diff options
Diffstat (limited to 'bcprov/src/main/java/org/bouncycastle/asn1')
236 files changed, 15016 insertions, 2566 deletions
diff --git a/bcprov/src/main/java/org/bouncycastle/asn1/ASN1ApplicationSpecificParser.java b/bcprov/src/main/java/org/bouncycastle/asn1/ASN1ApplicationSpecificParser.java index d7216a6c..8816b2b5 100644 --- a/bcprov/src/main/java/org/bouncycastle/asn1/ASN1ApplicationSpecificParser.java +++ b/bcprov/src/main/java/org/bouncycastle/asn1/ASN1ApplicationSpecificParser.java @@ -2,9 +2,18 @@ package org.bouncycastle.asn1; import java.io.IOException; +/** + * Interface to parse ASN.1 application specific objects. + */ public interface ASN1ApplicationSpecificParser extends ASN1Encodable, InMemoryRepresentable { + /** + * Read the next object in the parser. + * + * @return an ASN1Encodable + * @throws IOException on a parsing or decoding error. + */ ASN1Encodable readObject() throws IOException; } diff --git a/bcprov/src/main/java/org/bouncycastle/asn1/ASN1Boolean.java b/bcprov/src/main/java/org/bouncycastle/asn1/ASN1Boolean.java index 1360e8b5..ace31109 100644 --- a/bcprov/src/main/java/org/bouncycastle/asn1/ASN1Boolean.java +++ b/bcprov/src/main/java/org/bouncycastle/asn1/ASN1Boolean.java @@ -1,15 +1,204 @@ package org.bouncycastle.asn1; +import java.io.IOException; + +import org.bouncycastle.util.Arrays; + +/** + * Public facade of ASN.1 Boolean data. + * <p> + * Use following to place a new instance of ASN.1 Boolean in your dataset: + * </p> + * <ul> + * <li> ASN1Boolean.TRUE literal</li> + * <li> ASN1Boolean.FALSE literal</li> + * <li> {@link ASN1Boolean#getInstance(boolean) ASN1Boolean.getInstance(boolean)}</li> + * <li> {@link ASN1Boolean#getInstance(int) ASN1Boolean.getInstance(int)}</li> + * </ul> + * </p> + */ public class ASN1Boolean - extends DERBoolean + extends ASN1Primitive { - public ASN1Boolean(boolean value) + private static final byte[] TRUE_VALUE = new byte[] { (byte)0xff }; + private static final byte[] FALSE_VALUE = new byte[] { 0 }; + + private byte[] value; + + public static final ASN1Boolean FALSE = new ASN1Boolean(false); + public static final ASN1Boolean TRUE = new ASN1Boolean(true); + + /** + * return a boolean from the passed in object. + * + * @param obj an ASN1Boolean or an object that can be converted into one. + * @exception IllegalArgumentException if the object cannot be converted. + * @return an ASN1Boolean instance. + */ + public static ASN1Boolean getInstance( + Object obj) + { + if (obj == null || obj instanceof ASN1Boolean) + { + return (ASN1Boolean)obj; + } + + if (obj instanceof byte[]) + { + byte[] enc = (byte[])obj; + try + { + return (ASN1Boolean)fromByteArray(enc); + } + catch (IOException e) + { + throw new IllegalArgumentException("failed to construct boolean from byte[]: " + e.getMessage()); + } + } + + throw new IllegalArgumentException("illegal object in getInstance: " + obj.getClass().getName()); + } + + /** + * return an ASN1Boolean from the passed in boolean. + * @return an ASN1Boolean instance. + */ + public static ASN1Boolean getInstance( + boolean value) + { + return (value ? TRUE : FALSE); + } + + /** + * return an ASN1Boolean from the passed in value. + * @return an ASN1Boolean instance. + */ + public static ASN1Boolean getInstance( + int value) + { + return (value != 0 ? TRUE : FALSE); + } + + /** + * return a Boolean from a tagged object. + * + * @param obj the tagged object holding the object we want + * @param explicit true if the object is meant to be explicitly + * tagged false otherwise. + * @exception IllegalArgumentException if the tagged object cannot + * be converted. + * @return an ASN1Boolean instance. + */ + public static ASN1Boolean getInstance( + ASN1TaggedObject obj, + boolean explicit) + { + ASN1Primitive o = obj.getObject(); + + if (explicit || o instanceof ASN1Boolean) + { + return getInstance(o); + } + else + { + return ASN1Boolean.fromOctetString(((ASN1OctetString)o).getOctets()); + } + } + + ASN1Boolean( + byte[] value) + { + if (value.length != 1) + { + throw new IllegalArgumentException("byte value should have 1 byte in it"); + } + + if (value[0] == 0) + { + this.value = FALSE_VALUE; + } + else if ((value[0] & 0xff) == 0xff) + { + this.value = TRUE_VALUE; + } + else + { + this.value = Arrays.clone(value); + } + } + + /** + * @deprecated use getInstance(boolean) method. + * @param value true or false. + */ + public ASN1Boolean( + boolean value) { - super(value); + this.value = (value) ? TRUE_VALUE : FALSE_VALUE; } - ASN1Boolean(byte[] value) + public boolean isTrue() { - super(value); + return (value[0] != 0); + } + + boolean isConstructed() + { + return false; + } + + int encodedLength() + { + return 3; + } + + void encode( + ASN1OutputStream out) + throws IOException + { + out.writeEncoded(BERTags.BOOLEAN, value); + } + + protected boolean asn1Equals( + ASN1Primitive o) + { + if (o instanceof ASN1Boolean) + { + return (value[0] == ((ASN1Boolean)o).value[0]); + } + + return false; + } + + public int hashCode() + { + return value[0]; + } + + + public String toString() + { + return (value[0] != 0) ? "TRUE" : "FALSE"; + } + + static ASN1Boolean fromOctetString(byte[] value) + { + if (value.length != 1) + { + throw new IllegalArgumentException("BOOLEAN value should have 1 byte in it"); + } + + if (value[0] == 0) + { + return FALSE; + } + else if ((value[0] & 0xff) == 0xff) + { + return TRUE; + } + else + { + return new ASN1Boolean(value); + } } } diff --git a/bcprov/src/main/java/org/bouncycastle/asn1/ASN1Choice.java b/bcprov/src/main/java/org/bouncycastle/asn1/ASN1Choice.java index 603131d1..8a6714f2 100644 --- a/bcprov/src/main/java/org/bouncycastle/asn1/ASN1Choice.java +++ b/bcprov/src/main/java/org/bouncycastle/asn1/ASN1Choice.java @@ -5,8 +5,22 @@ package org.bouncycastle.asn1; * own object any attempt to tag the object implicitly will convert the tag to * an explicit one as the encoding rules require. * <p> - * If you use this interface your class should also implement the getInstance - * pattern which takes a tag object and the tagging mode used. + * If you use this interface your class should also implement the getInstance() + * pattern which takes a tag object and the tagging mode used. + * <p> + * <hr> + * <p><b>X.690</b></p> + * <p><b>8: Basic encoding rules</b></p> + * <p><b>8.13 Encoding of a choice value </b></p> + * <p> + * The encoding of a choice value shall be the same as the encoding of a value of the chosen type. + * <blockquote> + * NOTE 1 — The encoding may be primitive or constructed depending on the chosen type. + * <p> + * NOTE 2 — The tag used in the identifier octets is the tag of the chosen type, + * as specified in the ASN.1 definition of the choice type. + * </blockquote> + * </p> */ public interface ASN1Choice { diff --git a/bcprov/src/main/java/org/bouncycastle/asn1/ASN1Encodable.java b/bcprov/src/main/java/org/bouncycastle/asn1/ASN1Encodable.java index f5738bf4..aa8825c0 100644 --- a/bcprov/src/main/java/org/bouncycastle/asn1/ASN1Encodable.java +++ b/bcprov/src/main/java/org/bouncycastle/asn1/ASN1Encodable.java @@ -1,6 +1,13 @@ package org.bouncycastle.asn1; +/** + * Basic interface to produce serialisers for ASN.1 encodings. + */ public interface ASN1Encodable { + /** + * Return an object, possibly constructed, of ASN.1 primitives + * @return an ASN.1 primitive. + */ ASN1Primitive toASN1Primitive(); } diff --git a/bcprov/src/main/java/org/bouncycastle/asn1/ASN1EncodableVector.java b/bcprov/src/main/java/org/bouncycastle/asn1/ASN1EncodableVector.java index 2819a8d5..530da524 100644 --- a/bcprov/src/main/java/org/bouncycastle/asn1/ASN1EncodableVector.java +++ b/bcprov/src/main/java/org/bouncycastle/asn1/ASN1EncodableVector.java @@ -3,19 +3,35 @@ package org.bouncycastle.asn1; import java.util.Enumeration; import java.util.Vector; +/** + * Mutable class for building ASN.1 constructed objects. + */ public class ASN1EncodableVector { Vector v = new Vector(); + /** + * Base constructor. + */ public ASN1EncodableVector() { } + /** + * Add an encodable to the vector. + * + * @param obj the encodable to add. + */ public void add(ASN1Encodable obj) { v.addElement(obj); } + /** + * Add the contents of another vector. + * + * @param other the vector to add. + */ public void addAll(ASN1EncodableVector other) { for (Enumeration en = other.v.elements(); en.hasMoreElements();) @@ -24,11 +40,22 @@ public class ASN1EncodableVector } } + /** + * Return the object at position i in this vector. + * + * @param i the index of the object of interest. + * @return the object at position i. + */ public ASN1Encodable get(int i) { return (ASN1Encodable)v.elementAt(i); } + /** + * Return the size of the vector. + * + * @return the object count in the vector. + */ public int size() { return v.size(); diff --git a/bcprov/src/main/java/org/bouncycastle/asn1/ASN1Encoding.java b/bcprov/src/main/java/org/bouncycastle/asn1/ASN1Encoding.java index 821d3b9d..94a88426 100644 --- a/bcprov/src/main/java/org/bouncycastle/asn1/ASN1Encoding.java +++ b/bcprov/src/main/java/org/bouncycastle/asn1/ASN1Encoding.java @@ -1,8 +1,22 @@ package org.bouncycastle.asn1; +/** + * Supported encoding formats. + */ public interface ASN1Encoding { + /** + * DER - distinguished encoding rules. + */ static final String DER = "DER"; + + /** + * DL - definite length encoding. + */ static final String DL = "DL"; + + /** + * BER - basic encoding rules. + */ static final String BER = "BER"; } diff --git a/bcprov/src/main/java/org/bouncycastle/asn1/ASN1Enumerated.java b/bcprov/src/main/java/org/bouncycastle/asn1/ASN1Enumerated.java index d93fd912..d6fd2e29 100644 --- a/bcprov/src/main/java/org/bouncycastle/asn1/ASN1Enumerated.java +++ b/bcprov/src/main/java/org/bouncycastle/asn1/ASN1Enumerated.java @@ -1,22 +1,174 @@ package org.bouncycastle.asn1; +import java.io.IOException; import java.math.BigInteger; +import org.bouncycastle.util.Arrays; + +/** + * Class representing the ASN.1 ENUMERATED type. + */ public class ASN1Enumerated - extends DEREnumerated + extends ASN1Primitive { - ASN1Enumerated(byte[] bytes) + byte[] bytes; + + /** + * return an enumerated from the passed in object + * + * @param obj an ASN1Enumerated or an object that can be converted into one. + * @exception IllegalArgumentException if the object cannot be converted. + * @return an ASN1Enumerated instance, or null. + */ + public static ASN1Enumerated getInstance( + Object obj) + { + if (obj == null || obj instanceof ASN1Enumerated) + { + return (ASN1Enumerated)obj; + } + + if (obj instanceof byte[]) + { + try + { + return (ASN1Enumerated)fromByteArray((byte[])obj); + } + catch (Exception e) + { + throw new IllegalArgumentException("encoding error in getInstance: " + e.toString()); + } + } + + throw new IllegalArgumentException("illegal object in getInstance: " + obj.getClass().getName()); + } + + /** + * return an Enumerated from a tagged object. + * + * @param obj the tagged object holding the object we want + * @param explicit true if the object is meant to be explicitly + * tagged false otherwise. + * @exception IllegalArgumentException if the tagged object cannot + * be converted. + * @return an ASN1Enumerated instance, or null. + */ + public static ASN1Enumerated getInstance( + ASN1TaggedObject obj, + boolean explicit) + { + ASN1Primitive o = obj.getObject(); + + if (explicit || o instanceof ASN1Enumerated) + { + return getInstance(o); + } + else + { + return fromOctetString(((ASN1OctetString)o).getOctets()); + } + } + + /** + * Constructor from int. + * + * @param value the value of this enumerated. + */ + public ASN1Enumerated( + int value) + { + bytes = BigInteger.valueOf(value).toByteArray(); + } + + /** + * Constructor from BigInteger + * + * @param value the value of this enumerated. + */ + public ASN1Enumerated( + BigInteger value) + { + bytes = value.toByteArray(); + } + + /** + * Constructor from encoded BigInteger. + * + * @param bytes the value of this enumerated as an encoded BigInteger (signed). + */ + public ASN1Enumerated( + byte[] bytes) + { + this.bytes = bytes; + } + + public BigInteger getValue() { - super(bytes); + return new BigInteger(bytes); } - public ASN1Enumerated(BigInteger value) + boolean isConstructed() { - super(value); + return false; } - public ASN1Enumerated(int value) + int encodedLength() { - super(value); + return 1 + StreamUtil.calculateBodyLength(bytes.length) + bytes.length; + } + + void encode( + ASN1OutputStream out) + throws IOException + { + out.writeEncoded(BERTags.ENUMERATED, bytes); + } + + boolean asn1Equals( + ASN1Primitive o) + { + if (!(o instanceof ASN1Enumerated)) + { + return false; + } + + ASN1Enumerated other = (ASN1Enumerated)o; + + return Arrays.areEqual(this.bytes, other.bytes); + } + + public int hashCode() + { + return Arrays.hashCode(bytes); + } + + private static ASN1Enumerated[] cache = new ASN1Enumerated[12]; + + static ASN1Enumerated fromOctetString(byte[] enc) + { + if (enc.length > 1) + { + return new ASN1Enumerated(Arrays.clone(enc)); + } + + if (enc.length == 0) + { + throw new IllegalArgumentException("ENUMERATED has zero length"); + } + int value = enc[0] & 0xff; + + if (value >= cache.length) + { + return new ASN1Enumerated(Arrays.clone(enc)); + } + + ASN1Enumerated possibleMatch = cache[value]; + + if (possibleMatch == null) + { + possibleMatch = cache[value] = new ASN1Enumerated(Arrays.clone(enc)); + } + + return possibleMatch; } } diff --git a/bcprov/src/main/java/org/bouncycastle/asn1/ASN1GeneralizedTime.java b/bcprov/src/main/java/org/bouncycastle/asn1/ASN1GeneralizedTime.java index 0088a536..bbe5ae17 100644 --- a/bcprov/src/main/java/org/bouncycastle/asn1/ASN1GeneralizedTime.java +++ b/bcprov/src/main/java/org/bouncycastle/asn1/ASN1GeneralizedTime.java @@ -1,22 +1,374 @@ package org.bouncycastle.asn1; +import java.io.IOException; +import java.text.ParseException; +import java.text.SimpleDateFormat; import java.util.Date; +import java.util.Locale; +import java.util.SimpleTimeZone; +import java.util.TimeZone; +import org.bouncycastle.util.Arrays; +import org.bouncycastle.util.Strings; + +/** + * Base class representing the ASN.1 GeneralizedTime type. + * <p> + * The main difference between these and UTC time is a 4 digit year. + * </p> + */ public class ASN1GeneralizedTime - extends DERGeneralizedTime + extends ASN1Primitive { - ASN1GeneralizedTime(byte[] bytes) + private byte[] time; + + /** + * return a generalized time from the passed in object + * + * @param obj an ASN1GeneralizedTime or an object that can be converted into one. + * @return an ASN1GeneralizedTime instance, or null. + * @throws IllegalArgumentException if the object cannot be converted. + */ + public static ASN1GeneralizedTime getInstance( + Object obj) + { + if (obj == null || obj instanceof ASN1GeneralizedTime) + { + return (ASN1GeneralizedTime)obj; + } + + if (obj instanceof byte[]) + { + try + { + return (ASN1GeneralizedTime)fromByteArray((byte[])obj); + } + catch (Exception e) + { + throw new IllegalArgumentException("encoding error in getInstance: " + e.toString()); + } + } + + throw new IllegalArgumentException("illegal object in getInstance: " + obj.getClass().getName()); + } + + /** + * return a Generalized Time object from a tagged object. + * + * @param obj the tagged object holding the object we want + * @param explicit true if the object is meant to be explicitly + * tagged false otherwise. + * @return an ASN1GeneralizedTime instance. + * @throws IllegalArgumentException if the tagged object cannot + * be converted. + */ + public static ASN1GeneralizedTime getInstance( + ASN1TaggedObject obj, + boolean explicit) + { + ASN1Primitive o = obj.getObject(); + + if (explicit || o instanceof ASN1GeneralizedTime) + { + return getInstance(o); + } + else + { + return new ASN1GeneralizedTime(((ASN1OctetString)o).getOctets()); + } + } + + /** + * The correct format for this is YYYYMMDDHHMMSS[.f]Z, or without the Z + * for local time, or Z+-HHMM on the end, for difference between local + * time and UTC time. The fractional second amount f must consist of at + * least one number with trailing zeroes removed. + * + * @param time the time string. + * @throws IllegalArgumentException if String is an illegal format. + */ + public ASN1GeneralizedTime( + String time) + { + this.time = Strings.toByteArray(time); + try + { + this.getDate(); + } + catch (ParseException e) + { + throw new IllegalArgumentException("invalid date string: " + e.getMessage()); + } + } + + /** + * Base constructor from a java.util.date object + * + * @param time a date object representing the time of interest. + */ + public ASN1GeneralizedTime( + Date time) + { + SimpleDateFormat dateF = new SimpleDateFormat("yyyyMMddHHmmss'Z'"); + + dateF.setTimeZone(new SimpleTimeZone(0, "Z")); + + this.time = Strings.toByteArray(dateF.format(time)); + } + + /** + * Base constructor from a java.util.date and Locale - you may need to use this if the default locale + * doesn't use a Gregorian calender so that the GeneralizedTime produced is compatible with other ASN.1 implementations. + * + * @param time a date object representing the time of interest. + * @param locale an appropriate Locale for producing an ASN.1 GeneralizedTime value. + */ + public ASN1GeneralizedTime( + Date time, + Locale locale) + { + SimpleDateFormat dateF = new SimpleDateFormat("yyyyMMddHHmmss'Z'", locale); + + dateF.setTimeZone(new SimpleTimeZone(0, "Z")); + + this.time = Strings.toByteArray(dateF.format(time)); + } + + ASN1GeneralizedTime( + byte[] bytes) + { + this.time = bytes; + } + + /** + * Return the time. + * + * @return The time string as it appeared in the encoded object. + */ + public String getTimeString() + { + return Strings.fromByteArray(time); + } + + /** + * return the time - always in the form of + * YYYYMMDDhhmmssGMT(+hh:mm|-hh:mm). + * <p> + * Normally in a certificate we would expect "Z" rather than "GMT", + * however adding the "GMT" means we can just use: + * <pre> + * dateF = new SimpleDateFormat("yyyyMMddHHmmssz"); + * </pre> + * To read in the time and get a date which is compatible with our local + * time zone. + * </p> + */ + public String getTime() + { + String stime = Strings.fromByteArray(time); + + // + // standardise the format. + // + if (stime.charAt(stime.length() - 1) == 'Z') + { + return stime.substring(0, stime.length() - 1) + "GMT+00:00"; + } + else + { + int signPos = stime.length() - 5; + char sign = stime.charAt(signPos); + if (sign == '-' || sign == '+') + { + return stime.substring(0, signPos) + + "GMT" + + stime.substring(signPos, signPos + 3) + + ":" + + stime.substring(signPos + 3); + } + else + { + signPos = stime.length() - 3; + sign = stime.charAt(signPos); + if (sign == '-' || sign == '+') + { + return stime.substring(0, signPos) + + "GMT" + + stime.substring(signPos) + + ":00"; + } + } + } + return stime + calculateGMTOffset(); + } + + private String calculateGMTOffset() + { + String sign = "+"; + TimeZone timeZone = TimeZone.getDefault(); + int offset = timeZone.getRawOffset(); + if (offset < 0) + { + sign = "-"; + offset = -offset; + } + int hours = offset / (60 * 60 * 1000); + int minutes = (offset - (hours * 60 * 60 * 1000)) / (60 * 1000); + + try + { + if (timeZone.useDaylightTime() && timeZone.inDaylightTime(this.getDate())) + { + hours += sign.equals("+") ? 1 : -1; + } + } + catch (ParseException e) + { + // we'll do our best and ignore daylight savings + } + + return "GMT" + sign + convert(hours) + ":" + convert(minutes); + } + + private String convert(int time) + { + if (time < 10) + { + return "0" + time; + } + + return Integer.toString(time); + } + + public Date getDate() + throws ParseException + { + SimpleDateFormat dateF; + String stime = Strings.fromByteArray(time); + String d = stime; + + if (stime.endsWith("Z")) + { + if (hasFractionalSeconds()) + { + dateF = new SimpleDateFormat("yyyyMMddHHmmss.SSS'Z'"); + } + else + { + dateF = new SimpleDateFormat("yyyyMMddHHmmss'Z'"); + } + + dateF.setTimeZone(new SimpleTimeZone(0, "Z")); + } + else if (stime.indexOf('-') > 0 || stime.indexOf('+') > 0) + { + d = this.getTime(); + if (hasFractionalSeconds()) + { + dateF = new SimpleDateFormat("yyyyMMddHHmmss.SSSz"); + } + else + { + dateF = new SimpleDateFormat("yyyyMMddHHmmssz"); + } + + dateF.setTimeZone(new SimpleTimeZone(0, "Z")); + } + else + { + if (hasFractionalSeconds()) + { + dateF = new SimpleDateFormat("yyyyMMddHHmmss.SSS"); + } + else + { + dateF = new SimpleDateFormat("yyyyMMddHHmmss"); + } + + dateF.setTimeZone(new SimpleTimeZone(0, TimeZone.getDefault().getID())); + } + + if (hasFractionalSeconds()) + { + // java misinterprets extra digits as being milliseconds... + String frac = d.substring(14); + int index; + for (index = 1; index < frac.length(); index++) + { + char ch = frac.charAt(index); + if (!('0' <= ch && ch <= '9')) + { + break; + } + } + + if (index - 1 > 3) + { + frac = frac.substring(0, 4) + frac.substring(index); + d = d.substring(0, 14) + frac; + } + else if (index - 1 == 1) + { + frac = frac.substring(0, index) + "00" + frac.substring(index); + d = d.substring(0, 14) + frac; + } + else if (index - 1 == 2) + { + frac = frac.substring(0, index) + "0" + frac.substring(index); + d = d.substring(0, 14) + frac; + } + } + + return dateF.parse(d); + } + + private boolean hasFractionalSeconds() + { + for (int i = 0; i != time.length; i++) + { + if (time[i] == '.') + { + if (i == 14) + { + return true; + } + } + } + return false; + } + + boolean isConstructed() { - super(bytes); + return false; } - public ASN1GeneralizedTime(Date time) + int encodedLength() { - super(time); + int length = time.length; + + return 1 + StreamUtil.calculateBodyLength(length) + length; + } + + void encode( + ASN1OutputStream out) + throws IOException + { + out.writeEncoded(BERTags.GENERALIZED_TIME, time); + } + + boolean asn1Equals( + ASN1Primitive o) + { + if (!(o instanceof ASN1GeneralizedTime)) + { + return false; + } + + return Arrays.areEqual(time, ((ASN1GeneralizedTime)o).time); } - public ASN1GeneralizedTime(String time) + public int hashCode() { - super(time); + return Arrays.hashCode(time); } } diff --git a/bcprov/src/main/java/org/bouncycastle/asn1/ASN1InputStream.java b/bcprov/src/main/java/org/bouncycastle/asn1/ASN1InputStream.java index 44714334..1971af92 100644 --- a/bcprov/src/main/java/org/bouncycastle/asn1/ASN1InputStream.java +++ b/bcprov/src/main/java/org/bouncycastle/asn1/ASN1InputStream.java @@ -124,6 +124,12 @@ public class ASN1InputStream /** * build an object given its tag and the number of bytes to construct it from. + * + * @param tag the full tag details. + * @param tagNo the tagNo defined. + * @param length the length of the object. + * @return the resulting primitive. + * @throws java.io.IOException on processing exception. */ protected ASN1Primitive buildObject( int tag, @@ -438,7 +444,7 @@ public class ASN1InputStream case IA5_STRING: return new DERIA5String(defIn.toByteArray()); case INTEGER: - return new ASN1Integer(defIn.toByteArray()); + return new ASN1Integer(defIn.toByteArray(), false); case NULL: return DERNull.INSTANCE; // actual content is ignored (enforce 0 length?) case NUMERIC_STRING: diff --git a/bcprov/src/main/java/org/bouncycastle/asn1/ASN1Integer.java b/bcprov/src/main/java/org/bouncycastle/asn1/ASN1Integer.java index d60c6a8e..10326cf6 100644 --- a/bcprov/src/main/java/org/bouncycastle/asn1/ASN1Integer.java +++ b/bcprov/src/main/java/org/bouncycastle/asn1/ASN1Integer.java @@ -1,22 +1,157 @@ package org.bouncycastle.asn1; +import java.io.IOException; import java.math.BigInteger; +import org.bouncycastle.util.Arrays; + +/** + * Class representing the ASN.1 INTEGER type. + */ public class ASN1Integer - extends DERInteger + extends ASN1Primitive { - ASN1Integer(byte[] bytes) + byte[] bytes; + + /** + * return an integer from the passed in object + * + * @param obj an ASN1Integer or an object that can be converted into one. + * @throws IllegalArgumentException if the object cannot be converted. + * @return an ASN1Integer instance. + */ + public static ASN1Integer getInstance( + Object obj) + { + if (obj == null || obj instanceof ASN1Integer) + { + return (ASN1Integer)obj; + } + + if (obj instanceof byte[]) + { + try + { + return (ASN1Integer)fromByteArray((byte[])obj); + } + catch (Exception e) + { + throw new IllegalArgumentException("encoding error in getInstance: " + e.toString()); + } + } + + throw new IllegalArgumentException("illegal object in getInstance: " + obj.getClass().getName()); + } + + /** + * return an Integer from a tagged object. + * + * @param obj the tagged object holding the object we want + * @param explicit true if the object is meant to be explicitly + * tagged false otherwise. + * @throws IllegalArgumentException if the tagged object cannot + * be converted. + * @return an ASN1Integer instance. + */ + public static ASN1Integer getInstance( + ASN1TaggedObject obj, + boolean explicit) + { + ASN1Primitive o = obj.getObject(); + + if (explicit || o instanceof ASN1Integer) + { + return getInstance(o); + } + else + { + return new ASN1Integer(ASN1OctetString.getInstance(obj.getObject()).getOctets()); + } + } + + public ASN1Integer( + long value) { - super(bytes); + bytes = BigInteger.valueOf(value).toByteArray(); } - public ASN1Integer(BigInteger value) + public ASN1Integer( + BigInteger value) { - super(value); + bytes = value.toByteArray(); } - public ASN1Integer(long value) + public ASN1Integer( + byte[] bytes) { - super(value); + this(bytes, true); } + + ASN1Integer(byte[] bytes, boolean clone) + { + this.bytes = (clone) ? Arrays.clone(bytes) : bytes; + } + + public BigInteger getValue() + { + return new BigInteger(bytes); + } + + /** + * in some cases positive values get crammed into a space, + * that's not quite big enough... + * @return the BigInteger that results from treating this ASN.1 INTEGER as unsigned. + */ + public BigInteger getPositiveValue() + { + return new BigInteger(1, bytes); + } + + boolean isConstructed() + { + return false; + } + + int encodedLength() + { + return 1 + StreamUtil.calculateBodyLength(bytes.length) + bytes.length; + } + + void encode( + ASN1OutputStream out) + throws IOException + { + out.writeEncoded(BERTags.INTEGER, bytes); + } + + public int hashCode() + { + int value = 0; + + for (int i = 0; i != bytes.length; i++) + { + value ^= (bytes[i] & 0xff) << (i % 4); + } + + return value; + } + + boolean asn1Equals( + ASN1Primitive o) + { + if (!(o instanceof ASN1Integer)) + { + return false; + } + + ASN1Integer other = (ASN1Integer)o; + + return Arrays.areEqual(bytes, other.bytes); + } + + public String toString() + { + return getValue().toString(); + } + } diff --git a/bcprov/src/main/java/org/bouncycastle/asn1/ASN1Null.java b/bcprov/src/main/java/org/bouncycastle/asn1/ASN1Null.java index 64028696..f39d1206 100644 --- a/bcprov/src/main/java/org/bouncycastle/asn1/ASN1Null.java +++ b/bcprov/src/main/java/org/bouncycastle/asn1/ASN1Null.java @@ -3,18 +3,26 @@ package org.bouncycastle.asn1; import java.io.IOException; /** - * A NULL object. + * A NULL object - use DERNull.INSTANCE for populating structures. */ public abstract class ASN1Null extends ASN1Primitive { /** - * @deprecated use DERNull.INSTANCE + * Return an instance of ASN.1 NULL from the passed in object. + * <p> + * Accepted inputs: + * <ul> + * <li> null → null + * <li> {@link ASN1Null} object + * <li> a byte[] containing ASN.1 NULL object + * </ul> + * </p> + * + * @param o object to be converted. + * @return an instance of ASN1Null, or null. + * @exception IllegalArgumentException if the object cannot be converted. */ - public ASN1Null() - { - } - public static ASN1Null getInstance(Object o) { if (o instanceof ASN1Null) diff --git a/bcprov/src/main/java/org/bouncycastle/asn1/ASN1Object.java b/bcprov/src/main/java/org/bouncycastle/asn1/ASN1Object.java index 956fb7d6..304866f7 100644 --- a/bcprov/src/main/java/org/bouncycastle/asn1/ASN1Object.java +++ b/bcprov/src/main/java/org/bouncycastle/asn1/ASN1Object.java @@ -3,8 +3,13 @@ package org.bouncycastle.asn1; import java.io.ByteArrayOutputStream; import java.io.IOException; +import org.bouncycastle.util.Encodable; + +/** + * Base class for defining an ASN.1 object. + */ public abstract class ASN1Object - implements ASN1Encodable + implements ASN1Encodable, Encodable { /** * Return the default BER or DER encoding for this object. @@ -88,10 +93,21 @@ public abstract class ASN1Object return this.toASN1Primitive(); } + /** + * Return true if obj is a byte array and represents an object with the given tag value. + * + * @param obj object of interest. + * @param tagValue tag value to check for. + * @return true if obj is a byte encoding starting with the given tag value, false otherwise. + */ protected static boolean hasEncodedTagValue(Object obj, int tagValue) { return (obj instanceof byte[]) && ((byte[])obj)[0] == tagValue; } + /** + * Method providing a primitive representation of this object suitable for encoding. + * @return a primitive representation of this object. + */ public abstract ASN1Primitive toASN1Primitive(); } diff --git a/bcprov/src/main/java/org/bouncycastle/asn1/ASN1ObjectIdentifier.java b/bcprov/src/main/java/org/bouncycastle/asn1/ASN1ObjectIdentifier.java index 98f46a6d..4de41b75 100644 --- a/bcprov/src/main/java/org/bouncycastle/asn1/ASN1ObjectIdentifier.java +++ b/bcprov/src/main/java/org/bouncycastle/asn1/ASN1ObjectIdentifier.java @@ -1,21 +1,205 @@ package org.bouncycastle.asn1; +import java.io.ByteArrayOutputStream; +import java.io.IOException; +import java.math.BigInteger; + +import org.bouncycastle.util.Arrays; + +/** + * Class representing the ASN.1 OBJECT IDENTIFIER type. + */ public class ASN1ObjectIdentifier - extends DERObjectIdentifier + extends ASN1Primitive { - public ASN1ObjectIdentifier(String identifier) + String identifier; + + private byte[] body; + + /** + * return an OID from the passed in object + * @param obj an ASN1ObjectIdentifier or an object that can be converted into one. + * @throws IllegalArgumentException if the object cannot be converted. + * @return an ASN1ObjectIdentifier instance, or null. + */ + public static ASN1ObjectIdentifier getInstance( + Object obj) + { + if (obj == null || obj instanceof ASN1ObjectIdentifier) + { + return (ASN1ObjectIdentifier)obj; + } + + if (obj instanceof ASN1Encodable && ((ASN1Encodable)obj).toASN1Primitive() instanceof ASN1ObjectIdentifier) + { + return (ASN1ObjectIdentifier)((ASN1Encodable)obj).toASN1Primitive(); + } + + if (obj instanceof byte[]) + { + byte[] enc = (byte[])obj; + try + { + return (ASN1ObjectIdentifier)fromByteArray(enc); + } + catch (IOException e) + { + throw new IllegalArgumentException("failed to construct object identifier from byte[]: " + e.getMessage()); + } + } + + throw new IllegalArgumentException("illegal object in getInstance: " + obj.getClass().getName()); + } + + /** + * return an Object Identifier from a tagged object. + * + * @param obj the tagged object holding the object we want + * @param explicit true if the object is meant to be explicitly + * tagged false otherwise. + * @throws IllegalArgumentException if the tagged object cannot + * be converted. + * @return an ASN1ObjectIdentifier instance, or null. + */ + public static ASN1ObjectIdentifier getInstance( + ASN1TaggedObject obj, + boolean explicit) + { + ASN1Primitive o = obj.getObject(); + + if (explicit || o instanceof ASN1ObjectIdentifier) + { + return getInstance(o); + } + else + { + return ASN1ObjectIdentifier.fromOctetString(ASN1OctetString.getInstance(obj.getObject()).getOctets()); + } + } + + private static final long LONG_LIMIT = (Long.MAX_VALUE >> 7) - 0x7f; + + ASN1ObjectIdentifier( + byte[] bytes) + { + StringBuffer objId = new StringBuffer(); + long value = 0; + BigInteger bigValue = null; + boolean first = true; + + for (int i = 0; i != bytes.length; i++) + { + int b = bytes[i] & 0xff; + + if (value <= LONG_LIMIT) + { + value += (b & 0x7f); + if ((b & 0x80) == 0) // end of number reached + { + if (first) + { + if (value < 40) + { + objId.append('0'); + } + else if (value < 80) + { + objId.append('1'); + value -= 40; + } + else + { + objId.append('2'); + value -= 80; + } + first = false; + } + + objId.append('.'); + objId.append(value); + value = 0; + } + else + { + value <<= 7; + } + } + else + { + if (bigValue == null) + { + bigValue = BigInteger.valueOf(value); + } + bigValue = bigValue.or(BigInteger.valueOf(b & 0x7f)); + if ((b & 0x80) == 0) + { + if (first) + { + objId.append('2'); + bigValue = bigValue.subtract(BigInteger.valueOf(80)); + first = false; + } + + objId.append('.'); + objId.append(bigValue); + bigValue = null; + value = 0; + } + else + { + bigValue = bigValue.shiftLeft(7); + } + } + } + + this.identifier = objId.toString(); + this.body = Arrays.clone(bytes); + } + + /** + * Create an OID based on the passed in String. + * + * @param identifier a string representation of an OID. + */ + public ASN1ObjectIdentifier( + String identifier) { - super(identifier); + if (identifier == null) + { + throw new IllegalArgumentException("'identifier' cannot be null"); + } + if (!isValidIdentifier(identifier)) + { + throw new IllegalArgumentException("string " + identifier + " not an OID"); + } + + this.identifier = identifier; } - ASN1ObjectIdentifier(byte[] bytes) + /** + * Create an OID that creates a branch under the current one. + * + * @param branchID node numbers for the new branch. + * @return the OID for the new created branch. + */ + ASN1ObjectIdentifier(ASN1ObjectIdentifier oid, String branchID) { - super(bytes); + if (!isValidBranchID(branchID, 0)) + { + throw new IllegalArgumentException("string " + branchID + " not a valid OID branch"); + } + + this.identifier = oid.getId() + "." + branchID; } - ASN1ObjectIdentifier(ASN1ObjectIdentifier oid, String branch) + /** + * Return the OID as a string. + * + * @return the string representation of the OID carried by this object. + */ + public String getId() { - super(oid, branch); + return identifier; } /** @@ -31,12 +215,258 @@ public class ASN1ObjectIdentifier /** * Return true if this oid is an extension of the passed in branch, stem. + * * @param stem the arc or branch that is a possible parent. - * @return true if the branch is on the passed in stem, false otherwise. + * @return true if the branch is on the passed in stem, false otherwise. */ public boolean on(ASN1ObjectIdentifier stem) { String id = getId(), stemId = stem.getId(); return id.length() > stemId.length() && id.charAt(stemId.length()) == '.' && id.startsWith(stemId); } + + private void writeField( + ByteArrayOutputStream out, + long fieldValue) + { + byte[] result = new byte[9]; + int pos = 8; + result[pos] = (byte)((int)fieldValue & 0x7f); + while (fieldValue >= (1L << 7)) + { + fieldValue >>= 7; + result[--pos] = (byte)((int)fieldValue & 0x7f | 0x80); + } + out.write(result, pos, 9 - pos); + } + + private void writeField( + ByteArrayOutputStream out, + BigInteger fieldValue) + { + int byteCount = (fieldValue.bitLength() + 6) / 7; + if (byteCount == 0) + { + out.write(0); + } + else + { + BigInteger tmpValue = fieldValue; + byte[] tmp = new byte[byteCount]; + for (int i = byteCount - 1; i >= 0; i--) + { + tmp[i] = (byte)((tmpValue.intValue() & 0x7f) | 0x80); + tmpValue = tmpValue.shiftRight(7); + } + tmp[byteCount - 1] &= 0x7f; + out.write(tmp, 0, tmp.length); + } + } + + private void doOutput(ByteArrayOutputStream aOut) + { + OIDTokenizer tok = new OIDTokenizer(identifier); + int first = Integer.parseInt(tok.nextToken()) * 40; + + String secondToken = tok.nextToken(); + if (secondToken.length() <= 18) + { + writeField(aOut, first + Long.parseLong(secondToken)); + } + else + { + writeField(aOut, new BigInteger(secondToken).add(BigInteger.valueOf(first))); + } + + while (tok.hasMoreTokens()) + { + String token = tok.nextToken(); + if (token.length() <= 18) + { + writeField(aOut, Long.parseLong(token)); + } + else + { + writeField(aOut, new BigInteger(token)); + } + } + } + + protected synchronized byte[] getBody() + { + if (body == null) + { + ByteArrayOutputStream bOut = new ByteArrayOutputStream(); + + doOutput(bOut); + + body = bOut.toByteArray(); + } + + return body; + } + + boolean isConstructed() + { + return false; + } + + int encodedLength() + throws IOException + { + int length = getBody().length; + + return 1 + StreamUtil.calculateBodyLength(length) + length; + } + + void encode( + ASN1OutputStream out) + throws IOException + { + byte[] enc = getBody(); + + out.write(BERTags.OBJECT_IDENTIFIER); + out.writeLength(enc.length); + out.write(enc); + } + + public int hashCode() + { + return identifier.hashCode(); + } + + boolean asn1Equals( + ASN1Primitive o) + { + if (!(o instanceof ASN1ObjectIdentifier)) + { + return false; + } + + return identifier.equals(((ASN1ObjectIdentifier)o).identifier); + } + + public String toString() + { + return getId(); + } + + private static boolean isValidBranchID( + String branchID, int start) + { + boolean periodAllowed = false; + + int pos = branchID.length(); + while (--pos >= start) + { + char ch = branchID.charAt(pos); + + // TODO Leading zeroes? + if ('0' <= ch && ch <= '9') + { + periodAllowed = true; + continue; + } + + if (ch == '.') + { + if (!periodAllowed) + { + return false; + } + + periodAllowed = false; + continue; + } + + return false; + } + + return periodAllowed; + } + + private static boolean isValidIdentifier( + String identifier) + { + if (identifier.length() < 3 || identifier.charAt(1) != '.') + { + return false; + } + + char first = identifier.charAt(0); + if (first < '0' || first > '2') + { + return false; + } + + return isValidBranchID(identifier, 2); + } + + private static ASN1ObjectIdentifier[][] cache = new ASN1ObjectIdentifier[256][]; + + static ASN1ObjectIdentifier fromOctetString(byte[] enc) + { + if (enc.length < 3) + { + return new ASN1ObjectIdentifier(enc); + } + + int idx1 = enc[enc.length - 2] & 0xff; + // in this case top bit is always zero + int idx2 = enc[enc.length - 1] & 0x7f; + + ASN1ObjectIdentifier possibleMatch; + + synchronized (cache) + { + ASN1ObjectIdentifier[] first = cache[idx1]; + if (first == null) + { + first = cache[idx1] = new ASN1ObjectIdentifier[128]; + } + + possibleMatch = first[idx2]; + if (possibleMatch == null) + { + return first[idx2] = new ASN1ObjectIdentifier(enc); + } + + if (Arrays.areEqual(enc, possibleMatch.getBody())) + { + return possibleMatch; + } + + idx1 = (idx1 + 1) & 0xff; + first = cache[idx1]; + if (first == null) + { + first = cache[idx1] = new ASN1ObjectIdentifier[128]; + } + + possibleMatch = first[idx2]; + if (possibleMatch == null) + { + return first[idx2] = new ASN1ObjectIdentifier(enc); + } + + if (Arrays.areEqual(enc, possibleMatch.getBody())) + { + return possibleMatch; + } + + idx2 = (idx2 + 1) & 0x7f; + possibleMatch = first[idx2]; + if (possibleMatch == null) + { + return first[idx2] = new ASN1ObjectIdentifier(enc); + } + } + + if (Arrays.areEqual(enc, possibleMatch.getBody())) + { + return possibleMatch; + } + + return new ASN1ObjectIdentifier(enc); + } } diff --git a/bcprov/src/main/java/org/bouncycastle/asn1/ASN1OctetString.java b/bcprov/src/main/java/org/bouncycastle/asn1/ASN1OctetString.java index 703b858c..200b66a3 100644 --- a/bcprov/src/main/java/org/bouncycastle/asn1/ASN1OctetString.java +++ b/bcprov/src/main/java/org/bouncycastle/asn1/ASN1OctetString.java @@ -7,6 +7,96 @@ import java.io.InputStream; import org.bouncycastle.util.Arrays; import org.bouncycastle.util.encoders.Hex; +/** + * Abstract base for the ASN.1 OCTET STRING data type + * <p> + * This supports BER, and DER forms of the data. + * </p><p> + * DER form is always primitive single OCTET STRING, while + * BER support includes the constructed forms. + * </p> + * <hr> + * <p><b>X.690</b></p> + * <p><b>8: Basic encoding rules</b></p> + * <p><b>8.7 Encoding of an octetstring value</b></p> + * <p> + * <b>8.7.1</b> The encoding of an octetstring value shall be + * either primitive or constructed at the option of the sender. + * <blockquote> + * NOTE — Where it is necessary to transfer part of an octet string + * before the entire OCTET STRING is available, the constructed encoding + * is used. + * </blockquote> + * <p> + * <b>8.7.2</b> The primitive encoding contains zero, + * one or more contents octets equal in value to the octets + * in the data value, in the order they appear in the data value, + * and with the most significant bit of an octet of the data value + * aligned with the most significant bit of an octet of the contents octets. + * </p> + * <p> + * <b>8.7.3</b> The contents octets for the constructed encoding shall consist + * of zero, one, or more encodings. + * <blockquote> + * NOTE — Each such encoding includes identifier, length, and contents octets, + * and may include end-of-contents octets if it is constructed. + * </blockquote> + * </p> + * <p> + * <b>8.7.3.1</b> To encode an octetstring value in this way, + * it is segmented. Each segment shall consist of a series of + * consecutive octets of the value. There shall be no significance + * placed on the segment boundaries. + * <blockquote> + * NOTE — A segment may be of size zero, i.e. contain no octets. + * </blockquote> + * </p> + * <p> + * <b>8.7.3.2</b> Each encoding in the contents octets shall represent + * a segment of the overall octetstring, the encoding arising from + * a recursive application of this subclause. + * In this recursive application, each segment is treated as if it were + * a octetstring value. The encodings of the segments shall appear in the contents + * octets in the order in which their octets appear in the overall value. + * <blockquote> + * NOTE 1 — As a consequence of this recursion, + * each encoding in the contents octets may itself + * be primitive or constructed. + * However, such encodings will usually be primitive. + * </p><p> + * NOTE 2 — In particular, the tags in the contents octets are always universal class, number 4. + * </blockquote> + * </p> + * <p><b>9: Canonical encoding rules</b></p> + * <p><b>9.1 Length forms</b></p> + * <p> + * If the encoding is constructed, it shall employ the indefinite length form. + * If the encoding is primitive, it shall include the fewest length octets necessary. + * [Contrast with 8.1.3.2 b).] + * </p> + * <p><b>9.2 String encoding forms</b></p> + * <p> + * BIT STRING, OCTET STRING,and restricted character string + * values shall be encoded with a primitive encoding if they would + * require no more than 1000 contents octets, and as a constructed + * encoding otherwise. The string fragments contained in + * the constructed encoding shall be encoded with a primitive encoding. + * The encoding of each fragment, except possibly + * the last, shall have 1000 contents octets. (Contrast with 8.21.6.) + * </p> + * <b>10: Distinguished encoding rules</b> + * </p><p> + * <b>10.1 Length forms</b> + * The definite form of length encoding shall be used, + * encoded in the minimum number of octets. + * [Contrast with 8.1.3.2 b).] + * </p><p> + * <b>10.2 String encoding forms</b> + * For BIT STRING, OCTET STRING and restricted character string types, + * the constructed form of encoding shall not be used. + * (Contrast with 8.21.6.) + * </p> + */ public abstract class ASN1OctetString extends ASN1Primitive implements ASN1OctetStringParser @@ -88,16 +178,31 @@ public abstract class ASN1OctetString this.string = string; } + /** + * Return the content of the OCTET STRING as an InputStream. + * + * @return an InputStream representing the OCTET STRING's content. + */ public InputStream getOctetStream() { return new ByteArrayInputStream(string); } + /** + * Return the parser associated with this object. + * + * @return a parser based on this OCTET STRING + */ public ASN1OctetStringParser parser() { return this; } + /** + * Return the content of the OCTET STRING as a byte array. + * + * @return the byte[] representing the OCTET STRING's content. + */ public byte[] getOctets() { return string; diff --git a/bcprov/src/main/java/org/bouncycastle/asn1/ASN1OctetStringParser.java b/bcprov/src/main/java/org/bouncycastle/asn1/ASN1OctetStringParser.java index 00423175..122331f2 100644 --- a/bcprov/src/main/java/org/bouncycastle/asn1/ASN1OctetStringParser.java +++ b/bcprov/src/main/java/org/bouncycastle/asn1/ASN1OctetStringParser.java @@ -2,8 +2,16 @@ package org.bouncycastle.asn1; import java.io.InputStream; +/** + * A basic parser for an OCTET STRING object + */ public interface ASN1OctetStringParser extends ASN1Encodable, InMemoryRepresentable { + /** + * Return the content of the OCTET STRING as an InputStream. + * + * @return an InputStream representing the OCTET STRING's content. + */ public InputStream getOctetStream(); } diff --git a/bcprov/src/main/java/org/bouncycastle/asn1/ASN1Primitive.java b/bcprov/src/main/java/org/bouncycastle/asn1/ASN1Primitive.java index e6fe1370..3c887e55 100644 --- a/bcprov/src/main/java/org/bouncycastle/asn1/ASN1Primitive.java +++ b/bcprov/src/main/java/org/bouncycastle/asn1/ASN1Primitive.java @@ -2,6 +2,9 @@ package org.bouncycastle.asn1; import java.io.IOException; +/** + * Base class for ASN.1 primitive objects. These are the actual objects used to generate byte encodings. + */ public abstract class ASN1Primitive extends ASN1Object { @@ -47,11 +50,21 @@ public abstract class ASN1Primitive return this; } + /** + * Return the current object as one which encodes using Distinguished Encoding Rules. + * + * @return a DER version of this. + */ ASN1Primitive toDERObject() { return this; } + /** + * Return the current object as one which encodes using Definite Length encoding. + * + * @return a DL version of this. + */ ASN1Primitive toDLObject() { return this; diff --git a/bcprov/src/main/java/org/bouncycastle/asn1/ASN1Sequence.java b/bcprov/src/main/java/org/bouncycastle/asn1/ASN1Sequence.java index 0507a2bd..aa543f28 100644 --- a/bcprov/src/main/java/org/bouncycastle/asn1/ASN1Sequence.java +++ b/bcprov/src/main/java/org/bouncycastle/asn1/ASN1Sequence.java @@ -4,16 +4,64 @@ import java.io.IOException; import java.util.Enumeration; import java.util.Vector; +/** + * ASN.1 <code>SEQUENCE</code> and <code>SEQUENCE OF</code> constructs. + * <p> + * DER form is always definite form length fields, while + * BER support uses indefinite form. + * <hr> + * <p><b>X.690</b></p> + * <p><b>8: Basic encoding rules</b></p> + * <p><b>8.9 Encoding of a sequence value </b></p> + * 8.9.1 The encoding of a sequence value shall be constructed. + * <p> + * <b>8.9.2</b> The contents octets shall consist of the complete + * encoding of one data value from each of the types listed in + * the ASN.1 definition of the sequence type, in the order of + * their appearance in the definition, unless the type was referenced + * with the keyword <b>OPTIONAL</b> or the keyword <b>DEFAULT</b>. + * </p><p> + * <b>8.9.3</b> The encoding of a data value may, but need not, + * be present for a type which was referenced with the keyword + * <b>OPTIONAL</b> or the keyword <b>DEFAULT</b>. + * If present, it shall appear in the encoding at the point + * corresponding to the appearance of the type in the ASN.1 definition. + * </p><p> + * <b>8.10 Encoding of a sequence-of value </b> + * </p><p> + * <b>8.10.1</b> The encoding of a sequence-of value shall be constructed. + * <p> + * <b>8.10.2</b> The contents octets shall consist of zero, + * one or more complete encodings of data values from the type listed in + * the ASN.1 definition. + * <p> + * <b>8.10.3</b> The order of the encodings of the data values shall be + * the same as the order of the data values in the sequence-of value to + * be encoded. + * </p> + * <p><b>9: Canonical encoding rules</b></p> + * <p><b>9.1 Length forms</b></p> + * If the encoding is constructed, it shall employ the indefinite length form. + * If the encoding is primitive, it shall include the fewest length octets necessary. + * [Contrast with 8.1.3.2 b).] + * + * <p><b>11: Restrictions on BER employed by both CER and DER</b></p> + * <p><b>11.5 Set and sequence components with default value</b></p> + * The encoding of a set value or sequence value shall not include + * an encoding for any component value which is equal to + * its default value. + */ public abstract class ASN1Sequence extends ASN1Primitive { protected Vector seq = new Vector(); /** - * return an ASN1Sequence from the given object. + * Return an ASN1Sequence from the given object. * * @param obj the object we want converted. * @exception IllegalArgumentException if the object cannot be converted. + * @return an ASN1Sequence instance, or null. */ public static ASN1Sequence getInstance( Object obj) @@ -65,6 +113,7 @@ public abstract class ASN1Sequence * false otherwise. * @exception IllegalArgumentException if the tagged object cannot * be converted. + * @return an ASN1Sequence instance. */ public static ASN1Sequence getInstance( ASN1TaggedObject obj, @@ -110,14 +159,15 @@ public abstract class ASN1Sequence } /** - * create an empty sequence + * Create an empty sequence */ protected ASN1Sequence() { } /** - * create a sequence containing one object + * Create a sequence containing one object + * @param obj the object to be put in the SEQUENCE. */ protected ASN1Sequence( ASN1Encodable obj) @@ -126,7 +176,8 @@ public abstract class ASN1Sequence } /** - * create a sequence containing a vector of objects. + * Create a sequence containing a vector of objects. + * @param v the vector of objects to be put in the SEQUENCE */ protected ASN1Sequence( ASN1EncodableVector v) @@ -138,7 +189,7 @@ public abstract class ASN1Sequence } /** - * create a sequence containing a vector of objects. + * Create a sequence containing a vector of objects. */ protected ASN1Sequence( ASN1Encodable[] array) @@ -209,7 +260,7 @@ public abstract class ASN1Sequence } /** - * return the object at the sequence position indicated by index. + * Return the object at the sequence position indicated by index. * * @param index the sequence number (starting at zero) of the object * @return the object at the sequence position indicated by index. @@ -221,7 +272,7 @@ public abstract class ASN1Sequence } /** - * return the number of objects in this sequence. + * Return the number of objects in this sequence. * * @return the number of objects in this sequence. */ @@ -290,6 +341,10 @@ public abstract class ASN1Sequence return encObj; } + /** + * Change current SEQUENCE object to be encoded as {@link DERSequence}. + * This is part of Distinguished Encoding Rules form serialization. + */ ASN1Primitive toDERObject() { ASN1Sequence derSeq = new DERSequence(); @@ -299,6 +354,10 @@ public abstract class ASN1Sequence return derSeq; } + /** + * Change current SEQUENCE object to be encoded as {@link DLSequence}. + * This is part of Direct Length form serialization. + */ ASN1Primitive toDLObject() { ASN1Sequence dlSeq = new DLSequence(); diff --git a/bcprov/src/main/java/org/bouncycastle/asn1/ASN1SequenceParser.java b/bcprov/src/main/java/org/bouncycastle/asn1/ASN1SequenceParser.java index 441f1502..22f83c22 100644 --- a/bcprov/src/main/java/org/bouncycastle/asn1/ASN1SequenceParser.java +++ b/bcprov/src/main/java/org/bouncycastle/asn1/ASN1SequenceParser.java @@ -2,9 +2,18 @@ package org.bouncycastle.asn1; import java.io.IOException; +/** + * A basic parser for a SEQUENCE object + */ public interface ASN1SequenceParser extends ASN1Encodable, InMemoryRepresentable { + /** + * Read the next object from the underlying object representing a SEQUENCE. + * + * @throws IOException for bad input stream. + * @return the next object, null if we are at the end. + */ ASN1Encodable readObject() throws IOException; } diff --git a/bcprov/src/main/java/org/bouncycastle/asn1/ASN1Set.java b/bcprov/src/main/java/org/bouncycastle/asn1/ASN1Set.java index f1ac6c7d..b4d263a3 100644 --- a/bcprov/src/main/java/org/bouncycastle/asn1/ASN1Set.java +++ b/bcprov/src/main/java/org/bouncycastle/asn1/ASN1Set.java @@ -5,7 +5,94 @@ import java.io.IOException; import java.util.Enumeration; import java.util.Vector; -abstract public class ASN1Set +/** + * ASN.1 <code>SET</code> and <code>SET OF</code> constructs. + * <p> + * Note: This does not know which syntax the set is! + * (The difference: ordering of SET elements or not ordering.) + * <p> + * DER form is always definite form length fields, while + * BER support uses indefinite form. + * <p> + * The CER form support does not exist. + * <p> + * <hr> + * <h2>X.690</h2> + * <h3>8: Basic encoding rules</h3> + * <h4>8.11 Encoding of a set value </h4> + * <b>8.11.1</b> The encoding of a set value shall be constructed + * <p> + * <b>8.11.2</b> The contents octets shall consist of the complete + * encoding of a data value from each of the types listed in the + * ASN.1 definition of the set type, in an order chosen by the sender, + * unless the type was referenced with the keyword + * <b>OPTIONAL</b> or the keyword <b>DEFAULT</b>. + * <p> + * <b>8.11.3</b> The encoding of a data value may, but need not, + * be present for a type which was referenced with the keyword + * <b>OPTIONAL</b> or the keyword <b>DEFAULT</b>. + * <blockquote> + * NOTE — The order of data values in a set value is not significant, + * and places no constraints on the order during transfer + * </blockquote> + * <h4>8.12 Encoding of a set-of value</h4> + * <b>8.12.1</b> The encoding of a set-of value shall be constructed. + * <p> + * <b>8.12.2</b> The text of 8.10.2 applies: + * <i>The contents octets shall consist of zero, + * one or more complete encodings of data values from the type listed in + * the ASN.1 definition.</i> + * <p> + * <b>8.12.3</b> The order of data values need not be preserved by + * the encoding and subsequent decoding. + * + * <h3>9: Canonical encoding rules</h3> + * <h4>9.1 Length forms</h4> + * If the encoding is constructed, it shall employ the indefinite length form. + * If the encoding is primitive, it shall include the fewest length octets necessary. + * [Contrast with 8.1.3.2 b).] + * <h4>9.3 Set components</h4> + * The encodings of the component values of a set value shall + * appear in an order determined by their tags as specified + * in 8.6 of ITU-T Rec. X.680 | ISO/IEC 8824-1. + * Additionally, for the purposes of determining the order in which + * components are encoded when one or more component is an untagged + * choice type, each untagged choice type is ordered as though it + * has a tag equal to that of the smallest tag in that choice type + * or any untagged choice types nested within. + * + * <h3>10: Distinguished encoding rules</h3> + * <h4>10.1 Length forms</h4> + * The definite form of length encoding shall be used, + * encoded in the minimum number of octets. + * [Contrast with 8.1.3.2 b).] + * <h4>10.3 Set components</h4> + * The encodings of the component values of a set value shall appear + * in an order determined by their tags as specified + * in 8.6 of ITU-T Rec. X.680 | ISO/IEC 8824-1. + * <blockquote> + * NOTE — Where a component of the set is an untagged choice type, + * the location of that component in the ordering will depend on + * the tag of the choice component being encoded. + * </blockquote> + * + * <h3>11: Restrictions on BER employed by both CER and DER</h3> + * <h4>11.5 Set and sequence components with default value </h4> + * The encoding of a set value or sequence value shall not include + * an encoding for any component value which is equal to + * its default value. + * <h4>11.6 Set-of components </h4> + * <p> + * The encodings of the component values of a set-of value + * shall appear in ascending order, the encodings being compared + * as octet strings with the shorter components being padded at + * their trailing end with 0-octets. + * <blockquote> + * NOTE — The padding octets are for comparison purposes only + * and do not appear in the encodings. + * </blockquote> + */ +public abstract class ASN1Set extends ASN1Primitive { private Vector set = new Vector(); @@ -16,6 +103,7 @@ abstract public class ASN1Set * * @param obj the object we want converted. * @exception IllegalArgumentException if the object cannot be converted. + * @return an ASN1Set instance, or null. */ public static ASN1Set getInstance( Object obj) @@ -67,6 +155,7 @@ abstract public class ASN1Set * false otherwise. * @exception IllegalArgumentException if the tagged object cannot * be converted. + * @return an ASN1Set instance. */ public static ASN1Set getInstance( ASN1TaggedObject obj, @@ -135,6 +224,7 @@ abstract public class ASN1Set /** * create a sequence containing one object + * @param obj object to be added to the SET. */ protected ASN1Set( ASN1Encodable obj) @@ -144,6 +234,8 @@ abstract public class ASN1Set /** * create a sequence containing a vector of objects. + * @param v a vector of objects to make up the SET. + * @param doSort true if should be sorted DER style, false otherwise. */ protected ASN1Set( ASN1EncodableVector v, @@ -275,6 +367,10 @@ abstract public class ASN1Set return hashCode; } + /** + * Change current SET object to be encoded as {@link DERSet}. + * This is part of Distinguished Encoding Rules form serialization. + */ ASN1Primitive toDERObject() { if (isSorted) @@ -304,6 +400,10 @@ abstract public class ASN1Set } } + /** + * Change current SET object to be encoded as {@link DLSet}. + * This is part of Direct Length form serialization. + */ ASN1Primitive toDLObject() { ASN1Set derSet = new DLSet(); @@ -381,22 +481,17 @@ abstract public class ASN1Set return len == a.length; } - private byte[] getEncoded( + private byte[] getDEREncoded( ASN1Encodable obj) { - ByteArrayOutputStream bOut = new ByteArrayOutputStream(); - ASN1OutputStream aOut = new ASN1OutputStream(bOut); - try { - aOut.writeObject(obj); + return obj.toASN1Primitive().getEncoded(ASN1Encoding.DER); } catch (IOException e) { throw new IllegalArgumentException("cannot encode object added to SET"); } - - return bOut.toByteArray(); } protected void sort() @@ -413,13 +508,13 @@ abstract public class ASN1Set { int index = 0; int swapIndex = 0; - byte[] a = getEncoded((ASN1Encodable)set.elementAt(0)); + byte[] a = getDEREncoded((ASN1Encodable)set.elementAt(0)); swapped = false; while (index != lastSwap) { - byte[] b = getEncoded((ASN1Encodable)set.elementAt(index + 1)); + byte[] b = getDEREncoded((ASN1Encodable)set.elementAt(index + 1)); if (lessThanOrEqual(a, b)) { diff --git a/bcprov/src/main/java/org/bouncycastle/asn1/ASN1SetParser.java b/bcprov/src/main/java/org/bouncycastle/asn1/ASN1SetParser.java index e025535c..5f36dbb8 100644 --- a/bcprov/src/main/java/org/bouncycastle/asn1/ASN1SetParser.java +++ b/bcprov/src/main/java/org/bouncycastle/asn1/ASN1SetParser.java @@ -2,9 +2,18 @@ package org.bouncycastle.asn1; import java.io.IOException; +/** + * A basic parser for a SET object + */ public interface ASN1SetParser extends ASN1Encodable, InMemoryRepresentable { + /** + * Read the next object from the underlying object representing a SET. + * + * @throws IOException for bad input stream. + * @return the next object, null if we are at the end. + */ public ASN1Encodable readObject() throws IOException; } diff --git a/bcprov/src/main/java/org/bouncycastle/asn1/ASN1StreamParser.java b/bcprov/src/main/java/org/bouncycastle/asn1/ASN1StreamParser.java index 420fa347..418c1016 100644 --- a/bcprov/src/main/java/org/bouncycastle/asn1/ASN1StreamParser.java +++ b/bcprov/src/main/java/org/bouncycastle/asn1/ASN1StreamParser.java @@ -4,6 +4,9 @@ import java.io.ByteArrayInputStream; import java.io.IOException; import java.io.InputStream; +/** + * A parser for ASN.1 streams which also returns, where possible, parsers for the objects it encounters. + */ public class ASN1StreamParser { private final InputStream _in; diff --git a/bcprov/src/main/java/org/bouncycastle/asn1/ASN1UTCTime.java b/bcprov/src/main/java/org/bouncycastle/asn1/ASN1UTCTime.java index d3816f22..2c82df30 100644 --- a/bcprov/src/main/java/org/bouncycastle/asn1/ASN1UTCTime.java +++ b/bcprov/src/main/java/org/bouncycastle/asn1/ASN1UTCTime.java @@ -1,22 +1,314 @@ package org.bouncycastle.asn1; +import java.io.IOException; +import java.text.ParseException; +import java.text.SimpleDateFormat; import java.util.Date; +import java.util.Locale; +import java.util.SimpleTimeZone; +import org.bouncycastle.util.Arrays; +import org.bouncycastle.util.Strings; + +/** +- * UTC time object. + * Internal facade of {@link ASN1UTCTime}. + * <p> + * This datatype is valid only from 1950-01-01 00:00:00 UTC until 2049-12-31 23:59:59 UTC. + * <p> + * <hr> + * <p><b>X.690</b></p> + * <p><b>11: Restrictions on BER employed by both CER and DER</b></p> + * <p><b>11.8 UTCTime </b></p> + * <b>11.8.1</b> The encoding shall terminate with "Z", + * as described in the ITU-T X.680 | ISO/IEC 8824-1 clause on UTCTime. + * <p> + * <b>11.8.2</b> The seconds element shall always be present. + * <p> + * <b>11.8.3</b> Midnight (GMT) shall be represented in the form: + * <blockquote> + * "YYMMDD000000Z" + * </blockquote> + * where "YYMMDD" represents the day following the midnight in question. + */ public class ASN1UTCTime - extends DERUTCTime + extends ASN1Primitive { - ASN1UTCTime(byte[] bytes) + private byte[] time; + + /** + * return an UTC Time from the passed in object. + * + * @param obj an ASN1UTCTime or an object that can be converted into one. + * @exception IllegalArgumentException if the object cannot be converted. + * @return an ASN1UTCTime instance, or null. + */ + public static ASN1UTCTime getInstance( + Object obj) + { + if (obj == null || obj instanceof ASN1UTCTime) + { + return (ASN1UTCTime)obj; + } + + if (obj instanceof byte[]) + { + try + { + return (ASN1UTCTime)fromByteArray((byte[])obj); + } + catch (Exception e) + { + throw new IllegalArgumentException("encoding error in getInstance: " + e.toString()); + } + } + + throw new IllegalArgumentException("illegal object in getInstance: " + obj.getClass().getName()); + } + + /** + * return an UTC Time from a tagged object. + * + * @param obj the tagged object holding the object we want + * @param explicit true if the object is meant to be explicitly + * tagged false otherwise. + * @exception IllegalArgumentException if the tagged object cannot + * be converted. + * @return an ASN1UTCTime instance, or null. + */ + public static ASN1UTCTime getInstance( + ASN1TaggedObject obj, + boolean explicit) + { + ASN1Object o = obj.getObject(); + + if (explicit || o instanceof ASN1UTCTime) + { + return getInstance(o); + } + else + { + return new ASN1UTCTime(((ASN1OctetString)o).getOctets()); + } + } + + /** + * The correct format for this is YYMMDDHHMMSSZ (it used to be that seconds were + * never encoded. When you're creating one of these objects from scratch, that's + * what you want to use, otherwise we'll try to deal with whatever gets read from + * the input stream... (this is why the input format is different from the getTime() + * method output). + * <p> + * + * @param time the time string. + */ + public ASN1UTCTime( + String time) + { + this.time = Strings.toByteArray(time); + try + { + this.getDate(); + } + catch (ParseException e) + { + throw new IllegalArgumentException("invalid date string: " + e.getMessage()); + } + } + + /** + * base constructor from a java.util.date object + * @param time the Date to build the time from. + */ + public ASN1UTCTime( + Date time) + { + SimpleDateFormat dateF = new SimpleDateFormat("yyMMddHHmmss'Z'"); + + dateF.setTimeZone(new SimpleTimeZone(0,"Z")); + + this.time = Strings.toByteArray(dateF.format(time)); + } + + /** + * Base constructor from a java.util.date and Locale - you may need to use this if the default locale + * doesn't use a Gregorian calender so that the GeneralizedTime produced is compatible with other ASN.1 implementations. + * + * @param time a date object representing the time of interest. + * @param locale an appropriate Locale for producing an ASN.1 UTCTime value. + */ + public ASN1UTCTime( + Date time, + Locale locale) + { + SimpleDateFormat dateF = new SimpleDateFormat("yyMMddHHmmss'Z'", locale); + + dateF.setTimeZone(new SimpleTimeZone(0,"Z")); + + this.time = Strings.toByteArray(dateF.format(time)); + } + + ASN1UTCTime( + byte[] time) + { + this.time = time; + } + + /** + * return the time as a date based on whatever a 2 digit year will return. For + * standardised processing use getAdjustedDate(). + * + * @return the resulting date + * @exception ParseException if the date string cannot be parsed. + */ + public Date getDate() + throws ParseException + { + SimpleDateFormat dateF = new SimpleDateFormat("yyMMddHHmmssz"); + + return dateF.parse(getTime()); + } + + /** + * return the time as an adjusted date + * in the range of 1950 - 2049. + * + * @return a date in the range of 1950 to 2049. + * @exception ParseException if the date string cannot be parsed. + */ + public Date getAdjustedDate() + throws ParseException + { + SimpleDateFormat dateF = new SimpleDateFormat("yyyyMMddHHmmssz"); + + dateF.setTimeZone(new SimpleTimeZone(0, "Z")); + + return dateF.parse(getAdjustedTime()); + } + + /** + * return the time - always in the form of + * YYMMDDhhmmssGMT(+hh:mm|-hh:mm). + * <p> + * Normally in a certificate we would expect "Z" rather than "GMT", + * however adding the "GMT" means we can just use: + * <pre> + * dateF = new SimpleDateFormat("yyMMddHHmmssz"); + * </pre> + * To read in the time and get a date which is compatible with our local + * time zone. + * <p> + * <b>Note:</b> In some cases, due to the local date processing, this + * may lead to unexpected results. If you want to stick the normal + * convention of 1950 to 2049 use the getAdjustedTime() method. + */ + public String getTime() + { + String stime = Strings.fromByteArray(time); + + // + // standardise the format. + // + if (stime.indexOf('-') < 0 && stime.indexOf('+') < 0) + { + if (stime.length() == 11) + { + return stime.substring(0, 10) + "00GMT+00:00"; + } + else + { + return stime.substring(0, 12) + "GMT+00:00"; + } + } + else + { + int index = stime.indexOf('-'); + if (index < 0) + { + index = stime.indexOf('+'); + } + String d = stime; + + if (index == stime.length() - 3) + { + d += "00"; + } + + if (index == 10) + { + return d.substring(0, 10) + "00GMT" + d.substring(10, 13) + ":" + d.substring(13, 15); + } + else + { + return d.substring(0, 12) + "GMT" + d.substring(12, 15) + ":" + d.substring(15, 17); + } + } + } + + /** + * return a time string as an adjusted date with a 4 digit year. This goes + * in the range of 1950 - 2049. + */ + public String getAdjustedTime() + { + String d = this.getTime(); + + if (d.charAt(0) < '5') + { + return "20" + d; + } + else + { + return "19" + d; + } + } + + boolean isConstructed() + { + return false; + } + + int encodedLength() + { + int length = time.length; + + return 1 + StreamUtil.calculateBodyLength(length) + length; + } + + void encode( + ASN1OutputStream out) + throws IOException { - super(bytes); + out.write(BERTags.UTC_TIME); + + int length = time.length; + + out.writeLength(length); + + for (int i = 0; i != length; i++) + { + out.write((byte)time[i]); + } + } + + boolean asn1Equals( + ASN1Primitive o) + { + if (!(o instanceof ASN1UTCTime)) + { + return false; + } + + return Arrays.areEqual(time, ((ASN1UTCTime)o).time); } - public ASN1UTCTime(Date time) + public int hashCode() { - super(time); + return Arrays.hashCode(time); } - public ASN1UTCTime(String time) + public String toString() { - super(time); + return Strings.fromByteArray(time); } } diff --git a/bcprov/src/main/java/org/bouncycastle/asn1/DERApplicationSpecific.java b/bcprov/src/main/java/org/bouncycastle/asn1/DERApplicationSpecific.java index 5b592888..85d9843b 100644 --- a/bcprov/src/main/java/org/bouncycastle/asn1/DERApplicationSpecific.java +++ b/bcprov/src/main/java/org/bouncycastle/asn1/DERApplicationSpecific.java @@ -103,15 +103,6 @@ public class DERApplicationSpecific throw new IllegalArgumentException("failed to construct object from byte[]: " + e.getMessage()); } } - else if (obj instanceof ASN1Encodable) - { - ASN1Primitive primitive = ((ASN1Encodable)obj).toASN1Primitive(); - - if (primitive instanceof ASN1Sequence) - { - return (DERApplicationSpecific)primitive; - } - } throw new IllegalArgumentException("unknown object in getInstance: " + obj.getClass().getName()); } diff --git a/bcprov/src/main/java/org/bouncycastle/asn1/DERBMPString.java b/bcprov/src/main/java/org/bouncycastle/asn1/DERBMPString.java index 341e46a6..635300b4 100644 --- a/bcprov/src/main/java/org/bouncycastle/asn1/DERBMPString.java +++ b/bcprov/src/main/java/org/bouncycastle/asn1/DERBMPString.java @@ -18,6 +18,7 @@ public class DERBMPString * * @param obj the object we want converted. * @exception IllegalArgumentException if the object cannot be converted. + * @return a DERBMPString instance, or null. */ public static DERBMPString getInstance( Object obj) @@ -50,6 +51,7 @@ public class DERBMPString * tagged false otherwise. * @exception IllegalArgumentException if the tagged object cannot * be converted. + * @return a DERBMPString instance. */ public static DERBMPString getInstance( ASN1TaggedObject obj, @@ -69,6 +71,7 @@ public class DERBMPString /** * basic constructor - byte encoded string. + * @param string the encoded BMP STRING to wrap. */ DERBMPString( byte[] string) @@ -90,6 +93,7 @@ public class DERBMPString /** * basic constructor + * @param string a String to wrap as a BMP STRING. */ public DERBMPString( String string) diff --git a/bcprov/src/main/java/org/bouncycastle/asn1/DERBitString.java b/bcprov/src/main/java/org/bouncycastle/asn1/DERBitString.java index a7b02ec6..4852a796 100644 --- a/bcprov/src/main/java/org/bouncycastle/asn1/DERBitString.java +++ b/bcprov/src/main/java/org/bouncycastle/asn1/DERBitString.java @@ -18,7 +18,8 @@ public class DERBitString protected int padBits; /** - * return the correct number of pad bits for a bit string defined in + * @param bitString an int containing the BIT STRING + * @return the correct number of pad bits for a bit string defined in * a 32 bit constant */ static protected int getPadBits( @@ -66,7 +67,8 @@ public class DERBitString } /** - * return the correct number of bytes for a bit string defined in + * @param bitString an int containing the BIT STRING + * @return the correct number of bytes for a bit string defined in * a 32 bit constant */ static protected byte[] getBytes(int bitString) @@ -93,7 +95,9 @@ public class DERBitString /** * return a Bit String from the passed in object * + * @param obj a DERBitString or an object that can be converted into one. * @exception IllegalArgumentException if the object cannot be converted. + * @return a DERBitString instance, or null. */ public static DERBitString getInstance( Object obj) @@ -114,6 +118,7 @@ public class DERBitString * tagged false otherwise. * @exception IllegalArgumentException if the tagged object cannot * be converted. + * @return a DERBitString instance, or null. */ public static DERBitString getInstance( ASN1TaggedObject obj, diff --git a/bcprov/src/main/java/org/bouncycastle/asn1/DERBoolean.java b/bcprov/src/main/java/org/bouncycastle/asn1/DERBoolean.java index 8b8d2260..378ea359 100644 --- a/bcprov/src/main/java/org/bouncycastle/asn1/DERBoolean.java +++ b/bcprov/src/main/java/org/bouncycastle/asn1/DERBoolean.java @@ -1,179 +1,22 @@ package org.bouncycastle.asn1; -import java.io.IOException; - -import org.bouncycastle.util.Arrays; - +/** + * @deprecated use ASN1Boolean + */ public class DERBoolean - extends ASN1Primitive + extends ASN1Boolean { - private static final byte[] TRUE_VALUE = new byte[] { (byte)0xff }; - private static final byte[] FALSE_VALUE = new byte[] { 0 }; - - private byte[] value; - - public static final ASN1Boolean FALSE = new ASN1Boolean(false); - public static final ASN1Boolean TRUE = new ASN1Boolean(true); - - - /** - * return a boolean from the passed in object. - * - * @exception IllegalArgumentException if the object cannot be converted. - */ - public static ASN1Boolean getInstance( - Object obj) - { - if (obj == null || obj instanceof ASN1Boolean) - { - return (ASN1Boolean)obj; - } - - if (obj instanceof DERBoolean) - { - return ((DERBoolean)obj).isTrue() ? DERBoolean.TRUE : DERBoolean.FALSE; - } - - throw new IllegalArgumentException("illegal object in getInstance: " + obj.getClass().getName()); - } - - /** - * return a ASN1Boolean from the passed in boolean. - */ - public static ASN1Boolean getInstance( - boolean value) - { - return (value ? TRUE : FALSE); - } - - /** - * return a ASN1Boolean from the passed in boolean. - */ - public static ASN1Boolean getInstance( - int value) - { - return (value != 0 ? TRUE : FALSE); - } - - /** - * return a Boolean from a tagged object. - * - * @param obj the tagged object holding the object we want - * @param explicit true if the object is meant to be explicitly - * tagged false otherwise. - * @exception IllegalArgumentException if the tagged object cannot - * be converted. - */ - public static ASN1Boolean getInstance( - ASN1TaggedObject obj, - boolean explicit) - { - ASN1Primitive o = obj.getObject(); - - if (explicit || o instanceof DERBoolean) - { - return getInstance(o); - } - else - { - return ASN1Boolean.fromOctetString(((ASN1OctetString)o).getOctets()); - } - } - - DERBoolean( - byte[] value) - { - if (value.length != 1) - { - throw new IllegalArgumentException("byte value should have 1 byte in it"); - } - - if (value[0] == 0) - { - this.value = FALSE_VALUE; - } - else if (value[0] == 0xff) - { - this.value = TRUE_VALUE; - } - else - { - this.value = Arrays.clone(value); - } - } - /** * @deprecated use getInstance(boolean) method. * @param value */ - public DERBoolean( - boolean value) - { - this.value = (value) ? TRUE_VALUE : FALSE_VALUE; - } - - public boolean isTrue() - { - return (value[0] != 0); - } - - boolean isConstructed() - { - return false; - } - - int encodedLength() + public DERBoolean(boolean value) { - return 3; + super(value); } - void encode( - ASN1OutputStream out) - throws IOException + DERBoolean(byte[] value) { - out.writeEncoded(BERTags.BOOLEAN, value); - } - - protected boolean asn1Equals( - ASN1Primitive o) - { - if ((o == null) || !(o instanceof DERBoolean)) - { - return false; - } - - return (value[0] == ((DERBoolean)o).value[0]); - } - - public int hashCode() - { - return value[0]; - } - - - public String toString() - { - return (value[0] != 0) ? "TRUE" : "FALSE"; - } - - static ASN1Boolean fromOctetString(byte[] value) - { - if (value.length != 1) - { - throw new IllegalArgumentException("BOOLEAN value should have 1 byte in it"); - } - - if (value[0] == 0) - { - return FALSE; - } - else if (value[0] == 0xff) - { - return TRUE; - } - else - { - return new ASN1Boolean(value); - } + super(value); } } diff --git a/bcprov/src/main/java/org/bouncycastle/asn1/DEREnumerated.java b/bcprov/src/main/java/org/bouncycastle/asn1/DEREnumerated.java index 9b1ef55c..daa8777e 100644 --- a/bcprov/src/main/java/org/bouncycastle/asn1/DEREnumerated.java +++ b/bcprov/src/main/java/org/bouncycastle/asn1/DEREnumerated.java @@ -1,170 +1,37 @@ package org.bouncycastle.asn1; -import java.io.IOException; import java.math.BigInteger; -import org.bouncycastle.util.Arrays; - /** - * Use ASN1Enumerated instead of this. + * @deprecated Use ASN1Enumerated instead of this. */ public class DEREnumerated - extends ASN1Primitive + extends ASN1Enumerated { - byte[] bytes; - - /** - * return an integer from the passed in object - * - * @exception IllegalArgumentException if the object cannot be converted. - */ - public static ASN1Enumerated getInstance( - Object obj) - { - if (obj == null || obj instanceof ASN1Enumerated) - { - return (ASN1Enumerated)obj; - } - - if (obj instanceof DEREnumerated) - { - return new ASN1Enumerated(((DEREnumerated)obj).getValue()); - } - - if (obj instanceof byte[]) - { - try - { - return (ASN1Enumerated)fromByteArray((byte[])obj); - } - catch (Exception e) - { - throw new IllegalArgumentException("encoding error in getInstance: " + e.toString()); - } - } - - throw new IllegalArgumentException("illegal object in getInstance: " + obj.getClass().getName()); - } - - /** - * return an Enumerated from a tagged object. - * - * @param obj the tagged object holding the object we want - * @param explicit true if the object is meant to be explicitly - * tagged false otherwise. - * @exception IllegalArgumentException if the tagged object cannot - * be converted. - */ - public static ASN1Enumerated getInstance( - ASN1TaggedObject obj, - boolean explicit) - { - ASN1Primitive o = obj.getObject(); - - if (explicit || o instanceof DEREnumerated) - { - return getInstance(o); - } - else - { - return fromOctetString(((ASN1OctetString)o).getOctets()); - } - } - /** + * @param bytes the value of this enumerated as an encoded BigInteger (signed). * @deprecated use ASN1Enumerated */ - public DEREnumerated( - int value) + DEREnumerated(byte[] bytes) { - bytes = BigInteger.valueOf(value).toByteArray(); + super(bytes); } /** + * @param value the value of this enumerated. * @deprecated use ASN1Enumerated */ - public DEREnumerated( - BigInteger value) + public DEREnumerated(BigInteger value) { - bytes = value.toByteArray(); + super(value); } /** + * @param value the value of this enumerated. * @deprecated use ASN1Enumerated */ - public DEREnumerated( - byte[] bytes) - { - this.bytes = bytes; - } - - public BigInteger getValue() - { - return new BigInteger(bytes); - } - - boolean isConstructed() + public DEREnumerated(int value) { - return false; - } - - int encodedLength() - { - return 1 + StreamUtil.calculateBodyLength(bytes.length) + bytes.length; - } - - void encode( - ASN1OutputStream out) - throws IOException - { - out.writeEncoded(BERTags.ENUMERATED, bytes); - } - - boolean asn1Equals( - ASN1Primitive o) - { - if (!(o instanceof DEREnumerated)) - { - return false; - } - - DEREnumerated other = (DEREnumerated)o; - - return Arrays.areEqual(this.bytes, other.bytes); - } - - public int hashCode() - { - return Arrays.hashCode(bytes); - } - - private static ASN1Enumerated[] cache = new ASN1Enumerated[12]; - - static ASN1Enumerated fromOctetString(byte[] enc) - { - if (enc.length > 1) - { - return new ASN1Enumerated(Arrays.clone(enc)); - } - - if (enc.length == 0) - { - throw new IllegalArgumentException("ENUMERATED has zero length"); - } - int value = enc[0] & 0xff; - - if (value >= cache.length) - { - return new ASN1Enumerated(Arrays.clone(enc)); - } - - ASN1Enumerated possibleMatch = cache[value]; - - if (possibleMatch == null) - { - possibleMatch = cache[value] = new ASN1Enumerated(Arrays.clone(enc)); - } - - return possibleMatch; + super(value); } } diff --git a/bcprov/src/main/java/org/bouncycastle/asn1/DERGeneralizedTime.java b/bcprov/src/main/java/org/bouncycastle/asn1/DERGeneralizedTime.java index 43e46731..adee74ec 100644 --- a/bcprov/src/main/java/org/bouncycastle/asn1/DERGeneralizedTime.java +++ b/bcprov/src/main/java/org/bouncycastle/asn1/DERGeneralizedTime.java @@ -1,350 +1,28 @@ package org.bouncycastle.asn1; -import java.io.IOException; -import java.text.ParseException; -import java.text.SimpleDateFormat; import java.util.Date; -import java.util.SimpleTimeZone; -import java.util.TimeZone; - -import org.bouncycastle.util.Arrays; -import org.bouncycastle.util.Strings; /** - * Generalized time object. + * DER Generalized time object. */ public class DERGeneralizedTime - extends ASN1Primitive + extends ASN1GeneralizedTime { - private byte[] time; - - /** - * return a generalized time from the passed in object - * - * @exception IllegalArgumentException if the object cannot be converted. - */ - public static ASN1GeneralizedTime getInstance( - Object obj) - { - if (obj == null || obj instanceof ASN1GeneralizedTime) - { - return (ASN1GeneralizedTime)obj; - } - - if (obj instanceof DERGeneralizedTime) - { - return new ASN1GeneralizedTime(((DERGeneralizedTime)obj).time); - } - - if (obj instanceof byte[]) - { - try - { - return (ASN1GeneralizedTime)fromByteArray((byte[])obj); - } - catch (Exception e) - { - throw new IllegalArgumentException("encoding error in getInstance: " + e.toString()); - } - } - - throw new IllegalArgumentException("illegal object in getInstance: " + obj.getClass().getName()); - } - - /** - * return a Generalized Time object from a tagged object. - * - * @param obj the tagged object holding the object we want - * @param explicit true if the object is meant to be explicitly - * tagged false otherwise. - * @exception IllegalArgumentException if the tagged object cannot - * be converted. - */ - public static ASN1GeneralizedTime getInstance( - ASN1TaggedObject obj, - boolean explicit) - { - ASN1Primitive o = obj.getObject(); - - if (explicit || o instanceof DERGeneralizedTime) - { - return getInstance(o); - } - else - { - return new ASN1GeneralizedTime(((ASN1OctetString)o).getOctets()); - } - } - - /** - * The correct format for this is YYYYMMDDHHMMSS[.f]Z, or without the Z - * for local time, or Z+-HHMM on the end, for difference between local - * time and UTC time. The fractional second amount f must consist of at - * least one number with trailing zeroes removed. - * - * @param time the time string. - * @exception IllegalArgumentException if String is an illegal format. - */ - public DERGeneralizedTime( - String time) - { - this.time = Strings.toByteArray(time); - try - { - this.getDate(); - } - catch (ParseException e) - { - throw new IllegalArgumentException("invalid date string: " + e.getMessage()); - } - } - - /** - * base constructor from a java.util.date object - */ - public DERGeneralizedTime( - Date time) - { - SimpleDateFormat dateF = new SimpleDateFormat("yyyyMMddHHmmss'Z'"); - - dateF.setTimeZone(new SimpleTimeZone(0,"Z")); - - this.time = Strings.toByteArray(dateF.format(time)); - } - - DERGeneralizedTime( - byte[] bytes) - { - this.time = bytes; - } - - /** - * Return the time. - * @return The time string as it appeared in the encoded object. - */ - public String getTimeString() - { - return Strings.fromByteArray(time); - } - - /** - * return the time - always in the form of - * YYYYMMDDhhmmssGMT(+hh:mm|-hh:mm). - * <p> - * Normally in a certificate we would expect "Z" rather than "GMT", - * however adding the "GMT" means we can just use: - * <pre> - * dateF = new SimpleDateFormat("yyyyMMddHHmmssz"); - * </pre> - * To read in the time and get a date which is compatible with our local - * time zone. - */ - public String getTime() - { - String stime = Strings.fromByteArray(time); - - // - // standardise the format. - // - if (stime.charAt(stime.length() - 1) == 'Z') - { - return stime.substring(0, stime.length() - 1) + "GMT+00:00"; - } - else - { - int signPos = stime.length() - 5; - char sign = stime.charAt(signPos); - if (sign == '-' || sign == '+') - { - return stime.substring(0, signPos) - + "GMT" - + stime.substring(signPos, signPos + 3) - + ":" - + stime.substring(signPos + 3); - } - else - { - signPos = stime.length() - 3; - sign = stime.charAt(signPos); - if (sign == '-' || sign == '+') - { - return stime.substring(0, signPos) - + "GMT" - + stime.substring(signPos) - + ":00"; - } - } - } - return stime + calculateGMTOffset(); - } - private String calculateGMTOffset() + DERGeneralizedTime(byte[] bytes) { - String sign = "+"; - TimeZone timeZone = TimeZone.getDefault(); - int offset = timeZone.getRawOffset(); - if (offset < 0) - { - sign = "-"; - offset = -offset; - } - int hours = offset / (60 * 60 * 1000); - int minutes = (offset - (hours * 60 * 60 * 1000)) / (60 * 1000); - - try - { - if (timeZone.useDaylightTime() && timeZone.inDaylightTime(this.getDate())) - { - hours += sign.equals("+") ? 1 : -1; - } - } - catch (ParseException e) - { - // we'll do our best and ignore daylight savings - } - - return "GMT" + sign + convert(hours) + ":" + convert(minutes); + super(bytes); } - private String convert(int time) + public DERGeneralizedTime(Date time) { - if (time < 10) - { - return "0" + time; - } - - return Integer.toString(time); - } - - public Date getDate() - throws ParseException - { - SimpleDateFormat dateF; - String stime = Strings.fromByteArray(time); - String d = stime; - - if (stime.endsWith("Z")) - { - if (hasFractionalSeconds()) - { - dateF = new SimpleDateFormat("yyyyMMddHHmmss.SSS'Z'"); - } - else - { - dateF = new SimpleDateFormat("yyyyMMddHHmmss'Z'"); - } - - dateF.setTimeZone(new SimpleTimeZone(0, "Z")); - } - else if (stime.indexOf('-') > 0 || stime.indexOf('+') > 0) - { - d = this.getTime(); - if (hasFractionalSeconds()) - { - dateF = new SimpleDateFormat("yyyyMMddHHmmss.SSSz"); - } - else - { - dateF = new SimpleDateFormat("yyyyMMddHHmmssz"); - } - - dateF.setTimeZone(new SimpleTimeZone(0, "Z")); - } - else - { - if (hasFractionalSeconds()) - { - dateF = new SimpleDateFormat("yyyyMMddHHmmss.SSS"); - } - else - { - dateF = new SimpleDateFormat("yyyyMMddHHmmss"); - } - - dateF.setTimeZone(new SimpleTimeZone(0, TimeZone.getDefault().getID())); - } - - if (hasFractionalSeconds()) - { - // java misinterprets extra digits as being milliseconds... - String frac = d.substring(14); - int index; - for (index = 1; index < frac.length(); index++) - { - char ch = frac.charAt(index); - if (!('0' <= ch && ch <= '9')) - { - break; - } - } - - if (index - 1 > 3) - { - frac = frac.substring(0, 4) + frac.substring(index); - d = d.substring(0, 14) + frac; - } - else if (index - 1 == 1) - { - frac = frac.substring(0, index) + "00" + frac.substring(index); - d = d.substring(0, 14) + frac; - } - else if (index - 1 == 2) - { - frac = frac.substring(0, index) + "0" + frac.substring(index); - d = d.substring(0, 14) + frac; - } - } - - return dateF.parse(d); + super(time); } - private boolean hasFractionalSeconds() + public DERGeneralizedTime(String time) { - for (int i = 0; i != time.length; i++) - { - if (time[i] == '.') - { - if (i == 14) - { - return true; - } - } - } - return false; + super(time); } - boolean isConstructed() - { - return false; - } - - int encodedLength() - { - int length = time.length; - - return 1 + StreamUtil.calculateBodyLength(length) + length; - } - - void encode( - ASN1OutputStream out) - throws IOException - { - out.writeEncoded(BERTags.GENERALIZED_TIME, time); - } - - boolean asn1Equals( - ASN1Primitive o) - { - if (!(o instanceof DERGeneralizedTime)) - { - return false; - } - - return Arrays.areEqual(time, ((DERGeneralizedTime)o).time); - } - - public int hashCode() - { - return Arrays.hashCode(time); - } + // TODO: create proper DER encoding. } diff --git a/bcprov/src/main/java/org/bouncycastle/asn1/DERIA5String.java b/bcprov/src/main/java/org/bouncycastle/asn1/DERIA5String.java index 631672ef..1c533b10 100644 --- a/bcprov/src/main/java/org/bouncycastle/asn1/DERIA5String.java +++ b/bcprov/src/main/java/org/bouncycastle/asn1/DERIA5String.java @@ -17,7 +17,9 @@ public class DERIA5String /** * return a IA5 string from the passed in object * + * @param obj a DERIA5String or an object that can be converted into one. * @exception IllegalArgumentException if the object cannot be converted. + * @return a DERIA5String instance, or null. */ public static DERIA5String getInstance( Object obj) @@ -50,6 +52,7 @@ public class DERIA5String * tagged false otherwise. * @exception IllegalArgumentException if the tagged object cannot * be converted. + * @return a DERIA5String instance, or null. */ public static DERIA5String getInstance( ASN1TaggedObject obj, @@ -69,6 +72,7 @@ public class DERIA5String /** * basic constructor - with bytes. + * @param string the byte encoding of the characters making up the string. */ DERIA5String( byte[] string) @@ -78,6 +82,7 @@ public class DERIA5String /** * basic constructor - without validation. + * @param string the base string to use.. */ public DERIA5String( String string) @@ -163,7 +168,8 @@ public class DERIA5String * return true if the passed in String can be represented without * loss as an IA5String, false otherwise. * - * @return true if in printable set, false otherwise. + * @param str the string to check. + * @return true if character set in IA5String set, false otherwise. */ public static boolean isIA5String( String str) diff --git a/bcprov/src/main/java/org/bouncycastle/asn1/DERInteger.java b/bcprov/src/main/java/org/bouncycastle/asn1/DERInteger.java index 57cc84a7..d2e850f3 100644 --- a/bcprov/src/main/java/org/bouncycastle/asn1/DERInteger.java +++ b/bcprov/src/main/java/org/bouncycastle/asn1/DERInteger.java @@ -1,160 +1,30 @@ package org.bouncycastle.asn1; -import java.io.IOException; import java.math.BigInteger; -import org.bouncycastle.util.Arrays; - /** - * Use ASN1Integer instead of this, + * @deprecated Use ASN1Integer instead of this, */ public class DERInteger - extends ASN1Primitive + extends ASN1Integer { - byte[] bytes; - - /** - * return an integer from the passed in object - * - * @exception IllegalArgumentException if the object cannot be converted. - */ - public static ASN1Integer getInstance( - Object obj) - { - if (obj == null || obj instanceof ASN1Integer) - { - return (ASN1Integer)obj; - } - if (obj instanceof DERInteger) - { - return new ASN1Integer((((DERInteger)obj).getValue())); - } - - if (obj instanceof byte[]) - { - try - { - return (ASN1Integer)fromByteArray((byte[])obj); - } - catch (Exception e) - { - throw new IllegalArgumentException("encoding error in getInstance: " + e.toString()); - } - } - - throw new IllegalArgumentException("illegal object in getInstance: " + obj.getClass().getName()); - } - /** - * return an Integer from a tagged object. + * Constructor from a byte array containing a signed representation of the number. * - * @param obj the tagged object holding the object we want - * @param explicit true if the object is meant to be explicitly - * tagged false otherwise. - * @exception IllegalArgumentException if the tagged object cannot - * be converted. - */ - public static ASN1Integer getInstance( - ASN1TaggedObject obj, - boolean explicit) - { - ASN1Primitive o = obj.getObject(); - - if (explicit || o instanceof DERInteger) - { - return getInstance(o); - } - else - { - return new ASN1Integer(ASN1OctetString.getInstance(obj.getObject()).getOctets()); - } - } - - /** - * @deprecated use ASN1Integer constructor - */ - public DERInteger( - long value) - { - bytes = BigInteger.valueOf(value).toByteArray(); - } - - /** - * @deprecated use ASN1Integer constructor + * @param bytes a byte array containing the signed number.A copy is made of the byte array. */ - public DERInteger( - BigInteger value) + public DERInteger(byte[] bytes) { - bytes = value.toByteArray(); + super(bytes, true); } - /** - * @deprecated use ASN1Integer constructor - */ - public DERInteger( - byte[] bytes) + public DERInteger(BigInteger value) { - this.bytes = bytes; - } - - public BigInteger getValue() - { - return new BigInteger(bytes); - } - - /** - * in some cases positive values get crammed into a space, - * that's not quite big enough... - */ - public BigInteger getPositiveValue() - { - return new BigInteger(1, bytes); - } - - boolean isConstructed() - { - return false; - } - - int encodedLength() - { - return 1 + StreamUtil.calculateBodyLength(bytes.length) + bytes.length; - } - - void encode( - ASN1OutputStream out) - throws IOException - { - out.writeEncoded(BERTags.INTEGER, bytes); - } - - public int hashCode() - { - int value = 0; - - for (int i = 0; i != bytes.length; i++) - { - value ^= (bytes[i] & 0xff) << (i % 4); - } - - return value; - } - - boolean asn1Equals( - ASN1Primitive o) - { - if (!(o instanceof DERInteger)) - { - return false; - } - - DERInteger other = (DERInteger)o; - - return Arrays.areEqual(bytes, other.bytes); + super(value); } - public String toString() + public DERInteger(long value) { - return getValue().toString(); + super(value); } } diff --git a/bcprov/src/main/java/org/bouncycastle/asn1/DERNumericString.java b/bcprov/src/main/java/org/bouncycastle/asn1/DERNumericString.java index eca4eea2..e1b1276d 100644 --- a/bcprov/src/main/java/org/bouncycastle/asn1/DERNumericString.java +++ b/bcprov/src/main/java/org/bouncycastle/asn1/DERNumericString.java @@ -17,7 +17,9 @@ public class DERNumericString /** * return a Numeric string from the passed in object * + * @param obj a DERNumericString or an object that can be converted into one. * @exception IllegalArgumentException if the object cannot be converted. + * @return a DERNumericString instance, or null */ public static DERNumericString getInstance( Object obj) @@ -50,6 +52,7 @@ public class DERNumericString * tagged false otherwise. * @exception IllegalArgumentException if the tagged object cannot * be converted. + * @return a DERNumericString instance, or null. */ public static DERNumericString getInstance( ASN1TaggedObject obj, diff --git a/bcprov/src/main/java/org/bouncycastle/asn1/DERObjectIdentifier.java b/bcprov/src/main/java/org/bouncycastle/asn1/DERObjectIdentifier.java index 3d4d04c1..acb2ada6 100644 --- a/bcprov/src/main/java/org/bouncycastle/asn1/DERObjectIdentifier.java +++ b/bcprov/src/main/java/org/bouncycastle/asn1/DERObjectIdentifier.java @@ -1,446 +1,24 @@ package org.bouncycastle.asn1; -import java.io.ByteArrayOutputStream; -import java.io.IOException; -import java.math.BigInteger; - -import org.bouncycastle.util.Arrays; - /** - * Use ASN1ObjectIdentifier instead of this, + * + * @deprecated Use ASN1ObjectIdentifier instead of this, */ public class DERObjectIdentifier - extends ASN1Primitive + extends ASN1ObjectIdentifier { - String identifier; - - private byte[] body; - - /** - * return an OID from the passed in object - * - * @throws IllegalArgumentException if the object cannot be converted. - */ - public static ASN1ObjectIdentifier getInstance( - Object obj) - { - if (obj == null || obj instanceof ASN1ObjectIdentifier) - { - return (ASN1ObjectIdentifier)obj; - } - - if (obj instanceof DERObjectIdentifier) - { - return new ASN1ObjectIdentifier(((DERObjectIdentifier)obj).getId()); - } - - if (obj instanceof ASN1Encodable && ((ASN1Encodable)obj).toASN1Primitive() instanceof ASN1ObjectIdentifier) - { - return (ASN1ObjectIdentifier)((ASN1Encodable)obj).toASN1Primitive(); - } - - if (obj instanceof byte[]) - { - byte[] enc = (byte[])obj; - if (enc[0] == BERTags.OBJECT_IDENTIFIER) - { - try - { - return (ASN1ObjectIdentifier)fromByteArray(enc); - } - catch (IOException e) - { - throw new IllegalArgumentException("failed to construct sequence from byte[]: " + e.getMessage()); - } - } - else - { // TODO: this really shouldn't be supported here... - return ASN1ObjectIdentifier.fromOctetString((byte[])obj); - } - } - - throw new IllegalArgumentException("illegal object in getInstance: " + obj.getClass().getName()); - } - - /** - * return an Object Identifier from a tagged object. - * - * @param obj the tagged object holding the object we want - * @param explicit true if the object is meant to be explicitly - * tagged false otherwise. - * @throws IllegalArgumentException if the tagged object cannot - * be converted. - */ - public static ASN1ObjectIdentifier getInstance( - ASN1TaggedObject obj, - boolean explicit) - { - ASN1Primitive o = obj.getObject(); - - if (explicit || o instanceof DERObjectIdentifier) - { - return getInstance(o); - } - else - { - return ASN1ObjectIdentifier.fromOctetString(ASN1OctetString.getInstance(obj.getObject()).getOctets()); - } - } - - private static final long LONG_LIMIT = (Long.MAX_VALUE >> 7) - 0x7f; - - DERObjectIdentifier( - byte[] bytes) + public DERObjectIdentifier(String identifier) { - StringBuffer objId = new StringBuffer(); - long value = 0; - BigInteger bigValue = null; - boolean first = true; - - for (int i = 0; i != bytes.length; i++) - { - int b = bytes[i] & 0xff; - - if (value <= LONG_LIMIT) - { - value += (b & 0x7f); - if ((b & 0x80) == 0) // end of number reached - { - if (first) - { - if (value < 40) - { - objId.append('0'); - } - else if (value < 80) - { - objId.append('1'); - value -= 40; - } - else - { - objId.append('2'); - value -= 80; - } - first = false; - } - - objId.append('.'); - objId.append(value); - value = 0; - } - else - { - value <<= 7; - } - } - else - { - if (bigValue == null) - { - bigValue = BigInteger.valueOf(value); - } - bigValue = bigValue.or(BigInteger.valueOf(b & 0x7f)); - if ((b & 0x80) == 0) - { - if (first) - { - objId.append('2'); - bigValue = bigValue.subtract(BigInteger.valueOf(80)); - first = false; - } - - objId.append('.'); - objId.append(bigValue); - bigValue = null; - value = 0; - } - else - { - bigValue = bigValue.shiftLeft(7); - } - } - } - - this.identifier = objId.toString(); - this.body = Arrays.clone(bytes); + super(identifier); } - /** - * @deprecated use ASN1ObjectIdentifier constructor. - */ - public DERObjectIdentifier( - String identifier) + DERObjectIdentifier(byte[] bytes) { - if (identifier == null) - { - throw new IllegalArgumentException("'identifier' cannot be null"); - } - if (!isValidIdentifier(identifier)) - { - throw new IllegalArgumentException("string " + identifier + " not an OID"); - } - - this.identifier = identifier; + super(bytes); } - DERObjectIdentifier(DERObjectIdentifier oid, String branchID) + DERObjectIdentifier(ASN1ObjectIdentifier oid, String branch) { - if (!isValidBranchID(branchID, 0)) - { - throw new IllegalArgumentException("string " + branchID + " not a valid OID branch"); - } - - this.identifier = oid.getId() + "." + branchID; - } - - public String getId() - { - return identifier; - } - - private void writeField( - ByteArrayOutputStream out, - long fieldValue) - { - byte[] result = new byte[9]; - int pos = 8; - result[pos] = (byte)((int)fieldValue & 0x7f); - while (fieldValue >= (1L << 7)) - { - fieldValue >>= 7; - result[--pos] = (byte)((int)fieldValue & 0x7f | 0x80); - } - out.write(result, pos, 9 - pos); - } - - private void writeField( - ByteArrayOutputStream out, - BigInteger fieldValue) - { - int byteCount = (fieldValue.bitLength() + 6) / 7; - if (byteCount == 0) - { - out.write(0); - } - else - { - BigInteger tmpValue = fieldValue; - byte[] tmp = new byte[byteCount]; - for (int i = byteCount - 1; i >= 0; i--) - { - tmp[i] = (byte)((tmpValue.intValue() & 0x7f) | 0x80); - tmpValue = tmpValue.shiftRight(7); - } - tmp[byteCount - 1] &= 0x7f; - out.write(tmp, 0, tmp.length); - } - } - - private void doOutput(ByteArrayOutputStream aOut) - { - OIDTokenizer tok = new OIDTokenizer(identifier); - int first = Integer.parseInt(tok.nextToken()) * 40; - - String secondToken = tok.nextToken(); - if (secondToken.length() <= 18) - { - writeField(aOut, first + Long.parseLong(secondToken)); - } - else - { - writeField(aOut, new BigInteger(secondToken).add(BigInteger.valueOf(first))); - } - - while (tok.hasMoreTokens()) - { - String token = tok.nextToken(); - if (token.length() <= 18) - { - writeField(aOut, Long.parseLong(token)); - } - else - { - writeField(aOut, new BigInteger(token)); - } - } - } - - protected synchronized byte[] getBody() - { - if (body == null) - { - ByteArrayOutputStream bOut = new ByteArrayOutputStream(); - - doOutput(bOut); - - body = bOut.toByteArray(); - } - - return body; - } - - boolean isConstructed() - { - return false; - } - - int encodedLength() - throws IOException - { - int length = getBody().length; - - return 1 + StreamUtil.calculateBodyLength(length) + length; - } - - void encode( - ASN1OutputStream out) - throws IOException - { - byte[] enc = getBody(); - - out.write(BERTags.OBJECT_IDENTIFIER); - out.writeLength(enc.length); - out.write(enc); - } - - public int hashCode() - { - return identifier.hashCode(); - } - - boolean asn1Equals( - ASN1Primitive o) - { - if (!(o instanceof DERObjectIdentifier)) - { - return false; - } - - return identifier.equals(((DERObjectIdentifier)o).identifier); - } - - public String toString() - { - return getId(); - } - - private static boolean isValidBranchID( - String branchID, int start) - { - boolean periodAllowed = false; - - int pos = branchID.length(); - while (--pos >= start) - { - char ch = branchID.charAt(pos); - - // TODO Leading zeroes? - if ('0' <= ch && ch <= '9') - { - periodAllowed = true; - continue; - } - - if (ch == '.') - { - if (!periodAllowed) - { - return false; - } - - periodAllowed = false; - continue; - } - - return false; - } - - return periodAllowed; - } - - private static boolean isValidIdentifier( - String identifier) - { - if (identifier.length() < 3 || identifier.charAt(1) != '.') - { - return false; - } - - char first = identifier.charAt(0); - if (first < '0' || first > '2') - { - return false; - } - - return isValidBranchID(identifier, 2); - } - - private static ASN1ObjectIdentifier[][] cache = new ASN1ObjectIdentifier[256][]; - - static ASN1ObjectIdentifier fromOctetString(byte[] enc) - { - if (enc.length < 3) - { - return new ASN1ObjectIdentifier(enc); - } - - int idx1 = enc[enc.length - 2] & 0xff; - // in this case top bit is always zero - int idx2 = enc[enc.length - 1] & 0x7f; - - ASN1ObjectIdentifier possibleMatch; - - synchronized (cache) - { - ASN1ObjectIdentifier[] first = cache[idx1]; - if (first == null) - { - first = cache[idx1] = new ASN1ObjectIdentifier[128]; - } - - possibleMatch = first[idx2]; - if (possibleMatch == null) - { - return first[idx2] = new ASN1ObjectIdentifier(enc); - } - - if (Arrays.areEqual(enc, possibleMatch.getBody())) - { - return possibleMatch; - } - - idx1 = (idx1 + 1) & 0xff; - first = cache[idx1]; - if (first == null) - { - first = cache[idx1] = new ASN1ObjectIdentifier[128]; - } - - possibleMatch = first[idx2]; - if (possibleMatch == null) - { - return first[idx2] = new ASN1ObjectIdentifier(enc); - } - - if (Arrays.areEqual(enc, possibleMatch.getBody())) - { - return possibleMatch; - } - - idx2 = (idx2 + 1) & 0x7f; - possibleMatch = first[idx2]; - if (possibleMatch == null) - { - return first[idx2] = new ASN1ObjectIdentifier(enc); - } - } - - if (Arrays.areEqual(enc, possibleMatch.getBody())) - { - return possibleMatch; - } - - return new ASN1ObjectIdentifier(enc); + super(oid, branch); } } diff --git a/bcprov/src/main/java/org/bouncycastle/asn1/DERPrintableString.java b/bcprov/src/main/java/org/bouncycastle/asn1/DERPrintableString.java index 9f9b3dd1..e7c5d753 100644 --- a/bcprov/src/main/java/org/bouncycastle/asn1/DERPrintableString.java +++ b/bcprov/src/main/java/org/bouncycastle/asn1/DERPrintableString.java @@ -16,8 +16,10 @@ public class DERPrintableString /** * return a printable string from the passed in object. - * + * + * @param obj a DERPrintableString or an object that can be converted into one. * @exception IllegalArgumentException if the object cannot be converted. + * @return a DERPrintableString instance, or null. */ public static DERPrintableString getInstance( Object obj) @@ -50,6 +52,7 @@ public class DERPrintableString * tagged false otherwise. * @exception IllegalArgumentException if the tagged object cannot * be converted. + * @return a DERPrintableString instance, or null. */ public static DERPrintableString getInstance( ASN1TaggedObject obj, diff --git a/bcprov/src/main/java/org/bouncycastle/asn1/DERT61String.java b/bcprov/src/main/java/org/bouncycastle/asn1/DERT61String.java index d50fb7c3..783cd336 100644 --- a/bcprov/src/main/java/org/bouncycastle/asn1/DERT61String.java +++ b/bcprov/src/main/java/org/bouncycastle/asn1/DERT61String.java @@ -18,7 +18,9 @@ public class DERT61String /** * return a T61 string from the passed in object. * + * @param obj a DERT61String or an object that can be converted into one. * @exception IllegalArgumentException if the object cannot be converted. + * @return a DERT61String instance, or null */ public static DERT61String getInstance( Object obj) @@ -51,6 +53,7 @@ public class DERT61String * tagged false otherwise. * @exception IllegalArgumentException if the tagged object cannot * be converted. + * @return a DERT61String instance, or null */ public static DERT61String getInstance( ASN1TaggedObject obj, @@ -70,6 +73,8 @@ public class DERT61String /** * basic constructor - string encoded as a sequence of bytes. + * + * @param string the byte encoding of the string to be wrapped. */ public DERT61String( byte[] string) @@ -79,6 +84,8 @@ public class DERT61String /** * basic constructor - with string 8 bit assumed. + * + * @param string the string to be wrapped. */ public DERT61String( String string) diff --git a/bcprov/src/main/java/org/bouncycastle/asn1/DERT61UTF8String.java b/bcprov/src/main/java/org/bouncycastle/asn1/DERT61UTF8String.java index dd817989..784aaa9b 100644 --- a/bcprov/src/main/java/org/bouncycastle/asn1/DERT61UTF8String.java +++ b/bcprov/src/main/java/org/bouncycastle/asn1/DERT61UTF8String.java @@ -18,7 +18,9 @@ public class DERT61UTF8String /** * return a T61 string from the passed in object. UTF-8 Encoding is assumed in this case. * + * @param obj a DERT61UTF8String or an object that can be converted into one. * @throws IllegalArgumentException if the object cannot be converted. + * @return a DERT61UTF8String instance, or null */ public static DERT61UTF8String getInstance( Object obj) @@ -56,6 +58,7 @@ public class DERT61UTF8String * tagged false otherwise. * @throws IllegalArgumentException if the tagged object cannot * be converted. + * @return a DERT61UTF8String instance, or null */ public static DERT61UTF8String getInstance( ASN1TaggedObject obj, diff --git a/bcprov/src/main/java/org/bouncycastle/asn1/DERUTCTime.java b/bcprov/src/main/java/org/bouncycastle/asn1/DERUTCTime.java index c5bd536f..18e17b12 100644 --- a/bcprov/src/main/java/org/bouncycastle/asn1/DERUTCTime.java +++ b/bcprov/src/main/java/org/bouncycastle/asn1/DERUTCTime.java @@ -1,278 +1,27 @@ package org.bouncycastle.asn1; -import java.io.IOException; -import java.text.ParseException; -import java.text.SimpleDateFormat; import java.util.Date; -import java.util.SimpleTimeZone; - -import org.bouncycastle.util.Arrays; -import org.bouncycastle.util.Strings; /** - * UTC time object. + * DER UTC time object. */ public class DERUTCTime - extends ASN1Primitive + extends ASN1UTCTime { - private byte[] time; - - /** - * return an UTC Time from the passed in object. - * - * @exception IllegalArgumentException if the object cannot be converted. - */ - public static ASN1UTCTime getInstance( - Object obj) - { - if (obj == null || obj instanceof ASN1UTCTime) - { - return (ASN1UTCTime)obj; - } - - if (obj instanceof DERUTCTime) - { - return new ASN1UTCTime(((DERUTCTime)obj).time); - } - - if (obj instanceof byte[]) - { - try - { - return (ASN1UTCTime)fromByteArray((byte[])obj); - } - catch (Exception e) - { - throw new IllegalArgumentException("encoding error in getInstance: " + e.toString()); - } - } - - throw new IllegalArgumentException("illegal object in getInstance: " + obj.getClass().getName()); - } - - /** - * return an UTC Time from a tagged object. - * - * @param obj the tagged object holding the object we want - * @param explicit true if the object is meant to be explicitly - * tagged false otherwise. - * @exception IllegalArgumentException if the tagged object cannot - * be converted. - */ - public static ASN1UTCTime getInstance( - ASN1TaggedObject obj, - boolean explicit) - { - ASN1Object o = obj.getObject(); - - if (explicit || o instanceof ASN1UTCTime) - { - return getInstance(o); - } - else - { - return new ASN1UTCTime(((ASN1OctetString)o).getOctets()); - } - } - - /** - * The correct format for this is YYMMDDHHMMSSZ (it used to be that seconds were - * never encoded. When you're creating one of these objects from scratch, that's - * what you want to use, otherwise we'll try to deal with whatever gets read from - * the input stream... (this is why the input format is different from the getTime() - * method output). - * <p> - * - * @param time the time string. - */ - public DERUTCTime( - String time) - { - this.time = Strings.toByteArray(time); - try - { - this.getDate(); - } - catch (ParseException e) - { - throw new IllegalArgumentException("invalid date string: " + e.getMessage()); - } - } - - /** - * base constructer from a java.util.date object - */ - public DERUTCTime( - Date time) - { - SimpleDateFormat dateF = new SimpleDateFormat("yyMMddHHmmss'Z'"); - - dateF.setTimeZone(new SimpleTimeZone(0,"Z")); - - this.time = Strings.toByteArray(dateF.format(time)); - } - - DERUTCTime( - byte[] time) - { - this.time = time; - } - - /** - * return the time as a date based on whatever a 2 digit year will return. For - * standardised processing use getAdjustedDate(). - * - * @return the resulting date - * @exception ParseException if the date string cannot be parsed. - */ - public Date getDate() - throws ParseException - { - SimpleDateFormat dateF = new SimpleDateFormat("yyMMddHHmmssz"); - - return dateF.parse(getTime()); - } - - /** - * return the time as an adjusted date - * in the range of 1950 - 2049. - * - * @return a date in the range of 1950 to 2049. - * @exception ParseException if the date string cannot be parsed. - */ - public Date getAdjustedDate() - throws ParseException + DERUTCTime(byte[] bytes) { - SimpleDateFormat dateF = new SimpleDateFormat("yyyyMMddHHmmssz"); - - dateF.setTimeZone(new SimpleTimeZone(0, "Z")); - - return dateF.parse(getAdjustedTime()); - } - - /** - * return the time - always in the form of - * YYMMDDhhmmssGMT(+hh:mm|-hh:mm). - * <p> - * Normally in a certificate we would expect "Z" rather than "GMT", - * however adding the "GMT" means we can just use: - * <pre> - * dateF = new SimpleDateFormat("yyMMddHHmmssz"); - * </pre> - * To read in the time and get a date which is compatible with our local - * time zone. - * <p> - * <b>Note:</b> In some cases, due to the local date processing, this - * may lead to unexpected results. If you want to stick the normal - * convention of 1950 to 2049 use the getAdjustedTime() method. - */ - public String getTime() - { - String stime = Strings.fromByteArray(time); - - // - // standardise the format. - // - if (stime.indexOf('-') < 0 && stime.indexOf('+') < 0) - { - if (stime.length() == 11) - { - return stime.substring(0, 10) + "00GMT+00:00"; - } - else - { - return stime.substring(0, 12) + "GMT+00:00"; - } - } - else - { - int index = stime.indexOf('-'); - if (index < 0) - { - index = stime.indexOf('+'); - } - String d = stime; - - if (index == stime.length() - 3) - { - d += "00"; - } - - if (index == 10) - { - return d.substring(0, 10) + "00GMT" + d.substring(10, 13) + ":" + d.substring(13, 15); - } - else - { - return d.substring(0, 12) + "GMT" + d.substring(12, 15) + ":" + d.substring(15, 17); - } - } - } - - /** - * return a time string as an adjusted date with a 4 digit year. This goes - * in the range of 1950 - 2049. - */ - public String getAdjustedTime() - { - String d = this.getTime(); - - if (d.charAt(0) < '5') - { - return "20" + d; - } - else - { - return "19" + d; - } - } - - boolean isConstructed() - { - return false; + super(bytes); } - int encodedLength() + public DERUTCTime(Date time) { - int length = time.length; - - return 1 + StreamUtil.calculateBodyLength(length) + length; + super(time); } - void encode( - ASN1OutputStream out) - throws IOException + public DERUTCTime(String time) { - out.write(BERTags.UTC_TIME); - - int length = time.length; - - out.writeLength(length); - - for (int i = 0; i != length; i++) - { - out.write((byte)time[i]); - } + super(time); } - - boolean asn1Equals( - ASN1Primitive o) - { - if (!(o instanceof DERUTCTime)) - { - return false; - } - return Arrays.areEqual(time, ((DERUTCTime)o).time); - } - - public int hashCode() - { - return Arrays.hashCode(time); - } - - public String toString() - { - return Strings.fromByteArray(time); - } + // TODO: create proper DER encoding. } diff --git a/bcprov/src/main/java/org/bouncycastle/asn1/DERUTF8String.java b/bcprov/src/main/java/org/bouncycastle/asn1/DERUTF8String.java index fa34b22a..f54d1dbb 100644 --- a/bcprov/src/main/java/org/bouncycastle/asn1/DERUTF8String.java +++ b/bcprov/src/main/java/org/bouncycastle/asn1/DERUTF8String.java @@ -15,10 +15,12 @@ public class DERUTF8String private byte[] string; /** - * return an UTF8 string from the passed in object. - * + * Return an UTF8 string from the passed in object. + * + * @param obj a DERUTF8String or an object that can be converted into one. * @exception IllegalArgumentException * if the object cannot be converted. + * @return a DERUTF8String instance, or null */ public static DERUTF8String getInstance(Object obj) { @@ -44,7 +46,7 @@ public class DERUTF8String } /** - * return an UTF8 String from a tagged object. + * Return an UTF8 String from a tagged object. * * @param obj * the tagged object holding the object we want @@ -53,6 +55,7 @@ public class DERUTF8String * otherwise. * @exception IllegalArgumentException * if the tagged object cannot be converted. + * @return a DERUTF8String instance, or null */ public static DERUTF8String getInstance( ASN1TaggedObject obj, @@ -71,7 +74,7 @@ public class DERUTF8String } /** - * basic constructor - byte encoded string. + * Basic constructor - byte encoded string. */ DERUTF8String(byte[] string) { @@ -79,7 +82,7 @@ public class DERUTF8String } /** - * basic constructor + * Basic constructor */ public DERUTF8String(String string) { diff --git a/bcprov/src/main/java/org/bouncycastle/asn1/DERUniversalString.java b/bcprov/src/main/java/org/bouncycastle/asn1/DERUniversalString.java index 51b07993..0d447df7 100644 --- a/bcprov/src/main/java/org/bouncycastle/asn1/DERUniversalString.java +++ b/bcprov/src/main/java/org/bouncycastle/asn1/DERUniversalString.java @@ -18,7 +18,9 @@ public class DERUniversalString /** * return a Universal String from the passed in object. * + * @param obj a DERUniversalString or an object that can be converted into one. * @exception IllegalArgumentException if the object cannot be converted. + * @return a DERUniversalString instance, or null */ public static DERUniversalString getInstance( Object obj) @@ -51,6 +53,7 @@ public class DERUniversalString * tagged false otherwise. * @exception IllegalArgumentException if the tagged object cannot * be converted. + * @return a DERUniversalString instance, or null */ public static DERUniversalString getInstance( ASN1TaggedObject obj, diff --git a/bcprov/src/main/java/org/bouncycastle/asn1/DERVisibleString.java b/bcprov/src/main/java/org/bouncycastle/asn1/DERVisibleString.java index 18e7d73b..6eb282cc 100644 --- a/bcprov/src/main/java/org/bouncycastle/asn1/DERVisibleString.java +++ b/bcprov/src/main/java/org/bouncycastle/asn1/DERVisibleString.java @@ -6,7 +6,10 @@ import org.bouncycastle.util.Arrays; import org.bouncycastle.util.Strings; /** - * DER VisibleString object. + * DER VisibleString object encoding ISO 646 (ASCII) character code points 32 to 126. + * <p> + * Explicit character set escape sequences are not allowed. + * </p> */ public class DERVisibleString extends ASN1Primitive @@ -15,9 +18,11 @@ public class DERVisibleString private byte[] string; /** - * return a Visible String from the passed in object. + * Return a Visible String from the passed in object. * + * @param obj a DERVisibleString or an object that can be converted into one. * @exception IllegalArgumentException if the object cannot be converted. + * @return a DERVisibleString instance, or null */ public static DERVisibleString getInstance( Object obj) @@ -43,13 +48,14 @@ public class DERVisibleString } /** - * return a Visible String from a tagged object. + * Return a Visible String from a tagged object. * * @param obj the tagged object holding the object we want * @param explicit true if the object is meant to be explicitly * tagged false otherwise. * @exception IllegalArgumentException if the tagged object cannot * be converted. + * @return a DERVisibleString instance, or null */ public static DERVisibleString getInstance( ASN1TaggedObject obj, @@ -68,7 +74,7 @@ public class DERVisibleString } /** - * basic constructor - byte encoded string. + * Basic constructor - byte encoded string. */ DERVisibleString( byte[] string) @@ -77,7 +83,7 @@ public class DERVisibleString } /** - * basic constructor + * Basic constructor */ public DERVisibleString( String string) diff --git a/bcprov/src/main/java/org/bouncycastle/asn1/DLSet.java b/bcprov/src/main/java/org/bouncycastle/asn1/DLSet.java index 91e83faf..e3042c25 100644 --- a/bcprov/src/main/java/org/bouncycastle/asn1/DLSet.java +++ b/bcprov/src/main/java/org/bouncycastle/asn1/DLSet.java @@ -11,13 +11,13 @@ import java.util.Enumeration; * <h3>8: Basic encoding rules</h3> * <h4>8.11 Encoding of a set value </h4> * <b>8.11.1</b> The encoding of a set value shall be constructed - * <p/> + * <p> * <b>8.11.2</b> The contents octets shall consist of the complete * encoding of a data value from each of the types listed in the * ASN.1 definition of the set type, in an order chosen by the sender, * unless the type was referenced with the keyword * <b>OPTIONAL</b> or the keyword <b>DEFAULT</b>. - * <p/> + * <p> * <b>8.11.3</b> The encoding of a data value may, but need not, * be present for a type which was referenced with the keyword * <b>OPTIONAL</b> or the keyword <b>DEFAULT</b>. diff --git a/bcprov/src/main/java/org/bouncycastle/asn1/InMemoryRepresentable.java b/bcprov/src/main/java/org/bouncycastle/asn1/InMemoryRepresentable.java index a4b1492c..9374ab76 100644 --- a/bcprov/src/main/java/org/bouncycastle/asn1/InMemoryRepresentable.java +++ b/bcprov/src/main/java/org/bouncycastle/asn1/InMemoryRepresentable.java @@ -2,8 +2,15 @@ package org.bouncycastle.asn1; import java.io.IOException; +/** + * Interface implemented by objects that can be converted from streaming to in-memory objects. + */ public interface InMemoryRepresentable { + /** + * Get the in-memory representation of the ASN.1 object. + * @throws IOException for bad input data. + */ ASN1Primitive getLoadedObject() throws IOException; } diff --git a/bcprov/src/main/java/org/bouncycastle/asn1/bc/package.html b/bcprov/src/main/java/org/bouncycastle/asn1/bc/package.html new file mode 100644 index 00000000..a8beb00a --- /dev/null +++ b/bcprov/src/main/java/org/bouncycastle/asn1/bc/package.html @@ -0,0 +1,5 @@ +<html> +<body bgcolor="#ffffff"> +ASN.1 classes specific to the Bouncy Castle APIs. +</body> +</html> diff --git a/bcprov/src/main/java/org/bouncycastle/asn1/bsi/BSIObjectIdentifiers.java b/bcprov/src/main/java/org/bouncycastle/asn1/bsi/BSIObjectIdentifiers.java new file mode 100644 index 00000000..315f6c48 --- /dev/null +++ b/bcprov/src/main/java/org/bouncycastle/asn1/bsi/BSIObjectIdentifiers.java @@ -0,0 +1,35 @@ +package org.bouncycastle.asn1.bsi; + +import org.bouncycastle.asn1.ASN1ObjectIdentifier; + +/** + * See https://www.bsi.bund.de/cae/servlet/contentblob/471398/publicationFile/30615/BSI-TR-03111_pdf.pdf + */ +public interface BSIObjectIdentifiers +{ + static final ASN1ObjectIdentifier bsi_de = new ASN1ObjectIdentifier("0.4.0.127.0.7"); + + /* 0.4.0.127.0.7.1.1 */ + static final ASN1ObjectIdentifier id_ecc = bsi_de.branch("1.1"); + + /* 0.4.0.127.0.7.1.1.4.1 */ + static final ASN1ObjectIdentifier ecdsa_plain_signatures = id_ecc.branch("4.1"); + + /* 0.4.0.127.0.7.1.1.4.1.1 */ + static final ASN1ObjectIdentifier ecdsa_plain_SHA1 = ecdsa_plain_signatures.branch("1"); + + /* 0.4.0.127.0.7.1.1.4.1.2 */ + static final ASN1ObjectIdentifier ecdsa_plain_SHA224 = ecdsa_plain_signatures.branch("2"); + + /* 0.4.0.127.0.7.1.1.4.1.3 */ + static final ASN1ObjectIdentifier ecdsa_plain_SHA256 = ecdsa_plain_signatures.branch("3"); + + /* 0.4.0.127.0.7.1.1.4.1.4 */ + static final ASN1ObjectIdentifier ecdsa_plain_SHA384 = ecdsa_plain_signatures.branch("4"); + + /* 0.4.0.127.0.7.1.1.4.1.5 */ + static final ASN1ObjectIdentifier ecdsa_plain_SHA512 = ecdsa_plain_signatures.branch("5"); + + /* 0.4.0.127.0.7.1.1.4.1.6 */ + static final ASN1ObjectIdentifier ecdsa_plain_RIPEMD160 = ecdsa_plain_signatures.branch("6"); +} diff --git a/bcprov/src/main/java/org/bouncycastle/asn1/bsi/package.html b/bcprov/src/main/java/org/bouncycastle/asn1/bsi/package.html new file mode 100644 index 00000000..be9bd80b --- /dev/null +++ b/bcprov/src/main/java/org/bouncycastle/asn1/bsi/package.html @@ -0,0 +1,5 @@ +<html> +<body bgcolor="#ffffff"> +ASN.1 classes specific to the Bundesamt für Sicherheit in der Informationstechnik (BSI) standards. +</body> +</html> diff --git a/bcprov/src/main/java/org/bouncycastle/asn1/cmp/CMPCertificate.java b/bcprov/src/main/java/org/bouncycastle/asn1/cmp/CMPCertificate.java index 243aacb9..782c8c22 100644 --- a/bcprov/src/main/java/org/bouncycastle/asn1/cmp/CMPCertificate.java +++ b/bcprov/src/main/java/org/bouncycastle/asn1/cmp/CMPCertificate.java @@ -1,5 +1,7 @@ package org.bouncycastle.asn1.cmp; +import java.io.IOException; + import org.bouncycastle.asn1.ASN1Choice; import org.bouncycastle.asn1.ASN1Object; import org.bouncycastle.asn1.ASN1Primitive; @@ -14,14 +16,31 @@ public class CMPCertificate implements ASN1Choice { private Certificate x509v3PKCert; - private AttributeCertificate x509v2AttrCert; + + private int otherTagValue; + private ASN1Object otherCert; /** - * Note: the addition of attribute certificates is a BC extension. + * Note: the addition of attribute certificates is a BC extension. If you use this constructor they + * will be added with a tag value of 1. + * @deprecated use (type. otherCert) constructor */ public CMPCertificate(AttributeCertificate x509v2AttrCert) { - this.x509v2AttrCert = x509v2AttrCert; + this(1, x509v2AttrCert); + } + + /** + * Note: the addition of other certificates is a BC extension. If you use this constructor they + * will be added with an explicit tag value of type. + * + * @param type the type of the certificate (used as a tag value). + * @param otherCert the object representing the certificate + */ + public CMPCertificate(int type, ASN1Object otherCert) + { + this.otherTagValue = type; + this.otherCert = otherCert; } public CMPCertificate(Certificate x509v3PKCert) @@ -41,14 +60,28 @@ public class CMPCertificate return (CMPCertificate)o; } - if (o instanceof ASN1Sequence || o instanceof byte[]) + if (o instanceof byte[]) + { + try + { + o = ASN1Primitive.fromByteArray((byte[])o); + } + catch (IOException e) + { + throw new IllegalArgumentException("Invalid encoding in CMPCertificate"); + } + } + + if (o instanceof ASN1Sequence) { return new CMPCertificate(Certificate.getInstance(o)); } if (o instanceof ASN1TaggedObject) { - return new CMPCertificate(AttributeCertificate.getInstance(((ASN1TaggedObject)o).getObject())); + ASN1TaggedObject taggedObject = (ASN1TaggedObject)o; + + return new CMPCertificate(taggedObject.getTagNo(), taggedObject.getObject()); } throw new IllegalArgumentException("Invalid object: " + o.getClass().getName()); @@ -64,27 +97,43 @@ public class CMPCertificate return x509v3PKCert; } + /** + * Return an AttributeCertificate interpretation of otherCert. + * @deprecated use getOtherCert and getOtherTag to make sure message is really what it should be. + * + * @return an AttributeCertificate + */ public AttributeCertificate getX509v2AttrCert() { - return x509v2AttrCert; + return AttributeCertificate.getInstance(otherCert); + } + + public int getOtherCertTag() + { + return otherTagValue; + } + + public ASN1Object getOtherCert() + { + return otherCert; } /** * <pre> * CMPCertificate ::= CHOICE { - * x509v3PKCert Certificate - * x509v2AttrCert [1] AttributeCertificate + * x509v3PKCert Certificate + * otherCert [tag] EXPLICIT ANY DEFINED BY tag * } * </pre> - * Note: the addition of attribute certificates is a BC extension. + * Note: the addition of the explicit tagging is a BC extension. We apologise for the warped syntax, but hopefully you get the idea. * * @return a basic ASN.1 object representation. */ public ASN1Primitive toASN1Primitive() { - if (x509v2AttrCert != null) + if (otherCert != null) { // explicit following CMP conventions - return new DERTaggedObject(true, 1, x509v2AttrCert); + return new DERTaggedObject(true, otherTagValue, otherCert); } return x509v3PKCert.toASN1Primitive(); diff --git a/bcprov/src/main/java/org/bouncycastle/asn1/cmp/PKIHeader.java b/bcprov/src/main/java/org/bouncycastle/asn1/cmp/PKIHeader.java index afab1920..82f1b087 100644 --- a/bcprov/src/main/java/org/bouncycastle/asn1/cmp/PKIHeader.java +++ b/bcprov/src/main/java/org/bouncycastle/asn1/cmp/PKIHeader.java @@ -4,13 +4,13 @@ import java.util.Enumeration; import org.bouncycastle.asn1.ASN1Encodable; import org.bouncycastle.asn1.ASN1EncodableVector; +import org.bouncycastle.asn1.ASN1GeneralizedTime; import org.bouncycastle.asn1.ASN1Integer; import org.bouncycastle.asn1.ASN1Object; import org.bouncycastle.asn1.ASN1OctetString; import org.bouncycastle.asn1.ASN1Primitive; import org.bouncycastle.asn1.ASN1Sequence; import org.bouncycastle.asn1.ASN1TaggedObject; -import org.bouncycastle.asn1.DERGeneralizedTime; import org.bouncycastle.asn1.DERSequence; import org.bouncycastle.asn1.DERTaggedObject; import org.bouncycastle.asn1.x500.X500Name; @@ -31,7 +31,7 @@ public class PKIHeader private ASN1Integer pvno; private GeneralName sender; private GeneralName recipient; - private DERGeneralizedTime messageTime; + private ASN1GeneralizedTime messageTime; private AlgorithmIdentifier protectionAlg; private ASN1OctetString senderKID; // KeyIdentifier private ASN1OctetString recipKID; // KeyIdentifier @@ -56,7 +56,7 @@ public class PKIHeader switch (tObj.getTagNo()) { case 0: - messageTime = DERGeneralizedTime.getInstance(tObj, true); + messageTime = ASN1GeneralizedTime.getInstance(tObj, true); break; case 1: protectionAlg = AlgorithmIdentifier.getInstance(tObj, true); @@ -136,7 +136,7 @@ public class PKIHeader return recipient; } - public DERGeneralizedTime getMessageTime() + public ASN1GeneralizedTime getMessageTime() { return messageTime; } diff --git a/bcprov/src/main/java/org/bouncycastle/asn1/cmp/PKIHeaderBuilder.java b/bcprov/src/main/java/org/bouncycastle/asn1/cmp/PKIHeaderBuilder.java index 76d6bab3..c5465a97 100644 --- a/bcprov/src/main/java/org/bouncycastle/asn1/cmp/PKIHeaderBuilder.java +++ b/bcprov/src/main/java/org/bouncycastle/asn1/cmp/PKIHeaderBuilder.java @@ -6,7 +6,6 @@ import org.bouncycastle.asn1.ASN1GeneralizedTime; import org.bouncycastle.asn1.ASN1Integer; import org.bouncycastle.asn1.ASN1OctetString; import org.bouncycastle.asn1.ASN1Sequence; -import org.bouncycastle.asn1.DERGeneralizedTime; import org.bouncycastle.asn1.DEROctetString; import org.bouncycastle.asn1.DERSequence; import org.bouncycastle.asn1.DERTaggedObject; @@ -46,16 +45,6 @@ public class PKIHeaderBuilder this.recipient = recipient; } - /** - * @deprecated use ASN1GeneralizedTime - */ - public PKIHeaderBuilder setMessageTime(DERGeneralizedTime time) - { - messageTime = ASN1GeneralizedTime.getInstance(time); - - return this; - } - public PKIHeaderBuilder setMessageTime(ASN1GeneralizedTime time) { messageTime = time; diff --git a/bcprov/src/main/java/org/bouncycastle/asn1/cmp/package.html b/bcprov/src/main/java/org/bouncycastle/asn1/cmp/package.html new file mode 100644 index 00000000..d5ce6b95 --- /dev/null +++ b/bcprov/src/main/java/org/bouncycastle/asn1/cmp/package.html @@ -0,0 +1,5 @@ +<html> +<body bgcolor="#ffffff"> +Support classes useful for encoding and supporting PKIX-CMP as described RFC 4210. +</body> +</html> diff --git a/bcprov/src/main/java/org/bouncycastle/asn1/cms/Attribute.java b/bcprov/src/main/java/org/bouncycastle/asn1/cms/Attribute.java index 066cf693..8c487433 100644 --- a/bcprov/src/main/java/org/bouncycastle/asn1/cms/Attribute.java +++ b/bcprov/src/main/java/org/bouncycastle/asn1/cms/Attribute.java @@ -7,7 +7,6 @@ import org.bouncycastle.asn1.ASN1ObjectIdentifier; import org.bouncycastle.asn1.ASN1Primitive; import org.bouncycastle.asn1.ASN1Sequence; import org.bouncycastle.asn1.ASN1Set; -import org.bouncycastle.asn1.DERObjectIdentifier; import org.bouncycastle.asn1.DERSequence; /** @@ -73,17 +72,6 @@ public class Attribute attrValues = (ASN1Set)seq.getObjectAt(1); } - /** - * @deprecated use ASN1ObjectIdentifier - */ - public Attribute( - DERObjectIdentifier attrType, - ASN1Set attrValues) - { - this.attrType = new ASN1ObjectIdentifier(attrType.getId()); - this.attrValues = attrValues; - } - public Attribute( ASN1ObjectIdentifier attrType, ASN1Set attrValues) diff --git a/bcprov/src/main/java/org/bouncycastle/asn1/cms/AttributeTable.java b/bcprov/src/main/java/org/bouncycastle/asn1/cms/AttributeTable.java index 02b6cc1e..3b8e0bed 100644 --- a/bcprov/src/main/java/org/bouncycastle/asn1/cms/AttributeTable.java +++ b/bcprov/src/main/java/org/bouncycastle/asn1/cms/AttributeTable.java @@ -8,7 +8,6 @@ import org.bouncycastle.asn1.ASN1Encodable; import org.bouncycastle.asn1.ASN1EncodableVector; import org.bouncycastle.asn1.ASN1ObjectIdentifier; import org.bouncycastle.asn1.ASN1Set; -import org.bouncycastle.asn1.DERObjectIdentifier; import org.bouncycastle.asn1.DERSet; /** @@ -91,14 +90,6 @@ public class AttributeTable } /** - * @deprecated use ASN1ObjectIdentifier - */ - public Attribute get(DERObjectIdentifier oid) - { - return get(new ASN1ObjectIdentifier(oid.getId())); - } - - /** * Return the first attribute matching the OBJECT IDENTIFIER oid. * * @param oid type of attribute required. @@ -117,14 +108,6 @@ public class AttributeTable return (Attribute)value; } - /** - * @deprecated use ASN1ObjectIdentifier - */ - public ASN1EncodableVector getAll(DERObjectIdentifier oid) - { - return getAll(new ASN1ObjectIdentifier(oid.getId())); - } - /** * Return all the attributes matching the OBJECT IDENTIFIER oid. The vector will be * empty if there are no attributes of the required type present. diff --git a/bcprov/src/main/java/org/bouncycastle/asn1/cms/EncryptedData.java b/bcprov/src/main/java/org/bouncycastle/asn1/cms/EncryptedData.java index 2c839581..080abfce 100644 --- a/bcprov/src/main/java/org/bouncycastle/asn1/cms/EncryptedData.java +++ b/bcprov/src/main/java/org/bouncycastle/asn1/cms/EncryptedData.java @@ -6,6 +6,7 @@ import org.bouncycastle.asn1.ASN1Object; import org.bouncycastle.asn1.ASN1Primitive; import org.bouncycastle.asn1.ASN1Sequence; import org.bouncycastle.asn1.ASN1Set; +import org.bouncycastle.asn1.ASN1TaggedObject; import org.bouncycastle.asn1.BERSequence; import org.bouncycastle.asn1.BERTaggedObject; @@ -73,7 +74,7 @@ public class EncryptedData if (seq.size() == 3) { - this.unprotectedAttrs = ASN1Set.getInstance(seq.getObjectAt(2)); + this.unprotectedAttrs = ASN1Set.getInstance((ASN1TaggedObject)seq.getObjectAt(2), false); } } diff --git a/bcprov/src/main/java/org/bouncycastle/asn1/cms/RecipientKeyIdentifier.java b/bcprov/src/main/java/org/bouncycastle/asn1/cms/RecipientKeyIdentifier.java index f0eae592..a680e4aa 100644 --- a/bcprov/src/main/java/org/bouncycastle/asn1/cms/RecipientKeyIdentifier.java +++ b/bcprov/src/main/java/org/bouncycastle/asn1/cms/RecipientKeyIdentifier.java @@ -1,12 +1,12 @@ package org.bouncycastle.asn1.cms; import org.bouncycastle.asn1.ASN1EncodableVector; +import org.bouncycastle.asn1.ASN1GeneralizedTime; import org.bouncycastle.asn1.ASN1Object; import org.bouncycastle.asn1.ASN1OctetString; import org.bouncycastle.asn1.ASN1Primitive; import org.bouncycastle.asn1.ASN1Sequence; import org.bouncycastle.asn1.ASN1TaggedObject; -import org.bouncycastle.asn1.DERGeneralizedTime; import org.bouncycastle.asn1.DEROctetString; import org.bouncycastle.asn1.DERSequence; @@ -28,12 +28,12 @@ public class RecipientKeyIdentifier extends ASN1Object { private ASN1OctetString subjectKeyIdentifier; - private DERGeneralizedTime date; + private ASN1GeneralizedTime date; private OtherKeyAttribute other; public RecipientKeyIdentifier( ASN1OctetString subjectKeyIdentifier, - DERGeneralizedTime date, + ASN1GeneralizedTime date, OtherKeyAttribute other) { this.subjectKeyIdentifier = subjectKeyIdentifier; @@ -43,7 +43,7 @@ public class RecipientKeyIdentifier public RecipientKeyIdentifier( byte[] subjectKeyIdentifier, - DERGeneralizedTime date, + ASN1GeneralizedTime date, OtherKeyAttribute other) { this.subjectKeyIdentifier = new DEROctetString(subjectKeyIdentifier); @@ -71,9 +71,9 @@ public class RecipientKeyIdentifier case 1: break; case 2: - if (seq.getObjectAt(1) instanceof DERGeneralizedTime) + if (seq.getObjectAt(1) instanceof ASN1GeneralizedTime) { - date = (DERGeneralizedTime)seq.getObjectAt(1); + date = ASN1GeneralizedTime.getInstance(seq.getObjectAt(1)); } else { @@ -81,7 +81,7 @@ public class RecipientKeyIdentifier } break; case 3: - date = (DERGeneralizedTime)seq.getObjectAt(1); + date = ASN1GeneralizedTime.getInstance(seq.getObjectAt(1)); other = OtherKeyAttribute.getInstance(seq.getObjectAt(2)); break; default: @@ -136,7 +136,7 @@ public class RecipientKeyIdentifier return subjectKeyIdentifier; } - public DERGeneralizedTime getDate() + public ASN1GeneralizedTime getDate() { return date; } diff --git a/bcprov/src/main/java/org/bouncycastle/asn1/cms/Time.java b/bcprov/src/main/java/org/bouncycastle/asn1/cms/Time.java index 977fce64..84f12a9c 100644 --- a/bcprov/src/main/java/org/bouncycastle/asn1/cms/Time.java +++ b/bcprov/src/main/java/org/bouncycastle/asn1/cms/Time.java @@ -3,12 +3,15 @@ package org.bouncycastle.asn1.cms; import java.text.ParseException; import java.text.SimpleDateFormat; import java.util.Date; +import java.util.Locale; import java.util.SimpleTimeZone; import org.bouncycastle.asn1.ASN1Choice; +import org.bouncycastle.asn1.ASN1GeneralizedTime; import org.bouncycastle.asn1.ASN1Object; import org.bouncycastle.asn1.ASN1Primitive; import org.bouncycastle.asn1.ASN1TaggedObject; +import org.bouncycastle.asn1.ASN1UTCTime; import org.bouncycastle.asn1.DERGeneralizedTime; import org.bouncycastle.asn1.DERUTCTime; @@ -47,8 +50,8 @@ public class Time public Time( ASN1Primitive time) { - if (!(time instanceof DERUTCTime) - && !(time instanceof DERGeneralizedTime)) + if (!(time instanceof ASN1UTCTime) + && !(time instanceof ASN1GeneralizedTime)) { throw new IllegalArgumentException("unknown object passed to Time"); } @@ -57,28 +60,61 @@ public class Time } /** - * Create a time object from a given date - if the year is in between 1950 + * Creates a time object from a given date - if the date is between 1950 * and 2049 a UTCTime object is generated, otherwise a GeneralizedTime * is used. + * + * @param time a date object representing the time of interest. */ public Time( - Date date) + Date time) { SimpleTimeZone tz = new SimpleTimeZone(0, "Z"); SimpleDateFormat dateF = new SimpleDateFormat("yyyyMMddHHmmss"); dateF.setTimeZone(tz); - String d = dateF.format(date) + "Z"; + String d = dateF.format(time) + "Z"; + int year = Integer.parseInt(d.substring(0, 4)); + + if (year < 1950 || year > 2049) + { + this.time = new DERGeneralizedTime(d); + } + else + { + this.time = new DERUTCTime(d.substring(2)); + } + } + + /** + * Creates a time object from a given date and locale - if the date is between 1950 + * and 2049 a UTCTime object is generated, otherwise a GeneralizedTime + * is used. You may need to use this constructor if the default locale + * doesn't use a Gregorian calender so that the GeneralizedTime produced is compatible with other ASN.1 implementations. + * + * @param time a date object representing the time of interest. + * @param locale an appropriate Locale for producing an ASN.1 GeneralizedTime value. + */ + public Time( + Date time, + Locale locale) + { + SimpleTimeZone tz = new SimpleTimeZone(0, "Z"); + SimpleDateFormat dateF = new SimpleDateFormat("yyyyMMddHHmmss", locale); + + dateF.setTimeZone(tz); + + String d = dateF.format(time) + "Z"; int year = Integer.parseInt(d.substring(0, 4)); if (year < 1950 || year > 2049) { - time = new DERGeneralizedTime(d); + this.time = new DERGeneralizedTime(d); } else { - time = new DERUTCTime(d.substring(2)); + this.time = new DERUTCTime(d.substring(2)); } } @@ -103,13 +139,13 @@ public class Time { return (Time)obj; } - else if (obj instanceof DERUTCTime) + else if (obj instanceof ASN1UTCTime) { - return new Time((DERUTCTime)obj); + return new Time((ASN1UTCTime)obj); } - else if (obj instanceof DERGeneralizedTime) + else if (obj instanceof ASN1GeneralizedTime) { - return new Time((DERGeneralizedTime)obj); + return new Time((ASN1GeneralizedTime)obj); } throw new IllegalArgumentException("unknown object in factory: " + obj.getClass().getName()); @@ -120,13 +156,13 @@ public class Time */ public String getTime() { - if (time instanceof DERUTCTime) + if (time instanceof ASN1UTCTime) { - return ((DERUTCTime)time).getAdjustedTime(); + return ((ASN1UTCTime)time).getAdjustedTime(); } else { - return ((DERGeneralizedTime)time).getTime(); + return ((ASN1GeneralizedTime)time).getTime(); } } @@ -137,13 +173,13 @@ public class Time { try { - if (time instanceof DERUTCTime) + if (time instanceof ASN1UTCTime) { - return ((DERUTCTime)time).getAdjustedDate(); + return ((ASN1UTCTime)time).getAdjustedDate(); } else { - return ((DERGeneralizedTime)time).getDate(); + return ((ASN1GeneralizedTime)time).getDate(); } } catch (ParseException e) diff --git a/bcprov/src/main/java/org/bouncycastle/asn1/cms/ecc/package.html b/bcprov/src/main/java/org/bouncycastle/asn1/cms/ecc/package.html new file mode 100644 index 00000000..9d330250 --- /dev/null +++ b/bcprov/src/main/java/org/bouncycastle/asn1/cms/ecc/package.html @@ -0,0 +1,5 @@ +<html> +<body bgcolor="#ffffff"> +Support classes for CMS ECC - RFC 5753/3278. +</body> +</html> diff --git a/bcprov/src/main/java/org/bouncycastle/asn1/cms/package.html b/bcprov/src/main/java/org/bouncycastle/asn1/cms/package.html new file mode 100644 index 00000000..c165a7a6 --- /dev/null +++ b/bcprov/src/main/java/org/bouncycastle/asn1/cms/package.html @@ -0,0 +1,5 @@ +<html> +<body bgcolor="#ffffff"> +Support classes useful for encoding and supporting Cryptographic Message Syntax as described in PKCS#7 and RFC 3369 (formerly RFC 2630). +</body> +</html> diff --git a/bcprov/src/main/java/org/bouncycastle/asn1/crmf/package.html b/bcprov/src/main/java/org/bouncycastle/asn1/crmf/package.html new file mode 100644 index 00000000..c8049240 --- /dev/null +++ b/bcprov/src/main/java/org/bouncycastle/asn1/crmf/package.html @@ -0,0 +1,5 @@ +<html> +<body bgcolor="#ffffff"> +Support classes useful for encoding and supporting PKIX-CRMF as described RFC 4211. +</body> +</html> diff --git a/bcprov/src/main/java/org/bouncycastle/asn1/cryptopro/ECGOST3410NamedCurves.java b/bcprov/src/main/java/org/bouncycastle/asn1/cryptopro/ECGOST3410NamedCurves.java index fb1d9e97..b0233da5 100644 --- a/bcprov/src/main/java/org/bouncycastle/asn1/cryptopro/ECGOST3410NamedCurves.java +++ b/bcprov/src/main/java/org/bouncycastle/asn1/cryptopro/ECGOST3410NamedCurves.java @@ -6,8 +6,8 @@ import java.util.Hashtable; import org.bouncycastle.asn1.ASN1ObjectIdentifier; import org.bouncycastle.crypto.params.ECDomainParameters; +import org.bouncycastle.math.ec.ECConstants; import org.bouncycastle.math.ec.ECCurve; -import org.bouncycastle.math.ec.ECPoint; /** * table of the available named parameters for GOST 3410-2001. @@ -26,7 +26,9 @@ public class ECGOST3410NamedCurves ECCurve.Fp curve = new ECCurve.Fp( mod_p, // p new BigInteger("115792089237316195423570985008687907853269984665640564039457584007913129639316"), // a - new BigInteger("166")); // b + new BigInteger("166"), // b + mod_q, + ECConstants.ONE); ECDomainParameters ecParams = new ECDomainParameters( curve, @@ -43,7 +45,9 @@ public class ECGOST3410NamedCurves curve = new ECCurve.Fp( mod_p, // p new BigInteger("115792089237316195423570985008687907853269984665640564039457584007913129639316"), - new BigInteger("166")); + new BigInteger("166"), + mod_q, + ECConstants.ONE); ecParams = new ECDomainParameters( curve, @@ -60,7 +64,9 @@ public class ECGOST3410NamedCurves curve = new ECCurve.Fp( mod_p, // p new BigInteger("57896044618658097711785492504343953926634992332820282019728792003956564823190"), // a - new BigInteger("28091019353058090096996979000309560759124368558014865957655842872397301267595")); // b + new BigInteger("28091019353058090096996979000309560759124368558014865957655842872397301267595"), // b + mod_q, + ECConstants.ONE); ecParams = new ECDomainParameters( curve, @@ -77,7 +83,9 @@ public class ECGOST3410NamedCurves curve = new ECCurve.Fp( mod_p, // p new BigInteger("70390085352083305199547718019018437841079516630045180471284346843705633502616"), - new BigInteger("32858")); + new BigInteger("32858"), + mod_q, + ECConstants.ONE); ecParams = new ECDomainParameters( curve, @@ -93,7 +101,9 @@ public class ECGOST3410NamedCurves curve = new ECCurve.Fp( mod_p, // p new BigInteger("70390085352083305199547718019018437841079516630045180471284346843705633502616"), // a - new BigInteger("32858")); // b + new BigInteger("32858"), // b + mod_q, + ECConstants.ONE); ecParams = new ECDomainParameters( curve, diff --git a/bcprov/src/main/java/org/bouncycastle/asn1/cryptopro/package.html b/bcprov/src/main/java/org/bouncycastle/asn1/cryptopro/package.html new file mode 100644 index 00000000..2b0af9e0 --- /dev/null +++ b/bcprov/src/main/java/org/bouncycastle/asn1/cryptopro/package.html @@ -0,0 +1,5 @@ +<html> +<body bgcolor="#ffffff"> +Support classes for CRYPTO-PRO related objects - such as GOST identifiers. +</body> +</html> diff --git a/bcprov/src/main/java/org/bouncycastle/asn1/dvcs/package.html b/bcprov/src/main/java/org/bouncycastle/asn1/dvcs/package.html new file mode 100644 index 00000000..a9419222 --- /dev/null +++ b/bcprov/src/main/java/org/bouncycastle/asn1/dvcs/package.html @@ -0,0 +1,5 @@ +<html> +<body bgcolor="#ffffff"> +Support classes useful for encoding and processing Data Validation and Certification Server (DVCS) protocols as described in RFC 3029. +</body> +</html> diff --git a/bcprov/src/main/java/org/bouncycastle/asn1/eac/CVCertificate.java b/bcprov/src/main/java/org/bouncycastle/asn1/eac/CVCertificate.java index 845925c7..7bbd7f15 100644 --- a/bcprov/src/main/java/org/bouncycastle/asn1/eac/CVCertificate.java +++ b/bcprov/src/main/java/org/bouncycastle/asn1/eac/CVCertificate.java @@ -15,7 +15,6 @@ import org.bouncycastle.asn1.DEROctetString; /** * an iso7816Certificate structure. - * <p/> * <pre> * Certificate ::= SEQUENCE { * CertificateBody Iso7816CertificateBody, @@ -85,7 +84,6 @@ public class CVCertificate * Create an iso7816Certificate structure from an ASN1InputStream. * * @param aIS the byte stream to parse. - * @return the Iso7816CertificateStructure represented by the byte stream. * @throws IOException if there is a problem parsing the data. */ public CVCertificate(ASN1InputStream aIS) @@ -129,7 +127,6 @@ public class CVCertificate * * @param body the Iso7816CertificateBody object containing the body. * @param signature the byte array containing the signature - * @return the Iso7816CertificateStructure * @throws IOException if there is a problem parsing the data. */ public CVCertificate(CertificateBody body, byte[] signature) @@ -147,7 +144,6 @@ public class CVCertificate * * @param obj the Object to extract the certificate from. * @return the Iso7816CertificateStructure represented by the byte stream. - * @throws IOException if there is a problem parsing the data. */ public static CVCertificate getInstance(Object obj) { diff --git a/bcprov/src/main/java/org/bouncycastle/asn1/eac/CertificateBody.java b/bcprov/src/main/java/org/bouncycastle/asn1/eac/CertificateBody.java index 87d6554c..04c4d703 100644 --- a/bcprov/src/main/java/org/bouncycastle/asn1/eac/CertificateBody.java +++ b/bcprov/src/main/java/org/bouncycastle/asn1/eac/CertificateBody.java @@ -13,7 +13,6 @@ import org.bouncycastle.asn1.DEROctetString; /** * an Iso7816CertificateBody structure. - * <p/> * <pre> * CertificateBody ::= SEQUENCE { * // version of the certificate format. Must be 0 (version 1) @@ -128,7 +127,6 @@ public class CertificateBody * @param certificateHolderAuthorization * @param certificateEffectiveDate * @param certificateExpirationDate - * @throws IOException */ public CertificateBody( DERApplicationSpecific certificateProfileIdentifier, @@ -276,7 +274,6 @@ public class CertificateBody * create a "request" or "profile" type Iso7816CertificateBody according to the variables sets. * * @return return the ASN1Primitive representing the "request" or "profile" type certificate body. - * @throws IOException if the DERApplicationSpecific cannot be created or if data are missings to create a valid certificate. */ public ASN1Primitive toASN1Primitive() { diff --git a/bcprov/src/main/java/org/bouncycastle/asn1/eac/CertificateHolderAuthorization.java b/bcprov/src/main/java/org/bouncycastle/asn1/eac/CertificateHolderAuthorization.java index 93ae57f2..ba8486aa 100644 --- a/bcprov/src/main/java/org/bouncycastle/asn1/eac/CertificateHolderAuthorization.java +++ b/bcprov/src/main/java/org/bouncycastle/asn1/eac/CertificateHolderAuthorization.java @@ -13,7 +13,6 @@ import org.bouncycastle.util.Integers; /** * an Iso7816CertificateHolderAuthorization structure. - * <p/> * <pre> * Certificate Holder Authorization ::= SEQUENCE { * // specifies the format and the rules for the evaluation of the authorization diff --git a/bcprov/src/main/java/org/bouncycastle/asn1/eac/EACObjectIdentifiers.java b/bcprov/src/main/java/org/bouncycastle/asn1/eac/EACObjectIdentifiers.java index 77416dc2..805a5064 100644 --- a/bcprov/src/main/java/org/bouncycastle/asn1/eac/EACObjectIdentifiers.java +++ b/bcprov/src/main/java/org/bouncycastle/asn1/eac/EACObjectIdentifiers.java @@ -4,17 +4,17 @@ import org.bouncycastle.asn1.ASN1ObjectIdentifier; /** * German Federal Office for Information Security - * (Bundesamt für Sicherheit in der Informationstechnik) + * (Bundesamt für Sicherheit in der Informationstechnik) * <a href="http://www.bsi.bund.de/">http://www.bsi.bund.de/</a> * <p> * <a href="https://www.bsi.bund.de/EN/Publications/TechnicalGuidelines/TR03110/BSITR03110.html">BSI TR-03110</a> * Technical Guideline Advanced Security Mechanisms for Machine Readable Travel Documents * <p> - * <a href="https://www.bsi.bund.de/SharedDocs/Downloads/EN/BSI/Publications/TechGuidelines/TR03110/TR-03110_v2.1_P3pdf.pdf?__blob=publicationFile">Technical Guideline TR-03110-3</a> + * <a href="https://www.bsi.bund.de/SharedDocs/Downloads/EN/BSI/Publications/TechGuidelines/TR03110/TR-03110_v2.1_P3pdf.pdf"> + * Technical Guideline TR-03110-3</a> * Advanced Security Mechanisms for Machine Readable Travel Documents; * Part 3: Common Specifications. */ - public interface EACObjectIdentifiers { /** diff --git a/bcprov/src/main/java/org/bouncycastle/asn1/eac/ECDSAPublicKey.java b/bcprov/src/main/java/org/bouncycastle/asn1/eac/ECDSAPublicKey.java index 3dd22fc3..077807f2 100644 --- a/bcprov/src/main/java/org/bouncycastle/asn1/eac/ECDSAPublicKey.java +++ b/bcprov/src/main/java/org/bouncycastle/asn1/eac/ECDSAPublicKey.java @@ -15,7 +15,6 @@ import org.bouncycastle.asn1.DERTaggedObject; /** * an Iso7816ECDSAPublicKeyStructure structure. - * <p/> * <pre> * Certificate Holder Authorization ::= SEQUENCE { * ASN1TaggedObject primeModulusP; // OPTIONAL diff --git a/bcprov/src/main/java/org/bouncycastle/asn1/eac/PackedDate.java b/bcprov/src/main/java/org/bouncycastle/asn1/eac/PackedDate.java index 29b08812..e19c96f1 100644 --- a/bcprov/src/main/java/org/bouncycastle/asn1/eac/PackedDate.java +++ b/bcprov/src/main/java/org/bouncycastle/asn1/eac/PackedDate.java @@ -3,6 +3,7 @@ package org.bouncycastle.asn1.eac; import java.text.ParseException; import java.text.SimpleDateFormat; import java.util.Date; +import java.util.Locale; import java.util.SimpleTimeZone; import org.bouncycastle.util.Arrays; @@ -21,7 +22,9 @@ public class PackedDate } /** - * base constructer from a java.util.date object + * Base constructor from a java.util.date object. + * + * @param time a date object representing the time of interest. */ public PackedDate( Date time) @@ -33,6 +36,24 @@ public class PackedDate this.time = convert(dateF.format(time)); } + /** + * Base constructor from a java.util.date object. You may need to use this constructor if the default locale + * doesn't use a Gregorian calender so that the PackedDate produced is compatible with other ASN.1 implementations. + * + * @param time a date object representing the time of interest. + * @param locale an appropriate Locale for producing an ASN.1 GeneralizedTime value. + */ + public PackedDate( + Date time, + Locale locale) + { + SimpleDateFormat dateF = new SimpleDateFormat("yyMMdd'Z'", locale); + + dateF.setTimeZone(new SimpleTimeZone(0,"Z")); + + this.time = convert(dateF.format(time)); + } + private byte[] convert(String sTime) { char[] digs = sTime.toCharArray(); diff --git a/bcprov/src/main/java/org/bouncycastle/asn1/eac/RSAPublicKey.java b/bcprov/src/main/java/org/bouncycastle/asn1/eac/RSAPublicKey.java index 7c851699..3e1727e4 100644 --- a/bcprov/src/main/java/org/bouncycastle/asn1/eac/RSAPublicKey.java +++ b/bcprov/src/main/java/org/bouncycastle/asn1/eac/RSAPublicKey.java @@ -12,7 +12,6 @@ import org.bouncycastle.asn1.DERSequence; /** * an Iso7816RSAPublicKeyStructure structure. - * <p/> * <pre> * Certificate Holder Authorization ::= SEQUENCE { * // modulus should be at least 1024bit and a multiple of 512. diff --git a/bcprov/src/main/java/org/bouncycastle/asn1/eac/package.html b/bcprov/src/main/java/org/bouncycastle/asn1/eac/package.html new file mode 100644 index 00000000..360d598b --- /dev/null +++ b/bcprov/src/main/java/org/bouncycastle/asn1/eac/package.html @@ -0,0 +1,5 @@ +<html> +<body bgcolor="#ffffff"> +ASN.1 classes specific to the Bundesamt für Sicherheit in der Informationstechnik (BSI) Technical Guideline Advanced Security Mechanisms for Machine Readable Travel Documents. +</body> +</html> diff --git a/bcprov/src/main/java/org/bouncycastle/asn1/esf/package.html b/bcprov/src/main/java/org/bouncycastle/asn1/esf/package.html new file mode 100644 index 00000000..de273675 --- /dev/null +++ b/bcprov/src/main/java/org/bouncycastle/asn1/esf/package.html @@ -0,0 +1,6 @@ +<html> +<body bgcolor="#ffffff"> +Support classes useful for encoding and supporting [ESF] RFC3126 +Electronic Signature Formats for long term electronic signatures. +</body> +</html> diff --git a/bcprov/src/main/java/org/bouncycastle/asn1/ess/ContentHints.java b/bcprov/src/main/java/org/bouncycastle/asn1/ess/ContentHints.java index 93d9d0c8..462d9685 100644 --- a/bcprov/src/main/java/org/bouncycastle/asn1/ess/ContentHints.java +++ b/bcprov/src/main/java/org/bouncycastle/asn1/ess/ContentHints.java @@ -6,7 +6,6 @@ import org.bouncycastle.asn1.ASN1Object; import org.bouncycastle.asn1.ASN1ObjectIdentifier; import org.bouncycastle.asn1.ASN1Primitive; import org.bouncycastle.asn1.ASN1Sequence; -import org.bouncycastle.asn1.DERObjectIdentifier; import org.bouncycastle.asn1.DERSequence; import org.bouncycastle.asn1.DERUTF8String; @@ -47,25 +46,6 @@ public class ContentHints } } - /** - * @deprecated use ASN1ObjectIdentifier - */ - public ContentHints( - DERObjectIdentifier contentType) - { - this(new ASN1ObjectIdentifier(contentType.getId())); - } - - /** - * @deprecated use ASN1ObjectIdentifier - */ - public ContentHints( - DERObjectIdentifier contentType, - DERUTF8String contentDescription) - { - this(new ASN1ObjectIdentifier(contentType.getId()), contentDescription); - } - public ContentHints( ASN1ObjectIdentifier contentType) { diff --git a/bcprov/src/main/java/org/bouncycastle/asn1/ess/package.html b/bcprov/src/main/java/org/bouncycastle/asn1/ess/package.html new file mode 100644 index 00000000..21854b36 --- /dev/null +++ b/bcprov/src/main/java/org/bouncycastle/asn1/ess/package.html @@ -0,0 +1,5 @@ +<html> +<body bgcolor="#ffffff"> +Support classes useful for encoding and supporting Enhanced Security Services for S/MIME as described RFC 2634 and RFC 5035. +</body> +</html> diff --git a/bcprov/src/main/java/org/bouncycastle/asn1/gnu/package.html b/bcprov/src/main/java/org/bouncycastle/asn1/gnu/package.html new file mode 100644 index 00000000..cdb9f59d --- /dev/null +++ b/bcprov/src/main/java/org/bouncycastle/asn1/gnu/package.html @@ -0,0 +1,5 @@ +<html> +<body bgcolor="#ffffff"> +ASN.1 classes specific to the GNU APIs and applications. +</body> +</html> diff --git a/bcprov/src/main/java/org/bouncycastle/asn1/iana/package.html b/bcprov/src/main/java/org/bouncycastle/asn1/iana/package.html new file mode 100644 index 00000000..bb60b438 --- /dev/null +++ b/bcprov/src/main/java/org/bouncycastle/asn1/iana/package.html @@ -0,0 +1,5 @@ +<html> +<body bgcolor="#ffffff"> +ASN.1 classes specific to the Internet Assigned Numbers Authority (IANA). +</body> +</html> diff --git a/bcprov/src/main/java/org/bouncycastle/asn1/icao/CscaMasterList.java b/bcprov/src/main/java/org/bouncycastle/asn1/icao/CscaMasterList.java index 2cae261f..ff629f2f 100644 --- a/bcprov/src/main/java/org/bouncycastle/asn1/icao/CscaMasterList.java +++ b/bcprov/src/main/java/org/bouncycastle/asn1/icao/CscaMasterList.java @@ -13,7 +13,7 @@ import org.bouncycastle.asn1.x509.Certificate; /** * The CscaMasterList object. This object can be wrapped in a * CMSSignedData to be published in LDAP. - * <p/> + * * <pre> * CscaMasterList ::= SEQUENCE { * version CscaMasterListVersion, diff --git a/bcprov/src/main/java/org/bouncycastle/asn1/icao/package.html b/bcprov/src/main/java/org/bouncycastle/asn1/icao/package.html new file mode 100644 index 00000000..f2301dbe --- /dev/null +++ b/bcprov/src/main/java/org/bouncycastle/asn1/icao/package.html @@ -0,0 +1,5 @@ +<html> +<body bgcolor="#ffffff"> +ICAO ASN.1 classes for electronic passport. +</body> +</html> diff --git a/bcprov/src/main/java/org/bouncycastle/asn1/isismtt/ocsp/CertHash.java b/bcprov/src/main/java/org/bouncycastle/asn1/isismtt/ocsp/CertHash.java index 932d3008..dff3d848 100644 --- a/bcprov/src/main/java/org/bouncycastle/asn1/isismtt/ocsp/CertHash.java +++ b/bcprov/src/main/java/org/bouncycastle/asn1/isismtt/ocsp/CertHash.java @@ -19,8 +19,6 @@ import org.bouncycastle.asn1.x509.AlgorithmIdentifier; * the expiry of the corresponding certificate. Hence, clients MUST support this * extension. If a positive statement of availability is to be delivered, this * extension syntax and OID MUST be used. - * <p/> - * <p/> * <pre> * CertHash ::= SEQUENCE { * hashAlgorithm AlgorithmIdentifier, @@ -53,16 +51,15 @@ public class CertHash /** * Constructor from ASN1Sequence. - * <p/> + * <p> * The sequence is of type CertHash: - * <p/> * <pre> * CertHash ::= SEQUENCE { * hashAlgorithm AlgorithmIdentifier, * certificateHash OCTET STRING * } * </pre> - * + * </p> * @param seq The ASN.1 sequence. */ private CertHash(ASN1Sequence seq) @@ -102,9 +99,8 @@ public class CertHash /** * Produce an object suitable for an ASN1OutputStream. - * <p/> + * <p> * Returns: - * <p/> * <pre> * CertHash ::= SEQUENCE { * hashAlgorithm AlgorithmIdentifier, diff --git a/bcprov/src/main/java/org/bouncycastle/asn1/isismtt/ocsp/RequestedCertificate.java b/bcprov/src/main/java/org/bouncycastle/asn1/isismtt/ocsp/RequestedCertificate.java index cffcc5ab..5c12016e 100644 --- a/bcprov/src/main/java/org/bouncycastle/asn1/isismtt/ocsp/RequestedCertificate.java +++ b/bcprov/src/main/java/org/bouncycastle/asn1/isismtt/ocsp/RequestedCertificate.java @@ -16,7 +16,7 @@ import org.bouncycastle.asn1.x509.Certificate; * ISIS-MTT-Optional: The certificate requested by the client by inserting the * RetrieveIfAllowed extension in the request, will be returned in this * extension. - * <p/> + * <p> * ISIS-MTT-SigG: The signature act allows publishing certificates only then, * when the certificate owner gives his explicit permission. Accordingly, there * may be �nondownloadable� certificates, about which the responder must provide @@ -36,7 +36,6 @@ import org.bouncycastle.asn1.x509.Certificate; * Clients requesting RetrieveIfAllowed MUST be able to handle these cases. If * any of the OCTET STRING options is used, it MUST contain the DER encoding of * the requested certificate. - * <p/> * <pre> * RequestedCertificate ::= CHOICE { * Certificate Certificate, @@ -105,7 +104,7 @@ public class RequestedCertificate /** * Constructor from a given details. - * <p/> + * <p> * Only one parameter can be given. All other must be <code>null</code>. * * @param certificate Given as Certificate @@ -155,9 +154,8 @@ public class RequestedCertificate /** * Produce an object suitable for an ASN1OutputStream. - * <p/> + * <p> * Returns: - * <p/> * <pre> * RequestedCertificate ::= CHOICE { * Certificate Certificate, diff --git a/bcprov/src/main/java/org/bouncycastle/asn1/isismtt/ocsp/package.html b/bcprov/src/main/java/org/bouncycastle/asn1/isismtt/ocsp/package.html new file mode 100644 index 00000000..cd95ca33 --- /dev/null +++ b/bcprov/src/main/java/org/bouncycastle/asn1/isismtt/ocsp/package.html @@ -0,0 +1,5 @@ +<html> +<body bgcolor="#ffffff"> +Support classes for the ISIS-MTT profile for OCSP. +</body> +</html> diff --git a/bcprov/src/main/java/org/bouncycastle/asn1/isismtt/package.html b/bcprov/src/main/java/org/bouncycastle/asn1/isismtt/package.html new file mode 100644 index 00000000..14ab3901 --- /dev/null +++ b/bcprov/src/main/java/org/bouncycastle/asn1/isismtt/package.html @@ -0,0 +1,5 @@ +<html> +<body bgcolor="#ffffff"> +Support classes for the ISIS-MTT Project. +</body> +</html> diff --git a/bcprov/src/main/java/org/bouncycastle/asn1/isismtt/x509/AdditionalInformationSyntax.java b/bcprov/src/main/java/org/bouncycastle/asn1/isismtt/x509/AdditionalInformationSyntax.java index ff9ed124..55c7d43f 100644 --- a/bcprov/src/main/java/org/bouncycastle/asn1/isismtt/x509/AdditionalInformationSyntax.java +++ b/bcprov/src/main/java/org/bouncycastle/asn1/isismtt/x509/AdditionalInformationSyntax.java @@ -54,9 +54,8 @@ public class AdditionalInformationSyntax /** * Produce an object suitable for an ASN1OutputStream. - * <p/> + * <p> * Returns: - * <p/> * <pre> * AdditionalInformationSyntax ::= DirectoryString (SIZE(1..2048)) * </pre> diff --git a/bcprov/src/main/java/org/bouncycastle/asn1/isismtt/x509/AdmissionSyntax.java b/bcprov/src/main/java/org/bouncycastle/asn1/isismtt/x509/AdmissionSyntax.java index 202373ec..4943d527 100644 --- a/bcprov/src/main/java/org/bouncycastle/asn1/isismtt/x509/AdmissionSyntax.java +++ b/bcprov/src/main/java/org/bouncycastle/asn1/isismtt/x509/AdmissionSyntax.java @@ -11,28 +11,28 @@ import org.bouncycastle.asn1.x509.GeneralName; /** * Attribute to indicate admissions to certain professions. - * <p/> + * * <pre> * AdmissionSyntax ::= SEQUENCE * { * admissionAuthority GeneralName OPTIONAL, * contentsOfAdmissions SEQUENCE OF Admissions * } - * <p/> + * * Admissions ::= SEQUENCE * { * admissionAuthority [0] EXPLICIT GeneralName OPTIONAL * namingAuthority [1] EXPLICIT NamingAuthority OPTIONAL * professionInfos SEQUENCE OF ProfessionInfo * } - * <p/> + * * NamingAuthority ::= SEQUENCE * { * namingAuthorityId OBJECT IDENTIFIER OPTIONAL, * namingAuthorityUrl IA5String OPTIONAL, * namingAuthorityText DirectoryString(SIZE(1..128)) OPTIONAL * } - * <p/> + * * ProfessionInfo ::= SEQUENCE * { * namingAuthority [0] EXPLICIT NamingAuthority OPTIONAL, @@ -42,8 +42,7 @@ import org.bouncycastle.asn1.x509.GeneralName; * addProfessionInfo OCTET STRING OPTIONAL * } * </pre> - * <p/> - * <p/> + * <p> * ISIS-MTT PROFILE: The relatively complex structure of AdmissionSyntax * supports the following concepts and requirements: * <ul> @@ -68,7 +67,7 @@ import org.bouncycastle.asn1.x509.GeneralName; * component namingAuthorityId are grouped under the OID-branch * id-isis-at-namingAuthorities and must be applied for. * <li>See - * http://www.teletrust.de/anwend.asp?Id=30200&Sprache=E_&HomePG=0 for + * http://www.teletrust.de/anwend.asp?Id=30200&Sprache=E_&HomePG=0 for * an application form and http://www.teletrust.de/links.asp?id=30220,11 * for an overview of registered naming authorities. * <li> By means of the data type ProfessionInfo certain professions, @@ -80,7 +79,7 @@ import org.bouncycastle.asn1.x509.GeneralName; * addProfessionInfo may contain additional applicationspecific information in * DER-encoded form. * </ul> - * <p/> + * <p> * By means of different namingAuthority-OIDs or profession OIDs hierarchies of * professions, specializations, disciplines, fields of activity, etc. can be * expressed. The issuing admission authority should always be indicated (field @@ -89,9 +88,7 @@ import org.bouncycastle.asn1.x509.GeneralName; * naming authority by the exclusive use of the component professionItems. In * this case the certification authority is responsible for the verification of * the admission information. - * <p/> - * <p/> - * <p/> + * <p> * This attribute is single-valued. Still, several admissions can be captured in * the sequence structure of the component contentsOfAdmissions of * AdmissionSyntax or in the component professionInfos of Admissions. The @@ -102,7 +99,7 @@ import org.bouncycastle.asn1.x509.GeneralName; * value for the component namingAuthority of ProfessionInfo. Within the latter * component the default value can be overwritten, in case that another naming * authority needs to be recorded. - * <p/> + * <p> * The length of the string objects is limited to 128 characters. It is * recommended to indicate a namingAuthorityURL in all issued attribute * certificates. If a namingAuthorityURL is indicated, the field professionItems @@ -143,30 +140,29 @@ public class AdmissionSyntax /** * Constructor from ASN1Sequence. - * <p/> + * <p> * The sequence is of type ProcurationSyntax: - * <p/> * <pre> * AdmissionSyntax ::= SEQUENCE * { * admissionAuthority GeneralName OPTIONAL, * contentsOfAdmissions SEQUENCE OF Admissions * } - * <p/> + * * Admissions ::= SEQUENCE * { * admissionAuthority [0] EXPLICIT GeneralName OPTIONAL * namingAuthority [1] EXPLICIT NamingAuthority OPTIONAL * professionInfos SEQUENCE OF ProfessionInfo * } - * <p/> + * * NamingAuthority ::= SEQUENCE * { * namingAuthorityId OBJECT IDENTIFIER OPTIONAL, * namingAuthorityUrl IA5String OPTIONAL, * namingAuthorityText DirectoryString(SIZE(1..128)) OPTIONAL * } - * <p/> + * * ProfessionInfo ::= SEQUENCE * { * namingAuthority [0] EXPLICIT NamingAuthority OPTIONAL, @@ -176,7 +172,7 @@ public class AdmissionSyntax * addProfessionInfo OCTET STRING OPTIONAL * } * </pre> - * + * </p> * @param seq The ASN.1 sequence. */ private AdmissionSyntax(ASN1Sequence seq) @@ -209,30 +205,29 @@ public class AdmissionSyntax /** * Produce an object suitable for an ASN1OutputStream. - * <p/> + * <p> * Returns: - * <p/> * <pre> * AdmissionSyntax ::= SEQUENCE * { * admissionAuthority GeneralName OPTIONAL, * contentsOfAdmissions SEQUENCE OF Admissions * } - * <p/> + * * Admissions ::= SEQUENCE * { * admissionAuthority [0] EXPLICIT GeneralName OPTIONAL * namingAuthority [1] EXPLICIT NamingAuthority OPTIONAL * professionInfos SEQUENCE OF ProfessionInfo * } - * <p/> + * * NamingAuthority ::= SEQUENCE * { * namingAuthorityId OBJECT IDENTIFIER OPTIONAL, * namingAuthorityUrl IA5String OPTIONAL, * namingAuthorityText DirectoryString(SIZE(1..128)) OPTIONAL * } - * <p/> + * * ProfessionInfo ::= SEQUENCE * { * namingAuthority [0] EXPLICIT NamingAuthority OPTIONAL, diff --git a/bcprov/src/main/java/org/bouncycastle/asn1/isismtt/x509/Admissions.java b/bcprov/src/main/java/org/bouncycastle/asn1/isismtt/x509/Admissions.java index 3a5ef242..bda15140 100644 --- a/bcprov/src/main/java/org/bouncycastle/asn1/isismtt/x509/Admissions.java +++ b/bcprov/src/main/java/org/bouncycastle/asn1/isismtt/x509/Admissions.java @@ -14,7 +14,6 @@ import org.bouncycastle.asn1.x509.GeneralName; /** * An Admissions structure. - * <p/> * <pre> * Admissions ::= SEQUENCE * { @@ -22,7 +21,6 @@ import org.bouncycastle.asn1.x509.GeneralName; * namingAuthority [1] EXPLICIT NamingAuthority OPTIONAL * professionInfos SEQUENCE OF ProfessionInfo * } - * <p/> * </pre> * * @see org.bouncycastle.asn1.isismtt.x509.AdmissionSyntax @@ -56,9 +54,8 @@ public class Admissions /** * Constructor from ASN1Sequence. - * <p/> + * <p> * The sequence is of type ProcurationSyntax: - * <p/> * <pre> * Admissions ::= SEQUENCE * { @@ -67,7 +64,7 @@ public class Admissions * professionInfos SEQUENCE OF ProfessionInfo * } * </pre> - * + * </p> * @param seq The ASN.1 sequence. */ private Admissions(ASN1Sequence seq) @@ -117,7 +114,7 @@ public class Admissions /** * Constructor from a given details. - * <p/> + * <p> * Parameter <code>professionInfos</code> is mandatory. * * @param admissionAuthority The admission authority. @@ -155,9 +152,8 @@ public class Admissions /** * Produce an object suitable for an ASN1OutputStream. - * <p/> + * <p> * Returns: - * <p/> * <pre> * Admissions ::= SEQUENCE * { @@ -165,7 +161,6 @@ public class Admissions * namingAuthority [1] EXPLICIT NamingAuthority OPTIONAL * professionInfos SEQUENCE OF ProfessionInfo * } - * <p/> * </pre> * * @return an ASN1Primitive diff --git a/bcprov/src/main/java/org/bouncycastle/asn1/isismtt/x509/DeclarationOfMajority.java b/bcprov/src/main/java/org/bouncycastle/asn1/isismtt/x509/DeclarationOfMajority.java index 20887cee..987c5907 100644 --- a/bcprov/src/main/java/org/bouncycastle/asn1/isismtt/x509/DeclarationOfMajority.java +++ b/bcprov/src/main/java/org/bouncycastle/asn1/isismtt/x509/DeclarationOfMajority.java @@ -15,7 +15,7 @@ import org.bouncycastle.asn1.DERTaggedObject; /** * A declaration of majority. - * <p/> + * * <pre> * DeclarationOfMajoritySyntax ::= CHOICE * { @@ -28,7 +28,7 @@ import org.bouncycastle.asn1.DERTaggedObject; * dateOfBirth [2] IMPLICIT GeneralizedTime * } * </pre> - * <p/> + * <p> * fullAgeAtCountry indicates the majority of the owner with respect to the laws * of a specific country. */ @@ -101,9 +101,8 @@ public class DeclarationOfMajority /** * Produce an object suitable for an ASN1OutputStream. - * <p/> + * <p> * Returns: - * <p/> * <pre> * DeclarationOfMajoritySyntax ::= CHOICE * { diff --git a/bcprov/src/main/java/org/bouncycastle/asn1/isismtt/x509/MonetaryLimit.java b/bcprov/src/main/java/org/bouncycastle/asn1/isismtt/x509/MonetaryLimit.java index 1b101998..7425287e 100644 --- a/bcprov/src/main/java/org/bouncycastle/asn1/isismtt/x509/MonetaryLimit.java +++ b/bcprov/src/main/java/org/bouncycastle/asn1/isismtt/x509/MonetaryLimit.java @@ -17,11 +17,10 @@ import org.bouncycastle.asn1.DERSequence; * since January 1, 2004. For the sake of backward compatibility with * certificates already in use, components SHOULD support MonetaryLimit (as well * as QcEuLimitValue). - * <p/> + * <p> * Indicates a monetary limit within which the certificate holder is authorized * to act. (This value DOES NOT express a limit on the liability of the * certification authority). - * <p/> * <pre> * MonetaryLimitSyntax ::= SEQUENCE * { @@ -30,9 +29,9 @@ import org.bouncycastle.asn1.DERSequence; * exponent INTEGER * } * </pre> - * <p/> + * <p> * currency must be the ISO code. - * <p/> + * <p> * value = amount�10*exponent */ public class MonetaryLimit @@ -72,8 +71,7 @@ public class MonetaryLimit /** * Constructor from a given details. - * <p/> - * <p/> + * <p> * value = amount�10^exponent * * @param currency The currency. Must be the ISO code. @@ -104,9 +102,8 @@ public class MonetaryLimit /** * Produce an object suitable for an ASN1OutputStream. - * <p/> + * <p> * Returns: - * <p/> * <pre> * MonetaryLimitSyntax ::= SEQUENCE * { diff --git a/bcprov/src/main/java/org/bouncycastle/asn1/isismtt/x509/NamingAuthority.java b/bcprov/src/main/java/org/bouncycastle/asn1/isismtt/x509/NamingAuthority.java index 237f5e55..9a123c3e 100644 --- a/bcprov/src/main/java/org/bouncycastle/asn1/isismtt/x509/NamingAuthority.java +++ b/bcprov/src/main/java/org/bouncycastle/asn1/isismtt/x509/NamingAuthority.java @@ -11,7 +11,6 @@ import org.bouncycastle.asn1.ASN1Sequence; import org.bouncycastle.asn1.ASN1String; import org.bouncycastle.asn1.ASN1TaggedObject; import org.bouncycastle.asn1.DERIA5String; -import org.bouncycastle.asn1.DERObjectIdentifier; import org.bouncycastle.asn1.DERSequence; import org.bouncycastle.asn1.isismtt.ISISMTTObjectIdentifiers; import org.bouncycastle.asn1.x500.DirectoryString; @@ -71,8 +70,6 @@ public class NamingAuthority /** * Constructor from ASN1Sequence. - * <p/> - * <p/> * <pre> * NamingAuthority ::= SEQUENCE * { @@ -173,27 +170,9 @@ public class NamingAuthority return namingAuthorityUrl; } - /** - * Constructor from given details. - * <p/> - * All parameters can be combined. - * - * @param namingAuthorityId ObjectIdentifier for naming authority. - * @param namingAuthorityUrl URL for naming authority. - * @param namingAuthorityText Textual representation of naming authority. - * @deprecated use ASN1ObjectIdentifier method - */ - public NamingAuthority(DERObjectIdentifier namingAuthorityId, - String namingAuthorityUrl, DirectoryString namingAuthorityText) - { - this.namingAuthorityId = new ASN1ObjectIdentifier(namingAuthorityId.getId()); - this.namingAuthorityUrl = namingAuthorityUrl; - this.namingAuthorityText = namingAuthorityText; - } - /** * Constructor from given details. - * <p/> + * <p> * All parameters can be combined. * * @param namingAuthorityId ObjectIdentifier for naming authority. @@ -210,9 +189,8 @@ public class NamingAuthority /** * Produce an object suitable for an ASN1OutputStream. - * <p/> + * <p> * Returns: - * <p/> * <pre> * NamingAuthority ::= SEQUENCE * { diff --git a/bcprov/src/main/java/org/bouncycastle/asn1/isismtt/x509/ProcurationSyntax.java b/bcprov/src/main/java/org/bouncycastle/asn1/isismtt/x509/ProcurationSyntax.java index 0a64f8e9..506f75a8 100644 --- a/bcprov/src/main/java/org/bouncycastle/asn1/isismtt/x509/ProcurationSyntax.java +++ b/bcprov/src/main/java/org/bouncycastle/asn1/isismtt/x509/ProcurationSyntax.java @@ -75,23 +75,22 @@ public class ProcurationSyntax /** * Constructor from ASN1Sequence. - * <p/> + * <p> * The sequence is of type ProcurationSyntax: - * <p/> * <pre> * ProcurationSyntax ::= SEQUENCE { * country [1] EXPLICIT PrintableString(SIZE(2)) OPTIONAL, * typeOfSubstitution [2] EXPLICIT DirectoryString (SIZE(1..128)) OPTIONAL, * signingFor [3] EXPLICIT SigningFor * } - * <p/> + * * SigningFor ::= CHOICE * { * thirdPerson GeneralName, * certRef IssuerSerial * } * </pre> - * + * </p> * @param seq The ASN.1 sequence. */ private ProcurationSyntax(ASN1Sequence seq) @@ -132,8 +131,7 @@ public class ProcurationSyntax /** * Constructor from a given details. - * <p/> - * <p/> + * <p> * Either <code>generalName</code> or <code>certRef</code> MUST be * <code>null</code>. * @@ -154,8 +152,7 @@ public class ProcurationSyntax /** * Constructor from a given details. - * <p/> - * <p/> + * <p> * Either <code>generalName</code> or <code>certRef</code> MUST be * <code>null</code>. * @@ -196,16 +193,15 @@ public class ProcurationSyntax /** * Produce an object suitable for an ASN1OutputStream. - * <p/> + * <p> * Returns: - * <p/> * <pre> * ProcurationSyntax ::= SEQUENCE { * country [1] EXPLICIT PrintableString(SIZE(2)) OPTIONAL, * typeOfSubstitution [2] EXPLICIT DirectoryString (SIZE(1..128)) OPTIONAL, * signingFor [3] EXPLICIT SigningFor * } - * <p/> + * * SigningFor ::= CHOICE * { * thirdPerson GeneralName, diff --git a/bcprov/src/main/java/org/bouncycastle/asn1/isismtt/x509/ProfessionInfo.java b/bcprov/src/main/java/org/bouncycastle/asn1/isismtt/x509/ProfessionInfo.java index 081d9af9..e0f94bee 100644 --- a/bcprov/src/main/java/org/bouncycastle/asn1/isismtt/x509/ProfessionInfo.java +++ b/bcprov/src/main/java/org/bouncycastle/asn1/isismtt/x509/ProfessionInfo.java @@ -178,8 +178,6 @@ public class ProfessionInfo /** * Constructor from ASN1Sequence. - * <p/> - * <p/> * <pre> * ProfessionInfo ::= SEQUENCE * { @@ -274,7 +272,7 @@ public class ProfessionInfo /** * Constructor from given details. - * <p/> + * <p> * <code>professionItems</code> is mandatory, all other parameters are * optional. * @@ -311,9 +309,8 @@ public class ProfessionInfo /** * Produce an object suitable for an ASN1OutputStream. - * <p/> + * <p> * Returns: - * <p/> * <pre> * ProfessionInfo ::= SEQUENCE * { diff --git a/bcprov/src/main/java/org/bouncycastle/asn1/isismtt/x509/Restriction.java b/bcprov/src/main/java/org/bouncycastle/asn1/isismtt/x509/Restriction.java index c2a2a413..1a72bea1 100644 --- a/bcprov/src/main/java/org/bouncycastle/asn1/isismtt/x509/Restriction.java +++ b/bcprov/src/main/java/org/bouncycastle/asn1/isismtt/x509/Restriction.java @@ -6,7 +6,7 @@ import org.bouncycastle.asn1.x500.DirectoryString; /** * Some other restriction regarding the usage of this certificate. - * <p/> + * * <pre> * RestrictionSyntax ::= DirectoryString (SIZE(1..1024)) * </pre> @@ -33,13 +33,12 @@ public class Restriction /** * Constructor from DirectoryString. - * <p/> + * <p> * The DirectoryString is of type RestrictionSyntax: - * <p/> * <pre> * RestrictionSyntax ::= DirectoryString (SIZE(1..1024)) * </pre> - * + * </p> * @param restriction A DirectoryString. */ private Restriction(DirectoryString restriction) @@ -64,12 +63,10 @@ public class Restriction /** * Produce an object suitable for an ASN1OutputStream. - * <p/> + * <p> * Returns: - * <p/> * <pre> * RestrictionSyntax ::= DirectoryString (SIZE(1..1024)) - * <p/> * </pre> * * @return a DERObject diff --git a/bcprov/src/main/java/org/bouncycastle/asn1/isismtt/x509/package.html b/bcprov/src/main/java/org/bouncycastle/asn1/isismtt/x509/package.html new file mode 100644 index 00000000..fa411ec7 --- /dev/null +++ b/bcprov/src/main/java/org/bouncycastle/asn1/isismtt/x509/package.html @@ -0,0 +1,5 @@ +<html> +<body bgcolor="#ffffff"> +Support classes for the ISIS-MTT X.509 Certificate Extensions. +</body> +</html> diff --git a/bcprov/src/main/java/org/bouncycastle/asn1/kisa/package.html b/bcprov/src/main/java/org/bouncycastle/asn1/kisa/package.html new file mode 100644 index 00000000..48b5afdf --- /dev/null +++ b/bcprov/src/main/java/org/bouncycastle/asn1/kisa/package.html @@ -0,0 +1,5 @@ +<html> +<body bgcolor="#ffffff"> +Support classes for the Korea Information Security Agency (KISA) standard - SEED algorithm. +</body> +</html> diff --git a/bcprov/src/main/java/org/bouncycastle/asn1/microsoft/MicrosoftObjectIdentifiers.java b/bcprov/src/main/java/org/bouncycastle/asn1/microsoft/MicrosoftObjectIdentifiers.java index 8ba2cf5e..a7b651a6 100644 --- a/bcprov/src/main/java/org/bouncycastle/asn1/microsoft/MicrosoftObjectIdentifiers.java +++ b/bcprov/src/main/java/org/bouncycastle/asn1/microsoft/MicrosoftObjectIdentifiers.java @@ -21,6 +21,8 @@ public interface MicrosoftObjectIdentifiers static final ASN1ObjectIdentifier microsoftCaVersion = microsoft.branch("21.1"); /** OID: 1.3.6.1.4.1.311.21.2 */ static final ASN1ObjectIdentifier microsoftPrevCaCertHash = microsoft.branch("21.2"); + /** OID: 1.3.6.1.4.1.311.21.4 */ + static final ASN1ObjectIdentifier microsoftCrlNextPublish = microsoft.branch("21.4"); /** OID: 1.3.6.1.4.1.311.21.7 */ static final ASN1ObjectIdentifier microsoftCertTemplateV2 = microsoft.branch("21.7"); /** OID: 1.3.6.1.4.1.311.21.10 */ diff --git a/bcprov/src/main/java/org/bouncycastle/asn1/microsoft/package.html b/bcprov/src/main/java/org/bouncycastle/asn1/microsoft/package.html new file mode 100644 index 00000000..35d12486 --- /dev/null +++ b/bcprov/src/main/java/org/bouncycastle/asn1/microsoft/package.html @@ -0,0 +1,5 @@ +<html> +<body bgcolor="#ffffff"> +Support for Microsoft specific ASN.1 classes and object identifiers. +</body> +</html> diff --git a/bcprov/src/main/java/org/bouncycastle/asn1/misc/MiscObjectIdentifiers.java b/bcprov/src/main/java/org/bouncycastle/asn1/misc/MiscObjectIdentifiers.java index 6aff988d..098656c0 100644 --- a/bcprov/src/main/java/org/bouncycastle/asn1/misc/MiscObjectIdentifiers.java +++ b/bcprov/src/main/java/org/bouncycastle/asn1/misc/MiscObjectIdentifiers.java @@ -35,9 +35,16 @@ public interface MiscObjectIdentifiers static final ASN1ObjectIdentifier verisign = new ASN1ObjectIdentifier("2.16.840.1.113733.1"); /** Verisign CZAG (Country,Zip,Age,Gender) Extension OID: 2.16.840.1.113733.1.6.3 */ - static final ASN1ObjectIdentifier verisignCzagExtension = verisign.branch("6.3"); - /** Verisign D&B D-U-N-S number Extension OID: 2.16.840.1.113733.1.6.15 */ - static final ASN1ObjectIdentifier verisignDnbDunsNumber = verisign.branch("6.15"); + static final ASN1ObjectIdentifier verisignCzagExtension = verisign.branch("6.3"); + + static final ASN1ObjectIdentifier verisignPrivate_6_9 = verisign.branch("6.9"); + static final ASN1ObjectIdentifier verisignOnSiteJurisdictionHash = verisign.branch("6.11"); + static final ASN1ObjectIdentifier verisignBitString_6_13 = verisign.branch("6.13"); + + /** Verisign D&B D-U-N-S number Extension OID: 2.16.840.1.113733.1.6.15 */ + static final ASN1ObjectIdentifier verisignDnbDunsNumber = verisign.branch("6.15"); + + static final ASN1ObjectIdentifier verisignIssStrongCrypto = verisign.branch("8.1"); // // Novell diff --git a/bcprov/src/main/java/org/bouncycastle/asn1/misc/package.html b/bcprov/src/main/java/org/bouncycastle/asn1/misc/package.html new file mode 100644 index 00000000..e3bda640 --- /dev/null +++ b/bcprov/src/main/java/org/bouncycastle/asn1/misc/package.html @@ -0,0 +1,5 @@ +<html> +<body bgcolor="#ffffff"> +Miscellaneous object identifiers and objects. +</body> +</html> diff --git a/bcprov/src/main/java/org/bouncycastle/asn1/mozilla/package.html b/bcprov/src/main/java/org/bouncycastle/asn1/mozilla/package.html new file mode 100644 index 00000000..40776b01 --- /dev/null +++ b/bcprov/src/main/java/org/bouncycastle/asn1/mozilla/package.html @@ -0,0 +1,5 @@ +<html> +<body bgcolor="#ffffff"> +Support classes useful for encoding objects used by mozilla. +</body> +</html> diff --git a/bcprov/src/main/java/org/bouncycastle/asn1/nist/package.html b/bcprov/src/main/java/org/bouncycastle/asn1/nist/package.html new file mode 100644 index 00000000..1cdca769 --- /dev/null +++ b/bcprov/src/main/java/org/bouncycastle/asn1/nist/package.html @@ -0,0 +1,5 @@ +<html> +<body bgcolor="#ffffff"> +Support classes for NIST related objects. +</body> +</html> diff --git a/bcprov/src/main/java/org/bouncycastle/asn1/ntt/package.html b/bcprov/src/main/java/org/bouncycastle/asn1/ntt/package.html new file mode 100644 index 00000000..4b9d05dd --- /dev/null +++ b/bcprov/src/main/java/org/bouncycastle/asn1/ntt/package.html @@ -0,0 +1,5 @@ +<html> +<body bgcolor="#ffffff"> +ASN.1 classes relevant to the standards produced by Nippon Telegraph and Telephone. +</body> +</html> diff --git a/bcprov/src/main/java/org/bouncycastle/asn1/ocsp/CrlID.java b/bcprov/src/main/java/org/bouncycastle/asn1/ocsp/CrlID.java index e14fe294..f5a35811 100644 --- a/bcprov/src/main/java/org/bouncycastle/asn1/ocsp/CrlID.java +++ b/bcprov/src/main/java/org/bouncycastle/asn1/ocsp/CrlID.java @@ -9,7 +9,6 @@ import org.bouncycastle.asn1.ASN1Object; import org.bouncycastle.asn1.ASN1Primitive; import org.bouncycastle.asn1.ASN1Sequence; import org.bouncycastle.asn1.ASN1TaggedObject; -import org.bouncycastle.asn1.DERGeneralizedTime; import org.bouncycastle.asn1.DERIA5String; import org.bouncycastle.asn1.DERSequence; import org.bouncycastle.asn1.DERTaggedObject; @@ -39,7 +38,7 @@ public class CrlID crlNum = ASN1Integer.getInstance(o, true); break; case 2: - crlTime = DERGeneralizedTime.getInstance(o, true); + crlTime = ASN1GeneralizedTime.getInstance(o, true); break; default: throw new IllegalArgumentException( diff --git a/bcprov/src/main/java/org/bouncycastle/asn1/ocsp/OCSPObjectIdentifiers.java b/bcprov/src/main/java/org/bouncycastle/asn1/ocsp/OCSPObjectIdentifiers.java index f8ea8f75..577e413a 100644 --- a/bcprov/src/main/java/org/bouncycastle/asn1/ocsp/OCSPObjectIdentifiers.java +++ b/bcprov/src/main/java/org/bouncycastle/asn1/ocsp/OCSPObjectIdentifiers.java @@ -3,7 +3,7 @@ package org.bouncycastle.asn1.ocsp; import org.bouncycastle.asn1.ASN1ObjectIdentifier; /** - * OIDs for <a href="http://tools.ietf.org/html/rfc2560">RFC 2560</a> + * OIDs for <a href="http://tools.ietf.org/html/rfc2560">RFC 2560</a> and <a href="http://tools.ietf.org/html/rfc6960">RFC 6960</a> * Online Certificate Status Protocol - OCSP. */ public interface OCSPObjectIdentifiers @@ -26,4 +26,9 @@ public interface OCSPObjectIdentifiers static final ASN1ObjectIdentifier id_pkix_ocsp_archive_cutoff = new ASN1ObjectIdentifier("1.3.6.1.5.5.7.48.1.6"); /** OID: 1.3.6.1.5.5.7.48.1.7 */ static final ASN1ObjectIdentifier id_pkix_ocsp_service_locator = new ASN1ObjectIdentifier("1.3.6.1.5.5.7.48.1.7"); + + + static final ASN1ObjectIdentifier id_pkix_ocsp_pref_sig_algs = id_pkix_ocsp.branch("8"); + + static final ASN1ObjectIdentifier id_pkix_ocsp_extended_revoke = id_pkix_ocsp.branch("9"); } diff --git a/bcprov/src/main/java/org/bouncycastle/asn1/ocsp/ResponseData.java b/bcprov/src/main/java/org/bouncycastle/asn1/ocsp/ResponseData.java index e2a9f955..6874b227 100644 --- a/bcprov/src/main/java/org/bouncycastle/asn1/ocsp/ResponseData.java +++ b/bcprov/src/main/java/org/bouncycastle/asn1/ocsp/ResponseData.java @@ -7,7 +7,6 @@ import org.bouncycastle.asn1.ASN1Object; import org.bouncycastle.asn1.ASN1Primitive; import org.bouncycastle.asn1.ASN1Sequence; import org.bouncycastle.asn1.ASN1TaggedObject; -import org.bouncycastle.asn1.DERGeneralizedTime; import org.bouncycastle.asn1.DERSequence; import org.bouncycastle.asn1.DERTaggedObject; import org.bouncycastle.asn1.x509.Extensions; @@ -49,7 +48,7 @@ public class ResponseData */ public ResponseData( ResponderID responderID, - DERGeneralizedTime producedAt, + ASN1GeneralizedTime producedAt, ASN1Sequence responses, X509Extensions responseExtensions) { diff --git a/bcprov/src/main/java/org/bouncycastle/asn1/ocsp/SingleResponse.java b/bcprov/src/main/java/org/bouncycastle/asn1/ocsp/SingleResponse.java index ca5a5c42..0dc2a91c 100644 --- a/bcprov/src/main/java/org/bouncycastle/asn1/ocsp/SingleResponse.java +++ b/bcprov/src/main/java/org/bouncycastle/asn1/ocsp/SingleResponse.java @@ -6,7 +6,6 @@ import org.bouncycastle.asn1.ASN1Object; import org.bouncycastle.asn1.ASN1Primitive; import org.bouncycastle.asn1.ASN1Sequence; import org.bouncycastle.asn1.ASN1TaggedObject; -import org.bouncycastle.asn1.DERGeneralizedTime; import org.bouncycastle.asn1.DERSequence; import org.bouncycastle.asn1.DERTaggedObject; import org.bouncycastle.asn1.x509.Extensions; @@ -32,31 +31,13 @@ public class SingleResponse public SingleResponse( CertID certID, CertStatus certStatus, - DERGeneralizedTime thisUpdate, - DERGeneralizedTime nextUpdate, + ASN1GeneralizedTime thisUpdate, + ASN1GeneralizedTime nextUpdate, X509Extensions singleExtensions) { this(certID, certStatus, thisUpdate, nextUpdate, Extensions.getInstance(singleExtensions)); } - /** - * @deprecated use method taking ASN1GeneralizedTime and Extensions - * @param certID - * @param certStatus - * @param thisUpdate - * @param nextUpdate - * @param singleExtensions - */ - public SingleResponse( - CertID certID, - CertStatus certStatus, - DERGeneralizedTime thisUpdate, - DERGeneralizedTime nextUpdate, - Extensions singleExtensions) - { - this(certID, certStatus, ASN1GeneralizedTime.getInstance(thisUpdate), ASN1GeneralizedTime.getInstance(nextUpdate), Extensions.getInstance(singleExtensions)); - } - public SingleResponse( CertID certID, CertStatus certStatus, diff --git a/bcprov/src/main/java/org/bouncycastle/asn1/ocsp/package.html b/bcprov/src/main/java/org/bouncycastle/asn1/ocsp/package.html new file mode 100644 index 00000000..22c560d2 --- /dev/null +++ b/bcprov/src/main/java/org/bouncycastle/asn1/ocsp/package.html @@ -0,0 +1,5 @@ +<html> +<body bgcolor="#ffffff"> +Support classes useful for encoding and supporting OCSP objects. +</body> +</html> diff --git a/bcprov/src/main/java/org/bouncycastle/asn1/oiw/ElGamalParameter.java b/bcprov/src/main/java/org/bouncycastle/asn1/oiw/ElGamalParameter.java index c6a2965b..d654d032 100644 --- a/bcprov/src/main/java/org/bouncycastle/asn1/oiw/ElGamalParameter.java +++ b/bcprov/src/main/java/org/bouncycastle/asn1/oiw/ElGamalParameter.java @@ -23,7 +23,7 @@ public class ElGamalParameter this.g = new ASN1Integer(g); } - public ElGamalParameter( + private ElGamalParameter( ASN1Sequence seq) { Enumeration e = seq.getObjects(); @@ -32,6 +32,20 @@ public class ElGamalParameter g = (ASN1Integer)e.nextElement(); } + public static ElGamalParameter getInstance(Object o) + { + if (o instanceof ElGamalParameter) + { + return (ElGamalParameter)o; + } + else if (o != null) + { + return new ElGamalParameter(ASN1Sequence.getInstance(o)); + } + + return null; + } + public BigInteger getP() { return p.getPositiveValue(); diff --git a/bcprov/src/main/java/org/bouncycastle/asn1/oiw/package.html b/bcprov/src/main/java/org/bouncycastle/asn1/oiw/package.html new file mode 100644 index 00000000..44eb2fe8 --- /dev/null +++ b/bcprov/src/main/java/org/bouncycastle/asn1/oiw/package.html @@ -0,0 +1,5 @@ +<html> +<body bgcolor="#ffffff"> +Objects and OID for the support of ISO OIW. +</body> +</html> diff --git a/bcprov/src/main/java/org/bouncycastle/asn1/package.html b/bcprov/src/main/java/org/bouncycastle/asn1/package.html new file mode 100644 index 00000000..1ac16a55 --- /dev/null +++ b/bcprov/src/main/java/org/bouncycastle/asn1/package.html @@ -0,0 +1,5 @@ +<html> +<body bgcolor="#ffffff"> +A library for parsing and writing ASN.1 objects. Support is provided for DER and BER encoding. +</body> +</html> diff --git a/bcprov/src/main/java/org/bouncycastle/asn1/pkcs/CRLBag.java b/bcprov/src/main/java/org/bouncycastle/asn1/pkcs/CRLBag.java index b91c1a59..06208731 100644 --- a/bcprov/src/main/java/org/bouncycastle/asn1/pkcs/CRLBag.java +++ b/bcprov/src/main/java/org/bouncycastle/asn1/pkcs/CRLBag.java @@ -56,19 +56,19 @@ public class CRLBag /** * <pre> - CRLBag ::= SEQUENCE { - crlId BAG-TYPE.&id ({CRLTypes}), - crlValue [0] EXPLICIT BAG-TYPE.&Type ({CRLTypes}{@crlId}) - } - - x509CRL BAG-TYPE ::= {OCTET STRING IDENTIFIED BY {certTypes 1} - -- DER-encoded X.509 CRL stored in OCTET STRING - - CRLTypes BAG-TYPE ::= { - x509CRL, - ... -- For future extensions - } - </pre> + * CRLBag ::= SEQUENCE { + * crlId BAG-TYPE.&id ({CRLTypes}), + * crlValue [0] EXPLICIT BAG-TYPE.&Type ({CRLTypes}{@crlId}) + * } + * + * x509CRL BAG-TYPE ::= {OCTET STRING IDENTIFIED BY {certTypes 1} + * -- DER-encoded X.509 CRL stored in OCTET STRING + * + * CRLTypes BAG-TYPE ::= { + * x509CRL, + * ... -- For future extensions + * } + * </pre> */ public ASN1Primitive toASN1Primitive() { diff --git a/bcprov/src/main/java/org/bouncycastle/asn1/pkcs/CertificationRequestInfo.java b/bcprov/src/main/java/org/bouncycastle/asn1/pkcs/CertificationRequestInfo.java index c9c14fe4..fb418aeb 100644 --- a/bcprov/src/main/java/org/bouncycastle/asn1/pkcs/CertificationRequestInfo.java +++ b/bcprov/src/main/java/org/bouncycastle/asn1/pkcs/CertificationRequestInfo.java @@ -25,8 +25,8 @@ import org.bouncycastle.asn1.x509.X509Name; * Attributes { ATTRIBUTE:IOSet } ::= SET OF Attribute{{ IOSet }} * * Attribute { ATTRIBUTE:IOSet } ::= SEQUENCE { - * type ATTRIBUTE.&id({IOSet}), - * values SET SIZE(1..MAX) OF ATTRIBUTE.&Type({IOSet}{\@type}) + * type ATTRIBUTE.&id({IOSet}), + * values SET SIZE(1..MAX) OF ATTRIBUTE.&Type({IOSet}{\@type}) * } * </pre> */ @@ -67,18 +67,18 @@ public class CertificationRequestInfo * @param attributes any attributes to be associated with the request. */ public CertificationRequestInfo( - X500Name subject, + X500Name subject, SubjectPublicKeyInfo pkInfo, ASN1Set attributes) { - this.subject = subject; - this.subjectPKInfo = pkInfo; - this.attributes = attributes; - - if ((subject == null) || (version == null) || (subjectPKInfo == null)) + if ((subject == null) || (pkInfo == null)) { throw new IllegalArgumentException("Not all mandatory fields set in CertificationRequestInfo generator."); } + + this.subject = subject; + this.subjectPKInfo = pkInfo; + this.attributes = attributes; } /** @@ -89,14 +89,14 @@ public class CertificationRequestInfo SubjectPublicKeyInfo pkInfo, ASN1Set attributes) { - this.subject = X500Name.getInstance(subject.toASN1Primitive()); - this.subjectPKInfo = pkInfo; - this.attributes = attributes; - - if ((subject == null) || (version == null) || (subjectPKInfo == null)) + if ((subject == null) || (pkInfo == null)) { throw new IllegalArgumentException("Not all mandatory fields set in CertificationRequestInfo generator."); } + + this.subject = X500Name.getInstance(subject.toASN1Primitive()); + this.subjectPKInfo = pkInfo; + this.attributes = attributes; } /** diff --git a/bcprov/src/main/java/org/bouncycastle/asn1/pkcs/EncryptionScheme.java b/bcprov/src/main/java/org/bouncycastle/asn1/pkcs/EncryptionScheme.java index c885a6c6..848f4fcf 100644 --- a/bcprov/src/main/java/org/bouncycastle/asn1/pkcs/EncryptionScheme.java +++ b/bcprov/src/main/java/org/bouncycastle/asn1/pkcs/EncryptionScheme.java @@ -25,7 +25,7 @@ public class EncryptionScheme this.algId = AlgorithmIdentifier.getInstance(seq); } - public static final EncryptionScheme getInstance(Object obj) + public static EncryptionScheme getInstance(Object obj) { if (obj instanceof EncryptionScheme) { diff --git a/bcprov/src/main/java/org/bouncycastle/asn1/pkcs/KeyDerivationFunc.java b/bcprov/src/main/java/org/bouncycastle/asn1/pkcs/KeyDerivationFunc.java index 3b408362..83804f38 100644 --- a/bcprov/src/main/java/org/bouncycastle/asn1/pkcs/KeyDerivationFunc.java +++ b/bcprov/src/main/java/org/bouncycastle/asn1/pkcs/KeyDerivationFunc.java @@ -25,7 +25,7 @@ public class KeyDerivationFunc this.algId = AlgorithmIdentifier.getInstance(seq); } - public static final KeyDerivationFunc getInstance(Object obj) + public static KeyDerivationFunc getInstance(Object obj) { if (obj instanceof KeyDerivationFunc) { diff --git a/bcprov/src/main/java/org/bouncycastle/asn1/pkcs/PrivateKeyInfo.java b/bcprov/src/main/java/org/bouncycastle/asn1/pkcs/PrivateKeyInfo.java index dad86502..7f02e709 100644 --- a/bcprov/src/main/java/org/bouncycastle/asn1/pkcs/PrivateKeyInfo.java +++ b/bcprov/src/main/java/org/bouncycastle/asn1/pkcs/PrivateKeyInfo.java @@ -68,7 +68,7 @@ public class PrivateKeyInfo } /** - * @deprectaed use PrivateKeyInfo.getInstance() + * @deprecated use PrivateKeyInfo.getInstance() * @param seq */ public PrivateKeyInfo( diff --git a/bcprov/src/main/java/org/bouncycastle/asn1/pkcs/package.html b/bcprov/src/main/java/org/bouncycastle/asn1/pkcs/package.html new file mode 100644 index 00000000..ab800f44 --- /dev/null +++ b/bcprov/src/main/java/org/bouncycastle/asn1/pkcs/package.html @@ -0,0 +1,5 @@ +<html> +<body bgcolor="#ffffff"> +Support classes useful for encoding and supporting the various RSA PKCS documents. +</body> +</html> diff --git a/bcprov/src/main/java/org/bouncycastle/asn1/sec/ECPrivateKey.java b/bcprov/src/main/java/org/bouncycastle/asn1/sec/ECPrivateKey.java index df2238a3..269466dc 100644 --- a/bcprov/src/main/java/org/bouncycastle/asn1/sec/ECPrivateKey.java +++ b/bcprov/src/main/java/org/bouncycastle/asn1/sec/ECPrivateKey.java @@ -47,10 +47,26 @@ public class ECPrivateKey return null; } + /** + * @deprecated use constructor which takes orderBitLength to guarantee correct encoding. + */ public ECPrivateKey( BigInteger key) { - byte[] bytes = BigIntegers.asUnsignedByteArray(key); + this(key.bitLength(), key); + } + + /** + * Base constructor. + * + * @param orderBitLength the bitLength of the order of the curve. + * @param key the private key value. + */ + public ECPrivateKey( + int orderBitLength, + BigInteger key) + { + byte[] bytes = BigIntegers.asUnsignedByteArray((orderBitLength + 7) / 8, key); ASN1EncodableVector v = new ASN1EncodableVector(); @@ -60,6 +76,9 @@ public class ECPrivateKey seq = new DERSequence(v); } + /** + * @deprecated use constructor which takes orderBitLength to guarantee correct encoding. + */ public ECPrivateKey( BigInteger key, ASN1Encodable parameters) @@ -67,12 +86,32 @@ public class ECPrivateKey this(key, null, parameters); } + /** + * @deprecated use constructor which takes orderBitLength to guarantee correct encoding. + */ + public ECPrivateKey( + BigInteger key, + DERBitString publicKey, + ASN1Encodable parameters) + { + this(key.bitLength(), key, publicKey, parameters); + } + + public ECPrivateKey( + int orderBitLength, + BigInteger key, + ASN1Encodable parameters) + { + this(orderBitLength, key, null, parameters); + } + public ECPrivateKey( + int orderBitLength, BigInteger key, DERBitString publicKey, ASN1Encodable parameters) { - byte[] bytes = BigIntegers.asUnsignedByteArray(key); + byte[] bytes = BigIntegers.asUnsignedByteArray((orderBitLength + 7) / 8, key); ASN1EncodableVector v = new ASN1EncodableVector(); diff --git a/bcprov/src/main/java/org/bouncycastle/asn1/sec/SECNamedCurves.java b/bcprov/src/main/java/org/bouncycastle/asn1/sec/SECNamedCurves.java index 50a7a63f..ed7a8d82 100644 --- a/bcprov/src/main/java/org/bouncycastle/asn1/sec/SECNamedCurves.java +++ b/bcprov/src/main/java/org/bouncycastle/asn1/sec/SECNamedCurves.java @@ -10,6 +10,8 @@ import org.bouncycastle.asn1.x9.X9ECParametersHolder; import org.bouncycastle.math.ec.ECConstants; import org.bouncycastle.math.ec.ECCurve; import org.bouncycastle.math.ec.ECPoint; +import org.bouncycastle.math.ec.endo.GLVTypeBEndomorphism; +import org.bouncycastle.math.ec.endo.GLVTypeBParameters; import org.bouncycastle.util.Strings; import org.bouncycastle.util.encoders.Hex; @@ -17,19 +19,14 @@ public class SECNamedCurves { private static ECCurve configureCurve(ECCurve curve) { -// int coord = ECCurve.COORD_JACOBIAN_MODIFIED; -// -// if (curve.getCoordinateSystem() != coord && curve.supportsCoordinateSystem(coord)) -// { -// return curve.configure() -// .setCoordinateSystem(coord) -//// .setMultiplier(new WNafL2RMultiplier()) -// .create(); -// } - return curve; } + private static ECCurve configureCurveGLV(ECCurve c, GLVTypeBParameters p) + { + return c.configure().setEndomorphism(new GLVTypeBEndomorphism(c, p)).create(); + } + private static BigInteger fromHex( String hex) { @@ -51,7 +48,7 @@ public class SECNamedCurves BigInteger n = fromHex("DB7C2ABF62E35E7628DFAC6561C5"); BigInteger h = BigInteger.valueOf(1); - ECCurve curve = configureCurve(new ECCurve.Fp(p, a, b)); + ECCurve curve = configureCurve(new ECCurve.Fp(p, a, b, n, h)); //ECPoint G = curve.decodePoint(Hex.decode("02" //+ "09487239995A5EE76B55F9C2F098")); ECPoint G = curve.decodePoint(Hex.decode("04" @@ -77,7 +74,7 @@ public class SECNamedCurves BigInteger n = fromHex("36DF0AAFD8B8D7597CA10520D04B"); BigInteger h = BigInteger.valueOf(4); - ECCurve curve = configureCurve(new ECCurve.Fp(p, a, b)); + ECCurve curve = configureCurve(new ECCurve.Fp(p, a, b, n, h)); //ECPoint G = curve.decodePoint(Hex.decode("03" //+ "4BA30AB5E892B4E1649DD0928643")); ECPoint G = curve.decodePoint(Hex.decode("04" @@ -103,7 +100,7 @@ public class SECNamedCurves BigInteger n = fromHex("FFFFFFFE0000000075A30D1B9038A115"); BigInteger h = BigInteger.valueOf(1); - ECCurve curve = configureCurve(new ECCurve.Fp(p, a, b)); + ECCurve curve = configureCurve(new ECCurve.Fp(p, a, b, n, h)); //ECPoint G = curve.decodePoint(Hex.decode("03" //+ "161FF7528B899B2D0C28607CA52C5B86")); ECPoint G = curve.decodePoint(Hex.decode("04" @@ -129,7 +126,7 @@ public class SECNamedCurves BigInteger n = fromHex("3FFFFFFF7FFFFFFFBE0024720613B5A3"); BigInteger h = BigInteger.valueOf(4); - ECCurve curve = configureCurve(new ECCurve.Fp(p, a, b)); + ECCurve curve = configureCurve(new ECCurve.Fp(p, a, b, n, h)); //ECPoint G = curve.decodePoint(Hex.decode("02" //+ "7B6AA5D85E572983E6FB32A7CDEBC140")); ECPoint G = curve.decodePoint(Hex.decode("04" @@ -155,7 +152,20 @@ public class SECNamedCurves BigInteger n = fromHex("0100000000000000000001B8FA16DFAB9ACA16B6B3"); BigInteger h = BigInteger.valueOf(1); - ECCurve curve = configureCurve(new ECCurve.Fp(p, a, b)); + GLVTypeBParameters glv = new GLVTypeBParameters( + new BigInteger("9ba48cba5ebcb9b6bd33b92830b2a2e0e192f10a", 16), + new BigInteger("c39c6c3b3a36d7701b9c71a1f5804ae5d0003f4", 16), + new BigInteger[]{ + new BigInteger("9162fbe73984472a0a9e", 16), + new BigInteger("-96341f1138933bc2f505", 16) }, + new BigInteger[]{ + new BigInteger("127971af8721782ecffa3", 16), + new BigInteger("9162fbe73984472a0a9e", 16) }, + new BigInteger("9162fbe73984472a0a9d0590", 16), + new BigInteger("96341f1138933bc2f503fd44", 16), + 176); + + ECCurve curve = configureCurveGLV(new ECCurve.Fp(p, a, b, n, h), glv); // ECPoint G = curve.decodePoint(Hex.decode("02" // + "3B4C382CE37AA192A4019E763036F4F5DD4D7EBB")); ECPoint G = curve.decodePoint(Hex.decode("04" @@ -181,7 +191,7 @@ public class SECNamedCurves BigInteger n = fromHex("0100000000000000000001F4C8F927AED3CA752257"); BigInteger h = BigInteger.valueOf(1); - ECCurve curve = configureCurve(new ECCurve.Fp(p, a, b)); + ECCurve curve = configureCurve(new ECCurve.Fp(p, a, b, n, h)); //ECPoint G = curve.decodePoint(Hex.decode("02" //+ "4A96B5688EF573284664698968C38BB913CBFC82")); ECPoint G = curve.decodePoint(Hex.decode("04" @@ -207,7 +217,7 @@ public class SECNamedCurves BigInteger n = fromHex("0100000000000000000000351EE786A818F3A1A16B"); BigInteger h = BigInteger.valueOf(1); - ECCurve curve = configureCurve(new ECCurve.Fp(p, a, b)); + ECCurve curve = configureCurve(new ECCurve.Fp(p, a, b, n, h)); //ECPoint G = curve.decodePoint(Hex.decode("02" //+ "52DCB034293A117E1F4FF11B30F7199D3144CE6D")); ECPoint G = curve.decodePoint(Hex.decode("04" @@ -233,7 +243,20 @@ public class SECNamedCurves BigInteger n = fromHex("FFFFFFFFFFFFFFFFFFFFFFFE26F2FC170F69466A74DEFD8D"); BigInteger h = BigInteger.valueOf(1); - ECCurve curve = configureCurve(new ECCurve.Fp(p, a, b)); + GLVTypeBParameters glv = new GLVTypeBParameters( + new BigInteger("bb85691939b869c1d087f601554b96b80cb4f55b35f433c2", 16), + new BigInteger("3d84f26c12238d7b4f3d516613c1759033b1a5800175d0b1", 16), + new BigInteger[]{ + new BigInteger("71169be7330b3038edb025f1", 16), + new BigInteger("-b3fb3400dec5c4adceb8655c", 16) }, + new BigInteger[]{ + new BigInteger("12511cfe811d0f4e6bc688b4d", 16), + new BigInteger("71169be7330b3038edb025f1", 16) }, + new BigInteger("71169be7330b3038edb025f1d0f9", 16), + new BigInteger("b3fb3400dec5c4adceb8655d4c94", 16), + 208); + + ECCurve curve = configureCurveGLV(new ECCurve.Fp(p, a, b, n, h), glv); //ECPoint G = curve.decodePoint(Hex.decode("03" //+ "DB4FF10EC057E9AE26B07D0280B7F4341DA5D1B1EAE06C7D")); ECPoint G = curve.decodePoint(Hex.decode("04" @@ -259,7 +282,7 @@ public class SECNamedCurves BigInteger n = fromHex("FFFFFFFFFFFFFFFFFFFFFFFF99DEF836146BC9B1B4D22831"); BigInteger h = BigInteger.valueOf(1); - ECCurve curve = configureCurve(new ECCurve.Fp(p, a, b)); + ECCurve curve = configureCurve(new ECCurve.Fp(p, a, b, n, h)); //ECPoint G = curve.decodePoint(Hex.decode("03" //+ "188DA80EB03090F67CBF20EB43A18800F4FF0AFD82FF1012")); ECPoint G = curve.decodePoint(Hex.decode("04" @@ -285,7 +308,20 @@ public class SECNamedCurves BigInteger n = fromHex("010000000000000000000000000001DCE8D2EC6184CAF0A971769FB1F7"); BigInteger h = BigInteger.valueOf(1); - ECCurve curve = configureCurve(new ECCurve.Fp(p, a, b)); + GLVTypeBParameters glv = new GLVTypeBParameters( + new BigInteger("fe0e87005b4e83761908c5131d552a850b3f58b749c37cf5b84d6768", 16), + new BigInteger("60dcd2104c4cbc0be6eeefc2bdd610739ec34e317f9b33046c9e4788", 16), + new BigInteger[]{ + new BigInteger("6b8cf07d4ca75c88957d9d670591", 16), + new BigInteger("-b8adf1378a6eb73409fa6c9c637d", 16) }, + new BigInteger[]{ + new BigInteger("1243ae1b4d71613bc9f780a03690e", 16), + new BigInteger("6b8cf07d4ca75c88957d9d670591", 16) }, + new BigInteger("6b8cf07d4ca75c88957d9d67059037a4", 16), + new BigInteger("b8adf1378a6eb73409fa6c9c637ba7f5", 16), + 240); + + ECCurve curve = configureCurveGLV(new ECCurve.Fp(p, a, b, n, h), glv); //ECPoint G = curve.decodePoint(Hex.decode("03" //+ "A1455B334DF099DF30FC28A169A467E9E47075A90F7E650EB6B7A45C")); ECPoint G = curve.decodePoint(Hex.decode("04" @@ -311,7 +347,7 @@ public class SECNamedCurves BigInteger n = fromHex("FFFFFFFFFFFFFFFFFFFFFFFFFFFF16A2E0B8F03E13DD29455C5C2A3D"); BigInteger h = BigInteger.valueOf(1); - ECCurve curve = configureCurve(new ECCurve.Fp(p, a, b)); + ECCurve curve = configureCurve(new ECCurve.Fp(p, a, b, n, h)); //ECPoint G = curve.decodePoint(Hex.decode("02" //+ "B70E0CBD6BB4BF7F321390B94A03C1D356C21122343280D6115C1D21")); ECPoint G = curve.decodePoint(Hex.decode("04" @@ -337,7 +373,20 @@ public class SECNamedCurves BigInteger n = fromHex("FFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFEBAAEDCE6AF48A03BBFD25E8CD0364141"); BigInteger h = BigInteger.valueOf(1); - ECCurve curve = configureCurve(new ECCurve.Fp(p, a, b)); + GLVTypeBParameters glv = new GLVTypeBParameters( + new BigInteger("7ae96a2b657c07106e64479eac3434e99cf0497512f58995c1396c28719501ee", 16), + new BigInteger("5363ad4cc05c30e0a5261c028812645a122e22ea20816678df02967c1b23bd72", 16), + new BigInteger[]{ + new BigInteger("3086d221a7d46bcde86c90e49284eb15", 16), + new BigInteger("-e4437ed6010e88286f547fa90abfe4c3", 16) }, + new BigInteger[]{ + new BigInteger("114ca50f7a8e2f3f657c1108d9d44cfd8", 16), + new BigInteger("3086d221a7d46bcde86c90e49284eb15", 16) }, + new BigInteger("3086d221a7d46bcde86c90e49284eb153dab", 16), + new BigInteger("e4437ed6010e88286f547fa90abfe4c42212", 16), + 272); + + ECCurve curve = configureCurveGLV(new ECCurve.Fp(p, a, b, n, h), glv); //ECPoint G = curve.decodePoint(Hex.decode("02" //+ "79BE667EF9DCBBAC55A06295CE870B07029BFCDB2DCE28D959F2815B16F81798")); ECPoint G = curve.decodePoint(Hex.decode("04" @@ -363,7 +412,7 @@ public class SECNamedCurves BigInteger n = fromHex("FFFFFFFF00000000FFFFFFFFFFFFFFFFBCE6FAADA7179E84F3B9CAC2FC632551"); BigInteger h = BigInteger.valueOf(1); - ECCurve curve = configureCurve(new ECCurve.Fp(p, a, b)); + ECCurve curve = configureCurve(new ECCurve.Fp(p, a, b, n, h)); //ECPoint G = curve.decodePoint(Hex.decode("03" //+ "6B17D1F2E12C4247F8BCE6E563A440F277037D812DEB33A0F4A13945D898C296")); ECPoint G = curve.decodePoint(Hex.decode("04" @@ -389,7 +438,7 @@ public class SECNamedCurves BigInteger n = fromHex("FFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFC7634D81F4372DDF581A0DB248B0A77AECEC196ACCC52973"); BigInteger h = BigInteger.valueOf(1); - ECCurve curve = configureCurve(new ECCurve.Fp(p, a, b)); + ECCurve curve = configureCurve(new ECCurve.Fp(p, a, b, n, h)); //ECPoint G = curve.decodePoint(Hex.decode("03" //+ "AA87CA22BE8B05378EB1C71EF320AD746E1D3B628BA79B9859F741E082542A385502F25DBF55296C3A545E3872760AB7")); ECPoint G = curve.decodePoint(Hex.decode("04" @@ -415,7 +464,7 @@ public class SECNamedCurves BigInteger n = fromHex("01FFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFA51868783BF2F966B7FCC0148F709A5D03BB5C9B8899C47AEBB6FB71E91386409"); BigInteger h = BigInteger.valueOf(1); - ECCurve curve = configureCurve(new ECCurve.Fp(p, a, b)); + ECCurve curve = configureCurve(new ECCurve.Fp(p, a, b, n, h)); //ECPoint G = curve.decodePoint(Hex.decode("02" //+ "00C6858E06B70404E9CD9E3ECB662395B4429C648139053FB521F828AF606B4D3DBAA14B5E77EFE75928FE1DC127A2FFA8DE3348B3C1856A429BF97E7E31C2E5BD66")); diff --git a/bcprov/src/main/java/org/bouncycastle/asn1/sec/package.html b/bcprov/src/main/java/org/bouncycastle/asn1/sec/package.html new file mode 100644 index 00000000..5e34dec4 --- /dev/null +++ b/bcprov/src/main/java/org/bouncycastle/asn1/sec/package.html @@ -0,0 +1,5 @@ +<html> +<body bgcolor="#ffffff"> +Classes for support of the SEC standard for Elliptic Curve. +</body> +</html> diff --git a/bcprov/src/main/java/org/bouncycastle/asn1/smime/package.html b/bcprov/src/main/java/org/bouncycastle/asn1/smime/package.html new file mode 100644 index 00000000..d527abad --- /dev/null +++ b/bcprov/src/main/java/org/bouncycastle/asn1/smime/package.html @@ -0,0 +1,5 @@ +<html> +<body bgcolor="#ffffff"> +Support classes useful for encoding and supporting S/MIME. +</body> +</html> diff --git a/bcprov/src/main/java/org/bouncycastle/asn1/teletrust/TeleTrusTNamedCurves.java b/bcprov/src/main/java/org/bouncycastle/asn1/teletrust/TeleTrusTNamedCurves.java index ba2f19e4..9420c3ce 100644 --- a/bcprov/src/main/java/org/bouncycastle/asn1/teletrust/TeleTrusTNamedCurves.java +++ b/bcprov/src/main/java/org/bouncycastle/asn1/teletrust/TeleTrusTNamedCurves.java @@ -26,16 +26,19 @@ public class TeleTrusTNamedCurves { protected X9ECParameters createParameters() { + BigInteger n = new BigInteger("E95E4A5F737059DC60DF5991D45029409E60FC09", 16); + BigInteger h = new BigInteger("01", 16); + ECCurve curve = configureCurve(new ECCurve.Fp( new BigInteger("E95E4A5F737059DC60DFC7AD95B3D8139515620F", 16), // q new BigInteger("340E7BE2A280EB74E2BE61BADA745D97E8F7C300", 16), // a - new BigInteger("1E589A8595423412134FAA2DBDEC95C8D8675E58", 16))); // b + new BigInteger("1E589A8595423412134FAA2DBDEC95C8D8675E58", 16), // b + n, h)); return new X9ECParameters( curve, curve.decodePoint(Hex.decode("04BED5AF16EA3F6A4F62938C4631EB5AF7BDBCDBC31667CB477A1A8EC338F94741669C976316DA6321")), // G - new BigInteger("E95E4A5F737059DC60DF5991D45029409E60FC09", 16), //n - new BigInteger("01", 16)); // h + n, h); } }; @@ -43,17 +46,20 @@ public class TeleTrusTNamedCurves { protected X9ECParameters createParameters() { + BigInteger n = new BigInteger("E95E4A5F737059DC60DF5991D45029409E60FC09", 16); + BigInteger h = new BigInteger("01", 16); + ECCurve curve = configureCurve(new ECCurve.Fp( // new BigInteger("24DBFF5DEC9B986BBFE5295A29BFBAE45E0F5D0B", 16), // Z new BigInteger("E95E4A5F737059DC60DFC7AD95B3D8139515620F", 16), // q new BigInteger("E95E4A5F737059DC60DFC7AD95B3D8139515620C", 16), // a' - new BigInteger("7A556B6DAE535B7B51ED2C4D7DAA7A0B5C55F380", 16))); // b' + new BigInteger("7A556B6DAE535B7B51ED2C4D7DAA7A0B5C55F380", 16), // b' + n, h)); return new X9ECParameters( curve, curve.decodePoint(Hex.decode("04B199B13B9B34EFC1397E64BAEB05ACC265FF2378ADD6718B7C7C1961F0991B842443772152C9E0AD")), // G - new BigInteger("E95E4A5F737059DC60DF5991D45029409E60FC09", 16), //n - new BigInteger("01", 16)); // h + n, h); } }; @@ -61,16 +67,19 @@ public class TeleTrusTNamedCurves { protected X9ECParameters createParameters() { + BigInteger n = new BigInteger("C302F41D932A36CDA7A3462F9E9E916B5BE8F1029AC4ACC1", 16); + BigInteger h = new BigInteger("01", 16); + ECCurve curve = configureCurve(new ECCurve.Fp( new BigInteger("C302F41D932A36CDA7A3463093D18DB78FCE476DE1A86297", 16), // q new BigInteger("6A91174076B1E0E19C39C031FE8685C1CAE040E5C69A28EF", 16), // a - new BigInteger("469A28EF7C28CCA3DC721D044F4496BCCA7EF4146FBF25C9", 16))); // b + new BigInteger("469A28EF7C28CCA3DC721D044F4496BCCA7EF4146FBF25C9", 16), // b + n, h)); return new X9ECParameters( curve, curve.decodePoint(Hex.decode("04C0A0647EAAB6A48753B033C56CB0F0900A2F5C4853375FD614B690866ABD5BB88B5F4828C1490002E6773FA2FA299B8F")), // G - new BigInteger("C302F41D932A36CDA7A3462F9E9E916B5BE8F1029AC4ACC1", 16), //n - new BigInteger("01", 16)); // h + n, h); } }; @@ -78,17 +87,20 @@ public class TeleTrusTNamedCurves { protected X9ECParameters createParameters() { + BigInteger n = new BigInteger("C302F41D932A36CDA7A3462F9E9E916B5BE8F1029AC4ACC1", 16); + BigInteger h = new BigInteger("01", 16); + ECCurve curve = configureCurve(new ECCurve.Fp( //new BigInteger("1B6F5CC8DB4DC7AF19458A9CB80DC2295E5EB9C3732104CB") //Z new BigInteger("C302F41D932A36CDA7A3463093D18DB78FCE476DE1A86297", 16), // q new BigInteger("C302F41D932A36CDA7A3463093D18DB78FCE476DE1A86294", 16), // a' - new BigInteger("13D56FFAEC78681E68F9DEB43B35BEC2FB68542E27897B79", 16))); // b' + new BigInteger("13D56FFAEC78681E68F9DEB43B35BEC2FB68542E27897B79", 16), // b' + n, h)); return new X9ECParameters( curve, curve.decodePoint(Hex.decode("043AE9E58C82F63C30282E1FE7BBF43FA72C446AF6F4618129097E2C5667C2223A902AB5CA449D0084B7E5B3DE7CCC01C9")), // G' - new BigInteger("C302F41D932A36CDA7A3462F9E9E916B5BE8F1029AC4ACC1", 16), //n - new BigInteger("01", 16)); // h + n, h); } }; @@ -96,165 +108,195 @@ public class TeleTrusTNamedCurves { protected X9ECParameters createParameters() { + BigInteger n = new BigInteger("D7C134AA264366862A18302575D0FB98D116BC4B6DDEBCA3A5A7939F", 16); + BigInteger h = new BigInteger("01", 16); + ECCurve curve = configureCurve(new ECCurve.Fp( new BigInteger("D7C134AA264366862A18302575D1D787B09F075797DA89F57EC8C0FF", 16), // q new BigInteger("68A5E62CA9CE6C1C299803A6C1530B514E182AD8B0042A59CAD29F43", 16), // a - new BigInteger("2580F63CCFE44138870713B1A92369E33E2135D266DBB372386C400B", 16))); // b + new BigInteger("2580F63CCFE44138870713B1A92369E33E2135D266DBB372386C400B", 16), // b + n, h)); return new X9ECParameters( curve, curve.decodePoint(Hex.decode("040D9029AD2C7E5CF4340823B2A87DC68C9E4CE3174C1E6EFDEE12C07D58AA56F772C0726F24C6B89E4ECDAC24354B9E99CAA3F6D3761402CD")), // G - new BigInteger("D7C134AA264366862A18302575D0FB98D116BC4B6DDEBCA3A5A7939F", 16), //n - new BigInteger("01", 16)); // n + n, h); } }; static X9ECParametersHolder brainpoolP224t1 = new X9ECParametersHolder() { protected X9ECParameters createParameters() { + BigInteger n = new BigInteger("D7C134AA264366862A18302575D0FB98D116BC4B6DDEBCA3A5A7939F", 16); + BigInteger h = new BigInteger("01", 16); + ECCurve curve = configureCurve(new ECCurve.Fp( //new BigInteger("2DF271E14427A346910CF7A2E6CFA7B3F484E5C2CCE1C8B730E28B3F") //Z new BigInteger("D7C134AA264366862A18302575D1D787B09F075797DA89F57EC8C0FF", 16), // q new BigInteger("D7C134AA264366862A18302575D1D787B09F075797DA89F57EC8C0FC", 16), // a' - new BigInteger("4B337D934104CD7BEF271BF60CED1ED20DA14C08B3BB64F18A60888D", 16))); // b' + new BigInteger("4B337D934104CD7BEF271BF60CED1ED20DA14C08B3BB64F18A60888D", 16), // b' + n, h)); return new X9ECParameters( curve, curve.decodePoint(Hex.decode("046AB1E344CE25FF3896424E7FFE14762ECB49F8928AC0C76029B4D5800374E9F5143E568CD23F3F4D7C0D4B1E41C8CC0D1C6ABD5F1A46DB4C")), // G' - new BigInteger("D7C134AA264366862A18302575D0FB98D116BC4B6DDEBCA3A5A7939F", 16), //n - new BigInteger("01", 16)); // h + n, h); } }; static X9ECParametersHolder brainpoolP256r1 = new X9ECParametersHolder() { protected X9ECParameters createParameters() { + BigInteger n = new BigInteger("A9FB57DBA1EEA9BC3E660A909D838D718C397AA3B561A6F7901E0E82974856A7", 16); + BigInteger h = new BigInteger("01", 16); + ECCurve curve = configureCurve(new ECCurve.Fp( new BigInteger("A9FB57DBA1EEA9BC3E660A909D838D726E3BF623D52620282013481D1F6E5377", 16), // q new BigInteger("7D5A0975FC2C3057EEF67530417AFFE7FB8055C126DC5C6CE94A4B44F330B5D9", 16), // a - new BigInteger("26DC5C6CE94A4B44F330B5D9BBD77CBF958416295CF7E1CE6BCCDC18FF8C07B6", 16))); // b + new BigInteger("26DC5C6CE94A4B44F330B5D9BBD77CBF958416295CF7E1CE6BCCDC18FF8C07B6", 16), // b + n, h)); return new X9ECParameters( curve, curve.decodePoint(Hex.decode("048BD2AEB9CB7E57CB2C4B482FFC81B7AFB9DE27E1E3BD23C23A4453BD9ACE3262547EF835C3DAC4FD97F8461A14611DC9C27745132DED8E545C1D54C72F046997")), // G - new BigInteger("A9FB57DBA1EEA9BC3E660A909D838D718C397AA3B561A6F7901E0E82974856A7", 16), //n - new BigInteger("01", 16)); // h + n, h); } }; static X9ECParametersHolder brainpoolP256t1 = new X9ECParametersHolder() { protected X9ECParameters createParameters() { + BigInteger n = new BigInteger("A9FB57DBA1EEA9BC3E660A909D838D718C397AA3B561A6F7901E0E82974856A7", 16); + BigInteger h = new BigInteger("01", 16); + ECCurve curve = configureCurve(new ECCurve.Fp( //new BigInteger("3E2D4BD9597B58639AE7AA669CAB9837CF5CF20A2C852D10F655668DFC150EF0") //Z new BigInteger("A9FB57DBA1EEA9BC3E660A909D838D726E3BF623D52620282013481D1F6E5377", 16), // q new BigInteger("A9FB57DBA1EEA9BC3E660A909D838D726E3BF623D52620282013481D1F6E5374", 16), // a' - new BigInteger("662C61C430D84EA4FE66A7733D0B76B7BF93EBC4AF2F49256AE58101FEE92B04", 16))); // b' + new BigInteger("662C61C430D84EA4FE66A7733D0B76B7BF93EBC4AF2F49256AE58101FEE92B04", 16), // b' + n, h)); return new X9ECParameters( curve, curve.decodePoint(Hex.decode("04A3E8EB3CC1CFE7B7732213B23A656149AFA142C47AAFBC2B79A191562E1305F42D996C823439C56D7F7B22E14644417E69BCB6DE39D027001DABE8F35B25C9BE")), // G' - new BigInteger("A9FB57DBA1EEA9BC3E660A909D838D718C397AA3B561A6F7901E0E82974856A7", 16), //n - new BigInteger("01", 16)); // h + n, h); } }; static X9ECParametersHolder brainpoolP320r1 = new X9ECParametersHolder() { protected X9ECParameters createParameters() { + BigInteger n = new BigInteger("D35E472036BC4FB7E13C785ED201E065F98FCFA5B68F12A32D482EC7EE8658E98691555B44C59311", 16); + BigInteger h = new BigInteger("01", 16); + ECCurve curve = configureCurve(new ECCurve.Fp( new BigInteger("D35E472036BC4FB7E13C785ED201E065F98FCFA6F6F40DEF4F92B9EC7893EC28FCD412B1F1B32E27", 16), // q new BigInteger("3EE30B568FBAB0F883CCEBD46D3F3BB8A2A73513F5EB79DA66190EB085FFA9F492F375A97D860EB4", 16), // a - new BigInteger("520883949DFDBC42D3AD198640688A6FE13F41349554B49ACC31DCCD884539816F5EB4AC8FB1F1A6", 16))); // b + new BigInteger("520883949DFDBC42D3AD198640688A6FE13F41349554B49ACC31DCCD884539816F5EB4AC8FB1F1A6", 16), // b + n, h)); return new X9ECParameters( curve, curve.decodePoint(Hex.decode("0443BD7E9AFB53D8B85289BCC48EE5BFE6F20137D10A087EB6E7871E2A10A599C710AF8D0D39E2061114FDD05545EC1CC8AB4093247F77275E0743FFED117182EAA9C77877AAAC6AC7D35245D1692E8EE1")), // G - new BigInteger("D35E472036BC4FB7E13C785ED201E065F98FCFA5B68F12A32D482EC7EE8658E98691555B44C59311", 16), //n - new BigInteger("01", 16)); // h + n, h); } }; static X9ECParametersHolder brainpoolP320t1 = new X9ECParametersHolder() { protected X9ECParameters createParameters() { + BigInteger n = new BigInteger("D35E472036BC4FB7E13C785ED201E065F98FCFA5B68F12A32D482EC7EE8658E98691555B44C59311", 16); + BigInteger h = new BigInteger("01", 16); + ECCurve curve = configureCurve(new ECCurve.Fp( //new BigInteger("15F75CAF668077F7E85B42EB01F0A81FF56ECD6191D55CB82B7D861458A18FEFC3E5AB7496F3C7B1") //Z new BigInteger("D35E472036BC4FB7E13C785ED201E065F98FCFA6F6F40DEF4F92B9EC7893EC28FCD412B1F1B32E27", 16), // q new BigInteger("D35E472036BC4FB7E13C785ED201E065F98FCFA6F6F40DEF4F92B9EC7893EC28FCD412B1F1B32E24", 16), // a' - new BigInteger("A7F561E038EB1ED560B3D147DB782013064C19F27ED27C6780AAF77FB8A547CEB5B4FEF422340353", 16))); // b' + new BigInteger("A7F561E038EB1ED560B3D147DB782013064C19F27ED27C6780AAF77FB8A547CEB5B4FEF422340353", 16), // b' + n, h)); return new X9ECParameters( curve, curve.decodePoint(Hex.decode("04925BE9FB01AFC6FB4D3E7D4990010F813408AB106C4F09CB7EE07868CC136FFF3357F624A21BED5263BA3A7A27483EBF6671DBEF7ABB30EBEE084E58A0B077AD42A5A0989D1EE71B1B9BC0455FB0D2C3")), // G' - new BigInteger("D35E472036BC4FB7E13C785ED201E065F98FCFA5B68F12A32D482EC7EE8658E98691555B44C59311", 16), //n - new BigInteger("01", 16)); // h + n, h); } }; static X9ECParametersHolder brainpoolP384r1 = new X9ECParametersHolder() { protected X9ECParameters createParameters() { + BigInteger n = new BigInteger("8CB91E82A3386D280F5D6F7E50E641DF152F7109ED5456B31F166E6CAC0425A7CF3AB6AF6B7FC3103B883202E9046565", 16); + BigInteger h = new BigInteger("01", 16); + ECCurve curve = configureCurve(new ECCurve.Fp( new BigInteger("8CB91E82A3386D280F5D6F7E50E641DF152F7109ED5456B412B1DA197FB71123ACD3A729901D1A71874700133107EC53", 16), // q new BigInteger("7BC382C63D8C150C3C72080ACE05AFA0C2BEA28E4FB22787139165EFBA91F90F8AA5814A503AD4EB04A8C7DD22CE2826", 16), // a - new BigInteger("4A8C7DD22CE28268B39B55416F0447C2FB77DE107DCD2A62E880EA53EEB62D57CB4390295DBC9943AB78696FA504C11", 16))); // b + new BigInteger("4A8C7DD22CE28268B39B55416F0447C2FB77DE107DCD2A62E880EA53EEB62D57CB4390295DBC9943AB78696FA504C11", 16), // b + n, h)); return new X9ECParameters( curve, curve.decodePoint(Hex.decode("041D1C64F068CF45FFA2A63A81B7C13F6B8847A3E77EF14FE3DB7FCAFE0CBD10E8E826E03436D646AAEF87B2E247D4AF1E8ABE1D7520F9C2A45CB1EB8E95CFD55262B70B29FEEC5864E19C054FF99129280E4646217791811142820341263C5315")), // G - new BigInteger("8CB91E82A3386D280F5D6F7E50E641DF152F7109ED5456B31F166E6CAC0425A7CF3AB6AF6B7FC3103B883202E9046565", 16), //n - new BigInteger("01", 16)); // h + n, h); } }; static X9ECParametersHolder brainpoolP384t1 = new X9ECParametersHolder() { protected X9ECParameters createParameters() { + BigInteger n = new BigInteger("8CB91E82A3386D280F5D6F7E50E641DF152F7109ED5456B31F166E6CAC0425A7CF3AB6AF6B7FC3103B883202E9046565", 16); + BigInteger h = new BigInteger("01", 16); + ECCurve curve = configureCurve(new ECCurve.Fp( //new BigInteger("41DFE8DD399331F7166A66076734A89CD0D2BCDB7D068E44E1F378F41ECBAE97D2D63DBC87BCCDDCCC5DA39E8589291C") //Z new BigInteger("8CB91E82A3386D280F5D6F7E50E641DF152F7109ED5456B412B1DA197FB71123ACD3A729901D1A71874700133107EC53", 16), // q new BigInteger("8CB91E82A3386D280F5D6F7E50E641DF152F7109ED5456B412B1DA197FB71123ACD3A729901D1A71874700133107EC50", 16), // a' - new BigInteger("7F519EADA7BDA81BD826DBA647910F8C4B9346ED8CCDC64E4B1ABD11756DCE1D2074AA263B88805CED70355A33B471EE", 16))); // b' + new BigInteger("7F519EADA7BDA81BD826DBA647910F8C4B9346ED8CCDC64E4B1ABD11756DCE1D2074AA263B88805CED70355A33B471EE", 16), // b' + n, h)); return new X9ECParameters( curve, curve.decodePoint(Hex.decode("0418DE98B02DB9A306F2AFCD7235F72A819B80AB12EBD653172476FECD462AABFFC4FF191B946A5F54D8D0AA2F418808CC25AB056962D30651A114AFD2755AD336747F93475B7A1FCA3B88F2B6A208CCFE469408584DC2B2912675BF5B9E582928")), // G' - new BigInteger("8CB91E82A3386D280F5D6F7E50E641DF152F7109ED5456B31F166E6CAC0425A7CF3AB6AF6B7FC3103B883202E9046565", 16), //n - new BigInteger("01", 16)); // h + n, h); } }; static X9ECParametersHolder brainpoolP512r1 = new X9ECParametersHolder() { protected X9ECParameters createParameters() { + BigInteger n = new BigInteger("AADD9DB8DBE9C48B3FD4E6AE33C9FC07CB308DB3B3C9D20ED6639CCA70330870553E5C414CA92619418661197FAC10471DB1D381085DDADDB58796829CA90069", 16); + BigInteger h = new BigInteger("01", 16); + ECCurve curve = configureCurve(new ECCurve.Fp( new BigInteger("AADD9DB8DBE9C48B3FD4E6AE33C9FC07CB308DB3B3C9D20ED6639CCA703308717D4D9B009BC66842AECDA12AE6A380E62881FF2F2D82C68528AA6056583A48F3", 16), // q new BigInteger("7830A3318B603B89E2327145AC234CC594CBDD8D3DF91610A83441CAEA9863BC2DED5D5AA8253AA10A2EF1C98B9AC8B57F1117A72BF2C7B9E7C1AC4D77FC94CA", 16), // a - new BigInteger("3DF91610A83441CAEA9863BC2DED5D5AA8253AA10A2EF1C98B9AC8B57F1117A72BF2C7B9E7C1AC4D77FC94CADC083E67984050B75EBAE5DD2809BD638016F723", 16))); // b + new BigInteger("3DF91610A83441CAEA9863BC2DED5D5AA8253AA10A2EF1C98B9AC8B57F1117A72BF2C7B9E7C1AC4D77FC94CADC083E67984050B75EBAE5DD2809BD638016F723", 16), // b + n, h)); return new X9ECParameters( curve, curve.decodePoint(Hex.decode("0481AEE4BDD82ED9645A21322E9C4C6A9385ED9F70B5D916C1B43B62EEF4D0098EFF3B1F78E2D0D48D50D1687B93B97D5F7C6D5047406A5E688B352209BCB9F8227DDE385D566332ECC0EABFA9CF7822FDF209F70024A57B1AA000C55B881F8111B2DCDE494A5F485E5BCA4BD88A2763AED1CA2B2FA8F0540678CD1E0F3AD80892")), // G - new BigInteger("AADD9DB8DBE9C48B3FD4E6AE33C9FC07CB308DB3B3C9D20ED6639CCA70330870553E5C414CA92619418661197FAC10471DB1D381085DDADDB58796829CA90069", 16), //n - new BigInteger("01", 16)); // h + n, h); } }; static X9ECParametersHolder brainpoolP512t1 = new X9ECParametersHolder() { protected X9ECParameters createParameters() { + BigInteger n = new BigInteger("AADD9DB8DBE9C48B3FD4E6AE33C9FC07CB308DB3B3C9D20ED6639CCA70330870553E5C414CA92619418661197FAC10471DB1D381085DDADDB58796829CA90069", 16); + BigInteger h = new BigInteger("01", 16); + ECCurve curve = configureCurve(new ECCurve.Fp( //new BigInteger("12EE58E6764838B69782136F0F2D3BA06E27695716054092E60A80BEDB212B64E585D90BCE13761F85C3F1D2A64E3BE8FEA2220F01EBA5EEB0F35DBD29D922AB") //Z new BigInteger("AADD9DB8DBE9C48B3FD4E6AE33C9FC07CB308DB3B3C9D20ED6639CCA703308717D4D9B009BC66842AECDA12AE6A380E62881FF2F2D82C68528AA6056583A48F3", 16), // q new BigInteger("AADD9DB8DBE9C48B3FD4E6AE33C9FC07CB308DB3B3C9D20ED6639CCA703308717D4D9B009BC66842AECDA12AE6A380E62881FF2F2D82C68528AA6056583A48F0", 16), // a' - new BigInteger("7CBBBCF9441CFAB76E1890E46884EAE321F70C0BCB4981527897504BEC3E36A62BCDFA2304976540F6450085F2DAE145C22553B465763689180EA2571867423E", 16))); // b' + new BigInteger("7CBBBCF9441CFAB76E1890E46884EAE321F70C0BCB4981527897504BEC3E36A62BCDFA2304976540F6450085F2DAE145C22553B465763689180EA2571867423E", 16), // b' + n, h)); return new X9ECParameters( curve, curve.decodePoint(Hex.decode("04640ECE5C12788717B9C1BA06CBC2A6FEBA85842458C56DDE9DB1758D39C0313D82BA51735CDB3EA499AA77A7D6943A64F7A3F25FE26F06B51BAA2696FA9035DA5B534BD595F5AF0FA2C892376C84ACE1BB4E3019B71634C01131159CAE03CEE9D9932184BEEF216BD71DF2DADF86A627306ECFF96DBB8BACE198B61E00F8B332")), // G' - new BigInteger("AADD9DB8DBE9C48B3FD4E6AE33C9FC07CB308DB3B3C9D20ED6639CCA70330870553E5C414CA92619418661197FAC10471DB1D381085DDADDB58796829CA90069", 16), //n - new BigInteger("01", 16)); // h + n, h); } }; diff --git a/bcprov/src/main/java/org/bouncycastle/asn1/teletrust/TeleTrusTObjectIdentifiers.java b/bcprov/src/main/java/org/bouncycastle/asn1/teletrust/TeleTrusTObjectIdentifiers.java index 895f5e80..2be7efec 100644 --- a/bcprov/src/main/java/org/bouncycastle/asn1/teletrust/TeleTrusTObjectIdentifiers.java +++ b/bcprov/src/main/java/org/bouncycastle/asn1/teletrust/TeleTrusTObjectIdentifiers.java @@ -41,35 +41,35 @@ public interface TeleTrusTObjectIdentifiers static final ASN1ObjectIdentifier ecc_brainpool = teleTrusTAlgorithm.branch("3.2.8"); /** 1.3.36.3.3.2.8.1 */ static final ASN1ObjectIdentifier ellipticCurve = ecc_brainpool.branch("1"); - /** 1.3.36.3.3.2.8.1 */ + /** 1.3.36.3.3.2.8.1.1 */ static final ASN1ObjectIdentifier versionOne = ellipticCurve.branch("1"); - /** 1.3.36.3.3.2.8.1.1 */ + /** 1.3.36.3.3.2.8.1.1.1 */ static final ASN1ObjectIdentifier brainpoolP160r1 = versionOne.branch("1"); - /** 1.3.36.3.3.2.8.1.2 */ + /** 1.3.36.3.3.2.8.1.1.2 */ static final ASN1ObjectIdentifier brainpoolP160t1 = versionOne.branch("2"); - /** 1.3.36.3.3.2.8.1.3 */ + /** 1.3.36.3.3.2.8.1.1.3 */ static final ASN1ObjectIdentifier brainpoolP192r1 = versionOne.branch("3"); - /** 1.3.36.3.3.2.8.1.4 */ + /** 1.3.36.3.3.2.8.1.1.4 */ static final ASN1ObjectIdentifier brainpoolP192t1 = versionOne.branch("4"); - /** 1.3.36.3.3.2.8.1.5 */ + /** 1.3.36.3.3.2.8.1.1.5 */ static final ASN1ObjectIdentifier brainpoolP224r1 = versionOne.branch("5"); - /** 1.3.36.3.3.2.8.1.6 */ + /** 1.3.36.3.3.2.8.1.1.6 */ static final ASN1ObjectIdentifier brainpoolP224t1 = versionOne.branch("6"); - /** 1.3.36.3.3.2.8.1.7 */ + /** 1.3.36.3.3.2.8.1.1.7 */ static final ASN1ObjectIdentifier brainpoolP256r1 = versionOne.branch("7"); - /** 1.3.36.3.3.2.8.1.8 */ + /** 1.3.36.3.3.2.8.1.1.8 */ static final ASN1ObjectIdentifier brainpoolP256t1 = versionOne.branch("8"); - /** 1.3.36.3.3.2.8.1.9 */ + /** 1.3.36.3.3.2.8.1.1.9 */ static final ASN1ObjectIdentifier brainpoolP320r1 = versionOne.branch("9"); - /** 1.3.36.3.3.2.8.1.10 */ + /** 1.3.36.3.3.2.8.1.1.10 */ static final ASN1ObjectIdentifier brainpoolP320t1 = versionOne.branch("10"); - /** 1.3.36.3.3.2.8.1.11 */ + /** 1.3.36.3.3.2.8.1.1.11 */ static final ASN1ObjectIdentifier brainpoolP384r1 = versionOne.branch("11"); - /** 1.3.36.3.3.2.8.1.12 */ + /** 1.3.36.3.3.2.8.1.1.12 */ static final ASN1ObjectIdentifier brainpoolP384t1 = versionOne.branch("12"); - /** 1.3.36.3.3.2.8.1.13 */ + /** 1.3.36.3.3.2.8.1.1.13 */ static final ASN1ObjectIdentifier brainpoolP512r1 = versionOne.branch("13"); - /** 1.3.36.3.3.2.8.1.14 */ + /** 1.3.36.3.3.2.8.1.1.14 */ static final ASN1ObjectIdentifier brainpoolP512t1 = versionOne.branch("14"); } diff --git a/bcprov/src/main/java/org/bouncycastle/asn1/teletrust/package.html b/bcprov/src/main/java/org/bouncycastle/asn1/teletrust/package.html new file mode 100644 index 00000000..86606c39 --- /dev/null +++ b/bcprov/src/main/java/org/bouncycastle/asn1/teletrust/package.html @@ -0,0 +1,5 @@ +<html> +<body bgcolor="#ffffff"> +Support classes for TeleTrust related objects. +</body> +</html> diff --git a/bcprov/src/main/java/org/bouncycastle/asn1/test/ASN1SequenceParserTest.java b/bcprov/src/main/java/org/bouncycastle/asn1/test/ASN1SequenceParserTest.java new file mode 100644 index 00000000..e0cd1af2 --- /dev/null +++ b/bcprov/src/main/java/org/bouncycastle/asn1/test/ASN1SequenceParserTest.java @@ -0,0 +1,372 @@ +package org.bouncycastle.asn1.test; + +import java.io.ByteArrayOutputStream; +import java.io.IOException; +import java.math.BigInteger; +import java.util.Arrays; + +import junit.framework.Test; +import junit.framework.TestCase; +import junit.framework.TestSuite; +import org.bouncycastle.asn1.ASN1Integer; +import org.bouncycastle.asn1.ASN1Null; +import org.bouncycastle.asn1.ASN1ObjectIdentifier; +import org.bouncycastle.asn1.ASN1SequenceParser; +import org.bouncycastle.asn1.ASN1StreamParser; +import org.bouncycastle.asn1.BERSequenceGenerator; +import org.bouncycastle.asn1.DERSequenceGenerator; +import org.bouncycastle.util.encoders.Hex; + +public class ASN1SequenceParserTest + extends TestCase +{ + private static final byte[] seqData = Hex.decode("3006020100060129"); + private static final byte[] nestedSeqData = Hex.decode("300b0201000601293003020101"); + private static final byte[] expTagSeqData = Hex.decode("a1083006020100060129"); + private static final byte[] implTagSeqData = Hex.decode("a106020100060129"); + private static final byte[] nestedSeqExpTagData = Hex.decode("300d020100060129a1053003020101"); + private static final byte[] nestedSeqImpTagData = Hex.decode("300b020100060129a103020101"); + + private static final byte[] berSeqData = Hex.decode("30800201000601290000"); + private static final byte[] berDERNestedSeqData = Hex.decode("308002010006012930030201010000"); + private static final byte[] berNestedSeqData = Hex.decode("3080020100060129308002010100000000"); + private static final byte[] berExpTagSeqData = Hex.decode("a180308002010006012900000000"); + + private static final byte[] berSeqWithDERNullData = Hex.decode("308005000201000601290000"); + + public void testDERWriting() + throws Exception + { + ByteArrayOutputStream bOut = new ByteArrayOutputStream(); + DERSequenceGenerator seqGen = new DERSequenceGenerator(bOut); + + seqGen.addObject(new ASN1Integer(BigInteger.valueOf(0))); + + seqGen.addObject(new ASN1ObjectIdentifier("1.1")); + + seqGen.close(); + + assertTrue("basic DER writing test failed.", Arrays.equals(seqData, bOut.toByteArray())); + } + + public void testNestedDERWriting() + throws Exception + { + ByteArrayOutputStream bOut = new ByteArrayOutputStream(); + DERSequenceGenerator seqGen1 = new DERSequenceGenerator(bOut); + + seqGen1.addObject(new ASN1Integer(BigInteger.valueOf(0))); + + seqGen1.addObject(new ASN1ObjectIdentifier("1.1")); + + DERSequenceGenerator seqGen2 = new DERSequenceGenerator(seqGen1.getRawOutputStream()); + + seqGen2.addObject(new ASN1Integer(BigInteger.valueOf(1))); + + seqGen2.close(); + + seqGen1.close(); + + assertTrue("nested DER writing test failed.", Arrays.equals(nestedSeqData, bOut.toByteArray())); + } + + public void testDERExplicitTaggedSequenceWriting() + throws Exception + { + ByteArrayOutputStream bOut = new ByteArrayOutputStream(); + DERSequenceGenerator seqGen = new DERSequenceGenerator(bOut, 1, true); + + seqGen.addObject(new ASN1Integer(BigInteger.valueOf(0))); + + seqGen.addObject(new ASN1ObjectIdentifier("1.1")); + + seqGen.close(); + + assertTrue("explicit tag writing test failed.", Arrays.equals(expTagSeqData, bOut.toByteArray())); + } + + public void testDERImplicitTaggedSequenceWriting() + throws Exception + { + ByteArrayOutputStream bOut = new ByteArrayOutputStream(); + DERSequenceGenerator seqGen = new DERSequenceGenerator(bOut, 1, false); + + seqGen.addObject(new ASN1Integer(BigInteger.valueOf(0))); + + seqGen.addObject(new ASN1ObjectIdentifier("1.1")); + + seqGen.close(); + + assertTrue("implicit tag writing test failed.", Arrays.equals(implTagSeqData, bOut.toByteArray())); + } + + public void testNestedExplicitTagDERWriting() + throws Exception + { + ByteArrayOutputStream bOut = new ByteArrayOutputStream(); + DERSequenceGenerator seqGen1 = new DERSequenceGenerator(bOut); + + seqGen1.addObject(new ASN1Integer(BigInteger.valueOf(0))); + + seqGen1.addObject(new ASN1ObjectIdentifier("1.1")); + + DERSequenceGenerator seqGen2 = new DERSequenceGenerator(seqGen1.getRawOutputStream(), 1, true); + + seqGen2.addObject(new ASN1Integer(BigInteger.valueOf(1))); + + seqGen2.close(); + + seqGen1.close(); + + assertTrue("nested explicit tagged DER writing test failed.", Arrays.equals(nestedSeqExpTagData, bOut.toByteArray())); + } + + public void testNestedImplicitTagDERWriting() + throws Exception + { + ByteArrayOutputStream bOut = new ByteArrayOutputStream(); + DERSequenceGenerator seqGen1 = new DERSequenceGenerator(bOut); + + seqGen1.addObject(new ASN1Integer(BigInteger.valueOf(0))); + + seqGen1.addObject(new ASN1ObjectIdentifier("1.1")); + + DERSequenceGenerator seqGen2 = new DERSequenceGenerator(seqGen1.getRawOutputStream(), 1, false); + + seqGen2.addObject(new ASN1Integer(BigInteger.valueOf(1))); + + seqGen2.close(); + + seqGen1.close(); + + assertTrue("nested implicit tagged DER writing test failed.", Arrays.equals(nestedSeqImpTagData, bOut.toByteArray())); + } + + public void testBERWriting() + throws Exception + { + ByteArrayOutputStream bOut = new ByteArrayOutputStream(); + BERSequenceGenerator seqGen = new BERSequenceGenerator(bOut); + + seqGen.addObject(new ASN1Integer(BigInteger.valueOf(0))); + + seqGen.addObject(new ASN1ObjectIdentifier("1.1")); + + seqGen.close(); + + assertTrue("basic BER writing test failed.", Arrays.equals(berSeqData, bOut.toByteArray())); + } + + public void testNestedBERDERWriting() + throws Exception + { + ByteArrayOutputStream bOut = new ByteArrayOutputStream(); + BERSequenceGenerator seqGen1 = new BERSequenceGenerator(bOut); + + seqGen1.addObject(new ASN1Integer(BigInteger.valueOf(0))); + + seqGen1.addObject(new ASN1ObjectIdentifier("1.1")); + + DERSequenceGenerator seqGen2 = new DERSequenceGenerator(seqGen1.getRawOutputStream()); + + seqGen2.addObject(new ASN1Integer(BigInteger.valueOf(1))); + + seqGen2.close(); + + seqGen1.close(); + + assertTrue("nested BER/DER writing test failed.", Arrays.equals(berDERNestedSeqData, bOut.toByteArray())); + } + + public void testNestedBERWriting() + throws Exception + { + ByteArrayOutputStream bOut = new ByteArrayOutputStream(); + BERSequenceGenerator seqGen1 = new BERSequenceGenerator(bOut); + + seqGen1.addObject(new ASN1Integer(BigInteger.valueOf(0))); + + seqGen1.addObject(new ASN1ObjectIdentifier("1.1")); + + BERSequenceGenerator seqGen2 = new BERSequenceGenerator(seqGen1.getRawOutputStream()); + + seqGen2.addObject(new ASN1Integer(BigInteger.valueOf(1))); + + seqGen2.close(); + + seqGen1.close(); + + assertTrue("nested BER writing test failed.", Arrays.equals(berNestedSeqData, bOut.toByteArray())); + } + + public void testDERReading() + throws Exception + { + ASN1StreamParser aIn = new ASN1StreamParser(seqData); + + ASN1SequenceParser seq = (ASN1SequenceParser)aIn.readObject(); + Object o; + int count = 0; + + assertNotNull("null sequence returned", seq); + + while ((o = seq.readObject()) != null) + { + switch (count) + { + case 0: + assertTrue(o instanceof ASN1Integer); + break; + case 1: + assertTrue(o instanceof ASN1ObjectIdentifier); + break; + } + count++; + } + + assertEquals("wrong number of objects in sequence", 2, count); + } + + private void testNestedReading( + byte[] data) + throws Exception + { + ASN1StreamParser aIn = new ASN1StreamParser(data); + + ASN1SequenceParser seq = (ASN1SequenceParser)aIn.readObject(); + Object o; + int count = 0; + + assertNotNull("null sequence returned", seq); + + while ((o = seq.readObject()) != null) + { + switch (count) + { + case 0: + assertTrue(o instanceof ASN1Integer); + break; + case 1: + assertTrue(o instanceof ASN1ObjectIdentifier); + break; + case 2: + assertTrue(o instanceof ASN1SequenceParser); + + ASN1SequenceParser s = (ASN1SequenceParser)o; + + // NB: Must exhaust the nested parser + while (s.readObject() != null) + { + // Nothing + } + + break; + } + count++; + } + + assertEquals("wrong number of objects in sequence", 3, count); + } + + public void testNestedDERReading() + throws Exception + { + testNestedReading(nestedSeqData); + } + + public void testBERReading() + throws Exception + { + ASN1StreamParser aIn = new ASN1StreamParser(berSeqData); + + ASN1SequenceParser seq = (ASN1SequenceParser)aIn.readObject(); + Object o; + int count = 0; + + assertNotNull("null sequence returned", seq); + + while ((o = seq.readObject()) != null) + { + switch (count) + { + case 0: + assertTrue(o instanceof ASN1Integer); + break; + case 1: + assertTrue(o instanceof ASN1ObjectIdentifier); + break; + } + count++; + } + + assertEquals("wrong number of objects in sequence", 2, count); + } + + public void testNestedBERDERReading() + throws Exception + { + testNestedReading(berDERNestedSeqData); + } + + public void testNestedBERReading() + throws Exception + { + testNestedReading(berNestedSeqData); + } + + public void testBERExplicitTaggedSequenceWriting() + throws Exception + { + ByteArrayOutputStream bOut = new ByteArrayOutputStream(); + BERSequenceGenerator seqGen = new BERSequenceGenerator(bOut, 1, true); + + seqGen.addObject(new ASN1Integer(BigInteger.valueOf(0))); + + seqGen.addObject(new ASN1ObjectIdentifier("1.1")); + + seqGen.close(); + + assertTrue("explicit BER tag writing test failed.", Arrays.equals(berExpTagSeqData, bOut.toByteArray())); + } + + public void testSequenceWithDERNullReading() + throws Exception + { + testParseWithNull(berSeqWithDERNullData); + } + + private void testParseWithNull(byte[] data) + throws IOException + { + ASN1StreamParser aIn = new ASN1StreamParser(data); + ASN1SequenceParser seq = (ASN1SequenceParser)aIn.readObject(); + Object o; + int count = 0; + + assertNotNull("null sequence returned", seq); + + while ((o = seq.readObject()) != null) + { + switch (count) + { + case 0: + assertTrue(o instanceof ASN1Null); + break; + case 1: + assertTrue(o instanceof ASN1Integer); + break; + case 2: + assertTrue(o instanceof ASN1ObjectIdentifier); + break; + } + count++; + } + + assertEquals("wrong number of objects in sequence", 3, count); + } + + public static Test suite() + { + return new TestSuite(ASN1SequenceParserTest.class); + } +} diff --git a/bcprov/src/main/java/org/bouncycastle/asn1/test/ASN1UnitTest.java b/bcprov/src/main/java/org/bouncycastle/asn1/test/ASN1UnitTest.java new file mode 100644 index 00000000..d51cc6af --- /dev/null +++ b/bcprov/src/main/java/org/bouncycastle/asn1/test/ASN1UnitTest.java @@ -0,0 +1,89 @@ +package org.bouncycastle.asn1.test; + +import org.bouncycastle.asn1.ASN1Encodable; +import org.bouncycastle.util.test.SimpleTest; + +import java.math.BigInteger; + +public abstract class ASN1UnitTest + extends SimpleTest +{ + protected void checkMandatoryField(String name, ASN1Encodable expected, ASN1Encodable present) + { + if (!expected.equals(present)) + { + fail(name + " field doesn't match."); + } + } + + protected void checkMandatoryField(String name, String expected, String present) + { + if (!expected.equals(present)) + { + fail(name + " field doesn't match."); + } + } + + protected void checkMandatoryField(String name, byte[] expected, byte[] present) + { + if (!areEqual(expected, present)) + { + fail(name + " field doesn't match."); + } + } + + protected void checkMandatoryField(String name, int expected, int present) + { + if (expected != present) + { + fail(name + " field doesn't match."); + } + } + + protected void checkOptionalField(String name, ASN1Encodable expected, ASN1Encodable present) + { + if (expected != null) + { + if (!expected.equals(present)) + { + fail(name + " field doesn't match."); + } + } + else if (present != null) + { + fail(name + " field found when none expected."); + } + } + + protected void checkOptionalField(String name, String expected, String present) + { + if (expected != null) + { + if (!expected.equals(present)) + { + fail(name + " field doesn't match."); + } + } + else if (present != null) + { + fail(name + " field found when none expected."); + } + } + + protected void checkOptionalField(String name, BigInteger expected, BigInteger present) + { + if (expected != null) + { + if (!expected.equals(present)) + { + fail(name + " field doesn't match."); + } + } + else if (present != null) + { + fail(name + " field found when none expected."); + } + } + + +} diff --git a/bcprov/src/main/java/org/bouncycastle/asn1/test/AdditionalInformationSyntaxUnitTest.java b/bcprov/src/main/java/org/bouncycastle/asn1/test/AdditionalInformationSyntaxUnitTest.java new file mode 100644 index 00000000..baf0750f --- /dev/null +++ b/bcprov/src/main/java/org/bouncycastle/asn1/test/AdditionalInformationSyntaxUnitTest.java @@ -0,0 +1,69 @@ +package org.bouncycastle.asn1.test; + +import java.io.IOException; + +import org.bouncycastle.asn1.ASN1InputStream; +import org.bouncycastle.asn1.ASN1String; +import org.bouncycastle.asn1.isismtt.x509.AdditionalInformationSyntax; +import org.bouncycastle.asn1.x500.DirectoryString; + +public class AdditionalInformationSyntaxUnitTest + extends ASN1UnitTest +{ + public String getName() + { + return "AdditionalInformationSyntax"; + } + + public void performTest() + throws Exception + { + AdditionalInformationSyntax syntax = new AdditionalInformationSyntax("hello world"); + + checkConstruction(syntax, new DirectoryString("hello world")); + + try + { + AdditionalInformationSyntax.getInstance(new Object()); + + fail("getInstance() failed to detect bad object."); + } + catch (IllegalArgumentException e) + { + // expected + } + } + + private void checkConstruction( + AdditionalInformationSyntax syntax, + DirectoryString information) + throws IOException + { + checkValues(syntax, information); + + syntax = AdditionalInformationSyntax.getInstance(syntax); + + checkValues(syntax, information); + + ASN1InputStream aIn = new ASN1InputStream(syntax.toASN1Object().getEncoded()); + + ASN1String info = (ASN1String)aIn.readObject(); + + syntax = AdditionalInformationSyntax.getInstance(info); + + checkValues(syntax, information); + } + + private void checkValues( + AdditionalInformationSyntax syntax, + DirectoryString information) + { + checkMandatoryField("information", information, syntax.getInformation()); + } + + public static void main( + String[] args) + { + runTest(new AdditionalInformationSyntaxUnitTest()); + } +} diff --git a/bcprov/src/main/java/org/bouncycastle/asn1/test/AdmissionSyntaxUnitTest.java b/bcprov/src/main/java/org/bouncycastle/asn1/test/AdmissionSyntaxUnitTest.java new file mode 100644 index 00000000..ad0e9259 --- /dev/null +++ b/bcprov/src/main/java/org/bouncycastle/asn1/test/AdmissionSyntaxUnitTest.java @@ -0,0 +1,97 @@ +package org.bouncycastle.asn1.test; + +import java.io.IOException; + +import org.bouncycastle.asn1.ASN1InputStream; +import org.bouncycastle.asn1.ASN1ObjectIdentifier; +import org.bouncycastle.asn1.ASN1Sequence; +import org.bouncycastle.asn1.DERSequence; +import org.bouncycastle.asn1.isismtt.x509.AdmissionSyntax; +import org.bouncycastle.asn1.isismtt.x509.Admissions; +import org.bouncycastle.asn1.isismtt.x509.NamingAuthority; +import org.bouncycastle.asn1.isismtt.x509.ProfessionInfo; +import org.bouncycastle.asn1.x500.DirectoryString; +import org.bouncycastle.asn1.x509.GeneralName; +import org.bouncycastle.asn1.x509.X509Name; + +public class AdmissionSyntaxUnitTest + extends ASN1UnitTest +{ + public String getName() + { + return "AdmissionSyntax"; + } + + public void performTest() + throws Exception + { + GeneralName name = new GeneralName(new X509Name("CN=hello world")); + ASN1Sequence admissions = new DERSequence( + new Admissions(name, + new NamingAuthority(new ASN1ObjectIdentifier("1.2.3"), "url", new DirectoryString("fred")), + new ProfessionInfo[0])); + AdmissionSyntax syntax = new AdmissionSyntax(name, admissions); + + checkConstruction(syntax, name, admissions); + + syntax = AdmissionSyntax.getInstance(null); + + if (syntax != null) + { + fail("null getInstance() failed."); + } + + try + { + AdmissionSyntax.getInstance(new Object()); + + fail("getInstance() failed to detect bad object."); + } + catch (IllegalArgumentException e) + { + // expected + } + } + + private void checkConstruction( + AdmissionSyntax syntax, + GeneralName authority, + ASN1Sequence admissions) + throws IOException + { + checkValues(syntax, authority, admissions); + + syntax = AdmissionSyntax.getInstance(syntax); + + checkValues(syntax, authority, admissions); + + ASN1InputStream aIn = new ASN1InputStream(syntax.toASN1Object().getEncoded()); + + ASN1Sequence info = (ASN1Sequence)aIn.readObject(); + + syntax = AdmissionSyntax.getInstance(info); + + checkValues(syntax, authority, admissions); + } + + private void checkValues( + AdmissionSyntax syntax, + GeneralName authority, + ASN1Sequence admissions) + { + checkMandatoryField("admissionAuthority", authority, syntax.getAdmissionAuthority()); + + Admissions[] adm = syntax.getContentsOfAdmissions(); + + if (adm.length != 1 || !adm[0].equals(admissions.getObjectAt(0))) + { + fail("admissions check failed"); + } + } + + public static void main( + String[] args) + { + runTest(new AdmissionSyntaxUnitTest()); + } +} diff --git a/bcprov/src/main/java/org/bouncycastle/asn1/test/AdmissionsUnitTest.java b/bcprov/src/main/java/org/bouncycastle/asn1/test/AdmissionsUnitTest.java new file mode 100644 index 00000000..171faec4 --- /dev/null +++ b/bcprov/src/main/java/org/bouncycastle/asn1/test/AdmissionsUnitTest.java @@ -0,0 +1,86 @@ +package org.bouncycastle.asn1.test; + +import java.io.IOException; + +import org.bouncycastle.asn1.ASN1InputStream; +import org.bouncycastle.asn1.ASN1ObjectIdentifier; +import org.bouncycastle.asn1.ASN1Sequence; +import org.bouncycastle.asn1.isismtt.x509.Admissions; +import org.bouncycastle.asn1.isismtt.x509.NamingAuthority; +import org.bouncycastle.asn1.isismtt.x509.ProfessionInfo; +import org.bouncycastle.asn1.x500.DirectoryString; +import org.bouncycastle.asn1.x509.GeneralName; +import org.bouncycastle.asn1.x509.X509Name; + +public class AdmissionsUnitTest + extends ASN1UnitTest +{ + public String getName() + { + return "Admissions"; + } + + public void performTest() + throws Exception + { + GeneralName name = new GeneralName(new X509Name("CN=hello world")); + NamingAuthority auth = new NamingAuthority(new ASN1ObjectIdentifier("1.2.3"), "url", new DirectoryString("fred")); + Admissions admissions = new Admissions(name, auth, new ProfessionInfo[0]); + + checkConstruction(admissions, name, auth); + + admissions = Admissions.getInstance(null); + + if (admissions != null) + { + fail("null getInstance() failed."); + } + + try + { + Admissions.getInstance(new Object()); + + fail("getInstance() failed to detect bad object."); + } + catch (IllegalArgumentException e) + { + // expected + } + } + + private void checkConstruction( + Admissions admissions, + GeneralName name, + NamingAuthority auth) + throws IOException + { + checkValues(admissions, name, auth); + + admissions = Admissions.getInstance(admissions); + + checkValues(admissions, name, auth); + + ASN1InputStream aIn = new ASN1InputStream(admissions.toASN1Object().getEncoded()); + + ASN1Sequence info = (ASN1Sequence)aIn.readObject(); + + admissions = Admissions.getInstance(info); + + checkValues(admissions, name, auth); + } + + private void checkValues( + Admissions admissions, + GeneralName name, + NamingAuthority auth) + { + checkMandatoryField("admissionAuthority", name, admissions.getAdmissionAuthority()); + checkMandatoryField("namingAuthority", auth, admissions.getNamingAuthority()); + } + + public static void main( + String[] args) + { + runTest(new AdmissionsUnitTest()); + } +} diff --git a/bcprov/src/main/java/org/bouncycastle/asn1/test/AllTests.java b/bcprov/src/main/java/org/bouncycastle/asn1/test/AllTests.java new file mode 100644 index 00000000..5b647b3e --- /dev/null +++ b/bcprov/src/main/java/org/bouncycastle/asn1/test/AllTests.java @@ -0,0 +1,43 @@ +package org.bouncycastle.asn1.test; + +import junit.framework.Test; +import junit.framework.TestCase; +import junit.framework.TestSuite; +import org.bouncycastle.util.test.SimpleTestResult; + +public class AllTests + extends TestCase +{ + public void testASN1() + { + org.bouncycastle.util.test.Test[] tests = RegressionTest.tests; + + for (int i = 0; i != tests.length; i++) + { + SimpleTestResult result = (SimpleTestResult)tests[i].perform(); + + if (!result.isSuccessful()) + { + fail(result.toString()); + } + } + } + + public static void main (String[] args) + { + junit.textui.TestRunner.run(suite()); + } + + public static Test suite() + { + TestSuite suite = new TestSuite("ASN.1 Tests"); + + suite.addTestSuite(AllTests.class); + suite.addTestSuite(GetInstanceTest.class); + suite.addTestSuite(ASN1SequenceParserTest.class); + suite.addTestSuite(OctetStringTest.class); + suite.addTestSuite(ParseTest.class); + + return suite; + } +} diff --git a/bcprov/src/main/java/org/bouncycastle/asn1/test/AttributeTableUnitTest.java b/bcprov/src/main/java/org/bouncycastle/asn1/test/AttributeTableUnitTest.java new file mode 100644 index 00000000..337fb1a5 --- /dev/null +++ b/bcprov/src/main/java/org/bouncycastle/asn1/test/AttributeTableUnitTest.java @@ -0,0 +1,144 @@ +package org.bouncycastle.asn1.test; + +import java.util.Hashtable; + +import org.bouncycastle.asn1.ASN1EncodableVector; +import org.bouncycastle.asn1.ASN1ObjectIdentifier; +import org.bouncycastle.asn1.DERSet; +import org.bouncycastle.asn1.cms.Attribute; +import org.bouncycastle.asn1.cms.AttributeTable; +import org.bouncycastle.util.test.SimpleTest; + +public class AttributeTableUnitTest + extends SimpleTest +{ + private static final ASN1ObjectIdentifier type1 = new ASN1ObjectIdentifier("1.1.1"); + private static final ASN1ObjectIdentifier type2 = new ASN1ObjectIdentifier("1.1.2"); + private static final ASN1ObjectIdentifier type3 = new ASN1ObjectIdentifier("1.1.3"); + + public String getName() + { + return "AttributeTable"; + } + + public void performTest() + throws Exception + { + ASN1EncodableVector v = new ASN1EncodableVector(); + + v.add(new Attribute(type1, new DERSet(type1))); + v.add(new Attribute(type2, new DERSet(type2))); + + AttributeTable table = new AttributeTable(v); + + Attribute a = table.get(type1); + if (a == null) + { + fail("type1 attribute not found."); + } + if (!a.getAttrValues().equals(new DERSet(type1))) + { + fail("wrong value retrieved for type1!"); + } + + a = table.get(type2); + if (a == null) + { + fail("type2 attribute not found."); + } + if (!a.getAttrValues().equals(new DERSet(type2))) + { + fail("wrong value retrieved for type2!"); + } + + a = table.get(type3); + if (a != null) + { + fail("type3 attribute found when none expected."); + } + + ASN1EncodableVector vec = table.getAll(type1); + if (vec.size() != 1) + { + fail("wrong vector size for type1."); + } + + vec = table.getAll(type3); + if (vec.size() != 0) + { + fail("wrong vector size for type3."); + } + + vec = table.toASN1EncodableVector(); + if (vec.size() != 2) + { + fail("wrong vector size for single."); + } + + Hashtable t = table.toHashtable(); + + if (t.size() != 2) + { + fail("hashtable wrong size."); + } + + // multiple + + v = new ASN1EncodableVector(); + + v.add(new Attribute(type1, new DERSet(type1))); + v.add(new Attribute(type1, new DERSet(type2))); + v.add(new Attribute(type1, new DERSet(type3))); + v.add(new Attribute(type2, new DERSet(type2))); + + table = new AttributeTable(v); + + a = table.get(type1); + if (!a.getAttrValues().equals(new DERSet(type1))) + { + fail("wrong value retrieved for type1 multi get!"); + } + + vec = table.getAll(type1); + if (vec.size() != 3) + { + fail("wrong vector size for multiple type1."); + } + + a = (Attribute)vec.get(0); + if (!a.getAttrValues().equals(new DERSet(type1))) + { + fail("wrong value retrieved for type1(0)!"); + } + + a = (Attribute)vec.get(1); + if (!a.getAttrValues().equals(new DERSet(type2))) + { + fail("wrong value retrieved for type1(1)!"); + } + + a = (Attribute)vec.get(2); + if (!a.getAttrValues().equals(new DERSet(type3))) + { + fail("wrong value retrieved for type1(2)!"); + } + + vec = table.getAll(type2); + if (vec.size() != 1) + { + fail("wrong vector size for multiple type2."); + } + + vec = table.toASN1EncodableVector(); + if (vec.size() != 4) + { + fail("wrong vector size for multiple."); + } + } + + public static void main( + String[] args) + { + runTest(new AttributeTableUnitTest()); + } +} diff --git a/bcprov/src/main/java/org/bouncycastle/asn1/test/BiometricDataUnitTest.java b/bcprov/src/main/java/org/bouncycastle/asn1/test/BiometricDataUnitTest.java new file mode 100644 index 00000000..b4c2ea42 --- /dev/null +++ b/bcprov/src/main/java/org/bouncycastle/asn1/test/BiometricDataUnitTest.java @@ -0,0 +1,133 @@ +package org.bouncycastle.asn1.test; + +import java.security.SecureRandom; + +import org.bouncycastle.asn1.ASN1InputStream; +import org.bouncycastle.asn1.ASN1OctetString; +import org.bouncycastle.asn1.ASN1Sequence; +import org.bouncycastle.asn1.DERIA5String; +import org.bouncycastle.asn1.DERNull; +import org.bouncycastle.asn1.DEROctetString; +import org.bouncycastle.asn1.oiw.OIWObjectIdentifiers; +import org.bouncycastle.asn1.x509.AlgorithmIdentifier; +import org.bouncycastle.asn1.x509.qualified.BiometricData; +import org.bouncycastle.asn1.x509.qualified.TypeOfBiometricData; +import org.bouncycastle.util.test.SimpleTest; + +public class BiometricDataUnitTest + extends SimpleTest +{ + public String getName() + { + return "BiometricData"; + } + + private byte[] generateHash() + { + SecureRandom rand = new SecureRandom(); + byte[] bytes = new byte[20]; + + rand.nextBytes(bytes); + + return bytes; + } + + public void performTest() + throws Exception + { + TypeOfBiometricData dataType = new TypeOfBiometricData(TypeOfBiometricData.HANDWRITTEN_SIGNATURE); + AlgorithmIdentifier hashAlgorithm = new AlgorithmIdentifier(OIWObjectIdentifiers.idSHA1, DERNull.INSTANCE); + ASN1OctetString dataHash = new DEROctetString(generateHash()); + BiometricData bd = new BiometricData(dataType, hashAlgorithm, dataHash); + + checkConstruction(bd, dataType, hashAlgorithm, dataHash, null); + + DERIA5String dataUri = new DERIA5String("http://test"); + + bd = new BiometricData(dataType, hashAlgorithm, dataHash, dataUri); + + checkConstruction(bd, dataType, hashAlgorithm, dataHash, dataUri); + + bd = BiometricData.getInstance(null); + + if (bd != null) + { + fail("null getInstance() failed."); + } + + try + { + BiometricData.getInstance(new Object()); + + fail("getInstance() failed to detect bad object."); + } + catch (IllegalArgumentException e) + { + // expected + } + } + + private void checkConstruction( + BiometricData bd, + TypeOfBiometricData dataType, + AlgorithmIdentifier hashAlgorithm, + ASN1OctetString dataHash, + DERIA5String dataUri) + throws Exception + { + checkValues(bd, dataType, hashAlgorithm, dataHash, dataUri); + + bd = BiometricData.getInstance(bd); + + checkValues(bd, dataType, hashAlgorithm, dataHash, dataUri); + + ASN1InputStream aIn = new ASN1InputStream(bd.toASN1Object().getEncoded()); + + ASN1Sequence seq = (ASN1Sequence)aIn.readObject(); + + bd = BiometricData.getInstance(seq); + + checkValues(bd, dataType, hashAlgorithm, dataHash, dataUri); + } + + private void checkValues( + BiometricData bd, + TypeOfBiometricData dataType, + AlgorithmIdentifier algID, + ASN1OctetString dataHash, + DERIA5String sourceDataURI) + { + if (!bd.getTypeOfBiometricData().equals(dataType)) + { + fail("types don't match."); + } + + if (!bd.getHashAlgorithm().equals(algID)) + { + fail("hash algorithms don't match."); + } + + if (!bd.getBiometricDataHash().equals(dataHash)) + { + fail("hash algorithms don't match."); + } + + if (sourceDataURI != null) + { + if (!bd.getSourceDataUri().equals(sourceDataURI)) + { + fail("data uris don't match."); + } + } + else if (bd.getSourceDataUri() != null) + { + fail("data uri found when none expected."); + } + } + + public static void main( + String[] args) + { + runTest(new BiometricDataUnitTest()); + } +} diff --git a/bcprov/src/main/java/org/bouncycastle/asn1/test/BitStringConstantTester.java b/bcprov/src/main/java/org/bouncycastle/asn1/test/BitStringConstantTester.java new file mode 100644 index 00000000..bbea4a3d --- /dev/null +++ b/bcprov/src/main/java/org/bouncycastle/asn1/test/BitStringConstantTester.java @@ -0,0 +1,22 @@ +package org.bouncycastle.asn1.test; + +public class BitStringConstantTester +{ + private static final int[] bits = + { + 1 << 7, 1 << 6, 1 << 5, 1 << 4, 1 << 3, 1 << 2, 1 << 1, 1 << 0, + 1 << 15, 1 << 14, 1 << 13, 1 << 12, 1 << 11, 1 << 10, 1 << 9, 1 << 8, + 1 << 23, 1 << 22, 1 << 21, 1 << 20, 1 << 19, 1 << 18, 1 << 17, 1 << 16, + 1 << 31, 1 << 30, 1 << 29, 1 << 28, 1 << 27, 1 << 26, 1 << 25, 1 << 24 + }; + + public static void testFlagValueCorrect( + int bitNo, + int value) + { + if (bits[bitNo] != value) + { + throw new IllegalArgumentException("bit value " + bitNo + " wrong"); + } + } +} diff --git a/bcprov/src/main/java/org/bouncycastle/asn1/test/BitStringTest.java b/bcprov/src/main/java/org/bouncycastle/asn1/test/BitStringTest.java new file mode 100644 index 00000000..1cd5bd3a --- /dev/null +++ b/bcprov/src/main/java/org/bouncycastle/asn1/test/BitStringTest.java @@ -0,0 +1,73 @@ +package org.bouncycastle.asn1.test; + +import java.io.IOException; + +import org.bouncycastle.asn1.ASN1Primitive; +import org.bouncycastle.asn1.DERBitString; +import org.bouncycastle.asn1.x509.KeyUsage; +import org.bouncycastle.util.test.SimpleTestResult; +import org.bouncycastle.util.test.Test; +import org.bouncycastle.util.test.TestResult; + +public class BitStringTest + implements Test +{ + public TestResult perform() + { + KeyUsage k = new KeyUsage(KeyUsage.digitalSignature); + if ((k.getBytes()[0] != (byte)KeyUsage.digitalSignature) || (k.getPadBits() != 7)) + { + return new SimpleTestResult(false, getName() + ": failed digitalSignature"); + } + + k = new KeyUsage(KeyUsage.nonRepudiation); + if ((k.getBytes()[0] != (byte)KeyUsage.nonRepudiation) || (k.getPadBits() != 6)) + { + return new SimpleTestResult(false, getName() + ": failed nonRepudiation"); + } + + k = new KeyUsage(KeyUsage.keyEncipherment); + if ((k.getBytes()[0] != (byte)KeyUsage.keyEncipherment) || (k.getPadBits() != 5)) + { + return new SimpleTestResult(false, getName() + ": failed keyEncipherment"); + } + + k = new KeyUsage(KeyUsage.cRLSign); + if ((k.getBytes()[0] != (byte)KeyUsage.cRLSign) || (k.getPadBits() != 1)) + { + return new SimpleTestResult(false, getName() + ": failed cRLSign"); + } + + k = new KeyUsage(KeyUsage.decipherOnly); + if ((k.getBytes()[1] != (byte)(KeyUsage.decipherOnly >> 8)) || (k.getPadBits() != 7)) + { + return new SimpleTestResult(false, getName() + ": failed decipherOnly"); + } + + // test for zero length bit string + try + { + ASN1Primitive.fromByteArray(new DERBitString(new byte[0], 0).getEncoded()); + } + catch (IOException e) + { + return new SimpleTestResult(false, getName() + ": " + e); + } + + return new SimpleTestResult(true, getName() + ": Okay"); + } + + public String getName() + { + return "BitString"; + } + + public static void main( + String[] args) + { + BitStringTest test = new BitStringTest(); + TestResult result = test.perform(); + + System.out.println(result); + } +} diff --git a/bcprov/src/main/java/org/bouncycastle/asn1/test/CMSTest.java b/bcprov/src/main/java/org/bouncycastle/asn1/test/CMSTest.java new file mode 100644 index 00000000..873b27c0 --- /dev/null +++ b/bcprov/src/main/java/org/bouncycastle/asn1/test/CMSTest.java @@ -0,0 +1,358 @@ +package org.bouncycastle.asn1.test; + +import java.io.ByteArrayInputStream; +import java.io.ByteArrayOutputStream; +import java.io.InputStream; + +import org.bouncycastle.asn1.ASN1InputStream; +import org.bouncycastle.asn1.ASN1OctetStringParser; +import org.bouncycastle.asn1.ASN1OutputStream; +import org.bouncycastle.asn1.ASN1SequenceParser; +import org.bouncycastle.asn1.ASN1Set; +import org.bouncycastle.asn1.ASN1SetParser; +import org.bouncycastle.asn1.ASN1StreamParser; +import org.bouncycastle.asn1.BERTags; +import org.bouncycastle.asn1.DERSet; +import org.bouncycastle.asn1.cms.CMSObjectIdentifiers; +import org.bouncycastle.asn1.cms.CompressedData; +import org.bouncycastle.asn1.cms.ContentInfo; +import org.bouncycastle.asn1.cms.ContentInfoParser; +import org.bouncycastle.asn1.cms.EncryptedContentInfoParser; +import org.bouncycastle.asn1.cms.EnvelopedData; +import org.bouncycastle.asn1.cms.EnvelopedDataParser; +import org.bouncycastle.asn1.cms.KEKRecipientInfo; +import org.bouncycastle.asn1.cms.KeyTransRecipientInfo; +import org.bouncycastle.asn1.cms.RecipientInfo; +import org.bouncycastle.asn1.cms.SignedData; +import org.bouncycastle.util.encoders.Base64; +import org.bouncycastle.util.io.Streams; +import org.bouncycastle.util.test.SimpleTestResult; +import org.bouncycastle.util.test.Test; +import org.bouncycastle.util.test.TestResult; + +public class CMSTest + implements Test +{ + // + // compressed data object + // + byte[] compData = Base64.decode( + "MIAGCyqGSIb3DQEJEAEJoIAwgAIBADANBgsqhkiG9w0BCRADCDCABgkqhkiG9w0BBwGggCSABIIC" + + "Hnic7ZRdb9owFIbvK/k/5PqVYPFXGK12YYyboVFASSp1vQtZGiLRACZE49/XHoUW7S/0tXP8Efux" + + "fU5ivWnasml72XFb3gb5druui7ytN803M570nii7C5r8tfwR281hy/p/KSM3+jzH5s3+pbQ90xSb" + + "P3VT3QbLusnt8WPIuN5vN/vaA2+DulnXTXkXvNTr8j8ouZmkCmGI/UW+ZS/C8zP0bz2dz0zwLt+1" + + "UEk2M8mlaxjRMByAhZTj0RGYg4TvogiRASROsZgjpVcJCb1KV6QzQeDJ1XkoQ5Jm+C5PbOHZZGRi" + + "v+ORAcshOGeCcdFJyfgFxdtCdEcmOrbinc/+BBMzRThEYpwl+jEBpciSGWQkI0TSlREmD/eOHb2D" + + "SGLuESm/iKUFt1y4XHBO2a5oq0IKJKWLS9kUZTA7vC5LSxYmgVL46SIWxIfWBQd6AdrnjLmH94UT" + + "vGxVibLqRCtIpp4g2qpdtqK1LiOeolpVK5wVQ5P7+QjZAlrh0cePYTx/gNZuB9Vhndtgujl9T/tg" + + "W9ogK+3rnmg3YWygnTuF5GDS+Q/jIVLnCcYZFc6Kk/+c80wKwZjwdZIqDYWRH68MuBQSXLgXYXj2" + + "3CAaYOBNJMliTl0X7eV5DnoKIFSKYdj3cRpD/cK/JWTHJRe76MUXnfBW8m7Hd5zhQ4ri2NrVF/WL" + + "+kV1/3AGSlJ32bFPd2BsQD8uSzIx6lObkjdz95c0AAAAAAAAAAAAAAAA"); + + // + // enveloped data + // + byte[] envDataKeyTrns = Base64.decode( + "MIAGCSqGSIb3DQEHA6CAMIACAQAxgcQwgcECAQAwKjAlMRYwFAYDVQQKEw1Cb3Vu" + + "Y3kgQ2FzdGxlMQswCQYDVQQGEwJBVQIBCjANBgkqhkiG9w0BAQEFAASBgC5vdGrB" + + "itQSGwifLf3KwPILjaB4WEXgT/IIO1KDzrsbItCJsMA0Smq2y0zptxT0pSRL6JRg" + + "NMxLk1ySnrIrvGiEPLMR1zjxlT8yQ6VLX+kEoK43ztd1aaLw0oBfrcXcLN7BEpZ1" + + "TIdjlBfXIOx1S88WY1MiYqJJFc3LMwRUaTEDMIAGCSqGSIb3DQEHATAdBglghkgB" + + "ZQMEARYEEAfxLMWeaBOTTZQwUq0Y5FuggAQgwOJhL04rjSZCBCSOv5i5XpFfGsOd" + + "YSHSqwntGpFqCx4AAAAAAAAAAAAA"); + + byte[] envDataKEK = Base64.decode( + "MIAGCSqGSIb3DQEHA6CAMIACAQIxUqJQAgEEMAcEBQECAwQFMBAGCyqGSIb3DQEJE" + + "AMHAgE6BDC7G/HyUPilIrin2Yeajqmj795VoLWETRnZAAFcAiQdoQWyz+oCh6WY/H" + + "jHHi+0y+cwgAYJKoZIhvcNAQcBMBQGCCqGSIb3DQMHBAiY3eDBBbF6naCABBiNdzJb" + + "/v6+UZB3XXKipxFDUpz9GyjzB+gAAAAAAAAAAAAA"); + + byte[] envDataNestedNDEF = Base64.decode( + "MIAGCSqGSIb3DQEHA6CAMIACAQAxge8wgewCAQAwgZUwgY8xKDAmBgNVBAoMH1RoZSBMZWdpb24g" + + "b2YgdGhlIEJvdW5jeSBDYXN0bGUxLzAtBgkqhkiG9w0BCQEWIGZlZWRiYWNrLWNyeXB0b0Bib3Vu" + + "Y3ljYXN0bGUub3JnMREwDwYDVQQIDAhWaWN0b3JpYTESMBAGA1UEBwwJTWVsYm91cm5lMQswCQYD" + + "VQQGEwJBVQIBATANBgkqhkiG9w0BAQEFAARABIXMd8xiTyWDKO/LQfvdGYTPW3I9oSQWwtm4OIaN" + + "VINpfY2lfwTvbmE6VXiLKeALC0dMBV8z7DEM9hE0HVmvLDCABgkqhkiG9w0BBwEwHQYJYIZIAWUD" + + "BAECBBB32ko6WrVxDTqwUYEpV6IUoIAEggKgS6RowrhNlmWWI13zxD/lryxkZ5oWXPUfNiUxYX/P" + + "r5iscW3s8VKJKUpJ4W5SNA7JGL4l/5LmSnJ4Qu/xzxcoH4r4vmt75EDE9p2Ob2Xi1NuSFAZubJFc" + + "Zlnp4e05UHKikmoaz0PbiAi277sLQlK2FcVsntTYVT00y8+IwuuQu0ATVqkXC+VhfjV/sK6vQZnw" + + "2rQKedZhLB7B4dUkmxCujb/UAq4lgSpLMXg2P6wMimTczXyQxRiZxPeI4ByCENjkafXbfcJft2eD" + + "gv1DEDdYM5WrW9Z75b4lmJiOJ/xxDniHCvum7KGXzpK1d1mqTlpzPC2xoz08/MO4lRf5Mb0bYdq6" + + "CjMaYqVwGsYryp/2ayX+d8H+JphEG+V9Eg8uPcDoibwhDI4KkoyGHstPw5bxcy7vVFt7LXUdNjJc" + + "K1wxaUKEXDGKt9Vj93FnBTLMX0Pc9HpueV5o1ipX34dn/P3HZB9XK8ScbrE38B1VnIgylStnhVFO" + + "Cj9s7qSVqI2L+xYHJRHsxaMumIRnmRuOqdXDfIo28EZAnFtQ/b9BziMGVvAW5+A8h8s2oazhSmK2" + + "23ftV7uv98ScgE8fCd3PwT1kKJM83ThTYyBzokvMfPYCCvsonMV+kTWXhWcwjYTS4ukrpR452ZdW" + + "l3aJqDnzobt5FK4T8OGciOj+1PxYFZyRmCuafm2Dx6o7Et2Tu/T5HYvhdY9jHyqtDl2PXH4CTnVi" + + "gA1YOAArjPVmsZVwAM3Ml46uyXXhcsXwQ1X0Tv4D+PSa/id4UQ2cObOw8Cj1eW2GB8iJIZVqkZaU" + + "XBexqgWYOIoxjqODSeoZKiBsTK3c+oOUBqBDueY1i55swE2o6dDt95FluX6iyr/q4w2wLt3upY1J" + + "YL+TuvZxAKviuAczMS1bAAAAAAAAAAAAAA=="); + + // + // signed data + // + byte[] signedData = Base64.decode( + "MIAGCSqGSIb3DQEHAqCAMIACAQExCzAJBgUrDgMCGgUAMIAGCSqGSIb3DQEHAaCA" + + "JIAEDEhlbGxvIFdvcmxkIQAAAAAAAKCCBGIwggINMIIBdqADAgECAgEBMA0GCSqG" + + "SIb3DQEBBAUAMCUxFjAUBgNVBAoTDUJvdW5jeSBDYXN0bGUxCzAJBgNVBAYTAkFV" + + "MB4XDTA0MTAyNDA0MzA1OFoXDTA1MDIwMTA0MzA1OFowJTEWMBQGA1UEChMNQm91" + + "bmN5IENhc3RsZTELMAkGA1UEBhMCQVUwgZ8wDQYJKoZIhvcNAQEBBQADgY0AMIGJ" + + "AoGBAJj3OAshAOgDmPcYZ1jdNSuhOHRH9VhC/PG17FdiInVGc2ulJhEifEQga/uq" + + "ZCpSd1nHsJUZKm9k1bVneWzC0941i9Znfxgb2jnXXsa5kwB2KEVESrOWsRjSRtnY" + + "iLgqBG0rzpaMn5A5ntu7N0406EesBhe19cjZAageEHGZDbufAgMBAAGjTTBLMB0G" + + "A1UdDgQWBBR/iHNKOo6f4ByWFFywRNZ65XSr1jAfBgNVHSMEGDAWgBR/iHNKOo6f" + + "4ByWFFywRNZ65XSr1jAJBgNVHRMEAjAAMA0GCSqGSIb3DQEBBAUAA4GBAFMJJ7QO" + + "pHo30bnlQ4Ny3PCnK+Se+Gw3TpaYGp84+a8fGD9Dme78G6NEsgvpFGTyoLxvJ4CB" + + "84Kzys+1p2HdXzoZiyXAer5S4IwptE3TxxFwKyj28cRrM6dK47DDyXUkV0qwBAMN" + + "luwnk/no4K7ilzN2MZk5l7wXyNa9yJ6CHW6dMIICTTCCAbagAwIBAgIBAjANBgkq" + + "hkiG9w0BAQQFADAlMRYwFAYDVQQKEw1Cb3VuY3kgQ2FzdGxlMQswCQYDVQQGEwJB" + + "VTAeFw0wNDEwMjQwNDMwNTlaFw0wNTAyMDEwNDMwNTlaMGUxGDAWBgNVBAMTD0Vy" + + "aWMgSC4gRWNoaWRuYTEkMCIGCSqGSIb3DQEJARYVZXJpY0Bib3VuY3ljYXN0bGUu" + + "b3JnMRYwFAYDVQQKEw1Cb3VuY3kgQ2FzdGxlMQswCQYDVQQGEwJBVTCBnzANBgkq" + + "hkiG9w0BAQEFAAOBjQAwgYkCgYEAm+5CnGU6W45iUpCsaGkn5gDruZv3j/o7N6ag" + + "mRZhikaLG2JF6ECaX13iioVJfmzBsPKxAACWwuTXCoSSXG8viK/qpSHwJpfQHYEh" + + "tcC0CxIqlnltv3KQAGwh/PdwpSPvSNnkQBGvtFq++9gnXDBbynfP8b2L2Eis0X9U" + + "2y6gFiMCAwEAAaNNMEswHQYDVR0OBBYEFEAmOksnF66FoQm6IQBVN66vJo1TMB8G" + + "A1UdIwQYMBaAFH+Ic0o6jp/gHJYUXLBE1nrldKvWMAkGA1UdEwQCMAAwDQYJKoZI" + + "hvcNAQEEBQADgYEAEeIjvNkKMPU/ZYCu1TqjGZPEqi+glntg2hC/CF0oGyHFpMuG" + + "tMepF3puW+uzKM1s61ar3ahidp3XFhr/GEU/XxK24AolI3yFgxP8PRgUWmQizTQX" + + "pWUmhlsBe1uIKVEfNAzCgtYfJQ8HJIKsUCcdWeCKVKs4jRionsek1rozkPExggEv" + + "MIIBKwIBATAqMCUxFjAUBgNVBAoTDUJvdW5jeSBDYXN0bGUxCzAJBgNVBAYTAkFV" + + "AgECMAkGBSsOAwIaBQCgXTAYBgkqhkiG9w0BCQMxCwYJKoZIhvcNAQcBMBwGCSqG" + + "SIb3DQEJBTEPFw0wNDEwMjQwNDMwNTlaMCMGCSqGSIb3DQEJBDEWBBQu973mCM5U" + + "BOl9XwQvlfifHCMocTANBgkqhkiG9w0BAQEFAASBgGHbe3/jcZu6b/erRhc3PEji" + + "MUO8mEIRiNYBr5/vFNhkry8TrGfOpI45m7gu1MS0/vdas7ykvidl/sNZfO0GphEI" + + "UaIjMRT3U6yuTWF4aLpatJbbRsIepJO/B2kdIAbV5SCbZgVDJIPOR2qnruHN2wLF" + + "a+fEv4J8wQ8Xwvk0C8iMAAAAAAAA"); + + private boolean isSameAs( + byte[] a, + byte[] b) + { + if (a.length != b.length) + { + return false; + } + + for (int i = 0; i != a.length; i++) + { + if (a[i] != b[i]) + { + return false; + } + } + + return true; + } + + private TestResult compressionTest() + { + try + { + ASN1InputStream aIn = new ASN1InputStream(new ByteArrayInputStream(compData)); + + ContentInfo info = ContentInfo.getInstance(aIn.readObject()); + CompressedData data = CompressedData.getInstance(info.getContent()); + + data = new CompressedData(data.getCompressionAlgorithmIdentifier(), data.getEncapContentInfo()); + info = new ContentInfo(CMSObjectIdentifiers.compressedData, data); + + ByteArrayOutputStream bOut = new ByteArrayOutputStream(); + ASN1OutputStream aOut = new ASN1OutputStream(bOut); + + aOut.writeObject(info); + + if (!isSameAs(bOut.toByteArray(), compData)) + { + return new SimpleTestResult(false, getName() + ": CMS compression failed to re-encode"); + } + + return new SimpleTestResult(true, getName() + ": Okay"); + } + catch (Exception e) + { + return new SimpleTestResult(false, getName() + ": CMS compression failed - " + e.toString(), e); + } + } + + private TestResult envelopedTest() + { + try + { + // + // Key trans + // + ASN1InputStream aIn = new ASN1InputStream(new ByteArrayInputStream(envDataKeyTrns)); + + ContentInfo info = ContentInfo.getInstance(aIn.readObject()); + EnvelopedData envData = EnvelopedData.getInstance(info.getContent()); + ASN1Set s = envData.getRecipientInfos(); + + if (s.size() != 1) + { + return new SimpleTestResult(false, getName() + ": CMS KeyTrans enveloped, wrong number of recipients"); + } + + RecipientInfo recip = RecipientInfo.getInstance(s.getObjectAt(0)); + + if (recip.getInfo() instanceof KeyTransRecipientInfo) + { + KeyTransRecipientInfo inf = KeyTransRecipientInfo.getInstance(recip.getInfo()); + + inf = new KeyTransRecipientInfo(inf.getRecipientIdentifier(), inf.getKeyEncryptionAlgorithm(), inf.getEncryptedKey()); + + s = new DERSet(new RecipientInfo(inf)); + } + else + { + return new SimpleTestResult(false, getName() + ": CMS KeyTrans enveloped, wrong recipient type"); + } + + ByteArrayOutputStream bOut = new ByteArrayOutputStream(); + ASN1OutputStream aOut = new ASN1OutputStream(bOut); + + envData = new EnvelopedData(envData.getOriginatorInfo(), s, envData.getEncryptedContentInfo(), envData.getUnprotectedAttrs()); + info = new ContentInfo(CMSObjectIdentifiers.envelopedData, envData); + + aOut.writeObject(info); + + if (!isSameAs(bOut.toByteArray(), envDataKeyTrns)) + { + return new SimpleTestResult(false, getName() + ": CMS KeyTrans enveloped failed to re-encode"); + } + + // + // KEK + // + aIn = new ASN1InputStream(new ByteArrayInputStream(envDataKEK)); + + info = ContentInfo.getInstance(aIn.readObject()); + envData = EnvelopedData.getInstance(info.getContent()); + s = envData.getRecipientInfos(); + + if (s.size() != 1) + { + return new SimpleTestResult(false, getName() + ": CMS KEK enveloped, wrong number of recipients"); + } + + recip = RecipientInfo.getInstance(s.getObjectAt(0)); + + if (recip.getInfo() instanceof KEKRecipientInfo) + { + KEKRecipientInfo inf = KEKRecipientInfo.getInstance(recip.getInfo()); + + inf = new KEKRecipientInfo(inf.getKekid(), inf.getKeyEncryptionAlgorithm(), inf.getEncryptedKey()); + + s = new DERSet(new RecipientInfo(inf)); + } + else + { + return new SimpleTestResult(false, getName() + ": CMS KEK enveloped, wrong recipient type"); + } + + bOut = new ByteArrayOutputStream(); + aOut = new ASN1OutputStream(bOut); + + envData = new EnvelopedData(envData.getOriginatorInfo(), s, envData.getEncryptedContentInfo(), envData.getUnprotectedAttrs()); + info = new ContentInfo(CMSObjectIdentifiers.envelopedData, envData); + + aOut.writeObject(info); + + if (!isSameAs(bOut.toByteArray(), envDataKEK)) + { System.out.println(new String(Base64.encode(bOut.toByteArray()))); + return new SimpleTestResult(false, getName() + ": CMS KEK enveloped failed to re-encode"); + } + + // Nested NDEF problem + ASN1StreamParser asn1In = new ASN1StreamParser(new ByteArrayInputStream(envDataNestedNDEF)); + ContentInfoParser ci = new ContentInfoParser((ASN1SequenceParser)asn1In.readObject()); + EnvelopedDataParser ed = new EnvelopedDataParser((ASN1SequenceParser)ci + .getContent(BERTags.SEQUENCE)); + ed.getVersion(); + ed.getOriginatorInfo(); + ed.getRecipientInfos().toASN1Primitive(); + EncryptedContentInfoParser eci = ed.getEncryptedContentInfo(); + eci.getContentType(); + eci.getContentEncryptionAlgorithm(); + + InputStream dataIn = ((ASN1OctetStringParser)eci.getEncryptedContent(BERTags.OCTET_STRING)) + .getOctetStream(); + Streams.drain(dataIn); + dataIn.close(); + + // Test data doesn't have unprotected attrs, bug was being thrown by this call + ASN1SetParser upa = ed.getUnprotectedAttrs(); + if (upa != null) + { + upa.toASN1Primitive(); + } + + return new SimpleTestResult(true, getName() + ": Okay"); + } + catch (Exception e) + { + return new SimpleTestResult(false, getName() + ": CMS enveloped failed - " + e.toString(), e); + } + } + + private TestResult signedTest() + { + try + { + ASN1InputStream aIn = new ASN1InputStream(new ByteArrayInputStream(signedData)); + + ContentInfo info = ContentInfo.getInstance(aIn.readObject()); + SignedData sData = SignedData.getInstance(info.getContent()); + + ByteArrayOutputStream bOut = new ByteArrayOutputStream(); + ASN1OutputStream aOut = new ASN1OutputStream(bOut); + + sData = new SignedData(sData.getDigestAlgorithms(), sData.getEncapContentInfo(), sData.getCertificates(), sData.getCRLs(), sData.getSignerInfos()); + info = new ContentInfo(CMSObjectIdentifiers.signedData, sData); + + aOut.writeObject(info); + + if (!isSameAs(bOut.toByteArray(), signedData)) + { + return new SimpleTestResult(false, getName() + ": CMS signed failed to re-encode"); + } + + return new SimpleTestResult(true, getName() + ": Okay"); + } + catch (Exception e) + { + return new SimpleTestResult(false, getName() + ": CMS signed failed - " + e.toString(), e); + } + } + + public TestResult perform() + { + TestResult res = compressionTest(); + + if (!res.isSuccessful()) + { + return res; + } + + res = envelopedTest(); + if (!res.isSuccessful()) + { + return res; + } + + return signedTest(); + } + + public String getName() + { + return "CMS"; + } + + public static void main( + String[] args) + { + CMSTest test = new CMSTest(); + TestResult result = test.perform(); + + System.out.println(result); + } +} diff --git a/bcprov/src/main/java/org/bouncycastle/asn1/test/CertHashUnitTest.java b/bcprov/src/main/java/org/bouncycastle/asn1/test/CertHashUnitTest.java new file mode 100644 index 00000000..62c81d45 --- /dev/null +++ b/bcprov/src/main/java/org/bouncycastle/asn1/test/CertHashUnitTest.java @@ -0,0 +1,84 @@ +package org.bouncycastle.asn1.test; + +import java.io.IOException; + +import org.bouncycastle.asn1.ASN1InputStream; +import org.bouncycastle.asn1.ASN1ObjectIdentifier; +import org.bouncycastle.asn1.ASN1Sequence; +import org.bouncycastle.asn1.isismtt.ocsp.CertHash; +import org.bouncycastle.asn1.x509.AlgorithmIdentifier; + +public class CertHashUnitTest + extends ASN1UnitTest +{ + public String getName() + { + return "CertHash"; + } + + public void performTest() + throws Exception + { + AlgorithmIdentifier algId = new AlgorithmIdentifier(new ASN1ObjectIdentifier("1.2.2.3")); + byte[] digest = new byte[20]; + + CertHash certID = new CertHash(algId, digest); + + checkConstruction(certID, algId, digest); + + certID = CertHash.getInstance(null); + + if (certID != null) + { + fail("null getInstance() failed."); + } + + try + { + CertHash.getInstance(new Object()); + + fail("getInstance() failed to detect bad object."); + } + catch (IllegalArgumentException e) + { + // expected + } + } + + private void checkConstruction( + CertHash certHash, + AlgorithmIdentifier algId, + byte[] digest) + throws IOException + { + checkValues(certHash, algId, digest); + + certHash = CertHash.getInstance(certHash); + + checkValues(certHash, algId, digest); + + ASN1InputStream aIn = new ASN1InputStream(certHash.toASN1Object().getEncoded()); + + ASN1Sequence seq = (ASN1Sequence)aIn.readObject(); + + certHash = CertHash.getInstance(seq); + + checkValues(certHash, algId, digest); + } + + private void checkValues( + CertHash certHash, + AlgorithmIdentifier algId, + byte[] digest) + { + checkMandatoryField("algorithmHash", algId, certHash.getHashAlgorithm()); + + checkMandatoryField("certificateHash", digest, certHash.getCertificateHash()); + } + + public static void main( + String[] args) + { + runTest(new CertHashUnitTest()); + } +} diff --git a/bcprov/src/main/java/org/bouncycastle/asn1/test/CertificateTest.java b/bcprov/src/main/java/org/bouncycastle/asn1/test/CertificateTest.java new file mode 100644 index 00000000..6aa8cef6 --- /dev/null +++ b/bcprov/src/main/java/org/bouncycastle/asn1/test/CertificateTest.java @@ -0,0 +1,602 @@ +package org.bouncycastle.asn1.test; + +import java.io.ByteArrayInputStream; +import java.util.Enumeration; + +import org.bouncycastle.asn1.ASN1InputStream; +import org.bouncycastle.asn1.ASN1Integer; +import org.bouncycastle.asn1.ASN1ObjectIdentifier; +import org.bouncycastle.asn1.ASN1OctetString; +import org.bouncycastle.asn1.ASN1Sequence; +import org.bouncycastle.asn1.x509.AlgorithmIdentifier; +import org.bouncycastle.asn1.x509.AttCertIssuer; +import org.bouncycastle.asn1.x509.AttCertValidityPeriod; +import org.bouncycastle.asn1.x509.Attribute; +import org.bouncycastle.asn1.x509.AttributeCertificate; +import org.bouncycastle.asn1.x509.AttributeCertificateInfo; +import org.bouncycastle.asn1.x509.AuthorityKeyIdentifier; +import org.bouncycastle.asn1.x509.BasicConstraints; +import org.bouncycastle.asn1.x509.CRLDistPoint; +import org.bouncycastle.asn1.x509.Certificate; +import org.bouncycastle.asn1.x509.DistributionPoint; +import org.bouncycastle.asn1.x509.ExtendedKeyUsage; +import org.bouncycastle.asn1.x509.Extension; +import org.bouncycastle.asn1.x509.Extensions; +import org.bouncycastle.asn1.x509.GeneralName; +import org.bouncycastle.asn1.x509.GeneralNames; +import org.bouncycastle.asn1.x509.Holder; +import org.bouncycastle.asn1.x509.KeyPurposeId; +import org.bouncycastle.asn1.x509.KeyUsage; +import org.bouncycastle.asn1.x509.PolicyInformation; +import org.bouncycastle.asn1.x509.SubjectKeyIdentifier; +import org.bouncycastle.asn1.x509.TBSCertificate; +import org.bouncycastle.util.encoders.Base64; +import org.bouncycastle.util.test.SimpleTest; + +public class CertificateTest + extends SimpleTest +{ + // + // server.crt + // + byte[] cert1 = Base64.decode( + "MIIDXjCCAsegAwIBAgIBBzANBgkqhkiG9w0BAQQFADCBtzELMAkGA1UEBhMCQVUx" + + "ETAPBgNVBAgTCFZpY3RvcmlhMRgwFgYDVQQHEw9Tb3V0aCBNZWxib3VybmUxGjAY" + + "BgNVBAoTEUNvbm5lY3QgNCBQdHkgTHRkMR4wHAYDVQQLExVDZXJ0aWZpY2F0ZSBB" + + "dXRob3JpdHkxFTATBgNVBAMTDENvbm5lY3QgNCBDQTEoMCYGCSqGSIb3DQEJARYZ" + + "d2VibWFzdGVyQGNvbm5lY3Q0LmNvbS5hdTAeFw0wMDA2MDIwNzU2MjFaFw0wMTA2" + + "MDIwNzU2MjFaMIG4MQswCQYDVQQGEwJBVTERMA8GA1UECBMIVmljdG9yaWExGDAW" + + "BgNVBAcTD1NvdXRoIE1lbGJvdXJuZTEaMBgGA1UEChMRQ29ubmVjdCA0IFB0eSBM" + + "dGQxFzAVBgNVBAsTDldlYnNlcnZlciBUZWFtMR0wGwYDVQQDExR3d3cyLmNvbm5l" + + "Y3Q0LmNvbS5hdTEoMCYGCSqGSIb3DQEJARYZd2VibWFzdGVyQGNvbm5lY3Q0LmNv" + + "bS5hdTCBnzANBgkqhkiG9w0BAQEFAAOBjQAwgYkCgYEArvDxclKAhyv7Q/Wmr2re" + + "Gw4XL9Cnh9e+6VgWy2AWNy/MVeXdlxzd7QAuc1eOWQkGQEiLPy5XQtTY+sBUJ3AO" + + "Rvd2fEVJIcjf29ey7bYua9J/vz5MG2KYo9/WCHIwqD9mmG9g0xLcfwq/s8ZJBswE" + + "7sb85VU+h94PTvsWOsWuKaECAwEAAaN3MHUwJAYDVR0RBB0wG4EZd2VibWFzdGVy" + + "QGNvbm5lY3Q0LmNvbS5hdTA6BglghkgBhvhCAQ0ELRYrbW9kX3NzbCBnZW5lcmF0" + + "ZWQgY3VzdG9tIHNlcnZlciBjZXJ0aWZpY2F0ZTARBglghkgBhvhCAQEEBAMCBkAw" + + "DQYJKoZIhvcNAQEEBQADgYEAotccfKpwSsIxM1Hae8DR7M/Rw8dg/RqOWx45HNVL" + + "iBS4/3N/TO195yeQKbfmzbAA2jbPVvIvGgTxPgO1MP4ZgvgRhasaa0qCJCkWvpM4" + + "yQf33vOiYQbpv4rTwzU8AmRlBG45WdjyNIigGV+oRc61aKCTnLq7zB8N3z1TF/bF" + + "5/8="); + + // + // ca.crt + // + byte[] cert2 = Base64.decode( + "MIIDbDCCAtWgAwIBAgIBADANBgkqhkiG9w0BAQQFADCBtzELMAkGA1UEBhMCQVUx" + + "ETAPBgNVBAgTCFZpY3RvcmlhMRgwFgYDVQQHEw9Tb3V0aCBNZWxib3VybmUxGjAY" + + "BgNVBAoTEUNvbm5lY3QgNCBQdHkgTHRkMR4wHAYDVQQLExVDZXJ0aWZpY2F0ZSBB" + + "dXRob3JpdHkxFTATBgNVBAMTDENvbm5lY3QgNCBDQTEoMCYGCSqGSIb3DQEJARYZ" + + "d2VibWFzdGVyQGNvbm5lY3Q0LmNvbS5hdTAeFw0wMDA2MDIwNzU1MzNaFw0wMTA2" + + "MDIwNzU1MzNaMIG3MQswCQYDVQQGEwJBVTERMA8GA1UECBMIVmljdG9yaWExGDAW" + + "BgNVBAcTD1NvdXRoIE1lbGJvdXJuZTEaMBgGA1UEChMRQ29ubmVjdCA0IFB0eSBM" + + "dGQxHjAcBgNVBAsTFUNlcnRpZmljYXRlIEF1dGhvcml0eTEVMBMGA1UEAxMMQ29u" + + "bmVjdCA0IENBMSgwJgYJKoZIhvcNAQkBFhl3ZWJtYXN0ZXJAY29ubmVjdDQuY29t" + + "LmF1MIGfMA0GCSqGSIb3DQEBAQUAA4GNADCBiQKBgQDgs5ptNG6Qv1ZpCDuUNGmv" + + "rhjqMDPd3ri8JzZNRiiFlBA4e6/ReaO1U8ASewDeQMH6i9R6degFdQRLngbuJP0s" + + "xcEE+SksEWNvygfzLwV9J/q+TQDyJYK52utb++lS0b48A1KPLwEsyL6kOAgelbur" + + "ukwxowprKUIV7Knf1ajetQIDAQABo4GFMIGCMCQGA1UdEQQdMBuBGXdlYm1hc3Rl" + + "ckBjb25uZWN0NC5jb20uYXUwDwYDVR0TBAgwBgEB/wIBADA2BglghkgBhvhCAQ0E" + + "KRYnbW9kX3NzbCBnZW5lcmF0ZWQgY3VzdG9tIENBIGNlcnRpZmljYXRlMBEGCWCG" + + "SAGG+EIBAQQEAwICBDANBgkqhkiG9w0BAQQFAAOBgQCsGvfdghH8pPhlwm1r3pQk" + + "msnLAVIBb01EhbXm2861iXZfWqGQjrGAaA0ZpXNk9oo110yxoqEoSJSzniZa7Xtz" + + "soTwNUpE0SLHvWf/SlKdFWlzXA+vOZbzEv4UmjeelekTm7lc01EEa5QRVzOxHFtQ" + + "DhkaJ8VqOMajkQFma2r9iA=="); + + // + // testx509.pem + // + byte[] cert3 = Base64.decode( + "MIIBWzCCAQYCARgwDQYJKoZIhvcNAQEEBQAwODELMAkGA1UEBhMCQVUxDDAKBgNV" + + "BAgTA1FMRDEbMBkGA1UEAxMSU1NMZWF5L3JzYSB0ZXN0IENBMB4XDTk1MDYxOTIz" + + "MzMxMloXDTk1MDcxNzIzMzMxMlowOjELMAkGA1UEBhMCQVUxDDAKBgNVBAgTA1FM" + + "RDEdMBsGA1UEAxMUU1NMZWF5L3JzYSB0ZXN0IGNlcnQwXDANBgkqhkiG9w0BAQEF" + + "AANLADBIAkEAqtt6qS5GTxVxGZYWa0/4u+IwHf7p2LNZbcPBp9/OfIcYAXBQn8hO" + + "/Re1uwLKXdCjIoaGs4DLdG88rkzfyK5dPQIDAQABMAwGCCqGSIb3DQIFBQADQQAE" + + "Wc7EcF8po2/ZO6kNCwK/ICH6DobgLekA5lSLr5EvuioZniZp5lFzAw4+YzPQ7XKJ" + + "zl9HYIMxATFyqSiD9jsx"); + + // + // v3-cert1.pem + // + byte[] cert4 = Base64.decode( + "MIICjTCCAfigAwIBAgIEMaYgRzALBgkqhkiG9w0BAQQwRTELMAkGA1UEBhMCVVMx" + + "NjA0BgNVBAoTLU5hdGlvbmFsIEFlcm9uYXV0aWNzIGFuZCBTcGFjZSBBZG1pbmlz" + + "dHJhdGlvbjAmFxE5NjA1MjgxMzQ5MDUrMDgwMBcROTgwNTI4MTM0OTA1KzA4MDAw" + + "ZzELMAkGA1UEBhMCVVMxNjA0BgNVBAoTLU5hdGlvbmFsIEFlcm9uYXV0aWNzIGFu" + + "ZCBTcGFjZSBBZG1pbmlzdHJhdGlvbjEgMAkGA1UEBRMCMTYwEwYDVQQDEwxTdGV2" + + "ZSBTY2hvY2gwWDALBgkqhkiG9w0BAQEDSQAwRgJBALrAwyYdgxmzNP/ts0Uyf6Bp" + + "miJYktU/w4NG67ULaN4B5CnEz7k57s9o3YY3LecETgQ5iQHmkwlYDTL2fTgVfw0C" + + "AQOjgaswgagwZAYDVR0ZAQH/BFowWDBWMFQxCzAJBgNVBAYTAlVTMTYwNAYDVQQK" + + "Ey1OYXRpb25hbCBBZXJvbmF1dGljcyBhbmQgU3BhY2UgQWRtaW5pc3RyYXRpb24x" + + "DTALBgNVBAMTBENSTDEwFwYDVR0BAQH/BA0wC4AJODMyOTcwODEwMBgGA1UdAgQR" + + "MA8ECTgzMjk3MDgyM4ACBSAwDQYDVR0KBAYwBAMCBkAwCwYJKoZIhvcNAQEEA4GB" + + "AH2y1VCEw/A4zaXzSYZJTTUi3uawbbFiS2yxHvgf28+8Js0OHXk1H1w2d6qOHH21" + + "X82tZXd/0JtG0g1T9usFFBDvYK8O0ebgz/P5ELJnBL2+atObEuJy1ZZ0pBDWINR3" + + "WkDNLCGiTkCKp0F5EWIrVDwh54NNevkCQRZita+z4IBO"); + + // + // v3-cert2.pem + // + byte[] cert5 = Base64.decode( + "MIICiTCCAfKgAwIBAgIEMeZfHzANBgkqhkiG9w0BAQQFADB9MQswCQYDVQQGEwJD" + + "YTEPMA0GA1UEBxMGTmVwZWFuMR4wHAYDVQQLExVObyBMaWFiaWxpdHkgQWNjZXB0" + + "ZWQxHzAdBgNVBAoTFkZvciBEZW1vIFB1cnBvc2VzIE9ubHkxHDAaBgNVBAMTE0Vu" + + "dHJ1c3QgRGVtbyBXZWIgQ0EwHhcNOTYwNzEyMTQyMDE1WhcNOTYxMDEyMTQyMDE1" + + "WjB0MSQwIgYJKoZIhvcNAQkBExVjb29rZUBpc3NsLmF0bC5ocC5jb20xCzAJBgNV" + + "BAYTAlVTMScwJQYDVQQLEx5IZXdsZXR0IFBhY2thcmQgQ29tcGFueSAoSVNTTCkx" + + "FjAUBgNVBAMTDVBhdWwgQS4gQ29va2UwXDANBgkqhkiG9w0BAQEFAANLADBIAkEA" + + "6ceSq9a9AU6g+zBwaL/yVmW1/9EE8s5you1mgjHnj0wAILuoB3L6rm6jmFRy7QZT" + + "G43IhVZdDua4e+5/n1ZslwIDAQABo2MwYTARBglghkgBhvhCAQEEBAMCB4AwTAYJ" + + "YIZIAYb4QgENBD8WPVRoaXMgY2VydGlmaWNhdGUgaXMgb25seSBpbnRlbmRlZCBm" + + "b3IgZGVtb25zdHJhdGlvbiBwdXJwb3Nlcy4wDQYJKoZIhvcNAQEEBQADgYEAi8qc" + + "F3zfFqy1sV8NhjwLVwOKuSfhR/Z8mbIEUeSTlnH3QbYt3HWZQ+vXI8mvtZoBc2Fz" + + "lexKeIkAZXCesqGbs6z6nCt16P6tmdfbZF3I3AWzLquPcOXjPf4HgstkyvVBn0Ap" + + "jAFN418KF/Cx4qyHB4cjdvLrRjjQLnb2+ibo7QU="); + + byte[] cert6 = Base64.decode( + "MIIEDjCCAvagAwIBAgIEFAAq2jANBgkqhkiG9w0BAQUFADBLMSowKAYDVQQDEyFT" + + "dW4gTWljcm9zeXN0ZW1zIEluYyBDQSAoQ2xhc3MgQikxHTAbBgNVBAoTFFN1biBN" + + "aWNyb3N5c3RlbXMgSW5jMB4XDTA0MDIyOTAwNDMzNFoXDTA5MDMwMTAwNDMzNFow" + + "NzEdMBsGA1UEChMUU3VuIE1pY3Jvc3lzdGVtcyBJbmMxFjAUBgNVBAMTDXN0b3Jl" + + "LnN1bi5jb20wgZ8wDQYJKoZIhvcNAQEBBQADgY0AMIGJAoGBAP9ErzFT7MPg2bVV" + + "LNmHTgN4kmiRNlPpuLGWS7EDIXYBbLeSSOCp/e1ANcOGnsuf0WIq9ejd/CPyEfh4" + + "sWoVvQzpOfHZ/Jyei29PEuxzWT+4kQmCx3+sLK25lAnDFsz1KiFmB6Y3GJ/JSjpp" + + "L0Yy1R9YlIc82I8gSw44y5JDABW5AgMBAAGjggGQMIIBjDAOBgNVHQ8BAf8EBAMC" + + "BaAwHQYDVR0OBBYEFG1WB3PApZM7OPPVWJ31UrERaoKWMEcGA1UdIARAMD4wPAYL" + + "YIZIAYb3AIN9k18wLTArBggrBgEFBQcCARYfaHR0cDovL3d3dy5zdW4uY29tL3Br" + + "aS9jcHMuaHRtbDCBhQYDVR0fBH4wfDB6oCegJYYjaHR0cDovL3d3dy5zdW4uY29t" + + "L3BraS9wa2lzbWljYS5jcmyiT6RNMEsxKjAoBgNVBAMTIVN1biBNaWNyb3N5c3Rl" + + "bXMgSW5jIENBIChDbGFzcyBCKTEdMBsGA1UEChMUU3VuIE1pY3Jvc3lzdGVtcyBJ" + + "bmMwHwYDVR0jBBgwFoAUT7ZnqR/EEBSgG6h1wdYMI5RiiWswVAYIKwYBBQUHAQEE" + + "SDBGMB0GCCsGAQUFBzABhhFodHRwOi8vdmEuc3VuLmNvbTAlBggrBgEFBQcwAYYZ" + + "aHR0cDovL3ZhLmNlbnRyYWwuc3VuLmNvbTATBgNVHSUEDDAKBggrBgEFBQcDATAN" + + "BgkqhkiG9w0BAQUFAAOCAQEAq3byQgyU24tBpR07iQK7agm1zQyzDQ6itdbji0ln" + + "T7fOd5Pnp99iig8ovwWliNtXKAmgtJY60jWz7nEuk38AioZJhS+RPWIWX/+2PRV7" + + "s2aWTzM3n43BypD+jU2qF9c9kDWP/NW9K9IcrS7SfU/2MZVmiCMD/9FEL+CWndwE" + + "JJQ/oenXm44BFISI/NjV7fMckN8EayPvgtzQkD5KnEiggOD6HOrwTDFR+tmAEJ0K" + + "ZttQNwOzCOcEdxXTg6qBHUbONdL7bjTT5NzV+JR/bnfiCqHzdnGwfbHzhmrnXw8j" + + "QCVXcfBfL9++nmpNNRlnJMRdYGeCY6OAfh/PRo8/fXak1Q=="); + + byte[] cert7 = Base64.decode( + "MIIFJDCCBAygAwIBAgIKEcJZuwAAAAAABzANBgkqhkiG9w0BAQUFADAPMQ0wCwYD" + + "VQQDEwRNU0NBMB4XDTA0MDUyMjE2MTM1OFoXDTA1MDUyMjE2MjM1OFowaTEbMBkG" + + "CSqGSIb3DQEJCBMMMTkyLjE2OC4xLjMzMScwJQYJKoZIhvcNAQkCExhwaXhmaXJl" + + "d2FsbC5jaXNjb3BpeC5jb20xITAfBgNVBAMTGHBpeGZpcmV3YWxsLmNpc2NvcGl4" + + "LmNvbTB8MA0GCSqGSIb3DQEBAQUAA2sAMGgCYQCbcsY7vrjweXZiFQdhUafEjJV+" + + "HRy5UKmuCy0237ffmYrN+XNLw0h90cdCSK6KPZebd2E2Bc2UmTikc/FY8meBT3/E" + + "O/Osmywzi++Ur8/IrDvtuR1zd0c/xEPnV1ZRezkCAwEAAaOCAs4wggLKMAsGA1Ud" + + "DwQEAwIFoDAdBgNVHQ4EFgQUzJBSxkQiN9TKvhTMQ1/Aq4gZnHswHwYDVR0jBBgw" + + "FoAUMsxzXVh+5UKMNpwNHmqSfcRYfJ4wgfcGA1UdHwSB7zCB7DCB6aCB5qCB44aB" + + "r2xkYXA6Ly8vQ049TVNDQSxDTj1NQVVELENOPUNEUCxDTj1QdWJsaWMlMjBLZXkl" + + "MjBTZXJ2aWNlcyxDTj1TZXJ2aWNlcyxDTj1Db25maWd1cmF0aW9uLERDPWludCxE" + + "Qz1wcmltZWtleSxEQz1zZT9jZXJ0aWZpY2F0ZVJldm9jYXRpb25MaXN0P2Jhc2U/" + + "b2JqZWN0Q2xhc3M9Y1JMRGlzdHJpYnV0aW9uUG9pbnSGL2h0dHA6Ly9tYXVkLmlu" + + "dC5wcmltZWtleS5zZS9DZXJ0RW5yb2xsL01TQ0EuY3JsMIIBEAYIKwYBBQUHAQEE" + + "ggECMIH/MIGqBggrBgEFBQcwAoaBnWxkYXA6Ly8vQ049TVNDQSxDTj1BSUEsQ049" + + "UHVibGljJTIwS2V5JTIwU2VydmljZXMsQ049U2VydmljZXMsQ049Q29uZmlndXJh" + + "dGlvbixEQz1pbnQsREM9cHJpbWVrZXksREM9c2U/Y0FDZXJ0aWZpY2F0ZT9iYXNl" + + "P29iamVjdENsYXNzPWNlcnRpZmljYXRpb25BdXRob3JpdHkwUAYIKwYBBQUHMAKG" + + "RGh0dHA6Ly9tYXVkLmludC5wcmltZWtleS5zZS9DZXJ0RW5yb2xsL01BVUQuaW50" + + "LnByaW1la2V5LnNlX01TQ0EuY3J0MCwGA1UdEQEB/wQiMCCCGHBpeGZpcmV3YWxs" + + "LmNpc2NvcGl4LmNvbYcEwKgBITA/BgkrBgEEAYI3FAIEMh4wAEkAUABTAEUAQwBJ" + + "AG4AdABlAHIAbQBlAGQAaQBhAHQAZQBPAGYAZgBsAGkAbgBlMA0GCSqGSIb3DQEB" + + "BQUAA4IBAQCa0asiPbObLJjpSz6ndJ7y4KOWMiuuBc/VQBnLr7RBCF3ZlZ6z1+e6" + + "dmv8se/z11NgateKfxw69IhLCriA960HEgX9Z61MiVG+DrCFpbQyp8+hPFHoqCZN" + + "b7upc8k2OtJW6KPaP9k0DW52YQDIky4Vb2rZeC4AMCorWN+KlndHhr1HFA14HxwA" + + "4Mka0FM6HNWnBV2UmTjBZMDr/OrGH1jLYIceAaZK0X2R+/DWXeeqIga8jwP5empq" + + "JetYnkXdtTbEh3xL0BX+mZl8vDI+/PGcwox/7YjFmyFWphRMxk9CZ3rF2/FQWMJP" + + "YqQpKiQOmQg5NAhcwffLAuVjVVibPYqi"); + + byte[] cert8 = Base64.decode( + "MIIB0zCCATwCAQEwbqBsMGekZTBjMQswCQYDVQQGEwJERTELMAkGA1UECBMCQlkx" + + "EzARBgNVBAcTClJlZ2Vuc2J1cmcxEDAOBgNVBAoTB0FDIFRlc3QxCzAJBgNVBAsT" + + "AkNBMRMwEQYDVQQDEwpBQyBUZXN0IENBAgEBoHYwdKRyMHAxCzAJBgNVBAYTAkRF" + + "MQswCQYDVQQIEwJCWTETMBEGA1UEBxMKUmVnZW5zYnVyZzESMBAGA1UEChMJQUMg" + + "SXNzdWVyMRowGAYDVQQLExFBQyBJc3N1ZXIgc2VjdGlvbjEPMA0GA1UEAxMGQUMg" + + "TWFuMA0GCSqGSIb3DQEBBQUAAgEBMCIYDzIwMDQxMTI2MTI1MjUxWhgPMjAwNDEy" + + "MzEyMzAwMDBaMBkwFwYDVRhIMRAwDoEMREFVMTIzNDU2Nzg5MA0GCSqGSIb3DQEB" + + "BQUAA4GBABd4Odx3yEMGL/BvItuT1RafNR2uuWuZbajg0pD6bshUsl+WCIfRiEkq" + + "lHMkpI7WqAZikdnAEQ5jQsVWEuVejWxR6gjejKxc0fb9qpIui7/GoI5Eh6dmG20e" + + "xbwJL3+6YYFrZwxR8cC5rPvWrblUR5XKJy+Zp/H5+t9iANnL1L8J"); + + // V1 attribute certificate + private static final byte[] attrCertv1 = Base64.decode( + "MIIFdDCCBFygXTBbMFOkUTBPMQswCQYDVQQGEwJERTEcMBoGA1UECgwTRGV1" + + "dHNjaGUgVGVsZWtvbSBBRzEiMCAGA1UEAwwZVGVsZVNlYyBQS1MgU2lnRyBD" + + "QSAxNzpQTgIEG1toDjBTpFEwTzELMAkGA1UEBhMCREUxHDAaBgNVBAoME0Rl" + + "dXRzY2hlIFRlbGVrb20gQUcxIjAgBgNVBAMMGVRlbGVTZWMgUEtTIFNpZ0cg" + + "Q0EgMjU6UE4wDQYJKoZIhvcNAQELBQACBCep3f0wIhgPMjAxMDA0MTIxMTI5" + + "MTJaGA8yMDEyMDQxMjEwNTkyOFowggGmMIIBogYFKyQIAwgxggGXDIIBk1Ro" + + "ZSBxdWFsaWZpZWQgc2lnbmF0dXJlIGF0IGhhbmQgaXMgcmVzdHJpY3RlZCB0" + + "byBwcmVzZW50aW5nIGludm9pY2VzIG9yIGNyZWRpdHMgdG8gY3VzdG9tZXJz" + + "IGFjY29yZGluZyB0byBFVSBDb3VuY2lsIGRpcmVjdGl2ZSAyMDAxLzExNS9F" + + "QyAoMjB0aCBEZWNlbWJlciAyMDAxKSBhbmQgR2VybWFuIFZBVCB0YXggKMKn" + + "MTQgVVN0RykuICBEaWUgdm9ybGllZ2VuZGUgcXVhbGlmaXppZXJ0ZSBTaWdu" + + "YXR1ciBpc3QgYXVmIGRpZSAgUHJhZXNlbnRhdGlvbiB2b24gUmVjaG51bmdl" + + "biBvZGVyIEd1dHNjaHJpZnRlbiBnZW1hZXNzIEVVIERpcmVrdGl2ZSAyMDAx" + + "LzExNS9FQyAoMjAuIERlemVtYmVyIDIwMDEpIHVuZCBkZXV0c2NoZW0gVW1z" + + "YXR6c3RldWVyZ2VzZXR6ICAowqcxNCBVU3RHKSBiZXNjaHJhZW5rdC4wggHB" + + "MB8GA1UdIwQYMBaAFM6i1yR/z8IikpxpU/Fdh8BPxhq8MEMGA1UdIAQ8MDow" + + "OAYFKyQIAQEwLzAtBggrBgEFBQcCARYhaHR0cDovL3Brcy50ZWxlc2VjLmRl" + + "L2Nwcy9jcHMucGRmMIIBBAYDVR0fBIH8MIH5MIH2oG2ga4Y1bGRhcDovL3Br" + + "cy1sZGFwLnRlbGVzZWMuZGUvbz1EZXV0c2NoZSBUZWxla29tIEFHLGM9ZGWG" + + "Mmh0dHA6Ly9wa3MudGVsZXNlYy5kZS90ZWxlc2VjL3NlcnZsZXQvZG93bmxv" + + "YWRfY3JsooGEpIGBMH8xCzAJBgNVBAYTAkRFMRwwGgYDVQQKFBNEZXV0c2No" + + "ZSBUZWxla29tIEFHMR8wHQYDVQQLFBZQcm9kdWt0emVudHJ1bSBUZWxlU2Vj" + + "MTEwDAYHAoIGAQoHFBMBMTAhBgNVBAMUGlRlbGVTZWMgUEtTIFNpZ0cgRElS" + + "IDM1OlBOMDcGCCsGAQUFBwEBBCswKTAnBggrBgEFBQcwAYYbaHR0cDovL3Br" + + "cy50ZWxlc2VjLmRlL29jc3ByMBgGCCsGAQUFBwEDBAwwCjAIBgYEAI5GAQEw" + + "DQYJKoZIhvcNAQELBQADggEBAEz2OvU9YytJUKHMDQcND5njIyUXTkSrlWjV" + + "F28uwxVlveO4JPTAY7PvXy69HUuTPwlvqCfJIUF2RLPZFQx0wFto8ajC9v5X" + + "SqwQcINXRakpE6FPAdQFnH44TaIQWXW1hy9xr8GuD0uhQLTJGYqVzHfLoM8e" + + "llPNHUVhC7CEOxDb1PTHCUlQFNkFRmeeqzEVoj1F0pM6wI5zf8+w2WwrFPCD" + + "jrjEr/VoBRoEi/tKnsLq6oOkizUKT0KJEnSyYxoOa7euT1yX+Co94SPnMZi5" + + "qukHSj8Kiio6Jecl//qDPG/mHo1ro+8rH+rbze7EEfKMp5yeWCwXGthL9oYo" + + "RYl+UuI="); + + + // bad issuer certificate + private static final byte[] dudCert = Base64.decode( + "MIICLzCCAZgCBFp/9TowDQYJKoZIhvcNAQEFBQAwAjEAMB4XDTA4MDcyNTEzNTQ0" + + "MFoXDTEzMDgyNTA1MDAwMFowgboxCzAJBgNVBAYTAlVTMQ0wCwYDVQQIEwRJb3dh" + + "MRMwEQYDVQQHEwpEZXMgTW9pbmVzMT0wOwYDVQQKEzRTdGF0ZSBvZiBJb3dhLCBE" + + "ZXBhcnRtZW50IG9mIEFkbWluaXN0cmF0aXZlIFNlcnZpY2VzMSowKAYDVQQLEyFJ" + + "bmZvcm1hdGlvbiBUZWNobm9sb2d5IEVudGVycHJpc2UxHDAaBgNVBAMTE3d3dy5k" + + "b20uc3RhdGUuaWEudXMwgZ8wDQYJKoZIhvcNAQEBBQADgY0AMIGJAoGBAK0C7Jca" + + "C0RiD0hcBcPUdGc78y815yPuHGmF/A2K+3LbwfFXDhsY7ebRxHVfL7gt+nFBvJ2r" + + "MqDBIMHFB3vYdSnGbND41eso6cLnzkMVtSisG25Tat3F8BF/js54sa0mFEn4qMQ+" + + "6T6jxyPflsjKpmi6L7lfRdPNbBbKSmK9ik2lAgMBAAEwDQYJKoZIhvcNAQEFBQAD" + + "gYEAc9Rx95MiPzJiCn3nOoP+3PPQCGTyUcUWZfYKXuC7aOzMYUXes71Q3K1/W6Vy" + + "V2Tlrbj0KT8j2/kBmy8+7d5whnUklJNsH6VJMst3V4Uxvk3os+uaW0FHsW389sNY" + + "/5LdslDjfqV2nUc2GqDPn38PATL26SRJKlCvU2NagdID3WM=" + ); + + String[] subjects = + { + "C=AU,ST=Victoria,L=South Melbourne,O=Connect 4 Pty Ltd,OU=Webserver Team,CN=www2.connect4.com.au,E=webmaster@connect4.com.au", + "C=AU,ST=Victoria,L=South Melbourne,O=Connect 4 Pty Ltd,OU=Certificate Authority,CN=Connect 4 CA,E=webmaster@connect4.com.au", + "C=AU,ST=QLD,CN=SSLeay/rsa test cert", + "C=US,O=National Aeronautics and Space Administration,SERIALNUMBER=16+CN=Steve Schoch", + "E=cooke@issl.atl.hp.com,C=US,OU=Hewlett Packard Company (ISSL),CN=Paul A. Cooke", + "O=Sun Microsystems Inc,CN=store.sun.com", + "unstructuredAddress=192.168.1.33,unstructuredName=pixfirewall.ciscopix.com,CN=pixfirewall.ciscopix.com" + }; + + public String getName() + { + return "Certificate"; + } + + public void checkCertificate( + int id, + byte[] cert) + throws Exception + { + ByteArrayInputStream bIn = new ByteArrayInputStream(cert); + ASN1InputStream aIn = new ASN1InputStream(bIn); + + ASN1Sequence seq = (ASN1Sequence)aIn.readObject(); +// String dump = ASN1Dump.dumpAsString(seq); + + Certificate obj = Certificate.getInstance(seq); + TBSCertificate tbsCert = obj.getTBSCertificate(); + + if (!tbsCert.getSubject().toString().equals(subjects[id - 1])) + { + fail("failed subject test for certificate id " + id + " got " + tbsCert.getSubject().toString()); + } + + if (tbsCert.getVersionNumber() == 3) + { + Extensions ext = tbsCert.getExtensions(); + if (ext != null) + { + Enumeration en = ext.oids(); + while (en.hasMoreElements()) + { + ASN1ObjectIdentifier oid = (ASN1ObjectIdentifier)en.nextElement(); + Extension extVal = ext.getExtension(oid); + + ASN1OctetString oct = extVal.getExtnValue(); + ASN1InputStream extIn = new ASN1InputStream(new ByteArrayInputStream(oct.getOctets())); + + if (oid.equals(Extension.subjectKeyIdentifier)) + { + SubjectKeyIdentifier si = SubjectKeyIdentifier.getInstance(extIn.readObject()); + + if (!si.equals(SubjectKeyIdentifier.fromExtensions(ext))) + { + fail("SubjectKeyIdentifier not matched"); + } + } + else if (oid.equals(Extension.keyUsage)) + { + KeyUsage ku = KeyUsage.getInstance(extIn.readObject()); + + if (!ku.equals(KeyUsage.fromExtensions(ext))) + { + fail("KeyUsage not matched"); + } + } + else if (oid.equals(Extension.extendedKeyUsage)) + { + ExtendedKeyUsage ku = ExtendedKeyUsage.getInstance(extIn.readObject()); + + ASN1Sequence sq = (ASN1Sequence)ku.toASN1Primitive(); + for (int i = 0; i != sq.size(); i++) + { + ASN1ObjectIdentifier p = ASN1ObjectIdentifier.getInstance(KeyPurposeId.getInstance(sq.getObjectAt(i))); + } + + if (!ku.equals(ExtendedKeyUsage.fromExtensions(ext))) + { + fail("ExtendedKeyUsage not matched"); + } + } + else if (oid.equals(Extension.subjectAlternativeName)) + { + GeneralNames gn = GeneralNames.getInstance(extIn.readObject()); + + ASN1Sequence sq = (ASN1Sequence)gn.toASN1Primitive(); + for (int i = 0; i != sq.size(); i++) + { + GeneralName n = GeneralName.getInstance(sq.getObjectAt(i)); + } + } + else if (oid.equals(Extension.issuerAlternativeName)) + { + GeneralNames gn = GeneralNames.getInstance(extIn.readObject()); + + ASN1Sequence sq = (ASN1Sequence)gn.toASN1Primitive(); + for (int i = 0; i != sq.size(); i++) + { + GeneralName n = GeneralName.getInstance(sq.getObjectAt(i)); + } + } + else if (oid.equals(Extension.cRLDistributionPoints)) + { + CRLDistPoint p = CRLDistPoint.getInstance(extIn.readObject()); + + DistributionPoint[] points = p.getDistributionPoints(); + for (int i = 0; i != points.length; i++) + { + // do nothing + } + } + else if (oid.equals(Extension.certificatePolicies)) + { + ASN1Sequence cp = (ASN1Sequence)extIn.readObject(); + + for (int i = 0; i != cp.size(); i++) + { + PolicyInformation.getInstance(cp.getObjectAt(i)); + } + } + else if (oid.equals(Extension.authorityKeyIdentifier)) + { + AuthorityKeyIdentifier auth = AuthorityKeyIdentifier.getInstance(extIn.readObject()); + + if (!auth.equals(AuthorityKeyIdentifier.fromExtensions(ext))) + { + fail("AuthorityKeyIdentifier not matched"); + } + } + else if (oid.equals(Extension.basicConstraints)) + { + BasicConstraints bc = BasicConstraints.getInstance(extIn.readObject()); + + if (!bc.equals(BasicConstraints.fromExtensions(ext))) + { + fail("BasicConstraints not matched"); + } + } + else + { + //System.out.println(oid.getId()); + } + } + } + } + } + + + public void checkAttributeCertificate( + int id, + byte[] cert) + throws Exception + { + ByteArrayInputStream bIn; + ASN1InputStream aIn; + + bIn = new ByteArrayInputStream(cert); + aIn = new ASN1InputStream(bIn); + + ASN1Sequence seq = (ASN1Sequence) aIn.readObject(); +// String dump = ASN1Dump.dumpAsString(seq); + + AttributeCertificate obj = AttributeCertificate.getInstance(seq); + AttributeCertificateInfo acInfo = obj.getAcinfo(); + + // Version + if (!(acInfo.getVersion().equals(new ASN1Integer(1))) + && (!(acInfo.getVersion().equals(new ASN1Integer(2))))) + { + fail( + "failed AC Version test for id " + id); + } + + // Holder + Holder h = acInfo.getHolder(); + if (h == null) + { + fail( + "failed AC Holder test, it's null, for id " + id); + } + + // Issuer + AttCertIssuer aci = acInfo.getIssuer(); + if (aci == null) + { + fail( + "failed AC Issuer test, it's null, for id " + id); + } + + // Signature + AlgorithmIdentifier sig = acInfo.getSignature(); + if (sig == null) + { + fail( + "failed AC Signature test for id " + id); + } + + // Serial + ASN1Integer serial = acInfo.getSerialNumber(); + + // Validity + AttCertValidityPeriod validity = acInfo.getAttrCertValidityPeriod(); + if (validity == null) + { + fail("failed AC AttCertValidityPeriod test for id " + id); + } + + // Attributes + ASN1Sequence attribSeq = acInfo.getAttributes(); + Attribute att[] = new Attribute[attribSeq.size()]; + for (int i = 0; i < attribSeq.size(); i++) + { + att[i] = Attribute.getInstance(attribSeq.getObjectAt(i)); + } + + // IssuerUniqueId + // TODO, how to best test? + + // X509 Extensions + Extensions ext = acInfo.getExtensions(); + if (ext != null) + { + Enumeration en = ext.oids(); + while (en.hasMoreElements()) + { + ASN1ObjectIdentifier oid = (ASN1ObjectIdentifier) en + .nextElement(); + Extension extVal = ext.getExtension(oid); + } + } + } + + public void checkV1AttributeCertificate( + int id, + byte[] cert) + throws Exception + { + ByteArrayInputStream bIn; + ASN1InputStream aIn; + + bIn = new ByteArrayInputStream(cert); + aIn = new ASN1InputStream(bIn); + + ASN1Sequence seq = (ASN1Sequence) aIn.readObject(); + //String dump = ASN1Dump.dumpAsString(seq); + + AttributeCertificate obj = AttributeCertificate.getInstance(seq); + AttributeCertificateInfo acInfo = obj.getAcinfo(); + + // Version + if (!(acInfo.getVersion().equals(new ASN1Integer(0)))) + { + fail( + "failed AC Version test for id " + id); + } + + // Holder + Holder h = acInfo.getHolder(); + if (h == null) + { + fail( + "failed AC Holder test, it's null, for id " + id); + } + + // Issuer + AttCertIssuer aci = acInfo.getIssuer(); + if (aci == null) + { + fail( + "failed AC Issuer test, it's null, for id " + id); + } + + // Signature + AlgorithmIdentifier sig = acInfo.getSignature(); + if (sig == null) + { + fail( + "failed AC Signature test for id " + id); + } + + // Serial + ASN1Integer serial = acInfo.getSerialNumber(); + + // Validity + AttCertValidityPeriod validity = acInfo.getAttrCertValidityPeriod(); + if (validity == null) + { + fail("failed AC AttCertValidityPeriod test for id " + id); + } + + // Attributes + ASN1Sequence attribSeq = acInfo.getAttributes(); + Attribute att[] = new Attribute[attribSeq.size()]; + for (int i = 0; i < attribSeq.size(); i++) + { + att[i] = Attribute.getInstance(attribSeq.getObjectAt(i)); + } + + // IssuerUniqueId + // TODO, how to best test? + + // X509 Extensions + Extensions ext = acInfo.getExtensions(); + if (ext != null) + { + Enumeration en = ext.oids(); + while (en.hasMoreElements()) + { + ASN1ObjectIdentifier oid = (ASN1ObjectIdentifier) en + .nextElement(); + Extension extVal = ext.getExtension(oid); + } + } + } + + private void checkDudCertificate() + { + Certificate cert = Certificate.getInstance(dudCert); + + if (!"".equals(cert.getIssuer().toString())) + { + fail("empty issuer not recognised correctly"); + } + } + + public void performTest() + throws Exception + { + checkCertificate(1, cert1); + checkCertificate(2, cert2); + checkCertificate(3, cert3); + checkCertificate(4, cert4); + checkCertificate(5, cert5); + checkCertificate(6, cert6); + checkCertificate(7, cert7); + checkAttributeCertificate(8,cert8); + checkV1AttributeCertificate(9, attrCertv1); + checkDudCertificate(); + } + + public static void main( + String[] args) + { + runTest(new CertificateTest()); + } +} diff --git a/bcprov/src/main/java/org/bouncycastle/asn1/test/CommitmentTypeIndicationUnitTest.java b/bcprov/src/main/java/org/bouncycastle/asn1/test/CommitmentTypeIndicationUnitTest.java new file mode 100644 index 00000000..0ce1c236 --- /dev/null +++ b/bcprov/src/main/java/org/bouncycastle/asn1/test/CommitmentTypeIndicationUnitTest.java @@ -0,0 +1,103 @@ +package org.bouncycastle.asn1.test; + +import java.io.IOException; + +import org.bouncycastle.asn1.ASN1Encodable; +import org.bouncycastle.asn1.ASN1InputStream; +import org.bouncycastle.asn1.ASN1ObjectIdentifier; +import org.bouncycastle.asn1.ASN1Sequence; +import org.bouncycastle.asn1.DERSequence; +import org.bouncycastle.asn1.esf.CommitmentTypeIdentifier; +import org.bouncycastle.asn1.esf.CommitmentTypeIndication; +import org.bouncycastle.util.test.SimpleTest; + +public class CommitmentTypeIndicationUnitTest + extends SimpleTest +{ + public String getName() + { + return "CommitmentTypeIndication"; + } + + public void performTest() + throws Exception + { + CommitmentTypeIndication cti = new CommitmentTypeIndication(CommitmentTypeIdentifier.proofOfOrigin); + + checkConstruction(cti, CommitmentTypeIdentifier.proofOfOrigin, null); + + ASN1Sequence qualifier = new DERSequence(new ASN1ObjectIdentifier("1.2")); + + cti = new CommitmentTypeIndication(CommitmentTypeIdentifier.proofOfOrigin, qualifier); + + checkConstruction(cti, CommitmentTypeIdentifier.proofOfOrigin, qualifier); + + cti = CommitmentTypeIndication.getInstance(null); + + if (cti != null) + { + fail("null getInstance() failed."); + } + + try + { + CommitmentTypeIndication.getInstance(new Object()); + + fail("getInstance() failed to detect bad object."); + } + catch (IllegalArgumentException e) + { + // expected + } + } + + private void checkConstruction( + CommitmentTypeIndication mv, + ASN1ObjectIdentifier commitmenttTypeId, + ASN1Encodable qualifier) + throws IOException + { + checkStatement(mv, commitmenttTypeId, qualifier); + + mv = CommitmentTypeIndication.getInstance(mv); + + checkStatement(mv, commitmenttTypeId, qualifier); + + ASN1InputStream aIn = new ASN1InputStream(mv.toASN1Object().getEncoded()); + + ASN1Sequence seq = (ASN1Sequence)aIn.readObject(); + + mv = CommitmentTypeIndication.getInstance(seq); + + checkStatement(mv, commitmenttTypeId, qualifier); + } + + private void checkStatement( + CommitmentTypeIndication cti, + ASN1ObjectIdentifier commitmentTypeId, + ASN1Encodable qualifier) + { + if (!cti.getCommitmentTypeId().equals(commitmentTypeId)) + { + fail("commitmentTypeIds don't match."); + } + + if (qualifier != null) + { + if (!cti.getCommitmentTypeQualifier().equals(qualifier)) + { + fail("qualifiers don't match."); + } + } + else if (cti.getCommitmentTypeQualifier() != null) + { + fail("qualifier found when none expected."); + } + } + + public static void main( + String[] args) + { + runTest(new CommitmentTypeIndicationUnitTest()); + } +} diff --git a/bcprov/src/main/java/org/bouncycastle/asn1/test/CommitmentTypeQualifierUnitTest.java b/bcprov/src/main/java/org/bouncycastle/asn1/test/CommitmentTypeQualifierUnitTest.java new file mode 100644 index 00000000..2d782ba9 --- /dev/null +++ b/bcprov/src/main/java/org/bouncycastle/asn1/test/CommitmentTypeQualifierUnitTest.java @@ -0,0 +1,102 @@ +package org.bouncycastle.asn1.test; + +import java.io.IOException; + +import org.bouncycastle.asn1.ASN1Encodable; +import org.bouncycastle.asn1.ASN1InputStream; +import org.bouncycastle.asn1.ASN1ObjectIdentifier; +import org.bouncycastle.asn1.ASN1Sequence; +import org.bouncycastle.asn1.esf.CommitmentTypeIdentifier; +import org.bouncycastle.asn1.esf.CommitmentTypeQualifier; +import org.bouncycastle.util.test.SimpleTest; + +public class CommitmentTypeQualifierUnitTest + extends SimpleTest +{ + public String getName() + { + return "CommitmentTypeQualifier"; + } + + public void performTest() + throws Exception + { + CommitmentTypeQualifier ctq = new CommitmentTypeQualifier(CommitmentTypeIdentifier.proofOfOrigin); + + checkConstruction(ctq, CommitmentTypeIdentifier.proofOfOrigin, null); + + ASN1Encodable info = new ASN1ObjectIdentifier("1.2"); + + ctq = new CommitmentTypeQualifier(CommitmentTypeIdentifier.proofOfOrigin, info); + + checkConstruction(ctq, CommitmentTypeIdentifier.proofOfOrigin, info); + + ctq = CommitmentTypeQualifier.getInstance(null); + + if (ctq != null) + { + fail("null getInstance() failed."); + } + + try + { + CommitmentTypeQualifier.getInstance(new Object()); + + fail("getInstance() failed to detect bad object."); + } + catch (IllegalArgumentException e) + { + // expected + } + } + + private void checkConstruction( + CommitmentTypeQualifier mv, + ASN1ObjectIdentifier commitmenttTypeId, + ASN1Encodable qualifier) + throws IOException + { + checkStatement(mv, commitmenttTypeId, qualifier); + + mv = CommitmentTypeQualifier.getInstance(mv); + + checkStatement(mv, commitmenttTypeId, qualifier); + + ASN1InputStream aIn = new ASN1InputStream(mv.toASN1Object().getEncoded()); + + ASN1Sequence seq = (ASN1Sequence)aIn.readObject(); + + mv = CommitmentTypeQualifier.getInstance(seq); + + checkStatement(mv, commitmenttTypeId, qualifier); + } + + private void checkStatement( + CommitmentTypeQualifier ctq, + ASN1ObjectIdentifier commitmentTypeId, + ASN1Encodable qualifier) + { + if (!ctq.getCommitmentTypeIdentifier().equals(commitmentTypeId)) + { + fail("commitmentTypeIds don't match."); + } + + if (qualifier != null) + { + if (!ctq.getQualifier().equals(qualifier)) + { + fail("qualifiers don't match."); + } + } + else if (ctq.getQualifier() != null) + { + fail("qualifier found when none expected."); + } + } + + public static void main( + String[] args) + { + runTest(new CommitmentTypeQualifierUnitTest()); + } +} diff --git a/bcprov/src/main/java/org/bouncycastle/asn1/test/ContentHintsUnitTest.java b/bcprov/src/main/java/org/bouncycastle/asn1/test/ContentHintsUnitTest.java new file mode 100644 index 00000000..1ae15e7b --- /dev/null +++ b/bcprov/src/main/java/org/bouncycastle/asn1/test/ContentHintsUnitTest.java @@ -0,0 +1,87 @@ +package org.bouncycastle.asn1.test; + +import java.io.IOException; + +import org.bouncycastle.asn1.ASN1InputStream; +import org.bouncycastle.asn1.ASN1ObjectIdentifier; +import org.bouncycastle.asn1.ASN1Sequence; +import org.bouncycastle.asn1.DERUTF8String; +import org.bouncycastle.asn1.ess.ContentHints; + +public class ContentHintsUnitTest + extends ASN1UnitTest +{ + public String getName() + { + return "ContentHints"; + } + + public void performTest() + throws Exception + { + DERUTF8String contentDescription = new DERUTF8String("Description"); + ASN1ObjectIdentifier contentType = new ASN1ObjectIdentifier("1.2.2.3"); + + ContentHints hints = new ContentHints(contentType); + + checkConstruction(hints, contentType, null); + + hints = new ContentHints(contentType, contentDescription); + + checkConstruction(hints, contentType, contentDescription); + + hints = ContentHints.getInstance(null); + + if (hints != null) + { + fail("null getInstance() failed."); + } + + try + { + ContentHints.getInstance(new Object()); + + fail("getInstance() failed to detect bad object."); + } + catch (IllegalArgumentException e) + { + // expected + } + } + + private void checkConstruction( + ContentHints hints, + ASN1ObjectIdentifier contentType, + DERUTF8String description) + throws IOException + { + checkValues(hints, contentType, description); + + hints = ContentHints.getInstance(hints); + + checkValues(hints, contentType, description); + + ASN1InputStream aIn = new ASN1InputStream(hints.toASN1Primitive().getEncoded()); + + ASN1Sequence seq = (ASN1Sequence)aIn.readObject(); + + hints = ContentHints.getInstance(seq); + + checkValues(hints, contentType, description); + } + + private void checkValues( + ContentHints hints, + ASN1ObjectIdentifier contentType, + DERUTF8String description) + { + checkMandatoryField("contentType", contentType, hints.getContentType()); + checkOptionalField("description", description, hints.getContentDescription()); + } + + public static void main( + String[] args) + { + runTest(new ContentHintsUnitTest()); + } +} diff --git a/bcprov/src/main/java/org/bouncycastle/asn1/test/CscaMasterListTest.java b/bcprov/src/main/java/org/bouncycastle/asn1/test/CscaMasterListTest.java new file mode 100644 index 00000000..c8700697 --- /dev/null +++ b/bcprov/src/main/java/org/bouncycastle/asn1/test/CscaMasterListTest.java @@ -0,0 +1,49 @@ +package org.bouncycastle.asn1.test; + +import java.io.IOException; + +import org.bouncycastle.asn1.ASN1Primitive; +import org.bouncycastle.asn1.icao.CscaMasterList; +import org.bouncycastle.util.Arrays; +import org.bouncycastle.util.io.Streams; +import org.bouncycastle.util.test.SimpleTest; + +public class CscaMasterListTest + extends SimpleTest +{ + public String getName() + { + return "CscaMasterList"; + } + + public void performTest() + throws Exception + { + byte[] input = getInput("masterlist-content.data"); + CscaMasterList parsedList + = CscaMasterList.getInstance(ASN1Primitive.fromByteArray(input)); + + if (parsedList.getCertStructs().length != 3) + { + fail("Cert structure parsing failed: incorrect length"); + } + + byte[] output = parsedList.getEncoded(); + if (!Arrays.areEqual(input, output)) + { + fail("Encoding failed after parse"); + } + } + + private byte[] getInput(String name) + throws IOException + { + return Streams.readAll(getClass().getResourceAsStream(name)); + } + + public static void main( + String[] args) + { + runTest(new CscaMasterListTest()); + } +} diff --git a/bcprov/src/main/java/org/bouncycastle/asn1/test/DERApplicationSpecificTest.java b/bcprov/src/main/java/org/bouncycastle/asn1/test/DERApplicationSpecificTest.java new file mode 100644 index 00000000..2e047dee --- /dev/null +++ b/bcprov/src/main/java/org/bouncycastle/asn1/test/DERApplicationSpecificTest.java @@ -0,0 +1,77 @@ +package org.bouncycastle.asn1.test; + +import org.bouncycastle.asn1.ASN1Encoding; +import org.bouncycastle.asn1.ASN1Integer; +import org.bouncycastle.asn1.ASN1Primitive; +import org.bouncycastle.asn1.BERTags; +import org.bouncycastle.asn1.DERApplicationSpecific; +import org.bouncycastle.util.Arrays; +import org.bouncycastle.util.encoders.Hex; +import org.bouncycastle.util.test.SimpleTest; + +public class DERApplicationSpecificTest + extends SimpleTest +{ + private static final byte[] impData = Hex.decode("430109"); + + private static final byte[] certData = Hex.decode( + "7F218201897F4E8201495F290100420E44454356434145504153533030317F49" + + "81FD060A04007F00070202020202811CD7C134AA264366862A18302575D1D787" + + "B09F075797DA89F57EC8C0FF821C68A5E62CA9CE6C1C299803A6C1530B514E18" + + "2AD8B0042A59CAD29F43831C2580F63CCFE44138870713B1A92369E33E2135D2" + + "66DBB372386C400B8439040D9029AD2C7E5CF4340823B2A87DC68C9E4CE3174C" + + "1E6EFDEE12C07D58AA56F772C0726F24C6B89E4ECDAC24354B9E99CAA3F6D376" + + "1402CD851CD7C134AA264366862A18302575D0FB98D116BC4B6DDEBCA3A5A793" + + "9F863904393EE8E06DB6C7F528F8B4260B49AA93309824D92CDB1807E5437EE2" + + "E26E29B73A7111530FA86B350037CB9415E153704394463797139E148701015F" + + "200E44454356434145504153533030317F4C0E060904007F0007030102015301" + + "C15F25060007000400015F24060009000400015F37384CCF25C59F3612EEE188" + + "75F6C5F2E2D21F0395683B532A26E4C189B71EFE659C3F26E0EB9AEAE9986310" + + "7F9B0DADA16414FFA204516AEE2B"); + + public String getName() + { + return "DERApplicationSpecific"; + } + + public void performTest() + throws Exception + { + ASN1Integer value = new ASN1Integer(9); + + DERApplicationSpecific tagged = new DERApplicationSpecific(false, 3, value); + + if (!areEqual(impData, tagged.getEncoded())) + { + fail("implicit encoding failed"); + } + + ASN1Integer recVal = (ASN1Integer)tagged.getObject(BERTags.INTEGER); + + if (!value.equals(recVal)) + { + fail("implicit read back failed"); + } + + DERApplicationSpecific certObj = (DERApplicationSpecific) + ASN1Primitive.fromByteArray(certData); + + if (!certObj.isConstructed() || certObj.getApplicationTag() != 33) + { + fail("parsing of certificate data failed"); + } + + byte[] encoded = certObj.getEncoded(ASN1Encoding.DER); + + if (!Arrays.areEqual(certData, encoded)) + { + fail("re-encoding of certificate data failed"); + } + } + + public static void main( + String[] args) + { + runTest(new DERApplicationSpecificTest()); + } +} diff --git a/bcprov/src/main/java/org/bouncycastle/asn1/test/DERUTF8StringTest.java b/bcprov/src/main/java/org/bouncycastle/asn1/test/DERUTF8StringTest.java new file mode 100644 index 00000000..7e38d7da --- /dev/null +++ b/bcprov/src/main/java/org/bouncycastle/asn1/test/DERUTF8StringTest.java @@ -0,0 +1,101 @@ +package org.bouncycastle.asn1.test; + +import org.bouncycastle.asn1.DEROctetString; +import org.bouncycastle.asn1.DERUTF8String; +import org.bouncycastle.util.Arrays; +import org.bouncycastle.util.Strings; +import org.bouncycastle.util.test.SimpleTestResult; +import org.bouncycastle.util.test.Test; +import org.bouncycastle.util.test.TestResult; + +public class DERUTF8StringTest + implements Test +{ + + /** + * Unicode code point U+10400 coded as surrogate in two native Java UTF-16 + * code units + */ + private final static char[] glyph1_utf16 = { 0xd801, 0xdc00 }; + + /** + * U+10400 coded in UTF-8 + */ + private final static byte[] glyph1_utf8 = { (byte)0xF0, (byte)0x90, (byte)0x90, (byte)0x80 }; + + /** + * Unicode code point U+6771 in native Java UTF-16 + */ + private final static char[] glyph2_utf16 = { 0x6771 }; + + /** + * U+6771 coded in UTF-8 + */ + private final static byte[] glyph2_utf8 = { (byte)0xE6, (byte)0x9D, (byte)0xB1 }; + + /** + * Unicode code point U+00DF in native Java UTF-16 + */ + private final static char[] glyph3_utf16 = { 0x00DF }; + + /** + * U+00DF coded in UTF-8 + */ + private final static byte[] glyph3_utf8 = { (byte)0xC3, (byte)0x9f }; + + /** + * Unicode code point U+0041 in native Java UTF-16 + */ + private final static char[] glyph4_utf16 = { 0x0041 }; + + /** + * U+0041 coded in UTF-8 + */ + private final static byte[] glyph4_utf8 = { 0x41 }; + + private final static byte[][] glyphs_utf8 = { glyph1_utf8, glyph2_utf8, glyph3_utf8, glyph4_utf8 }; + + private final static char[][] glyphs_utf16 = { glyph1_utf16, glyph2_utf16, glyph3_utf16, glyph4_utf16 }; + + public TestResult perform() + { + try + { + for (int i = 0; i < glyphs_utf16.length; i++) + { + String s = new String(glyphs_utf16[i]); + byte[] b1 = new DERUTF8String(s).getEncoded(); + byte temp[] = new byte[b1.length - 2]; + System.arraycopy(b1, 2, temp, 0, b1.length - 2); + byte[] b2 = new DERUTF8String(Strings.fromUTF8ByteArray(new DEROctetString(temp).getOctets())).getEncoded(); + if (!Arrays.areEqual(b1, b2)) + { + return new SimpleTestResult(false, getName() + ": failed UTF-8 encoding and decoding"); + } + if (!Arrays.areEqual(temp, glyphs_utf8[i])) + { + return new SimpleTestResult(false, getName() + ": failed UTF-8 encoding and decoding"); + } + } + } + catch (Exception e) + { + return new SimpleTestResult(false, getName() + ": failed with Exception " + e.getMessage()); + } + + return new SimpleTestResult(true, getName() + ": Okay"); + } + + public String getName() + { + return "DERUTF8String"; + } + + public static void main(String[] args) + { + DERUTF8StringTest test = new DERUTF8StringTest(); + TestResult result = test.perform(); + + System.out.println(result); + } +} diff --git a/bcprov/src/main/java/org/bouncycastle/asn1/test/DataGroupHashUnitTest.java b/bcprov/src/main/java/org/bouncycastle/asn1/test/DataGroupHashUnitTest.java new file mode 100644 index 00000000..85f01e98 --- /dev/null +++ b/bcprov/src/main/java/org/bouncycastle/asn1/test/DataGroupHashUnitTest.java @@ -0,0 +1,106 @@ +package org.bouncycastle.asn1.test; + +import java.io.IOException; +import java.util.Random; + +import org.bouncycastle.asn1.ASN1InputStream; +import org.bouncycastle.asn1.ASN1OctetString; +import org.bouncycastle.asn1.ASN1Sequence; +import org.bouncycastle.asn1.DEROctetString; +import org.bouncycastle.asn1.icao.DataGroupHash; +import org.bouncycastle.util.test.SimpleTest; + +public class DataGroupHashUnitTest + extends SimpleTest +{ + public String getName() + { + return "DataGroupHash"; + } + + private byte[] generateHash() + { + Random rand = new Random(); + byte[] bytes = new byte[20]; + + for (int i = 0; i != bytes.length; i++) + { + bytes[i] = (byte)rand.nextInt(); + } + + return bytes; + } + + public void performTest() + throws Exception + { + int dataGroupNumber = 1; + ASN1OctetString dataHash = new DEROctetString(generateHash()); + DataGroupHash dg = new DataGroupHash(dataGroupNumber, dataHash); + + checkConstruction(dg, dataGroupNumber, dataHash); + + try + { + DataGroupHash.getInstance(null); + } + catch (Exception e) + { + fail("getInstance() failed to handle null."); + } + + try + { + DataGroupHash.getInstance(new Object()); + + fail("getInstance() failed to detect bad object."); + } + catch (IllegalArgumentException e) + { + // expected + } + } + + private void checkConstruction( + DataGroupHash dg, + int dataGroupNumber, + ASN1OctetString dataGroupHashValue) + throws IOException + { + checkValues(dg, dataGroupNumber, dataGroupHashValue); + + dg = DataGroupHash.getInstance(dg); + + checkValues(dg, dataGroupNumber, dataGroupHashValue); + + ASN1InputStream aIn = new ASN1InputStream(dg.toASN1Object().getEncoded()); + + ASN1Sequence seq = (ASN1Sequence)aIn.readObject(); + + dg = DataGroupHash.getInstance(seq); + + checkValues(dg, dataGroupNumber, dataGroupHashValue); + } + + private void checkValues( + DataGroupHash dg, + int dataGroupNumber, + ASN1OctetString dataGroupHashValue) + { + if (dg.getDataGroupNumber() != dataGroupNumber) + { + fail("group number don't match."); + } + + if (!dg.getDataGroupHashValue().equals(dataGroupHashValue)) + { + fail("hash value don't match."); + } + } + + public static void main( + String[] args) + { + runTest(new DataGroupHashUnitTest()); + } +} diff --git a/bcprov/src/main/java/org/bouncycastle/asn1/test/DeclarationOfMajorityUnitTest.java b/bcprov/src/main/java/org/bouncycastle/asn1/test/DeclarationOfMajorityUnitTest.java new file mode 100644 index 00000000..cd42340c --- /dev/null +++ b/bcprov/src/main/java/org/bouncycastle/asn1/test/DeclarationOfMajorityUnitTest.java @@ -0,0 +1,90 @@ +package org.bouncycastle.asn1.test; + +import java.io.IOException; + +import org.bouncycastle.asn1.ASN1GeneralizedTime; +import org.bouncycastle.asn1.ASN1InputStream; +import org.bouncycastle.asn1.DERTaggedObject; +import org.bouncycastle.asn1.isismtt.x509.DeclarationOfMajority; + +public class DeclarationOfMajorityUnitTest + extends ASN1UnitTest +{ + public String getName() + { + return "DeclarationOfMajority"; + } + + public void performTest() + throws Exception + { + ASN1GeneralizedTime dateOfBirth = new ASN1GeneralizedTime("20070315173729Z"); + DeclarationOfMajority decl = new DeclarationOfMajority(dateOfBirth); + + checkConstruction(decl, DeclarationOfMajority.dateOfBirth, dateOfBirth, -1); + + decl = new DeclarationOfMajority(6); + + checkConstruction(decl, DeclarationOfMajority.notYoungerThan, null, 6); + + decl = DeclarationOfMajority.getInstance(null); + + if (decl != null) + { + fail("null getInstance() failed."); + } + + try + { + DeclarationOfMajority.getInstance(new Object()); + + fail("getInstance() failed to detect bad object."); + } + catch (IllegalArgumentException e) + { + // expected + } + } + + private void checkConstruction( + DeclarationOfMajority decl, + int type, + ASN1GeneralizedTime dateOfBirth, + int notYoungerThan) + throws IOException + { + checkValues(decl, type, dateOfBirth, notYoungerThan); + + decl = DeclarationOfMajority.getInstance(decl); + + checkValues(decl, type, dateOfBirth, notYoungerThan); + + ASN1InputStream aIn = new ASN1InputStream(decl.toASN1Object().getEncoded()); + + DERTaggedObject info = (DERTaggedObject)aIn.readObject(); + + decl = DeclarationOfMajority.getInstance(info); + + checkValues(decl, type, dateOfBirth, notYoungerThan); + } + + private void checkValues( + DeclarationOfMajority decl, + int type, + ASN1GeneralizedTime dateOfBirth, + int notYoungerThan) + { + checkMandatoryField("type", type, decl.getType()); + checkOptionalField("dateOfBirth", dateOfBirth, decl.getDateOfBirth()); + if (notYoungerThan != -1 && notYoungerThan != decl.notYoungerThan()) + { + fail("notYoungerThan mismatch"); + } + } + + public static void main( + String[] args) + { + runTest(new DeclarationOfMajorityUnitTest()); + } +} diff --git a/bcprov/src/main/java/org/bouncycastle/asn1/test/ESSCertIDv2UnitTest.java b/bcprov/src/main/java/org/bouncycastle/asn1/test/ESSCertIDv2UnitTest.java new file mode 100644 index 00000000..e8978cad --- /dev/null +++ b/bcprov/src/main/java/org/bouncycastle/asn1/test/ESSCertIDv2UnitTest.java @@ -0,0 +1,33 @@ +package org.bouncycastle.asn1.test; + +import org.bouncycastle.asn1.ASN1Primitive; +import org.bouncycastle.asn1.ess.ESSCertIDv2; +import org.bouncycastle.asn1.nist.NISTObjectIdentifiers; +import org.bouncycastle.asn1.x509.AlgorithmIdentifier; + +public class ESSCertIDv2UnitTest + extends ASN1UnitTest +{ + public String getName() + { + return "ESSCertIDv2"; + } + + public void performTest() + throws Exception + { + // check getInstance on default algorithm. + byte[] digest = new byte [256]; + ESSCertIDv2 essCertIdv2 = new ESSCertIDv2(new AlgorithmIdentifier( + NISTObjectIdentifiers.id_sha256), digest); + ASN1Primitive asn1Object = essCertIdv2.toASN1Primitive(); + + ESSCertIDv2.getInstance(asn1Object); + } + + public static void main( + String[] args) + { + runTest(new ESSCertIDv2UnitTest()); + } +}
\ No newline at end of file diff --git a/bcprov/src/main/java/org/bouncycastle/asn1/test/EncryptedPrivateKeyInfoTest.java b/bcprov/src/main/java/org/bouncycastle/asn1/test/EncryptedPrivateKeyInfoTest.java new file mode 100644 index 00000000..f4732cf2 --- /dev/null +++ b/bcprov/src/main/java/org/bouncycastle/asn1/test/EncryptedPrivateKeyInfoTest.java @@ -0,0 +1,135 @@ +package org.bouncycastle.asn1.test; + +import java.io.ByteArrayInputStream; +import java.io.ByteArrayOutputStream; + +import org.bouncycastle.asn1.ASN1InputStream; +import org.bouncycastle.asn1.ASN1Primitive; +import org.bouncycastle.asn1.DEROutputStream; +import org.bouncycastle.asn1.pkcs.EncryptedPrivateKeyInfo; +import org.bouncycastle.asn1.util.ASN1Dump; +import org.bouncycastle.util.encoders.Base64; +import org.bouncycastle.util.test.SimpleTest; + +/** + * Test the reading and writing of EncryptedPrivateKeyInfo objects using + * the test vectors provided at + * <a href=http://www.rsasecurity.com/rsalabs/pkcs/pkcs-5/index.html> + * RSA's PKCS5 Page</a>. + * <br> + * The vectors are Base 64 encoded and encrypted using the password "password" + * (without quotes). They should all yield the same PrivateKeyInfo object. + */ +public class EncryptedPrivateKeyInfoTest + extends SimpleTest +{ + static byte[] sample1 = Base64.decode( + "MIIBozA9BgkqhkiG9w0BBQ0wMDAbBgkqhkiG9w0BBQwwDgQIfWBDXwLp4K4CAggA" + + "MBEGBSsOAwIHBAiaCF/AvOgQ6QSCAWDWX4BdAzCRNSQSANSuNsT5X8mWYO27mr3Y" + + "9c9LoBVXGNmYWKA77MI4967f7SmjNcgXj3xNE/jmnVz6hhsjS8E5VPT3kfyVkpdZ" + + "0lr5e9Yk2m3JWpPU7++v5zBkZmC4V/MwV/XuIs6U+vykgzMgpxQg0oZKS9zgmiZo" + + "f/4dOCL0UtCDnyOSvqT7mCVIcMDIEKu8QbVlgZYBop08l60EuEU3gARUo8WsYQmO" + + "Dz/ldx0Z+znIT0SXVuOwc+RVItC5T/Qx+aijmmpt+9l14nmaGBrEkmuhmtdvU/4v" + + "aptewGRgmjOfD6cqK+zs0O5NrrJ3P/6ZSxXj91CQgrThGfOv72bUncXEMNtc8pks" + + "2jpHFjGMdKufnadAD7XuMgzkkaklEXZ4f5tU6heIIwr51g0GBEGF96gYPFnjnSQM" + + "75JE02Clo+DfcfXpcybPTwwFg2jd6JTTOfkdf6OdSlA/1XNK43FA"); + + static byte[] sample2 = Base64.decode( + "MIIBpjBABgkqhkiG9w0BBQ0wMzAbBgkqhkiG9w0BBQwwDgQIeFeOWl1jywYCAggA" + + "MBQGCCqGSIb3DQMHBAjUJ5eGBhQGtQSCAWBrHrRgqO8UUMLcWzZEtpk1l3mjxiF/" + + "koCMkHsFwowgyWhEbgIkTgbSViK54LVK8PskekcGNLph+rB6bGZ7pPbL5pbXASJ8" + + "+MkQcG3FZdlS4Ek9tTJDApj3O1UubZGFG4uvTlJJFbF1BOJ3MkY3XQ9Gl1qwv7j5" + + "6e103Da7Cq9+oIDKmznza78XXQYrUsPo8mJGjUxPskEYlzwvHjKubRnYm/K6RKhi" + + "5f4zX4BQ/Dt3H812ZjRXrsjAJP0KrD/jyD/jCT7zNBVPH1izBds+RwizyQAHwfNJ" + + "BFR78TH4cgzB619X47FDVOnT0LqQNVd0O3cSwnPrXE9XR3tPayE+iOB15llFSmi8" + + "z0ByOXldEpkezCn92Umk++suzIVj1qfsK+bv2phZWJPbLEIWPDRHUbYf76q5ArAr" + + "u4xtxT/hoK3krEs/IN3d70qjlUJ36SEw1UaZ82PWhakQbdtu39ZraMJB"); + + static byte[] sample3 = Base64.decode( + "MIIBrjBIBgkqhkiG9w0BBQ0wOzAeBgkqhkiG9w0BBQwwEQQIrHyQPBZqWLUCAggA" + + "AgEQMBkGCCqGSIb3DQMCMA0CAToECEhbh7YZKiPSBIIBYCT1zp6o5jpFlIkgwPop" + + "7bW1+8ACr4exqzkeb3WflQ8cWJ4cURxzVdvxUnXeW1VJdaQZtjS/QHs5GhPTG/0f" + + "wtvnaPfwrIJ3FeGaZfcg2CrYhalOFmEb4xrE4KyoEQmUN8tb/Cg94uzd16BOPw21" + + "RDnE8bnPdIGY7TyL95kbkqH23mK53pi7h+xWIgduW+atIqDyyt55f7WMZcvDvlj6" + + "VpN/V0h+qxBHL274WA4dj6GYgeyUFpi60HdGCK7By2TBy8h1ZvKGjmB9h8jZvkx1" + + "MkbRumXxyFsowTZawyYvO8Um6lbfEDP9zIEUq0IV8RqH2MRyblsPNSikyYhxX/cz" + + "tdDxRKhilySbSBg5Kr8OfcwKp9bpinN96nmG4xr3Tch1bnVvqJzOQ5+Vva2WwVvH" + + "2JkWvYm5WaANg4Q6bRxu9vz7DuhbJjQdZbxFezIAgrJdSe92B00jO/0Kny1WjiVO" + + "6DA="); + + public String getName() + { + return "EncryptedPrivateKeyInfoTest"; + } + + private void test( + int id, + byte[] sample) + { + ByteArrayInputStream bIn = new ByteArrayInputStream(sample); + ASN1InputStream aIn = new ASN1InputStream(bIn); + EncryptedPrivateKeyInfo info = null; + + try + { + info = EncryptedPrivateKeyInfo.getInstance(aIn.readObject()); + } + catch (Exception e) + { + fail("test " + id + " failed construction - exception " + e.toString(), e); + } + + ByteArrayOutputStream bOut = new ByteArrayOutputStream(); + DEROutputStream dOut = new DEROutputStream(bOut); + + try + { + dOut.writeObject(info); + } + catch (Exception e) + { + fail("test " + id + " failed writing - exception " + e.toString(), e); + } + + byte[] bytes = bOut.toByteArray(); + + if (bytes.length != sample.length) + { + try + { + bIn = new ByteArrayInputStream(bytes); + aIn = new ASN1InputStream(bIn); + + ASN1Primitive obj = aIn.readObject(); + + fail("test " + id + " length mismatch - expected " + sample.length + System.getProperty("line.separator") + ASN1Dump.dumpAsString(info) + " got " + bytes.length + System.getProperty("line.separator") + ASN1Dump.dumpAsString(obj)); + } + catch (Exception e) + { + fail("test " + id + " length mismatch - exception " + e.toString()); + } + } + + for (int i = 0; i != bytes.length; i++) + { + if (bytes[i] != sample[i]) + { + fail("test " + id + " data mismatch"); + } + } + } + + public void performTest() + { + test(0, sample1); + test(1, sample2); + test(2, sample3); + } + + + public static void main( + String[] args) + { + runTest(new EncryptedPrivateKeyInfoTest()); + } +} diff --git a/bcprov/src/main/java/org/bouncycastle/asn1/test/EnumeratedTest.java b/bcprov/src/main/java/org/bouncycastle/asn1/test/EnumeratedTest.java new file mode 100644 index 00000000..c1c3b3bf --- /dev/null +++ b/bcprov/src/main/java/org/bouncycastle/asn1/test/EnumeratedTest.java @@ -0,0 +1,115 @@ +package org.bouncycastle.asn1.test; + +import java.io.IOException; + +import junit.framework.TestCase; + +import org.bouncycastle.asn1.ASN1Boolean; +import org.bouncycastle.asn1.ASN1Enumerated; +import org.bouncycastle.asn1.ASN1ObjectIdentifier; +import org.bouncycastle.asn1.ASN1Primitive; +import org.bouncycastle.asn1.ASN1Sequence; +import org.bouncycastle.util.encoders.Hex; + +/** + * Tests used to verify correct decoding of the ENUMERATED type. + */ +public class EnumeratedTest + extends TestCase +{ + /** + * Test vector used to test decoding of multiple items. This sample uses an ENUMERATED and a BOOLEAN. + */ + private static final byte[] MultipleSingleByteItems = Hex.decode("30060a01010101ff"); + + /** + * Test vector used to test decoding of multiple items. This sample uses two ENUMERATEDs. + */ + private static final byte[] MultipleDoubleByteItems = Hex.decode("30080a0201010a020202"); + + /** + * Test vector used to test decoding of multiple items. This sample uses an ENUMERATED and an OBJECT IDENTIFIER. + */ + private static final byte[] MultipleTripleByteItems = Hex.decode("300a0a0301010106032b0601"); + + /** + * Makes sure multiple identically sized values are parsed correctly. + */ + public void testReadingMultipleSingleByteItems() + throws IOException + { + ASN1Primitive obj = ASN1Primitive.fromByteArray(MultipleSingleByteItems); + + assertTrue("Null ASN.1 SEQUENCE", obj instanceof ASN1Sequence); + + ASN1Sequence sequence = (ASN1Sequence)obj; + + assertEquals("2 items expected", 2, sequence.size()); + + ASN1Enumerated enumerated = ASN1Enumerated.getInstance(sequence.getObjectAt(0)); + + assertNotNull("ENUMERATED expected", enumerated); + + assertEquals("Unexpected ENUMERATED value", 1, enumerated.getValue().intValue()); + + ASN1Boolean b = ASN1Boolean.getInstance(sequence.getObjectAt(1)); + + assertNotNull("BOOLEAN expected", b); + + assertTrue("Unexpected BOOLEAN value", b.isTrue()); + } + + /** + * Makes sure multiple identically sized values are parsed correctly. + */ + public void testReadingMultipleDoubleByteItems() + throws IOException + { + ASN1Primitive obj = ASN1Primitive.fromByteArray(MultipleDoubleByteItems); + + assertTrue("Null ASN.1 SEQUENCE", obj instanceof ASN1Sequence); + + ASN1Sequence sequence = (ASN1Sequence)obj; + + assertEquals("2 items expected", 2, sequence.size()); + + ASN1Enumerated enumerated1 = ASN1Enumerated.getInstance(sequence.getObjectAt(0)); + + assertNotNull("ENUMERATED expected", enumerated1); + + assertEquals("Unexpected ENUMERATED value", 257, enumerated1.getValue().intValue()); + + ASN1Enumerated enumerated2 = ASN1Enumerated.getInstance(sequence.getObjectAt(1)); + + assertNotNull("ENUMERATED expected", enumerated2); + + assertEquals("Unexpected ENUMERATED value", 514, enumerated2.getValue().intValue()); + } + + /** + * Makes sure multiple identically sized values are parsed correctly. + */ + public void testReadingMultipleTripleByteItems() + throws IOException + { + ASN1Primitive obj = ASN1Primitive.fromByteArray(MultipleTripleByteItems); + + assertTrue("Null ASN.1 SEQUENCE", obj instanceof ASN1Sequence); + + ASN1Sequence sequence = (ASN1Sequence)obj; + + assertEquals("2 items expected", 2, sequence.size()); + + ASN1Enumerated enumerated = ASN1Enumerated.getInstance(sequence.getObjectAt(0)); + + assertNotNull("ENUMERATED expected", enumerated); + + assertEquals("Unexpected ENUMERATED value", 65793, enumerated.getValue().intValue()); + + ASN1ObjectIdentifier objectId = ASN1ObjectIdentifier.getInstance(sequence.getObjectAt(1)); + + assertNotNull("OBJECT IDENTIFIER expected", objectId); + + assertEquals("Unexpected OBJECT IDENTIFIER value", "1.3.6.1", objectId.getId()); + } +} diff --git a/bcprov/src/main/java/org/bouncycastle/asn1/test/EqualsAndHashCodeTest.java b/bcprov/src/main/java/org/bouncycastle/asn1/test/EqualsAndHashCodeTest.java new file mode 100644 index 00000000..3da4e6ad --- /dev/null +++ b/bcprov/src/main/java/org/bouncycastle/asn1/test/EqualsAndHashCodeTest.java @@ -0,0 +1,127 @@ +package org.bouncycastle.asn1.test; + +import java.io.ByteArrayInputStream; +import java.io.ByteArrayOutputStream; +import java.util.Date; + +import org.bouncycastle.asn1.ASN1Boolean; +import org.bouncycastle.asn1.ASN1Enumerated; +import org.bouncycastle.asn1.ASN1InputStream; +import org.bouncycastle.asn1.ASN1Integer; +import org.bouncycastle.asn1.ASN1ObjectIdentifier; +import org.bouncycastle.asn1.ASN1OutputStream; +import org.bouncycastle.asn1.ASN1Primitive; +import org.bouncycastle.asn1.BERConstructedOctetString; +import org.bouncycastle.asn1.BERSequence; +import org.bouncycastle.asn1.BERSet; +import org.bouncycastle.asn1.BERTaggedObject; +import org.bouncycastle.asn1.DERApplicationSpecific; +import org.bouncycastle.asn1.DERBMPString; +import org.bouncycastle.asn1.DERBitString; +import org.bouncycastle.asn1.DERGeneralString; +import org.bouncycastle.asn1.DERGeneralizedTime; +import org.bouncycastle.asn1.DERIA5String; +import org.bouncycastle.asn1.DERNull; +import org.bouncycastle.asn1.DERNumericString; +import org.bouncycastle.asn1.DEROctetString; +import org.bouncycastle.asn1.DERPrintableString; +import org.bouncycastle.asn1.DERSequence; +import org.bouncycastle.asn1.DERSet; +import org.bouncycastle.asn1.DERT61String; +import org.bouncycastle.asn1.DERTaggedObject; +import org.bouncycastle.asn1.DERUTCTime; +import org.bouncycastle.asn1.DERUTF8String; +import org.bouncycastle.asn1.DERUniversalString; +import org.bouncycastle.asn1.DERVisibleString; +import org.bouncycastle.util.test.SimpleTestResult; +import org.bouncycastle.util.test.Test; +import org.bouncycastle.util.test.TestResult; + +public class EqualsAndHashCodeTest + implements Test +{ + public TestResult perform() + { + byte[] data = { 0, 1, 0, 1, 0, 0, 1 }; + + ASN1Primitive values[] = { + new BERConstructedOctetString(data), + new BERSequence(new DERPrintableString("hello world")), + new BERSet(new DERPrintableString("hello world")), + new BERTaggedObject(0, new DERPrintableString("hello world")), + new DERApplicationSpecific(0, data), + new DERBitString(data), + new DERBMPString("hello world"), + new ASN1Boolean(true), + new ASN1Boolean(false), + new ASN1Enumerated(100), + new DERGeneralizedTime("20070315173729Z"), + new DERGeneralString("hello world"), + new DERIA5String("hello"), + new ASN1Integer(1000), + new DERNull(), + new DERNumericString("123456"), + new ASN1ObjectIdentifier("1.1.1.10000.1"), + new DEROctetString(data), + new DERPrintableString("hello world"), + new DERSequence(new DERPrintableString("hello world")), + new DERSet(new DERPrintableString("hello world")), + new DERT61String("hello world"), + new DERTaggedObject(0, new DERPrintableString("hello world")), + new DERUniversalString(data), + new DERUTCTime(new Date()), + new DERUTF8String("hello world"), + new DERVisibleString("hello world") + }; + + try + { + ByteArrayOutputStream bOut = new ByteArrayOutputStream(); + ASN1OutputStream aOut = new ASN1OutputStream(bOut); + + for (int i = 0; i != values.length; i++) + { + aOut.writeObject(values[i]); + } + + ASN1Primitive[] readValues = new ASN1Primitive[values.length]; + + ByteArrayInputStream bIn = new ByteArrayInputStream(bOut.toByteArray()); + ASN1InputStream aIn = new ASN1InputStream(bIn); + + for (int i = 0; i != values.length; i++) + { + ASN1Primitive o = aIn.readObject(); + if (!o.equals(values[i])) + { + return new SimpleTestResult(false, getName() + ": Failed equality test for " + o.getClass()); + } + + if (o.hashCode() != values[i].hashCode()) + { + return new SimpleTestResult(false, getName() + ": Failed hashCode test for " + o.getClass()); + } + } + } + catch (Exception e) + { + return new SimpleTestResult(false, getName() + ": Failed - exception " + e.toString(), e); + } + + return new SimpleTestResult(true, getName() + ": Okay"); + } + + public String getName() + { + return "EqualsAndHashCode"; + } + + public static void main( + String[] args) + { + EqualsAndHashCodeTest test = new EqualsAndHashCodeTest(); + TestResult result = test.perform(); + + System.out.println(result); + } +} diff --git a/bcprov/src/main/java/org/bouncycastle/asn1/test/GeneralNameTest.java b/bcprov/src/main/java/org/bouncycastle/asn1/test/GeneralNameTest.java new file mode 100644 index 00000000..f88a83cd --- /dev/null +++ b/bcprov/src/main/java/org/bouncycastle/asn1/test/GeneralNameTest.java @@ -0,0 +1,143 @@ +package org.bouncycastle.asn1.test; + +import org.bouncycastle.asn1.x509.GeneralName; +import org.bouncycastle.util.Arrays; +import org.bouncycastle.util.encoders.Hex; +import org.bouncycastle.util.test.SimpleTest; + +public class GeneralNameTest + extends SimpleTest +{ + private static final byte[] ipv4 = Hex.decode("87040a090800"); + private static final byte[] ipv4WithMask1 = Hex.decode("87080a090800ffffff00"); + private static final byte[] ipv4WithMask2 = Hex.decode("87080a090800ffff8000"); + private static final byte[] ipv4WithMask3 = Hex.decode("87080a090800ffffc000"); + + private static final byte[] ipv6a = Hex.decode("871020010db885a308d313198a2e03707334"); + private static final byte[] ipv6b = Hex.decode("871020010db885a3000013198a2e03707334"); + private static final byte[] ipv6c = Hex.decode("871000000000000000000000000000000001"); + private static final byte[] ipv6d = Hex.decode("871020010db885a3000000008a2e03707334"); + private static final byte[] ipv6e = Hex.decode("871020010db885a3000000008a2e0a090800"); + private static final byte[] ipv6f = Hex.decode("872020010db885a3000000008a2e0a090800ffffffffffff00000000000000000000"); + private static final byte[] ipv6g = Hex.decode("872020010db885a3000000008a2e0a090800ffffffffffffffffffffffffffffffff"); + private static final byte[] ipv6h = Hex.decode("872020010db885a300000000000000000000ffffffffffff00000000000000000000"); + private static final byte[] ipv6i = Hex.decode("872020010db885a300000000000000000000fffffffffffe00000000000000000000"); + private static final byte[] ipv6j = Hex.decode("872020010db885a300000000000000000000ffffffffffff80000000000000000000"); + + public String getName() + { + return "GeneralName"; + } + + public void performTest() + throws Exception + { + GeneralName nm = new GeneralName(GeneralName.iPAddress, "10.9.8.0"); + if (!Arrays.areEqual(nm.getEncoded(), ipv4)) + { + fail("ipv4 encoding failed"); + } + + nm = new GeneralName(GeneralName.iPAddress, "10.9.8.0/255.255.255.0"); + if (!Arrays.areEqual(nm.getEncoded(), ipv4WithMask1)) + { + fail("ipv4 with netmask 1 encoding failed"); + } + + nm = new GeneralName(GeneralName.iPAddress, "10.9.8.0/24"); + if (!Arrays.areEqual(nm.getEncoded(), ipv4WithMask1)) + { + fail("ipv4 with netmask 2 encoding failed"); + } + + nm = new GeneralName(GeneralName.iPAddress, "10.9.8.0/255.255.128.0"); + if (!Arrays.areEqual(nm.getEncoded(), ipv4WithMask2)) + { + fail("ipv4 with netmask 3a encoding failed"); + } + + nm = new GeneralName(GeneralName.iPAddress, "10.9.8.0/17"); + if (!Arrays.areEqual(nm.getEncoded(), ipv4WithMask2)) + { + fail("ipv4 with netmask 3b encoding failed"); + } + + nm = new GeneralName(GeneralName.iPAddress, "10.9.8.0/255.255.192.0"); + if (!Arrays.areEqual(nm.getEncoded(), ipv4WithMask3)) + { + fail("ipv4 with netmask 3a encoding failed"); + } + + nm = new GeneralName(GeneralName.iPAddress, "10.9.8.0/18"); + if (!Arrays.areEqual(nm.getEncoded(), ipv4WithMask3)) + { + fail("ipv4 with netmask 3b encoding failed"); + } + + nm = new GeneralName(GeneralName.iPAddress, "2001:0db8:85a3:08d3:1319:8a2e:0370:7334"); + if (!Arrays.areEqual(nm.getEncoded(), ipv6a)) + { + fail("ipv6 with netmask encoding failed"); + } + + nm = new GeneralName(GeneralName.iPAddress, "2001:0db8:85a3::1319:8a2e:0370:7334"); + if (!Arrays.areEqual(nm.getEncoded(), ipv6b)) + { + fail("ipv6b encoding failed"); + } + + nm = new GeneralName(GeneralName.iPAddress, "::1"); + if (!Arrays.areEqual(nm.getEncoded(), ipv6c)) + { + fail("ipv6c failed"); + } + + nm = new GeneralName(GeneralName.iPAddress, "2001:0db8:85a3::8a2e:0370:7334"); + if (!Arrays.areEqual(nm.getEncoded(), ipv6d)) + { + fail("ipv6d failed"); + } + + nm = new GeneralName(GeneralName.iPAddress, "2001:0db8:85a3::8a2e:10.9.8.0"); + if (!Arrays.areEqual(nm.getEncoded(), ipv6e)) + { + fail("ipv6e failed"); + } + + nm = new GeneralName(GeneralName.iPAddress, "2001:0db8:85a3::8a2e:10.9.8.0/ffff:ffff:ffff::0000"); + if (!Arrays.areEqual(nm.getEncoded(), ipv6f)) + { + fail("ipv6f failed"); + } + + nm = new GeneralName(GeneralName.iPAddress, "2001:0db8:85a3::8a2e:10.9.8.0/128"); + if (!Arrays.areEqual(nm.getEncoded(), ipv6g)) + { + fail("ipv6g failed"); + } + + nm = new GeneralName(GeneralName.iPAddress, "2001:0db8:85a3::/48"); + if (!Arrays.areEqual(nm.getEncoded(), ipv6h)) + { + fail("ipv6h failed"); + } + + nm = new GeneralName(GeneralName.iPAddress, "2001:0db8:85a3::/47"); + if (!Arrays.areEqual(nm.getEncoded(), ipv6i)) + { + fail("ipv6i failed"); + } + + nm = new GeneralName(GeneralName.iPAddress, "2001:0db8:85a3::/49"); + if (!Arrays.areEqual(nm.getEncoded(), ipv6j)) + { + fail("ipv6j failed"); + } + } + + public static void main( + String[] args) + { + runTest(new GeneralNameTest()); + } +} diff --git a/bcprov/src/main/java/org/bouncycastle/asn1/test/GeneralizedTimeTest.java b/bcprov/src/main/java/org/bouncycastle/asn1/test/GeneralizedTimeTest.java new file mode 100644 index 00000000..3a86370c --- /dev/null +++ b/bcprov/src/main/java/org/bouncycastle/asn1/test/GeneralizedTimeTest.java @@ -0,0 +1,201 @@ +package org.bouncycastle.asn1.test; + +import java.text.SimpleDateFormat; +import java.util.Date; +import java.util.SimpleTimeZone; +import java.util.TimeZone; + +import org.bouncycastle.asn1.DERGeneralizedTime; +import org.bouncycastle.util.test.SimpleTest; + +/** + * X.690 test example + */ +public class GeneralizedTimeTest + extends SimpleTest +{ + String[] input = + { + "20020122122220", + "20020122122220Z", + "20020122122220-1000", + "20020122122220+00", + "20020122122220.1", + "20020122122220.1Z", + "20020122122220.1-1000", + "20020122122220.1+00", + "20020122122220.01", + "20020122122220.01Z", + "20020122122220.01-1000", + "20020122122220.01+00", + "20020122122220.001", + "20020122122220.001Z", + "20020122122220.001-1000", + "20020122122220.001+00", + "20020122122220.0001", + "20020122122220.0001Z", + "20020122122220.0001-1000", + "20020122122220.0001+00", + "20020122122220.0001+1000" + }; + + String[] output = { + "20020122122220", + "20020122122220GMT+00:00", + "20020122122220GMT-10:00", + "20020122122220GMT+00:00", + "20020122122220.1", + "20020122122220.1GMT+00:00", + "20020122122220.1GMT-10:00", + "20020122122220.1GMT+00:00", + "20020122122220.01", + "20020122122220.01GMT+00:00", + "20020122122220.01GMT-10:00", + "20020122122220.01GMT+00:00", + "20020122122220.001", + "20020122122220.001GMT+00:00", + "20020122122220.001GMT-10:00", + "20020122122220.001GMT+00:00", + "20020122122220.0001", + "20020122122220.0001GMT+00:00", + "20020122122220.0001GMT-10:00", + "20020122122220.0001GMT+00:00", + "20020122122220.0001GMT+10:00" }; + + String[] zOutput = { + "20020122122220Z", + "20020122122220Z", + "20020122222220Z", + "20020122122220Z", + "20020122122220Z", + "20020122122220Z", + "20020122222220Z", + "20020122122220Z", + "20020122122220Z", + "20020122122220Z", + "20020122222220Z", + "20020122122220Z", + "20020122122220Z", + "20020122122220Z", + "20020122222220Z", + "20020122122220Z", + "20020122122220Z", + "20020122122220Z", + "20020122222220Z", + "20020122122220Z", + "20020122022220Z" + }; + + String[] mzOutput = { + "20020122122220.000Z", + "20020122122220.000Z", + "20020122222220.000Z", + "20020122122220.000Z", + "20020122122220.100Z", + "20020122122220.100Z", + "20020122222220.100Z", + "20020122122220.100Z", + "20020122122220.010Z", + "20020122122220.010Z", + "20020122222220.010Z", + "20020122122220.010Z", + "20020122122220.001Z", + "20020122122220.001Z", + "20020122222220.001Z", + "20020122122220.001Z", + "20020122122220.000Z", + "20020122122220.000Z", + "20020122222220.000Z", + "20020122122220.000Z", + "20020122022220.000Z" + }; + + public String getName() + { + return "GeneralizedTime"; + } + + public void performTest() + throws Exception + { + SimpleDateFormat dateF = new SimpleDateFormat("yyyyMMddHHmmss'Z'"); + + dateF.setTimeZone(new SimpleTimeZone(0,"Z")); + + for (int i = 0; i != input.length; i++) + { + DERGeneralizedTime t = new DERGeneralizedTime(input[i]); + + if (output[i].indexOf('G') > 0) // don't check local time the same way + { + if (!t.getTime().equals(output[i])) + { + fail("failed conversion test"); + } + if (!dateF.format(t.getDate()).equals(zOutput[i])) + { + fail("failed date conversion test"); + } + } + else + { + String offset = calculateGMTOffset(t.getDate()); + if (!t.getTime().equals(output[i] + offset)) + { + fail("failed conversion test"); + } + } + } + + dateF = new SimpleDateFormat("yyyyMMddHHmmss.SSS'Z'"); + + dateF.setTimeZone(new SimpleTimeZone(0,"Z")); + + for (int i = 0; i != input.length; i++) + { + DERGeneralizedTime t = new DERGeneralizedTime(input[i]); + + if (!dateF.format(t.getDate()).equals(mzOutput[i])) + { + fail("failed long date conversion test"); + } + } + } + + private String calculateGMTOffset(Date date) + { + String sign = "+"; + TimeZone timeZone = TimeZone.getDefault(); + int offset = timeZone.getRawOffset(); + if (offset < 0) + { + sign = "-"; + offset = -offset; + } + int hours = offset / (60 * 60 * 1000); + int minutes = (offset - (hours * 60 * 60 * 1000)) / (60 * 1000); + + if (timeZone.useDaylightTime() && timeZone.inDaylightTime(date)) + { + hours += sign.equals("+") ? 1 : -1; + } + + return "GMT" + sign + convert(hours) + ":" + convert(minutes); + } + + private String convert(int time) + { + if (time < 10) + { + return "0" + time; + } + + return Integer.toString(time); + } + + public static void main( + String[] args) + { + runTest(new GeneralizedTimeTest()); + } +} diff --git a/bcprov/src/main/java/org/bouncycastle/asn1/test/GenerationTest.java b/bcprov/src/main/java/org/bouncycastle/asn1/test/GenerationTest.java new file mode 100644 index 00000000..aa5444fb --- /dev/null +++ b/bcprov/src/main/java/org/bouncycastle/asn1/test/GenerationTest.java @@ -0,0 +1,441 @@ +package org.bouncycastle.asn1.test; + +import java.io.ByteArrayInputStream; +import java.io.ByteArrayOutputStream; +import java.io.IOException; +import java.math.BigInteger; +import java.text.ParseException; +import java.util.Date; +import java.util.Hashtable; +import java.util.Vector; + +import org.bouncycastle.asn1.ASN1EncodableVector; +import org.bouncycastle.asn1.ASN1GeneralizedTime; +import org.bouncycastle.asn1.ASN1InputStream; +import org.bouncycastle.asn1.ASN1Integer; +import org.bouncycastle.asn1.ASN1OutputStream; +import org.bouncycastle.asn1.ASN1Primitive; +import org.bouncycastle.asn1.DERNull; +import org.bouncycastle.asn1.DEROctetString; +import org.bouncycastle.asn1.DERSequence; +import org.bouncycastle.asn1.oiw.ElGamalParameter; +import org.bouncycastle.asn1.oiw.OIWObjectIdentifiers; +import org.bouncycastle.asn1.pkcs.PKCSObjectIdentifiers; +import org.bouncycastle.asn1.x500.X500Name; +import org.bouncycastle.asn1.x509.AlgorithmIdentifier; +import org.bouncycastle.asn1.x509.AuthorityKeyIdentifier; +import org.bouncycastle.asn1.x509.CRLReason; +import org.bouncycastle.asn1.x509.Extension; +import org.bouncycastle.asn1.x509.Extensions; +import org.bouncycastle.asn1.x509.ExtensionsGenerator; +import org.bouncycastle.asn1.x509.GeneralName; +import org.bouncycastle.asn1.x509.GeneralNames; +import org.bouncycastle.asn1.x509.IssuingDistributionPoint; +import org.bouncycastle.asn1.x509.KeyUsage; +import org.bouncycastle.asn1.x509.RSAPublicKeyStructure; +import org.bouncycastle.asn1.x509.SubjectKeyIdentifier; +import org.bouncycastle.asn1.x509.SubjectPublicKeyInfo; +import org.bouncycastle.asn1.x509.TBSCertList; +import org.bouncycastle.asn1.x509.TBSCertificate; +import org.bouncycastle.asn1.x509.Time; +import org.bouncycastle.asn1.x509.V1TBSCertificateGenerator; +import org.bouncycastle.asn1.x509.V2TBSCertListGenerator; +import org.bouncycastle.asn1.x509.V3TBSCertificateGenerator; +import org.bouncycastle.asn1.x509.X509Extension; +import org.bouncycastle.asn1.x509.X509Extensions; +import org.bouncycastle.asn1.x509.X509Name; +import org.bouncycastle.crypto.Digest; +import org.bouncycastle.crypto.digests.SHA1Digest; +import org.bouncycastle.util.Arrays; +import org.bouncycastle.util.encoders.Base64; +import org.bouncycastle.util.test.SimpleTest; + +public class GenerationTest + extends SimpleTest +{ + private byte[] v1Cert = Base64.decode( + "MIGtAgEBMA0GCSqGSIb3DQEBBAUAMCUxCzAJBgNVBAMMAkFVMRYwFAYDVQQKDA1Cb" + + "3VuY3kgQ2FzdGxlMB4XDTcwMDEwMTAwMDAwMVoXDTcwMDEwMTAwMDAxMlowNjELMA" + + "kGA1UEAwwCQVUxFjAUBgNVBAoMDUJvdW5jeSBDYXN0bGUxDzANBgNVBAsMBlRlc3Q" + + "gMTAaMA0GCSqGSIb3DQEBAQUAAwkAMAYCAQECAQI="); + + private byte[] v3Cert = Base64.decode( + "MIIBSKADAgECAgECMA0GCSqGSIb3DQEBBAUAMCUxCzAJBgNVBAMMAkFVMRYwFAYD" + + "VQQKDA1Cb3VuY3kgQ2FzdGxlMB4XDTcwMDEwMTAwMDAwMVoXDTcwMDEwMTAwMDAw" + + "MlowNjELMAkGA1UEAwwCQVUxFjAUBgNVBAoMDUJvdW5jeSBDYXN0bGUxDzANBgNV" + + "BAsMBlRlc3QgMjAYMBAGBisOBwIBATAGAgEBAgECAwQAAgEDo4GVMIGSMGEGA1Ud" + + "IwEB/wRXMFWAFDZPdpHPzKi7o8EJokkQU2uqCHRRoTqkODA2MQswCQYDVQQDDAJB" + + "VTEWMBQGA1UECgwNQm91bmN5IENhc3RsZTEPMA0GA1UECwwGVGVzdCAyggECMCAG" + + "A1UdDgEB/wQWBBQ2T3aRz8you6PBCaJJEFNrqgh0UTALBgNVHQ8EBAMCBBA="); + + private byte[] v3CertNullSubject = Base64.decode( + "MIHGoAMCAQICAQIwDQYJKoZIhvcNAQEEBQAwJTELMAkGA1UEAwwCQVUxFjAUBgNVB" + + "AoMDUJvdW5jeSBDYXN0bGUwHhcNNzAwMTAxMDAwMDAxWhcNNzAwMTAxMDAwMDAyWj" + + "AAMBgwEAYGKw4HAgEBMAYCAQECAQIDBAACAQOjSjBIMEYGA1UdEQEB/wQ8MDqkODA" + + "2MQswCQYDVQQDDAJBVTEWMBQGA1UECgwNQm91bmN5IENhc3RsZTEPMA0GA1UECwwG" + + "VGVzdCAy"); + + private byte[] v2CertList = Base64.decode( + "MIIBQwIBATANBgkqhkiG9w0BAQUFADAlMQswCQYDVQQDDAJBVTEWMBQGA1UECgwN" + + "Qm91bmN5IENhc3RsZRcNNzAwMTAxMDAwMDAwWhcNNzAwMTAxMDAwMDAyWjAiMCAC" + + "AQEXDTcwMDEwMTAwMDAwMVowDDAKBgNVHRUEAwoBCqCBxTCBwjBhBgNVHSMBAf8E" + + "VzBVgBQ2T3aRz8you6PBCaJJEFNrqgh0UaE6pDgwNjELMAkGA1UEAwwCQVUxFjAU" + + "BgNVBAoMDUJvdW5jeSBDYXN0bGUxDzANBgNVBAsMBlRlc3QgMoIBAjBDBgNVHRIE" + + "PDA6pDgwNjELMAkGA1UEAwwCQVUxFjAUBgNVBAoMDUJvdW5jeSBDYXN0bGUxDzAN" + + "BgNVBAsMBlRlc3QgMzAKBgNVHRQEAwIBATAMBgNVHRwBAf8EAjAA"); + + private void tbsV1CertGen() + throws IOException + { + V1TBSCertificateGenerator gen = new V1TBSCertificateGenerator(); + Date startDate = new Date(1000); + Date endDate = new Date(12000); + + gen.setSerialNumber(new ASN1Integer(1)); + + gen.setStartDate(new Time(startDate)); + gen.setEndDate(new Time(endDate)); + + gen.setIssuer(new X500Name("CN=AU,O=Bouncy Castle")); + gen.setSubject(new X500Name("CN=AU,O=Bouncy Castle,OU=Test 1")); + + gen.setSignature(new AlgorithmIdentifier(PKCSObjectIdentifiers.md5WithRSAEncryption, DERNull.INSTANCE)); + + SubjectPublicKeyInfo info = new SubjectPublicKeyInfo(new AlgorithmIdentifier(PKCSObjectIdentifiers.rsaEncryption, DERNull.INSTANCE), + new RSAPublicKeyStructure(BigInteger.valueOf(1), BigInteger.valueOf(2))); + + gen.setSubjectPublicKeyInfo(info); + + TBSCertificate tbs = gen.generateTBSCertificate(); + ByteArrayOutputStream bOut = new ByteArrayOutputStream(); + ASN1OutputStream aOut = new ASN1OutputStream(bOut); + + aOut.writeObject(tbs); + + if (!Arrays.areEqual(bOut.toByteArray(), v1Cert)) + { + fail("failed v1 cert generation"); + } + + // + // read back test + // + ASN1InputStream aIn = new ASN1InputStream(new ByteArrayInputStream(v1Cert)); + ASN1Primitive o = aIn.readObject(); + + bOut = new ByteArrayOutputStream(); + aOut = new ASN1OutputStream(bOut); + + aOut.writeObject(o); + + if (!Arrays.areEqual(bOut.toByteArray(), v1Cert)) + { + fail("failed v1 cert read back test"); + } + } + + private AuthorityKeyIdentifier createAuthorityKeyId( + SubjectPublicKeyInfo info, + X500Name name, + int sNumber) + { + GeneralName genName = new GeneralName(name); + ASN1EncodableVector v = new ASN1EncodableVector(); + + v.add(genName); + + return new AuthorityKeyIdentifier( + info, GeneralNames.getInstance(new DERSequence(v)), BigInteger.valueOf(sNumber)); + } + + private void tbsV3CertGen() + throws IOException + { + V3TBSCertificateGenerator gen = new V3TBSCertificateGenerator(); + Date startDate = new Date(1000); + Date endDate = new Date(2000); + + gen.setSerialNumber(new ASN1Integer(2)); + + gen.setStartDate(new Time(startDate)); + gen.setEndDate(new Time(endDate)); + + gen.setIssuer(new X500Name("CN=AU,O=Bouncy Castle")); + gen.setSubject(new X500Name("CN=AU,O=Bouncy Castle,OU=Test 2")); + + gen.setSignature(new AlgorithmIdentifier(PKCSObjectIdentifiers.md5WithRSAEncryption, DERNull.INSTANCE)); + + SubjectPublicKeyInfo info = new SubjectPublicKeyInfo(new AlgorithmIdentifier(OIWObjectIdentifiers.elGamalAlgorithm, new ElGamalParameter(BigInteger.valueOf(1), BigInteger.valueOf(2))), new ASN1Integer(3)); + + gen.setSubjectPublicKeyInfo(info); + + // + // add extensions + // + Vector order = new Vector(); + Hashtable extensions = new Hashtable(); + + order.addElement(X509Extension.authorityKeyIdentifier); + order.addElement(X509Extension.subjectKeyIdentifier); + order.addElement(X509Extension.keyUsage); + + extensions.put(X509Extension.authorityKeyIdentifier, new X509Extension(true, new DEROctetString(createAuthorityKeyId(info, new X500Name("CN=AU,O=Bouncy Castle,OU=Test 2"), 2)))); + extensions.put(X509Extension.subjectKeyIdentifier, new X509Extension(true, new DEROctetString(new SubjectKeyIdentifier(getDigest(info))))); + extensions.put(X509Extension.keyUsage, new X509Extension(false, new DEROctetString(new KeyUsage(KeyUsage.dataEncipherment)))); + + X509Extensions ex = new X509Extensions(order, extensions); + + gen.setExtensions(ex); + + TBSCertificate tbs = gen.generateTBSCertificate(); + ByteArrayOutputStream bOut = new ByteArrayOutputStream(); + ASN1OutputStream aOut = new ASN1OutputStream(bOut); + + aOut.writeObject(tbs); + + if (!Arrays.areEqual(bOut.toByteArray(), v3Cert)) + { + fail("failed v3 cert generation"); + } + + // + // read back test + // + ASN1InputStream aIn = new ASN1InputStream(new ByteArrayInputStream(v3Cert)); + ASN1Primitive o = aIn.readObject(); + + bOut = new ByteArrayOutputStream(); + aOut = new ASN1OutputStream(bOut); + + aOut.writeObject(o); + + if (!Arrays.areEqual(bOut.toByteArray(), v3Cert)) + { + fail("failed v3 cert read back test"); + } + } + + private void tbsV3CertGenWithNullSubject() + throws IOException + { + V3TBSCertificateGenerator gen = new V3TBSCertificateGenerator(); + Date startDate = new Date(1000); + Date endDate = new Date(2000); + + gen.setSerialNumber(new ASN1Integer(2)); + + gen.setStartDate(new Time(startDate)); + gen.setEndDate(new Time(endDate)); + + gen.setIssuer(new X500Name("CN=AU,O=Bouncy Castle")); + + gen.setSignature(new AlgorithmIdentifier(PKCSObjectIdentifiers.md5WithRSAEncryption, DERNull.INSTANCE)); + + SubjectPublicKeyInfo info = new SubjectPublicKeyInfo(new AlgorithmIdentifier(OIWObjectIdentifiers.elGamalAlgorithm, new ElGamalParameter(BigInteger.valueOf(1), BigInteger.valueOf(2))), new ASN1Integer(3)); + + gen.setSubjectPublicKeyInfo(info); + + try + { + gen.generateTBSCertificate(); + fail("null subject not caught!"); + } + catch (IllegalStateException e) + { + if (!e.getMessage().equals("not all mandatory fields set in V3 TBScertificate generator")) + { + fail("unexpected exception", e); + } + } + + // + // add extensions + // + Vector order = new Vector(); + Hashtable extensions = new Hashtable(); + + order.addElement(X509Extension.subjectAlternativeName); + + extensions.put(X509Extension.subjectAlternativeName, new X509Extension(true, new DEROctetString(new GeneralNames(new GeneralName(new X509Name("CN=AU,O=Bouncy Castle,OU=Test 2")))))); + + X509Extensions ex = new X509Extensions(order, extensions); + + gen.setExtensions(ex); + + TBSCertificate tbs = gen.generateTBSCertificate(); + ByteArrayOutputStream bOut = new ByteArrayOutputStream(); + ASN1OutputStream aOut = new ASN1OutputStream(bOut); + + aOut.writeObject(tbs); + + if (!Arrays.areEqual(bOut.toByteArray(), v3CertNullSubject)) + { + fail("failed v3 null sub cert generation"); + } + + // + // read back test + // + ASN1InputStream aIn = new ASN1InputStream(new ByteArrayInputStream(v3CertNullSubject)); + ASN1Primitive o = aIn.readObject(); + + bOut = new ByteArrayOutputStream(); + aOut = new ASN1OutputStream(bOut); + + aOut.writeObject(o); + + if (!Arrays.areEqual(bOut.toByteArray(), v3CertNullSubject)) + { + fail("failed v3 null sub cert read back test"); + } + } + + private void tbsV2CertListGen() + throws IOException + { + V2TBSCertListGenerator gen = new V2TBSCertListGenerator(); + + gen.setIssuer(new X500Name("CN=AU,O=Bouncy Castle")); + + gen.addCRLEntry(new ASN1Integer(1), new Time(new Date(1000)), CRLReason.aACompromise); + + gen.setNextUpdate(new Time(new Date(2000))); + + gen.setThisUpdate(new Time(new Date(500))); + + gen.setSignature(new AlgorithmIdentifier(PKCSObjectIdentifiers.sha1WithRSAEncryption, DERNull.INSTANCE)); + + // + // extensions + // + SubjectPublicKeyInfo info = new SubjectPublicKeyInfo(new AlgorithmIdentifier(OIWObjectIdentifiers.elGamalAlgorithm, new ElGamalParameter(BigInteger.valueOf(1), BigInteger.valueOf(2))), new ASN1Integer(3)); + + ExtensionsGenerator extGen = new ExtensionsGenerator(); + + extGen.addExtension(Extension.authorityKeyIdentifier, true, createAuthorityKeyId(info, new X500Name("CN=AU,O=Bouncy Castle,OU=Test 2"), 2)); + extGen.addExtension(Extension.issuerAlternativeName, false, new GeneralNames(new GeneralName(new X500Name("CN=AU,O=Bouncy Castle,OU=Test 3")))); + extGen.addExtension(Extension.cRLNumber, false, new ASN1Integer(1)); + extGen.addExtension(Extension.issuingDistributionPoint, true, IssuingDistributionPoint.getInstance(new DERSequence())); + + Extensions ex = extGen.generate(); + + gen.setExtensions(ex); + + TBSCertList tbs = gen.generateTBSCertList(); + ByteArrayOutputStream bOut = new ByteArrayOutputStream(); + ASN1OutputStream aOut = new ASN1OutputStream(bOut); + + aOut.writeObject(tbs); + + if (!Arrays.areEqual(bOut.toByteArray(), v2CertList)) + { + System.out.println(new String(Base64.encode(bOut.toByteArray()))); + fail("failed v2 cert list generation"); + } + + // + // read back test + // + ASN1InputStream aIn = new ASN1InputStream(new ByteArrayInputStream(v2CertList)); + ASN1Primitive o = aIn.readObject(); + + bOut = new ByteArrayOutputStream(); + aOut = new ASN1OutputStream(bOut); + + aOut.writeObject(o); + + if (!Arrays.areEqual(bOut.toByteArray(), v2CertList)) + { + fail("failed v2 cert list read back test"); + } + + // + // check we can add a custom reason + // + gen.addCRLEntry(new ASN1Integer(1), new Time(new Date(1000)), CRLReason.aACompromise); + + // + // check invalidity date + gen.addCRLEntry(new ASN1Integer(2), new Time(new Date(1000)), CRLReason.affiliationChanged, new ASN1GeneralizedTime(new Date(2000))); + + TBSCertList crl = gen.generateTBSCertList(); + + TBSCertList.CRLEntry[] entries = crl.getRevokedCertificates(); + for (int i = 0; i != entries.length; i++) + { + TBSCertList.CRLEntry entry = entries[i]; + + if (entry.getUserCertificate().equals(new ASN1Integer(1))) + { + Extensions extensions = entry.getExtensions(); + Extension ext = extensions.getExtension(Extension.reasonCode); + + CRLReason r = CRLReason.getInstance(ext.getParsedValue()); + + if (r.getValue().intValue() != CRLReason.aACompromise) + { + fail("reason code mismatch"); + } + } + else if (entry.getUserCertificate().equals(new ASN1Integer(2))) + { + Extensions extensions = entry.getExtensions(); + Extension ext = extensions.getExtension(Extension.reasonCode); + + CRLReason r = CRLReason.getInstance(ext.getParsedValue()); + + if (r.getValue().intValue() != CRLReason.affiliationChanged) + { + fail("reason code mismatch"); + } + + ext = extensions.getExtension(Extension.invalidityDate); + + ASN1GeneralizedTime t = ASN1GeneralizedTime.getInstance(ext.getParsedValue()); + + try + { + if (!t.getDate().equals(new Date(2000))) + { + fail("invalidity date mismatch"); + } + } + catch (ParseException e) + { + fail("can't parse date", e); + } + } + } + } + + public void performTest() + throws Exception + { + tbsV1CertGen(); + tbsV3CertGen(); + tbsV3CertGenWithNullSubject(); + tbsV2CertListGen(); + } + + public String getName() + { + return "Generation"; + } + + private static byte[] getDigest(SubjectPublicKeyInfo spki) + { + Digest digest = new SHA1Digest(); + byte[] resBuf = new byte[digest.getDigestSize()]; + + byte[] bytes = spki.getPublicKeyData().getBytes(); + digest.update(bytes, 0, bytes.length); + digest.doFinal(resBuf, 0); + return resBuf; + } + + public static void main( + String[] args) + { + runTest(new GenerationTest()); + } +} diff --git a/bcprov/src/main/java/org/bouncycastle/asn1/test/GetInstanceTest.java b/bcprov/src/main/java/org/bouncycastle/asn1/test/GetInstanceTest.java new file mode 100644 index 00000000..cda7c500 --- /dev/null +++ b/bcprov/src/main/java/org/bouncycastle/asn1/test/GetInstanceTest.java @@ -0,0 +1,888 @@ +package org.bouncycastle.asn1.test; + +import java.lang.reflect.Method; +import java.math.BigInteger; +import java.util.Date; +import java.util.Vector; + +import junit.framework.TestCase; +import org.bouncycastle.asn1.ASN1EncodableVector; +import org.bouncycastle.asn1.ASN1Enumerated; +import org.bouncycastle.asn1.ASN1GeneralizedTime; +import org.bouncycastle.asn1.ASN1Integer; +import org.bouncycastle.asn1.ASN1Object; +import org.bouncycastle.asn1.ASN1ObjectIdentifier; +import org.bouncycastle.asn1.ASN1TaggedObject; +import org.bouncycastle.asn1.ASN1UTCTime; +import org.bouncycastle.asn1.DERBMPString; +import org.bouncycastle.asn1.DERBitString; +import org.bouncycastle.asn1.DERGeneralString; +import org.bouncycastle.asn1.DERIA5String; +import org.bouncycastle.asn1.DERNull; +import org.bouncycastle.asn1.DERNumericString; +import org.bouncycastle.asn1.DEROctetString; +import org.bouncycastle.asn1.DERPrintableString; +import org.bouncycastle.asn1.DERSequence; +import org.bouncycastle.asn1.DERSet; +import org.bouncycastle.asn1.DERT61String; +import org.bouncycastle.asn1.DERTaggedObject; +import org.bouncycastle.asn1.DERUTF8String; +import org.bouncycastle.asn1.DERUniversalString; +import org.bouncycastle.asn1.DERVisibleString; +import org.bouncycastle.asn1.cmp.CAKeyUpdAnnContent; +import org.bouncycastle.asn1.cmp.CMPCertificate; +import org.bouncycastle.asn1.cmp.CRLAnnContent; +import org.bouncycastle.asn1.cmp.CertConfirmContent; +import org.bouncycastle.asn1.cmp.CertOrEncCert; +import org.bouncycastle.asn1.cmp.CertRepMessage; +import org.bouncycastle.asn1.cmp.CertResponse; +import org.bouncycastle.asn1.cmp.CertifiedKeyPair; +import org.bouncycastle.asn1.cmp.Challenge; +import org.bouncycastle.asn1.cmp.ErrorMsgContent; +import org.bouncycastle.asn1.cmp.GenMsgContent; +import org.bouncycastle.asn1.cmp.GenRepContent; +import org.bouncycastle.asn1.cmp.InfoTypeAndValue; +import org.bouncycastle.asn1.cmp.KeyRecRepContent; +import org.bouncycastle.asn1.cmp.OOBCertHash; +import org.bouncycastle.asn1.cmp.PBMParameter; +import org.bouncycastle.asn1.cmp.PKIBody; +import org.bouncycastle.asn1.cmp.PKIConfirmContent; +import org.bouncycastle.asn1.cmp.PKIFailureInfo; +import org.bouncycastle.asn1.cmp.PKIFreeText; +import org.bouncycastle.asn1.cmp.PKIHeader; +import org.bouncycastle.asn1.cmp.PKIMessage; +import org.bouncycastle.asn1.cmp.PKIMessages; +import org.bouncycastle.asn1.cmp.PKIStatus; +import org.bouncycastle.asn1.cmp.PKIStatusInfo; +import org.bouncycastle.asn1.cmp.POPODecKeyChallContent; +import org.bouncycastle.asn1.cmp.POPODecKeyRespContent; +import org.bouncycastle.asn1.cmp.PollRepContent; +import org.bouncycastle.asn1.cmp.PollReqContent; +import org.bouncycastle.asn1.cmp.ProtectedPart; +import org.bouncycastle.asn1.cmp.RevAnnContent; +import org.bouncycastle.asn1.cmp.RevDetails; +import org.bouncycastle.asn1.cmp.RevRepContent; +import org.bouncycastle.asn1.cmp.RevReqContent; +import org.bouncycastle.asn1.cms.Attribute; +import org.bouncycastle.asn1.cms.Attributes; +import org.bouncycastle.asn1.cms.AuthEnvelopedData; +import org.bouncycastle.asn1.cms.AuthenticatedData; +import org.bouncycastle.asn1.cms.CompressedData; +import org.bouncycastle.asn1.cms.ContentInfo; +import org.bouncycastle.asn1.cms.EncryptedContentInfo; +import org.bouncycastle.asn1.cms.EncryptedData; +import org.bouncycastle.asn1.cms.EnvelopedData; +import org.bouncycastle.asn1.cms.Evidence; +import org.bouncycastle.asn1.cms.IssuerAndSerialNumber; +import org.bouncycastle.asn1.cms.KEKIdentifier; +import org.bouncycastle.asn1.cms.KEKRecipientInfo; +import org.bouncycastle.asn1.cms.KeyAgreeRecipientIdentifier; +import org.bouncycastle.asn1.cms.KeyAgreeRecipientInfo; +import org.bouncycastle.asn1.cms.KeyTransRecipientInfo; +import org.bouncycastle.asn1.cms.MetaData; +import org.bouncycastle.asn1.cms.OriginatorIdentifierOrKey; +import org.bouncycastle.asn1.cms.OriginatorInfo; +import org.bouncycastle.asn1.cms.OriginatorPublicKey; +import org.bouncycastle.asn1.cms.OtherKeyAttribute; +import org.bouncycastle.asn1.cms.OtherRecipientInfo; +import org.bouncycastle.asn1.cms.PasswordRecipientInfo; +import org.bouncycastle.asn1.cms.RecipientEncryptedKey; +import org.bouncycastle.asn1.cms.RecipientIdentifier; +import org.bouncycastle.asn1.cms.RecipientInfo; +import org.bouncycastle.asn1.cms.RecipientKeyIdentifier; +import org.bouncycastle.asn1.cms.SignerIdentifier; +import org.bouncycastle.asn1.cms.SignerInfo; +import org.bouncycastle.asn1.cms.TimeStampAndCRL; +import org.bouncycastle.asn1.cms.TimeStampTokenEvidence; +import org.bouncycastle.asn1.cms.TimeStampedData; +import org.bouncycastle.asn1.cms.ecc.MQVuserKeyingMaterial; +import org.bouncycastle.asn1.crmf.AttributeTypeAndValue; +import org.bouncycastle.asn1.crmf.CertId; +import org.bouncycastle.asn1.crmf.CertReqMessages; +import org.bouncycastle.asn1.crmf.CertReqMsg; +import org.bouncycastle.asn1.crmf.CertRequest; +import org.bouncycastle.asn1.crmf.CertTemplate; +import org.bouncycastle.asn1.crmf.Controls; +import org.bouncycastle.asn1.crmf.EncKeyWithID; +import org.bouncycastle.asn1.crmf.EncryptedKey; +import org.bouncycastle.asn1.crmf.EncryptedValue; +import org.bouncycastle.asn1.crmf.OptionalValidity; +import org.bouncycastle.asn1.crmf.PKIArchiveOptions; +import org.bouncycastle.asn1.crmf.PKIPublicationInfo; +import org.bouncycastle.asn1.crmf.PKMACValue; +import org.bouncycastle.asn1.crmf.POPOPrivKey; +import org.bouncycastle.asn1.crmf.POPOSigningKey; +import org.bouncycastle.asn1.crmf.POPOSigningKeyInput; +import org.bouncycastle.asn1.crmf.ProofOfPossession; +import org.bouncycastle.asn1.crmf.SinglePubInfo; +import org.bouncycastle.asn1.cryptopro.ECGOST3410ParamSetParameters; +import org.bouncycastle.asn1.cryptopro.GOST28147Parameters; +import org.bouncycastle.asn1.cryptopro.GOST3410ParamSetParameters; +import org.bouncycastle.asn1.cryptopro.GOST3410PublicKeyAlgParameters; +import org.bouncycastle.asn1.eac.CVCertificate; +import org.bouncycastle.asn1.eac.CVCertificateRequest; +import org.bouncycastle.asn1.eac.CertificateBody; +import org.bouncycastle.asn1.eac.PublicKeyDataObject; +import org.bouncycastle.asn1.eac.RSAPublicKey; +import org.bouncycastle.asn1.eac.UnsignedInteger; +import org.bouncycastle.asn1.esf.CommitmentTypeIndication; +import org.bouncycastle.asn1.esf.CommitmentTypeQualifier; +import org.bouncycastle.asn1.esf.CompleteRevocationRefs; +import org.bouncycastle.asn1.esf.CrlIdentifier; +import org.bouncycastle.asn1.esf.CrlListID; +import org.bouncycastle.asn1.esf.CrlOcspRef; +import org.bouncycastle.asn1.esf.CrlValidatedID; +import org.bouncycastle.asn1.esf.OcspIdentifier; +import org.bouncycastle.asn1.esf.OcspListID; +import org.bouncycastle.asn1.esf.OcspResponsesID; +import org.bouncycastle.asn1.esf.OtherHash; +import org.bouncycastle.asn1.esf.OtherHashAlgAndValue; +import org.bouncycastle.asn1.esf.OtherRevRefs; +import org.bouncycastle.asn1.esf.OtherRevVals; +import org.bouncycastle.asn1.esf.RevocationValues; +import org.bouncycastle.asn1.esf.SPUserNotice; +import org.bouncycastle.asn1.esf.SPuri; +import org.bouncycastle.asn1.esf.SigPolicyQualifierInfo; +import org.bouncycastle.asn1.esf.SigPolicyQualifiers; +import org.bouncycastle.asn1.esf.SignaturePolicyId; +import org.bouncycastle.asn1.esf.SignaturePolicyIdentifier; +import org.bouncycastle.asn1.esf.SignerAttribute; +import org.bouncycastle.asn1.esf.SignerLocation; +import org.bouncycastle.asn1.ess.ContentHints; +import org.bouncycastle.asn1.ess.ContentIdentifier; +import org.bouncycastle.asn1.ess.ESSCertID; +import org.bouncycastle.asn1.ess.ESSCertIDv2; +import org.bouncycastle.asn1.ess.OtherCertID; +import org.bouncycastle.asn1.ess.OtherSigningCertificate; +import org.bouncycastle.asn1.ess.SigningCertificate; +import org.bouncycastle.asn1.ess.SigningCertificateV2; +import org.bouncycastle.asn1.icao.CscaMasterList; +import org.bouncycastle.asn1.icao.DataGroupHash; +import org.bouncycastle.asn1.icao.LDSSecurityObject; +import org.bouncycastle.asn1.icao.LDSVersionInfo; +import org.bouncycastle.asn1.isismtt.ocsp.CertHash; +import org.bouncycastle.asn1.isismtt.ocsp.RequestedCertificate; +import org.bouncycastle.asn1.isismtt.x509.AdditionalInformationSyntax; +import org.bouncycastle.asn1.isismtt.x509.AdmissionSyntax; +import org.bouncycastle.asn1.isismtt.x509.Admissions; +import org.bouncycastle.asn1.isismtt.x509.DeclarationOfMajority; +import org.bouncycastle.asn1.isismtt.x509.MonetaryLimit; +import org.bouncycastle.asn1.isismtt.x509.NamingAuthority; +import org.bouncycastle.asn1.isismtt.x509.ProcurationSyntax; +import org.bouncycastle.asn1.isismtt.x509.ProfessionInfo; +import org.bouncycastle.asn1.isismtt.x509.Restriction; +import org.bouncycastle.asn1.misc.CAST5CBCParameters; +import org.bouncycastle.asn1.misc.IDEACBCPar; +import org.bouncycastle.asn1.mozilla.PublicKeyAndChallenge; +import org.bouncycastle.asn1.ocsp.BasicOCSPResponse; +import org.bouncycastle.asn1.ocsp.CertID; +import org.bouncycastle.asn1.ocsp.CertStatus; +import org.bouncycastle.asn1.ocsp.CrlID; +import org.bouncycastle.asn1.ocsp.OCSPRequest; +import org.bouncycastle.asn1.ocsp.OCSPResponse; +import org.bouncycastle.asn1.ocsp.OCSPResponseStatus; +import org.bouncycastle.asn1.ocsp.Request; +import org.bouncycastle.asn1.ocsp.ResponderID; +import org.bouncycastle.asn1.ocsp.ResponseBytes; +import org.bouncycastle.asn1.ocsp.ResponseData; +import org.bouncycastle.asn1.ocsp.RevokedInfo; +import org.bouncycastle.asn1.ocsp.Signature; +import org.bouncycastle.asn1.ocsp.SingleResponse; +import org.bouncycastle.asn1.ocsp.TBSRequest; +import org.bouncycastle.asn1.oiw.OIWObjectIdentifiers; +import org.bouncycastle.asn1.pkcs.AuthenticatedSafe; +import org.bouncycastle.asn1.pkcs.CertificationRequest; +import org.bouncycastle.asn1.pkcs.CertificationRequestInfo; +import org.bouncycastle.asn1.pkcs.DHParameter; +import org.bouncycastle.asn1.pkcs.EncryptedPrivateKeyInfo; +import org.bouncycastle.asn1.pkcs.MacData; +import org.bouncycastle.asn1.pkcs.PBEParameter; +import org.bouncycastle.asn1.pkcs.PBES2Parameters; +import org.bouncycastle.asn1.pkcs.PBKDF2Params; +import org.bouncycastle.asn1.pkcs.PKCS12PBEParams; +import org.bouncycastle.asn1.pkcs.Pfx; +import org.bouncycastle.asn1.pkcs.PrivateKeyInfo; +import org.bouncycastle.asn1.pkcs.RC2CBCParameter; +import org.bouncycastle.asn1.pkcs.RSAESOAEPparams; +import org.bouncycastle.asn1.pkcs.RSAPrivateKey; +import org.bouncycastle.asn1.pkcs.RSASSAPSSparams; +import org.bouncycastle.asn1.pkcs.SafeBag; +import org.bouncycastle.asn1.pkcs.SignedData; +import org.bouncycastle.asn1.sec.ECPrivateKey; +import org.bouncycastle.asn1.smime.SMIMECapabilities; +import org.bouncycastle.asn1.smime.SMIMECapability; +import org.bouncycastle.asn1.tsp.Accuracy; +import org.bouncycastle.asn1.tsp.MessageImprint; +import org.bouncycastle.asn1.tsp.TSTInfo; +import org.bouncycastle.asn1.tsp.TimeStampReq; +import org.bouncycastle.asn1.tsp.TimeStampResp; +import org.bouncycastle.asn1.x500.DirectoryString; +import org.bouncycastle.asn1.x500.RDN; +import org.bouncycastle.asn1.x500.X500Name; +import org.bouncycastle.asn1.x509.AccessDescription; +import org.bouncycastle.asn1.x509.AlgorithmIdentifier; +import org.bouncycastle.asn1.x509.AttCertIssuer; +import org.bouncycastle.asn1.x509.AttCertValidityPeriod; +import org.bouncycastle.asn1.x509.AttributeCertificate; +import org.bouncycastle.asn1.x509.AttributeCertificateInfo; +import org.bouncycastle.asn1.x509.AuthorityInformationAccess; +import org.bouncycastle.asn1.x509.AuthorityKeyIdentifier; +import org.bouncycastle.asn1.x509.BasicConstraints; +import org.bouncycastle.asn1.x509.CRLDistPoint; +import org.bouncycastle.asn1.x509.CRLNumber; +import org.bouncycastle.asn1.x509.CRLReason; +import org.bouncycastle.asn1.x509.Certificate; +import org.bouncycastle.asn1.x509.CertificateList; +import org.bouncycastle.asn1.x509.CertificatePair; +import org.bouncycastle.asn1.x509.CertificatePolicies; +import org.bouncycastle.asn1.x509.DSAParameter; +import org.bouncycastle.asn1.x509.DigestInfo; +import org.bouncycastle.asn1.x509.DisplayText; +import org.bouncycastle.asn1.x509.DistributionPoint; +import org.bouncycastle.asn1.x509.DistributionPointName; +import org.bouncycastle.asn1.x509.ExtendedKeyUsage; +import org.bouncycastle.asn1.x509.Extensions; +import org.bouncycastle.asn1.x509.GeneralName; +import org.bouncycastle.asn1.x509.GeneralNames; +import org.bouncycastle.asn1.x509.GeneralSubtree; +import org.bouncycastle.asn1.x509.Holder; +import org.bouncycastle.asn1.x509.IetfAttrSyntax; +import org.bouncycastle.asn1.x509.IssuerSerial; +import org.bouncycastle.asn1.x509.IssuingDistributionPoint; +import org.bouncycastle.asn1.x509.NameConstraints; +import org.bouncycastle.asn1.x509.NoticeReference; +import org.bouncycastle.asn1.x509.ObjectDigestInfo; +import org.bouncycastle.asn1.x509.PolicyInformation; +import org.bouncycastle.asn1.x509.PolicyMappings; +import org.bouncycastle.asn1.x509.PolicyQualifierInfo; +import org.bouncycastle.asn1.x509.PrivateKeyUsagePeriod; +import org.bouncycastle.asn1.x509.RSAPublicKeyStructure; +import org.bouncycastle.asn1.x509.RoleSyntax; +import org.bouncycastle.asn1.x509.SubjectDirectoryAttributes; +import org.bouncycastle.asn1.x509.SubjectKeyIdentifier; +import org.bouncycastle.asn1.x509.SubjectPublicKeyInfo; +import org.bouncycastle.asn1.x509.TBSCertList; +import org.bouncycastle.asn1.x509.TBSCertificate; +import org.bouncycastle.asn1.x509.TBSCertificateStructure; +import org.bouncycastle.asn1.x509.Target; +import org.bouncycastle.asn1.x509.TargetInformation; +import org.bouncycastle.asn1.x509.Targets; +import org.bouncycastle.asn1.x509.Time; +import org.bouncycastle.asn1.x509.UserNotice; +import org.bouncycastle.asn1.x509.V2Form; +import org.bouncycastle.asn1.x509.X509CertificateStructure; +import org.bouncycastle.asn1.x509.X509Extensions; +import org.bouncycastle.asn1.x509.X509Name; +import org.bouncycastle.asn1.x509.qualified.BiometricData; +import org.bouncycastle.asn1.x509.qualified.Iso4217CurrencyCode; +import org.bouncycastle.asn1.x509.qualified.MonetaryValue; +import org.bouncycastle.asn1.x509.qualified.QCStatement; +import org.bouncycastle.asn1.x509.qualified.SemanticsInformation; +import org.bouncycastle.asn1.x509.qualified.TypeOfBiometricData; +import org.bouncycastle.asn1.x509.sigi.NameOrPseudonym; +import org.bouncycastle.asn1.x509.sigi.PersonalData; +import org.bouncycastle.asn1.x9.DHDomainParameters; +import org.bouncycastle.asn1.x9.DHPublicKey; +import org.bouncycastle.asn1.x9.DHValidationParms; +import org.bouncycastle.asn1.x9.X962Parameters; +import org.bouncycastle.asn1.x9.X9ECParameters; +import org.bouncycastle.util.Integers; +import org.bouncycastle.util.encoders.Base64; + +public class GetInstanceTest + extends TestCase +{ + public static byte[] attrCert = Base64.decode( + "MIIHQDCCBqkCAQEwgZChgY2kgYowgYcxHDAaBgkqhkiG9w0BCQEWDW1sb3JjaEB2" + + "dC5lZHUxHjAcBgNVBAMTFU1hcmt1cyBMb3JjaCAobWxvcmNoKTEbMBkGA1UECxMS" + + "VmlyZ2luaWEgVGVjaCBVc2VyMRAwDgYDVQQLEwdDbGFzcyAyMQswCQYDVQQKEwJ2" + + "dDELMAkGA1UEBhMCVVMwgYmkgYYwgYMxGzAZBgkqhkiG9w0BCQEWDHNzaGFoQHZ0" + + "LmVkdTEbMBkGA1UEAxMSU3VtaXQgU2hhaCAoc3NoYWgpMRswGQYDVQQLExJWaXJn" + + "aW5pYSBUZWNoIFVzZXIxEDAOBgNVBAsTB0NsYXNzIDExCzAJBgNVBAoTAnZ0MQsw" + + "CQYDVQQGEwJVUzANBgkqhkiG9w0BAQQFAAIBBTAiGA8yMDAzMDcxODE2MDgwMloY" + + "DzIwMDMwNzI1MTYwODAyWjCCBU0wggVJBgorBgEEAbRoCAEBMYIFORaCBTU8UnVs" + + "ZSBSdWxlSWQ9IkZpbGUtUHJpdmlsZWdlLVJ1bGUiIEVmZmVjdD0iUGVybWl0Ij4K" + + "IDxUYXJnZXQ+CiAgPFN1YmplY3RzPgogICA8U3ViamVjdD4KICAgIDxTdWJqZWN0" + + "TWF0Y2ggTWF0Y2hJZD0idXJuOm9hc2lzOm5hbWVzOnRjOnhhY21sOjEuMDpmdW5j" + + "dGlvbjpzdHJpbmctZXF1YWwiPgogICAgIDxBdHRyaWJ1dGVWYWx1ZSBEYXRhVHlw" + + "ZT0iaHR0cDovL3d3dy53My5vcmcvMjAwMS9YTUxTY2hlbWEjc3RyaW5nIj4KICAg" + + "ICAgIENOPU1hcmt1cyBMb3JjaDwvQXR0cmlidXRlVmFsdWU+CiAgICAgPFN1Ympl" + + "Y3RBdHRyaWJ1dGVEZXNpZ25hdG9yIEF0dHJpYnV0ZUlkPSJ1cm46b2FzaXM6bmFt" + + "ZXM6dGM6eGFjbWw6MS4wOnN1YmplY3Q6c3ViamVjdC1pZCIgRGF0YVR5cGU9Imh0" + + "dHA6Ly93d3cudzMub3JnLzIwMDEvWE1MU2NoZW1hI3N0cmluZyIgLz4gCiAgICA8" + + "L1N1YmplY3RNYXRjaD4KICAgPC9TdWJqZWN0PgogIDwvU3ViamVjdHM+CiAgPFJl" + + "c291cmNlcz4KICAgPFJlc291cmNlPgogICAgPFJlc291cmNlTWF0Y2ggTWF0Y2hJ" + + "ZD0idXJuOm9hc2lzOm5hbWVzOnRjOnhhY21sOjEuMDpmdW5jdGlvbjpzdHJpbmct" + + "ZXF1YWwiPgogICAgIDxBdHRyaWJ1dGVWYWx1ZSBEYXRhVHlwZT0iaHR0cDovL3d3" + + "dy53My5vcmcvMjAwMS9YTUxTY2hlbWEjYW55VVJJIj4KICAgICAgaHR0cDovL3p1" + + "bmkuY3MudnQuZWR1PC9BdHRyaWJ1dGVWYWx1ZT4KICAgICA8UmVzb3VyY2VBdHRy" + + "aWJ1dGVEZXNpZ25hdG9yIEF0dHJpYnV0ZUlkPSJ1cm46b2FzaXM6bmFtZXM6dGM6" + + "eGFjbWw6MS4wOnJlc291cmNlOnJlc291cmNlLWlkIiBEYXRhVHlwZT0iaHR0cDov" + + "L3d3dy53My5vcmcvMjAwMS9YTUxTY2hlbWEjYW55VVJJIiAvPiAKICAgIDwvUmVz" + + "b3VyY2VNYXRjaD4KICAgPC9SZXNvdXJjZT4KICA8L1Jlc291cmNlcz4KICA8QWN0" + + "aW9ucz4KICAgPEFjdGlvbj4KICAgIDxBY3Rpb25NYXRjaCBNYXRjaElkPSJ1cm46" + + "b2FzaXM6bmFtZXM6dGM6eGFjbWw6MS4wOmZ1bmN0aW9uOnN0cmluZy1lcXVhbCI+" + + "CiAgICAgPEF0dHJpYnV0ZVZhbHVlIERhdGFUeXBlPSJodHRwOi8vd3d3LnczLm9y" + + "Zy8yMDAxL1hNTFNjaGVtYSNzdHJpbmciPgpEZWxlZ2F0ZSBBY2Nlc3MgICAgIDwv" + + "QXR0cmlidXRlVmFsdWU+CgkgIDxBY3Rpb25BdHRyaWJ1dGVEZXNpZ25hdG9yIEF0" + + "dHJpYnV0ZUlkPSJ1cm46b2FzaXM6bmFtZXM6dGM6eGFjbWw6MS4wOmFjdGlvbjph" + + "Y3Rpb24taWQiIERhdGFUeXBlPSJodHRwOi8vd3d3LnczLm9yZy8yMDAxL1hNTFNj" + + "aGVtYSNzdHJpbmciIC8+IAogICAgPC9BY3Rpb25NYXRjaD4KICAgPC9BY3Rpb24+" + + "CiAgPC9BY3Rpb25zPgogPC9UYXJnZXQ+CjwvUnVsZT4KMA0GCSqGSIb3DQEBBAUA" + + "A4GBAGiJSM48XsY90HlYxGmGVSmNR6ZW2As+bot3KAfiCIkUIOAqhcphBS23egTr" + + "6asYwy151HshbPNYz+Cgeqs45KkVzh7bL/0e1r8sDVIaaGIkjHK3CqBABnfSayr3" + + "Rd1yBoDdEv8Qb+3eEPH6ab9021AsLEnJ6LWTmybbOpMNZ3tv"); + + byte[] cert1 = Base64.decode( + "MIIDXjCCAsegAwIBAgIBBzANBgkqhkiG9w0BAQQFADCBtzELMAkGA1UEBhMCQVUx" + + "ETAPBgNVBAgTCFZpY3RvcmlhMRgwFgYDVQQHEw9Tb3V0aCBNZWxib3VybmUxGjAY" + + "BgNVBAoTEUNvbm5lY3QgNCBQdHkgTHRkMR4wHAYDVQQLExVDZXJ0aWZpY2F0ZSBB" + + "dXRob3JpdHkxFTATBgNVBAMTDENvbm5lY3QgNCBDQTEoMCYGCSqGSIb3DQEJARYZ" + + "d2VibWFzdGVyQGNvbm5lY3Q0LmNvbS5hdTAeFw0wMDA2MDIwNzU2MjFaFw0wMTA2" + + "MDIwNzU2MjFaMIG4MQswCQYDVQQGEwJBVTERMA8GA1UECBMIVmljdG9yaWExGDAW" + + "BgNVBAcTD1NvdXRoIE1lbGJvdXJuZTEaMBgGA1UEChMRQ29ubmVjdCA0IFB0eSBM" + + "dGQxFzAVBgNVBAsTDldlYnNlcnZlciBUZWFtMR0wGwYDVQQDExR3d3cyLmNvbm5l" + + "Y3Q0LmNvbS5hdTEoMCYGCSqGSIb3DQEJARYZd2VibWFzdGVyQGNvbm5lY3Q0LmNv" + + "bS5hdTCBnzANBgkqhkiG9w0BAQEFAAOBjQAwgYkCgYEArvDxclKAhyv7Q/Wmr2re" + + "Gw4XL9Cnh9e+6VgWy2AWNy/MVeXdlxzd7QAuc1eOWQkGQEiLPy5XQtTY+sBUJ3AO" + + "Rvd2fEVJIcjf29ey7bYua9J/vz5MG2KYo9/WCHIwqD9mmG9g0xLcfwq/s8ZJBswE" + + "7sb85VU+h94PTvsWOsWuKaECAwEAAaN3MHUwJAYDVR0RBB0wG4EZd2VibWFzdGVy" + + "QGNvbm5lY3Q0LmNvbS5hdTA6BglghkgBhvhCAQ0ELRYrbW9kX3NzbCBnZW5lcmF0" + + "ZWQgY3VzdG9tIHNlcnZlciBjZXJ0aWZpY2F0ZTARBglghkgBhvhCAQEEBAMCBkAw" + + "DQYJKoZIhvcNAQEEBQADgYEAotccfKpwSsIxM1Hae8DR7M/Rw8dg/RqOWx45HNVL" + + "iBS4/3N/TO195yeQKbfmzbAA2jbPVvIvGgTxPgO1MP4ZgvgRhasaa0qCJCkWvpM4" + + "yQf33vOiYQbpv4rTwzU8AmRlBG45WdjyNIigGV+oRc61aKCTnLq7zB8N3z1TF/bF" + + "5/8="); + + private byte[] v2CertList = Base64.decode( + "MIICjTCCAfowDQYJKoZIhvcNAQECBQAwXzELMAkGA1UEBhMCVVMxIDAeBgNVBAoT" + + "F1JTQSBEYXRhIFNlY3VyaXR5LCBJbmMuMS4wLAYDVQQLEyVTZWN1cmUgU2VydmVy" + + "IENlcnRpZmljYXRpb24gQXV0aG9yaXR5Fw05NTA1MDIwMjEyMjZaFw05NTA2MDEw" + + "MDAxNDlaMIIBaDAWAgUCQQAABBcNOTUwMjAxMTcyNDI2WjAWAgUCQQAACRcNOTUw" + + "MjEwMDIxNjM5WjAWAgUCQQAADxcNOTUwMjI0MDAxMjQ5WjAWAgUCQQAADBcNOTUw" + + "MjI1MDA0NjQ0WjAWAgUCQQAAGxcNOTUwMzEzMTg0MDQ5WjAWAgUCQQAAFhcNOTUw" + + "MzE1MTkxNjU0WjAWAgUCQQAAGhcNOTUwMzE1MTk0MDQxWjAWAgUCQQAAHxcNOTUw" + + "MzI0MTk0NDMzWjAWAgUCcgAABRcNOTUwMzI5MjAwNzExWjAWAgUCcgAAERcNOTUw" + + "MzMwMDIzNDI2WjAWAgUCQQAAIBcNOTUwNDA3MDExMzIxWjAWAgUCcgAAHhcNOTUw" + + "NDA4MDAwMjU5WjAWAgUCcgAAQRcNOTUwNDI4MTcxNzI0WjAWAgUCcgAAOBcNOTUw" + + "NDI4MTcyNzIxWjAWAgUCcgAATBcNOTUwNTAyMDIxMjI2WjANBgkqhkiG9w0BAQIF" + + "AAN+AHqOEJXSDejYy0UwxxrH/9+N2z5xu/if0J6qQmK92W0hW158wpJg+ovV3+wQ" + + "wvIEPRL2rocL0tKfAsVq1IawSJzSNgxG0lrcla3MrJBnZ4GaZDu4FutZh72MR3Gt" + + "JaAL3iTJHJD55kK2D/VoyY1djlsPuNh6AEgdVwFAyp0v"); + + private static final Object[] NULL_ARGS = new Object[] { null }; + + private void doFullGetInstanceTest(Class clazz, ASN1Object o1) + throws Exception + { + Method m; + + try + { + m = clazz.getMethod("getInstance", Object.class); + } + catch (NoSuchMethodException e) + { + fail("no getInstance method found"); + return; + } + + ASN1Object o2 = (ASN1Object)m.invoke(clazz, NULL_ARGS); + if (o2 != null) + { + fail(clazz.getName() + " null failed"); + } + + o2 = (ASN1Object)m.invoke(clazz, o1); + + if (!o1.equals(o2) || !clazz.isInstance(o2)) + { + fail(clazz.getName() + " equality failed"); + } + + o2 = (ASN1Object)m.invoke(clazz, o1.getEncoded()); + if (!o1.equals(o2) || !clazz.isInstance(o2)) + { + fail(clazz.getName() + " encoded equality failed"); + } + + o2 = (ASN1Object)m.invoke(clazz, o1.toASN1Primitive()); + if (!o1.equals(o2) || !clazz.isInstance(o2)) + { + fail(clazz.getName() + " sequence equality failed"); + } + + try + { + m = clazz.getMethod("getInstance", ASN1TaggedObject.class, Boolean.TYPE); + } + catch (NoSuchMethodException e) + { + return; + } + + ASN1TaggedObject t = new DERTaggedObject(true, 0, o1); + o2 = (ASN1Object)m.invoke(clazz, t, true); + if (!o1.equals(o2) || !clazz.isInstance(o2)) + { + fail(clazz.getName() + " tag equality failed"); + } + + t = new DERTaggedObject(true, 0, o1.toASN1Primitive()); + o2 = (ASN1Object)m.invoke(clazz, t, true); + if (!o1.equals(o2) || !clazz.isInstance(o2)) + { + fail(clazz.getName() + " tag equality failed"); + } + + t = ASN1TaggedObject.getInstance(t.getEncoded()); + o2 = (ASN1Object)m.invoke(clazz, t, true); + if (!o1.equals(o2) || !clazz.isInstance(o2)) + { + fail(clazz.getName() + " tag equality failed"); + } + + t = new DERTaggedObject(false, 0, o1); + o2 = (ASN1Object)m.invoke(clazz, t, false); + if (!o1.equals(o2) || !clazz.isInstance(o2)) + { + fail(clazz.getName() + " tag equality failed"); + } + + t = new DERTaggedObject(false, 0, o1.toASN1Primitive()); + o2 = (ASN1Object)m.invoke(clazz, t, false); + if (!o1.equals(o2) || !clazz.isInstance(o2)) + { + fail(clazz.getName() + " tag equality failed"); + } + + t = ASN1TaggedObject.getInstance(t.getEncoded()); + o2 = (ASN1Object)m.invoke(clazz, t, false); + if (!o1.equals(o2) || !clazz.isInstance(o2)) + { + fail(clazz.getName() + " tag equality failed"); + } + } + + public void testGetInstance() + throws Exception + { + doFullGetInstanceTest(DERPrintableString.class, new DERPrintableString("hello world")); + doFullGetInstanceTest(DERBMPString.class, new DERBMPString("hello world")); + doFullGetInstanceTest(DERUTF8String.class, new DERUTF8String("hello world")); + doFullGetInstanceTest(DERUniversalString.class, new DERUniversalString(new byte[20])); + doFullGetInstanceTest(DERIA5String.class, new DERIA5String("hello world")); + doFullGetInstanceTest(DERGeneralString.class, new DERGeneralString("hello world")); + doFullGetInstanceTest(DERNumericString.class, new DERNumericString("hello world")); + doFullGetInstanceTest(DERNumericString.class, new DERNumericString("99999", true)); + doFullGetInstanceTest(DERT61String.class, new DERT61String("hello world")); + doFullGetInstanceTest(DERVisibleString.class, new DERVisibleString("hello world")); + + doFullGetInstanceTest(ASN1Integer.class, new ASN1Integer(1)); + doFullGetInstanceTest(ASN1GeneralizedTime.class, new ASN1GeneralizedTime(new Date())); + doFullGetInstanceTest(ASN1UTCTime.class, new ASN1UTCTime(new Date())); + doFullGetInstanceTest(ASN1Enumerated.class, new ASN1Enumerated(1)); + + CMPCertificate cmpCert = new CMPCertificate(Certificate.getInstance(cert1)); + CertificateList crl = CertificateList.getInstance(v2CertList); + AttributeCertificate attributeCert = AttributeCertificate.getInstance(attrCert); + + doFullGetInstanceTest(CAKeyUpdAnnContent.class, new CAKeyUpdAnnContent(cmpCert, cmpCert, cmpCert)); + + CertConfirmContent.getInstance(null); + CertifiedKeyPair.getInstance(null); + CertOrEncCert.getInstance(null); + CertRepMessage.getInstance(null); + doFullGetInstanceTest(CertResponse.class, new CertResponse(new ASN1Integer(1), new PKIStatusInfo(PKIStatus.granted))); + doFullGetInstanceTest(org.bouncycastle.asn1.cmp.CertStatus.class, new org.bouncycastle.asn1.cmp.CertStatus(new byte[10], BigInteger.valueOf(1), new PKIStatusInfo(PKIStatus.granted))); + doFullGetInstanceTest(Challenge.class, new Challenge(new AlgorithmIdentifier(OIWObjectIdentifiers.idSHA1, DERNull.INSTANCE), new byte[10], new byte[10])); + + doFullGetInstanceTest(CMPCertificate.class, cmpCert); + doFullGetInstanceTest(CRLAnnContent.class, new CRLAnnContent(crl)); + doFullGetInstanceTest(ErrorMsgContent.class, new ErrorMsgContent(new PKIStatusInfo(PKIStatus.granted), new ASN1Integer(1), new PKIFreeText("fred"))); + GenMsgContent.getInstance(null); + GenRepContent.getInstance(null); + InfoTypeAndValue.getInstance(null); + KeyRecRepContent.getInstance(null); + OOBCertHash.getInstance(null); + PBMParameter.getInstance(null); + PKIBody.getInstance(null); + PKIConfirmContent.getInstance(null); + PKIFreeText.getInstance(null); + doFullGetInstanceTest(PKIFreeText.class, new PKIFreeText("hello world")); + doFullGetInstanceTest(PKIFreeText.class, new PKIFreeText(new String[]{"hello", "world"})); + doFullGetInstanceTest(PKIFreeText.class, new PKIFreeText(new DERUTF8String[]{new DERUTF8String("hello"), new DERUTF8String("world")})); + PKIHeader.getInstance(null); + PKIMessage.getInstance(null); + PKIMessages.getInstance(null); + doFullGetInstanceTest(PKIStatusInfo.class, new PKIStatusInfo(PKIStatus.rejection, new PKIFreeText("hello world"), new PKIFailureInfo(PKIFailureInfo.badAlg))); + doFullGetInstanceTest(PKIStatusInfo.class, new PKIStatusInfo(PKIStatus.granted, new PKIFreeText("hello world"))); + PKIStatus.getInstance(null); + PollRepContent.getInstance(null); + PollReqContent.getInstance(null); + POPODecKeyChallContent.getInstance(null); + POPODecKeyRespContent.getInstance(null); + ProtectedPart.getInstance(null); + RevAnnContent.getInstance(null); + RevDetails.getInstance(null); + RevRepContent.getInstance(null); + RevReqContent.getInstance(null); + Attribute.getInstance(null); + Attributes.getInstance(null); + AuthenticatedData.getInstance(null); + AuthenticatedData.getInstance(null); + AuthEnvelopedData.getInstance(null); + AuthEnvelopedData.getInstance(null); + CompressedData.getInstance(null); + CompressedData.getInstance(null); + ContentInfo.getInstance(null); + EncryptedContentInfo.getInstance(null); + EncryptedData.getInstance(null); + EnvelopedData.getInstance(null); + EnvelopedData.getInstance(null); + Evidence.getInstance(null); + IssuerAndSerialNumber.getInstance(null); + KEKIdentifier.getInstance(null); + KEKIdentifier.getInstance(null); + KEKRecipientInfo.getInstance(null); + KEKRecipientInfo.getInstance(null); + KeyAgreeRecipientIdentifier.getInstance(null); + KeyAgreeRecipientIdentifier.getInstance(null); + KeyAgreeRecipientInfo.getInstance(null); + KeyAgreeRecipientInfo.getInstance(null); + KeyTransRecipientInfo.getInstance(null); + MetaData.getInstance(null); + OriginatorIdentifierOrKey.getInstance(null); + OriginatorIdentifierOrKey.getInstance(null); + OriginatorInfo.getInstance(null); + OriginatorInfo.getInstance(null); + OriginatorPublicKey.getInstance(null); + OriginatorPublicKey.getInstance(null); + OtherKeyAttribute.getInstance(null); + OtherRecipientInfo.getInstance(null); + OtherRecipientInfo.getInstance(null); + PasswordRecipientInfo.getInstance(null); + PasswordRecipientInfo.getInstance(null); + RecipientEncryptedKey.getInstance(null); + RecipientIdentifier.getInstance(null); + RecipientInfo.getInstance(null); + RecipientKeyIdentifier.getInstance(null); + RecipientKeyIdentifier.getInstance(null); + SignedData.getInstance(null); + SignerIdentifier.getInstance(null); + SignerInfo.getInstance(null); + Time.getInstance(null); + Time.getInstance(null); + TimeStampAndCRL.getInstance(null); + TimeStampedData.getInstance(null); + TimeStampTokenEvidence.getInstance(null); + AttributeTypeAndValue.getInstance(null); + + doFullGetInstanceTest(CertId.class, new CertId(new GeneralName(new X500Name("CN=Test")), BigInteger.valueOf(1))); + + + CertReqMessages.getInstance(null); + CertReqMsg.getInstance(null); + CertRequest.getInstance(null); + CertTemplate.getInstance(null); + Controls.getInstance(null); + EncKeyWithID.getInstance(null); + EncryptedKey.getInstance(null); + EncryptedValue.getInstance(null); + OptionalValidity.getInstance(null); + PKIArchiveOptions.getInstance(null); + PKIPublicationInfo.getInstance(null); + PKMACValue.getInstance(null); + PKMACValue.getInstance(null); + POPOPrivKey.getInstance(null); + POPOSigningKeyInput.getInstance(null); + POPOSigningKey.getInstance(null); + POPOSigningKey.getInstance(null); + ProofOfPossession.getInstance(null); + SinglePubInfo.getInstance(null); + ECGOST3410ParamSetParameters.getInstance(null); + ECGOST3410ParamSetParameters.getInstance(null); + GOST28147Parameters.getInstance(null); + GOST28147Parameters.getInstance(null); + GOST3410ParamSetParameters.getInstance(null); + GOST3410ParamSetParameters.getInstance(null); + GOST3410PublicKeyAlgParameters.getInstance(null); + GOST3410PublicKeyAlgParameters.getInstance(null); + CertificateBody.getInstance(null); + CVCertificate.getInstance(null); + CVCertificateRequest.getInstance(null); + PublicKeyDataObject.getInstance(null); + UnsignedInteger.getInstance(null); + CommitmentTypeIndication.getInstance(null); + CommitmentTypeQualifier.getInstance(null); + + OcspIdentifier ocspIdentifier = new OcspIdentifier(new ResponderID(new X500Name("CN=Test")), new ASN1GeneralizedTime(new Date())); + CrlListID crlListID = new CrlListID(new CrlValidatedID[]{new CrlValidatedID(new OtherHash(new byte[20]))}); + OcspListID ocspListID = new OcspListID(new OcspResponsesID[] { new OcspResponsesID(ocspIdentifier) }); + OtherRevRefs otherRevRefs = new OtherRevRefs(new ASN1ObjectIdentifier("1.2.1"), new DERSequence()); + OtherRevVals otherRevVals = new OtherRevVals(new ASN1ObjectIdentifier("1.2.1"), new DERSequence()); + CrlOcspRef crlOcspRef = new CrlOcspRef(crlListID, ocspListID, otherRevRefs); + doFullGetInstanceTest(CompleteRevocationRefs.class, new CompleteRevocationRefs(new CrlOcspRef[]{crlOcspRef, crlOcspRef})); + + doFullGetInstanceTest(CrlIdentifier.class, new CrlIdentifier(new X500Name("CN=Test"), new ASN1UTCTime(new Date()), BigInteger.valueOf(1))); + + + doFullGetInstanceTest(CrlListID.class, crlListID); + doFullGetInstanceTest(CrlOcspRef.class, crlOcspRef); + doFullGetInstanceTest(CrlValidatedID.class, new CrlValidatedID(new OtherHash(new byte[20]))); + doFullGetInstanceTest(OcspIdentifier.class, ocspIdentifier); + doFullGetInstanceTest(OcspListID.class, ocspListID); + doFullGetInstanceTest(OcspResponsesID.class, new OcspResponsesID(ocspIdentifier)); + + OtherHashAlgAndValue otherHashAlgAndValue = new OtherHashAlgAndValue(new AlgorithmIdentifier(OIWObjectIdentifiers.idSHA1, DERNull.INSTANCE), new DEROctetString(new byte[10])); + doFullGetInstanceTest(OtherHashAlgAndValue.class, otherHashAlgAndValue); + OtherHash.getInstance(null); + doFullGetInstanceTest(OtherRevRefs.class, otherRevRefs); + doFullGetInstanceTest(OtherRevVals.class, otherRevVals); + doFullGetInstanceTest(RevocationValues.class, new RevocationValues(new CertificateList[]{crl}, null, otherRevVals)); + + SignaturePolicyId signaturePolicyId = new SignaturePolicyId(new ASN1ObjectIdentifier("1.2.1"), otherHashAlgAndValue); + doFullGetInstanceTest(SignaturePolicyIdentifier.class, new SignaturePolicyIdentifier()); + doFullGetInstanceTest(SignaturePolicyIdentifier.class, new SignaturePolicyIdentifier(signaturePolicyId)); + doFullGetInstanceTest(SignaturePolicyId.class, signaturePolicyId); + doFullGetInstanceTest(SignerAttribute.class, new SignerAttribute(new org.bouncycastle.asn1.x509.Attribute[]{new org.bouncycastle.asn1.x509.Attribute(new ASN1ObjectIdentifier("1.2.1"), new DERSet())})); + doFullGetInstanceTest(SignerAttribute.class, new SignerAttribute(attributeCert)); + + ASN1EncodableVector postalAddr = new ASN1EncodableVector(); + + postalAddr.add(new DERUTF8String("line 1")); + postalAddr.add(new DERUTF8String("line 2")); + + doFullGetInstanceTest(SignerLocation.class, new SignerLocation(new DERUTF8String("AU"), new DERUTF8String("Melbourne"), new DERSequence(postalAddr))); + doFullGetInstanceTest(SigPolicyQualifierInfo.class, new SigPolicyQualifierInfo(new ASN1ObjectIdentifier("1.2.1"), new DERSequence())); + SigPolicyQualifiers.getInstance(null); + SPuri.getInstance(null); + Vector v = new Vector(); + + v.add(Integers.valueOf(1)); + v.add(BigInteger.valueOf(2)); + NoticeReference noticeReference = new NoticeReference("BC", v); + doFullGetInstanceTest(SPUserNotice.class, new SPUserNotice(noticeReference, new DisplayText("hello world"))); + ContentHints.getInstance(null); + ContentIdentifier.getInstance(null); + ESSCertID.getInstance(null); + ESSCertIDv2.getInstance(null); + OtherCertID.getInstance(null); + OtherSigningCertificate.getInstance(null); + SigningCertificate.getInstance(null); + SigningCertificateV2.getInstance(null); + CscaMasterList.getInstance(null); + DataGroupHash.getInstance(null); + LDSSecurityObject.getInstance(null); + LDSVersionInfo.getInstance(null); + CAST5CBCParameters.getInstance(null); + IDEACBCPar.getInstance(null); + PublicKeyAndChallenge.getInstance(null); + BasicOCSPResponse.getInstance(null); + BasicOCSPResponse.getInstance(null); + + doFullGetInstanceTest(CertID.class, new CertID(new AlgorithmIdentifier(OIWObjectIdentifiers.idSHA1, DERNull.INSTANCE), new DEROctetString(new byte[1]), new DEROctetString(new byte[1]), new ASN1Integer(1))); + + CertStatus.getInstance(null); + CertStatus.getInstance(null); + CrlID.getInstance(null); + OCSPRequest.getInstance(null); + OCSPRequest.getInstance(null); + OCSPResponse.getInstance(null); + OCSPResponse.getInstance(null); + OCSPResponseStatus.getInstance(null); + Request.getInstance(null); + Request.getInstance(null); + ResponderID.getInstance(null); + ResponderID.getInstance(null); + ResponseBytes.getInstance(null); + ResponseBytes.getInstance(null); + ResponseData.getInstance(null); + ResponseData.getInstance(null); + RevokedInfo.getInstance(null); + RevokedInfo.getInstance(null); + Signature.getInstance(null); + Signature.getInstance(null); + SingleResponse.getInstance(null); + SingleResponse.getInstance(null); + TBSRequest.getInstance(null); + TBSRequest.getInstance(null); + Attribute.getInstance(null); + AuthenticatedSafe.getInstance(null); + CertificationRequestInfo.getInstance(null); + CertificationRequest.getInstance(null); + ContentInfo.getInstance(null); + DHParameter.getInstance(null); + EncryptedData.getInstance(null); + EncryptedPrivateKeyInfo.getInstance(null); + AlgorithmIdentifier.getInstance(null); + IssuerAndSerialNumber.getInstance(null); + MacData.getInstance(null); + PBEParameter.getInstance(null); + PBES2Parameters.getInstance(null); + PBKDF2Params.getInstance(null); + Pfx.getInstance(null); + PKCS12PBEParams.getInstance(null); + PrivateKeyInfo.getInstance(null); + PrivateKeyInfo.getInstance(null); + RC2CBCParameter.getInstance(null); + RSAESOAEPparams.getInstance(null); + RSAPrivateKey.getInstance(null); + RSAPrivateKey.getInstance(null); + RSAPublicKey.getInstance(null); + RSAPublicKey.getInstance(null); + RSASSAPSSparams.getInstance(null); + SafeBag.getInstance(null); + SignedData.getInstance(null); + SignerInfo.getInstance(null); + ECPrivateKey.getInstance(null); + SMIMECapabilities.getInstance(null); + SMIMECapability.getInstance(null); + Accuracy.getInstance(null); + MessageImprint.getInstance(null); + TimeStampReq.getInstance(null); + TimeStampResp.getInstance(null); + TSTInfo.getInstance(null); + AttributeTypeAndValue.getInstance(null); + DirectoryString.getInstance(null); + DirectoryString.getInstance(null); + RDN.getInstance(null); + X500Name.getInstance(null); + X500Name.getInstance(null); + AccessDescription.getInstance(null); + AlgorithmIdentifier.getInstance(null); + AlgorithmIdentifier.getInstance(null); + AttCertIssuer.getInstance(null); + AttCertIssuer.getInstance(null); + AttCertValidityPeriod.getInstance(null); + AttributeCertificateInfo.getInstance(null); + AttributeCertificateInfo.getInstance(null); + AttributeCertificate.getInstance(null); + Attribute.getInstance(null); + AuthorityInformationAccess.getInstance(null); + AuthorityKeyIdentifier.getInstance(null); + AuthorityKeyIdentifier.getInstance(null); + BasicConstraints.getInstance(null); + BasicConstraints.getInstance(null); + Certificate.getInstance(null); + Certificate.getInstance(null); + CertificateList.getInstance(null); + CertificateList.getInstance(null); + CertificatePair.getInstance(null); + CertificatePolicies.getInstance(null); + CertificatePolicies.getInstance(null); + CRLDistPoint.getInstance(null); + CRLDistPoint.getInstance(null); + CRLNumber.getInstance(null); + CRLReason.getInstance(null); + DigestInfo.getInstance(null); + DigestInfo.getInstance(null); + DisplayText.getInstance(null); + DisplayText.getInstance(null); + DistributionPoint.getInstance(null); + DistributionPoint.getInstance(null); + DistributionPointName.getInstance(null); + DistributionPointName.getInstance(null); + DSAParameter.getInstance(null); + DSAParameter.getInstance(null); + ExtendedKeyUsage.getInstance(null); + ExtendedKeyUsage.getInstance(null); + Extensions.getInstance(null); + Extensions.getInstance(null); + GeneralName.getInstance(null); + GeneralName.getInstance(null); + GeneralNames.getInstance(null); + GeneralNames.getInstance(null); + + GeneralSubtree generalSubtree = new GeneralSubtree(new GeneralName(new X500Name("CN=Test"))); + ASN1ObjectIdentifier algOid = new ASN1ObjectIdentifier("1.2.1"); + ObjectDigestInfo objectDigestInfo = new ObjectDigestInfo(ObjectDigestInfo.otherObjectDigest, algOid, new AlgorithmIdentifier(algOid), new byte[20]); + + doFullGetInstanceTest(GeneralSubtree.class, generalSubtree); + doFullGetInstanceTest(Holder.class, new Holder(objectDigestInfo)); + IetfAttrSyntax.getInstance(null); + IssuerSerial.getInstance(null); + IssuerSerial.getInstance(null); + IssuingDistributionPoint.getInstance(null); + IssuingDistributionPoint.getInstance(null); + DERBitString.getInstance(null); + + v.clear(); + v.add(generalSubtree); + + doFullGetInstanceTest(NameConstraints.class, new NameConstraints(null, null)); + doFullGetInstanceTest(NoticeReference.class, noticeReference); + doFullGetInstanceTest(ObjectDigestInfo.class, objectDigestInfo); + + PolicyInformation.getInstance(null); + PolicyMappings.getInstance(null); + PolicyQualifierInfo.getInstance(null); + PrivateKeyUsagePeriod.getInstance(null); + doFullGetInstanceTest(RoleSyntax.class, new RoleSyntax(new GeneralNames(new GeneralName(new X500Name("CN=Test"))), new GeneralName(GeneralName.uniformResourceIdentifier, "http://bc"))); + RSAPublicKeyStructure.getInstance(null); + RSAPublicKeyStructure.getInstance(null); + SubjectDirectoryAttributes.getInstance(null); + SubjectKeyIdentifier.getInstance(null); + SubjectKeyIdentifier.getInstance(null); + SubjectPublicKeyInfo.getInstance(null); + SubjectPublicKeyInfo.getInstance(null); + TargetInformation.getInstance(null); + Target.getInstance(null); + Targets.getInstance(null); + TBSCertificate.getInstance(null); + TBSCertificate.getInstance(null); + TBSCertificateStructure.getInstance(null); + TBSCertificateStructure.getInstance(null); + TBSCertList.CRLEntry.getInstance(null); + TBSCertList.getInstance(null); + TBSCertList.getInstance(null); + Time.getInstance(null); + Time.getInstance(null); + doFullGetInstanceTest(UserNotice.class, new UserNotice(noticeReference, "hello world")); + V2Form.getInstance(null); + V2Form.getInstance(null); + X509CertificateStructure.getInstance(null); + X509CertificateStructure.getInstance(null); + X509Extensions.getInstance(null); + X509Extensions.getInstance(null); + X509Name.getInstance(null); + X509Name.getInstance(null); + DHDomainParameters.getInstance(null); + DHDomainParameters.getInstance(null); + DHPublicKey.getInstance(null); + DHPublicKey.getInstance(null); + DHValidationParms.getInstance(null); + DHValidationParms.getInstance(null); + X962Parameters.getInstance(null); + X962Parameters.getInstance(null); + X9ECParameters.getInstance(null); + MQVuserKeyingMaterial.getInstance(null); + MQVuserKeyingMaterial.getInstance(null); + CertHash.getInstance(null); + RequestedCertificate.getInstance(null); + RequestedCertificate.getInstance(null); + AdditionalInformationSyntax.getInstance(null); + Admissions.getInstance(null); + AdmissionSyntax.getInstance(null); + DeclarationOfMajority.getInstance(null); + MonetaryLimit.getInstance(null); + NamingAuthority.getInstance(null); + NamingAuthority.getInstance(null); + ProcurationSyntax.getInstance(null); + ProfessionInfo.getInstance(null); + Restriction.getInstance(null); + BiometricData.getInstance(null); + Iso4217CurrencyCode.getInstance(null); + MonetaryValue.getInstance(null); + QCStatement.getInstance(null); + SemanticsInformation.getInstance(null); + TypeOfBiometricData.getInstance(null); + NameOrPseudonym.getInstance(null); + PersonalData.getInstance(null); + } + + public String getName() + { + return "GetInstanceNullTest"; + } +} diff --git a/bcprov/src/main/java/org/bouncycastle/asn1/test/InputStreamTest.java b/bcprov/src/main/java/org/bouncycastle/asn1/test/InputStreamTest.java new file mode 100644 index 00000000..819d285f --- /dev/null +++ b/bcprov/src/main/java/org/bouncycastle/asn1/test/InputStreamTest.java @@ -0,0 +1,75 @@ +package org.bouncycastle.asn1.test; + +import java.io.IOException; + +import org.bouncycastle.asn1.ASN1InputStream; +import org.bouncycastle.util.test.SimpleTest; + +public class InputStreamTest + extends SimpleTest +{ + private static final byte[] outOfBoundsLength = new byte[] { (byte)0x30, (byte)0xff, (byte)0xff, (byte)0xff, (byte)0xff, (byte)0xff }; + private static final byte[] negativeLength = new byte[] { (byte)0x30, (byte)0x84, (byte)0xff, (byte)0xff, (byte)0xff, (byte)0xff }; + private static final byte[] outsideLimitLength = new byte[] { (byte)0x30, (byte)0x83, (byte)0x0f, (byte)0xff, (byte)0xff }; + + + public String getName() + { + return "InputStream"; + } + + public void performTest() + throws Exception + { + ASN1InputStream aIn = new ASN1InputStream(outOfBoundsLength); + + try + { + aIn.readObject(); + fail("out of bounds length not detected."); + } + catch (IOException e) + { + if (!e.getMessage().startsWith("DER length more than 4 bytes")) + { + fail("wrong exception: " + e.getMessage()); + } + } + + aIn = new ASN1InputStream(negativeLength); + + try + { + aIn.readObject(); + fail("negative length not detected."); + } + catch (IOException e) + { + if (!e.getMessage().equals("corrupted stream - negative length found")) + { + fail("wrong exception: " + e.getMessage()); + } + } + + aIn = new ASN1InputStream(outsideLimitLength); + + try + { + aIn.readObject(); + fail("outside limit length not detected."); + } + catch (IOException e) + { + if (!e.getMessage().equals("corrupted stream - out of bounds length found")) + { + fail("wrong exception: " + e.getMessage()); + } + } + } + + public static void main( + String[] args) + { + runTest(new InputStreamTest()); + } +} diff --git a/bcprov/src/main/java/org/bouncycastle/asn1/test/Iso4217CurrencyCodeUnitTest.java b/bcprov/src/main/java/org/bouncycastle/asn1/test/Iso4217CurrencyCodeUnitTest.java new file mode 100644 index 00000000..9a1d6a87 --- /dev/null +++ b/bcprov/src/main/java/org/bouncycastle/asn1/test/Iso4217CurrencyCodeUnitTest.java @@ -0,0 +1,142 @@ +package org.bouncycastle.asn1.test; + +import org.bouncycastle.asn1.ASN1Primitive; +import org.bouncycastle.asn1.x509.qualified.Iso4217CurrencyCode; +import org.bouncycastle.util.test.SimpleTest; + +public class Iso4217CurrencyCodeUnitTest + extends SimpleTest +{ + private static final String ALPHABETIC_CURRENCY_CODE = "AUD"; + private static final int NUMERIC_CURRENCY_CODE = 1; + + public String getName() + { + return "Iso4217CurrencyCode"; + } + + public void performTest() + throws Exception + { + // + // alphabetic + // + Iso4217CurrencyCode cc = new Iso4217CurrencyCode(ALPHABETIC_CURRENCY_CODE); + + checkNumeric(cc, ALPHABETIC_CURRENCY_CODE); + + cc = Iso4217CurrencyCode.getInstance(cc); + + checkNumeric(cc, ALPHABETIC_CURRENCY_CODE); + + ASN1Primitive obj = cc.toASN1Object(); + + cc = Iso4217CurrencyCode.getInstance(obj); + + checkNumeric(cc, ALPHABETIC_CURRENCY_CODE); + + // + // numeric + // + cc = new Iso4217CurrencyCode(NUMERIC_CURRENCY_CODE); + + checkNumeric(cc, NUMERIC_CURRENCY_CODE); + + cc = Iso4217CurrencyCode.getInstance(cc); + + checkNumeric(cc, NUMERIC_CURRENCY_CODE); + + obj = cc.toASN1Object(); + + cc = Iso4217CurrencyCode.getInstance(obj); + + checkNumeric(cc, NUMERIC_CURRENCY_CODE); + + cc = Iso4217CurrencyCode.getInstance(null); + + if (cc != null) + { + fail("null getInstance() failed."); + } + + try + { + Iso4217CurrencyCode.getInstance(new Object()); + + fail("getInstance() failed to detect bad object."); + } + catch (IllegalArgumentException e) + { + // expected + } + + try + { + new Iso4217CurrencyCode("ABCD"); + + fail("constructor failed to detect out of range currencycode."); + } + catch (IllegalArgumentException e) + { + // expected + } + + try + { + new Iso4217CurrencyCode(0); + + fail("constructor failed to detect out of range small numeric code."); + } + catch (IllegalArgumentException e) + { + // expected + } + + try + { + new Iso4217CurrencyCode(1000); + + fail("constructor failed to detect out of range large numeric code."); + } + catch (IllegalArgumentException e) + { + // expected + } + } + + private void checkNumeric( + Iso4217CurrencyCode cc, + String code) + { + if (!cc.isAlphabetic()) + { + fail("non-alphabetic code found when one expected."); + } + + if (!cc.getAlphabetic().equals(code)) + { + fail("string codes don't match."); + } + } + + private void checkNumeric( + Iso4217CurrencyCode cc, + int code) + { + if (cc.isAlphabetic()) + { + fail("alphabetic code found when one not expected."); + } + + if (cc.getNumeric() != code) + { + fail("numeric codes don't match."); + } + } + + public static void main( + String[] args) + { + runTest(new Iso4217CurrencyCodeUnitTest()); + } +} diff --git a/bcprov/src/main/java/org/bouncycastle/asn1/test/IssuingDistributionPointUnitTest.java b/bcprov/src/main/java/org/bouncycastle/asn1/test/IssuingDistributionPointUnitTest.java new file mode 100644 index 00000000..3f27f191 --- /dev/null +++ b/bcprov/src/main/java/org/bouncycastle/asn1/test/IssuingDistributionPointUnitTest.java @@ -0,0 +1,122 @@ +package org.bouncycastle.asn1.test; + +import java.io.IOException; + +import org.bouncycastle.asn1.ASN1Primitive; +import org.bouncycastle.asn1.ASN1Sequence; +import org.bouncycastle.asn1.x509.DistributionPointName; +import org.bouncycastle.asn1.x509.GeneralName; +import org.bouncycastle.asn1.x509.GeneralNames; +import org.bouncycastle.asn1.x509.IssuingDistributionPoint; +import org.bouncycastle.asn1.x509.ReasonFlags; +import org.bouncycastle.asn1.x509.X509Name; +import org.bouncycastle.util.test.SimpleTest; + +public class IssuingDistributionPointUnitTest + extends SimpleTest +{ + public String getName() + { + return "IssuingDistributionPoint"; + } + + public void performTest() + throws Exception + { + DistributionPointName name = new DistributionPointName( + new GeneralNames(new GeneralName(new X509Name("cn=test")))); + ReasonFlags reasonFlags = new ReasonFlags(ReasonFlags.cACompromise); + + checkPoint(6, name, true, true, reasonFlags, true, true); + + checkPoint(2, name, false, false, reasonFlags, false, false); + + checkPoint(0, null, false, false, null, false, false); + + try + { + IssuingDistributionPoint.getInstance(new Object()); + + fail("getInstance() failed to detect bad object."); + } + catch (IllegalArgumentException e) + { + // expected + } + } + + private void checkPoint( + int size, + DistributionPointName distributionPoint, + boolean onlyContainsUserCerts, + boolean onlyContainsCACerts, + ReasonFlags onlySomeReasons, + boolean indirectCRL, + boolean onlyContainsAttributeCerts) + throws IOException + { + IssuingDistributionPoint point = new IssuingDistributionPoint(distributionPoint, onlyContainsUserCerts, onlyContainsCACerts, onlySomeReasons, indirectCRL, onlyContainsAttributeCerts); + + checkValues(point, distributionPoint, onlyContainsUserCerts, onlyContainsCACerts, onlySomeReasons, indirectCRL, onlyContainsAttributeCerts); + + ASN1Sequence seq = ASN1Sequence.getInstance(ASN1Primitive.fromByteArray(point.getEncoded())); + + if (seq.size() != size) + { + fail("size mismatch"); + } + + point = IssuingDistributionPoint.getInstance(seq); + + checkValues(point, distributionPoint, onlyContainsUserCerts, onlyContainsCACerts, onlySomeReasons, indirectCRL, onlyContainsAttributeCerts); + } + + private void checkValues(IssuingDistributionPoint point, DistributionPointName distributionPoint, boolean onlyContainsUserCerts, boolean onlyContainsCACerts, ReasonFlags onlySomeReasons, boolean indirectCRL, boolean onlyContainsAttributeCerts) + { + if (point.onlyContainsUserCerts() != onlyContainsUserCerts) + { + fail("mismatch on onlyContainsUserCerts"); + } + + if (point.onlyContainsCACerts() != onlyContainsCACerts) + { + fail("mismatch on onlyContainsCACerts"); + } + + if (point.isIndirectCRL() != indirectCRL) + { + fail("mismatch on indirectCRL"); + } + + if (point.onlyContainsAttributeCerts() != onlyContainsAttributeCerts) + { + fail("mismatch on onlyContainsAttributeCerts"); + } + + if (!isEquiv(onlySomeReasons, point.getOnlySomeReasons())) + { + fail("mismatch on onlySomeReasons"); + } + + if (!isEquiv(distributionPoint, point.getDistributionPoint())) + { + fail("mismatch on distributionPoint"); + } + } + + private boolean isEquiv(Object o1, Object o2) + { + if (o1 == null) + { + return o2 == null; + } + + return o1.equals(o2); + } + + public static void main( + String[] args) + { + runTest(new IssuingDistributionPointUnitTest()); + } +}
\ No newline at end of file diff --git a/bcprov/src/main/java/org/bouncycastle/asn1/test/KeyUsageTest.java b/bcprov/src/main/java/org/bouncycastle/asn1/test/KeyUsageTest.java new file mode 100644 index 00000000..f5c90cd0 --- /dev/null +++ b/bcprov/src/main/java/org/bouncycastle/asn1/test/KeyUsageTest.java @@ -0,0 +1,55 @@ +package org.bouncycastle.asn1.test; + +import java.io.IOException; + +import org.bouncycastle.asn1.x509.KeyUsage; +import org.bouncycastle.util.test.SimpleTest; + +public class KeyUsageTest + extends SimpleTest +{ + public String getName() + { + return "KeyUsage"; + } + + public void performTest() + throws IOException + { + BitStringConstantTester.testFlagValueCorrect(0, KeyUsage.digitalSignature); + BitStringConstantTester.testFlagValueCorrect(1, KeyUsage.nonRepudiation); + BitStringConstantTester.testFlagValueCorrect(2, KeyUsage.keyEncipherment); + BitStringConstantTester.testFlagValueCorrect(3, KeyUsage.dataEncipherment); + BitStringConstantTester.testFlagValueCorrect(4, KeyUsage.keyAgreement); + BitStringConstantTester.testFlagValueCorrect(5, KeyUsage.keyCertSign); + BitStringConstantTester.testFlagValueCorrect(6, KeyUsage.cRLSign); + BitStringConstantTester.testFlagValueCorrect(7, KeyUsage.encipherOnly); + BitStringConstantTester.testFlagValueCorrect(8, KeyUsage.decipherOnly); + + if (!new KeyUsage(KeyUsage.keyCertSign).hasUsages(KeyUsage.keyCertSign)) + { + fail("usages bit test failed 1"); + } + + if (new KeyUsage(KeyUsage.cRLSign).hasUsages(KeyUsage.keyCertSign)) + { + fail("usages bit test failed 2"); + } + + if (!new KeyUsage(KeyUsage.cRLSign | KeyUsage.decipherOnly).hasUsages(KeyUsage.cRLSign | KeyUsage.decipherOnly)) + { + fail("usages bit test failed 3"); + } + + if (new KeyUsage(KeyUsage.cRLSign | KeyUsage.decipherOnly).hasUsages(KeyUsage.cRLSign | KeyUsage.decipherOnly | KeyUsage.keyCertSign)) + { + fail("usages bit test failed 4"); + } + } + + public static void main( + String[] args) + { + runTest(new KeyUsageTest()); + } +} diff --git a/bcprov/src/main/java/org/bouncycastle/asn1/test/LDSSecurityObjectUnitTest.java b/bcprov/src/main/java/org/bouncycastle/asn1/test/LDSSecurityObjectUnitTest.java new file mode 100644 index 00000000..3c7cd5fc --- /dev/null +++ b/bcprov/src/main/java/org/bouncycastle/asn1/test/LDSSecurityObjectUnitTest.java @@ -0,0 +1,214 @@ +package org.bouncycastle.asn1.test; + +import java.io.IOException; +import java.util.Random; + +import org.bouncycastle.asn1.ASN1EncodableVector; +import org.bouncycastle.asn1.ASN1InputStream; +import org.bouncycastle.asn1.ASN1Sequence; +import org.bouncycastle.asn1.DEROctetString; +import org.bouncycastle.asn1.DERSequence; +import org.bouncycastle.asn1.icao.DataGroupHash; +import org.bouncycastle.asn1.icao.LDSSecurityObject; +import org.bouncycastle.asn1.icao.LDSVersionInfo; +import org.bouncycastle.asn1.x509.AlgorithmIdentifier; +import org.bouncycastle.util.test.SimpleTest; + +public class LDSSecurityObjectUnitTest + extends SimpleTest +{ + public String getName() + { + return "LDSSecurityObject"; + } + + private byte[] generateHash() + { + Random rand = new Random(); + byte[] bytes = new byte[20]; + + for (int i = 0; i != bytes.length; i++) + { + bytes[i] = (byte)rand.nextInt(); + } + + return bytes; + } + + public void performTest() + throws Exception + { + AlgorithmIdentifier algoId = new AlgorithmIdentifier("1.3.14.3.2.26"); + DataGroupHash[] datas = new DataGroupHash[2]; + + datas[0] = new DataGroupHash(1, new DEROctetString(generateHash())); + datas[1] = new DataGroupHash(2, new DEROctetString(generateHash())); + + LDSSecurityObject so = new LDSSecurityObject(algoId, datas); + + checkConstruction(so, algoId, datas); + + LDSVersionInfo versionInfo = new LDSVersionInfo("Hello", "world"); + + so = new LDSSecurityObject(algoId, datas, versionInfo); + + checkConstruction(so, algoId, datas, versionInfo); + + try + { + LDSSecurityObject.getInstance(null); + } + catch (Exception e) + { + fail("getInstance() failed to handle null."); + } + + try + { + LDSSecurityObject.getInstance(new Object()); + + fail("getInstance() failed to detect bad object."); + } + catch (IllegalArgumentException e) + { + // expected + } + + try + { + ASN1EncodableVector v = new ASN1EncodableVector(); + + LDSSecurityObject.getInstance(new DERSequence(v)); + + fail("constructor failed to detect empty sequence."); + } + catch (IllegalArgumentException e) + { + // expected + } + + try + { + new LDSSecurityObject(algoId, new DataGroupHash[1]); + + fail("constructor failed to detect small DataGroupHash array."); + } + catch (IllegalArgumentException e) + { + // expected + } + + try + { + new LDSSecurityObject(algoId, new DataGroupHash[LDSSecurityObject.ub_DataGroups + 1]); + + fail("constructor failed to out of bounds DataGroupHash array."); + } + catch (IllegalArgumentException e) + { + // expected + } + } + + private void checkConstruction( + LDSSecurityObject so, + AlgorithmIdentifier digestAlgorithmIdentifier, + DataGroupHash[] datagroupHash) + throws IOException + { + checkStatement(so, digestAlgorithmIdentifier, datagroupHash, null); + + so = LDSSecurityObject.getInstance(so); + + checkStatement(so, digestAlgorithmIdentifier, datagroupHash, null); + + ASN1InputStream aIn = new ASN1InputStream(so.toASN1Object().getEncoded()); + + ASN1Sequence seq = (ASN1Sequence)aIn.readObject(); + + so = LDSSecurityObject.getInstance(seq); + + checkStatement(so, digestAlgorithmIdentifier, datagroupHash, null); + } + + private void checkConstruction( + LDSSecurityObject so, + AlgorithmIdentifier digestAlgorithmIdentifier, + DataGroupHash[] datagroupHash, + LDSVersionInfo versionInfo) + throws IOException + { + if (so.getVersion() != 1) + { + fail("version number not 1"); + } + + checkStatement(so, digestAlgorithmIdentifier, datagroupHash, versionInfo); + + so = LDSSecurityObject.getInstance(so); + + checkStatement(so, digestAlgorithmIdentifier, datagroupHash, versionInfo); + + ASN1InputStream aIn = new ASN1InputStream(so.toASN1Object().getEncoded()); + + ASN1Sequence seq = (ASN1Sequence)aIn.readObject(); + + so = LDSSecurityObject.getInstance(seq); + + checkStatement(so, digestAlgorithmIdentifier, datagroupHash, versionInfo); + } + + private void checkStatement( + LDSSecurityObject so, + AlgorithmIdentifier digestAlgorithmIdentifier, + DataGroupHash[] datagroupHash, + LDSVersionInfo versionInfo) + { + if (digestAlgorithmIdentifier != null) + { + if (!so.getDigestAlgorithmIdentifier().equals(digestAlgorithmIdentifier)) + { + fail("ids don't match."); + } + } + else if (so.getDigestAlgorithmIdentifier() != null) + { + fail("digest algorithm Id found when none expected."); + } + + if (datagroupHash != null) + { + DataGroupHash[] datas = so.getDatagroupHash(); + + for (int i = 0; i != datas.length; i++) + { + if (!datagroupHash[i].equals(datas[i])) + { + fail("name registration authorities don't match."); + } + } + } + else if (so.getDatagroupHash() != null) + { + fail("data hash groups found when none expected."); + } + + if (versionInfo != null) + { + if (!versionInfo.equals(so.getVersionInfo())) + { + fail("versionInfo doesn't match"); + } + } + else if (so.getVersionInfo() != null) + { + fail("version info found when none expected."); + } + } + + public static void main( + String[] args) + { + runTest(new LDSSecurityObjectUnitTest()); + } +} diff --git a/bcprov/src/main/java/org/bouncycastle/asn1/test/MiscTest.java b/bcprov/src/main/java/org/bouncycastle/asn1/test/MiscTest.java new file mode 100644 index 00000000..2a5f09a7 --- /dev/null +++ b/bcprov/src/main/java/org/bouncycastle/asn1/test/MiscTest.java @@ -0,0 +1,113 @@ +package org.bouncycastle.asn1.test; + +import java.io.ByteArrayInputStream; +import java.io.ByteArrayOutputStream; + +import org.bouncycastle.asn1.ASN1Encodable; +import org.bouncycastle.asn1.ASN1InputStream; +import org.bouncycastle.asn1.ASN1OutputStream; +import org.bouncycastle.asn1.ASN1Primitive; +import org.bouncycastle.asn1.DERIA5String; +import org.bouncycastle.asn1.misc.CAST5CBCParameters; +import org.bouncycastle.asn1.misc.IDEACBCPar; +import org.bouncycastle.asn1.misc.NetscapeCertType; +import org.bouncycastle.asn1.misc.NetscapeRevocationURL; +import org.bouncycastle.asn1.misc.VerisignCzagExtension; +import org.bouncycastle.util.encoders.Base64; +import org.bouncycastle.util.test.SimpleTestResult; +import org.bouncycastle.util.test.Test; +import org.bouncycastle.util.test.TestResult; + +public class MiscTest + implements Test +{ + private boolean isSameAs( + byte[] a, + byte[] b) + { + if (a.length != b.length) + { + return false; + } + + for (int i = 0; i != a.length; i++) + { + if (a[i] != b[i]) + { + return false; + } + } + + return true; + } + + public TestResult perform() + { + byte[] testIv = { 1, 2, 3, 4, 5, 6, 7, 8 }; + + ASN1Encodable[] values = { + new CAST5CBCParameters(testIv, 128), + new NetscapeCertType(NetscapeCertType.smime), + new VerisignCzagExtension(new DERIA5String("hello")), + new IDEACBCPar(testIv), + new NetscapeRevocationURL(new DERIA5String("http://test")) + }; + + byte[] data = Base64.decode("MA4ECAECAwQFBgcIAgIAgAMCBSAWBWhlbGxvMAoECAECAwQFBgcIFgtodHRwOi8vdGVzdA=="); + + try + { + ByteArrayOutputStream bOut = new ByteArrayOutputStream(); + ASN1OutputStream aOut = new ASN1OutputStream(bOut); + + for (int i = 0; i != values.length; i++) + { + aOut.writeObject(values[i]); + } + + ASN1Primitive[] readValues = new ASN1Primitive[values.length]; + + if (!isSameAs(bOut.toByteArray(), data)) + { + return new SimpleTestResult(false, getName() + ": Failed data check"); + } + + ByteArrayInputStream bIn = new ByteArrayInputStream(bOut.toByteArray()); + ASN1InputStream aIn = new ASN1InputStream(bIn); + + for (int i = 0; i != values.length; i++) + { + ASN1Primitive o = aIn.readObject(); + if (!values[i].equals(o)) + { + return new SimpleTestResult(false, getName() + ": Failed equality test for " + o); + } + + if (o.hashCode() != values[i].hashCode()) + { + return new SimpleTestResult(false, getName() + ": Failed hashCode test for " + o); + } + } + + return new SimpleTestResult(true, getName() + ": Okay"); + } + catch (Exception e) + { + return new SimpleTestResult(false, getName() + ": Failed - exception " + e.toString(), e); + } + } + + public String getName() + { + return "Misc"; + } + + public static void main( + String[] args) + { + MiscTest test = new MiscTest(); + TestResult result = test.perform(); + + System.out.println(result); + } +} diff --git a/bcprov/src/main/java/org/bouncycastle/asn1/test/MonetaryLimitUnitTest.java b/bcprov/src/main/java/org/bouncycastle/asn1/test/MonetaryLimitUnitTest.java new file mode 100644 index 00000000..8456661a --- /dev/null +++ b/bcprov/src/main/java/org/bouncycastle/asn1/test/MonetaryLimitUnitTest.java @@ -0,0 +1,85 @@ +package org.bouncycastle.asn1.test; + +import org.bouncycastle.asn1.ASN1InputStream; +import org.bouncycastle.asn1.ASN1Sequence; +import org.bouncycastle.asn1.isismtt.x509.MonetaryLimit; + +import java.io.IOException; + +public class MonetaryLimitUnitTest + extends ASN1UnitTest +{ + public String getName() + { + return "MonetaryLimit"; + } + + public void performTest() + throws Exception + { + String currency = "AUD"; + int amount = 1; + int exponent = 2; + + MonetaryLimit limit = new MonetaryLimit(currency, amount, exponent); + + checkConstruction(limit, currency, amount, exponent); + + limit = MonetaryLimit.getInstance(null); + + if (limit != null) + { + fail("null getInstance() failed."); + } + + try + { + MonetaryLimit.getInstance(new Object()); + + fail("getInstance() failed to detect bad object."); + } + catch (IllegalArgumentException e) + { + // expected + } + } + + private void checkConstruction( + MonetaryLimit limit, + String currency, + int amount, + int exponent) + throws IOException + { + checkValues(limit, currency, amount, exponent); + + limit = MonetaryLimit.getInstance(limit); + + checkValues(limit, currency, amount, exponent); + + ASN1InputStream aIn = new ASN1InputStream(limit.toASN1Object().getEncoded()); + + ASN1Sequence seq = (ASN1Sequence)aIn.readObject(); + + limit = MonetaryLimit.getInstance(seq); + + checkValues(limit, currency, amount, exponent); + } + + private void checkValues( + MonetaryLimit limit, + String currency, + int amount, + int exponent) + { + checkMandatoryField("currency", currency, limit.getCurrency()); + checkMandatoryField("amount", amount, limit.getAmount().intValue()); + checkMandatoryField("exponent", exponent, limit.getExponent().intValue()); + } + + public static void main( + String[] args) + { + runTest(new MonetaryLimitUnitTest()); + } +} diff --git a/bcprov/src/main/java/org/bouncycastle/asn1/test/MonetaryValueUnitTest.java b/bcprov/src/main/java/org/bouncycastle/asn1/test/MonetaryValueUnitTest.java new file mode 100644 index 00000000..dd564693 --- /dev/null +++ b/bcprov/src/main/java/org/bouncycastle/asn1/test/MonetaryValueUnitTest.java @@ -0,0 +1,88 @@ +package org.bouncycastle.asn1.test; + +import org.bouncycastle.asn1.ASN1InputStream; +import org.bouncycastle.asn1.ASN1Sequence; +import org.bouncycastle.asn1.x509.qualified.Iso4217CurrencyCode; +import org.bouncycastle.asn1.x509.qualified.MonetaryValue; +import org.bouncycastle.util.test.SimpleTest; + +public class MonetaryValueUnitTest + extends SimpleTest +{ + private static final int TEST_AMOUNT = 100; + private static final int ZERO_EXPONENT = 0; + + private static final String CURRENCY_CODE = "AUD"; + + public String getName() + { + return "MonetaryValue"; + } + + public void performTest() + throws Exception + { + MonetaryValue mv = new MonetaryValue(new Iso4217CurrencyCode(CURRENCY_CODE), TEST_AMOUNT, ZERO_EXPONENT); + + checkValues(mv, TEST_AMOUNT, ZERO_EXPONENT); + + mv = MonetaryValue.getInstance(mv); + + checkValues(mv, TEST_AMOUNT, ZERO_EXPONENT); + + ASN1InputStream aIn = new ASN1InputStream(mv.toASN1Object().getEncoded()); + + ASN1Sequence seq = (ASN1Sequence)aIn.readObject(); + + mv = MonetaryValue.getInstance(seq); + + checkValues(mv, TEST_AMOUNT, ZERO_EXPONENT); + + mv = MonetaryValue.getInstance(null); + + if (mv != null) + { + fail("null getInstance() failed."); + } + + try + { + MonetaryValue.getInstance(new Object()); + + fail("getInstance() failed to detect bad object."); + } + catch (IllegalArgumentException e) + { + // expected + } + } + + private void checkValues( + MonetaryValue mv, + int amount, + int exponent) + { + if (mv.getAmount().intValue() != amount) + { + fail("amounts don't match."); + } + + if (mv.getExponent().intValue() != exponent) + { + fail("exponents don't match."); + } + + Iso4217CurrencyCode cc = mv.getCurrency(); + + if (!cc.getAlphabetic().equals(CURRENCY_CODE)) + { + fail("currency code wrong"); + } + } + + public static void main( + String[] args) + { + runTest(new MonetaryValueUnitTest()); + } +} diff --git a/bcprov/src/main/java/org/bouncycastle/asn1/test/NameOrPseudonymUnitTest.java b/bcprov/src/main/java/org/bouncycastle/asn1/test/NameOrPseudonymUnitTest.java new file mode 100644 index 00000000..3fbaa10a --- /dev/null +++ b/bcprov/src/main/java/org/bouncycastle/asn1/test/NameOrPseudonymUnitTest.java @@ -0,0 +1,108 @@ +package org.bouncycastle.asn1.test; + +import java.io.IOException; + +import org.bouncycastle.asn1.ASN1InputStream; +import org.bouncycastle.asn1.ASN1Sequence; +import org.bouncycastle.asn1.ASN1String; +import org.bouncycastle.asn1.DERSequence; +import org.bouncycastle.asn1.x500.DirectoryString; +import org.bouncycastle.asn1.x509.sigi.NameOrPseudonym; + +public class NameOrPseudonymUnitTest + extends ASN1UnitTest +{ + public String getName() + { + return "NameOrPseudonym"; + } + + public void performTest() + throws Exception + { + String pseudonym = "pseudonym"; + DirectoryString surname = new DirectoryString("surname"); + ASN1Sequence givenName = new DERSequence(new DirectoryString("givenName")); + + NameOrPseudonym id = new NameOrPseudonym(pseudonym); + + checkConstruction(id, pseudonym, null, null); + + id = new NameOrPseudonym(surname, givenName); + + checkConstruction(id, null, surname, givenName); + + id = NameOrPseudonym.getInstance(null); + + if (id != null) + { + fail("null getInstance() failed."); + } + + try + { + NameOrPseudonym.getInstance(new Object()); + + fail("getInstance() failed to detect bad object."); + } + catch (IllegalArgumentException e) + { + // expected + } + } + + private void checkConstruction( + NameOrPseudonym id, + String pseudonym, + DirectoryString surname, + ASN1Sequence givenName) + throws IOException + { + checkValues(id, pseudonym, surname, givenName); + + id = NameOrPseudonym.getInstance(id); + + checkValues(id, pseudonym, surname, givenName); + + ASN1InputStream aIn = new ASN1InputStream(id.toASN1Object().getEncoded()); + + if (surname != null) + { + ASN1Sequence seq = (ASN1Sequence)aIn.readObject(); + + id = NameOrPseudonym.getInstance(seq); + } + else + { + ASN1String s = (ASN1String)aIn.readObject(); + + id = NameOrPseudonym.getInstance(s); + } + + checkValues(id, pseudonym, surname, givenName); + } + + private void checkValues( + NameOrPseudonym id, + String pseudonym, + DirectoryString surname, + ASN1Sequence givenName) + { + + if (surname != null) + { + checkMandatoryField("surname", surname, id.getSurname()); + checkMandatoryField("givenName", givenName, new DERSequence(id.getGivenName()[0])); + } + else + { + checkOptionalField("pseudonym", new DirectoryString(pseudonym), id.getPseudonym()); + } + } + + public static void main( + String[] args) + { + runTest(new NameOrPseudonymUnitTest()); + } +} diff --git a/bcprov/src/main/java/org/bouncycastle/asn1/test/NamingAuthorityUnitTest.java b/bcprov/src/main/java/org/bouncycastle/asn1/test/NamingAuthorityUnitTest.java new file mode 100644 index 00000000..8dfcf8cd --- /dev/null +++ b/bcprov/src/main/java/org/bouncycastle/asn1/test/NamingAuthorityUnitTest.java @@ -0,0 +1,99 @@ +package org.bouncycastle.asn1.test; + +import java.io.IOException; + +import org.bouncycastle.asn1.ASN1InputStream; +import org.bouncycastle.asn1.ASN1ObjectIdentifier; +import org.bouncycastle.asn1.ASN1Sequence; +import org.bouncycastle.asn1.isismtt.x509.NamingAuthority; +import org.bouncycastle.asn1.x500.DirectoryString; + +public class NamingAuthorityUnitTest + extends ASN1UnitTest +{ + public String getName() + { + return "NamingAuthority"; + } + + public void performTest() + throws Exception + { + ASN1ObjectIdentifier namingAuthorityID = new ASN1ObjectIdentifier("1.2.3"); + String namingAuthorityURL = "url"; + DirectoryString namingAuthorityText = new DirectoryString("text"); + + NamingAuthority auth = new NamingAuthority(namingAuthorityID, namingAuthorityURL, namingAuthorityText); + + checkConstruction(auth, namingAuthorityID, namingAuthorityURL, namingAuthorityText); + + auth = new NamingAuthority(null, namingAuthorityURL, namingAuthorityText); + + checkConstruction(auth, null, namingAuthorityURL, namingAuthorityText); + + auth = new NamingAuthority(namingAuthorityID, null, namingAuthorityText); + + checkConstruction(auth, namingAuthorityID, null, namingAuthorityText); + + auth = new NamingAuthority(namingAuthorityID, namingAuthorityURL, null); + + checkConstruction(auth, namingAuthorityID, namingAuthorityURL, null); + + auth = NamingAuthority.getInstance(null); + + if (auth != null) + { + fail("null getInstance() failed."); + } + + try + { + NamingAuthority.getInstance(new Object()); + + fail("getInstance() failed to detect bad object."); + } + catch (IllegalArgumentException e) + { + // expected + } + } + + private void checkConstruction( + NamingAuthority auth, + ASN1ObjectIdentifier namingAuthorityID, + String namingAuthorityURL, + DirectoryString namingAuthorityText) + throws IOException + { + checkValues(auth, namingAuthorityID, namingAuthorityURL, namingAuthorityText); + + auth = NamingAuthority.getInstance(auth); + + checkValues(auth, namingAuthorityID, namingAuthorityURL, namingAuthorityText); + + ASN1InputStream aIn = new ASN1InputStream(auth.toASN1Object().getEncoded()); + + ASN1Sequence seq = (ASN1Sequence)aIn.readObject(); + + auth = NamingAuthority.getInstance(seq); + + checkValues(auth, namingAuthorityID, namingAuthorityURL, namingAuthorityText); + } + + private void checkValues( + NamingAuthority auth, + ASN1ObjectIdentifier namingAuthorityId, + String namingAuthorityURL, + DirectoryString namingAuthorityText) + { + checkOptionalField("namingAuthorityId", namingAuthorityId, auth.getNamingAuthorityId()); + checkOptionalField("namingAuthorityURL", namingAuthorityURL, auth.getNamingAuthorityUrl()); + checkOptionalField("namingAuthorityText", namingAuthorityText, auth.getNamingAuthorityText()); + } + + public static void main( + String[] args) + { + runTest(new NamingAuthorityUnitTest()); + } +} diff --git a/bcprov/src/main/java/org/bouncycastle/asn1/test/NetscapeCertTypeTest.java b/bcprov/src/main/java/org/bouncycastle/asn1/test/NetscapeCertTypeTest.java new file mode 100644 index 00000000..e5aa96ec --- /dev/null +++ b/bcprov/src/main/java/org/bouncycastle/asn1/test/NetscapeCertTypeTest.java @@ -0,0 +1,34 @@ +package org.bouncycastle.asn1.test; + +import java.io.IOException; + +import org.bouncycastle.asn1.misc.NetscapeCertType; +import org.bouncycastle.util.test.SimpleTest; + +public class NetscapeCertTypeTest + extends SimpleTest +{ + public String getName() + { + return "NetscapeCertType"; + } + + public void performTest() + throws IOException + { + BitStringConstantTester.testFlagValueCorrect(0, NetscapeCertType.sslClient); + BitStringConstantTester.testFlagValueCorrect(1, NetscapeCertType.sslServer); + BitStringConstantTester.testFlagValueCorrect(2, NetscapeCertType.smime); + BitStringConstantTester.testFlagValueCorrect(3, NetscapeCertType.objectSigning); + BitStringConstantTester.testFlagValueCorrect(4, NetscapeCertType.reserved); + BitStringConstantTester.testFlagValueCorrect(5, NetscapeCertType.sslCA); + BitStringConstantTester.testFlagValueCorrect(6, NetscapeCertType.smimeCA); + BitStringConstantTester.testFlagValueCorrect(7, NetscapeCertType.objectSigningCA); + } + + public static void main( + String[] args) + { + runTest(new NetscapeCertTypeTest()); + } +} diff --git a/bcprov/src/main/java/org/bouncycastle/asn1/test/OCSPTest.java b/bcprov/src/main/java/org/bouncycastle/asn1/test/OCSPTest.java new file mode 100644 index 00000000..ae1b035a --- /dev/null +++ b/bcprov/src/main/java/org/bouncycastle/asn1/test/OCSPTest.java @@ -0,0 +1,193 @@ +package org.bouncycastle.asn1.test; + +import java.io.ByteArrayInputStream; + +import org.bouncycastle.asn1.ASN1InputStream; +import org.bouncycastle.asn1.DEROctetString; +import org.bouncycastle.asn1.ocsp.BasicOCSPResponse; +import org.bouncycastle.asn1.ocsp.OCSPRequest; +import org.bouncycastle.asn1.ocsp.OCSPResponse; +import org.bouncycastle.asn1.ocsp.ResponseBytes; +import org.bouncycastle.util.encoders.Base64; +import org.bouncycastle.util.test.Test; +import org.bouncycastle.util.test.TestResult; +import org.bouncycastle.util.test.SimpleTestResult; + +public class OCSPTest + implements Test +{ + private byte[] unsignedReq = Base64.decode( + "MEIwQDA+MDwwOjAJBgUrDgMCGgUABBRDb9GODnq7lRhSkEqw4XX24huERwQUkY4j" + + "a6eKuDlkVP9hRgkEvIWqHPECAQE="); + + private byte[] signedReq = Base64.decode( + "MIIC9jBAMD4wPDA6MAkGBSsOAwIaBQAEFENv0Y4OeruVGFKQSrDhdfbiG4RHBBTc" + + "Mr1fP+mZAxbF2ZdehWxn6mtAngIBAaCCArAwggKsMA0GCSqGSIb3DQEBBQUAA4GB" + + "AAzHBm4nL5AcRQB3Jkz7ScNeZF+GbRZ0p4kBDTnqi3IeESuso12yJhpqqyijdnj5" + + "gd4/GsSAgdluLHyYZ6wgozV7G9MDXCnFnG4PBUW05HaVX81JYAp+amVyU0NOgNrG" + + "90npVBsHb0o+UlkxNgMiEbSkp/TeGb6YURsYKhmwp7BgoIICFTCCAhEwggINMIIB" + + "dqADAgECAgEBMA0GCSqGSIb3DQEBBAUAMCUxFjAUBgNVBAoTDUJvdW5jeSBDYXN0" + + "bGUxCzAJBgNVBAYTAkFVMB4XDTA0MTAyNDEzNDc0M1oXDTA1MDIwMTEzNDc0M1ow" + + "JTEWMBQGA1UEChMNQm91bmN5IENhc3RsZTELMAkGA1UEBhMCQVUwgZ8wDQYJKoZI" + + "hvcNAQEBBQADgY0AMIGJAoGBAJBmLeIzthMHUeTkOeJ76iBxcMHY31o/i3a9VT12" + + "y2FcS/ejJmeUCMTdtwl5alOwXY66vF4DyT1VU/nJG3mHpSoqq7qrMXOIFGcXg1Wf" + + "oJRrQgTOLdQ6bod7i9ME/EjEJy70orh0nVS7NGcu0R5TjcbLde2J5zxjb/W9wqfy" + + "RovJAgMBAAGjTTBLMB0GA1UdDgQWBBTcMr1fP+mZAxbF2ZdehWxn6mtAnjAfBgNV" + + "HSMEGDAWgBTcMr1fP+mZAxbF2ZdehWxn6mtAnjAJBgNVHRMEAjAAMA0GCSqGSIb3" + + "DQEBBAUAA4GBAF/4EH1KkNrNxocJPIp7lThmG1KIVYESIadowMowrbok46ESofRF" + + "OIPku07W+e1Y1Y1KXLIiPMG3IGwrBrn04iLsbbBUiN37BcC/VyT4xKJ2MYscGjKL" + + "ua/9bU0lOyeTRAwqb8towWRd5lLYAI3RQ7dhStUTFp3Vqd803PJ/cpR6"); + + private byte[] response = Base64.decode( + "MIIFnAoBAKCCBZUwggWRBgkrBgEFBQcwAQEEggWCMIIFfjCCARehgZ8wgZwx" + + "CzAJBgNVBAYTAklOMRcwFQYDVQQIEw5BbmRocmEgcHJhZGVzaDESMBAGA1UE" + + "BxMJSHlkZXJhYmFkMQwwCgYDVQQKEwNUQ1MxDDAKBgNVBAsTA0FUQzEeMBwG" + + "A1UEAxMVVENTLUNBIE9DU1AgUmVzcG9uZGVyMSQwIgYJKoZIhvcNAQkBFhVv" + + "Y3NwQHRjcy1jYS50Y3MuY28uaW4YDzIwMDMwNDAyMTIzNDU4WjBiMGAwOjAJ" + + "BgUrDgMCGgUABBRs07IuoCWNmcEl1oHwIak1BPnX8QQUtGyl/iL9WJ1VxjxF" + + "j0hAwJ/s1AcCAQKhERgPMjAwMjA4MjkwNzA5MjZaGA8yMDAzMDQwMjEyMzQ1" + + "OFowDQYJKoZIhvcNAQEFBQADgYEAfbN0TCRFKdhsmvOdUoiJ+qvygGBzDxD/" + + "VWhXYA+16AphHLIWNABR3CgHB3zWtdy2j7DJmQ/R7qKj7dUhWLSqclAiPgFt" + + "QQ1YvSJAYfEIdyHkxv4NP0LSogxrumANcDyC9yt/W9yHjD2ICPBIqCsZLuLk" + + "OHYi5DlwWe9Zm9VFwCGgggPMMIIDyDCCA8QwggKsoAMCAQICAQYwDQYJKoZI" + + "hvcNAQEFBQAwgZQxFDASBgNVBAMTC1RDUy1DQSBPQ1NQMSYwJAYJKoZIhvcN" + + "AQkBFhd0Y3MtY2FAdGNzLWNhLnRjcy5jby5pbjEMMAoGA1UEChMDVENTMQww" + + "CgYDVQQLEwNBVEMxEjAQBgNVBAcTCUh5ZGVyYWJhZDEXMBUGA1UECBMOQW5k" + + "aHJhIHByYWRlc2gxCzAJBgNVBAYTAklOMB4XDTAyMDgyOTA3MTE0M1oXDTAz" + + "MDgyOTA3MTE0M1owgZwxCzAJBgNVBAYTAklOMRcwFQYDVQQIEw5BbmRocmEg" + + "cHJhZGVzaDESMBAGA1UEBxMJSHlkZXJhYmFkMQwwCgYDVQQKEwNUQ1MxDDAK" + + "BgNVBAsTA0FUQzEeMBwGA1UEAxMVVENTLUNBIE9DU1AgUmVzcG9uZGVyMSQw" + + "IgYJKoZIhvcNAQkBFhVvY3NwQHRjcy1jYS50Y3MuY28uaW4wgZ8wDQYJKoZI" + + "hvcNAQEBBQADgY0AMIGJAoGBAM+XWW4caMRv46D7L6Bv8iwtKgmQu0SAybmF" + + "RJiz12qXzdvTLt8C75OdgmUomxp0+gW/4XlTPUqOMQWv463aZRv9Ust4f8MH" + + "EJh4ekP/NS9+d8vEO3P40ntQkmSMcFmtA9E1koUtQ3MSJlcs441JjbgUaVnm" + + "jDmmniQnZY4bU3tVAgMBAAGjgZowgZcwDAYDVR0TAQH/BAIwADALBgNVHQ8E" + + "BAMCB4AwEwYDVR0lBAwwCgYIKwYBBQUHAwkwNgYIKwYBBQUHAQEEKjAoMCYG" + + "CCsGAQUFBzABhhpodHRwOi8vMTcyLjE5LjQwLjExMDo3NzAwLzAtBgNVHR8E" + + "JjAkMCKgIKAehhxodHRwOi8vMTcyLjE5LjQwLjExMC9jcmwuY3JsMA0GCSqG" + + "SIb3DQEBBQUAA4IBAQB6FovM3B4VDDZ15o12gnADZsIk9fTAczLlcrmXLNN4" + + "PgmqgnwF0Ymj3bD5SavDOXxbA65AZJ7rBNAguLUo+xVkgxmoBH7R2sBxjTCc" + + "r07NEadxM3HQkt0aX5XYEl8eRoifwqYAI9h0ziZfTNes8elNfb3DoPPjqq6V" + + "mMg0f0iMS4W8LjNPorjRB+kIosa1deAGPhq0eJ8yr0/s2QR2/WFD5P4aXc8I" + + "KWleklnIImS3zqiPrq6tl2Bm8DZj7vXlTOwmraSQxUwzCKwYob1yGvNOUQTq" + + "pG6jxn7jgDawHU1+WjWQe4Q34/pWeGLysxTraMa+Ug9kPe+jy/qRX2xwvKBZ"); + + private boolean isSameAs( + byte[] a, + byte[] b) + { + if (a.length != b.length) + { + return false; + } + + for (int i = 0; i != a.length; i++) + { + if (a[i] != b[i]) + { + return false; + } + } + + return true; + } + + private TestResult unsignedRequest() + { + try + { + ASN1InputStream aIn = new ASN1InputStream(new ByteArrayInputStream(unsignedReq)); + OCSPRequest req = OCSPRequest.getInstance(aIn.readObject()); + + if (!isSameAs(req.getEncoded(), unsignedReq)) + { + return new SimpleTestResult(false, getName() + ": OCSP unsigned request failed to re-encode"); + } + + return new SimpleTestResult(true, getName() + ": Okay"); + } + catch (Exception e) + { + return new SimpleTestResult(false, getName() + ": failed unsigned exception - " + e.toString(), e); + } + } + + private TestResult signedRequest() + { + try + { + ASN1InputStream aIn = new ASN1InputStream(new ByteArrayInputStream(signedReq)); + OCSPRequest req = OCSPRequest.getInstance(aIn.readObject()); + + if (!isSameAs(req.getEncoded(), signedReq)) + { + return new SimpleTestResult(false, getName() + ": OCSP signed request failed to re-encode"); + } + + return new SimpleTestResult(true, getName() + ": Okay"); + } + catch (Exception e) + { + return new SimpleTestResult(false, getName() + ": failed signed exception - " + e.toString(), e); + } + } + + private TestResult response() + { + try + { + ASN1InputStream aIn = new ASN1InputStream(new ByteArrayInputStream(response)); + OCSPResponse resp = OCSPResponse.getInstance(aIn.readObject()); + ResponseBytes rBytes = ResponseBytes.getInstance(resp.getResponseBytes()); + + aIn = new ASN1InputStream(new ByteArrayInputStream(rBytes.getResponse().getOctets())); + + BasicOCSPResponse bResp = BasicOCSPResponse.getInstance(aIn.readObject()); + + resp = new OCSPResponse(resp.getResponseStatus(), new ResponseBytes(rBytes.getResponseType(), new DEROctetString(bResp.getEncoded()))); + + if (!isSameAs(resp.getEncoded(), response)) + { + return new SimpleTestResult(false, getName() + ": OCSP response failed to re-encode"); + } + + return new SimpleTestResult(true, getName() + ": Okay"); + } + catch (Exception e) + { + return new SimpleTestResult(false, getName() + ": failed response exception - " + e.toString(), e); + } + } + + public TestResult perform() + { + TestResult res = unsignedRequest(); + + if (!res.isSuccessful()) + { + return res; + } + + res = signedRequest(); + if (!res.isSuccessful()) + { + return res; + } + + return response(); + } + + public String getName() + { + return "OCSP"; + } + + public static void main( + String[] args) + { + OCSPTest test = new OCSPTest(); + TestResult result = test.perform(); + + System.out.println(result); + } +} diff --git a/bcprov/src/main/java/org/bouncycastle/asn1/test/OIDTest.java b/bcprov/src/main/java/org/bouncycastle/asn1/test/OIDTest.java new file mode 100644 index 00000000..fa5aa61b --- /dev/null +++ b/bcprov/src/main/java/org/bouncycastle/asn1/test/OIDTest.java @@ -0,0 +1,165 @@ +package org.bouncycastle.asn1.test; + +import java.io.ByteArrayInputStream; +import java.io.ByteArrayOutputStream; +import java.io.IOException; + +import org.bouncycastle.asn1.ASN1InputStream; +import org.bouncycastle.asn1.ASN1ObjectIdentifier; +import org.bouncycastle.asn1.ASN1OutputStream; +import org.bouncycastle.asn1.DEROutputStream; +import org.bouncycastle.asn1.pkcs.PKCSObjectIdentifiers; +import org.bouncycastle.util.encoders.Hex; +import org.bouncycastle.util.test.SimpleTest; + + +/** + * X.690 test example + */ +public class OIDTest + extends SimpleTest +{ + byte[] req1 = Hex.decode("0603813403"); + byte[] req2 = Hex.decode("06082A36FFFFFFDD6311"); + + public String getName() + { + return "OID"; + } + + private void recodeCheck( + String oid, + byte[] enc) + throws IOException + { + ByteArrayInputStream bIn = new ByteArrayInputStream(enc); + ASN1InputStream aIn = new ASN1InputStream(bIn); + + ASN1ObjectIdentifier o = new ASN1ObjectIdentifier(oid); + ASN1ObjectIdentifier encO = (ASN1ObjectIdentifier)aIn.readObject(); + + if (!o.equals(encO)) + { + fail("oid ID didn't match", o, encO); + } + + ByteArrayOutputStream bOut = new ByteArrayOutputStream(); + DEROutputStream dOut = new DEROutputStream(bOut); + + dOut.writeObject(o); + + byte[] bytes = bOut.toByteArray(); + + if (bytes.length != enc.length) + { + fail("failed length test"); + } + + for (int i = 0; i != enc.length; i++) + { + if (bytes[i] != enc[i]) + { + fail("failed comparison test", new String(Hex.encode(enc)), new String(Hex.encode(bytes))); + } + } + } + + private void validOidCheck( + String oid) + throws IOException + { + ASN1ObjectIdentifier o = new ASN1ObjectIdentifier(oid); + ByteArrayOutputStream bOut = new ByteArrayOutputStream(); + ASN1OutputStream aOut = new ASN1OutputStream(bOut); + + aOut.writeObject(o); + + ByteArrayInputStream bIn = new ByteArrayInputStream(bOut.toByteArray()); + ASN1InputStream aIn = new ASN1InputStream(bIn); + + o = (ASN1ObjectIdentifier)aIn.readObject(); + + if (!o.getId().equals(oid)) + { + fail("failed oid check for " + oid); + } + } + + private void invalidOidCheck( + String oid) + { + try + { + new ASN1ObjectIdentifier(oid); + fail("failed to catch bad oid: " + oid); + } + catch (IllegalArgumentException e) + { + // expected + } + } + + private void branchCheck(String stem, String branch) + { + String expected = stem + "." + branch; + String actual = new ASN1ObjectIdentifier(stem).branch(branch).getId(); + + if (!expected.equals(actual)) + { + fail("failed 'branch' check for " + stem + "/" + branch); + } + } + + private void onCheck(String stem, String test, boolean expected) + { + if (expected != new ASN1ObjectIdentifier(test).on(new ASN1ObjectIdentifier(stem))) + { + fail("failed 'on' check for " + stem + "/" + test); + } + } + + public void performTest() + throws IOException + { + recodeCheck("2.100.3", req1); + recodeCheck("1.2.54.34359733987.17", req2); + + validOidCheck(PKCSObjectIdentifiers.pkcs_9_at_contentType.getId()); + validOidCheck("0.1"); + validOidCheck("1.1.127.32512.8323072.2130706432.545460846592.139637976727552.35747322042253312.9151314442816847872"); + validOidCheck("1.2.123.12345678901.1.1.1"); + validOidCheck("2.25.196556539987194312349856245628873852187.1"); + + invalidOidCheck("0"); + invalidOidCheck("1"); + invalidOidCheck("2"); + invalidOidCheck("3.1"); + invalidOidCheck("..1"); + invalidOidCheck("192.168.1.1"); + invalidOidCheck(".123452"); + invalidOidCheck("1."); + invalidOidCheck("1.345.23.34..234"); + invalidOidCheck("1.345.23.34.234."); + invalidOidCheck(".12.345.77.234"); + invalidOidCheck(".12.345.77.234."); + invalidOidCheck("1.2.3.4.A.5"); + invalidOidCheck("1,2"); + + branchCheck("1.1", "2.2"); + + onCheck("1.1", "1.1", false); + onCheck("1.1", "1.2", false); + onCheck("1.1", "1.2.1", false); + onCheck("1.1", "2.1", false); + onCheck("1.1", "1.11", false); + onCheck("1.12", "1.1.2", false); + onCheck("1.1", "1.1.1", true); + onCheck("1.1", "1.1.2", true); + } + + public static void main( + String[] args) + { + runTest(new OIDTest()); + } +} diff --git a/bcprov/src/main/java/org/bouncycastle/asn1/test/ObjectIdentifierTest.java b/bcprov/src/main/java/org/bouncycastle/asn1/test/ObjectIdentifierTest.java new file mode 100644 index 00000000..bd665ecd --- /dev/null +++ b/bcprov/src/main/java/org/bouncycastle/asn1/test/ObjectIdentifierTest.java @@ -0,0 +1,38 @@ +package org.bouncycastle.asn1.test; + +import org.bouncycastle.asn1.ASN1ObjectIdentifier; +import org.bouncycastle.util.test.SimpleTest; +import org.bouncycastle.util.test.TestResult; + +public class ObjectIdentifierTest + extends SimpleTest +{ + public String getName() + { + return "ObjectIdentifier"; + } + + public void performTest() + throws Exception + { + // exercise the object cache + for (int i = 0; i < 1024; i++) + { + for (int j = 0; j != 17000; j++) + { + byte[] encoded = new ASN1ObjectIdentifier("1.1." + i + "." + j).getEncoded(); + + ASN1ObjectIdentifier.getInstance(encoded); + } + } + } + + public static void main( + String[] args) + { + ObjectIdentifierTest test = new ObjectIdentifierTest(); + TestResult result = test.perform(); + + System.out.println(result); + } +} diff --git a/bcprov/src/main/java/org/bouncycastle/asn1/test/OctetStringTest.java b/bcprov/src/main/java/org/bouncycastle/asn1/test/OctetStringTest.java new file mode 100644 index 00000000..68ed5da5 --- /dev/null +++ b/bcprov/src/main/java/org/bouncycastle/asn1/test/OctetStringTest.java @@ -0,0 +1,203 @@ +package org.bouncycastle.asn1.test; + +import java.io.ByteArrayOutputStream; +import java.io.InputStream; +import java.io.OutputStream; + +import junit.framework.Test; +import junit.framework.TestCase; +import junit.framework.TestSuite; +import org.bouncycastle.asn1.ASN1Integer; +import org.bouncycastle.asn1.ASN1ObjectIdentifier; +import org.bouncycastle.asn1.ASN1OctetStringParser; +import org.bouncycastle.asn1.ASN1SequenceParser; +import org.bouncycastle.asn1.ASN1StreamParser; +import org.bouncycastle.asn1.BEROctetStringGenerator; +import org.bouncycastle.asn1.BERSequenceGenerator; +import org.bouncycastle.asn1.BERTags; +import org.bouncycastle.asn1.DERSequenceGenerator; +import org.bouncycastle.asn1.cms.CMSObjectIdentifiers; +import org.bouncycastle.asn1.cms.CompressedDataParser; +import org.bouncycastle.asn1.cms.ContentInfoParser; + +public class OctetStringTest + extends TestCase +{ + public void testReadingWriting() + throws Exception + { + ByteArrayOutputStream bOut = new ByteArrayOutputStream(); + BEROctetStringGenerator octGen = new BEROctetStringGenerator(bOut); + + OutputStream out = octGen.getOctetOutputStream(); + + out.write(new byte[] { 1, 2, 3, 4 }); + out.write(new byte[4]); + + out.close(); + + ASN1StreamParser aIn = new ASN1StreamParser(bOut.toByteArray()); + + ASN1OctetStringParser s = (ASN1OctetStringParser)aIn.readObject(); + + InputStream in = s.getOctetStream(); + int count = 0; + + while (in.read() >= 0) + { + count++; + } + + assertEquals(8, count); + } + + public void testReadingWritingZeroInLength() + throws Exception + { + ByteArrayOutputStream bOut = new ByteArrayOutputStream(); + BEROctetStringGenerator octGen = new BEROctetStringGenerator(bOut); + + OutputStream out = octGen.getOctetOutputStream(); + + out.write(new byte[] { 1, 2, 3, 4 }); + out.write(new byte[512]); // forces a zero to appear in length + + out.close(); + + ASN1StreamParser aIn = new ASN1StreamParser(bOut.toByteArray()); + + ASN1OctetStringParser s = (ASN1OctetStringParser)aIn.readObject(); + + InputStream in = s.getOctetStream(); + int count = 0; + + while (in.read() >= 0) + { + count++; + } + + assertEquals(516, count); + } + + public void testReadingWritingNested() + throws Exception + { + ByteArrayOutputStream bOut = new ByteArrayOutputStream(); + BERSequenceGenerator sGen = new BERSequenceGenerator(bOut); + BEROctetStringGenerator octGen = new BEROctetStringGenerator(sGen.getRawOutputStream()); + + OutputStream out = octGen.getOctetOutputStream(); + + BERSequenceGenerator inSGen = new BERSequenceGenerator(out); + + BEROctetStringGenerator inOctGen = new BEROctetStringGenerator(inSGen.getRawOutputStream()); + + OutputStream inOut = inOctGen.getOctetOutputStream(); + + inOut.write(new byte[] { 1, 2, 3, 4 }); + inOut.write(new byte[10]); + + inOut.close(); + + inSGen.close(); + + out.close(); + + sGen.close(); + + ASN1StreamParser aIn = new ASN1StreamParser(bOut.toByteArray()); + + ASN1SequenceParser sq = (ASN1SequenceParser)aIn.readObject(); + + ASN1OctetStringParser s = (ASN1OctetStringParser)sq.readObject(); + + ASN1StreamParser aIn2 = new ASN1StreamParser(s.getOctetStream()); + + ASN1SequenceParser sq2 = (ASN1SequenceParser)aIn2.readObject(); + + ASN1OctetStringParser inS = (ASN1OctetStringParser)sq2.readObject(); + + InputStream in = inS.getOctetStream(); + int count = 0; + + while (in.read() >= 0) + { + count++; + } + + assertEquals(14, count); + } + + public void testNestedStructure() + throws Exception + { + ByteArrayOutputStream bOut = new ByteArrayOutputStream(); + + BERSequenceGenerator sGen = new BERSequenceGenerator(bOut); + + sGen.addObject(new ASN1ObjectIdentifier(CMSObjectIdentifiers.compressedData.getId())); + + BERSequenceGenerator cGen = new BERSequenceGenerator(sGen.getRawOutputStream(), 0, true); + + cGen.addObject(new ASN1Integer(0)); + + // + // AlgorithmIdentifier + // + DERSequenceGenerator algGen = new DERSequenceGenerator(cGen.getRawOutputStream()); + + algGen.addObject(new ASN1ObjectIdentifier("1.2")); + + algGen.close(); + + // + // Encapsulated ContentInfo + // + BERSequenceGenerator eiGen = new BERSequenceGenerator(cGen.getRawOutputStream()); + + eiGen.addObject(new ASN1ObjectIdentifier("1.1")); + + BEROctetStringGenerator octGen = new BEROctetStringGenerator(eiGen.getRawOutputStream(), 0, true); + + // + // output containing zeroes + // + OutputStream out = octGen.getOctetOutputStream(); + + out.write(new byte[] { 1, 2, 3, 4 }); + out.write(new byte[4]); + out.write(new byte[20]); + + out.close(); + eiGen.close(); + cGen.close(); + sGen.close(); + + // + // reading back + // + ASN1StreamParser aIn = new ASN1StreamParser(bOut.toByteArray()); + + ContentInfoParser cp = new ContentInfoParser((ASN1SequenceParser)aIn.readObject()); + + CompressedDataParser comData = new CompressedDataParser((ASN1SequenceParser)cp.getContent(BERTags.SEQUENCE)); + ContentInfoParser content = comData.getEncapContentInfo(); + + ASN1OctetStringParser bytes = (ASN1OctetStringParser)content.getContent(BERTags.OCTET_STRING); + + InputStream in = bytes.getOctetStream(); + int count = 0; + + while (in.read() >= 0) + { + count++; + } + + assertEquals(28, count); + } + + public static Test suite() + { + return new TestSuite(OctetStringTest.class); + } +} diff --git a/bcprov/src/main/java/org/bouncycastle/asn1/test/OtherCertIDUnitTest.java b/bcprov/src/main/java/org/bouncycastle/asn1/test/OtherCertIDUnitTest.java new file mode 100644 index 00000000..9a85ceac --- /dev/null +++ b/bcprov/src/main/java/org/bouncycastle/asn1/test/OtherCertIDUnitTest.java @@ -0,0 +1,97 @@ +package org.bouncycastle.asn1.test; + +import java.io.IOException; + +import org.bouncycastle.asn1.ASN1InputStream; +import org.bouncycastle.asn1.ASN1Integer; +import org.bouncycastle.asn1.ASN1ObjectIdentifier; +import org.bouncycastle.asn1.ASN1Sequence; +import org.bouncycastle.asn1.ess.OtherCertID; +import org.bouncycastle.asn1.x509.AlgorithmIdentifier; +import org.bouncycastle.asn1.x509.GeneralName; +import org.bouncycastle.asn1.x509.GeneralNames; +import org.bouncycastle.asn1.x509.IssuerSerial; +import org.bouncycastle.asn1.x509.X509Name; + +public class OtherCertIDUnitTest + extends ASN1UnitTest +{ + public String getName() + { + return "OtherCertID"; + } + + public void performTest() + throws Exception + { + AlgorithmIdentifier algId = new AlgorithmIdentifier(new ASN1ObjectIdentifier("1.2.2.3")); + byte[] digest = new byte[20]; + IssuerSerial issuerSerial = new IssuerSerial(new GeneralNames(new GeneralName(new X509Name("CN=test"))), new ASN1Integer(1)); + + OtherCertID certID = new OtherCertID(algId, digest); + + checkConstruction(certID, algId, digest, null); + + certID = new OtherCertID(algId, digest, issuerSerial); + + checkConstruction(certID, algId, digest, issuerSerial); + + certID = OtherCertID.getInstance(null); + + if (certID != null) + { + fail("null getInstance() failed."); + } + + try + { + OtherCertID.getInstance(new Object()); + + fail("getInstance() failed to detect bad object."); + } + catch (IllegalArgumentException e) + { + // expected + } + } + + private void checkConstruction( + OtherCertID certID, + AlgorithmIdentifier algId, + byte[] digest, + IssuerSerial issuerSerial) + throws IOException + { + checkValues(certID, algId, digest, issuerSerial); + + certID = OtherCertID.getInstance(certID); + + checkValues(certID, algId, digest, issuerSerial); + + ASN1InputStream aIn = new ASN1InputStream(certID.toASN1Object().getEncoded()); + + ASN1Sequence seq = (ASN1Sequence)aIn.readObject(); + + certID = OtherCertID.getInstance(seq); + + checkValues(certID, algId, digest, issuerSerial); + } + + private void checkValues( + OtherCertID certID, + AlgorithmIdentifier algId, + byte[] digest, + IssuerSerial issuerSerial) + { + checkMandatoryField("algorithmHash", algId, certID.getAlgorithmHash()); + checkMandatoryField("certHash", digest, certID.getCertHash()); + + checkOptionalField("issuerSerial", issuerSerial, certID.getIssuerSerial()); + } + + public static void main( + String[] args) + { + runTest(new OtherCertIDUnitTest()); + } +} diff --git a/bcprov/src/main/java/org/bouncycastle/asn1/test/OtherSigningCertificateUnitTest.java b/bcprov/src/main/java/org/bouncycastle/asn1/test/OtherSigningCertificateUnitTest.java new file mode 100644 index 00000000..9de12ee8 --- /dev/null +++ b/bcprov/src/main/java/org/bouncycastle/asn1/test/OtherSigningCertificateUnitTest.java @@ -0,0 +1,86 @@ +package org.bouncycastle.asn1.test; + +import java.io.IOException; + +import org.bouncycastle.asn1.ASN1InputStream; +import org.bouncycastle.asn1.ASN1ObjectIdentifier; +import org.bouncycastle.asn1.ASN1Sequence; +import org.bouncycastle.asn1.ess.OtherCertID; +import org.bouncycastle.asn1.ess.OtherSigningCertificate; +import org.bouncycastle.asn1.x509.AlgorithmIdentifier; + +public class OtherSigningCertificateUnitTest + extends ASN1UnitTest +{ + public String getName() + { + return "OtherSigningCertificate"; + } + + public void performTest() + throws Exception + { + AlgorithmIdentifier algId = new AlgorithmIdentifier(new ASN1ObjectIdentifier("1.2.2.3")); + byte[] digest = new byte[20]; + OtherCertID otherCertID = new OtherCertID(algId, digest); + + OtherSigningCertificate otherCert = new OtherSigningCertificate(otherCertID); + + checkConstruction(otherCert, otherCertID); + + otherCert = OtherSigningCertificate.getInstance(null); + + if (otherCert != null) + { + fail("null getInstance() failed."); + } + + try + { + OtherCertID.getInstance(new Object()); + + fail("getInstance() failed to detect bad object."); + } + catch (IllegalArgumentException e) + { + // expected + } + } + + private void checkConstruction( + OtherSigningCertificate otherCert, + OtherCertID otherCertID) + throws IOException + { + checkValues(otherCert, otherCertID); + + otherCert = OtherSigningCertificate.getInstance(otherCert); + + checkValues(otherCert, otherCertID); + + ASN1InputStream aIn = new ASN1InputStream(otherCert.toASN1Object().getEncoded()); + + ASN1Sequence seq = (ASN1Sequence)aIn.readObject(); + + otherCert = OtherSigningCertificate.getInstance(seq); + + checkValues(otherCert, otherCertID); + } + + private void checkValues( + OtherSigningCertificate otherCert, + OtherCertID otherCertID) + { + if (otherCert.getCerts().length != 1) + { + fail("getCerts() length wrong"); + } + checkMandatoryField("getCerts()[0]", otherCertID, otherCert.getCerts()[0]); + } + + public static void main( + String[] args) + { + runTest(new OtherSigningCertificateUnitTest()); + } +} diff --git a/bcprov/src/main/java/org/bouncycastle/asn1/test/PKCS10Test.java b/bcprov/src/main/java/org/bouncycastle/asn1/test/PKCS10Test.java new file mode 100644 index 00000000..da6571d2 --- /dev/null +++ b/bcprov/src/main/java/org/bouncycastle/asn1/test/PKCS10Test.java @@ -0,0 +1,101 @@ +package org.bouncycastle.asn1.test; + +import java.io.ByteArrayInputStream; +import java.io.ByteArrayOutputStream; + +import org.bouncycastle.asn1.ASN1InputStream; +import org.bouncycastle.asn1.ASN1Sequence; +import org.bouncycastle.asn1.DEROutputStream; +import org.bouncycastle.asn1.pkcs.CertificationRequest; +import org.bouncycastle.util.encoders.Base64; +import org.bouncycastle.util.test.SimpleTestResult; +import org.bouncycastle.util.test.Test; +import org.bouncycastle.util.test.TestResult; + +public class PKCS10Test + implements Test +{ + byte[] req1 = Base64.decode( + "MIHoMIGTAgEAMC4xDjAMBgNVBAMTBVRlc3QyMQ8wDQYDVQQKEwZBbmFUb20xCzAJBgNVBAYTAlNF" + + "MFwwDQYJKoZIhvcNAQEBBQADSwAwSAJBALlEt31Tzt2MlcOljvacJgzQVhmlMoqAOgqJ9Pgd3Gux" + + "Z7/WcIlgW4QCB7WZT21O1YoghwBhPDMcNGrHei9kHQkCAwEAAaAAMA0GCSqGSIb3DQEBBQUAA0EA" + + "NDEI4ecNtJ3uHwGGlitNFq9WxcoZ0djbQJ5hABMotav6gtqlrwKXY2evaIrsNwkJtNdwwH18aQDU" + + "KCjOuBL38Q=="); + + byte[] req2 = Base64.decode( + "MIIB6TCCAVICAQAwgagxCzAJBgNVBAYTAlVTMRMwEQYDVQQIEwpDYWxpZm9ybmlhMRQwEgYDVQQH" + + "EwtTYW50YSBDbGFyYTEMMAoGA1UEChMDQUJCMVEwTwYDVQQLHEhQAAAAAAAAAG8AAAAAAAAAdwAA" + + "AAAAAABlAAAAAAAAAHIAAAAAAAAAIAAAAAAAAABUAAAAAAAAABxIAAAAAAAARAAAAAAAAAAxDTAL" + + "BgNVBAMTBGJsdWUwgZ8wDQYJKoZIhvcNAQEBBQADgY0AMIGJAoGBANETRZ+6occCOrFxNhfKIp4C" + + "mMkxwhBNb7TnnahpbM9O0r4hrBPcfYuL7u9YX/jN0YNUP+/CiT39HhSe/bikaBPDEyNsl988I8vX" + + "piEdgxYq/+LTgGHbjRsRYCkPtmzwBbuBldNF8bV7pu0v4UScSsExmGqqDlX1TbPU8KkPU1iTAgMB" + + "AAGgADANBgkqhkiG9w0BAQQFAAOBgQAFbrs9qUwh93CtETk7DeUD5HcdCnxauo1bck44snSV6MZV" + + "OCIGaYu1501kmhEvAtVVRr6SEHwimfQDDIjnrWwYsEr/DT6tkTZAbfRd3qUu3iKjT0H0vlUZp0hJ" + + "66mINtBM84uZFBfoXiWY8M3FuAnGmvy6ah/dYtJorTxLKiGkew=="); + + public String getName() + { + return "PKCS10"; + } + + public TestResult pkcs10Test( + String testName, + byte[] req) + { + try + { + ByteArrayInputStream bIn = new ByteArrayInputStream(req); + ASN1InputStream aIn = new ASN1InputStream(bIn); + + CertificationRequest r = new CertificationRequest((ASN1Sequence)aIn.readObject()); + + ByteArrayOutputStream bOut = new ByteArrayOutputStream(); + DEROutputStream dOut = new DEROutputStream(bOut); + + dOut.writeObject(r.toASN1Primitive()); + + byte[] bytes = bOut.toByteArray(); + + if (bytes.length != req.length) + { + return new SimpleTestResult(false, getName() + ": " + testName + " failed length test"); + } + + for (int i = 0; i != req.length; i++) + { + if (bytes[i] != req[i]) + { + return new SimpleTestResult(false, getName() + ": " + testName + " failed comparison test"); + } + } + } + catch (Exception e) + { + return new SimpleTestResult(false, getName() + ": Exception - " + testName + " " + e.toString()); + } + + return new SimpleTestResult(true, getName() + ": Okay"); + } + + public TestResult perform() + { + TestResult res = pkcs10Test("basic CR", req1); + + if (!res.isSuccessful()) + { + return res; + } + + return pkcs10Test("Universal CR", req2); + } + + public static void main( + String[] args) + { + Test test = new PKCS10Test(); + + TestResult result = test.perform(); + + System.out.println(result); + } +} diff --git a/bcprov/src/main/java/org/bouncycastle/asn1/test/PKCS12Test.java b/bcprov/src/main/java/org/bouncycastle/asn1/test/PKCS12Test.java new file mode 100644 index 00000000..f533a652 --- /dev/null +++ b/bcprov/src/main/java/org/bouncycastle/asn1/test/PKCS12Test.java @@ -0,0 +1,227 @@ +package org.bouncycastle.asn1.test; + +import java.io.ByteArrayInputStream; +import java.io.ByteArrayOutputStream; + +import org.bouncycastle.asn1.ASN1InputStream; +import org.bouncycastle.asn1.ASN1OctetString; +import org.bouncycastle.asn1.ASN1OutputStream; +import org.bouncycastle.asn1.ASN1Sequence; +import org.bouncycastle.asn1.BEROctetString; +import org.bouncycastle.asn1.DLSequence; +import org.bouncycastle.asn1.pkcs.AuthenticatedSafe; +import org.bouncycastle.asn1.pkcs.ContentInfo; +import org.bouncycastle.asn1.pkcs.EncryptedData; +import org.bouncycastle.asn1.pkcs.EncryptedPrivateKeyInfo; +import org.bouncycastle.asn1.pkcs.MacData; +import org.bouncycastle.asn1.pkcs.PKCSObjectIdentifiers; +import org.bouncycastle.asn1.pkcs.Pfx; +import org.bouncycastle.asn1.pkcs.SafeBag; +import org.bouncycastle.asn1.x509.AlgorithmIdentifier; +import org.bouncycastle.asn1.x509.DigestInfo; +import org.bouncycastle.util.Arrays; +import org.bouncycastle.util.encoders.Base64; +import org.bouncycastle.util.test.SimpleTest; + +public class PKCS12Test + extends SimpleTest +{ + byte[] pkcs12 = Base64.decode( + "MIACAQMwgAYJKoZIhvcNAQcBoIAkgASCA+gwgDCABgkqhkiG9w0BBwGggCSA" + + "BIIDRDCCA0AwggM8BgsqhkiG9w0BDAoBAqCCArEwggKtMCcGCiqGSIb3DQEM" + + "AQMwGQQUFlnNVpQoEHc+J3UEGxARipkHu5kCAWQEggKAAH9tmy40lly6QDoc" + + "1TfmY9y2qysD+lrgk+dnxP04RfoJfycTRDeaz2sPLImZtio9nsqCFqtzU/sl" + + "eWigbH34BpKU1sC0Gq1cyik0GO65sW95S6YjKtGcGOBfQCPk1oQjfiqnfU3G" + + "oeOaG3COQJukMFj8unv55u0xbX1hwO8SsZmr9RjPzLrVaeY6BP5+CCzOKBaj" + + "GxneIDqnQW7/kBIVWK7M+JXGdgQyiKhD6NvXL/zD8oKEne0nIX7IokQuWEn6" + + "8Sglv5OSclsSdvHTk57bCuV5lVzoIzczA4J/LZWdrtITeVefBLQSalBzpRde" + + "rSTMj485z2x5ChizhjE627/KQ5vkKQkQVqXYYXVyeTvKZRpL7vz13C4DUCwN" + + "im1XvNSCNebXS1yHJRtcONDhGJN3UsrVjHr+2kCfE5SCEeSU/dqgNLuLa1tk" + + "5+jwZFNj/HjO88wlOwPCol1uuJjDpaEW7dxu5qsVSfZhEXWHs8rZAMttFMzi" + + "yxsEkZe8kqngRbNJOY6KpppYedsMWDusUJGfIHo+8zymiw3gv/z+lmFOlDGt" + + "CKMk9Es/MgfjpbfhbTVYHOBKS6Qyrz7LdTuBMI8XdsZMuN+Uf73690ggLmKW" + + "IELUg8h1RX0ra2n6jOc/1rnebAifMhiMkL1ABQvqOobfOrG/9h9XcXoi64Qr" + + "htc3T7yMAHafBX5KUcNkbcn6kssYhpvd8bPADoLBnbx3GxGh/uziB0zKQEI0" + + "GnaY4SL7aR4C5xNNi41lYtsR6ohKyfPEGslhrhd4axx0cKxC2sHgVl0k+r8B" + + "8Vu44XHbW8LqdspjOHN9qg2erES1Dvgj05SfHDup+V6a3ogJo2YKXOiu3DF4" + + "MFEGCSqGSIb3DQEJFDFEHkIARABhAHYAaQBkACAARwAuACAASABvAG8AawAn" + + "AHMAIABWAGUAcgBpAFMAaQBnAG4ALAAgAEkAbgBjAC4AIABJAEQwIwYJKoZI" + + "hvcNAQkVMRYEFKEcMJ798oZLFkH0OnpbUBnrTLgWAAAAAAAAMIAGCSqGSIb3" + + "DQEHBqCAMIACAQAwgAYJKoZIhvcNAQcBMCcGCiqGSIb3DQEMAQYwGQQUTErH" + + "kWZ8nBXZYWO53FH4yqRZZsECAWSggASCDGCreuCr6/azcOv5w04bN3jkg4G2" + + "dsvTPAjL8bichaEOQCykhuNPt1dv3FsjUsdFC550K0+Y48RyBIID6JTiN9Gj" + + "K+a5aLPaXgTRdY74Toof1hYtZ4DIcVyq25LezVQHoe/++pAgEpWjqHTxVDIv" + + "YFAgT2oDB+2vkeXM61XnNWOjwCY3pXpk/VGjyN4USkD7Q/Y6tPjQOywvQE7c" + + "Ab1z62k9iMia7Yk/qmh+zJu4SSneo0/RLLdMZOlGZv89MResVG038TC8MTA9" + + "Uf+wDRcS20d7XDbTaBAgju8TpFIw5/lbDi0feUVlk6L+jkT1ktaTc1Pwtxn7" + + "psXMFW6HAWB4exOi09297R9BCOQX6vcetK/iA/3jIC6NuTdizYof0DWetdGy" + + "haIkMiEnERYE3unJocH4fq585Rw6mE+BYssPVPkVWZZInF3l69bKduuxsQt+" + + "pcApgBVsTjsU+1FOiUxuW2wWKi70RcQprPv5Ef1A5FRNxPFp+7IzLNlE4qCo" + + "wvC6NTpeuRw3aGsXSfqHmSddrHugNPmghNgG5lv1Ef7A8MUuyp8fyjAgxCDk" + + "4Hpb8PCHGj5t//Fr6Cd0MygJMIFQmv4kUd2LVHxQ9A9WFNCqTz/nBe+ZRLJL" + + "NghTv6gGpjGJiBnXYv6Sod2fs+5J2GIvex4qbdh6gzZIU2YTAwpj6Aca3SjA" + + "X8+m8AXt2SC3Z6T5+m8SxyiNp2P511paV/TZKtLWXQGKeEX1JXhQkaM6Q5W/" + + "IhSgC8/gppk1gbIraBqrW8bEnGBnC03wi0OnMz3ohM4CVHyaW3dQquT2+u6F" + + "8VeGXAYHU022NkrpPl/VlfNNEAyisU2+oJqpPZkqL6FsDWF3k6Fq2jXBLL+/" + + "a0WA82jIpgjNeXze/cgoHtU023V9E9Qcu+5nPBYdCTR4sRxvHLANii0W8lPv" + + "tvU5XO1UsEjHDfKL4E1bhGzGpb/OU5yg/98EN95r/xdFL5G+XVyHeR0UtkcB" + + "IuvyBdhkwoprCjkcgLZe8FPIBNw84HRe7Ye6f2gDW/F5uej6rBehJS1VFvCh" + + "DXzkajGmK40Gc2APS1/1vZqPu68polgw9dT84rem36PLEOq4KuU7n4QE0g7T" + + "YR2G8+4FNgQTjjg/qw3lX+sj6yLn1lYt1dOVvkiM8i8tdZg/3pCKKAW1uV7a" + + "astlBxVSkFfn1BrFTc2oFGkTrlUg90a+parOfGHTfDiaHX8ouEg63fk0+Xdi" + + "FCarXsqHNPDbpmWLKw8TAmdeneGipyScntJJk4ajy+jROQBgGew3ofOmfkqm" + + "oJFNwUvKOXN2ucViLZgsdK/7YgV1OR7oiTh8knQNPk3d5fRYSMFf9GJTjQRV" + + "y2CLdICAVzvrUXf9k7miWYkjIp2/HGD7pOH018sX9MrpfJKqvdPFOssZiFd0" + + "I2FUbgcEggPotvnT0XoabEiurTm8EPPpw66NKmK/H1kQL0hEtdIazPxfLmm/" + + "ZUDokwa7d4bE3BwFh0weQfEvMzJu6Y5E7ir2MqD33XaGMOGys1nst1SPPyDB" + + "WpOWD9w7Ng3yU1JVzqFWuVXaXDYbfnlG7AGevKF5PYNZj/RIQBBf5Xle9hTd" + + "c9CtxPkrsJwA8DeAwKl2WIfbXGzAYLSnXoYUcoTkWn/O81BlUFgAXv80gLe8" + + "NUrH7bhsnyGaPY953NyDk8IWUYrsn/sXvxTy5B0/7/WGMh3CSZrLX3p7TcFY" + + "yBrL6SRas4q9rrcwuhBq0tUUbbgWi92nhZl4bOGmx7ehHnwuUId2HWXyVGoB" + + "qToee/2E4PZFxSZwKCY6dahswFq5QGDrQKN2/qpOLZcJib6SvSGyEZl2pqr0" + + "lqk7tVPzBkN/4uP0qrcbZCDbGW6IXwu3RGMRehqj/HEJcs92lZKfVrk/U07X" + + "MBAiQHqV+kLw7kStECR/MGJG1c0xhqqBrf0W74+LpJiv/Q9iFNdWbXvE/cAk" + + "G7+OTUABd2kI88uA43T0UoRuPOi5KnLuD3AG+7IuyGyP69Xncd4u0srMg2fn" + + "DiLLZUy6vWmxwRFsSMCEfQNLtZaggukoPIihQvbX3mQS9izwLs6D89WtEcZ5" + + "6DVbIlUqUinnNKsT8vW1DZo5FMJkUxB666YIPVmkQbbJOEUU89dZg5Gw0og6" + + "rn4irEr4xHFdx+S7iqJXhzs9THg/9e4/k8KQ136z7LALOqDookcSdBzW6H8c" + + "STjs4qKQyNimsLB90mEuIEApzhseAaLFl+kgORGJv/2a+uoukZchMsJ98MVo" + + "sEPS1oBXJl2m9AshkWfON2GDeJatgcw6CyC1mSx++Gg602ZKUZZUaWxkz1Sw" + + "zTj3nhiJe+SZsdfxhsojNq7zfxqgY/Rq7BwvphU3StjnxvkB4rTkbmbiGOBO" + + "cvTFg4yOtQGRcifk2/XH/bgYiPqQrYSXpO3WRASV005RaSGufcpTtj3YlHGe" + + "8FUgZfDtfiGezhNET9KO3/Q0i34bGEpoIb/9uOWH4ZHULIlfdSm1ynV50nE4" + + "mJTXccrF6BE80KZI5GWGhqXdfPFaHTK1S20+XCw7bRJCGeiwVxvGfB+C0SZ4" + + "ndtqx165dKG5JwFukcygiIZN6foh0/PhwzmFxmPtZuPQt9dtuIQ35Y7PSDsy" + + "IH2Ot0Hh0YIN99lHJ6n9HomSjpwcgDXGssEuevbpz27u/MI/Uhq4Gfx0k5RF" + + "0pcRYtk1dYSx44a+8WgqZLF8DUNtyjSE/H8P5iGa6tqOl7kNyeeEkfoTtKst" + + "asGFwL4Qxxus4GC7repyVi7IJgSCA+iopiqKQJ2IqUHvoIEuD//sZooDx0Je" + + "oFRO5VakkTO6WHd8JpOOEU2f6Zjg++HdIl0QK7xcUaRH075LzEfqgn1vyw6J" + + "N6ex8D76sf/nAy01NvDPij48Z50XDwXu4kJGJvv0AJwId8BpjziBF0j3K/DI" + + "YOOpd6nW4EvdivCgaCnxqlIU/u1OP4BwpO+AUjJh6RKlKviGihQpi103DFhR" + + "yXNDhh55pqgCCCuNeEB+ovRt7UxzlGAVRSxJh1Zbjp/+iQun0E32RlSR4Diz" + + "p5vDk8NBZpIiKRqI+8GWZc3G1igp7dvViTLw4OdWMKwhccV5+3Ll/W72aNVm" + + "azYUoYOVn+OYS1NJkER0tjFOCozRGm5hfkxGlP+02wbH5uu/AQoJMqWIxT6l" + + "46IWC24lmAnDCXuM+gWmwUvyXLwuBdejVK8iG1Lnfg1qztoLpYRbBROgRdpt" + + "2cbPRm+9seqrth3eJbtmxCvuh3bZ3pR2e0/r5Tob/fDcOc5Kp+j4ndXWkwpa" + + "OuH1yxam7zNJR+mcYp1Wiujia5qIeY1QCAEY5QgAWaSHtjlEprwUuootA2Xm" + + "V7D8Vsr9BValhm9zMKj6IzsPmM+HZJWlhHcoucuAmPK6Lnys3Kv/mbkSgNOq" + + "fJDY901veFfKeqiCbAm6hZjNWoQDNJKFhjXUALrcOv9VCFPA3bMW3Xul/sB4" + + "Mq595e+x/1HkNOgZorBv97C6X7ENVDaAFcyZvrRU/ZeDnvFhisfxS4EJhzxl" + + "cWWnQhzD+ur1FTTlkmUFzgoB/rW+i3XigiHOuRRnkcoMy1uV17rwH8eELHJu" + + "Yni5vu2QUaD4jNEhliE2XCsn8Sm6bcXnfzBa7FXC39QvAcdJHzqcD6iIwjIz" + + "hKLu+/XoWFMFFNsgV78AwzPAn6TRya8LLCYPoIZkEP4qBoeZtUZ8PIS/Y7M9" + + "QStMwa/NI9SPswb3iScTGvor/obUEQS4QM6mVxFMpQWfwJfyU6jingX4EHRE" + + "mqvZ3ehzU8ZLOdKzRKuk022YDT7hwEQ+VL0Fg0Ld9oexqT96nQpUTHZtDRMV" + + "iTuJoUYTneDs2c9tsY4mWBqamZQSfTegj4sLMZagkuSUp/SpPM2zSGuD3nY6" + + "u3553gIM9jYhvLBEXwjGudVCwMd3bqo/4EhnKb2PcwUzdaMkipQlNteHZjBT" + + "1ici63xjJva+di0qTV+W9cyYyHwg1927X2qcMh06BhbHlcXQKbgmbL18KJEt" + + "K+GGhGNkP7mtPyHHgBb6vref/z8p7oxT2CG+oBuN/z+xQoYfe9c4IC3e/kNN" + + "DIoyYvPyEzAdfMS2aL8qDxzc5GH9UE9kcusJ/2dNEFTzBH2GK1CItL3IACv/" + + "LwX1SkI0w7oIQTL127CSnuTrUUkvJ/+rOYScQTMD/ntZPdLdu2ffszg3SzhN" + + "ELgojK8ss1OBlruWRHw/fP736Nx8MNsuOvXMnO8lruz+uyuEhF3BLv96oTcg" + + "XVHdWhPmOoqNdBQdRgAAAAAAAAAAAAAAAAAAAAAAADA8MCEwCQYFKw4DAhoF" + + "AAQUJMZn7MEKv4vW/+voCVyHBa6B0EMEFJOzH/BEjRtNNsZWlo/4L840aE5r" + + "AgFkAAA="); + + public void performTest() + throws Exception + { + ASN1InputStream aIn = new ASN1InputStream(new ByteArrayInputStream(pkcs12)); + ASN1Sequence obj = (ASN1Sequence)aIn.readObject(); + Pfx bag = Pfx.getInstance(obj); + ContentInfo info = bag.getAuthSafe(); + MacData mData = bag.getMacData(); + DigestInfo dInfo = mData.getMac(); + AlgorithmIdentifier algId = dInfo.getAlgorithmId(); + byte[] salt = mData.getSalt(); + int itCount = mData.getIterationCount().intValue(); + + aIn = new ASN1InputStream(new ByteArrayInputStream(((ASN1OctetString)info.getContent()).getOctets())); + + AuthenticatedSafe authSafe = AuthenticatedSafe.getInstance(aIn.readObject()); + ContentInfo[] c = authSafe.getContentInfo(); + + // + // private key section + // + if (!c[0].getContentType().equals(PKCSObjectIdentifiers.data)) + { + fail("failed comparison data test"); + } + + aIn = new ASN1InputStream(new ByteArrayInputStream(((ASN1OctetString)c[0].getContent()).getOctets())); + ASN1Sequence seq = (ASN1Sequence)aIn.readObject(); + + SafeBag b = SafeBag.getInstance(seq.getObjectAt(0)); + if (!b.getBagId().equals(PKCSObjectIdentifiers.pkcs8ShroudedKeyBag)) + { + fail("failed comparison shroudedKeyBag test"); + } + + EncryptedPrivateKeyInfo encInfo = EncryptedPrivateKeyInfo.getInstance(b.getBagValue()); + + encInfo = new EncryptedPrivateKeyInfo(encInfo.getEncryptionAlgorithm(), encInfo.getEncryptedData()); + + b = new SafeBag(PKCSObjectIdentifiers.pkcs8ShroudedKeyBag, encInfo.toASN1Primitive(), b.getBagAttributes()); + + ByteArrayOutputStream abOut = new ByteArrayOutputStream(); + ASN1OutputStream berOut = new ASN1OutputStream(abOut); + + berOut.writeObject(new DLSequence(b)); + + c[0] = new ContentInfo(PKCSObjectIdentifiers.data, new BEROctetString(abOut.toByteArray())); + + // + // certificates + // + if (!c[1].getContentType().equals(PKCSObjectIdentifiers.encryptedData)) + { + fail("failed comparison encryptedData test"); + } + + EncryptedData eData = EncryptedData.getInstance(c[1].getContent()); + + c[1] = new ContentInfo(PKCSObjectIdentifiers.encryptedData, eData); + + // + // create an octet stream represent the BER encoding of authSafe + // + authSafe = new AuthenticatedSafe(c); + + abOut = new ByteArrayOutputStream(); + berOut = new ASN1OutputStream(abOut); + + berOut.writeObject(authSafe); + + info = new ContentInfo(PKCSObjectIdentifiers.data, new BEROctetString(abOut.toByteArray())); + + mData = new MacData(new DigestInfo(algId, dInfo.getDigest()), salt, itCount); + + bag = new Pfx(info, mData); + + // + // comparison test + // + + ByteArrayOutputStream bOut = new ByteArrayOutputStream(); + ASN1OutputStream aOut = new ASN1OutputStream(bOut); + + aOut.writeObject(bag); + + if (!Arrays.areEqual(bOut.toByteArray(), pkcs12)) + { + fail("failed comparison test"); + } + } + + public String getName() + { + return "PKCS12"; + } + + public static void main( + String[] args) + { + runTest(new PKCS12Test()); + } +} diff --git a/bcprov/src/main/java/org/bouncycastle/asn1/test/PKIFailureInfoTest.java b/bcprov/src/main/java/org/bouncycastle/asn1/test/PKIFailureInfoTest.java new file mode 100644 index 00000000..164f5a6f --- /dev/null +++ b/bcprov/src/main/java/org/bouncycastle/asn1/test/PKIFailureInfoTest.java @@ -0,0 +1,68 @@ +package org.bouncycastle.asn1.test; + +import java.io.IOException; + +import org.bouncycastle.asn1.ASN1Encoding; +import org.bouncycastle.asn1.ASN1InputStream; +import org.bouncycastle.asn1.DERBitString; +import org.bouncycastle.asn1.cmp.PKIFailureInfo; +import org.bouncycastle.util.encoders.Base64; +import org.bouncycastle.util.test.SimpleTest; + + +/** + * PKIFailureInfoTest + */ +public class PKIFailureInfoTest + extends SimpleTest +{ + // A correct hex encoded BAD_DATA_FORMAT PKIFailureInfo + private static final byte[] CORRECT_FAILURE_INFO = Base64.decode("AwIANQ=="); + + public String getName() + { + return "PKIFailureInfo"; + } + + private void testEncoding() + throws IOException + { + DERBitString bitString = (DERBitString)new ASN1InputStream(CORRECT_FAILURE_INFO).readObject(); + PKIFailureInfo correct = new PKIFailureInfo(bitString); + + PKIFailureInfo bug = new PKIFailureInfo(PKIFailureInfo.badRequest | PKIFailureInfo.badTime |PKIFailureInfo.badDataFormat | PKIFailureInfo.incorrectData); + + if (!areEqual(correct.getEncoded(ASN1Encoding.DER),bug.getEncoded(ASN1Encoding.DER))) + { + fail("encoding doesn't match"); + } + } + + public void performTest() + throws IOException + { + BitStringConstantTester.testFlagValueCorrect(0, PKIFailureInfo.badAlg); + BitStringConstantTester.testFlagValueCorrect(1, PKIFailureInfo.badMessageCheck); + BitStringConstantTester.testFlagValueCorrect(2, PKIFailureInfo.badRequest); + BitStringConstantTester.testFlagValueCorrect(3, PKIFailureInfo.badTime); + BitStringConstantTester.testFlagValueCorrect(4, PKIFailureInfo.badCertId); + BitStringConstantTester.testFlagValueCorrect(5, PKIFailureInfo.badDataFormat); + BitStringConstantTester.testFlagValueCorrect(6, PKIFailureInfo.wrongAuthority); + BitStringConstantTester.testFlagValueCorrect(7, PKIFailureInfo.incorrectData); + BitStringConstantTester.testFlagValueCorrect(8, PKIFailureInfo.missingTimeStamp); + BitStringConstantTester.testFlagValueCorrect(9, PKIFailureInfo.badPOP); + BitStringConstantTester.testFlagValueCorrect(14, PKIFailureInfo.timeNotAvailable); + BitStringConstantTester.testFlagValueCorrect(15, PKIFailureInfo.unacceptedPolicy); + BitStringConstantTester.testFlagValueCorrect(16, PKIFailureInfo.unacceptedExtension); + BitStringConstantTester.testFlagValueCorrect(17, PKIFailureInfo.addInfoNotAvailable); + BitStringConstantTester.testFlagValueCorrect(25, PKIFailureInfo.systemFailure); + + testEncoding(); + } + + public static void main( + String[] args) + { + runTest(new PKIFailureInfoTest()); + } +} diff --git a/bcprov/src/main/java/org/bouncycastle/asn1/test/ParseTest.java b/bcprov/src/main/java/org/bouncycastle/asn1/test/ParseTest.java new file mode 100644 index 00000000..2e5112a3 --- /dev/null +++ b/bcprov/src/main/java/org/bouncycastle/asn1/test/ParseTest.java @@ -0,0 +1,308 @@ +package org.bouncycastle.asn1.test; + +import java.io.IOException; + +import junit.framework.TestCase; +import org.bouncycastle.asn1.ASN1OctetStringParser; +import org.bouncycastle.asn1.ASN1SequenceParser; +import org.bouncycastle.asn1.ASN1StreamParser; +import org.bouncycastle.asn1.ASN1TaggedObjectParser; +import org.bouncycastle.asn1.BERTags; +import org.bouncycastle.asn1.cms.ContentInfoParser; +import org.bouncycastle.asn1.cms.EncryptedContentInfoParser; +import org.bouncycastle.asn1.cms.EnvelopedDataParser; +import org.bouncycastle.util.encoders.Base64; +import org.bouncycastle.util.encoders.Hex; +import org.bouncycastle.util.io.Streams; + +public class ParseTest + extends TestCase +{ + private static byte[] classCastTest = Base64.decode( + "MIIXqAYJKoZIhvcNAQcDoIIXmTCCF5UCAQAxggG1MIIBsQIBADCBmDCBkDEL" + + "MAkGA1UEBhMCVVMxETAPBgNVBAgTCE1pY2hpZ2FuMQ0wCwYDVQQHEwRUcm95" + + "MQwwCgYDVQQKEwNFRFMxGTAXBgNVBAsTEEVMSVQgRW5naW5lZXJpbmcxJDAi" + + "BgkqhkiG9w0BCQEWFUVsaXQuU2VydmljZXNAZWRzLmNvbTEQMA4GA1UEAxMH" + + "RURTRUxJVAIDD6FBMA0GCSqGSIb3DQEBAQUABIIBAGh04C2SyEnH9J2Va18w" + + "3vdp5L7immD5h5CDZFgdgHln5QBzT7hodXMVHmyGnycsWnAjYqpsil96H3xQ" + + "A6+9a7yB6TYSLTNv8zhL2qU3IrfdmUJyxxfsFJlWFO1MlRmu9xEAW5CeauXs" + + "RurQCT+C5tLc5uytbvw0Jqbz+Qp1+eaRbfvyhWFGkO/BYZ89hVL9Yl1sg/Ls" + + "mA5jwTj2AvHkAwis+F33ZhYlto2QDvbPsUa0cldnX8+1Pz4QzKMHmfUbFD2D" + + "ngaYN1tDlmezCsYFQmNx1th1SaQtTefvPr+qaqRsm8KEXlWbJQXmIfdyi0zY" + + "qiwztEtO81hXZYkKqc5fKMMwghXVBgkqhkiG9w0BBwEwFAYIKoZIhvcNAwcE" + + "CEq3cLLWVds9gIIVsAAik3al6Nn5pr7r0mSy9Ki3vEeCBcV9EzEG44BvNHNA" + + "WyEsqQsdSxuF7h1/DJAMuZFwCbGflaRGx/1L94zrmtpeuH501lzPMvvZCmpj" + + "KrOF8e1B4MVQ5TfQTdUVyRnbcDa6E4V1ZZIdAI7BgDeJttS4+L6btquXfxUg" + + "ttPYQkevF7MdShYNnfLkY4vUMDOp3+iVzrOlq0elM95dfSA7OdBavgDJbz/7" + + "mro3AFTytnWjGz8TUos+oUujTk9/kHOn4cEAIm0hHrNhPS5qoj3QnNduNrad" + + "rLpGtcYyNlHIsYCsvPMxwoHmIw+r9xQQRjjzmVYzidn+cNOt0FmLs6YE8ds4" + + "wvHRO9S69TgKPHRgk2bihgHqII9lF9qIzfG40YwJLHzGoEwVO1O0+wn8j2EP" + + "O9I/Q3vreCH+5VbpUD2NGTwsMwZ3YlUesurLwse/YICxmgdN5Ro4DeQJSa9M" + + "iJnRFYWRq+58cKgr+L11mNc9nApZBShlpPP7pdNqWOafStIEjo+dsY/J+iyS" + + "6WLlUvNt/12qF4NAgZMb3FvRQ9PrMe87lqSRnHcpLWHcFjuKbMKCBvcdWGWI" + + "R7JR8UNzUvoLGGAUI9Ck+yTq4QtfgtL5MLmdBGxSKzgs44Mmek+LnrFx+e9n" + + "pkrdDf2gM/m7E50FnLYqzUjctKYGLNYpXQorq9MJx6TB20CHXcqOOoQqesXa" + + "9jL9PIOtBQy1Ow5Bh4SP07nTFWFSMI/Wt4ZvNvWJj3ecA9KjMOA9EXWUDS/H" + + "k9iCb2EEMo7fe5mhoyxMxPO+EIa1sEC9A1+rDACKPQCHOLI0uPmsdo0AEECC" + + "QLgOQkcwQlkHexOyHiOOtBxehtGZ1eBQQZ+31DF+RRU6WvS6grg58eS4gGOQ" + + "bd7CS9yYebvAQkz61J8KprWdtZuG1gBGma12wKMuQuC6RuWlKsj+rPMvaQCt" + + "8mucGbkElPGZVhdyD8/BvpSCNbgRwb6iSiw4EECovu4P4GFJaMGUYEuCA711" + + "itEieYc1QqS6ULjb3LFL/RcwSw0fGdjnt6B2nHckC2VsYKU1NwU7j0R1Omb4" + + "y5AvSgpuWjTXWnHnE9Ey0B+KP5ERZA+jJGiwYz48ynYlvQFSbBm4I6nh/DuI" + + "dWB2dLNxWuhdfzafBGtEHhLHzjW3WQwwRZsKesgHLrrj9hBUObodl1uvqvZN" + + "AjMOj8DrqbGOhAClj1t4S1Zk1ZekuMjsuoxEL+/lgtbT+056ES0k3A/LnpRb" + + "uxA1ZBr26Im+GVFzEcsV0hB4vNujSwStTTZH5jX5rMyi085yJfnikcLYUn9N" + + "apl+srhpIZlDJPw7IHaw8tsqXKDxF7MozIXo8B45CKv5Am+BMrIemCMX/ehu" + + "PODICl98Ur8tNAn1L+m0nj7H3c8HW2vNuBLEI3SEHHgm2Ij3IY5pyyeVUaWC" + + "pumhy8Ru5dj3fZcfKgYuJBQxWMf+UqPsf4iUK3923pouJ1cQ8XU8gOXIRrtX" + + "e41d/yR+UAZXSig6SITLw+wLtvitSvtxvjcUSUOI9CYTovKyuz1PQKiaLsV5" + + "4CoJhMQ5uRlVFS3H829I2d2gLRpSp6pNWeIZO2NMBxPYf2qcSHyHqQjR7xP2" + + "ZTg7U3OO6dZHORfXxzAnW2ExavBIYQmZh1gLn5jSS4wXFPXyvnJAsF4s5wed" + + "YHsyAqM/ek0n2Oo/zAh7UcP2vcb9FOoeRK8qC9HjTciS6WbjskRN0ft4T69G" + + "+1RsH8/edBxo2LZeA48BSCXDXOlBZJBsOptzYJD8HSZONPnef0jn23lk0fkU" + + "C3BjJu2ubFChctRvJniTko4klpidkHwuJgrTnL4er8rG3RfiiEHn/d5era15" + + "E1cekdVYWqwQOObOd4v+0gZSJgI48TBc5Qdy8F6wIU38DR2pn/5uNthNDgXk" + + "NcV9a2gOE3DoLe8CEIPMihqYMPY8NuSp97eHB2YhKpjP7qX9TUMoOdE2Iat2" + + "klNxadJt6JTFeiBPL6R9RHAD5sVBrkrl0S+oYtgF92f9WHVwAXU7zP6IgM4x" + + "hhzeJT07yyIp44mKd//F+7ntbgQjZ/iLbHh0mtOlUmzkFsDR0UNSXEQoourZ" + + "EY4A62HXj0DMqEQbik6QwEF7FKuwZX2opdOyVKH9MzJxNfDLd5dc8wAc8bCX" + + "jcCx5/GzHx2S5DndWQEVhp2hOQYuoJS3r6QCYFaHtDPKnFHS2PBFyFWL+2UK" + + "c0WsvVaHYqYKnksmxse9I9oU75kx5O05DZCThPX6h8J8MHRuxU9tcuuleIUQ" + + "XY8On+JeEtLSUZgp+Z7ITLuagf6yuKQpaR396MlDii/449/dvBiXAXeduyO1" + + "QzSkQCh37fdasqGL3mP0ssMcxM/qpOwQsx3gMtwiHQRi1oQE1QHb8qZHDE4m" + + "I5afQJ9O/H/m/EVlGUSn2yYOsPlZrWuI3BBZKoRzRq1lZOQDtOh18BE3tWmX" + + "viGIAxajam0i2Ce3h2U7vNwtiePRNEgPmQ7RwTTv0U6X8qqkjeYskiF4Cv9G" + + "nrB0WreC19ih5psEWLIkCYKTr+OhQuRrtv7RcyUi9QSneh7BjcvRjlGB6joA" + + "F6J4Y6ENAA/nzOZJ699VkljTi59bbNJYlONpQhOeRTu8M/wExkIJz7yR9DTY" + + "bY4/JdbdHNFf5DSDmYAHaFLmdnnfuRy+tC9CGGJvlcLVv5LMFJQGt2Wi15p8" + + "lctx7sL6yNCi7OakWbEOCvGPOxY7ejnvOjVK/Krx1T+dAXNUqrsDZmvmakOP" + + "We+P4Di1GqcyLVOTP8wNCkuAUoN0JFoBHy336/Xnae91KlY4DciPMpEOIpPN" + + "oB+3h6CozV7IWX5Wh3rhfC25nyGJshIBUS6cMXAsswQI8rOylMlGaekNcSU4" + + "gNKNDZAK5jNkS0Z/ziIrElSvMNTfYbnx3gCkY0pV18uadmchXihVT11Bt77O" + + "8KCKHycR39WYFIRO09wvGv6P42CRBFTdQbWFtkSwRiH8l6x39Z7pIkDFxokT" + + "Dp6Htkj3ywfQXNbFgRXZUXqgD1gZVFDFx920hcJnuu65CKz6pEL6X0XUwNPg" + + "vtraA2nj4wjVB/y+Cxc+1FgzeELB4CAmWO1OfRVLjYe7WEe/X5DPT6p8HBkB" + + "5mWuv+iQ3e37e1Lrsjt2frRYQWoOSP5Lv7c8tZiNfuIp07IYnJKBWZLTqNf9" + + "60uiY93ssE0gr3mfYOj+fSbbjy6NgAenT7NRZmFCjFwAfmapIV0hJoqnquaN" + + "jj5KKOP72hp+Zr9l8cEcvIhG/BbkY3kYbx3JJ9lnujBVr69PphHQTdw67CNB" + + "mDkH7y3bvZ+YaDY0vdKOJif9YwW2qoALXKgVBu1T2BONbCTIUTOzrKhWEvW8" + + "D6x03JsWrMMqOKeoyomf1iMt4dIOjp7yGl/lQ3iserzzLsAzR699W2+PWrAT" + + "5vLgklJPX/Fb3Tojbsc074lBq669WZe3xzlj85hFcBmoLPPyBE91BLhEwlGC" + + "+lWmwFOENLFGZE0mGoRN+KYxwqfA2N6H8TWoz6m0oPUW4uQvy9sGtYTSyQO9" + + "6ZwVNT3ndlFrP5p2atdEFVc5aO5FsK8/Fenwez06B2wv9cE9QTVpFrnJkKtF" + + "SaPCZkignj64XN7cHbk7Ys6nC3WIrTCcj1UOyp5ihuMS9eL9vosYADsmrR6M" + + "uqqeqHsf2+6U1sO1JBkDYtLzoaILTJoqg9/eH7cTA0T0mEfxVos9kAzk5nVN" + + "nVOKFrCGVIbOStpYlWP6wyykIKVkssfO6D42D5Im0zmgUwgNEkB+Vxvs8bEs" + + "l1wPuB2YPRDCEvwM3A5d5vTKhPtKMECIcDxpdwkD5RmLt+iaYN6oSFzyeeU0" + + "YvXBQzq8gfpqJu/lP8cFsjEJ0qCKdDHVTAAeWE6s5XpIzXt5cEWa5JK7Us+I" + + "VbSmri4z0sVwSpuopXmhLqLlNWLGXRDyTjZSGGJbguczXCq5XJ2E3E4WGYd6" + + "mUWhnP5H7gfW7ILOUN8HLbwOWon8A6xZlMQssL/1PaP3nL8ukvOqzbIBCZQY" + + "nrIYGowGKDU83zhO6IOgO8RIVQBJsdjXbN0FyV/sFCs5Sf5WyPlXw/dUAXIA" + + "cQiVKM3GiVeAg/q8f5nfrr8+OD4TGMVtUVYujfJocDEtdjxBuyFz3aUaKj0F" + + "r9DM3ozAxgWcEvl2CUqJLPHH+AWn5kM7bDyQ2sTIUf5M6hdeick09hwrmXRF" + + "NdIoUpn7rZORh0h2VX3XytLj2ERmvv/jPVC97VKU916n1QeMJLprjIsp7GsH" + + "KieC1RCKEfg4i9uHoIyHo/VgnKrnTOGX/ksj2ArMhviUJ0yjDDx5jo/k5wLn" + + "Rew2+bhiQdghRSriUMkubFh7TN901yl1kF2BBP5PHbpgfTP6R7qfl8ZEwzzO" + + "elHe7t7SvI7ff5LkwDvUXSEIrHPGajYvBNZsgro+4Sx5rmaE0QSXACG228OQ" + + "Qaju8qWqA2UaPhcHSPHO/u7ad/r8kHceu0dYnSFNe1p5v9Tjux0Yn6y1c+xf" + + "V1cu3plCwzW3Byw14PH9ATmi8KJpZQaJOqTxn+zD9TvOa93blK/9b5KDY1QM" + + "1s70+VOq0lEMI6Ch3QhFbXaslpgMUJLgvEa5fz3GhmD6+BRHkqjjwlLdwmyR" + + "qbr4v6o+vnJKucoUmzvDT8ZH9nH2WCtiiEtQaLNU2vsJ4kZvEy0CEajOrqUF" + + "d8qgEAHgh9it5oiyGBB2X/52notXWOi6OMKgWlxxKHPTJDvEVcQ4zZUverII" + + "4vYrveRXdiDodggfrafziDrA/0eEKWpcZj7fDBYjUBazwjrsn5VIWfwP2AUE" + + "wNn+xR81/so8Nl7EDBeoRXttyH7stbZYdRnkPK025CQug9RLzfhEAgjdgQYw" + + "uG+z0IuyctJW1Q1E8YSOpWEFcOK5okQkLFUfB63sO1M2LS0dDHzmdZriCfIE" + + "F+9aPMzojaHg3OQmZD7MiIjioV6w43bzVmtMRG22weZIYH/Sh3lDRZn13AS9" + + "YV6L7hbFtKKYrie79SldtYazYT8FTSNml/+Qv2TvYTjVwYwHpm7t479u+MLh" + + "LxMRVsVeJeSxjgufHmiLk7yYJajNyS2j9Kx/fmXmJbWZNcerrfLP+q+b594Y" + + "1TGWr8E6ZTh9I1gU2JR7WYl/hB2/eT6sgSYHTPyGSxTEvEHP242lmjkiHY94" + + "CfiTMDu281gIsnAskl05aeCBkj2M5S0BWCxy7bpVAVFf5nhf74EFIBOtHaJl" + + "/8psz1kGVF3TzgYHkZXpUjVX/mJX8FG0R8HN7g/xK73HSvqeamr4qVz3Kmm/" + + "kMtYRbZre7E1D10qh/ksNYnOkYBcG4P2JyjZ5q+8CQNungz2/b0Glg5LztNz" + + "hUgG27xDOUraJXjkkZl/GOh0eTqhfLHXC/TfyoEAQOPcA59MKqvroFC5Js0Q" + + "sTgqm2lWzaLNz+PEXpJHuSifHFXaYIkLUJs+8X5711+0M03y8iP4jZeEOrjI" + + "l9t3ZYbazwsI3hBIke2hGprw4m3ZmSvQ22g+N6+hnitnDALMsZThesjb6aJd" + + "XOwhjLkWRD4nQN594o6ZRrfv4bFEPTp4ev8l6diouKlXSFFnVqz7AZw3Pe53" + + "BvIsoh66zHBpZhauPV/s/uLb5x6Z8sU2OK6AoJ7b8R9V/AT7zvonBi/XQNw3" + + "nwkwGnTS9Mh7PFnGHLJWTKKlYXrSpNviR1vPxqHMO6b+Lki10d/YMY0vHQrY" + + "P6oSVkA6RIKsepHWo11+rV838+2NRrdedCe91foUmOs+eoWQnwmTy2CTZmQ5" + + "b7/TTcau9ewimZAqI+MtDWcmWoZfgibZmnIITGcduNOJDRn+aLt9dz+zr1qA" + + "HxlLXCOyBPdtfx6eo4Jon+fVte37i3HmxHk+8ZGMMSS9hJbLQEkA59b4E+7L" + + "GI3JZjvEkhizB4n/aFeG7KT7K3x072DMbHLZ7VgsXQ1VDDmcZmizFwgyNqKy" + + "hKCKxU+I2O10IMtiZUpEzV1Pw7hD5Kv/eFCsJFPXOJ2j3KP6qPtX5IYki1qH" + + "Juo5C5uGKtqNc6OzkXsvNUfBz5sJkEYl0WfitSSo4ARyshFUNh2hGxNxUVKM" + + "2opOcuHSxBgwUSmVprym50C305zdHulBXv3mLzGjvRstE9qfkQ8qVJYLQEkL" + + "1Yn7E92ex71YsC8JhNNMy0/YZwMkiFrqyaFd/LrblWpBbGumhe4reCJ4K3mk" + + "lFGEsICcMoe+zU1+QuLlz/bQ+UtvClHUe8hTyIjfY04Fwo2vbdSc1U/SHho5" + + "thQy+lOZ/HijzCmfWK3aTqYMdwCUTCsoxri2N8vyD/K2kbMLQWUfUlBQfDOK" + + "VrksBoSfcluNVaO56uEUw3enPhhJghfNlJnpr5gUcrAMES53DfkjNr0dCsfM" + + "JOY2ZfQEwwYey1c4W1MNNMoegSTg4aXzjVc0xDgKa7RGbtRmVNbOxIhUNAVi" + + "thQV3Qujoz1ehDt2GyLpjGjHSpQo3WlIU4OUqJaQfF6EH+3khFqUmp1LT7Iq" + + "zH3ydYsoCDjvdXSSEY3hLcZVijUJqoaNWBLb/LF8OG5qTjsM2gLgy2vgO/lM" + + "NsqkHnWTtDimoaRRjZBlYLhdzf6QlfLi7RPmmRriiAOM0nXmylF5xBPHQLoz" + + "LO9lXYIfNbVJVqQsV43z52MvEQCqPNpGqjB+Au/PZalYHbosiVOQLgTB9hTI" + + "sGutSXXeLnf5rftCFvWyL3n5DgURzDFLibrbyVGGKAk166bK1RyVP9XZJonr" + + "hPYELk4KawCysJJSmC0E8sSsuXpfd6PPDru6nCV1EdXKR7DybS7NVHCktiPR" + + "4B4y8O/AgfJX8sb6LuxmjaINtUKEJ1+O88Gb69uy6b/Kpu2ri/SUBaNNw4Sn" + + "/tuaD+jxroL7RlZmt9ME/saNKn9OmLuggd6IUKAL4Ifsx9i7+JKcYuP8Cjdf" + + "Rx6U6H4qkEwwYGXnZYqF3jxplyOfqA2Vpvp4rnf8mST6dRLKk49IhKGTzwZr" + + "4za/RZhyl6lyoRAFDrVs1b+tj6RYZk0QnK3dLiN1MFYojLyz5Uvi5KlSyFw9" + + "trsvXyfyWdyRmJqo1fT7OUe0ImJW2RN3v/qs1k+EXizgb7DW4Rc2goDsCGrZ" + + "ZdMwuAdpRnyg9WNtmWwp4XXeb66u3hJHr4RwMd5oyKFB1GsmzZF7aOhSIb2B" + + "t3coNXo/Y+WpEj9fD7/snq7I1lS2+3Jrnna1048O7N4b5S4b5TtEcCBILP1C" + + "SRvaHyZhBtJpoH6UyimKfabXi08ksrcHmbs1+HRvn+3pl0bHcdeBIQS/wjk1" + + "TVEDtaP+K9zkJxaExtoa45QvqowxtcKtMftNoznF45LvwriXEDV9jCXvKMcO" + + "nxG5aQ//fbnn4j4q1wsKXxn61wuLUW5Nrg9fIhX7nTNAAooETO7bMUeOWjig" + + "2S1nscmtwaV+Sumyz/XUhvWynwE0AXveLrA8Gxfx"); + + private static byte[] derExpTest = Base64.decode( + "MIIS6AYJKoZIhvcNAQcDoIIS2TCCEtUCAQAxggG1MIIBsQIBADCBmDCBkDEL" + + "MAkGA1UEBhMCVVMxETAPBgNVBAgTCE1pY2hpZ2FuMQ0wCwYDVQQHEwRUcm95" + + "MQwwCgYDVQQKEwNFRFMxGTAXBgNVBAsTEEVMSVQgRW5naW5lZXJpbmcxJDAi" + + "BgkqhkiG9w0BCQEWFUVsaXQuU2VydmljZXNAZWRzLmNvbTEQMA4GA1UEAxMH" + + "RURTRUxJVAIDD6FBMA0GCSqGSIb3DQEBAQUABIIBAGsRYK/jP1YujirddAMl" + + "ATysfLCwd0eZhENohVqLiMleH25Dnwf+tBaH4a9hyW+7VrWw/LC6ILPVbKpo" + + "oLBAOical40cw6C3zulajc4gM3AlE2KEeAWtI+bgPMXhumqiWDb4byX/APYk" + + "53Gk7WXF6Xs4hj3tmrHSJxCUOsTdHKUJYvOqjwKGARPQDjP0EUbVJezeAwBA" + + "RMlJ/qBVLBj2UW28n5oJZm3oaSaU93Uc6GPVIk43IWrmEUcWVPiMfUtUCwcX" + + "tRNtHuQ9os++rmdNBiuB5p+vtUeA45KWnTUtkwJXvrzE6Sf9AUH/p8uOvvZJ" + + "3yt9LhPxcZukGIVvcQnBxLswghEVBgkqhkiG9w0BBwEwFAYIKoZIhvcNAwcE" + + "CGObmTycubs2gIIQ8AKUC8ciGPxa3sFJ1EPeX/nRwYGNAarlpVnG+07NITL2" + + "pUzqZSgsYh5JiKd8TptQBZNdebzNmCvjrVv5s9PaescGcypL7FNVPEubh0w/" + + "8h9rTACqUpF5yRgfcgpAGeK29F1hyZ1WaIH43avUCaDnrZcOKB7wc1ats1aQ" + + "TSDLImyFn4KjSo5k0Ec/xSoWnfg391vebp8eOsyHZhFMffFtKQMaayZNHJ7Q" + + "BzG3r/ysUbkgI5x+0bX0QfZjEIs7yuV5Wt8DxMTueCm3RQ+HkR4lNdTBkM4V" + + "qozCqC1SjcAF5YHB0WFkGouEPGgTlmyvLqR2xerEXVZn9YwSnT48kOde3oGt" + + "EAYyg0yHbNbL0sp6LDM7upRmrgWwxf0BR6lP4wyWdv/XSLatEB7twSNiPBJ4" + + "PJ+QagK08yQJ84UB7YpMTudKsaUs7zW76eA7KkW3TndfDYGdhbmZ5wxNl+5x" + + "yPZc/jcQHW7vplMfWglUVxnzibNW12th0QXSB57Mzk8v1Rvc/HLGvAOJZG/S" + + "N12FZOxbUrMIHGi3kXsmfWznVyq92X4P9tuDDD7sxkSGsyUAm/UJIZ3KsXhV" + + "QeaRHVTVDxtJtnbYxBupy1FDBO6AhVrp16Blvnip9cPn/aLfxDoFHzmsZmEg" + + "IcOFqpT1fW+KN6i/JxLD3mn3gKzzdL1/8F36A2GxhCbefQFp0MfIovlnMLFv" + + "mrINwMP8a9VnP8gIV5oW5CxmmMUPHuGkXrfg+69iVACaC2sTq6KGebhtg9OC" + + "8vZhmu7+Eescst694pYa3b8Sbr5bTFXV68mMMjuRnhvF2NZgF+O0jzU+sFps" + + "o7s1rUloCBk1clJUJ/r+j9vbhVahCeJQw62JAqjZu4R1JYAzON3S7jWU5zJ7" + + "pWYPSAQkLYUz3FmRRS2Yv65mXDNHqR9vqkHTIphwA9CLMKC2rIONxSVB57q1" + + "Npa/TFkVdXnw+cmYjyFWiWeDP7Mw0Kwy7tO008UrBY0rKQU466RI5ezDqYPc" + + "Lm73dUH2EjUYmKUi8zCtXpzgfTYVa/DmkbVUL9ThHMVRq1OpT2nctE7kpXZk" + + "OsZjEZHZX4MCrSOlc10ZW7MJIRreWMs70n7JX7MISU+8fK6JKOuaQNG8XcQp" + + "5IrCTIH8vmN2rVt4UT8zgm640FtO3jWUxScvxCtUJJ49hGCwK+HwDDpO6fLw" + + "LFuybey+6hnAbtaDyqgsgDh2KN8GSkQT9wixqwQPWsMQ4h0xQixf4IMdFOjP" + + "ciwp3ul8KAp/q70i0xldWGqcDjUasx6WHKc++rFjVJjoVvijKgEhlod5wJIw" + + "BqQVMKRsXle07NS1MOB+CRTVW6mwBEhDDERL+ym2GT2Q4uSDzoolmLq2y5vL" + + "+RfDHuh3W0UeC3Q5D2bJclgMsVjgfQUN19iD+lPFp2xvLTaNWi5fYDn4uuJL" + + "lgVDXIMmM8I+Z2hlTXTM1Pldz2/UFe3QXTbYnjP6kfd7Bo2Webhhgs/YmSR2" + + "XPuA42tWNAAjlK77lETWodxi3UC7XELjZ9xoGPRbxjOklXXvev9v5Vo+vcmN" + + "0KrLXhLdkyHRSm81SRsWoadCTSyT8ibv66P00GOt+OlIUOt0YKSUkULQfPvC" + + "EgMpeTm1/9l8n9bJ6td5fpJFDqLDm+FpJX6T2sWevV/Tyt6aoDPuET5iHBHW" + + "PoHxKl8YPRHBf+nRWoh45QMGQWNSrJRDlO8oYOhdznh4wxLn3DXEfDr0Z7Kd" + + "gEg6xr1XCobBn6Gi7wWXp5FDTaRF41t7fH8VxPwwDa8Yfu3vsgB6q426kjAj" + + "Q77wx1QFIg8gOYopTOgqze1i4h1U8ehP9btznDD6OR8+hPsVKoXYGp8Ukkc7" + + "JBA0o8l9O2DSGh0StsD94UhdYzn+ri7ozkXFy2SHFT2/saC34NHLoIF0v/aw" + + "L9G506Dtz6xXOACZ4brCG+NNnPLIcGblXIrYTy4+sm0KSdsl6BGzYh9uc8tu" + + "tfCh+iDuhT0n+nfnvdCmPwonONFb53Is1+dz5sisILfjB7OPRW4ngyfjgfHm" + + "oxxHDC/N01uoJIdmQRIisLi2nLhG+si8+Puz0SyPaB820VuV2mp77Y2osTAB" + + "0hTDv/sU0DQjqcuepYPUMvMs3SlkEmaEzNSiu7xOOBQYB8FoK4PeOXDIW6n2" + + "0hv6iS17hcZ+8GdhwC4x2Swkxt99ikRM0AxWrh1lCk5BagVN5xG79c/ZQ1M7" + + "a0k3WTzYF1Y4d6QPNOYeOBP9+G7/a2o3hGXDRRXnFpO7gQtlXy9A15RfvsWH" + + "O+UuFsOTtuiiZk1qRgWW5nkSCPCl2rP1Z7bwr3VD7o6VYhNCSdjuFfxwgNbW" + + "x8t35dBn6xLkc6QcBs2SZaRxvPTSAfjON++Ke0iK5w3mec0Br4QSNB1B0Aza" + + "w3t3AleqPyJC6IP1OQl5bi+PA+h3YZthwQmcwgXgW9bWxNDqUjUPZfsnNNDX" + + "MU9ANDLjITxvwr3F3ZSfJyeeDdbhr3EJUTtnzzWC6157EL9dt0jdPO35V0w4" + + "iUyZIW1FcYlCJp6t6Sy9n3TmxeLbq2xML4hncJBClaDMOp2QfabJ0XEYrD8F" + + "jq+aDM0NEUHng+Gt9WNqnjc8GzNlhxTNm3eQ6gyM/9Ip154GhH6c9hsmkMy5" + + "DlMjGFpFnsSTNFka2+DOzumWUiXLGbe4M3RePl1N4MLwXrkR2llguQynyoqF" + + "Ptat2Ky5yW2q9+IQHY49NJTlsCpunE5HFkAK9rY/4lM4/Q7hVunP6U4a0Kbu" + + "beFuOQMKQlBZvcplnYBefXD79uarY/q7ui6nFHlqND5mlXMknMrsQk3papfp" + + "OpMS4T07rCTLek0ODtb5KsHdIF76NZXevko4+d/xbv7HLCUYd8xuOuqf+y4I" + + "VJiT1FmYtZd9w+ubfHrOfHxY+SBtN6fs02WAccZqBXUYzZEijRbN2YUv1OnG" + + "rfYe4EcfOu/Sa+wLbB7msYpLfvUfEO3iseKf4LXZkgtF5P610PBZR8edeSgr" + + "YZW+J0K78PRAl5nEi1mvzBxi9DyNf6iQ9mWLyyCmr9p9HGE+aCMKVCn9jfZH" + + "WeBDAJNYDcUh5NEckqJtbEc2S1FJM7yZBWLQUt3NCQvj+nvQT45osZ3BJvFg" + + "IcGJ0CysoblVz4fCLybrYxby9HP89WMLHqdqsIeVX8IJ3x84SqLPuzrqf9FT" + + "ZVYLo0F2oBjAzjT7obt9+NJc/psOMCg+OGQkAfwj3VNvaqkkQsVxSiozgxrC" + + "7KaTXuAL6eKKspman96kz4QVk9P0usUPii+LFnW4XYc0RNfgJVO6BgJT7pLX" + + "NWwv/izMIMNAqSiWfzHHRVkhq4f1TMSF91auXOSICpJb3QQ4XFh52Mgl8+zs" + + "fobsb0geyb49WqFrZhUu+X+8LfQztppGmiUpFL+8EW0aPHbfaf4y9J1/Wthy" + + "c28Yqu62j/ljXq4Qa21uaEkoxzH1wPKCoKM9TXJtZJ39Yl9cf119Qy4M6QsB" + + "6oMXExlMjqIMCCWaLXLRiqbc2Y7rZHgEr08msibdoYHbSkEl8U+Kii2p6Vdx" + + "zyiEIz4CadrFbrAzxmrR/+3u8JuBdq0K3KNR0WWx73BU+G0rgBX56GnP7Ixy" + + "fuvkRb4YfJUF4PkDa50BGVhybPrIhoFteT6bSh6LQtBm9c4Kop8Svx3ZbqOT" + + "kgQDa0n+O0iR7x3fvNZ0Wz4YJrKGnVOPCqJSlSsnX6v2JScmaNdrSwkMTnUf" + + "F9450Hasd88+skC4jVAv3WAB03Gz1MtiGDhdUKFnHnU9HeHUnh38peCFEfnK" + + "WihakVQNfc72YoFVZHeJI5fJAW8P7xGTZ95ysyirtirxt2zkRVJa5p7semOw" + + "bL/lBC1bp4J6xHF/NHY8NQjvuhqkDyNlh3dRpIBVBu6Z04hRhLFW6IBxcCCv" + + "pjfoxJoox9yxKQKpr3J6MiZKBlndZRbSogO/wYwFeh7HhUzMNM1xIy3jWVVC" + + "CrzWp+Q1uxnL74SwrMP/EcZh+jZO4CYWk6guUMhTo1kbW03BZfyAqbPM+X+e" + + "ZqMZljydH8AWgl0MZd2IAfajDxI03/6XZSgzq24n+J7wKMYWS3WzB98OIwr+" + + "oKoQ7aKwaaT/KtR8ggUVYsCLs4ScFY24MnjUvMm+gQcVyeX74UlqR30Aipnf" + + "qzDRVcAUMMNcs0fuqePcrZ/yxPo+P135YClPDo9J8bwNpioUY8g+BQxjEQTj" + + "py3i2rAoX+Z5fcGjnZQVPMog0niIvLPRJ1Xl7yzPW0SevhlnMo6uDYDjWgQ2" + + "TLeTehRCiSd3z7ZunYR3kvJIw1Kzo4YjdO3l3WNf3RQvxPmJcSKzeqKVxWxU" + + "QBMIC/dIzmRDcY787qjAlKDZOdDp7qBKIqnfodWolxBA0KhvE61eYabZqUCT" + + "G2HJaQE1SvOdL9KM4ORFlxE3/dqv8ttBJ6N1qKk423CJjajZHYTwf1dCfj8T" + + "VAE/A3INTc6vg02tfkig+7ebmbeXJRH93KveEo2Wi1xQDsWNA+3DVzsMyTqV" + + "+AgfSjjwKouXAznhpgNc5QjmD2I6RyTf+hngftve18ZmVhtlW5+K6qi62M7o" + + "aM83KweH1QgCS12/p2tMEAfz//pPbod2NrFDxnmozhp2ZnD04wC+6HGz6bX/" + + "h8x2PDaXrpuqnZREFEYzUDKQqxdglXj5oE/chBR8+eBfYSS4JW3TBkW6RfwM" + + "KOBBOOv8pe3Sfq/bg7OLq5bn0jKwulqP50bysZJNlQUG/KqJagKRx60fnTqB" + + "7gZRebvtqgn3JQU3fRCm8ikmGz9XHruoPlrUQJitWIt4AWFxjyl3oj+suLJn" + + "7sK62KwsqAztLV7ztoC9dxldJF34ykok1XQ2cMT+uSrD6ghYZrmrG5QDkiKW" + + "tOQCUvVh/CorZNlON2rt67UvueMoW+ua25K4pLKDW316c2hGZRf/jmCpRSdb" + + "Xr3RDaRFIK6JpmEiFMMOEnk9yf4rChnS6MHrun7vPkf82w6Q0VxoR8NRdFyW" + + "3mETtm2mmG5zPFMMD8uM0BYJ/mlJ2zUcD4P3hWZ8NRiU5y1kazvrC6v7NijV" + + "o459AKOasZUj1rDMlXDLPloTHT2ViURHh/8GKqFHi2PDhIjPYUlLR5IrPRAl" + + "3m6DLZ7/tvZ1hHEu9lUMMcjrt7EJ3ujS/RRkuxhrM9BFlwzpa2VK8eckuCHm" + + "j89UH5Nn7TvH964K67hp3TeV5DKV6WTJmtIoZKCxSi6FFzMlky73gHZM4Vur" + + "eccwycFHu+8o+tQqbIAVXaJvdDstHpluUCMtb2SzVmI0bxABXp5XrkOOCg8g" + + "EDZz1I7rKLFcyERSifhsnXaC5E99BY0DJ/7v668ZR3bE5cU7Pmo/YmJctK3n" + + "m8cThrYDXJNbUi0c5vrAs36ZQECn7BY/bdDDk2NPgi36UfePI8XsbezcyrUR" + + "ZZwT+uQ5LOB931NjD5GOMEb96cjmECONcRjB0uD7DoTiVeS3QoWmf7Yz4g0p" + + "v9894YWQgOl+CvmTERO4dxd7X5wJsM3Y0acGPwneDF+HtQrIpJlslm2DivEv" + + "sikc6DtAQrnVRSNDr67HPPeIpgzThbxH3bm5UjvnP/zcGV1W8Nzk/OBQWi0l" + + "fQM9DccS6P/DW3XPSD1+fDtUK5dfH8DFf8wwgnxeVwi/1hCBq9+33XPwiVpz" + + "489DnjGhHqq7BdHjTIqAZvNm8UPQfXRpeexbkFZx1mJvS7so54Cs58/hHgQN" + + "GHJh4AUCLEt0v7Hc3CMy38ovLr3Q8eZsyNGKO5GvGNa7EffGjzOKxgqtMwT2" + + "yv8TOTFCWnZEUTtVA9+2CpwfmuEjD2UQ4vxoM+o="); + + byte[] longTagged = Hex.decode("9f1f023330"); + + public void testClassCast() + throws IOException + { + parseEnveloped(classCastTest); + } + + public void testDerExp() + throws IOException + { + parseEnveloped(derExpTest); + } + + public void testLongTag() + throws IOException + { + ASN1StreamParser aIn = new ASN1StreamParser(longTagged); + + ASN1TaggedObjectParser tagged = (ASN1TaggedObjectParser)aIn.readObject(); + + assertEquals(31, tagged.getTagNo()); + } + + private void parseEnveloped(byte[] data) throws IOException + { + ASN1StreamParser aIn = new ASN1StreamParser(data); + + ContentInfoParser cP = new ContentInfoParser((ASN1SequenceParser)aIn.readObject()); + + EnvelopedDataParser eP = new EnvelopedDataParser((ASN1SequenceParser)cP.getContent(BERTags.SEQUENCE)); + + eP.getRecipientInfos().toASN1Primitive(); // Must drain the parser! + + EncryptedContentInfoParser ecP = eP.getEncryptedContentInfo(); + + ASN1OctetStringParser content = (ASN1OctetStringParser)ecP.getEncryptedContent(BERTags.OCTET_STRING); + + Streams.drain(content.getOctetStream()); + } +} diff --git a/bcprov/src/main/java/org/bouncycastle/asn1/test/ParsingTest.java b/bcprov/src/main/java/org/bouncycastle/asn1/test/ParsingTest.java new file mode 100644 index 00000000..c5a33532 --- /dev/null +++ b/bcprov/src/main/java/org/bouncycastle/asn1/test/ParsingTest.java @@ -0,0 +1,99 @@ +package org.bouncycastle.asn1.test; + +import java.io.IOException; + +import org.bouncycastle.asn1.ASN1InputStream; +import org.bouncycastle.asn1.ASN1StreamParser; +import org.bouncycastle.util.encoders.Base64; +import org.bouncycastle.util.test.SimpleTest; + +public class ParsingTest + extends SimpleTest +{ + String[] streams = { + "oRNphCO0F+jcMQKC1uMO8qFBPikDDYmtfVGeB45xvbfj1qu696YGjdW2igRnePYM/KkQtADG7gMHIhqBRcl7dBtkejNeolOklPNA3NgsACTiVN9JFUsYq0a5842+TU+U2/6Kt/D0kvz0WmwWFRPHWEWVM9PYOWabGsh28Iucc6s7eEqmr8NEzWUx/jM3dmjpFYVpSpxt2KbbT+yUO0EqFQyy8hQ7JvKRgv1AoWQfPjMsfjkKgxnA8DjenmwXaZnDaKEvQIKQl46L1Yyu3boN082SQliSJMJVgNuNNLFIt5QSUdG1ant5O6f9Yr0niAkAoqGzmqz+LZE1S7RrGHWiQ3DowE9NzviBuaAoI4WdCn1ClMwb9fdEmBMU4C7DJSgs3qaJzPUuaAT9vU3GhZqZ0wcTV5DHxSRzGLqg9JEJRi4qyeuG3Qkg3YBtathl+FiLJ7mVoO3dFIccRuuqp2MpMhfuP1DxHLNLNiUZEhLMQ0CLTGabUISBuyQudVFlKBZIpcLD0k7fKpMPuywrYiDrTinMc2ZP3fOGevoR5fnZ6kZAE5oMTtMNokzBuctGqVapblXNrVMLYbriT538oYz5", + "KEKVhHxtyUR9D3v5K4IJbVQLAMiVKoK9z7wFWUjzvLFNLg9C/r8zKfBa3YgZrt0Nq64+MxBePMbiNLCnfditc2qUcQZUHnvNnhwT6uGK37JmXg7MvQiKwvi31EIYt6ghqBZVs1iaqc0ep7wuQ16uwSQMlaDdXc9Qf1L0dGO/6eLyREz+p4UR4NOXK+GooQLfMxYL40zJlYcwNyR0rigvIr84WP2IMS2hZjqXtyS6HMM4yUv70hkIorjr7+JC4GtU1MyWuPuNSAGen0AZTaEEXd5sMbqXMqWg3jeM4mzRH1Kb3WdAChO5vMJZPBj9jZZKgXzmxkUh5GlIhUdYgztoNceBzQ3PIc7slCDUw9I2PjB87xsfy7jA5tFtFADs2EUyxUTMCuhilP664jSHgwbrr80k9Xc4sU+MCwCq2nQmcZYcPgKb4M31VJMlKwnZF3JUU2Jtqgg4gbErw58YoBwSkEcMJ2Juhiyx9U36MzxHs9OcTURfpsilMy+mDL8arCDx1knM1KkAHCLjWuJI+p1PvuIypgCwVc+MtGfd7wW8iR1JPJLBiuoZyNJ+xx9htd/HVB+rLtB57H8Gz8W+R00f", + "Ol9I/rXMwbLpxTY97v70B+HCl2+cojz2574x/cC56A7KGVF13La8RdzOOvSkl338ct9T/blEFa6QwNz3GmF+MoPdH9lncwz+tqixIqGU02Bp5swH0qjbp/Yjaeq91eR6B+9fl+KKrpglBr8S1BrI4Ey5v3AxxJdCWP8Gd+6Sp15/HMYanwlHBpCsW4+Kq8sGJoJXUXpQ/GBUJKs+WjX1zE6PsvF7/B8cByuqE3NJt7x4Oa+qZtF8qNc0CFDNj31Yhdt7JkAoD30IAd+ue9OhImQMCWwFwySRIRJXU3865K2dBR+VhLuI2aKzLh7MlgVKJk6b2P/ZIkc86ksR1sOUiHrs9EdoYuIssAgMc8QGzn4VN8lxopdzQYVG6pbXGS/VQlHkGdyLd+OHt4srz/NTUWiOquVTRxa6GgtlBFfIXikPTb+iT2pZKyKUlBvpgo0BY9vVUadsteHAI5qrFZBrL5ecK/Qtl9hf/M8qEjyjt2aCXe9B96Hg2QR5A53qW2PJW5VzS0AeB3g+zJSPCTpygrBs20q5Xrna0ux2l17r6HT9Q/AXIOkwPZUXXn0d02igS4D6Hxrg3Fhdp+OTXL8G", + "o3eXWpwAGmUkxHEKm/pGkDb1ZQQctCQ06lltZjeMXDp9AkowmA0KXjPQCQwyWE/nqEvk2g/58AxNU0TWSujo5uU0h4/hdMZ7Mrj33NSskWvDpKe7lE5tUjPi74Rmc5RRS+1T/EQobpNxoic3+tTO7NBbZfJtcUYeZ3jqxL+3YQL3PrGe/Zpno9TnQW8mWbbhKhDRtKY4p3Pgk9hPSpJCM9xYo3EMAOAIiH2P6RKH6uX/gSaUY2b6DE/TT0V6v/jdSmYM4+cnYiTyJCi5txI35jfCqIlVCXJd7klirvUMg9SXBhGR25AgQ5Z8yjd7lbB8FvD8JQAXZrp6xiHxbLIW7G11fWEo7RGLFtALI6H38Ud0vKjsEN7N5AibJcxS2A/CWk9R00sTHRBHFUP8o5mz8nE7FeCiwJPs/+tCt04nGb9wxBFMsmWcPEDfIzphCaO6U/D/tQHlA846gbKoikv/6LI0ussSR/i85XBclNcvzTctxylSbCR02lZ+go6fe5rmMouiel/0Tndz8t1YpQGilVeOQ3mqAFyAJk3dgfTNKZuOhNzVIZ5GWScKQ5ZtNcWrg6siR+6YwKvLiRb/TJZk", + "PwRUnW4yU8PI7ggbI1BIO9fcTup8optkqCirodyHCiqsPOMZ4g28bJ2+kpfQRujWGlKFYQzA1ZT32s9hdci+fvXPX0KAjcUgcxsGzMABFbEm04BwDF2WLgg9s4/x71r5JrgME1S08I3mCo4N0eFHWDeLJL1b5YNNo6tfO5V2WpIE867N9zdAgvp1gijVjUNWqEB3A/NLb3reLMu2hYgqRFTCVBfcFclD46k0XEfUJqwWdQhOz92WNl/3g53bjKX1hDZgjLIzK6m+SU6+J/h4NidrS7E0gOBevZW8gRYdKMVqNWxzUfxv6kgG+kIeF9JqMcO6jdh/Zu/0tpZoHFeCweZ1jT1eEtltFu1FcTTPc1UT0pT+ZNVgefrBONoGnvn8+dBjPese6F2TmRCExJq9taKlIh/kHdkbpaa7vwrBpYRgVGfARPyM9SSCaE7pVBDuwkFeYiGU4tamm5Gq10ojRQgetJ3UOg/PGTJcxo97GBiG5zAST9NdHdgK3eI4FAbWpGwmWxNpPWOst0a7zuGKAzYU+1IQh8XA3IgJ2vy3+w0JihU6G+12LUzsL2aQtpG7d1PqLhwOqHq3Qqv3SDsB", + "ZIAKizvGzbvqvqOlxOeVgHGHV9TfKNjjqyzbCj8tggv2yp7kkq1D3yRlC349tuul3zN9g4u83Ctio9Gg3HiLzMULxoOImF/hKRDhJpPLbLm0jSq1fyF+N7/YvyLeFhGoPhYEBUihDcxo1NIcWy66aBt3EuOlTyDQWrDe0Za3mrTrrl10uLHVKcQMgeD+UMgjQqmHzQJR8wdNjHPKHWVvZEdiwI031nV2giHJHXv08Jvf4vmw4dAlH2drCl6cBgg33jy7ohK8IiXz6eCw6iY9Ri8YaMzxOhgE2BOHzEz5ZC2hilL4xO/ambTER4bhb4+9VTUIehHP18FcXm8TKPQRMqyKP2fMlzWW3/uelYfPP5SHlyLAULa1KjDCkLIDunEKZDpv2ljGB6JPrTlNwFsvlZcihfOAwjbr2jW3MwP704OA8xzd/dynBU47unIZEu0LAvQ3TUz3PLga0GGO1LZGtg0Foo9zFG2wuVCdgYHmozOQ+8I3gRguW1CjGy7ZCTBuN1GZ510ERhae+bRQtldHsLeiHTghnkU1xEX1+W0iEf3csDYrgpuq3NaBYRGirovDiPBYFHmru0AMclhFnpcX", + "uG0wQ55kMlfZtJFAqTl0bnYW/oy9NFOi0e4FqAYwsvMxGO4JtGzXgkVwEUAC0AUDItRUjxBl+TkoPTYaprgn0M/NQvKPpXJ+yzI7Ssi+F2alLR0T6eF/4rQ32AVjnANJaghXZm0ZKduckbhSxk5lilJVJRuzXKchZRtlPluvlj448bq+iThktsEQoNP8NMpi7n/EVxovp+dow4Q6t7msSRP4cGXtyYoWKbf/7e5XzBKOZZ1/f3s86uJke4dcKIaljpJfBrtuFxZC6NYXzX6PkoDoBgqQ8RBrxsX54S9cBDAPxxmkq8zviAOW3oqPMULGGmQzHBiRwE8oeDFoMnzF5aR/lkbNuTLOxhbIkosgLWlDNVEFYx9bVhdLzO7VwaAK829dimlPOo5loKB7Pd2G7ekRKXwu7wNvJBq8KRkhtLKbKoS8D6TaRWUMb9VBJ1CMy4mrw+YwTmAKURQ6Dko9J/RgzRg5Y/sUlwdMYS9HOnvKiTVu5I/ha35wwkhIPVm+FCn05tstntZaXXXu4xExHeugAKNBhkcc/SQt+GFdxXDd+R4C2LfKxGDSyZKVTFYojHTdZUo8Gx6SZLY6b2SZ", + "sH0kIwIq1THAfTLfqUKJfG1YauCQKPc9/mk3l39yK6zgxSpCH2IjZIwhhJtGm3F+8PTneT725OuyR617nxqrgqMGkkZkyY4DA5CjsikpBo5mo8TspX1g+vtXXtxymJMTMo8JwX3nSH4gSb3vPia+gwOW2TcJmxVdp3ITPA4gJpMfqoMBqRM+eDWO6QXW5ijVL4+wnp40u5bU4fQLVzpg25+QGLqBHD6PZTQaN6F9Vy5XpsAGDlncCklVuX3Lkp3Xb9cTiNa/4ii04uwZqx0juszjwFAMPPb6u56crvN1x4FXfXzabWECHbdQLlKazowvU9bEnqG2i4H44Ae+v8Iw8HK5mbZ6ercLTD9oPgs7Ogal037l2WwLApUz/fmD5fV8SxHh+vKDpfOzv6xcQxynS82jAJw9AdUwE/4ndGzzHPIu2M81gbAgZQ02EurMMU62hYgiXeridrtyh+H5R+CiwQdEyX7/op6WVihsYj2O3O/1hgjhGQRFD6sGwnko50jgWRxaMMfJGNlyGoT8WT5k931jU7547u7Ovr7XP/t8r3G7ceCiCcYjQgdwXdvIStzPvvV7Yy02isZjiJF8TLJQ", + "tycxf1mOz1yLE6cT/ZlCxMeTxlEEHFeIdw0+nF/40Tsw4vLco+4kR2A6cVml611CSpN6l/RMKk2LnAkprrbJ/Uam902WBnQ+I6Vsl6GkFFq7362bdixojqMFVKYytXLCT8I78f6s8M6a3jSALQloD6Ftvn+cc+cctO3weaaaPgAlrz+f2MFs8bqpnLQYbbY/JS9IAYJFH+yVtLz7eKcedEp9JMlJ3/43szU2fDN9ZMxBoQnxEmF3WZv6GF0WRc8VhTblXRgk4mlz6Fu3IXvwW/rbn+VCYYIk/XaVLrxFAnnw6mBozAF7vmV0OrIYBlSDU8rMb+F7AvE7pwErO9TJtCE8IUvQf8TsJYRoYv21/X57pzcBedtqVeU3DnTlmESHxG6H1uJbadSFLWSxKS4svfp8T9FWqX5815yD/UplAKEIeorLTAlPIC2ASKDU6SQW260biNAfY8FYQCWa8btaTwFuY8NMwSHzyqgU0aoPKnagi/4hOIWNO5rZ8Xcnzx+ELtEl33hQnzc4OUlT5eeVYQWkz2IWVQ6Re4JWF3L4OXzNZWgefKGMzZU6IHoBeCgfi+popLRJpaOx0dcvwGjk", + "oDsoFvUA+sGOoMyZY6w1UhY3NBkeoozzjEkDSRN1golyXJ1dC5CtYNEjvAJYKj+sqNwg9mBlYyybYpnI3GSP125zMeBHPCoy5CoNOkJW4OH/oLyjVeQbFNic/b2Jcz6lTguYhep8hq9EM2XuFV8T1rm5+4ucI7fH1UiOqRZyuHBAJ0Cna5kv6D3efsa9rd+swybiMIUjmPWpyxzNOOihCYuf4JqRh/D5eZKm6x0Zj2uRhTAYYxI7Q3czd0R9490ufG8VbF8ASBMireMONNNAA/OZCpxJh6xnIANBqV6YDeysws3NBWY2QuNumvg5Kr3/g+VMzJHi4wGuJjraKWi9+ylMfelHF5h/h+pAQVxCotq8JU3OTnMUW4rQp2a8BR5S+mZqPSPlb87tDG9r0+yqb1uO4UIo71C7Xxwoq4M0tXjk6mSmtP/sm+Lh14qfUzKRhTHVdz91TK104mbTJNXbK+jGPD/2BJO9fiaXY8IYanpfDLBfJo06VYbm6HehRZTwnDHnN50j7ki4aMS3COZvffjRInXD8dS5h9zmtKNpoqg//lPg4gpS+4Th2sJ3SGtBV0Ne89r7AfZMAVa26PMK", + "MIDLuZTrtZnEBOB6l14iSEyokAg5Wf5JviumhfPeL7WSFTHfOodU2hrvhyvM6oAlRHY1blTj7mw+Tcf9Tmc+/FHT6PGu0NT5UAqaqChX0gS9jizgAE2Yfhd4X/DoeQySMAixKuhu8TbvDxb54jeW9+7LVkmlntJ/0SkMgsT+WQ31OfpwDmEGDczYc+Ol14aJS+EW+rnGv9d38bo/cy+EnpNh8iV2rGGoC8fDzFHKU4gqGFSZF/tnD2OfCne0Vjr/GD6kyp2MVcHig19DBg2toGRkHnuY5kLkwOanztXA80IaAmv8e6s62U8CE8ozUZeDBcvBigEkSGx79Vsyiks8+9Kq9xLHLeS5kRT6zSl8whe8U1fIfrgic34KPlozcQVahwCru1XWyQ+9uevih8x4zMftkJ3JBZhPrnlgtx9McntH/Ss9fdUEkNwWpDnq8Xby8/5gMMMwQ13XDB73vqqteDiltMq8i7LRez4iIHfSBBfIkZIzMZAblQXaSm029iBcAAUes7wcGHUl7KOpRy18jNtI3+h7e1Ri6sT2vJYQaove0nzZ5xAjpBKnbJX+lpGVlI00fC2YSTfyNqFA0jkL", + "MG4QbKLbQR3enPn6Z/kEUtHrzWBIqYKR7Gvs5QHLPF6417p1O58suZq38Bb8dO5udtgOqNEVAPGmOuidYygWWfWOP5ReggTUk5XlrkvRxCU0MHWbkSKkJ+T4nLjozreqTJ0io41sFVrpxuOugAvXJ6QtMmixSABUaNgU9SkkWf9pOEiJI8dfND51HxJCbXHwsMCMBp5FbaMZmlWPwirRdAox4wbLk9ZLmoWUcorUjdaWhKvT/LnjMgPmwnwwKpN/4MOnRDdAPdzXX3aWHdkzpfsQnqt3UJsTsSaJlzeUja5C5L4CXGyt99qmfcwB8OB9TL4EYTIl3maD/gUWBfckOsji8x2E2c2iuKKrcmMmcChYr4wCjtTjEeVKOAZ2m9mU2MKc2z2hDw3AuZxsY6aOtdAjnrwl5QXGRg9I5LVl5SI5RwnLwk90pJzDGuSSCtSmzh9DUZ4WpfN+1393aTGRqCMOsB4KxbXjspUbVMFJbnXXlsSNWaoFTpHjK6b6Ghi2/re7KJpoKElM3nGs3qvxdvGTKu7LKr/sgKDL6uQLRKoyk8AHSIGX9c8ZUTk7Sq9jV9p4QfV1WFVpaBxSsEmw", + "MR0BACgWKis9/AKwG9/ARgGWJn1aM3nU8YXzWG+b7aeRUkVCjl4WxeL38E3FAMLW4UcyLzxeb+CskOqhPPTglmxhK7jQcrNILsWcZvdZfApYIvk5uKqA5FKuUuL48uvD0aKGRENe/VEUFlkQru5YX4Xnp+ZThrJJlgn7ANat/qAdP6ULEcLaOQlLYcGRh5ttsJTRT4+cZQggTJjWt+9idUQ66HfC6zQ1qHcMuochy7GHiUmNXAs0AgwOF9Jwet/Qh74KGMtmppJ9gkEqiYECFQA2gVgKc1AufHJS6S6Re72FfH/UkL41L2hvlwktkD5/hZrUZ1R+RG12Eip2zKgus4g/aGl0V8B/JvkcnFUsZJ6uxs24arOBDJOuzzxky5F5B/hwVGPEdcfHunqndUcx26/KCK72hOljlqTXl8yEbXlcMqVFNByZLr7TnGzGGUlO7kuHPW/ItZUJvrHokpsLLrb3ZhEZ8pTQd75gFcf0Ve8CYzEtk2ISHtNJQV6Iz4AZHWssU6F6YWM/OlJz5JGTtPHfGMJXgl4oxbBjeenS3JQ0X7vWXYMwPe3U1dat6m5hrRC1KzI6e6w+gPDtF8GQ", + "DH2WX6XoIseX6lHIey3seUr3DAz82fyk0jL7xc5IDTrDfqS64QBhHDpqHETF/81MrPXsM3IANBfjDOl9g/gua8wWPpPNxuWZMNh0GLcAr6PJ939TCbjE3soZHF2wiA82nZEO8jIZosDVRWFUfJS6Y3nrJz63SExqB6OUdBfvSfz1Y1M/90ofBxkfeuS85deMdn+1rZdsnZJYwz2Z6lCDvYjUTfrSwfVFJBP8Y2BXr8WClUYkfGG4eNG7IPNBRuMmhrhHj5y9z+5Jor+EbbTi5F5Jvdu2/bDM7s32XsaMNLYuVtNYONrbQ+3QZ746/yKZM4hDREvxyGLgDx3Apz7pyvwKm0//iTCY3yJLxZifGLh2uc28cFBln7IH1x8oui4Xq9vF+Z2EH4Ow48Ln5pzggBKMGy4dsfW6266TNYd/Z3SZUi28sxondqhGCSGUo7ZVPAOoYDcYKvjdI/cJ688PHliyZSYBYVmR5HBxZ57sqWwgZQ7zVvwv4CHHysvb92sPrXijHxBIkwpNuK56UMyQCcywlTRLDCMAMNAEGi4fWbDQIoPfn+NixMhEieg3Zh7GXPwHxW8morlgBW5aF76P", + "AwClK6Tq9R2DYGf8RAHu9dEttLeOfUVmS4WPwX0NehsnyM7y7n2sgGnXsiva3yFqK1hKZICkVukvHF7/bpgEEm/jRwcAhQUoG+c1qVde38eHJXj58YOBGTveruc+021or9/tHBtenmYPO6+arLQtONi43NKm7+I6ugkgQlp6iBr4haa0XMDTzMX9c8Qm/O+MrVo3qESYKkVtoSSK7SGZTBaRWNF/dOM0NQxeMP+XTVOuroqE23ZNsubBTEZnd4vUilFb/iKnhyT9XnIo7gM/Yz7HLVU5yc3yIj2sFUE+DcwpvcNO5EnPhj3bHsJvf3N4r72+5my2KjoR3KAJE1Imabd54o4xZ/9UaR93qLkVuXMkLRCCU/zlZDtfbJDsRR0C5rSYd2k6IPlNcl7PgmUpsNPUyoDYqvhuRUZxgoUAfKbogzJX8FU/QpllsKVtt68ucBi0bqC5pVKu23j79nDvYQsSlYY3JwJQaM5M558J5qpP1yEF2p4kSRphnB9UR29wWgch5eWZ4a02LlHVM5Msl6W5PdmHt+eFARBRv6edIyYDFzxm4WZroH5F/GxBhM0KObgawkxa5VWsYm0VhhXb", + "KACwq8rZuOLHuNnZJA07WzI7kppCwptbcYU2B7t86QcZrnadCtxoM5QNcl9rsbMA26iWCPV3VlDAmLSWcxtMoSKWuo4edJpk8K915xkFU5U6I/901vx5hqAECQDy/Q+QDWmWTXDoVHqFV9wvIj3wCJPpJL/Ewpl0NZd+68jjOjUhjIdNebLrWNK2nhTPiIjFjkcVqEgashpOmnbHT+2MV/CHoixmUEiuRI1B0dvSf7FHGRgbXGBubisuu60g8XTens5zyRo4Qn/LTxIu2aj4LTtyLonV3sXr+y35A1zq5mCrE1f1nOINVzwYYY76iJGIaBkZuMU3366FPIbYkmXwla6RQU1FA0Y7n05qczw7Ie5TveRTByKFtUqW8OAb9vH+H2ezJ4CXE3AGbu/nTj64KClO/zL499GA+97g+X6tTN6xOJdNknlqw6ZnFNtCL8+A3hL4OyOgWD0IGC+xFvcKjDUaaJenCtQvprCJaFrvoOS+yYmixnFqglnPYL/64/Lca8NmDVpPzlHI8HNwUDzKiXTw3q7GnQZWmUYzu1vLIEi6/hyqrULRN1vLdd/8HCMNQFj4ot61UftHtOG8MCKa", + "rUABPQ3SEWE5rY16pM+o+7EObLNM1jEa5YCMQM/aen0PWajWNax3Pyo6TZL8aGDXZF0yWqDM3b2m6UHOr6yqsUSrD+0jXPT48QN1VdBmh+AFRK+UcaYO383a0nvtv0c9uHt4yfceXLPGWrNjW+uTnS/lKpCdpE4GfLF1SFHIUcMxT+3At7hwDHNkLXllEXqbgDP8LyQSlYwT5jQUDCOzwc8CSxAryUOj6fN+iLKAiw4haPV/WZDG+JOmDMG2azo8SoBMi3y6Z2Le2fz2dMuvn5DUvCUvazrUmWYx4NEdSzc9GfBc6cXkduMqCs+lT2Ik2GHO0WjhrEB6j5NULOaCtbrislM85P6QutN4Pj9l18pcD6vZCcDTOwMj/BznclH342jeMn7rBgpW1YSzbNGP6KC4NeNW1H2xqNtuyhcJvasx4dwhzO18A36H6HtkiQyJNnfnVHh1oviO6mi3atmnh9B/55ugXM1Wf/6Kv8kJyaKtK8cWo+jCAR0/P/EsPtzToJM9Yk2+qxaPFd3k7T2KXvCQ9D1jLeECxL59L+WDvdBtxOEBD7W0a/Mn/9LuQPOiwARKJSTU+blJ6ezTeo83", + "poA1hF4zRh7HF0xVglYoLFqkUR7Pru/qYFnfMKBPuEOOGdgO3MMcAvIZ+w+Ug4THr/6+Vux0TN3wdOB+beObOboLgNE2zaD65lyMFbaulzrEnWjUgIg63CdpQJ2ESaimHGg/GmsipUCndRJ37TbUtn8W112SehsAgrsjiBcuJhw61i4bVfAZEcycq4Y/FlEDxtzoH8WzDoESNbl+r5agLcHGr37BFi81IXS8TLihC1T8b7d6tLb6lpXT+9IR4xAyZTw1IFMDZZEzVmHgYE/Et20/WhkX/oGghkWSpCxR0kynDplk+BEK2oyGKnl+rf4vymhsse2iQ/C99PhaodZjDfuGVSwPLoU0AYyAKaEwmgHPOFbDlrAmNk4iBp+IZYm9guZM2hcQ4GeA5WQyZzw4C1yMywWbdjtL9ZhpClmmPZ28nmwNORAat7tXPJoBBdXFB0gNT/wU7UYIKU5GnAiDIFJ0o8ijnuAMat3AsBki2vxwdypuBq5M6OF9DVA0HRUjOA0l4JHjK8Y282mz3U34PDPQvwCT342uD9cO3uXoSr3T2FnDmsVHz4Q9zYpSjioLmZk9ZTnQWgN5V5Oyat6m" + }; + + public String getName() + { + return "ParsingTest"; + } + + public void performTest() + throws Exception + { + inputStreamTest(); + parserTest(); + } + + private void parserTest() + { + for (int i = 0; i != streams.length; i++) + { + ASN1StreamParser aIn = new ASN1StreamParser(Base64.decode(streams[i])); + + try + { + Object obj; + + while ((obj = aIn.readObject()) != null) + { + + } + + fail("bad stream parsed successfully!"); + } + catch (IOException e) + { + // ignore + } + } + } + + private void inputStreamTest() + { + for (int i = 0; i != streams.length; i++) + { + ASN1InputStream aIn = new ASN1InputStream(Base64.decode(streams[i])); + + try + { + Object obj; + + while ((obj = aIn.readObject()) != null) + { + + } + + fail("bad stream parsed successfully!"); + } + catch (IOException e) + { + // ignore + } + } + } + + public static void main( + String[] args) + { + runTest(new ParsingTest()); + } +} diff --git a/bcprov/src/main/java/org/bouncycastle/asn1/test/PersonalDataUnitTest.java b/bcprov/src/main/java/org/bouncycastle/asn1/test/PersonalDataUnitTest.java new file mode 100644 index 00000000..95a3120a --- /dev/null +++ b/bcprov/src/main/java/org/bouncycastle/asn1/test/PersonalDataUnitTest.java @@ -0,0 +1,121 @@ +package org.bouncycastle.asn1.test; + +import java.io.IOException; +import java.math.BigInteger; + +import org.bouncycastle.asn1.ASN1GeneralizedTime; +import org.bouncycastle.asn1.ASN1InputStream; +import org.bouncycastle.asn1.ASN1Sequence; +import org.bouncycastle.asn1.x500.DirectoryString; +import org.bouncycastle.asn1.x509.sigi.NameOrPseudonym; +import org.bouncycastle.asn1.x509.sigi.PersonalData; + +public class PersonalDataUnitTest + extends ASN1UnitTest +{ + public String getName() + { + return "PersonalData"; + } + + public void performTest() + throws Exception + { + NameOrPseudonym nameOrPseudonym = new NameOrPseudonym("pseudonym"); + BigInteger nameDistinguisher = BigInteger.valueOf(10); + ASN1GeneralizedTime dateOfBirth= new ASN1GeneralizedTime("20070315173729Z"); + DirectoryString placeOfBirth = new DirectoryString("placeOfBirth"); + String gender = "M"; + DirectoryString postalAddress = new DirectoryString("address"); + + PersonalData data = new PersonalData(nameOrPseudonym, nameDistinguisher, dateOfBirth, placeOfBirth, gender, postalAddress); + + checkConstruction(data, nameOrPseudonym, nameDistinguisher, dateOfBirth, placeOfBirth, gender, postalAddress); + + data = new PersonalData(nameOrPseudonym, null, dateOfBirth, placeOfBirth, gender, postalAddress); + + checkConstruction(data, nameOrPseudonym, null, dateOfBirth, placeOfBirth, gender, postalAddress); + + data = new PersonalData(nameOrPseudonym, nameDistinguisher, null, placeOfBirth, gender, postalAddress); + + checkConstruction(data, nameOrPseudonym, nameDistinguisher, null, placeOfBirth, gender, postalAddress); + + data = new PersonalData(nameOrPseudonym, nameDistinguisher, dateOfBirth, null, gender, postalAddress); + + checkConstruction(data, nameOrPseudonym, nameDistinguisher, dateOfBirth, null, gender, postalAddress); + + data = new PersonalData(nameOrPseudonym, nameDistinguisher, dateOfBirth, placeOfBirth, null, postalAddress); + + checkConstruction(data, nameOrPseudonym, nameDistinguisher, dateOfBirth, placeOfBirth, null, postalAddress); + + data = new PersonalData(nameOrPseudonym, nameDistinguisher, dateOfBirth, placeOfBirth, gender, null); + + checkConstruction(data, nameOrPseudonym, nameDistinguisher, dateOfBirth, placeOfBirth, gender, null); + + data = PersonalData.getInstance(null); + + if (data != null) + { + fail("null getInstance() failed."); + } + + try + { + PersonalData.getInstance(new Object()); + + fail("getInstance() failed to detect bad object."); + } + catch (IllegalArgumentException e) + { + // expected + } + } + + private void checkConstruction( + PersonalData data, + NameOrPseudonym nameOrPseudonym, + BigInteger nameDistinguisher, + ASN1GeneralizedTime dateOfBirth, + DirectoryString placeOfBirth, + String gender, + DirectoryString postalAddress) + throws IOException + { + checkValues(data, nameOrPseudonym, nameDistinguisher, dateOfBirth, placeOfBirth, gender, postalAddress); + + data = PersonalData.getInstance(data); + + checkValues(data, nameOrPseudonym, nameDistinguisher, dateOfBirth, placeOfBirth, gender, postalAddress); + + ASN1InputStream aIn = new ASN1InputStream(data.toASN1Object().getEncoded()); + + ASN1Sequence seq = (ASN1Sequence)aIn.readObject(); + + data = PersonalData.getInstance(seq); + + checkValues(data, nameOrPseudonym, nameDistinguisher, dateOfBirth, placeOfBirth, gender, postalAddress); + } + + private void checkValues( + PersonalData data, + NameOrPseudonym nameOrPseudonym, + BigInteger nameDistinguisher, + ASN1GeneralizedTime dateOfBirth, + DirectoryString placeOfBirth, + String gender, + DirectoryString postalAddress) + { + checkMandatoryField("nameOrPseudonym", nameOrPseudonym, data.getNameOrPseudonym()); + checkOptionalField("nameDistinguisher", nameDistinguisher, data.getNameDistinguisher()); + checkOptionalField("dateOfBirth", dateOfBirth, data.getDateOfBirth()); + checkOptionalField("placeOfBirth", placeOfBirth, data.getPlaceOfBirth()); + checkOptionalField("gender", gender, data.getGender()); + checkOptionalField("postalAddress", postalAddress, data.getPostalAddress()); + } + + public static void main( + String[] args) + { + runTest(new PersonalDataUnitTest()); + } +} diff --git a/bcprov/src/main/java/org/bouncycastle/asn1/test/ProcurationSyntaxUnitTest.java b/bcprov/src/main/java/org/bouncycastle/asn1/test/ProcurationSyntaxUnitTest.java new file mode 100644 index 00000000..32120bb2 --- /dev/null +++ b/bcprov/src/main/java/org/bouncycastle/asn1/test/ProcurationSyntaxUnitTest.java @@ -0,0 +1,107 @@ +package org.bouncycastle.asn1.test; + +import java.io.IOException; + +import org.bouncycastle.asn1.ASN1InputStream; +import org.bouncycastle.asn1.ASN1Integer; +import org.bouncycastle.asn1.ASN1Sequence; +import org.bouncycastle.asn1.isismtt.x509.ProcurationSyntax; +import org.bouncycastle.asn1.x500.DirectoryString; +import org.bouncycastle.asn1.x509.GeneralName; +import org.bouncycastle.asn1.x509.GeneralNames; +import org.bouncycastle.asn1.x509.IssuerSerial; +import org.bouncycastle.asn1.x509.X509Name; + +public class ProcurationSyntaxUnitTest + extends ASN1UnitTest +{ + public String getName() + { + return "ProcurationSyntax"; + } + + public void performTest() + throws Exception + { + String country = "AU"; + DirectoryString typeOfSubstitution = new DirectoryString("substitution"); + GeneralName thirdPerson = new GeneralName(new X509Name("CN=thirdPerson")); + IssuerSerial certRef = new IssuerSerial(new GeneralNames(new GeneralName(new X509Name("CN=test"))), new ASN1Integer(1)); + + ProcurationSyntax procuration = new ProcurationSyntax(country, typeOfSubstitution, thirdPerson); + + checkConstruction(procuration, country, typeOfSubstitution, thirdPerson, null); + + procuration = new ProcurationSyntax(country, typeOfSubstitution, certRef); + + checkConstruction(procuration, country, typeOfSubstitution, null, certRef); + + procuration = new ProcurationSyntax(null, typeOfSubstitution, certRef); + + checkConstruction(procuration, null, typeOfSubstitution, null, certRef); + + procuration = new ProcurationSyntax(country, null, certRef); + + checkConstruction(procuration, country, null, null, certRef); + + procuration = ProcurationSyntax.getInstance(null); + + if (procuration != null) + { + fail("null getInstance() failed."); + } + + try + { + ProcurationSyntax.getInstance(new Object()); + + fail("getInstance() failed to detect bad object."); + } + catch (IllegalArgumentException e) + { + // expected + } + } + + private void checkConstruction( + ProcurationSyntax procuration, + String country, + DirectoryString typeOfSubstitution, + GeneralName thirdPerson, + IssuerSerial certRef) + throws IOException + { + checkValues(procuration, country, typeOfSubstitution, thirdPerson, certRef); + + procuration = ProcurationSyntax.getInstance(procuration); + + checkValues(procuration, country, typeOfSubstitution, thirdPerson, certRef); + + ASN1InputStream aIn = new ASN1InputStream(procuration.toASN1Object().getEncoded()); + + ASN1Sequence seq = (ASN1Sequence)aIn.readObject(); + + procuration = ProcurationSyntax.getInstance(seq); + + checkValues(procuration, country, typeOfSubstitution, thirdPerson, certRef); + } + + private void checkValues( + ProcurationSyntax procuration, + String country, + DirectoryString typeOfSubstitution, + GeneralName thirdPerson, + IssuerSerial certRef) + { + checkOptionalField("country", country, procuration.getCountry()); + checkOptionalField("typeOfSubstitution", typeOfSubstitution, procuration.getTypeOfSubstitution()); + checkOptionalField("thirdPerson", thirdPerson, procuration.getThirdPerson()); + checkOptionalField("certRef", certRef, procuration.getCertRef()); + } + + public static void main( + String[] args) + { + runTest(new ProcurationSyntaxUnitTest()); + } +} diff --git a/bcprov/src/main/java/org/bouncycastle/asn1/test/ProfessionInfoUnitTest.java b/bcprov/src/main/java/org/bouncycastle/asn1/test/ProfessionInfoUnitTest.java new file mode 100644 index 00000000..34b33070 --- /dev/null +++ b/bcprov/src/main/java/org/bouncycastle/asn1/test/ProfessionInfoUnitTest.java @@ -0,0 +1,117 @@ +package org.bouncycastle.asn1.test; + +import java.io.IOException; + +import org.bouncycastle.asn1.ASN1InputStream; +import org.bouncycastle.asn1.ASN1ObjectIdentifier; +import org.bouncycastle.asn1.ASN1Sequence; +import org.bouncycastle.asn1.DEROctetString; +import org.bouncycastle.asn1.isismtt.x509.NamingAuthority; +import org.bouncycastle.asn1.isismtt.x509.ProcurationSyntax; +import org.bouncycastle.asn1.isismtt.x509.ProfessionInfo; +import org.bouncycastle.asn1.x500.DirectoryString; + +public class ProfessionInfoUnitTest + extends ASN1UnitTest +{ + public String getName() + { + return "ProfessionInfo"; + } + + public void performTest() + throws Exception + { + NamingAuthority auth = new NamingAuthority(new ASN1ObjectIdentifier("1.2.3"), "url", new DirectoryString("fred")); + DirectoryString[] professionItems = { new DirectoryString("substitution") }; + ASN1ObjectIdentifier[] professionOids = { new ASN1ObjectIdentifier("1.2.3") }; + String registrationNumber = "12345"; + DEROctetString addProfInfo = new DEROctetString(new byte[20]); + + ProfessionInfo info = new ProfessionInfo(auth, professionItems, professionOids, registrationNumber, addProfInfo); + + checkConstruction(info, auth, professionItems, professionOids, registrationNumber, addProfInfo); + + info = new ProfessionInfo(null, professionItems, professionOids, registrationNumber, addProfInfo); + + checkConstruction(info, null, professionItems, professionOids, registrationNumber, addProfInfo); + + info = new ProfessionInfo(auth, professionItems, null, registrationNumber, addProfInfo); + + checkConstruction(info, auth, professionItems, null, registrationNumber, addProfInfo); + + info = new ProfessionInfo(auth, professionItems, professionOids, null, addProfInfo); + + checkConstruction(info, auth, professionItems, professionOids, null, addProfInfo); + + info = new ProfessionInfo(auth, professionItems, professionOids, registrationNumber, null); + + checkConstruction(info, auth, professionItems, professionOids, registrationNumber, null); + + info = ProfessionInfo.getInstance(null); + + if (info != null) + { + fail("null getInstance() failed."); + } + + try + { + ProcurationSyntax.getInstance(new Object()); + + fail("getInstance() failed to detect bad object."); + } + catch (IllegalArgumentException e) + { + // expected + } + } + + private void checkConstruction( + ProfessionInfo profInfo, + NamingAuthority auth, + DirectoryString[] professionItems, + ASN1ObjectIdentifier[] professionOids, + String registrationNumber, + DEROctetString addProfInfo) + throws IOException + { + checkValues(profInfo, auth, professionItems, professionOids, registrationNumber, addProfInfo); + + profInfo = ProfessionInfo.getInstance(profInfo); + + checkValues(profInfo, auth, professionItems, professionOids, registrationNumber, addProfInfo); + + ASN1InputStream aIn = new ASN1InputStream(profInfo.toASN1Object().getEncoded()); + + ASN1Sequence seq = (ASN1Sequence)aIn.readObject(); + + profInfo = ProfessionInfo.getInstance(seq); + + checkValues(profInfo, auth, professionItems, professionOids, registrationNumber, addProfInfo); + } + + private void checkValues( + ProfessionInfo profInfo, + NamingAuthority auth, + DirectoryString[] professionItems, + ASN1ObjectIdentifier[] professionOids, + String registrationNumber, + DEROctetString addProfInfo) + { + checkOptionalField("auth", auth, profInfo.getNamingAuthority()); + checkMandatoryField("professionItems", professionItems[0], profInfo.getProfessionItems()[0]); + if (professionOids != null) + { + checkOptionalField("professionOids", professionOids[0], profInfo.getProfessionOIDs()[0]); + } + checkOptionalField("registrationNumber", registrationNumber, profInfo.getRegistrationNumber()); + checkOptionalField("addProfessionInfo", addProfInfo, profInfo.getAddProfessionInfo()); + } + + public static void main( + String[] args) + { + runTest(new ProfessionInfoUnitTest()); + } +} diff --git a/bcprov/src/main/java/org/bouncycastle/asn1/test/QCStatementUnitTest.java b/bcprov/src/main/java/org/bouncycastle/asn1/test/QCStatementUnitTest.java new file mode 100644 index 00000000..d7a84a5e --- /dev/null +++ b/bcprov/src/main/java/org/bouncycastle/asn1/test/QCStatementUnitTest.java @@ -0,0 +1,104 @@ +package org.bouncycastle.asn1.test; + +import java.io.IOException; + +import org.bouncycastle.asn1.ASN1Encodable; +import org.bouncycastle.asn1.ASN1InputStream; +import org.bouncycastle.asn1.ASN1ObjectIdentifier; +import org.bouncycastle.asn1.ASN1Sequence; +import org.bouncycastle.asn1.x509.qualified.QCStatement; +import org.bouncycastle.asn1.x509.qualified.RFC3739QCObjectIdentifiers; +import org.bouncycastle.asn1.x509.qualified.SemanticsInformation; +import org.bouncycastle.util.test.SimpleTest; + +public class QCStatementUnitTest + extends SimpleTest +{ + public String getName() + { + return "QCStatement"; + } + + public void performTest() + throws Exception + { + QCStatement mv = new QCStatement(RFC3739QCObjectIdentifiers.id_qcs_pkixQCSyntax_v1); + + checkConstruction(mv, RFC3739QCObjectIdentifiers.id_qcs_pkixQCSyntax_v1, null); + + ASN1Encodable info = new SemanticsInformation(new ASN1ObjectIdentifier("1.2")); + + mv = new QCStatement(RFC3739QCObjectIdentifiers.id_qcs_pkixQCSyntax_v1, info); + + checkConstruction(mv, RFC3739QCObjectIdentifiers.id_qcs_pkixQCSyntax_v1, info); + + mv = QCStatement.getInstance(null); + + if (mv != null) + { + fail("null getInstance() failed."); + } + + try + { + QCStatement.getInstance(new Object()); + + fail("getInstance() failed to detect bad object."); + } + catch (IllegalArgumentException e) + { + // expected + } + } + + private void checkConstruction( + QCStatement mv, + ASN1ObjectIdentifier statementId, + ASN1Encodable statementInfo) + throws IOException + { + checkStatement(mv, statementId, statementInfo); + + mv = QCStatement.getInstance(mv); + + checkStatement(mv, statementId, statementInfo); + + ASN1InputStream aIn = new ASN1InputStream(mv.toASN1Object().getEncoded()); + + ASN1Sequence seq = (ASN1Sequence)aIn.readObject(); + + mv = QCStatement.getInstance(seq); + + checkStatement(mv, statementId, statementInfo); + } + + private void checkStatement( + QCStatement qcs, + ASN1ObjectIdentifier statementId, + ASN1Encodable statementInfo) + throws IOException + { + if (!qcs.getStatementId().equals(statementId)) + { + fail("statementIds don't match."); + } + + if (statementInfo != null) + { + if (!qcs.getStatementInfo().equals(statementInfo)) + { + fail("statementInfos don't match."); + } + } + else if (qcs.getStatementInfo() != null) + { + fail("statementInfo found when none expected."); + } + } + + public static void main( + String[] args) + { + runTest(new QCStatementUnitTest()); + } +} diff --git a/bcprov/src/main/java/org/bouncycastle/asn1/test/RFC4519Test.java b/bcprov/src/main/java/org/bouncycastle/asn1/test/RFC4519Test.java new file mode 100644 index 00000000..8d7e1756 --- /dev/null +++ b/bcprov/src/main/java/org/bouncycastle/asn1/test/RFC4519Test.java @@ -0,0 +1,149 @@ +package org.bouncycastle.asn1.test; + +import org.bouncycastle.asn1.ASN1ObjectIdentifier; +import org.bouncycastle.asn1.x500.X500Name; +import org.bouncycastle.asn1.x500.X500NameStyle; +import org.bouncycastle.asn1.x500.style.RFC4519Style; +import org.bouncycastle.util.Arrays; +import org.bouncycastle.util.encoders.Hex; +import org.bouncycastle.util.test.SimpleTest; + +public class RFC4519Test + extends SimpleTest +{ + static String[] attributeTypes = + { + "businessCategory", + "c", + "cn", + "dc", + "description", + "destinationIndicator", + "distinguishedName", + "dnQualifier", + "enhancedSearchGuide", + "facsimileTelephoneNumber", + "generationQualifier", + "givenName", + "houseIdentifier", + "initials", + "internationalISDNNumber", + "l", + "member", + "name", + "o", + "ou", + "owner", + "physicalDeliveryOfficeName", + "postalAddress", + "postalCode", + "postOfficeBox", + "preferredDeliveryMethod", + "registeredAddress", + "roleOccupant", + "searchGuide", + "seeAlso", + "serialNumber", + "sn", + "st", + "street", + "telephoneNumber", + "teletexTerminalIdentifier", + "telexNumber", + "title", + "uid", + "uniqueMember", + "userPassword", + "x121Address", + "x500UniqueIdentifier" + }; + + static ASN1ObjectIdentifier[] attributeTypeOIDs = + { + new ASN1ObjectIdentifier("2.5.4.15"), + new ASN1ObjectIdentifier("2.5.4.6"), + new ASN1ObjectIdentifier("2.5.4.3"), + new ASN1ObjectIdentifier("0.9.2342.19200300.100.1.25"), + new ASN1ObjectIdentifier("2.5.4.13"), + new ASN1ObjectIdentifier("2.5.4.27"), + new ASN1ObjectIdentifier("2.5.4.49"), + new ASN1ObjectIdentifier("2.5.4.46"), + new ASN1ObjectIdentifier("2.5.4.47"), + new ASN1ObjectIdentifier("2.5.4.23"), + new ASN1ObjectIdentifier("2.5.4.44"), + new ASN1ObjectIdentifier("2.5.4.42"), + new ASN1ObjectIdentifier("2.5.4.51"), + new ASN1ObjectIdentifier("2.5.4.43"), + new ASN1ObjectIdentifier("2.5.4.25"), + new ASN1ObjectIdentifier("2.5.4.7"), + new ASN1ObjectIdentifier("2.5.4.31"), + new ASN1ObjectIdentifier("2.5.4.41"), + new ASN1ObjectIdentifier("2.5.4.10"), + new ASN1ObjectIdentifier("2.5.4.11"), + new ASN1ObjectIdentifier("2.5.4.32"), + new ASN1ObjectIdentifier("2.5.4.19"), + new ASN1ObjectIdentifier("2.5.4.16"), + new ASN1ObjectIdentifier("2.5.4.17"), + new ASN1ObjectIdentifier("2.5.4.18"), + new ASN1ObjectIdentifier("2.5.4.28"), + new ASN1ObjectIdentifier("2.5.4.26"), + new ASN1ObjectIdentifier("2.5.4.33"), + new ASN1ObjectIdentifier("2.5.4.14"), + new ASN1ObjectIdentifier("2.5.4.34"), + new ASN1ObjectIdentifier("2.5.4.5"), + new ASN1ObjectIdentifier("2.5.4.4"), + new ASN1ObjectIdentifier("2.5.4.8"), + new ASN1ObjectIdentifier("2.5.4.9"), + new ASN1ObjectIdentifier("2.5.4.20"), + new ASN1ObjectIdentifier("2.5.4.22"), + new ASN1ObjectIdentifier("2.5.4.21"), + new ASN1ObjectIdentifier("2.5.4.12"), + new ASN1ObjectIdentifier("0.9.2342.19200300.100.1.1"), + new ASN1ObjectIdentifier("2.5.4.50"), + new ASN1ObjectIdentifier("2.5.4.35"), + new ASN1ObjectIdentifier("2.5.4.24"), + new ASN1ObjectIdentifier("2.5.4.45") + }; + + public String getName() + { + return "RFC4519Test"; + } + + public void performTest() + throws Exception + { + X500NameStyle style = RFC4519Style.INSTANCE; + + for (int i = 0; i != attributeTypes.length; i++) + { + if (!attributeTypeOIDs[i].equals(style.attrNameToOID(attributeTypes[i]))) + { + fail("mismatch for " + attributeTypes[i]); + } + } + + byte[] enc = Hex.decode("305e310b300906035504061302415531283026060355040a0c1f546865204c6567696f6e206f662074686520426f756e637920436173746c653125301006035504070c094d656c626f75726e653011060355040b0c0a4173636f742056616c65"); + + X500Name n = new X500Name(style, X500Name.getInstance(enc)); + + if (!n.toString().equals("l=Melbourne+ou=Ascot Vale,o=The Legion of the Bouncy Castle,c=AU")) + { + fail("Failed composite to string test got: " + n.toString()); + } + + n = new X500Name(style, "l=Melbourne+ou=Ascot Vale,o=The Legion of the Bouncy Castle,c=AU"); + + if (!Arrays.areEqual(n.getEncoded(), enc)) + { + fail("re-encoding test after parse failed"); + } + } + + + public static void main( + String[] args) + { + runTest(new RFC4519Test()); + } +} diff --git a/bcprov/src/main/java/org/bouncycastle/asn1/test/ReasonFlagsTest.java b/bcprov/src/main/java/org/bouncycastle/asn1/test/ReasonFlagsTest.java new file mode 100644 index 00000000..ebfd126f --- /dev/null +++ b/bcprov/src/main/java/org/bouncycastle/asn1/test/ReasonFlagsTest.java @@ -0,0 +1,35 @@ +package org.bouncycastle.asn1.test; + +import java.io.IOException; + +import org.bouncycastle.asn1.x509.ReasonFlags; +import org.bouncycastle.util.test.SimpleTest; + +public class ReasonFlagsTest + extends SimpleTest +{ + public String getName() + { + return "ReasonFlags"; + } + + public void performTest() + throws IOException + { + BitStringConstantTester.testFlagValueCorrect(0, ReasonFlags.unused); + BitStringConstantTester.testFlagValueCorrect(1, ReasonFlags.keyCompromise); + BitStringConstantTester.testFlagValueCorrect(2, ReasonFlags.cACompromise); + BitStringConstantTester.testFlagValueCorrect(3, ReasonFlags.affiliationChanged); + BitStringConstantTester.testFlagValueCorrect(4, ReasonFlags.superseded); + BitStringConstantTester.testFlagValueCorrect(5, ReasonFlags.cessationOfOperation); + BitStringConstantTester.testFlagValueCorrect(6, ReasonFlags.certificateHold); + BitStringConstantTester.testFlagValueCorrect(7, ReasonFlags.privilegeWithdrawn); + BitStringConstantTester.testFlagValueCorrect(8, ReasonFlags.aACompromise); + } + + public static void main( + String[] args) + { + runTest(new ReasonFlagsTest()); + } +} diff --git a/bcprov/src/main/java/org/bouncycastle/asn1/test/RegressionTest.java b/bcprov/src/main/java/org/bouncycastle/asn1/test/RegressionTest.java new file mode 100644 index 00000000..e4427294 --- /dev/null +++ b/bcprov/src/main/java/org/bouncycastle/asn1/test/RegressionTest.java @@ -0,0 +1,92 @@ +package org.bouncycastle.asn1.test; + +import org.bouncycastle.util.test.Test; +import org.bouncycastle.util.test.TestResult; + +public class RegressionTest +{ + public static Test[] tests = { + new InputStreamTest(), + new EqualsAndHashCodeTest(), + new TagTest(), + new SetTest(), + new DERUTF8StringTest(), + new CertificateTest(), + new GenerationTest(), + new CMSTest(), + new OCSPTest(), + new OIDTest(), + new PKCS10Test(), + new PKCS12Test(), + new X509NameTest(), + new X500NameTest(), + new X509ExtensionsTest(), + new GeneralizedTimeTest(), + new BitStringTest(), + new MiscTest(), + new SMIMETest(), + new X9Test(), + new MonetaryValueUnitTest(), + new BiometricDataUnitTest(), + new Iso4217CurrencyCodeUnitTest(), + new SemanticsInformationUnitTest(), + new QCStatementUnitTest(), + new TypeOfBiometricDataUnitTest(), + new SignerLocationUnitTest(), + new CommitmentTypeQualifierUnitTest(), + new CommitmentTypeIndicationUnitTest(), + new EncryptedPrivateKeyInfoTest(), + new DataGroupHashUnitTest(), + new LDSSecurityObjectUnitTest(), + new CscaMasterListTest(), + new AttributeTableUnitTest(), + new ReasonFlagsTest(), + new NetscapeCertTypeTest(), + new PKIFailureInfoTest(), + new KeyUsageTest(), + new StringTest(), + new UTCTimeTest(), + new RequestedCertificateUnitTest(), + new OtherCertIDUnitTest(), + new OtherSigningCertificateUnitTest(), + new ContentHintsUnitTest(), + new CertHashUnitTest(), + new AdditionalInformationSyntaxUnitTest(), + new AdmissionSyntaxUnitTest(), + new AdmissionsUnitTest(), + new DeclarationOfMajorityUnitTest(), + new ProcurationSyntaxUnitTest(), + new ProfessionInfoUnitTest(), + new RestrictionUnitTest(), + new NamingAuthorityUnitTest(), + new MonetaryLimitUnitTest(), + new NameOrPseudonymUnitTest(), + new PersonalDataUnitTest(), + new DERApplicationSpecificTest(), + new IssuingDistributionPointUnitTest(), + new TargetInformationTest(), + new SubjectKeyIdentifierTest(), + new ESSCertIDv2UnitTest(), + new ParsingTest(), + new GeneralNameTest(), + new ObjectIdentifierTest(), + new RFC4519Test() + }; + + public static void main( + String[] args) + { + for (int i = 0; i != tests.length; i++) + { + TestResult result = tests[i].perform(); + + if (result.getException() != null) + { + result.getException().printStackTrace(); + } + + System.out.println(result); + } + } +} + diff --git a/bcprov/src/main/java/org/bouncycastle/asn1/test/RequestedCertificateUnitTest.java b/bcprov/src/main/java/org/bouncycastle/asn1/test/RequestedCertificateUnitTest.java new file mode 100644 index 00000000..b167e4e2 --- /dev/null +++ b/bcprov/src/main/java/org/bouncycastle/asn1/test/RequestedCertificateUnitTest.java @@ -0,0 +1,108 @@ +package org.bouncycastle.asn1.test; + +import java.io.IOException; + +import org.bouncycastle.asn1.ASN1InputStream; +import org.bouncycastle.asn1.isismtt.ocsp.RequestedCertificate; +import org.bouncycastle.asn1.x509.Certificate; +import org.bouncycastle.util.encoders.Base64; + +public class RequestedCertificateUnitTest + extends ASN1UnitTest +{ + byte[] certBytes = Base64.decode( + "MIIBWzCCAQYCARgwDQYJKoZIhvcNAQEEBQAwODELMAkGA1UEBhMCQVUxDDAKBgNV" + + "BAgTA1FMRDEbMBkGA1UEAxMSU1NMZWF5L3JzYSB0ZXN0IENBMB4XDTk1MDYxOTIz" + + "MzMxMloXDTk1MDcxNzIzMzMxMlowOjELMAkGA1UEBhMCQVUxDDAKBgNVBAgTA1FM" + + "RDEdMBsGA1UEAxMUU1NMZWF5L3JzYSB0ZXN0IGNlcnQwXDANBgkqhkiG9w0BAQEF" + + "AANLADBIAkEAqtt6qS5GTxVxGZYWa0/4u+IwHf7p2LNZbcPBp9/OfIcYAXBQn8hO" + + "/Re1uwLKXdCjIoaGs4DLdG88rkzfyK5dPQIDAQABMAwGCCqGSIb3DQIFBQADQQAE" + + "Wc7EcF8po2/ZO6kNCwK/ICH6DobgLekA5lSLr5EvuioZniZp5lFzAw4+YzPQ7XKJ" + + "zl9HYIMxATFyqSiD9jsx"); + + public String getName() + { + return "RequestedCertificate"; + } + + public void performTest() + throws Exception + { + int type = 1; + byte[] certOctets = new byte[20]; + Certificate cert = Certificate.getInstance(certBytes); + + RequestedCertificate requested = new RequestedCertificate(type, certOctets); + + checkConstruction(requested, type, certOctets, null); + + requested = new RequestedCertificate(cert); + + checkConstruction(requested, RequestedCertificate.certificate, null, cert); + + requested = RequestedCertificate.getInstance(null); + + if (requested != null) + { + fail("null getInstance() failed."); + } + + try + { + RequestedCertificate.getInstance(new Object()); + + fail("getInstance() failed to detect bad object."); + } + catch (IllegalArgumentException e) + { + // expected + } + } + + private void checkConstruction( + RequestedCertificate requested, + int type, + byte[] certOctets, + Certificate cert) + throws IOException + { + checkValues(requested, type, certOctets, cert); + + requested = RequestedCertificate.getInstance(requested); + + checkValues(requested, type, certOctets, cert); + + ASN1InputStream aIn = new ASN1InputStream(requested.toASN1Object().getEncoded()); + + Object obj = aIn.readObject(); + + requested = RequestedCertificate.getInstance(obj); + + checkValues(requested, type, certOctets, cert); + } + + private void checkValues( + RequestedCertificate requested, + int type, + byte[] certOctets, + Certificate cert) + throws IOException + { + checkMandatoryField("certType", type, requested.getType()); + + if (requested.getType() == RequestedCertificate.certificate) + { + checkMandatoryField("certificate", cert.getEncoded(), requested.getCertificateBytes()); + } + else + { + checkMandatoryField("certificateOctets", certOctets, requested.getCertificateBytes()); + } + } + + public static void main( + String[] args) + { + runTest(new RequestedCertificateUnitTest()); + } +} diff --git a/bcprov/src/main/java/org/bouncycastle/asn1/test/RestrictionUnitTest.java b/bcprov/src/main/java/org/bouncycastle/asn1/test/RestrictionUnitTest.java new file mode 100644 index 00000000..3b11305a --- /dev/null +++ b/bcprov/src/main/java/org/bouncycastle/asn1/test/RestrictionUnitTest.java @@ -0,0 +1,70 @@ +package org.bouncycastle.asn1.test; + +import java.io.IOException; + +import org.bouncycastle.asn1.ASN1InputStream; +import org.bouncycastle.asn1.ASN1String; +import org.bouncycastle.asn1.isismtt.x509.Restriction; +import org.bouncycastle.asn1.x500.DirectoryString; + +public class RestrictionUnitTest + extends ASN1UnitTest +{ + public String getName() + { + return "Restriction"; + } + + public void performTest() + throws Exception + { + DirectoryString res = new DirectoryString("test"); + Restriction restriction = new Restriction(res.getString()); + + checkConstruction(restriction, res); + + try + { + Restriction.getInstance(new Object()); + + fail("getInstance() failed to detect bad object."); + } + catch (IllegalArgumentException e) + { + // expected + } + } + + private void checkConstruction( + Restriction restriction, + DirectoryString res) + throws IOException + { + checkValues(restriction, res); + + restriction = Restriction.getInstance(restriction); + + checkValues(restriction, res); + + ASN1InputStream aIn = new ASN1InputStream(restriction.toASN1Object().getEncoded()); + + ASN1String str = (ASN1String)aIn.readObject(); + + restriction = Restriction.getInstance(str); + + checkValues(restriction, res); + } + + private void checkValues( + Restriction restriction, + DirectoryString res) + { + checkMandatoryField("restriction", res, restriction.getRestriction()); + } + + public static void main( + String[] args) + { + runTest(new RestrictionUnitTest()); + } +} diff --git a/bcprov/src/main/java/org/bouncycastle/asn1/test/SMIMETest.java b/bcprov/src/main/java/org/bouncycastle/asn1/test/SMIMETest.java new file mode 100644 index 00000000..44d6b1c0 --- /dev/null +++ b/bcprov/src/main/java/org/bouncycastle/asn1/test/SMIMETest.java @@ -0,0 +1,109 @@ +package org.bouncycastle.asn1.test; + +import java.io.ByteArrayInputStream; + +import org.bouncycastle.asn1.ASN1InputStream; +import org.bouncycastle.asn1.ASN1Primitive; +import org.bouncycastle.asn1.DERGeneralizedTime; +import org.bouncycastle.asn1.DEROctetString; +import org.bouncycastle.asn1.cms.RecipientKeyIdentifier; +import org.bouncycastle.asn1.smime.SMIMECapabilitiesAttribute; +import org.bouncycastle.asn1.smime.SMIMECapability; +import org.bouncycastle.asn1.smime.SMIMECapabilityVector; +import org.bouncycastle.asn1.smime.SMIMEEncryptionKeyPreferenceAttribute; +import org.bouncycastle.util.encoders.Base64; +import org.bouncycastle.util.test.SimpleTestResult; +import org.bouncycastle.util.test.Test; +import org.bouncycastle.util.test.TestResult; + +public class SMIMETest + implements Test +{ + byte[] attrBytes = Base64.decode("MDQGCSqGSIb3DQEJDzEnMCUwCgYIKoZIhvcNAwcwDgYIKoZIhvcNAwICAgCAMAcGBSsOAwIH"); + byte[] prefBytes = Base64.decode("MCwGCyqGSIb3DQEJEAILMR2hGwQIAAAAAAAAAAAYDzIwMDcwMzE1MTczNzI5Wg=="); + + private boolean isSameAs( + byte[] a, + byte[] b) + { + if (a.length != b.length) + { + return false; + } + + for (int i = 0; i != a.length; i++) + { + if (a[i] != b[i]) + { + return false; + } + } + + return true; + } + + public TestResult perform() + { + SMIMECapabilityVector caps = new SMIMECapabilityVector(); + + caps.addCapability(SMIMECapability.dES_EDE3_CBC); + caps.addCapability(SMIMECapability.rC2_CBC, 128); + caps.addCapability(SMIMECapability.dES_CBC); + + SMIMECapabilitiesAttribute attr = new SMIMECapabilitiesAttribute(caps); + + SMIMEEncryptionKeyPreferenceAttribute pref = new SMIMEEncryptionKeyPreferenceAttribute( + new RecipientKeyIdentifier(new DEROctetString(new byte[8]), new DERGeneralizedTime("20070315173729Z"), null)); + + try + { + if (!isSameAs(attr.getEncoded(), attrBytes)) + { + return new SimpleTestResult(false, getName() + ": Failed attr data check"); + } + + ByteArrayInputStream bIn = new ByteArrayInputStream(attrBytes); + ASN1InputStream aIn = new ASN1InputStream(bIn); + + ASN1Primitive o = aIn.readObject(); + if (!attr.equals(o)) + { + return new SimpleTestResult(false, getName() + ": Failed equality test for attr"); + } + + if (!isSameAs(pref.getEncoded(), prefBytes)) + { + return new SimpleTestResult(false, getName() + ": Failed attr data check"); + } + + bIn = new ByteArrayInputStream(prefBytes); + aIn = new ASN1InputStream(bIn); + + o = aIn.readObject(); + if (!pref.equals(o)) + { + return new SimpleTestResult(false, getName() + ": Failed equality test for pref"); + } + + return new SimpleTestResult(true, getName() + ": Okay"); + } + catch (Exception e) + { + return new SimpleTestResult(false, getName() + ": Failed - exception " + e.toString(), e); + } + } + + public String getName() + { + return "SMIME"; + } + + public static void main( + String[] args) + { + SMIMETest test = new SMIMETest(); + TestResult result = test.perform(); + + System.out.println(result); + } +} diff --git a/bcprov/src/main/java/org/bouncycastle/asn1/test/SemanticsInformationUnitTest.java b/bcprov/src/main/java/org/bouncycastle/asn1/test/SemanticsInformationUnitTest.java new file mode 100644 index 00000000..3fd26db5 --- /dev/null +++ b/bcprov/src/main/java/org/bouncycastle/asn1/test/SemanticsInformationUnitTest.java @@ -0,0 +1,135 @@ +package org.bouncycastle.asn1.test; + +import org.bouncycastle.asn1.ASN1EncodableVector; +import org.bouncycastle.asn1.ASN1InputStream; +import org.bouncycastle.asn1.ASN1ObjectIdentifier; +import org.bouncycastle.asn1.ASN1Sequence; +import org.bouncycastle.asn1.DERSequence; +import org.bouncycastle.asn1.x509.GeneralName; +import org.bouncycastle.asn1.x509.X509Name; +import org.bouncycastle.asn1.x509.qualified.SemanticsInformation; +import org.bouncycastle.util.test.SimpleTest; + +public class SemanticsInformationUnitTest + extends SimpleTest +{ + public String getName() + { + return "SemanticsInformation"; + } + + public void performTest() + throws Exception + { + ASN1ObjectIdentifier statementId = new ASN1ObjectIdentifier("1.1"); + SemanticsInformation mv = new SemanticsInformation(statementId); + + checkConstruction(mv, statementId, null); + + GeneralName[] names = new GeneralName[2]; + + names[0] = new GeneralName(GeneralName.rfc822Name, "test@test.org"); + names[1] = new GeneralName(new X509Name("cn=test")); + + mv = new SemanticsInformation(statementId, names); + + checkConstruction(mv, statementId, names); + + mv = new SemanticsInformation(names); + + checkConstruction(mv, null, names); + + mv = SemanticsInformation.getInstance(null); + + if (mv != null) + { + fail("null getInstance() failed."); + } + + try + { + SemanticsInformation.getInstance(new Object()); + + fail("getInstance() failed to detect bad object."); + } + catch (IllegalArgumentException e) + { + // expected + } + + try + { + ASN1EncodableVector v = new ASN1EncodableVector(); + + SemanticsInformation.getInstance(new DERSequence(v)); + + fail("constructor failed to detect empty sequence."); + } + catch (IllegalArgumentException e) + { + // expected + } + } + + private void checkConstruction( + SemanticsInformation mv, + ASN1ObjectIdentifier semanticsIdentifier, + GeneralName[] names) + throws Exception + { + checkStatement(mv, semanticsIdentifier, names); + + mv = SemanticsInformation.getInstance(mv); + + checkStatement(mv, semanticsIdentifier, names); + + ASN1InputStream aIn = new ASN1InputStream(mv.toASN1Object().getEncoded()); + + ASN1Sequence seq = (ASN1Sequence)aIn.readObject(); + + mv = SemanticsInformation.getInstance(seq); + + checkStatement(mv, semanticsIdentifier, names); + } + + private void checkStatement( + SemanticsInformation si, + ASN1ObjectIdentifier id, + GeneralName[] names) + { + if (id != null) + { + if (!si.getSemanticsIdentifier().equals(id)) + { + fail("ids don't match."); + } + } + else if (si.getSemanticsIdentifier() != null) + { + fail("statementId found when none expected."); + } + + if (names != null) + { + GeneralName[] siNames = si.getNameRegistrationAuthorities(); + + for (int i = 0; i != siNames.length; i++) + { + if (!names[i].equals(siNames[i])) + { + fail("name registration authorities don't match."); + } + } + } + else if (si.getNameRegistrationAuthorities() != null) + { + fail("name registration authorities found when none expected."); + } + } + + public static void main( + String[] args) + { + runTest(new SemanticsInformationUnitTest()); + } +} diff --git a/bcprov/src/main/java/org/bouncycastle/asn1/test/SetTest.java b/bcprov/src/main/java/org/bouncycastle/asn1/test/SetTest.java new file mode 100644 index 00000000..9e568a9b --- /dev/null +++ b/bcprov/src/main/java/org/bouncycastle/asn1/test/SetTest.java @@ -0,0 +1,115 @@ +package org.bouncycastle.asn1.test; + +import org.bouncycastle.asn1.ASN1Boolean; +import org.bouncycastle.asn1.ASN1EncodableVector; +import org.bouncycastle.asn1.ASN1Integer; +import org.bouncycastle.asn1.ASN1Set; +import org.bouncycastle.asn1.ASN1TaggedObject; +import org.bouncycastle.asn1.BERSet; +import org.bouncycastle.asn1.DERBitString; +import org.bouncycastle.asn1.DEROctetString; +import org.bouncycastle.asn1.DERSequence; +import org.bouncycastle.asn1.DERSet; +import org.bouncycastle.asn1.DERTaggedObject; +import org.bouncycastle.util.test.SimpleTest; + +/** + * Set sorting test example + */ +public class SetTest + extends SimpleTest +{ + + public String getName() + { + return "Set"; + } + + private void checkedSortedSet(int attempt, ASN1Set s) + { + if (s.getObjectAt(0) instanceof ASN1Boolean + && s.getObjectAt(1) instanceof ASN1Integer + && s.getObjectAt(2) instanceof DERBitString + && s.getObjectAt(3) instanceof DEROctetString) + { + return; + } + + fail("sorting failed on attempt: " + attempt); + } + + public void performTest() + { + ASN1EncodableVector v = new ASN1EncodableVector(); + byte[] data = new byte[10]; + + v.add(new DEROctetString(data)); + v.add(new DERBitString(data)); + v.add(new ASN1Integer(100)); + v.add(ASN1Boolean.getInstance(true)); + + checkedSortedSet(0, new DERSet(v)); + + v = new ASN1EncodableVector(); + v.add(new ASN1Integer(100)); + v.add(ASN1Boolean.getInstance(true)); + v.add(new DEROctetString(data)); + v.add(new DERBitString(data)); + + checkedSortedSet(1, new DERSet(v)); + + v = new ASN1EncodableVector(); + v.add(ASN1Boolean.getInstance(true)); + v.add(new DEROctetString(data)); + v.add(new DERBitString(data)); + v.add(new ASN1Integer(100)); + + + checkedSortedSet(2, new DERSet(v)); + + v = new ASN1EncodableVector(); + v.add(new DERBitString(data)); + v.add(new DEROctetString(data)); + v.add(new ASN1Integer(100)); + v.add(ASN1Boolean.getInstance(true)); + + checkedSortedSet(3, new DERSet(v)); + + v = new ASN1EncodableVector(); + v.add(new DEROctetString(data)); + v.add(new DERBitString(data)); + v.add(new ASN1Integer(100)); + v.add(ASN1Boolean.getInstance(true)); + + ASN1Set s = new BERSet(v); + + if (!(s.getObjectAt(0) instanceof DEROctetString)) + { + fail("BER set sort order changed."); + } + + // create an implicitly tagged "set" without sorting + ASN1TaggedObject tag = new DERTaggedObject(false, 1, new DERSequence(v)); + s = ASN1Set.getInstance(tag, false); + + if (s.getObjectAt(0) instanceof ASN1Boolean) + { + fail("sorted when shouldn't be."); + } + + // equality test + v = new ASN1EncodableVector(); + + v.add(ASN1Boolean.getInstance(true)); + v.add(ASN1Boolean.getInstance(true)); + v.add(ASN1Boolean.getInstance(true)); + + s = new DERSet(v); + } + + public static void main( + String[] args) + { + runTest(new SetTest()); + } +} diff --git a/bcprov/src/main/java/org/bouncycastle/asn1/test/SignerLocationUnitTest.java b/bcprov/src/main/java/org/bouncycastle/asn1/test/SignerLocationUnitTest.java new file mode 100644 index 00000000..8d2c2c06 --- /dev/null +++ b/bcprov/src/main/java/org/bouncycastle/asn1/test/SignerLocationUnitTest.java @@ -0,0 +1,197 @@ +package org.bouncycastle.asn1.test; + +import java.io.IOException; + +import org.bouncycastle.asn1.ASN1EncodableVector; +import org.bouncycastle.asn1.ASN1InputStream; +import org.bouncycastle.asn1.ASN1Sequence; +import org.bouncycastle.asn1.DERSequence; +import org.bouncycastle.asn1.DERTaggedObject; +import org.bouncycastle.asn1.DERUTF8String; +import org.bouncycastle.asn1.esf.SignerLocation; +import org.bouncycastle.util.test.SimpleTest; + +public class SignerLocationUnitTest + extends SimpleTest +{ + public String getName() + { + return "SignerLocation"; + } + + public void performTest() + throws Exception + { + DERUTF8String countryName = new DERUTF8String("Australia"); + + SignerLocation sl = new SignerLocation(countryName, null, null); + + checkConstruction(sl, countryName, null, null); + + DERUTF8String localityName = new DERUTF8String("Melbourne"); + + sl = new SignerLocation(null, localityName, null); + + checkConstruction(sl, null, localityName, null); + + sl = new SignerLocation(countryName, localityName, null); + + checkConstruction(sl, countryName, localityName, null); + + ASN1EncodableVector v = new ASN1EncodableVector(); + + v.add(new DERUTF8String("line 1")); + v.add(new DERUTF8String("line 2")); + + ASN1Sequence postalAddress = new DERSequence(v); + + sl = new SignerLocation(null, null, postalAddress); + + checkConstruction(sl, null, null, postalAddress); + + sl = new SignerLocation(countryName, null, postalAddress); + + checkConstruction(sl, countryName, null, postalAddress); + + sl = new SignerLocation(countryName, localityName, postalAddress); + + checkConstruction(sl, countryName, localityName, postalAddress); + + sl = SignerLocation.getInstance(null); + + if (sl != null) + { + fail("null getInstance() failed."); + } + + try + { + SignerLocation.getInstance(new Object()); + + fail("getInstance() failed to detect bad object."); + } + catch (IllegalArgumentException e) + { + // expected + } + + // + // out of range postal address + // + v = new ASN1EncodableVector(); + + v.add(new DERUTF8String("line 1")); + v.add(new DERUTF8String("line 2")); + v.add(new DERUTF8String("line 3")); + v.add(new DERUTF8String("line 4")); + v.add(new DERUTF8String("line 5")); + v.add(new DERUTF8String("line 6")); + v.add(new DERUTF8String("line 7")); + + postalAddress = new DERSequence(v); + + try + { + new SignerLocation(null, null, postalAddress); + + fail("constructor failed to detect bad postalAddress."); + } + catch (IllegalArgumentException e) + { + // expected + } + + try + { + SignerLocation.getInstance(new DERSequence(new DERTaggedObject(2, postalAddress))); + + fail("sequence constructor failed to detect bad postalAddress."); + } + catch (IllegalArgumentException e) + { + // expected + } + + try + { + SignerLocation.getInstance(new DERSequence(new DERTaggedObject(5, postalAddress))); + + fail("sequence constructor failed to detect bad tag."); + } + catch (IllegalArgumentException e) + { + // expected + } + } + + private void checkConstruction( + SignerLocation sl, + DERUTF8String countryName, + DERUTF8String localityName, + ASN1Sequence postalAddress) + throws IOException + { + checkValues(sl, countryName, localityName, postalAddress); + + sl = SignerLocation.getInstance(sl); + + checkValues(sl, countryName, localityName, postalAddress); + + ASN1InputStream aIn = new ASN1InputStream(sl.toASN1Object().getEncoded()); + + ASN1Sequence seq = (ASN1Sequence)aIn.readObject(); + + sl = SignerLocation.getInstance(seq); + + checkValues(sl, countryName, localityName, postalAddress); + } + + private void checkValues( + SignerLocation sl, + DERUTF8String countryName, + DERUTF8String localityName, + ASN1Sequence postalAddress) + { + if (countryName != null) + { + if (!countryName.equals(sl.getCountryName())) + { + fail("countryNames don't match."); + } + } + else if (sl.getCountryName() != null) + { + fail("countryName found when none expected."); + } + + if (localityName != null) + { + if (!localityName.equals(sl.getLocalityName())) + { + fail("localityNames don't match."); + } + } + else if (sl.getLocalityName() != null) + { + fail("localityName found when none expected."); + } + + if (postalAddress != null) + { + if (!postalAddress.equals(sl.getPostalAddress())) + { + fail("postalAddresses don't match."); + } + } + else if (sl.getPostalAddress() != null) + { + fail("postalAddress found when none expected."); + } + } + + public static void main( + String[] args) + { + runTest(new SignerLocationUnitTest()); + } +} diff --git a/bcprov/src/main/java/org/bouncycastle/asn1/test/StringTest.java b/bcprov/src/main/java/org/bouncycastle/asn1/test/StringTest.java new file mode 100644 index 00000000..426c06ac --- /dev/null +++ b/bcprov/src/main/java/org/bouncycastle/asn1/test/StringTest.java @@ -0,0 +1,161 @@ +package org.bouncycastle.asn1.test; + +import java.io.IOException; + +import org.bouncycastle.asn1.ASN1Primitive; +import org.bouncycastle.asn1.ASN1String; +import org.bouncycastle.asn1.DERBMPString; +import org.bouncycastle.asn1.DERBitString; +import org.bouncycastle.asn1.DERGeneralString; +import org.bouncycastle.asn1.DERIA5String; +import org.bouncycastle.asn1.DERNumericString; +import org.bouncycastle.asn1.DERPrintableString; +import org.bouncycastle.asn1.DERT61String; +import org.bouncycastle.asn1.DERUTF8String; +import org.bouncycastle.asn1.DERUniversalString; +import org.bouncycastle.asn1.DERVisibleString; +import org.bouncycastle.util.Strings; +import org.bouncycastle.util.test.SimpleTest; + +/** + * X.690 test example + */ +public class StringTest + extends SimpleTest +{ + public String getName() + { + return "String"; + } + + public void performTest() + throws IOException + { + DERBitString bs = new DERBitString( + new byte[] { (byte)0x01,(byte)0x23,(byte)0x45,(byte)0x67,(byte)0x89,(byte)0xab,(byte)0xcd,(byte)0xef }); + + if (!bs.getString().equals("#0309000123456789ABCDEF")) + { + fail("DERBitString.getString() result incorrect"); + } + + if (!bs.toString().equals("#0309000123456789ABCDEF")) + { + fail("DERBitString.toString() result incorrect"); + } + + bs = new DERBitString( + new byte[] { (byte)0xfe,(byte)0xdc,(byte)0xba,(byte)0x98,(byte)0x76,(byte)0x54,(byte)0x32,(byte)0x10 }); + + if (!bs.getString().equals("#030900FEDCBA9876543210")) + { + fail("DERBitString.getString() result incorrect"); + } + + if (!bs.toString().equals("#030900FEDCBA9876543210")) + { + fail("DERBitString.toString() result incorrect"); + } + + DERUniversalString us = new DERUniversalString( + new byte[] { (byte)0x01,(byte)0x23,(byte)0x45,(byte)0x67,(byte)0x89,(byte)0xab,(byte)0xcd,(byte)0xef }); + + if (!us.getString().equals("#1C080123456789ABCDEF")) + { + fail("DERUniversalString.getString() result incorrect"); + } + + if (!us.toString().equals("#1C080123456789ABCDEF")) + { + fail("DERUniversalString.toString() result incorrect"); + } + + us = new DERUniversalString( + new byte[] { (byte)0xfe,(byte)0xdc,(byte)0xba,(byte)0x98,(byte)0x76,(byte)0x54,(byte)0x32,(byte)0x10 }); + + if (!us.getString().equals("#1C08FEDCBA9876543210")) + { + fail("DERUniversalString.getString() result incorrect"); + } + + if (!us.toString().equals("#1C08FEDCBA9876543210")) + { + fail("DERUniversalString.toString() result incorrect"); + } + + byte[] t61Bytes = new byte[] { -1, -2, -3, -4, -5, -6, -7, -8 }; + String t61String = new String(t61Bytes, "iso-8859-1"); + DERT61String t61 = new DERT61String(Strings.fromByteArray(t61Bytes)); + + if (!t61.getString().equals(t61String)) + { + fail("DERT61String.getString() result incorrect"); + } + + if (!t61.toString().equals(t61String)) + { + fail("DERT61String.toString() result incorrect"); + } + + char[] shortChars = new char[] { 'a', 'b', 'c', 'd', 'e'}; + char[] longChars = new char[1000]; + + for (int i = 0; i != longChars.length; i++) + { + longChars[i] = 'X'; + } + + checkString(new DERBMPString(new String(shortChars)), new DERBMPString(new String(longChars))); + checkString(new DERUTF8String(new String(shortChars)), new DERUTF8String(new String(longChars))); + checkString(new DERIA5String(new String(shortChars)), new DERIA5String(new String(longChars))); + checkString(new DERPrintableString(new String(shortChars)), new DERPrintableString(new String(longChars))); + checkString(new DERVisibleString(new String(shortChars)), new DERVisibleString(new String(longChars))); + checkString(new DERGeneralString(new String(shortChars)), new DERGeneralString(new String(longChars))); + checkString(new DERT61String(new String(shortChars)), new DERT61String(new String(longChars))); + + shortChars = new char[] { '1', '2', '3', '4', '5'}; + longChars = new char[1000]; + + for (int i = 0; i != longChars.length; i++) + { + longChars[i] = '1'; + } + + checkString(new DERNumericString(new String(shortChars)), new DERNumericString(new String(longChars))); + + byte[] shortBytes = new byte[] { (byte)'a', (byte)'b', (byte)'c', (byte)'d', (byte)'e'}; + byte[] longBytes = new byte[1000]; + + for (int i = 0; i != longChars.length; i++) + { + longBytes[i] = (byte)'X'; + } + + checkString(new DERUniversalString(shortBytes), new DERUniversalString(longBytes)); + + } + + private void checkString(ASN1String shortString, ASN1String longString) + throws IOException + { + ASN1String short2 = (ASN1String)ASN1Primitive.fromByteArray(((ASN1Primitive)shortString).getEncoded()); + + if (!shortString.toString().equals(short2.toString())) + { + fail(short2.getClass().getName() + " shortBytes result incorrect"); + } + + ASN1String long2 = (ASN1String)ASN1Primitive.fromByteArray(((ASN1Primitive)longString).getEncoded()); + + if (!longString.toString().equals(long2.toString())) + { + fail(long2.getClass().getName() + " longBytes result incorrect"); + } + } + + public static void main( + String[] args) + { + runTest(new StringTest()); + } +} diff --git a/bcprov/src/main/java/org/bouncycastle/asn1/test/SubjectKeyIdentifierTest.java b/bcprov/src/main/java/org/bouncycastle/asn1/test/SubjectKeyIdentifierTest.java new file mode 100644 index 00000000..9887a31e --- /dev/null +++ b/bcprov/src/main/java/org/bouncycastle/asn1/test/SubjectKeyIdentifierTest.java @@ -0,0 +1,48 @@ +package org.bouncycastle.asn1.test; + +import java.io.IOException; + +import org.bouncycastle.util.encoders.Base64; +import org.bouncycastle.util.encoders.Hex; +import org.bouncycastle.util.test.SimpleTest; + +public class SubjectKeyIdentifierTest + extends SimpleTest +{ + private static byte[] pubKeyInfo = Base64.decode( + "MFgwCwYJKoZIhvcNAQEBA0kAMEYCQQC6wMMmHYMZszT/7bNFMn+gaZoiWJLVP8ODRuu1C2jeAe" + + "QpxM+5Oe7PaN2GNy3nBE4EOYkB5pMJWA0y9n04FX8NAgED"); + + private static byte[] shaID = Hex.decode("d8128a06d6c2feb0865994a2936e7b75b836a021"); + private static byte[] shaTruncID = Hex.decode("436e7b75b836a021"); + + public String getName() + { + return "SubjectKeyIdentifier"; + } + + public void performTest() + throws IOException + { +// SubjectPublicKeyInfo pubInfo = SubjectPublicKeyInfo.getInstance(ASN1Primitive.fromByteArray(pubKeyInfo)); +// SubjectKeyIdentifier ski = SubjectKeyIdentifier.createSHA1KeyIdentifier(pubInfo); +// +// if (!Arrays.areEqual(shaID, ski.getKeyIdentifier())) +// { +// fail("SHA-1 ID does not match"); +// } +// +// ski = SubjectKeyIdentifier.createTruncatedSHA1KeyIdentifier(pubInfo); +// +// if (!Arrays.areEqual(shaTruncID, ski.getKeyIdentifier())) +// { +// fail("truncated SHA-1 ID does not match"); +// } + } + + public static void main( + String[] args) + { + runTest(new SubjectKeyIdentifierTest()); + } +} diff --git a/bcprov/src/main/java/org/bouncycastle/asn1/test/TagTest.java b/bcprov/src/main/java/org/bouncycastle/asn1/test/TagTest.java new file mode 100644 index 00000000..90489a7d --- /dev/null +++ b/bcprov/src/main/java/org/bouncycastle/asn1/test/TagTest.java @@ -0,0 +1,113 @@ +package org.bouncycastle.asn1.test; + +import java.io.IOException; +import java.security.SecureRandom; + +import org.bouncycastle.asn1.ASN1InputStream; +import org.bouncycastle.asn1.ASN1Primitive; +import org.bouncycastle.asn1.ASN1TaggedObject; +import org.bouncycastle.asn1.DERApplicationSpecific; +import org.bouncycastle.util.encoders.Base64; +import org.bouncycastle.util.encoders.Hex; +import org.bouncycastle.util.test.SimpleTest; + + +/** + * X.690 test example + */ +public class TagTest + extends SimpleTest +{ + byte[] longTagged = Base64.decode( + "ZSRzIp8gEEZFRENCQTk4NzY1NDMyMTCfIQwyMDA2MDQwMTEyMzSUCCAFERVz" + + "A4kCAHEXGBkalAggBRcYGRqUCCAFZS6QAkRFkQlURUNITklLRVKSBQECAwQF" + + "kxAREhMUFRYXGBkalAggBREVcwOJAgBxFxgZGpQIIAUXGBkalAggBWUukAJE" + + "RZEJVEVDSE5JS0VSkgUBAgMEBZMQERITFBUWFxgZGpQIIAURFXMDiQIAcRcY" + + "GRqUCCAFFxgZGpQIIAVlLpACREWRCVRFQ0hOSUtFUpIFAQIDBAWTEBESExQV" + + "FhcYGRqUCCAFERVzA4kCAHEXGBkalAggBRcYGRqUCCAFFxgZGpQIIAUXGBka" + + "lAg="); + + byte[] longAppSpecificTag = Hex.decode("5F610101"); + + public String getName() + { + return "Tag"; + } + + public void performTest() + throws IOException + { + ASN1InputStream aIn = new ASN1InputStream(longTagged); + + DERApplicationSpecific app = (DERApplicationSpecific)aIn.readObject(); + + aIn = new ASN1InputStream(app.getContents()); + + app = (DERApplicationSpecific)aIn.readObject(); + + aIn = new ASN1InputStream(app.getContents()); + + ASN1TaggedObject tagged = (ASN1TaggedObject)aIn.readObject(); + + if (tagged.getTagNo() != 32) + { + fail("unexpected tag value found - not 32"); + } + + tagged = (ASN1TaggedObject)ASN1Primitive.fromByteArray(tagged.getEncoded()); + + if (tagged.getTagNo() != 32) + { + fail("unexpected tag value found on recode - not 32"); + } + + tagged = (ASN1TaggedObject)aIn.readObject(); + + if (tagged.getTagNo() != 33) + { + fail("unexpected tag value found - not 33"); + } + + tagged = (ASN1TaggedObject)ASN1Primitive.fromByteArray(tagged.getEncoded()); + + if (tagged.getTagNo() != 33) + { + fail("unexpected tag value found on recode - not 33"); + } + + aIn = new ASN1InputStream(longAppSpecificTag); + + app = (DERApplicationSpecific)aIn.readObject(); + + if (app.getApplicationTag() != 97) + { + fail("incorrect tag number read"); + } + + app = (DERApplicationSpecific)ASN1Primitive.fromByteArray(app.getEncoded()); + + if (app.getApplicationTag() != 97) + { + fail("incorrect tag number read on recode"); + } + + SecureRandom sr = new SecureRandom(); + for (int i = 0; i < 100; ++i) + { + int testTag = sr.nextInt() >>> (1 + (sr.nextInt() >>> 1) % 26); + app = new DERApplicationSpecific(testTag, new byte[]{ 1 }); + app = (DERApplicationSpecific)ASN1Primitive.fromByteArray(app.getEncoded()); + + if (app.getApplicationTag() != testTag) + { + fail("incorrect tag number read on recode (random test value: " + testTag + ")"); + } + } + } + + public static void main( + String[] args) + { + runTest(new TagTest()); + } +} diff --git a/bcprov/src/main/java/org/bouncycastle/asn1/test/TargetInformationTest.java b/bcprov/src/main/java/org/bouncycastle/asn1/test/TargetInformationTest.java new file mode 100644 index 00000000..34dc70fd --- /dev/null +++ b/bcprov/src/main/java/org/bouncycastle/asn1/test/TargetInformationTest.java @@ -0,0 +1,48 @@ +package org.bouncycastle.asn1.test; + +import org.bouncycastle.asn1.x509.GeneralName; +import org.bouncycastle.asn1.x509.Target; +import org.bouncycastle.asn1.x509.TargetInformation; +import org.bouncycastle.asn1.x509.Targets; +import org.bouncycastle.util.test.SimpleTest; + +public class TargetInformationTest + extends SimpleTest +{ + + public String getName() + { + return "TargetInformation"; + } + + public void performTest() throws Exception + { + Target[] targets = new Target[2]; + Target targetName = new Target(Target.targetName, new GeneralName(GeneralName.dNSName, "www.test.com")); + Target targetGroup = new Target(Target.targetGroup, new GeneralName(GeneralName.directoryName, "o=Test, ou=Test")); + targets[0] = targetName; + targets[1] = targetGroup; + Targets targetss = new Targets(targets); + TargetInformation targetInformation1 = new TargetInformation(targetss); + // use an Target array + TargetInformation targetInformation2 = new TargetInformation(targets); + // targetInformation1 and targetInformation2 must have same + // encoding. + if (!targetInformation1.equals(targetInformation2)) + { + fail("targetInformation1 and targetInformation2 should have the same encoding."); + } + TargetInformation targetInformation3 = TargetInformation.getInstance(targetInformation1); + TargetInformation targetInformation4 = TargetInformation.getInstance(targetInformation2); + if (!targetInformation3.equals(targetInformation4)) + { + fail("targetInformation3 and targetInformation4 should have the same encoding."); + } + } + + public static void main(String[] args) + { + runTest(new TargetInformationTest()); + } +} + diff --git a/bcprov/src/main/java/org/bouncycastle/asn1/test/TypeOfBiometricDataUnitTest.java b/bcprov/src/main/java/org/bouncycastle/asn1/test/TypeOfBiometricDataUnitTest.java new file mode 100644 index 00000000..add21ce3 --- /dev/null +++ b/bcprov/src/main/java/org/bouncycastle/asn1/test/TypeOfBiometricDataUnitTest.java @@ -0,0 +1,144 @@ +package org.bouncycastle.asn1.test; + +import java.io.IOException; + +import org.bouncycastle.asn1.ASN1InputStream; +import org.bouncycastle.asn1.ASN1ObjectIdentifier; +import org.bouncycastle.asn1.ASN1Primitive; +import org.bouncycastle.asn1.x509.qualified.TypeOfBiometricData; +import org.bouncycastle.util.test.SimpleTest; + +public class TypeOfBiometricDataUnitTest + extends SimpleTest +{ + public String getName() + { + return "TypeOfBiometricData"; + } + + public void performTest() + throws Exception + { + // + // predefined + // + checkPredefinedType(TypeOfBiometricData.PICTURE); + + checkPredefinedType(TypeOfBiometricData.HANDWRITTEN_SIGNATURE); + + // + // non-predefined + // + ASN1ObjectIdentifier localType = new ASN1ObjectIdentifier("1.1"); + + TypeOfBiometricData type = new TypeOfBiometricData(localType); + + checkNonPredefined(type, localType); + + type = TypeOfBiometricData.getInstance(type); + + checkNonPredefined(type, localType); + + ASN1Primitive obj = type.toASN1Primitive(); + + type = TypeOfBiometricData.getInstance(obj); + + checkNonPredefined(type, localType); + + type = TypeOfBiometricData.getInstance(null); + + if (type != null) + { + fail("null getInstance() failed."); + } + + try + { + TypeOfBiometricData.getInstance(new Object()); + + fail("getInstance() failed to detect bad object."); + } + catch (IllegalArgumentException e) + { + // expected + } + + try + { + new TypeOfBiometricData(100); + + fail("constructor failed to detect bad predefined type."); + } + catch (IllegalArgumentException e) + { + // expected + } + + if (TypeOfBiometricData.PICTURE != 0) + { + fail("predefined picture should be 0"); + } + + if (TypeOfBiometricData.HANDWRITTEN_SIGNATURE != 1) + { + fail("predefined handwritten signature should be 1"); + } + } + + private void checkPredefinedType( + int predefinedType) + throws IOException + { + TypeOfBiometricData type = new TypeOfBiometricData(predefinedType); + + checkPredefined(type, predefinedType); + + type = TypeOfBiometricData.getInstance(type); + + checkPredefined(type, predefinedType); + + ASN1InputStream aIn = new ASN1InputStream(type.toASN1Object().getEncoded()); + + ASN1Primitive obj = aIn.readObject(); + + type = TypeOfBiometricData.getInstance(obj); + + checkPredefined(type, predefinedType); + } + + private void checkPredefined( + TypeOfBiometricData type, + int value) + { + if (!type.isPredefined()) + { + fail("predefined type expected but not found."); + } + + if (type.getPredefinedBiometricType() != value) + { + fail("predefined type does not match."); + } + } + + private void checkNonPredefined( + TypeOfBiometricData type, + ASN1ObjectIdentifier value) + { + if (type.isPredefined()) + { + fail("predefined type found when not expected."); + } + + if (!type.getBiometricDataOid().equals(value)) + { + fail("data oid does not match."); + } + } + + public static void main( + String[] args) + { + runTest(new TypeOfBiometricDataUnitTest()); + } +} diff --git a/bcprov/src/main/java/org/bouncycastle/asn1/test/UTCTimeTest.java b/bcprov/src/main/java/org/bouncycastle/asn1/test/UTCTimeTest.java new file mode 100644 index 00000000..8067e78c --- /dev/null +++ b/bcprov/src/main/java/org/bouncycastle/asn1/test/UTCTimeTest.java @@ -0,0 +1,108 @@ +package org.bouncycastle.asn1.test; + +import org.bouncycastle.asn1.DERUTCTime; +import org.bouncycastle.util.test.SimpleTest; + +import java.text.SimpleDateFormat; +import java.util.SimpleTimeZone; + +/** + * X.690 test example + */ +public class UTCTimeTest + extends SimpleTest +{ + String[] input = + { + "020122122220Z", + "020122122220-1000", + "020122122220+1000", + "020122122220+00", + "0201221222Z", + "0201221222-1000", + "0201221222+1000", + "0201221222+00", + "550122122220Z", + "5501221222Z" + }; + + String[] output = { + "20020122122220GMT+00:00", + "20020122122220GMT-10:00", + "20020122122220GMT+10:00", + "20020122122220GMT+00:00", + "20020122122200GMT+00:00", + "20020122122200GMT-10:00", + "20020122122200GMT+10:00", + "20020122122200GMT+00:00", + "19550122122220GMT+00:00", + "19550122122200GMT+00:00" + }; + + String[] zOutput1 = { + "20020122122220Z", + "20020122222220Z", + "20020122022220Z", + "20020122122220Z", + "20020122122200Z", + "20020122222200Z", + "20020122022200Z", + "20020122122200Z", + "19550122122220Z", + "19550122122200Z" + }; + + String[] zOutput2 = { + "20020122122220Z", + "20020122222220Z", + "20020122022220Z", + "20020122122220Z", + "20020122122200Z", + "20020122222200Z", + "20020122022200Z", + "20020122122200Z", + "19550122122220Z", + "19550122122200Z" + }; + + public String getName() + { + return "UTCTime"; + } + + public void performTest() + throws Exception + { + SimpleDateFormat yyyyF = new SimpleDateFormat("yyyyMMddHHmmss'Z'"); + SimpleDateFormat yyF = new SimpleDateFormat("yyyyMMddHHmmss'Z'"); + + yyyyF.setTimeZone(new SimpleTimeZone(0,"Z")); + yyF.setTimeZone(new SimpleTimeZone(0,"Z")); + + for (int i = 0; i != input.length; i++) + { + DERUTCTime t = new DERUTCTime(input[i]); + + if (!t.getAdjustedTime().equals(output[i])) + { + fail("failed conversion test " + i); + } + + if (!yyyyF.format(t.getAdjustedDate()).equals(zOutput1[i])) + { + fail("failed date conversion test " + i); + } + + if (!yyF.format(t.getDate()).equals(zOutput2[i])) + { + fail("failed date shortened conversion test " + i); + } + } + } + + public static void main( + String[] args) + { + runTest(new UTCTimeTest()); + } +} diff --git a/bcprov/src/main/java/org/bouncycastle/asn1/test/X500NameTest.java b/bcprov/src/main/java/org/bouncycastle/asn1/test/X500NameTest.java new file mode 100644 index 00000000..2822f8c0 --- /dev/null +++ b/bcprov/src/main/java/org/bouncycastle/asn1/test/X500NameTest.java @@ -0,0 +1,777 @@ +package org.bouncycastle.asn1.test; + +import java.io.ByteArrayInputStream; +import java.io.ByteArrayOutputStream; +import java.io.IOException; + +import org.bouncycastle.asn1.ASN1Encodable; +import org.bouncycastle.asn1.ASN1EncodableVector; +import org.bouncycastle.asn1.ASN1GeneralizedTime; +import org.bouncycastle.asn1.ASN1InputStream; +import org.bouncycastle.asn1.ASN1ObjectIdentifier; +import org.bouncycastle.asn1.ASN1OutputStream; +import org.bouncycastle.asn1.ASN1Primitive; +import org.bouncycastle.asn1.ASN1Sequence; +import org.bouncycastle.asn1.ASN1Set; +import org.bouncycastle.asn1.ASN1String; +import org.bouncycastle.asn1.ASN1TaggedObject; +import org.bouncycastle.asn1.DERIA5String; +import org.bouncycastle.asn1.DERPrintableString; +import org.bouncycastle.asn1.DERSequence; +import org.bouncycastle.asn1.DERSet; +import org.bouncycastle.asn1.DERTaggedObject; +import org.bouncycastle.asn1.DERUTF8String; +import org.bouncycastle.asn1.x500.RDN; +import org.bouncycastle.asn1.x500.X500Name; +import org.bouncycastle.asn1.x500.X500NameBuilder; +import org.bouncycastle.asn1.x500.style.BCStrictStyle; +import org.bouncycastle.asn1.x500.style.BCStyle; +import org.bouncycastle.asn1.x500.style.IETFUtils; +import org.bouncycastle.asn1.x509.X509DefaultEntryConverter; +import org.bouncycastle.util.encoders.Hex; +import org.bouncycastle.util.test.SimpleTest; + +public class X500NameTest + extends SimpleTest +{ + String[] subjects = + { + "C=AU,ST=Victoria,L=South Melbourne,O=Connect 4 Pty Ltd,OU=Webserver Team,CN=www2.connect4.com.au,E=webmaster@connect4.com.au", + "C=AU,ST=Victoria,L=South Melbourne,O=Connect 4 Pty Ltd,OU=Certificate Authority,CN=Connect 4 CA,E=webmaster@connect4.com.au", + "C=AU,ST=QLD,CN=SSLeay/rsa test cert", + "C=US,O=National Aeronautics and Space Administration,SERIALNUMBER=16+CN=Steve Schoch", + "E=cooke@issl.atl.hp.com,C=US,OU=Hewlett Packard Company (ISSL),CN=Paul A. Cooke", + "O=Sun Microsystems Inc,CN=store.sun.com", + "unstructuredAddress=192.168.1.33,unstructuredName=pixfirewall.ciscopix.com,CN=pixfirewall.ciscopix.com", + "CN=*.canal-plus.com,OU=Provided by TBS INTERNET http://www.tbs-certificats.com/,OU=\\ CANAL \\+,O=CANAL\\+DISTRIBUTION,L=issy les moulineaux,ST=Hauts de Seine,C=FR", + "O=Bouncy Castle,CN=www.bouncycastle.org\\ ", + "O=Bouncy Castle,CN=c:\\\\fred\\\\bob", + }; + + String[] hexSubjects = + { + "CN=\\20Test\\20X,O=\\20Test,C=GB", // input + "CN=\\ Test X,O=\\ Test,C=GB", // expected + "CN=\\20Test\\20X\\20,O=\\20Test,C=GB", // input + "CN=\\ Test X\\ ,O=\\ Test,C=GB" // expected + }; + + public String getName() + { + return "X500Name"; + } + + private static X500Name fromBytes( + byte[] bytes) + throws IOException + { + return X500Name.getInstance(new ASN1InputStream(new ByteArrayInputStream(bytes)).readObject()); + } + + private ASN1Encodable createEntryValue(ASN1ObjectIdentifier oid, String value) + { + X500NameBuilder builder = new X500NameBuilder(BCStyle.INSTANCE); + + builder.addRDN(oid, value); + + X500Name name = builder.build(); + + ASN1Sequence seq = (ASN1Sequence)name.toASN1Primitive(); + ASN1Set set = ASN1Set.getInstance(seq.getObjectAt(0).toASN1Primitive()); + seq = (ASN1Sequence)set.getObjectAt(0); + + return seq.getObjectAt(1); + } + + private ASN1Encodable createEntryValueFromString(ASN1ObjectIdentifier oid, String value) + { + X500NameBuilder builder = new X500NameBuilder(BCStyle.INSTANCE); + + builder.addRDN(oid, value); + + X500Name name = new X500Name(builder.build().toString()); + + ASN1Sequence seq = (ASN1Sequence)name.toASN1Primitive(); + ASN1Set set = ASN1Set.getInstance(seq.getObjectAt(0).toASN1Primitive()); + seq = (ASN1Sequence)set.getObjectAt(0); + + return seq.getObjectAt(1); + } + + private void testEncodingPrintableString(ASN1ObjectIdentifier oid, String value) + { + ASN1Encodable converted = createEntryValue(oid, value); + if (!(converted instanceof DERPrintableString)) + { + fail("encoding for " + oid + " not printable string"); + } + } + + private void testEncodingIA5String(ASN1ObjectIdentifier oid, String value) + { + ASN1Encodable converted = createEntryValue(oid, value); + if (!(converted instanceof DERIA5String)) + { + fail("encoding for " + oid + " not IA5String"); + } + } + + private void testEncodingUTF8String(ASN1ObjectIdentifier oid, String value) + throws IOException + { + ASN1Encodable converted = createEntryValue(oid, value); + if (!(converted instanceof DERUTF8String)) + { + fail("encoding for " + oid + " not IA5String"); + } + if (!value.equals((DERUTF8String.getInstance(converted.toASN1Primitive().getEncoded()).getString()))) + { + fail("decoding not correct"); + } + } + + private void testEncodingGeneralizedTime(ASN1ObjectIdentifier oid, String value) + { + ASN1Encodable converted = createEntryValue(oid, value); + if (!(converted instanceof ASN1GeneralizedTime)) + { + fail("encoding for " + oid + " not GeneralizedTime"); + } + converted = createEntryValueFromString(oid, value); + if (!(converted instanceof ASN1GeneralizedTime)) + { + fail("encoding for " + oid + " not GeneralizedTime"); + } + } + + public void performTest() + throws Exception + { + ietfUtilsTest(); + + testEncodingPrintableString(BCStyle.C, "AU"); + testEncodingPrintableString(BCStyle.SERIALNUMBER, "123456"); + testEncodingPrintableString(BCStyle.DN_QUALIFIER, "123456"); + testEncodingIA5String(BCStyle.EmailAddress, "test@test.com"); + testEncodingIA5String(BCStyle.DC, "test"); + // correct encoding + testEncodingGeneralizedTime(BCStyle.DATE_OF_BIRTH, "#180F32303032303132323132323232305A"); + // compatibility encoding + testEncodingGeneralizedTime(BCStyle.DATE_OF_BIRTH, "20020122122220Z"); + testEncodingUTF8String(BCStyle.CN, "Mörsky"); + + // + // composite + // + X500NameBuilder builder = new X500NameBuilder(BCStyle.INSTANCE); + + builder.addRDN(BCStyle.C, "AU"); + builder.addRDN(BCStyle.O, "The Legion of the Bouncy Castle"); + builder.addRDN(BCStyle.L, "Melbourne"); + builder.addRDN(BCStyle.ST, "Victoria"); + builder.addRDN(BCStyle.E, "feedback-crypto@bouncycastle.org"); + + X500Name name1 = builder.build(); + + if (!name1.equals(name1)) + { + fail("Failed same object test"); + } + +// if (!name1.equals(name1, true)) +// { +// fail("Failed same object test - in Order"); +// } + + builder = new X500NameBuilder(BCStyle.INSTANCE); + + builder.addRDN(BCStyle.C, "AU"); + builder.addRDN(BCStyle.O, "The Legion of the Bouncy Castle"); + builder.addRDN(BCStyle.L, "Melbourne"); + builder.addRDN(BCStyle.ST, "Victoria"); + builder.addRDN(BCStyle.E, "feedback-crypto@bouncycastle.org"); + + X500Name name2 = builder.build(); + + if (!name1.equals(name2)) + { + fail("Failed same name test"); + } + +// if (!name1.equals(name2, true)) +// { +// fail("Failed same name test - in Order"); +// } + + if (name1.hashCode() != name2.hashCode()) + { + fail("Failed same name test - in Order"); + } + + X500NameBuilder builder1 = new X500NameBuilder(BCStyle.INSTANCE); + + builder.addRDN(BCStyle.C, "AU"); + builder.addRDN(BCStyle.O, "The Legion of the Bouncy Castle"); + builder.addRDN(BCStyle.L, "Melbourne"); + builder.addRDN(BCStyle.ST, "Victoria"); + builder.addRDN(BCStyle.E, "feedback-crypto@bouncycastle.org"); + + X500NameBuilder builder2 = new X500NameBuilder(BCStyle.INSTANCE); + + builder.addRDN(BCStyle.E, "feedback-crypto@bouncycastle.org"); + builder.addRDN(BCStyle.C, "AU"); + builder.addRDN(BCStyle.O, "The Legion of the Bouncy Castle"); + builder.addRDN(BCStyle.L, "Melbourne"); + builder.addRDN(BCStyle.ST, "Victoria"); + + name1 = builder1.build(); + name2 = builder2.build(); + + if (!name1.equals(name2)) + { + fail("Failed reverse name test"); + } + + if (name1.hashCode() != name2.hashCode()) + { + fail("Failed reverse name test hashCode"); + } + +// if (name1.equals(name2, true)) +// { +// fail("Failed reverse name test - in Order"); +// } +// +// if (!name1.equals(name2, false)) +// { +// fail("Failed reverse name test - in Order false"); +// } + +// Vector oids = name1.getOIDs(); +// if (!compareVectors(oids, ord1)) +// { +// fail("oid comparison test"); +// } + /* + Vector val1 = new Vector(); + + val1.addElement("AU"); + val1.addElement("The Legion of the Bouncy Castle"); + val1.addElement("Melbourne"); + val1.addElement("Victoria"); + val1.addElement("feedback-crypto@bouncycastle.org"); + + name1 = new X500Name(ord1, val1); + + Vector values = name1.getValues(); + if (!compareVectors(values, val1)) + { + fail("value comparison test"); + } + + ord2 = new Vector(); + + ord2.addElement(X500Name.ST); + ord2.addElement(X500Name.ST); + ord2.addElement(X500Name.L); + ord2.addElement(X500Name.O); + ord2.addElement(X500Name.C); + + name1 = new X500Name(ord1, attrs); + name2 = new X500Name(ord2, attrs); + + if (name1.equals(name2)) + { + fail("Failed different name test"); + } + + ord2 = new Vector(); + + ord2.addElement(X500Name.ST); + ord2.addElement(X500Name.L); + ord2.addElement(X500Name.O); + ord2.addElement(X500Name.C); + + name1 = new X500Name(ord1, attrs); + name2 = new X500Name(ord2, attrs); + + if (name1.equals(name2)) + { + fail("Failed subset name test"); + } + + compositeTest(); + */ + ByteArrayOutputStream bOut; + ASN1OutputStream aOut; + ASN1InputStream aIn; + /* + // + // getValues test + // + Vector v1 = name1.getValues(X500Name.O); + + if (v1.size() != 1 || !v1.elementAt(0).equals("The Legion of the Bouncy Castle")) + { + fail("O test failed"); + } + + Vector v2 = name1.getValues(X500Name.L); + + if (v2.size() != 1 || !v2.elementAt(0).equals("Melbourne")) + { + fail("L test failed"); + } + */ + // + // general subjects test + // + for (int i = 0; i != subjects.length; i++) + { + X500Name name = new X500Name(subjects[i]); + + bOut = new ByteArrayOutputStream(); + aOut = new ASN1OutputStream(bOut); + + aOut.writeObject(name); + + aIn = new ASN1InputStream(new ByteArrayInputStream(bOut.toByteArray())); + + name = X500Name.getInstance(aIn.readObject()); + if (!name.toString().equals(subjects[i])) + { + fail("failed regeneration test " + i + " got: " + name.toString() + " expected " + subjects[i]); + } + } + + for (int i = 0; i < hexSubjects.length; i += 2) + { + X500Name name = new X500Name(hexSubjects[i]); + + bOut = new ByteArrayOutputStream(); + aOut = new ASN1OutputStream(bOut); + + aOut.writeObject(name); + + aIn = new ASN1InputStream(new ByteArrayInputStream(bOut.toByteArray())); + + name = X500Name.getInstance(aIn.readObject()); + if (!name.toString().equals(hexSubjects[i + 1])) + { + fail("failed hex regeneration test " + i + " got: " + name.toString() + " expected " + subjects[i]); + } + } + + // + // sort test + // + X500Name unsorted = new X500Name("SERIALNUMBER=BBB + CN=AA"); + + if (!fromBytes(unsorted.getEncoded()).toString().equals("CN=AA+SERIALNUMBER=BBB")) + { + fail("failed sort test 1"); + } + + unsorted = new X500Name("CN=AA + SERIALNUMBER=BBB"); + + if (!fromBytes(unsorted.getEncoded()).toString().equals("CN=AA+SERIALNUMBER=BBB")) + { + fail("failed sort test 2"); + } + + unsorted = new X500Name("SERIALNUMBER=B + CN=AA"); + + if (!fromBytes(unsorted.getEncoded()).toString().equals("SERIALNUMBER=B+CN=AA")) + { + fail("failed sort test 3"); + } + + unsorted = new X500Name("CN=AA + SERIALNUMBER=B"); + + if (!fromBytes(unsorted.getEncoded()).toString().equals("SERIALNUMBER=B+CN=AA")) + { + fail("failed sort test 4"); + } + + // + // equality tests + // + equalityTest(new X500Name("CN=The Legion"), new X500Name("CN=The Legion")); + equalityTest(new X500Name("CN= The Legion"), new X500Name("CN=The Legion")); + equalityTest(new X500Name("CN=The Legion "), new X500Name("CN=The Legion")); + equalityTest(new X500Name("CN= The Legion "), new X500Name("CN=The Legion")); + equalityTest(new X500Name("CN= the legion "), new X500Name("CN=The Legion")); + + equalityTest(new X500Name("CN= the legion+C=AU, O=Legion "), new X500Name("CN=The Legion+C=AU, O=Legion")); + // # test + + X500Name n1 = new X500Name("SERIALNUMBER=8,O=ABC,CN=ABC Class 3 CA,C=LT"); + X500Name n2 = new X500Name("2.5.4.5=8,O=ABC,CN=ABC Class 3 CA,C=LT"); + X500Name n3 = new X500Name("2.5.4.5=#130138,O=ABC,CN=ABC Class 3 CA,C=LT"); + + equalityTest(n1, n2); + equalityTest(n2, n3); + equalityTest(n3, n1); + + n1 = new X500Name("2.5.4.5=#130138,CN=SSC Class 3 CA,O=UAB Skaitmeninio sertifikavimo centras,C=LT"); + n2 = new X500Name("SERIALNUMBER=#130138,CN=SSC Class 3 CA,O=UAB Skaitmeninio sertifikavimo centras,C=LT"); + n3 = X500Name.getInstance(ASN1Primitive.fromByteArray(Hex.decode("3063310b3009060355040613024c54312f302d060355040a1326" + + "55414220536b6169746d656e696e696f20736572746966696b6176696d6f2063656e74726173311730150603550403130e53534320436c6173732033204341310a30080603550405130138"))); + + equalityTest(n1, n2); + equalityTest(n2, n3); + equalityTest(n3, n1); + + n1 = new X500Name("SERIALNUMBER=8,O=XX,CN=ABC Class 3 CA,C=LT"); + n2 = new X500Name("2.5.4.5=8,O=,CN=ABC Class 3 CA,C=LT"); + +// if (n1.equals(n2)) +// { +// fail("empty inequality check failed"); +// } + + n1 = new X500Name("SERIALNUMBER=8,O=,CN=ABC Class 3 CA,C=LT"); + n2 = new X500Name("2.5.4.5=8,O=,CN=ABC Class 3 CA,C=LT"); + + equalityTest(n1, n2); + + equalityTest(X500Name.getInstance(BCStrictStyle.INSTANCE, n1), X500Name.getInstance(BCStrictStyle.INSTANCE, n2)); + + n2 = new X500Name("C=LT,2.5.4.5=8,O=,CN=ABC Class 3 CA"); + + equalityTest(n1, n2); + + if (X500Name.getInstance(BCStrictStyle.INSTANCE, n1).equals(X500Name.getInstance(BCStrictStyle.INSTANCE, n2))) + { + fail("strict comparison failed"); + } + + // + // inequality to sequences + // + name1 = new X500Name("CN=The Legion"); + + if (name1.equals(new DERSequence())) + { + fail("inequality test with sequence"); + } + + if (name1.equals(new DERSequence(new DERSet()))) + { + fail("inequality test with sequence and set"); + } + + ASN1EncodableVector v = new ASN1EncodableVector(); + + v.add(new ASN1ObjectIdentifier("1.1")); + v.add(new ASN1ObjectIdentifier("1.1")); + if (name1.equals(new DERSequence(new DERSet(new DERSet(v))))) + { + fail("inequality test with sequence and bad set"); + } + + if (name1.equals(new DERSequence(new DERSet(new DERSet(v))))) + { + fail("inequality test with sequence and bad set"); + } + + if (name1.equals(new DERSequence(new DERSet(new DERSequence())))) + { + fail("inequality test with sequence and short sequence"); + } + + if (name1.equals(new DERSequence(new DERSet(new DERSequence())))) + { + fail("inequality test with sequence and short sequence"); + } + + v = new ASN1EncodableVector(); + + v.add(new ASN1ObjectIdentifier("1.1")); + v.add(new DERSequence()); + + if (name1.equals(new DERSequence(new DERSet(new DERSequence(v))))) + { + fail("inequality test with sequence and bad sequence"); + } + + if (name1.equals(null)) + { + fail("inequality test with null"); + } + +// if (name1.equals(null, true)) +// { +// fail("inequality test with null"); +// } + + // + // this is contrived but it checks sorting of sets with equal elements + // + unsorted = new X500Name("CN=AA + CN=AA + CN=AA"); + + ASN1ObjectIdentifier[] types = unsorted.getAttributeTypes(); + if (types.length != 3 || !types[0].equals(BCStyle.CN) || !types[1].equals(BCStyle.CN) || !types[2].equals(BCStyle.CN)) + { + fail("types not matched correctly"); + } + + // general type test + X500Name nested = new X500Name("CN=AA + CN=AA, C=AU"); + + types = nested.getAttributeTypes(); + if (types.length != 3 || !types[0].equals(BCStyle.CN) || !types[1].equals(BCStyle.CN) || !types[2].equals(BCStyle.C)) + { + fail("nested types not matched correctly"); + } + // + // tagging test - only works if CHOICE implemented + // + ASN1TaggedObject tag = new DERTaggedObject(false, 1, new X500Name("CN=AA")); + + if (!tag.isExplicit()) + { + fail("failed to explicitly tag CHOICE object"); + } + + X500Name name = X500Name.getInstance(tag, false); + + if (!name.equals(new X500Name("CN=AA"))) + { + fail("failed to recover tagged name"); + } + + DERUTF8String testString = new DERUTF8String("The Legion of the Bouncy Castle"); + byte[] encodedBytes = testString.getEncoded(); + byte[] hexEncodedBytes = Hex.encode(encodedBytes); + String hexEncodedString = "#" + new String(hexEncodedBytes); + + DERUTF8String converted = (DERUTF8String) + new X509DefaultEntryConverter().getConvertedValue( + BCStyle.L , hexEncodedString); + + if (!converted.equals(testString)) + { + fail("failed X509DefaultEntryConverter test"); + } + + // + // try escaped. + // + converted = (DERUTF8String) + new X509DefaultEntryConverter().getConvertedValue( + BCStyle.L , "\\" + hexEncodedString); + + if (!converted.equals(new DERUTF8String(hexEncodedString))) + { + fail("failed X509DefaultEntryConverter test got " + converted + " expected: " + hexEncodedString); + } + + // + // try a weird value + // + X500Name n = new X500Name("CN=\\#nothex#string"); + + if (!n.toString().equals("CN=\\#nothex#string")) + { + fail("# string not properly escaped."); + } + + RDN[] vls = n.getRDNs(BCStyle.CN); + if (vls.length != 1 || !getValue(vls[0]).equals("#nothex#string")) + { + fail("escaped # not reduced properly"); + } + + types = n.getAttributeTypes(); + if (types.length != 1 || !types[0].equals(BCStyle.CN)) + { + fail("type not matched correctly"); + } + + n = new X500Name("CN=\"a+b\""); + + vls = n.getRDNs(BCStyle.CN); + if (vls.length != 1 || !getValue(vls[0]).equals("a+b")) + { + fail("escaped + not reduced properly"); + } + + n = new X500Name("CN=a\\+b"); + + vls = n.getRDNs(BCStyle.CN); + if (vls.length != 1 || !getValue(vls[0]).equals("a+b")) + { + fail("escaped + not reduced properly"); + } + + if (!n.toString().equals("CN=a\\+b")) + { + fail("+ in string not properly escaped."); + } + + n = new X500Name("CN=a\\=b"); + + vls = n.getRDNs(BCStyle.CN); + if (vls.length != 1 || !getValue(vls[0]).equals("a=b")) + { + fail("escaped = not reduced properly"); + } + + if (!n.toString().equals("CN=a\\=b")) + { + fail("= in string not properly escaped."); + } + + n = new X500Name("TELEPHONENUMBER=\"+61999999999\""); + + vls = n.getRDNs(BCStyle.TELEPHONE_NUMBER); + if (vls.length != 1 || !getValue(vls[0]).equals("+61999999999")) + { + fail("telephonenumber escaped + not reduced properly"); + } + + n = new X500Name("TELEPHONENUMBER=\\+61999999999"); + + vls = n.getRDNs(BCStyle.TELEPHONE_NUMBER); + if (vls.length != 1 || !getValue(vls[0]).equals("+61999999999")) + { + fail("telephonenumber escaped + not reduced properly"); + } + + // test query methods + if (!"E".equals(BCStyle.INSTANCE.oidToDisplayName(BCStyle.EmailAddress))) + { + fail("display name for E incorrect"); + } + + String[] aliases = BCStyle.INSTANCE.oidToAttrNames(BCStyle.EmailAddress); + if (aliases.length != 2) + { + fail("no aliases found"); + } + if (!("e".equals(aliases[0]) || "e".equals(aliases[1]))) + { + fail("first alias name for E incorrect"); + } + if (!("emailaddress".equals(aliases[0]) || "emailaddress".equals(aliases[1]))) + { + fail("second alias name for E incorrect"); + } + + if (BCStyle.INSTANCE.oidToDisplayName(new ASN1ObjectIdentifier("1.2.1")) != null) + { + fail("unknown oid matched!"); + } + + if (BCStyle.INSTANCE.oidToAttrNames(new ASN1ObjectIdentifier("1.2.1")).length != 0) + { + fail("unknown oid matched aliases!"); + } + + if (!new X500Name("CN=\" CA1 - CP.04.03\", OU=Testing, OU=Dod, O=U.S. Government, C=US") + .equals(new X500Name("CN=\"ca1 - CP.04.03 \", OU=Testing, OU=Dod, O=U.S. Government, C=US"))) + { + fail("padded equality test failed"); + } + } + + private String getValue(RDN vl) + { + return ((ASN1String)vl.getFirst().getValue()).getString(); + } + + private void ietfUtilsTest() + throws Exception + { + IETFUtils.valueToString(new DERUTF8String(" ")); + } + + /* + private boolean compareVectors(Vector a, Vector b) // for compatibility with early JDKs + { + if (a.size() != b.size()) + { + return false; + } + + for (int i = 0; i != a.size(); i++) + { + if (!a.elementAt(i).equals(b.elementAt(i))) + { + return false; + } + } + + return true; + } + + private void compositeTest() + throws IOException + { + // + // composite test + // + byte[] enc = Hex.decode("305e310b300906035504061302415531283026060355040a0c1f546865204c6567696f6e206f662074686520426f756e637920436173746c653125301006035504070c094d656c626f75726e653011060355040b0c0a4173636f742056616c65"); + ASN1InputStream aIn = new ASN1InputStream(new ByteArrayInputStream(enc)); + + X500Name n = X500Name.getInstance(aIn.readObject()); + + if (!n.toString().equals("C=AU,O=The Legion of the Bouncy Castle,L=Melbourne+OU=Ascot Vale")) + { + fail("Failed composite to string test got: " + n.toString()); + } + + if (!n.toString(true, X500Name.DefaultSymbols).equals("L=Melbourne+OU=Ascot Vale,O=The Legion of the Bouncy Castle,C=AU")) + { + fail("Failed composite to string test got: " + n.toString(true, X500Name.DefaultSymbols)); + } + + n = new X500Name(true, "L=Melbourne+OU=Ascot Vale,O=The Legion of the Bouncy Castle,C=AU"); + if (!n.toString().equals("C=AU,O=The Legion of the Bouncy Castle,L=Melbourne+OU=Ascot Vale")) + { + fail("Failed composite to string reversal test got: " + n.toString()); + } + + n = new X500Name("C=AU, O=The Legion of the Bouncy Castle, L=Melbourne + OU=Ascot Vale"); + + ByteArrayOutputStream bOut = new ByteArrayOutputStream(); + ASN1OutputStream aOut = new ASN1OutputStream(bOut); + + aOut.writeObject(n); + + byte[] enc2 = bOut.toByteArray(); + + if (!Arrays.areEqual(enc, enc2)) + { + fail("Failed composite string to encoding test"); + } + + // + // dud name test - handle empty DN without barfing. + // + n = new X500Name("C=CH,O=,OU=dummy,CN=mail@dummy.com"); + + n = X500Name.getInstance(ASN1Object.fromByteArray(n.getEncoded())); + } + */ + private void equalityTest(X500Name name1, X500Name name2) + { + if (!name1.equals(name2)) + { + fail("equality test failed for " + name1 + " : " + name2); + } + + if (name1.hashCode() != name2.hashCode()) + { + fail("hashCodeTest test failed for " + name1 + " : " + name2); + } + } + + + public static void main( + String[] args) + { + runTest(new X500NameTest()); + } +} diff --git a/bcprov/src/main/java/org/bouncycastle/asn1/test/X509ExtensionsTest.java b/bcprov/src/main/java/org/bouncycastle/asn1/test/X509ExtensionsTest.java new file mode 100644 index 00000000..008d4d8c --- /dev/null +++ b/bcprov/src/main/java/org/bouncycastle/asn1/test/X509ExtensionsTest.java @@ -0,0 +1,105 @@ +package org.bouncycastle.asn1.test; + +import org.bouncycastle.asn1.ASN1ObjectIdentifier; +import org.bouncycastle.asn1.x509.X509Extensions; +import org.bouncycastle.asn1.x509.X509ExtensionsGenerator; +import org.bouncycastle.util.test.SimpleTest; + +public class X509ExtensionsTest + extends SimpleTest +{ + private static final ASN1ObjectIdentifier OID_2 = new ASN1ObjectIdentifier("1.2.2"); + private static final ASN1ObjectIdentifier OID_3 = new ASN1ObjectIdentifier("1.2.3"); + private static final ASN1ObjectIdentifier OID_1 = new ASN1ObjectIdentifier("1.2.1"); + + public String getName() + { + return "X509Extensions"; + } + + public void performTest() throws Exception + { + X509ExtensionsGenerator gen = new X509ExtensionsGenerator(); + + gen.addExtension(OID_1, true, new byte[20]); + gen.addExtension(OID_2, true, new byte[20]); + + X509Extensions ext1 = gen.generate(); + X509Extensions ext2 = gen.generate(); + + if (!ext1.equals(ext2)) + { + fail("equals test failed"); + } + + gen.reset(); + + gen.addExtension(OID_2, true, new byte[20]); + gen.addExtension(OID_1, true, new byte[20]); + + ext2 = gen.generate(); + + if (ext1.equals(ext2)) + { + fail("inequality test failed"); + } + + if (!ext1.equivalent(ext2)) + { + fail("equivalence true failed"); + } + + gen.reset(); + + gen.addExtension(OID_1, true, new byte[22]); + gen.addExtension(OID_2, true, new byte[20]); + + ext2 = gen.generate(); + + if (ext1.equals(ext2)) + { + fail("inequality 1 failed"); + } + + if (ext1.equivalent(ext2)) + { + fail("non-equivalence 1 failed"); + } + + gen.reset(); + + gen.addExtension(OID_3, true, new byte[20]); + gen.addExtension(OID_2, true, new byte[20]); + + ext2 = gen.generate(); + + if (ext1.equals(ext2)) + { + fail("inequality 2 failed"); + } + + if (ext1.equivalent(ext2)) + { + fail("non-equivalence 2 failed"); + } + + try + { + gen.addExtension(OID_2, true, new byte[20]); + fail("repeated oid"); + } + catch (IllegalArgumentException e) + { + if (!e.getMessage().equals("extension 1.2.2 already added")) + { + fail("wrong exception on repeated oid: " + e.getMessage()); + } + } + } + + public static void main( + String[] args) + { + runTest(new X509ExtensionsTest()); + } +} diff --git a/bcprov/src/main/java/org/bouncycastle/asn1/test/X509NameTest.java b/bcprov/src/main/java/org/bouncycastle/asn1/test/X509NameTest.java new file mode 100644 index 00000000..f1ae757d --- /dev/null +++ b/bcprov/src/main/java/org/bouncycastle/asn1/test/X509NameTest.java @@ -0,0 +1,693 @@ +package org.bouncycastle.asn1.test; + +import java.io.ByteArrayInputStream; +import java.io.ByteArrayOutputStream; +import java.io.IOException; +import java.util.Hashtable; +import java.util.Vector; + +import org.bouncycastle.asn1.ASN1Encodable; +import org.bouncycastle.asn1.ASN1EncodableVector; +import org.bouncycastle.asn1.ASN1GeneralizedTime; +import org.bouncycastle.asn1.ASN1InputStream; +import org.bouncycastle.asn1.ASN1ObjectIdentifier; +import org.bouncycastle.asn1.ASN1OutputStream; +import org.bouncycastle.asn1.ASN1Primitive; +import org.bouncycastle.asn1.ASN1Sequence; +import org.bouncycastle.asn1.ASN1Set; +import org.bouncycastle.asn1.DERIA5String; +import org.bouncycastle.asn1.DERPrintableString; +import org.bouncycastle.asn1.DERSequence; +import org.bouncycastle.asn1.DERSet; +import org.bouncycastle.asn1.DERUTF8String; +import org.bouncycastle.asn1.x500.X500Name; +import org.bouncycastle.asn1.x500.X500NameBuilder; +import org.bouncycastle.asn1.x500.style.BCStyle; +import org.bouncycastle.asn1.x509.X509DefaultEntryConverter; +import org.bouncycastle.asn1.x509.X509Name; +import org.bouncycastle.util.Arrays; +import org.bouncycastle.util.encoders.Hex; +import org.bouncycastle.util.test.SimpleTest; + +public class X509NameTest + extends SimpleTest +{ + String[] subjects = + { + "C=AU,ST=Victoria,L=South Melbourne,O=Connect 4 Pty Ltd,OU=Webserver Team,CN=www2.connect4.com.au,E=webmaster@connect4.com.au", + "C=AU,ST=Victoria,L=South Melbourne,O=Connect 4 Pty Ltd,OU=Certificate Authority,CN=Connect 4 CA,E=webmaster@connect4.com.au", + "C=AU,ST=QLD,CN=SSLeay/rsa test cert", + "C=US,O=National Aeronautics and Space Administration,SERIALNUMBER=16+CN=Steve Schoch", + "E=cooke@issl.atl.hp.com,C=US,OU=Hewlett Packard Company (ISSL),CN=Paul A. Cooke", + "O=Sun Microsystems Inc,CN=store.sun.com", + "unstructuredAddress=192.168.1.33,unstructuredName=pixfirewall.ciscopix.com,CN=pixfirewall.ciscopix.com", + "CN=*.canal-plus.com,OU=Provided by TBS INTERNET http://www.tbs-certificats.com/,OU=\\ CANAL \\+,O=CANAL\\+DISTRIBUTION,L=issy les moulineaux,ST=Hauts de Seine,C=FR", + "O=Bouncy Castle,CN=www.bouncycastle.org\\ ", + "O=Bouncy Castle,CN=c:\\\\fred\\\\bob" + }; + + public String getName() + { + return "X509Name"; + } + + private static X509Name fromBytes( + byte[] bytes) + throws IOException + { + return X509Name.getInstance(new ASN1InputStream(new ByteArrayInputStream(bytes)).readObject()); + } + + private ASN1Encodable createEntryValue(ASN1ObjectIdentifier oid, String value) + { + Hashtable attrs = new Hashtable(); + + attrs.put(oid, value); + + Vector order = new Vector(); + + order.addElement(oid); + + X509Name name = new X509Name(order, attrs); + + ASN1Sequence seq = (ASN1Sequence)name.toASN1Primitive(); + ASN1Set set = (ASN1Set)seq.getObjectAt(0); + seq = (ASN1Sequence)set.getObjectAt(0); + + return seq.getObjectAt(1); + } + + private ASN1Encodable createEntryValueFromString(ASN1ObjectIdentifier oid, String value) + { + Hashtable attrs = new Hashtable(); + + attrs.put(oid, value); + + Vector order = new Vector(); + + order.addElement(oid); + + X509Name name = new X509Name(new X509Name(order, attrs).toString()); + + ASN1Sequence seq = (ASN1Sequence)name.toASN1Primitive(); + ASN1Set set = (ASN1Set)seq.getObjectAt(0); + seq = (ASN1Sequence)set.getObjectAt(0); + + return seq.getObjectAt(1); + } + + private void testEncodingPrintableString(ASN1ObjectIdentifier oid, String value) + { + ASN1Encodable converted = createEntryValue(oid, value); + if (!(converted instanceof DERPrintableString)) + { + fail("encoding for " + oid + " not printable string"); + } + } + + private void testEncodingIA5String(ASN1ObjectIdentifier oid, String value) + { + ASN1Encodable converted = createEntryValue(oid, value); + if (!(converted instanceof DERIA5String)) + { + fail("encoding for " + oid + " not IA5String"); + } + } + + + private void testEncodingUTF8String(ASN1ObjectIdentifier oid, String value) + throws IOException + { + ASN1Encodable converted = createEntryValue(oid, value); + if (!(converted instanceof DERUTF8String)) + { + fail("encoding for " + oid + " not IA5String"); + } + if (!value.equals((DERUTF8String.getInstance(converted.toASN1Primitive().getEncoded()).getString()))) + { + fail("decoding not correct"); + } + } + + private void testEncodingGeneralizedTime(ASN1ObjectIdentifier oid, String value) + { + ASN1Encodable converted = createEntryValue(oid, value); + if (!(converted instanceof ASN1GeneralizedTime)) + { + fail("encoding for " + oid + " not GeneralizedTime"); + } + converted = createEntryValueFromString(oid, value); + if (!(converted instanceof ASN1GeneralizedTime)) + { + fail("encoding for " + oid + " not GeneralizedTime"); + } + } + + public void performTest() + throws Exception + { + testEncodingPrintableString(X509Name.C, "AU"); + testEncodingPrintableString(X509Name.SERIALNUMBER, "123456"); + testEncodingPrintableString(X509Name.DN_QUALIFIER, "123456"); + testEncodingIA5String(X509Name.EmailAddress, "test@test.com"); + testEncodingIA5String(X509Name.DC, "test"); + // correct encoding + testEncodingGeneralizedTime(X509Name.DATE_OF_BIRTH, "#180F32303032303132323132323232305A"); + // compatibility encoding + testEncodingGeneralizedTime(X509Name.DATE_OF_BIRTH, "20020122122220Z"); + testEncodingUTF8String(X509Name.CN, "Mörsky"); + // + // composite + // + Hashtable attrs = new Hashtable(); + + attrs.put(X509Name.C, "AU"); + attrs.put(X509Name.O, "The Legion of the Bouncy Castle"); + attrs.put(X509Name.L, "Melbourne"); + attrs.put(X509Name.ST, "Victoria"); + attrs.put(X509Name.E, "feedback-crypto@bouncycastle.org"); + + Vector order = new Vector(); + + order.addElement(X509Name.C); + order.addElement(X509Name.O); + order.addElement(X509Name.L); + order.addElement(X509Name.ST); + order.addElement(X509Name.E); + + X509Name name1 = new X509Name(order, attrs); + + if (!name1.equals(name1)) + { + fail("Failed same object test"); + } + + if (!name1.equals(name1, true)) + { + fail("Failed same object test - in Order"); + } + + X509Name name2 = new X509Name(order, attrs); + + if (!name1.equals(name2)) + { + fail("Failed same name test"); + } + + if (!name1.equals(name2, true)) + { + fail("Failed same name test - in Order"); + } + + if (name1.hashCode() != name2.hashCode()) + { + fail("Failed same name test - in Order"); + } + + Vector ord1 = new Vector(); + + ord1.addElement(X509Name.C); + ord1.addElement(X509Name.O); + ord1.addElement(X509Name.L); + ord1.addElement(X509Name.ST); + ord1.addElement(X509Name.E); + + Vector ord2 = new Vector(); + + ord2.addElement(X509Name.E); + ord2.addElement(X509Name.ST); + ord2.addElement(X509Name.L); + ord2.addElement(X509Name.O); + ord2.addElement(X509Name.C); + + name1 = new X509Name(ord1, attrs); + name2 = new X509Name(ord2, attrs); + + if (!name1.equals(name2)) + { + fail("Failed reverse name test"); + } + + if (name1.hashCode() != name2.hashCode()) + { + fail("Failed reverse name test hashCode"); + } + + if (name1.equals(name2, true)) + { + fail("Failed reverse name test - in Order"); + } + + if (!name1.equals(name2, false)) + { + fail("Failed reverse name test - in Order false"); + } + + Vector oids = name1.getOIDs(); + if (!compareVectors(oids, ord1)) + { + fail("oid comparison test"); + } + + Vector val1 = new Vector(); + + val1.addElement("AU"); + val1.addElement("The Legion of the Bouncy Castle"); + val1.addElement("Melbourne"); + val1.addElement("Victoria"); + val1.addElement("feedback-crypto@bouncycastle.org"); + + name1 = new X509Name(ord1, val1); + + Vector values = name1.getValues(); + if (!compareVectors(values, val1)) + { + fail("value comparison test"); + } + + ord2 = new Vector(); + + ord2.addElement(X509Name.ST); + ord2.addElement(X509Name.ST); + ord2.addElement(X509Name.L); + ord2.addElement(X509Name.O); + ord2.addElement(X509Name.C); + + name1 = new X509Name(ord1, attrs); + name2 = new X509Name(ord2, attrs); + + if (name1.equals(name2)) + { + fail("Failed different name test"); + } + + ord2 = new Vector(); + + ord2.addElement(X509Name.ST); + ord2.addElement(X509Name.L); + ord2.addElement(X509Name.O); + ord2.addElement(X509Name.C); + + name1 = new X509Name(ord1, attrs); + name2 = new X509Name(ord2, attrs); + + if (name1.equals(name2)) + { + fail("Failed subset name test"); + } + + compositeTest(); + + ByteArrayOutputStream bOut; + ASN1OutputStream aOut; + ASN1InputStream aIn; + + // + // getValues test + // + Vector v1 = name1.getValues(X509Name.O); + + if (v1.size() != 1 || !v1.elementAt(0).equals("The Legion of the Bouncy Castle")) + { + fail("O test failed"); + } + + Vector v2 = name1.getValues(X509Name.L); + + if (v2.size() != 1 || !v2.elementAt(0).equals("Melbourne")) + { + fail("L test failed"); + } + + // + // general subjects test + // + for (int i = 0; i != subjects.length; i++) + { + X509Name name = new X509Name(subjects[i]); + + bOut = new ByteArrayOutputStream(); + aOut = new ASN1OutputStream(bOut); + + aOut.writeObject(name); + + aIn = new ASN1InputStream(new ByteArrayInputStream(bOut.toByteArray())); + + name = X509Name.getInstance(aIn.readObject()); + + if (!name.toString().equals(subjects[i])) + { + fail("failed regeneration test " + i + " got " + name.toString()); + } + } + + // + // sort test + // + X509Name unsorted = new X509Name("SERIALNUMBER=BBB + CN=AA"); + + if (!fromBytes(unsorted.getEncoded()).toString().equals("CN=AA+SERIALNUMBER=BBB")) + { + fail("failed sort test 1"); + } + + unsorted = new X509Name("CN=AA + SERIALNUMBER=BBB"); + + if (!fromBytes(unsorted.getEncoded()).toString().equals("CN=AA+SERIALNUMBER=BBB")) + { + fail("failed sort test 2"); + } + + unsorted = new X509Name("SERIALNUMBER=B + CN=AA"); + + if (!fromBytes(unsorted.getEncoded()).toString().equals("SERIALNUMBER=B+CN=AA")) + { + fail("failed sort test 3"); + } + + unsorted = new X509Name("CN=AA + SERIALNUMBER=B"); + + if (!fromBytes(unsorted.getEncoded()).toString().equals("SERIALNUMBER=B+CN=AA")) + { + fail("failed sort test 4"); + } + + // + // equality tests + // + equalityTest(new X509Name("CN=The Legion"), new X509Name("CN=The Legion")); + equalityTest(new X509Name("CN= The Legion"), new X509Name("CN=The Legion")); + equalityTest(new X509Name("CN=The Legion "), new X509Name("CN=The Legion")); + equalityTest(new X509Name("CN= The Legion "), new X509Name("CN=The Legion")); + equalityTest(new X509Name("CN= the legion "), new X509Name("CN=The Legion")); + + // # test + + X509Name n1 = new X509Name("SERIALNUMBER=8,O=ABC,CN=ABC Class 3 CA,C=LT"); + X509Name n2 = new X509Name("2.5.4.5=8,O=ABC,CN=ABC Class 3 CA,C=LT"); + X509Name n3 = new X509Name("2.5.4.5=#130138,O=ABC,CN=ABC Class 3 CA,C=LT"); + + equalityTest(n1, n2); + equalityTest(n2, n3); + equalityTest(n3, n1); + + n1 = new X509Name(true, "2.5.4.5=#130138,CN=SSC Class 3 CA,O=UAB Skaitmeninio sertifikavimo centras,C=LT"); + n2 = new X509Name(true, "SERIALNUMBER=#130138,CN=SSC Class 3 CA,O=UAB Skaitmeninio sertifikavimo centras,C=LT"); + n3 = X509Name.getInstance(ASN1Primitive.fromByteArray(Hex.decode("3063310b3009060355040613024c54312f302d060355040a1326" + + "55414220536b6169746d656e696e696f20736572746966696b6176696d6f2063656e74726173311730150603550403130e53534320436c6173732033204341310a30080603550405130138"))); + + equalityTest(n1, n2); + equalityTest(n2, n3); + equalityTest(n3, n1); + + n1 = new X509Name("SERIALNUMBER=8,O=XX,CN=ABC Class 3 CA,C=LT"); + n2 = new X509Name("2.5.4.5=8,O=,CN=ABC Class 3 CA,C=LT"); + + if (n1.equals(n2)) + { + fail("empty inequality check failed"); + } + + n1 = new X509Name("SERIALNUMBER=8,O=,CN=ABC Class 3 CA,C=LT"); + n2 = new X509Name("2.5.4.5=8,O=,CN=ABC Class 3 CA,C=LT"); + + equalityTest(n1, n2); + + // + // inequality to sequences + // + name1 = new X509Name("CN=The Legion"); + + if (name1.equals(new DERSequence())) + { + fail("inequality test with sequence"); + } + + if (name1.equals(new DERSequence(new DERSet()))) + { + fail("inequality test with sequence and set"); + } + + ASN1EncodableVector v = new ASN1EncodableVector(); + + v.add(new ASN1ObjectIdentifier("1.1")); + v.add(new ASN1ObjectIdentifier("1.1")); + if (name1.equals(new DERSequence(new DERSet(new DERSet(v))))) + { + fail("inequality test with sequence and bad set"); + } + + if (name1.equals(new DERSequence(new DERSet(new DERSet(v))), true)) + { + fail("inequality test with sequence and bad set"); + } + + if (name1.equals(new DERSequence(new DERSet(new DERSequence())))) + { + fail("inequality test with sequence and short sequence"); + } + + if (name1.equals(new DERSequence(new DERSet(new DERSequence())), true)) + { + fail("inequality test with sequence and short sequence"); + } + + v = new ASN1EncodableVector(); + + v.add(new ASN1ObjectIdentifier("1.1")); + v.add(new DERSequence()); + + if (name1.equals(new DERSequence(new DERSet(new DERSequence(v))))) + { + fail("inequality test with sequence and bad sequence"); + } + + if (name1.equals(null)) + { + fail("inequality test with null"); + } + + if (name1.equals(null, true)) + { + fail("inequality test with null"); + } + + // + // this is contrived but it checks sorting of sets with equal elements + // + unsorted = new X509Name("CN=AA + CN=AA + CN=AA"); + + // + // tagging test - only works if CHOICE implemented + // + /* + ASN1TaggedObject tag = new DERTaggedObject(false, 1, new X509Name("CN=AA")); + + if (!tag.isExplicit()) + { + fail("failed to explicitly tag CHOICE object"); + } + + X509Name name = X509Name.getInstance(tag, false); + + if (!name.equals(new X509Name("CN=AA"))) + { + fail("failed to recover tagged name"); + } + */ + + DERUTF8String testString = new DERUTF8String("The Legion of the Bouncy Castle"); + byte[] encodedBytes = testString.getEncoded(); + byte[] hexEncodedBytes = Hex.encode(encodedBytes); + String hexEncodedString = "#" + new String(hexEncodedBytes); + + DERUTF8String converted = (DERUTF8String) + new X509DefaultEntryConverter().getConvertedValue( + X509Name.L , hexEncodedString); + + if (!converted.equals(testString)) + { + fail("failed X509DefaultEntryConverter test"); + } + + // + // try escaped. + // + converted = (DERUTF8String) + new X509DefaultEntryConverter().getConvertedValue( + X509Name.L , "\\" + hexEncodedString); + + if (!converted.equals(new DERUTF8String(hexEncodedString))) + { + fail("failed X509DefaultEntryConverter test got " + converted + " expected: " + hexEncodedString); + } + + // + // try a weird value + // + X509Name n = new X509Name("CN=\\#nothex#string"); + + if (!n.toString().equals("CN=\\#nothex#string")) + { + fail("# string not properly escaped."); + } + + Vector vls = n.getValues(X509Name.CN); + if (vls.size() != 1 || !vls.elementAt(0).equals("#nothex#string")) + { + fail("escaped # not reduced properly"); + } + + n = new X509Name("CN=\"a+b\""); + + vls = n.getValues(X509Name.CN); + if (vls.size() != 1 || !vls.elementAt(0).equals("a+b")) + { + fail("escaped + not reduced properly"); + } + + n = new X509Name("CN=a\\+b"); + + vls = n.getValues(X509Name.CN); + if (vls.size() != 1 || !vls.elementAt(0).equals("a+b")) + { + fail("escaped + not reduced properly"); + } + + if (!n.toString().equals("CN=a\\+b")) + { + fail("+ in string not properly escaped."); + } + + n = new X509Name("CN=a\\=b"); + + vls = n.getValues(X509Name.CN); + if (vls.size() != 1 || !vls.elementAt(0).equals("a=b")) + { + fail("escaped = not reduced properly"); + } + + if (!n.toString().equals("CN=a\\=b")) + { + fail("= in string not properly escaped."); + } + + n = new X509Name("TELEPHONENUMBER=\"+61999999999\""); + + vls = n.getValues(X509Name.TELEPHONE_NUMBER); + if (vls.size() != 1 || !vls.elementAt(0).equals("+61999999999")) + { + fail("telephonenumber escaped + not reduced properly"); + } + + n = new X509Name("TELEPHONENUMBER=\\+61999999999"); + + vls = n.getValues(X509Name.TELEPHONE_NUMBER); + if (vls.size() != 1 || !vls.elementAt(0).equals("+61999999999")) + { + fail("telephonenumber escaped + not reduced properly"); + } + + // migration + X500NameBuilder builder = new X500NameBuilder(BCStyle.INSTANCE); + builder.addMultiValuedRDN(new ASN1ObjectIdentifier[] { BCStyle.CN, BCStyle.SN }, new String[] { "Thomas", "CVR:12341233-UID:1111" }); + builder.addRDN(BCStyle.O, "Test"); + builder.addRDN(BCStyle.C, "DK"); + + X500Name subject = builder.build(); + ASN1Primitive derObject = subject.toASN1Primitive(); + X509Name instance = X509Name.getInstance(derObject); + } + + private boolean compareVectors(Vector a, Vector b) // for compatibility with early JDKs + { + if (a.size() != b.size()) + { + return false; + } + + for (int i = 0; i != a.size(); i++) + { + if (!a.elementAt(i).equals(b.elementAt(i))) + { + return false; + } + } + + return true; + } + + private void compositeTest() + throws IOException + { + // + // composite test + // + byte[] enc = Hex.decode("305e310b300906035504061302415531283026060355040a0c1f546865204c6567696f6e206f662074686520426f756e637920436173746c653125301006035504070c094d656c626f75726e653011060355040b0c0a4173636f742056616c65"); + ASN1InputStream aIn = new ASN1InputStream(new ByteArrayInputStream(enc)); + + X509Name n = X509Name.getInstance(aIn.readObject()); + + if (!n.toString().equals("C=AU,O=The Legion of the Bouncy Castle,L=Melbourne+OU=Ascot Vale")) + { + fail("Failed composite to string test got: " + n.toString()); + } + + if (!n.toString(true, X509Name.DefaultSymbols).equals("L=Melbourne+OU=Ascot Vale,O=The Legion of the Bouncy Castle,C=AU")) + { + fail("Failed composite to string test got: " + n.toString(true, X509Name.DefaultSymbols)); + } + + n = new X509Name(true, "L=Melbourne+OU=Ascot Vale,O=The Legion of the Bouncy Castle,C=AU"); + if (!n.toString().equals("C=AU,O=The Legion of the Bouncy Castle,L=Melbourne+OU=Ascot Vale")) + { + fail("Failed composite to string reversal test got: " + n.toString()); + } + + n = new X509Name("C=AU, O=The Legion of the Bouncy Castle, L=Melbourne + OU=Ascot Vale"); + + ByteArrayOutputStream bOut = new ByteArrayOutputStream(); + ASN1OutputStream aOut = new ASN1OutputStream(bOut); + + aOut.writeObject(n); + + byte[] enc2 = bOut.toByteArray(); + + if (!Arrays.areEqual(enc, enc2)) + { + //fail("Failed composite string to encoding test"); + } + + // + // dud name test - handle empty DN without barfing. + // + n = new X509Name("C=CH,O=,OU=dummy,CN=mail@dummy.com"); + + n = X509Name.getInstance(ASN1Primitive.fromByteArray(n.getEncoded())); + } + + private void equalityTest(X509Name x509Name, X509Name x509Name1) + { + if (!x509Name.equals(x509Name1)) + { + fail("equality test failed for " + x509Name + " : " + x509Name1); + } + + if (x509Name.hashCode() != x509Name1.hashCode()) + { + fail("hashCodeTest test failed for " + x509Name + " : " + x509Name1); + } + + if (!x509Name.equals(x509Name1, true)) + { + fail("equality test failed for " + x509Name + " : " + x509Name1); + } + } + + + public static void main( + String[] args) + { + runTest(new X509NameTest()); + } +} diff --git a/bcprov/src/main/java/org/bouncycastle/asn1/test/X9Test.java b/bcprov/src/main/java/org/bouncycastle/asn1/test/X9Test.java new file mode 100644 index 00000000..effe2669 --- /dev/null +++ b/bcprov/src/main/java/org/bouncycastle/asn1/test/X9Test.java @@ -0,0 +1,173 @@ +package org.bouncycastle.asn1.test; + +import java.math.BigInteger; + +import org.bouncycastle.asn1.ASN1OctetString; +import org.bouncycastle.asn1.ASN1Primitive; +import org.bouncycastle.asn1.DEROctetString; +import org.bouncycastle.asn1.pkcs.PrivateKeyInfo; +import org.bouncycastle.asn1.sec.ECPrivateKey; +import org.bouncycastle.asn1.x509.AlgorithmIdentifier; +import org.bouncycastle.asn1.x509.SubjectPublicKeyInfo; +import org.bouncycastle.asn1.x9.X962NamedCurves; +import org.bouncycastle.asn1.x9.X962Parameters; +import org.bouncycastle.asn1.x9.X9ECParameters; +import org.bouncycastle.asn1.x9.X9ECPoint; +import org.bouncycastle.asn1.x9.X9IntegerConverter; +import org.bouncycastle.asn1.x9.X9ObjectIdentifiers; +import org.bouncycastle.math.ec.ECPoint; +import org.bouncycastle.util.Arrays; +import org.bouncycastle.util.encoders.Base64; +import org.bouncycastle.util.encoders.Hex; +import org.bouncycastle.util.test.SimpleTest; + +public class X9Test + extends SimpleTest +{ + private byte[] namedPub = Base64.decode("MDcwEwYHKoZIzj0CAQYIKoZIzj0DAQEDIAADG5xRI+Iki/JrvL20hoDUa7Cggzorv5B9yyqSMjYu"); + private byte[] expPub = Base64.decode( + "MIH8MIHXBgcqhkjOPQIBMIHLAgEBMCkGByqGSM49AQECHn///////////////3///////4AAAA" + + "AAAH///////zBXBB5///////////////9///////+AAAAAAAB///////wEHiVXBfoqMGZUsfTL" + + "A9anUKMMJQEC1JiHF9m6FattPgMVAH1zdBaP/jRxtgqFdoahlHXTv6L/BB8DZ2iujhi7ks/PAF" + + "yUmqLG2UhT0OZgu/hUsclQX+laAh5///////////////9///+XXetBs6YFfDxDIUZSZVECAQED" + + "IAADG5xRI+Iki/JrvL20hoDUa7Cggzorv5B9yyqSMjYu"); + + private byte[] namedPriv = Base64.decode("MDkCAQAwEwYHKoZIzj0CAQYIKoZIzj0DAQEEHzAdAgEBBB" + + "gAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAo="); + + private byte[] expPriv = Base64.decode( + "MIIBBAIBADCB1wYHKoZIzj0CATCBywIBATApBgcqhkjOPQEBAh5///////////////9///////" + + "+AAAAAAAB///////8wVwQef///////////////f///////gAAAAAAAf//////8BB4lVwX6KjBmVL" + + "H0ywPWp1CjDCUBAtSYhxfZuhWrbT4DFQB9c3QWj/40cbYKhXaGoZR107+i/wQfA2doro4Yu5LPzw" + + "BclJqixtlIU9DmYLv4VLHJUF/pWgIef///////////////f///l13rQbOmBXw8QyFGUmVRAgEBBC" + + "UwIwIBAQQeAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAU"); + + private void encodePublicKey() + throws Exception + { + X9ECParameters ecP = X962NamedCurves.getByOID(X9ObjectIdentifiers.prime239v3); + + X9IntegerConverter conv = new X9IntegerConverter(); + + if (conv.getByteLength(ecP.getCurve()) != 30) + { + fail("wrong byte length reported for curve"); + } + + if (ecP.getCurve().getFieldSize() != 239) + { + fail("wrong field size reported for curve"); + } + + // + // named curve + // + X962Parameters params = new X962Parameters(X9ObjectIdentifiers.prime192v1); + ECPoint point = ecP.getG().multiply(BigInteger.valueOf(100)); + + ASN1OctetString p = new DEROctetString(point.getEncoded(true)); + + SubjectPublicKeyInfo info = new SubjectPublicKeyInfo(new AlgorithmIdentifier(X9ObjectIdentifiers.id_ecPublicKey, params), p.getOctets()); + if (!areEqual(info.getEncoded(), namedPub)) + { + fail("failed public named generation"); + } + + X9ECPoint x9P = new X9ECPoint(ecP.getCurve(), p); + + if (!Arrays.areEqual(p.getOctets(), x9P.getPoint().getEncoded())) + { + fail("point encoding not preserved"); + } + + ASN1Primitive o = ASN1Primitive.fromByteArray(namedPub); + + if (!info.equals(o)) + { + fail("failed public named equality"); + } + + // + // explicit curve parameters + // + params = new X962Parameters(ecP); + + info = new SubjectPublicKeyInfo(new AlgorithmIdentifier(X9ObjectIdentifiers.id_ecPublicKey, params), p.getOctets()); + + if (!areEqual(info.getEncoded(), expPub)) + { + fail("failed public explicit generation"); + } + + o = ASN1Primitive.fromByteArray(expPub); + + if (!info.equals(o)) + { + fail("failed public explicit equality"); + } + } + + private void encodePrivateKey() + throws Exception + { + X9ECParameters ecP = X962NamedCurves.getByOID(X9ObjectIdentifiers.prime192v1); + + // + // named curve + // + X962Parameters params = new X962Parameters(X9ObjectIdentifiers.prime192v1); + + PrivateKeyInfo info = new PrivateKeyInfo(new AlgorithmIdentifier(X9ObjectIdentifiers.id_ecPublicKey, params), new ECPrivateKey(ecP.getCurve().getOrder().bitLength(), BigInteger.valueOf(10))); + + if (!areEqual(info.getEncoded(), namedPriv)) + { + fail("failed private named generation"); + } + + ASN1Primitive o = ASN1Primitive.fromByteArray(namedPriv); + + if (!info.equals(o)) + { + fail("failed private named equality"); + } + + // + // explicit curve parameters + // + ecP = X962NamedCurves.getByOID(X9ObjectIdentifiers.prime239v3); + + params = new X962Parameters(ecP); + + info = new PrivateKeyInfo(new AlgorithmIdentifier(X9ObjectIdentifiers.id_ecPublicKey, params), new ECPrivateKey(ecP.getCurve().getOrder().bitLength(), BigInteger.valueOf(20))); + + if (!areEqual(info.getEncoded(), expPriv)) + { + fail("failed private explicit generation"); + } + + o = ASN1Primitive.fromByteArray(expPriv); + + if (!info.equals(o)) + { + fail("failed private explicit equality"); + } + } + + public void performTest() + throws Exception + { + encodePublicKey(); + encodePrivateKey(); + } + + public String getName() + { + return "X9"; + } + + public static void main( + String[] args) + { + runTest(new X9Test()); + } +} diff --git a/bcprov/src/main/java/org/bouncycastle/asn1/test/package.html b/bcprov/src/main/java/org/bouncycastle/asn1/test/package.html new file mode 100644 index 00000000..df45e190 --- /dev/null +++ b/bcprov/src/main/java/org/bouncycastle/asn1/test/package.html @@ -0,0 +1,5 @@ +<html> +<body bgcolor="#ffffff"> +Test programs for the ASN.1 package. +</body> +</html> diff --git a/bcprov/src/main/java/org/bouncycastle/asn1/tsp/package.html b/bcprov/src/main/java/org/bouncycastle/asn1/tsp/package.html new file mode 100644 index 00000000..d6265f04 --- /dev/null +++ b/bcprov/src/main/java/org/bouncycastle/asn1/tsp/package.html @@ -0,0 +1,5 @@ +<html> +<body bgcolor="#ffffff"> +Support classes useful for encoding and supporting Time Stamp Protocol as described RFC 3161. +</body> +</html> diff --git a/bcprov/src/main/java/org/bouncycastle/asn1/ua/DSTU4145ECBinary.java b/bcprov/src/main/java/org/bouncycastle/asn1/ua/DSTU4145ECBinary.java index 11c2af48..dc9f74c0 100644 --- a/bcprov/src/main/java/org/bouncycastle/asn1/ua/DSTU4145ECBinary.java +++ b/bcprov/src/main/java/org/bouncycastle/asn1/ua/DSTU4145ECBinary.java @@ -12,15 +12,15 @@ import org.bouncycastle.asn1.ASN1TaggedObject; import org.bouncycastle.asn1.DEROctetString; import org.bouncycastle.asn1.DERSequence; import org.bouncycastle.asn1.DERTaggedObject; -import org.bouncycastle.asn1.x9.X9IntegerConverter; import org.bouncycastle.crypto.params.ECDomainParameters; +import org.bouncycastle.math.ec.ECAlgorithms; import org.bouncycastle.math.ec.ECCurve; +import org.bouncycastle.math.field.PolynomialExtensionField; import org.bouncycastle.util.Arrays; public class DSTU4145ECBinary extends ASN1Object { - BigInteger version = BigInteger.valueOf(0); DSTU4145BinaryField f; @@ -31,17 +31,27 @@ public class DSTU4145ECBinary public DSTU4145ECBinary(ECDomainParameters params) { - if (!(params.getCurve() instanceof ECCurve.F2m)) + ECCurve curve = params.getCurve(); + if (!ECAlgorithms.isF2mCurve(curve)) { throw new IllegalArgumentException("only binary domain is possible"); } // We always use big-endian in parameter encoding - ECCurve.F2m curve = (ECCurve.F2m)params.getCurve(); - f = new DSTU4145BinaryField(curve.getM(), curve.getK1(), curve.getK2(), curve.getK3()); + + PolynomialExtensionField field = (PolynomialExtensionField)curve.getField(); + int[] exponents = field.getMinimalPolynomial().getExponentsPresent(); + if (exponents.length == 3) + { + f = new DSTU4145BinaryField(exponents[2], exponents[1]); + } + else if (exponents.length == 5) + { + f = new DSTU4145BinaryField(exponents[4], exponents[1], exponents[2], exponents[3]); + } + a = new ASN1Integer(curve.getA().toBigInteger()); - X9IntegerConverter converter = new X9IntegerConverter(); - b = new DEROctetString(converter.integerToBytes(curve.getB().toBigInteger(), converter.getByteLength(curve))); + b = new DEROctetString(curve.getB().getEncoded()); n = new ASN1Integer(params.getN()); bp = new DEROctetString(DSTU4145PointEncoder.encodePoint(params.getG())); } diff --git a/bcprov/src/main/java/org/bouncycastle/asn1/ua/DSTU4145NamedCurves.java b/bcprov/src/main/java/org/bouncycastle/asn1/ua/DSTU4145NamedCurves.java index 312bacbb..0c02ce8b 100644 --- a/bcprov/src/main/java/org/bouncycastle/asn1/ua/DSTU4145NamedCurves.java +++ b/bcprov/src/main/java/org/bouncycastle/asn1/ua/DSTU4145NamedCurves.java @@ -21,17 +21,41 @@ public class DSTU4145NamedCurves static { + BigInteger[] n_s = new BigInteger[10]; + n_s[0] = new BigInteger("400000000000000000002BEC12BE2262D39BCF14D", 16); + n_s[1] = new BigInteger("3FFFFFFFFFFFFFFFFFFFFFB12EBCC7D7F29FF7701F", 16); + n_s[2] = new BigInteger("800000000000000000000189B4E67606E3825BB2831", 16); + n_s[3] = new BigInteger("3FFFFFFFFFFFFFFFFFFFFFFB981960435FE5AB64236EF", 16); + n_s[4] = new BigInteger("40000000000000000000000069A779CAC1DABC6788F7474F", 16); + n_s[5] = new BigInteger("1000000000000000000000000000013E974E72F8A6922031D2603CFE0D7", 16); + n_s[6] = new BigInteger("800000000000000000000000000000006759213AF182E987D3E17714907D470D", 16); + n_s[7] = new BigInteger("3FFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFC079C2F3825DA70D390FBBA588D4604022B7B7", 16); + n_s[8] = new BigInteger("40000000000000000000000000000000000000000000009C300B75A3FA824F22428FD28CE8812245EF44049B2D49", 16); + n_s[9] = new BigInteger("3FFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFBA3175458009A8C0A724F02F81AA8A1FCBAF80D90C7A95110504CF", 16); + + BigInteger[] h_s = new BigInteger[10]; + h_s[0] = BigInteger.valueOf(2); + h_s[1] = BigInteger.valueOf(2); + h_s[2] = BigInteger.valueOf(4); + h_s[3] = BigInteger.valueOf(2); + h_s[4] = BigInteger.valueOf(2); + h_s[5] = BigInteger.valueOf(2); + h_s[6] = BigInteger.valueOf(4); + h_s[7] = BigInteger.valueOf(2); + h_s[8] = BigInteger.valueOf(2); + h_s[9] = BigInteger.valueOf(2); + ECCurve.F2m[] curves = new ECCurve.F2m[10]; - curves[0] = new ECCurve.F2m(163, 3, 6, 7, ONE, new BigInteger("5FF6108462A2DC8210AB403925E638A19C1455D21", 16)); - curves[1] = new ECCurve.F2m(167, 6, ONE, new BigInteger("6EE3CEEB230811759F20518A0930F1A4315A827DAC", 16)); - curves[2] = new ECCurve.F2m(173, 1, 2, 10, ZERO, new BigInteger("108576C80499DB2FC16EDDF6853BBB278F6B6FB437D9", 16)); - curves[3] = new ECCurve.F2m(179, 1, 2, 4, ONE, new BigInteger("4A6E0856526436F2F88DD07A341E32D04184572BEB710", 16)); - curves[4] = new ECCurve.F2m(191, 9, ONE, new BigInteger("7BC86E2102902EC4D5890E8B6B4981ff27E0482750FEFC03", 16)); - curves[5] = new ECCurve.F2m(233, 1, 4, 9, ONE, new BigInteger("06973B15095675534C7CF7E64A21BD54EF5DD3B8A0326AA936ECE454D2C", 16)); - curves[6] = new ECCurve.F2m(257, 12, ZERO, new BigInteger("1CEF494720115657E18F938D7A7942394FF9425C1458C57861F9EEA6ADBE3BE10", 16)); - curves[7] = new ECCurve.F2m(307, 2, 4, 8, ONE, new BigInteger("393C7F7D53666B5054B5E6C6D3DE94F4296C0C599E2E2E241050DF18B6090BDC90186904968BB", 16)); - curves[8] = new ECCurve.F2m(367, 21, ONE, new BigInteger("43FC8AD242B0B7A6F3D1627AD5654447556B47BF6AA4A64B0C2AFE42CADAB8F93D92394C79A79755437B56995136", 16)); - curves[9] = new ECCurve.F2m(431, 1, 3, 5, ONE, new BigInteger("03CE10490F6A708FC26DFE8C3D27C4F94E690134D5BFF988D8D28AAEAEDE975936C66BAC536B18AE2DC312CA493117DAA469C640CAF3", 16)); + curves[0] = new ECCurve.F2m(163, 3, 6, 7, ONE, new BigInteger("5FF6108462A2DC8210AB403925E638A19C1455D21", 16), n_s[0], h_s[0]); + curves[1] = new ECCurve.F2m(167, 6, ONE, new BigInteger("6EE3CEEB230811759F20518A0930F1A4315A827DAC", 16), n_s[1], h_s[1]); + curves[2] = new ECCurve.F2m(173, 1, 2, 10, ZERO, new BigInteger("108576C80499DB2FC16EDDF6853BBB278F6B6FB437D9", 16), n_s[2], h_s[2]); + curves[3] = new ECCurve.F2m(179, 1, 2, 4, ONE, new BigInteger("4A6E0856526436F2F88DD07A341E32D04184572BEB710", 16), n_s[3], h_s[3]); + curves[4] = new ECCurve.F2m(191, 9, ONE, new BigInteger("7BC86E2102902EC4D5890E8B6B4981ff27E0482750FEFC03", 16), n_s[4], h_s[4]); + curves[5] = new ECCurve.F2m(233, 1, 4, 9, ONE, new BigInteger("06973B15095675534C7CF7E64A21BD54EF5DD3B8A0326AA936ECE454D2C", 16), n_s[5], h_s[5]); + curves[6] = new ECCurve.F2m(257, 12, ZERO, new BigInteger("1CEF494720115657E18F938D7A7942394FF9425C1458C57861F9EEA6ADBE3BE10", 16), n_s[6], h_s[6]); + curves[7] = new ECCurve.F2m(307, 2, 4, 8, ONE, new BigInteger("393C7F7D53666B5054B5E6C6D3DE94F4296C0C599E2E2E241050DF18B6090BDC90186904968BB", 16), n_s[7], h_s[7]); + curves[8] = new ECCurve.F2m(367, 21, ONE, new BigInteger("43FC8AD242B0B7A6F3D1627AD5654447556B47BF6AA4A64B0C2AFE42CADAB8F93D92394C79A79755437B56995136", 16), n_s[8], h_s[8]); + curves[9] = new ECCurve.F2m(431, 1, 3, 5, ONE, new BigInteger("03CE10490F6A708FC26DFE8C3D27C4F94E690134D5BFF988D8D28AAEAEDE975936C66BAC536B18AE2DC312CA493117DAA469C640CAF3", 16), n_s[9], h_s[9]); ECPoint[] points = new ECPoint[10]; points[0] = curves[0].createPoint(new BigInteger("2E2F85F5DD74CE983A5C4237229DAF8A3F35823BE", 16), new BigInteger("3826F008A8C51D7B95284D9D03FF0E00CE2CD723A", 16)); @@ -45,21 +69,9 @@ public class DSTU4145NamedCurves points[8] = curves[8].createPoint(new BigInteger("324A6EDDD512F08C49A99AE0D3F961197A76413E7BE81A400CA681E09639B5FE12E59A109F78BF4A373541B3B9A1", 16), new BigInteger("1AB597A5B4477F59E39539007C7F977D1A567B92B043A49C6B61984C3FE3481AAF454CD41BA1F051626442B3C10", 16)); points[9] = curves[9].createPoint(new BigInteger("1A62BA79D98133A16BBAE7ED9A8E03C32E0824D57AEF72F88986874E5AAE49C27BED49A2A95058068426C2171E99FD3B43C5947C857D", 16), new BigInteger("70B5E1E14031C1F70BBEFE96BDDE66F451754B4CA5F48DA241F331AA396B8D1839A855C1769B1EA14BA53308B5E2723724E090E02DB9", 16)); - BigInteger[] n_s = new BigInteger[10]; - n_s[0] = new BigInteger("400000000000000000002BEC12BE2262D39BCF14D", 16); - n_s[1] = new BigInteger("3FFFFFFFFFFFFFFFFFFFFFB12EBCC7D7F29FF7701F", 16); - n_s[2] = new BigInteger("800000000000000000000189B4E67606E3825BB2831", 16); - n_s[3] = new BigInteger("3FFFFFFFFFFFFFFFFFFFFFFB981960435FE5AB64236EF", 16); - n_s[4] = new BigInteger("40000000000000000000000069A779CAC1DABC6788F7474F", 16); - n_s[5] = new BigInteger("1000000000000000000000000000013E974E72F8A6922031D2603CFE0D7", 16); - n_s[6] = new BigInteger("800000000000000000000000000000006759213AF182E987D3E17714907D470D", 16); - n_s[7] = new BigInteger("3FFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFC079C2F3825DA70D390FBBA588D4604022B7B7", 16); - n_s[8] = new BigInteger("40000000000000000000000000000000000000000000009C300B75A3FA824F22428FD28CE8812245EF44049B2D49", 16); - n_s[9] = new BigInteger("3FFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFBA3175458009A8C0A724F02F81AA8A1FCBAF80D90C7A95110504CF", 16); - for (int i = 0; i < params.length; i++) { - params[i] = new ECDomainParameters(curves[i], points[i], n_s[i]); + params[i] = new ECDomainParameters(curves[i], points[i], n_s[i], h_s[i]); } for (int i = 0; i < oids.length; i++) diff --git a/bcprov/src/main/java/org/bouncycastle/asn1/ua/DSTU4145PointEncoder.java b/bcprov/src/main/java/org/bouncycastle/asn1/ua/DSTU4145PointEncoder.java index 8c16620f..3405130e 100644 --- a/bcprov/src/main/java/org/bouncycastle/asn1/ua/DSTU4145PointEncoder.java +++ b/bcprov/src/main/java/org/bouncycastle/asn1/ua/DSTU4145PointEncoder.java @@ -7,7 +7,6 @@ import org.bouncycastle.math.ec.ECConstants; import org.bouncycastle.math.ec.ECCurve; import org.bouncycastle.math.ec.ECFieldElement; import org.bouncycastle.math.ec.ECPoint; -import org.bouncycastle.util.Arrays; /** * DSTU4145 encodes points somewhat differently than X9.62 @@ -15,21 +14,21 @@ import org.bouncycastle.util.Arrays; */ public abstract class DSTU4145PointEncoder { - private static BigInteger trace(ECFieldElement fe) + private static ECFieldElement trace(ECFieldElement fe) { ECFieldElement t = fe; - for (int i = 0; i < fe.getFieldSize() - 1; i++) + for (int i = 1; i < fe.getFieldSize(); ++i) { t = t.square().add(fe); } - return t.toBigInteger(); + return t; } /** * Solves a quadratic equation <code>z<sup>2</sup> + z = beta</code>(X9.62 * D.1.6) The other solution is <code>z + 1</code>. * - * @param beta The value to solve the qradratic equation for. + * @param beta The value to solve the quadratic equation for. * @return the solution for <code>z<sup>2</sup> + z = beta</code> or * <code>null</code> if no solution exists. */ @@ -91,8 +90,8 @@ public abstract class DSTU4145PointEncoder if (!x.isZero()) { - ECFieldElement y = Q.getAffineYCoord().divide(x); - if (trace(y).equals(ECConstants.ONE)) + ECFieldElement z = Q.getAffineYCoord().divide(x); + if (trace(z).isOne()) { bytes[bytes.length - 1] |= 0x01; } @@ -118,39 +117,38 @@ public abstract class DSTU4145PointEncoder return curve.decodePoint(bp_enc);*/ - BigInteger k = BigInteger.valueOf(bytes[bytes.length - 1] & 0x1); - if (!trace(curve.fromBigInteger(new BigInteger(1, bytes))).equals(curve.getA().toBigInteger())) + ECFieldElement k = curve.fromBigInteger(BigInteger.valueOf(bytes[bytes.length - 1] & 0x1)); + + ECFieldElement xp = curve.fromBigInteger(new BigInteger(1, bytes)); + if (!trace(xp).equals(curve.getA())) { - bytes = Arrays.clone(bytes); - bytes[bytes.length - 1] ^= 0x01; + xp = xp.addOne(); } - ECFieldElement xp = curve.fromBigInteger(new BigInteger(1, bytes)); + ECFieldElement yp = null; if (xp.isZero()) { - yp = (ECFieldElement.F2m)curve.getB(); - for (int i = 0; i < curve.getFieldSize() - 1; i++) - { - yp = yp.square(); - } + yp = curve.getB().sqrt(); } else { - ECFieldElement beta = xp.add(curve.getA()).add( - curve.getB().multiply(xp.square().invert())); + ECFieldElement beta = xp.square().invert().multiply(curve.getB()).add(curve.getA()).add(xp); ECFieldElement z = solveQuadraticEquation(curve, beta); - if (z == null) + if (z != null) { - throw new RuntimeException("Invalid point compression"); + if (!trace(z).equals(k)) + { + z = z.addOne(); + } + yp = xp.multiply(z); } - if (!trace(z).equals(k)) - { - z = z.addOne(); - } - yp = xp.multiply(z); } - return new ECPoint.F2m(curve, xp, yp); - } + if (yp == null) + { + throw new IllegalArgumentException("Invalid point compression"); + } + return curve.createPoint(xp.toBigInteger(), yp.toBigInteger()); + } } diff --git a/bcprov/src/main/java/org/bouncycastle/asn1/ua/package.html b/bcprov/src/main/java/org/bouncycastle/asn1/ua/package.html new file mode 100644 index 00000000..0fc273f1 --- /dev/null +++ b/bcprov/src/main/java/org/bouncycastle/asn1/ua/package.html @@ -0,0 +1,5 @@ +<html> +<body bgcolor="#ffffff"> +Support classes for the Ukrainian DSTU standard. +</body> +</html> diff --git a/bcprov/src/main/java/org/bouncycastle/asn1/util/ASN1Dump.java b/bcprov/src/main/java/org/bouncycastle/asn1/util/ASN1Dump.java index 5302552b..8a454f27 100644 --- a/bcprov/src/main/java/org/bouncycastle/asn1/util/ASN1Dump.java +++ b/bcprov/src/main/java/org/bouncycastle/asn1/util/ASN1Dump.java @@ -3,7 +3,10 @@ package org.bouncycastle.asn1.util; import java.io.IOException; import java.util.Enumeration; +import org.bouncycastle.asn1.ASN1Boolean; import org.bouncycastle.asn1.ASN1Encodable; +import org.bouncycastle.asn1.ASN1Enumerated; +import org.bouncycastle.asn1.ASN1GeneralizedTime; import org.bouncycastle.asn1.ASN1Integer; import org.bouncycastle.asn1.ASN1ObjectIdentifier; import org.bouncycastle.asn1.ASN1OctetString; @@ -11,8 +14,8 @@ import org.bouncycastle.asn1.ASN1Primitive; import org.bouncycastle.asn1.ASN1Sequence; import org.bouncycastle.asn1.ASN1Set; import org.bouncycastle.asn1.ASN1TaggedObject; +import org.bouncycastle.asn1.ASN1UTCTime; import org.bouncycastle.asn1.BERApplicationSpecific; -import org.bouncycastle.asn1.BERConstructedOctetString; import org.bouncycastle.asn1.BEROctetString; import org.bouncycastle.asn1.BERSequence; import org.bouncycastle.asn1.BERSet; @@ -21,16 +24,12 @@ import org.bouncycastle.asn1.BERTags; import org.bouncycastle.asn1.DERApplicationSpecific; import org.bouncycastle.asn1.DERBMPString; import org.bouncycastle.asn1.DERBitString; -import org.bouncycastle.asn1.DERBoolean; -import org.bouncycastle.asn1.DEREnumerated; import org.bouncycastle.asn1.DERExternal; -import org.bouncycastle.asn1.DERGeneralizedTime; import org.bouncycastle.asn1.DERIA5String; import org.bouncycastle.asn1.DERNull; import org.bouncycastle.asn1.DERPrintableString; import org.bouncycastle.asn1.DERSequence; import org.bouncycastle.asn1.DERT61String; -import org.bouncycastle.asn1.DERUTCTime; import org.bouncycastle.asn1.DERUTF8String; import org.bouncycastle.asn1.DERVisibleString; import org.bouncycastle.util.encoders.Hex; @@ -172,7 +171,7 @@ public class ASN1Dump { ASN1OctetString oct = (ASN1OctetString)obj; - if (obj instanceof BEROctetString || obj instanceof BERConstructedOctetString) + if (obj instanceof BEROctetString) { buf.append(indent + "BER Constructed Octet String" + "[" + oct.getOctets().length + "] "); } @@ -193,9 +192,9 @@ public class ASN1Dump { buf.append(indent + "ObjectIdentifier(" + ((ASN1ObjectIdentifier)obj).getId() + ")" + nl); } - else if (obj instanceof DERBoolean) + else if (obj instanceof ASN1Boolean) { - buf.append(indent + "Boolean(" + ((DERBoolean)obj).isTrue() + ")" + nl); + buf.append(indent + "Boolean(" + ((ASN1Boolean)obj).isTrue() + ")" + nl); } else if (obj instanceof ASN1Integer) { @@ -238,13 +237,13 @@ public class ASN1Dump { buf.append(indent + "T61String(" + ((DERT61String)obj).getString() + ") " + nl); } - else if (obj instanceof DERUTCTime) + else if (obj instanceof ASN1UTCTime) { - buf.append(indent + "UTCTime(" + ((DERUTCTime)obj).getTime() + ") " + nl); + buf.append(indent + "UTCTime(" + ((ASN1UTCTime)obj).getTime() + ") " + nl); } - else if (obj instanceof DERGeneralizedTime) + else if (obj instanceof ASN1GeneralizedTime) { - buf.append(indent + "GeneralizedTime(" + ((DERGeneralizedTime)obj).getTime() + ") " + nl); + buf.append(indent + "GeneralizedTime(" + ((ASN1GeneralizedTime)obj).getTime() + ") " + nl); } else if (obj instanceof BERApplicationSpecific) { @@ -254,9 +253,9 @@ public class ASN1Dump { buf.append(outputApplicationSpecific("DER", indent, verbose, obj, nl)); } - else if (obj instanceof DEREnumerated) + else if (obj instanceof ASN1Enumerated) { - DEREnumerated en = (DEREnumerated) obj; + ASN1Enumerated en = (ASN1Enumerated) obj; buf.append(indent + "DER Enumerated(" + en.getValue() + ")" + nl); } else if (obj instanceof DERExternal) diff --git a/bcprov/src/main/java/org/bouncycastle/asn1/util/package.html b/bcprov/src/main/java/org/bouncycastle/asn1/util/package.html new file mode 100644 index 00000000..1db893d1 --- /dev/null +++ b/bcprov/src/main/java/org/bouncycastle/asn1/util/package.html @@ -0,0 +1,5 @@ +<html> +<body bgcolor="#ffffff"> +An ASN.1 dump utility. +</body> +</html> diff --git a/bcprov/src/main/java/org/bouncycastle/asn1/x500/package.html b/bcprov/src/main/java/org/bouncycastle/asn1/x500/package.html new file mode 100644 index 00000000..9a3f9c60 --- /dev/null +++ b/bcprov/src/main/java/org/bouncycastle/asn1/x500/package.html @@ -0,0 +1,5 @@ +<html> +<body bgcolor="#ffffff"> +Support classes for the creation and processing of object based on X.500 names. +</body> +</html> diff --git a/bcprov/src/main/java/org/bouncycastle/asn1/x500/style/AbstractX500NameStyle.java b/bcprov/src/main/java/org/bouncycastle/asn1/x500/style/AbstractX500NameStyle.java new file mode 100644 index 00000000..9792d40e --- /dev/null +++ b/bcprov/src/main/java/org/bouncycastle/asn1/x500/style/AbstractX500NameStyle.java @@ -0,0 +1,192 @@ +package org.bouncycastle.asn1.x500.style; + +import java.io.IOException; +import java.util.Enumeration; +import java.util.Hashtable; + +import org.bouncycastle.asn1.ASN1Encodable; +import org.bouncycastle.asn1.ASN1ObjectIdentifier; +import org.bouncycastle.asn1.DERUTF8String; +import org.bouncycastle.asn1.x500.AttributeTypeAndValue; +import org.bouncycastle.asn1.x500.RDN; +import org.bouncycastle.asn1.x500.X500Name; +import org.bouncycastle.asn1.x500.X500NameStyle; + +/** + * This class provides some default behavior and common implementation for a + * X500NameStyle. It should be easily extendable to support implementing the + * desired X500NameStyle. + */ +public abstract class AbstractX500NameStyle + implements X500NameStyle +{ + + /** + * Tool function to shallow copy a Hashtable. + * + * @param paramsMap table to copy + * @return the copy of the table + */ + public static Hashtable copyHashTable(Hashtable paramsMap) + { + Hashtable newTable = new Hashtable(); + + Enumeration keys = paramsMap.keys(); + while (keys.hasMoreElements()) + { + Object key = keys.nextElement(); + newTable.put(key, paramsMap.get(key)); + } + + return newTable; + } + + private int calcHashCode(ASN1Encodable enc) + { + String value = IETFUtils.valueToString(enc); + value = IETFUtils.canonicalize(value); + return value.hashCode(); + } + + public int calculateHashCode(X500Name name) + { + int hashCodeValue = 0; + RDN[] rdns = name.getRDNs(); + + // this needs to be order independent, like equals + for (int i = 0; i != rdns.length; i++) + { + if (rdns[i].isMultiValued()) + { + AttributeTypeAndValue[] atv = rdns[i].getTypesAndValues(); + + for (int j = 0; j != atv.length; j++) + { + hashCodeValue ^= atv[j].getType().hashCode(); + hashCodeValue ^= calcHashCode(atv[j].getValue()); + } + } + else + { + hashCodeValue ^= rdns[i].getFirst().getType().hashCode(); + hashCodeValue ^= calcHashCode(rdns[i].getFirst().getValue()); + } + } + + return hashCodeValue; + } + + + /** + * For all string values starting with '#' is assumed, that these are + * already valid ASN.1 objects encoded in hex. + * <p> + * All other string values are send to + * {@link AbstractX500NameStyle#encodeStringValue(ASN1ObjectIdentifier, String)}. + * </p> + * Subclasses should overwrite + * {@link AbstractX500NameStyle#encodeStringValue(ASN1ObjectIdentifier, String)} + * to change the encoding of specific types. + * + * @param oid the DN name of the value. + * @param value the String representation of the value. + */ + public ASN1Encodable stringToValue(ASN1ObjectIdentifier oid, String value) + { + if (value.length() != 0 && value.charAt(0) == '#') + { + try + { + return IETFUtils.valueFromHexString(value, 1); + } + catch (IOException e) + { + throw new RuntimeException("can't recode value for oid " + oid.getId()); + } + } + + if (value.length() != 0 && value.charAt(0) == '\\') + { + value = value.substring(1); + } + + return encodeStringValue(oid, value); + } + + /** + * Encoded every value into a UTF8String. + * <p> + * Subclasses should overwrite + * this method to change the encoding of specific types. + * </p> + * + * @param oid the DN oid of the value + * @param value the String representation of the value + * @return a the value encoded into a ASN.1 object. Never returns <code>null</code>. + */ + protected ASN1Encodable encodeStringValue(ASN1ObjectIdentifier oid, String value) + { + return new DERUTF8String(value); + } + + public boolean areEqual(X500Name name1, X500Name name2) + { + RDN[] rdns1 = name1.getRDNs(); + RDN[] rdns2 = name2.getRDNs(); + + if (rdns1.length != rdns2.length) + { + return false; + } + + boolean reverse = false; + + if (rdns1[0].getFirst() != null && rdns2[0].getFirst() != null) + { + reverse = !rdns1[0].getFirst().getType().equals(rdns2[0].getFirst().getType()); // guess forward + } + + for (int i = 0; i != rdns1.length; i++) + { + if (!foundMatch(reverse, rdns1[i], rdns2)) + { + return false; + } + } + + return true; + } + + private boolean foundMatch(boolean reverse, RDN rdn, RDN[] possRDNs) + { + if (reverse) + { + for (int i = possRDNs.length - 1; i >= 0; i--) + { + if (possRDNs[i] != null && rdnAreEqual(rdn, possRDNs[i])) + { + possRDNs[i] = null; + return true; + } + } + } + else + { + for (int i = 0; i != possRDNs.length; i++) + { + if (possRDNs[i] != null && rdnAreEqual(rdn, possRDNs[i])) + { + possRDNs[i] = null; + return true; + } + } + } + + return false; + } + + protected boolean rdnAreEqual(RDN rdn1, RDN rdn2) + { + return IETFUtils.rDNAreEqual(rdn1, rdn2); + } +} diff --git a/bcprov/src/main/java/org/bouncycastle/asn1/x500/style/BCStyle.java b/bcprov/src/main/java/org/bouncycastle/asn1/x500/style/BCStyle.java index 68421821..1c2a9269 100644 --- a/bcprov/src/main/java/org/bouncycastle/asn1/x500/style/BCStyle.java +++ b/bcprov/src/main/java/org/bouncycastle/asn1/x500/style/BCStyle.java @@ -1,7 +1,5 @@ package org.bouncycastle.asn1.x500.style; -import java.io.IOException; -import java.util.Enumeration; import java.util.Hashtable; import org.bouncycastle.asn1.ASN1Encodable; @@ -9,16 +7,14 @@ import org.bouncycastle.asn1.ASN1GeneralizedTime; import org.bouncycastle.asn1.ASN1ObjectIdentifier; import org.bouncycastle.asn1.DERIA5String; import org.bouncycastle.asn1.DERPrintableString; -import org.bouncycastle.asn1.DERUTF8String; import org.bouncycastle.asn1.pkcs.PKCSObjectIdentifiers; -import org.bouncycastle.asn1.x500.AttributeTypeAndValue; import org.bouncycastle.asn1.x500.RDN; import org.bouncycastle.asn1.x500.X500Name; import org.bouncycastle.asn1.x500.X500NameStyle; import org.bouncycastle.asn1.x509.X509ObjectIdentifiers; public class BCStyle - implements X500NameStyle + extends AbstractX500NameStyle { /** * country code - StringType(SIZE(2)) @@ -285,42 +281,24 @@ public class BCStyle defaultSymbols = copyHashTable(DefaultSymbols); defaultLookUp = copyHashTable(DefaultLookUp); } - - public ASN1Encodable stringToValue(ASN1ObjectIdentifier oid, String value) - { - if (value.length() != 0 && value.charAt(0) == '#') + + protected ASN1Encodable encodeStringValue(ASN1ObjectIdentifier oid, + String value) { + if (oid.equals(EmailAddress) || oid.equals(DC)) { - try - { - return IETFUtils.valueFromHexString(value, 1); - } - catch (IOException e) - { - throw new RuntimeException("can't recode value for oid " + oid.getId()); - } + return new DERIA5String(value); } - else + else if (oid.equals(DATE_OF_BIRTH)) // accept time string as well as # (for compatibility) { - if (value.length() != 0 && value.charAt(0) == '\\') - { - value = value.substring(1); - } - if (oid.equals(EmailAddress) || oid.equals(DC)) - { - return new DERIA5String(value); - } - else if (oid.equals(DATE_OF_BIRTH)) // accept time string as well as # (for compatibility) - { - return new ASN1GeneralizedTime(value); - } - else if (oid.equals(C) || oid.equals(SN) || oid.equals(DN_QUALIFIER) - || oid.equals(TELEPHONE_NUMBER)) - { - return new DERPrintableString(value); - } + return new ASN1GeneralizedTime(value); } - - return new DERUTF8String(value); + else if (oid.equals(C) || oid.equals(SN) || oid.equals(DN_QUALIFIER) + || oid.equals(TELEPHONE_NUMBER)) + { + return new DERPrintableString(value); + } + + return super.encodeStringValue(oid, value); } public String oidToDisplayName(ASN1ObjectIdentifier oid) @@ -338,109 +316,11 @@ public class BCStyle return IETFUtils.decodeAttrName(attrName, defaultLookUp); } - public boolean areEqual(X500Name name1, X500Name name2) - { - RDN[] rdns1 = name1.getRDNs(); - RDN[] rdns2 = name2.getRDNs(); - - if (rdns1.length != rdns2.length) - { - return false; - } - - boolean reverse = false; - - if (rdns1[0].getFirst() != null && rdns2[0].getFirst() != null) - { - reverse = !rdns1[0].getFirst().getType().equals(rdns2[0].getFirst().getType()); // guess forward - } - - for (int i = 0; i != rdns1.length; i++) - { - if (!foundMatch(reverse, rdns1[i], rdns2)) - { - return false; - } - } - - return true; - } - - private boolean foundMatch(boolean reverse, RDN rdn, RDN[] possRDNs) - { - if (reverse) - { - for (int i = possRDNs.length - 1; i >= 0; i--) - { - if (possRDNs[i] != null && rdnAreEqual(rdn, possRDNs[i])) - { - possRDNs[i] = null; - return true; - } - } - } - else - { - for (int i = 0; i != possRDNs.length; i++) - { - if (possRDNs[i] != null && rdnAreEqual(rdn, possRDNs[i])) - { - possRDNs[i] = null; - return true; - } - } - } - - return false; - } - - protected boolean rdnAreEqual(RDN rdn1, RDN rdn2) - { - return IETFUtils.rDNAreEqual(rdn1, rdn2); - } - public RDN[] fromString(String dirName) { return IETFUtils.rDNsFromString(dirName, this); } - public int calculateHashCode(X500Name name) - { - int hashCodeValue = 0; - RDN[] rdns = name.getRDNs(); - - // this needs to be order independent, like equals - for (int i = 0; i != rdns.length; i++) - { - if (rdns[i].isMultiValued()) - { - AttributeTypeAndValue[] atv = rdns[i].getTypesAndValues(); - - for (int j = 0; j != atv.length; j++) - { - hashCodeValue ^= atv[j].getType().hashCode(); - hashCodeValue ^= calcHashCode(atv[j].getValue()); - } - } - else - { - hashCodeValue ^= rdns[i].getFirst().getType().hashCode(); - hashCodeValue ^= calcHashCode(rdns[i].getFirst().getValue()); - } - } - - return hashCodeValue; - } - - private int calcHashCode(ASN1Encodable enc) - { - String value = IETFUtils.valueToString(enc); - - value = IETFUtils.canonicalize(value); - - return value.hashCode(); - } - public String toString(X500Name name) { StringBuffer buf = new StringBuffer(); @@ -465,17 +345,5 @@ public class BCStyle return buf.toString(); } - private static Hashtable copyHashTable(Hashtable paramsMap) - { - Hashtable newTable = new Hashtable(); - Enumeration keys = paramsMap.keys(); - while (keys.hasMoreElements()) - { - Object key = keys.nextElement(); - newTable.put(key, paramsMap.get(key)); - } - - return newTable; - } } diff --git a/bcprov/src/main/java/org/bouncycastle/asn1/x500/style/IETFUtils.java b/bcprov/src/main/java/org/bouncycastle/asn1/x500/style/IETFUtils.java index b4f17941..9df924c8 100644 --- a/bcprov/src/main/java/org/bouncycastle/asn1/x500/style/IETFUtils.java +++ b/bcprov/src/main/java/org/bouncycastle/asn1/x500/style/IETFUtils.java @@ -322,7 +322,10 @@ public class IETFUtils } else { - IETFUtils.appendTypeAndValue(buf, rdn.getFirst(), oidSymbols); + if (rdn.getFirst() != null) + { + IETFUtils.appendTypeAndValue(buf, rdn.getFirst(), oidSymbols); + } } } @@ -438,7 +441,7 @@ public class IETFUtils public static String canonicalize(String s) { - String value = Strings.toLowerCase(s.trim()); + String value = Strings.toLowerCase(s); if (value.length() > 0 && value.charAt(0) == '#') { @@ -446,7 +449,27 @@ public class IETFUtils if (obj instanceof ASN1String) { - value = Strings.toLowerCase(((ASN1String)obj).getString().trim()); + value = Strings.toLowerCase(((ASN1String)obj).getString()); + } + } + + if (value.length() > 1) + { + int start = 0; + while (start + 1 < value.length() && value.charAt(start) == '\\' && value.charAt(start + 1) == ' ') + { + start += 2; + } + + int end = value.length() - 1; + while (end - 1 > 0 && value.charAt(end - 1) == '\\' && value.charAt(end) == ' ') + { + end -= 2; + } + + if (start > 0 || end < value.length() - 1) + { + value = value.substring(start, end + 1); } } diff --git a/bcprov/src/main/java/org/bouncycastle/asn1/x500/style/RFC4519Style.java b/bcprov/src/main/java/org/bouncycastle/asn1/x500/style/RFC4519Style.java index 8c92257e..13f6ef1e 100644 --- a/bcprov/src/main/java/org/bouncycastle/asn1/x500/style/RFC4519Style.java +++ b/bcprov/src/main/java/org/bouncycastle/asn1/x500/style/RFC4519Style.java @@ -1,21 +1,17 @@ package org.bouncycastle.asn1.x500.style; -import java.io.IOException; -import java.util.Enumeration; import java.util.Hashtable; import org.bouncycastle.asn1.ASN1Encodable; import org.bouncycastle.asn1.ASN1ObjectIdentifier; import org.bouncycastle.asn1.DERIA5String; import org.bouncycastle.asn1.DERPrintableString; -import org.bouncycastle.asn1.DERUTF8String; -import org.bouncycastle.asn1.x500.AttributeTypeAndValue; import org.bouncycastle.asn1.x500.RDN; import org.bouncycastle.asn1.x500.X500Name; import org.bouncycastle.asn1.x500.X500NameStyle; public class RFC4519Style - implements X500NameStyle + extends AbstractX500NameStyle { public static final ASN1ObjectIdentifier businessCategory = new ASN1ObjectIdentifier("2.5.4.15"); public static final ASN1ObjectIdentifier c = new ASN1ObjectIdentifier("2.5.4.6"); @@ -179,37 +175,19 @@ public class RFC4519Style defaultLookUp = copyHashTable(DefaultLookUp); } - public ASN1Encodable stringToValue(ASN1ObjectIdentifier oid, String value) - { - if (value.length() != 0 && value.charAt(0) == '#') + protected ASN1Encodable encodeStringValue(ASN1ObjectIdentifier oid, + String value) { + if (oid.equals(dc)) { - try - { - return IETFUtils.valueFromHexString(value, 1); - } - catch (IOException e) - { - throw new RuntimeException("can't recode value for oid " + oid.getId()); - } + return new DERIA5String(value); } - else + else if (oid.equals(c) || oid.equals(serialNumber) || oid.equals(dnQualifier) + || oid.equals(telephoneNumber)) { - if (value.length() != 0 && value.charAt(0) == '\\') - { - value = value.substring(1); - } - if (oid.equals(dc)) - { - return new DERIA5String(value); - } - else if (oid.equals(c) || oid.equals(serialNumber) || oid.equals(dnQualifier) - || oid.equals(telephoneNumber)) - { - return new DERPrintableString(value); - } + return new DERPrintableString(value); } - return new DERUTF8String(value); + return super.encodeStringValue(oid, value); } public String oidToDisplayName(ASN1ObjectIdentifier oid) @@ -227,67 +205,6 @@ public class RFC4519Style return IETFUtils.decodeAttrName(attrName, defaultLookUp); } - public boolean areEqual(X500Name name1, X500Name name2) - { - RDN[] rdns1 = name1.getRDNs(); - RDN[] rdns2 = name2.getRDNs(); - - if (rdns1.length != rdns2.length) - { - return false; - } - - boolean reverse = false; - - if (rdns1[0].getFirst() != null && rdns2[0].getFirst() != null) - { - reverse = !rdns1[0].getFirst().getType().equals(rdns2[0].getFirst().getType()); // guess forward - } - - for (int i = 0; i != rdns1.length; i++) - { - if (!foundMatch(reverse, rdns1[i], rdns2)) - { - return false; - } - } - - return true; - } - - private boolean foundMatch(boolean reverse, RDN rdn, RDN[] possRDNs) - { - if (reverse) - { - for (int i = possRDNs.length - 1; i >= 0; i--) - { - if (possRDNs[i] != null && rdnAreEqual(rdn, possRDNs[i])) - { - possRDNs[i] = null; - return true; - } - } - } - else - { - for (int i = 0; i != possRDNs.length; i++) - { - if (possRDNs[i] != null && rdnAreEqual(rdn, possRDNs[i])) - { - possRDNs[i] = null; - return true; - } - } - } - - return false; - } - - protected boolean rdnAreEqual(RDN rdn1, RDN rdn2) - { - return IETFUtils.rDNAreEqual(rdn1, rdn2); - } - // parse backwards public RDN[] fromString(String dirName) { @@ -302,43 +219,6 @@ public class RFC4519Style return res; } - public int calculateHashCode(X500Name name) - { - int hashCodeValue = 0; - RDN[] rdns = name.getRDNs(); - - // this needs to be order independent, like equals - for (int i = 0; i != rdns.length; i++) - { - if (rdns[i].isMultiValued()) - { - AttributeTypeAndValue[] atv = rdns[i].getTypesAndValues(); - - for (int j = 0; j != atv.length; j++) - { - hashCodeValue ^= atv[j].getType().hashCode(); - hashCodeValue ^= calcHashCode(atv[j].getValue()); - } - } - else - { - hashCodeValue ^= rdns[i].getFirst().getType().hashCode(); - hashCodeValue ^= calcHashCode(rdns[i].getFirst().getValue()); - } - } - - return hashCodeValue; - } - - private int calcHashCode(ASN1Encodable enc) - { - String value = IETFUtils.valueToString(enc); - - value = IETFUtils.canonicalize(value); - - return value.hashCode(); - } - // convert in reverse public String toString(X500Name name) { @@ -364,17 +244,5 @@ public class RFC4519Style return buf.toString(); } - private static Hashtable copyHashTable(Hashtable paramsMap) - { - Hashtable newTable = new Hashtable(); - - Enumeration keys = paramsMap.keys(); - while (keys.hasMoreElements()) - { - Object key = keys.nextElement(); - newTable.put(key, paramsMap.get(key)); - } - - return newTable; - } + } diff --git a/bcprov/src/main/java/org/bouncycastle/asn1/x500/style/X500NameTokenizer.java b/bcprov/src/main/java/org/bouncycastle/asn1/x500/style/X500NameTokenizer.java index 2c8e3fcf..b7e52f22 100644 --- a/bcprov/src/main/java/org/bouncycastle/asn1/x500/style/X500NameTokenizer.java +++ b/bcprov/src/main/java/org/bouncycastle/asn1/x500/style/X500NameTokenizer.java @@ -6,7 +6,7 @@ package org.bouncycastle.asn1.x500.style; * lightweight Java environment don't support classes like * StringTokenizer. */ -class X500NameTokenizer +public class X500NameTokenizer { private String value; private int index; diff --git a/bcprov/src/main/java/org/bouncycastle/asn1/x500/style/package.html b/bcprov/src/main/java/org/bouncycastle/asn1/x500/style/package.html new file mode 100644 index 00000000..219d3f54 --- /dev/null +++ b/bcprov/src/main/java/org/bouncycastle/asn1/x500/style/package.html @@ -0,0 +1,5 @@ +<html> +<body bgcolor="#ffffff"> +Template classes for the common styles used for converting X.500 names to strings and back. +</body> +</html> diff --git a/bcprov/src/main/java/org/bouncycastle/asn1/x509/AlgorithmIdentifier.java b/bcprov/src/main/java/org/bouncycastle/asn1/x509/AlgorithmIdentifier.java index d250bf1e..bb90030c 100644 --- a/bcprov/src/main/java/org/bouncycastle/asn1/x509/AlgorithmIdentifier.java +++ b/bcprov/src/main/java/org/bouncycastle/asn1/x509/AlgorithmIdentifier.java @@ -8,7 +8,6 @@ import org.bouncycastle.asn1.ASN1Primitive; import org.bouncycastle.asn1.ASN1Sequence; import org.bouncycastle.asn1.ASN1TaggedObject; import org.bouncycastle.asn1.DERNull; -import org.bouncycastle.asn1.DERObjectIdentifier; import org.bouncycastle.asn1.DERSequence; public class AlgorithmIdentifier @@ -64,30 +63,6 @@ public class AlgorithmIdentifier this.objectId = new ASN1ObjectIdentifier(objectId); } - /** - * @deprecated use ASN1ObjectIdentifier - * @param objectId - */ - public AlgorithmIdentifier( - DERObjectIdentifier objectId) - { - this.objectId = new ASN1ObjectIdentifier(objectId.getId()); - } - - /** - * @deprecated use ASN1ObjectIdentifier - * @param objectId - * @param parameters - */ - public AlgorithmIdentifier( - DERObjectIdentifier objectId, - ASN1Encodable parameters) - { - parametersDefined = true; - this.objectId = new ASN1ObjectIdentifier(objectId.getId()); - this.parameters = parameters; - } - public AlgorithmIdentifier( ASN1ObjectIdentifier objectId, ASN1Encodable parameters) diff --git a/bcprov/src/main/java/org/bouncycastle/asn1/x509/AuthorityInformationAccess.java b/bcprov/src/main/java/org/bouncycastle/asn1/x509/AuthorityInformationAccess.java index 3a239ab0..f66f270d 100644 --- a/bcprov/src/main/java/org/bouncycastle/asn1/x509/AuthorityInformationAccess.java +++ b/bcprov/src/main/java/org/bouncycastle/asn1/x509/AuthorityInformationAccess.java @@ -60,6 +60,12 @@ public class AuthorityInformationAccess } } + public AuthorityInformationAccess( + AccessDescription description) + { + this.descriptions = new AccessDescription[]{ description }; + } + /** * create an AuthorityInformationAccess with the oid and location provided. */ @@ -67,12 +73,9 @@ public class AuthorityInformationAccess ASN1ObjectIdentifier oid, GeneralName location) { - descriptions = new AccessDescription[1]; - - descriptions[0] = new AccessDescription(oid, location); + this(new AccessDescription(oid, location)); } - /** * * @return the access descriptions contained in this object. diff --git a/bcprov/src/main/java/org/bouncycastle/asn1/x509/AuthorityKeyIdentifier.java b/bcprov/src/main/java/org/bouncycastle/asn1/x509/AuthorityKeyIdentifier.java index c91fdc6c..302ba032 100644 --- a/bcprov/src/main/java/org/bouncycastle/asn1/x509/AuthorityKeyIdentifier.java +++ b/bcprov/src/main/java/org/bouncycastle/asn1/x509/AuthorityKeyIdentifier.java @@ -101,7 +101,7 @@ public class AuthorityKeyIdentifier * publicKey.getEncoded()).readObject()); * AuthorityKeyIdentifier aki = new AuthorityKeyIdentifier(apki); * </pre> - * + * @deprecated create the extension using org.bouncycastle.cert.X509ExtensionUtils **/ public AuthorityKeyIdentifier( SubjectPublicKeyInfo spki) @@ -118,6 +118,7 @@ public class AuthorityKeyIdentifier /** * create an AuthorityKeyIdentifier with the GeneralNames tag and * the serial number provided as well. + * @deprecated create the extension using org.bouncycastle.cert.X509ExtensionUtils */ public AuthorityKeyIdentifier( SubjectPublicKeyInfo spki, @@ -144,9 +145,7 @@ public class AuthorityKeyIdentifier GeneralNames name, BigInteger serialNumber) { - this.keyidentifier = null; - this.certissuer = GeneralNames.getInstance(name.toASN1Primitive()); - this.certserno = new ASN1Integer(serialNumber); + this((byte[])null, name, serialNumber); } /** @@ -155,9 +154,7 @@ public class AuthorityKeyIdentifier public AuthorityKeyIdentifier( byte[] keyIdentifier) { - this.keyidentifier = new DEROctetString(keyIdentifier); - this.certissuer = null; - this.certserno = null; + this(keyIdentifier, null, null); } /** @@ -169,9 +166,9 @@ public class AuthorityKeyIdentifier GeneralNames name, BigInteger serialNumber) { - this.keyidentifier = new DEROctetString(keyIdentifier); - this.certissuer = GeneralNames.getInstance(name.toASN1Primitive()); - this.certserno = new ASN1Integer(serialNumber); + this.keyidentifier = (keyIdentifier != null) ? new DEROctetString(keyIdentifier) : null; + this.certissuer = name; + this.certserno = (serialNumber != null) ? new ASN1Integer(serialNumber) : null; } public byte[] getKeyIdentifier() diff --git a/bcprov/src/main/java/org/bouncycastle/asn1/x509/BasicConstraints.java b/bcprov/src/main/java/org/bouncycastle/asn1/x509/BasicConstraints.java index 4a16bd4b..ba5ecf1f 100644 --- a/bcprov/src/main/java/org/bouncycastle/asn1/x509/BasicConstraints.java +++ b/bcprov/src/main/java/org/bouncycastle/asn1/x509/BasicConstraints.java @@ -9,7 +9,6 @@ import org.bouncycastle.asn1.ASN1Object; import org.bouncycastle.asn1.ASN1Primitive; import org.bouncycastle.asn1.ASN1Sequence; import org.bouncycastle.asn1.ASN1TaggedObject; -import org.bouncycastle.asn1.DERBoolean; import org.bouncycastle.asn1.DERSequence; public class BasicConstraints @@ -59,9 +58,9 @@ public class BasicConstraints } else { - if (seq.getObjectAt(0) instanceof DERBoolean) + if (seq.getObjectAt(0) instanceof ASN1Boolean) { - this.cA = DERBoolean.getInstance(seq.getObjectAt(0)); + this.cA = ASN1Boolean.getInstance(seq.getObjectAt(0)); } else { diff --git a/bcprov/src/main/java/org/bouncycastle/asn1/x509/CertificatePair.java b/bcprov/src/main/java/org/bouncycastle/asn1/x509/CertificatePair.java index cab44d1b..ef187e14 100644 --- a/bcprov/src/main/java/org/bouncycastle/asn1/x509/CertificatePair.java +++ b/bcprov/src/main/java/org/bouncycastle/asn1/x509/CertificatePair.java @@ -68,16 +68,15 @@ public class CertificatePair /** * Constructor from ASN1Sequence. - * <p/> + * <p> * The sequence is of type CertificatePair: - * <p/> * <pre> * CertificatePair ::= SEQUENCE { * forward [0] Certificate OPTIONAL, * reverse [1] Certificate OPTIONAL, * -- at least one of the pair shall be present -- } * </pre> - * + * </p> * @param seq The ASN.1 sequence. */ private CertificatePair(ASN1Sequence seq) @@ -123,9 +122,8 @@ public class CertificatePair /** * Produce an object suitable for an ASN1OutputStream. - * <p/> + * <p> * Returns: - * <p/> * <pre> * CertificatePair ::= SEQUENCE { * forward [0] Certificate OPTIONAL, diff --git a/bcprov/src/main/java/org/bouncycastle/asn1/x509/Extensions.java b/bcprov/src/main/java/org/bouncycastle/asn1/x509/Extensions.java index 1aeed15d..6508f938 100644 --- a/bcprov/src/main/java/org/bouncycastle/asn1/x509/Extensions.java +++ b/bcprov/src/main/java/org/bouncycastle/asn1/x509/Extensions.java @@ -43,8 +43,9 @@ public class Extensions /** * Constructor from ASN1Sequence. - * <p/> - * the extensions are a list of constructed sequences, either with (OID, OctetString) or (OID, Boolean, OctetString) + * <p> + * The extensions are a list of constructed sequences, either with (OID, OctetString) or (OID, Boolean, OctetString) + * </p> */ private Extensions( ASN1Sequence seq) diff --git a/bcprov/src/main/java/org/bouncycastle/asn1/x509/PrivateKeyUsagePeriod.java b/bcprov/src/main/java/org/bouncycastle/asn1/x509/PrivateKeyUsagePeriod.java index 81669260..44e0b671 100644 --- a/bcprov/src/main/java/org/bouncycastle/asn1/x509/PrivateKeyUsagePeriod.java +++ b/bcprov/src/main/java/org/bouncycastle/asn1/x509/PrivateKeyUsagePeriod.java @@ -3,11 +3,11 @@ package org.bouncycastle.asn1.x509; import java.util.Enumeration; import org.bouncycastle.asn1.ASN1EncodableVector; +import org.bouncycastle.asn1.ASN1GeneralizedTime; import org.bouncycastle.asn1.ASN1Object; import org.bouncycastle.asn1.ASN1Primitive; import org.bouncycastle.asn1.ASN1Sequence; import org.bouncycastle.asn1.ASN1TaggedObject; -import org.bouncycastle.asn1.DERGeneralizedTime; import org.bouncycastle.asn1.DERSequence; import org.bouncycastle.asn1.DERTaggedObject; @@ -36,7 +36,7 @@ public class PrivateKeyUsagePeriod return null; } - private DERGeneralizedTime _notBefore, _notAfter; + private ASN1GeneralizedTime _notBefore, _notAfter; private PrivateKeyUsagePeriod(ASN1Sequence seq) { @@ -47,21 +47,21 @@ public class PrivateKeyUsagePeriod if (tObj.getTagNo() == 0) { - _notBefore = DERGeneralizedTime.getInstance(tObj, false); + _notBefore = ASN1GeneralizedTime.getInstance(tObj, false); } else if (tObj.getTagNo() == 1) { - _notAfter = DERGeneralizedTime.getInstance(tObj, false); + _notAfter = ASN1GeneralizedTime.getInstance(tObj, false); } } } - public DERGeneralizedTime getNotBefore() + public ASN1GeneralizedTime getNotBefore() { return _notBefore; } - public DERGeneralizedTime getNotAfter() + public ASN1GeneralizedTime getNotAfter() { return _notAfter; } diff --git a/bcprov/src/main/java/org/bouncycastle/asn1/x509/SubjectKeyIdentifier.java b/bcprov/src/main/java/org/bouncycastle/asn1/x509/SubjectKeyIdentifier.java index bcaf5604..5f0cd079 100644 --- a/bcprov/src/main/java/org/bouncycastle/asn1/x509/SubjectKeyIdentifier.java +++ b/bcprov/src/main/java/org/bouncycastle/asn1/x509/SubjectKeyIdentifier.java @@ -5,8 +5,6 @@ import org.bouncycastle.asn1.ASN1OctetString; import org.bouncycastle.asn1.ASN1Primitive; import org.bouncycastle.asn1.ASN1TaggedObject; import org.bouncycastle.asn1.DEROctetString; -import org.bouncycastle.crypto.Digest; -import org.bouncycastle.crypto.digests.SHA1Digest; /** * The SubjectKeyIdentifier object. @@ -67,69 +65,4 @@ public class SubjectKeyIdentifier { return new DEROctetString(keyidentifier); } - - - /** - * Calculates the keyidentifier using a SHA1 hash over the BIT STRING - * from SubjectPublicKeyInfo as defined in RFC3280. - * - * @param spki the subject public key info. - * @deprecated - */ - public SubjectKeyIdentifier( - SubjectPublicKeyInfo spki) - { - this.keyidentifier = getDigest(spki); - } - - /** - * Return a RFC 3280 type 1 key identifier. As in: - * <pre> - * (1) The keyIdentifier is composed of the 160-bit SHA-1 hash of the - * value of the BIT STRING subjectPublicKey (excluding the tag, - * length, and number of unused bits). - * </pre> - * @param keyInfo the key info object containing the subjectPublicKey field. - * @return the key identifier. - * @deprecated use org.bouncycastle.cert.X509ExtensionUtils.createSubjectKeyIdentifier - */ - public static SubjectKeyIdentifier createSHA1KeyIdentifier(SubjectPublicKeyInfo keyInfo) - { - return new SubjectKeyIdentifier(keyInfo); - } - - /** - * Return a RFC 3280 type 2 key identifier. As in: - * <pre> - * (2) The keyIdentifier is composed of a four bit type field with - * the value 0100 followed by the least significant 60 bits of the - * SHA-1 hash of the value of the BIT STRING subjectPublicKey. - * </pre> - * @param keyInfo the key info object containing the subjectPublicKey field. - * @return the key identifier. - * @deprecated use org.bouncycastle.cert.X509ExtensionUtils.createTruncatedSubjectKeyIdentifier - */ - public static SubjectKeyIdentifier createTruncatedSHA1KeyIdentifier(SubjectPublicKeyInfo keyInfo) - { - byte[] dig = getDigest(keyInfo); - byte[] id = new byte[8]; - - System.arraycopy(dig, dig.length - 8, id, 0, id.length); - - id[0] &= 0x0f; - id[0] |= 0x40; - - return new SubjectKeyIdentifier(id); - } - - private static byte[] getDigest(SubjectPublicKeyInfo spki) - { - Digest digest = new SHA1Digest(); - byte[] resBuf = new byte[digest.getDigestSize()]; - - byte[] bytes = spki.getPublicKeyData().getBytes(); - digest.update(bytes, 0, bytes.length); - digest.doFinal(resBuf, 0); - return resBuf; - } } diff --git a/bcprov/src/main/java/org/bouncycastle/asn1/x509/TBSCertList.java b/bcprov/src/main/java/org/bouncycastle/asn1/x509/TBSCertList.java index ce657a76..5fdbcd67 100644 --- a/bcprov/src/main/java/org/bouncycastle/asn1/x509/TBSCertList.java +++ b/bcprov/src/main/java/org/bouncycastle/asn1/x509/TBSCertList.java @@ -3,15 +3,15 @@ package org.bouncycastle.asn1.x509; import java.util.Enumeration; import org.bouncycastle.asn1.ASN1EncodableVector; +import org.bouncycastle.asn1.ASN1GeneralizedTime; import org.bouncycastle.asn1.ASN1Integer; import org.bouncycastle.asn1.ASN1Object; import org.bouncycastle.asn1.ASN1Primitive; import org.bouncycastle.asn1.ASN1Sequence; import org.bouncycastle.asn1.ASN1TaggedObject; -import org.bouncycastle.asn1.DERGeneralizedTime; +import org.bouncycastle.asn1.ASN1UTCTime; import org.bouncycastle.asn1.DERSequence; import org.bouncycastle.asn1.DERTaggedObject; -import org.bouncycastle.asn1.DERUTCTime; import org.bouncycastle.asn1.x500.X500Name; /** @@ -190,8 +190,8 @@ public class TBSCertList thisUpdate = Time.getInstance(seq.getObjectAt(seqPos++)); if (seqPos < seq.size() - && (seq.getObjectAt(seqPos) instanceof DERUTCTime - || seq.getObjectAt(seqPos) instanceof DERGeneralizedTime + && (seq.getObjectAt(seqPos) instanceof ASN1UTCTime + || seq.getObjectAt(seqPos) instanceof ASN1GeneralizedTime || seq.getObjectAt(seqPos) instanceof Time)) { nextUpdate = Time.getInstance(seq.getObjectAt(seqPos++)); diff --git a/bcprov/src/main/java/org/bouncycastle/asn1/x509/Time.java b/bcprov/src/main/java/org/bouncycastle/asn1/x509/Time.java index 5bffedc5..77d36b31 100644 --- a/bcprov/src/main/java/org/bouncycastle/asn1/x509/Time.java +++ b/bcprov/src/main/java/org/bouncycastle/asn1/x509/Time.java @@ -3,12 +3,15 @@ package org.bouncycastle.asn1.x509; import java.text.ParseException; import java.text.SimpleDateFormat; import java.util.Date; +import java.util.Locale; import java.util.SimpleTimeZone; import org.bouncycastle.asn1.ASN1Choice; +import org.bouncycastle.asn1.ASN1GeneralizedTime; import org.bouncycastle.asn1.ASN1Object; import org.bouncycastle.asn1.ASN1Primitive; import org.bouncycastle.asn1.ASN1TaggedObject; +import org.bouncycastle.asn1.ASN1UTCTime; import org.bouncycastle.asn1.DERGeneralizedTime; import org.bouncycastle.asn1.DERUTCTime; @@ -28,8 +31,8 @@ public class Time public Time( ASN1Primitive time) { - if (!(time instanceof DERUTCTime) - && !(time instanceof DERGeneralizedTime)) + if (!(time instanceof ASN1UTCTime) + && !(time instanceof ASN1GeneralizedTime)) { throw new IllegalArgumentException("unknown object passed to Time"); } @@ -38,28 +41,61 @@ public class Time } /** - * creates a time object from a given date - if the date is between 1950 + * Creates a time object from a given date - if the date is between 1950 * and 2049 a UTCTime object is generated, otherwise a GeneralizedTime * is used. + * + * @param time a date object representing the time of interest. */ public Time( - Date date) + Date time) { SimpleTimeZone tz = new SimpleTimeZone(0, "Z"); SimpleDateFormat dateF = new SimpleDateFormat("yyyyMMddHHmmss"); dateF.setTimeZone(tz); - String d = dateF.format(date) + "Z"; + String d = dateF.format(time) + "Z"; int year = Integer.parseInt(d.substring(0, 4)); if (year < 1950 || year > 2049) { - time = new DERGeneralizedTime(d); + this.time = new DERGeneralizedTime(d); } else { - time = new DERUTCTime(d.substring(2)); + this.time = new DERUTCTime(d.substring(2)); + } + } + + /** + * Creates a time object from a given date and locale - if the date is between 1950 + * and 2049 a UTCTime object is generated, otherwise a GeneralizedTime + * is used. You may need to use this constructor if the default locale + * doesn't use a Gregorian calender so that the GeneralizedTime produced is compatible with other ASN.1 implementations. + * + * @param time a date object representing the time of interest. + * @param locale an appropriate Locale for producing an ASN.1 GeneralizedTime value. + */ + public Time( + Date time, + Locale locale) + { + SimpleTimeZone tz = new SimpleTimeZone(0, "Z"); + SimpleDateFormat dateF = new SimpleDateFormat("yyyyMMddHHmmss", locale); + + dateF.setTimeZone(tz); + + String d = dateF.format(time) + "Z"; + int year = Integer.parseInt(d.substring(0, 4)); + + if (year < 1950 || year > 2049) + { + this.time = new DERGeneralizedTime(d); + } + else + { + this.time = new DERUTCTime(d.substring(2)); } } @@ -70,13 +106,13 @@ public class Time { return (Time)obj; } - else if (obj instanceof DERUTCTime) + else if (obj instanceof ASN1UTCTime) { - return new Time((DERUTCTime)obj); + return new Time((ASN1UTCTime)obj); } - else if (obj instanceof DERGeneralizedTime) + else if (obj instanceof ASN1GeneralizedTime) { - return new Time((DERGeneralizedTime)obj); + return new Time((ASN1GeneralizedTime)obj); } throw new IllegalArgumentException("unknown object in factory: " + obj.getClass().getName()); @@ -84,13 +120,13 @@ public class Time public String getTime() { - if (time instanceof DERUTCTime) + if (time instanceof ASN1UTCTime) { - return ((DERUTCTime)time).getAdjustedTime(); + return ((ASN1UTCTime)time).getAdjustedTime(); } else { - return ((DERGeneralizedTime)time).getTime(); + return ((ASN1GeneralizedTime)time).getTime(); } } @@ -98,13 +134,13 @@ public class Time { try { - if (time instanceof DERUTCTime) + if (time instanceof ASN1UTCTime) { - return ((DERUTCTime)time).getAdjustedDate(); + return ((ASN1UTCTime)time).getAdjustedDate(); } else { - return ((DERGeneralizedTime)time).getDate(); + return ((ASN1GeneralizedTime)time).getDate(); } } catch (ParseException e) diff --git a/bcprov/src/main/java/org/bouncycastle/asn1/x509/V3TBSCertificateGenerator.java b/bcprov/src/main/java/org/bouncycastle/asn1/x509/V3TBSCertificateGenerator.java index 3d923b61..d778d7f5 100644 --- a/bcprov/src/main/java/org/bouncycastle/asn1/x509/V3TBSCertificateGenerator.java +++ b/bcprov/src/main/java/org/bouncycastle/asn1/x509/V3TBSCertificateGenerator.java @@ -2,10 +2,10 @@ package org.bouncycastle.asn1.x509; import org.bouncycastle.asn1.ASN1EncodableVector; import org.bouncycastle.asn1.ASN1Integer; +import org.bouncycastle.asn1.ASN1UTCTime; import org.bouncycastle.asn1.DERBitString; import org.bouncycastle.asn1.DERSequence; import org.bouncycastle.asn1.DERTaggedObject; -import org.bouncycastle.asn1.DERUTCTime; import org.bouncycastle.asn1.x500.X500Name; /** @@ -74,7 +74,7 @@ public class V3TBSCertificateGenerator } public void setStartDate( - DERUTCTime startDate) + ASN1UTCTime startDate) { this.startDate = new Time(startDate); } @@ -86,7 +86,7 @@ public class V3TBSCertificateGenerator } public void setEndDate( - DERUTCTime endDate) + ASN1UTCTime endDate) { this.endDate = new Time(endDate); } diff --git a/bcprov/src/main/java/org/bouncycastle/asn1/x509/X509Extension.java b/bcprov/src/main/java/org/bouncycastle/asn1/x509/X509Extension.java index f29284d5..93530571 100644 --- a/bcprov/src/main/java/org/bouncycastle/asn1/x509/X509Extension.java +++ b/bcprov/src/main/java/org/bouncycastle/asn1/x509/X509Extension.java @@ -2,11 +2,11 @@ package org.bouncycastle.asn1.x509; import java.io.IOException; +import org.bouncycastle.asn1.ASN1Boolean; import org.bouncycastle.asn1.ASN1Encodable; import org.bouncycastle.asn1.ASN1ObjectIdentifier; import org.bouncycastle.asn1.ASN1OctetString; import org.bouncycastle.asn1.ASN1Primitive; -import org.bouncycastle.asn1.DERBoolean; /** * an object for the elements in the X.509 V3 extension block. @@ -173,7 +173,7 @@ public class X509Extension ASN1OctetString value; public X509Extension( - DERBoolean critical, + ASN1Boolean critical, ASN1OctetString value) { this.critical = critical.isTrue(); diff --git a/bcprov/src/main/java/org/bouncycastle/asn1/x509/X509Extensions.java b/bcprov/src/main/java/org/bouncycastle/asn1/x509/X509Extensions.java index c72e3cc0..5b9ea9e1 100644 --- a/bcprov/src/main/java/org/bouncycastle/asn1/x509/X509Extensions.java +++ b/bcprov/src/main/java/org/bouncycastle/asn1/x509/X509Extensions.java @@ -4,6 +4,7 @@ import java.util.Enumeration; import java.util.Hashtable; import java.util.Vector; +import org.bouncycastle.asn1.ASN1Boolean; import org.bouncycastle.asn1.ASN1EncodableVector; import org.bouncycastle.asn1.ASN1Object; import org.bouncycastle.asn1.ASN1ObjectIdentifier; @@ -11,8 +12,6 @@ import org.bouncycastle.asn1.ASN1OctetString; import org.bouncycastle.asn1.ASN1Primitive; import org.bouncycastle.asn1.ASN1Sequence; import org.bouncycastle.asn1.ASN1TaggedObject; -import org.bouncycastle.asn1.DERBoolean; -import org.bouncycastle.asn1.DERObjectIdentifier; import org.bouncycastle.asn1.DERSequence; /** @@ -259,7 +258,7 @@ public class X509Extensions if (s.size() == 3) { - extensions.put(s.getObjectAt(0), new X509Extension(DERBoolean.getInstance(s.getObjectAt(1)), ASN1OctetString.getInstance(s.getObjectAt(2)))); + extensions.put(s.getObjectAt(0), new X509Extension(ASN1Boolean.getInstance(s.getObjectAt(1)), ASN1OctetString.getInstance(s.getObjectAt(2)))); } else if (s.size() == 2) { @@ -369,17 +368,6 @@ public class X509Extensions * @return the extension if it's present, null otherwise. */ public X509Extension getExtension( - DERObjectIdentifier oid) - { - return (X509Extension)extensions.get(oid); - } - - /** - * @deprecated - * @param oid - * @return - */ - public X509Extension getExtension( ASN1ObjectIdentifier oid) { return (X509Extension)extensions.get(oid); @@ -410,7 +398,7 @@ public class X509Extensions if (ext.isCritical()) { - v.add(DERBoolean.TRUE); + v.add(ASN1Boolean.TRUE); } v.add(ext.getValue()); diff --git a/bcprov/src/main/java/org/bouncycastle/asn1/x509/X509ExtensionsGenerator.java b/bcprov/src/main/java/org/bouncycastle/asn1/x509/X509ExtensionsGenerator.java index 468d1b96..589d512f 100644 --- a/bcprov/src/main/java/org/bouncycastle/asn1/x509/X509ExtensionsGenerator.java +++ b/bcprov/src/main/java/org/bouncycastle/asn1/x509/X509ExtensionsGenerator.java @@ -7,7 +7,6 @@ import java.util.Vector; import org.bouncycastle.asn1.ASN1Encodable; import org.bouncycastle.asn1.ASN1Encoding; import org.bouncycastle.asn1.ASN1ObjectIdentifier; -import org.bouncycastle.asn1.DERObjectIdentifier; import org.bouncycastle.asn1.DEROctetString; /** @@ -29,28 +28,6 @@ public class X509ExtensionsGenerator } /** - * @deprecated use ASN1ObjectIdentifier - */ - public void addExtension( - DERObjectIdentifier oid, - boolean critical, - ASN1Encodable value) - { - addExtension(new ASN1ObjectIdentifier(oid.getId()), critical, value); - } - - /** - * @deprecated use ASN1ObjectIdentifier - */ - public void addExtension( - DERObjectIdentifier oid, - boolean critical, - byte[] value) - { - addExtension(new ASN1ObjectIdentifier(oid.getId()), critical, value); - } - - /** * Add an extension with the given oid and the passed in value to be included * in the OCTET STRING associated with the extension. * diff --git a/bcprov/src/main/java/org/bouncycastle/asn1/x509/X509NameEntryConverter.java b/bcprov/src/main/java/org/bouncycastle/asn1/x509/X509NameEntryConverter.java index 5d919e1b..188af430 100644 --- a/bcprov/src/main/java/org/bouncycastle/asn1/x509/X509NameEntryConverter.java +++ b/bcprov/src/main/java/org/bouncycastle/asn1/x509/X509NameEntryConverter.java @@ -23,7 +23,7 @@ import org.bouncycastle.util.Strings; * ASN1ObjectIdentifier oid, * String value) * { - * if (str.length() != 0 && str.charAt(0) == '#') + * if (str.length() != 0 && str.charAt(0) == '#') * { * return convertHexEncoded(str, 1); * } @@ -45,6 +45,7 @@ import org.bouncycastle.util.Strings; * } * } * } + * </pre> */ public abstract class X509NameEntryConverter { diff --git a/bcprov/src/main/java/org/bouncycastle/asn1/x509/package.html b/bcprov/src/main/java/org/bouncycastle/asn1/x509/package.html new file mode 100644 index 00000000..728921a1 --- /dev/null +++ b/bcprov/src/main/java/org/bouncycastle/asn1/x509/package.html @@ -0,0 +1,5 @@ +<html> +<body bgcolor="#ffffff"> +Support classes useful for encoding and processing X.509 certificates. +</body> +</html> diff --git a/bcprov/src/main/java/org/bouncycastle/asn1/x509/qualified/package.html b/bcprov/src/main/java/org/bouncycastle/asn1/x509/qualified/package.html new file mode 100644 index 00000000..28cfef90 --- /dev/null +++ b/bcprov/src/main/java/org/bouncycastle/asn1/x509/qualified/package.html @@ -0,0 +1,5 @@ +<html> +<body bgcolor="#ffffff"> +Support classes useful for encoding and processing messages based around RFC3739 +</body> +</html> diff --git a/bcprov/src/main/java/org/bouncycastle/asn1/x509/sigi/NameOrPseudonym.java b/bcprov/src/main/java/org/bouncycastle/asn1/x509/sigi/NameOrPseudonym.java index 304f1d46..8c052770 100644 --- a/bcprov/src/main/java/org/bouncycastle/asn1/x509/sigi/NameOrPseudonym.java +++ b/bcprov/src/main/java/org/bouncycastle/asn1/x509/sigi/NameOrPseudonym.java @@ -60,9 +60,8 @@ public class NameOrPseudonym /** * Constructor from DirectoryString. - * <p/> + * <p> * The sequence is of type NameOrPseudonym: - * <p/> * <pre> * NameOrPseudonym ::= CHOICE { * surAndGivenName SEQUENCE { @@ -81,9 +80,8 @@ public class NameOrPseudonym /** * Constructor from ASN1Sequence. - * <p/> + * <p> * The sequence is of type NameOrPseudonym: - * <p/> * <pre> * NameOrPseudonym ::= CHOICE { * surAndGivenName SEQUENCE { @@ -93,7 +91,7 @@ public class NameOrPseudonym * pseudonym DirectoryString * } * </pre> - * + * </p> * @param seq The ASN.1 sequence. */ private NameOrPseudonym(ASN1Sequence seq) @@ -159,9 +157,8 @@ public class NameOrPseudonym /** * Produce an object suitable for an ASN1OutputStream. - * <p/> + * <p> * Returns: - * <p/> * <pre> * NameOrPseudonym ::= CHOICE { * surAndGivenName SEQUENCE { diff --git a/bcprov/src/main/java/org/bouncycastle/asn1/x509/sigi/PersonalData.java b/bcprov/src/main/java/org/bouncycastle/asn1/x509/sigi/PersonalData.java index 0b732480..883ed8d4 100644 --- a/bcprov/src/main/java/org/bouncycastle/asn1/x509/sigi/PersonalData.java +++ b/bcprov/src/main/java/org/bouncycastle/asn1/x509/sigi/PersonalData.java @@ -18,7 +18,7 @@ import org.bouncycastle.asn1.x500.DirectoryString; /** * Contains personal data for the otherName field in the subjectAltNames * extension. - * <p/> + * * <pre> * PersonalData ::= SEQUENCE { * nameOrPseudonym NameOrPseudonym, @@ -60,9 +60,8 @@ public class PersonalData /** * Constructor from ASN1Sequence. - * <p/> + * <p> * The sequence is of type NameOrPseudonym: - * <p/> * <pre> * PersonalData ::= SEQUENCE { * nameOrPseudonym NameOrPseudonym, @@ -73,7 +72,7 @@ public class PersonalData * postalAddress [4] DirectoryString OPTIONAL * } * </pre> - * + * </p> * @param seq The ASN.1 sequence. */ private PersonalData(ASN1Sequence seq) @@ -169,9 +168,8 @@ public class PersonalData /** * Produce an object suitable for an ASN1OutputStream. - * <p/> + * <p> * Returns: - * <p/> * <pre> * PersonalData ::= SEQUENCE { * nameOrPseudonym NameOrPseudonym, diff --git a/bcprov/src/main/java/org/bouncycastle/asn1/x509/sigi/package.html b/bcprov/src/main/java/org/bouncycastle/asn1/x509/sigi/package.html new file mode 100644 index 00000000..4e073cef --- /dev/null +++ b/bcprov/src/main/java/org/bouncycastle/asn1/x509/sigi/package.html @@ -0,0 +1,5 @@ +<html> +<body bgcolor="#ffffff"> +Support classes for the German SigI (Signature Interoperability Specification) standard. +</body> +</html> diff --git a/bcprov/src/main/java/org/bouncycastle/asn1/x9/DHDomainParameters.java b/bcprov/src/main/java/org/bouncycastle/asn1/x9/DHDomainParameters.java index 6a97a48e..509111ad 100644 --- a/bcprov/src/main/java/org/bouncycastle/asn1/x9/DHDomainParameters.java +++ b/bcprov/src/main/java/org/bouncycastle/asn1/x9/DHDomainParameters.java @@ -1,5 +1,6 @@ package org.bouncycastle.asn1.x9; +import java.math.BigInteger; import java.util.Enumeration; import org.bouncycastle.asn1.ASN1Encodable; @@ -38,6 +39,29 @@ public class DHDomainParameters + obj.getClass().getName()); } + public DHDomainParameters(BigInteger p, BigInteger g, BigInteger q, BigInteger j, + DHValidationParms validationParms) + { + if (p == null) + { + throw new IllegalArgumentException("'p' cannot be null"); + } + if (g == null) + { + throw new IllegalArgumentException("'g' cannot be null"); + } + if (q == null) + { + throw new IllegalArgumentException("'q' cannot be null"); + } + + this.p = new ASN1Integer(p); + this.g = new ASN1Integer(g); + this.q = new ASN1Integer(q); + this.j = new ASN1Integer(j); + this.validationParms = validationParms; + } + public DHDomainParameters(ASN1Integer p, ASN1Integer g, ASN1Integer q, ASN1Integer j, DHValidationParms validationParms) { diff --git a/bcprov/src/main/java/org/bouncycastle/asn1/x9/DHValidationParms.java b/bcprov/src/main/java/org/bouncycastle/asn1/x9/DHValidationParms.java index 78b09796..b3020e0a 100644 --- a/bcprov/src/main/java/org/bouncycastle/asn1/x9/DHValidationParms.java +++ b/bcprov/src/main/java/org/bouncycastle/asn1/x9/DHValidationParms.java @@ -21,17 +21,16 @@ public class DHValidationParms extends ASN1Object public static DHValidationParms getInstance(Object obj) { - if (obj == null || obj instanceof DHDomainParameters) + if (obj instanceof DHValidationParms) { return (DHValidationParms)obj; } - - if (obj instanceof ASN1Sequence) + else if (obj != null) { - return new DHValidationParms((ASN1Sequence)obj); + return new DHValidationParms(ASN1Sequence.getInstance(obj)); } - throw new IllegalArgumentException("Invalid DHValidationParms: " + obj.getClass().getName()); + return null; } public DHValidationParms(DERBitString seed, ASN1Integer pgenCounter) diff --git a/bcprov/src/main/java/org/bouncycastle/asn1/x9/ECNamedCurveTable.java b/bcprov/src/main/java/org/bouncycastle/asn1/x9/ECNamedCurveTable.java index eeae0dea..2206a331 100644 --- a/bcprov/src/main/java/org/bouncycastle/asn1/x9/ECNamedCurveTable.java +++ b/bcprov/src/main/java/org/bouncycastle/asn1/x9/ECNamedCurveTable.java @@ -44,6 +44,35 @@ public class ECNamedCurveTable } /** + * return the object identifier signified by the passed in name. Null + * if there is no object identifier associated with name. + * + * @return the object identifier associated with name, if present. + */ + public static ASN1ObjectIdentifier getOID( + String name) + { + ASN1ObjectIdentifier oid = X962NamedCurves.getOID(name); + + if (oid == null) + { + oid = SECNamedCurves.getOID(name); + } + + if (oid == null) + { + oid = TeleTrusTNamedCurves.getOID(name); + } + + if (oid == null) + { + oid = NISTNamedCurves.getOID(name); + } + + return oid; + } + + /** * return a X9ECParameters object representing the passed in named * curve. * diff --git a/bcprov/src/main/java/org/bouncycastle/asn1/x9/X962NamedCurves.java b/bcprov/src/main/java/org/bouncycastle/asn1/x9/X962NamedCurves.java index 764017e7..25312feb 100644 --- a/bcprov/src/main/java/org/bouncycastle/asn1/x9/X962NamedCurves.java +++ b/bcprov/src/main/java/org/bouncycastle/asn1/x9/X962NamedCurves.java @@ -19,17 +19,20 @@ public class X962NamedCurves { protected X9ECParameters createParameters() { + BigInteger n = new BigInteger("ffffffffffffffffffffffff99def836146bc9b1b4d22831", 16); + BigInteger h = BigInteger.valueOf(1); + ECCurve cFp192v1 = new ECCurve.Fp( new BigInteger("6277101735386680763835789423207666416083908700390324961279"), new BigInteger("fffffffffffffffffffffffffffffffefffffffffffffffc", 16), - new BigInteger("64210519e59c80e70fa7e9ab72243049feb8deecc146b9b1", 16)); + new BigInteger("64210519e59c80e70fa7e9ab72243049feb8deecc146b9b1", 16), + n, h); return new X9ECParameters( cFp192v1, cFp192v1.decodePoint( Hex.decode("03188da80eb03090f67cbf20eb43a18800f4ff0afd82ff1012")), - new BigInteger("ffffffffffffffffffffffff99def836146bc9b1b4d22831", 16), - BigInteger.valueOf(1), + n, h, Hex.decode("3045AE6FC8422f64ED579528D38120EAE12196D5")); } }; @@ -38,17 +41,20 @@ public class X962NamedCurves { protected X9ECParameters createParameters() { + BigInteger n = new BigInteger("fffffffffffffffffffffffe5fb1a724dc80418648d8dd31", 16); + BigInteger h = BigInteger.valueOf(1); + ECCurve cFp192v2 = new ECCurve.Fp( new BigInteger("6277101735386680763835789423207666416083908700390324961279"), new BigInteger("fffffffffffffffffffffffffffffffefffffffffffffffc", 16), - new BigInteger("cc22d6dfb95c6b25e49c0d6364a4e5980c393aa21668d953", 16)); + new BigInteger("cc22d6dfb95c6b25e49c0d6364a4e5980c393aa21668d953", 16), + n, h); return new X9ECParameters( cFp192v2, cFp192v2.decodePoint( Hex.decode("03eea2bae7e1497842f2de7769cfe9c989c072ad696f48034a")), - new BigInteger("fffffffffffffffffffffffe5fb1a724dc80418648d8dd31", 16), - BigInteger.valueOf(1), + n, h, Hex.decode("31a92ee2029fd10d901b113e990710f0d21ac6b6")); } }; @@ -57,17 +63,20 @@ public class X962NamedCurves { protected X9ECParameters createParameters() { + BigInteger n = new BigInteger("ffffffffffffffffffffffff7a62d031c83f4294f640ec13", 16); + BigInteger h = BigInteger.valueOf(1); + ECCurve cFp192v3 = new ECCurve.Fp( new BigInteger("6277101735386680763835789423207666416083908700390324961279"), new BigInteger("fffffffffffffffffffffffffffffffefffffffffffffffc", 16), - new BigInteger("22123dc2395a05caa7423daeccc94760a7d462256bd56916", 16)); + new BigInteger("22123dc2395a05caa7423daeccc94760a7d462256bd56916", 16), + n, h); return new X9ECParameters( cFp192v3, cFp192v3.decodePoint( Hex.decode("027d29778100c65a1da1783716588dce2b8b4aee8e228f1896")), - new BigInteger("ffffffffffffffffffffffff7a62d031c83f4294f640ec13", 16), - BigInteger.valueOf(1), + n, h, Hex.decode("c469684435deb378c4b65ca9591e2a5763059a2e")); } }; @@ -76,17 +85,20 @@ public class X962NamedCurves { protected X9ECParameters createParameters() { + BigInteger n = new BigInteger("7fffffffffffffffffffffff7fffff9e5e9a9f5d9071fbd1522688909d0b", 16); + BigInteger h = BigInteger.valueOf(1); + ECCurve cFp239v1 = new ECCurve.Fp( new BigInteger("883423532389192164791648750360308885314476597252960362792450860609699839"), new BigInteger("7fffffffffffffffffffffff7fffffffffff8000000000007ffffffffffc", 16), - new BigInteger("6b016c3bdcf18941d0d654921475ca71a9db2fb27d1d37796185c2942c0a", 16)); + new BigInteger("6b016c3bdcf18941d0d654921475ca71a9db2fb27d1d37796185c2942c0a", 16), + n, h); return new X9ECParameters( cFp239v1, cFp239v1.decodePoint( Hex.decode("020ffa963cdca8816ccc33b8642bedf905c3d358573d3f27fbbd3b3cb9aaaf")), - new BigInteger("7fffffffffffffffffffffff7fffff9e5e9a9f5d9071fbd1522688909d0b", 16), - BigInteger.valueOf(1), + n, h, Hex.decode("e43bb460f0b80cc0c0b075798e948060f8321b7d")); } }; @@ -95,17 +107,20 @@ public class X962NamedCurves { protected X9ECParameters createParameters() { + BigInteger n = new BigInteger("7fffffffffffffffffffffff800000cfa7e8594377d414c03821bc582063", 16); + BigInteger h = BigInteger.valueOf(1); + ECCurve cFp239v2 = new ECCurve.Fp( new BigInteger("883423532389192164791648750360308885314476597252960362792450860609699839"), new BigInteger("7fffffffffffffffffffffff7fffffffffff8000000000007ffffffffffc", 16), - new BigInteger("617fab6832576cbbfed50d99f0249c3fee58b94ba0038c7ae84c8c832f2c", 16)); + new BigInteger("617fab6832576cbbfed50d99f0249c3fee58b94ba0038c7ae84c8c832f2c", 16), + n, h); return new X9ECParameters( cFp239v2, cFp239v2.decodePoint( Hex.decode("0238af09d98727705120c921bb5e9e26296a3cdcf2f35757a0eafd87b830e7")), - new BigInteger("7fffffffffffffffffffffff800000cfa7e8594377d414c03821bc582063", 16), - BigInteger.valueOf(1), + n, h, Hex.decode("e8b4011604095303ca3b8099982be09fcb9ae616")); } }; @@ -114,17 +129,20 @@ public class X962NamedCurves { protected X9ECParameters createParameters() { + BigInteger n = new BigInteger("7fffffffffffffffffffffff7fffff975deb41b3a6057c3c432146526551", 16); + BigInteger h = BigInteger.valueOf(1); + ECCurve cFp239v3 = new ECCurve.Fp( new BigInteger("883423532389192164791648750360308885314476597252960362792450860609699839"), new BigInteger("7fffffffffffffffffffffff7fffffffffff8000000000007ffffffffffc", 16), - new BigInteger("255705fa2a306654b1f4cb03d6a750a30c250102d4988717d9ba15ab6d3e", 16)); + new BigInteger("255705fa2a306654b1f4cb03d6a750a30c250102d4988717d9ba15ab6d3e", 16), + n, h); return new X9ECParameters( cFp239v3, cFp239v3.decodePoint( Hex.decode("036768ae8e18bb92cfcf005c949aa2c6d94853d0e660bbf854b1c9505fe95a")), - new BigInteger("7fffffffffffffffffffffff7fffff975deb41b3a6057c3c432146526551", 16), - BigInteger.valueOf(1), + n, h, Hex.decode("7d7374168ffe3471b60a857686a19475d3bfa2ff")); } }; @@ -133,17 +151,20 @@ public class X962NamedCurves { protected X9ECParameters createParameters() { + BigInteger n = new BigInteger("ffffffff00000000ffffffffffffffffbce6faada7179e84f3b9cac2fc632551", 16); + BigInteger h = BigInteger.valueOf(1); + ECCurve cFp256v1 = new ECCurve.Fp( new BigInteger("115792089210356248762697446949407573530086143415290314195533631308867097853951"), new BigInteger("ffffffff00000001000000000000000000000000fffffffffffffffffffffffc", 16), - new BigInteger("5ac635d8aa3a93e7b3ebbd55769886bc651d06b0cc53b0f63bce3c3e27d2604b", 16)); + new BigInteger("5ac635d8aa3a93e7b3ebbd55769886bc651d06b0cc53b0f63bce3c3e27d2604b", 16), + n, h); return new X9ECParameters( cFp256v1, cFp256v1.decodePoint( Hex.decode("036b17d1f2e12c4247f8bce6e563a440f277037d812deb33a0f4a13945d898c296")), - new BigInteger("ffffffff00000000ffffffffffffffffbce6faada7179e84f3b9cac2fc632551", 16), - BigInteger.valueOf(1), + n, h, Hex.decode("c49d360886e704936a6678e1139d26b7819f7e90")); } }; diff --git a/bcprov/src/main/java/org/bouncycastle/asn1/x9/X962Parameters.java b/bcprov/src/main/java/org/bouncycastle/asn1/x9/X962Parameters.java index 1c395d20..a4348dec 100644 --- a/bcprov/src/main/java/org/bouncycastle/asn1/x9/X962Parameters.java +++ b/bcprov/src/main/java/org/bouncycastle/asn1/x9/X962Parameters.java @@ -74,7 +74,7 @@ public class X962Parameters * <pre> * Parameters ::= CHOICE { * ecParameters ECParameters, - * namedCurve CURVES.&id({CurveNames}), + * namedCurve CURVES.&id({CurveNames}), * implicitlyCA NULL * } * </pre> diff --git a/bcprov/src/main/java/org/bouncycastle/asn1/x9/X9Curve.java b/bcprov/src/main/java/org/bouncycastle/asn1/x9/X9Curve.java index f233657e..f1bac2b8 100644 --- a/bcprov/src/main/java/org/bouncycastle/asn1/x9/X9Curve.java +++ b/bcprov/src/main/java/org/bouncycastle/asn1/x9/X9Curve.java @@ -11,6 +11,7 @@ import org.bouncycastle.asn1.ASN1Primitive; import org.bouncycastle.asn1.ASN1Sequence; import org.bouncycastle.asn1.DERBitString; import org.bouncycastle.asn1.DERSequence; +import org.bouncycastle.math.ec.ECAlgorithms; import org.bouncycastle.math.ec.ECCurve; /** @@ -46,6 +47,8 @@ public class X9Curve X9FieldID fieldID, ASN1Sequence seq) { + // TODO Is it possible to get the order(n) and cofactor(h) too? + fieldIdentifier = fieldID.getIdentifier(); if (fieldIdentifier.equals(prime_field)) { @@ -86,7 +89,6 @@ public class X9Curve } X9FieldElement x9A = new X9FieldElement(m, k1, k2, k3, (ASN1OctetString)seq.getObjectAt(0)); X9FieldElement x9B = new X9FieldElement(m, k1, k2, k3, (ASN1OctetString)seq.getObjectAt(1)); - // TODO Is it possible to get the order (n) and cofactor(h) too? curve = new ECCurve.F2m(m, k1, k2, k3, x9A.getValue().toBigInteger(), x9B.getValue().toBigInteger()); } else @@ -102,11 +104,11 @@ public class X9Curve private void setFieldIdentifier() { - if (curve instanceof ECCurve.Fp) + if (ECAlgorithms.isFpCurve(curve)) { fieldIdentifier = prime_field; } - else if (curve instanceof ECCurve.F2m) + else if (ECAlgorithms.isF2mCurve(curve)) { fieldIdentifier = characteristic_two_field; } diff --git a/bcprov/src/main/java/org/bouncycastle/asn1/x9/X9ECParameters.java b/bcprov/src/main/java/org/bouncycastle/asn1/x9/X9ECParameters.java index 60f90081..302c1300 100644 --- a/bcprov/src/main/java/org/bouncycastle/asn1/x9/X9ECParameters.java +++ b/bcprov/src/main/java/org/bouncycastle/asn1/x9/X9ECParameters.java @@ -9,8 +9,10 @@ import org.bouncycastle.asn1.ASN1OctetString; import org.bouncycastle.asn1.ASN1Primitive; import org.bouncycastle.asn1.ASN1Sequence; import org.bouncycastle.asn1.DERSequence; +import org.bouncycastle.math.ec.ECAlgorithms; import org.bouncycastle.math.ec.ECCurve; import org.bouncycastle.math.ec.ECPoint; +import org.bouncycastle.math.field.PolynomialExtensionField; /** * ASN.1 def for Elliptic-Curve ECParameters structure. See @@ -108,19 +110,31 @@ public class X9ECParameters this.h = h; this.seed = seed; - if (curve instanceof ECCurve.Fp) + if (ECAlgorithms.isFpCurve(curve)) { - this.fieldID = new X9FieldID(((ECCurve.Fp)curve).getQ()); + this.fieldID = new X9FieldID(curve.getField().getCharacteristic()); } - else + else if (ECAlgorithms.isF2mCurve(curve)) { - if (curve instanceof ECCurve.F2m) + PolynomialExtensionField field = (PolynomialExtensionField)curve.getField(); + int[] exponents = field.getMinimalPolynomial().getExponentsPresent(); + if (exponents.length == 3) + { + this.fieldID = new X9FieldID(exponents[2], exponents[1]); + } + else if (exponents.length == 5) + { + this.fieldID = new X9FieldID(exponents[4], exponents[1], exponents[2], exponents[3]); + } + else { - ECCurve.F2m curveF2m = (ECCurve.F2m)curve; - this.fieldID = new X9FieldID(curveF2m.getM(), curveF2m.getK1(), - curveF2m.getK2(), curveF2m.getK3()); + throw new IllegalArgumentException("Only trinomial and pentomial curves are supported"); } } + else + { + throw new IllegalArgumentException("'curve' is of an unsupported type"); + } } public ECCurve getCurve() diff --git a/bcprov/src/main/java/org/bouncycastle/asn1/x9/X9FieldID.java b/bcprov/src/main/java/org/bouncycastle/asn1/x9/X9FieldID.java index a210352e..cb74234e 100644 --- a/bcprov/src/main/java/org/bouncycastle/asn1/x9/X9FieldID.java +++ b/bcprov/src/main/java/org/bouncycastle/asn1/x9/X9FieldID.java @@ -38,6 +38,20 @@ public class X9FieldID * @param m The exponent <code>m</code> of * <code>F<sub>2<sup>m</sup></sub></code>. * @param k1 The integer <code>k1</code> where <code>x<sup>m</sup> + + * x<sup>k1</sup> + 1</code> + * represents the reduction polynomial <code>f(z)</code>. + */ + public X9FieldID(int m, int k1) + { + this(m, k1, 0, 0); + } + + /** + * Constructor for elliptic curves over binary fields + * <code>F<sub>2<sup>m</sup></sub></code>. + * @param m The exponent <code>m</code> of + * <code>F<sub>2<sup>m</sup></sub></code>. + * @param k1 The integer <code>k1</code> where <code>x<sup>m</sup> + * x<sup>k3</sup> + x<sup>k2</sup> + x<sup>k1</sup> + 1</code> * represents the reduction polynomial <code>f(z)</code>. * @param k2 The integer <code>k2</code> where <code>x<sup>m</sup> + @@ -55,11 +69,21 @@ public class X9FieldID if (k2 == 0) { + if (k3 != 0) + { + throw new IllegalArgumentException("inconsistent k values"); + } + fieldIdParams.add(tpBasis); fieldIdParams.add(new ASN1Integer(k1)); } else { + if (k2 <= k1 || k3 <= k2) + { + throw new IllegalArgumentException("inconsistent k values"); + } + fieldIdParams.add(ppBasis); ASN1EncodableVector pentanomialParams = new ASN1EncodableVector(); pentanomialParams.add(new ASN1Integer(k1)); diff --git a/bcprov/src/main/java/org/bouncycastle/asn1/x9/X9ObjectIdentifiers.java b/bcprov/src/main/java/org/bouncycastle/asn1/x9/X9ObjectIdentifiers.java index eabf90ea..53a4373c 100644 --- a/bcprov/src/main/java/org/bouncycastle/asn1/x9/X9ObjectIdentifiers.java +++ b/bcprov/src/main/java/org/bouncycastle/asn1/x9/X9ObjectIdentifiers.java @@ -63,78 +63,78 @@ public interface X9ObjectIdentifiers /** * Named curves base * <p> - * OID: 1.2.840.10045.1 + * OID: 1.2.840.10045.3 */ static final ASN1ObjectIdentifier ellipticCurve = ansi_X9_62.branch("3"); /** * Two Curves * <p> - * OID: 1.2.840.10045.1.0 + * OID: 1.2.840.10045.3.0 */ static final ASN1ObjectIdentifier cTwoCurve = ellipticCurve.branch("0"); - /** Two Curve c2pnb163v1, OID: 1.2.840.10045.1.0.1 */ + /** Two Curve c2pnb163v1, OID: 1.2.840.10045.3.0.1 */ static final ASN1ObjectIdentifier c2pnb163v1 = cTwoCurve.branch("1"); - /** Two Curve c2pnb163v2, OID: 1.2.840.10045.1.0.2 */ + /** Two Curve c2pnb163v2, OID: 1.2.840.10045.3.0.2 */ static final ASN1ObjectIdentifier c2pnb163v2 = cTwoCurve.branch("2"); - /** Two Curve c2pnb163v3, OID: 1.2.840.10045.1.0.3 */ + /** Two Curve c2pnb163v3, OID: 1.2.840.10045.3.0.3 */ static final ASN1ObjectIdentifier c2pnb163v3 = cTwoCurve.branch("3"); - /** Two Curve c2pnb176w1, OID: 1.2.840.10045.1.0.4 */ + /** Two Curve c2pnb176w1, OID: 1.2.840.10045.3.0.4 */ static final ASN1ObjectIdentifier c2pnb176w1 = cTwoCurve.branch("4"); - /** Two Curve c2tnb191v1, OID: 1.2.840.10045.1.0.5 */ + /** Two Curve c2tnb191v1, OID: 1.2.840.10045.3.0.5 */ static final ASN1ObjectIdentifier c2tnb191v1 = cTwoCurve.branch("5"); - /** Two Curve c2tnb191v2, OID: 1.2.840.10045.1.0.6 */ + /** Two Curve c2tnb191v2, OID: 1.2.840.10045.3.0.6 */ static final ASN1ObjectIdentifier c2tnb191v2 = cTwoCurve.branch("6"); - /** Two Curve c2tnb191v3, OID: 1.2.840.10045.1.0.7 */ + /** Two Curve c2tnb191v3, OID: 1.2.840.10045.3.0.7 */ static final ASN1ObjectIdentifier c2tnb191v3 = cTwoCurve.branch("7"); - /** Two Curve c2onb191v4, OID: 1.2.840.10045.1.0.8 */ + /** Two Curve c2onb191v4, OID: 1.2.840.10045.3.0.8 */ static final ASN1ObjectIdentifier c2onb191v4 = cTwoCurve.branch("8"); - /** Two Curve c2onb191v5, OID: 1.2.840.10045.1.0.9 */ + /** Two Curve c2onb191v5, OID: 1.2.840.10045.3.0.9 */ static final ASN1ObjectIdentifier c2onb191v5 = cTwoCurve.branch("9"); - /** Two Curve c2pnb208w1, OID: 1.2.840.10045.1.0.10 */ + /** Two Curve c2pnb208w1, OID: 1.2.840.10045.3.0.10 */ static final ASN1ObjectIdentifier c2pnb208w1 = cTwoCurve.branch("10"); - /** Two Curve c2tnb239v1, OID: 1.2.840.10045.1.0.11 */ + /** Two Curve c2tnb239v1, OID: 1.2.840.10045.3.0.11 */ static final ASN1ObjectIdentifier c2tnb239v1 = cTwoCurve.branch("11"); - /** Two Curve c2tnb239v2, OID: 1.2.840.10045.1.0.12 */ + /** Two Curve c2tnb239v2, OID: 1.2.840.10045.3.0.12 */ static final ASN1ObjectIdentifier c2tnb239v2 = cTwoCurve.branch("12"); - /** Two Curve c2tnb239v3, OID: 1.2.840.10045.1.0.13 */ + /** Two Curve c2tnb239v3, OID: 1.2.840.10045.3.0.13 */ static final ASN1ObjectIdentifier c2tnb239v3 = cTwoCurve.branch("13"); - /** Two Curve c2onb239v4, OID: 1.2.840.10045.1.0.14 */ + /** Two Curve c2onb239v4, OID: 1.2.840.10045.3.0.14 */ static final ASN1ObjectIdentifier c2onb239v4 = cTwoCurve.branch("14"); - /** Two Curve c2onb239v5, OID: 1.2.840.10045.1.0.15 */ + /** Two Curve c2onb239v5, OID: 1.2.840.10045.3.0.15 */ static final ASN1ObjectIdentifier c2onb239v5 = cTwoCurve.branch("15"); - /** Two Curve c2pnb272w1, OID: 1.2.840.10045.1.0.16 */ + /** Two Curve c2pnb272w1, OID: 1.2.840.10045.3.0.16 */ static final ASN1ObjectIdentifier c2pnb272w1 = cTwoCurve.branch("16"); - /** Two Curve c2pnb304w1, OID: 1.2.840.10045.1.0.17 */ + /** Two Curve c2pnb304w1, OID: 1.2.840.10045.3.0.17 */ static final ASN1ObjectIdentifier c2pnb304w1 = cTwoCurve.branch("17"); - /** Two Curve c2tnb359v1, OID: 1.2.840.10045.1.0.18 */ + /** Two Curve c2tnb359v1, OID: 1.2.840.10045.3.0.18 */ static final ASN1ObjectIdentifier c2tnb359v1 = cTwoCurve.branch("18"); - /** Two Curve c2pnb368w1, OID: 1.2.840.10045.1.0.19 */ + /** Two Curve c2pnb368w1, OID: 1.2.840.10045.3.0.19 */ static final ASN1ObjectIdentifier c2pnb368w1 = cTwoCurve.branch("19"); - /** Two Curve c2tnb431r1, OID: 1.2.840.10045.1.0.20 */ + /** Two Curve c2tnb431r1, OID: 1.2.840.10045.3.0.20 */ static final ASN1ObjectIdentifier c2tnb431r1 = cTwoCurve.branch("20"); /** * Prime Curves * <p> - * OID: 1.2.840.10045.1.1 + * OID: 1.2.840.10045.3.1 */ static final ASN1ObjectIdentifier primeCurve = ellipticCurve.branch("1"); - /** Prime Curve prime192v1, OID: 1.2.840.10045.1.1.1 */ + /** Prime Curve prime192v1, OID: 1.2.840.10045.3.1.1 */ static final ASN1ObjectIdentifier prime192v1 = primeCurve.branch("1"); - /** Prime Curve prime192v2, OID: 1.2.840.10045.1.1.2 */ + /** Prime Curve prime192v2, OID: 1.2.840.10045.3.1.2 */ static final ASN1ObjectIdentifier prime192v2 = primeCurve.branch("2"); - /** Prime Curve prime192v3, OID: 1.2.840.10045.1.1.3 */ + /** Prime Curve prime192v3, OID: 1.2.840.10045.3.1.3 */ static final ASN1ObjectIdentifier prime192v3 = primeCurve.branch("3"); - /** Prime Curve prime239v1, OID: 1.2.840.10045.1.1.4 */ + /** Prime Curve prime239v1, OID: 1.2.840.10045.3.1.4 */ static final ASN1ObjectIdentifier prime239v1 = primeCurve.branch("4"); - /** Prime Curve prime239v2, OID: 1.2.840.10045.1.1.5 */ + /** Prime Curve prime239v2, OID: 1.2.840.10045.3.1.5 */ static final ASN1ObjectIdentifier prime239v2 = primeCurve.branch("5"); - /** Prime Curve prime239v3, OID: 1.2.840.10045.1.1.6 */ + /** Prime Curve prime239v3, OID: 1.2.840.10045.3.1.6 */ static final ASN1ObjectIdentifier prime239v3 = primeCurve.branch("6"); - /** Prime Curve prime256v1, OID: 1.2.840.10045.1.1.7 */ + /** Prime Curve prime256v1, OID: 1.2.840.10045.3.1.7 */ static final ASN1ObjectIdentifier prime256v1 = primeCurve.branch("7"); /** diff --git a/bcprov/src/main/java/org/bouncycastle/asn1/x9/package.html b/bcprov/src/main/java/org/bouncycastle/asn1/x9/package.html new file mode 100644 index 00000000..42fc97c7 --- /dev/null +++ b/bcprov/src/main/java/org/bouncycastle/asn1/x9/package.html @@ -0,0 +1,5 @@ +<html> +<body bgcolor="#ffffff"> +Support classes useful for encoding and supporting X9.62 elliptic curve. +</body> +</html> |