/*
* Copyright (c) 2021, Oracle and/or its affiliates. All rights reserved.
* DO NOT ALTER OR REMOVE COPYRIGHT NOTICES OR THIS FILE HEADER.
*
* This code is free software; you can redistribute it and/or modify it
* under the terms of the GNU General Public License version 2 only, as
* published by the Free Software Foundation.
*
* This code is distributed in the hope that it will be useful, but WITHOUT
* ANY WARRANTY; without even the implied warranty of MERCHANTABILITY or
* FITNESS FOR A PARTICULAR PURPOSE. See the GNU General Public License
* version 2 for more details (a copy is included in the LICENSE file that
* accompanied this code).
*
* You should have received a copy of the GNU General Public License version
* 2 along with this work; if not, write to the Free Software Foundation,
* Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA.
*
* Please contact Oracle, 500 Oracle Parkway, Redwood Shores, CA 94065 USA
* or visit www.oracle.com if you need additional information or have any
* questions.
*/
/*
* @test
* @bug 8255410
* @summary test the general SecretKeyFactory functionality
* @library /test/lib ..
* @modules jdk.crypto.cryptoki
* @run main/othervm TestGeneral
*/
import java.security.NoSuchAlgorithmException;
import java.security.Provider;
import java.security.SecureRandom;
import java.util.Arrays;
import javax.crypto.SecretKeyFactory;
import javax.crypto.SecretKey;
import javax.crypto.spec.SecretKeySpec;
public class TestGeneral extends PKCS11Test {
private enum TestResult {
PASS,
FAIL,
TBD // unused for now
}
public static void main(String[] args) throws Exception {
main(new TestGeneral(), args);
}
private void test(String algorithm, SecretKey key, Provider p,
TestResult expected) throws RuntimeException {
System.out.println("Testing " + algorithm + " SKF from " + p.getName());
SecretKeyFactory skf;
try {
skf = SecretKeyFactory.getInstance(algorithm, p);
} catch (NoSuchAlgorithmException e) {
System.out.println("Not supported, skipping: " + e);
return;
}
try {
SecretKey key2 = skf.translateKey(key);
if (expected == TestResult.FAIL) {
throw new RuntimeException("translateKey() should FAIL");
}
System.out.println("=> translated key");
if (!key2.getAlgorithm().equalsIgnoreCase(algorithm)) {
throw new RuntimeException("translated key algorithm mismatch");
}
System.out.println("=> checked key algorithm");
// proceed to check encodings if format match
if (key2.getFormat().equalsIgnoreCase(key.getFormat())) {
if (key2.getEncoded() != null &&
!Arrays.equals(key.getEncoded(), key2.getEncoded())) {
throw new RuntimeException(
"translated key encoding mismatch");
}
System.out.println("=> checked key format and encoding");
}
} catch (Exception e) {
if (expected == TestResult.PASS) {
e.printStackTrace();
throw new RuntimeException("translateKey() should pass", e);
}
}
}
@Override
public void main(Provider p) throws Exception {
byte[] rawBytes = new byte[32];
new SecureRandom().nextBytes(rawBytes);
SecretKey aes_128Key = new SecretKeySpec(rawBytes, 0, 16, "AES");
SecretKey aes_256Key = new SecretKeySpec(rawBytes, 0, 32, "AES");
SecretKey bf_128Key = new SecretKeySpec(rawBytes, 0, 16, "Blowfish");
SecretKey cc20Key = new SecretKeySpec(rawBytes, 0, 32, "ChaCha20");
// fixed key length
test("AES", aes_128Key, p, TestResult.PASS);
test("AES", aes_256Key, p, TestResult.PASS);
test("AES", cc20Key, p, TestResult.FAIL);
test("ChaCha20", aes_128Key, p, TestResult.FAIL);
test("ChaCha20", aes_256Key, p, TestResult.FAIL);
test("ChaCha20", cc20Key, p, TestResult.PASS);
// variable key length
// Different PKCS11 impls may have different ranges
// of supported key sizes for variable-key-length
// algorithms.
test("Blowfish", aes_128Key, p, TestResult.FAIL);
test("Blowfish", cc20Key, p, TestResult.FAIL);
test("Blowfish", bf_128Key, p, TestResult.PASS);
}
}