jruby-openssl 0.9.4 → 0.14.0-java
Sign up to get free protection for your applications and to get access to all the features.
- checksums.yaml +7 -0
- data/History.md +652 -0
- data/LICENSE.txt +37 -0
- data/Mavenfile +163 -5
- data/README.md +75 -0
- data/Rakefile +52 -2
- data/lib/jopenssl/_compat23.rb +71 -0
- data/lib/jopenssl/load.rb +75 -16
- data/lib/jopenssl/version.rb +9 -4
- data/lib/jopenssl.jar +0 -0
- data/lib/openssl/bn.rb +40 -5
- data/lib/openssl/buffering.rb +477 -4
- data/lib/openssl/cipher.rb +67 -5
- data/lib/openssl/config.rb +500 -4
- data/lib/openssl/digest.rb +73 -5
- data/lib/openssl/hmac.rb +13 -0
- data/lib/openssl/marshal.rb +30 -0
- data/lib/openssl/pkcs12.rb +60 -99
- data/lib/openssl/pkcs5.rb +22 -0
- data/lib/openssl/pkey.rb +42 -0
- data/lib/openssl/ssl.rb +542 -4
- data/lib/openssl/x509.rb +368 -4
- data/lib/openssl.rb +3 -1
- data/lib/org/bouncycastle/bcpkix-jdk18on/1.71/bcpkix-jdk18on-1.71.jar +0 -0
- data/lib/org/bouncycastle/bcprov-jdk18on/1.71/bcprov-jdk18on-1.71.jar +0 -0
- data/lib/org/bouncycastle/bctls-jdk18on/1.71/bctls-jdk18on-1.71.jar +0 -0
- data/lib/org/bouncycastle/bcutil-jdk18on/1.71/bcutil-jdk18on-1.71.jar +0 -0
- data/pom.xml +772 -0
- metadata +40 -107
- data/History.txt +0 -218
- data/License.txt +0 -30
- data/README.txt +0 -13
- data/TODO-1_9-support.txt +0 -23
- data/lib/jopenssl18/openssl/bn.rb +0 -35
- data/lib/jopenssl18/openssl/buffering.rb +0 -241
- data/lib/jopenssl18/openssl/cipher.rb +0 -65
- data/lib/jopenssl18/openssl/config.rb +0 -316
- data/lib/jopenssl18/openssl/digest.rb +0 -61
- data/lib/jopenssl18/openssl/pkcs7.rb +0 -25
- data/lib/jopenssl18/openssl/ssl-internal.rb +0 -179
- data/lib/jopenssl18/openssl/ssl.rb +0 -1
- data/lib/jopenssl18/openssl/x509-internal.rb +0 -153
- data/lib/jopenssl18/openssl/x509.rb +0 -1
- data/lib/jopenssl18/openssl.rb +0 -67
- data/lib/jopenssl19/openssl/bn.rb +0 -35
- data/lib/jopenssl19/openssl/buffering.rb +0 -449
- data/lib/jopenssl19/openssl/cipher.rb +0 -65
- data/lib/jopenssl19/openssl/config.rb +0 -313
- data/lib/jopenssl19/openssl/digest.rb +0 -72
- data/lib/jopenssl19/openssl/ssl-internal.rb +0 -177
- data/lib/jopenssl19/openssl/ssl.rb +0 -2
- data/lib/jopenssl19/openssl/x509-internal.rb +0 -158
- data/lib/jopenssl19/openssl/x509.rb +0 -2
- data/lib/jopenssl19/openssl.rb +0 -23
- data/lib/openssl/pkcs7.rb +0 -5
- data/lib/openssl/ssl-internal.rb +0 -5
- data/lib/openssl/x509-internal.rb +0 -5
- data/test/java/pkcs7_mime_enveloped.message +0 -19
- data/test/java/pkcs7_mime_signed.message +0 -30
- data/test/java/pkcs7_multipart_signed.message +0 -45
- data/test/java/test_java_attribute.rb +0 -25
- data/test/java/test_java_bio.rb +0 -42
- data/test/java/test_java_mime.rb +0 -173
- data/test/java/test_java_pkcs7.rb +0 -772
- data/test/java/test_java_smime.rb +0 -177
- data/test/test_java.rb +0 -98
- data/test/ut_eof.rb +0 -128
@@ -1,772 +0,0 @@
|
|
1
|
-
module PKCS7Test
|
2
|
-
class TestJavaPKCS7 < Test::Unit::TestCase
|
3
|
-
def test_is_signed
|
4
|
-
p7 = PKCS7.new
|
5
|
-
p7.type = ASN1Registry::NID_pkcs7_signed
|
6
|
-
assert p7.signed?
|
7
|
-
assert !p7.encrypted?
|
8
|
-
assert !p7.enveloped?
|
9
|
-
assert !p7.signed_and_enveloped?
|
10
|
-
assert !p7.data?
|
11
|
-
assert !p7.digest?
|
12
|
-
end
|
13
|
-
|
14
|
-
def test_is_encrypted
|
15
|
-
p7 = PKCS7.new
|
16
|
-
p7.type = ASN1Registry::NID_pkcs7_encrypted
|
17
|
-
assert !p7.signed?
|
18
|
-
assert p7.encrypted?
|
19
|
-
assert !p7.enveloped?
|
20
|
-
assert !p7.signed_and_enveloped?
|
21
|
-
assert !p7.data?
|
22
|
-
assert !p7.digest?
|
23
|
-
end
|
24
|
-
|
25
|
-
def test_is_enveloped
|
26
|
-
p7 = PKCS7.new
|
27
|
-
p7.type = ASN1Registry::NID_pkcs7_enveloped
|
28
|
-
assert !p7.signed?
|
29
|
-
assert !p7.encrypted?
|
30
|
-
assert p7.enveloped?
|
31
|
-
assert !p7.signed_and_enveloped?
|
32
|
-
assert !p7.data?
|
33
|
-
assert !p7.digest?
|
34
|
-
end
|
35
|
-
|
36
|
-
def test_is_signed_and_enveloped
|
37
|
-
p7 = PKCS7.new
|
38
|
-
p7.type = ASN1Registry::NID_pkcs7_signedAndEnveloped
|
39
|
-
assert !p7.signed?
|
40
|
-
assert !p7.encrypted?
|
41
|
-
assert !p7.enveloped?
|
42
|
-
assert p7.signed_and_enveloped?
|
43
|
-
assert !p7.data?
|
44
|
-
assert !p7.digest?
|
45
|
-
end
|
46
|
-
|
47
|
-
def test_is_data
|
48
|
-
p7 = PKCS7.new
|
49
|
-
p7.type = ASN1Registry::NID_pkcs7_data
|
50
|
-
assert !p7.signed?
|
51
|
-
assert !p7.encrypted?
|
52
|
-
assert !p7.enveloped?
|
53
|
-
assert !p7.signed_and_enveloped?
|
54
|
-
assert p7.data?
|
55
|
-
assert !p7.digest?
|
56
|
-
end
|
57
|
-
|
58
|
-
def test_is_digest
|
59
|
-
p7 = PKCS7.new
|
60
|
-
p7.type = ASN1Registry::NID_pkcs7_digest
|
61
|
-
assert !p7.signed?
|
62
|
-
assert !p7.encrypted?
|
63
|
-
assert !p7.enveloped?
|
64
|
-
assert !p7.signed_and_enveloped?
|
65
|
-
assert !p7.data?
|
66
|
-
assert p7.digest?
|
67
|
-
end
|
68
|
-
|
69
|
-
def test_set_detached
|
70
|
-
p7 = PKCS7.new
|
71
|
-
p7.type = ASN1Registry::NID_pkcs7_signed
|
72
|
-
|
73
|
-
sign = Signed.new
|
74
|
-
p7.sign = sign
|
75
|
-
|
76
|
-
test_p7 = PKCS7.new
|
77
|
-
test_p7.type = ASN1Registry::NID_pkcs7_data
|
78
|
-
test_p7.data = ASN1::OctetString.new("foo".to_java_bytes)
|
79
|
-
sign.contents = test_p7
|
80
|
-
|
81
|
-
p7.detached = 2
|
82
|
-
assert_equal 1, p7.get_detached
|
83
|
-
assert_equal nil, test_p7.get_data
|
84
|
-
end
|
85
|
-
|
86
|
-
def test_set_not_detached
|
87
|
-
p7 = PKCS7.new
|
88
|
-
p7.type = ASN1Registry::NID_pkcs7_signed
|
89
|
-
|
90
|
-
sign = Signed.new
|
91
|
-
p7.sign = sign
|
92
|
-
|
93
|
-
test_p7 = PKCS7.new
|
94
|
-
test_p7.type = ASN1Registry::NID_pkcs7_data
|
95
|
-
data = ASN1::OctetString.new("foo".to_java_bytes)
|
96
|
-
test_p7.data = data
|
97
|
-
sign.contents = test_p7
|
98
|
-
|
99
|
-
p7.detached = 0
|
100
|
-
assert_equal 0, p7.get_detached
|
101
|
-
assert_equal data, test_p7.get_data
|
102
|
-
end
|
103
|
-
|
104
|
-
def test_is_detached
|
105
|
-
p7 = PKCS7.new
|
106
|
-
p7.type = ASN1Registry::NID_pkcs7_signed
|
107
|
-
|
108
|
-
sign = Signed.new
|
109
|
-
p7.sign = sign
|
110
|
-
|
111
|
-
test_p7 = PKCS7.new
|
112
|
-
test_p7.type = ASN1Registry::NID_pkcs7_data
|
113
|
-
data = ASN1::OctetString.new("foo".to_java_bytes)
|
114
|
-
test_p7.data = data
|
115
|
-
sign.contents = test_p7
|
116
|
-
|
117
|
-
p7.detached = 1
|
118
|
-
assert p7.detached?
|
119
|
-
end
|
120
|
-
|
121
|
-
def test_is_detached_with_wrong_type
|
122
|
-
p7 = PKCS7.new
|
123
|
-
p7.type = ASN1Registry::NID_pkcs7_data
|
124
|
-
|
125
|
-
assert !p7.detached?
|
126
|
-
end
|
127
|
-
|
128
|
-
def _test_encrypt_generates_enveloped_PKCS7_object
|
129
|
-
p7 = PKCS7.encrypt([], "".to_java_bytes, nil, 0)
|
130
|
-
assert !p7.signed?
|
131
|
-
assert !p7.encrypted?
|
132
|
-
assert p7.enveloped?
|
133
|
-
assert !p7.signed_and_enveloped?
|
134
|
-
assert !p7.data?
|
135
|
-
assert !p7.digest?
|
136
|
-
end
|
137
|
-
|
138
|
-
def test_set_type_throws_exception_on_wrong_argument
|
139
|
-
assert_raise NativeException do
|
140
|
-
# 42 is a value that is not one of the valid NID's for type
|
141
|
-
PKCS7.new.type = 42
|
142
|
-
end
|
143
|
-
end
|
144
|
-
|
145
|
-
def test_set_type_signed
|
146
|
-
p7 = PKCS7.new
|
147
|
-
p7.type = ASN1Registry::NID_pkcs7_signed
|
148
|
-
|
149
|
-
assert p7.signed?
|
150
|
-
assert_equal 1, p7.get_sign.version
|
151
|
-
|
152
|
-
assert_nil p7.get_data
|
153
|
-
assert_nil p7.get_enveloped
|
154
|
-
assert_nil p7.get_signed_and_enveloped
|
155
|
-
assert_nil p7.get_digest
|
156
|
-
assert_nil p7.get_encrypted
|
157
|
-
assert_nil p7.get_other
|
158
|
-
end
|
159
|
-
|
160
|
-
def test_set_type_data
|
161
|
-
p7 = PKCS7.new
|
162
|
-
p7.type = ASN1Registry::NID_pkcs7_data
|
163
|
-
|
164
|
-
assert p7.data?
|
165
|
-
assert_equal ASN1::OctetString.new("".to_java_bytes), p7.get_data
|
166
|
-
|
167
|
-
assert_nil p7.get_sign
|
168
|
-
assert_nil p7.get_enveloped
|
169
|
-
assert_nil p7.get_signed_and_enveloped
|
170
|
-
assert_nil p7.get_digest
|
171
|
-
assert_nil p7.get_encrypted
|
172
|
-
assert_nil p7.get_other
|
173
|
-
end
|
174
|
-
|
175
|
-
def test_set_type_signed_and_enveloped
|
176
|
-
p7 = PKCS7.new
|
177
|
-
p7.type = ASN1Registry::NID_pkcs7_signedAndEnveloped
|
178
|
-
|
179
|
-
assert p7.signed_and_enveloped?
|
180
|
-
assert_equal 1, p7.get_signed_and_enveloped.version
|
181
|
-
assert_equal ASN1Registry::NID_pkcs7_data, p7.get_signed_and_enveloped.enc_data.content_type
|
182
|
-
|
183
|
-
assert_nil p7.get_sign
|
184
|
-
assert_nil p7.get_enveloped
|
185
|
-
assert_nil p7.get_data
|
186
|
-
assert_nil p7.get_digest
|
187
|
-
assert_nil p7.get_encrypted
|
188
|
-
assert_nil p7.get_other
|
189
|
-
end
|
190
|
-
|
191
|
-
def test_set_type_enveloped
|
192
|
-
p7 = PKCS7.new
|
193
|
-
p7.type = ASN1Registry::NID_pkcs7_enveloped
|
194
|
-
|
195
|
-
assert p7.enveloped?
|
196
|
-
assert_equal 0, p7.get_enveloped.version
|
197
|
-
assert_equal ASN1Registry::NID_pkcs7_data, p7.get_enveloped.enc_data.content_type
|
198
|
-
|
199
|
-
assert_nil p7.get_sign
|
200
|
-
assert_nil p7.get_signed_and_enveloped
|
201
|
-
assert_nil p7.get_data
|
202
|
-
assert_nil p7.get_digest
|
203
|
-
assert_nil p7.get_encrypted
|
204
|
-
assert_nil p7.get_other
|
205
|
-
end
|
206
|
-
|
207
|
-
def test_set_type_encrypted
|
208
|
-
p7 = PKCS7.new
|
209
|
-
p7.type = ASN1Registry::NID_pkcs7_encrypted
|
210
|
-
|
211
|
-
assert p7.encrypted?
|
212
|
-
assert_equal 0, p7.get_encrypted.version
|
213
|
-
assert_equal ASN1Registry::NID_pkcs7_data, p7.get_encrypted.enc_data.content_type
|
214
|
-
|
215
|
-
assert_nil p7.get_sign
|
216
|
-
assert_nil p7.get_signed_and_enveloped
|
217
|
-
assert_nil p7.get_data
|
218
|
-
assert_nil p7.get_digest
|
219
|
-
assert_nil p7.get_enveloped
|
220
|
-
assert_nil p7.get_other
|
221
|
-
end
|
222
|
-
|
223
|
-
def test_set_type_digest
|
224
|
-
p7 = PKCS7.new
|
225
|
-
p7.type = ASN1Registry::NID_pkcs7_digest
|
226
|
-
|
227
|
-
assert p7.digest?
|
228
|
-
assert_equal 0, p7.get_digest.version
|
229
|
-
|
230
|
-
assert_nil p7.get_sign
|
231
|
-
assert_nil p7.get_signed_and_enveloped
|
232
|
-
assert_nil p7.get_data
|
233
|
-
assert_nil p7.get_encrypted
|
234
|
-
assert_nil p7.get_enveloped
|
235
|
-
assert_nil p7.get_other
|
236
|
-
end
|
237
|
-
|
238
|
-
def test_set_cipher_on_non_enveloped_object
|
239
|
-
p7 = PKCS7.new
|
240
|
-
p7.type = ASN1Registry::NID_pkcs7_digest
|
241
|
-
|
242
|
-
assert_raise NativeException do
|
243
|
-
p7.cipher = nil
|
244
|
-
end
|
245
|
-
|
246
|
-
p7.type = ASN1Registry::NID_pkcs7_encrypted
|
247
|
-
|
248
|
-
assert_raise NativeException do
|
249
|
-
p7.cipher = nil
|
250
|
-
end
|
251
|
-
|
252
|
-
p7.type = ASN1Registry::NID_pkcs7_data
|
253
|
-
|
254
|
-
assert_raise NativeException do
|
255
|
-
p7.cipher = nil
|
256
|
-
end
|
257
|
-
|
258
|
-
p7.type = ASN1Registry::NID_pkcs7_signed
|
259
|
-
|
260
|
-
assert_raise NativeException do
|
261
|
-
p7.cipher = nil
|
262
|
-
end
|
263
|
-
end
|
264
|
-
|
265
|
-
def test_set_cipher_on_enveloped_object
|
266
|
-
p7 = PKCS7.new
|
267
|
-
p7.type = ASN1Registry::NID_pkcs7_enveloped
|
268
|
-
|
269
|
-
c = javax.crypto.Cipher.getInstance("RSA")
|
270
|
-
cipher = CipherSpec.new(c, "RSA", 128)
|
271
|
-
|
272
|
-
p7.cipher = cipher
|
273
|
-
|
274
|
-
assert_equal cipher, p7.get_enveloped.enc_data.cipher
|
275
|
-
end
|
276
|
-
|
277
|
-
|
278
|
-
def test_set_cipher_on_signedAndEnveloped_object
|
279
|
-
p7 = PKCS7.new
|
280
|
-
p7.type = ASN1Registry::NID_pkcs7_signedAndEnveloped
|
281
|
-
|
282
|
-
c = javax.crypto.Cipher.getInstance("RSA")
|
283
|
-
cipher = CipherSpec.new(c, "RSA", 128)
|
284
|
-
|
285
|
-
p7.cipher = cipher
|
286
|
-
|
287
|
-
assert_equal cipher, p7.get_signed_and_enveloped.enc_data.cipher
|
288
|
-
end
|
289
|
-
|
290
|
-
def test_add_recipient_info_to_something_that_cant_have_recipients
|
291
|
-
p7 = PKCS7.new
|
292
|
-
p7.type = ASN1Registry::NID_pkcs7_signed
|
293
|
-
assert_raise NativeException do
|
294
|
-
p7.add_recipient(X509Cert)
|
295
|
-
end
|
296
|
-
|
297
|
-
p7 = PKCS7.new
|
298
|
-
p7.type = ASN1Registry::NID_pkcs7_data
|
299
|
-
assert_raise NativeException do
|
300
|
-
p7.add_recipient(X509Cert)
|
301
|
-
end
|
302
|
-
|
303
|
-
p7 = PKCS7.new
|
304
|
-
p7.type = ASN1Registry::NID_pkcs7_encrypted
|
305
|
-
assert_raise NativeException do
|
306
|
-
p7.add_recipient(X509Cert)
|
307
|
-
end
|
308
|
-
|
309
|
-
p7 = PKCS7.new
|
310
|
-
p7.type = ASN1Registry::NID_pkcs7_digest
|
311
|
-
assert_raise NativeException do
|
312
|
-
p7.add_recipient(X509Cert)
|
313
|
-
end
|
314
|
-
end
|
315
|
-
|
316
|
-
def test_add_recipient_info_to_enveloped_should_add_that_to_stack
|
317
|
-
p7 = PKCS7.new
|
318
|
-
p7.type = ASN1Registry::NID_pkcs7_enveloped
|
319
|
-
|
320
|
-
ri = p7.add_recipient(X509Cert)
|
321
|
-
|
322
|
-
assert_equal 1, p7.get_enveloped.recipient_info.size
|
323
|
-
assert_equal ri, p7.get_enveloped.recipient_info.iterator.next
|
324
|
-
end
|
325
|
-
|
326
|
-
|
327
|
-
def test_add_recipient_info_to_signedAndEnveloped_should_add_that_to_stack
|
328
|
-
p7 = PKCS7.new
|
329
|
-
p7.type = ASN1Registry::NID_pkcs7_signedAndEnveloped
|
330
|
-
|
331
|
-
ri = p7.add_recipient(X509Cert)
|
332
|
-
|
333
|
-
assert_equal 1, p7.get_signed_and_enveloped.recipient_info.size
|
334
|
-
assert_equal ri, p7.get_signed_and_enveloped.recipient_info.iterator.next
|
335
|
-
end
|
336
|
-
|
337
|
-
def test_add_signer_to_something_that_cant_have_signers
|
338
|
-
p7 = PKCS7.new
|
339
|
-
p7.type = ASN1Registry::NID_pkcs7_enveloped
|
340
|
-
assert_raise NativeException do
|
341
|
-
p7.add_signer(SignerInfoWithPkey.new(nil, nil, nil, nil, nil, nil, nil))
|
342
|
-
end
|
343
|
-
|
344
|
-
p7 = PKCS7.new
|
345
|
-
p7.type = ASN1Registry::NID_pkcs7_data
|
346
|
-
assert_raise NativeException do
|
347
|
-
p7.add_signer(SignerInfoWithPkey.new(nil, nil, nil, nil, nil, nil, nil))
|
348
|
-
end
|
349
|
-
|
350
|
-
p7 = PKCS7.new
|
351
|
-
p7.type = ASN1Registry::NID_pkcs7_encrypted
|
352
|
-
assert_raise NativeException do
|
353
|
-
p7.add_signer(SignerInfoWithPkey.new(nil, nil, nil, nil, nil, nil, nil))
|
354
|
-
end
|
355
|
-
|
356
|
-
p7 = PKCS7.new
|
357
|
-
p7.type = ASN1Registry::NID_pkcs7_digest
|
358
|
-
assert_raise NativeException do
|
359
|
-
p7.add_signer(SignerInfoWithPkey.new(nil, nil, nil, nil, nil, nil, nil))
|
360
|
-
end
|
361
|
-
end
|
362
|
-
|
363
|
-
def test_add_signer_to_signed_should_add_that_to_stack
|
364
|
-
p7 = PKCS7.new
|
365
|
-
p7.type = ASN1Registry::NID_pkcs7_signed
|
366
|
-
|
367
|
-
si = SignerInfoWithPkey.new(nil, nil, nil, nil, nil, nil, nil)
|
368
|
-
p7.add_signer(si)
|
369
|
-
|
370
|
-
assert_equal 1, p7.get_sign.signer_info.size
|
371
|
-
assert_equal si, p7.get_sign.signer_info.iterator.next
|
372
|
-
end
|
373
|
-
|
374
|
-
|
375
|
-
def test_add_signer_to_signedAndEnveloped_should_add_that_to_stack
|
376
|
-
p7 = PKCS7.new
|
377
|
-
p7.type = ASN1Registry::NID_pkcs7_signedAndEnveloped
|
378
|
-
|
379
|
-
si = SignerInfoWithPkey.new(nil, nil, nil, nil, nil, nil, nil)
|
380
|
-
p7.add_signer(si)
|
381
|
-
|
382
|
-
assert_equal 1, p7.get_signed_and_enveloped.signer_info.size
|
383
|
-
assert_equal si, p7.get_signed_and_enveloped.signer_info.iterator.next
|
384
|
-
end
|
385
|
-
|
386
|
-
def create_signer_info_with_algo(algo)
|
387
|
-
md5 = AlgorithmIdentifier.new(ASN1Registry.nid2obj(4))
|
388
|
-
SignerInfoWithPkey.new(ASN1Integer.new(BigInteger::ONE),
|
389
|
-
IssuerAndSerialNumber.new(X500Name.new("C=SE"), BigInteger::ONE),
|
390
|
-
algo,
|
391
|
-
DERSet.new,
|
392
|
-
md5,
|
393
|
-
DEROctetString.new([].to_java(:byte)),
|
394
|
-
DERSet.new)
|
395
|
-
end
|
396
|
-
|
397
|
-
def test_add_signer_to_signed_with_new_algo_should_add_that_algo_to_the_algo_list
|
398
|
-
p7 = PKCS7.new
|
399
|
-
p7.type = ASN1Registry::NID_pkcs7_signed
|
400
|
-
|
401
|
-
# YES, these numbers are correct. Don't change them. They are OpenSSL internal NIDs
|
402
|
-
md5 = AlgorithmIdentifier.new(ASN1Registry.nid2obj(4))
|
403
|
-
md4 = AlgorithmIdentifier.new(ASN1Registry.nid2obj(5))
|
404
|
-
|
405
|
-
si = create_signer_info_with_algo(md5)
|
406
|
-
p7.add_signer(si)
|
407
|
-
|
408
|
-
assert_equal md5, p7.get_sign.md_algs.iterator.next
|
409
|
-
assert_equal 1, p7.get_sign.md_algs.size
|
410
|
-
|
411
|
-
si = create_signer_info_with_algo(md5)
|
412
|
-
p7.add_signer(si)
|
413
|
-
|
414
|
-
assert_equal md5, p7.get_sign.md_algs.iterator.next
|
415
|
-
assert_equal 1, p7.get_sign.md_algs.size
|
416
|
-
|
417
|
-
si = create_signer_info_with_algo(md4)
|
418
|
-
p7.add_signer(si)
|
419
|
-
|
420
|
-
assert_equal 2, p7.get_sign.md_algs.size
|
421
|
-
assert p7.get_sign.md_algs.contains(md4)
|
422
|
-
assert p7.get_sign.md_algs.contains(md5)
|
423
|
-
end
|
424
|
-
|
425
|
-
|
426
|
-
def test_add_signer_to_signedAndEnveloped_with_new_algo_should_add_that_algo_to_the_algo_list
|
427
|
-
p7 = PKCS7.new
|
428
|
-
p7.type = ASN1Registry::NID_pkcs7_signedAndEnveloped
|
429
|
-
|
430
|
-
# YES, these numbers are correct. Don't change them. They are OpenSSL internal NIDs
|
431
|
-
md5 = AlgorithmIdentifier.new(ASN1Registry.nid2obj(4))
|
432
|
-
md4 = AlgorithmIdentifier.new(ASN1Registry.nid2obj(5))
|
433
|
-
|
434
|
-
si = create_signer_info_with_algo(md5)
|
435
|
-
p7.add_signer(si)
|
436
|
-
|
437
|
-
assert_equal md5, p7.get_signed_and_enveloped.md_algs.iterator.next
|
438
|
-
assert_equal 1, p7.get_signed_and_enveloped.md_algs.size
|
439
|
-
|
440
|
-
si = create_signer_info_with_algo(md5)
|
441
|
-
p7.add_signer(si)
|
442
|
-
|
443
|
-
assert_equal md5, p7.get_signed_and_enveloped.md_algs.iterator.next
|
444
|
-
assert_equal 1, p7.get_signed_and_enveloped.md_algs.size
|
445
|
-
|
446
|
-
si = create_signer_info_with_algo(md4)
|
447
|
-
p7.add_signer(si)
|
448
|
-
|
449
|
-
assert_equal 2, p7.get_signed_and_enveloped.md_algs.size
|
450
|
-
assert p7.get_signed_and_enveloped.md_algs.contains(md4)
|
451
|
-
assert p7.get_signed_and_enveloped.md_algs.contains(md5)
|
452
|
-
end
|
453
|
-
|
454
|
-
def test_set_content_on_data_throws_exception
|
455
|
-
p7 = PKCS7.new
|
456
|
-
p7.type = ASN1Registry::NID_pkcs7_data
|
457
|
-
assert_raise NativeException do
|
458
|
-
p7.setContent(PKCS7.new)
|
459
|
-
end
|
460
|
-
end
|
461
|
-
|
462
|
-
def test_set_content_on_enveloped_throws_exception
|
463
|
-
p7 = PKCS7.new
|
464
|
-
p7.type = ASN1Registry::NID_pkcs7_enveloped
|
465
|
-
assert_raise NativeException do
|
466
|
-
p7.setContent(PKCS7.new)
|
467
|
-
end
|
468
|
-
end
|
469
|
-
|
470
|
-
def test_set_content_on_signedAndEnveloped_throws_exception
|
471
|
-
p7 = PKCS7.new
|
472
|
-
p7.type = ASN1Registry::NID_pkcs7_signedAndEnveloped
|
473
|
-
assert_raise NativeException do
|
474
|
-
p7.setContent(PKCS7.new)
|
475
|
-
end
|
476
|
-
end
|
477
|
-
|
478
|
-
def test_set_content_on_encrypted_throws_exception
|
479
|
-
p7 = PKCS7.new
|
480
|
-
p7.type = ASN1Registry::NID_pkcs7_encrypted
|
481
|
-
assert_raise NativeException do
|
482
|
-
p7.setContent(PKCS7.new)
|
483
|
-
end
|
484
|
-
end
|
485
|
-
|
486
|
-
def test_set_content_on_signed_sets_the_content
|
487
|
-
p7 = PKCS7.new
|
488
|
-
p7.type = ASN1Registry::NID_pkcs7_signed
|
489
|
-
p7new = PKCS7.new
|
490
|
-
p7.setContent(p7new)
|
491
|
-
|
492
|
-
assert_equal p7new, p7.get_sign.contents
|
493
|
-
end
|
494
|
-
|
495
|
-
def test_set_content_on_digest_sets_the_content
|
496
|
-
p7 = PKCS7.new
|
497
|
-
p7.type = ASN1Registry::NID_pkcs7_digest
|
498
|
-
p7new = PKCS7.new
|
499
|
-
p7.setContent(p7new)
|
500
|
-
|
501
|
-
assert_equal p7new, p7.get_digest.contents
|
502
|
-
end
|
503
|
-
|
504
|
-
def test_get_signer_info_on_digest_returns_null
|
505
|
-
p7 = PKCS7.new
|
506
|
-
p7.type = ASN1Registry::NID_pkcs7_digest
|
507
|
-
assert_nil p7.signer_info
|
508
|
-
end
|
509
|
-
|
510
|
-
def test_get_signer_info_on_data_returns_null
|
511
|
-
p7 = PKCS7.new
|
512
|
-
p7.type = ASN1Registry::NID_pkcs7_data
|
513
|
-
assert_nil p7.signer_info
|
514
|
-
end
|
515
|
-
|
516
|
-
def test_get_signer_info_on_encrypted_returns_null
|
517
|
-
p7 = PKCS7.new
|
518
|
-
p7.type = ASN1Registry::NID_pkcs7_encrypted
|
519
|
-
assert_nil p7.signer_info
|
520
|
-
end
|
521
|
-
|
522
|
-
def test_get_signer_info_on_enveloped_returns_null
|
523
|
-
p7 = PKCS7.new
|
524
|
-
p7.type = ASN1Registry::NID_pkcs7_enveloped
|
525
|
-
assert_nil p7.signer_info
|
526
|
-
end
|
527
|
-
|
528
|
-
def test_get_signer_info_on_signed_returns_signer_info
|
529
|
-
p7 = PKCS7.new
|
530
|
-
p7.type = ASN1Registry::NID_pkcs7_signed
|
531
|
-
assert_equal p7.get_sign.signer_info.object_id, p7.signer_info.object_id
|
532
|
-
end
|
533
|
-
|
534
|
-
def test_get_signer_info_on_signedAndEnveloped_returns_signer_info
|
535
|
-
p7 = PKCS7.new
|
536
|
-
p7.type = ASN1Registry::NID_pkcs7_signedAndEnveloped
|
537
|
-
assert_equal p7.get_signed_and_enveloped.signer_info.object_id, p7.signer_info.object_id
|
538
|
-
end
|
539
|
-
|
540
|
-
def test_content_new_on_data_raises_exception
|
541
|
-
p7 = PKCS7.new
|
542
|
-
p7.type = ASN1Registry::NID_pkcs7_data
|
543
|
-
assert_raise NativeException do
|
544
|
-
p7.content_new(ASN1Registry::NID_pkcs7_data)
|
545
|
-
end
|
546
|
-
end
|
547
|
-
|
548
|
-
def test_content_new_on_encrypted_raises_exception
|
549
|
-
p7 = PKCS7.new
|
550
|
-
p7.type = ASN1Registry::NID_pkcs7_encrypted
|
551
|
-
assert_raise NativeException do
|
552
|
-
p7.content_new(ASN1Registry::NID_pkcs7_data)
|
553
|
-
end
|
554
|
-
end
|
555
|
-
|
556
|
-
def test_content_new_on_enveloped_raises_exception
|
557
|
-
p7 = PKCS7.new
|
558
|
-
p7.type = ASN1Registry::NID_pkcs7_enveloped
|
559
|
-
assert_raise NativeException do
|
560
|
-
p7.content_new(ASN1Registry::NID_pkcs7_data)
|
561
|
-
end
|
562
|
-
end
|
563
|
-
|
564
|
-
def test_content_new_on_signedAndEnveloped_raises_exception
|
565
|
-
p7 = PKCS7.new
|
566
|
-
p7.type = ASN1Registry::NID_pkcs7_signedAndEnveloped
|
567
|
-
assert_raise NativeException do
|
568
|
-
p7.content_new(ASN1Registry::NID_pkcs7_data)
|
569
|
-
end
|
570
|
-
end
|
571
|
-
|
572
|
-
def test_content_new_on_digest_creates_new_content
|
573
|
-
p7 = PKCS7.new
|
574
|
-
p7.type = ASN1Registry::NID_pkcs7_digest
|
575
|
-
p7.content_new(ASN1Registry::NID_pkcs7_signedAndEnveloped)
|
576
|
-
assert p7.get_digest.contents.signed_and_enveloped?
|
577
|
-
|
578
|
-
p7.content_new(ASN1Registry::NID_pkcs7_encrypted)
|
579
|
-
assert p7.get_digest.contents.encrypted?
|
580
|
-
end
|
581
|
-
|
582
|
-
def test_content_new_on_signed_creates_new_content
|
583
|
-
p7 = PKCS7.new
|
584
|
-
p7.type = ASN1Registry::NID_pkcs7_signed
|
585
|
-
p7.content_new(ASN1Registry::NID_pkcs7_signedAndEnveloped)
|
586
|
-
assert p7.get_sign.contents.signed_and_enveloped?
|
587
|
-
|
588
|
-
p7.content_new(ASN1Registry::NID_pkcs7_encrypted)
|
589
|
-
assert p7.get_sign.contents.encrypted?
|
590
|
-
end
|
591
|
-
|
592
|
-
|
593
|
-
def test_add_certificate_on_data_throws_exception
|
594
|
-
p7 = PKCS7.new
|
595
|
-
p7.type = ASN1Registry::NID_pkcs7_data
|
596
|
-
assert_raise NativeException do
|
597
|
-
p7.add_certificate(X509Cert)
|
598
|
-
end
|
599
|
-
end
|
600
|
-
|
601
|
-
def test_add_certificate_on_enveloped_throws_exception
|
602
|
-
p7 = PKCS7.new
|
603
|
-
p7.type = ASN1Registry::NID_pkcs7_enveloped
|
604
|
-
assert_raise NativeException do
|
605
|
-
p7.add_certificate(X509Cert)
|
606
|
-
end
|
607
|
-
end
|
608
|
-
|
609
|
-
def test_add_certificate_on_encrypted_throws_exception
|
610
|
-
p7 = PKCS7.new
|
611
|
-
p7.type = ASN1Registry::NID_pkcs7_encrypted
|
612
|
-
assert_raise NativeException do
|
613
|
-
p7.add_certificate(X509Cert)
|
614
|
-
end
|
615
|
-
end
|
616
|
-
|
617
|
-
def test_add_certificate_on_digest_throws_exception
|
618
|
-
p7 = PKCS7.new
|
619
|
-
p7.type = ASN1Registry::NID_pkcs7_digest
|
620
|
-
assert_raise NativeException do
|
621
|
-
p7.add_certificate(X509Cert)
|
622
|
-
end
|
623
|
-
end
|
624
|
-
|
625
|
-
def test_add_certificate_on_signed_adds_the_certificate
|
626
|
-
p7 = PKCS7.new
|
627
|
-
p7.type = ASN1Registry::NID_pkcs7_signed
|
628
|
-
p7.add_certificate(X509Cert)
|
629
|
-
assert_equal 1, p7.get_sign.cert.size
|
630
|
-
assert_equal X509Cert, p7.get_sign.cert.iterator.next
|
631
|
-
end
|
632
|
-
|
633
|
-
def test_add_certificate_on_signedAndEnveloped_adds_the_certificate
|
634
|
-
p7 = PKCS7.new
|
635
|
-
p7.type = ASN1Registry::NID_pkcs7_signedAndEnveloped
|
636
|
-
p7.add_certificate(X509Cert)
|
637
|
-
assert_equal 1, p7.get_signed_and_enveloped.cert.size
|
638
|
-
assert_equal X509Cert, p7.get_signed_and_enveloped.cert.get(0)
|
639
|
-
end
|
640
|
-
|
641
|
-
def test_add_crl_on_data_throws_exception
|
642
|
-
p7 = PKCS7.new
|
643
|
-
p7.type = ASN1Registry::NID_pkcs7_data
|
644
|
-
assert_raise NativeException do
|
645
|
-
p7.add_crl(X509CRL)
|
646
|
-
end
|
647
|
-
end
|
648
|
-
|
649
|
-
def test_add_crl_on_enveloped_throws_exception
|
650
|
-
p7 = PKCS7.new
|
651
|
-
p7.type = ASN1Registry::NID_pkcs7_enveloped
|
652
|
-
assert_raise NativeException do
|
653
|
-
p7.add_crl(X509CRL)
|
654
|
-
end
|
655
|
-
end
|
656
|
-
|
657
|
-
def test_add_crl_on_encrypted_throws_exception
|
658
|
-
p7 = PKCS7.new
|
659
|
-
p7.type = ASN1Registry::NID_pkcs7_encrypted
|
660
|
-
assert_raise NativeException do
|
661
|
-
p7.add_crl(X509CRL)
|
662
|
-
end
|
663
|
-
end
|
664
|
-
|
665
|
-
def test_add_crl_on_digest_throws_exception
|
666
|
-
p7 = PKCS7.new
|
667
|
-
p7.type = ASN1Registry::NID_pkcs7_digest
|
668
|
-
assert_raise NativeException do
|
669
|
-
p7.add_crl(X509CRL)
|
670
|
-
end
|
671
|
-
end
|
672
|
-
|
673
|
-
def test_add_crl_on_signed_adds_the_crl
|
674
|
-
p7 = PKCS7.new
|
675
|
-
p7.type = ASN1Registry::NID_pkcs7_signed
|
676
|
-
p7.add_crl(X509CRL)
|
677
|
-
assert_equal 1, p7.get_sign.crl.size
|
678
|
-
assert_equal X509CRL, p7.get_sign.crl.iterator.next
|
679
|
-
end
|
680
|
-
|
681
|
-
def test_add_crl_on_signedAndEnveloped_adds_the_crl
|
682
|
-
p7 = PKCS7.new
|
683
|
-
p7.type = ASN1Registry::NID_pkcs7_signedAndEnveloped
|
684
|
-
p7.add_crl(X509CRL)
|
685
|
-
assert_equal 1, p7.get_signed_and_enveloped.crl.size
|
686
|
-
assert_equal X509CRL, p7.get_signed_and_enveloped.crl.get(0)
|
687
|
-
end
|
688
|
-
|
689
|
-
EXISTING_PKCS7_DEF = "0\202\002 \006\t*\206H\206\367\r\001\a\003\240\202\002\0210\202\002\r\002\001\0001\202\001\2700\201\331\002\001\0000B0=1\0230\021\006\n\t\222&\211\223\362,d\001\031\026\003org1\0310\027\006\n\t\222&\211\223\362,d\001\031\026\truby-lang1\v0\t\006\003U\004\003\f\002CA\002\001\0020\r\006\t*\206H\206\367\r\001\001\001\005\000\004\201\200\213kF\330\030\362\237\363$\311\351\207\271+_\310sr\344\233N\200\233)\272\226\343\003\224OOf\372 \r\301{\206\367\241\270\006\240\254\3179F\232\231Q\232\225\347\373\233\032\375\360\035o\371\275p\306\v5Z)\263\037\302|\307\300\327\a\375\023G'Ax\313\346\261\254\227K\026\364\242\337\367\362rk\276\023\217m\326\343F\366I1\263\nLuNf\234\203\261\300\030\232Q\277\231\f0\030\001\332\021\0030\201\331\002\001\0000B0=1\0230\021\006\n\t\222&\211\223\362,d\001\031\026\003org1\0310\027\006\n\t\222&\211\223\362,d\001\031\026\truby-lang1\v0\t\006\003U\004\003\f\002CA\002\001\0030\r\006\t*\206H\206\367\r\001\001\001\005\000\004\201\200\215\223\3428\2440]\0278\016\230,\315\023Tg\325`\376~\353\304\020\243N{\326H\003\005\361q\224OI\310\2324-\341?\355&r\215\233\361\245jF\255R\271\203D\304v\325\265\243\321$\bSh\031i\eS\240\227\362\221\364\232\035\202\f?x\031\223D\004ZHD\355'g\243\037\236mJ\323\210\347\274m\324-\351\332\353#A\273\002\"h\aM\202\347\236\265\aI$@\240bt=<\212\2370L\006\t*\206H\206\367\r\001\a\0010\035\006\t`\206H\001e\003\004\001\002\004\020L?\325\372\\\360\366\372\237|W\333nnI\255\200 \253\234\252\263\006\335\037\320\350{s\352r\337\304\305\216\223k\003\376f\027_\201\035#*\002yM\334"
|
690
|
-
|
691
|
-
EXISTING_PKCS7_1 = PKCS7::from_asn1(ASN1InputStream.new(EXISTING_PKCS7_DEF.to_java_bytes).read_object)
|
692
|
-
|
693
|
-
def test_encrypt_integration_test
|
694
|
-
certs = [X509Cert]
|
695
|
-
c = Cipher.get_instance("AES", BCP.new)
|
696
|
-
cipher = CipherSpec.new(c, "AES-128-CBC", 128)
|
697
|
-
data = "aaaaa\nbbbbb\nccccc\n".to_java_bytes
|
698
|
-
PKCS7::encrypt(certs, data, cipher, PKCS7::BINARY)
|
699
|
-
# puts
|
700
|
-
# puts PKCS7::encrypt(certs, data, cipher, PKCS7::BINARY)
|
701
|
-
# puts
|
702
|
-
# puts EXISTING_PKCS7_1
|
703
|
-
end
|
704
|
-
|
705
|
-
EXISTING_PKCS7_PEM = <<PKCS7STR
|
706
|
-
-----BEGIN PKCS7-----
|
707
|
-
MIICIAYJKoZIhvcNAQcDoIICETCCAg0CAQAxggG4MIHZAgEAMEIwPTETMBEGCgmS
|
708
|
-
JomT8ixkARkWA29yZzEZMBcGCgmSJomT8ixkARkWCXJ1YnktbGFuZzELMAkGA1UE
|
709
|
-
AwwCQ0ECAQIwDQYJKoZIhvcNAQEBBQAEgYCPGMV4KS/8amYA2xeIjj9qLseJf7dl
|
710
|
-
BtSDp+YAU3y1JnW7XufBCKxYw7eCuhWWA/mrxijr+wdsFDvSalM6nPX2P2NiVMWP
|
711
|
-
a7mzErZ4WrzkKIuGczYPYPJetwBYuhik3ya4ygYygoYssVRAITOSsEKpfqHAPmI+
|
712
|
-
AUJkqmCdGpQu9TCB2QIBADBCMD0xEzARBgoJkiaJk/IsZAEZFgNvcmcxGTAXBgoJ
|
713
|
-
kiaJk/IsZAEZFglydWJ5LWxhbmcxCzAJBgNVBAMMAkNBAgEDMA0GCSqGSIb3DQEB
|
714
|
-
AQUABIGAPaBX0KM3S+2jcrQrncu1jrvm1PUXlUvMfFIG2oBfPkMhiqCBvkOct1Ve
|
715
|
-
ws1hxvGtsqyjAUn02Yx1+gQJhTN4JZZHNqkfi0TwN32nlwLxclKcrbF9bvtMiVHx
|
716
|
-
V3LrSygblxxJsBf8reoV4yTJRa3w98bEoDhjUwjfy5xTml2cAn4wTAYJKoZIhvcN
|
717
|
-
AQcBMB0GCWCGSAFlAwQBAgQQath+2gUo4ntkKl8FO1LLhoAg58j0Jn/OfWG3rNRH
|
718
|
-
kTtUQfnBFk/UGbTZgExHILaGz8Y=
|
719
|
-
-----END PKCS7-----
|
720
|
-
PKCS7STR
|
721
|
-
|
722
|
-
PKCS7_PEM_CONTENTS = "\347\310\364&\177\316}a\267\254\324G\221;TA\371\301\026O\324\031\264\331\200LG \266\206\317\306"
|
723
|
-
|
724
|
-
PKCS7_PEM_FIRST_KEY = "\217\030\305x)/\374jf\000\333\027\210\216?j.\307\211\177\267e\006\324\203\247\346\000S|\265&u\273^\347\301\b\254X\303\267\202\272\025\226\003\371\253\306(\353\373\al\024;\322jS:\234\365\366?cbT\305\217k\271\263\022\266xZ\274\344(\213\206s6\017`\362^\267\000X\272\030\244\337&\270\312\0062\202\206,\261T@!3\222\260B\251~\241\300>b>\001Bd\252`\235\032\224.\365"
|
725
|
-
|
726
|
-
PKCS7_PEM_SECOND_KEY = "=\240W\320\2437K\355\243r\264+\235\313\265\216\273\346\324\365\027\225K\314|R\006\332\200_>C!\212\240\201\276C\234\267U^\302\315a\306\361\255\262\254\243\001I\364\331\214u\372\004\t\2053x%\226G6\251\037\213D\3607}\247\227\002\361rR\234\255\261}n\373L\211Q\361Wr\353K(\e\227\034I\260\027\374\255\352\025\343$\311E\255\360\367\306\304\2408cS\b\337\313\234S\232]\234\002~"
|
727
|
-
|
728
|
-
def test_PEM_read_pkcs7_bio
|
729
|
-
bio = BIO::mem_buf(EXISTING_PKCS7_PEM.to_java_bytes)
|
730
|
-
p7 = PKCS7.read_pem(bio)
|
731
|
-
|
732
|
-
assert_equal ASN1Registry::NID_pkcs7_enveloped, p7.type
|
733
|
-
env = p7.get_enveloped
|
734
|
-
assert_equal 0, env.version
|
735
|
-
enc_data = env.enc_data
|
736
|
-
assert_equal ASN1Registry::NID_pkcs7_data, enc_data.content_type
|
737
|
-
assert_equal ASN1Registry::NID_aes_128_cbc, ASN1Registry::obj2nid(enc_data.algorithm.get_object_id)
|
738
|
-
assert_equal PKCS7_PEM_CONTENTS, String.from_java_bytes(enc_data.enc_data.octets)
|
739
|
-
|
740
|
-
ris = env.recipient_info
|
741
|
-
assert_equal 2, ris.size
|
742
|
-
|
743
|
-
first = second = nil
|
744
|
-
tmp = ris.iterator.next
|
745
|
-
|
746
|
-
if tmp.issuer_and_serial.certificate_serial_number.value == 2
|
747
|
-
first = tmp
|
748
|
-
iter = ris.iterator
|
749
|
-
iter.next
|
750
|
-
second = iter.next
|
751
|
-
else
|
752
|
-
second = tmp
|
753
|
-
iter = ris.iterator
|
754
|
-
iter.next
|
755
|
-
first = iter.next
|
756
|
-
end
|
757
|
-
|
758
|
-
assert_equal 0, first.version
|
759
|
-
assert_equal 0, second.version
|
760
|
-
|
761
|
-
assert_equal "DC=org,DC=ruby-lang,CN=CA", first.issuer_and_serial.name.to_s
|
762
|
-
assert_equal "DC=org,DC=ruby-lang,CN=CA", second.issuer_and_serial.name.to_s
|
763
|
-
|
764
|
-
assert_equal ASN1Registry::NID_rsaEncryption, ASN1Registry::obj2nid(first.key_enc_algor.get_object_id)
|
765
|
-
assert_equal ASN1Registry::NID_rsaEncryption, ASN1Registry::obj2nid(second.key_enc_algor.get_object_id)
|
766
|
-
|
767
|
-
assert_equal PKCS7_PEM_FIRST_KEY, String.from_java_bytes(first.enc_key.octets)
|
768
|
-
assert_equal PKCS7_PEM_SECOND_KEY, String.from_java_bytes(second.enc_key.octets)
|
769
|
-
end
|
770
|
-
end
|
771
|
-
end
|
772
|
-
|