32 import java.security.Security; |
32 import java.security.Security; |
33 import java.security.Provider; |
33 import java.security.Provider; |
34 |
34 |
35 import javax.crypto.KeyGenerator; |
35 import javax.crypto.KeyGenerator; |
36 import javax.crypto.SecretKey; |
36 import javax.crypto.SecretKey; |
|
37 import java.util.Formatter; |
37 |
38 |
38 import sun.security.internal.spec.TlsRsaPremasterSecretParameterSpec; |
39 import sun.security.internal.spec.TlsRsaPremasterSecretParameterSpec; |
39 |
40 |
40 public class TestPremaster extends PKCS11Test { |
41 public class TestPremaster extends PKCS11Test { |
41 |
42 |
57 throw new Exception("no exception"); |
58 throw new Exception("no exception"); |
58 } catch (IllegalStateException e) { |
59 } catch (IllegalStateException e) { |
59 System.out.println("OK: " + e); |
60 System.out.println("OK: " + e); |
60 } |
61 } |
61 |
62 |
62 test(kg, 3, 0); |
63 int[] protocolVersions = {0x0300, 0x0301, 0x0302, 0x0400}; |
63 test(kg, 3, 1); |
64 for (int clientVersion : protocolVersions) { |
64 test(kg, 3, 2); |
65 for (int serverVersion : protocolVersions) { |
65 test(kg, 4, 0); |
66 test(kg, clientVersion, serverVersion); |
|
67 if (serverVersion >= clientVersion) { |
|
68 break; |
|
69 } |
|
70 } |
|
71 } |
66 |
72 |
67 System.out.println("Done."); |
73 System.out.println("Done."); |
68 } |
74 } |
69 |
75 |
70 private static void test(KeyGenerator kg, int major, int minor) |
76 private static void test(KeyGenerator kg, |
71 throws Exception { |
77 int clientVersion, int serverVersion) throws Exception { |
72 |
78 |
73 kg.init(new TlsRsaPremasterSecretParameterSpec(major, minor)); |
79 System.out.printf( |
|
80 "Testing RSA pre-master secret key generation between " + |
|
81 "client (0x%04X) and server(0x%04X)%n", |
|
82 clientVersion, serverVersion); |
|
83 kg.init(new TlsRsaPremasterSecretParameterSpec( |
|
84 clientVersion, serverVersion)); |
74 SecretKey key = kg.generateKey(); |
85 SecretKey key = kg.generateKey(); |
75 byte[] encoded = key.getEncoded(); |
86 byte[] encoded = key.getEncoded(); |
76 if (encoded.length != 48) { |
87 if (encoded != null) { // raw key material may be not extractable |
77 throw new Exception("length: " + encoded.length); |
88 if (encoded.length != 48) { |
78 } |
89 throw new Exception("length: " + encoded.length); |
79 if ((encoded[0] != major) || (encoded[1] != minor)) { |
90 } |
80 throw new Exception("version mismatch: " + encoded[0] + |
91 int v = versionOf(encoded[0], encoded[1]); |
81 "." + encoded[1]); |
92 if (clientVersion != v) { |
82 } |
93 if (serverVersion != v || clientVersion >= 0x0302) { |
83 System.out.println("OK: " + major + "." + minor); |
94 throw new Exception(String.format( |
|
95 "version mismatch: (0x%04X) rather than (0x%04X) " + |
|
96 "is used in pre-master secret", v, clientVersion)); |
|
97 } |
|
98 System.out.printf("Use compatible version (0x%04X)%n", v); |
|
99 } |
|
100 System.out.println("Passed, version matches!"); |
|
101 } else { |
|
102 System.out.println("Raw key material is not extractable"); |
|
103 } |
84 } |
104 } |
|
105 |
|
106 private static int versionOf(int major, int minor) { |
|
107 return ((major & 0xFF) << 8) | (minor & 0xFF); |
|
108 } |
|
109 |
85 } |
110 } |