1
/*
2
 * Copyright (c) 2003, 2020, Oracle and/or its affiliates. All rights reserved.
3
 * DO NOT ALTER OR REMOVE COPYRIGHT NOTICES OR THIS FILE HEADER.
4
 *
5
 * This code is free software; you can redistribute it and/or modify it
6
 * under the terms of the GNU General Public License version 2 only, as
7
 * published by the Free Software Foundation.
8
 *
9
 * This code is distributed in the hope that it will be useful, but WITHOUT
10
 * ANY WARRANTY; without even the implied warranty of MERCHANTABILITY or
11
 * FITNESS FOR A PARTICULAR PURPOSE.  See the GNU General Public License
12
 * version 2 for more details (a copy is included in the LICENSE file that
13
 * accompanied this code).
14
 *
15
 * You should have received a copy of the GNU General Public License version
16
 * 2 along with this work; if not, write to the Free Software Foundation,
17
 * Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA.
18
 *
19
 * Please contact Oracle, 500 Oracle Parkway, Redwood Shores, CA 94065 USA
20
 * or visit www.oracle.com if you need additional information or have any
21
 * questions.
22
 */
23

24
/*
25
 * @test
26
 * @bug 4917233 6461727 6490213 6720456 8242332
27
 * @summary test the KeyGenerator
28
 * @author Andreas Sterbenz
29
 * @library /test/lib ..
30
 * @modules jdk.crypto.cryptoki
31
 * @run main/othervm TestKeyGenerator
32
 * @run main/othervm -Djava.security.manager=allow TestKeyGenerator sm
33
 */
34

35
import java.security.InvalidParameterException;
36
import java.security.NoSuchAlgorithmException;
37
import java.security.Provider;
38
import java.security.ProviderException;
39
import javax.crypto.KeyGenerator;
40
import javax.crypto.SecretKey;
41

42
enum TestResult {
43
    PASS,
44
    FAIL,
45
    TBD
46
}
47

48
public class TestKeyGenerator extends PKCS11Test {
49

50
    public static void main(String[] args) throws Exception {
51
        main(new TestKeyGenerator(), args);
52
    }
53

54
    private TestResult test(String algorithm, int keyLen, Provider p,
55
                      TestResult expected)
56
        throws Exception {
57
        TestResult actual = TestResult.TBD;
58
        System.out.println("Testing " + algorithm + ", " + keyLen + " bits...");
59
        KeyGenerator kg;
60
        try {
61
            kg = KeyGenerator.getInstance(algorithm, p);
62
        } catch (NoSuchAlgorithmException e) {
63
            System.out.println("Not supported, skipping: " + e);
64
            return TestResult.PASS;
65
        }
66
        try {
67
            kg.init(keyLen);
68
            actual = TestResult.PASS;
69
        } catch (InvalidParameterException ipe) {
70
            actual = TestResult.FAIL;
71
        }
72
        if (actual == TestResult.PASS) {
73
            try {
74
                SecretKey key = kg.generateKey();
75
                if (expected == TestResult.FAIL) {
76
                    throw new Exception("Generated " + key +
77
                        " using invalid key length");
78
                }
79
            } catch (ProviderException e) {
80
                e.printStackTrace();
81
                throw (Exception) (new Exception
82
                    ("key generation failed using valid length").initCause(e));
83
            }
84
        }
85
        if (expected != TestResult.TBD && expected != actual) {
86
            throw new Exception("Expected to " + expected + ", but " +
87
                actual);
88
        }
89
        return actual;
90
    }
91

92
    @Override
93
    public void main(Provider p) throws Exception {
94
        test("DES", 0, p, TestResult.FAIL);
95
        test("DES", 56, p, TestResult.PASS); // ensure JCE-Compatibility
96
        test("DES", 64, p, TestResult.PASS);
97
        test("DES", 128, p, TestResult.FAIL);
98

99
        test("DESede", 0, p, TestResult.FAIL);
100
        // Special handling since not all PKCS11 providers support
101
        // 2-key DESede, e.g. SunPKCS11-Solaris.
102
        TestResult temp = test("DESede", 112, p, TestResult.TBD);
103
        test("DESede", 128, p, temp);
104
        test("DESede", 168, p, TestResult.PASS);
105
        test("DESede", 192, p, TestResult.PASS);
106
        test("DESede", 64, p, TestResult.FAIL);
107
        test("DESede", 256, p, TestResult.FAIL);
108

109
        // Different PKCS11 impls have different ranges
110
        // of supported key sizes for variable-key-length
111
        // algorithms.
112
        // NSS>     Blowfish: n/a,         RC4: 8-2048 bits
113
        // However, we explicitly disallowed key sizes less
114
        // than 40-bits.
115

116
        test("Blowfish", 0, p, TestResult.FAIL);
117
        test("Blowfish", 24, p, TestResult.FAIL);
118
        test("Blowfish", 32, p, TestResult.FAIL);
119
        test("Blowfish", 40, p, TestResult.PASS);
120
        test("Blowfish", 128, p, TestResult.PASS);
121
        test("Blowfish", 136, p, TestResult.TBD);
122
        test("Blowfish", 448, p, TestResult.TBD);
123
        test("Blowfish", 456, p, TestResult.FAIL);
124

125
        test("ARCFOUR", 0, p, TestResult.FAIL);
126
        test("ARCFOUR", 32, p, TestResult.FAIL);
127
        test("ARCFOUR", 40, p, TestResult.PASS);
128
        test("ARCFOUR", 128, p, TestResult.PASS);
129

130
        String[] HMAC_ALGS = {
131
            "HmacSHA1", "HmacSHA224", "HmacSHA256", "HmacSHA384", "HmacSHA512",
132
            "HmacSHA512/224", "HmacSHA512/256", "HmacSHA3-224", "HmacSHA3-256",
133
            "HmacSHA3-384", "HmacSHA3-512",
134
        };
135

136
        for (String hmacAlg : HMAC_ALGS) {
137
            test(hmacAlg, 0, p, TestResult.FAIL);
138
            test(hmacAlg, 128, p, TestResult.PASS);
139
            test(hmacAlg, 224, p, TestResult.PASS);
140
        }
141

142
        if (p.getName().equals("SunPKCS11-NSS")) {
143
            test("ARCFOUR", 1024, p, TestResult.PASS);
144
            test("ARCFOUR", 2048, p, TestResult.PASS);
145
            test("ARCFOUR", 2056, p, TestResult.FAIL);
146
        }
147
    }
148
}
149

150