Path: blob/master/test/jdk/sun/security/pkcs11/tls/TestPremaster.java
41155 views
/*1* Copyright (c) 2005, 2018, Oracle and/or its affiliates. All rights reserved.2* DO NOT ALTER OR REMOVE COPYRIGHT NOTICES OR THIS FILE HEADER.3*4* This code is free software; you can redistribute it and/or modify it5* under the terms of the GNU General Public License version 2 only, as6* published by the Free Software Foundation.7*8* This code is distributed in the hope that it will be useful, but WITHOUT9* ANY WARRANTY; without even the implied warranty of MERCHANTABILITY or10* FITNESS FOR A PARTICULAR PURPOSE. See the GNU General Public License11* version 2 for more details (a copy is included in the LICENSE file that12* accompanied this code).13*14* You should have received a copy of the GNU General Public License version15* 2 along with this work; if not, write to the Free Software Foundation,16* Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA.17*18* Please contact Oracle, 500 Oracle Parkway, Redwood Shores, CA 94065 USA19* or visit www.oracle.com if you need additional information or have any20* questions.21*/2223/*24* @test25* @bug 6316539 813635526* @summary Basic tests for TlsRsaPremasterSecret generator27* @author Andreas Sterbenz28* @library /test/lib ..29* @modules java.base/sun.security.internal.spec30* jdk.crypto.cryptoki31* @run main/othervm TestPremaster32* @run main/othervm -Djava.security.manager=allow TestPremaster sm policy33*/3435import java.security.Provider;36import java.security.InvalidAlgorithmParameterException;37import javax.crypto.KeyGenerator;38import javax.crypto.SecretKey;39import sun.security.internal.spec.TlsRsaPremasterSecretParameterSpec;4041public class TestPremaster extends PKCS11Test {4243public static void main(String[] args) throws Exception {44main(new TestPremaster(), args);45}4647@Override48public void main(Provider provider) throws Exception {49if (provider.getService(50"KeyGenerator", "SunTlsRsaPremasterSecret") == null) {51System.out.println("Not supported by provider, skipping");52return;53}54KeyGenerator kg;55kg = KeyGenerator.getInstance("SunTlsRsaPremasterSecret", provider);5657try {58kg.generateKey();59throw new Exception("no exception");60} catch (IllegalStateException e) {61System.out.println("OK: " + e);62}6364int[] protocolVersions = {0x0300, 0x0301, 0x0302};65for (int clientVersion : protocolVersions) {66for (int serverVersion : protocolVersions) {67test(kg, clientVersion, serverVersion);68if (serverVersion >= clientVersion) {69break;70}71}72}7374System.out.println("Done.");75}7677private static void test(KeyGenerator kg,78int clientVersion, int serverVersion) throws Exception {7980System.out.printf(81"Testing RSA pre-master secret key generation between " +82"client (0x%04X) and server(0x%04X)%n",83clientVersion, serverVersion);84try {85kg.init(new TlsRsaPremasterSecretParameterSpec(86clientVersion, serverVersion));87} catch (InvalidAlgorithmParameterException iape) {88// S12 removed support for SSL v3.089if (clientVersion == 0x300 || serverVersion == 0x300) {90System.out.println("Skip testing SSLv3 due to no support");91return;92}93// unexpected, pass it up94throw iape;95}96SecretKey key = kg.generateKey();97byte[] encoded = key.getEncoded();98if (encoded != null) { // raw key material may be not extractable99if (encoded.length != 48) {100throw new Exception("length: " + encoded.length);101}102int v = versionOf(encoded[0], encoded[1]);103if (clientVersion != v) {104if (serverVersion != v || clientVersion >= 0x0302) {105throw new Exception(String.format(106"version mismatch: (0x%04X) rather than (0x%04X) " +107"is used in pre-master secret", v, clientVersion));108}109System.out.printf("Use compatible version (0x%04X)%n", v);110}111System.out.println("Passed, version matches!");112} else {113System.out.println("Raw key material is not extractable");114}115}116117private static int versionOf(int major, int minor) {118return ((major & 0xFF) << 8) | (minor & 0xFF);119}120121}122123124