1 /* 2 * Copyright (c) 2003, 2007, Oracle and/or its affiliates. All rights reserved. 3 * DO NOT ALTER OR REMOVE COPYRIGHT NOTICES OR THIS FILE HEADER. 4 * 5 * This code is free software; you can redistribute it and/or modify it 6 * under the terms of the GNU General Public License version 2 only, as 7 * published by the Free Software Foundation. 8 * 9 * This code is distributed in the hope that it will be useful, but WITHOUT 10 * ANY WARRANTY; without even the implied warranty of MERCHANTABILITY or 11 * FITNESS FOR A PARTICULAR PURPOSE. See the GNU General Public License 12 * version 2 for more details (a copy is included in the LICENSE file that 13 * accompanied this code). 14 * 15 * You should have received a copy of the GNU General Public License version 16 * 2 along with this work; if not, write to the Free Software Foundation, 17 * Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA. 18 * 19 * Please contact Oracle, 500 Oracle Parkway, Redwood Shores, CA 94065 USA 20 * or visit www.oracle.com if you need additional information or have any 21 * questions. 22 */ 23 24 /** 25 * @test 26 * @bug 4892365 27 * @summary Ensure the crypto permission check on cipher algorithms 28 * with restricted parameter values are correctly enforced. 29 * @author Valerie Peng 30 */ 31 32 import java.io.*; 33 import java.util.*; 34 35 import java.security.*; 36 import java.security.spec.*; 37 38 import javax.crypto.*; 39 import javax.crypto.spec.*; 40 41 public class RC2PermCheck { 42 43 public static void main(String[] args) throws Exception { 44 Provider p = Security.getProvider("SunJCE"); 45 System.out.println("Testing provider " + p.getName() + "..."); 46 if (Cipher.getMaxAllowedKeyLength("DES") == Integer.MAX_VALUE) { 47 // skip this test for unlimited jurisdiction policy files 48 System.out.println("Skip this test due to unlimited version"); 49 return; 50 } 51 // Currently, RC2 is the only algorithm whose parameter values 52 // are restricted 53 String algo = "RC2"; 54 Cipher c = Cipher.getInstance(algo + "/CBC/PKCS5Padding", p); 55 SecretKeySpec key = new SecretKeySpec(new byte[16], "RC2"); 56 SecureRandom srand = new SecureRandom(); 57 int numOfTests = 6; 58 boolean result = true; 59 // test set#1: init with no parameter supplied 60 for (int i = 0; i < numOfTests; i++) { 61 try { 62 switch (i) { 63 case 0: 64 c.init(Cipher.ENCRYPT_MODE, key); 65 break; 66 case 1: 67 c.init(Cipher.ENCRYPT_MODE, key, srand); 68 break; 69 case 2: 70 c.init(Cipher.ENCRYPT_MODE, key, 71 (AlgorithmParameters) null); 72 break; 73 case 3: 74 c.init(Cipher.ENCRYPT_MODE, key, 75 (AlgorithmParameters) null, srand); 76 break; 77 case 4: 78 c.init(Cipher.ENCRYPT_MODE, key, 79 (AlgorithmParameterSpec) null); 80 break; 81 case 5: 82 c.init(Cipher.ENCRYPT_MODE, key, 83 (AlgorithmParameterSpec) null, srand); 84 break; 85 } 86 } catch (Exception ex) { 87 result = false; 88 System.out.println("Test#1." + i + " failed!"); 89 ex.printStackTrace(); 90 continue; 91 } 92 } 93 // test set#2: init with parameter within limit 94 RC2ParameterSpec paramSpec = new RC2ParameterSpec(128, new byte[8]); 95 AlgorithmParameters param = AlgorithmParameters.getInstance(algo, p); 96 param.init(paramSpec); 97 numOfTests = 4; 98 for (int i = 0; i < numOfTests; i++) { 99 try { 100 switch (i) { 101 case 0: 102 c.init(Cipher.ENCRYPT_MODE, key, paramSpec); 103 break; 104 case 1: 105 c.init(Cipher.ENCRYPT_MODE, key, paramSpec, srand); 106 break; 107 case 2: 108 c.init(Cipher.ENCRYPT_MODE, key, param); 109 break; 110 case 3: 111 c.init(Cipher.ENCRYPT_MODE, key, param, srand); 112 break; 113 } 114 } catch (Exception ex) { 115 result = false; 116 System.out.println("Test#2." + i + " failed!"); 117 ex.printStackTrace(); 118 } 119 } 120 // test set#3: init with parameter over limit 121 paramSpec = new RC2ParameterSpec(256, new byte[8]); 122 param = AlgorithmParameters.getInstance(algo); 123 param.init(paramSpec); 124 125 for (int i = 0; i < numOfTests; i++) { 126 try { 127 switch (i) { 128 case 0: 129 c.init(Cipher.ENCRYPT_MODE, key, paramSpec); 130 result = false; 131 System.out.println("Test#3." + i + " failed!"); 132 break; 133 case 1: 134 c.init(Cipher.ENCRYPT_MODE, key, paramSpec, srand); 135 result = false; 136 System.out.println("Test#3." + i + " failed!"); 137 break; 138 case 2: 139 c.init(Cipher.ENCRYPT_MODE, key, param); 140 result = false; 141 System.out.println("Test#3." + i + " failed!"); 142 break; 143 case 3: 144 c.init(Cipher.ENCRYPT_MODE, key, param, srand); 145 result = false; 146 System.out.println("Test#3." + i + " failed!"); 147 break; 148 } 149 } catch (InvalidAlgorithmParameterException iape) { 150 // expected exception thrown; proceed to next test 151 continue; 152 } 153 } 154 if (result) { 155 System.out.println("All tests passed!"); 156 } else { 157 throw new Exception("One or more test failed!"); 158 } 159 } 160 }