1
/*
2
 * Copyright (c) 2018, 2021, Oracle and/or its affiliates. All rights reserved.
3
 * DO NOT ALTER OR REMOVE COPYRIGHT NOTICES OR THIS FILE HEADER.
4
 *
5
 * This code is free software; you can redistribute it and/or modify it
6
 * under the terms of the GNU General Public License version 2 only, as
7
 * published by the Free Software Foundation.
8
 *
9
 * This code is distributed in the hope that it will be useful, but WITHOUT
10
 * ANY WARRANTY; without even the implied warranty of MERCHANTABILITY or
11
 * FITNESS FOR A PARTICULAR PURPOSE.  See the GNU General Public License
12
 * version 2 for more details (a copy is included in the LICENSE file that
13
 * accompanied this code).
14
 *
15
 * You should have received a copy of the GNU General Public License version
16
 * 2 along with this work; if not, write to the Free Software Foundation,
17
 * Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA.
18
 *
19
 * Please contact Oracle, 500 Oracle Parkway, Redwood Shores, CA 94065 USA
20
 * or visit www.oracle.com if you need additional information or have any
21
 * questions.
22
 */
23

24
import java.io.IOException;
25
import java.security.*;
26
import java.security.spec.*;
27
import java.util.HexFormat;
28
import java.util.List;
29

30
/*
31
 * @test
32
 * @bug 8146293
33
 * @summary Known Answer Tests based on NIST 186-3 at:
34
 * @compile SigRecord.java
35
 * @run main/othervm TestSigGenPSS
36
 */
37
public class TestSigGenPSS {
38

39
    private static final String[] testFiles = {
40
        "SigGenPSS_186-3.txt", "SigGenPSS_186-3_TruncatedSHAs.txt"
41
    };
42

43
    static final class MyKnownRandomSrc extends SecureRandom {
44
        final byte[] srcBytes;
45
        int numBytes;
46

47
        MyKnownRandomSrc(String srcString) {
48
            this.srcBytes = HexFormat.of().parseHex(srcString);
49
            this.numBytes = this.srcBytes.length;
50
        }
51
        @Override
52
        public void nextBytes(byte[] bytes) {
53
            if (bytes.length > numBytes) {
54
                throw new RuntimeException("Not enough bytes, need "
55
                    + bytes.length + ", got " + numBytes);
56
            }
57
            System.arraycopy(this.srcBytes, this.srcBytes.length - numBytes, bytes, 0, bytes.length);
58
            numBytes -= bytes.length;
59
        }
60

61
    }
62

63
    public static void main(String[] args) throws Exception {
64
        //for (Provider provider : Security.getProviders()) {
65
        Provider p = Security.getProvider("SunRsaSign");
66
        Signature sig;
67
        try {
68
            sig = Signature.getInstance("RSASSA-PSS", p);
69
        } catch (NoSuchAlgorithmException e) {
70
            System.out.println("Skip testing RSASSA-PSS" +
71
                " due to no support");
72
            return;
73
        }
74

75
        boolean success = true;
76
        for (String f : testFiles) {
77
            System.out.println("[INPUT FILE " + f + "]");
78
            try {
79
                success &= runTest(SigRecord.read(f), sig);
80
            } catch (IOException e) {
81
                System.out.println("Unexpected exception: " + e);
82
                e.printStackTrace(System.out);
83
                success = false;
84
            }
85
        }
86

87
        if (!success) {
88
            throw new RuntimeException("One or more test failed");
89
        }
90
        System.out.println("Test passed");
91
    }
92

93
    /*
94
     * Run all the tests in the data list with specified algorithm
95
     */
96
    static boolean runTest(List<SigRecord> records, Signature sig) throws Exception {
97
        boolean success = true;
98
        KeyFactory kf = KeyFactory.getInstance("RSA", sig.getProvider());
99
        for (SigRecord sr : records) {
100
            System.out.println("==Testing Record : " + sr + "==");
101
            PrivateKey privKey = kf.generatePrivate(sr.privKeySpec);
102
            PublicKey pubKey = kf.generatePublic(sr.pubKeySpec);
103
            success &= check(sig, privKey, pubKey, sr.testVectors);
104
            System.out.println("==Done==");
105
        }
106
        return success;
107
    }
108

109
    /*
110
     * Generate the signature, check against known values and verify.
111
     */
112
    static boolean check(Signature sig, PrivateKey privKey, PublicKey pubKey,
113
        List<SigRecord.SigVector> vectors) throws Exception {
114

115
        boolean success = true;
116
        for (SigRecord.SigVector v : vectors) {
117
            System.out.println("\tAgainst " + v.mdAlg);
118
            byte[] msgBytes = HexFormat.of().parseHex(v.msg);
119
            byte[] expSigBytes = HexFormat.of().parseHex(v.sig);
120

121
            MyKnownRandomSrc saltSrc = new MyKnownRandomSrc(v.salt);
122
            sig.initSign(privKey, saltSrc);
123
            PSSParameterSpec params = new PSSParameterSpec(v.mdAlg, "MGF1",
124
                new MGF1ParameterSpec(v.mdAlg), saltSrc.numBytes, 1);
125
            sig.setParameter(params);
126
            sig.update(msgBytes);
127
            byte[] actualSigBytes = sig.sign();
128

129
            // Check if the supplied salt bytes are used up
130
            if (saltSrc.numBytes != 0) {
131
                throw new RuntimeException("Error: salt length mismatch! "
132
                    + saltSrc.numBytes + " bytes leftover");
133
            }
134

135
            success &= MessageDigest.isEqual(actualSigBytes, expSigBytes);
136

137
            if (!success) {
138
                System.out.println("\tFailed:");
139
                System.out.println("\tSHAALG       = " + v.mdAlg);
140
                System.out.println("\tMsg          = " + v.msg);
141
                System.out.println("\tSalt          = " + v.salt);
142
                System.out.println("\tExpected Sig = " + v.sig);
143
                System.out.println("\tActual Sig   = " + HexFormat.of().formatHex(actualSigBytes));
144
            } else {
145
                System.out.println("\t" + v.mdAlg + " Test Vector Passed");
146
            }
147
        }
148
        return success;
149
    }
150
}
151

152