jdk-sandbox: comparison jdk/test/java/security/Signature/SignatureLength.java

equal deleted inserted replaced

-:53bcc005d1af
+:ab558f578f30
+/*
+* Copyright (c) 2016, Oracle and/or its affiliates. All rights reserved.
+* DO NOT ALTER OR REMOVE COPYRIGHT NOTICES OR THIS FILE HEADER.
+*
+* This code is free software; you can redistribute it and/or modify it
+* under the terms of the GNU General Public License version 2 only, as
+* published by the Free Software Foundation.
+*
+* This code is distributed in the hope that it will be useful, but WITHOUT
+* ANY WARRANTY; without even the implied warranty of MERCHANTABILITY or
+* FITNESS FOR A PARTICULAR PURPOSE.  See the GNU General Public License
+* version 2 for more details (a copy is included in the LICENSE file that
+* accompanied this code).
+*
+* You should have received a copy of the GNU General Public License version
+* 2 along with this work; if not, write to the Free Software Foundation,
+* Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA.
+*
+* Please contact Oracle, 500 Oracle Parkway, Redwood Shores, CA 94065 USA
+* or visit www.oracle.com if you need additional information or have any
+* questions.
+*/
+import java.security.*;
+/*
+* @test
+* @bug 8161571
+* @summary Reject signatures presented for verification that contain extra
+*          bytes.
+* @run main SignatureLength
+*/
+public class SignatureLength {
+public static void main(String[] args) throws Exception {
+main0("EC", 256, "SHA256withECDSA", "SunEC");
+main0("RSA", 2048, "SHA256withRSA", "SunRsaSign");
+main0("DSA", 2048, "SHA256withDSA", "SUN");
+if (System.getProperty("os.name").equals("SunOS")) {
+main0("EC", 256, "SHA256withECDSA", null);
+main0("RSA", 2048, "SHA256withRSA", null);
+}
+}
+private static void main0(String keyAlgorithm, int keysize,
+String signatureAlgorithm, String provider) throws Exception {
+byte[] plaintext = "aaa".getBytes("UTF-8");
+// Generate
+KeyPairGenerator generator =
+provider == null ?
+(KeyPairGenerator) KeyPairGenerator.getInstance(keyAlgorithm) :
+(KeyPairGenerator) KeyPairGenerator.getInstance(
+keyAlgorithm, provider);
+generator.initialize(keysize);
+System.out.println("Generating " + keyAlgorithm + " keypair using " +
+generator.getProvider().getName() + " JCE provider");
+KeyPair keypair = generator.generateKeyPair();
+// Sign
+Signature signer =
+provider == null ?
+Signature.getInstance(signatureAlgorithm) :
+Signature.getInstance(signatureAlgorithm, provider);
+signer.initSign(keypair.getPrivate());
+signer.update(plaintext);
+System.out.println("Signing using " + signer.getProvider().getName() +
+" JCE provider");
+byte[] signature = signer.sign();
+// Invalidate
+System.out.println("Invalidating signature ...");
+byte[] badSignature = new byte[signature.length + 5];
+System.arraycopy(signature, 0, badSignature, 0, signature.length);
+badSignature[signature.length] = 0x01;
+badSignature[signature.length + 1] = 0x01;
+badSignature[signature.length + 2] = 0x01;
+badSignature[signature.length + 3] = 0x01;
+badSignature[signature.length + 4] = 0x01;
+// Verify
+Signature verifier =
+provider == null ?
+Signature.getInstance(signatureAlgorithm) :
+Signature.getInstance(signatureAlgorithm, provider);
+verifier.initVerify(keypair.getPublic());
+verifier.update(plaintext);
+System.out.println("Verifying using " +
+verifier.getProvider().getName() + " JCE provider");
+try {
+System.out.println("Valid? " + verifier.verify(badSignature));
+throw new Exception(
+"ERROR: expected a SignatureException but none was thrown");
+} catch (SignatureException e) {
+System.out.println("OK: caught expected exception: " + e);
+}
+System.out.println();
+}
+}

changeset 39771	ab558f578f30
child 41226	da753c438a07