bcpkix/src/main/java/org/bouncycastle/cert/ocsp/test/OCSPTestUtil.java - platform/external/bouncycastle - Git at Google

 package org.bouncycastle.cert.ocsp.test;

 import java.io.IOException;
 import java.math.BigInteger;
 import java.security.KeyPair;
 import java.security.KeyPairGenerator;
 import java.security.PrivateKey;
 import java.security.PublicKey;
 import java.security.SecureRandom;
 import java.security.cert.X509Certificate;
 import java.util.Date;

 import javax.crypto.KeyGenerator;

 import org.bouncycastle.asn1.x509.AuthorityKeyIdentifier;
 import org.bouncycastle.asn1.x509.BasicConstraints;
 import org.bouncycastle.asn1.x509.SubjectKeyIdentifier;
 import org.bouncycastle.asn1.x509.SubjectPublicKeyInfo;
 import org.bouncycastle.asn1.x509.X509Extensions;
 import org.bouncycastle.asn1.x509.X509Name;
 import org.bouncycastle.cert.bc.BcX509ExtensionUtils;
 import org.bouncycastle.x509.X509V3CertificateGenerator;

 public class OCSPTestUtil
 {

     public static SecureRandom     rand;
     public static KeyPairGenerator kpg, eckpg;
     public static KeyGenerator     desede128kg;
     public static KeyGenerator     desede192kg;
     public static KeyGenerator     rc240kg;
     public static KeyGenerator     rc264kg;
     public static KeyGenerator     rc2128kg;
     public static BigInteger       serialNumber;

     public static final boolean DEBUG = true;

     static
     {
         try
         {
             rand = new SecureRandom();

             kpg  = KeyPairGenerator.getInstance("RSA", "BC");
             kpg.initialize(1024, rand);

             serialNumber = new BigInteger("1");

             eckpg = KeyPairGenerator.getInstance("ECDSA", "BC");
             eckpg.initialize(192, rand);
         }
         catch(Exception ex)
         {
             throw new RuntimeException(ex.toString());
         }
     }

     public static KeyPair makeKeyPair()
     {
         return kpg.generateKeyPair();
     }

     public static KeyPair makeECKeyPair()
     {
         return eckpg.generateKeyPair();
     }

     public static X509Certificate makeCertificate(KeyPair _subKP,
             String _subDN, KeyPair _issKP, String _issDN)
             throws Exception
     {

         return makeCertificate(_subKP, _subDN, _issKP, _issDN, false);
     }

     public static X509Certificate makeECDSACertificate(KeyPair _subKP,
             String _subDN, KeyPair _issKP, String _issDN)
             throws Exception
     {

         return makeECDSACertificate(_subKP, _subDN, _issKP, _issDN, false);
     }

     public static X509Certificate makeCACertificate(KeyPair _subKP,
             String _subDN, KeyPair _issKP, String _issDN)
             throws Exception
     {

         return makeCertificate(_subKP, _subDN, _issKP, _issDN, true);
     }

     public static X509Certificate makeCertificate(KeyPair _subKP,
             String _subDN, KeyPair _issKP, String _issDN, boolean _ca)
             throws Exception
     {
         return makeCertificate(_subKP,_subDN, _issKP, _issDN, "MD5withRSA", _ca);
     }

     public static X509Certificate makeECDSACertificate(KeyPair _subKP,
             String _subDN, KeyPair _issKP, String _issDN, boolean _ca)
             throws Exception
     {
         return makeCertificate(_subKP,_subDN, _issKP, _issDN, "SHA1WithECDSA", _ca);
     }

     public static X509Certificate makeCertificate(KeyPair _subKP,
             String _subDN, KeyPair _issKP, String _issDN, String algorithm, boolean _ca)
             throws Exception
     {

         PublicKey _subPub = _subKP.getPublic();
         PrivateKey _issPriv = _issKP.getPrivate();
         PublicKey _issPub = _issKP.getPublic();

         X509V3CertificateGenerator _v3CertGen = new X509V3CertificateGenerator();

         _v3CertGen.reset();
         _v3CertGen.setSerialNumber(allocateSerialNumber());
         _v3CertGen.setIssuerDN(new X509Name(_issDN));
         _v3CertGen.setNotBefore(new Date(System.currentTimeMillis()));
         _v3CertGen.setNotAfter(new Date(System.currentTimeMillis()
                 + (1000L * 60 * 60 * 24 * 100)));
         _v3CertGen.setSubjectDN(new X509Name(_subDN));
         _v3CertGen.setPublicKey(_subPub);
         _v3CertGen.setSignatureAlgorithm(algorithm);

         _v3CertGen.addExtension(X509Extensions.SubjectKeyIdentifier, false,
                 createSubjectKeyId(_subPub));

         _v3CertGen.addExtension(X509Extensions.AuthorityKeyIdentifier, false,
                 createAuthorityKeyId(_issPub));

         _v3CertGen.addExtension(X509Extensions.BasicConstraints, false,
                 new BasicConstraints(_ca));

         X509Certificate _cert = _v3CertGen.generate(_issPriv);

         _cert.checkValidity(new Date());
         _cert.verify(_issPub);

         return _cert;
     }

     /*
      *
      * INTERNAL METHODS
      *
      */

     private static AuthorityKeyIdentifier createAuthorityKeyId(PublicKey _pubKey)
             throws IOException
     {
         SubjectPublicKeyInfo _info = SubjectPublicKeyInfo.getInstance(_pubKey.getEncoded());

         return new AuthorityKeyIdentifier(_info);
     }

     private static SubjectKeyIdentifier createSubjectKeyId(PublicKey _pubKey)
             throws IOException
     {
         return new BcX509ExtensionUtils().createSubjectKeyIdentifier(SubjectPublicKeyInfo.getInstance(_pubKey.getEncoded()));
     }

     private static BigInteger allocateSerialNumber()
     {
         BigInteger _tmp = serialNumber;
         serialNumber = serialNumber.add(BigInteger.valueOf(1));
         return _tmp;
     }
 }
	package org.bouncycastle.cert.ocsp.test;

	import java.io.IOException;
	import java.math.BigInteger;
	import java.security.KeyPair;
	import java.security.KeyPairGenerator;
	import java.security.PrivateKey;
	import java.security.PublicKey;
	import java.security.SecureRandom;
	import java.security.cert.X509Certificate;
	import java.util.Date;

	import javax.crypto.KeyGenerator;

	import org.bouncycastle.asn1.x509.AuthorityKeyIdentifier;
	import org.bouncycastle.asn1.x509.BasicConstraints;
	import org.bouncycastle.asn1.x509.SubjectKeyIdentifier;
	import org.bouncycastle.asn1.x509.SubjectPublicKeyInfo;
	import org.bouncycastle.asn1.x509.X509Extensions;
	import org.bouncycastle.asn1.x509.X509Name;
	import org.bouncycastle.cert.bc.BcX509ExtensionUtils;
	import org.bouncycastle.x509.X509V3CertificateGenerator;

	public class OCSPTestUtil
	{

	public static SecureRandom rand;
	public static KeyPairGenerator kpg, eckpg;
	public static KeyGenerator desede128kg;
	public static KeyGenerator desede192kg;
	public static KeyGenerator rc240kg;
	public static KeyGenerator rc264kg;
	public static KeyGenerator rc2128kg;
	public static BigInteger serialNumber;

	public static final boolean DEBUG = true;

	static
	{
	try
	{
	rand = new SecureRandom();

	kpg = KeyPairGenerator.getInstance("RSA", "BC");
	kpg.initialize(1024, rand);

	serialNumber = new BigInteger("1");

	eckpg = KeyPairGenerator.getInstance("ECDSA", "BC");
	eckpg.initialize(192, rand);
	}
	catch(Exception ex)
	{
	throw new RuntimeException(ex.toString());
	}
	}

	public static KeyPair makeKeyPair()
	{
	return kpg.generateKeyPair();
	}

	public static KeyPair makeECKeyPair()
	{
	return eckpg.generateKeyPair();
	}

	public static X509Certificate makeCertificate(KeyPair _subKP,
	String _subDN, KeyPair _issKP, String _issDN)
	throws Exception
	{

	return makeCertificate(_subKP, _subDN, _issKP, _issDN, false);
	}

	public static X509Certificate makeECDSACertificate(KeyPair _subKP,
	String _subDN, KeyPair _issKP, String _issDN)
	throws Exception
	{

	return makeECDSACertificate(_subKP, _subDN, _issKP, _issDN, false);
	}

	public static X509Certificate makeCACertificate(KeyPair _subKP,
	String _subDN, KeyPair _issKP, String _issDN)
	throws Exception
	{

	return makeCertificate(_subKP, _subDN, _issKP, _issDN, true);
	}

	public static X509Certificate makeCertificate(KeyPair _subKP,
	String _subDN, KeyPair _issKP, String _issDN, boolean _ca)
	throws Exception
	{
	return makeCertificate(_subKP,_subDN, _issKP, _issDN, "MD5withRSA", _ca);
	}

	public static X509Certificate makeECDSACertificate(KeyPair _subKP,
	String _subDN, KeyPair _issKP, String _issDN, boolean _ca)
	throws Exception
	{
	return makeCertificate(_subKP,_subDN, _issKP, _issDN, "SHA1WithECDSA", _ca);
	}

	public static X509Certificate makeCertificate(KeyPair _subKP,
	String _subDN, KeyPair _issKP, String _issDN, String algorithm, boolean _ca)
	throws Exception
	{

	PublicKey _subPub = _subKP.getPublic();
	PrivateKey _issPriv = _issKP.getPrivate();
	PublicKey _issPub = _issKP.getPublic();

	X509V3CertificateGenerator _v3CertGen = new X509V3CertificateGenerator();

	_v3CertGen.reset();
	_v3CertGen.setSerialNumber(allocateSerialNumber());
	_v3CertGen.setIssuerDN(new X509Name(_issDN));
	_v3CertGen.setNotBefore(new Date(System.currentTimeMillis()));
	_v3CertGen.setNotAfter(new Date(System.currentTimeMillis()
	+ (1000L * 60 * 60 * 24 * 100)));
	_v3CertGen.setSubjectDN(new X509Name(_subDN));
	_v3CertGen.setPublicKey(_subPub);
	_v3CertGen.setSignatureAlgorithm(algorithm);

	_v3CertGen.addExtension(X509Extensions.SubjectKeyIdentifier, false,
	createSubjectKeyId(_subPub));

	_v3CertGen.addExtension(X509Extensions.AuthorityKeyIdentifier, false,
	createAuthorityKeyId(_issPub));

	_v3CertGen.addExtension(X509Extensions.BasicConstraints, false,
	new BasicConstraints(_ca));

	X509Certificate _cert = _v3CertGen.generate(_issPriv);

	_cert.checkValidity(new Date());
	_cert.verify(_issPub);

	return _cert;
	}

	/*
	*
	* INTERNAL METHODS
	*
	*/

	private static AuthorityKeyIdentifier createAuthorityKeyId(PublicKey _pubKey)
	throws IOException
	{
	SubjectPublicKeyInfo _info = SubjectPublicKeyInfo.getInstance(_pubKey.getEncoded());

	return new AuthorityKeyIdentifier(_info);
	}

	private static SubjectKeyIdentifier createSubjectKeyId(PublicKey _pubKey)
	throws IOException
	{
	return new BcX509ExtensionUtils().createSubjectKeyIdentifier(SubjectPublicKeyInfo.getInstance(_pubKey.getEncoded()));
	}

	private static BigInteger allocateSerialNumber()
	{
	BigInteger _tmp = serialNumber;
	serialNumber = serialNumber.add(BigInteger.valueOf(1));
	return _tmp;
	}
	}