Book a Demo!
CoCalc Logo Icon
StoreFeaturesDocsShareSupportNewsAboutPoliciesSign UpSign In
PojavLauncherTeam
GitHub Repository: PojavLauncherTeam/mobile
 Path: blob/master/test/jdk/javax/xml/crypto/dsig/PSSSpec.java
41152 views
1
/*

2
 * Copyright (c) 2021, Oracle and/or its affiliates. All rights reserved.

3
 * DO NOT ALTER OR REMOVE COPYRIGHT NOTICES OR THIS FILE HEADER.

4
 *

5
 * This code is free software; you can redistribute it and/or modify it

6
 * under the terms of the GNU General Public License version 2 only, as

7
 * published by the Free Software Foundation.

8
 *

9
 * This code is distributed in the hope that it will be useful, but WITHOUT

10
 * ANY WARRANTY; without even the implied warranty of MERCHANTABILITY or

11
 * FITNESS FOR A PARTICULAR PURPOSE.  See the GNU General Public License

12
 * version 2 for more details (a copy is included in the LICENSE file that

13
 * accompanied this code).

14
 *

15
 * You should have received a copy of the GNU General Public License version

16
 * 2 along with this work; if not, write to the Free Software Foundation,

17
 * Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA.

18
 *

19
 * Please contact Oracle, 500 Oracle Parkway, Redwood Shores, CA 94065 USA

20
 * or visit www.oracle.com if you need additional information or have any

21
 * questions.

22
 */

23


24
import jdk.test.lib.Asserts;

25
import jdk.test.lib.Utils;

26
import jdk.test.lib.security.XMLUtils;

27
import org.w3c.dom.Document;

28


29
import javax.crypto.spec.SecretKeySpec;

30
import javax.xml.crypto.MarshalException;

31
import javax.xml.crypto.dsig.DigestMethod;

32
import javax.xml.crypto.dsig.SignatureMethod;

33
import javax.xml.crypto.dsig.XMLSignatureFactory;

34
import javax.xml.crypto.dsig.dom.DOMValidateContext;

35
import javax.xml.crypto.dsig.spec.RSAPSSParameterSpec;

36
import java.security.KeyPairGenerator;

37
import java.security.spec.MGF1ParameterSpec;

38
import java.security.spec.PSSParameterSpec;

39


40
/**

41
 * @test

42
 * @bug 8241306

43
 * @library /test/lib

44
 * @modules java.xml.crypto

45
 * @summary Testing marshal and unmarshal of RSAPSSParameterSpec

46
 */

47
public class PSSSpec {

48
    private static final String P2SM = "//ds:Signature/ds:SignedInfo/ds:SignatureMethod";

49
    private static final String P2PSS = P2SM + "/pss:RSAPSSParams";

50
    private static final String P2MGF = P2PSS + "/pss:MaskGenerationFunction";

51


52
    private static final PSSParameterSpec DEFAULT_SPEC

53
            = new PSSParameterSpec("SHA-256", "MGF1", new MGF1ParameterSpec("SHA-256"), 32, PSSParameterSpec.TRAILER_FIELD_BC);

54


55
    public static void main(String[] args) throws Exception {

56
        unmarshal();

57
        marshal();

58
        spec();

59
    }

60


61
    static void unmarshal() throws Exception {

62
        // Original document with all elements

63
        Document doc = XMLUtils.string2doc("""

64
                <?xml version="1.0" encoding="UTF-8"?>

65
                <ds:Signature

66
                        xmlns:ds="http://www.w3.org/2000/09/xmldsig#"

67
                        xmlns:ec="http://www.w3.org/2001/10/xml-exc-c14n#"

68
                        xmlns:pss="http://www.w3.org/2007/05/xmldsig-more#">

69
                    <ds:SignedInfo>

70
                        <ds:CanonicalizationMethod Algorithm="http://www.w3.org/2001/10/xml-exc-c14n#WithComments"/>

71
                        <ds:SignatureMethod Algorithm="http://www.w3.org/2007/05/xmldsig-more#rsa-pss">

72
                            <pss:RSAPSSParams>

73
                                <ds:DigestMethod Algorithm="http://www.w3.org/2001/04/xmlenc#sha512"/>

74
                                <pss:MaskGenerationFunction Algorithm="http://www.w3.org/2007/05/xmldsig-more#MGF1">

75
                                    <ds:DigestMethod Algorithm="http://www.w3.org/2001/04/xmldsig-more#sha384"/>

76
                                </pss:MaskGenerationFunction>

77
                                <pss:SaltLength>32</pss:SaltLength>

78
                                <pss:TrailerField>2</pss:TrailerField>

79
                            </pss:RSAPSSParams>

80
                        </ds:SignatureMethod>

81
                        <ds:Reference>

82
                            <ds:DigestMethod Algorithm="http://www.w3.org/2001/04/xmlenc#sha512"/>

83
                            <ds:DigestValue>abc=</ds:DigestValue>

84
                        </ds:Reference>

85
                    </ds:SignedInfo>

86
                    <ds:SignatureValue>abc=</ds:SignatureValue>

87
                </ds:Signature>

88
                """);

89


90
        // Unknown DigestMethod

91
        Utils.runAndCheckException(

92
                () -> getSpec(XMLUtils.withAttribute(doc, P2PSS + "/ds:DigestMethod", "Algorithm", "http://unknown")),

93
                e -> Asserts.assertTrue(e instanceof MarshalException && e.getMessage().contains("Invalid digest algorithm"), e.getMessage()));

94
        // Unknown MGF algorithm

95
        Utils.runAndCheckException(

96
                () -> getSpec(XMLUtils.withAttribute(doc, P2MGF, "Algorithm", "http://unknown")),

97
                e -> Asserts.assertTrue(e instanceof MarshalException && e.getMessage().contains("Unknown MGF algorithm"), e.getMessage()));

98
        // Unknown MGF DigestMethod

99
        Utils.runAndCheckException(

100
                () -> getSpec(XMLUtils.withAttribute(doc, P2MGF + "/ds:DigestMethod", "Algorithm", "http://unknown")),

101
                e -> Asserts.assertTrue(e instanceof MarshalException && e.getMessage().contains("Invalid digest algorithm"), e.getMessage()));

102
        // Invalid SaltLength

103
        Utils.runAndCheckException(

104
                () -> getSpec(XMLUtils.withText(doc, P2PSS + "/pss:SaltLength", "big")),

105
                e -> Asserts.assertTrue(e instanceof MarshalException && e.getMessage().contains("Invalid salt length supplied"), e.getMessage()));

106
        Utils.runAndCheckException(

107
                () -> getSpec(XMLUtils.withText(doc, P2PSS + "/pss:SaltLength", "-1")),

108
                e -> Asserts.assertTrue(e instanceof MarshalException && e.getMessage().contains("Invalid salt length supplied"), e.getMessage()));

109
        // Invalid TrailerField

110
        Utils.runAndCheckException(

111
                () -> getSpec(XMLUtils.withText(doc, P2PSS + "/pss:TrailerField", "small")),

112
                e -> Asserts.assertTrue(e instanceof MarshalException && e.getMessage().contains("Invalid trailer field supplied"), e.getMessage()));

113
        Utils.runAndCheckException(

114
                () -> getSpec(XMLUtils.withText(doc, P2PSS + "/pss:TrailerField", "-1")),

115
                e -> Asserts.assertTrue(e instanceof MarshalException && e.getMessage().contains("Invalid trailer field supplied"), e.getMessage()));

116


117
        // Spec in original doc

118
        checkSpec(doc, new PSSParameterSpec("SHA-512", "MGF1", new MGF1ParameterSpec("SHA-384"), 32, 2));

119
        // Default MGF1 dm is same as PSS dm

120
        checkSpec(XMLUtils.withoutNode(doc, P2MGF + "/ds:DigestMethod"), // No dm in MGF

121
                new PSSParameterSpec("SHA-512", "MGF1", new MGF1ParameterSpec("SHA-512"), 32, 2));

122
        checkSpec(XMLUtils.withoutNode(doc, P2MGF), // No MGF at all

123
                new PSSParameterSpec("SHA-512", "MGF1", new MGF1ParameterSpec("SHA-512"), 32, 2));

124
        // Default TrailerField is 1

125
        checkSpec(XMLUtils.withoutNode(doc, P2PSS + "/pss:TrailerField"),

126
                new PSSParameterSpec("SHA-512", "MGF1", new MGF1ParameterSpec("SHA-384"), 32, 1));

127
        // Default SaltLength is dm's SaltLength

128
        checkSpec(XMLUtils.withoutNode(doc, P2PSS + "/pss:SaltLength"),

129
                new PSSParameterSpec("SHA-512", "MGF1", new MGF1ParameterSpec("SHA-384"), 64, 2));

130
        // Default DigestMethod is 256

131
        checkSpec(XMLUtils.withoutNode(doc, P2PSS + "/ds:DigestMethod"),

132
                new PSSParameterSpec("SHA-256", "MGF1", new MGF1ParameterSpec("SHA-384"), 32, 2));

133
        // Default PSS is SHA-256

134
        checkSpec(XMLUtils.withoutNode(doc, P2PSS), DEFAULT_SPEC);

135
    }

136


137
    static void marshal() throws Exception {

138
        var keyPairGenerator = KeyPairGenerator.getInstance("RSA");

139
        var signer = XMLUtils.signer(keyPairGenerator.generateKeyPair().getPrivate());

140
        PSSParameterSpec spec;

141
        Document doc = XMLUtils.string2doc("<a>x</a>");

142
        Document signedDoc;

143


144
        // Default sm. No need to describe at all

145
        signer.sm(SignatureMethod.RSA_PSS, new RSAPSSParameterSpec(DEFAULT_SPEC));

146
        signedDoc = signer.sign(doc);

147
        Asserts.assertTrue(!XMLUtils.sub(signedDoc, P2SM).hasChildNodes());

148


149
        // Special salt.

150
        spec = new PSSParameterSpec("SHA-256", "MGF1", new MGF1ParameterSpec("SHA-256"), 40, PSSParameterSpec.TRAILER_FIELD_BC);

151
        signer.sm(SignatureMethod.RSA_PSS, new RSAPSSParameterSpec(spec));

152
        signedDoc = signer.sign(doc);

153
        Asserts.assertTrue(XMLUtils.sub(signedDoc, P2PSS + "/pss:SaltLength").getTextContent().equals("40"));

154
        Asserts.assertTrue(XMLUtils.sub(signedDoc, P2MGF) == null);

155
        Asserts.assertTrue(XMLUtils.sub(signedDoc, P2PSS + "/ds:DigestMethod") == null);

156
        Asserts.assertTrue(XMLUtils.sub(signedDoc, P2PSS + "/pss:TrailerField") == null);

157


158
        // Different MGF1 dm

159
        spec = new PSSParameterSpec("SHA-256", "MGF1", new MGF1ParameterSpec("SHA-384"), 32, PSSParameterSpec.TRAILER_FIELD_BC);

160
        signer.sm(SignatureMethod.RSA_PSS, new RSAPSSParameterSpec(spec));

161
        signedDoc = signer.sign(doc);

162
        Asserts.assertTrue(XMLUtils.sub(signedDoc, P2MGF + "/ds:DigestMethod").getAttribute("Algorithm").equals(DigestMethod.SHA384));

163
        Asserts.assertTrue(XMLUtils.sub(signedDoc, P2PSS + "/ds:DigestMethod") == null);

164
        Asserts.assertTrue(XMLUtils.sub(signedDoc, P2PSS + "/pss:SaltLength") == null);

165
        Asserts.assertTrue(XMLUtils.sub(signedDoc, P2PSS + "/pss:TrailerField") == null);

166


167
        // Non default dm only

168
        spec = new PSSParameterSpec("SHA-384", "MGF1", new MGF1ParameterSpec("SHA-384"), 48, PSSParameterSpec.TRAILER_FIELD_BC);

169
        signer.sm(SignatureMethod.RSA_PSS, new RSAPSSParameterSpec(spec));

170
        signedDoc = signer.sign(doc);

171
        Asserts.assertTrue(XMLUtils.sub(signedDoc, P2PSS + "/ds:DigestMethod").getAttribute("Algorithm").equals(DigestMethod.SHA384));

172
        Asserts.assertTrue(XMLUtils.sub(signedDoc, P2MGF) == null);

173
        Asserts.assertTrue(XMLUtils.sub(signedDoc, P2PSS + "/pss:SaltLength") == null);

174
        Asserts.assertTrue(XMLUtils.sub(signedDoc, P2PSS + "/pss:TrailerField") == null);

175
    }

176


177
    static void spec() throws Exception {

178
        XMLSignatureFactory fac = XMLSignatureFactory.getInstance("DOM");

179
        SignatureMethod sm = fac.newSignatureMethod(SignatureMethod.RSA_PSS, null);

180
        Asserts.assertTrue(equals(

181
                ((RSAPSSParameterSpec)sm.getParameterSpec()).getPSSParameterSpec(),

182
                DEFAULT_SPEC));

183


184
        PSSParameterSpec special = new PSSParameterSpec("SHA-256", "MGF1", new MGF1ParameterSpec("SHA-384"), 33, 2);

185
        sm = fac.newSignatureMethod(SignatureMethod.RSA_PSS, new RSAPSSParameterSpec(special));

186
        Asserts.assertTrue(equals(

187
                ((RSAPSSParameterSpec)sm.getParameterSpec()).getPSSParameterSpec(),

188
                special));

189
    }

190


191
    static PSSParameterSpec getSpec(Document doc) throws Exception {

192
        var signatureNode = doc.getElementsByTagNameNS("http://www.w3.org/2000/09/xmldsig#", "Signature").item(0);

193
        DOMValidateContext valContext = new DOMValidateContext(new SecretKeySpec(new byte[1], "WHAT"), signatureNode);

194
        valContext.setProperty("org.jcp.xml.dsig.secureValidation", false);

195
        var signedInfo = XMLSignatureFactory.getInstance("DOM").unmarshalXMLSignature(valContext).getSignedInfo();

196
        var spec = signedInfo.getSignatureMethod().getParameterSpec();

197
        if (spec instanceof RSAPSSParameterSpec pspec) {

198
            return pspec.getPSSParameterSpec();

199
        } else {

200
            Asserts.fail("Not PSSParameterSpec: " + spec.getClass());

201
            return null;

202
        }

203
    }

204


205
    static void checkSpec(Document doc, PSSParameterSpec expected) throws Exception {

206
        Asserts.assertTrue(equals(getSpec(doc), expected));

207
    }

208


209
    static boolean equals(PSSParameterSpec p1, PSSParameterSpec p2) {

210
        return p1.getDigestAlgorithm().equals(p2.getDigestAlgorithm())

211
                && p1.getSaltLength() == p2.getSaltLength()

212
                && p1.getTrailerField() == p2.getTrailerField()

213
                && p1.getMGFAlgorithm().equals(p2.getMGFAlgorithm())

214
                && ((MGF1ParameterSpec) p1.getMGFParameters()).getDigestAlgorithm()

215
                .equals(((MGF1ParameterSpec) p2.getMGFParameters()).getDigestAlgorithm());

216
    }

217
}

218


219