EnvelopedDataTestpublic class EnvelopedDataTest extends TestCase
| Fields Summary |
|---|
| private static String | _signDN | | private static KeyPair | _signKP | | private static X509Certificate | _signCert | | private static String | _origDN | | private static KeyPair | _origKP | | private static X509Certificate | _origCert | | private static String | _reciDN | | private static KeyPair | _reciKP | | private static X509Certificate | _reciCert | | private static KeyPair | _origEcKP | | private static KeyPair | _reciEcKP | | private static X509Certificate | _reciEcCert | | private static boolean | _initialised | | private byte[] | oldKEK | | private byte[] | ecKeyAgreeMsgAES256 | | private byte[] | ecKeyAgreeMsgAES128 | | private byte[] | ecKeyAgreeMsgDESEDE | | private byte[] | ecMQVKeyAgreeMsgAES128 | | private byte[] | ecKeyAgreeKey | | private byte[] | bobPrivRsaEncrypt | | private byte[] | rfc4134ex5_1 | | private byte[] | rfc4134ex5_2 |
| Constructors Summary |
|---|
public EnvelopedDataTest()
|
| Methods Summary |
|---|
| private static void | init()
if (!_initialised)
{
_initialised = true;
_signDN = "O=Bouncy Castle, C=AU";
_signKP = CMSTestUtil.makeKeyPair();
_signCert = CMSTestUtil.makeCertificate(_signKP, _signDN, _signKP, _signDN);
_origDN = "CN=Bob, OU=Sales, O=Bouncy Castle, C=AU";
_origKP = CMSTestUtil.makeKeyPair();
_origCert = CMSTestUtil.makeCertificate(_origKP, _origDN, _signKP, _signDN);
_reciDN = "CN=Doug, OU=Sales, O=Bouncy Castle, C=AU";
_reciKP = CMSTestUtil.makeKeyPair();
_reciCert = CMSTestUtil.makeCertificate(_reciKP, _reciDN, _signKP, _signDN);
_origEcKP = CMSTestUtil.makeEcDsaKeyPair();
_reciEcKP = CMSTestUtil.makeEcDsaKeyPair();
_reciEcCert = CMSTestUtil.makeCertificate(_reciEcKP, _reciDN, _signKP, _signDN);
}
| | public static void | main(java.lang.String[] args)
junit.textui.TestRunner.run(EnvelopedDataTest.suite());
| | private void | passwordTest(java.lang.String algorithm)
byte[] data = Hex.decode("504b492d4320434d5320456e76656c6f706564446174612053616d706c65");
CMSEnvelopedDataGenerator edGen = new CMSEnvelopedDataGenerator();
edGen.addPasswordRecipient(new PKCS5Scheme2PBEKey("password".toCharArray(), new byte[20], 5), algorithm);
CMSEnvelopedData ed = edGen.generate(
new CMSProcessableByteArray(data),
CMSEnvelopedDataGenerator.AES128_CBC, "BC");
RecipientInformationStore recipients = ed.getRecipientInfos();
assertEquals(ed.getEncryptionAlgOID(),
CMSEnvelopedDataGenerator.AES128_CBC);
Collection c = recipients.getRecipients();
Iterator it = c.iterator();
if (it.hasNext())
{
RecipientInformation recipient = (RecipientInformation)it.next();
byte[] recData = recipient.getContent(new PKCS5Scheme2PBEKey("password".toCharArray(), new byte[20], 5), "BC");
assertEquals(true, Arrays.equals(data, recData));
}
else
{
fail("no recipient found");
}
//
// try algorithm parameters constructor
//
it = c.iterator();
RecipientInformation recipient = (RecipientInformation)it.next();
byte[] recData = recipient.getContent(new PKCS5Scheme2PBEKey("password".toCharArray(), ((PasswordRecipientInformation)recipient).getKeyDerivationAlgParameters("BC")), "BC");
assertEquals(true, Arrays.equals(data, recData));
| | private void | passwordUTF8Test(java.lang.String algorithm)
byte[] data = Hex.decode("504b492d4320434d5320456e76656c6f706564446174612053616d706c65");
CMSEnvelopedDataGenerator edGen = new CMSEnvelopedDataGenerator();
edGen.addPasswordRecipient(new PKCS5Scheme2UTF8PBEKey("abc\u5639\u563b".toCharArray(), new byte[20], 5), algorithm);
CMSEnvelopedData ed = edGen.generate(
new CMSProcessableByteArray(data),
CMSEnvelopedDataGenerator.AES128_CBC, "BC");
RecipientInformationStore recipients = ed.getRecipientInfos();
assertEquals(ed.getEncryptionAlgOID(),
CMSEnvelopedDataGenerator.AES128_CBC);
Collection c = recipients.getRecipients();
Iterator it = c.iterator();
if (it.hasNext())
{
RecipientInformation recipient = (RecipientInformation)it.next();
byte[] recData = recipient.getContent(new PKCS5Scheme2UTF8PBEKey("abc\u5639\u563b".toCharArray(), new byte[20], 5), "BC");
assertEquals(true, Arrays.equals(data, recData));
}
else
{
fail("no recipient found");
}
//
// try algorithm parameters constructor
//
it = c.iterator();
RecipientInformation recipient = (RecipientInformation)it.next();
byte[] recData = recipient.getContent(new PKCS5Scheme2UTF8PBEKey("abc\u5639\u563b".toCharArray(), ((PasswordRecipientInformation)recipient).getKeyDerivationAlgParameters("BC")), "BC");
assertEquals(true, Arrays.equals(data, recData));
| | public static junit.framework.Test | suite()
init();
return new CMSTestSetup(new TestSuite(EnvelopedDataTest.class));
| | public void | testAES128KEK()
tryKekAlgorithm(CMSTestUtil.makeAESKey(128), NISTObjectIdentifiers.id_aes128_wrap);
| | public void | testAES192KEK()
tryKekAlgorithm(CMSTestUtil.makeAESKey(192), NISTObjectIdentifiers.id_aes192_wrap);
| | public void | testAES256KEK()
tryKekAlgorithm(CMSTestUtil.makeAESKey(256), NISTObjectIdentifiers.id_aes256_wrap);
| | public void | testCamellia128KEK()
tryKekAlgorithm(CMSTestUtil.makeCamelliaKey(128), NTTObjectIdentifiers.id_camellia128_wrap);
| | public void | testCamellia192KEK()
tryKekAlgorithm(CMSTestUtil.makeCamelliaKey(192), NTTObjectIdentifiers.id_camellia192_wrap);
| | public void | testCamellia256KEK()
tryKekAlgorithm(CMSTestUtil.makeCamelliaKey(256), NTTObjectIdentifiers.id_camellia256_wrap);
| | public void | testDESKEK()
tryKekAlgorithm(CMSTestUtil.makeDesede192Key(), new DERObjectIdentifier("1.2.840.113549.1.9.16.3.6"));
| | public void | testECKeyAgree()
byte[] data = Hex.decode("504b492d4320434d5320456e76656c6f706564446174612053616d706c65");
CMSEnvelopedDataGenerator edGen = new CMSEnvelopedDataGenerator();
edGen.addKeyAgreementRecipient(CMSEnvelopedDataGenerator.ECDH_SHA1KDF, _origEcKP.getPrivate(), _origEcKP.getPublic(), _reciEcCert, CMSEnvelopedDataGenerator.AES128_WRAP, "BC");
CMSEnvelopedData ed = edGen.generate(
new CMSProcessableByteArray(data),
CMSEnvelopedDataGenerator.AES128_CBC, "BC");
RecipientInformationStore recipients = ed.getRecipientInfos();
assertEquals(ed.getEncryptionAlgOID(),
CMSEnvelopedDataGenerator.AES128_CBC);
Collection c = recipients.getRecipients();
Iterator it = c.iterator();
if (it.hasNext())
{
RecipientInformation recipient = (RecipientInformation)it.next();
byte[] recData = recipient.getContent(_reciEcKP.getPrivate(), "BC");
assertEquals(true, Arrays.equals(data, recData));
}
else
{
fail("no recipient found");
}
| | public void | testECKeyAgreeVectors()
PKCS8EncodedKeySpec privSpec = new PKCS8EncodedKeySpec(ecKeyAgreeKey);
KeyFactory fact = KeyFactory.getInstance("ECDH", "BC");
PrivateKey privKey = fact.generatePrivate(privSpec);
verifyECKeyAgreeVectors(privKey, "2.16.840.1.101.3.4.1.42", ecKeyAgreeMsgAES256);
verifyECKeyAgreeVectors(privKey, "2.16.840.1.101.3.4.1.2", ecKeyAgreeMsgAES128);
verifyECKeyAgreeVectors(privKey, "1.2.840.113549.3.7", ecKeyAgreeMsgDESEDE);
| | public void | testErrorneousKEK()
byte[] data = "WallaWallaWashington".getBytes();
SecretKey kek = new SecretKeySpec(new byte[] { 1, 2, 3, 4, 5, 6, 7, 8, 9, 10, 11, 12, 13, 14, 15, 16 }, "AES");
CMSEnvelopedData ed = new CMSEnvelopedData(oldKEK);
RecipientInformationStore recipients = ed.getRecipientInfos();
assertEquals(ed.getEncryptionAlgOID(), CMSEnvelopedDataGenerator.DES_EDE3_CBC);
Collection c = recipients.getRecipients();
Iterator it = c.iterator();
if (it.hasNext())
{
RecipientInformation recipient = (RecipientInformation)it.next();
assertEquals(recipient.getKeyEncryptionAlgOID(), NISTObjectIdentifiers.id_aes128_wrap.getId());
byte[] recData = recipient.getContent(kek, "BC");
assertEquals(true, Arrays.equals(data, recData));
}
else
{
fail("no recipient found");
}
| | public void | testKeyTrans()
byte[] data = "WallaWallaWashington".getBytes();
CMSEnvelopedDataGenerator edGen = new CMSEnvelopedDataGenerator();
edGen.addKeyTransRecipient(_reciCert);
CMSEnvelopedData ed = edGen.generate(
new CMSProcessableByteArray(data),
CMSEnvelopedDataGenerator.DES_EDE3_CBC, "BC");
RecipientInformationStore recipients = ed.getRecipientInfos();
assertEquals(ed.getEncryptionAlgOID(), CMSEnvelopedDataGenerator.DES_EDE3_CBC);
Collection c = recipients.getRecipients();
assertEquals(1, c.size());
Iterator it = c.iterator();
while (it.hasNext())
{
RecipientInformation recipient = (RecipientInformation)it.next();
assertEquals(recipient.getKeyEncryptionAlgOID(), PKCSObjectIdentifiers.rsaEncryption.getId());
byte[] recData = recipient.getContent(_reciKP.getPrivate(), "BC");
assertEquals(true, Arrays.equals(data, recData));
}
| | public void | testKeyTrans128RC4()
byte[] data = "WallaWallaBouncyCastle".getBytes();
CMSEnvelopedDataGenerator edGen = new CMSEnvelopedDataGenerator();
edGen.addKeyTransRecipient(_reciCert);
CMSEnvelopedData ed = edGen.generate(
new CMSProcessableByteArray(data),
"1.2.840.113549.3.4", 128, "BC");
RecipientInformationStore recipients = ed.getRecipientInfos();
assertEquals(ed.getEncryptionAlgOID(), "1.2.840.113549.3.4");
Collection c = recipients.getRecipients();
Iterator it = c.iterator();
if (it.hasNext())
{
RecipientInformation recipient = (RecipientInformation)it.next();
byte[] recData = recipient.getContent(_reciKP.getPrivate(), "BC");
assertEquals(true, Arrays.equals(data, recData));
}
else
{
fail("no recipient found");
}
| | public void | testKeyTransAES128()
tryKeyTrans(CMSEnvelopedDataGenerator.AES128_CBC, NISTObjectIdentifiers.id_aes128_CBC, DEROctetString.class);
| | public void | testKeyTransAES192()
tryKeyTrans(CMSEnvelopedDataGenerator.AES192_CBC, NISTObjectIdentifiers.id_aes192_CBC, DEROctetString.class);
| | public void | testKeyTransAES256()
tryKeyTrans(CMSEnvelopedDataGenerator.AES256_CBC, NISTObjectIdentifiers.id_aes256_CBC, DEROctetString.class);
| | public void | testKeyTransCAST5()
tryKeyTrans(CMSEnvelopedDataGenerator.CAST5_CBC, new DERObjectIdentifier(CMSEnvelopedDataGenerator.CAST5_CBC), ASN1Sequence.class);
| | public void | testKeyTransCAST5SunJCE()
if (Security.getProvider("SunJCE") == null)
{
return;
}
String version = System.getProperty("java.version");
if (version.startsWith("1.4") || version.startsWith("1.3"))
{
return;
}
byte[] data = "WallaWallaWashington".getBytes();
CMSEnvelopedDataGenerator edGen = new CMSEnvelopedDataGenerator();
edGen.addKeyTransRecipient(_reciCert);
CMSEnvelopedData ed = edGen.generate(
new CMSProcessableByteArray(data),
CMSEnvelopedDataGenerator.CAST5_CBC, "SunJCE");
RecipientInformationStore recipients = ed.getRecipientInfos();
assertEquals(ed.getEncryptionAlgOID(), CMSEnvelopedDataGenerator.CAST5_CBC);
Collection c = recipients.getRecipients();
assertEquals(1, c.size());
Iterator it = c.iterator();
while (it.hasNext())
{
RecipientInformation recipient = (RecipientInformation)it.next();
assertEquals(recipient.getKeyEncryptionAlgOID(), PKCSObjectIdentifiers.rsaEncryption.getId());
byte[] recData = recipient.getContent(_reciKP.getPrivate(), "SunJCE");
assertEquals(true, Arrays.equals(data, recData));
}
| | public void | testKeyTransCamellia128()
tryKeyTrans(CMSEnvelopedDataGenerator.CAMELLIA128_CBC, NTTObjectIdentifiers.id_camellia128_cbc, DEROctetString.class);
| | public void | testKeyTransCamellia192()
tryKeyTrans(CMSEnvelopedDataGenerator.CAMELLIA192_CBC, NTTObjectIdentifiers.id_camellia192_cbc, DEROctetString.class);
| | public void | testKeyTransCamellia256()
tryKeyTrans(CMSEnvelopedDataGenerator.CAMELLIA256_CBC, NTTObjectIdentifiers.id_camellia256_cbc, DEROctetString.class);
| | public void | testKeyTransODES()
byte[] data = "WallaWallaBouncyCastle".getBytes();
CMSEnvelopedDataGenerator edGen = new CMSEnvelopedDataGenerator();
edGen.addKeyTransRecipient(_reciCert);
CMSEnvelopedData ed = edGen.generate(
new CMSProcessableByteArray(data),
"1.3.14.3.2.7", "BC");
RecipientInformationStore recipients = ed.getRecipientInfos();
assertEquals(ed.getEncryptionAlgOID(), "1.3.14.3.2.7");
Collection c = recipients.getRecipients();
Iterator it = c.iterator();
if (it.hasNext())
{
RecipientInformation recipient = (RecipientInformation)it.next();
byte[] recData = recipient.getContent(_reciKP.getPrivate(), "BC");
assertEquals(true, Arrays.equals(data, recData));
}
else
{
fail("no recipient found");
}
| | public void | testKeyTransRC4()
byte[] data = "WallaWallaBouncyCastle".getBytes();
CMSEnvelopedDataGenerator edGen = new CMSEnvelopedDataGenerator();
edGen.addKeyTransRecipient(_reciCert);
CMSEnvelopedData ed = edGen.generate(
new CMSProcessableByteArray(data),
"1.2.840.113549.3.4", "BC");
RecipientInformationStore recipients = ed.getRecipientInfos();
assertEquals(ed.getEncryptionAlgOID(), "1.2.840.113549.3.4");
Collection c = recipients.getRecipients();
assertEquals(1, c.size());
Iterator it = c.iterator();
while (it.hasNext())
{
RecipientInformation recipient = (RecipientInformation)it.next();
byte[] recData = recipient.getContent(_reciKP.getPrivate(), "BC");
assertEquals(true, Arrays.equals(data, recData));
}
| | public void | testKeyTransSEED()
tryKeyTrans(CMSEnvelopedDataGenerator.SEED_CBC, KISAObjectIdentifiers.id_seedCBC, DEROctetString.class);
| | public void | testKeyTransSmallAES()
byte[] data = new byte[] { 0, 1, 2, 3 };
CMSEnvelopedDataGenerator edGen = new CMSEnvelopedDataGenerator();
edGen.addKeyTransRecipient(_reciCert);
CMSEnvelopedData ed = edGen.generate(
new CMSProcessableByteArray(data),
CMSEnvelopedDataGenerator.AES128_CBC, "BC");
RecipientInformationStore recipients = ed.getRecipientInfos();
assertEquals(ed.getEncryptionAlgOID(),
CMSEnvelopedDataGenerator.AES128_CBC);
Collection c = recipients.getRecipients();
Iterator it = c.iterator();
if (it.hasNext())
{
RecipientInformation recipient = (RecipientInformation)it.next();
byte[] recData = recipient.getContent(_reciKP.getPrivate(), "BC");
assertEquals(true, Arrays.equals(data, recData));
}
else
{
fail("no recipient found");
}
| | public void | testOriginatorInfo()
CMSEnvelopedData env = new CMSEnvelopedData(CMSSampleMessages.originatorMessage);
RecipientInformationStore recipients = env.getRecipientInfos();
assertEquals(CMSEnvelopedDataGenerator.DES_EDE3_CBC, env.getEncryptionAlgOID());
| | public void | testPasswordAES256()
passwordTest(CMSEnvelopedDataGenerator.AES256_CBC);
passwordUTF8Test(CMSEnvelopedDataGenerator.AES256_CBC);
| | public void | testPasswordDESEDE()
passwordTest(CMSEnvelopedDataGenerator.DES_EDE3_CBC);
passwordUTF8Test(CMSEnvelopedDataGenerator.DES_EDE3_CBC);
| | public void | testRC2128KEK()
tryKekAlgorithm(CMSTestUtil.makeRC2128Key(), new DERObjectIdentifier("1.2.840.113549.1.9.16.3.7"));
| | public void | testRFC4134ex5_1()
byte[] data = Hex.decode("5468697320697320736f6d652073616d706c6520636f6e74656e742e");
KeyFactory kFact = KeyFactory.getInstance("RSA", "BC");
Key key = kFact.generatePrivate(new PKCS8EncodedKeySpec(bobPrivRsaEncrypt));
CMSEnvelopedData ed = new CMSEnvelopedData(rfc4134ex5_1);
RecipientInformationStore recipients = ed.getRecipientInfos();
assertEquals("1.2.840.113549.3.7", ed.getEncryptionAlgOID());
Collection c = recipients.getRecipients();
Iterator it = c.iterator();
if (it.hasNext())
{
RecipientInformation recipient = (RecipientInformation)it.next();
byte[] recData = recipient.getContent(key, "BC");
assertEquals(true, Arrays.equals(data, recData));
}
else
{
fail("no recipient found");
}
| | public void | testRFC4134ex5_2()
byte[] data = Hex.decode("5468697320697320736f6d652073616d706c6520636f6e74656e742e");
KeyFactory kFact = KeyFactory.getInstance("RSA", "BC");
Key key = kFact.generatePrivate(new PKCS8EncodedKeySpec(bobPrivRsaEncrypt));
CMSEnvelopedData ed = new CMSEnvelopedData(rfc4134ex5_2);
RecipientInformationStore recipients = ed.getRecipientInfos();
assertEquals("1.2.840.113549.3.2", ed.getEncryptionAlgOID());
Collection c = recipients.getRecipients();
Iterator it = c.iterator();
if (it.hasNext())
{
while (it.hasNext())
{
RecipientInformation recipient = (RecipientInformation)it.next();
byte[] recData;
if (recipient instanceof KeyTransRecipientInformation)
{
recData = recipient.getContent(key, "BC");
assertEquals(true, Arrays.equals(data, recData));
}
}
}
else
{
fail("no recipient found");
}
| | public void | testSEED128KEK()
tryKekAlgorithm(CMSTestUtil.makeSEEDKey(), KISAObjectIdentifiers.id_npki_app_cmsSeed_wrap);
| | private void | tryKekAlgorithm(javax.crypto.SecretKey kek, org.bouncycastle.asn1.DERObjectIdentifier algOid)
byte[] data = "WallaWallaWashington".getBytes();
CMSEnvelopedDataGenerator edGen = new CMSEnvelopedDataGenerator();
byte[] kekId = new byte[] { 1, 2, 3, 4, 5 };
edGen.addKEKRecipient(kek, kekId);
CMSEnvelopedData ed = edGen.generate(
new CMSProcessableByteArray(data),
CMSEnvelopedDataGenerator.DES_EDE3_CBC, "BC");
RecipientInformationStore recipients = ed.getRecipientInfos();
Collection c = recipients.getRecipients();
Iterator it = c.iterator();
assertEquals(ed.getEncryptionAlgOID(), CMSEnvelopedDataGenerator.DES_EDE3_CBC);
if (it.hasNext())
{
RecipientInformation recipient = (RecipientInformation)it.next();
assertEquals(algOid.getId(), recipient.getKeyEncryptionAlgOID());
byte[] recData = recipient.getContent(kek, "BC");
assertTrue(Arrays.equals(data, recData));
}
else
{
fail("no recipient found");
}
| | private void | tryKeyTrans(java.lang.String generatorOID, org.bouncycastle.asn1.DERObjectIdentifier checkOID, java.lang.Class asn1Params)
byte[] data = "WallaWallaWashington".getBytes();
CMSEnvelopedDataGenerator edGen = new CMSEnvelopedDataGenerator();
edGen.addKeyTransRecipient(_reciCert);
CMSEnvelopedData ed = edGen.generate(
new CMSProcessableByteArray(data),
generatorOID, "BC");
RecipientInformationStore recipients = ed.getRecipientInfos();
assertEquals(checkOID.getId(), ed.getEncryptionAlgOID());
if (asn1Params != null)
{
ASN1InputStream aIn = new ASN1InputStream(ed.getEncryptionAlgParams());
assertTrue(asn1Params.isAssignableFrom(aIn.readObject().getClass()));
}
Collection c = recipients.getRecipients();
assertEquals(1, c.size());
Iterator it = c.iterator();
if (!it.hasNext())
{
fail("no recipients found");
}
while (it.hasNext())
{
RecipientInformation recipient = (RecipientInformation)it.next();
assertEquals(recipient.getKeyEncryptionAlgOID(), PKCSObjectIdentifiers.rsaEncryption.getId());
byte[] recData = recipient.getContent(_reciKP.getPrivate(), "BC");
assertEquals(true, Arrays.equals(data, recData));
}
| | private void | verifyECKeyAgreeVectors(java.security.PrivateKey privKey, java.lang.String wrapAlg, byte[] message)
byte[] data = Hex.decode("504b492d4320434d5320456e76656c6f706564446174612053616d706c65");
CMSEnvelopedData ed = new CMSEnvelopedData(message);
RecipientInformationStore recipients = ed.getRecipientInfos();
Collection c = recipients.getRecipients();
Iterator it = c.iterator();
assertEquals(wrapAlg, ed.getEncryptionAlgOID());
if (it.hasNext())
{
RecipientInformation recipient = (RecipientInformation)it.next();
assertEquals("1.3.133.16.840.63.0.2", recipient.getKeyEncryptionAlgOID());
byte[] recData = recipient.getContent(privKey, "BC");
assertTrue(Arrays.equals(data, recData));
}
else
{
fail("no recipient found");
}
| | private void | verifyECMQVKeyAgreeVectors(java.security.PrivateKey privKey, java.lang.String wrapAlg, byte[] message)
byte[] data = Hex.decode("504b492d4320434d5320456e76656c6f706564446174612053616d706c65");
CMSEnvelopedData ed = new CMSEnvelopedData(message);
RecipientInformationStore recipients = ed.getRecipientInfos();
Collection c = recipients.getRecipients();
Iterator it = c.iterator();
assertEquals(wrapAlg, ed.getEncryptionAlgOID());
if (it.hasNext())
{
RecipientInformation recipient = (RecipientInformation)it.next();
assertEquals("1.3.133.16.840.63.0.16", recipient.getKeyEncryptionAlgOID());
byte[] recData = recipient.getContent(privKey, "BC");
assertTrue(Arrays.equals(data, recData));
}
else
{
fail("no recipient found");
}
|
|
