public void testKEKDESede() throws Exception { tryKekAlgorithm( CMSTestUtil.makeDesede192Key(), new ASN1ObjectIdentifier("1.2.840.113549.1.9.16.3.6")); DEROctetString iv = new DEROctetString(Hex.decode("0001020304050607")); tryKekAlgorithm( CMSTestUtil.makeDesede192Key(), new ASN1ObjectIdentifier("1.2.840.113549.1.9.16.3.6"), iv.getEncoded()); }
private void init() throws Exception { if (!_initialised) { _initialised = true; _origDN = "O=Bouncy Castle, C=AU"; _origKP = CMSTestUtil.makeKeyPair(); _origCert = CMSTestUtil.makeCertificate(_origKP, _origDN, _origKP, _origDN); _signDN = "CN=Bob, OU=Sales, O=Bouncy Castle, C=AU"; _signKP = CMSTestUtil.makeKeyPair(); _signCert = CMSTestUtil.makeCertificate(_signKP, _signDN, _origKP, _origDN); } }
private static void init() throws Exception { if (!_initialised) { _initialised = true; Security.addProvider(new org.bouncycastle.jce.provider.BouncyCastleProvider()); _signDN = "O=Bouncy Castle, C=AU"; _signKP = CMSTestUtil.makeKeyPair(); _signCert = CMSTestUtil.makeCertificate(_signKP, _signDN, _signKP, _signDN); _origDN = "CN=Bob, OU=Sales, O=Bouncy Castle, C=AU"; _origKP = CMSTestUtil.makeKeyPair(); _origCert = CMSTestUtil.makeCertificate(_origKP, _origDN, _signKP, _signDN); _reciDN = "CN=Doug, OU=Sales, O=Bouncy Castle, C=AU"; _reciKP = CMSTestUtil.makeKeyPair(); _reciCert = CMSTestUtil.makeCertificate(_reciKP, _reciDN, _signKP, _signDN); _origEcKP = CMSTestUtil.makeEcDsaKeyPair(); _reciEcKP = CMSTestUtil.makeEcDsaKeyPair(); _reciEcCert = CMSTestUtil.makeCertificate(_reciEcKP, _reciDN, _signKP, _signDN); } }
public void testCMSAlgorithmProtection() throws Exception { byte[] data = "Eric H. Echidna".getBytes(); CMSAuthenticatedDataGenerator adGen = new CMSAuthenticatedDataGenerator(); DigestCalculatorProvider calcProvider = new JcaDigestCalculatorProviderBuilder().setProvider(BC).build(); byte[] kekId = new byte[] {1, 2, 3, 4, 5}; SecretKey kek = CMSTestUtil.makeDesede192Key(); adGen.addRecipientInfoGenerator(new JceKEKRecipientInfoGenerator(kekId, kek).setProvider(BC)); CMSAuthenticatedData ad = adGen.generate( new CMSProcessableByteArray(data), new JceCMSMacCalculatorBuilder(CMSAlgorithm.DES_EDE3_CBC).setProvider(BC).build(), calcProvider.get(new AlgorithmIdentifier(OIWObjectIdentifiers.idSHA1))); checkData(data, kek, ad); ContentInfo adInfo = ad.toASN1Structure(); AuthenticatedData iAd = AuthenticatedData.getInstance(adInfo.getContent().toASN1Primitive().getEncoded()); try { new CMSAuthenticatedData( new ContentInfo( CMSObjectIdentifiers.authenticatedData, new AuthenticatedData( iAd.getOriginatorInfo(), iAd.getRecipientInfos(), iAd.getMacAlgorithm(), new AlgorithmIdentifier(TeleTrusTObjectIdentifiers.ripemd160, DERNull.INSTANCE), iAd.getEncapsulatedContentInfo(), iAd.getAuthAttrs(), iAd.getMac(), iAd.getUnauthAttrs())), calcProvider); } catch (CMSException e) { Assert.assertEquals( e.getMessage(), "CMS Algorithm Identifier Protection check failed for digestAlgorithm"); } AlgorithmIdentifier newDigAlgId = new AlgorithmIdentifier(OIWObjectIdentifiers.idSHA1, DERNull.INSTANCE); Assert.assertFalse(iAd.getDigestAlgorithm().equals(newDigAlgId)); checkData( data, kek, new CMSAuthenticatedData( new ContentInfo( CMSObjectIdentifiers.authenticatedData, new AuthenticatedData( iAd.getOriginatorInfo(), iAd.getRecipientInfos(), iAd.getMacAlgorithm(), newDigAlgId, iAd.getEncapsulatedContentInfo(), iAd.getAuthAttrs(), iAd.getMac(), iAd.getUnauthAttrs())), calcProvider)); try { new CMSAuthenticatedData( new ContentInfo( CMSObjectIdentifiers.authenticatedData, new AuthenticatedData( iAd.getOriginatorInfo(), iAd.getRecipientInfos(), new AlgorithmIdentifier(CMSAlgorithm.AES192_CBC), iAd.getDigestAlgorithm(), iAd.getEncapsulatedContentInfo(), iAd.getAuthAttrs(), iAd.getMac(), iAd.getUnauthAttrs())), calcProvider); } catch (CMSException e) { Assert.assertEquals( e.getMessage(), "CMS Algorithm Identifier Protection check failed for macAlgorithm"); } try { AlgorithmIdentifier newMacAlgId = new AlgorithmIdentifier(CMSAlgorithm.DES_EDE3_CBC); Assert.assertFalse(iAd.getMacAlgorithm().equals(newMacAlgId)); new CMSAuthenticatedData( new ContentInfo( CMSObjectIdentifiers.authenticatedData, new AuthenticatedData( iAd.getOriginatorInfo(), iAd.getRecipientInfos(), newMacAlgId, iAd.getDigestAlgorithm(), iAd.getEncapsulatedContentInfo(), iAd.getAuthAttrs(), iAd.getMac(), iAd.getUnauthAttrs())), calcProvider); } catch (CMSException e) { Assert.assertEquals( e.getMessage(), "CMS Algorithm Identifier Protection check failed for macAlgorithm"); } }
public void testKEKDESedeWithDigest() throws Exception { tryKekAlgorithmWithDigest( CMSTestUtil.makeDesede192Key(), new ASN1ObjectIdentifier("1.2.840.113549.1.9.16.3.6")); }