|
1 /* |
|
2 * Copyright (c) 2018, Oracle and/or its affiliates. All rights reserved. |
|
3 * DO NOT ALTER OR REMOVE COPYRIGHT NOTICES OR THIS FILE HEADER. |
|
4 * |
|
5 * This code is free software; you can redistribute it and/or modify it |
|
6 * under the terms of the GNU General Public License version 2 only, as |
|
7 * published by the Free Software Foundation. |
|
8 * |
|
9 * This code is distributed in the hope that it will be useful, but WITHOUT |
|
10 * ANY WARRANTY; without even the implied warranty of MERCHANTABILITY or |
|
11 * FITNESS FOR A PARTICULAR PURPOSE. See the GNU General Public License |
|
12 * version 2 for more details (a copy is included in the LICENSE file that |
|
13 * accompanied this code). |
|
14 * |
|
15 * You should have received a copy of the GNU General Public License version |
|
16 * 2 along with this work; if not, write to the Free Software Foundation, |
|
17 * Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA. |
|
18 * |
|
19 * Please contact Oracle, 500 Oracle Parkway, Redwood Shores, CA 94065 USA |
|
20 * or visit www.oracle.com if you need additional information or have any |
|
21 * questions. |
|
22 */ |
|
23 import java.security.*; |
|
24 import java.security.interfaces.RSAPrivateKey; |
|
25 import java.security.interfaces.RSAPublicKey; |
|
26 import java.security.spec.*; |
|
27 import java.util.Arrays; |
|
28 import java.util.stream.IntStream; |
|
29 import static javax.crypto.Cipher.PRIVATE_KEY; |
|
30 import static javax.crypto.Cipher.PUBLIC_KEY; |
|
31 |
|
32 /** |
|
33 * @test |
|
34 * @bug 8146293 |
|
35 * @summary Create a signature for RSA and get its signed data. re-initiate |
|
36 * the signature with the public key. The signature can be verified |
|
37 * by acquired signed data. |
|
38 * @run main SignatureTest2 768 |
|
39 * @run main SignatureTest2 1024 |
|
40 * @run main SignatureTest2 2048 |
|
41 * @run main/timeout=240 SignatureTest2 4096 |
|
42 */ |
|
43 public class SignatureTest2 { |
|
44 /** |
|
45 * ALGORITHM name, fixed as RSA. |
|
46 */ |
|
47 private static final String KEYALG = "RSASSA-PSS"; |
|
48 |
|
49 /** |
|
50 * JDK default RSA Provider. |
|
51 */ |
|
52 private static final String PROVIDER = "SunRsaSign"; |
|
53 |
|
54 /** |
|
55 * How much times signature updated. |
|
56 */ |
|
57 private static final int UPDATE_TIMES_TWO = 2; |
|
58 |
|
59 /** |
|
60 * How much times signature initial updated. |
|
61 */ |
|
62 private static final int UPDATE_TIMES_TEN = 10; |
|
63 |
|
64 /** |
|
65 * Digest algorithms to test w/ RSASSA-PSS signature algorithms |
|
66 */ |
|
67 private static final String[] DIGEST_ALG = { |
|
68 "SHA-1", "SHA-224", "SHA-256", "SHA-384", |
|
69 "SHA-512", "SHA-512/224", "SHA-512/256" |
|
70 }; |
|
71 |
|
72 private static final String SIG_ALG = "RSASSA-PSS"; |
|
73 |
|
74 private static PSSParameterSpec genPSSParameter(String digestAlgo, |
|
75 int digestLen, int keySize) { |
|
76 // pick a salt length based on the key length and digestAlgo |
|
77 int saltLength = keySize/8 - digestLen - 2; |
|
78 if (saltLength < 0) { |
|
79 System.out.println("keysize: " + keySize/8 + ", digestLen: " + digestLen); |
|
80 return null; |
|
81 } |
|
82 return new PSSParameterSpec(digestAlgo, "MGF1", |
|
83 new MGF1ParameterSpec(digestAlgo), saltLength, 1); |
|
84 } |
|
85 |
|
86 public static void main(String[] args) throws Exception { |
|
87 final int testSize = Integer.parseInt(args[0]); |
|
88 |
|
89 byte[] data = new byte[100]; |
|
90 IntStream.range(0, data.length).forEach(j -> { |
|
91 data[j] = (byte) j; |
|
92 }); |
|
93 |
|
94 // create a key pair |
|
95 KeyPair kpair = generateKeys(KEYALG, testSize); |
|
96 Key[] privs = manipulateKey(PRIVATE_KEY, kpair.getPrivate()); |
|
97 Key[] pubs = manipulateKey(PUBLIC_KEY, kpair.getPublic()); |
|
98 |
|
99 // For messsage digest algorithm, create and verify a RSASSA-PSS signature |
|
100 Arrays.stream(privs).forEach(priv |
|
101 -> Arrays.stream(pubs).forEach(pub |
|
102 -> Arrays.stream(DIGEST_ALG).forEach(testAlg -> { |
|
103 checkSignature(data, (PublicKey) pub, (PrivateKey) priv, |
|
104 testAlg, testSize); |
|
105 } |
|
106 ))); |
|
107 |
|
108 } |
|
109 |
|
110 private static KeyPair generateKeys(String keyalg, int size) |
|
111 throws NoSuchAlgorithmException { |
|
112 KeyPairGenerator kpg = KeyPairGenerator.getInstance(keyalg); |
|
113 kpg.initialize(size); |
|
114 return kpg.generateKeyPair(); |
|
115 } |
|
116 |
|
117 private static Key[] manipulateKey(int type, Key key) |
|
118 throws NoSuchAlgorithmException, InvalidKeySpecException, NoSuchProviderException { |
|
119 KeyFactory kf = KeyFactory.getInstance(KEYALG, PROVIDER); |
|
120 |
|
121 switch (type) { |
|
122 case PUBLIC_KEY: |
|
123 return new Key[]{ |
|
124 kf.generatePublic(kf.getKeySpec(key, RSAPublicKeySpec.class)), |
|
125 kf.generatePublic(new X509EncodedKeySpec(key.getEncoded())), |
|
126 kf.generatePublic(new RSAPublicKeySpec( |
|
127 ((RSAPublicKey) key).getModulus(), |
|
128 ((RSAPublicKey) key).getPublicExponent())) |
|
129 }; |
|
130 case PRIVATE_KEY: |
|
131 return new Key[]{ |
|
132 kf.generatePrivate(kf.getKeySpec(key, |
|
133 RSAPrivateKeySpec.class)), |
|
134 kf.generatePrivate(new PKCS8EncodedKeySpec( |
|
135 key.getEncoded())), |
|
136 kf.generatePrivate(new RSAPrivateKeySpec(((RSAPrivateKey) key).getModulus(), |
|
137 ((RSAPrivateKey) key).getPrivateExponent())) |
|
138 }; |
|
139 } |
|
140 throw new RuntimeException("We shouldn't reach here"); |
|
141 } |
|
142 |
|
143 private static void checkSignature(byte[] data, PublicKey pub, |
|
144 PrivateKey priv, String digestAlg, int keySize) throws RuntimeException { |
|
145 try { |
|
146 Signature sig = Signature.getInstance(SIG_ALG, PROVIDER); |
|
147 int digestLen = MessageDigest.getInstance(digestAlg).getDigestLength(); |
|
148 PSSParameterSpec params = genPSSParameter(digestAlg, digestLen, keySize); |
|
149 if (params == null) { |
|
150 System.out.println("Skip test due to short key size"); |
|
151 return; |
|
152 } |
|
153 sig.setParameter(params); |
|
154 sig.initSign(priv); |
|
155 for (int i = 0; i < UPDATE_TIMES_TEN; i++) { |
|
156 sig.update(data); |
|
157 } |
|
158 byte[] signedDataTen = sig.sign(); |
|
159 |
|
160 // Make sure signature can be generated without re-init |
|
161 sig.update(data); |
|
162 byte[] signedDataOne = sig.sign(); |
|
163 |
|
164 // Make sure signature verifies with original data |
|
165 System.out.println("Verify using params " + sig.getParameters()); |
|
166 sig.initVerify(pub); |
|
167 sig.setParameter(params); |
|
168 for (int i = 0; i < UPDATE_TIMES_TEN; i++) { |
|
169 sig.update(data); |
|
170 } |
|
171 if (!sig.verify(signedDataTen)) { |
|
172 throw new RuntimeException("Signature verification test#1 failed w/ " |
|
173 + digestAlg); |
|
174 } |
|
175 |
|
176 // Make sure signature can verify without re-init |
|
177 sig.update(data); |
|
178 if (!sig.verify(signedDataOne)) { |
|
179 throw new RuntimeException("Signature verification test#2 failed w/ " |
|
180 + digestAlg); |
|
181 } |
|
182 |
|
183 // Make sure signature does NOT verify when the original data |
|
184 // has changed |
|
185 for (int i = 0; i < UPDATE_TIMES_TWO; i++) { |
|
186 sig.update(data); |
|
187 } |
|
188 |
|
189 if (sig.verify(signedDataOne)) { |
|
190 throw new RuntimeException("Bad signature accepted w/ " |
|
191 + digestAlg); |
|
192 } |
|
193 } catch (NoSuchAlgorithmException | InvalidKeyException | |
|
194 SignatureException | NoSuchProviderException | |
|
195 InvalidAlgorithmParameterException e) { |
|
196 e.printStackTrace(); |
|
197 throw new RuntimeException(e); |
|
198 } |
|
199 } |
|
200 } |