bcpkix/src/main/java/org/bouncycastle/cert/test/BcPKCS10Test.java - platform/external/bouncycastle - Git at Google

 package org.bouncycastle.cert.test;

 import java.math.BigInteger;
 import java.security.SecureRandom;

 import junit.framework.TestCase;
 import org.bouncycastle.asn1.pkcs.Attribute;
 import org.bouncycastle.asn1.pkcs.PKCSObjectIdentifiers;
 import org.bouncycastle.asn1.x500.X500Name;
 import org.bouncycastle.asn1.x500.X500NameBuilder;
 import org.bouncycastle.asn1.x500.style.RFC4519Style;
 import org.bouncycastle.asn1.x509.AlgorithmIdentifier;
 import org.bouncycastle.asn1.x509.BasicConstraints;
 import org.bouncycastle.asn1.x509.Extension;
 import org.bouncycastle.asn1.x509.ExtensionsGenerator;
 import org.bouncycastle.asn1.x509.KeyUsage;
 import org.bouncycastle.asn1.x509.SubjectKeyIdentifier;
 import org.bouncycastle.cert.bc.BcX509ExtensionUtils;
 import org.bouncycastle.crypto.AsymmetricCipherKeyPair;
 import org.bouncycastle.crypto.AsymmetricCipherKeyPairGenerator;
 import org.bouncycastle.crypto.generators.RSAKeyPairGenerator;
 import org.bouncycastle.crypto.params.AsymmetricKeyParameter;
 import org.bouncycastle.crypto.params.RSAKeyGenerationParameters;
 import org.bouncycastle.crypto.params.RSAKeyParameters;
 import org.bouncycastle.crypto.params.RSAPrivateCrtKeyParameters;
 import org.bouncycastle.operator.DefaultDigestAlgorithmIdentifierFinder;
 import org.bouncycastle.operator.DefaultSignatureAlgorithmIdentifierFinder;
 import org.bouncycastle.operator.bc.BcContentSignerBuilder;
 import org.bouncycastle.operator.bc.BcRSAContentSignerBuilder;
 import org.bouncycastle.operator.bc.BcRSAContentVerifierProviderBuilder;
 import org.bouncycastle.pkcs.PKCS10CertificationRequest;
 import org.bouncycastle.pkcs.PKCS10CertificationRequestBuilder;
 import org.bouncycastle.pkcs.bc.BcPKCS10CertificationRequest;
 import org.bouncycastle.pkcs.bc.BcPKCS10CertificationRequestBuilder;
 import org.bouncycastle.util.Arrays;

 public class BcPKCS10Test
     extends TestCase
 {
     public String getName()
     {
         return "PKCS10CertRequest";
     }

     private void generationTest(int keySize, String keyName, String sigName)
         throws Exception
     {
         AsymmetricCipherKeyPairGenerator kpg = new RSAKeyPairGenerator();
         RSAKeyGenerationParameters genParam = new RSAKeyGenerationParameters(
                                             BigInteger.valueOf(0x1001), new SecureRandom(), keySize, 25);

         kpg.init(genParam);

         AsymmetricCipherKeyPair kp = kpg.generateKeyPair();


         X500NameBuilder x500NameBld = new X500NameBuilder(RFC4519Style.INSTANCE);

         x500NameBld.addRDN(RFC4519Style.c, "AU");
         x500NameBld.addRDN(RFC4519Style.o, "The Legion of the Bouncy Castle");
         x500NameBld.addRDN(RFC4519Style.l, "Melbourne");
         x500NameBld.addRDN(RFC4519Style.st, "Victoria");
         x500NameBld.addRDN(PKCSObjectIdentifiers.pkcs_9_at_emailAddress, "feedback-crypto@bouncycastle.org");

         X500Name subject = x500NameBld.build();

         PKCS10CertificationRequestBuilder requestBuilder = new BcPKCS10CertificationRequestBuilder(subject, kp.getPublic());

         DefaultSignatureAlgorithmIdentifierFinder sigAlgFinder = new DefaultSignatureAlgorithmIdentifierFinder();
         DefaultDigestAlgorithmIdentifierFinder digAlgFinder = new DefaultDigestAlgorithmIdentifierFinder();

         AlgorithmIdentifier sigAlgId = sigAlgFinder.find("SHA1withRSA");

         AlgorithmIdentifier digAlgId = digAlgFinder.find(sigAlgId);

         BcContentSignerBuilder contentSignerBuilder = new BcRSAContentSignerBuilder(sigAlgId, digAlgId);

         PKCS10CertificationRequest req1 = requestBuilder.build(contentSignerBuilder.build(kp.getPrivate()));

         BcPKCS10CertificationRequest req2 = new BcPKCS10CertificationRequest(req1.getEncoded());

         if (!req2.isSignatureValid(new BcRSAContentVerifierProviderBuilder(digAlgFinder).build(kp.getPublic())))
         {
             fail(sigName + ": Failed verify check.");
         }

         if (!Arrays.areEqual(req2.getSubjectPublicKeyInfo().getEncoded(), req1.getSubjectPublicKeyInfo().getEncoded()))
         {
             fail(keyName + ": Failed public key check.");
         }
     }

     private void createPSSTest(String algorithm)
         throws Exception
     {
         AsymmetricKeyParameter pubKey = new RSAKeyParameters(
             false,
             new BigInteger("a56e4a0e701017589a5187dc7ea841d156f2ec0e36ad52a44dfeb1e61f7ad991d8c51056ffedb162b4c0f283a12a88a394dff526ab7291cbb307ceabfce0b1dfd5cd9508096d5b2b8b6df5d671ef6377c0921cb23c270a70e2598e6ff89d19f105acc2d3f0cb35f29280e1386b6f64c4ef22e1e1f20d0ce8cffb2249bd9a2137",16),
             new BigInteger("010001",16));

         AsymmetricKeyParameter privKey = new RSAPrivateCrtKeyParameters(
             new BigInteger("a56e4a0e701017589a5187dc7ea841d156f2ec0e36ad52a44dfeb1e61f7ad991d8c51056ffedb162b4c0f283a12a88a394dff526ab7291cbb307ceabfce0b1dfd5cd9508096d5b2b8b6df5d671ef6377c0921cb23c270a70e2598e6ff89d19f105acc2d3f0cb35f29280e1386b6f64c4ef22e1e1f20d0ce8cffb2249bd9a2137",16),
             new BigInteger("010001",16),
             new BigInteger("33a5042a90b27d4f5451ca9bbbd0b44771a101af884340aef9885f2a4bbe92e894a724ac3c568c8f97853ad07c0266c8c6a3ca0929f1e8f11231884429fc4d9ae55fee896a10ce707c3ed7e734e44727a39574501a532683109c2abacaba283c31b4bd2f53c3ee37e352cee34f9e503bd80c0622ad79c6dcee883547c6a3b325",16),
             new BigInteger("e7e8942720a877517273a356053ea2a1bc0c94aa72d55c6e86296b2dfc967948c0a72cbccca7eacb35706e09a1df55a1535bd9b3cc34160b3b6dcd3eda8e6443",16),
             new BigInteger("b69dca1cf7d4d7ec81e75b90fcca874abcde123fd2700180aa90479b6e48de8d67ed24f9f19d85ba275874f542cd20dc723e6963364a1f9425452b269a6799fd",16),
             new BigInteger("28fa13938655be1f8a159cbaca5a72ea190c30089e19cd274a556f36c4f6e19f554b34c077790427bbdd8dd3ede2448328f385d81b30e8e43b2fffa027861979",16),
             new BigInteger("1a8b38f398fa712049898d7fb79ee0a77668791299cdfa09efc0e507acb21ed74301ef5bfd48be455eaeb6e1678255827580a8e4e8e14151d1510a82a3f2e729",16),
             new BigInteger("27156aba4126d24a81f3a528cbfb27f56886f840a9f6e86e17a44b94fe9319584b8e22fdde1e5a2e3bd8aa5ba8d8584194eb2190acf832b847f13a3d24a79f4d",16));

         DefaultSignatureAlgorithmIdentifierFinder sigAlgFinder = new DefaultSignatureAlgorithmIdentifierFinder();
         DefaultDigestAlgorithmIdentifierFinder digAlgFinder = new DefaultDigestAlgorithmIdentifierFinder();

         AlgorithmIdentifier sigAlgId = sigAlgFinder.find(algorithm);
         AlgorithmIdentifier digAlgId = digAlgFinder.find(sigAlgId);
         BcContentSignerBuilder contentSignerBuilder = new BcRSAContentSignerBuilder(sigAlgId, digAlgId);

         PKCS10CertificationRequest req = new BcPKCS10CertificationRequestBuilder(new X500Name("CN=XXX"), pubKey).build(contentSignerBuilder.build(privKey));
         if (!req.isSignatureValid(new BcRSAContentVerifierProviderBuilder(digAlgFinder).build(pubKey)))
         {
             fail("Failed verify check PSS.");
         }

         BcPKCS10CertificationRequest bcReq = new BcPKCS10CertificationRequest(req.getEncoded());
         if (!bcReq.isSignatureValid(new BcRSAContentVerifierProviderBuilder(digAlgFinder).build(bcReq.getPublicKey())))
         {
             fail("Failed verify check PSS encoded.");
         }

         if (!bcReq.getSignatureAlgorithm().getAlgorithm().equals(PKCSObjectIdentifiers.id_RSASSA_PSS))
         {
             fail("PSS oid incorrect.");
         }

         if (bcReq.getSignatureAlgorithm().getParameters() == null)
         {
             fail("PSS parameters incorrect.");
         }
     }

      // previous code found to cause a NullPointerException
     private void nullPointerTest()
         throws Exception
     {
         AsymmetricCipherKeyPairGenerator kpg = new RSAKeyPairGenerator();
         RSAKeyGenerationParameters genParam = new RSAKeyGenerationParameters(
                                             BigInteger.valueOf(0x1001), new SecureRandom(), 1024, 25);

         kpg.init(genParam);

         AsymmetricCipherKeyPair kp = kpg.generateKeyPair();
         ExtensionsGenerator extGen = new ExtensionsGenerator();

         extGen.addExtension(Extension.basicConstraints, true, new BasicConstraints(true));
         extGen.addExtension(Extension.keyUsage, true, new KeyUsage(KeyUsage.keyCertSign | KeyUsage.cRLSign));

         BcX509ExtensionUtils extUtils = new BcX509ExtensionUtils(new SHA1DigestCalculator());

         SubjectKeyIdentifier subjectKeyIdentifier = extUtils.createSubjectKeyIdentifier(kp.getPublic());

         extGen.addExtension(Extension.subjectKeyIdentifier, false, subjectKeyIdentifier);

         DefaultSignatureAlgorithmIdentifierFinder sigAlgFinder = new DefaultSignatureAlgorithmIdentifierFinder();
         DefaultDigestAlgorithmIdentifierFinder digAlgFinder = new DefaultDigestAlgorithmIdentifierFinder();

         AlgorithmIdentifier sigAlgId = sigAlgFinder.find("SHA1withRSA");

         AlgorithmIdentifier digAlgId = digAlgFinder.find(sigAlgId);

         BcContentSignerBuilder contentSignerBuilder = new BcRSAContentSignerBuilder(sigAlgId, digAlgId);

         PKCS10CertificationRequest p1 = new BcPKCS10CertificationRequestBuilder(
             new X500Name("cn=csr"), kp.getPublic())
             .addAttribute(PKCSObjectIdentifiers.pkcs_9_at_extensionRequest, extGen.generate())
             .build(contentSignerBuilder.build(kp.getPrivate()));
         PKCS10CertificationRequest p2 = new BcPKCS10CertificationRequestBuilder(
             new X500Name("cn=csr"), kp.getPublic())
             .addAttribute(PKCSObjectIdentifiers.pkcs_9_at_extensionRequest, extGen.generate())
             .build(contentSignerBuilder.build(kp.getPrivate()));

         if (!p1.equals(p2))
         {
             fail("cert request comparison failed");
         }

         Attribute[] attr1 = p1.getAttributes();
         Attribute[] attr2 = p1.getAttributes();

         checkAttrs(1, attr1, attr2);

         attr1 = p1.getAttributes(PKCSObjectIdentifiers.pkcs_9_at_extensionRequest);
         attr2 = p1.getAttributes(PKCSObjectIdentifiers.pkcs_9_at_extensionRequest);

         checkAttrs(1, attr1, attr2);
     }

     private void checkAttrs(int expectedLength, Attribute[] attr1, Attribute[] attr2)
     {
         if (expectedLength != attr1.length)
         {
             fail("expected length mismatch");
         }

         if (attr1.length != attr2.length)
         {
             fail("atrribute length mismatch");
         }

         for (int i = 0; i != attr1.length; i++)
         {
             if (!attr1[i].equals(attr2[i]))
             {
                 fail("atrribute mismatch");
             }
         }
     }

     public void testPKCS10()
         throws Exception
     {
         generationTest(512, "RSA", "SHA1withRSA");

         createPSSTest("SHA1withRSAandMGF1");
         createPSSTest("SHA224withRSAandMGF1");
         createPSSTest("SHA256withRSAandMGF1");
         createPSSTest("SHA384withRSAandMGF1");

         nullPointerTest();
     }
 }
	package org.bouncycastle.cert.test;

	import java.math.BigInteger;
	import java.security.SecureRandom;

	import junit.framework.TestCase;
	import org.bouncycastle.asn1.pkcs.Attribute;
	import org.bouncycastle.asn1.pkcs.PKCSObjectIdentifiers;
	import org.bouncycastle.asn1.x500.X500Name;
	import org.bouncycastle.asn1.x500.X500NameBuilder;
	import org.bouncycastle.asn1.x500.style.RFC4519Style;
	import org.bouncycastle.asn1.x509.AlgorithmIdentifier;
	import org.bouncycastle.asn1.x509.BasicConstraints;
	import org.bouncycastle.asn1.x509.Extension;
	import org.bouncycastle.asn1.x509.ExtensionsGenerator;
	import org.bouncycastle.asn1.x509.KeyUsage;
	import org.bouncycastle.asn1.x509.SubjectKeyIdentifier;
	import org.bouncycastle.cert.bc.BcX509ExtensionUtils;
	import org.bouncycastle.crypto.AsymmetricCipherKeyPair;
	import org.bouncycastle.crypto.AsymmetricCipherKeyPairGenerator;
	import org.bouncycastle.crypto.generators.RSAKeyPairGenerator;
	import org.bouncycastle.crypto.params.AsymmetricKeyParameter;
	import org.bouncycastle.crypto.params.RSAKeyGenerationParameters;
	import org.bouncycastle.crypto.params.RSAKeyParameters;
	import org.bouncycastle.crypto.params.RSAPrivateCrtKeyParameters;
	import org.bouncycastle.operator.DefaultDigestAlgorithmIdentifierFinder;
	import org.bouncycastle.operator.DefaultSignatureAlgorithmIdentifierFinder;
	import org.bouncycastle.operator.bc.BcContentSignerBuilder;
	import org.bouncycastle.operator.bc.BcRSAContentSignerBuilder;
	import org.bouncycastle.operator.bc.BcRSAContentVerifierProviderBuilder;
	import org.bouncycastle.pkcs.PKCS10CertificationRequest;
	import org.bouncycastle.pkcs.PKCS10CertificationRequestBuilder;
	import org.bouncycastle.pkcs.bc.BcPKCS10CertificationRequest;
	import org.bouncycastle.pkcs.bc.BcPKCS10CertificationRequestBuilder;
	import org.bouncycastle.util.Arrays;

	public class BcPKCS10Test
	extends TestCase
	{
	public String getName()
	{
	return "PKCS10CertRequest";
	}

	private void generationTest(int keySize, String keyName, String sigName)
	throws Exception
	{
	AsymmetricCipherKeyPairGenerator kpg = new RSAKeyPairGenerator();
	RSAKeyGenerationParameters genParam = new RSAKeyGenerationParameters(
	BigInteger.valueOf(0x1001), new SecureRandom(), keySize, 25);

	kpg.init(genParam);

	AsymmetricCipherKeyPair kp = kpg.generateKeyPair();


	X500NameBuilder x500NameBld = new X500NameBuilder(RFC4519Style.INSTANCE);

	x500NameBld.addRDN(RFC4519Style.c, "AU");
	x500NameBld.addRDN(RFC4519Style.o, "The Legion of the Bouncy Castle");
	x500NameBld.addRDN(RFC4519Style.l, "Melbourne");
	x500NameBld.addRDN(RFC4519Style.st, "Victoria");
	x500NameBld.addRDN(PKCSObjectIdentifiers.pkcs_9_at_emailAddress, "feedback-crypto@bouncycastle.org");

	X500Name subject = x500NameBld.build();

	PKCS10CertificationRequestBuilder requestBuilder = new BcPKCS10CertificationRequestBuilder(subject, kp.getPublic());

	DefaultSignatureAlgorithmIdentifierFinder sigAlgFinder = new DefaultSignatureAlgorithmIdentifierFinder();
	DefaultDigestAlgorithmIdentifierFinder digAlgFinder = new DefaultDigestAlgorithmIdentifierFinder();

	AlgorithmIdentifier sigAlgId = sigAlgFinder.find("SHA1withRSA");

	AlgorithmIdentifier digAlgId = digAlgFinder.find(sigAlgId);

	BcContentSignerBuilder contentSignerBuilder = new BcRSAContentSignerBuilder(sigAlgId, digAlgId);

	PKCS10CertificationRequest req1 = requestBuilder.build(contentSignerBuilder.build(kp.getPrivate()));

	BcPKCS10CertificationRequest req2 = new BcPKCS10CertificationRequest(req1.getEncoded());

	if (!req2.isSignatureValid(new BcRSAContentVerifierProviderBuilder(digAlgFinder).build(kp.getPublic())))
	{
	fail(sigName + ": Failed verify check.");
	}

	if (!Arrays.areEqual(req2.getSubjectPublicKeyInfo().getEncoded(), req1.getSubjectPublicKeyInfo().getEncoded()))
	{
	fail(keyName + ": Failed public key check.");
	}
	}

	private void createPSSTest(String algorithm)
	throws Exception
	{
	AsymmetricKeyParameter pubKey = new RSAKeyParameters(
	false,
	new BigInteger("a56e4a0e701017589a5187dc7ea841d156f2ec0e36ad52a44dfeb1e61f7ad991d8c51056ffedb162b4c0f283a12a88a394dff526ab7291cbb307ceabfce0b1dfd5cd9508096d5b2b8b6df5d671ef6377c0921cb23c270a70e2598e6ff89d19f105acc2d3f0cb35f29280e1386b6f64c4ef22e1e1f20d0ce8cffb2249bd9a2137",16),
	new BigInteger("010001",16));

	AsymmetricKeyParameter privKey = new RSAPrivateCrtKeyParameters(
	new BigInteger("a56e4a0e701017589a5187dc7ea841d156f2ec0e36ad52a44dfeb1e61f7ad991d8c51056ffedb162b4c0f283a12a88a394dff526ab7291cbb307ceabfce0b1dfd5cd9508096d5b2b8b6df5d671ef6377c0921cb23c270a70e2598e6ff89d19f105acc2d3f0cb35f29280e1386b6f64c4ef22e1e1f20d0ce8cffb2249bd9a2137",16),
	new BigInteger("010001",16),
	new BigInteger("33a5042a90b27d4f5451ca9bbbd0b44771a101af884340aef9885f2a4bbe92e894a724ac3c568c8f97853ad07c0266c8c6a3ca0929f1e8f11231884429fc4d9ae55fee896a10ce707c3ed7e734e44727a39574501a532683109c2abacaba283c31b4bd2f53c3ee37e352cee34f9e503bd80c0622ad79c6dcee883547c6a3b325",16),
	new BigInteger("e7e8942720a877517273a356053ea2a1bc0c94aa72d55c6e86296b2dfc967948c0a72cbccca7eacb35706e09a1df55a1535bd9b3cc34160b3b6dcd3eda8e6443",16),
	new BigInteger("b69dca1cf7d4d7ec81e75b90fcca874abcde123fd2700180aa90479b6e48de8d67ed24f9f19d85ba275874f542cd20dc723e6963364a1f9425452b269a6799fd",16),
	new BigInteger("28fa13938655be1f8a159cbaca5a72ea190c30089e19cd274a556f36c4f6e19f554b34c077790427bbdd8dd3ede2448328f385d81b30e8e43b2fffa027861979",16),
	new BigInteger("1a8b38f398fa712049898d7fb79ee0a77668791299cdfa09efc0e507acb21ed74301ef5bfd48be455eaeb6e1678255827580a8e4e8e14151d1510a82a3f2e729",16),
	new BigInteger("27156aba4126d24a81f3a528cbfb27f56886f840a9f6e86e17a44b94fe9319584b8e22fdde1e5a2e3bd8aa5ba8d8584194eb2190acf832b847f13a3d24a79f4d",16));

	DefaultSignatureAlgorithmIdentifierFinder sigAlgFinder = new DefaultSignatureAlgorithmIdentifierFinder();
	DefaultDigestAlgorithmIdentifierFinder digAlgFinder = new DefaultDigestAlgorithmIdentifierFinder();

	AlgorithmIdentifier sigAlgId = sigAlgFinder.find(algorithm);
	AlgorithmIdentifier digAlgId = digAlgFinder.find(sigAlgId);
	BcContentSignerBuilder contentSignerBuilder = new BcRSAContentSignerBuilder(sigAlgId, digAlgId);

	PKCS10CertificationRequest req = new BcPKCS10CertificationRequestBuilder(new X500Name("CN=XXX"), pubKey).build(contentSignerBuilder.build(privKey));
	if (!req.isSignatureValid(new BcRSAContentVerifierProviderBuilder(digAlgFinder).build(pubKey)))
	{
	fail("Failed verify check PSS.");
	}

	BcPKCS10CertificationRequest bcReq = new BcPKCS10CertificationRequest(req.getEncoded());
	if (!bcReq.isSignatureValid(new BcRSAContentVerifierProviderBuilder(digAlgFinder).build(bcReq.getPublicKey())))
	{
	fail("Failed verify check PSS encoded.");
	}

	if (!bcReq.getSignatureAlgorithm().getAlgorithm().equals(PKCSObjectIdentifiers.id_RSASSA_PSS))
	{
	fail("PSS oid incorrect.");
	}

	if (bcReq.getSignatureAlgorithm().getParameters() == null)
	{
	fail("PSS parameters incorrect.");
	}
	}

	// previous code found to cause a NullPointerException
	private void nullPointerTest()
	throws Exception
	{
	AsymmetricCipherKeyPairGenerator kpg = new RSAKeyPairGenerator();
	RSAKeyGenerationParameters genParam = new RSAKeyGenerationParameters(
	BigInteger.valueOf(0x1001), new SecureRandom(), 1024, 25);

	kpg.init(genParam);

	AsymmetricCipherKeyPair kp = kpg.generateKeyPair();
	ExtensionsGenerator extGen = new ExtensionsGenerator();

	extGen.addExtension(Extension.basicConstraints, true, new BasicConstraints(true));
	extGen.addExtension(Extension.keyUsage, true, new KeyUsage(KeyUsage.keyCertSign \| KeyUsage.cRLSign));

	BcX509ExtensionUtils extUtils = new BcX509ExtensionUtils(new SHA1DigestCalculator());

	SubjectKeyIdentifier subjectKeyIdentifier = extUtils.createSubjectKeyIdentifier(kp.getPublic());

	extGen.addExtension(Extension.subjectKeyIdentifier, false, subjectKeyIdentifier);

	DefaultSignatureAlgorithmIdentifierFinder sigAlgFinder = new DefaultSignatureAlgorithmIdentifierFinder();
	DefaultDigestAlgorithmIdentifierFinder digAlgFinder = new DefaultDigestAlgorithmIdentifierFinder();

	AlgorithmIdentifier sigAlgId = sigAlgFinder.find("SHA1withRSA");

	AlgorithmIdentifier digAlgId = digAlgFinder.find(sigAlgId);

	BcContentSignerBuilder contentSignerBuilder = new BcRSAContentSignerBuilder(sigAlgId, digAlgId);

	PKCS10CertificationRequest p1 = new BcPKCS10CertificationRequestBuilder(
	new X500Name("cn=csr"), kp.getPublic())
	.addAttribute(PKCSObjectIdentifiers.pkcs_9_at_extensionRequest, extGen.generate())
	.build(contentSignerBuilder.build(kp.getPrivate()));
	PKCS10CertificationRequest p2 = new BcPKCS10CertificationRequestBuilder(
	new X500Name("cn=csr"), kp.getPublic())
	.addAttribute(PKCSObjectIdentifiers.pkcs_9_at_extensionRequest, extGen.generate())
	.build(contentSignerBuilder.build(kp.getPrivate()));

	if (!p1.equals(p2))
	{
	fail("cert request comparison failed");
	}

	Attribute[] attr1 = p1.getAttributes();
	Attribute[] attr2 = p1.getAttributes();

	checkAttrs(1, attr1, attr2);

	attr1 = p1.getAttributes(PKCSObjectIdentifiers.pkcs_9_at_extensionRequest);
	attr2 = p1.getAttributes(PKCSObjectIdentifiers.pkcs_9_at_extensionRequest);

	checkAttrs(1, attr1, attr2);
	}

	private void checkAttrs(int expectedLength, Attribute[] attr1, Attribute[] attr2)
	{
	if (expectedLength != attr1.length)
	{
	fail("expected length mismatch");
	}

	if (attr1.length != attr2.length)
	{
	fail("atrribute length mismatch");
	}

	for (int i = 0; i != attr1.length; i++)
	{
	if (!attr1[i].equals(attr2[i]))
	{
	fail("atrribute mismatch");
	}
	}
	}

	public void testPKCS10()
	throws Exception
	{
	generationTest(512, "RSA", "SHA1withRSA");

	createPSSTest("SHA1withRSAandMGF1");
	createPSSTest("SHA224withRSAandMGF1");
	createPSSTest("SHA256withRSAandMGF1");
	createPSSTest("SHA384withRSAandMGF1");

	nullPointerTest();
	}
	}