|
1 /* |
|
2 * Copyright (c) 2013, 2017, Oracle and/or its affiliates. All rights reserved. |
|
3 * DO NOT ALTER OR REMOVE COPYRIGHT NOTICES OR THIS FILE HEADER. |
|
4 * |
|
5 * This code is free software; you can redistribute it and/or modify it |
|
6 * under the terms of the GNU General Public License version 2 only, as |
|
7 * published by the Free Software Foundation. |
|
8 * |
|
9 * This code is distributed in the hope that it will be useful, but WITHOUT |
|
10 * ANY WARRANTY; without even the implied warranty of MERCHANTABILITY or |
|
11 * FITNESS FOR A PARTICULAR PURPOSE. See the GNU General Public License |
|
12 * version 2 for more details (a copy is included in the LICENSE file that |
|
13 * accompanied this code). |
|
14 * |
|
15 * You should have received a copy of the GNU General Public License version |
|
16 * 2 along with this work; if not, write to the Free Software Foundation, |
|
17 * Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA. |
|
18 * |
|
19 * Please contact Oracle, 500 Oracle Parkway, Redwood Shores, CA 94065 USA |
|
20 * or visit www.oracle.com if you need additional information or have any |
|
21 * questions. |
|
22 */ |
|
23 |
|
24 /* |
|
25 * @test |
|
26 * @bug 7196382 8072452 |
|
27 * @summary Ensure that DH key pairs can be generated for 512 - 8192 bits |
|
28 * @author Valerie Peng |
|
29 * @library .. |
|
30 * @modules jdk.crypto.cryptoki |
|
31 * @run main/othervm TestDH2048 |
|
32 * @run main/othervm TestDH2048 sm |
|
33 */ |
|
34 |
|
35 import java.security.InvalidParameterException; |
|
36 import java.security.KeyPair; |
|
37 import java.security.KeyPairGenerator; |
|
38 import java.security.Provider; |
|
39 |
|
40 public class TestDH2048 extends PKCS11Test { |
|
41 |
|
42 private static void checkUnsupportedKeySize(KeyPairGenerator kpg, int ks) |
|
43 throws Exception { |
|
44 try { |
|
45 kpg.initialize(ks); |
|
46 throw new Exception("Expected IPE not thrown for " + ks); |
|
47 } catch (InvalidParameterException ipe) { |
|
48 } |
|
49 } |
|
50 |
|
51 @Override |
|
52 public void main(Provider p) throws Exception { |
|
53 if (p.getService("KeyPairGenerator", "DH") == null) { |
|
54 System.out.println("KPG for DH not supported, skipping"); |
|
55 return; |
|
56 } |
|
57 KeyPairGenerator kpg = KeyPairGenerator.getInstance("DH", p); |
|
58 kpg.initialize(512); |
|
59 KeyPair kp1 = kpg.generateKeyPair(); |
|
60 |
|
61 kpg.initialize(768); |
|
62 kp1 = kpg.generateKeyPair(); |
|
63 |
|
64 kpg.initialize(1024); |
|
65 kp1 = kpg.generateKeyPair(); |
|
66 |
|
67 kpg.initialize(1536); |
|
68 kp1 = kpg.generateKeyPair(); |
|
69 |
|
70 kpg.initialize(2048); |
|
71 kp1 = kpg.generateKeyPair(); |
|
72 |
|
73 try { |
|
74 kpg.initialize(3072); |
|
75 kp1 = kpg.generateKeyPair(); |
|
76 |
|
77 kpg.initialize(4096); |
|
78 kp1 = kpg.generateKeyPair(); |
|
79 |
|
80 kpg.initialize(6144); |
|
81 kp1 = kpg.generateKeyPair(); |
|
82 |
|
83 kpg.initialize(8192); |
|
84 kp1 = kpg.generateKeyPair(); |
|
85 } catch (InvalidParameterException ipe) { |
|
86 // NSS (as of version 3.13) has a hard coded maximum limit |
|
87 // of 2236 or 3072 bits for DHE keys. |
|
88 System.out.println("4096-bit DH key pair generation: " + ipe); |
|
89 if (!p.getName().equals("SunPKCS11-NSS")) { |
|
90 throw ipe; |
|
91 } |
|
92 } |
|
93 |
|
94 // key size must be multiples of 64 though |
|
95 checkUnsupportedKeySize(kpg, 2048 + 63); |
|
96 checkUnsupportedKeySize(kpg, 3072 + 32); |
|
97 } |
|
98 |
|
99 public static void main(String[] args) throws Exception { |
|
100 main(new TestDH2048(), args); |
|
101 } |
|
102 } |