Refactoring in jce.provider.test:

peterdettman · peterdettman · commit da4636f85c97 · 2025-03-18T14:27:08.000+07:00
- add missing tests to RegressionTest and sort the list
- cleanup unused test utils
diff --git a/prov/src/test/java/org/bouncycastle/jce/provider/test/RegressionTest.java b/prov/src/test/java/org/bouncycastle/jce/provider/test/RegressionTest.java
@@ -8,92 +8,99 @@
 
 public class RegressionTest
 {
-    public static Test[]    tests = {
-        new FIPSDESTest(),
-        new DESedeTest(),
-        new AESTest(),
+    public static Test[] tests = {
         new AEADTest(),
-        new CamelliaTest(),
-        new SEEDTest(),
         new AESSICTest(),
-        new GOST28147Test(),
-        new PBETest(),
+        new AESTest(),
+        new AlgorithmParametersTest(),
+        new ARIATest(),
+        new BCFKSStoreTest(),
         new BlockCipherTest(),
-        new MacTest(),
-        new HMacTest(),
-        new SealedTest(),
-        new RSATest(),
-        new DHTest(),
+        new CamelliaTest(),
+        new CertLocaleTest(),
+        new CertPathBuilderTest(),
+        new CertPathTest(),
+        new CertPathValidatorTest(),
+        new CertStoreTest(),
+        new CertTest(),
+        new CertUniqueIDTest(),
+        new ChaCha20Poly1305Test(),
+        new CipherStreamTest(),
+        new CipherStreamTest2(),
+        new CMacTest(),
+        new CRL5Test(),
+        new DESedeTest(),
+        new DetDSATest(),
         new DHIESTest(),
+        new DHTest(),
+        new DigestTest(),
+        new DoFinalTest(),
+        new DRBGTest(),
         new DSATest(),
-        new ImplicitlyCaTest(),
-        new ECNRTest(),
+        new DSTU4145Test(),
+        new DSTU7624Test(),
+        new ECDSA5Test(),
+        new ECEncodingTest(),
         new ECIESTest(),
         new ECIESVectorTest(),
-        new ECDSA5Test(),
-        new GOST3410Test(),
+        new ECNRTest(),
+        new EdECTest(),
         new ElGamalTest(),
-        new IESTest(),
-        new SigTest(),
-        new CertTest(),
-        new PKCS10CertRequestTest(),
         new EncryptedPrivateKeyInfoTest(),
+        new FIPSDESTest(),
+        new GMacTest(),
+        new GOST28147Test(),
+        new GOST3410KeyPairTest(),
+        new GOST3410Test(),
+        new GOST3412Test(),
+        new HMacTest(),
+        new IESTest(),
+        new ImplicitlyCaTest(),
+        new KeccakTest(),
         new KeyStoreTest(),
-        new PKCS12StoreTest(),
-        new DigestTest(),
-        new PSSTest(),
-        new WrapTest(),
-        new DoFinalTest(),
-        new CipherStreamTest(),
-        new CipherStreamTest2(),
+        new MacTest(),
+        new MQVTest(),
+        new MultiCertStoreTest(),
         new NamedCurveTest(),
-        new PKIXTest(),
         new NetscapeCertRequestTest(),
-        new X509StreamParserTest(),
-        new X509CertificatePairTest(),
-        new CertPathTest(),
-        new CertStoreTest(),
-        new CertPathValidatorTest(),
-        new CertPathBuilderTest(),
-        new ECEncodingTest(),
-        new AlgorithmParametersTest(),
         new NISTCertPathTest(),
-        new PKIXPolicyMappingTest(),
-        new SlotTwoTest(),
-        new PKIXNameConstraintsTest(),
-        new MultiCertStoreTest(),
         new NoekeonTest(),
-        new SerialisationTest(),
-        new SigNameTest(),
-        new MQVTest(),
-        new CMacTest(),
-        new GMacTest(),
         new OCBTest(),
-        new DSTU4145Test(),
-        new CRL5Test(),
+        new OpenSSHSpecTests(),
+        new PBETest(),
+        new PKCS10CertRequestTest(),
+        new PKCS12StorePBETest(),
+        new PKCS12StoreTest(),
+        new PKIXNameConstraintsTest(),
+        new PKIXPolicyMappingTest(),
+        new PKIXTest(),
         new Poly1305Test(),
+        new PQCDHTest(),
+        new PSSTest(),
+        new RSATest(),
+        new SealedTest(),
+        new SEEDTest(),
+        new SerialisationTest(),
+        new Shacal2Test(),
+        new SigNameTest(),
+        new SignatureTest(),
+        new SigTest(),
+        new SipHash128Test(),
         new SipHashTest(),
-        new KeccakTest(),
         new SkeinTest(),
-        new Shacal2Test(),
-        new DetDSATest(),
-        new ThreefishTest(),
+        new SlotTwoTest(),
+        new SM2CipherTest(),
         new SM2SignatureTest(),
         new SM4Test(),
+        new ThreefishTest(),
         new TLSKDFTest(),
-        new BCFKSStoreTest(),
-        new DSTU7624Test(),
-        new GOST3412Test(),
-        new GOST3410KeyPairTest(),
-        new EdECTest(),
-        new OpenSSHSpecTests(),
-        new SM2CipherTest(),
-        new ZucTest(),
-        new ChaCha20Poly1305Test(),
-        new SipHash128Test(),
-        new XOFTest(),
+        new WrapTest(),
+        new X509CertificatePairTest(),
+        new X509LDAPCertStoreTest(),
+        new X509StreamParserTest(),
         new XIESTest(),
-        new CertLocaleTest()
+        new XOFTest(),
+        new ZucTest(),
     };
 
     public static void main(String[] args)
diff --git a/prov/src/test/java/org/bouncycastle/jce/provider/test/TestCertificateGen.java b/prov/src/test/java/org/bouncycastle/jce/provider/test/TestCertificateGen.java
@@ -1,15 +1,10 @@
 package org.bouncycastle.jce.provider.test;
 
 import java.io.ByteArrayInputStream;
-import java.io.IOException;
 import java.math.BigInteger;
 import java.security.KeyPair;
-import java.security.KeyPairGenerator;
-import java.security.MessageDigest;
-import java.security.NoSuchAlgorithmException;
 import java.security.PrivateKey;
 import java.security.PublicKey;
-import java.security.SecureRandom;
 import java.security.Signature;
 import java.security.cert.CertificateFactory;
 import java.security.cert.X509CRL;
@@ -29,17 +24,13 @@
 import org.bouncycastle.asn1.x500.X500Name;
 import org.bouncycastle.asn1.x509.AlgorithmIdentifier;
 import org.bouncycastle.asn1.x509.AuthorityKeyIdentifier;
-import org.bouncycastle.asn1.x509.BasicConstraints;
 import org.bouncycastle.asn1.x509.CRLNumber;
 import org.bouncycastle.asn1.x509.CRLReason;
-import org.bouncycastle.asn1.x509.Certificate;
 import org.bouncycastle.asn1.x509.Extension;
 import org.bouncycastle.asn1.x509.Extensions;
 import org.bouncycastle.asn1.x509.ExtensionsGenerator;
 import org.bouncycastle.asn1.x509.GeneralName;
 import org.bouncycastle.asn1.x509.GeneralNames;
-import org.bouncycastle.asn1.x509.KeyUsage;
-import org.bouncycastle.asn1.x509.SubjectKeyIdentifier;
 import org.bouncycastle.asn1.x509.SubjectPublicKeyInfo;
 import org.bouncycastle.asn1.x509.TBSCertList;
 import org.bouncycastle.asn1.x509.TBSCertificate;
@@ -190,83 +181,6 @@ public static X509Certificate createCertWithIDs(X500Name signerName, String sigN
         return (X509Certificate)CertificateFactory.getInstance("X.509", "BC").generateCertificate(new ByteArrayInputStream(new DERSequence(v).getEncoded(ASN1Encoding.DER)));
     }
 
-    /**
-     * Create a random 1024 bit RSA key pair
-     */
-    public static KeyPair generateRSAKeyPair()
-        throws Exception
-    {
-        KeyPairGenerator kpGen = KeyPairGenerator.getInstance("RSA", "BC");
-
-        kpGen.initialize(1024, new SecureRandom());
-
-        return kpGen.generateKeyPair();
-    }
-
-    public static X509Certificate generateRootCert(KeyPair pair)
-        throws Exception
-    {
-        return createSelfSignedCert("CN=Test CA Certificate", "SHA256withRSA", pair);
-    }
-
-    public static X509Certificate generateRootCert(KeyPair pair, X500Name dn)
-        throws Exception
-    {
-        return createSelfSignedCert(dn, "SHA256withRSA", pair);
-    }
-
-    public static X509Certificate generateIntermediateCert(PublicKey intKey, PrivateKey caKey, X509Certificate caCert)
-        throws Exception
-    {
-        return generateIntermediateCert(
-            intKey, new X500Name("CN=Test Intermediate Certificate"), caKey, caCert);
-    }
-
-    public static X509Certificate generateIntermediateCert(PublicKey intKey, X500Name subject, PrivateKey caKey, X509Certificate caCert)
-        throws Exception
-    {
-        Certificate caCertLw = Certificate.getInstance(caCert.getEncoded());
-
-        ExtensionsGenerator extGen = new ExtensionsGenerator();
-
-        extGen.addExtension(Extension.authorityKeyIdentifier, false, new AuthorityKeyIdentifier(getDigest(caCertLw.getSubjectPublicKeyInfo()),
-            new GeneralNames(new GeneralName(caCertLw.getIssuer())),
-            caCertLw.getSerialNumber().getValue()));
-        extGen.addExtension(Extension.subjectKeyIdentifier, false, new SubjectKeyIdentifier(getDigest(SubjectPublicKeyInfo.getInstance(intKey.getEncoded()))));
-        extGen.addExtension(Extension.basicConstraints, true, new BasicConstraints(0));
-        extGen.addExtension(Extension.keyUsage, true, new KeyUsage(KeyUsage.digitalSignature | KeyUsage.keyCertSign | KeyUsage.cRLSign));
-
-        return createCert(
-            caCertLw.getSubject(),
-            caKey, subject, "SHA256withRSA", extGen.generate(), intKey);
-    }
-
-    public static X509Certificate generateEndEntityCert(PublicKey intKey, PrivateKey caKey, X509Certificate caCert)
-        throws Exception
-    {
-        return generateEndEntityCert(
-            intKey, new X500Name("CN=Test End Certificate"), caKey, caCert);
-    }
-
-    public static X509Certificate generateEndEntityCert(PublicKey entityKey, X500Name subject, PrivateKey caKey, X509Certificate caCert)
-        throws Exception
-    {
-        Certificate caCertLw = Certificate.getInstance(caCert.getEncoded());
-
-        ExtensionsGenerator extGen = new ExtensionsGenerator();
-
-        extGen.addExtension(Extension.authorityKeyIdentifier, false, new AuthorityKeyIdentifier(getDigest(caCertLw.getSubjectPublicKeyInfo()),
-            new GeneralNames(new GeneralName(caCertLw.getIssuer())),
-            caCertLw.getSerialNumber().getValue()));
-        extGen.addExtension(Extension.subjectKeyIdentifier, false, new SubjectKeyIdentifier(getDigest(entityKey.getEncoded())));
-        extGen.addExtension(Extension.basicConstraints, true, new BasicConstraints(0));
-        extGen.addExtension(Extension.keyUsage, true, new KeyUsage(KeyUsage.digitalSignature | KeyUsage.keyCertSign | KeyUsage.cRLSign));
-
-        return createCert(
-            caCertLw.getSubject(),
-            caKey, subject, "SHA256withRSA", extGen.generate(), entityKey);
-    }
-
     public static X509CRL createCRL(
         X509Certificate caCert,
         PrivateKey caKey,
@@ -309,23 +223,23 @@ public static X509CRL createCRL(
         return (X509CRL)CertificateFactory.getInstance("X.509", "BC").generateCRL(new ByteArrayInputStream(new DERSequence(v).getEncoded(ASN1Encoding.DER)));
     }
 
-    private static byte[] getDigest(SubjectPublicKeyInfo spki)
-        throws IOException
-    {
-        return getDigest(spki.getPublicKeyData().getBytes());
-    }
-
-    private static byte[] getDigest(byte[] bytes)
-    {
-        try
-        {
-            return MessageDigest.getInstance("SHA1").digest(bytes);
-        }
-        catch (NoSuchAlgorithmException e)
-        {
-            return null;
-        }
-    }
+//    private static byte[] getDigest(SubjectPublicKeyInfo spki)
+//        throws IOException
+//    {
+//        return getDigest(spki.getPublicKeyData().getBytes());
+//    }
+
+//    private static byte[] getDigest(byte[] bytes)
+//    {
+//        try
+//        {
+//            return MessageDigest.getInstance("SHA1").digest(bytes);
+//        }
+//        catch (NoSuchAlgorithmException e)
+//        {
+//            return null;
+//        }
+//    }
 
     private static DERBitString booleanToBitString(boolean[] id)
     {
diff --git a/prov/src/test/java/org/bouncycastle/jce/provider/test/TestUtils.java b/prov/src/test/java/org/bouncycastle/jce/provider/test/TestUtils.java
@@ -255,8 +255,8 @@ public static X509Certificate generateEndEntityCert(PublicKey entityKey, X500Nam
             new GeneralNames(new GeneralName(caCertLw.getIssuer())),
             caCertLw.getSerialNumber().getValue()));
         extGen.addExtension(Extension.subjectKeyIdentifier, false, new SubjectKeyIdentifier(getDigest(entityKey.getEncoded())));
-        extGen.addExtension(Extension.basicConstraints, true, new BasicConstraints(0));
-        extGen.addExtension(Extension.keyUsage, true, new KeyUsage(KeyUsage.digitalSignature | KeyUsage.keyCertSign | KeyUsage.cRLSign));
+        extGen.addExtension(Extension.basicConstraints, true, new BasicConstraints(false));
+        extGen.addExtension(Extension.keyUsage, true, new KeyUsage(KeyUsage.digitalSignature));
 
         return createCert(
             caCertLw.getSubject(),
@@ -280,8 +280,8 @@ public static X509Certificate generateEndEntityCert(PublicKey entityKey, X500Nam
             new GeneralNames(new GeneralName(caCertLw.getIssuer())),
             caCertLw.getSerialNumber().getValue()));
         extGen.addExtension(Extension.subjectKeyIdentifier, false, new SubjectKeyIdentifier(getDigest(entityKey.getEncoded())));
-        extGen.addExtension(Extension.basicConstraints, true, new BasicConstraints(0));
-        extGen.addExtension(Extension.keyUsage, true, new KeyUsage(KeyUsage.digitalSignature | KeyUsage.keyCertSign | KeyUsage.cRLSign));
+        extGen.addExtension(Extension.basicConstraints, true, new BasicConstraints(false));
+        extGen.addExtension(Extension.keyUsage, true, new KeyUsage(KeyUsage.digitalSignature));
         if (keyPurpose2 == null)
         {
             extGen.addExtension(Extension.extendedKeyUsage, true, new ExtendedKeyUsage(keyPurpose1));
diff --git a/prov/src/test/java/org/bouncycastle/jce/provider/test/X509LDAPCertStoreTest.java b/prov/src/test/java/org/bouncycastle/jce/provider/test/X509LDAPCertStoreTest.java
