jdk/test/sun/security/mscapi/SignUsingSHA2withRSA.java
author valeriep
Tue, 08 May 2012 17:57:48 -0700
changeset 12685 8a448b5b9006
parent 9524 8417d0e74ac5
child 12700 9c9ad46c7c40
permissions -rw-r--r--
4963723: Implement SHA-224 Summary: Add support for SHA-224, SHA224withRSA, SHA224withECDSA, HmacSHA224 and OAEPwithSHA-224AndMGF1Padding. Reviewed-by: vinnie

/*
 * Copyright (c) 2011, 2012, Oracle and/or its affiliates. All rights reserved.
 * DO NOT ALTER OR REMOVE COPYRIGHT NOTICES OR THIS FILE HEADER.
 *
 * This code is free software; you can redistribute it and/or modify it
 * under the terms of the GNU General Public License version 2 only, as
 * published by the Free Software Foundation.
 *
 * This code is distributed in the hope that it will be useful, but WITHOUT
 * ANY WARRANTY; without even the implied warranty of MERCHANTABILITY or
 * FITNESS FOR A PARTICULAR PURPOSE.  See the GNU General Public License
 * version 2 for more details (a copy is included in the LICENSE file that
 * accompanied this code).
 *
 * You should have received a copy of the GNU General Public License version
 * 2 along with this work; if not, write to the Free Software Foundation,
 * Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA.
 *
 * Please contact Oracle, 500 Oracle Parkway, Redwood Shores, CA 94065 USA
 * or visit www.oracle.com if you need additional information or have any
 * questions.
 */

/**
 * @see SignUsingSHA2withRSA.sh
 */

import java.security.*;
import java.util.*;

public class SignUsingSHA2withRSA {

    private static final byte[] toBeSigned = new byte[] {
        0x01, 0x02, 0x03, 0x04, 0x05, 0x06, 0x07, 0x08, 0x09, 0x10
    };

    private static List<byte[]> generatedSignatures = new ArrayList<>();

    public static void main(String[] args) throws Exception {

        Provider[] providers = Security.getProviders("Signature.SHA256withRSA");
        if (providers == null) {
            System.out.println("No JCE providers support the " +
                "'Signature.SHA256withRSA' algorithm");
            System.out.println("Skipping this test...");
            return;

        } else {
            System.out.println("The following JCE providers support the " +
                "'Signature.SHA256withRSA' algorithm: ");
            for (Provider provider : providers) {
                System.out.println("    " + provider.getName());
            }
        }
        System.out.println("-------------------------------------------------");

        KeyStore ks = KeyStore.getInstance("Windows-MY", "SunMSCAPI");
        ks.load(null, null);
        System.out.println("Loaded keystore: Windows-MY");

        Enumeration e = ks.aliases();
        PrivateKey privateKey = null;
        PublicKey publicKey = null;

        while (e.hasMoreElements()) {
            String alias = (String) e.nextElement();
            if (alias.equals("6753664")) {
                System.out.println("Loaded entry: " + alias);
                privateKey = (PrivateKey) ks.getKey(alias, null);
                publicKey = (PublicKey) ks.getCertificate(alias).getPublicKey();
            }
        }
        if (privateKey == null || publicKey == null) {
            throw new Exception("Cannot load the keys need to run this test");
        }
        System.out.println("-------------------------------------------------");

        generatedSignatures.add(signUsing("SHA256withRSA", privateKey));
        generatedSignatures.add(signUsing("SHA384withRSA", privateKey));
        generatedSignatures.add(signUsing("SHA512withRSA", privateKey));
        generatedSignatures.add(signUsing("SHA224withRSA", privateKey));


        System.out.println("-------------------------------------------------");

        verifyUsing("SHA256withRSA", publicKey, generatedSignatures.get(0));
        verifyUsing("SHA384withRSA", publicKey, generatedSignatures.get(1));
        verifyUsing("SHA512withRSA", publicKey, generatedSignatures.get(2));
        verifyUsing("SHA224withRSA", publicKey, generatedSignatures.get(3));


        System.out.println("-------------------------------------------------");
    }

    private static byte[] signUsing(String signAlgorithm,
        PrivateKey privateKey) throws Exception {

        // Must explicitly specify the SunMSCAPI JCE provider
        // (otherwise SunJCE is chosen because it appears earlier in the list)
        Signature sig1 = Signature.getInstance(signAlgorithm, "SunMSCAPI");
        if (sig1 == null) {
            throw new Exception("'" + signAlgorithm + "' is not supported");
        }
        System.out.println("Using " + signAlgorithm + " signer from the " +
            sig1.getProvider().getName() + " JCE provider");

        System.out.println("Using key: " + privateKey);
        sig1.initSign(privateKey);
        sig1.update(toBeSigned);
        byte [] sigBytes = null;

        try {
            sigBytes = sig1.sign();
            System.out.println("Generated RSA signature over a " +
                toBeSigned.length + "-byte data (signature length: " +
                sigBytes.length * 8 + " bits)");
            System.out.println(String.format("0x%0" +
                (sigBytes.length * 2) + "x",
                new java.math.BigInteger(1, sigBytes)));

        } catch (SignatureException se) {
                System.out.println("Error generating RSA signature: " + se);
        }

        return sigBytes;
    }

    private static void verifyUsing(String signAlgorithm, PublicKey publicKey,
        byte[] signature) throws Exception {

        // Must explicitly specify the SunMSCAPI JCE provider
        // (otherwise SunJCE is chosen because it appears earlier in the list)
        Signature sig1 = Signature.getInstance(signAlgorithm, "SunMSCAPI");
        if (sig1 == null) {
            throw new Exception("'" + signAlgorithm + "' is not supported");
        }
        System.out.println("Using " + signAlgorithm + " verifier from the "
            + sig1.getProvider().getName() + " JCE provider");

        System.out.println("Using key: " + publicKey);

        System.out.println("\nVerifying RSA Signature over a " +
            toBeSigned.length + "-byte data (signature length: " +
            signature.length * 8 + " bits)");
        System.out.println(String.format("0x%0" + (signature.length * 2) +
            "x", new java.math.BigInteger(1, signature)));

        sig1.initVerify(publicKey);
        sig1.update(toBeSigned);

        if (sig1.verify(signature)) {
            System.out.println("Verify PASSED\n");
        } else {
            throw new Exception("Verify FAILED");
        }
    }
}