Path: blob/master/test/jdk/sun/security/pkcs11/rsa/KeyWrap.java
41154 views
/*1* Copyright (c) 2005, 2018, Oracle and/or its affiliates. All rights reserved.2* DO NOT ALTER OR REMOVE COPYRIGHT NOTICES OR THIS FILE HEADER.3*4* This code is free software; you can redistribute it and/or modify it5* under the terms of the GNU General Public License version 2 only, as6* published by the Free Software Foundation.7*8* This code is distributed in the hope that it will be useful, but WITHOUT9* ANY WARRANTY; without even the implied warranty of MERCHANTABILITY or10* FITNESS FOR A PARTICULAR PURPOSE. See the GNU General Public License11* version 2 for more details (a copy is included in the LICENSE file that12* accompanied this code).13*14* You should have received a copy of the GNU General Public License version15* 2 along with this work; if not, write to the Free Software Foundation,16* Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA.17*18* Please contact Oracle, 500 Oracle Parkway, Redwood Shores, CA 94065 USA19* or visit www.oracle.com if you need additional information or have any20* questions.21*/2223/*24* @test25* @bug 623121626* @summary Verify key wrapping (of extractable keys) works for RSA/PKCS127* @author Andreas Sterbenz28* @library /test/lib ..29* @key randomness30* @modules jdk.crypto.cryptoki31* @run main/othervm KeyWrap32* @run main/othervm -Djava.security.manager=allow KeyWrap sm33*/3435import java.security.GeneralSecurityException;36import java.security.InvalidKeyException;37import java.security.Key;38import java.security.KeyFactory;39import java.security.KeyPair;40import java.security.KeyPairGenerator;41import java.security.NoSuchAlgorithmException;42import java.security.PrivateKey;43import java.security.Provider;44import java.security.PublicKey;45import java.util.Random;46import javax.crypto.Cipher;47import javax.crypto.SecretKey;48import javax.crypto.spec.SecretKeySpec;4950public class KeyWrap extends PKCS11Test {5152@Override53public void main(Provider p) throws Exception {54try {55Cipher.getInstance("RSA/ECB/PKCS1Padding", p);56} catch (GeneralSecurityException e) {57System.out.println("Not supported by provider, skipping");58return;59}60KeyPair kp;61try {62KeyPairGenerator kpg = KeyPairGenerator.getInstance("RSA", p);63kpg.initialize(512);64kp = kpg.generateKeyPair();65} catch (Exception e) {66try {67System.out.println("Could not generate KeyPair on provider " + p + ", trying migration");68KeyPairGenerator kpg = KeyPairGenerator.getInstance("RSA");69kpg.initialize(512);70kp = kpg.generateKeyPair();71KeyFactory kf = KeyFactory.getInstance("RSA", p);72PublicKey pub = (PublicKey)kf.translateKey(kp.getPublic());73PrivateKey priv = (PrivateKey)kf.translateKey(kp.getPrivate());74kp = new KeyPair(pub, priv);75} catch (NoSuchAlgorithmException | InvalidKeyException ee) {76ee.printStackTrace();77System.out.println("Provider does not support RSA, skipping");78return;79}80}81System.out.println(kp);82Random r = new Random();83byte[] b = new byte[16];84r.nextBytes(b);85String alg = "AES";86SecretKey key = new SecretKeySpec(b, alg);8788Cipher c = Cipher.getInstance("RSA/ECB/PKCS1Padding", p);89// Cipher c = Cipher.getInstance("RSA/ECB/PKCS1Padding");90c.init(Cipher.WRAP_MODE, kp.getPublic());91byte[] wrapped = c.wrap(key);92System.out.println("wrapped: " + wrapped.length);9394c.init(Cipher.UNWRAP_MODE, kp.getPrivate());95Key unwrapped = c.unwrap(wrapped, alg, Cipher.SECRET_KEY);96System.out.println("unwrapped: " + unwrapped);9798boolean eq = key.equals(unwrapped);99System.out.println(eq);100if (eq == false) {101throw new Exception("Unwrapped key does not match original key");102}103}104105public static void main(String[] args) throws Exception {106main(new KeyWrap(), args);107}108109}110111112