Book a Demo!
CoCalc Logo Icon
StoreFeaturesDocsShareSupportNewsAboutPoliciesSign UpSign In
PojavLauncherTeam
GitHub Repository: PojavLauncherTeam/mobile
 Path: blob/master/test/jdk/sun/security/pkcs11/KeyStore/SecretKeysBasic.java
41152 views
1
/*

2
 * Copyright (c) 2008, 2021, Oracle and/or its affiliates. All rights reserved.

3
 * DO NOT ALTER OR REMOVE COPYRIGHT NOTICES OR THIS FILE HEADER.

4
 *

5
 * This code is free software; you can redistribute it and/or modify it

6
 * under the terms of the GNU General Public License version 2 only, as

7
 * published by the Free Software Foundation.

8
 *

9
 * This code is distributed in the hope that it will be useful, but WITHOUT

10
 * ANY WARRANTY; without even the implied warranty of MERCHANTABILITY or

11
 * FITNESS FOR A PARTICULAR PURPOSE.  See the GNU General Public License

12
 * version 2 for more details (a copy is included in the LICENSE file that

13
 * accompanied this code).

14
 *

15
 * You should have received a copy of the GNU General Public License version

16
 * 2 along with this work; if not, write to the Free Software Foundation,

17
 * Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA.

18
 *

19
 * Please contact Oracle, 500 Oracle Parkway, Redwood Shores, CA 94065 USA

20
 * or visit www.oracle.com if you need additional information or have any

21
 * questions.

22
 */

23
/* @test

24
 * @bug 6599979

25
 * @summary Ensure that re-assigning the alias works

26
 * @library /test/lib ..

27
 * @run testng/othervm SecretKeysBasic

28
 */

29
import org.testng.annotations.BeforeClass;

30
import org.testng.annotations.Test;

31


32
import java.io.*;

33
import java.nio.file.Path;

34
import java.util.*;

35
import java.security.*;

36
import javax.crypto.*;

37
import javax.crypto.spec.*;

38


39
public class SecretKeysBasic extends PKCS11Test {

40


41
    private static final char SEP = File.separatorChar;

42
    private static char[] tokenPwd;

43
    private static final char[] nssPwd =

44
            new char[]{'t', 'e', 's', 't', '1', '2'};

45
    private static final char[] solarisPwd =

46
            new char[]{'p', 'i', 'n'};

47
    private static SecretKey sk1;

48
    private static SecretKey sk2;

49
    private static SecretKey softkey;

50
    private static KeyStore ks;

51
    private static final String KS_TYPE = "PKCS11";

52
    private static Provider provider;

53


54
    @BeforeClass

55
    public void setUp() throws Exception {

56
        copyNssCertKeyToClassesDir();

57
        setCommonSystemProps();

58
        System.setProperty("TOKEN", "nss");

59
        System.setProperty("CUSTOM_P11_CONFIG", Path.of(BASE)

60
                .resolve("BasicData").resolve("p11-nss.txt").toString());

61
    }

62


63
    @Test

64
    public void testBasic() throws Exception {

65
        main(new SecretKeysBasic());

66
    }

67


68
    public void main(Provider p) throws Exception {

69
        this.provider = p;

70


71
        // create secret key

72
        byte[] keyVal = new byte[16];

73
        (new SecureRandom()).nextBytes(keyVal);

74
        // NSS will throw CKR_HOST_MEMORY if calling C_DecryptInit w/

75
        // (keyVal[0] == 0)

76
        if (keyVal[0] == 0) {

77
            keyVal[0] = 1;

78
        }

79
        softkey = new SecretKeySpec(keyVal, "AES");

80
        dumpKey("softkey", softkey);

81


82
        KeyGenerator kg = KeyGenerator.getInstance("DESede", provider);

83
        sk1 = kg.generateKey();

84
        dumpKey("skey1", sk1);

85
        sk2 = kg.generateKey();

86
        dumpKey("skey2", sk2);

87


88
        String token = System.getProperty("TOKEN");

89


90
        if (token == null || token.length() == 0) {

91
            System.out.println("Error: missing TOKEN system property");

92
            throw new Exception("token arg required");

93
        }

94


95
        if ("nss".equals(token)) {

96
            tokenPwd = nssPwd;

97
        } else if ("solaris".equals(token)) {

98
            tokenPwd = solarisPwd;

99
        }

100


101
        int testnum = 1;

102
        doTest();

103
    }

104


105
    private static boolean checkSecretKeyEntry(String alias,

106
            SecretKey expected,

107
            boolean saveBeforeCheck)

108
            throws Exception {

109


110
        // A bug in NSS 3.12 (Mozilla bug 471665) causes AES key lengths

111
        // to be read incorrectly.  Checking for improper 16 byte length

112
        // in key string.

113
        if (isNSS(provider) && expected.getAlgorithm().equals("AES") &&

114
                (getNSSVersion() >= 3.12 && getNSSVersion() <= 3.122)) {

115
            System.out.println("NSS 3.12 bug returns incorrect AES key "+

116
                    "length breaking key storage. Aborting...");

117
            return true;

118
        }

119


120
        if (saveBeforeCheck) {

121
            ks.setKeyEntry(alias, expected, null, null);

122
        }

123
        SecretKey result = (SecretKey) (ks.getKey(alias, null));

124
        String keyEncFormat = result.getFormat();

125
        if (keyEncFormat == null) {

126
            // sensitive or un-extractable keys - verify by encrypt/decrypt

127
            byte[] data = new byte[64];

128
            Cipher c =

129
                    Cipher.getInstance(result.getAlgorithm() + "/CBC/NoPadding",

130
                    provider);

131
            c.init(Cipher.ENCRYPT_MODE, expected);

132
            byte[] encOut = c.doFinal(data);

133
            c.init(Cipher.DECRYPT_MODE, result, c.getParameters());

134
            byte[] decOut = c.doFinal(encOut);

135
            if (!Arrays.equals(data, decOut)) {

136
                return false;

137
            }

138
        } else if (keyEncFormat.toUpperCase().equals("RAW")) {

139
            if (!Arrays.equals(result.getEncoded(), expected.getEncoded())) {

140
                dumpKey("\texpected:", expected);

141
                dumpKey("\treturns:", result);

142
                return false;

143
            }

144
        }

145
        return true;

146
    }

147


148
    private static void dumpKey(String info, SecretKey key) {

149
        System.out.println(info + "> " + key);

150
        System.out.println("\tALGO=" + key.getAlgorithm());

151
        if (key.getFormat() != null) {

152
            StringBuilder sb = new StringBuilder();

153
            for (byte b : key.getEncoded()) {

154
                sb.append(String.format("%02x", b & 0xff));

155
            }

156
            System.out.println("\t[" + key.getFormat() + "] VALUE=" + sb);

157
        } else {

158
            System.out.println("\tVALUE=n/a");

159
        }

160
    }

161


162
    private static void doTest() throws Exception {

163
        // Make sure both NSS libraries are the same version.

164
        if (isNSS(provider) &&

165
                (getLibsoftokn3Version() != getLibnss3Version())) {

166
            System.out.println("libsoftokn3 and libnss3 versions do not match.  Aborting test...");

167
            return;

168
        }

169


170
        if (ks == null) {

171
            ks = KeyStore.getInstance(KS_TYPE, provider);

172
            ks.load(null, tokenPwd);

173
        }

174


175
        System.out.println("Number of entries: " + ks.size());

176
        if (ks.size() != 0) {

177
            System.out.println("Deleting entries under aliases: ");

178
            for (Enumeration<String> aliases = ks.aliases();

179
                    aliases.hasMoreElements();) {

180
                String alias = aliases.nextElement();

181
                System.out.println("\t" + alias);

182
                ks.deleteEntry(alias);

183
            }

184
        }

185


186
        String alias = "testSKey";

187


188
        boolean testResult = checkSecretKeyEntry(alias, softkey, true);

189
        if (!testResult) {

190
            System.out.println("FAILURE: setKey() w/ softSecretKey failed");

191
        }

192


193
        if (!checkSecretKeyEntry(alias, sk1, true)) {

194
            testResult = false;

195
            System.out.println("FAILURE: setKey() w/ skey1 failed");

196
        }

197
        if (!checkSecretKeyEntry(alias, sk2, true)) {

198
            testResult = false;

199
            System.out.println("FAILURE: setKey() w/ skey2 failed");

200
        }

201


202
        ks.store(null);

203
        System.out.println("Reloading keystore...");

204


205
        ks.load(null, "whatever".toCharArray());

206
        if (ks.size() != 1) {

207
            System.out.println("FAILURE: reload#1 ks.size() != 1");

208
        }

209
        if (!checkSecretKeyEntry(alias, sk2, false)) {

210
            testResult = false;

211
            System.out.println("FAILURE: reload#1 ks entry check failed");

212
        }

213


214
        ks.deleteEntry(alias);

215
        ks.store(null);

216


217
        System.out.println("Reloading keystore...");

218
        ks.load(null, "whatever".toCharArray());

219
        if (ks.size() != 0) {

220
            testResult = false;

221
            System.out.println("FAILURE: reload#2 ks.size() != 0");

222
        }

223
        if (!testResult) {

224
            throw new Exception("One or more test failed!");

225
        }

226
    }

227
}

228


229