1 /* 2 * Copyright (c) 2013, 2018, Oracle and/or its affiliates. All rights reserved. 3 * DO NOT ALTER OR REMOVE COPYRIGHT NOTICES OR THIS FILE HEADER. 4 * 5 * This code is free software; you can redistribute it and/or modify it 6 * under the terms of the GNU General Public License version 2 only, as 7 * published by the Free Software Foundation. 8 * 9 * This code is distributed in the hope that it will be useful, but WITHOUT 10 * ANY WARRANTY; without even the implied warranty of MERCHANTABILITY or 11 * FITNESS FOR A PARTICULAR PURPOSE. See the GNU General Public License 12 * version 2 for more details (a copy is included in the LICENSE file that 13 * accompanied this code). 14 * 15 * You should have received a copy of the GNU General Public License version 16 * 2 along with this work; if not, write to the Free Software Foundation, 17 * Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA. 18 * 19 * Please contact Oracle, 500 Oracle Parkway, Redwood Shores, CA 94065 USA 20 * or visit www.oracle.com if you need additional information or have any 21 * questions. 22 */ 23 24 /* 25 * @test 26 * @bug 7200306 8029158 27 * @summary verify that P11Signature impl will error out when initialized 28 * with unsupported key sizes 29 * @library /test/lib .. 30 * @key randomness 31 * @modules jdk.crypto.cryptoki 32 * @run main/othervm TestDSAKeyLength 33 * @run main/othervm TestDSAKeyLength sm 34 */ 35 36 import java.security.InvalidKeyException; 37 import java.security.KeyPair; 38 import java.security.KeyPairGenerator; 39 import java.security.Provider; 40 import java.security.SecureRandom; 41 import java.security.Signature; 42 43 public class TestDSAKeyLength extends PKCS11Test { 44 45 public static void main(String[] args) throws Exception { 46 main(new TestDSAKeyLength(), args); 47 } 48 49 @Override 50 protected boolean skipTest(Provider provider) { 51 if (isNSS(provider) && getNSSVersion() >= 3.14) { 52 System.out.println("Skip testing NSS " + getNSSVersion()); 53 return true; 54 } 55 56 return false; 57 } 58 59 @Override 60 public void main(Provider provider) throws Exception { 61 /* 62 * Use Solaris SPARC 11.2 or later to avoid an intermittent failure 63 * when running SunPKCS11-Solaris (8044554) 64 */ 65 if (provider.getName().equals("SunPKCS11-Solaris") && 66 props.getProperty("os.name").equals("SunOS") && 67 props.getProperty("os.arch").equals("sparcv9") && 68 props.getProperty("os.version").compareTo("5.11") <= 0 && 69 getDistro().compareTo("11.2") < 0) { 70 71 System.out.println("SunPKCS11-Solaris provider requires " + 72 "Solaris SPARC 11.2 or later, skipping"); 73 return; 74 } 75 76 KeyPairGenerator kpg = KeyPairGenerator.getInstance("DSA", "SUN"); 77 kpg.initialize(2048, new SecureRandom()); 78 KeyPair pair = kpg.generateKeyPair(); 79 80 boolean status = true; 81 Signature sig = Signature.getInstance("SHA1withDSA", provider); 82 try { 83 sig.initSign(pair.getPrivate()); 84 status = false; 85 } catch (InvalidKeyException ike) { 86 System.out.println("Expected IKE thrown for initSign()"); 87 } 88 try { 89 sig.initVerify(pair.getPublic()); 90 status = false; 91 } catch (InvalidKeyException ike) { 92 System.out.println("Expected IKE thrown for initVerify()"); 93 } 94 if (status) { 95 System.out.println("Test Passed"); 96 } else { 97 throw new Exception("Test Failed - expected IKE not thrown"); 98 } 99 } 100 }