stan/jdk-24
1
0
Fork 0
Code Issues Pull Requests Actions Packages Projects Releases Wiki Activity

8342183: Update tests to use stronger algorithms and keys

Browse Source 
Reviewed-by: rhalade, ascarpino
This commit is contained in:
Fernando Guallini 2024-11-01 17:52:20 +00:00 committed by Rajan Halade
parent 1eccdfc622
commit c82ad845e1
35 changed files with 259 additions and 125 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

2
test/jdk/com/sun/crypto/provider/CICO/CICOSkipTest.java
View File

@ -75,7 +75,7 @@ public class CICOSkipTest {
"OFB", "OFB64", "PCBC"};
private static final String[] PADDINGS = {"NoPadding", "Pkcs5Padding"};
private static final String[] PBE_ALGOS = {"PBEWithMD5AndDES",
"PBEWithMD5AndDES/CBC/PKCS5Padding"};
"PBEWithMD5AndDES/CBC/PKCS5Padding", "PBEWithSHA1AndDESede"};
public static void main(String[] args) throws Exception {
// how many kinds of padding mode such as PKCS5padding and NoPadding

6
test/jdk/com/sun/crypto/provider/Cipher/KeyWrap/TestCipherKeyWrapperTest.java
View File

@ -167,7 +167,8 @@ public class TestCipherKeyWrapperTest {
test.wrapperPBEKeyTest(provider);
// Public and private key wrap test
test.wrapperPublicPriviteKeyTest(provider, publicPrivateAlgos);
test.wrapperPublicPriviteKeyTest(provider, publicPrivateAlgos, "DES");
test.wrapperPublicPriviteKeyTest(provider, publicPrivateAlgos, "AES");
}
private void wrapperAesDESedeKeyTest(String algo, String wrapAlgo,
@ -263,7 +264,7 @@ public class TestCipherKeyWrapperTest {
}
}
private void wrapperPublicPriviteKeyTest(Provider p, String[] algorithms)
private void wrapperPublicPriviteKeyTest(Provider p, String[] algorithms, String algoWrap)
throws NoSuchAlgorithmException, InvalidKeyException,
NoSuchPaddingException, IllegalBlockSizeException,
InvalidAlgorithmParameterException {
@ -275,7 +276,6 @@ public class TestCipherKeyWrapperTest {
kpg.initialize(SecurityUtils.getTestKeySize(algo));
KeyPair kp = kpg.genKeyPair();
// key generated
String algoWrap = "DES";
KeyGenerator kg = KeyGenerator.getInstance(algoWrap, p);
Key key = kg.generateKey();
wrapTest(algo, algoWrap, key, kp.getPrivate(), Cipher.PRIVATE_KEY,

2
test/jdk/com/sun/crypto/provider/Cipher/PBE/TestCipherPBECons.java
View File

@ -40,7 +40,7 @@ import javax.crypto.NoSuchPaddingException;
public class TestCipherPBECons {
private static final String[] PBEAlgorithms = {"pbeWithMD5ANDdes",
"PBEWithMD5AndTripleDES"};
"PBEWithMD5AndTripleDES", "PBEWithSHA1AndDESede"};
private static final String[] cipherModes = {"ECb", "cbC", "cFB", "Cfb32",
"OfB", "oFb64", "pCbC"};
private static final String[] cipherPaddings = {"Pkcs5Padding", "NoPaDDing"};

20
test/jdk/com/sun/crypto/provider/KeyAgreement/DHKeyAgreement2.java
View File

@ -232,20 +232,26 @@ public class DHKeyAgreement2 {
}
System.err.println("Shared secrets are the same");
testSecretKey(bobKeyAgree, alicePubKey, "DES");
testSecretKey(bobKeyAgree, alicePubKey, "AES");
}
private static void testSecretKey(KeyAgreement bobKeyAgree, PublicKey alicePubKey, String algo)
throws Exception {
// Now let's return the shared secret as a SecretKey object
// and use it for encryption
System.out.println("Return shared secret as SecretKey object ...");
System.out.println("Return shared secret as SecretKey object with algorithm: " + algo);
bobKeyAgree.doPhase(alicePubKey, true);
SecretKey desKey = bobKeyAgree.generateSecret("DES");
SecretKey key = bobKeyAgree.generateSecret(algo);
Cipher desCipher = Cipher.getInstance("DES/ECB/PKCS5Padding");
desCipher.init(Cipher.ENCRYPT_MODE, desKey);
Cipher cipher = Cipher.getInstance(algo + "/ECB/PKCS5Padding");
cipher.init(Cipher.ENCRYPT_MODE, key);
byte[] cleartext = "This is just an example".getBytes();
byte[] ciphertext = desCipher.doFinal(cleartext);
byte[] ciphertext = cipher.doFinal(cleartext);
desCipher.init(Cipher.DECRYPT_MODE, desKey);
byte[] cleartext1 = desCipher.doFinal(ciphertext);
cipher.init(Cipher.DECRYPT_MODE, key);
byte[] cleartext1 = cipher.doFinal(ciphertext);
int clearLen = cleartext.length;
int clear1Len = cleartext1.length;

30
test/jdk/com/sun/crypto/provider/KeyAgreement/SupportedDHParamGens.java
View File

@ -24,6 +24,7 @@
/**
* @test
* @bug 8072452 8163498
* @library /test/lib
* @summary Support DHE sizes up to 8192-bits and DSA sizes up to 3072-bits
* This test has been split based on lower/higher key sizes in order to
* reduce individual execution times and run in parallel
@ -33,14 +34,16 @@
* @run main/timeout=300 SupportedDHParamGens 832
* @run main/timeout=300 SupportedDHParamGens 1024
* @run main/timeout=600 SupportedDHParamGens 2048
* @run main/timeout=600 SupportedDHParamGens 3072
* @run main/timeout=600 SupportedDHParamGens 4096
*/
import java.math.BigInteger;
import java.security.*;
import javax.crypto.*;
import javax.crypto.interfaces.*;
import javax.crypto.spec.*;
import jdk.test.lib.security.DiffieHellmanGroup;
import jdk.test.lib.security.SecurityUtils;
public class SupportedDHParamGens {
@ -48,12 +51,18 @@ public class SupportedDHParamGens {
int primeSize = Integer.valueOf(args[0]).intValue();
System.out.println("Checking " + primeSize + " ...");
AlgorithmParameterGenerator apg =
AlgorithmParameterGenerator.getInstance("DH",
System.getProperty("test.provider.name", "SunJCE"));
apg.init(primeSize);
AlgorithmParameters ap = apg.generateParameters();
DHParameterSpec spec = ap.getParameterSpec(DHParameterSpec.class);
DHParameterSpec spec = null;
switch (primeSize) {
case 2048, 3072, 4096 -> spec = getDHParameterSpec(primeSize);
default -> {
AlgorithmParameterGenerator apg =
AlgorithmParameterGenerator.getInstance("DH",
System.getProperty("test.provider.name", "SunJCE"));
apg.init(primeSize);
AlgorithmParameters ap = apg.generateParameters();
spec = ap.getParameterSpec(DHParameterSpec.class);
}
}
KeyPairGenerator kpg = KeyPairGenerator.getInstance("DH",
System.getProperty("test.provider.name", "SunJCE"));
@ -62,6 +71,11 @@ public class SupportedDHParamGens {
checkKeyPair(kp, primeSize);
}
private static DHParameterSpec getDHParameterSpec(int primeSize) {
DiffieHellmanGroup dhGroup = SecurityUtils.getTestDHGroup(primeSize);
return new DHParameterSpec(dhGroup.getPrime(), dhGroup.getBase());
}
private static void checkKeyPair(KeyPair kp, int pSize) throws Exception {
DHPrivateKey privateKey = (DHPrivateKey)kp.getPrivate();

1
test/jdk/com/sun/crypto/provider/KeyAgreement/SupportedDHParamGensLongKey.java
View File

@ -24,6 +24,7 @@
/**
* @test
* @bug 8072452 8163498
* @library /test/lib
* @summary Support DHE sizes up to 8192-bits and DSA sizes up to 3072-bits
* This test has been split based on lower/higher key sizes in order to
* reduce individual execution times and run in parallel

4
test/jdk/com/sun/crypto/provider/KeyGenerator/TestExplicitKeyLength.java
View File

@ -35,10 +35,10 @@ import java.util.*;
public class TestExplicitKeyLength {
private static final String ALGOS[] = { "RC2", "ARCFOUR" };
private static final String ALGOS[] = { "RC2", "ARCFOUR", "AES", "AES", "AES" };
private static final int KEY_SIZES[] =
{ 64, 80 }; // in bits
{ 64, 80, 128, 192, 256 }; // in bits
public static void runTest(String algo, int keysize) throws Exception {
KeyGenerator kg = KeyGenerator.getInstance(algo,

4
test/jdk/com/sun/crypto/provider/Mac/HmacSaltLengths.java
View File

@ -41,6 +41,10 @@ public class HmacSaltLengths {
private static final String[] ALGOS = {
"HmacPBESHA1",
"HmacPBESHA224",
"HmacPBESHA256",
"HmacPBESHA384",
"HmacPBESHA512",
"PBEWithHmacSHA1",
"PBEWithHmacSHA224",
"PBEWithHmacSHA256",

5
test/jdk/com/sun/crypto/provider/Mac/MacClone.java
View File

@ -26,6 +26,8 @@
* @bug 7087021 8013069 8288050
* @summary Clone tests for all MAC algorithms.
* @author Jan Luehe
* @run main MacClone DES
* @run main MacClone AES
*/
import java.security.spec.AlgorithmParameterSpec;
import javax.crypto.*;
@ -39,7 +41,8 @@ public class MacClone {
"HmacSHA384", "HmacSHA512", "HmacSHA512/224",
"HmacSHA512/256",
};
KeyGenerator kgen = KeyGenerator.getInstance("DES");
String keyAlgo = args[0];
KeyGenerator kgen = KeyGenerator.getInstance(keyAlgo);
SecretKey skey = kgen.generateKey();
for (String algo : algos) {
doTest(algo, skey, null);

4
test/jdk/java/security/KeyStore/TestKeyStoreEntry.java
View File

@ -1,5 +1,5 @@
/*
* Copyright (c) 2001, 2020, Oracle and/or its affiliates. All rights reserved.
* Copyright (c) 2001, 2024, Oracle and/or its affiliates. All rights reserved.
* DO NOT ALTER OR REMOVE COPYRIGHT NOTICES OR THIS FILE HEADER.
*
* This code is free software; you can redistribute it and/or modify it
@ -47,7 +47,7 @@ public class TestKeyStoreEntry {
private static final char[] PASSWDF = new String("guardian Angel")
.toCharArray();
private static final String[] KS_ALGOS = {
"DES", "DESede", "Blowfish"
"DES", "DESede", "Blowfish", "AES"
};
private static final int NUM_ALGOS = KS_ALGOS.length;

5
test/jdk/java/security/MessageDigest/ByteBuffers.java
View File

@ -27,6 +27,8 @@
* @summary Test the MessageDigest.update(ByteBuffer) method
* @author Andreas Sterbenz
* @key randomness
* @run main ByteBuffers MD5
* @run main ByteBuffers SHA-1
*/
import java.util.*;
@ -43,7 +45,8 @@ public class ByteBuffers {
byte[] t = new byte[n];
random.nextBytes(t);
MessageDigest md = MessageDigest.getInstance("MD5", p);
String digestAlgo = args[0];
MessageDigest md = MessageDigest.getInstance(digestAlgo, p);
byte[] d1 = md.digest(t);
// test 1: ByteBuffer with an accessible backing array

11
test/jdk/java/security/Signature/ByteBuffers.java
View File

@ -27,6 +27,8 @@
* @summary Test the Signature.update(ByteBuffer) method
* @author Andreas Sterbenz
* @key randomness
* @run main ByteBuffers DSA 512
* @run main ByteBuffers SHA256withDSA 2048
*/
import java.util.*;
@ -44,11 +46,14 @@ public class ByteBuffers {
byte[] t = new byte[n];
random.nextBytes(t);
KeyPairGenerator kpg = KeyPairGenerator.getInstance("DSA", p);
kpg.initialize(512);
String kpgAlgorithm = "DSA";
int keySize = Integer.parseInt(args[1]);
KeyPairGenerator kpg = KeyPairGenerator.getInstance(kpgAlgorithm, p);
kpg.initialize(keySize);
KeyPair kp = kpg.generateKeyPair();
Signature sig = Signature.getInstance("DSA", p);
String signAlgo = args[0];
Signature sig = Signature.getInstance(signAlgo, p);
sig.initSign(kp.getPrivate());
sig.update(t);
byte[] signature = sig.sign();

17
test/jdk/java/security/Signature/SignWithOutputBuffer.java
View File

@ -1,5 +1,5 @@
/*
* Copyright (c) 1998, Oracle and/or its affiliates. All rights reserved.
* Copyright (c) 1998, 2024, Oracle and/or its affiliates. All rights reserved.
* DO NOT ALTER OR REMOVE COPYRIGHT NOTICES OR THIS FILE HEADER.
*
* This code is free software; you can redistribute it and/or modify it
@ -26,6 +26,8 @@
* @bug 4114896
* @summary Signature should support a sign() method that places the signature
* in an already existing array.
* @run main SignWithOutputBuffer DSS 512
* @run main SignWithOutputBuffer SHA256withDSA 2048
*/
import java.security.*;
@ -36,11 +38,14 @@ public class SignWithOutputBuffer {
int numBytes;
KeyPairGenerator kpGen = KeyPairGenerator.getInstance("DSA");
kpGen.initialize(512);
String kpgAlgorithm = "DSA";
int keySize = Integer.parseInt(args[1]);
KeyPairGenerator kpGen = KeyPairGenerator.getInstance(kpgAlgorithm);
kpGen.initialize(keySize);
KeyPair kp = kpGen.genKeyPair();
Signature sig = Signature.getInstance("DSS");
String signAlgo = args[0];
Signature sig = Signature.getInstance(signAlgo);
sig.initSign(kp.getPrivate());
sig.update((byte)0xff);
@ -55,10 +60,10 @@ public class SignWithOutputBuffer {
}
// Now repeat the same with a buffer that's big enough
sig = Signature.getInstance("DSS");
sig = Signature.getInstance(signAlgo);
sig.initSign(kp.getPrivate());
sig.update((byte)0xff);
out = new byte[48];
out = new byte[64];
numBytes = sig.sign(out, 0, out.length);
System.out.println("Signature len="+numBytes);

11
test/jdk/java/security/Signature/SignatureGetInstance.java
View File

@ -27,7 +27,8 @@
* @summary Ensure the BC provider-reselection workaround in Signature class
* functions correctly
* @modules java.base/sun.security.util
* @run main/othervm SignatureGetInstance
* @run main/othervm SignatureGetInstance default
* @run main/othervm SignatureGetInstance SHA-256
*/
import java.security.*;
import java.security.interfaces.*;
@ -37,8 +38,12 @@ import sun.security.util.SignatureUtil;
public class SignatureGetInstance {
private static final String SIGALG = "RSASSA-PSS";
private static PSSParameterSpec pssParamSpec;
public static void main(String[] args) throws Exception {
String mdName = args[0];
pssParamSpec = "default".equals(mdName) ? PSSParameterSpec.DEFAULT :
new PSSParameterSpec(mdName, "MGF1", new MGF1ParameterSpec(mdName), 20, 1);
Provider testProvider = new TestProvider();
// put test provider before SunRsaSign provider
Security.insertProviderAt(testProvider, 1);
@ -85,7 +90,7 @@ public class SignatureGetInstance {
private static void testDblInit(PrivateKey key1, PublicKey key2,
boolean shouldPass, String expectedProvName) throws Exception {
Signature sig = Signature.getInstance(SIGALG);
SignatureUtil.initSignWithParam(sig, key1, PSSParameterSpec.DEFAULT, null);
SignatureUtil.initSignWithParam(sig, key1, pssParamSpec, null);
try {
sig.initVerify(key2);
if (!shouldPass) {
@ -108,7 +113,7 @@ public class SignatureGetInstance {
} else {
sig = Signature.getInstance(SIGALG, provName);
}
AlgorithmParameterSpec params = PSSParameterSpec.DEFAULT;
AlgorithmParameterSpec params = pssParamSpec;
boolean doSign = (key instanceof PrivateKey);
try {
if (doSign) {

17
test/jdk/java/security/Signature/TestInitSignWithMyOwnRandom.java
View File

@ -24,23 +24,30 @@
/**
* @test
* @bug 4716321
* @library /test/lib
* @summary Ensure the random source supplied in
* Signature.initSign(PrivateKey, SecureRandom) is used.
* @run main TestInitSignWithMyOwnRandom DSA 512
* @run main TestInitSignWithMyOwnRandom SHA256withDSA 2048
*/
import java.security.*;
import jdk.test.lib.security.SecurityUtils;
public class TestInitSignWithMyOwnRandom {
public static void main(String[] argv) throws Exception {
public static void main(String[] args) throws Exception {
// any signature implementation will do as long as
// it needs a random source
Provider p = Security.getProvider(
System.getProperty("test.provider.name", "SUN"));
KeyPairGenerator kpg = KeyPairGenerator.getInstance("DSA", p);
kpg.initialize(512);
System.getProperty("test.provider.name", "SUN"));
String kpgAlgorithm = "DSA";
int keySize = Integer.parseInt(args[1]);
KeyPairGenerator kpg = KeyPairGenerator.getInstance(kpgAlgorithm, p);
kpg.initialize(keySize);
KeyPair kp = kpg.generateKeyPair();
TestRandomSource rand = new TestRandomSource();
Signature sig = Signature.getInstance("DSA", p);
String signAlgo = args[0];
Signature sig = Signature.getInstance(signAlgo, p);
sig.initSign(kp.getPrivate(), rand);
sig.update(new byte[20]);
sig.sign();

2
test/jdk/java/security/Signature/VerifyRangeCheckOverflow.java
View File

@ -48,7 +48,7 @@ public class VerifyRangeCheckOverflow {
PublicKey publicKey = keys.getPublic();
byte[] sigBytes = new byte[100];
Signature signature = Signature.getInstance("SHA1withDSA");
Signature signature = Signature.getInstance("SHA256withDSA");
signature.initVerify(publicKey);
try {
signature.verify(sigBytes, Integer.MAX_VALUE, 1);

2
test/jdk/java/security/SignedObject/Chain.java
View File

@ -165,6 +165,8 @@ public class Chain {
new Test(SigAlg.SHA1withDSA, KeyAlg.DSA, Provider.Default, 1024),
new Test(SigAlg.MD2withRSA, KeyAlg.RSA, Provider.Default),
new Test(SigAlg.MD5withRSA, KeyAlg.RSA, Provider.Default),
new Test(SigAlg.SHA224withRSA, KeyAlg.RSA, Provider.Default),
new Test(SigAlg.SHA256withRSA, KeyAlg.RSA, Provider.Default),
new Test(SigAlg.SHA3_224withRSA, KeyAlg.RSA, Provider.Default),
new Test(SigAlg.SHA3_256withRSA, KeyAlg.RSA, Provider.Default),
new Test(SigAlg.SHA3_384withRSA, KeyAlg.RSA, Provider.Default),

14
test/jdk/java/security/SignedObject/Copy.java
View File

@ -31,31 +31,35 @@ import java.security.SignedObject;
* @test
* @bug 8050374
* @summary Checks if a signed object is a copy of an original object
* @run main Copy DSA 512
* @run main Copy SHA256withDSA 2048
*/
public class Copy {
private static final String DSA = "DSA";
private static final int KEY_SIZE = 512;
private static final int MAGIC = 123;
public static void main(String args[]) throws Exception {
int keySize = Integer.parseInt(args[1]);
KeyPairGenerator kg = KeyPairGenerator.getInstance(DSA);
kg.initialize(KEY_SIZE);
kg.initialize(keySize);
KeyPair kp = kg.genKeyPair();
Signature signature = Signature.getInstance(DSA);
String signAlgo = args[0];
Signature signature = Signature.getInstance(signAlgo);
Test original = new Test();
SignedObject so = new SignedObject(original, kp.getPrivate(),
signature);
System.out.println("Signature algorithm: " + so.getAlgorithm());
signature = Signature.getInstance(DSA, System.getProperty("test.provider.name", "SUN"));
signature = Signature.getInstance(signAlgo,
System.getProperty("test.provider.name", "SUN"));
if (!so.verify(kp.getPublic(), signature)) {
throw new RuntimeException("Verification failed");
}
kg = KeyPairGenerator.getInstance(DSA);
kg.initialize(KEY_SIZE);
kg.initialize(keySize);
kp = kg.genKeyPair();
if (so.verify(kp.getPublic(), signature)) {

10
test/jdk/javax/crypto/Cipher/ByteBuffers.java
View File

@ -27,6 +27,8 @@
* @summary Test the Cipher.update/doFinal(ByteBuffer, ByteBuffer) methods
* @author Andreas Sterbenz
* @key randomness
* @run main ByteBuffers DES 8
* @run main ByteBuffers AES 16
*/
import java.util.*;
@ -47,11 +49,13 @@ public class ByteBuffers {
byte[] t = new byte[n];
random.nextBytes(t);
byte[] keyBytes = new byte[8];
int keyInt = Integer.parseInt(args[1]);
byte[] keyBytes = new byte[keyInt];
random.nextBytes(keyBytes);
SecretKey key = new SecretKeySpec(keyBytes, "DES");
String algo = args[0];
SecretKey key = new SecretKeySpec(keyBytes, algo);
Cipher cipher = Cipher.getInstance("DES/ECB/NoPadding");
Cipher cipher = Cipher.getInstance(algo + "/ECB/NoPadding");
cipher.init(Cipher.ENCRYPT_MODE, key);
byte[] outBytes = cipher.doFinal(t);

28
test/jdk/javax/crypto/Cipher/TestGetInstance.java
View File

@ -26,10 +26,13 @@
* @bug 4898428
* @summary test that the new getInstance() implementation works correctly
* @author Andreas Sterbenz
* @run main TestGetInstance DES PBEWithMD5AndTripleDES
* @run main TestGetInstance AES PBEWithHmacSHA1AndAES_128
*/
import java.security.*;
import java.security.spec.*;
import java.util.Locale;
import javax.crypto.*;
@ -42,61 +45,64 @@ public class TestGetInstance {
}
public static void main(String[] args) throws Exception {
String algo = args[0];
String algoLC = algo.toLowerCase(Locale.ROOT);
String pbeAlgo = args[1];
Provider p = Security.getProvider(
System.getProperty("test.provider.name", "SunJCE"));
Cipher c;
c = Cipher.getInstance("PBEWithMD5AndTripleDES");
c = Cipher.getInstance(pbeAlgo);
same(p, c.getProvider());
c = Cipher.getInstance("des",
c = Cipher.getInstance(algoLC,
System.getProperty("test.provider.name", "SunJCE"));
same(p, c.getProvider());
c = Cipher.getInstance("des/cbc/pkcs5padding",
c = Cipher.getInstance(algoLC + "/cbc/pkcs5padding",
System.getProperty("test.provider.name", "SunJCE"));
same(p, c.getProvider());
c = Cipher.getInstance("des", p);
c = Cipher.getInstance(algoLC, p);
same(p, c.getProvider());
c = Cipher.getInstance("des/cbc/pkcs5padding", p);
c = Cipher.getInstance(algoLC + "/cbc/pkcs5padding", p);
same(p, c.getProvider());
try {
c = Cipher.getInstance("DES/XYZ/PKCS5Padding");
c = Cipher.getInstance(algo + "/XYZ/PKCS5Padding");
throw new AssertionError();
} catch (NoSuchAlgorithmException e) {
System.out.println(e);
}
try {
c = Cipher.getInstance("DES/XYZ/PKCS5Padding",
c = Cipher.getInstance(algo + "/XYZ/PKCS5Padding",
System.getProperty("test.provider.name", "SunJCE"));
throw new AssertionError();
} catch (NoSuchAlgorithmException e) {
System.out.println(e);
}
try {
c = Cipher.getInstance("DES/XYZ/PKCS5Padding", p);
c = Cipher.getInstance(algo + "/XYZ/PKCS5Padding", p);
throw new AssertionError();
} catch (NoSuchAlgorithmException e) {
System.out.println(e);
}
try {
c = Cipher.getInstance("DES/CBC/XYZPadding");
c = Cipher.getInstance(algo + "/CBC/XYZPadding");
throw new AssertionError();
} catch (NoSuchAlgorithmException e) {
System.out.println(e);
}
try {
c = Cipher.getInstance("DES/CBC/XYZPadding",
c = Cipher.getInstance(algo + "/CBC/XYZPadding",
System.getProperty("test.provider.name", "SunJCE"));
throw new AssertionError();
} catch (NoSuchPaddingException e) {
System.out.println(e);
}
try {
c = Cipher.getInstance("DES/CBC/XYZPadding", p);
c = Cipher.getInstance(algo + "/CBC/XYZPadding", p);
throw new AssertionError();
} catch (NoSuchPaddingException e) {
System.out.println(e);

10
test/jdk/javax/crypto/CipherSpi/DirectBBRemaining.java
View File

@ -27,6 +27,8 @@
* @summary Cipher.doFinal(ByteBuffer,ByteBuffer) fails to
* process when in.remaining() == 0
* @key randomness
* @run main DirectBBRemaining DES 8
* @run main DirectBBRemaining AES 16
*/
import java.nio.ByteBuffer;
@ -53,11 +55,13 @@ public class DirectBBRemaining {
boolean failedOnce = false;
Exception failedReason = null;
byte[] keyBytes = new byte[8];
int keyInt = Integer.parseInt(args[1]);
byte[] keyBytes = new byte[keyInt];
random.nextBytes(keyBytes);
SecretKey key = new SecretKeySpec(keyBytes, "DES");
String algo = args[0];
SecretKey key = new SecretKeySpec(keyBytes, algo);
Cipher cipher = Cipher.getInstance("DES/CBC/PKCS5Padding",
Cipher cipher = Cipher.getInstance(algo + "/CBC/PKCS5Padding",
System.getProperty("test.provider.name", "SunJCE"));
cipher.init(Cipher.ENCRYPT_MODE, key);

5
test/jdk/javax/crypto/CryptoPermission/AllPermCheck.java
View File

@ -29,6 +29,8 @@
* crypto permssion checks failed.
* @author Valerie Peng
* @key randomness
* @run main AllPermCheck DES
* @run main AllPermCheck AES
*/
import java.io.*;
@ -86,7 +88,8 @@ public class AllPermCheck {
public static void main(String[] args) throws Exception {
Provider p = Security.getProvider(System.getProperty("test.provider.name", "SunJCE"));
System.out.println("Testing provider " + p.getName() + "...");
if (Cipher.getMaxAllowedKeyLength("DES") == Integer.MAX_VALUE) {
String transformation = args[0];
if (Cipher.getMaxAllowedKeyLength(transformation) == Integer.MAX_VALUE) {
// skip this test for unlimited jurisdiction policy files
System.out.println("Skip this test due to unlimited version");
return;

2
test/jdk/javax/crypto/CryptoPermission/LowercasePermCheck.java
View File

@ -48,7 +48,7 @@ public class LowercasePermCheck {
public static void main(String[] args) throws Exception {
Provider p = Security.getProvider(System.getProperty("test.provider.name", "SunJCE"));
System.out.println("Testing provider " + p.getName() + "...");
if (Cipher.getMaxAllowedKeyLength("DES") == Integer.MAX_VALUE) {
if (Cipher.getMaxAllowedKeyLength("AES") == Integer.MAX_VALUE) {
// skip this test for unlimited jurisdiction policy files
System.out.println("Skip this test due to unlimited version");
return;

10
test/jdk/javax/crypto/EncryptedPrivateKeyInfo/GetKeySpec.java
View File

@ -26,6 +26,8 @@
* @bug 4508341
* @summary Test the EncryptedPrivateKeyInfo.getKeySpec(...) methods.
* @author Valerie Peng
* @run main/othervm -DcipherAlg=PBEWithMD5AndDES GetKeySpec
* @run main/othervm -DcipherAlg=PBEWithSHA1AndDESede GetKeySpec
*/
import java.util.*;
import java.nio.*;
@ -37,12 +39,13 @@ import javax.crypto.*;
import javax.crypto.spec.*;
public class GetKeySpec {
private static final String cipherAlg = "PBEWithMD5AndDES";
private static String cipherAlg;
private static final char[] passwd = { 'p','a','s','s','w','d' };
private static AlgorithmParameters GOOD_PARAMS;
static {
try {
cipherAlg = System.getProperty("cipherAlg");
PBEParameterSpec goodParamSpec =
new PBEParameterSpec(new byte[8], 1024);
GOOD_PARAMS = AlgorithmParameters.getInstance
@ -55,7 +58,8 @@ public class GetKeySpec {
}
private static String pkcs8Encoded = "30:82:01:53:02:01:00:30:0D:06:09:2A:86:48:86:F7:0D:01:01:01:05:00:04:82:01:3D:30:82:01:39:02:01:00:02:40:6E:A4:13:65:97:A2:C2:47:5E:F2:23:6B:94:D8:D7:25:13:BB:A4:AE:8A:AA:A7:27:A4:9A:04:DC:15:F7:9B:E4:39:18:99:9E:27:EA:92:BB:D0:0E:F3:26:F4:95:89:33:02:65:6D:84:69:2C:CE:B7:FA:68:8E:FE:8D:63:44:6B:02:03:01:00:01:02:40:59:6E:1C:13:98:FE:C1:04:89:75:35:36:27:29:22:B5:E0:7E:62:BD:86:6E:2C:10:7A:16:D8:68:C1:04:D4:A7:10:41:F7:B9:B4:84:05:03:A5:C0:28:73:24:A7:24:F1:1B:C3:4F:BF:05:20:D0:D9:00:08:7F:C3:29:64:1B:29:02:21:00:C4:63:4D:0C:32:51:44:AE:DD:90:A9:B7:B6:C2:6B:11:BE:D2:07:E7:B5:C2:4A:9F:4D:0F:2F:30:5F:E6:1C:6D:02:21:00:90:39:A4:2D:93:0B:08:AF:2F:6F:18:CC:1A:EF:B6:E6:01:E7:21:3A:7F:45:C7:3F:39:12:B8:CC:DF:44:2D:37:02:21:00:B3:9B:61:9E:B2:F2:12:4F:9E:C1:2C:06:A1:B5:A3:38:62:7D:31:CF:9F:32:67:0E:D3:E9:FC:2D:50:B7:61:ED:02:20:5B:FD:77:FB:5D:A3:97:09:6E:1E:D5:59:32:01:1D:CE:7C:FE:38:12:80:A5:38:1D:DA:40:57:C0:CC:D3:46:67:02:20:52:EC:61:05:0D:EC:8A:ED:F7:1E:95:67:D0:7C:8B:D9:AA:A5:33:B8:26:26:2E:8F:D7:A7:18:16:2A:83:63:5C";
private static String encryptedPKCS8 = "AE:20:81:4F:4D:38:73:C0:51:70:42:DA:C2:EF:61:49:07:E9:B5:D5:55:6D:D1:50:54:B2:0B:41:3E:2F:B6:00:BC:30:89:7B:32:A5:5F:B6:86:92:9E:06:6E:E2:40:8E:3E:E8:0B:CA:97:DB:3E:72:3E:03:22:34:35:EA:5F:B0:71:B2:07:BC:0D:97:94:0A:E6:12:9B:60:7A:77:D4:6C:99:60:2E:68:D6:55:BE:83:B8:A9:0F:19:8A:BE:91:30:D0:FE:52:94:5A:4C:D7:24:07:B3:61:EB:B5:4A:C6:6F:96:8A:C0:20:E9:73:40:FA:A2:56:04:F2:43:35:90:EA:35:C9:8C:08:9D:0B:BC:37:F0:01:D5:DF:BE:E4:4A:57:E0:13:0C:D5:F0:E8:5C:3B:B3:CD:7E:B5:E8:A5:84:63:F6:DA:3E:F2:CF:53:1F:A2:86:44:61:DD:AF:C1:78:70:3A:E6:06:41:77:6C:5B:8D:FA:C4:39:D7:4D:2F:87:D8:31:F4:B6:2B:94:D9:87:17:0E:C8:E3:FA:54:C8:B2:44:56:E0:37:5F:4C:5D:B2:21:DD:15:9E:94:63:89:CF:07:8C:79:F8:65:B2:22:45:D5:F0:2A:70:19:61:16:1D:52:5E:0C:35:3B:20:88:17:7E:FD:05:CC:08:09:2F:05:61:F7:A8:F5:EA:DE:77:DE:5D:55:4E:A0:36:A1:13:FF:2D:57:E8:4E:06:CE:C9:C1:B1:AE:C6:52:A6:EB:35:4C:81:91:DE:71:BA:34:DA:8A:99:1A:47:2E:66:52:AF:E3:2A:E4:0A:27:7F:72:C4:90:7E:8D:8F:64:8D:21:7E:00:DC:1C:62:0F:CC:96:80:C7:E5:5B:70:48:A5:E7:34:27:1A:7C:48:A7:9E:8B:2B:A6:E2";
private static String sha1EncryptedPKCS8 = "0D:CA:00:8F:64:91:9C:60:36:F5:9B:BD:DD:C5:A9:A2:27:9E:6B:AE:CB:23:0E:2F:DA:76:03:A5:B7:C0:D5:3E:B9:03:60:62:41:2C:D6:51:37:F0:D9:ED:B2:CC:E7:99:28:03:CD:20:5D:EC:56:77:FC:61:57:D7:8C:F3:F6:10:F7:E5:BA:88:04:FE:1A:17:B3:8C:36:BF:70:2D:CD:6F:BF:83:ED:03:41:22:95:68:E3:08:90:76:B5:97:CB:FF:CE:51:27:14:F6:38:00:22:E9:0F:86:9F:64:D2:47:34:F6:50:DA:A9:80:F5:67:BF:C7:51:B3:38:AF:CD:15:96:50:8F:33:F3:8B:43:4C:AF:ED:DD:37:03:EC:B1:CC:57:53:0A:AF:0D:53:CD:D7:2B:A2:20:C5:37:AF:09:78:8E:3F:A0:E4:EC:22:C6:71:EC:D1:42:15:9D:1D:E9:E3:9D:8F:D6:0B:2A:99:C9:C8:90:B1:CD:AB:17:DD:A3:6F:64:43:23:26:25:7B:A5:E0:1F:2E:AF:18:89:C8:D6:97:28:32:A1:01:22:6F:14:B6:6C:4E:8A:83:47:16:99:51:B4:8D:85:9E:AB:00:B5:18:BB:49:97:47:59:F8:A7:A8:64:76:3F:41:5F:71:1A:F3:4A:96:F2:B4:44:38:42:4B:AE:0F:08:83:5C:33:F8:6A:8F:B9:6A:3D:1C:06:02:4E:07:48:46:E0:6D:6D:ED:E8:19:CB:3F:B0:6F:10:68:3A:5E:F5:8F:94:EF:B4:8B:58:5F:50:0A:E5:F2:13:54:59:14:99:C5:74:02:A2:B1:73:16:7F:F2:D4:DE:E0:12:86:55:46:9C:57:D1:7A:5C:8B:46:E1:7E:C3:32:14:31:52:64:07:52:9D:65:04:9D:54:89";
private static String md5EncryptedPKCS8 = "AE:20:81:4F:4D:38:73:C0:51:70:42:DA:C2:EF:61:49:07:E9:B5:D5:55:6D:D1:50:54:B2:0B:41:3E:2F:B6:00:BC:30:89:7B:32:A5:5F:B6:86:92:9E:06:6E:E2:40:8E:3E:E8:0B:CA:97:DB:3E:72:3E:03:22:34:35:EA:5F:B0:71:B2:07:BC:0D:97:94:0A:E6:12:9B:60:7A:77:D4:6C:99:60:2E:68:D6:55:BE:83:B8:A9:0F:19:8A:BE:91:30:D0:FE:52:94:5A:4C:D7:24:07:B3:61:EB:B5:4A:C6:6F:96:8A:C0:20:E9:73:40:FA:A2:56:04:F2:43:35:90:EA:35:C9:8C:08:9D:0B:BC:37:F0:01:D5:DF:BE:E4:4A:57:E0:13:0C:D5:F0:E8:5C:3B:B3:CD:7E:B5:E8:A5:84:63:F6:DA:3E:F2:CF:53:1F:A2:86:44:61:DD:AF:C1:78:70:3A:E6:06:41:77:6C:5B:8D:FA:C4:39:D7:4D:2F:87:D8:31:F4:B6:2B:94:D9:87:17:0E:C8:E3:FA:54:C8:B2:44:56:E0:37:5F:4C:5D:B2:21:DD:15:9E:94:63:89:CF:07:8C:79:F8:65:B2:22:45:D5:F0:2A:70:19:61:16:1D:52:5E:0C:35:3B:20:88:17:7E:FD:05:CC:08:09:2F:05:61:F7:A8:F5:EA:DE:77:DE:5D:55:4E:A0:36:A1:13:FF:2D:57:E8:4E:06:CE:C9:C1:B1:AE:C6:52:A6:EB:35:4C:81:91:DE:71:BA:34:DA:8A:99:1A:47:2E:66:52:AF:E3:2A:E4:0A:27:7F:72:C4:90:7E:8D:8F:64:8D:21:7E:00:DC:1C:62:0F:CC:96:80:C7:E5:5B:70:48:A5:E7:34:27:1A:7C:48:A7:9E:8B:2B:A6:E2";
private static byte[] parse(String s) {
try {
@ -99,7 +103,7 @@ public class GetKeySpec {
throw new Exception("Static parameter generation failed");
}
byte[] encodedKey = parse(pkcs8Encoded);
byte[] encryptedData = parse(encryptedPKCS8);
byte[] encryptedData = parse(cipherAlg.contains("MD5") ? md5EncryptedPKCS8 : sha1EncryptedPKCS8);
boolean result = true;
Provider p = Security.getProvider(System.getProperty("test.provider.name", "SunJCE"));

5
test/jdk/javax/crypto/EncryptedPrivateKeyInfo/GetKeySpecException.java
View File

@ -28,6 +28,8 @@
* @summary Test the error conditions of
* EncryptedPrivateKeyInfo.getKeySpec(...) methods.
* @author Valerie Peng
* @run main/othervm -DcipherAlg=PBEWithMD5AndDES GetKeySpecException
* @run main/othervm -DcipherAlg=PBEWithSHA1AndDESede GetKeySpecException
*/
import java.security.*;
import java.util.Arrays;
@ -37,7 +39,7 @@ import javax.crypto.*;
import javax.crypto.spec.*;
public class GetKeySpecException {
private static final String cipherAlg = "PBEWithMD5AndDES";
private static String cipherAlg;
private static final char[] passwd = { 'p','a','s','s','w','d' };
private static SecretKey cipherKey;
private static Cipher cipher = null;
@ -50,6 +52,7 @@ public class GetKeySpecException {
static {
try {
cipherAlg = System.getProperty("cipherAlg");
sunjce = Security.getProvider(System.getProperty("test.provider.name", "SunJCE"));
PBEParameterSpec badParamSpec =
new PBEParameterSpec(new byte[10], 10);

7
test/jdk/javax/crypto/EncryptedPrivateKeyInfo/GetKeySpecException2.java
View File

@ -28,6 +28,8 @@
* with wrong mode with EncryptedPrivateKeyInfo.getKeySpec
* (Cipher) method.
* @author Valerie Peng
* @run main GetKeySpecException2 PBEWithMD5AndDES
* @run main GetKeySpecException2 PBEWithSHA1AndDESede
*/
import java.security.*;
import java.util.Arrays;
@ -38,11 +40,10 @@ import javax.crypto.interfaces.PBEKey;
import javax.crypto.spec.*;
public class GetKeySpecException2 {
private static final String cipherAlg = "PBEWithMD5AndDES";
private static final char[] passwd = { 'p','a','s','s','w','d' };
public static void main(String[] argv) throws Exception {
public static void main(String[] args) throws Exception {
String cipherAlg = args[0];
// use random data
byte[] encryptedData = new byte[30];
encryptedData[20] = (byte) 8;

5
test/jdk/javax/crypto/EncryptedPrivateKeyInfo/GetKeySpecInvalidEncoding.java
View File

@ -28,6 +28,8 @@
* methods with scenarios where the decrypted bytes are not
* encoded correctly per PKCS#8 standard.
* @author Valerie Peng
* @run main/othervm -DcipherAlg=PBEWithMD5AndDES GetKeySpecInvalidEncoding
* @run main/othervm -DcipherAlg=PBEWithSHA1AndDESede GetKeySpecInvalidEncoding
*/
import java.util.*;
import java.nio.*;
@ -39,12 +41,13 @@ import javax.crypto.*;
import javax.crypto.spec.*;
public class GetKeySpecInvalidEncoding {
private static final String cipherAlg = "PBEWithMD5AndDES";
private static String cipherAlg;
private static final char[] passwd = { 'p','a','s','s', 'w', 'd' };
private static AlgorithmParameters GOOD_PARAMS;
static {
try {
cipherAlg = System.getProperty("cipherAlg");
PBEParameterSpec goodParamSpec =
new PBEParameterSpec(new byte[8], 6);
GOOD_PARAMS = AlgorithmParameters.getInstance

9
test/jdk/javax/crypto/KeyGenerator/TestGetInstance.java
View File

@ -26,6 +26,8 @@
* @bug 4898428
* @summary test that the new getInstance() implementation works correctly
* @author Andreas Sterbenz
* @run main TestGetInstance des
* @run main TestGetInstance aes
*/
import java.security.*;
@ -47,12 +49,13 @@ public class TestGetInstance {
KeyGenerator kg;
kg = KeyGenerator.getInstance("des");
String algo = args[0];
kg = KeyGenerator.getInstance(algo);
System.out.println("Default: " + kg.getProvider().getName());
kg = KeyGenerator.getInstance("des",
kg = KeyGenerator.getInstance(algo,
System.getProperty("test.provider.name", "SunJCE"));
same(p, kg.getProvider());
kg = KeyGenerator.getInstance("des", p);
kg = KeyGenerator.getInstance(algo, p);
same(p, kg.getProvider());
try {

7
test/jdk/javax/crypto/Mac/ByteBuffers.java
View File

@ -27,6 +27,8 @@
* @summary Test the Mac.update(ByteBuffer) method
* @author Andreas Sterbenz
* @key randomness
* @run main ByteBuffers HmacMD5
* @run main ByteBuffers HmacSha256
*/
import java.util.*;
@ -46,11 +48,12 @@ public class ByteBuffers {
byte[] t = new byte[n];
random.nextBytes(t);
String algo = args[0];
byte[] keyBytes = new byte[16];
random.nextBytes(keyBytes);
SecretKey key = new SecretKeySpec(keyBytes, "HmacMD5");
SecretKey key = new SecretKeySpec(keyBytes, algo);
Mac mac = Mac.getInstance("HmacMD5");
Mac mac = Mac.getInstance(algo);
mac.init(key);
byte[] macValue = mac.doFinal(t);

9
test/jdk/javax/crypto/Mac/TestGetInstance.java
View File

@ -26,6 +26,8 @@
* @bug 4898428
* @summary test that the new getInstance() implementation works correctly
* @author Andreas Sterbenz
* @run main TestGetInstance hmacmd5
* @run main TestGetInstance hmacsha256
*/
import java.security.*;
@ -47,11 +49,12 @@ public class TestGetInstance {
Mac mac;
mac = Mac.getInstance("hmacmd5");
String algo = args[0];
mac = Mac.getInstance(algo);
System.out.println("Default: " + mac.getProvider().getName());
mac = Mac.getInstance("hmacmd5", System.getProperty("test.provider.name", "SunJCE"));
mac = Mac.getInstance(algo, System.getProperty("test.provider.name", "SunJCE"));
same(p, mac.getProvider());
mac = Mac.getInstance("hmacmd5", p);
mac = Mac.getInstance(algo, p);
same(p, mac.getProvider());
try {

13
test/jdk/sun/security/pkcs/pkcs10/PKCS10AttrEncoding.java
View File

@ -1,5 +1,5 @@
/*
* Copyright (c) 2015, 2020, Oracle and/or its affiliates. All rights reserved.
* Copyright (c) 2015, 2024, Oracle and/or its affiliates. All rights reserved.
* DO NOT ALTER OR REMOVE COPYRIGHT NOTICES OR THIS FILE HEADER.
*
* This code is free software; you can redistribute it and/or modify it
@ -30,7 +30,8 @@
* java.base/sun.security.util
* java.base/sun.security.x509
* @compile -XDignore.symbol.file PKCS10AttrEncoding.java
* @run main PKCS10AttrEncoding
* @run main PKCS10AttrEncoding DSA 512
* @run main PKCS10AttrEncoding Sha256withDSA 2048
*/
import java.security.KeyPair;
import java.security.KeyPairGenerator;
@ -69,11 +70,13 @@ public class PKCS10AttrEncoding {
constructedMap.put(ids[j], values[j]);
}
String kpgAlgorithm = "DSA";
X500Name subject = new X500Name("cn=Test");
KeyPairGenerator keyGen = KeyPairGenerator.getInstance("DSA");
String sigAlg = "DSA";
KeyPairGenerator keyGen = KeyPairGenerator.getInstance(kpgAlgorithm);
String sigAlg = args[0];
int keySize = Integer.parseInt(args[1]);
keyGen.initialize(512);
keyGen.initialize(keySize);
KeyPair pair = keyGen.generateKeyPair();
X509Key publicKey = (X509Key) pair.getPublic();

33
test/jdk/sun/security/pkcs/pkcs7/SignerOrder.java
View File

@ -1,5 +1,5 @@
/*
* Copyright (c) 2015, 2023, Oracle and/or its affiliates. All rights reserved.
* Copyright (c) 2015, 2024, Oracle and/or its affiliates. All rights reserved.
* DO NOT ALTER OR REMOVE COPYRIGHT NOTICES OR THIS FILE HEADER.
*
* This code is free software; you can redistribute it and/or modify it
@ -29,7 +29,8 @@
* @modules java.base/sun.security.pkcs
* java.base/sun.security.util
* java.base/sun.security.x509
* @run main SignerOrder
* @run main SignerOrder default 1024
* @run main SignerOrder Sha256 2048
*/
import java.io.IOException;
import java.math.BigInteger;
@ -62,20 +63,21 @@ public class SignerOrder {
static final byte[] data1 = "12345".getBytes();
static final byte[] data2 = "abcde".getBytes();
public static void main(String[] argv) throws Exception {
public static void main(String[] args) throws Exception {
String digestAlg = "default".equals(args[0]) ? null : args[0];
int keySize = Integer.parseInt(args[1]);
SignerInfo[] signerInfos = new SignerInfo[9];
SimpleSigner signer1 = new SimpleSigner(null, null, null, null);
SimpleSigner signer1 = new SimpleSigner(digestAlg, null, null, null, keySize);
signerInfos[8] = signer1.genSignerInfo(data1);
signerInfos[7] = signer1.genSignerInfo(new byte[]{});
signerInfos[6] = signer1.genSignerInfo(data2);
SimpleSigner signer2 = new SimpleSigner(null, null, null, null);
SimpleSigner signer2 = new SimpleSigner(digestAlg, null, null, null, keySize);
signerInfos[5] = signer2.genSignerInfo(data1);
signerInfos[4] = signer2.genSignerInfo(new byte[]{});
signerInfos[3] = signer2.genSignerInfo(data2);
SimpleSigner signer3 = new SimpleSigner(null, null, null, null);
SimpleSigner signer3 = new SimpleSigner(digestAlg, null, null, null, keySize);
signerInfos[2] = signer3.genSignerInfo(data1);
signerInfos[1] = signer3.genSignerInfo(new byte[]{});
signerInfos[0] = signer3.genSignerInfo(data2);
@ -156,28 +158,33 @@ class SimpleSigner {
public SimpleSigner(String digestAlg,
String encryptionAlg,
KeyPair keyPair,
X500Name agent) throws Exception {
X500Name agent,
int keySize) throws Exception {
String signAlgoDigest;
if (agent == null) {
agent = new X500Name("cn=test");
}
if (digestAlg == null) {
digestAlg = "SHA";
}
if (encryptionAlg == null) {
encryptionAlg = "DSA";
}
if (digestAlg == null) {
digestAlg = "SHA";
signAlgoDigest = encryptionAlg;
} else {
signAlgoDigest = digestAlg + "with" + encryptionAlg;
}
if (keyPair == null) {
KeyPairGenerator keyGen =
KeyPairGenerator.getInstance(encryptionAlg);
keyGen.initialize(1024);
keyGen.initialize(keySize);
keyPair = keyGen.generateKeyPair();
}
publicKey = (X509Key) keyPair.getPublic();
privateKey = keyPair.getPrivate();
if ("DSA".equals(encryptionAlg)) {
this.sig = Signature.getInstance(encryptionAlg);
this.sig = Signature.getInstance(signAlgoDigest);
} else { // RSA
this.sig = Signature.getInstance(digestAlg + "/" + encryptionAlg);
}

16
test/jdk/sun/security/rsa/TestKeyPairGenerator.java
View File

@ -86,9 +86,10 @@ public class TestKeyPairGenerator {
}
// regression test for 4865198
private static void testInvalidSignature(KeyPair kp1, KeyPair kp2) throws Exception {
private static void testInvalidSignature(KeyPair kp1, KeyPair kp2, String signAlgo)
throws Exception {
System.out.println("Testing signature with incorrect key...");
Signature sig = Signature.getInstance("MD5withRSA", provider);
Signature sig = Signature.getInstance(signAlgo, provider);
sig.initSign(kp1.getPrivate());
byte[] data = new byte[100];
sig.update(data);
@ -153,9 +154,14 @@ public class TestKeyPairGenerator {
}
test(privateKey, publicKey);
}
testInvalidSignature(keyPairs[0], keyPairs[1]);
testInvalidSignature(keyPairs[0], keyPairs[2]);
testInvalidSignature(keyPairs[2], keyPairs[0]);
String md5Algo = "MD5withRSA";
String sha256Algo = "Sha256withRSA";
testInvalidSignature(keyPairs[0], keyPairs[1], md5Algo);
testInvalidSignature(keyPairs[0], keyPairs[2], md5Algo);
testInvalidSignature(keyPairs[2], keyPairs[0], md5Algo);
testInvalidSignature(keyPairs[0], keyPairs[1], sha256Algo);
testInvalidSignature(keyPairs[0], keyPairs[2], sha256Algo);
testInvalidSignature(keyPairs[2], keyPairs[0], sha256Algo);
long stop = System.currentTimeMillis();
System.out.println("All tests passed (" + (stop - start) + " ms).");
}

9
test/jdk/sun/security/rsa/pss/InitAgain.java
View File

@ -29,18 +29,23 @@ import jdk.test.lib.security.SecurityUtils;
* @bug 8205445
* @library /test/lib
* @summary Make sure old state is cleared when init is called again
* @run main InitAgain default
* @run main InitAgain SHA-256
*/
public class InitAgain {
public static void main(String[] args) throws Exception {
String mdName = args[0];
PSSParameterSpec pssParamSpec = "default".equals(mdName) ? PSSParameterSpec.DEFAULT :
new PSSParameterSpec(mdName, "MGF1", new MGF1ParameterSpec(mdName), 20, 1);
byte[] msg = "hello".getBytes();
Signature s1 = Signature.getInstance("RSASSA-PSS");
Signature s2 = Signature.getInstance("RSASSA-PSS");
s1.setParameter(PSSParameterSpec.DEFAULT);
s2.setParameter(PSSParameterSpec.DEFAULT);
s1.setParameter(pssParamSpec);
s2.setParameter(pssParamSpec);
String kpgAlgorithm = "RSA";
KeyPairGenerator kpg = KeyPairGenerator.getInstance(kpgAlgorithm);

49
test/jdk/sun/security/tools/keytool/KeyToolTest.java
View File

@ -68,6 +68,7 @@ import java.security.NoSuchAlgorithmException;
import java.util.*;
import java.security.cert.X509Certificate;
import jdk.test.lib.util.FileUtils;
import jdk.test.lib.security.SecurityUtils;
import sun.security.util.ObjectIdentifier;
@ -103,6 +104,8 @@ public class KeyToolTest {
"-srcproviderName SunPKCS11-nzz " +
"-addprovider SunPKCS11 " +
"-providerArg p11-nzz.txt ";
private static final int KEY_LENGTH_DSA = SecurityUtils.getTestKeySize("DSA");
private static final int KEY_LENGTH_RSA = SecurityUtils.getTestKeySize("RSA");
String p11Arg, srcP11Arg;
@ -192,7 +195,7 @@ public class KeyToolTest {
// SunPKCS11-NSS does not support SHA256withDSA yet.
if (cmd.contains("p11-nss.txt") && cmd.contains("-genkey")
&& cmd.contains("DSA")) {
cmd += " -sigalg SHA1withDSA -keysize 1024";
cmd += " -sigalg SHA256withDSA -keysize " + KEY_LENGTH_DSA;
}
test(input, cmd);
} catch(Exception e) {
@ -955,6 +958,9 @@ public class KeyToolTest {
// sig not compatible
testFail("", "-keystore x.jks -storetype JKS -storepass changeit " +
"-keypass changeit -selfcert -sigalg MD5withRSA");
// sig not compatible
testFail("", "-keystore x.jks -storetype JKS -storepass changeit " +
"-keypass changeit -selfcert -sigalg SHA256withRSA");
// bad pass
testFail("", "-keystore x.jks -storetype JKS -storepass wrong " +
"-keypass changeit -selfcert");
@ -1062,10 +1068,10 @@ public class KeyToolTest {
"-keypass changeit -genkeypair -keyalg DSA -dname CN=olala -keysize 999 " +
"-alias n5");
testOK("", "-keystore x.jks -storetype JKS -storepass changeit " +
"-keypass changeit -genkeypair -keyalg DSA -dname CN=olala -keysize 512 " +
"-keypass changeit -genkeypair -keyalg DSA -dname CN=olala -keysize 2048 " +
"-alias n6");
testOK("", "-keystore x.jks -storetype JKS -storepass changeit " +
"-keypass changeit -genkeypair -keyalg DSA -dname CN=olala -keysize 1024 " +
"-keypass changeit -genkeypair -keyalg DSA -dname CN=olala -keysize 3072 " +
"-alias n7");
testFail("", "-keystore x.jks -storetype JKS -storepass changeit " +
"-keypass changeit -genkeypair -keyalg DSA -dname CN=olala " +
@ -1076,6 +1082,9 @@ public class KeyToolTest {
testOK("", "-keystore x.jks -storetype JKS -storepass changeit " +
"-keypass changeit -genkeypair -dname CN=olala -keyalg RSA " +
"-sigalg MD5withRSA -alias n10");
testOK("", "-keystore x.jks -storetype JKS -storepass changeit " +
"-keypass changeit -genkeypair -dname CN=olala -keyalg RSA " +
"-sigalg SHA256withRSA -alias n10-1");
testOK("", "-keystore x.jks -storetype JKS -storepass changeit " +
"-keypass changeit -genkeypair -dname CN=olala -keyalg RSA " +
"-sigalg SHA1withRSA -alias n11");
@ -1152,16 +1161,20 @@ public class KeyToolTest {
remove("csr1");
// PrivateKeyEntry can do certreq
testOK("", "-keystore x.jks -storetype JKS -storepass changeit " +
"-keypass changeit -genkeypair -keyalg DSA -dname CN=olala -keysize 1024");
"-keypass changeit -genkeypair -keyalg DSA -dname CN=olala -keysize " +
KEY_LENGTH_DSA);
testOK("", "-keystore x.jks -storetype JKS -storepass changeit " +
"-certreq -file csr1 -alias mykey");
testOK("", "-keystore x.jks -storetype JKS -storepass changeit " +
"-certreq -file csr1");
testOK("", "-keystore x.jks -storetype JKS -storepass changeit " +
"-certreq -file csr1 -sigalg SHA1withDSA");
// unmatched sigalg
"-certreq -file csr1 -sigalg SHA256withDSA");
// unmatched md5
testFail("", "-keystore x.jks -storetype JKS -storepass changeit " +
"-certreq -file csr1 -sigalg MD5withRSA");
// unmatched sha
testFail("", "-keystore x.jks -storetype JKS -storepass changeit " +
"-certreq -file csr1 -sigalg SHA256withRSA");
// misc test
// bad storepass
testFail("", "-keystore x.jks -storetype JKS -storepass badstorepass " +
@ -1192,9 +1205,9 @@ public class KeyToolTest {
"-certreq -file csr1");
// unmatched sigalg
testFail("", "-keystore x.jks -storetype JKS -storepass changeit " +
"-certreq -file csr1 -sigalg SHA1withDSA");
"-certreq -file csr1 -sigalg SHA256withDSA");
testOK("", "-keystore x.jks -storetype JKS -storepass changeit " +
"-certreq -file csr1 -sigalg MD5withRSA");
"-certreq -file csr1 -sigalg SHA256withRSA");
// TrustedCertificateEntry cannot do certreq
testOK("", "-keystore x.jks -storetype JKS -storepass changeit " +
"-exportcert -file x.jks.p1.cert");
@ -1222,6 +1235,9 @@ public class KeyToolTest {
testOK("", "-keystore x.jks -storetype JKS -storepass changeit " +
"-keypass changeit -genkeypair -dname CN=weak -keyalg rsa " +
"-keysize 512 -sigalg MD5withRSA -alias myweakkey");
testOK("", "-keystore x.jks -storetype JKS -storepass changeit " +
"-keypass changeit -genkeypair -dname CN=weak -keyalg rsa -keysize " +
KEY_LENGTH_RSA + " -sigalg SHA256withRSA -alias myweakkey-sha");
testOK("", "-keystore x.jks -storetype JKS -storepass changeit " +
"-export -file myweakkey.cert -alias myweakkey");
testFail("", "-printcert -file badkeystore");
@ -1673,31 +1689,32 @@ public class KeyToolTest {
remove("x.jks");
testOK("", "-help");
// 2. keytool -genkey -keyalg DSA -v -keysize 512 Enter "a" for the keystore
// 2. keytool -genkey -keyalg DSA -v -keysize <strongKeySize> Enter "a" for the keystore
// password. Check error (password too short). Enter "password" for
// the keystore password. Hit 'return' for "first and last name",
// "organizational unit", "City", "State", and "Country Code".
// Type "yes" when they ask you if everything is correct.
// Type 'return' for new key password.
testOK("a\npassword\npassword\nMe\nHere\nNow\nPlace\nPlace\nUS\nyes\n\n",
"-genkey -keyalg DSA -v -keysize 512 -keystore x.jks -storetype JKS");
"-genkey -keyalg DSA -v -keysize " + KEY_LENGTH_DSA + " -keystore x.jks " +
"-storetype JKS");
// 3. keytool -list -v -storepass password
testOK("", "-list -v -storepass password -keystore x.jks -storetype JKS");
// 4. keytool -list -v Type "a" for the keystore password.
// Check error (wrong keystore password).
testFail("a\n", "-list -v -keystore x.jks -storetype JKS");
assertTrue(ex.indexOf("password was incorrect") != -1);
// 5. keytool - -keyalg DSA -v -keysize 512 Enter "password" as the password.
// 5. keytool - -keyalg DSA -v -keysize <strongKeySize> Enter "password" as the password.
// Check error (alias 'mykey' already exists).
testFail("password\n", "-genkey -keyalg DSA -v -keysize 512" +
testFail("password\n", "-genkey -keyalg DSA -v -keysize " + KEY_LENGTH_DSA +
" -keystore x.jks -storetype JKS");
assertTrue(ex.indexOf("alias <mykey> already exists") != -1);
// 6. keytool -genkey -keyalg DSA -v -keysize 512 -alias mykey2 -storepass password
// 6. keytool -genkey -keyalg DSA -v -keysize <strongKeySize> -alias mykey2 -storepass password
// Hit 'return' for "first and last name", "organizational unit", "City",
// "State", and "Country Code". Type "yes" when they ask you if
// everything is correct. Type 'return' for new key password.
testOK("\n\n\n\n\n\nyes\n\n", "-genkey -keyalg DSA -v -keysize 512 -alias mykey2" +
" -storepass password -keystore x.jks -storetype JKS");
testOK("\n\n\n\n\n\nyes\n\n", "-genkey -keyalg DSA -v -keysize " + KEY_LENGTH_DSA +
" -alias mykey2 -storepass password -keystore x.jks -storetype JKS");
// 7. keytool -list -v Type 'password' for the store password.
testOK("password\n", "-list -v -keystore x.jks -storetype JKS");
// 8. keytool -keypasswd -v -alias mykey2 -storepass password
@ -1777,7 +1794,7 @@ public class KeyToolTest {
// 1. sccs edit cert8.db key3.db
//Runtime.getRuntime().exec("/usr/bin/sccs edit cert8.db key3.db");
testOK("", p11Arg + ("-storepass test12 -genkey -alias genkey" +
" -dname cn=genkey -keysize 512 -keyalg rsa"));
" -dname cn=genkey -keysize " + KEY_LENGTH_RSA + " -keyalg rsa"));
testOK("", p11Arg + "-storepass test12 -list");
testOK("", p11Arg + "-storepass test12 -list -alias genkey");
testOK("", p11Arg +