| /* |
| * Copyright (c) 2015, Oracle and/or its affiliates. All rights reserved. |
| * DO NOT ALTER OR REMOVE COPYRIGHT NOTICES OR THIS FILE HEADER. |
| * |
| * This code is free software; you can redistribute it and/or modify it |
| * under the terms of the GNU General Public License version 2 only, as |
| * published by the Free Software Foundation. |
| * |
| * This code is distributed in the hope that it will be useful, but WITHOUT |
| * ANY WARRANTY; without even the implied warranty of MERCHANTABILITY or |
| * FITNESS FOR A PARTICULAR PURPOSE. See the GNU General Public License |
| * version 2 for more details (a copy is included in the LICENSE file that |
| * accompanied this code). |
| * |
| * You should have received a copy of the GNU General Public License version |
| * 2 along with this work; if not, write to the Free Software Foundation, |
| * Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA. |
| * |
| * Please contact Oracle, 500 Oracle Parkway, Redwood Shores, CA 94065 USA |
| * or visit www.oracle.com if you need additional information or have any |
| * questions. |
| */ |
| |
| import java.security.Signature; |
| import java.security.SignedObject; |
| import java.security.KeyPairGenerator; |
| import java.security.KeyPair; |
| import java.security.NoSuchProviderException; |
| import java.security.PrivateKey; |
| import java.security.PublicKey; |
| import java.util.Arrays; |
| |
| /* |
| * @test |
| * @bug 8050374 |
| * @summary Verify a chain of signed objects |
| */ |
| public class Chain { |
| |
| static enum KeyAlg { |
| RSA("RSA"), |
| DSA("DSA"), |
| EC("EC"); |
| |
| final String name; |
| |
| KeyAlg(String alg) { |
| this.name = alg; |
| } |
| } |
| |
| static enum Provider { |
| Default("default"), |
| SunRsaSign("SunRsaSign"), |
| Sun("SUN"), |
| SunEC("SunEC"), |
| SunJSSE("SunJSSE"), |
| SunMSCAPI("SunMSCAPI"); |
| |
| final String name; |
| |
| Provider(String name) { |
| this.name = name; |
| } |
| } |
| |
| static enum SigAlg { |
| MD2withRSA("MD2withRSA"), |
| MD5withRSA("md5withRSA"), |
| |
| SHA1withDSA("SHA1withDSA"), |
| SHA224withDSA("SHA224withDSA"), |
| SHA256withDSA("SHA256withDSA"), |
| |
| SHA1withRSA("Sha1withrSA"), |
| SHA224withRSA("SHA224withRSA"), |
| SHA256withRSA("SHA256withRSA"), |
| SHA384withRSA("SHA384withRSA"), |
| SHA512withRSA("SHA512withRSA"), |
| |
| SHA1withECDSA("SHA1withECDSA"), |
| SHA256withECDSA("SHA256withECDSA"), |
| SHA224withECDSA("SHA224withECDSA"), |
| SHA384withECDSA("SHA384withECDSA"), |
| SHA512withECDSA("SHA512withECDSA"), |
| |
| MD5andSHA1withRSA("MD5andSHA1withRSA"); |
| |
| final String name; |
| |
| SigAlg(String name) { |
| this.name = name; |
| } |
| } |
| |
| static class Test { |
| final Provider provider; |
| final KeyAlg keyAlg; |
| final SigAlg sigAlg; |
| |
| Test(SigAlg sigAlg, KeyAlg keyAlg, Provider privider) { |
| this.provider = privider; |
| this.keyAlg = keyAlg; |
| this.sigAlg = sigAlg; |
| } |
| } |
| |
| private static final Test[] tests = { |
| new Test(SigAlg.SHA1withDSA, KeyAlg.DSA, Provider.Default), |
| new Test(SigAlg.MD2withRSA, KeyAlg.RSA, Provider.Default), |
| new Test(SigAlg.MD5withRSA, KeyAlg.RSA, Provider.Default), |
| new Test(SigAlg.SHA1withRSA, KeyAlg.RSA, Provider.Default), |
| new Test(SigAlg.SHA1withDSA, KeyAlg.DSA, Provider.Sun), |
| new Test(SigAlg.SHA224withDSA, KeyAlg.DSA, Provider.Sun), |
| new Test(SigAlg.SHA256withDSA, KeyAlg.DSA, Provider.Sun), |
| }; |
| |
| private static final String str = "to-be-signed"; |
| private static final int N = 3; |
| |
| public static void main(String argv[]) { |
| boolean result = Arrays.stream(tests).allMatch((test) -> runTest(test)); |
| if(result) { |
| System.out.println("All tests passed"); |
| } else { |
| throw new RuntimeException("Some tests failed"); |
| } |
| } |
| |
| static boolean runTest(Test test) { |
| System.out.format("Test: provider = %s, signature algorithm = %s, " |
| + "key algorithm = %s\n", |
| test.provider, test.sigAlg, test.keyAlg); |
| try { |
| // Generate all private/public key pairs |
| PrivateKey[] privKeys = new PrivateKey[N]; |
| PublicKey[] pubKeys = new PublicKey[N]; |
| PublicKey[] anotherPubKeys = new PublicKey[N]; |
| KeyPairGenerator kpg = KeyPairGenerator.getInstance( |
| test.keyAlg.name); |
| for (int j=0; j < N; j++) { |
| KeyPair kp = kpg.genKeyPair(); |
| KeyPair anotherKp = kpg.genKeyPair(); |
| privKeys[j] = kp.getPrivate(); |
| pubKeys[j] = kp.getPublic(); |
| anotherPubKeys[j] = anotherKp.getPublic(); |
| |
| if (Arrays.equals(pubKeys[j].getEncoded(), |
| anotherPubKeys[j].getEncoded())) { |
| System.out.println("Failed: it should not get " |
| + "the same pair of public key"); |
| return false; |
| } |
| } |
| |
| Signature signature; |
| if (test.provider != Provider.Default) { |
| signature = Signature.getInstance(test.sigAlg.name, |
| test.provider.name); |
| } else { |
| signature = Signature.getInstance(test.sigAlg.name); |
| } |
| |
| // Create a chain of signed objects |
| SignedObject[] objects = new SignedObject[N]; |
| objects[0] = new SignedObject(str, privKeys[0], signature); |
| for (int j = 1; j < N; j++) { |
| objects[j] = new SignedObject(objects[j - 1], privKeys[j], |
| signature); |
| } |
| |
| // Verify the chain |
| int n = objects.length - 1; |
| SignedObject object = objects[n]; |
| do { |
| if (!object.verify(pubKeys[n], signature)) { |
| System.out.println("Failed: verification failed, n = " + n); |
| return false; |
| } |
| |
| if (object.verify(anotherPubKeys[n], signature)) { |
| System.out.println("Failed: verification should not " |
| + "succeed with wrong public key, n = " + n); |
| return false; |
| } |
| |
| object = (SignedObject) object.getObject(); |
| n--; |
| } while (n > 0); |
| |
| System.out.println("signed data: " + object.getObject()); |
| if (!str.equals(object.getObject())) { |
| System.out.println("Failed: signed data is not equal to " |
| + "original one"); |
| return false; |
| } |
| |
| System.out.println("Test passed"); |
| return true; |
| } catch (NoSuchProviderException nspe) { |
| if (test.provider == Provider.SunMSCAPI |
| && !System.getProperty("os.name").startsWith("Windows")) { |
| System.out.println("SunMSCAPI is available only on Windows: " |
| + nspe); |
| return true; |
| } |
| System.out.println("Unexpected exception: " + nspe); |
| return false; |
| } catch (Exception e) { |
| System.out.println("Unexpected exception: " + e); |
| e.printStackTrace(System.out); |
| return false; |
| } |
| } |
| } |
| |