1 /* 2 * Copyright (c) 2014, Oracle and/or its affiliates. All rights reserved. 3 * DO NOT ALTER OR REMOVE COPYRIGHT NOTICES OR THIS FILE HEADER. 4 * 5 * This code is free software; you can redistribute it and/or modify it 6 * under the terms of the GNU General Public License version 2 only, as 7 * published by the Free Software Foundation. 8 * 9 * This code is distributed in the hope that it will be useful, but WITHOUT 10 * ANY WARRANTY; without even the implied warranty of MERCHANTABILITY or 11 * FITNESS FOR A PARTICULAR PURPOSE. See the GNU General Public License 12 * version 2 for more details (a copy is included in the LICENSE file that 13 * accompanied this code). 14 * 15 * You should have received a copy of the GNU General Public License version 16 * 2 along with this work; if not, write to the Free Software Foundation, 17 * Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA. 18 * 19 * Please contact Oracle, 500 Oracle Parkway, Redwood Shores, CA 94065 USA 20 * or visit www.oracle.com if you need additional information or have any 21 * questions. 22 */ 23 24 /* 25 * @test 26 * @bug 8024606 27 * @summary NegativeArraySizeException in NativeRSACipher 28 */ 29 30 import java.io.*; 31 import java.security.*; 32 import java.security.spec.*; 33 import java.util.*; 34 import java.math.*; 35 import javax.crypto.*; 36 37 public class TestMalformedRSA extends UcryptoTest { 38 39 // KAT 40 private static final byte PLAINTEXT[] = Arrays.copyOf 41 (new String("Known plaintext message utilized" + 42 "for RSA Encryption & Decryption" + 43 "block, SHA1, SHA256, SHA384 and" + 44 "SHA512 RSA Signature KAT tests.").getBytes(), 128); 45 46 private static final byte MOD[] = { 47 (byte)0xd5, (byte)0x84, (byte)0x95, (byte)0x07, (byte)0xf4, (byte)0xd0, 48 (byte)0x1f, (byte)0x82, (byte)0xf3, (byte)0x79, (byte)0xf4, (byte)0x99, 49 (byte)0x48, (byte)0x10, (byte)0xe1, (byte)0x71, (byte)0xa5, (byte)0x62, 50 (byte)0x22, (byte)0xa3, (byte)0x4b, (byte)0x00, (byte)0xe3, (byte)0x5b, 51 (byte)0x3a, (byte)0xcc, (byte)0x10, (byte)0x83, (byte)0xe0, (byte)0xaf, 52 (byte)0x61, (byte)0x13, (byte)0x54, (byte)0x6a, (byte)0xa2, (byte)0x6a, 53 (byte)0x2c, (byte)0x5e, (byte)0xb3, (byte)0xcc, (byte)0xa3, (byte)0x71, 54 (byte)0x9a, (byte)0xb2, (byte)0x3e, (byte)0x78, (byte)0xec, (byte)0xb5, 55 (byte)0x0e, (byte)0x6e, (byte)0x31, (byte)0x3b, (byte)0x77, (byte)0x1f, 56 (byte)0x6e, (byte)0x94, (byte)0x41, (byte)0x60, (byte)0xd5, (byte)0x6e, 57 (byte)0xd9, (byte)0xc6, (byte)0xf9, (byte)0x29, (byte)0xc3, (byte)0x40, 58 (byte)0x36, (byte)0x25, (byte)0xdb, (byte)0xea, (byte)0x0b, (byte)0x07, 59 (byte)0xae, (byte)0x76, (byte)0xfd, (byte)0x99, (byte)0x29, (byte)0xf4, 60 (byte)0x22, (byte)0xc1, (byte)0x1a, (byte)0x8f, (byte)0x05, (byte)0xfe, 61 (byte)0x98, (byte)0x09, (byte)0x07, (byte)0x05, (byte)0xc2, (byte)0x0f, 62 (byte)0x0b, (byte)0x11, (byte)0x83, (byte)0x39, (byte)0xca, (byte)0xc7, 63 (byte)0x43, (byte)0x63, (byte)0xff, (byte)0x33, (byte)0x80, (byte)0xe7, 64 (byte)0xc3, (byte)0x78, (byte)0xae, (byte)0xf1, (byte)0x73, (byte)0x52, 65 (byte)0x98, (byte)0x1d, (byte)0xde, (byte)0x5c, (byte)0x53, (byte)0x6e, 66 (byte)0x01, (byte)0x73, (byte)0x0d, (byte)0x12, (byte)0x7e, (byte)0x77, 67 (byte)0x03, (byte)0xf1, (byte)0xef, (byte)0x1b, (byte)0xc8, (byte)0xa8, 68 (byte)0x0f, (byte)0x97 69 }; 70 71 private static final byte PUB_EXP[] = {(byte)0x01, (byte)0x00, (byte)0x01}; 72 73 private static final byte PRIV_EXP[] = { 74 (byte)0x85, (byte)0x27, (byte)0x47, (byte)0x61, (byte)0x4c, (byte)0xd4, 75 (byte)0xb5, (byte)0xb2, (byte)0x0e, (byte)0x70, (byte)0x91, (byte)0x8f, 76 (byte)0x3d, (byte)0x97, (byte)0xf9, (byte)0x5f, (byte)0xcc, (byte)0x09, 77 (byte)0x65, (byte)0x1c, (byte)0x7c, (byte)0x5b, (byte)0xb3, (byte)0x6d, 78 (byte)0x63, (byte)0x3f, (byte)0x7b, (byte)0x55, (byte)0x22, (byte)0xbb, 79 (byte)0x7c, (byte)0x48, (byte)0x77, (byte)0xae, (byte)0x80, (byte)0x56, 80 (byte)0xc2, (byte)0x10, (byte)0xd5, (byte)0x03, (byte)0xdb, (byte)0x31, 81 (byte)0xaf, (byte)0x8d, (byte)0x54, (byte)0xd4, (byte)0x48, (byte)0x99, 82 (byte)0xa8, (byte)0xc4, (byte)0x23, (byte)0x43, (byte)0xb8, (byte)0x48, 83 (byte)0x0b, (byte)0xc7, (byte)0xbc, (byte)0xf5, (byte)0xcc, (byte)0x64, 84 (byte)0x72, (byte)0xbf, (byte)0x59, (byte)0x06, (byte)0x04, (byte)0x1c, 85 (byte)0x32, (byte)0xf5, (byte)0x14, (byte)0x2e, (byte)0x6e, (byte)0xe2, 86 (byte)0x0f, (byte)0x5c, (byte)0xde, (byte)0x36, (byte)0x3c, (byte)0x6e, 87 (byte)0x7c, (byte)0x4d, (byte)0xcc, (byte)0xd3, (byte)0x00, (byte)0x6e, 88 (byte)0xe5, (byte)0x45, (byte)0x46, (byte)0xef, (byte)0x4d, (byte)0x25, 89 (byte)0x46, (byte)0x6d, (byte)0x7f, (byte)0xed, (byte)0xbb, (byte)0x4f, 90 (byte)0x4d, (byte)0x9f, (byte)0xda, (byte)0x87, (byte)0x47, (byte)0x8f, 91 (byte)0x74, (byte)0x44, (byte)0xb7, (byte)0xbe, (byte)0x9d, (byte)0xf5, 92 (byte)0xdd, (byte)0xd2, (byte)0x4c, (byte)0xa5, (byte)0xab, (byte)0x74, 93 (byte)0xe5, (byte)0x29, (byte)0xa1, (byte)0xd2, (byte)0x45, (byte)0x3b, 94 (byte)0x33, (byte)0xde, (byte)0xd5, (byte)0xae, (byte)0xf7, (byte)0x03, 95 (byte)0x10, (byte)0x21 96 }; 97 98 private static final byte PRIME_P[] = { 99 (byte)0xf9, (byte)0x74, (byte)0x8f, (byte)0x16, (byte)0x02, (byte)0x6b, 100 (byte)0xa0, (byte)0xee, (byte)0x7f, (byte)0x28, (byte)0x97, (byte)0x91, 101 (byte)0xdc, (byte)0xec, (byte)0xc0, (byte)0x7c, (byte)0x49, (byte)0xc2, 102 (byte)0x85, (byte)0x76, (byte)0xee, (byte)0x66, (byte)0x74, (byte)0x2d, 103 (byte)0x1a, (byte)0xb8, (byte)0xf7, (byte)0x2f, (byte)0x11, (byte)0x5b, 104 (byte)0x36, (byte)0xd8, (byte)0x46, (byte)0x33, (byte)0x3b, (byte)0xd8, 105 (byte)0xf3, (byte)0x2d, (byte)0xa1, (byte)0x03, (byte)0x83, (byte)0x2b, 106 (byte)0xec, (byte)0x35, (byte)0x43, (byte)0x32, (byte)0xff, (byte)0xdd, 107 (byte)0x81, (byte)0x7c, (byte)0xfd, (byte)0x65, (byte)0x13, (byte)0x04, 108 (byte)0x7c, (byte)0xfc, (byte)0x03, (byte)0x97, (byte)0xf0, (byte)0xd5, 109 (byte)0x62, (byte)0xdc, (byte)0x0d, (byte)0xbf 110 }; 111 112 private static final byte PRIME_Q[] = { 113 (byte)0xdb, (byte)0x1e, (byte)0xa7, (byte)0x3d, (byte)0xe7, (byte)0xfa, 114 (byte)0x8b, (byte)0x04, (byte)0x83, (byte)0x48, (byte)0xf3, (byte)0xa5, 115 (byte)0x31, (byte)0x9d, (byte)0x35, (byte)0x5e, (byte)0x4d, (byte)0x54, 116 (byte)0x77, (byte)0xcc, (byte)0x84, (byte)0x09, (byte)0xf3, (byte)0x11, 117 (byte)0x0d, (byte)0x54, (byte)0xed, (byte)0x85, (byte)0x39, (byte)0xa9, 118 (byte)0xca, (byte)0xa8, (byte)0xea, (byte)0xae, (byte)0x19, (byte)0x9c, 119 (byte)0x75, (byte)0xdb, (byte)0x88, (byte)0xb8, (byte)0x04, (byte)0x8d, 120 (byte)0x54, (byte)0xc6, (byte)0xa4, (byte)0x80, (byte)0xf8, (byte)0x93, 121 (byte)0xf0, (byte)0xdb, (byte)0x19, (byte)0xef, (byte)0xd7, (byte)0x87, 122 (byte)0x8a, (byte)0x8f, (byte)0x5a, (byte)0x09, (byte)0x2e, (byte)0x54, 123 (byte)0xf3, (byte)0x45, (byte)0x24, (byte)0x29 124 }; 125 126 private static final byte EXP_P[] = { 127 (byte)0x6a, (byte)0xd1, (byte)0x25, (byte)0x80, (byte)0x18, (byte)0x33, 128 (byte)0x3c, (byte)0x2b, (byte)0x44, (byte)0x19, (byte)0xfe, (byte)0xa5, 129 (byte)0x40, (byte)0x03, (byte)0xc4, (byte)0xfc, (byte)0xb3, (byte)0x9c, 130 (byte)0xef, (byte)0x07, (byte)0x99, (byte)0x58, (byte)0x17, (byte)0xc1, 131 (byte)0x44, (byte)0xa3, (byte)0x15, (byte)0x7d, (byte)0x7b, (byte)0x22, 132 (byte)0x22, (byte)0xdf, (byte)0x03, (byte)0x58, (byte)0x66, (byte)0xf5, 133 (byte)0x24, (byte)0x54, (byte)0x52, (byte)0x91, (byte)0x2d, (byte)0x76, 134 (byte)0xfe, (byte)0x63, (byte)0x64, (byte)0x4e, (byte)0x0f, (byte)0x50, 135 (byte)0x2b, (byte)0x65, (byte)0x79, (byte)0x1f, (byte)0xf1, (byte)0xbf, 136 (byte)0xc7, (byte)0x41, (byte)0x26, (byte)0xcc, (byte)0xc6, (byte)0x1c, 137 (byte)0xa9, (byte)0x83, (byte)0x6f, (byte)0x03 138 }; 139 140 private static final byte EXP_Q[] = { 141 (byte)0x12, (byte)0x84, (byte)0x1a, (byte)0x99, (byte)0xce, (byte)0x9a, 142 (byte)0x8b, (byte)0x58, (byte)0xcc, (byte)0x47, (byte)0x43, (byte)0xdf, 143 (byte)0x77, (byte)0xbb, (byte)0xd3, (byte)0x20, (byte)0xae, (byte)0xe4, 144 (byte)0x2e, (byte)0x63, (byte)0x67, (byte)0xdc, (byte)0xf7, (byte)0x5f, 145 (byte)0x3f, (byte)0x83, (byte)0x27, (byte)0xb7, (byte)0x14, (byte)0x52, 146 (byte)0x56, (byte)0xbf, (byte)0xc3, (byte)0x65, (byte)0x06, (byte)0xe1, 147 (byte)0x03, (byte)0xcc, (byte)0x93, (byte)0x57, (byte)0x09, (byte)0x7b, 148 (byte)0x6f, (byte)0xe8, (byte)0x81, (byte)0x4a, (byte)0x2c, (byte)0xb7, 149 (byte)0x43, (byte)0xa9, (byte)0x20, (byte)0x1d, (byte)0xf6, (byte)0x56, 150 (byte)0x8b, (byte)0xcc, (byte)0xe5, (byte)0x4c, (byte)0xd5, (byte)0x4f, 151 (byte)0x74, (byte)0x67, (byte)0x29, (byte)0x51 152 }; 153 154 private static final byte CRT_COEFF[] = { 155 (byte)0x23, (byte)0xab, (byte)0xf4, (byte)0x03, (byte)0x2f, (byte)0x29, 156 (byte)0x95, (byte)0x74, (byte)0xac, (byte)0x1a, (byte)0x33, (byte)0x96, 157 (byte)0x62, (byte)0xed, (byte)0xf7, (byte)0xf6, (byte)0xae, (byte)0x07, 158 (byte)0x2a, (byte)0x2e, (byte)0xe8, (byte)0xab, (byte)0xfb, (byte)0x1e, 159 (byte)0xb9, (byte)0xb2, (byte)0x88, (byte)0x1e, (byte)0x85, (byte)0x05, 160 (byte)0x42, (byte)0x64, (byte)0x03, (byte)0xb2, (byte)0x8b, (byte)0xc1, 161 (byte)0x81, (byte)0x75, (byte)0xd7, (byte)0xba, (byte)0xaa, (byte)0xd4, 162 (byte)0x31, (byte)0x3c, (byte)0x8a, (byte)0x96, (byte)0x23, (byte)0x9d, 163 (byte)0x3f, (byte)0x06, (byte)0x3e, (byte)0x44, (byte)0xa9, (byte)0x62, 164 (byte)0x2f, (byte)0x61, (byte)0x5a, (byte)0x51, (byte)0x82, (byte)0x2c, 165 (byte)0x04, (byte)0x85, (byte)0x73, (byte)0xd1 166 }; 167 168 private static KeyPair genPredefinedRSAKeyPair() throws Exception { 169 KeyFactory kf = KeyFactory.getInstance("RSA"); 170 BigInteger mod = new BigInteger(MOD); 171 BigInteger pub = new BigInteger(PUB_EXP); 172 173 PrivateKey privKey = kf.generatePrivate 174 (new RSAPrivateCrtKeySpec 175 (mod, pub, new BigInteger(PRIV_EXP), 176 new BigInteger(PRIME_P), new BigInteger(PRIME_Q), 177 new BigInteger(EXP_P), new BigInteger(EXP_Q), 178 new BigInteger(CRT_COEFF))); 179 PublicKey pubKey = kf.generatePublic(new RSAPublicKeySpec(mod, pub)); 180 return new KeyPair(pubKey, privKey); 181 } 182 183 private static final String CIP_ALGOS[] = { 184 "RSA/ECB/NoPadding", 185 "RSA/ECB/PKCS1Padding" 186 }; 187 private static final int INPUT_SIZE_REDUCTION[] = { 188 0, 189 11, 190 }; 191 192 private static KeyPair kp[] = null; 193 194 public static void main(String argv[]) throws Exception { 195 main(new TestMalformedRSA(), null); 196 } 197 198 public void doTest(Provider prov) throws Exception { 199 // first test w/ predefine KeyPair 200 KeyPair pkp = genPredefinedRSAKeyPair(); 201 System.out.println("Test against Predefined RSA Key Pair"); 202 testCipher(pkp, 128, false, prov); 203 } 204 205 206 private static void testCipher(KeyPair kp, int inputSizeInBytes, 207 boolean checkInterop, Provider prov) 208 throws Exception { 209 Cipher c1, c2; 210 for (int i = 0; i < CIP_ALGOS.length; i++) { 211 String algo = CIP_ALGOS[i]; 212 try { 213 c1 = Cipher.getInstance(algo, prov); 214 } catch (NoSuchAlgorithmException nsae) { 215 System.out.println("Skip unsupported Cipher algo: " + algo); 216 continue; 217 } 218 219 if (checkInterop) { 220 c2 = Cipher.getInstance(algo, "SunJCE"); 221 } else { 222 c2 = Cipher.getInstance(algo, prov); 223 } 224 byte[] data = Arrays.copyOf 225 (PLAINTEXT, inputSizeInBytes - INPUT_SIZE_REDUCTION[i]); 226 227 testEncryption(c1, c2, kp, data); 228 } 229 } 230 231 private static void testEncryption(Cipher c1, Cipher c2, 232 KeyPair kp, byte[] data) throws Exception { 233 234 // C1 Encrypt + C2 Decrypt 235 byte[] out1 = null; 236 byte[] recoveredText = null; 237 try { 238 c1.init(Cipher.ENCRYPT_MODE, kp.getPublic()); 239 out1 = c1.doFinal(data); 240 241 // damage the cipher text 242 out1[out1.length - 1] = (byte)(out1[out1.length - 1] ^ 0xFF); 243 244 c2.init(Cipher.DECRYPT_MODE, kp.getPrivate()); 245 recoveredText = c2.doFinal(out1); 246 247 // Note that decryption of "RSA/ECB/NoPadding" don't throw 248 // BadPaddingException 249 System.out.println("\t=> PASS: " + c2.getAlgorithm()); 250 } catch (BadPaddingException ex) { 251 System.out.println("\tDEC ERROR: " + c2.getAlgorithm()); 252 System.out.println("\t=> PASS: expected BadPaddingException"); 253 ex.printStackTrace(); 254 } 255 256 } 257 }