001: package org.bouncycastle.openssl.test;
002:
003: import org.bouncycastle.asn1.cms.CMSObjectIdentifiers;
004: import org.bouncycastle.asn1.cms.ContentInfo;
005: import org.bouncycastle.jce.provider.BouncyCastleProvider;
006: import org.bouncycastle.jce.spec.ECNamedCurveParameterSpec;
007: import org.bouncycastle.openssl.PEMReader;
008: import org.bouncycastle.openssl.PEMWriter;
009: import org.bouncycastle.openssl.PasswordFinder;
010: import org.bouncycastle.util.test.SimpleTest;
011:
012: import java.io.BufferedReader;
013: import java.io.ByteArrayInputStream;
014: import java.io.ByteArrayOutputStream;
015: import java.io.IOException;
016: import java.io.InputStream;
017: import java.io.InputStreamReader;
018: import java.io.OutputStreamWriter;
019: import java.io.Reader;
020: import java.security.KeyPair;
021: import java.security.KeyPairGenerator;
022: import java.security.PrivateKey;
023: import java.security.PublicKey;
024: import java.security.SecureRandom;
025: import java.security.Security;
026: import java.security.Signature;
027: import java.security.interfaces.DSAPrivateKey;
028: import java.security.interfaces.RSAPrivateKey;
029:
030: /**
031: * basic class for reading test.pem - the password is "secret"
032: */
033: public class ReaderTest extends SimpleTest {
034: private static class Password implements PasswordFinder {
035: char[] password;
036:
037: Password(char[] word) {
038: this .password = word;
039: }
040:
041: public char[] getPassword() {
042: return password;
043: }
044: }
045:
046: public String getName() {
047: return "PEMReaderTest";
048: }
049:
050: private PEMReader openPEMResource(String fileName,
051: PasswordFinder pGet) {
052: InputStream res = this .getClass().getResourceAsStream(fileName);
053: Reader fRd = new BufferedReader(new InputStreamReader(res));
054: return new PEMReader(fRd, pGet);
055: }
056:
057: public void performTest() throws Exception {
058: PasswordFinder pGet = new Password("secret".toCharArray());
059: PEMReader pemRd = openPEMResource("test.pem", pGet);
060: Object o;
061: KeyPair pair;
062:
063: while ((o = pemRd.readObject()) != null) {
064: if (o instanceof KeyPair) {
065: //pair = (KeyPair)o;
066:
067: //System.out.println(pair.getPublic());
068: //System.out.println(pair.getPrivate());
069: } else {
070: //System.out.println(o.toString());
071: }
072: }
073:
074: //
075: // pkcs 7 data
076: //
077: pemRd = openPEMResource("pkcs7.pem", null);
078: ContentInfo d = (ContentInfo) pemRd.readObject();
079:
080: if (!d.getContentType().equals(
081: CMSObjectIdentifiers.envelopedData)) {
082: fail("failed envelopedData check");
083: }
084:
085: //
086: // ECKey
087: //
088: pemRd = openPEMResource("eckey.pem", null);
089: ECNamedCurveParameterSpec spec = (ECNamedCurveParameterSpec) pemRd
090: .readObject();
091:
092: pair = (KeyPair) pemRd.readObject();
093: Signature sgr = Signature.getInstance("ECDSA", "BC");
094:
095: sgr.initSign(pair.getPrivate());
096:
097: byte[] message = new byte[] { (byte) 'a', (byte) 'b',
098: (byte) 'c' };
099:
100: sgr.update(message);
101:
102: byte[] sigBytes = sgr.sign();
103:
104: sgr.initVerify(pair.getPublic());
105:
106: sgr.update(message);
107:
108: if (!sgr.verify(sigBytes)) {
109: fail("EC verification failed");
110: }
111:
112: if (!pair.getPublic().getAlgorithm().equals("ECDSA")) {
113: fail("wrong algorithm name on public");
114: }
115:
116: if (!pair.getPrivate().getAlgorithm().equals("ECDSA")) {
117: fail("wrong algorithm name on private");
118: }
119:
120: //
121: // writer/parser test
122: //
123: KeyPairGenerator kpGen = KeyPairGenerator.getInstance("RSA",
124: "BC");
125:
126: pair = kpGen.generateKeyPair();
127:
128: keyPairTest("RSA", pair);
129:
130: kpGen = KeyPairGenerator.getInstance("DSA", "BC");
131: kpGen.initialize(512, new SecureRandom());
132: pair = kpGen.generateKeyPair();
133:
134: keyPairTest("DSA", pair);
135:
136: //
137: // PKCS7
138: //
139: ByteArrayOutputStream bOut = new ByteArrayOutputStream();
140: PEMWriter pWrt = new PEMWriter(new OutputStreamWriter(bOut));
141:
142: pWrt.writeObject(d);
143:
144: pWrt.close();
145:
146: pemRd = new PEMReader(new InputStreamReader(
147: new ByteArrayInputStream(bOut.toByteArray())));
148: d = (ContentInfo) pemRd.readObject();
149:
150: if (!d.getContentType().equals(
151: CMSObjectIdentifiers.envelopedData)) {
152: fail("failed envelopedData recode check");
153: }
154:
155: // OpenSSL test cases (as embedded resources)
156: doOpenSslDsaTest("unencrypted");
157: doOpenSslRsaTest("unencrypted");
158:
159: doOpenSslTests("aes128");
160: doOpenSslTests("aes192");
161: doOpenSslTests("aes256");
162: doOpenSslTests("blowfish");
163: doOpenSslTests("des1");
164: doOpenSslTests("des2");
165: doOpenSslTests("des3");
166: doOpenSslTests("rc2_128");
167:
168: doOpenSslDsaTest("rc2_40_cbc");
169: doOpenSslRsaTest("rc2_40_cbc");
170: doOpenSslDsaTest("rc2_64_cbc");
171: doOpenSslRsaTest("rc2_64_cbc");
172: }
173:
174: private void keyPairTest(String name, KeyPair pair)
175: throws IOException {
176: PEMReader pemRd;
177: ByteArrayOutputStream bOut = new ByteArrayOutputStream();
178: PEMWriter pWrt = new PEMWriter(new OutputStreamWriter(bOut));
179:
180: pWrt.writeObject(pair.getPublic());
181:
182: pWrt.close();
183:
184: pemRd = new PEMReader(new InputStreamReader(
185: new ByteArrayInputStream(bOut.toByteArray())));
186:
187: PublicKey k = (PublicKey) pemRd.readObject();
188: if (!k.equals(pair.getPublic())) {
189: fail("Failed public key read: " + name);
190: }
191:
192: bOut = new ByteArrayOutputStream();
193: pWrt = new PEMWriter(new OutputStreamWriter(bOut));
194:
195: pWrt.writeObject(pair.getPrivate());
196:
197: pWrt.close();
198:
199: pemRd = new PEMReader(new InputStreamReader(
200: new ByteArrayInputStream(bOut.toByteArray())));
201:
202: KeyPair kPair = (KeyPair) pemRd.readObject();
203: if (!kPair.getPrivate().equals(pair.getPrivate())) {
204: fail("Failed private key read: " + name);
205: }
206:
207: if (!kPair.getPublic().equals(pair.getPublic())) {
208: fail("Failed private key public read: " + name);
209: }
210: }
211:
212: private void doOpenSslTests(String baseName) throws IOException {
213: doOpenSslDsaModesTest(baseName);
214: doOpenSslRsaModesTest(baseName);
215: }
216:
217: private void doOpenSslDsaModesTest(String baseName)
218: throws IOException {
219: doOpenSslDsaTest(baseName + "_cbc");
220: doOpenSslDsaTest(baseName + "_cfb");
221: doOpenSslDsaTest(baseName + "_ecb");
222: doOpenSslDsaTest(baseName + "_ofb");
223: }
224:
225: private void doOpenSslRsaModesTest(String baseName)
226: throws IOException {
227: doOpenSslRsaTest(baseName + "_cbc");
228: doOpenSslRsaTest(baseName + "_cfb");
229: doOpenSslRsaTest(baseName + "_ecb");
230: doOpenSslRsaTest(baseName + "_ofb");
231: }
232:
233: private void doOpenSslDsaTest(String name) throws IOException {
234: String fileName = "dsa/openssl_dsa_" + name + ".pem";
235:
236: doOpenSslTestFile(fileName, DSAPrivateKey.class);
237: }
238:
239: private void doOpenSslRsaTest(String name) throws IOException {
240: String fileName = "rsa/openssl_rsa_" + name + ".pem";
241:
242: doOpenSslTestFile(fileName, RSAPrivateKey.class);
243: }
244:
245: private void doOpenSslTestFile(String fileName,
246: Class expectedPrivKeyClass) throws IOException {
247: PEMReader pr = openPEMResource("data/" + fileName,
248: new Password("changeit".toCharArray()));
249: Object o = pr.readObject();
250:
251: if (o == null || !(o instanceof KeyPair)) {
252: fail("Didn't find OpenSSL key");
253: }
254:
255: KeyPair kp = (KeyPair) o;
256: PrivateKey privKey = kp.getPrivate();
257:
258: if (!expectedPrivKeyClass.isInstance(privKey)) {
259: fail("Returned key not of correct type");
260: }
261: }
262:
263: public static void main(String[] args) {
264: Security.addProvider(new BouncyCastleProvider());
265:
266: runTest(new ReaderTest());
267: }
268: }
|