1 /* 2 * Copyright (c) 2003, 2016, Oracle and/or its affiliates. All rights reserved. 3 * DO NOT ALTER OR REMOVE COPYRIGHT NOTICES OR THIS FILE HEADER. 4 * 5 * This code is free software; you can redistribute it and/or modify it 6 * under the terms of the GNU General Public License version 2 only, as 7 * published by the Free Software Foundation. 8 * 9 * This code is distributed in the hope that it will be useful, but WITHOUT 10 * ANY WARRANTY; without even the implied warranty of MERCHANTABILITY or 11 * FITNESS FOR A PARTICULAR PURPOSE. See the GNU General Public License 12 * version 2 for more details (a copy is included in the LICENSE file that 13 * accompanied this code). 14 * 15 * You should have received a copy of the GNU General Public License version 16 * 2 along with this work; if not, write to the Free Software Foundation, 17 * Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA. 18 * 19 * Please contact Oracle, 500 Oracle Parkway, Redwood Shores, CA 94065 USA 20 * or visit www.oracle.com if you need additional information or have any 21 * questions. 22 */ 23 24 /* 25 * @test 26 * @bug 4942494 7146728 27 * @summary KAT test for DH (normal and with secret that has leading a 0x00 byte) 28 * @author Andreas Sterbenz 29 * @library .. 30 * @modules jdk.crypto.token 31 * @run main/othervm TestShort 32 * @run main/othervm TestShort sm 33 */ 34 35 import java.math.BigInteger; 36 import java.security.KeyFactory; 37 import java.security.PrivateKey; 38 import java.security.Provider; 39 import java.security.PublicKey; 40 import java.util.Arrays; 41 import javax.crypto.KeyAgreement; 42 import javax.crypto.spec.DHPrivateKeySpec; 43 import javax.crypto.spec.DHPublicKeySpec; 44 45 public class TestShort extends PKCS11Test { 46 47 private final static BigInteger p = new BigInteger 48 ("132323768951986124075479307182674357577285270296234088722451560397577130" 49 + "29036368719146452186041204237350521785240337048752071462798273003935646" 50 + "236777459223"); 51 52 private final static BigInteger g = new BigInteger 53 ("542164405743647514160964848832570512804742839438047437683466730076610826" 54 + "26139005426812890807137245973106730741193551360857959820973906708903671" 55 + "85141189796"); 56 57 private final static BigInteger y1 = new BigInteger 58 ("917822587297202019713917824657175324360828836418754472207798053179332700" 59 + "39938196470323405362414543604756313574842317687108720161868374135893507" 60 + "32549013008"); 61 62 private final static BigInteger x1 = new BigInteger 63 ("44680539865608058021525420137770558786664900449"); 64 65 private final static BigInteger y2 = new BigInteger 66 ("971516093764754129400636279042779828227876735997548759620533874940954728" 67 + "96003923584532197641582422156725687657451980378160229472095259392582713" 68 + "54693857368"); 69 70 private final static BigInteger x2 = new BigInteger 71 ("433011588852527167500079509018272713204454720683"); 72 73 private final static byte[] s2 = parse 74 ("00:19:c7:f1:bb:2e:3d:93:fa:02:d2:e9:9f:75:32:b9:e6:7a:a0:4a:10:45:81:d4:2b:" 75 + "e2:77:4c:70:41:39:7c:19:fa:65:64:47:49:8a:ad:0a:fa:9d:e9:62:68:97:c5:52" 76 + ":b1:37:03:d9:cd:aa:e1:bd:7e:71:0c:fc:15:a1:95"); 77 78 private final static BigInteger y3 = new BigInteger 79 ("487191942830952492045314176949691887949505843590154039270855000076570641" 80 + "84133173374554778014985281423493547105556633876312739488944445812738030" 81 + "00691614787"); 82 83 private final static BigInteger x3 = new BigInteger 84 ("1105612503769813327556221318510360767544481637404"); 85 86 private final static byte[] s3 = parse 87 ("98:62:f3:e4:ff:2b:8d:8a:5a:20:fe:52:35:56:73:09:8e:b3:e2:cb:e2:45:e5:b7:" 88 + "1a:6a:15:d8:a4:8c:0a:ce:f0:15:03:0c:c2:56:82:a2:75:9b:49:fe:ed:60:c5:6e" 89 + ":de:47:55:62:4f:16:20:6d:74:cc:7b:95:93:25:2c:ea"); 90 91 @Override 92 public void main(Provider provider) throws Exception { 93 if (provider.getService("KeyAgreement", "DH") == null) { 94 System.out.println("DH not supported, skipping"); 95 return; 96 } 97 try { 98 DHPublicKeySpec publicSpec; 99 DHPrivateKeySpec privateSpec; 100 KeyFactory kf = KeyFactory.getInstance("DH", provider); 101 KeyAgreement ka = KeyAgreement.getInstance("DH", provider); 102 103 PrivateKey pr1 = kf.generatePrivate(new DHPrivateKeySpec(x1, p, g)); 104 PublicKey pu2 = kf.generatePublic(new DHPublicKeySpec(y2, p, g)); 105 PublicKey pu3 = kf.generatePublic(new DHPublicKeySpec(y3, p, g)); 106 107 ka.init(pr1); 108 ka.doPhase(pu2, true); 109 byte[] n2 = ka.generateSecret(); 110 if (Arrays.equals(s2, n2) == false) { 111 throw new Exception("mismatch 2"); 112 } 113 System.out.println("short ok"); 114 115 ka.init(pr1); 116 ka.doPhase(pu3, true); 117 byte[] n3 = ka.generateSecret(); 118 if (Arrays.equals(s3, n3) == false) { 119 throw new Exception("mismatch 3"); 120 } 121 System.out.println("normal ok"); 122 } catch (Exception ex) { 123 System.out.println("Unexpected Exception: " + ex); 124 ex.printStackTrace(); 125 throw ex; 126 } 127 128 /* 129 KeyPairGenerator kpg = KeyPairGenerator.getInstance("DH", provider); 130 kpg.initialize(512); 131 // KeyPair kp1 = kpg.generateKeyPair(); 132 // System.out.println(kp1.getPublic()); 133 // System.out.println(kp1.getPrivate()); 134 while (true) { 135 KeyAgreement ka = KeyAgreement.getInstance("DH", provider); 136 ka.init(pr1); 137 KeyPair kp2 = kpg.generateKeyPair(); 138 ka.doPhase(kp2.getPublic(), true); 139 byte[] sec = ka.generateSecret(); 140 if (sec.length == 64) { 141 System.out.println(kp2.getPrivate()); 142 System.out.println(kp2.getPublic()); 143 System.out.println(toString(sec)); 144 break; 145 } 146 } 147 /**/ 148 } 149 150 public static void main(String[] args) throws Exception { 151 main(new TestShort(), args); 152 } 153 154 }