Source Code Cross Referenced for TSPTestUtil.java in  » Security » Bouncy-Castle » org » bouncycastle » tsp » test » Java Source Code / Java DocumentationJava Source Code and Java Documentation

001:        package org.bouncycastle.tsp.test;
002:
003:        import java.io.ByteArrayInputStream;
004:        import java.io.IOException;
005:        import java.math.BigInteger;
006:        import java.security.GeneralSecurityException;
007:        import java.security.KeyPair;
008:        import java.security.KeyPairGenerator;
009:        import java.security.PrivateKey;
010:        import java.security.PublicKey;
011:        import java.security.SecureRandom;
012:        import java.security.cert.X509Certificate;
013:        import java.util.Date;
014:
015:        import javax.crypto.KeyGenerator;
016:        import javax.crypto.SecretKey;
017:
018:        import org.bouncycastle.asn1.ASN1InputStream;
019:        import org.bouncycastle.asn1.ASN1Sequence;
020:        import org.bouncycastle.asn1.DERObjectIdentifier;
021:        import org.bouncycastle.asn1.DERSequence;
022:        import org.bouncycastle.asn1.x509.AuthorityKeyIdentifier;
023:        import org.bouncycastle.asn1.x509.BasicConstraints;
024:        import org.bouncycastle.asn1.x509.ExtendedKeyUsage;
025:        import org.bouncycastle.asn1.x509.GeneralName;
026:        import org.bouncycastle.asn1.x509.GeneralNames;
027:        import org.bouncycastle.asn1.x509.KeyPurposeId;
028:        import org.bouncycastle.asn1.x509.SubjectKeyIdentifier;
029:        import org.bouncycastle.asn1.x509.SubjectPublicKeyInfo;
030:        import org.bouncycastle.asn1.x509.X509Extensions;
031:        import org.bouncycastle.asn1.x509.X509Name;
032:        import org.bouncycastle.x509.X509V3CertificateGenerator;
033:        import org.bouncycastle.util.encoders.Base64;
034:
035:        public class TSPTestUtil {
036:
037:            public static SecureRandom rand = new SecureRandom();
038:
039:            public static KeyPairGenerator kpg;
040:
041:            public static KeyGenerator desede128kg;
042:
043:            public static KeyGenerator desede192kg;
044:
045:            public static KeyGenerator rc240kg;
046:
047:            public static KeyGenerator rc264kg;
048:
049:            public static KeyGenerator rc2128kg;
050:
051:            public static BigInteger serialNumber = BigInteger.ONE;
052:
053:            public static final boolean DEBUG = true;
054:
055:            public static DERObjectIdentifier EuroPKI_TSA_Test_Policy = new DERObjectIdentifier(
056:                    "1.3.6.1.4.1.5255.5.1");
057:
058:            static {
059:                try {
060:                    rand = new SecureRandom();
061:
062:                    kpg = KeyPairGenerator.getInstance("RSA", "BC");
063:                    kpg.initialize(1024, rand);
064:
065:                    desede128kg = KeyGenerator.getInstance("DESEDE", "BC");
066:                    desede128kg.init(112, rand);
067:
068:                    desede192kg = KeyGenerator.getInstance("DESEDE", "BC");
069:                    desede192kg.init(168, rand);
070:
071:                    rc240kg = KeyGenerator.getInstance("RC2", "BC");
072:                    rc240kg.init(40, rand);
073:
074:                    rc264kg = KeyGenerator.getInstance("RC2", "BC");
075:                    rc264kg.init(64, rand);
076:
077:                    rc2128kg = KeyGenerator.getInstance("RC2", "BC");
078:                    rc2128kg.init(128, rand);
079:
080:                    serialNumber = new BigInteger("1");
081:                } catch (Exception ex) {
082:                    throw new RuntimeException(ex.toString());
083:                }
084:            }
085:
086:            public static String dumpBase64(byte[] data) {
087:                StringBuffer buf = new StringBuffer();
088:
089:                data = Base64.encode(data);
090:
091:                for (int i = 0; i < data.length; i += 64) {
092:                    if (i + 64 < data.length) {
093:                        buf.append(new String(data, i, 64));
094:                    } else {
095:                        buf.append(new String(data, i, data.length - i));
096:                    }
097:                    buf.append('\n');
098:                }
099:
100:                return buf.toString();
101:            }
102:
103:            public static KeyPair makeKeyPair() {
104:                return kpg.generateKeyPair();
105:            }
106:
107:            public static SecretKey makeDesede128Key() {
108:                return desede128kg.generateKey();
109:            }
110:
111:            public static SecretKey makeDesede192Key() {
112:                return desede192kg.generateKey();
113:            }
114:
115:            public static SecretKey makeRC240Key() {
116:                return rc240kg.generateKey();
117:            }
118:
119:            public static SecretKey makeRC264Key() {
120:                return rc264kg.generateKey();
121:            }
122:
123:            public static SecretKey makeRC2128Key() {
124:                return rc2128kg.generateKey();
125:            }
126:
127:            public static X509Certificate makeCertificate(KeyPair _subKP,
128:                    String _subDN, KeyPair _issKP, String _issDN)
129:                    throws GeneralSecurityException, IOException {
130:
131:                return makeCertificate(_subKP, _subDN, _issKP, _issDN, false);
132:            }
133:
134:            public static X509Certificate makeCACertificate(KeyPair _subKP,
135:                    String _subDN, KeyPair _issKP, String _issDN)
136:                    throws GeneralSecurityException, IOException {
137:
138:                return makeCertificate(_subKP, _subDN, _issKP, _issDN, true);
139:            }
140:
141:            public static X509Certificate makeCertificate(KeyPair _subKP,
142:                    String _subDN, KeyPair _issKP, String _issDN, boolean _ca)
143:                    throws GeneralSecurityException, IOException {
144:
145:                PublicKey _subPub = _subKP.getPublic();
146:                PrivateKey _issPriv = _issKP.getPrivate();
147:                PublicKey _issPub = _issKP.getPublic();
148:
149:                X509V3CertificateGenerator _v3CertGen = new X509V3CertificateGenerator();
150:
151:                _v3CertGen.reset();
152:                _v3CertGen.setSerialNumber(allocateSerialNumber());
153:                _v3CertGen.setIssuerDN(new X509Name(_issDN));
154:                _v3CertGen.setNotBefore(new Date(System.currentTimeMillis()));
155:                _v3CertGen.setNotAfter(new Date(System.currentTimeMillis()
156:                        + (1000L * 60 * 60 * 24 * 100)));
157:                _v3CertGen.setSubjectDN(new X509Name(_subDN));
158:                _v3CertGen.setPublicKey(_subPub);
159:                _v3CertGen.setSignatureAlgorithm("MD5WithRSAEncryption");
160:
161:                _v3CertGen.addExtension(X509Extensions.SubjectKeyIdentifier,
162:                        false, createSubjectKeyId(_subPub));
163:
164:                _v3CertGen.addExtension(X509Extensions.AuthorityKeyIdentifier,
165:                        false, createAuthorityKeyId(_issPub));
166:
167:                if (_ca) {
168:                    _v3CertGen.addExtension(X509Extensions.BasicConstraints,
169:                            false, new BasicConstraints(_ca));
170:                } else {
171:                    _v3CertGen.addExtension(X509Extensions.ExtendedKeyUsage,
172:                            true, new ExtendedKeyUsage(new DERSequence(
173:                                    KeyPurposeId.id_kp_timeStamping)));
174:                }
175:
176:                X509Certificate _cert = _v3CertGen
177:                        .generateX509Certificate(_issPriv);
178:
179:                _cert.checkValidity(new Date());
180:                _cert.verify(_issPub);
181:
182:                return _cert;
183:            }
184:
185:            /*  
186:             *  
187:             *  INTERNAL METHODS
188:             *  
189:             */
190:
191:            private static AuthorityKeyIdentifier createAuthorityKeyId(
192:                    PublicKey _pubKey) throws IOException {
193:
194:                ByteArrayInputStream _bais = new ByteArrayInputStream(_pubKey
195:                        .getEncoded());
196:                SubjectPublicKeyInfo _info = new SubjectPublicKeyInfo(
197:                        (ASN1Sequence) new ASN1InputStream(_bais).readObject());
198:
199:                return new AuthorityKeyIdentifier(_info);
200:            }
201:
202:            private static AuthorityKeyIdentifier createAuthorityKeyId(
203:                    PublicKey _pubKey, X509Name _name, int _sNumber)
204:                    throws IOException {
205:
206:                ByteArrayInputStream _bais = new ByteArrayInputStream(_pubKey
207:                        .getEncoded());
208:                SubjectPublicKeyInfo _info = new SubjectPublicKeyInfo(
209:                        (ASN1Sequence) new ASN1InputStream(_bais).readObject());
210:
211:                GeneralName _genName = new GeneralName(_name);
212:
213:                return new AuthorityKeyIdentifier(_info, new GeneralNames(
214:                        new DERSequence(_genName)), BigInteger
215:                        .valueOf(_sNumber));
216:
217:            }
218:
219:            private static SubjectKeyIdentifier createSubjectKeyId(
220:                    PublicKey _pubKey) throws IOException {
221:
222:                ByteArrayInputStream _bais = new ByteArrayInputStream(_pubKey
223:                        .getEncoded());
224:                SubjectPublicKeyInfo _info = new SubjectPublicKeyInfo(
225:                        (ASN1Sequence) new ASN1InputStream(_bais).readObject());
226:                return new SubjectKeyIdentifier(_info);
227:            }
228:
229:            private static BigInteger allocateSerialNumber() {
230:                BigInteger _tmp = serialNumber;
231:                serialNumber = serialNumber.add(BigInteger.ONE);
232:                return _tmp;
233:            }
234:        }