Path: blob/aarch64-shenandoah-jdk8u272-b10/jdk/test/java/security/SignedObject/Chain.java
38821 views
/*1* Copyright (c) 2015, 2020, Oracle and/or its affiliates. All rights reserved.2* DO NOT ALTER OR REMOVE COPYRIGHT NOTICES OR THIS FILE HEADER.3*4* This code is free software; you can redistribute it and/or modify it5* under the terms of the GNU General Public License version 2 only, as6* published by the Free Software Foundation.7*8* This code is distributed in the hope that it will be useful, but WITHOUT9* ANY WARRANTY; without even the implied warranty of MERCHANTABILITY or10* FITNESS FOR A PARTICULAR PURPOSE. See the GNU General Public License11* version 2 for more details (a copy is included in the LICENSE file that12* accompanied this code).13*14* You should have received a copy of the GNU General Public License version15* 2 along with this work; if not, write to the Free Software Foundation,16* Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA.17*18* Please contact Oracle, 500 Oracle Parkway, Redwood Shores, CA 94065 USA19* or visit www.oracle.com if you need additional information or have any20* questions.21*/2223import java.security.Signature;24import java.security.SignedObject;25import java.security.KeyPairGenerator;26import java.security.KeyPair;27import java.security.NoSuchProviderException;28import java.security.PrivateKey;29import java.security.PublicKey;30import java.security.spec.*;31import java.util.*;32import jdk.test.lib.SigTestUtil;33import static jdk.test.lib.SigTestUtil.SignatureType;3435/*36* @test37* @bug 8050374 8181048 814629338* @summary Verify a chain of signed objects39* @library /lib40* @build jdk.test.lib.SigTestUtil41* @run main Chain42*/43public class Chain {4445static enum KeyAlg {46RSA("RSA"),47DSA("DSA"),48EC("EC");4950final String name;5152KeyAlg(String alg) {53this.name = alg;54}55}5657static enum Provider {58Default("default"),59SunRsaSign("SunRsaSign"),60Sun("SUN"),61SunEC("SunEC"),62SunJSSE("SunJSSE"),63SunMSCAPI("SunMSCAPI");6465final String name;6667Provider(String name) {68this.name = name;69}70}7172static enum SigAlg {73MD2withRSA("MD2withRSA"),74MD5withRSA("md5withRSA"),7576SHA1withDSA("SHA1withDSA"),77SHA224withDSA("SHA224withDSA"),78SHA256withDSA("SHA256withDSA"),7980SHA1withRSA("Sha1withrSA"),81SHA224withRSA("SHA224withRSA"),82SHA256withRSA("SHA256withRSA"),83SHA384withRSA("SHA384withRSA"),84SHA512withRSA("SHA512withRSA"),85SHA512_224withRSA("SHA512/224withRSA"),86SHA512_256withRSA("SHA512/256withRSA"),8788SHA1withECDSA("SHA1withECDSA"),89SHA256withECDSA("SHA256withECDSA"),90SHA224withECDSA("SHA224withECDSA"),91SHA384withECDSA("SHA384withECDSA"),92SHA512withECDSA("SHA512withECDSA"),9394MD5andSHA1withRSA("MD5andSHA1withRSA"),9596RSASSA_PSS("RSASSA-PSS");9798final String name;99100SigAlg(String name) {101this.name = name;102}103}104105static class Test {106final Provider provider;107final KeyAlg keyAlg;108final SigAlg sigAlg;109final int keySize;110final AlgorithmParameterSpec sigParams;111112Test(SigAlg sigAlg, KeyAlg keyAlg, Provider provider) {113this(sigAlg, keyAlg, provider, -1, null);114}115116Test(SigAlg sigAlg, KeyAlg keyAlg, Provider provider, int keySize) {117this(sigAlg, keyAlg, provider, keySize, null);118}119120Test(SigAlg sigAlg, KeyAlg keyAlg, Provider provider, int keySize,121AlgorithmParameterSpec sigParams) {122this.provider = provider;123this.keyAlg = keyAlg;124this.sigAlg = sigAlg;125this.keySize = keySize;126this.sigParams = sigParams;127}128129private static String formatParams(AlgorithmParameterSpec aps) {130if (aps == null) return "null";131if (aps instanceof PSSParameterSpec) {132PSSParameterSpec p = (PSSParameterSpec) aps;133return String.format("PSSParameterSpec (%s, %s, %s, %s)",134p.getDigestAlgorithm(), formatParams(p.getMGFParameters()),135p.getSaltLength(), p.getTrailerField());136} else if (aps instanceof MGF1ParameterSpec) {137return "MGF1" +138((MGF1ParameterSpec)aps).getDigestAlgorithm();139} else {140return aps.toString();141}142}143144public String toString() {145return String.format("Test: provider = %s, signature alg = %s, "146+ " w/ %s, key alg = %s", provider, sigAlg,147formatParams(sigParams), keyAlg);148}149}150151private static final Test[] tests = {152new Test(SigAlg.SHA1withDSA, KeyAlg.DSA, Provider.Default, 1024),153new Test(SigAlg.MD2withRSA, KeyAlg.RSA, Provider.Default),154new Test(SigAlg.MD5withRSA, KeyAlg.RSA, Provider.Default),155new Test(SigAlg.SHA1withRSA, KeyAlg.RSA, Provider.Default),156new Test(SigAlg.SHA1withDSA, KeyAlg.DSA, Provider.Sun, 1024),157new Test(SigAlg.SHA224withDSA, KeyAlg.DSA, Provider.Sun, 2048),158new Test(SigAlg.SHA256withDSA, KeyAlg.DSA, Provider.Sun, 2048),159};160161private static final String str = "to-be-signed";162private static final int N = 3;163164public static void main(String argv[]) {165boolean result = Arrays.stream(tests).allMatch((test) -> runTest(test));166result &= runTestPSS(2048);167if (result) {168System.out.println("All tests passed");169} else {170throw new RuntimeException("Some tests failed");171}172}173174private static boolean runTestPSS(int keysize) {175boolean result = true;176SigAlg pss = SigAlg.RSASSA_PSS;177Iterator<String> mdAlgs = SigTestUtil.getDigestAlgorithms178(SignatureType.RSASSA_PSS, keysize).iterator();179while (mdAlgs.hasNext()) {180result &= runTest(new Test(pss, KeyAlg.RSA, Provider.SunRsaSign,181keysize, SigTestUtil.generateDefaultParameter182(SignatureType.RSASSA_PSS, mdAlgs.next())));183}184return result;185}186187static boolean runTest(Test test) {188System.out.println(test);189try {190// Generate all private/public key pairs191PrivateKey[] privKeys = new PrivateKey[N];192PublicKey[] pubKeys = new PublicKey[N];193PublicKey[] anotherPubKeys = new PublicKey[N];194Signature signature;195KeyPairGenerator kpg;196if (test.provider != Provider.Default) {197signature = Signature.getInstance(test.sigAlg.name,198test.provider.name);199kpg = KeyPairGenerator.getInstance(200test.keyAlg.name, test.provider.name);201} else {202signature = Signature.getInstance(test.sigAlg.name);203kpg = KeyPairGenerator.getInstance(test.keyAlg.name);204}205if (test.sigParams != null) {206signature.setParameter(test.sigParams);207}208209for (int j=0; j < N; j++) {210if (test.keySize != -1) {211kpg.initialize(test.keySize);212}213KeyPair kp = kpg.genKeyPair();214KeyPair anotherKp = kpg.genKeyPair();215privKeys[j] = kp.getPrivate();216pubKeys[j] = kp.getPublic();217anotherPubKeys[j] = anotherKp.getPublic();218219if (Arrays.equals(pubKeys[j].getEncoded(),220anotherPubKeys[j].getEncoded())) {221System.out.println("Failed: it should not get "222+ "the same pair of public key");223return false;224}225}226227// Create a chain of signed objects228SignedObject[] objects = new SignedObject[N];229objects[0] = new SignedObject(str, privKeys[0], signature);230for (int j = 1; j < N; j++) {231objects[j] = new SignedObject(objects[j - 1], privKeys[j],232signature);233}234235// Verify the chain236int n = objects.length - 1;237SignedObject object = objects[n];238do {239if (!object.verify(pubKeys[n], signature)) {240System.out.println("Failed: verification failed, n = " + n);241return false;242}243if (object.verify(anotherPubKeys[n], signature)) {244System.out.println("Failed: verification should not "245+ "succeed with wrong public key, n = " + n);246return false;247}248249object = (SignedObject) object.getObject();250n--;251} while (n > 0);252253System.out.println("signed data: " + object.getObject());254if (!str.equals(object.getObject())) {255System.out.println("Failed: signed data is not equal to "256+ "original one");257return false;258}259260System.out.println("Test passed");261return true;262} catch (NoSuchProviderException nspe) {263if (test.provider == Provider.SunMSCAPI264&& !System.getProperty("os.name").startsWith("Windows")) {265System.out.println("SunMSCAPI is available only on Windows: "266+ nspe);267return true;268}269System.out.println("Unexpected exception: " + nspe);270return false;271} catch (Exception e) {272System.out.println("Unexpected exception: " + e);273e.printStackTrace(System.out);274return false;275}276}277}278279280281