1 /*
2  * Copyright (c) 2011, 2020, Oracle and/or its affiliates. All rights reserved.
3  * DO NOT ALTER OR REMOVE COPYRIGHT NOTICES OR THIS FILE HEADER.
4  *
5  * This code is free software; you can redistribute it and/or modify it
6  * under the terms of the GNU General Public License version 2 only, as
7  * published by the Free Software Foundation.
8  *
9  * This code is distributed in the hope that it will be useful, but WITHOUT
10  * ANY WARRANTY; without even the implied warranty of MERCHANTABILITY or
11  * FITNESS FOR A PARTICULAR PURPOSE.  See the GNU General Public License
12  * version 2 for more details (a copy is included in the LICENSE file that
13  * accompanied this code).
14  *
15  * You should have received a copy of the GNU General Public License version
16  * 2 along with this work; if not, write to the Free Software Foundation,
17  * Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA.
18  *
19  * Please contact Oracle, 500 Oracle Parkway, Redwood Shores, CA 94065 USA
20  * or visit www.oracle.com if you need additional information or have any
21  * questions.
22  */
23 
24 /**
25  * @test
26  * @bug 6888925 8180570 8237804
27  * @summary SunMSCAPI's Cipher can't use RSA public keys obtained from other sources.
28  * @requires os.family == "windows"
29  * @library /test/lib
30  * @modules java.base/sun.security.util
31  */
32 
33 import java.security.*;
34 import java.util.*;
35 import javax.crypto.*;
36 
37 import jdk.test.lib.SecurityTools;
38 import jdk.test.lib.hexdump.HexPrinter;
39 
40 /*
41  * Confirm interoperability of RSA public keys between SunMSCAPI and SunJCE
42  * security providers.
43  */
44 public class PublicKeyInterop {
45 
main(String[] arg)46     public static void main(String[] arg) throws Exception {
47 
48         cleanup();
49         SecurityTools.keytool("-genkeypair",
50                 "-storetype", "Windows-My",
51                 "-keyalg", "RSA",
52                 "-alias", "6888925",
53                 "-dname", "cn=6888925,c=US",
54                 "-noprompt").shouldHaveExitValue(0);
55 
56         try {
57             run();
58         } finally {
59             cleanup();
60         }
61     }
62 
cleanup()63     private static void cleanup() {
64         try {
65             KeyStore ks = KeyStore.getInstance("Windows-MY");
66             ks.load(null, null);
67             ks.deleteEntry("6888925");
68             ks.store(null, null);
69         } catch (Exception e) {
70             System.out.println("No such entry.");
71         }
72     }
73 
run()74     static void run() throws Exception {
75 
76         KeyStore ks = KeyStore.getInstance("Windows-MY");
77         ks.load(null, null);
78         System.out.println("Loaded keystore: Windows-MY");
79 
80         PublicKey myPuKey = ks.getCertificate("6888925").getPublicKey();
81         System.out.println("Public key is a " + myPuKey.getClass().getName());
82         PrivateKey myPrKey = (PrivateKey) ks.getKey("6888925", null);
83         System.out.println("Private key is a " + myPrKey.getClass().getName());
84         System.out.println();
85 
86         byte[] plain = new byte[] {0x01, 0x02, 0x03, 0x04, 0x05};
87         HexPrinter hp = HexPrinter.simple();
88         System.out.println("Plaintext:\n" + hp.toString(plain) + "\n");
89 
90         Cipher rsa = Cipher.getInstance("RSA/ECB/PKCS1Padding");
91         rsa.init(Cipher.ENCRYPT_MODE, myPuKey);
92         byte[] encrypted = rsa.doFinal(plain);
93         System.out.println("Encrypted plaintext using RSA Cipher from " +
94             rsa.getProvider().getName() + " JCE provider\n");
95         System.out.println(hp.toString(encrypted) + "\n");
96 
97         Cipher rsa2 = Cipher.getInstance("RSA/ECB/PKCS1Padding", "SunMSCAPI");
98         rsa2.init(Cipher.ENCRYPT_MODE, myPuKey);
99         byte[] encrypted2 = rsa2.doFinal(plain);
100         System.out.println("Encrypted plaintext using RSA Cipher from " +
101             rsa2.getProvider().getName() + " JCE provider\n");
102         System.out.println(hp.toString(encrypted2) + "\n");
103 
104         Cipher rsa3 = Cipher.getInstance("RSA/ECB/PKCS1Padding", "SunMSCAPI");
105         rsa3.init(Cipher.DECRYPT_MODE, myPrKey);
106         byte[] decrypted = rsa3.doFinal(encrypted);
107         System.out.println("Decrypted first ciphertext using RSA Cipher from " +
108             rsa3.getProvider().getName() + " JCE provider\n");
109         System.out.println(hp.toString(decrypted) + "\n");
110         if (! Arrays.equals(plain, decrypted)) {
111             throw new Exception("First decrypted ciphertext does not match " +
112                 "original plaintext");
113         }
114 
115         decrypted = rsa3.doFinal(encrypted2);
116         System.out.println("Decrypted second ciphertext using RSA Cipher from "
117             + rsa3.getProvider().getName() + " JCE provider\n");
118         System.out.println(hp.toString(decrypted) + "\n");
119         if (! Arrays.equals(plain, decrypted)) {
120             throw new Exception("Second decrypted ciphertext does not match " +
121                 "original plaintext");
122         }
123     }
124 }
125