Path: blob/master/test/jdk/sun/security/pkcs11/ec/TestCurves.java
41153 views
/*1* Copyright (c) 2006, 2020, Oracle and/or its affiliates. All rights reserved.2* DO NOT ALTER OR REMOVE COPYRIGHT NOTICES OR THIS FILE HEADER.3*4* This code is free software; you can redistribute it and/or modify it5* under the terms of the GNU General Public License version 2 only, as6* published by the Free Software Foundation.7*8* This code is distributed in the hope that it will be useful, but WITHOUT9* ANY WARRANTY; without even the implied warranty of MERCHANTABILITY or10* FITNESS FOR A PARTICULAR PURPOSE. See the GNU General Public License11* version 2 for more details (a copy is included in the LICENSE file that12* accompanied this code).13*14* You should have received a copy of the GNU General Public License version15* 2 along with this work; if not, write to the Free Software Foundation,16* Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA.17*18* Please contact Oracle, 500 Oracle Parkway, Redwood Shores, CA 94065 USA19* or visit www.oracle.com if you need additional information or have any20* questions.21*/2223/**24* @test25* @bug 6405536 641498026* @summary Basic consistency test for all curves using ECDSA and ECDH27* @author Andreas Sterbenz28* @library /test/lib ..29* @modules jdk.crypto.cryptoki/sun.security.pkcs11.wrapper30* @run main/othervm TestCurves31* @run main/othervm -Djava.security.manager=allow TestCurves sm32* @key randomness33*/3435import java.security.KeyPair;36import java.security.KeyPairGenerator;37import java.security.Provider;38import java.security.ProviderException;39import java.security.Signature;40import java.security.spec.ECParameterSpec;41import java.util.Arrays;42import java.util.List;43import java.util.Random;44import javax.crypto.KeyAgreement;4546public class TestCurves extends PKCS11Test {4748public static void main(String[] args) throws Exception {49main(new TestCurves(), args);50}5152@Override53protected boolean skipTest(Provider p) {54if (p.getService("KeyAgreement", "ECDH") == null) {55System.out.println("Not supported by provider, skipping");56return true;57}5859if (isBadNSSVersion(p)) {60return true;61}6263return false;64}6566@Override67public void main(Provider p) throws Exception {68Random random = new Random();69byte[] data = new byte[2048];70random.nextBytes(data);7172List<ECParameterSpec> curves = getKnownCurves(p);73for (ECParameterSpec params : curves) {74System.out.println("Testing " + params + "...");75KeyPairGenerator kpg = KeyPairGenerator.getInstance("EC", p);76kpg.initialize(params);77KeyPair kp1, kp2;7879kp1 = kpg.generateKeyPair();80kp2 = kpg.generateKeyPair();8182testSigning(p, "SHA1withECDSA", data, kp1, kp2);83testSigning(p, "SHA224withECDSA", data, kp1, kp2);84testSigning(p, "SHA256withECDSA", data, kp1, kp2);85testSigning(p, "SHA384withECDSA", data, kp1, kp2);86testSigning(p, "SHA512withECDSA", data, kp1, kp2);87System.out.println();8889KeyAgreement ka1 = KeyAgreement.getInstance("ECDH", p);90ka1.init(kp1.getPrivate());91ka1.doPhase(kp2.getPublic(), true);92byte[] secret1 = ka1.generateSecret();9394KeyAgreement ka2 = KeyAgreement.getInstance("ECDH", p);95ka2.init(kp2.getPrivate());96ka2.doPhase(kp1.getPublic(), true);97byte[] secret2 = ka2.generateSecret();9899if (Arrays.equals(secret1, secret2) == false) {100throw new Exception("Secrets do not match");101}102}103104System.out.println("OK");105}106107private static void testSigning(Provider p, String algorithm,108byte[] data, KeyPair kp1, KeyPair kp2) throws Exception {109System.out.print(" " + algorithm);110Signature s = Signature.getInstance(algorithm, p);111s.initSign(kp1.getPrivate());112s.update(data);113byte[] sig = s.sign();114115s = Signature.getInstance(algorithm, p);116s.initVerify(kp1.getPublic());117s.update(data);118boolean r = s.verify(sig);119if (r == false) {120throw new Exception("Signature did not verify");121}122123s.initVerify(kp2.getPublic());124s.update(data);125r = s.verify(sig);126if (r) {127throw new Exception("Signature should not verify");128}129}130}131132133