| author | jjiang |
| Sat, 21 Sep 2019 08:06:00 +0800 | |
| changeset 58248 | e6231dbaa862 |
| parent 51460 | 97e361fe3433 |
| permissions | -rw-r--r-- |
| 2 | 1 |
/* |
|
58248
e6231dbaa862
8180837: SunPKCS11-NSS tests failing with CKR_ATTRIBUTE_READ_ONLY and CKR_MECHANISM_PARAM_INVALID
jjiang
parents:
51460
diff
changeset
|
2 |
* Copyright (c) 2005, 2019, Oracle and/or its affiliates. All rights reserved. |
| 2 | 3 |
* DO NOT ALTER OR REMOVE COPYRIGHT NOTICES OR THIS FILE HEADER. |
4 |
* |
|
5 |
* This code is free software; you can redistribute it and/or modify it |
|
6 |
* under the terms of the GNU General Public License version 2 only, as |
|
7 |
* published by the Free Software Foundation. |
|
8 |
* |
|
9 |
* This code is distributed in the hope that it will be useful, but WITHOUT |
|
10 |
* ANY WARRANTY; without even the implied warranty of MERCHANTABILITY or |
|
11 |
* FITNESS FOR A PARTICULAR PURPOSE. See the GNU General Public License |
|
12 |
* version 2 for more details (a copy is included in the LICENSE file that |
|
13 |
* accompanied this code). |
|
14 |
* |
|
15 |
* You should have received a copy of the GNU General Public License version |
|
16 |
* 2 along with this work; if not, write to the Free Software Foundation, |
|
17 |
* Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA. |
|
18 |
* |
|
| 5506 | 19 |
* Please contact Oracle, 500 Oracle Parkway, Redwood Shores, CA 94065 USA |
20 |
* or visit www.oracle.com if you need additional information or have any |
|
21 |
* questions. |
|
| 2 | 22 |
*/ |
23 |
||
|
40975
680639c9b307
8165689: Fix module dependencies for sun/security/pkcs11/* tests
skovalev
parents:
35379
diff
changeset
|
24 |
/* |
| 2 | 25 |
* @test |
|
41123
66eaead2a150
8136355: CKM_SSL3_KEY_AND_MAC_DERIVE no longer available by default on Solaris 12
valeriep
parents:
40975
diff
changeset
|
26 |
* @bug 6316539 8136355 |
| 2 | 27 |
* @summary Known-answer-test for TlsKeyMaterial generator |
28 |
* @author Andreas Sterbenz |
|
|
51460
97e361fe3433
8164639: Configure PKCS11 tests to use user-supplied NSS libraries
jjiang
parents:
47216
diff
changeset
|
29 |
* @library /test/lib .. |
| 30820 | 30 |
* @modules java.base/sun.security.internal.spec |
|
43248
5e15de85a1a0
8172527: Rename jdk.crypto.token to jdk.crypto.cryptoki
ascarpino
parents:
42693
diff
changeset
|
31 |
* jdk.crypto.cryptoki |
|
35379
1e8e336ef66b
8144539: Update PKCS11 tests to run with security manager
asmotrak
parents:
30820
diff
changeset
|
32 |
* @run main/othervm TestKeyMaterial |
|
1e8e336ef66b
8144539: Update PKCS11 tests to run with security manager
asmotrak
parents:
30820
diff
changeset
|
33 |
* @run main/othervm TestKeyMaterial sm policy |
| 2 | 34 |
*/ |
35 |
||
|
35379
1e8e336ef66b
8144539: Update PKCS11 tests to run with security manager
asmotrak
parents:
30820
diff
changeset
|
36 |
import java.io.BufferedReader; |
|
1e8e336ef66b
8144539: Update PKCS11 tests to run with security manager
asmotrak
parents:
30820
diff
changeset
|
37 |
import java.nio.file.Files; |
|
1e8e336ef66b
8144539: Update PKCS11 tests to run with security manager
asmotrak
parents:
30820
diff
changeset
|
38 |
import java.nio.file.Paths; |
|
58248
e6231dbaa862
8180837: SunPKCS11-NSS tests failing with CKR_ATTRIBUTE_READ_ONLY and CKR_MECHANISM_PARAM_INVALID
jjiang
parents:
51460
diff
changeset
|
39 |
import java.security.InvalidAlgorithmParameterException; |
| 2 | 40 |
import java.security.Provider; |
|
58248
e6231dbaa862
8180837: SunPKCS11-NSS tests failing with CKR_ATTRIBUTE_READ_ONLY and CKR_MECHANISM_PARAM_INVALID
jjiang
parents:
51460
diff
changeset
|
41 |
import java.security.ProviderException; |
|
35379
1e8e336ef66b
8144539: Update PKCS11 tests to run with security manager
asmotrak
parents:
30820
diff
changeset
|
42 |
import java.util.Arrays; |
|
58248
e6231dbaa862
8180837: SunPKCS11-NSS tests failing with CKR_ATTRIBUTE_READ_ONLY and CKR_MECHANISM_PARAM_INVALID
jjiang
parents:
51460
diff
changeset
|
43 |
|
| 2 | 44 |
import javax.crypto.KeyGenerator; |
45 |
import javax.crypto.SecretKey; |
|
|
35379
1e8e336ef66b
8144539: Update PKCS11 tests to run with security manager
asmotrak
parents:
30820
diff
changeset
|
46 |
import javax.crypto.spec.IvParameterSpec; |
|
1e8e336ef66b
8144539: Update PKCS11 tests to run with security manager
asmotrak
parents:
30820
diff
changeset
|
47 |
import javax.crypto.spec.SecretKeySpec; |
|
58248
e6231dbaa862
8180837: SunPKCS11-NSS tests failing with CKR_ATTRIBUTE_READ_ONLY and CKR_MECHANISM_PARAM_INVALID
jjiang
parents:
51460
diff
changeset
|
48 |
|
|
35379
1e8e336ef66b
8144539: Update PKCS11 tests to run with security manager
asmotrak
parents:
30820
diff
changeset
|
49 |
import sun.security.internal.spec.TlsKeyMaterialParameterSpec; |
|
1e8e336ef66b
8144539: Update PKCS11 tests to run with security manager
asmotrak
parents:
30820
diff
changeset
|
50 |
import sun.security.internal.spec.TlsKeyMaterialSpec; |
| 2 | 51 |
|
52 |
public class TestKeyMaterial extends PKCS11Test {
|
|
53 |
||
|
35379
1e8e336ef66b
8144539: Update PKCS11 tests to run with security manager
asmotrak
parents:
30820
diff
changeset
|
54 |
private static final int PREFIX_LENGTH = "km-master: ".length(); |
| 2 | 55 |
|
56 |
public static void main(String[] args) throws Exception {
|
|
|
58248
e6231dbaa862
8180837: SunPKCS11-NSS tests failing with CKR_ATTRIBUTE_READ_ONLY and CKR_MECHANISM_PARAM_INVALID
jjiang
parents:
51460
diff
changeset
|
57 |
System.out.println("NSS Version: " + getNSSVersion());
|
|
35379
1e8e336ef66b
8144539: Update PKCS11 tests to run with security manager
asmotrak
parents:
30820
diff
changeset
|
58 |
main(new TestKeyMaterial(), args); |
| 2 | 59 |
} |
60 |
||
|
35379
1e8e336ef66b
8144539: Update PKCS11 tests to run with security manager
asmotrak
parents:
30820
diff
changeset
|
61 |
@Override |
| 2 | 62 |
public void main(Provider provider) throws Exception {
|
63 |
if (provider.getService("KeyGenerator", "SunTlsKeyMaterial") == null) {
|
|
64 |
System.out.println("Provider does not support algorithm, skipping");
|
|
65 |
return; |
|
66 |
} |
|
67 |
||
|
35379
1e8e336ef66b
8144539: Update PKCS11 tests to run with security manager
asmotrak
parents:
30820
diff
changeset
|
68 |
try (BufferedReader reader = Files.newBufferedReader( |
|
1e8e336ef66b
8144539: Update PKCS11 tests to run with security manager
asmotrak
parents:
30820
diff
changeset
|
69 |
Paths.get(BASE, "keymatdata.txt"))) {
|
|
1e8e336ef66b
8144539: Update PKCS11 tests to run with security manager
asmotrak
parents:
30820
diff
changeset
|
70 |
|
|
1e8e336ef66b
8144539: Update PKCS11 tests to run with security manager
asmotrak
parents:
30820
diff
changeset
|
71 |
int n = 0; |
|
1e8e336ef66b
8144539: Update PKCS11 tests to run with security manager
asmotrak
parents:
30820
diff
changeset
|
72 |
int lineNumber = 0; |
| 2 | 73 |
|
|
35379
1e8e336ef66b
8144539: Update PKCS11 tests to run with security manager
asmotrak
parents:
30820
diff
changeset
|
74 |
byte[] master = null; |
|
1e8e336ef66b
8144539: Update PKCS11 tests to run with security manager
asmotrak
parents:
30820
diff
changeset
|
75 |
int major = 0; |
|
1e8e336ef66b
8144539: Update PKCS11 tests to run with security manager
asmotrak
parents:
30820
diff
changeset
|
76 |
int minor = 0; |
|
1e8e336ef66b
8144539: Update PKCS11 tests to run with security manager
asmotrak
parents:
30820
diff
changeset
|
77 |
byte[] clientRandom = null; |
|
1e8e336ef66b
8144539: Update PKCS11 tests to run with security manager
asmotrak
parents:
30820
diff
changeset
|
78 |
byte[] serverRandom = null; |
|
1e8e336ef66b
8144539: Update PKCS11 tests to run with security manager
asmotrak
parents:
30820
diff
changeset
|
79 |
String cipherAlgorithm = null; |
|
1e8e336ef66b
8144539: Update PKCS11 tests to run with security manager
asmotrak
parents:
30820
diff
changeset
|
80 |
int keyLength = 0; |
|
1e8e336ef66b
8144539: Update PKCS11 tests to run with security manager
asmotrak
parents:
30820
diff
changeset
|
81 |
int expandedKeyLength = 0; |
|
1e8e336ef66b
8144539: Update PKCS11 tests to run with security manager
asmotrak
parents:
30820
diff
changeset
|
82 |
int ivLength = 0; |
|
1e8e336ef66b
8144539: Update PKCS11 tests to run with security manager
asmotrak
parents:
30820
diff
changeset
|
83 |
int macLength = 0; |
|
1e8e336ef66b
8144539: Update PKCS11 tests to run with security manager
asmotrak
parents:
30820
diff
changeset
|
84 |
byte[] clientCipherBytes = null; |
|
1e8e336ef66b
8144539: Update PKCS11 tests to run with security manager
asmotrak
parents:
30820
diff
changeset
|
85 |
byte[] serverCipherBytes = null; |
|
1e8e336ef66b
8144539: Update PKCS11 tests to run with security manager
asmotrak
parents:
30820
diff
changeset
|
86 |
byte[] clientIv = null; |
|
1e8e336ef66b
8144539: Update PKCS11 tests to run with security manager
asmotrak
parents:
30820
diff
changeset
|
87 |
byte[] serverIv = null; |
|
1e8e336ef66b
8144539: Update PKCS11 tests to run with security manager
asmotrak
parents:
30820
diff
changeset
|
88 |
byte[] clientMacBytes = null; |
|
1e8e336ef66b
8144539: Update PKCS11 tests to run with security manager
asmotrak
parents:
30820
diff
changeset
|
89 |
byte[] serverMacBytes = null; |
| 2 | 90 |
|
|
35379
1e8e336ef66b
8144539: Update PKCS11 tests to run with security manager
asmotrak
parents:
30820
diff
changeset
|
91 |
while (true) {
|
|
1e8e336ef66b
8144539: Update PKCS11 tests to run with security manager
asmotrak
parents:
30820
diff
changeset
|
92 |
String line = reader.readLine(); |
|
1e8e336ef66b
8144539: Update PKCS11 tests to run with security manager
asmotrak
parents:
30820
diff
changeset
|
93 |
lineNumber++; |
|
1e8e336ef66b
8144539: Update PKCS11 tests to run with security manager
asmotrak
parents:
30820
diff
changeset
|
94 |
if (line == null) {
|
|
1e8e336ef66b
8144539: Update PKCS11 tests to run with security manager
asmotrak
parents:
30820
diff
changeset
|
95 |
break; |
|
1e8e336ef66b
8144539: Update PKCS11 tests to run with security manager
asmotrak
parents:
30820
diff
changeset
|
96 |
} |
|
1e8e336ef66b
8144539: Update PKCS11 tests to run with security manager
asmotrak
parents:
30820
diff
changeset
|
97 |
if (line.startsWith("km-") == false) {
|
|
1e8e336ef66b
8144539: Update PKCS11 tests to run with security manager
asmotrak
parents:
30820
diff
changeset
|
98 |
continue; |
|
1e8e336ef66b
8144539: Update PKCS11 tests to run with security manager
asmotrak
parents:
30820
diff
changeset
|
99 |
} |
|
1e8e336ef66b
8144539: Update PKCS11 tests to run with security manager
asmotrak
parents:
30820
diff
changeset
|
100 |
String data = line.substring(PREFIX_LENGTH); |
|
1e8e336ef66b
8144539: Update PKCS11 tests to run with security manager
asmotrak
parents:
30820
diff
changeset
|
101 |
if (line.startsWith("km-master:")) {
|
|
1e8e336ef66b
8144539: Update PKCS11 tests to run with security manager
asmotrak
parents:
30820
diff
changeset
|
102 |
master = parse(data); |
|
1e8e336ef66b
8144539: Update PKCS11 tests to run with security manager
asmotrak
parents:
30820
diff
changeset
|
103 |
} else if (line.startsWith("km-major:")) {
|
|
1e8e336ef66b
8144539: Update PKCS11 tests to run with security manager
asmotrak
parents:
30820
diff
changeset
|
104 |
major = Integer.parseInt(data); |
|
1e8e336ef66b
8144539: Update PKCS11 tests to run with security manager
asmotrak
parents:
30820
diff
changeset
|
105 |
} else if (line.startsWith("km-minor:")) {
|
|
1e8e336ef66b
8144539: Update PKCS11 tests to run with security manager
asmotrak
parents:
30820
diff
changeset
|
106 |
minor = Integer.parseInt(data); |
|
1e8e336ef66b
8144539: Update PKCS11 tests to run with security manager
asmotrak
parents:
30820
diff
changeset
|
107 |
} else if (line.startsWith("km-crandom:")) {
|
|
1e8e336ef66b
8144539: Update PKCS11 tests to run with security manager
asmotrak
parents:
30820
diff
changeset
|
108 |
clientRandom = parse(data); |
|
1e8e336ef66b
8144539: Update PKCS11 tests to run with security manager
asmotrak
parents:
30820
diff
changeset
|
109 |
} else if (line.startsWith("km-srandom:")) {
|
|
1e8e336ef66b
8144539: Update PKCS11 tests to run with security manager
asmotrak
parents:
30820
diff
changeset
|
110 |
serverRandom = parse(data); |
|
1e8e336ef66b
8144539: Update PKCS11 tests to run with security manager
asmotrak
parents:
30820
diff
changeset
|
111 |
} else if (line.startsWith("km-cipalg:")) {
|
|
1e8e336ef66b
8144539: Update PKCS11 tests to run with security manager
asmotrak
parents:
30820
diff
changeset
|
112 |
cipherAlgorithm = data; |
|
1e8e336ef66b
8144539: Update PKCS11 tests to run with security manager
asmotrak
parents:
30820
diff
changeset
|
113 |
} else if (line.startsWith("km-keylen:")) {
|
|
1e8e336ef66b
8144539: Update PKCS11 tests to run with security manager
asmotrak
parents:
30820
diff
changeset
|
114 |
keyLength = Integer.parseInt(data); |
|
1e8e336ef66b
8144539: Update PKCS11 tests to run with security manager
asmotrak
parents:
30820
diff
changeset
|
115 |
} else if (line.startsWith("km-explen:")) {
|
|
1e8e336ef66b
8144539: Update PKCS11 tests to run with security manager
asmotrak
parents:
30820
diff
changeset
|
116 |
expandedKeyLength = Integer.parseInt(data); |
|
1e8e336ef66b
8144539: Update PKCS11 tests to run with security manager
asmotrak
parents:
30820
diff
changeset
|
117 |
} else if (line.startsWith("km-ivlen:")) {
|
|
1e8e336ef66b
8144539: Update PKCS11 tests to run with security manager
asmotrak
parents:
30820
diff
changeset
|
118 |
ivLength = Integer.parseInt(data); |
|
1e8e336ef66b
8144539: Update PKCS11 tests to run with security manager
asmotrak
parents:
30820
diff
changeset
|
119 |
} else if (line.startsWith("km-maclen:")) {
|
|
1e8e336ef66b
8144539: Update PKCS11 tests to run with security manager
asmotrak
parents:
30820
diff
changeset
|
120 |
macLength = Integer.parseInt(data); |
|
1e8e336ef66b
8144539: Update PKCS11 tests to run with security manager
asmotrak
parents:
30820
diff
changeset
|
121 |
} else if (line.startsWith("km-ccipkey:")) {
|
|
1e8e336ef66b
8144539: Update PKCS11 tests to run with security manager
asmotrak
parents:
30820
diff
changeset
|
122 |
clientCipherBytes = parse(data); |
|
1e8e336ef66b
8144539: Update PKCS11 tests to run with security manager
asmotrak
parents:
30820
diff
changeset
|
123 |
} else if (line.startsWith("km-scipkey:")) {
|
|
1e8e336ef66b
8144539: Update PKCS11 tests to run with security manager
asmotrak
parents:
30820
diff
changeset
|
124 |
serverCipherBytes = parse(data); |
|
1e8e336ef66b
8144539: Update PKCS11 tests to run with security manager
asmotrak
parents:
30820
diff
changeset
|
125 |
} else if (line.startsWith("km-civ:")) {
|
|
1e8e336ef66b
8144539: Update PKCS11 tests to run with security manager
asmotrak
parents:
30820
diff
changeset
|
126 |
clientIv = parse(data); |
|
1e8e336ef66b
8144539: Update PKCS11 tests to run with security manager
asmotrak
parents:
30820
diff
changeset
|
127 |
} else if (line.startsWith("km-siv:")) {
|
|
1e8e336ef66b
8144539: Update PKCS11 tests to run with security manager
asmotrak
parents:
30820
diff
changeset
|
128 |
serverIv = parse(data); |
|
1e8e336ef66b
8144539: Update PKCS11 tests to run with security manager
asmotrak
parents:
30820
diff
changeset
|
129 |
} else if (line.startsWith("km-cmackey:")) {
|
|
1e8e336ef66b
8144539: Update PKCS11 tests to run with security manager
asmotrak
parents:
30820
diff
changeset
|
130 |
clientMacBytes = parse(data); |
|
1e8e336ef66b
8144539: Update PKCS11 tests to run with security manager
asmotrak
parents:
30820
diff
changeset
|
131 |
} else if (line.startsWith("km-smackey:")) {
|
|
1e8e336ef66b
8144539: Update PKCS11 tests to run with security manager
asmotrak
parents:
30820
diff
changeset
|
132 |
serverMacBytes = parse(data); |
| 2 | 133 |
|
|
35379
1e8e336ef66b
8144539: Update PKCS11 tests to run with security manager
asmotrak
parents:
30820
diff
changeset
|
134 |
System.out.print(".");
|
|
1e8e336ef66b
8144539: Update PKCS11 tests to run with security manager
asmotrak
parents:
30820
diff
changeset
|
135 |
n++; |
|
1e8e336ef66b
8144539: Update PKCS11 tests to run with security manager
asmotrak
parents:
30820
diff
changeset
|
136 |
|
|
1e8e336ef66b
8144539: Update PKCS11 tests to run with security manager
asmotrak
parents:
30820
diff
changeset
|
137 |
KeyGenerator kg = |
|
1e8e336ef66b
8144539: Update PKCS11 tests to run with security manager
asmotrak
parents:
30820
diff
changeset
|
138 |
KeyGenerator.getInstance("SunTlsKeyMaterial", provider);
|
|
1e8e336ef66b
8144539: Update PKCS11 tests to run with security manager
asmotrak
parents:
30820
diff
changeset
|
139 |
SecretKey masterKey = |
|
1e8e336ef66b
8144539: Update PKCS11 tests to run with security manager
asmotrak
parents:
30820
diff
changeset
|
140 |
new SecretKeySpec(master, "TlsMasterSecret"); |
|
1e8e336ef66b
8144539: Update PKCS11 tests to run with security manager
asmotrak
parents:
30820
diff
changeset
|
141 |
TlsKeyMaterialParameterSpec spec = |
|
1e8e336ef66b
8144539: Update PKCS11 tests to run with security manager
asmotrak
parents:
30820
diff
changeset
|
142 |
new TlsKeyMaterialParameterSpec(masterKey, major, minor, |
|
1e8e336ef66b
8144539: Update PKCS11 tests to run with security manager
asmotrak
parents:
30820
diff
changeset
|
143 |
clientRandom, serverRandom, cipherAlgorithm, |
|
1e8e336ef66b
8144539: Update PKCS11 tests to run with security manager
asmotrak
parents:
30820
diff
changeset
|
144 |
keyLength, expandedKeyLength, ivLength, macLength, |
|
1e8e336ef66b
8144539: Update PKCS11 tests to run with security manager
asmotrak
parents:
30820
diff
changeset
|
145 |
null, -1, -1); |
|
1e8e336ef66b
8144539: Update PKCS11 tests to run with security manager
asmotrak
parents:
30820
diff
changeset
|
146 |
|
|
41123
66eaead2a150
8136355: CKM_SSL3_KEY_AND_MAC_DERIVE no longer available by default on Solaris 12
valeriep
parents:
40975
diff
changeset
|
147 |
try {
|
|
66eaead2a150
8136355: CKM_SSL3_KEY_AND_MAC_DERIVE no longer available by default on Solaris 12
valeriep
parents:
40975
diff
changeset
|
148 |
kg.init(spec); |
|
66eaead2a150
8136355: CKM_SSL3_KEY_AND_MAC_DERIVE no longer available by default on Solaris 12
valeriep
parents:
40975
diff
changeset
|
149 |
TlsKeyMaterialSpec result = |
|
66eaead2a150
8136355: CKM_SSL3_KEY_AND_MAC_DERIVE no longer available by default on Solaris 12
valeriep
parents:
40975
diff
changeset
|
150 |
(TlsKeyMaterialSpec)kg.generateKey(); |
|
66eaead2a150
8136355: CKM_SSL3_KEY_AND_MAC_DERIVE no longer available by default on Solaris 12
valeriep
parents:
40975
diff
changeset
|
151 |
match(lineNumber, clientCipherBytes, |
|
66eaead2a150
8136355: CKM_SSL3_KEY_AND_MAC_DERIVE no longer available by default on Solaris 12
valeriep
parents:
40975
diff
changeset
|
152 |
result.getClientCipherKey(), cipherAlgorithm); |
|
66eaead2a150
8136355: CKM_SSL3_KEY_AND_MAC_DERIVE no longer available by default on Solaris 12
valeriep
parents:
40975
diff
changeset
|
153 |
match(lineNumber, serverCipherBytes, |
|
66eaead2a150
8136355: CKM_SSL3_KEY_AND_MAC_DERIVE no longer available by default on Solaris 12
valeriep
parents:
40975
diff
changeset
|
154 |
result.getServerCipherKey(), cipherAlgorithm); |
|
66eaead2a150
8136355: CKM_SSL3_KEY_AND_MAC_DERIVE no longer available by default on Solaris 12
valeriep
parents:
40975
diff
changeset
|
155 |
match(lineNumber, clientIv, result.getClientIv(), ""); |
|
66eaead2a150
8136355: CKM_SSL3_KEY_AND_MAC_DERIVE no longer available by default on Solaris 12
valeriep
parents:
40975
diff
changeset
|
156 |
match(lineNumber, serverIv, result.getServerIv(), ""); |
|
66eaead2a150
8136355: CKM_SSL3_KEY_AND_MAC_DERIVE no longer available by default on Solaris 12
valeriep
parents:
40975
diff
changeset
|
157 |
match(lineNumber, clientMacBytes, result.getClientMacKey(), ""); |
|
66eaead2a150
8136355: CKM_SSL3_KEY_AND_MAC_DERIVE no longer available by default on Solaris 12
valeriep
parents:
40975
diff
changeset
|
158 |
match(lineNumber, serverMacBytes, result.getServerMacKey(), ""); |
|
66eaead2a150
8136355: CKM_SSL3_KEY_AND_MAC_DERIVE no longer available by default on Solaris 12
valeriep
parents:
40975
diff
changeset
|
159 |
} catch (InvalidAlgorithmParameterException iape) {
|
|
66eaead2a150
8136355: CKM_SSL3_KEY_AND_MAC_DERIVE no longer available by default on Solaris 12
valeriep
parents:
40975
diff
changeset
|
160 |
// SSLv3 support is removed in S12 |
|
58248
e6231dbaa862
8180837: SunPKCS11-NSS tests failing with CKR_ATTRIBUTE_READ_ONLY and CKR_MECHANISM_PARAM_INVALID
jjiang
parents:
51460
diff
changeset
|
161 |
if (provider.getName().indexOf("Solaris") != -1) {
|
|
e6231dbaa862
8180837: SunPKCS11-NSS tests failing with CKR_ATTRIBUTE_READ_ONLY and CKR_MECHANISM_PARAM_INVALID
jjiang
parents:
51460
diff
changeset
|
162 |
if (major == 3 && minor == 0) {
|
|
e6231dbaa862
8180837: SunPKCS11-NSS tests failing with CKR_ATTRIBUTE_READ_ONLY and CKR_MECHANISM_PARAM_INVALID
jjiang
parents:
51460
diff
changeset
|
163 |
System.out.println("Skip testing SSLv3 on Solaris");
|
|
e6231dbaa862
8180837: SunPKCS11-NSS tests failing with CKR_ATTRIBUTE_READ_ONLY and CKR_MECHANISM_PARAM_INVALID
jjiang
parents:
51460
diff
changeset
|
164 |
continue; |
|
e6231dbaa862
8180837: SunPKCS11-NSS tests failing with CKR_ATTRIBUTE_READ_ONLY and CKR_MECHANISM_PARAM_INVALID
jjiang
parents:
51460
diff
changeset
|
165 |
} |
|
41123
66eaead2a150
8136355: CKM_SSL3_KEY_AND_MAC_DERIVE no longer available by default on Solaris 12
valeriep
parents:
40975
diff
changeset
|
166 |
} |
|
58248
e6231dbaa862
8180837: SunPKCS11-NSS tests failing with CKR_ATTRIBUTE_READ_ONLY and CKR_MECHANISM_PARAM_INVALID
jjiang
parents:
51460
diff
changeset
|
167 |
throw iape; |
|
e6231dbaa862
8180837: SunPKCS11-NSS tests failing with CKR_ATTRIBUTE_READ_ONLY and CKR_MECHANISM_PARAM_INVALID
jjiang
parents:
51460
diff
changeset
|
168 |
} catch (ProviderException pe) {
|
|
e6231dbaa862
8180837: SunPKCS11-NSS tests failing with CKR_ATTRIBUTE_READ_ONLY and CKR_MECHANISM_PARAM_INVALID
jjiang
parents:
51460
diff
changeset
|
169 |
if (provider.getName().indexOf("NSS") != -1) {
|
|
e6231dbaa862
8180837: SunPKCS11-NSS tests failing with CKR_ATTRIBUTE_READ_ONLY and CKR_MECHANISM_PARAM_INVALID
jjiang
parents:
51460
diff
changeset
|
170 |
Throwable t = pe.getCause(); |
|
e6231dbaa862
8180837: SunPKCS11-NSS tests failing with CKR_ATTRIBUTE_READ_ONLY and CKR_MECHANISM_PARAM_INVALID
jjiang
parents:
51460
diff
changeset
|
171 |
if (expandedKeyLength != 0 |
|
e6231dbaa862
8180837: SunPKCS11-NSS tests failing with CKR_ATTRIBUTE_READ_ONLY and CKR_MECHANISM_PARAM_INVALID
jjiang
parents:
51460
diff
changeset
|
172 |
&& t.getMessage().indexOf( |
|
e6231dbaa862
8180837: SunPKCS11-NSS tests failing with CKR_ATTRIBUTE_READ_ONLY and CKR_MECHANISM_PARAM_INVALID
jjiang
parents:
51460
diff
changeset
|
173 |
"CKR_MECHANISM_PARAM_INVALID") != -1) {
|
|
e6231dbaa862
8180837: SunPKCS11-NSS tests failing with CKR_ATTRIBUTE_READ_ONLY and CKR_MECHANISM_PARAM_INVALID
jjiang
parents:
51460
diff
changeset
|
174 |
// NSS removed support for export-grade cipher suites in 3.28, |
|
e6231dbaa862
8180837: SunPKCS11-NSS tests failing with CKR_ATTRIBUTE_READ_ONLY and CKR_MECHANISM_PARAM_INVALID
jjiang
parents:
51460
diff
changeset
|
175 |
// see https://bugzilla.mozilla.org/show_bug.cgi?id=1252849 |
|
e6231dbaa862
8180837: SunPKCS11-NSS tests failing with CKR_ATTRIBUTE_READ_ONLY and CKR_MECHANISM_PARAM_INVALID
jjiang
parents:
51460
diff
changeset
|
176 |
System.out.println("Ignore known NSS failure on CKR_MECHANISM_PARAM_INVALID");
|
|
e6231dbaa862
8180837: SunPKCS11-NSS tests failing with CKR_ATTRIBUTE_READ_ONLY and CKR_MECHANISM_PARAM_INVALID
jjiang
parents:
51460
diff
changeset
|
177 |
continue; |
|
e6231dbaa862
8180837: SunPKCS11-NSS tests failing with CKR_ATTRIBUTE_READ_ONLY and CKR_MECHANISM_PARAM_INVALID
jjiang
parents:
51460
diff
changeset
|
178 |
} |
|
e6231dbaa862
8180837: SunPKCS11-NSS tests failing with CKR_ATTRIBUTE_READ_ONLY and CKR_MECHANISM_PARAM_INVALID
jjiang
parents:
51460
diff
changeset
|
179 |
} |
|
e6231dbaa862
8180837: SunPKCS11-NSS tests failing with CKR_ATTRIBUTE_READ_ONLY and CKR_MECHANISM_PARAM_INVALID
jjiang
parents:
51460
diff
changeset
|
180 |
throw pe; |
|
41123
66eaead2a150
8136355: CKM_SSL3_KEY_AND_MAC_DERIVE no longer available by default on Solaris 12
valeriep
parents:
40975
diff
changeset
|
181 |
} |
|
66eaead2a150
8136355: CKM_SSL3_KEY_AND_MAC_DERIVE no longer available by default on Solaris 12
valeriep
parents:
40975
diff
changeset
|
182 |
} else {
|
|
35379
1e8e336ef66b
8144539: Update PKCS11 tests to run with security manager
asmotrak
parents:
30820
diff
changeset
|
183 |
throw new Exception("Unknown line: " + line);
|
|
41123
66eaead2a150
8136355: CKM_SSL3_KEY_AND_MAC_DERIVE no longer available by default on Solaris 12
valeriep
parents:
40975
diff
changeset
|
184 |
} |
| 2 | 185 |
} |
|
35379
1e8e336ef66b
8144539: Update PKCS11 tests to run with security manager
asmotrak
parents:
30820
diff
changeset
|
186 |
if (n == 0) {
|
|
1e8e336ef66b
8144539: Update PKCS11 tests to run with security manager
asmotrak
parents:
30820
diff
changeset
|
187 |
throw new Exception("no tests");
|
| 2 | 188 |
} |
|
35379
1e8e336ef66b
8144539: Update PKCS11 tests to run with security manager
asmotrak
parents:
30820
diff
changeset
|
189 |
System.out.println(); |
|
1e8e336ef66b
8144539: Update PKCS11 tests to run with security manager
asmotrak
parents:
30820
diff
changeset
|
190 |
System.out.println("OK: " + n + " tests");
|
| 2 | 191 |
} |
192 |
} |
|
193 |
||
194 |
private static void stripParity(byte[] b) {
|
|
195 |
for (int i = 0; i < b.length; i++) {
|
|
196 |
b[i] &= 0xfe; |
|
197 |
} |
|
198 |
} |
|
199 |
||
| 7043 | 200 |
private static void match(int lineNumber, byte[] out, Object res, |
201 |
String cipherAlgorithm) throws Exception {
|
|
| 2 | 202 |
if ((out == null) || (res == null)) {
|
203 |
if (out != res) {
|
|
204 |
throw new Exception("null mismatch line " + lineNumber);
|
|
205 |
} else {
|
|
206 |
return; |
|
207 |
} |
|
208 |
} |
|
209 |
byte[] b; |
|
210 |
if (res instanceof SecretKey) {
|
|
211 |
b = ((SecretKey)res).getEncoded(); |
|
| 7043 | 212 |
if (cipherAlgorithm.equalsIgnoreCase("DES") ||
|
213 |
cipherAlgorithm.equalsIgnoreCase("DESede")) {
|
|
| 2 | 214 |
// strip DES parity bits before comparision |
215 |
stripParity(out); |
|
216 |
stripParity(b); |
|
217 |
} |
|
218 |
} else if (res instanceof IvParameterSpec) {
|
|
219 |
b = ((IvParameterSpec)res).getIV(); |
|
220 |
} else {
|
|
221 |
throw new Exception(res.getClass().getName()); |
|
222 |
} |
|
223 |
if (Arrays.equals(out, b) == false) {
|
|
224 |
System.out.println(); |
|
225 |
System.out.println("out: " + toString(out));
|
|
226 |
System.out.println("b: " + toString(b));
|
|
227 |
throw new Exception("mismatch line " + lineNumber);
|
|
228 |
} |
|
229 |
} |
|
230 |
||
231 |
} |