Book a Demo!
CoCalc Logo Icon
StoreFeaturesDocsShareSupportNewsAboutPoliciesSign UpSign In
PojavLauncherTeam
GitHub Repository: PojavLauncherTeam/mobile
 Path: blob/master/test/jdk/sun/security/pkcs11/Signature/SignatureTestPSS.java
41153 views
1
/*

2
 * Copyright (c) 2019, 2020, Oracle and/or its affiliates. All rights reserved.

3
 * DO NOT ALTER OR REMOVE COPYRIGHT NOTICES OR THIS FILE HEADER.

4
 *

5
 * This code is free software; you can redistribute it and/or modify it

6
 * under the terms of the GNU General Public License version 2 only, as

7
 * published by the Free Software Foundation.

8
 *

9
 * This code is distributed in the hope that it will be useful, but WITHOUT

10
 * ANY WARRANTY; without even the implied warranty of MERCHANTABILITY or

11
 * FITNESS FOR A PARTICULAR PURPOSE.  See the GNU General Public License

12
 * version 2 for more details (a copy is included in the LICENSE file that

13
 * accompanied this code).

14
 *

15
 * You should have received a copy of the GNU General Public License version

16
 * 2 along with this work; if not, write to the Free Software Foundation,

17
 * Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA.

18
 *

19
 * Please contact Oracle, 500 Oracle Parkway, Redwood Shores, CA 94065 USA

20
 * or visit www.oracle.com if you need additional information or have any

21
 * questions.

22
 */

23
import java.security.*;

24
import java.security.interfaces.*;

25
import java.security.spec.*;

26
import java.util.stream.IntStream;

27


28
/**

29
 * @test

30
 * @bug 8080462 8226651 8242332

31
 * @summary Generate a RSASSA-PSS signature and verify it using PKCS11 provider

32
 * @library /test/lib ..

33
 * @modules jdk.crypto.cryptoki

34
 * @run main SignatureTestPSS

35
 */

36
public class SignatureTestPSS extends PKCS11Test {

37


38
    // PKCS11 does not support RSASSA-PSS keys yet

39
    private static final String KEYALG = "RSA";

40
    private static final String SIGALG = "RSASSA-PSS";

41


42
    private static final int[] KEYSIZES = { 2048, 3072 };

43
    private static final String[] DIGESTS = {

44
            "SHA-224", "SHA-256", "SHA-384" , "SHA-512",

45
            "SHA3-224", "SHA3-256", "SHA3-384" , "SHA3-512",

46
    };

47
    private Provider prov;

48


49
    /**

50
     * How much times signature updated.

51
     */

52
    private static final int UPDATE_TIMES_FIFTY = 50;

53


54
    /**

55
     * How much times signature initial updated.

56
     */

57
    private static final int UPDATE_TIMES_HUNDRED = 100;

58


59
    public static void main(String[] args) throws Exception {

60
        main(new SignatureTestPSS(), args);

61
    }

62


63
    @Override

64
    public void main(Provider p) throws Exception {

65
        Signature sig;

66
        try {

67
            sig = Signature.getInstance(SIGALG, p);

68
        } catch (NoSuchAlgorithmException e) {

69
            System.out.println("Skip testing RSASSA-PSS" +

70
                " due to no support");

71
            return;

72
        }

73
        this.prov = p;

74
        for (int i : KEYSIZES) {

75
            runTest(i);

76
        }

77
    }

78


79
    private void runTest(int keySize) throws Exception {

80
        byte[] data = new byte[100];

81
        IntStream.range(0, data.length).forEach(j -> {

82
            data[j] = (byte) j;

83
        });

84
        System.out.println("[KEYSIZE = " + keySize + "]");

85


86
        // create a key pair

87
        KeyPair kpair = generateKeys(KEYALG, keySize);

88
        test(DIGESTS, kpair.getPrivate(), kpair.getPublic(), data);

89
    }

90


91
    private void test(String[] digestAlgs, PrivateKey privKey,

92
            PublicKey pubKey, byte[] data) throws RuntimeException {

93
        // For signature algorithm, create and verify a signature

94
        for (String hash : digestAlgs) {

95
            for (String mgfHash : digestAlgs) {

96
                try {

97
                    checkSignature(data, pubKey, privKey, hash, mgfHash);

98
                } catch (NoSuchAlgorithmException | InvalidKeyException |

99
                         SignatureException | NoSuchProviderException ex) {

100
                    throw new RuntimeException(ex);

101
                } catch (InvalidAlgorithmParameterException ex2) {

102
                    System.out.println("Skip test due to " + ex2);

103
                }

104
            }

105
        };

106
    }

107


108
    private KeyPair generateKeys(String keyalg, int size)

109
            throws NoSuchAlgorithmException {

110
        KeyPairGenerator kpg = KeyPairGenerator.getInstance(keyalg, prov);

111
        kpg.initialize(size);

112
        return kpg.generateKeyPair();

113
    }

114


115
    private void checkSignature(byte[] data, PublicKey pub,

116
            PrivateKey priv, String hash, String mgfHash)

117
            throws NoSuchAlgorithmException, InvalidKeyException,

118
            SignatureException, NoSuchProviderException,

119
            InvalidAlgorithmParameterException {

120


121
        String testName = hash + " and MGF1_" + mgfHash;

122
        // only test RSASSA-PSS signature against the supplied hash/mgfHash

123
        // if they are supported; otherwise PKCS11 library will throw

124
        // CKR_MECHANISM_PARAM_INVALID at Signature.initXXX calls

125
        try {

126
            MessageDigest md = MessageDigest.getInstance(hash, prov);

127
            if (!hash.equalsIgnoreCase(mgfHash)) {

128
                md = MessageDigest.getInstance(mgfHash, prov);

129
            }

130
        } catch (NoSuchAlgorithmException nsae) {

131
            System.out.println("Skip testing " + hash + "/" + mgfHash);

132
            return;

133
        }

134


135
        System.out.println("Testing against " + testName);

136
        Signature sig = Signature.getInstance(SIGALG, prov);

137
        AlgorithmParameterSpec params = new PSSParameterSpec(

138
            hash, "MGF1", new MGF1ParameterSpec(mgfHash), 0, 1);

139
        sig.setParameter(params);

140
        sig.initSign(priv);

141
        for (int i = 0; i < UPDATE_TIMES_HUNDRED; i++) {

142
            sig.update(data);

143
        }

144
        byte[] signedData = sig.sign();

145


146
        // Make sure signature verifies with original data

147
        // do we need to call sig.setParameter(params) again?

148
        sig.initVerify(pub);

149
        for (int i = 0; i < UPDATE_TIMES_HUNDRED; i++) {

150
            sig.update(data);

151
        }

152
        if (!sig.verify(signedData)) {

153
            throw new RuntimeException("Failed to verify signature");

154
        }

155


156
        // Make sure signature does NOT verify when the original data

157
        // has changed

158
        sig.initVerify(pub);

159
        for (int i = 0; i < UPDATE_TIMES_FIFTY; i++) {

160
            sig.update(data);

161
        }

162


163
        if (sig.verify(signedData)) {

164
            throw new RuntimeException("Failed to detect bad signature");

165
        }

166
    }

167
}

168


169