Package org.jscep.message

Source Code of org.jscep.message.PkiMessageEncoderTest

1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
76
77
78
79
80
81
82
83
84
85
86
87
88
89
90
91
92
93
94
95
96
97
98
99
100
101
102
103
104
105
106
107
108
109
110
111
112
113
114
115
116
117
118
119
120
121
122
123
124
125
126
127
128
129
130
131
132
133
134
135
136
137
138
139
140
141
142
143
144
145
146
147
148
149
package org.jscep.message;

import static org.junit.Assert.assertEquals;

import java.io.IOException;
import java.math.BigInteger;
import java.security.GeneralSecurityException;
import java.security.KeyPair;
import java.security.KeyPairGenerator;
import java.security.PrivateKey;
import java.security.PublicKey;
import java.security.cert.X509Certificate;
import java.util.ArrayList;
import java.util.Collection;
import java.util.Collections;
import java.util.List;

import javax.security.auth.x500.X500Principal;

import org.bouncycastle.asn1.DERPrintableString;
import org.bouncycastle.asn1.cms.IssuerAndSerialNumber;
import org.bouncycastle.asn1.pkcs.PKCSObjectIdentifiers;
import org.bouncycastle.asn1.x500.X500Name;
import org.bouncycastle.asn1.x509.SubjectPublicKeyInfo;
import org.bouncycastle.cert.jcajce.JcaCertStore;
import org.bouncycastle.cms.CMSAbsentContent;
import org.bouncycastle.cms.CMSSignedData;
import org.bouncycastle.cms.CMSSignedDataGenerator;
import org.bouncycastle.cms.CMSTypedData;
import org.bouncycastle.cms.jcajce.JcaSignerInfoGeneratorBuilder;
import org.bouncycastle.operator.ContentSigner;
import org.bouncycastle.operator.OperatorCreationException;
import org.bouncycastle.operator.jcajce.JcaContentSignerBuilder;
import org.bouncycastle.operator.jcajce.JcaDigestCalculatorProviderBuilder;
import org.bouncycastle.pkcs.PKCS10CertificationRequest;
import org.bouncycastle.pkcs.PKCS10CertificationRequestBuilder;
import org.bouncycastle.util.Store;
import org.jscep.asn1.IssuerAndSubject;
import org.jscep.transaction.FailInfo;
import org.jscep.transaction.Nonce;
import org.jscep.transaction.TransactionId;
import org.jscep.util.X509Certificates;
import org.junit.Test;
import org.junit.runner.RunWith;
import org.junit.runners.Parameterized;
import org.junit.runners.Parameterized.Parameters;

@RunWith(Parameterized.class)
public class PkiMessageEncoderTest {
    @Parameters
    public static Collection<Object[]> getParameters() throws Exception {
  List<Object[]> params = new ArrayList<Object[]>();

  KeyPair pair = KeyPairGenerator.getInstance("RSA").generateKeyPair();
  TransactionId transId = TransactionId.createTransactionId();
  Nonce recipientNonce = Nonce.nextNonce();
  Nonce senderNonce = recipientNonce;
  X500Name issuer = new X500Name("CN=CA");
  X500Name subject = new X500Name("CN=Client");
  IssuerAndSubject ias = new IssuerAndSubject(issuer, subject);
  BigInteger serial = BigInteger.ONE;
  IssuerAndSerialNumber iasn = new IssuerAndSerialNumber(issuer, serial);
  PKCS10CertificationRequest csr = getCsr(new X500Principal("CN=Client"),
    pair.getPublic(), pair.getPrivate(), "password".toCharArray());
  CMSSignedDataGenerator gen = new CMSSignedDataGenerator();
  ContentSigner sha1Signer = new JcaContentSignerBuilder("SHA1withRSA")
    .build(pair.getPrivate());
  X509Certificate cert = X509Certificates.createEphemeral(
    new X500Principal("CN=client"), pair);
  Store certs = new JcaCertStore(Collections.singleton(cert));
  gen.addSignerInfoGenerator(new JcaSignerInfoGeneratorBuilder(
    new JcaDigestCalculatorProviderBuilder().build()).build(
    sha1Signer, cert));
  gen.addCertificates(certs);
  CMSTypedData msg = new CMSAbsentContent();
  CMSSignedData sigData = gen.generate(msg, false);

  params.add(new Object[] { new GetCert(transId, senderNonce, iasn) });
  params.add(new Object[] { new GetCertInitial(transId, senderNonce, ias) });
  params.add(new Object[] { new GetCrl(transId, senderNonce, iasn) });
  params.add(new Object[] { new PkcsReq(transId, senderNonce, csr) });
  params.add(new Object[] { new CertRep(transId, senderNonce,
    recipientNonce) });
  params.add(new Object[] { new CertRep(transId, senderNonce,
    recipientNonce, sigData) });
  params.add(new Object[] { new CertRep(transId, senderNonce,
    recipientNonce, FailInfo.badAlg) });

  return params;
    }

    private final PkiMessage<?> message;

    public PkiMessageEncoderTest(PkiMessage<?> message) {
  this.message = message;
    }

    @Test
    public void simpleTest() throws Exception {
  KeyPair caPair = KeyPairGenerator.getInstance("RSA").generateKeyPair();
  X509Certificate ca = X509Certificates.createEphemeral(
    new X500Principal("CN=CA"), caPair);

  KeyPair clientPair = KeyPairGenerator.getInstance("RSA")
    .generateKeyPair();
  X509Certificate client = X509Certificates.createEphemeral(
    new X500Principal("CN=Client"), clientPair);

  // Everything below this line only available to client
  PkcsPkiEnvelopeEncoder envEncoder = new PkcsPkiEnvelopeEncoder(ca, "DES");
  PkiMessageEncoder encoder = new PkiMessageEncoder(
    clientPair.getPrivate(), client, envEncoder);

  PkcsPkiEnvelopeDecoder envDecoder = new PkcsPkiEnvelopeDecoder(ca,
    caPair.getPrivate());
  PkiMessageDecoder decoder = new PkiMessageDecoder(client, envDecoder);

  PkiMessage<?> actual = decoder.decode(encoder.encode(message));

  assertEquals(message, actual);
    }

    private static PKCS10CertificationRequest getCsr(X500Principal subject,
      PublicKey pubKey, PrivateKey priKey, char[] password)
      throws GeneralSecurityException, IOException {
  DERPrintableString cpSet = new DERPrintableString(new String(password));
  SubjectPublicKeyInfo pkInfo = SubjectPublicKeyInfo.getInstance(pubKey
    .getEncoded());

  JcaContentSignerBuilder signerBuilder = new JcaContentSignerBuilder(
    "SHA1withRSA");
  ContentSigner signer;
  try {
      signer = signerBuilder.build(priKey);
  } catch (OperatorCreationException e) {
      IOException ioe = new IOException();
      ioe.initCause(e);

      throw ioe;
  }

  PKCS10CertificationRequestBuilder builder = new PKCS10CertificationRequestBuilder(
    X500Name.getInstance(subject.getEncoded()), pkInfo);
  builder.addAttribute(PKCSObjectIdentifiers.pkcs_9_at_challengePassword,
    cpSet);

  return builder.build(signer);
    }
}
TOP

Related Classes of org.jscep.message.PkiMessageEncoderTest

  • org.bouncycastle.asn1.cms.IssuerAndSerialNumber
  • org.bouncycastle.asn1.DERPrintableString
  • org.bouncycastle.asn1.x500.X500Name
  • org.bouncycastle.asn1.x509.SubjectPublicKeyInfo
  • org.bouncycastle.cert.jcajce.JcaCertStore
  • org.bouncycastle.cms.CMSAbsentContent
  • org.bouncycastle.cms.CMSSignedData
  • org.bouncycastle.cms.CMSSignedDataGenerator
  • org.bouncycastle.cms.CMSTypedData
  • org.bouncycastle.cms.jcajce.JcaSignerInfoGeneratorBuilder
    • TOP
    Copyright © 2018 www.massapi.com. All rights reserved.
    All source code are property of their respective owners. Java is a trademark of Sun Microsystems, Inc and owned by ORACLE Inc. Contact coftware#gmail.com.