1 /* 2 * Copyright (c) 2003, 2016, Oracle and/or its affiliates. All rights reserved. 3 * DO NOT ALTER OR REMOVE COPYRIGHT NOTICES OR THIS FILE HEADER. 4 * 5 * This code is free software; you can redistribute it and/or modify it 6 * under the terms of the GNU General Public License version 2 only, as 7 * published by the Free Software Foundation. 8 * 9 * This code is distributed in the hope that it will be useful, but WITHOUT 10 * ANY WARRANTY; without even the implied warranty of MERCHANTABILITY or 11 * FITNESS FOR A PARTICULAR PURPOSE. See the GNU General Public License 12 * version 2 for more details (a copy is included in the LICENSE file that 13 * accompanied this code). 14 * 15 * You should have received a copy of the GNU General Public License version 16 * 2 along with this work; if not, write to the Free Software Foundation, 17 * Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA. 18 * 19 * Please contact Oracle, 500 Oracle Parkway, Redwood Shores, CA 94065 USA 20 * or visit www.oracle.com if you need additional information or have any 21 * questions. 22 */ 23 24 /** 25 * @test 26 * @bug 4917233 6461727 6490213 6720456 27 * @summary test the KeyGenerator 28 * @author Andreas Sterbenz 29 * @library .. 30 * @run main/othervm TestKeyGenerator 31 * @run main/othervm TestKeyGenerator sm 32 */ 33 34 import java.security.InvalidParameterException; 35 import java.security.NoSuchAlgorithmException; 36 import java.security.Provider; 37 import java.security.ProviderException; 38 import javax.crypto.KeyGenerator; 39 import javax.crypto.SecretKey; 40 41 enum TestResult { 42 PASS, 43 FAIL, 44 TBD 45 } 46 47 public class TestKeyGenerator extends PKCS11Test { 48 main(String[] args)49 public static void main(String[] args) throws Exception { 50 main(new TestKeyGenerator(), args); 51 } 52 test(String algorithm, int keyLen, Provider p, TestResult expected)53 private TestResult test(String algorithm, int keyLen, Provider p, 54 TestResult expected) 55 throws Exception { 56 TestResult actual = TestResult.TBD; 57 System.out.println("Testing " + algorithm + ", " + keyLen + " bits..."); 58 KeyGenerator kg; 59 try { 60 kg = KeyGenerator.getInstance(algorithm, p); 61 } catch (NoSuchAlgorithmException e) { 62 System.out.println("Not supported, skipping: " + e); 63 return TestResult.PASS; 64 } 65 try { 66 kg.init(keyLen); 67 actual = TestResult.PASS; 68 } catch (InvalidParameterException ipe) { 69 actual = TestResult.FAIL; 70 } 71 if (actual == TestResult.PASS) { 72 try { 73 SecretKey key = kg.generateKey(); 74 if (expected == TestResult.FAIL) { 75 throw new Exception("Generated " + key + 76 " using invalid key length"); 77 } 78 } catch (ProviderException e) { 79 e.printStackTrace(); 80 throw (Exception) (new Exception 81 ("key generation failed using valid length").initCause(e)); 82 } 83 } 84 if (expected != TestResult.TBD && expected != actual) { 85 throw new Exception("Expected to " + expected + ", but " + 86 actual); 87 } 88 return actual; 89 } 90 91 @Override main(Provider p)92 public void main(Provider p) throws Exception { 93 test("DES", 0, p, TestResult.FAIL); 94 test("DES", 56, p, TestResult.PASS); // ensure JCE-Compatibility 95 test("DES", 64, p, TestResult.PASS); 96 test("DES", 128, p, TestResult.FAIL); 97 98 test("DESede", 0, p, TestResult.FAIL); 99 // Special handling since not all PKCS11 providers support 100 // 2-key DESede, e.g. SunPKCS11-Solaris. 101 TestResult temp = test("DESede", 112, p, TestResult.TBD); 102 test("DESede", 128, p, temp); 103 test("DESede", 168, p, TestResult.PASS); 104 test("DESede", 192, p, TestResult.PASS); 105 test("DESede", 64, p, TestResult.FAIL); 106 test("DESede", 256, p, TestResult.FAIL); 107 108 // Different PKCS11 impls have different ranges 109 // of supported key sizes for variable-key-length 110 // algorithms. 111 // Solaris> Blowfish: 32-128 or even 448 bits, RC4: 8-128 bits or as much as 2048 bits 112 // NSS> Blowfish: n/a, RC4: 8-2048 bits 113 // However, we explicitly disallowed key sizes less 114 // than 40-bits. 115 116 test("Blowfish", 0, p, TestResult.FAIL); 117 test("Blowfish", 24, p, TestResult.FAIL); 118 test("Blowfish", 32, p, TestResult.FAIL); 119 test("Blowfish", 40, p, TestResult.PASS); 120 test("Blowfish", 128, p, TestResult.PASS); 121 test("Blowfish", 136, p, TestResult.TBD); 122 test("Blowfish", 448, p, TestResult.TBD); 123 test("Blowfish", 456, p, TestResult.FAIL); 124 125 test("ARCFOUR", 0, p, TestResult.FAIL); 126 test("ARCFOUR", 32, p, TestResult.FAIL); 127 test("ARCFOUR", 40, p, TestResult.PASS); 128 test("ARCFOUR", 128, p, TestResult.PASS); 129 130 if (p.getName().equals("SunPKCS11-Solaris")) { 131 test("ARCFOUR", 1024, p, TestResult.TBD); 132 } else if (p.getName().equals("SunPKCS11-NSS")) { 133 test("ARCFOUR", 1024, p, TestResult.PASS); 134 test("ARCFOUR", 2048, p, TestResult.PASS); 135 test("ARCFOUR", 2056, p, TestResult.FAIL); 136 } 137 } 138 } 139