1 /* 2 * Copyright (c) 2003, 2016, Oracle and/or its affiliates. All rights reserved. 3 * DO NOT ALTER OR REMOVE COPYRIGHT NOTICES OR THIS FILE HEADER. 4 * 5 * This code is free software; you can redistribute it and/or modify it 6 * under the terms of the GNU General Public License version 2 only, as 7 * published by the Free Software Foundation. 8 * 9 * This code is distributed in the hope that it will be useful, but WITHOUT 10 * ANY WARRANTY; without even the implied warranty of MERCHANTABILITY or 11 * FITNESS FOR A PARTICULAR PURPOSE. See the GNU General Public License 12 * version 2 for more details (a copy is included in the LICENSE file that 13 * accompanied this code). 14 * 15 * You should have received a copy of the GNU General Public License version 16 * 2 along with this work; if not, write to the Free Software Foundation, 17 * Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA. 18 * 19 * Please contact Oracle, 500 Oracle Parkway, Redwood Shores, CA 94065 USA 20 * or visit www.oracle.com if you need additional information or have any 21 * questions. 22 */ 23 24 /* 25 * @test 26 * @bug 4917233 6461727 6490213 6720456 27 * @summary test the KeyGenerator 28 * @author Andreas Sterbenz 29 * @library .. 30 * @modules jdk.crypto.token 31 * @run main/othervm TestKeyGenerator 32 * @run main/othervm TestKeyGenerator sm 33 */ 34 35 import java.security.InvalidParameterException; 36 import java.security.NoSuchAlgorithmException; 37 import java.security.Provider; 38 import java.security.ProviderException; 39 import javax.crypto.KeyGenerator; 40 import javax.crypto.SecretKey; 41 42 enum TestResult { 43 PASS, 44 FAIL, 45 TBD 46 } 47 48 public class TestKeyGenerator extends PKCS11Test { 49 50 public static void main(String[] args) throws Exception { 51 main(new TestKeyGenerator(), args); 52 } 53 54 private TestResult test(String algorithm, int keyLen, Provider p, 55 TestResult expected) 56 throws Exception { 57 TestResult actual = TestResult.TBD; 58 System.out.println("Testing " + algorithm + ", " + keyLen + " bits..."); 59 KeyGenerator kg; 60 try { 61 kg = KeyGenerator.getInstance(algorithm, p); 62 } catch (NoSuchAlgorithmException e) { 63 System.out.println("Not supported, skipping: " + e); 64 return TestResult.PASS; 65 } 66 try { 67 kg.init(keyLen); 68 actual = TestResult.PASS; 69 } catch (InvalidParameterException ipe) { 70 actual = TestResult.FAIL; 71 } 72 if (actual == TestResult.PASS) { 73 try { 74 SecretKey key = kg.generateKey(); 75 if (expected == TestResult.FAIL) { 76 throw new Exception("Generated " + key + 77 " using invalid key length"); 78 } 79 } catch (ProviderException e) { 80 e.printStackTrace(); 81 throw (Exception) (new Exception 82 ("key generation failed using valid length").initCause(e)); 83 } 84 } 85 if (expected != TestResult.TBD && expected != actual) { 86 throw new Exception("Expected to " + expected + ", but " + 87 actual); 88 } 89 return actual; 90 } 91 92 @Override 93 public void main(Provider p) throws Exception { 94 test("DES", 0, p, TestResult.FAIL); 95 test("DES", 56, p, TestResult.PASS); // ensure JCE-Compatibility 96 test("DES", 64, p, TestResult.PASS); 97 test("DES", 128, p, TestResult.FAIL); 98 99 test("DESede", 0, p, TestResult.FAIL); 100 // Special handling since not all PKCS11 providers support 101 // 2-key DESede, e.g. SunPKCS11-Solaris. 102 TestResult temp = test("DESede", 112, p, TestResult.TBD); 103 test("DESede", 128, p, temp); 104 test("DESede", 168, p, TestResult.PASS); 105 test("DESede", 192, p, TestResult.PASS); 106 test("DESede", 64, p, TestResult.FAIL); 107 test("DESede", 256, p, TestResult.FAIL); 108 109 // Different PKCS11 impls have different ranges 110 // of supported key sizes for variable-key-length 111 // algorithms. 112 // Solaris> Blowfish: 32-128 or even 448 bits, RC4: 8-128 bits or as much as 2048 bits 113 // NSS> Blowfish: n/a, RC4: 8-2048 bits 114 // However, we explicitly disallowed key sizes less 115 // than 40-bits. 116 117 test("Blowfish", 0, p, TestResult.FAIL); 118 test("Blowfish", 24, p, TestResult.FAIL); 119 test("Blowfish", 32, p, TestResult.FAIL); 120 test("Blowfish", 40, p, TestResult.PASS); 121 test("Blowfish", 128, p, TestResult.PASS); 122 test("Blowfish", 136, p, TestResult.TBD); 123 test("Blowfish", 448, p, TestResult.TBD); 124 test("Blowfish", 456, p, TestResult.FAIL); 125 126 test("ARCFOUR", 0, p, TestResult.FAIL); 127 test("ARCFOUR", 32, p, TestResult.FAIL); 128 test("ARCFOUR", 40, p, TestResult.PASS); 129 test("ARCFOUR", 128, p, TestResult.PASS); 130 131 if (p.getName().equals("SunPKCS11-Solaris")) { 132 test("ARCFOUR", 1024, p, TestResult.TBD); 133 } else if (p.getName().equals("SunPKCS11-NSS")) { 134 test("ARCFOUR", 1024, p, TestResult.PASS); 135 test("ARCFOUR", 2048, p, TestResult.PASS); 136 test("ARCFOUR", 2056, p, TestResult.FAIL); 137 } 138 } 139 }