1 /*
2 * Copyright (c) 2014, Oracle and/or its affiliates. All rights reserved.
3 * DO NOT ALTER OR REMOVE COPYRIGHT NOTICES OR THIS FILE HEADER.
4 *
5 * This code is free software; you can redistribute it and/or modify it
6 * under the terms of the GNU General Public License version 2 only, as
7 * published by the Free Software Foundation.
8 *
9 * This code is distributed in the hope that it will be useful, but WITHOUT
10 * ANY WARRANTY; without even the implied warranty of MERCHANTABILITY or
11 * FITNESS FOR A PARTICULAR PURPOSE. See the GNU General Public License
12 * version 2 for more details (a copy is included in the LICENSE file that
13 * accompanied this code).
14 *
15 * You should have received a copy of the GNU General Public License version
16 * 2 along with this work; if not, write to the Free Software Foundation,
17 * Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA.
18 *
19 * Please contact Oracle, 500 Oracle Parkway, Redwood Shores, CA 94065 USA
20 * or visit www.oracle.com if you need additional information or have any
21 * questions.
22 */
23
24 /*
25 * @test
26 * @bug 8024606
27 * @summary NegativeArraySizeException in NativeRSACipher
28 */
29
30 import java.io.*;
31 import java.security.*;
32 import java.security.spec.*;
33 import java.util.*;
34 import java.math.*;
35 import javax.crypto.*;
36
37 public class TestMalformedRSA extends UcryptoTest {
38
39 // KAT
40 private static final byte PLAINTEXT[] = Arrays.copyOf
41 (new String("Known plaintext message utilized" +
42 "for RSA Encryption & Decryption" +
43 "block, SHA1, SHA256, SHA384 and" +
44 "SHA512 RSA Signature KAT tests.").getBytes(), 128);
45
46 private static final byte MOD[] = {
47 (byte)0xd5, (byte)0x84, (byte)0x95, (byte)0x07, (byte)0xf4, (byte)0xd0,
48 (byte)0x1f, (byte)0x82, (byte)0xf3, (byte)0x79, (byte)0xf4, (byte)0x99,
49 (byte)0x48, (byte)0x10, (byte)0xe1, (byte)0x71, (byte)0xa5, (byte)0x62,
50 (byte)0x22, (byte)0xa3, (byte)0x4b, (byte)0x00, (byte)0xe3, (byte)0x5b,
51 (byte)0x3a, (byte)0xcc, (byte)0x10, (byte)0x83, (byte)0xe0, (byte)0xaf,
52 (byte)0x61, (byte)0x13, (byte)0x54, (byte)0x6a, (byte)0xa2, (byte)0x6a,
53 (byte)0x2c, (byte)0x5e, (byte)0xb3, (byte)0xcc, (byte)0xa3, (byte)0x71,
54 (byte)0x9a, (byte)0xb2, (byte)0x3e, (byte)0x78, (byte)0xec, (byte)0xb5,
55 (byte)0x0e, (byte)0x6e, (byte)0x31, (byte)0x3b, (byte)0x77, (byte)0x1f,
56 (byte)0x6e, (byte)0x94, (byte)0x41, (byte)0x60, (byte)0xd5, (byte)0x6e,
57 (byte)0xd9, (byte)0xc6, (byte)0xf9, (byte)0x29, (byte)0xc3, (byte)0x40,
58 (byte)0x36, (byte)0x25, (byte)0xdb, (byte)0xea, (byte)0x0b, (byte)0x07,
59 (byte)0xae, (byte)0x76, (byte)0xfd, (byte)0x99, (byte)0x29, (byte)0xf4,
60 (byte)0x22, (byte)0xc1, (byte)0x1a, (byte)0x8f, (byte)0x05, (byte)0xfe,
61 (byte)0x98, (byte)0x09, (byte)0x07, (byte)0x05, (byte)0xc2, (byte)0x0f,
62 (byte)0x0b, (byte)0x11, (byte)0x83, (byte)0x39, (byte)0xca, (byte)0xc7,
63 (byte)0x43, (byte)0x63, (byte)0xff, (byte)0x33, (byte)0x80, (byte)0xe7,
64 (byte)0xc3, (byte)0x78, (byte)0xae, (byte)0xf1, (byte)0x73, (byte)0x52,
65 (byte)0x98, (byte)0x1d, (byte)0xde, (byte)0x5c, (byte)0x53, (byte)0x6e,
66 (byte)0x01, (byte)0x73, (byte)0x0d, (byte)0x12, (byte)0x7e, (byte)0x77,
67 (byte)0x03, (byte)0xf1, (byte)0xef, (byte)0x1b, (byte)0xc8, (byte)0xa8,
68 (byte)0x0f, (byte)0x97
69 };
70
71 private static final byte PUB_EXP[] = {(byte)0x01, (byte)0x00, (byte)0x01};
72
73 private static final byte PRIV_EXP[] = {
74 (byte)0x85, (byte)0x27, (byte)0x47, (byte)0x61, (byte)0x4c, (byte)0xd4,
75 (byte)0xb5, (byte)0xb2, (byte)0x0e, (byte)0x70, (byte)0x91, (byte)0x8f,
76 (byte)0x3d, (byte)0x97, (byte)0xf9, (byte)0x5f, (byte)0xcc, (byte)0x09,
77 (byte)0x65, (byte)0x1c, (byte)0x7c, (byte)0x5b, (byte)0xb3, (byte)0x6d,
78 (byte)0x63, (byte)0x3f, (byte)0x7b, (byte)0x55, (byte)0x22, (byte)0xbb,
79 (byte)0x7c, (byte)0x48, (byte)0x77, (byte)0xae, (byte)0x80, (byte)0x56,
80 (byte)0xc2, (byte)0x10, (byte)0xd5, (byte)0x03, (byte)0xdb, (byte)0x31,
81 (byte)0xaf, (byte)0x8d, (byte)0x54, (byte)0xd4, (byte)0x48, (byte)0x99,
82 (byte)0xa8, (byte)0xc4, (byte)0x23, (byte)0x43, (byte)0xb8, (byte)0x48,
83 (byte)0x0b, (byte)0xc7, (byte)0xbc, (byte)0xf5, (byte)0xcc, (byte)0x64,
84 (byte)0x72, (byte)0xbf, (byte)0x59, (byte)0x06, (byte)0x04, (byte)0x1c,
85 (byte)0x32, (byte)0xf5, (byte)0x14, (byte)0x2e, (byte)0x6e, (byte)0xe2,
86 (byte)0x0f, (byte)0x5c, (byte)0xde, (byte)0x36, (byte)0x3c, (byte)0x6e,
87 (byte)0x7c, (byte)0x4d, (byte)0xcc, (byte)0xd3, (byte)0x00, (byte)0x6e,
88 (byte)0xe5, (byte)0x45, (byte)0x46, (byte)0xef, (byte)0x4d, (byte)0x25,
89 (byte)0x46, (byte)0x6d, (byte)0x7f, (byte)0xed, (byte)0xbb, (byte)0x4f,
90 (byte)0x4d, (byte)0x9f, (byte)0xda, (byte)0x87, (byte)0x47, (byte)0x8f,
91 (byte)0x74, (byte)0x44, (byte)0xb7, (byte)0xbe, (byte)0x9d, (byte)0xf5,
92 (byte)0xdd, (byte)0xd2, (byte)0x4c, (byte)0xa5, (byte)0xab, (byte)0x74,
93 (byte)0xe5, (byte)0x29, (byte)0xa1, (byte)0xd2, (byte)0x45, (byte)0x3b,
94 (byte)0x33, (byte)0xde, (byte)0xd5, (byte)0xae, (byte)0xf7, (byte)0x03,
95 (byte)0x10, (byte)0x21
96 };
97
98 private static final byte PRIME_P[] = {
99 (byte)0xf9, (byte)0x74, (byte)0x8f, (byte)0x16, (byte)0x02, (byte)0x6b,
100 (byte)0xa0, (byte)0xee, (byte)0x7f, (byte)0x28, (byte)0x97, (byte)0x91,
101 (byte)0xdc, (byte)0xec, (byte)0xc0, (byte)0x7c, (byte)0x49, (byte)0xc2,
102 (byte)0x85, (byte)0x76, (byte)0xee, (byte)0x66, (byte)0x74, (byte)0x2d,
103 (byte)0x1a, (byte)0xb8, (byte)0xf7, (byte)0x2f, (byte)0x11, (byte)0x5b,
104 (byte)0x36, (byte)0xd8, (byte)0x46, (byte)0x33, (byte)0x3b, (byte)0xd8,
105 (byte)0xf3, (byte)0x2d, (byte)0xa1, (byte)0x03, (byte)0x83, (byte)0x2b,
106 (byte)0xec, (byte)0x35, (byte)0x43, (byte)0x32, (byte)0xff, (byte)0xdd,
107 (byte)0x81, (byte)0x7c, (byte)0xfd, (byte)0x65, (byte)0x13, (byte)0x04,
108 (byte)0x7c, (byte)0xfc, (byte)0x03, (byte)0x97, (byte)0xf0, (byte)0xd5,
109 (byte)0x62, (byte)0xdc, (byte)0x0d, (byte)0xbf
110 };
111
112 private static final byte PRIME_Q[] = {
113 (byte)0xdb, (byte)0x1e, (byte)0xa7, (byte)0x3d, (byte)0xe7, (byte)0xfa,
114 (byte)0x8b, (byte)0x04, (byte)0x83, (byte)0x48, (byte)0xf3, (byte)0xa5,
115 (byte)0x31, (byte)0x9d, (byte)0x35, (byte)0x5e, (byte)0x4d, (byte)0x54,
116 (byte)0x77, (byte)0xcc, (byte)0x84, (byte)0x09, (byte)0xf3, (byte)0x11,
117 (byte)0x0d, (byte)0x54, (byte)0xed, (byte)0x85, (byte)0x39, (byte)0xa9,
118 (byte)0xca, (byte)0xa8, (byte)0xea, (byte)0xae, (byte)0x19, (byte)0x9c,
119 (byte)0x75, (byte)0xdb, (byte)0x88, (byte)0xb8, (byte)0x04, (byte)0x8d,
120 (byte)0x54, (byte)0xc6, (byte)0xa4, (byte)0x80, (byte)0xf8, (byte)0x93,
121 (byte)0xf0, (byte)0xdb, (byte)0x19, (byte)0xef, (byte)0xd7, (byte)0x87,
122 (byte)0x8a, (byte)0x8f, (byte)0x5a, (byte)0x09, (byte)0x2e, (byte)0x54,
123 (byte)0xf3, (byte)0x45, (byte)0x24, (byte)0x29
124 };
125
126 private static final byte EXP_P[] = {
127 (byte)0x6a, (byte)0xd1, (byte)0x25, (byte)0x80, (byte)0x18, (byte)0x33,
128 (byte)0x3c, (byte)0x2b, (byte)0x44, (byte)0x19, (byte)0xfe, (byte)0xa5,
129 (byte)0x40, (byte)0x03, (byte)0xc4, (byte)0xfc, (byte)0xb3, (byte)0x9c,
130 (byte)0xef, (byte)0x07, (byte)0x99, (byte)0x58, (byte)0x17, (byte)0xc1,
131 (byte)0x44, (byte)0xa3, (byte)0x15, (byte)0x7d, (byte)0x7b, (byte)0x22,
132 (byte)0x22, (byte)0xdf, (byte)0x03, (byte)0x58, (byte)0x66, (byte)0xf5,
133 (byte)0x24, (byte)0x54, (byte)0x52, (byte)0x91, (byte)0x2d, (byte)0x76,
134 (byte)0xfe, (byte)0x63, (byte)0x64, (byte)0x4e, (byte)0x0f, (byte)0x50,
135 (byte)0x2b, (byte)0x65, (byte)0x79, (byte)0x1f, (byte)0xf1, (byte)0xbf,
136 (byte)0xc7, (byte)0x41, (byte)0x26, (byte)0xcc, (byte)0xc6, (byte)0x1c,
137 (byte)0xa9, (byte)0x83, (byte)0x6f, (byte)0x03
138 };
139
140 private static final byte EXP_Q[] = {
141 (byte)0x12, (byte)0x84, (byte)0x1a, (byte)0x99, (byte)0xce, (byte)0x9a,
142 (byte)0x8b, (byte)0x58, (byte)0xcc, (byte)0x47, (byte)0x43, (byte)0xdf,
143 (byte)0x77, (byte)0xbb, (byte)0xd3, (byte)0x20, (byte)0xae, (byte)0xe4,
144 (byte)0x2e, (byte)0x63, (byte)0x67, (byte)0xdc, (byte)0xf7, (byte)0x5f,
145 (byte)0x3f, (byte)0x83, (byte)0x27, (byte)0xb7, (byte)0x14, (byte)0x52,
146 (byte)0x56, (byte)0xbf, (byte)0xc3, (byte)0x65, (byte)0x06, (byte)0xe1,
147 (byte)0x03, (byte)0xcc, (byte)0x93, (byte)0x57, (byte)0x09, (byte)0x7b,
148 (byte)0x6f, (byte)0xe8, (byte)0x81, (byte)0x4a, (byte)0x2c, (byte)0xb7,
149 (byte)0x43, (byte)0xa9, (byte)0x20, (byte)0x1d, (byte)0xf6, (byte)0x56,
150 (byte)0x8b, (byte)0xcc, (byte)0xe5, (byte)0x4c, (byte)0xd5, (byte)0x4f,
151 (byte)0x74, (byte)0x67, (byte)0x29, (byte)0x51
152 };
153
154 private static final byte CRT_COEFF[] = {
155 (byte)0x23, (byte)0xab, (byte)0xf4, (byte)0x03, (byte)0x2f, (byte)0x29,
156 (byte)0x95, (byte)0x74, (byte)0xac, (byte)0x1a, (byte)0x33, (byte)0x96,
157 (byte)0x62, (byte)0xed, (byte)0xf7, (byte)0xf6, (byte)0xae, (byte)0x07,
158 (byte)0x2a, (byte)0x2e, (byte)0xe8, (byte)0xab, (byte)0xfb, (byte)0x1e,
159 (byte)0xb9, (byte)0xb2, (byte)0x88, (byte)0x1e, (byte)0x85, (byte)0x05,
160 (byte)0x42, (byte)0x64, (byte)0x03, (byte)0xb2, (byte)0x8b, (byte)0xc1,
161 (byte)0x81, (byte)0x75, (byte)0xd7, (byte)0xba, (byte)0xaa, (byte)0xd4,
162 (byte)0x31, (byte)0x3c, (byte)0x8a, (byte)0x96, (byte)0x23, (byte)0x9d,
163 (byte)0x3f, (byte)0x06, (byte)0x3e, (byte)0x44, (byte)0xa9, (byte)0x62,
164 (byte)0x2f, (byte)0x61, (byte)0x5a, (byte)0x51, (byte)0x82, (byte)0x2c,
165 (byte)0x04, (byte)0x85, (byte)0x73, (byte)0xd1
166 };
167
168 private static KeyPair genPredefinedRSAKeyPair() throws Exception {
169 KeyFactory kf = KeyFactory.getInstance("RSA");
170 BigInteger mod = new BigInteger(MOD);
171 BigInteger pub = new BigInteger(PUB_EXP);
172
173 PrivateKey privKey = kf.generatePrivate
174 (new RSAPrivateCrtKeySpec
175 (mod, pub, new BigInteger(PRIV_EXP),
176 new BigInteger(PRIME_P), new BigInteger(PRIME_Q),
177 new BigInteger(EXP_P), new BigInteger(EXP_Q),
178 new BigInteger(CRT_COEFF)));
179 PublicKey pubKey = kf.generatePublic(new RSAPublicKeySpec(mod, pub));
180 return new KeyPair(pubKey, privKey);
181 }
182
183 private static final String CIP_ALGOS[] = {
184 "RSA/ECB/NoPadding",
185 "RSA/ECB/PKCS1Padding"
186 };
187 private static final int INPUT_SIZE_REDUCTION[] = {
188 0,
189 11,
190 };
191
192 private static KeyPair kp[] = null;
193
194 public static void main(String argv[]) throws Exception {
195 main(new TestMalformedRSA(), null);
196 }
197
198 public void doTest(Provider prov) throws Exception {
199 // first test w/ predefine KeyPair
200 KeyPair pkp = genPredefinedRSAKeyPair();
201 System.out.println("Test against Predefined RSA Key Pair");
202 testCipher(pkp, 128, false, prov);
203 }
204
205
206 private static void testCipher(KeyPair kp, int inputSizeInBytes,
207 boolean checkInterop, Provider prov)
208 throws Exception {
209 Cipher c1, c2;
210 for (int i = 0; i < CIP_ALGOS.length; i++) {
211 String algo = CIP_ALGOS[i];
212 try {
213 c1 = Cipher.getInstance(algo, prov);
214 } catch (NoSuchAlgorithmException nsae) {
215 System.out.println("Skip unsupported Cipher algo: " + algo);
216 continue;
217 }
218
219 if (checkInterop) {
220 c2 = Cipher.getInstance(algo, "SunJCE");
221 } else {
222 c2 = Cipher.getInstance(algo, prov);
223 }
224 byte[] data = Arrays.copyOf
225 (PLAINTEXT, inputSizeInBytes - INPUT_SIZE_REDUCTION[i]);
226
227 testEncryption(c1, c2, kp, data);
228 }
229 }
230
231 private static void testEncryption(Cipher c1, Cipher c2,
232 KeyPair kp, byte[] data) throws Exception {
233
234 // C1 Encrypt + C2 Decrypt
235 byte[] out1 = null;
236 byte[] recoveredText = null;
237 try {
238 c1.init(Cipher.ENCRYPT_MODE, kp.getPublic());
239 out1 = c1.doFinal(data);
240
241 // damage the cipher text
242 out1[out1.length - 1] = (byte)(out1[out1.length - 1] ^ 0xFF);
243
244 c2.init(Cipher.DECRYPT_MODE, kp.getPrivate());
245 recoveredText = c2.doFinal(out1);
246
247 // Note that decryption of "RSA/ECB/NoPadding" don't throw
248 // BadPaddingException
249 System.out.println("\t=> PASS: " + c2.getAlgorithm());
250 } catch (BadPaddingException ex) {
251 System.out.println("\tDEC ERROR: " + c2.getAlgorithm());
252 System.out.println("\t=> PASS: expected BadPaddingException");
253 ex.printStackTrace();
254 }
255
256 }
257 }