KickJava   Java API By Example, From Geeks To Geeks.

Java > Open Source Codes > se > anatom > ejbca > util > TestKeyTools


1 /*************************************************************************
2  * *
3  * EJBCA: The OpenSource Certificate Authority *
4  * *
5  * This software is free software; you can redistribute it and/or *
6  * modify it under the terms of the GNU Lesser General Public *
7  * License as published by the Free Software Foundation; either *
8  * version 2.1 of the License, or any later version. *
9  * *
10  * See terms of license at gnu.org. *
11  * *
12  *************************************************************************/

13
14 package se.anatom.ejbca.util;
15
16 import java.io.ByteArrayInputStream JavaDoc;
17 import java.io.ByteArrayOutputStream JavaDoc;
18 import java.security.KeyFactory JavaDoc;
19 import java.security.KeyPair JavaDoc;
20 import java.security.KeyStore JavaDoc;
21 import java.security.PrivateKey JavaDoc;
22 import java.security.cert.Certificate JavaDoc;
23 import java.security.cert.X509Certificate JavaDoc;
24 import java.security.spec.PKCS8EncodedKeySpec JavaDoc;
25
26 import junit.framework.TestCase;
27
28 import org.apache.log4j.Logger;
29 import org.ejbca.core.model.ca.catoken.CATokenConstants;
30 import org.ejbca.core.model.ca.catoken.CATokenInfo;
31 import org.ejbca.util.Base64;
32 import org.ejbca.util.CertTools;
33 import org.ejbca.util.KeyTools;
34
35 /**
36  * Tests the CertTools class .
37  *
38  * @version $Id: TestKeyTools.java,v 1.3 2006/10/31 08:24:53 anatom Exp $
39  */

40 public class TestKeyTools extends TestCase {
41
42     private static Logger log = Logger.getLogger(TestKeyTools.class);
43
44     static byte[] ks3 = Base64.decode(("MIACAQMwgAYJKoZIhvcNAQcBoIAkgASCAyYwgDCABgkqhkiG9w0BBwGggCSABIID"
45             + "DjCCAwowggMGBgsqhkiG9w0BDAoBAqCCAqkwggKlMCcGCiqGSIb3DQEMAQMwGQQU"
46             + "/h0pQXq7ZVjYWlDvzEwwmiJ8O8oCAWQEggJ4MZ12+kTVGd1w7SP4ZWlq0bCc4MsJ"
47             + "O0FFSX3xeVp8Bx16io1WkEFOW3xfqjuxKOL6YN9atoOZdfhlOMhmbhglm2PJSzIg"
48             + "JSDHvWk2xKels5vh4hY1iXWOh48077Us4wP4Qt94iKglCq4xwxYcSCW8BJwbu93F"
49             + "uxE1twnWXbH192nMhaeIAy0v4COdduQamJEtHRmIJ4GZwIhH+lNHj/ARdIfNw0Dm"
50             + "uPspuSu7rh6rQ8SrRsjg63EoxfSH4Lz6zIJKF0OjNX07T8TetFgznCdGCrqOZ1fK"
51             + "5oRzXIA9hi6UICiuLSm4EoHzEpifCObpiApwNj3Kmp2uyz2uipU0UKhf/WqvmU96"
52             + "yJj6j1JjZB6p+9sgecPFj1UMWhEFTwxMEwR7iZDvjkKDNWMit+0cQyeS7U0Lxn3u"
53             + "m2g5e6C/1akwHZsioLC5OpFq/BkPtnbtuy4Kr5Kwb2y7vSiKpjFr7sKInjdAsgCi"
54             + "8kyUV8MyaIfZdtREjwqBe0imfP+IPVqAsl1wGW95YXsLlK+4P1bspAgeHdDq7Q91"
55             + "bJJQAS5OTD38i1NY6MRtt/fWsShVBLjf2FzNpw6siHHl2N7BDNyO3ALtgfp50e0Z"
56             + "Dsw5WArgKLiXfwZIrIKbYA73RFc10ReDqnJSF+NXgBo1/i4WhZLHC1Osl5UoKt9q"
57             + "UoXIUmYhAwdAT5ZKVw6A8yp4e270yZTXNsDz8u/onEwNc1iM0v0RnPQhNE5sKEZH"
58             + "QrMxttiwbKe3YshCjbruz/27XnNA51t2p1M6eC1HRab4xSHAyH5NTxGJ8yKhOfiT"
59             + "aBKqdTH3P7QzlcoCUDVDDe7aLMaZEf+a2Te63cZTuUVpkysxSjAjBgkqhkiG9w0B"
60             + "CRQxFh4UAHAAcgBpAHYAYQB0AGUASwBlAHkwIwYJKoZIhvcNAQkVMRYEFCfeHSg6"
61             + "EdeP5A1IC8ydjyrjyFSdAAQBAAQBAAQBAAQBAASCCBoAMIAGCSqGSIb3DQEHBqCA"
62             + "MIACAQAwgAYJKoZIhvcNAQcBMCcGCiqGSIb3DQEMAQYwGQQURNy47tUcttscSleo"
63             + "8gY6ZAPFOl0CAWSggASCB8jdZ+wffUP1B25Ys48OFBMg/itT0EBS6J+dYVofZ84c"
64             + "x41q9U+CRMZJwVNZbkqfRZ+F3tLORSwuIcwyioa2/JUpv8uJCjQ2tru5+HtqCrzR"
65             + "Huh7TfdiMqvjkKpnXi69DPPjQdCSPwYMy1ahZrP5KgEZg4S92xpU2unF1kKQ30Pq"
66             + "PTEBueDlFC39rojp51Wsnqb1QzjPo53YvJQ8ztCoG0yk+0omELyPbc/qMKe5/g5h"
67             + "Lx7Q+2D0PC/ZHtoDkCRfMDKwgwALFsSj2uWNJsCplspmc7YgIzSr/GqqeSXHp4Ue"
68             + "dwVJAswrhpkXZTlp1rtl/lCSFl9akwjY1fI144zfpYKpLqfoHL1uI1c3OumrFzHd"
69             + "ZldZYgsM/h3qjgu8qcXqI0sKVXsffcftCaVs+Bxmdu9vpY15rlx1e0an/O05nMKU"
70             + "MBU2XpGkmWxuy0tOKs3QtGzHUJR5+RdEPURctRyZocEjJgTvaIMq1dy/FIaBhi+d"
71             + "IeAbFmjBu7cv9C9v/jMuUjLroycmo7QW9jGgyTOQ68J+6w2/PtqiqIo3Ry9WC0SQ"
72             + "8+fVNOGLr5O2YPpw17sDQa/+2gjozngvL0OHiABwQ3EbXAQLF046VYkTi5R+8iGV"
73             + "3jlTvvStIKY06E/s/ih86bzwJWAQENCazXErN69JO+K3IUiwxac+1AOO5WyR9qyv"
74             + "6m/yHdIdbOVE21M2RARbI8UiDpRihCzk4duPfj/x2bZyFqLclIMhbTd2UOQQvr+W"
75             + "4etpMJRtyFGhdLmNgYAhYrbUgmdL1kRkzPzOs77PqleMpfkii7HPk3HlVkM7NIqd"
76             + "dN0WQaQwGJuh5f1ynhyqtsaw6Gu/X56H7hpziAh0eSDQ5roRE7yy98h2Mcwb2wtY"
77             + "PqVFTmoKuRWR2H5tT6gCaAM3xiSC7RLa5SF1hYQGaqunqBaNPYyUIg/r03dfwF9r"
78             + "AkOhh6Mq7Z2ktzadWTxPl8OtIZFVeyqIOtSKBHhJyGDGiz3+SSnTnSX81NaTSJYZ"
79             + "7YTiXkXvSYNpjpPckIKfjpBw0T4pOva3a6s1z5p94Dkl4kz/zOmgveGd3dal6wUV"
80             + "n3TR+2cyv51WcnvB9RIp58SJOc+CvCvYTvkEdvE2QtRw3wt4ngGJ5pxmC+7+8fCf"
81             + "hRDzw9LBNz/ry88y/0Bidpbhwr8gEkmHuaLp43WGQQsQ+cWYJ8AeLZMvKplbCWqy"
82             + "iuks0MnKeaC5dcB+3BL55OvcTfGkMtz0oYBkcGBTbbR8BKJZgkIAx7Q+/rCaqv6H"
83             + "HN/cH5p8iz5k+R3MkmR3gi6ktelQ2zx1pbPz3IqR67cTX3IyTX56F2aY54ueY17m"
84             + "7hFwSy4aMen27EO06DXn/b6vPKj73ClE2B/IPHO/H2e8r04JWMltFWuStV0If5x0"
85             + "5ZImXx068Xw34eqSWvoMzr97xDxUwdlFgrKrkMKNoTDhA4afrZ/lwHdUbNzh6cht"
86             + "jHW/IfIaMo3NldN/ihO851D399FMsWZW7YA7//RrWzBDiLvh+RfwkMOfEpbujy0G"
87             + "73rO/Feed2MoVXvmuKBRpTNyFuBVvFDwIzBT4m/RaVf5m1pvprSk3lo43aumdN9f"
88             + "NDETktVZ/CYaKlYK8rLcNBKJicM5+maiQSTa06XZXDMY84Q0xtCqJ/aUH4sa/z8j"
89             + "KukVUSyUZDJk/O82B3NA4+CoP3Xyc9LAUKucUvoOmGt2JCw6goB/vqeZEg9Tli0Q"
90             + "+aRer720QdVRkPVXKSshL2FoXHWUMaBF8r//zT6HbjTNQEdxbRcBNvkUXUHzITfl"
91             + "YjQcEn+FGrF8+HVdXCKzSXSgu7mSouYyJmZh42spUFCa4j60Ks1fhQb2H1p72nJD"
92             + "n1mC5sZkU68ITVu1juVl/L2WJPmWfasb1Ihnm9caJ/mEE/i1iKp7qaY9DPTw5hw4"
93             + "3QplYWFv47UA/sOmnWwupRuPk7ISdimuUnih8OYR75rJ0z6OYexvj/2svx9/O5Mw"
94             + "654jFF2hAq69jt7GJo6VZaeCRCAxEU7N97l3EjqaKJVrpIPQ+3yLmqHit/CWxImB"
95             + "iIl3sW7MDEHgPdQy3QiZmAYNLQ0Te0ygcIHwtPyzhFoFmjbQwib2vxDqWaMQpUM1"
96             + "/W96R/vbCjA7tfKYchImwAPCyRM5Je2FHewErG413kZct5tJ1JqkcjPsP7Q8kmgw"
97             + "Ec5QNq1/PZOzL1ZLr6ryfA4gLBXa6bJmf43TUkdFYTvIYbvH2jp4wpAtA152YgPI"
98             + "FL19/Tv0B3Bmb1qaK+FKiiQmYfVOm/J86i/L3b8Z3jj8dRWEBztaI/KazZ/ZVcs/"
99             + "50bF9jH7y5+2uZxByjkM/kM/Ov9zIHbYdxLw2KHnHsGKTCooSSWvPupQLBGgkd6P"
100             + "M9mgE6MntS+lk9ucpP5j1LXo5zlZaLSwrvSzE3/bbWJKsJuomhRbKeZ+qSYOWvPl"
101             + "/1RqREyZHbSDKzVk39oxH9EI9EWKlCbrz5EHWiSv0+9HPczxbO3q+YfqcY8plPYX"
102             + "BvgxHUeDR+LxaAEcVEX6wd2Pky8pVwxQydU4cEgohrgZnKhxxLAvCp5sb9kgqCrh"
103             + "luvBsHpmiUSCi/r0PNXDgApvTrVS/Yv0jTpX9u9IWMmNMrnskdcP7tpEdkw8/dpf"
104             + "RFLLgqwmNEhCggfbyT0JIUxf2rldKwd6N1wZozaBg1uKjNmAhJc1RxsABAEABAEA"
105             + "BAEABAEABAEABAEABAEABAEABAEABAEABAEAAAAAAAAAMDwwITAJBgUrDgMCGgUA"
106             + "BBSS2GOUxqv3IT+aesPrMPNn9RQ//gQUYhjCLPh/h2ULjh+1L2s3f5JIZf0CAWQA"
107             + "AA==").getBytes());
108
109     static byte[] keys1024bit = Base64.decode(("MIICeAIBADANBgkqhkiG9w0BAQEFAASCAmIwggJeAgEAAoGBAKA5rNhYbPuVcArT"
110             + "mkthfrW2tX1Z7SkCD01sDYrkiwOcodFmS1cSyz8eHM51iwHA7CW0WFvfUjomBT5y"
111             + "gRQfIsf5M5DUtYcKM1hmGKSPzvmF4nYv+3UBUesCvBXVRN/wFZ44SZZ3CVvpQUYb"
112             + "GWjyC+Dgol5n8oKOC287rnZUPEW5AgMBAAECgYEAhMtoeyLGqLlRVFfOoL1cVGTr"
113             + "BMp8ail/30435y7GHKc74p6iwLcd5uEhROhc3oYz8ogHV5W+w9zxKbGjU7b+jmh+"
114             + "h/WFao+Gu3sSrZ7ieg95fSuQsBlJp3w+eCAOZwlEu/JQQHDtURui25SPVblZ9/41"
115             + "u8VwFjk9YQx+nT6LclECQQDYlC9bOr1SWL8PBlipXB/UszMsTM5xEH920A+JPF4E"
116             + "4tw+AHecanjr5bXSluRbWSWUjtl5LV2edqAP9EsH1/A1AkEAvWOctUvTlm6fWHJq"
117             + "lZhsWVvOhDG7cn5gFu34J8JJd5QHov0469CpSamY0Q/mPE/y3kDllmyYvnQ+yobB"
118             + "ZRg39QJBAINCM/0/eVQ58vlBKGTkL2pyfNYhapB9pjK04GWVD4o4j7CICfXjVYvq"
119             + "eSq7RoTSX4NMnCLjyrRqQpHIxdxoE+0CQQCz7MzWWGF+Cz6LUrf7w0E8a8H5SR4i"
120             + "GfnEDvSxIR2W4yWWLShEsIoEF4G9LHO5XOMJT3JOxIEgf2OgGQHmv2l5AkBThYUo"
121             + "ni82jZuue3YqXXHY2lz3rVmooAv7LfQ63yzHECFsQz7kDwuRVWWRsoCOURtymAHp"
122             + "La09g2BE+Q5oUUFx").getBytes());
123
124     /** self signed cert done with above private key */
125     static byte[] certbytes = Base64.decode(("MIICNzCCAaCgAwIBAgIIIOqiVwJHz+8wDQYJKoZIhvcNAQEFBQAwKzENMAsGA1UE"
126             + "AxMEVGVzdDENMAsGA1UEChMEVGVzdDELMAkGA1UEBhMCU0UwHhcNMDQwNTA4MDkx"
127             + "ODMwWhcNMDUwNTA4MDkyODMwWjArMQ0wCwYDVQQDEwRUZXN0MQ0wCwYDVQQKEwRU"
128             + "ZXN0MQswCQYDVQQGEwJTRTCBnzANBgkqhkiG9w0BAQEFAAOBjQAwgYkCgYEAgbf2"
129             + "Sv34lsY43C8WJjbUd57TNuHJ6p2Es7ojS3D2yxtzQg/A8wL1OfXes344PPNGHkDd"
130             + "QPBaaWYQrvLvqpjKwx/vA1835L3I92MsGs+uivq5L5oHfCxEh8Kwb9J2p3xjgeWX"
131             + "YdZM5dBj3zzyu+Jer4iU4oCAnnyG+OlVnPsFt6ECAwEAAaNkMGIwDwYDVR0TAQH/"
132             + "BAUwAwEB/zAPBgNVHQ8BAf8EBQMDBwYAMB0GA1UdDgQWBBQArVZXuGqbb9yhBLbu"
133             + "XfzjSuXfHTAfBgNVHSMEGDAWgBQArVZXuGqbb9yhBLbuXfzjSuXfHTANBgkqhkiG"
134             + "9w0BAQUFAAOBgQA1cB6wWzC2rUKBjFAzfkLvDUS3vEMy7ntYMqqQd6+5s1LHCoPw"
135             + "eaR42kMWCxAbdSRgv5ATM0JU3Q9jWbLO54FkJDzq+vw2TaX+Y5T+UL1V0o4TPKxp"
136             + "nKuay+xl5aoUcVEs3h3uJDjcpgMAtyusMEyv4d+RFYvWJWFzRTKDueyanw==").getBytes());
137
138     static String JavaDoc storepwd = "foo123";
139     static String JavaDoc pkAlias = "privateKey";
140
141     public TestKeyTools(String JavaDoc name) {
142         super(name);
143     }
144
145     protected void setUp() throws Exception JavaDoc {
146         log.debug(">setUp()");
147         // Install BouncyCastle provider
148
CertTools.installBCProvider();
149         log.debug("<setUp()");
150
151     }
152
153     protected void tearDown() throws Exception JavaDoc {
154     }
155
156     public void test01GetCertChain() throws Exception JavaDoc {
157         log.debug(">test01GetCertChain()");
158         KeyStore JavaDoc store = KeyStore.getInstance("PKCS12", "BC");
159         ByteArrayInputStream JavaDoc fis = new ByteArrayInputStream JavaDoc(ks3);
160         store.load(fis, storepwd.toCharArray());
161         Certificate JavaDoc[] certs = KeyTools.getCertChain(store, pkAlias);
162         log.debug("Number of certs: " + certs.length);
163         assertEquals("Wrong number of certs returned", 3, certs.length);
164         for (int i = 0; i < certs.length; i++) {
165             X509Certificate JavaDoc cert = (X509Certificate JavaDoc) certs[i];
166             log.debug("SubjectDN: " + cert.getSubjectDN().toString());
167             if (i == 0) assertEquals("Wrong subjectDN", cert.getSubjectDN().toString(), "CN=fooca,C=SE");
168             if (i == 1) assertEquals("Wrong subjectDN", cert.getSubjectDN().toString(), "CN=TestSubCA,O=AnaTom,C=SE");
169             if (i == 2) assertEquals("Wrong subjectDN", cert.getSubjectDN().toString(), "CN=TestCA,O=AnaTom,C=SE");
170         }
171         log.debug("<test01GetCertChain()");
172     }
173
174     public void test02GenKeysRSA() throws Exception JavaDoc {
175         log.debug(">test02GenKeysRSA()");
176         KeyPair JavaDoc keys = KeyTools.genKeys("512", CATokenConstants.KEYALGORITHM_RSA);
177         assertNotNull("keys must not be null", keys);
178         String JavaDoc b64private = new String JavaDoc(Base64.encode(keys.getPrivate().getEncoded()));
179         assertNotNull("b64private must not be null", b64private);
180         //System.out.println(b64private);
181
X509Certificate JavaDoc cert = CertTools.genSelfCert("C=SE,O=Test,CN=Test", 365, null, keys.getPrivate(), keys.getPublic(), CATokenInfo.SIGALG_SHA1_WITH_RSA, true);
182         assertNotNull("cert must not be null", cert);
183         String JavaDoc b64cert = new String JavaDoc(Base64.encode(cert.getEncoded()));
184         assertNotNull("b64cert cannot be null", b64cert);
185         //System.out.println(b64cert);
186
log.debug("<test02GenKeysRSA()");
187     }
188
189     public void test03CreateP12() throws Exception JavaDoc {
190         log.debug(">test03CreateP12()");
191         X509Certificate JavaDoc cert = CertTools.getCertfromByteArray(certbytes);
192         PKCS8EncodedKeySpec JavaDoc pkKeySpec = new PKCS8EncodedKeySpec JavaDoc(keys1024bit);
193         KeyFactory JavaDoc keyFactory = KeyFactory.getInstance("RSA");
194         PrivateKey JavaDoc pk = keyFactory.generatePrivate(pkKeySpec);
195         KeyStore JavaDoc ks = KeyTools.createP12("Foo", pk, cert, (X509Certificate JavaDoc) null);
196         assertNotNull("ks must not be null", ks);
197         ByteArrayOutputStream JavaDoc baos = new ByteArrayOutputStream JavaDoc();
198         // If password below is more than 7 chars, strong crypto is needed
199
ks.store(baos, "foo123".toCharArray());
200         assertTrue("baos size must not be 0", baos.size() > 0);
201         log.debug("<test03CreateP12()");
202     }
203
204     public void test03GenKeysECDSAx9() throws Exception JavaDoc {
205         log.debug(">test03GenKeysECDSA()");
206         KeyPair JavaDoc keys = KeyTools.genKeys("prime192v1", CATokenConstants.KEYALGORITHM_ECDSA);
207         assertNotNull("keys must not be null", keys);
208         String JavaDoc b64private = new String JavaDoc(Base64.encode(keys.getPrivate().getEncoded()));
209         assertNotNull("b64private must not be null", b64private);
210         //System.out.println(b64private);
211
X509Certificate JavaDoc cert = CertTools.genSelfCert("C=SE,O=Test,CN=Test", 365, null, keys.getPrivate(), keys.getPublic(), CATokenInfo.SIGALG_SHA256_WITH_ECDSA, true);
212         //System.out.println(cert);
213
assertNotNull("cert must not be null", cert);
214         String JavaDoc b64cert = new String JavaDoc(Base64.encode(cert.getEncoded()));
215         assertNotNull("b64cert cannot be null", b64cert);
216         //System.out.println(b64cert);
217
log.debug("<test03GenKeysECDSA()");
218     }
219
220     public void test04GenKeysECDSANist() throws Exception JavaDoc {
221         log.debug(">test04GenKeysECDSANist()");
222         KeyPair JavaDoc keys = KeyTools.genKeys("secp384r1", CATokenConstants.KEYALGORITHM_ECDSA);
223         assertNotNull("keys must not be null", keys);
224         String JavaDoc b64private = new String JavaDoc(Base64.encode(keys.getPrivate().getEncoded()));
225         assertNotNull("b64private must not be null", b64private);
226         //System.out.println(b64private);
227
X509Certificate JavaDoc cert = CertTools.genSelfCert("C=SE,O=Test,CN=Test", 365, null, keys.getPrivate(), keys.getPublic(), CATokenInfo.SIGALG_SHA256_WITH_ECDSA, true);
228         //System.out.println(cert);
229
assertNotNull("cert must not be null", cert);
230         String JavaDoc b64cert = new String JavaDoc(Base64.encode(cert.getEncoded()));
231         assertNotNull("b64cert cannot be null", b64cert);
232         System.out.println(b64cert);
233         log.debug("<test04GenKeysECDSANist()");
234     }
235     
236     public void test05GenKeysECDSAImplicitlyCA() throws Exception JavaDoc {
237         log.debug(">test05GenKeysECDSAImplicitlyCA()");
238         KeyPair JavaDoc keys = KeyTools.genKeys("implicitlyCA", CATokenConstants.KEYALGORITHM_ECDSA);
239         assertNotNull("keys must not be null", keys);
240         String JavaDoc b64private = new String JavaDoc(Base64.encode(keys.getPrivate().getEncoded()));
241         assertNotNull("b64private must not be null", b64private);
242         //System.out.println(b64private);
243
X509Certificate JavaDoc cert = CertTools.genSelfCert("C=SE,O=Test,CN=Test", 365, null, keys.getPrivate(), keys.getPublic(), CATokenInfo.SIGALG_SHA256_WITH_ECDSA, true);
244         //System.out.println(cert);
245
assertNotNull("cert must not be null", cert);
246         String JavaDoc b64cert = new String JavaDoc(Base64.encode(cert.getEncoded()));
247         assertNotNull("b64cert cannot be null", b64cert);
248         System.out.println(b64cert);
249         log.debug("<test05GenKeysECDSAImplicitlyCA()");
250     }
251 }
252
Popular Tags