001: /*************************************************************************
002: * *
003: * EJBCA: The OpenSource Certificate Authority *
004: * *
005: * This software is free software; you can redistribute it and/or *
006: * modify it under the terms of the GNU Lesser General Public *
007: * License as published by the Free Software Foundation; either *
008: * version 2.1 of the License, or any later version. *
009: * *
010: * See terms of license at gnu.org. *
011: * *
012: *************************************************************************/package org.ejbca.core.protocol.xkms;
013:
014: import java.io.ByteArrayInputStream;
015: import java.io.ByteArrayOutputStream;
016: import java.math.BigInteger;
017: import java.security.KeyFactory;
018: import java.security.KeyPair;
019: import java.security.cert.X509Certificate;
020: import java.security.interfaces.RSAPrivateCrtKey;
021: import java.security.interfaces.RSAPrivateKey;
022: import java.security.interfaces.RSAPublicKey;
023: import java.security.spec.RSAPublicKeySpec;
024:
025: import javax.crypto.SecretKey;
026: import javax.xml.bind.JAXBContext;
027: import javax.xml.bind.JAXBElement;
028: import javax.xml.bind.JAXBException;
029: import javax.xml.bind.Marshaller;
030: import javax.xml.bind.PropertyException;
031: import javax.xml.bind.Unmarshaller;
032: import javax.xml.parsers.DocumentBuilder;
033: import javax.xml.parsers.DocumentBuilderFactory;
034:
035: import junit.framework.TestCase;
036:
037: import org.apache.log4j.Logger;
038: import org.apache.xml.security.utils.XMLUtils;
039: import org.bouncycastle.util.encoders.Hex;
040: import org.ejbca.core.protocol.xkms.common.XKMSConstants;
041: import org.ejbca.core.protocol.xkms.common.XKMSNamespacePrefixMapper;
042: import org.ejbca.core.protocol.xkms.common.XKMSUtil;
043: import org.ejbca.util.Base64;
044: import org.ejbca.util.CertTools;
045: import org.ejbca.util.KeyTools;
046: import org.w3._2000._09.xmldsig_.KeyInfoType;
047: import org.w3._2000._09.xmldsig_.RSAKeyValueType;
048: import org.w3._2002._03.xkms_.ObjectFactory;
049: import org.w3._2002._03.xkms_.PrivateKeyType;
050: import org.w3._2002._03.xkms_.PrototypeKeyBindingType;
051: import org.w3._2002._03.xkms_.RegisterRequestType;
052: import org.w3._2002._03.xkms_.RegisterResultType;
053: import org.w3._2002._03.xkms_.UseKeyWithType;
054: import org.w3c.dom.Document;
055:
056: /**
057: *
058: *
059: *
060: * @author Philip Vendil 2006 sep 27
061: *
062: * @version $Id: TestXKMSEnc.java,v 1.3 2007/02/02 09:37:47 anatom Exp $
063: */
064:
065: public class TestXKMSEnc extends TestCase {
066:
067: private static Logger log = Logger.getLogger(TestXKMSEnc.class);
068:
069: private ObjectFactory xKMSObjectFactory = new ObjectFactory();
070: private org.w3._2000._09.xmldsig_.ObjectFactory sigFactory = new org.w3._2000._09.xmldsig_.ObjectFactory();
071:
072: private static JAXBContext jAXBContext = null;
073: private static Marshaller marshaller = null;
074: private static Unmarshaller unmarshaller = null;
075: private static DocumentBuilderFactory dbf = null;
076:
077: static {
078: try {
079: CertTools.installBCProvider();
080: org.apache.xml.security.Init.init();
081:
082: jAXBContext = JAXBContext
083: .newInstance("org.w3._2002._03.xkms_:org.w3._2001._04.xmlenc_:org.w3._2000._09.xmldsig_");
084: marshaller = jAXBContext.createMarshaller();
085: try {
086: marshaller.setProperty(
087: "com.sun.xml.bind.namespacePrefixMapper",
088: new XKMSNamespacePrefixMapper());
089: } catch (PropertyException e) {
090: log.error(
091: "Error registering namespace mapper property",
092: e);
093: }
094: dbf = DocumentBuilderFactory.newInstance();
095: dbf.setNamespaceAware(true);
096: unmarshaller = jAXBContext.createUnmarshaller();
097:
098: } catch (JAXBException e) {
099: log
100: .error(
101: "Error initializing RequestAbstractTypeResponseGenerator",
102: e);
103: }
104:
105: }
106:
107: protected void setUp() throws Exception {
108: log.debug(">setUp()");
109:
110: log.debug("<setUp()");
111: }
112:
113: protected void tearDown() throws Exception {
114: }
115:
116: public void test01KeyEncryption() throws Exception {
117: DocumentBuilder db = dbf.newDocumentBuilder();
118: KeyPair keys = KeyTools.genKeys("1024", "RSA");
119: RegisterResultType registerResultType = xKMSObjectFactory
120: .createRegisterResultType();
121: JAXBElement<RegisterResultType> registerResult = xKMSObjectFactory
122: .createRegisterResult(registerResultType);
123:
124: PrivateKeyType privateKeyType1 = XKMSUtil
125: .getEncryptedXMLFromPrivateKey((RSAPrivateCrtKey) keys
126: .getPrivate(), "This is total crap");
127: registerResultType.setPrivateKey(privateKeyType1);
128:
129: System.out.print("\n\n");
130:
131: Document registerResultDoc = db.newDocument();
132: marshaller.marshal(registerResult, registerResultDoc);
133:
134: XMLUtils.outputDOM(registerResultDoc, System.out);
135:
136: ByteArrayOutputStream baos = new ByteArrayOutputStream();
137: XMLUtils.outputDOM(registerResultDoc, baos);
138: ByteArrayInputStream bais = new ByteArrayInputStream(baos
139: .toByteArray());
140:
141: System.out.print("\n\n");
142:
143: JAXBElement<RegisterResultType> registerResult2 = (JAXBElement<RegisterResultType>) unmarshaller
144: .unmarshal(bais);
145: registerResultType = registerResult2.getValue();
146:
147: PrivateKeyType privateKeyType2 = registerResultType
148: .getPrivateKey();
149:
150: RSAPrivateKey privkey2 = XKMSUtil
151: .getPrivateKeyFromEncryptedXML(privateKeyType2,
152: "This is total crap");
153:
154: X509Certificate cert = CertTools.genSelfCert("CN=test", 10,
155: null, privkey2, keys.getPublic(), "SHA1WithRSA", true);
156:
157: cert.verify(keys.getPublic());
158: }
159:
160: public void test02TestAliceRegistrationAuthenticationKey()
161: throws Exception {
162: String authenticationData = "024837";
163:
164: SecretKey retval = XKMSUtil.getSecretKeyFromPassphrase(
165: authenticationData, true, 20,
166: XKMSUtil.KEY_AUTHENTICATION);
167:
168: assertTrue(retval.getEncoded().length == 20);
169:
170: ByteArrayOutputStream baos = new ByteArrayOutputStream();
171: Hex.encode(retval.getEncoded(), baos);
172:
173: String resultString = new String(baos.toByteArray());
174: assertTrue(resultString
175: .equalsIgnoreCase("d6cc34cb83fae2993a393aa8e7de9a06c7fa2c92"));
176: }
177:
178: public void test03TestBOBRegistrationPrivateKeyEncryption()
179: throws Exception {
180:
181: String authenticationData = "3N9CJ-K4JKS-04JWF-0934J-SR09JW-IK4";
182:
183: SecretKey retval = XKMSUtil.getSecretKeyFromPassphrase(
184: authenticationData, true, 24,
185: XKMSUtil.KEY_PRIVATEKEYDATA);
186:
187: assertTrue(retval.getEncoded().length == 24);
188:
189: ByteArrayOutputStream baos = new ByteArrayOutputStream();
190: Hex.encode(retval.getEncoded(), baos);
191:
192: String resultString = new String(baos.toByteArray());
193: System.out.println(resultString);
194: assertTrue(resultString
195: .equalsIgnoreCase("78e8bbf532d01dece38aa9d2a4a409dbff1a265cdbae1b95"));
196:
197: }
198:
199: public void test04TestRevocationCodeIdentifyerGeneration()
200: throws Exception {
201: System.out.println("\n");
202: String authenticationData = "Help I Have Revealed My Key";
203:
204: ByteArrayOutputStream baos = new ByteArrayOutputStream();
205: Hex.encode(authenticationData.getBytes(), baos);
206:
207: String resultString = new String(baos.toByteArray());
208: System.out.println(resultString);
209: assertTrue(resultString
210: .equalsIgnoreCase("48656c70204920486176652052657665616c6564204d79204b6579"));
211:
212: SecretKey key1 = XKMSUtil.getSecretKeyFromPassphrase(
213: authenticationData, true, 20,
214: XKMSUtil.KEY_REVOCATIONCODEIDENTIFIER_PASS1);
215:
216: assertTrue(key1.getEncoded().length == 20);
217:
218: baos = new ByteArrayOutputStream();
219: Hex.encode(key1.getEncoded(), baos);
220:
221: resultString = new String(baos.toByteArray());
222: System.out.println(resultString);
223: assertTrue(resultString
224: .equalsIgnoreCase("1c0857c95458c26f44327efd0ef055b08cad5c78"));
225:
226: SecretKey key2 = XKMSUtil.getSecretKeyFromPassphrase(
227: new String(key1.getEncoded(), "ISO8859-1"), false, 20,
228: XKMSUtil.KEY_REVOCATIONCODEIDENTIFIER_PASS2);
229:
230: assertTrue(key2.getEncoded().length == 20);
231:
232: baos = new ByteArrayOutputStream();
233: Hex.encode(key2.getEncoded(), baos);
234:
235: resultString = new String(baos.toByteArray());
236: System.out.println(resultString);
237: assertTrue(resultString
238: .equalsIgnoreCase("e6b44dd9c39988c95c889c41a9a7a5ad90c2cd21"));
239:
240: String byte64String = new String(Base64.encode(key2
241: .getEncoded(), false));
242: System.out.println(byte64String);
243: assertTrue(byte64String.equals("5rRN2cOZiMlciJxBqaelrZDCzSE="));
244: }
245:
246: public void test04TestPublicKeyExtraction() throws Exception {
247: DocumentBuilder db = dbf.newDocumentBuilder();
248: KeyPair keys = KeyTools.genKeys("1024", "RSA");
249:
250: RegisterRequestType registerRequestType = xKMSObjectFactory
251: .createRegisterRequestType();
252: registerRequestType.setId("523");
253:
254: UseKeyWithType useKeyWithType = xKMSObjectFactory
255: .createUseKeyWithType();
256: useKeyWithType.setApplication(XKMSConstants.USEKEYWITH_PKIX);
257: useKeyWithType.setIdentifier("CN=Test Testarsson");
258:
259: registerRequestType.getRespondWith().add(
260: XKMSConstants.RESPONDWITH_X509CHAIN);
261:
262: KeyInfoType keyInfoType = sigFactory.createKeyInfoType();
263: RSAKeyValueType rsaKeyValueType = sigFactory
264: .createRSAKeyValueType();
265: rsaKeyValueType.setExponent(((RSAPublicKey) keys.getPublic())
266: .getPublicExponent().toByteArray());
267: rsaKeyValueType.setModulus(((RSAPublicKey) keys.getPublic())
268: .getModulus().toByteArray());
269: JAXBElement<RSAKeyValueType> rsaKeyValue = sigFactory
270: .createRSAKeyValue(rsaKeyValueType);
271: keyInfoType.getContent().add(rsaKeyValue);
272: PrototypeKeyBindingType prototypeKeyBindingType = xKMSObjectFactory
273: .createPrototypeKeyBindingType();
274: prototypeKeyBindingType.getUseKeyWith().add(useKeyWithType);
275: prototypeKeyBindingType.setKeyInfo(keyInfoType);
276: prototypeKeyBindingType.setId("100231");
277: registerRequestType
278: .setPrototypeKeyBinding(prototypeKeyBindingType);
279: JAXBElement<RegisterRequestType> registerRequest = xKMSObjectFactory
280: .createRegisterRequest(registerRequestType);
281:
282: System.out.print("\n\n");
283:
284: Document registerRequestDoc = db.newDocument();
285: marshaller.marshal(registerRequest, registerRequestDoc);
286:
287: XMLUtils.outputDOM(registerRequestDoc, System.out);
288:
289: ByteArrayOutputStream baos = new ByteArrayOutputStream();
290: XMLUtils.outputDOM(registerRequestDoc, baos);
291: ByteArrayInputStream bais = new ByteArrayInputStream(baos
292: .toByteArray());
293:
294: System.out.print("\n\n");
295:
296: JAXBElement<RegisterRequestType> registerRequest2 = (JAXBElement<RegisterRequestType>) unmarshaller
297: .unmarshal(bais);
298: registerRequestType = registerRequest2.getValue();
299:
300: RSAKeyValueType rSAKeyValueType = (RSAKeyValueType) ((JAXBElement) registerRequestType
301: .getPrototypeKeyBinding().getKeyInfo().getContent()
302: .get(0)).getValue();
303: RSAPublicKeySpec rSAPublicKeySpec = new RSAPublicKeySpec(
304: new BigInteger(rSAKeyValueType.getModulus()),
305: new BigInteger(rSAKeyValueType.getExponent()));
306: RSAPublicKey rSAPublicKey = (RSAPublicKey) KeyFactory
307: .getInstance("RSA").generatePublic(rSAPublicKeySpec);
308:
309: X509Certificate cert = CertTools.genSelfCert("CN=test", 10,
310: null, keys.getPrivate(), rSAPublicKey, "SHA1WithRSA",
311: true);
312:
313: cert.verify(rSAPublicKey);
314:
315: }
316:
317: }
|