📄 pkcs12storetest.java

📁 kmlnjlkj nlkjlkjkljl okopokipoipo oipipipo i
💻 JAVA
📖 第 1 页 / 共 3 页
字号:
上一页 1 23
                //        // failure tests        //        ch = store.getCertificateChain("dummy");        store.getCertificateChain("DUMMY");                store.getCertificate("dummy");        store.getCertificate("DUMMY");        //        // storage test        //        store = KeyStore.getInstance("PKCS12", "BC");        stream = new ByteArrayInputStream(pkcs12StorageIssue);        store.load(stream, storagePassword);        en = store.aliases();        pName = null;        while (en.hasMoreElements())        {             String  n = (String)en.nextElement();             if (store.isKeyEntry(n))             {                 pName = n;             }        }                ch = store.getCertificateChain(pName);        if (ch.length != 2)        {            fail("Certificate chain wrong length");        }        store.store(new ByteArrayOutputStream(), storagePassword);                //        // basic certificate check        //        store.setCertificateEntry("cert", ch[1]);                if (!store.containsAlias("cert") || !store.containsAlias("CERT"))        {            fail("couldn't find alias cert");        }                if (!store.isCertificateEntry("cert") || !store.isCertificateEntry("CERT"))        {            fail("cert not identified as certificate entry");        }                if (store.isKeyEntry("cert") || store.isKeyEntry("CERT"))        {            fail("cert identified as key entry");        }                if (!store.entryInstanceOf("cert", KeyStore.TrustedCertificateEntry.class))        {            fail("cert not identified as TrustedCertificateEntry");        }                if (!store.entryInstanceOf("CERT", KeyStore.TrustedCertificateEntry.class))        {            fail("CERT not identified as TrustedCertificateEntry");        }        if (store.entryInstanceOf("cert", KeyStore.PrivateKeyEntry.class))        {            fail("cert identified as key entry via PrivateKeyEntry");        }            if (!"cert".equals(store.getCertificateAlias(ch[1])))        {            fail("Did not return alias for certificate entry");        }        //        // test restoring of a certificate with private key originally as a ca certificate        //        store = KeyStore.getInstance("PKCS12", "BC");                store.load(null, null);                store.setCertificateEntry("cert", ch[0]);        if (!store.containsAlias("cert") || !store.containsAlias("CERT"))        {            fail("restore: couldn't find alias cert");        }                if (!store.isCertificateEntry("cert") || !store.isCertificateEntry("CERT"))        {            fail("restore: cert not identified as certificate entry");        }                if (store.isKeyEntry("cert") || store.isKeyEntry("CERT"))        {            fail("restore: cert identified as key entry");        }                if (store.entryInstanceOf("cert", KeyStore.PrivateKeyEntry.class))        {            fail("restore: cert identified as key entry via PrivateKeyEntry");        }                if (store.entryInstanceOf("CERT", KeyStore.PrivateKeyEntry.class))        {            fail("restore: cert identified as key entry via PrivateKeyEntry");        }                if (!store.entryInstanceOf("cert", KeyStore.TrustedCertificateEntry.class))        {            fail("restore: cert not identified as TrustedCertificateEntry");        }                //        // test of reading incorrect zero-length encoding        //        store = KeyStore.getInstance("PKCS12", "BC");        stream = new ByteArrayInputStream(pkcs12nopass);                store.load(stream, "".toCharArray());    }    private void testSupportedTypes(PrivateKey privKey, Certificate[] chain)        throws Exception    {        basicStoreTest(privKey, chain, "PKCS12");        basicStoreTest(privKey, chain, "BCPKCS12");        basicStoreTest(privKey, chain, "PKCS12-DEF");        basicStoreTest(privKey, chain, "PKCS12-3DES-40RC2");        basicStoreTest(privKey, chain, "PKCS12-3DES-3DES");        basicStoreTest(privKey, chain, "PKCS12-DEF-3DES-40RC2");        basicStoreTest(privKey, chain, "PKCS12-DEF-3DES-3DES");    }    private void basicStoreTest(PrivateKey privKey, Certificate[] chain, String type)        throws Exception    {        KeyStore store = KeyStore.getInstance(type, "BC");        store.load(null, null);        store.setKeyEntry("key", privKey, null, chain);        ByteArrayOutputStream bOut = new ByteArrayOutputStream();        store.store(bOut, passwd);        store.load(new ByteArrayInputStream(bOut.toByteArray()), passwd);        Key k = store.getKey("key", null);        if (!k.equals(privKey))        {            fail("private key didn't match");        }        Certificate[] c = store.getCertificateChain("key");        if (c.length != chain.length || !c[0].equals(chain[0]))        {            fail("certificates didn't match");        }        if (type.contains("DEF"))        {            if (c[0] instanceof X509CertificateObject)            {                fail("wrong certificate type found");            }        }        // check attributes        PKCS12BagAttributeCarrier b1 = (PKCS12BagAttributeCarrier)k;        PKCS12BagAttributeCarrier b2 = (PKCS12BagAttributeCarrier)chain[0];        if (b1.getBagAttribute(PKCSObjectIdentifiers.pkcs_9_at_friendlyName) != null)        {            DERBMPString name = (DERBMPString)b1.getBagAttribute(PKCSObjectIdentifiers.pkcs_9_at_friendlyName);            if (!name.equals(new DERBMPString("key")))            {                fail("friendly name wrong");            }        }        else        {            fail("no friendly name found on key");        }        if (b1.getBagAttribute(PKCSObjectIdentifiers.pkcs_9_at_localKeyId) != null)        {            ASN1OctetString id = (ASN1OctetString)b1.getBagAttribute(PKCSObjectIdentifiers.pkcs_9_at_localKeyId);            if (!id.equals(b2.getBagAttribute(PKCSObjectIdentifiers.pkcs_9_at_localKeyId)))            {                fail("local key id mismatch");            }        }        else        {            fail("no local key id found");        }        //        // check algorithm types.        //        ASN1InputStream aIn = new ASN1InputStream(bOut.toByteArray());        Pfx pfx = new Pfx((ASN1Sequence)aIn.readObject());        ContentInfo cInfo = pfx.getAuthSafe();        ASN1OctetString auth = (ASN1OctetString)cInfo.getContent();        aIn = new ASN1InputStream(auth.getOctets());        ASN1Sequence s1 = (ASN1Sequence)aIn.readObject();        ContentInfo c1 = ContentInfo.getInstance(s1.getObjectAt(0));        ContentInfo c2 = ContentInfo.getInstance(s1.getObjectAt(1));        aIn = new ASN1InputStream(((ASN1OctetString)c1.getContent()).getOctets());        SafeBag sb = new SafeBag((ASN1Sequence)(((ASN1Sequence)aIn.readObject()).getObjectAt(0)));        EncryptedPrivateKeyInfo encInfo = EncryptedPrivateKeyInfo.getInstance(sb.getBagValue());        if (!encInfo.getEncryptionAlgorithm().getObjectId().equals(PKCSObjectIdentifiers.pbeWithSHAAnd3_KeyTripleDES_CBC))        {            fail("key encryption algorithm wrong");        }        // check the key encryption        // check the certificate encryption        EncryptedData cb = new EncryptedData((ASN1Sequence)c2.getContent());        if (type.endsWith("3DES"))        {            if (!cb.getEncryptionAlgorithm().getObjectId().equals(PKCSObjectIdentifiers.pbeWithSHAAnd3_KeyTripleDES_CBC))            {                fail("expected 3DES found: " + cb.getEncryptionAlgorithm().getObjectId());            }        }        else if (type.endsWith("40RC2"))        {            if (!cb.getEncryptionAlgorithm().getObjectId().equals(PKCSObjectIdentifiers.pbewithSHAAnd40BitRC2_CBC))            {                fail("expected 40 bit RC2 found: " + cb.getEncryptionAlgorithm().getObjectId());            }        }        else        {            if (!cb.getEncryptionAlgorithm().getObjectId().equals(PKCSObjectIdentifiers.pbewithSHAAnd40BitRC2_CBC))            {                fail("expected 40 bit RC2 found: " + cb.getEncryptionAlgorithm().getObjectId());            }        }    }    private void testNoExtraLocalKeyID(byte[] store1data)        throws Exception    {        KeyPairGenerator kpg = KeyPairGenerator.getInstance("RSA", "BC");        kpg.initialize(512);        KeyPair newPair = kpg.genKeyPair();        KeyStore store1 = KeyStore.getInstance("PKCS12", "BC");        store1.load(new ByteArrayInputStream(store1data), passwd);        KeyStore store2 = KeyStore.getInstance("PKCS12", "BC");        store2.load(null, null);                PrivateKey k1 = (PrivateKey)store1.getKey("privatekey", null);        Certificate[] chain1 = store1.getCertificateChain("privatekey");        Certificate[] chain2 = new Certificate[chain1.length + 1];        System.arraycopy(chain1, 0, chain2, 1, chain1.length);        chain2[0] = createCert(newPair.getPublic(), k1, "subject@bouncycastle.org", "extra@bouncycaste.org");        if (((PKCS12BagAttributeCarrier)chain1[0]).getBagAttribute(PKCSObjectIdentifiers.pkcs_9_at_localKeyId) == null)        {            fail("localKeyID not found initially");        }                store2.setKeyEntry("new", newPair.getPrivate(), null, chain2);        ByteArrayOutputStream bOut = new ByteArrayOutputStream();        store2.store(bOut, passwd);        store2.load(new ByteArrayInputStream(bOut.toByteArray()), passwd);        chain2 = store2.getCertificateChain("new");        if (((PKCS12BagAttributeCarrier)chain2[1]).getBagAttribute(PKCSObjectIdentifiers.pkcs_9_at_localKeyId) != null)        {            fail("localKeyID found after save");        }    }    public String getName()    {        return "PKCS12Store";    }    public void performTest()        throws Exception    {        testPKCS12Store();    }    public static void main(        String[]    args)    {        Security.addProvider(new BouncyCastleProvider());        runTest(new PKCS12StoreTest());    }}
上一页 1 23
💿 文件大小 1729 K
👤 上传用户 xinxinduan
📂 所属分类加密解密
🏷️ 相关标签

#okopokipoipo #nlkjlkjkljl #kmlnjlkj #oipipipo
⌨️ 快捷键说明

复制代码 Ctrl + C
搜索代码 Ctrl + F
全屏模式 F11
切换主题 Ctrl + Shift + D
显示快捷键 ?
增大字号 Ctrl + =
减小字号 Ctrl + -