|
1 /* |
|
2 * Copyright (c) 2016, Oracle and/or its affiliates. All rights reserved. |
|
3 * DO NOT ALTER OR REMOVE COPYRIGHT NOTICES OR THIS FILE HEADER. |
|
4 * |
|
5 * This code is free software; you can redistribute it and/or modify it |
|
6 * under the terms of the GNU General Public License version 2 only, as |
|
7 * published by the Free Software Foundation. |
|
8 * |
|
9 * This code is distributed in the hope that it will be useful, but WITHOUT |
|
10 * ANY WARRANTY; without even the implied warranty of MERCHANTABILITY or |
|
11 * FITNESS FOR A PARTICULAR PURPOSE. See the GNU General Public License |
|
12 * version 2 for more details (a copy is included in the LICENSE file that |
|
13 * accompanied this code). |
|
14 * |
|
15 * You should have received a copy of the GNU General Public License version |
|
16 * 2 along with this work; if not, write to the Free Software Foundation, |
|
17 * Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA. |
|
18 * |
|
19 * Please contact Oracle, 500 Oracle Parkway, Redwood Shores, CA 94065 USA |
|
20 * or visit www.oracle.com if you need additional information or have any |
|
21 * questions. |
|
22 */ |
|
23 |
|
24 import sun.security.provider.AbstractDrbg; |
|
25 import sun.security.provider.EntropySource; |
|
26 |
|
27 import java.lang.reflect.Field; |
|
28 import java.lang.reflect.Modifier; |
|
29 import java.security.DrbgParameters; |
|
30 import java.security.SecureRandom; |
|
31 import java.security.Security; |
|
32 |
|
33 /** |
|
34 * @test |
|
35 * @bug 8051408 |
|
36 * @modules java.base/sun.security.provider |
|
37 * @run main/othervm CommonSeeder |
|
38 * @summary check entropy reading of DRBGs |
|
39 */ |
|
40 public class CommonSeeder { |
|
41 |
|
42 static class MyES implements EntropySource { |
|
43 int count = 100; |
|
44 int lastCount = 100; |
|
45 |
|
46 @Override |
|
47 public byte[] getEntropy(int minEntropy, int minLength, |
|
48 int maxLength, boolean pr) { |
|
49 count--; |
|
50 return new byte[minLength]; |
|
51 } |
|
52 |
|
53 /** |
|
54 * Confirms genEntropy() has been called {@code less} times |
|
55 * since last check. |
|
56 */ |
|
57 public void checkUsage(int less) throws Exception { |
|
58 if (lastCount != count + less) { |
|
59 throw new Exception(String.format( |
|
60 "lastCount = %d, count = %d, less = %d", |
|
61 lastCount, count, less)); |
|
62 } |
|
63 lastCount = count; |
|
64 } |
|
65 } |
|
66 |
|
67 public static void main(String[] args) throws Exception { |
|
68 |
|
69 byte[] result = new byte[10]; |
|
70 MyES es = new MyES(); |
|
71 |
|
72 // Set es as the default entropy source, overriding SeedGenerator. |
|
73 setDefaultSeeder(es); |
|
74 |
|
75 // Nothing happened yet |
|
76 es.checkUsage(0); |
|
77 |
|
78 SecureRandom sr; |
|
79 sr = SecureRandom.getInstance("DRBG"); |
|
80 |
|
81 // No entropy reading if only getInstance |
|
82 es.checkUsage(0); |
|
83 |
|
84 // Entropy is read at 1st nextBytes of the 1st DRBG |
|
85 sr.nextInt(); |
|
86 es.checkUsage(1); |
|
87 |
|
88 for (String mech : new String[]{"Hash_DRBG", "HMAC_DRBG", "CTR_DRBG"}) { |
|
89 System.out.println("Testing " + mech + "..."); |
|
90 |
|
91 // DRBG with pr_false will never read entropy again no matter |
|
92 // if nextBytes or reseed is called. |
|
93 |
|
94 Security.setProperty("securerandom.drbg.config", mech); |
|
95 sr = SecureRandom.getInstance("DRBG"); |
|
96 sr.nextInt(); |
|
97 sr.reseed(); |
|
98 es.checkUsage(0); |
|
99 |
|
100 // DRBG with pr_true always read from default entropy, and |
|
101 // its nextBytes always reseed itself |
|
102 |
|
103 Security.setProperty("securerandom.drbg.config", |
|
104 mech + ",pr_and_reseed"); |
|
105 sr = SecureRandom.getInstance("DRBG"); |
|
106 |
|
107 sr.nextInt(); |
|
108 es.checkUsage(2); // one instantiate, one reseed |
|
109 sr.nextInt(); |
|
110 es.checkUsage(1); // one reseed in nextBytes |
|
111 sr.reseed(); |
|
112 es.checkUsage(1); // one reseed |
|
113 sr.nextBytes(result, DrbgParameters.nextBytes(-1, false, null)); |
|
114 es.checkUsage(0); // pr_false for this call |
|
115 sr.nextBytes(result, DrbgParameters.nextBytes(-1, true, null)); |
|
116 es.checkUsage(1); // pr_true for this call |
|
117 sr.reseed(DrbgParameters.reseed(true, null)); |
|
118 es.checkUsage(1); // reseed from es |
|
119 sr.reseed(DrbgParameters.reseed(false, null)); |
|
120 es.checkUsage(0); // reseed from AbstractDrbg.SeederHolder.seeder |
|
121 } |
|
122 } |
|
123 |
|
124 static void setDefaultSeeder(EntropySource es) throws Exception { |
|
125 Field f = AbstractDrbg.class.getDeclaredField("defaultES"); |
|
126 f.setAccessible(true); // no more private |
|
127 Field f2 = Field.class.getDeclaredField("modifiers"); |
|
128 f2.setAccessible(true); |
|
129 f2.setInt(f, f2.getInt(f) - Modifier.FINAL); // no more final |
|
130 f.set(null, es); |
|
131 } |
|
132 } |