001: package org.bouncycastle.jce.provider.test;
002:
003: import java.io.ByteArrayInputStream;
004: import java.io.ByteArrayOutputStream;
005: import java.security.KeyPair;
006: import java.security.KeyPairGenerator;
007: import java.security.Security;
008:
009: import org.bouncycastle.asn1.ASN1InputStream;
010: import org.bouncycastle.asn1.ASN1Sequence;
011: import org.bouncycastle.asn1.DEROutputStream;
012: import org.bouncycastle.asn1.pkcs.PKCSObjectIdentifiers;
013: import org.bouncycastle.asn1.x509.AlgorithmIdentifier;
014: import org.bouncycastle.jce.netscape.NetscapeCertRequest;
015: import org.bouncycastle.jce.provider.BouncyCastleProvider;
016: import org.bouncycastle.util.encoders.Base64;
017: import org.bouncycastle.util.test.SimpleTestResult;
018: import org.bouncycastle.util.test.Test;
019: import org.bouncycastle.util.test.TestResult;
020:
021: /**
022: */
023: public class NetscapeCertRequestTest implements Test {
024: /* from NS 4.75 */
025: static final String test1 = "MIIBRzCBsTCBnzANBgkqhkiG9w0BAQEFAAOBjQAwgYkCgYEAmwdh+LJXQ8AtXczo"
026: + "4EIGfXjpmDwsoIRpPaXEx1CBHhpon/Dpo/o5Vw2WoWNICXj5lmqhftIpCPO9qKxx"
027: + "85x6k/fuyTPH8P02hkmscAYsgqOgb/1yRCNXFryuFOATqxw1tsuye5Q3lTU9JCLU"
028: + "UilQ6BV8n3fm2egtPPUaJEuCvcsCAwEAARYNZml4ZWQtZm9yLW5vdzANBgkqhkiG"
029: + "9w0BAQQFAAOBgQAImbJD6xHbJtXl6kOTbCFoMnDk7U0o6pHy9l56DYVsiluXegiY"
030: + "6twB4o7OWsrqTb+gVvzK65FfP+NBVVzxY8UzcjbqC51yvO/9wnpUsIBqD/Gvi1gE"
031: + "qvw7RHwVEhdzsvLwlL22G8CfDxHnWLww39j8uRJsmoNiKJly3BcsZkLd9g==";
032:
033: public String getName() {
034: return "NetscapeCertRequest";
035: }
036:
037: public TestResult perform() {
038: try {
039: String challenge = "fixed-for-now";
040:
041: byte data[] = Base64.decode(test1);
042:
043: ASN1InputStream in = new ASN1InputStream(
044: new ByteArrayInputStream(data));
045: ASN1Sequence spkac = (ASN1Sequence) in.readObject();
046: // System.out.println("SPKAC: \n"+DERDump.dumpAsString (spkac));
047:
048: NetscapeCertRequest nscr = new NetscapeCertRequest(spkac);
049:
050: if (!nscr.verify(challenge)) {
051: return new SimpleTestResult(false, getName()
052: + ": 1 - not verified");
053: }
054:
055: //now try to generate one
056: KeyPairGenerator kpg = KeyPairGenerator.getInstance(nscr
057: .getKeyAlgorithm().getObjectId().getId(), "BC");
058:
059: kpg.initialize(1024);
060:
061: KeyPair kp = kpg.genKeyPair();
062:
063: nscr.setPublicKey(kp.getPublic());
064: nscr.sign(kp.getPrivate());
065:
066: ByteArrayOutputStream baos = new ByteArrayOutputStream();
067: DEROutputStream deros = new DEROutputStream(baos);
068: deros.writeObject(nscr);
069: deros.close();
070:
071: ASN1InputStream in2 = new ASN1InputStream(
072: new ByteArrayInputStream(baos.toByteArray()));
073: ASN1Sequence spkac2 = (ASN1Sequence) in2.readObject();
074:
075: // System.out.println("SPKAC2: \n"+DERDump.dumpAsString (spkac2));
076:
077: NetscapeCertRequest nscr2 = new NetscapeCertRequest(spkac2);
078:
079: if (!nscr2.verify(challenge)) {
080: return new SimpleTestResult(false, getName()
081: + ": 2 - not verified");
082: }
083:
084: //lets build it from scratch
085:
086: challenge = "try it";
087:
088: NetscapeCertRequest nscr3 = new NetscapeCertRequest(
089: challenge,
090: new AlgorithmIdentifier(
091: PKCSObjectIdentifiers.sha1WithRSAEncryption,
092: null), kp.getPublic());
093:
094: nscr3.sign(kp.getPrivate());
095:
096: // System.out.println("SPKAC3: \n"+DERDump.dumpAsString (nscr3));
097:
098: if (nscr3.verify(challenge)) {
099: return new SimpleTestResult(true, getName() + ": Okay");
100: } else {
101: return new SimpleTestResult(false, getName()
102: + ": 3 - not verified");
103: }
104: } catch (Exception e) {
105: return new SimpleTestResult(false, getName()
106: + ": exception - " + e.toString());
107: }
108: }
109:
110: public static void main(String[] args) {
111: Security.addProvider(new BouncyCastleProvider());
112:
113: Test test = new NetscapeCertRequestTest();
114: TestResult result = test.perform();
115:
116: System.out.println(result.toString());
117: }
118: }
|