1 /*
2  * Copyright (c) 2003, 2017, Oracle and/or its affiliates. All rights reserved.
3  * DO NOT ALTER OR REMOVE COPYRIGHT NOTICES OR THIS FILE HEADER.
4  *
5  * This code is free software; you can redistribute it and/or modify it
6  * under the terms of the GNU General Public License version 2 only, as
7  * published by the Free Software Foundation.
8  *
9  * This code is distributed in the hope that it will be useful, but WITHOUT
10  * ANY WARRANTY; without even the implied warranty of MERCHANTABILITY or
11  * FITNESS FOR A PARTICULAR PURPOSE.  See the GNU General Public License
12  * version 2 for more details (a copy is included in the LICENSE file that
13  * accompanied this code).
14  *
15  * You should have received a copy of the GNU General Public License version
16  * 2 along with this work; if not, write to the Free Software Foundation,
17  * Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA.
18  *
19  * Please contact Oracle, 500 Oracle Parkway, Redwood Shores, CA 94065 USA
20  * or visit www.oracle.com if you need additional information or have any
21  * questions.
22  */
23 
24 /*
25  * @test
26  * @bug 4856966
27  * @summary Verify that the RSA KeyPairGenerator works (use -Dseed=X to set PRNG seed)
28  * @author Andreas Sterbenz
29  * @library ..
30  * @library /test/lib
31  * @modules jdk.crypto.cryptoki
32  * @build jdk.test.lib.RandomFactory
33  * @run main/othervm -Djava.security.debug=sunpkcs11 TestKeyPairGenerator
34  * @run main/othervm -Djava.security.debug=sunpkcs11 TestKeyPairGenerator
35  *                                                   sm TestKeyPairGenerator.policy
36  * @key randomness
37  */
38 
39 import java.math.BigInteger;
40 import java.security.KeyPair;
41 import java.security.KeyPairGenerator;
42 import java.security.PrivateKey;
43 import java.security.Provider;
44 import java.security.PublicKey;
45 import java.security.Signature;
46 import java.security.interfaces.RSAPrivateCrtKey;
47 import java.security.interfaces.RSAPublicKey;
48 import java.security.spec.RSAKeyGenParameterSpec;
49 import jdk.test.lib.RandomFactory;
50 
51 public class TestKeyPairGenerator extends PKCS11Test {
52 
53     private static Provider provider;
54 
55     private static byte[] data;
56 
testSignature(String algorithm, PrivateKey privateKey, PublicKey publicKey)57     private static void testSignature(String algorithm, PrivateKey privateKey,
58             PublicKey publicKey) throws Exception {
59         System.out.println("Testing " + algorithm + "...");
60         Signature s = Signature.getInstance(algorithm, provider);
61         s.initSign(privateKey);
62         s.update(data);
63         byte[] sig = s.sign();
64         s.initVerify(publicKey);
65         s.update(data);
66         boolean result = s.verify(sig);
67         if (result == false) {
68             throw new Exception("Verification failed");
69         }
70     }
71 
test(PrivateKey privateKey, PublicKey publicKey)72     private static void test(PrivateKey privateKey, PublicKey publicKey) throws Exception {
73         testSignature("MD2withRSA", privateKey, publicKey);
74         testSignature("MD5withRSA", privateKey, publicKey);
75         testSignature("SHA1withRSA", privateKey, publicKey);
76         testSignature("SHA224withRSA", privateKey, publicKey);
77         testSignature("SHA256withRSA", privateKey, publicKey);
78         RSAPublicKey rsaKey = (RSAPublicKey)publicKey;
79         if (rsaKey.getModulus().bitLength() > 512) {
80             // for SHA384 and SHA512 the data is too long for 512 bit keys
81             testSignature("SHA384withRSA", privateKey, publicKey);
82             testSignature("SHA512withRSA", privateKey, publicKey);
83         }
84     }
85 
86     // regression test for 4865198
testInvalidSignature(KeyPair kp1, KeyPair kp2)87     private static void testInvalidSignature(KeyPair kp1, KeyPair kp2) throws Exception {
88         System.out.println("Testing signature with incorrect key...");
89         Signature sig = Signature.getInstance("MD5withRSA", provider);
90         sig.initSign(kp1.getPrivate());
91         byte[] data = new byte[100];
92         sig.update(data);
93         byte[] signature = sig.sign();
94         sig.initVerify(kp1.getPublic());
95         sig.update(data);
96         if (sig.verify(signature) == false) {
97             throw new Exception("verification failed");
98         }
99         sig.initVerify(kp2.getPublic());
100         sig.update(data);
101         // verify needs to return false and not throw an Exception
102         if (sig.verify(signature)) {
103             throw new Exception("verification unexpectedly succeeded");
104         }
105     }
106 
main(String[] args)107     public static void main(String[] args) throws Exception {
108         main(new TestKeyPairGenerator(), args);
109     }
110 
111     @Override
main(Provider p)112     public void main(Provider p) throws Exception {
113         long start = System.currentTimeMillis();
114         provider = p;
115         data = new byte[2048];
116         // keypair generation is very slow, test only a few short keys
117         int[] keyLengths = {512, 512, 1024};
118         BigInteger[] pubExps = {null, RSAKeyGenParameterSpec.F4, null};
119         KeyPair[] keyPairs = new KeyPair[3];
120         RandomFactory.getRandom().nextBytes(data);
121         KeyPairGenerator kpg = KeyPairGenerator.getInstance("RSA", provider);
122         for (int i = 0; i < keyLengths.length; i++) {
123             int len = keyLengths[i];
124             BigInteger exp = pubExps[i];
125             System.out.println("Generating " + len + " bit keypair...");
126             if (exp == null) {
127                 kpg.initialize(len);
128             } else {
129                 kpg.initialize(new RSAKeyGenParameterSpec(len, exp));
130             }
131             KeyPair kp = kpg.generateKeyPair();
132             keyPairs[i] = kp;
133             RSAPublicKey publicKey = (RSAPublicKey)kp.getPublic();
134             System.out.println(publicKey);
135             RSAPrivateCrtKey privateKey = (RSAPrivateCrtKey)kp.getPrivate();
136             if (publicKey.getModulus().equals(privateKey.getModulus()) == false) {
137                 throw new Exception("Moduli do not match");
138             }
139             if (publicKey.getPublicExponent().equals(privateKey.getPublicExponent()) == false) {
140                 throw new Exception("Exponents do not match");
141             }
142             int keyLen = publicKey.getModulus().bitLength();
143             if ((keyLen > len) || (keyLen < len - 1)) {
144                 throw new Exception("Incorrect key length: " + keyLen);
145             }
146             if (exp != null) {
147                 if (exp.equals(publicKey.getPublicExponent()) == false) {
148                     throw new Exception("Incorrect exponent");
149                 }
150             }
151             test(privateKey, publicKey);
152         }
153         testInvalidSignature(keyPairs[0], keyPairs[1]);
154         testInvalidSignature(keyPairs[0], keyPairs[2]);
155         long stop = System.currentTimeMillis();
156         System.out.println("All tests passed (" + (stop - start) + " ms).");
157     }
158 }
159