1 /*
   2  * Copyright (c) 2015, Oracle and/or its affiliates. All rights reserved.
   3  * DO NOT ALTER OR REMOVE COPYRIGHT NOTICES OR THIS FILE HEADER.
   4  *
   5  * This code is free software; you can redistribute it and/or modify it
   6  * under the terms of the GNU General Public License version 2 only, as
   7  * published by the Free Software Foundation.
   8  *
   9  * This code is distributed in the hope that it will be useful, but WITHOUT
  10  * ANY WARRANTY; without even the implied warranty of MERCHANTABILITY or
  11  * FITNESS FOR A PARTICULAR PURPOSE.  See the GNU General Public License
  12  * version 2 for more details (a copy is included in the LICENSE file that
  13  * accompanied this code).
  14  *
  15  * You should have received a copy of the GNU General Public License version
  16  * 2 along with this work; if not, write to the Free Software Foundation,
  17  * Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA.
  18  *
  19  * Please contact Oracle, 500 Oracle Parkway, Redwood Shores, CA 94065 USA
  20  * or visit www.oracle.com if you need additional information or have any
  21  * questions.
  22  */
  23 
  24 /*
  25  * @test
  26  * @bug 8048357
  27  * @summary PKCS8 Standards Conformance Tests
  28  * @modules java.base/sun.security.pkcs
  29  *          java.base/sun.security.util
  30  *          java.base/sun.security.provider
  31  *          java.base/sun.security.x509
  32  *          java.base/sun.misc
  33  * @compile -XDignore.symbol.file PKCS8Test.java
  34  * @run main PKCS8Test
  35  */
  36 import java.io.IOException;
  37 import java.math.BigInteger;
  38 import java.security.InvalidKeyException;
  39 import java.util.Arrays;
  40 import sun.misc.HexDumpEncoder;
  41 import sun.security.pkcs.PKCS8Key;
  42 import sun.security.provider.DSAPrivateKey;
  43 import sun.security.util.DerOutputStream;
  44 import sun.security.util.DerValue;
  45 import sun.security.x509.AlgorithmId;
  46 
  47 import static java.lang.System.out;
  48 
  49 public class PKCS8Test {
  50 
  51     static final HexDumpEncoder hexDump = new HexDumpEncoder();
  52 
  53     static final DerOutputStream derOutput = new DerOutputStream();
  54 
  55     static final String FORMAT = "PKCS#8";
  56     static final String EXPECTED_ALG_ID_CHRS = "DSA\n\tp:     02\n\tq:     03\n"
  57             + "\tg:     04\n";
  58     static final String ALGORITHM = "DSA";
  59     static final String EXCEPTION_MESSAGE = "version mismatch: (supported:     "
  60             + "00, parsed:     01";
  61 
  62     // test second branch in byte[] encode()
  63     // DER encoding,include (empty) set of attributes
  64     static final int[] NEW_ENCODED_KEY_INTS = { 0x30,
  65             // length 30 = 0x1e
  66             0x1e,
  67             // first element
  68             // version Version (= INTEGER)
  69             0x02,
  70             // length 1
  71             0x01,
  72             // value 0
  73             0x00,
  74             // second element
  75             // privateKeyAlgorithmIdentifier PrivateKeyAlgorithmIdentifier
  76             // (sequence)
  77             // (an object identifier?)
  78             0x30,
  79             // length 18
  80             0x12,
  81             // contents
  82             // object identifier, 5 bytes
  83             0x06, 0x05,
  84             // { 1 3 14 3 2 12 }
  85             0x2b, 0x0e, 0x03, 0x02, 0x0c,
  86             // sequence, 9 bytes
  87             0x30, 0x09,
  88             // integer 2
  89             0x02, 0x01, 0x02,
  90             // integer 3
  91             0x02, 0x01, 0x03,
  92             // integer 4
  93             0x02, 0x01, 0x04,
  94             // third element
  95             // privateKey PrivateKey (= OCTET STRING)
  96             0x04,
  97             // length
  98             0x03,
  99             // privateKey contents
 100             0x02, 0x01, 0x01,
 101             // 4th (optional) element -- attributes [0] IMPLICIT Attributes
 102             // OPTIONAL
 103             // (Attributes = SET OF Attribute) Here, it will be empty.
 104             0xA0,
 105             // length
 106             0x00 };
 107 
 108     // encoding originally created, but with the version changed
 109     static final int[] NEW_ENCODED_KEY_INTS_2 = {
 110             // sequence
 111             0x30,
 112             // length 28 = 0x1c
 113             0x1c,
 114             // first element
 115             // version Version (= INTEGER)
 116             0x02,
 117             // length 1
 118             0x01,
 119             // value 1 (illegal)
 120             0x01,
 121             // second element
 122             // privateKeyAlgorithmIdentifier PrivateKeyAlgorithmIdentifier
 123             // (sequence)
 124             // (an object identifier?)
 125             0x30,
 126             // length 18
 127             0x12,
 128             // contents
 129             // object identifier, 5 bytes
 130             0x06, 0x05,
 131             // { 1 3 14 3 2 12 }
 132             0x2b, 0x0e, 0x03, 0x02, 0x0c,
 133             // sequence, 9 bytes
 134             0x30, 0x09,
 135             // integer 2
 136             0x02, 0x01, 0x02,
 137             // integer 3
 138             0x02, 0x01, 0x03,
 139             // integer 4
 140             0x02, 0x01, 0x04,
 141             // third element
 142             // privateKey PrivateKey (= OCTET STRING)
 143             0x04,
 144             // length
 145             0x03,
 146             // privateKey contents
 147             0x02, 0x01, 0x01 };
 148 
 149     // 0000: 30 1E 02 01 00 30 14 06 07 2A 86 48 CE 38 04 01 0....0...*.H.8..
 150     // 0010: 30 09 02 01 02 02 01 03 02 01 04 04 03 02 01 01 0...............
 151     static final int[] EXPECTED = { 0x30,
 152             // length 30 = 0x1e
 153             0x1e,
 154             // first element
 155             // version Version (= INTEGER)
 156             0x02,
 157             // length 1
 158             0x01,
 159             // value 0
 160             0x00,
 161             // second element
 162             // privateKeyAlgorithmIdentifier PrivateKeyAlgorithmIdentifier
 163             // (sequence)
 164             // (an object identifier?)
 165             0x30, 0x14, 0x06, 0x07, 0x2a, 0x86, 0x48, 0xce, 0x38, 0x04, 0x01,
 166             // integer 2
 167             0x30, 0x09, 0x02,
 168             // integer 3
 169             0x01, 0x02, 0x02,
 170             // integer 4
 171             0x01, 0x03, 0x02,
 172             // third element
 173             // privateKey PrivateKey (= OCTET STRING)
 174             0x01,
 175             // length
 176             0x04,
 177             // privateKey contents
 178             0x04, 0x03, 0x02,
 179             // 4th (optional) element -- attributes [0] IMPLICIT Attributes
 180             // OPTIONAL
 181             // (Attributes = SET OF Attribute) Here, it will be empty.
 182             0x01,
 183             // length
 184             0x01 };
 185 
 186     static void raiseException(String expected, String received) {
 187         throw new RuntimeException(
 188                 "Expected " + expected + "; Received " + received);
 189     }
 190 
 191     public static void main(String[] args)
 192             throws IOException, InvalidKeyException {
 193 
 194         byte[] encodedKey = getEncodedKey();
 195         byte[] expectedBytes = new byte[EXPECTED.length];
 196         for (int i = 0; i < EXPECTED.length; i++) {
 197             expectedBytes[i] = (byte) EXPECTED[i];
 198         }
 199 
 200         dumpByteArray("encodedKey :", encodedKey);
 201         if (!Arrays.equals(encodedKey, expectedBytes)) {
 202             raiseException(new String(expectedBytes), new String(encodedKey));
 203         }
 204 
 205         PKCS8Key decodedKey = PKCS8Key.parse(new DerValue(encodedKey));
 206         String alg = decodedKey.getAlgorithm();
 207         AlgorithmId algId = decodedKey.getAlgorithmId();
 208         out.println("Algorithm :" + alg);
 209         out.println("AlgorithmId: " + algId);
 210 
 211         if (!ALGORITHM.equals(alg)) {
 212             raiseException(ALGORITHM, alg);
 213         }
 214         if (!EXPECTED_ALG_ID_CHRS.equalsIgnoreCase(algId.toString())) {
 215             raiseException(EXPECTED_ALG_ID_CHRS, algId.toString());
 216         }
 217 
 218         decodedKey.encode(derOutput);
 219         dumpByteArray("Stream encode: ", derOutput.toByteArray());
 220         if (!Arrays.equals(derOutput.toByteArray(), expectedBytes)) {
 221             raiseException(new String(expectedBytes), derOutput.toString());
 222         }
 223 
 224         dumpByteArray("byte[] encoding: ", decodedKey.getEncoded());
 225         if (!Arrays.equals(decodedKey.getEncoded(), expectedBytes)) {
 226             raiseException(new String(expectedBytes),
 227                     new String(decodedKey.getEncoded()));
 228         }
 229 
 230         if (!FORMAT.equals(decodedKey.getFormat())) {
 231             raiseException(FORMAT, decodedKey.getFormat());
 232         }
 233 
 234         try {
 235             byte[] newEncodedKey = new byte[NEW_ENCODED_KEY_INTS.length];
 236             for (int i = 0; i < newEncodedKey.length; i++) {
 237                 newEncodedKey[i] = (byte) NEW_ENCODED_KEY_INTS[i];
 238             }
 239             PKCS8Key newDecodedKey = PKCS8Key
 240                     .parse(new DerValue(newEncodedKey));
 241 
 242             throw new RuntimeException(
 243                     "key1: Expected an IOException during " + "parsing");
 244         } catch (IOException e) {
 245             System.out.println("newEncodedKey: should have excess data due to "
 246                     + "attributes, which are not supported");
 247         }
 248 
 249         try {
 250             byte[] newEncodedKey2 = new byte[NEW_ENCODED_KEY_INTS_2.length];
 251             for (int i = 0; i < newEncodedKey2.length; i++) {
 252                 newEncodedKey2[i] = (byte) NEW_ENCODED_KEY_INTS_2[i];
 253             }
 254 
 255             PKCS8Key newDecodedKey2 = PKCS8Key
 256                     .parse(new DerValue(newEncodedKey2));
 257 
 258             throw new RuntimeException(
 259                     "key2: Expected an IOException during " + "parsing");
 260         } catch (IOException e) {
 261             out.println("Key 2: should be illegal version");
 262             out.println(e.getMessage());
 263             if (!EXCEPTION_MESSAGE.equals(e.getMessage())) {
 264                 throw new RuntimeException("Key2: expected: "
 265                         + EXCEPTION_MESSAGE + " get: " + e.getMessage());
 266             }
 267         }
 268 
 269     }
 270 
 271     // get a byte array from somewhere
 272     static byte[] getEncodedKey() throws InvalidKeyException {
 273         BigInteger p = BigInteger.valueOf(1);
 274         BigInteger q = BigInteger.valueOf(2);
 275         BigInteger g = BigInteger.valueOf(3);
 276         BigInteger x = BigInteger.valueOf(4);
 277 
 278         DSAPrivateKey priv = new DSAPrivateKey(p, q, g, x);
 279         return priv.getEncoded();
 280     }
 281 
 282     static void dumpByteArray(String nm, byte[] bytes) throws IOException {
 283         out.println(nm + " length: " + bytes.length);
 284         hexDump.encodeBuffer(bytes, out);
 285     }
 286 
 287     static String toString(PKCS8Key key) {
 288         StringBuilder builder = new StringBuilder(key.getAlgorithm());
 289         builder.append('\n').append("parameters:")
 290                 .append(key.getAlgorithmId().toString());
 291         return builder.toString();
 292     }
 293 
 294 }