair();
_origCert = CMSTestUtil.makeCertificate(_origKP, _origDN, _origKP, _origDN);
_signDN = "CN=Bob, OU=Sales, O=Bouncy Castle, C=AU";
_signKP = CMSTestUtil.makeKeyPair();
_signCert = CMSTestUtil.makeCertificate(_signKP, _signDN, _origKP, _origDN);
_signGostKP = CMSTestUtil.makeGostKeyPair();
_signGostCert = CMSTestUtil.makeCertificate(_signGostKP, _signDN, _origKP, _origDN);
_signDsaKP = CMSTestUtil.makeDsaKeyPair();
_signDsaCert = CMSTestUtil.makeCertificate(_signDsaKP, _signDN, _origKP, _origDN);
_signEcDsaKP = CMSTestUtil.makeEcDsaKeyPair();
_signEcDsaCert = CMSTestUtil.makeCertificate(_signEcDsaKP, _signDN, _origKP, _origDN);
_signEcGostKP = CMSTestUtil.makeEcGostKeyPair();
_signEcGostCert = CMSTestUtil.makeCertificate(_signEcGostKP, _signDN, _origKP, _origDN);
_reciDN = "CN=Doug, OU=Sales, O=Bouncy Castle, C=AU";
_reciKP = CMSTestUtil.makeKeyPair();
_reciCert = CMSTestUtil.makeCertificate(_reciKP, _reciDN, _signKP, _signDN);
_signCrl = CMSTestUtil.makeCrl(_signKP);
}
| | public static void | main(java.lang.String[] args)
junit.textui.TestRunner.run(SignedDataTest.class);
| | private void | subjectKeyIDTest(java.security.KeyPair signaturePair, java.security.cert.X509Certificate signatureCert, java.lang.String digestAlgorithm)
List certList = new ArrayList();
CMSProcessable msg = new CMSProcessableByteArray("Hello World!".getBytes());
certList.add(signatureCert);
certList.add(_origCert);
certList.add(_signCrl);
CertStore certsAndCrls = CertStore.getInstance("Collection",
new CollectionCertStoreParameters(certList), "BC");
CMSSignedDataGenerator gen = new CMSSignedDataGenerator();
gen.addSigner(signaturePair.getPrivate(), CMSTestUtil.createSubjectKeyId(signatureCert.getPublicKey()).getKeyIdentifier(), digestAlgorithm);
gen.addCertificatesAndCRLs(certsAndCrls);
CMSSignedData s = gen.generate(msg, true, "BC");
ByteArrayInputStream bIn = new ByteArrayInputStream(s.getEncoded());
ASN1InputStream aIn = new ASN1InputStream(bIn);
s = new CMSSignedData(ContentInfo.getInstance(aIn.readObject()));
certsAndCrls = s.getCertificatesAndCRLs("Collection", "BC");
SignerInformationStore signers = s.getSignerInfos();
Collection c = signers.getSigners();
Iterator it = c.iterator();
while (it.hasNext())
{
SignerInformation signer = (SignerInformation)it.next();
Collection certCollection = certsAndCrls.getCertificates(signer.getSID());
Iterator certIt = certCollection.iterator();
X509Certificate cert = (X509Certificate)certIt.next();
assertEquals(true, signer.verify(cert, "BC"));
}
//
// check for CRLs
//
Collection crls = certsAndCrls.getCRLs(null);
assertEquals(1, crls.size());
assertTrue(crls.contains(_signCrl));
//
// try using existing signer
//
gen = new CMSSignedDataGenerator();
gen.addSigners(s.getSignerInfos());
gen.addCertificatesAndCRLs(s.getCertificatesAndCRLs("Collection", "BC"));
s = gen.generate(msg, true, "BC");
bIn = new ByteArrayInputStream(s.getEncoded());
aIn = new ASN1InputStream(bIn);
s = new CMSSignedData(ContentInfo.getInstance(aIn.readObject()));
certsAndCrls = s.getCertificatesAndCRLs("Collection", "BC");
signers = s.getSignerInfos();
c = signers.getSigners();
it = c.iterator();
while (it.hasNext())
{
SignerInformation signer = (SignerInformation)it.next();
Collection certCollection = certsAndCrls.getCertificates(signer.getSID());
Iterator certIt = certCollection.iterator();
X509Certificate cert = (X509Certificate)certIt.next();
assertEquals(true, signer.verify(cert, "BC"));
}
checkSignerStoreReplacement(s, signers);
| | public static junit.framework.Test | suite()
init();
return new CMSTestSetup(new TestSuite(SignedDataTest.class));
| | public void | testCertOrdering1()
List certList = new ArrayList();
CMSProcessable msg = new CMSProcessableByteArray("Hello World!".getBytes());
certList.add(_origCert);
certList.add(_signCert);
certList.add(_signDsaCert);
CertStore certs = CertStore.getInstance("Collection",
new CollectionCertStoreParameters(certList), "BC");
CMSSignedDataGenerator gen = new CMSSignedDataGenerator();
gen.addSigner(_origKP.getPrivate(), _origCert, CMSSignedDataGenerator.DIGEST_SHA1);
gen.addCertificatesAndCRLs(certs);
CMSSignedData sd = gen.generate(msg, true, "BC");
certs = sd.getCertificatesAndCRLs("Collection", "BC");
Iterator it = certs.getCertificates(null).iterator();
assertEquals(_origCert, it.next());
assertEquals(_signCert, it.next());
assertEquals(_signDsaCert, it.next());
| | public void | testCertOrdering2()
List certList = new ArrayList();
CMSProcessable msg = new CMSProcessableByteArray("Hello World!".getBytes());
certList.add(_signCert);
certList.add(_signDsaCert);
certList.add(_origCert);
CertStore certs = CertStore.getInstance("Collection",
new CollectionCertStoreParameters(certList), "BC");
CMSSignedDataGenerator gen = new CMSSignedDataGenerator();
gen.addSigner(_origKP.getPrivate(), _origCert, CMSSignedDataGenerator.DIGEST_SHA1);
gen.addCertificatesAndCRLs(certs);
CMSSignedData sd = gen.generate(msg, true, "BC");
certs = sd.getCertificatesAndCRLs("Collection", "BC");
Iterator it = certs.getCertificates(null).iterator();
assertEquals(_signCert, it.next());
assertEquals(_signDsaCert, it.next());
assertEquals(_origCert, it.next());
| | public void | testCertStoreReplacement()
List certList = new ArrayList();
CMSProcessable msg = new CMSProcessableByteArray("Hello World!".getBytes());
certList.add(_signDsaCert);
CertStore certs = CertStore.getInstance("Collection",
new CollectionCertStoreParameters(certList), "BC");
CMSSignedDataGenerator gen = new CMSSignedDataGenerator();
gen.addSigner(_origKP.getPrivate(), _origCert, CMSSignedDataGenerator.DIGEST_SHA1);
gen.addCertificatesAndCRLs(certs);
CMSSignedData sd = gen.generate(msg, "BC");
//
// create new certstore
//
certList = new ArrayList();
certList.add(_origCert);
certList.add(_signCert);
certs = CertStore.getInstance("Collection",
new CollectionCertStoreParameters(certList), "BC");
//
// replace certs
//
sd = CMSSignedData.replaceCertificatesAndCRLs(sd, certs);
verifySignatures(sd);
| | public void | testDSAEncapsulated()
encapsulatedTest(_signDsaKP, _signDsaCert, CMSSignedDataGenerator.DIGEST_SHA1);
| | public void | testDSAEncapsulatedSubjectKeyID()
subjectKeyIDTest(_signDsaKP, _signDsaCert, CMSSignedDataGenerator.DIGEST_SHA1);
| | public void | testDetachedVerification()
byte[] data = "Hello World!".getBytes();
List certList = new ArrayList();
CMSProcessable msg = new CMSProcessableByteArray(data);
certList.add(_origCert);
certList.add(_signCert);
CertStore certs = CertStore.getInstance("Collection",
new CollectionCertStoreParameters(certList), "BC");
CMSSignedDataGenerator gen = new CMSSignedDataGenerator();
gen.addSigner(_origKP.getPrivate(), _origCert, CMSSignedDataGenerator.DIGEST_SHA1);
gen.addSigner(_origKP.getPrivate(), _origCert, CMSSignedDataGenerator.DIGEST_MD5);
gen.addCertificatesAndCRLs(certs);
CMSSignedData s = gen.generate(msg, "BC");
MessageDigest sha1 = MessageDigest.getInstance("SHA1", "BC");
MessageDigest md5 = MessageDigest.getInstance("MD5", "BC");
Map hashes = new HashMap();
byte[] sha1Hash = sha1.digest(data);
byte[] md5Hash = md5.digest(data);
hashes.put(CMSSignedDataGenerator.DIGEST_SHA1, sha1Hash);
hashes.put(CMSSignedDataGenerator.DIGEST_MD5, md5Hash);
s = new CMSSignedData(hashes, s.getEncoded());
verifySignatures(s, null);
| | public void | testECDSAEncapsulated()
encapsulatedTest(_signEcDsaKP, _signEcDsaCert, CMSSignedDataGenerator.DIGEST_SHA1);
| | public void | testECDSAEncapsulatedSubjectKeyID()
subjectKeyIDTest(_signEcDsaKP, _signEcDsaCert, CMSSignedDataGenerator.DIGEST_SHA1);
| | public void | testECDSASHA224Encapsulated()
encapsulatedTest(_signEcDsaKP, _signEcDsaCert, CMSSignedDataGenerator.DIGEST_SHA224);
| | public void | testECDSASHA256Encapsulated()
encapsulatedTest(_signEcDsaKP, _signEcDsaCert, CMSSignedDataGenerator.DIGEST_SHA256);
| | public void | testECDSASHA384Encapsulated()
encapsulatedTest(_signEcDsaKP, _signEcDsaCert, CMSSignedDataGenerator.DIGEST_SHA384);
| | public void | testECDSASHA512Encapsulated()
encapsulatedTest(_signEcDsaKP, _signEcDsaCert, CMSSignedDataGenerator.DIGEST_SHA512);
| | public void | testECDSASHA512EncapsulatedWithKeyFactoryAsEC()
X509EncodedKeySpec pubSpec = new X509EncodedKeySpec(_signEcDsaKP.getPublic().getEncoded());
PKCS8EncodedKeySpec privSpec = new PKCS8EncodedKeySpec(_signEcDsaKP.getPrivate().getEncoded());
KeyFactory keyFact = KeyFactory.getInstance("EC", "BC");
KeyPair kp = new KeyPair(keyFact.generatePublic(pubSpec), keyFact.generatePrivate(privSpec));
encapsulatedTest(kp, _signEcDsaCert, CMSSignedDataGenerator.DIGEST_SHA512);
| | public void | testEncapsulatedCertStoreReplacement()
List certList = new ArrayList();
CMSProcessable msg = new CMSProcessableByteArray("Hello World!".getBytes());
certList.add(_signDsaCert);
CertStore certs = CertStore.getInstance("Collection",
new CollectionCertStoreParameters(certList), "BC");
CMSSignedDataGenerator gen = new CMSSignedDataGenerator();
gen.addSigner(_origKP.getPrivate(), _origCert, CMSSignedDataGenerator.DIGEST_SHA1);
gen.addCertificatesAndCRLs(certs);
CMSSignedData sd = gen.generate(msg, true, "BC");
//
// create new certstore
//
certList = new ArrayList();
certList.add(_origCert);
certList.add(_signCert);
certs = CertStore.getInstance("Collection",
new CollectionCertStoreParameters(certList), "BC");
//
// replace certs
//
sd = CMSSignedData.replaceCertificatesAndCRLs(sd, certs);
verifySignatures(sd);
| | public void | testGOST3411WithECGOST3410Encapsulated()
encapsulatedTest(_signEcGostKP, _signEcGostCert, CMSSignedDataGenerator.DIGEST_GOST3411);
| | public void | testGOST3411WithGOST3410Encapsulated()
encapsulatedTest(_signGostKP, _signGostCert, CMSSignedDataGenerator.DIGEST_GOST3411);
| | public void | testNullContentWithSigner()
List certList = new ArrayList();
certList.add(_origCert);
certList.add(_signCert);
CertStore certs = CertStore.getInstance("Collection",
new CollectionCertStoreParameters(certList), "BC");
CMSSignedDataGenerator gen = new CMSSignedDataGenerator();
gen.addSigner(_origKP.getPrivate(), _origCert, CMSSignedDataGenerator.DIGEST_SHA1);
gen.addCertificatesAndCRLs(certs);
CMSSignedData s = gen.generate(null, false, "BC");
ByteArrayInputStream bIn = new ByteArrayInputStream(s.getEncoded());
ASN1InputStream aIn = new ASN1InputStream(bIn);
s = new CMSSignedData(ContentInfo.getInstance(aIn.readObject()));
verifySignatures(s);
| | public void | testRIPEMD128WithRSAEncapsulated()
encapsulatedTest(_signKP, _signCert, CMSSignedDataGenerator.DIGEST_RIPEMD128);
| | public void | testRIPEMD160WithRSAEncapsulated()
encapsulatedTest(_signKP, _signCert, CMSSignedDataGenerator.DIGEST_RIPEMD160);
| | public void | testRIPEMD256WithRSAEncapsulated()
encapsulatedTest(_signKP, _signCert, CMSSignedDataGenerator.DIGEST_RIPEMD256);
| | public void | testSHA1AndMD5WithRSAEncapsulatedRepeated()
List certList = new ArrayList();
CMSProcessable msg = new CMSProcessableByteArray("Hello World!".getBytes());
certList.add(_origCert);
certList.add(_signCert);
CertStore certs = CertStore.getInstance("Collection",
new CollectionCertStoreParameters(certList), "BC");
CMSSignedDataGenerator gen = new CMSSignedDataGenerator();
gen.addSigner(_origKP.getPrivate(), _origCert, CMSSignedDataGenerator.DIGEST_SHA1);
gen.addSigner(_origKP.getPrivate(), _origCert, CMSSignedDataGenerator.DIGEST_MD5);
gen.addCertificatesAndCRLs(certs);
CMSSignedData s = gen.generate(msg, true, "BC");
ByteArrayInputStream bIn = new ByteArrayInputStream(s.getEncoded());
ASN1InputStream aIn = new ASN1InputStream(bIn);
s = new CMSSignedData(ContentInfo.getInstance(aIn.readObject()));
certs = s.getCertificatesAndCRLs("Collection", "BC");
SignerInformationStore signers = s.getSignerInfos();
assertEquals(2, signers.size());
Collection c = signers.getSigners();
Iterator it = c.iterator();
SignerId sid = null;
while (it.hasNext())
{
SignerInformation signer = (SignerInformation)it.next();
Collection certCollection = certs.getCertificates(signer.getSID());
Iterator certIt = certCollection.iterator();
X509Certificate cert = (X509Certificate)certIt.next();
sid = signer.getSID();
assertEquals(true, signer.verify(cert, "BC"));
//
// check content digest
//
byte[] contentDigest = (byte[])gen.getGeneratedDigests().get(signer.getDigestAlgOID());
AttributeTable table = signer.getSignedAttributes();
Attribute hash = table.get(CMSAttributes.messageDigest);
assertTrue(MessageDigest.isEqual(contentDigest, ((ASN1OctetString)hash.getAttrValues().getObjectAt(0)).getOctets()));
}
c = signers.getSigners(sid);
assertEquals(2, c.size());
//
// try using existing signer
//
gen = new CMSSignedDataGenerator();
gen.addSigners(s.getSignerInfos());
gen.addCertificatesAndCRLs(s.getCertificatesAndCRLs("Collection", "BC"));
s = gen.generate(msg, true, "BC");
bIn = new ByteArrayInputStream(s.getEncoded());
aIn = new ASN1InputStream(bIn);
s = new CMSSignedData(ContentInfo.getInstance(aIn.readObject()));
certs = s.getCertificatesAndCRLs("Collection", "BC");
signers = s.getSignerInfos();
c = signers.getSigners();
it = c.iterator();
assertEquals(2, c.size());
while (it.hasNext())
{
SignerInformation signer = (SignerInformation)it.next();
Collection certCollection = certs.getCertificates(signer.getSID());
Iterator certIt = certCollection.iterator();
X509Certificate cert = (X509Certificate)certIt.next();
assertEquals(true, signer.verify(cert, "BC"));
}
checkSignerStoreReplacement(s, signers);
| | public void | testSHA1WithRSAAndAttributeTable()
MessageDigest md = MessageDigest.getInstance("SHA1", "BC");
List certList = new ArrayList();
CMSProcessable msg = new CMSProcessableByteArray("Hello world!".getBytes());
certList.add(_origCert);
certList.add(_signCert);
CertStore certs = CertStore.getInstance("Collection",
new CollectionCertStoreParameters(certList), "BC");
CMSSignedDataGenerator gen = new CMSSignedDataGenerator();
Attribute attr = new Attribute(CMSAttributes.messageDigest,
new DERSet(
new DEROctetString(
md.digest("Hello world!".getBytes()))));
ASN1EncodableVector v = new ASN1EncodableVector();
v.add(attr);
gen.addSigner(_origKP.getPrivate(), _origCert, CMSSignedDataGenerator.DIGEST_SHA1, new AttributeTable(v), null);
gen.addCertificatesAndCRLs(certs);
CMSSignedData s = gen.generate(CMSSignedDataGenerator.DATA, null, false, "BC");
//
// the signature is detached, so need to add msg before passing on
//
s = new CMSSignedData(msg, s.getEncoded());
//
// compute expected content digest
//
verifySignatures(s, md.digest("Hello world!".getBytes()));
| | public void | testSHA1WithRSACounterSignature()
List certList = new ArrayList();
CMSProcessable msg = new CMSProcessableByteArray("Hello World!".getBytes());
certList.add(_signCert);
certList.add(_origCert);
certList.add(_signCrl);
CertStore certsAndCrls = CertStore.getInstance("Collection",
new CollectionCertStoreParameters(certList), "BC");
CMSSignedDataGenerator gen = new CMSSignedDataGenerator();
gen.addSigner(_signKP.getPrivate(), _signCert, CMSSignedDataGenerator.DIGEST_SHA1);
gen.addCertificatesAndCRLs(certsAndCrls);
CMSSignedData s = gen.generate(msg, true, "BC");
SignerInformation origSigner = (SignerInformation)s.getSignerInfos().getSigners().toArray()[0];
SignerInformationStore counterSigners = gen.generateCounterSigners(origSigner, "BC");
SignerInformation signer = SignerInformation.addCounterSigners(origSigner, counterSigners);
SignerInformationStore signers = signer.getCounterSignatures();
Iterator it = signers.getSigners().iterator();
while (it.hasNext())
{
SignerInformation cSigner = (SignerInformation)it.next();
Collection certCollection = certsAndCrls.getCertificates(cSigner.getSID());
Iterator certIt = certCollection.iterator();
X509Certificate cert = (X509Certificate)certIt.next();
assertNull(cSigner.getSignedAttributes().get(PKCSObjectIdentifiers.pkcs_9_at_contentType));
assertEquals(true, cSigner.verify(cert, "BC"));
}
| | public void | testSHA1WithRSAEncapsulated()
encapsulatedTest(_signKP, _signCert, CMSSignedDataGenerator.DIGEST_SHA1);
| | public void | testSHA1WithRSAEncapsulatedSubjectKeyID()
subjectKeyIDTest(_signKP, _signCert, CMSSignedDataGenerator.DIGEST_SHA1);
| | public void | testSHA1WithRSANoAttributes()
List certList = new ArrayList();
CMSProcessable msg = new CMSProcessableByteArray("Hello world!".getBytes());
certList.add(_origCert);
certList.add(_signCert);
CertStore certs = CertStore.getInstance("Collection",
new CollectionCertStoreParameters(certList), "BC");
CMSSignedDataGenerator gen = new CMSSignedDataGenerator();
gen.addSigner(_origKP.getPrivate(), _origCert, CMSSignedDataGenerator.DIGEST_SHA1);
gen.addCertificatesAndCRLs(certs);
CMSSignedData s = gen.generate(CMSSignedDataGenerator.DATA, msg, false, "BC", false);
//
// compute expected content digest
//
MessageDigest md = MessageDigest.getInstance("SHA1", "BC");
verifySignatures(s, md.digest("Hello world!".getBytes()));
| | public void | testSHA224WithRSAEncapsulated()
encapsulatedTest(_signKP, _signCert, CMSSignedDataGenerator.DIGEST_SHA224);
| | public void | testSHA256WithRSAEncapsulated()
encapsulatedTest(_signKP, _signCert, CMSSignedDataGenerator.DIGEST_SHA256);
| | public void | testSignerStoreReplacement()
List certList = new ArrayList();
CMSProcessable msg = new CMSProcessableByteArray("Hello World!".getBytes());
certList.add(_origCert);
certList.add(_signCert);
CertStore certs = CertStore.getInstance("Collection",
new CollectionCertStoreParameters(certList), "BC");
CMSSignedDataGenerator gen = new CMSSignedDataGenerator();
gen.addSigner(_origKP.getPrivate(), _origCert, CMSSignedDataGenerator.DIGEST_SHA1);
gen.addCertificatesAndCRLs(certs);
CMSSignedData original = gen.generate(msg, true, "BC");
//
// create new Signer
//
gen = new CMSSignedDataGenerator();
gen.addSigner(_origKP.getPrivate(), _origCert, CMSSignedDataGenerator.DIGEST_SHA224);
gen.addCertificatesAndCRLs(certs);
CMSSignedData newSD = gen.generate(msg, true, "BC");
//
// replace signer
//
CMSSignedData sd = CMSSignedData.replaceSigners(original, newSD.getSignerInfos());
SignerInformation signer = (SignerInformation)sd.getSignerInfos().getSigners().iterator().next();
assertEquals(CMSSignedDataGenerator.DIGEST_SHA224, signer.getDigestAlgOID());
// we use a parser here as it requires the digests to be correct in the digest set, if it
// isn't we'll get a NullPointerException
CMSSignedDataParser sp = new CMSSignedDataParser(sd.getEncoded());
sp.getSignedContent().drain();
verifySignatures(sp);
| | public void | testUnsortedAttributes()
CMSSignedData s = new CMSSignedData(new CMSProcessableByteArray(disorderedMessage), disorderedSet);
CertStore certs = s.getCertificatesAndCRLs("Collection", "BC");
SignerInformationStore signers = s.getSignerInfos();
Collection c = signers.getSigners();
Iterator it = c.iterator();
while (it.hasNext())
{
SignerInformation signer = (SignerInformation)it.next();
Collection certCollection = certs.getCertificates(signer.getSID());
Iterator certIt = certCollection.iterator();
X509Certificate cert = (X509Certificate)certIt.next();
assertEquals(true, signer.verify(cert, "BC"));
}
| | public void | testWithAttributeCertificate()
List certList = new ArrayList();
CMSProcessable msg = new CMSProcessableByteArray("Hello World!".getBytes());
certList.add(_signDsaCert);
CertStore certs = CertStore.getInstance("Collection",
new CollectionCertStoreParameters(certList), "BC");
CMSSignedDataGenerator gen = new CMSSignedDataGenerator();
gen.addSigner(_origKP.getPrivate(), _origCert, CMSSignedDataGenerator.DIGEST_SHA1);
gen.addCertificatesAndCRLs(certs);
X509AttributeCertificate attrCert = CMSTestUtil.getAttributeCertificate();
X509Store store = X509Store.getInstance("AttributeCertificate/Collection",
new X509CollectionStoreParameters(Collections.singleton(attrCert)), "BC");
gen.addAttributeCertificates(store);
CMSSignedData sd = gen.generate(msg, "BC");
assertEquals(4, sd.getVersion());
store = sd.getAttributeCertificates("Collection", "BC");
Collection coll = store.getMatches(null);
assertEquals(1, coll.size());
assertTrue(coll.contains(attrCert));
//
// create new certstore
//
certList = new ArrayList();
certList.add(_origCert);
certList.add(_signCert);
certs = CertStore.getInstance("Collection",
new CollectionCertStoreParameters(certList), "BC");
//
// replace certs
//
sd = CMSSignedData.replaceCertificatesAndCRLs(sd, certs);
verifySignatures(sd);
| | private void | verifySignatures(org.bouncycastle.cms.CMSSignedDataParser sp)
CertStore certs = sp.getCertificatesAndCRLs("Collection", "BC");
SignerInformationStore signers = sp.getSignerInfos();
Collection c = signers.getSigners();
Iterator it = c.iterator();
while (it.hasNext())
{
SignerInformation signer = (SignerInformation)it.next();
Collection certCollection = certs.getCertificates(signer.getSID());
Iterator certIt = certCollection.iterator();
X509Certificate cert = (X509Certificate)certIt.next();
assertEquals(true, signer.verify(cert, "BC"));
}
| | private void | verifySignatures(org.bouncycastle.cms.CMSSignedData s, byte[] contentDigest)
CertStore certStore = s.getCertificatesAndCRLs("Collection", "BC");
SignerInformationStore signers = s.getSignerInfos();
Collection c = signers.getSigners();
Iterator it = c.iterator();
while (it.hasNext())
{
SignerInformation signer = (SignerInformation)it.next();
Collection certCollection = certStore.getCertificates(signer.getSID());
Iterator certIt = certCollection.iterator();
X509Certificate cert = (X509Certificate)certIt.next();
assertEquals(true, signer.verify(cert, "BC"));
if (contentDigest != null)
{
assertTrue(MessageDigest.isEqual(contentDigest, signer.getContentDigest()));
}
}
Collection certColl = certStore.getCertificates(null);
Collection crlColl = certStore.getCRLs(null);
assertEquals(certColl.size(), s.getCertificates("Collection", "BC").getMatches(null).size());
assertEquals(crlColl.size(), s.getCRLs("Collection", "BC").getMatches(null).size());
| | private void | verifySignatures(org.bouncycastle.cms.CMSSignedData s)
verifySignatures(s, null);
|
|
