package org.uic.barcode.test; import java.security.InvalidKeyException; import java.security.KeyPair; import java.security.KeyPairGenerator; import java.security.NoSuchAlgorithmException; import java.security.NoSuchProviderException; import java.security.PrivateKey; import java.security.Provider; import java.security.SecureRandom; import java.security.Security; import java.security.Signature; import java.security.SignatureException; import java.security.spec.ECGenParameterSpec; import org.bouncycastle.jce.provider.BouncyCastleProvider; import org.junit.Before; import org.junit.Test; import org.uic.barcode.dynamicFrame.Constants; import org.uic.barcode.utils.AlgorithmNameResolver; import org.uic.barcode.utils.SecurityUtils; public class SecurityUtilsTest { public KeyPair keyPairCk = null; public KeyPair keyPairCr = null; public KeyPair keyPairDsa = null; public KeyPair keyPairECDSACk = null; public KeyPair keyPairECDSACr = null; public Provider provider = null; @Before public void initialize() { provider = new BouncyCastleProvider(); Security.addProvider(new BouncyCastleProvider()); try { keyPairCk = generateECKeys(Constants.KG_EC_256, "secp256k1"); keyPairCr = generateECKeys(Constants.KG_EC_256, "secp256r1"); keyPairECDSACk = generateECDSAKeys(Constants.KG_EC_256, "secp256k1"); keyPairECDSACr = generateECDSAKeys(Constants.KG_EC_256, "secp256r1"); keyPairDsa = generateDsaKeys(); } catch (Exception e) { assert(false); } assert(keyPairCk != null); assert(keyPairCr != null); assert(keyPairDsa != null); } @Test public void testFindPublicKeyProvider() { Provider p = null; boolean canSign = false; p = SecurityUtils.findPublicKeyProvider(Constants.KG_EC_256,keyPairCk.getPublic().getEncoded()); assert (p != null); canSign = testSignature(p,Constants.ECDSA_SHA256,keyPairCk.getPrivate()); assert(canSign == true); p = SecurityUtils.findPublicKeyProvider(Constants.KG_EC_256,keyPairCr.getPublic().getEncoded()); assert (p != null); canSign = testSignature(p,Constants.ECDSA_SHA256,keyPairCr.getPrivate()); assert(canSign == true); p = SecurityUtils.findPublicKeyProvider(Constants.KG_EC_256,keyPairECDSACk.getPublic().getEncoded()); assert (p != null); canSign = testSignature(p,Constants.ECDSA_SHA256,keyPairECDSACk.getPrivate()); assert(canSign == true); p = SecurityUtils.findPublicKeyProvider(Constants.KG_EC_256,keyPairECDSACr.getPublic().getEncoded()); assert (p != null); canSign = testSignature(p,Constants.ECDSA_SHA256,keyPairECDSACr.getPrivate()); assert(canSign == true); p = SecurityUtils.findPublicKeyProvider("1.2.840.10040",keyPairDsa.getPublic().getEncoded()); assert (p != null); canSign = testSignature(p,Constants.DSA_SHA256,keyPairDsa.getPrivate()); assert(canSign == true); } @Test public void testFindSignatureAlgorithmProvider() { Provider p = null; boolean canSign = false; p = SecurityUtils.findPrivateKeyProvider(keyPairCk.getPrivate()); assert (p != null); canSign = testSignature(p,Constants.ECDSA_SHA256,keyPairCk.getPrivate()); assert(canSign == true); p = SecurityUtils.findPrivateKeyProvider(keyPairCr.getPrivate()); assert (p != null); canSign = testSignature(p,Constants.ECDSA_SHA256,keyPairCr.getPrivate()); assert(canSign == true); p = SecurityUtils.findPrivateKeyProvider(keyPairECDSACk.getPrivate()); assert (p != null); canSign = testSignature(p,Constants.ECDSA_SHA256,keyPairECDSACk.getPrivate()); assert(canSign == true); p = SecurityUtils.findPrivateKeyProvider(keyPairECDSACr.getPrivate()); assert (p != null); canSign = testSignature(p,Constants.ECDSA_SHA256,keyPairECDSACr.getPrivate()); assert(canSign == true); p = SecurityUtils.findPrivateKeyProvider(keyPairDsa.getPrivate()); assert (p != null); canSign = testSignature(p,Constants.DSA_SHA256,keyPairDsa.getPrivate()); assert(canSign == true); } public KeyPair generateECKeys(String keyAlgorithmOid, String curve) throws Exception{ //ECNamedCurveGenParameterSpec namedParamSpec = new ECNamedCurveGenParameterSpec(elipticCurve); ECGenParameterSpec namedParamSpec = new ECGenParameterSpec(curve); KeyPairGenerator ecKPGen = KeyPairGenerator.getInstance("EC", "BC"); ecKPGen.initialize(namedParamSpec, new SecureRandom()); KeyPair keyPair = ecKPGen.generateKeyPair(); KeyPair kp = new KeyPair(SecurityUtils.convert(keyPair.getPublic(), provider),SecurityUtils.convert(keyPair.getPrivate(), provider)); return kp; } public KeyPair generateECDSAKeys(String keyAlgorithmOid, String curve) throws Exception{ //ECNamedCurveGenParameterSpec namedParamSpec = new ECNamedCurveGenParameterSpec(elipticCurve); ECGenParameterSpec namedParamSpec = new ECGenParameterSpec(curve); KeyPairGenerator ecKPGen = KeyPairGenerator.getInstance("ECDSA", "BC"); ecKPGen.initialize(namedParamSpec, new SecureRandom()); KeyPair keyPair = ecKPGen.generateKeyPair(); KeyPair kp = new KeyPair(SecurityUtils.convert(keyPair.getPublic(), provider),SecurityUtils.convert(keyPair.getPrivate(), provider)); return kp; } private KeyPair generateDsaKeys() { KeyPairGenerator g = null; try { g = KeyPairGenerator.getInstance("DSA", "BC"); } catch (NoSuchAlgorithmException e) { assert(false); } catch (NoSuchProviderException e) { assert(false); } g.initialize(1024, new SecureRandom()); KeyPair keyPair = g.generateKeyPair(); KeyPair kp = new KeyPair(SecurityUtils.convert(keyPair.getPublic(), provider),SecurityUtils.convert(keyPair.getPrivate(), provider)); return kp; } private boolean testSignature(Provider provider, String signatureAlgorithmOid, PrivateKey privateKey) { String sigAlgName = null; try { sigAlgName = AlgorithmNameResolver.getSignatureAlgorithmName(signatureAlgorithmOid,provider); } catch (Exception e) { assert(false); } assert(sigAlgName != null); Signature sig = null; try { sig = Signature.getInstance(sigAlgName,provider); } catch (Exception e) { assert (false); } try { sig.initSign(privateKey); } catch (InvalidKeyException e) { assert(false); } try { sig.update("ABCDEFGHI".getBytes()); } catch (SignatureException e) { assert(false); } byte[] signature = null; try { signature = sig.sign(); } catch (SignatureException e) { assert(false); } assert(signature != null); assert(signature.length > 5); return true; } }