Java tutorial
/******************************************************************************* * Implementation of the protocols PACE, Terminal Authentication and Chip * Authentication (client side) with respect to the according BSI standards. * * Copyright (C) 2013 Fraunhofer-Gesellschaft * * This program is free software: you can redistribute it and/or modify * it under the terms of the GNU General Public License as published by * the Free Software Foundation, either version 3 of the License, or * (at your option) any later version. * * This program is distributed in the hope that it will be useful, * but WITHOUT ANY WARRANTY; without even the implied warranty of * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the * GNU General Public License for more details. * * You should have received a copy of the GNU General Public License * along with this program. If not, see <http://www.gnu.org/licenses/>. ******************************************************************************/ package de.fraunhofer.fokus.openeid.pace.test; import java.security.InvalidAlgorithmParameterException; import java.security.InvalidKeyException; import java.security.KeyPair; import java.security.KeyPairGenerator; import java.security.NoSuchAlgorithmException; import java.security.NoSuchProviderException; import java.security.PrivateKey; import java.security.PublicKey; import java.security.SecureRandom; import java.security.Security; import java.security.SignatureException; import java.security.spec.ECGenParameterSpec; import junit.framework.Assert; import org.bouncycastle.jce.provider.BouncyCastleProvider; import org.junit.BeforeClass; import org.junit.Ignore; import org.junit.Test; import de.fraunhofer.fokus.openeid.iso7816_4.Utils; import de.fraunhofer.fokus.openeid.ta.TerminalAuthenticationInfoProtocol; public class TerminalAuthenticationProtocolTest { private static PrivateKey privateKey; private static PublicKey publicKey; private static TerminalAuthenticationInfoProtocol protocol = TerminalAuthenticationInfoProtocol.ID_TA_ECDSA_SHA_256; @BeforeClass public static void init() throws NoSuchAlgorithmException, NoSuchProviderException, InvalidAlgorithmParameterException { Security.addProvider(new BouncyCastleProvider()); ECGenParameterSpec ecSpec = new ECGenParameterSpec("BrainpoolP256r1"); KeyPairGenerator g = KeyPairGenerator.getInstance("ECDSA", "BC"); g.initialize(ecSpec, new SecureRandom()); KeyPair pair = g.generateKeyPair(); privateKey = pair.getPrivate(); publicKey = pair.getPublic(); } @Test @Ignore public void sha256PositivSignatureTest() throws InvalidKeyException, SignatureException { byte[] data = "hello world".getBytes(); byte[] signature = protocol.getSigner().sign(data, privateKey); Assert.assertTrue(protocol.getSigner().verify(data, signature, publicKey)); } @Test @Ignore public void sha256NegativSignatureTest() throws InvalidKeyException, SignatureException { byte[] data = "hello world invalid".getBytes(); byte[] data2 = "hello world correct".getBytes(); byte[] signature = protocol.getSigner().sign(data, privateKey); Assert.assertFalse(protocol.getSigner().verify(data2, signature, publicKey)); } @Test public void testPlainmodeSignatureTransformationCorrectness() { String signature = "304502204C2A9C94E1F498755B8354ECC2DB220CC65EE45ACC41344875EDE8953CD80C60022100A09FB1E6EAD9545227A7CBF94552188BD6A220E87D801A3D6B6D51E3971B7932"; byte[] signatureHex = Utils.hexStringToByteArray(signature); byte[] plainSignatures = TerminalAuthenticationInfoProtocol.convertToPlainMode(signatureHex); Assert.assertNotSame(signatureHex, plainSignatures); } }