author | phh |
Sat, 30 Nov 2019 14:33:05 -0800 | |
changeset 59330 | 5b96c12f909d |
parent 51460 | 97e361fe3433 |
permissions | -rw-r--r-- |
2 | 1 |
/* |
51245
f095e3bc2d41
8206258: [Test Error] sun/security/pkcs11 tests fail if NSS libs not found
jjiang
parents:
47216
diff
changeset
|
2 |
* Copyright (c) 2006, 2018, Oracle and/or its affiliates. All rights reserved. |
2 | 3 |
* DO NOT ALTER OR REMOVE COPYRIGHT NOTICES OR THIS FILE HEADER. |
4 |
* |
|
5 |
* This code is free software; you can redistribute it and/or modify it |
|
6 |
* under the terms of the GNU General Public License version 2 only, as |
|
7 |
* published by the Free Software Foundation. |
|
8 |
* |
|
9 |
* This code is distributed in the hope that it will be useful, but WITHOUT |
|
10 |
* ANY WARRANTY; without even the implied warranty of MERCHANTABILITY or |
|
11 |
* FITNESS FOR A PARTICULAR PURPOSE. See the GNU General Public License |
|
12 |
* version 2 for more details (a copy is included in the LICENSE file that |
|
13 |
* accompanied this code). |
|
14 |
* |
|
15 |
* You should have received a copy of the GNU General Public License version |
|
16 |
* 2 along with this work; if not, write to the Free Software Foundation, |
|
17 |
* Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA. |
|
18 |
* |
|
5506 | 19 |
* Please contact Oracle, 500 Oracle Parkway, Redwood Shores, CA 94065 USA |
20 |
* or visit www.oracle.com if you need additional information or have any |
|
21 |
* questions. |
|
2 | 22 |
*/ |
23 |
||
40975
680639c9b307
8165689: Fix module dependencies for sun/security/pkcs11/* tests
skovalev
parents:
35379
diff
changeset
|
24 |
/* |
2 | 25 |
* @test |
28974
71fe221460f5
8042967: Add variant of DSA Signature algorithms that do not ASN.1 encode the signature bytes
juh
parents:
19067
diff
changeset
|
26 |
* @bug 6405536 8042967 |
2 | 27 |
* @summary basic test of SHA1withECDSA and NONEwithECDSA signing/verifying |
28 |
* @author Andreas Sterbenz |
|
51460
97e361fe3433
8164639: Configure PKCS11 tests to use user-supplied NSS libraries
jjiang
parents:
51245
diff
changeset
|
29 |
* @library /test/lib .. |
10328 | 30 |
* @library ../../../../java/security/testlibrary |
30046 | 31 |
* @key randomness |
43248
5e15de85a1a0
8172527: Rename jdk.crypto.token to jdk.crypto.cryptoki
ascarpino
parents:
42693
diff
changeset
|
32 |
* @modules jdk.crypto.cryptoki |
35379
1e8e336ef66b
8144539: Update PKCS11 tests to run with security manager
asmotrak
parents:
32138
diff
changeset
|
33 |
* @run main/othervm TestECDSA |
1e8e336ef66b
8144539: Update PKCS11 tests to run with security manager
asmotrak
parents:
32138
diff
changeset
|
34 |
* @run main/othervm TestECDSA sm policy |
2 | 35 |
*/ |
36 |
||
35379
1e8e336ef66b
8144539: Update PKCS11 tests to run with security manager
asmotrak
parents:
32138
diff
changeset
|
37 |
import java.security.KeyFactory; |
1e8e336ef66b
8144539: Update PKCS11 tests to run with security manager
asmotrak
parents:
32138
diff
changeset
|
38 |
import java.security.KeyPair; |
1e8e336ef66b
8144539: Update PKCS11 tests to run with security manager
asmotrak
parents:
32138
diff
changeset
|
39 |
import java.security.KeyPairGenerator; |
1e8e336ef66b
8144539: Update PKCS11 tests to run with security manager
asmotrak
parents:
32138
diff
changeset
|
40 |
import java.security.MessageDigest; |
1e8e336ef66b
8144539: Update PKCS11 tests to run with security manager
asmotrak
parents:
32138
diff
changeset
|
41 |
import java.security.PrivateKey; |
1e8e336ef66b
8144539: Update PKCS11 tests to run with security manager
asmotrak
parents:
32138
diff
changeset
|
42 |
import java.security.Provider; |
1e8e336ef66b
8144539: Update PKCS11 tests to run with security manager
asmotrak
parents:
32138
diff
changeset
|
43 |
import java.security.PublicKey; |
1e8e336ef66b
8144539: Update PKCS11 tests to run with security manager
asmotrak
parents:
32138
diff
changeset
|
44 |
import java.security.Signature; |
1e8e336ef66b
8144539: Update PKCS11 tests to run with security manager
asmotrak
parents:
32138
diff
changeset
|
45 |
import java.security.interfaces.ECPublicKey; |
1e8e336ef66b
8144539: Update PKCS11 tests to run with security manager
asmotrak
parents:
32138
diff
changeset
|
46 |
import java.security.spec.PKCS8EncodedKeySpec; |
1e8e336ef66b
8144539: Update PKCS11 tests to run with security manager
asmotrak
parents:
32138
diff
changeset
|
47 |
import java.security.spec.X509EncodedKeySpec; |
1e8e336ef66b
8144539: Update PKCS11 tests to run with security manager
asmotrak
parents:
32138
diff
changeset
|
48 |
import java.util.Random; |
2 | 49 |
|
50 |
public class TestECDSA extends PKCS11Test { |
|
51 |
||
52 |
// values of the keys we use for the tests |
|
53 |
||
54 |
// keypair using NIST P-192 |
|
55 |
private final static String pub192 = |
|
56 |
"30:49:30:13:06:07:2a:86:48:ce:3d:02:01:06:08:2a:86:48:ce:3d:03:01:01:03:32:00:04:ee:b4:7f:60:3a:25:6a:0c:3c:86:d9:a0:62:be:f6:11:25:42:0e:19:fa:f3:1a:df:0c:98:b4:f8:b3:8f:f5:c1:82:74:e5:e7:71:d6:f9:d0:26:3b:2d:53:a6:37:fc:ab"; |
|
57 |
private final static String priv192 = |
|
58 |
"30:39:02:01:00:30:13:06:07:2a:86:48:ce:3d:02:01:06:08:2a:86:48:ce:3d:03:01:01:04:1f:30:1d:02:01:01:04:18:2c:eb:c2:9e:96:de:df:70:d4:a6:33:43:9b:4c:59:4a:6e:a6:f4:5b:6b:a6:b7:6a"; |
|
59 |
||
60 |
// keypair using NIST B-163 |
|
61 |
private final static String pub163 = |
|
62 |
"30:40:30:10:06:07:2a:86:48:ce:3d:02:01:06:05:2b:81:04:00:0f:03:2c:00:04:04:af:bc:e6:a1:d3:1a:74:76:dc:51:d6:8d:39:2f:b6:68:22:b3:0f:78:05:79:f7:5d:65:7d:42:9b:de:51:85:0a:a7:b8:89:79:0a:f2:c7:35:0e"; |
|
63 |
private final static String priv163 = |
|
64 |
"30:33:02:01:00:30:10:06:07:2a:86:48:ce:3d:02:01:06:05:2b:81:04:00:0f:04:1c:30:1a:02:01:01:04:15:02:0c:07:60:e6:0a:25:ff:5a:19:c8:35:9d:4b:79:97:06:87:9b:a1:3d"; |
|
65 |
||
66 |
// keypair using NIST P-521 |
|
67 |
private final static String pub521 = |
|
68 |
"30:81:9b:30:10:06:07:2a:86:48:ce:3d:02:01:06:05:2b:81:04:00:23:03:81:86:00:04:01:6c:e1:03:96:a4:ad:1e:18:b0:c3:ab:63:e6:6a:f6:e5:33:e8:75:e5:7e:33:ce:fd:3a:48:03:08:5a:32:04:f2:f7:00:46:e5:7e:c3:92:bb:bc:5e:c7:d2:e6:01:f3:17:d9:31:2d:07:fc:a1:93:57:28:b8:3a:7f:46:00:f9:bc:b2:01:35:45:9f:3f:0c:bf:6f:3e:29:a7:92:be:c0:83:c0:90:1c:fe:3c:2f:fd:2e:d6:12:0d:45:d3:d3:19:c2:5a:5b:26:37:2d:8e:ba:1c:9e:fb:3a:b6:02:7a:1c:45:ec:72:c8:4b:7d:1f:65:11:78:43:8f:70:92:27:24:ba:c4:af:e5"; |
|
69 |
private final static String priv521 = |
|
70 |
"30:60:02:01:00:30:10:06:07:2a:86:48:ce:3d:02:01:06:05:2b:81:04:00:23:04:49:30:47:02:01:01:04:42:01:e7:a7:5d:13:f8:4d:5a:5d:64:10:e6:a1:e0:01:a3:b0:92:e0:72:55:f5:87:62:7e:30:f2:b1:f2:a0:1e:ef:30:65:9c:88:16:53:71:2d:05:a3:d8:4d:bc:c9:50:84:2c:d1:b5:9d:6e:84:57:60:ee:46:a1:26:f9:8b:2c:d5:86:4d"; |
|
71 |
||
72 |
// keypair using NIST K-571 |
|
73 |
private final static String pub571 = |
|
74 |
"30:81:a7:30:10:06:07:2a:86:48:ce:3d:02:01:06:05:2b:81:04:00:26:03:81:92:00:04:00:93:a7:c3:d7:90:8f:e5:3c:37:5a:8a:88:d9:b0:04:d7:5d:59:7e:83:42:b6:ef:c2:9c:72:56:3c:9f:28:24:7e:46:95:a8:cd:2c:06:67:a3:81:43:e9:1f:61:b4:66:7d:e6:91:ec:89:5c:4d:ed:bc:c0:8b:33:44:64:3f:5b:44:29:42:e8:a6:8a:e9:47:05:44:69:ca:f0:76:81:d5:e9:e1:9b:c1:31:73:53:69:6d:99:1f:05:bd:b7:62:b6:99:cf:73:c5:24:0e:6c:9f:d3:00:f3:21:58:33:be:a1:de:2e:fc:9e:b1:2b:89:4e:bb:e1:75:da:8c:c1:a1:d2:19:52:5b:57:41:83:11:e3:70:61:63:68:6e:b5:c2:91"; |
|
75 |
private final static String priv571 = |
|
76 |
"30:65:02:01:00:30:10:06:07:2a:86:48:ce:3d:02:01:06:05:2b:81:04:00:26:04:4e:30:4c:02:01:01:04:47:cb:b0:84:c9:5e:d5:bb:d1:27:6b:8e:36:51:5d:ed:8d:0f:69:f4:b0:34:c2:4f:e8:e5:a5:3a:a9:38:52:ca:b6:b2:c7:04:8b:09:b7:ac:68:11:00:22:7a:d7:4b:11:77:0f:3f:ba:72:e5:8b:a7:4d:82:8e:a7:d9:55:cf:60:9c:23:f4:a7:22:47:b8:3e"; |
|
77 |
||
78 |
// data for test 1, original and SHA-1 hashed |
|
79 |
private final static byte[] data1Raw = b("0102030405060708090a0b0c0d0e0f10111213"); |
|
80 |
private final static byte[] data1SHA = b("00:e2:5f:c9:1c:8f:d6:8c:6a:dc:c6:bd:f0:46:60:5e:a2:cd:8d:ad"); |
|
81 |
||
82 |
// valid signatures of data1. |
|
83 |
private final static byte[] sig192 = b("30:35:02:19:00:91:ba:19:b2:01:da:ce:77:ed:08:6d:70:77:84:25:46:9f:56:a0:40:9a:04:e6:1b:02:18:14:7e:cd:a5:8a:3b:25:e9:f8:c3:20:9b:a9:90:5a:ca:91:5d:60:5e:a8:2f:3e:a4"); |
|
84 |
private final static byte[] sig163 = b("30:2d:02:15:02:8d:aa:95:06:f4:4f:fa:44:59:ec:4b:cb:86:59:8c:1f:25:36:64:f5:02:14:6b:d1:ea:82:ed:0c:2a:19:a1:c5:fa:d6:05:78:4b:eb:bf:83:d5:fa"); |
|
85 |
private final static byte[] sig521 = b("30:81:87:02:42:01:32:a5:be:dd:fb:c3:07:66:01:48:0a:12:dd:ae:e7:4d:cf:c2:69:ba:37:bc:fb:47:f3:5b:0f:9e:80:2c:c4:c4:40:6f:82:a1:25:39:65:4f:37:9c:b2:59:e0:4c:d6:a2:63:27:b4:fd:fd:ca:72:c8:de:c9:38:8b:02:87:bf:13:d8:02:41:0b:03:0f:3f:f9:cc:93:cb:f5:30:4d:d2:23:f3:cb:3d:b8:ee:8b:76:96:b9:4b:91:2e:b3:8e:26:47:a9:56:89:01:3a:5e:92:79:8f:00:f0:1c:a9:32:f7:70:e2:18:71:35:2c:4d:b7:68:84:2f:56:49:86:eb:96:5d:82:31:a2:de"); |
|
86 |
private final static byte[] sig571 = b("30:81:94:02:48:01:4b:81:77:93:cf:bc:98:26:4c:0d:e2:18:f0:d5:b0:bd:b0:a4:a3:b3:8e:1d:3f:7b:21:5d:65:08:42:f7:e6:7e:87:a0:a9:62:9a:79:b0:9d:d6:d6:f0:10:3b:7c:54:aa:cd:f0:d0:5e:5b:f8:f4:36:ec:64:cf:b4:e0:4e:03:db:12:96:e2:25:0c:3b:01:02:48:01:0d:9e:1d:3b:bf:7d:c6:e1:ea:54:92:c4:6b:95:bb:5b:c9:2b:ea:f2:e6:bf:8d:b2:4f:c4:0e:12:f9:35:70:a3:ed:49:f1:11:97:07:a0:05:16:f0:f5:01:8d:15:53:4d:df:51:a0:cf:bc:f0:9f:01:99:e5:2e:e4:9d:02:05:0e:7f:fa:b5:c3:20:eb:5e"); |
|
87 |
||
88 |
// data for test 2 (invalid signatures) |
|
89 |
private final static byte[] data2Raw = {}; |
|
90 |
private final static byte[] data2SHA = b("da:39:a3:ee:5e:6b:4b:0d:32:55:bf:ef:95:60:18:90:af:d8:07:09"); |
|
91 |
||
35379
1e8e336ef66b
8144539: Update PKCS11 tests to run with security manager
asmotrak
parents:
32138
diff
changeset
|
92 |
private static void verify(Provider provider, String alg, PublicKey key, |
1e8e336ef66b
8144539: Update PKCS11 tests to run with security manager
asmotrak
parents:
32138
diff
changeset
|
93 |
byte[] data, byte[] sig, boolean result) throws Exception { |
2 | 94 |
Signature s = Signature.getInstance(alg, provider); |
95 |
s.initVerify(key); |
|
96 |
boolean r; |
|
97 |
s.update(data); |
|
98 |
r = s.verify(sig); |
|
99 |
if (r != result) { |
|
100 |
throw new Exception("Result mismatch, actual: " + r); |
|
101 |
} |
|
102 |
s.update(data); |
|
103 |
r = s.verify(sig); |
|
104 |
if (r != result) { |
|
105 |
throw new Exception("Result mismatch, actual: " + r); |
|
106 |
} |
|
107 |
System.out.println("Passed"); |
|
108 |
} |
|
109 |
||
110 |
private static void sign(Provider provider, String alg, PrivateKey key, byte[] data) throws Exception { |
|
111 |
Signature s = Signature.getInstance(alg, provider); |
|
112 |
s.initSign(key); |
|
113 |
s.update(data); |
|
114 |
byte[] sig = s.sign(); |
|
115 |
System.out.println(toString(sig)); |
|
116 |
} |
|
117 |
||
118 |
public static void main(String[] args) throws Exception { |
|
35379
1e8e336ef66b
8144539: Update PKCS11 tests to run with security manager
asmotrak
parents:
32138
diff
changeset
|
119 |
main(new TestECDSA(), args); |
2 | 120 |
} |
121 |
||
35379
1e8e336ef66b
8144539: Update PKCS11 tests to run with security manager
asmotrak
parents:
32138
diff
changeset
|
122 |
@Override |
51245
f095e3bc2d41
8206258: [Test Error] sun/security/pkcs11 tests fail if NSS libs not found
jjiang
parents:
47216
diff
changeset
|
123 |
protected boolean skipTest(Provider provider) { |
2 | 124 |
if (provider.getService("Signature", "SHA1withECDSA") == null) { |
125 |
System.out.println("ECDSA not supported, skipping"); |
|
51245
f095e3bc2d41
8206258: [Test Error] sun/security/pkcs11 tests fail if NSS libs not found
jjiang
parents:
47216
diff
changeset
|
126 |
return true; |
2 | 127 |
} |
13661
7c894680910a
6995421: Eliminate the static dependency to sun.security.ec.ECKeyFactory
mullan
parents:
10328
diff
changeset
|
128 |
|
51245
f095e3bc2d41
8206258: [Test Error] sun/security/pkcs11 tests fail if NSS libs not found
jjiang
parents:
47216
diff
changeset
|
129 |
if (isBadNSSVersion(provider) || isBadSolarisSparc(provider)) { |
f095e3bc2d41
8206258: [Test Error] sun/security/pkcs11 tests fail if NSS libs not found
jjiang
parents:
47216
diff
changeset
|
130 |
return true; |
19067
5271291b7121
8020424: The NSS version should be detected before running crypto tests
ascarpino
parents:
14784
diff
changeset
|
131 |
} |
5271291b7121
8020424: The NSS version should be detected before running crypto tests
ascarpino
parents:
14784
diff
changeset
|
132 |
|
51245
f095e3bc2d41
8206258: [Test Error] sun/security/pkcs11 tests fail if NSS libs not found
jjiang
parents:
47216
diff
changeset
|
133 |
return false; |
f095e3bc2d41
8206258: [Test Error] sun/security/pkcs11 tests fail if NSS libs not found
jjiang
parents:
47216
diff
changeset
|
134 |
} |
f095e3bc2d41
8206258: [Test Error] sun/security/pkcs11 tests fail if NSS libs not found
jjiang
parents:
47216
diff
changeset
|
135 |
|
f095e3bc2d41
8206258: [Test Error] sun/security/pkcs11 tests fail if NSS libs not found
jjiang
parents:
47216
diff
changeset
|
136 |
@Override |
f095e3bc2d41
8206258: [Test Error] sun/security/pkcs11 tests fail if NSS libs not found
jjiang
parents:
47216
diff
changeset
|
137 |
public void main(Provider provider) throws Exception { |
f095e3bc2d41
8206258: [Test Error] sun/security/pkcs11 tests fail if NSS libs not found
jjiang
parents:
47216
diff
changeset
|
138 |
long start = System.currentTimeMillis(); |
32138
23830562d3d1
8133318: Exclude intermittent failing PKCS11 tests on Solaris SPARC 11.1 and earlier
vinnie
parents:
30046
diff
changeset
|
139 |
|
23830562d3d1
8133318: Exclude intermittent failing PKCS11 tests on Solaris SPARC 11.1 and earlier
vinnie
parents:
30046
diff
changeset
|
140 |
/* |
13661
7c894680910a
6995421: Eliminate the static dependency to sun.security.ec.ECKeyFactory
mullan
parents:
10328
diff
changeset
|
141 |
* PKCS11Test.main will remove this provider if needed |
7c894680910a
6995421: Eliminate the static dependency to sun.security.ec.ECKeyFactory
mullan
parents:
10328
diff
changeset
|
142 |
*/ |
10328 | 143 |
Providers.setAt(provider, 1); |
2 | 144 |
|
145 |
if (false) { |
|
146 |
KeyPairGenerator kpg = KeyPairGenerator.getInstance("EC", provider); |
|
147 |
kpg.initialize(571); |
|
148 |
KeyPair kp = kpg.generateKeyPair(); |
|
149 |
PrivateKey priv = kp.getPrivate(); |
|
150 |
ECPublicKey pub = (ECPublicKey)kp.getPublic(); |
|
151 |
System.out.println("Keys for " + pub.getParams()); |
|
152 |
System.out.println("public key:"); |
|
153 |
System.out.println(toString(pub.getEncoded())); |
|
154 |
System.out.println("private key:"); |
|
155 |
System.out.println(toString(priv.getEncoded())); |
|
156 |
return; |
|
157 |
} |
|
158 |
||
19067
5271291b7121
8020424: The NSS version should be detected before running crypto tests
ascarpino
parents:
14784
diff
changeset
|
159 |
if (getNSSECC() != ECCState.Basic) { |
5271291b7121
8020424: The NSS version should be detected before running crypto tests
ascarpino
parents:
14784
diff
changeset
|
160 |
test(provider, pub192, priv192, sig192); |
5271291b7121
8020424: The NSS version should be detected before running crypto tests
ascarpino
parents:
14784
diff
changeset
|
161 |
test(provider, pub163, priv163, sig163); |
5271291b7121
8020424: The NSS version should be detected before running crypto tests
ascarpino
parents:
14784
diff
changeset
|
162 |
test(provider, pub571, priv571, sig571); |
5271291b7121
8020424: The NSS version should be detected before running crypto tests
ascarpino
parents:
14784
diff
changeset
|
163 |
} else { |
5271291b7121
8020424: The NSS version should be detected before running crypto tests
ascarpino
parents:
14784
diff
changeset
|
164 |
System.out.println("ECC Basic only, skipping 192, 163 and 571."); |
5271291b7121
8020424: The NSS version should be detected before running crypto tests
ascarpino
parents:
14784
diff
changeset
|
165 |
} |
2 | 166 |
test(provider, pub521, priv521, sig521); |
167 |
||
168 |
long stop = System.currentTimeMillis(); |
|
169 |
System.out.println("All tests passed (" + (stop - start) + " ms)."); |
|
170 |
} |
|
171 |
||
172 |
private void test(Provider provider, String pub, String priv, byte[] sig) throws Exception { |
|
173 |
||
174 |
KeyFactory kf = KeyFactory.getInstance("EC", provider); |
|
175 |
X509EncodedKeySpec pubSpec = new X509EncodedKeySpec(parse(pub)); |
|
176 |
PKCS8EncodedKeySpec privSpec = new PKCS8EncodedKeySpec(parse(priv)); |
|
177 |
||
178 |
PrivateKey privateKey = kf.generatePrivate(privSpec); |
|
179 |
PublicKey publicKey = kf.generatePublic(pubSpec); |
|
180 |
||
181 |
if (false) { |
|
182 |
sign(provider, "SHA1withECDSA", privateKey, data1Raw); |
|
183 |
// sign(provider, "NONEwithECDSA", privateKey, data1SHA); |
|
184 |
return; |
|
185 |
} |
|
186 |
||
187 |
// verify known-good and known-bad signatures using SHA1withECDSA and NONEwithECDSA |
|
188 |
verify(provider, "SHA1withECDSA", publicKey, data1Raw, sig, true); |
|
189 |
verify(provider, "SHA1withECDSA", publicKey, data2Raw, sig, false); |
|
190 |
||
191 |
verify(provider, "NONEwithECDSA", publicKey, data1SHA, sig, true); |
|
192 |
verify(provider, "NONEwithECDSA", publicKey, data2SHA, sig, false); |
|
193 |
||
28974
71fe221460f5
8042967: Add variant of DSA Signature algorithms that do not ASN.1 encode the signature bytes
juh
parents:
19067
diff
changeset
|
194 |
System.out.println("Testing with default signature format: ASN.1"); |
71fe221460f5
8042967: Add variant of DSA Signature algorithms that do not ASN.1 encode the signature bytes
juh
parents:
19067
diff
changeset
|
195 |
testSigning(provider, privateKey, publicKey, false); |
71fe221460f5
8042967: Add variant of DSA Signature algorithms that do not ASN.1 encode the signature bytes
juh
parents:
19067
diff
changeset
|
196 |
|
71fe221460f5
8042967: Add variant of DSA Signature algorithms that do not ASN.1 encode the signature bytes
juh
parents:
19067
diff
changeset
|
197 |
System.out.println("Testing with IEEE P1363 signature format"); |
71fe221460f5
8042967: Add variant of DSA Signature algorithms that do not ASN.1 encode the signature bytes
juh
parents:
19067
diff
changeset
|
198 |
testSigning(provider, privateKey, publicKey, true); |
2 | 199 |
} |
200 |
||
28974
71fe221460f5
8042967: Add variant of DSA Signature algorithms that do not ASN.1 encode the signature bytes
juh
parents:
19067
diff
changeset
|
201 |
private void testSigning(Provider provider, |
71fe221460f5
8042967: Add variant of DSA Signature algorithms that do not ASN.1 encode the signature bytes
juh
parents:
19067
diff
changeset
|
202 |
PrivateKey privateKey, |
71fe221460f5
8042967: Add variant of DSA Signature algorithms that do not ASN.1 encode the signature bytes
juh
parents:
19067
diff
changeset
|
203 |
PublicKey publicKey, |
71fe221460f5
8042967: Add variant of DSA Signature algorithms that do not ASN.1 encode the signature bytes
juh
parents:
19067
diff
changeset
|
204 |
boolean p1363Format) throws Exception { |
2 | 205 |
byte[] data = new byte[2048]; |
206 |
new Random().nextBytes(data); |
|
207 |
||
208 |
// sign random data using SHA1withECDSA and verify using |
|
209 |
// SHA1withECDSA and NONEwithECDSA |
|
28974
71fe221460f5
8042967: Add variant of DSA Signature algorithms that do not ASN.1 encode the signature bytes
juh
parents:
19067
diff
changeset
|
210 |
Signature s; |
71fe221460f5
8042967: Add variant of DSA Signature algorithms that do not ASN.1 encode the signature bytes
juh
parents:
19067
diff
changeset
|
211 |
if (p1363Format) { |
71fe221460f5
8042967: Add variant of DSA Signature algorithms that do not ASN.1 encode the signature bytes
juh
parents:
19067
diff
changeset
|
212 |
s = Signature.getInstance("SHA1withECDSAinP1363Format", provider); |
71fe221460f5
8042967: Add variant of DSA Signature algorithms that do not ASN.1 encode the signature bytes
juh
parents:
19067
diff
changeset
|
213 |
} else { |
71fe221460f5
8042967: Add variant of DSA Signature algorithms that do not ASN.1 encode the signature bytes
juh
parents:
19067
diff
changeset
|
214 |
s = Signature.getInstance("SHA1withECDSA", provider); |
71fe221460f5
8042967: Add variant of DSA Signature algorithms that do not ASN.1 encode the signature bytes
juh
parents:
19067
diff
changeset
|
215 |
} |
2 | 216 |
s.initSign(privateKey); |
217 |
s.update(data); |
|
218 |
byte[] s1 = s.sign(); |
|
219 |
||
220 |
s.initVerify(publicKey); |
|
221 |
s.update(data); |
|
222 |
if (!s.verify(s1)) { |
|
223 |
throw new Exception("Sign/verify 1 failed"); |
|
224 |
} |
|
225 |
||
28974
71fe221460f5
8042967: Add variant of DSA Signature algorithms that do not ASN.1 encode the signature bytes
juh
parents:
19067
diff
changeset
|
226 |
if (p1363Format) { |
71fe221460f5
8042967: Add variant of DSA Signature algorithms that do not ASN.1 encode the signature bytes
juh
parents:
19067
diff
changeset
|
227 |
s = Signature.getInstance("NONEwithECDSAinP1363Format", provider); |
71fe221460f5
8042967: Add variant of DSA Signature algorithms that do not ASN.1 encode the signature bytes
juh
parents:
19067
diff
changeset
|
228 |
} else { |
71fe221460f5
8042967: Add variant of DSA Signature algorithms that do not ASN.1 encode the signature bytes
juh
parents:
19067
diff
changeset
|
229 |
s = Signature.getInstance("NONEwithECDSA", provider); |
71fe221460f5
8042967: Add variant of DSA Signature algorithms that do not ASN.1 encode the signature bytes
juh
parents:
19067
diff
changeset
|
230 |
} |
2 | 231 |
MessageDigest md = MessageDigest.getInstance("SHA-1"); |
232 |
byte[] digest = md.digest(data); |
|
233 |
s.initVerify(publicKey); |
|
234 |
s.update(digest); |
|
235 |
if (!s.verify(s1)) { |
|
236 |
throw new Exception("Sign/verify 2 failed"); |
|
237 |
} |
|
238 |
||
239 |
// sign random data using NONEwithECDSA and verify using |
|
240 |
// SHA1withECDSA and NONEwithECDSA |
|
241 |
s.initSign(privateKey); |
|
242 |
s.update(digest); |
|
243 |
byte[] s2 = s.sign(); |
|
244 |
||
245 |
s.initVerify(publicKey); |
|
246 |
s.update(digest); |
|
247 |
if (!s.verify(s2)) { |
|
248 |
throw new Exception("Sign/verify 3 failed"); |
|
249 |
} |
|
250 |
||
28974
71fe221460f5
8042967: Add variant of DSA Signature algorithms that do not ASN.1 encode the signature bytes
juh
parents:
19067
diff
changeset
|
251 |
if (p1363Format) { |
71fe221460f5
8042967: Add variant of DSA Signature algorithms that do not ASN.1 encode the signature bytes
juh
parents:
19067
diff
changeset
|
252 |
s = Signature.getInstance("SHA1withECDSAinP1363Format", provider); |
71fe221460f5
8042967: Add variant of DSA Signature algorithms that do not ASN.1 encode the signature bytes
juh
parents:
19067
diff
changeset
|
253 |
} else { |
71fe221460f5
8042967: Add variant of DSA Signature algorithms that do not ASN.1 encode the signature bytes
juh
parents:
19067
diff
changeset
|
254 |
s = Signature.getInstance("SHA1withECDSA", provider); |
71fe221460f5
8042967: Add variant of DSA Signature algorithms that do not ASN.1 encode the signature bytes
juh
parents:
19067
diff
changeset
|
255 |
} |
2 | 256 |
s.initVerify(publicKey); |
257 |
s.update(data); |
|
258 |
if (!s.verify(s2)) { |
|
259 |
throw new Exception("Sign/verify 4 failed"); |
|
260 |
} |
|
261 |
||
262 |
/* |
|
263 |
// XXX session release bug in P11Signature |
|
264 |
// test behavior if data of incorrect length is passed |
|
265 |
s = Signature.getInstance("NONEwithECDSA", provider); |
|
266 |
s.initSign(privateKey); |
|
267 |
s.update(new byte[8]); |
|
268 |
s.update(new byte[640]); |
|
269 |
try { |
|
270 |
s.sign(); |
|
271 |
throw new Exception("No error NONEwithECDSA signing long data"); |
|
272 |
} catch (SignatureException e) { |
|
273 |
System.out.println("OK: " + e); |
|
274 |
} |
|
275 |
System.out.println("sign/verify test ok"); |
|
276 |
/**/ |
|
277 |
} |
|
278 |
||
279 |
private static byte[] b(String s) { |
|
280 |
return parse(s); |
|
281 |
} |
|
282 |
||
283 |
} |