1 /*
   2  * Copyright (c) 2015, Oracle and/or its affiliates. All rights reserved.
   3  * DO NOT ALTER OR REMOVE COPYRIGHT NOTICES OR THIS FILE HEADER.
   4  *
   5  * This code is free software; you can redistribute it and/or modify it
   6  * under the terms of the GNU General Public License version 2 only, as
   7  * published by the Free Software Foundation.
   8  *
   9  * This code is distributed in the hope that it will be useful, but WITHOUT
  10  * ANY WARRANTY; without even the implied warranty of MERCHANTABILITY or
  11  * FITNESS FOR A PARTICULAR PURPOSE.  See the GNU General Public License
  12  * version 2 for more details (a copy is included in the LICENSE file that
  13  * accompanied this code).
  14  *
  15  * You should have received a copy of the GNU General Public License version
  16  * 2 along with this work; if not, write to the Free Software Foundation,
  17  * Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA.
  18  *
  19  * Please contact Oracle, 500 Oracle Parkway, Redwood Shores, CA 94065 USA
  20  * or visit www.oracle.com if you need additional information or have any
  21  * questions.
  22  */
  23 
  24 /*
  25  * @test
  26  * @bug 8048357
  27  * @summary PKCS8 Standards Conformance Tests
  28  * @requires (os.family != "solaris")
  29  * @modules java.base/sun.security.pkcs
  30  *          java.base/sun.security.util
  31  *          java.base/sun.security.provider
  32  *          java.base/sun.security.x509
  33  *          java.base/sun.misc
  34  * @compile -XDignore.symbol.file PKCS8Test.java
  35  * @run main PKCS8Test
  36  */
  37 
  38 /*
  39  * Skip Solaris since the DSAPrivateKeys returned by
  40  * SunPKCS11 Provider are not subclasses of PKCS8Key
  41  */
  42 import java.io.IOException;
  43 import java.math.BigInteger;
  44 import java.security.InvalidKeyException;
  45 import java.util.Arrays;
  46 import sun.misc.HexDumpEncoder;
  47 import sun.security.pkcs.PKCS8Key;
  48 import sun.security.provider.DSAPrivateKey;
  49 import sun.security.util.DerOutputStream;
  50 import sun.security.util.DerValue;
  51 import sun.security.x509.AlgorithmId;
  52 import static java.lang.System.out;
  53 
  54 public class PKCS8Test {
  55 
  56     static final HexDumpEncoder hexDump = new HexDumpEncoder();
  57 
  58     static final DerOutputStream derOutput = new DerOutputStream();
  59 
  60     static final String FORMAT = "PKCS#8";
  61     static final String EXPECTED_ALG_ID_CHRS = "DSA\n\tp:     02\n\tq:     03\n"
  62             + "\tg:     04\n";
  63     static final String ALGORITHM = "DSA";
  64     static final String EXCEPTION_MESSAGE = "version mismatch: (supported:     "
  65             + "00, parsed:     01";
  66 
  67     // test second branch in byte[] encode()
  68     // DER encoding,include (empty) set of attributes
  69     static final int[] NEW_ENCODED_KEY_INTS = { 0x30,
  70             // length 30 = 0x1e
  71             0x1e,
  72             // first element
  73             // version Version (= INTEGER)
  74             0x02,
  75             // length 1
  76             0x01,
  77             // value 0
  78             0x00,
  79             // second element
  80             // privateKeyAlgorithmIdentifier PrivateKeyAlgorithmIdentifier
  81             // (sequence)
  82             // (an object identifier?)
  83             0x30,
  84             // length 18
  85             0x12,
  86             // contents
  87             // object identifier, 5 bytes
  88             0x06, 0x05,
  89             // { 1 3 14 3 2 12 }
  90             0x2b, 0x0e, 0x03, 0x02, 0x0c,
  91             // sequence, 9 bytes
  92             0x30, 0x09,
  93             // integer 2
  94             0x02, 0x01, 0x02,
  95             // integer 3
  96             0x02, 0x01, 0x03,
  97             // integer 4
  98             0x02, 0x01, 0x04,
  99             // third element
 100             // privateKey PrivateKey (= OCTET STRING)
 101             0x04,
 102             // length
 103             0x03,
 104             // privateKey contents
 105             0x02, 0x01, 0x01,
 106             // 4th (optional) element -- attributes [0] IMPLICIT Attributes
 107             // OPTIONAL
 108             // (Attributes = SET OF Attribute) Here, it will be empty.
 109             0xA0,
 110             // length
 111             0x00 };
 112 
 113     // encoding originally created, but with the version changed
 114     static final int[] NEW_ENCODED_KEY_INTS_2 = {
 115             // sequence
 116             0x30,
 117             // length 28 = 0x1c
 118             0x1c,
 119             // first element
 120             // version Version (= INTEGER)
 121             0x02,
 122             // length 1
 123             0x01,
 124             // value 1 (illegal)
 125             0x01,
 126             // second element
 127             // privateKeyAlgorithmIdentifier PrivateKeyAlgorithmIdentifier
 128             // (sequence)
 129             // (an object identifier?)
 130             0x30,
 131             // length 18
 132             0x12,
 133             // contents
 134             // object identifier, 5 bytes
 135             0x06, 0x05,
 136             // { 1 3 14 3 2 12 }
 137             0x2b, 0x0e, 0x03, 0x02, 0x0c,
 138             // sequence, 9 bytes
 139             0x30, 0x09,
 140             // integer 2
 141             0x02, 0x01, 0x02,
 142             // integer 3
 143             0x02, 0x01, 0x03,
 144             // integer 4
 145             0x02, 0x01, 0x04,
 146             // third element
 147             // privateKey PrivateKey (= OCTET STRING)
 148             0x04,
 149             // length
 150             0x03,
 151             // privateKey contents
 152             0x02, 0x01, 0x01 };
 153 
 154     // 0000: 30 1E 02 01 00 30 14 06 07 2A 86 48 CE 38 04 01 0....0...*.H.8..
 155     // 0010: 30 09 02 01 02 02 01 03 02 01 04 04 03 02 01 01 0...............
 156     static final int[] EXPECTED = { 0x30,
 157             // length 30 = 0x1e
 158             0x1e,
 159             // first element
 160             // version Version (= INTEGER)
 161             0x02,
 162             // length 1
 163             0x01,
 164             // value 0
 165             0x00,
 166             // second element
 167             // privateKeyAlgorithmIdentifier PrivateKeyAlgorithmIdentifier
 168             // (sequence)
 169             // (an object identifier?)
 170             0x30, 0x14, 0x06, 0x07, 0x2a, 0x86, 0x48, 0xce, 0x38, 0x04, 0x01,
 171             // integer 2
 172             0x30, 0x09, 0x02,
 173             // integer 3
 174             0x01, 0x02, 0x02,
 175             // integer 4
 176             0x01, 0x03, 0x02,
 177             // third element
 178             // privateKey PrivateKey (= OCTET STRING)
 179             0x01,
 180             // length
 181             0x04,
 182             // privateKey contents
 183             0x04, 0x03, 0x02,
 184             // 4th (optional) element -- attributes [0] IMPLICIT Attributes
 185             // OPTIONAL
 186             // (Attributes = SET OF Attribute) Here, it will be empty.
 187             0x01,
 188             // length
 189             0x01 };
 190 
 191     static void raiseException(String expected, String received) {
 192         throw new RuntimeException(
 193                 "Expected " + expected + "; Received " + received);
 194     }
 195 
 196     public static void main(String[] args)
 197             throws IOException, InvalidKeyException {
 198 
 199         BigInteger p = BigInteger.valueOf(1);
 200         BigInteger q = BigInteger.valueOf(2);
 201         BigInteger g = BigInteger.valueOf(3);
 202         BigInteger x = BigInteger.valueOf(4);
 203 
 204         DSAPrivateKey priv = new DSAPrivateKey(p, q, g, x);
 205 
 206         byte[] encodedKey = priv.getEncoded();
 207         byte[] expectedBytes = new byte[EXPECTED.length];
 208         for (int i = 0; i < EXPECTED.length; i++) {
 209             expectedBytes[i] = (byte) EXPECTED[i];
 210         }
 211 
 212         dumpByteArray("encodedKey :", encodedKey);
 213         if (!Arrays.equals(encodedKey, expectedBytes)) {
 214             raiseException(new String(expectedBytes), new String(encodedKey));
 215         }
 216 
 217         PKCS8Key decodedKey = PKCS8Key.parse(new DerValue(encodedKey));
 218 
 219         String alg = decodedKey.getAlgorithm();
 220         AlgorithmId algId = decodedKey.getAlgorithmId();
 221         out.println("Algorithm :" + alg);
 222         out.println("AlgorithmId: " + algId);
 223 
 224         if (!ALGORITHM.equals(alg)) {
 225             raiseException(ALGORITHM, alg);
 226         }
 227         if (!EXPECTED_ALG_ID_CHRS.equalsIgnoreCase(algId.toString())) {
 228             raiseException(EXPECTED_ALG_ID_CHRS, algId.toString());
 229         }
 230 
 231         decodedKey.encode(derOutput);
 232         dumpByteArray("Stream encode: ", derOutput.toByteArray());
 233         if (!Arrays.equals(derOutput.toByteArray(), expectedBytes)) {
 234             raiseException(new String(expectedBytes), derOutput.toString());
 235         }
 236 
 237         dumpByteArray("byte[] encoding: ", decodedKey.getEncoded());
 238         if (!Arrays.equals(decodedKey.getEncoded(), expectedBytes)) {
 239             raiseException(new String(expectedBytes),
 240                     new String(decodedKey.getEncoded()));
 241         }
 242 
 243         if (!FORMAT.equals(decodedKey.getFormat())) {
 244             raiseException(FORMAT, decodedKey.getFormat());
 245         }
 246 
 247         try {
 248             byte[] newEncodedKey = new byte[NEW_ENCODED_KEY_INTS.length];
 249             for (int i = 0; i < newEncodedKey.length; i++) {
 250                 newEncodedKey[i] = (byte) NEW_ENCODED_KEY_INTS[i];
 251             }
 252             PKCS8Key newDecodedKey = PKCS8Key
 253                     .parse(new DerValue(newEncodedKey));
 254 
 255             throw new RuntimeException(
 256                     "key1: Expected an IOException during " + "parsing");
 257         } catch (IOException e) {
 258             System.out.println("newEncodedKey: should have excess data due to "
 259                     + "attributes, which are not supported");
 260         }
 261 
 262         try {
 263             byte[] newEncodedKey2 = new byte[NEW_ENCODED_KEY_INTS_2.length];
 264             for (int i = 0; i < newEncodedKey2.length; i++) {
 265                 newEncodedKey2[i] = (byte) NEW_ENCODED_KEY_INTS_2[i];
 266             }
 267 
 268             PKCS8Key newDecodedKey2 = PKCS8Key
 269                     .parse(new DerValue(newEncodedKey2));
 270 
 271             throw new RuntimeException(
 272                     "key2: Expected an IOException during " + "parsing");
 273         } catch (IOException e) {
 274             out.println("Key 2: should be illegal version");
 275             out.println(e.getMessage());
 276             if (!EXCEPTION_MESSAGE.equals(e.getMessage())) {
 277                 throw new RuntimeException("Key2: expected: "
 278                         + EXCEPTION_MESSAGE + " get: " + e.getMessage());
 279             }
 280         }
 281     }
 282 
 283     static void dumpByteArray(String nm, byte[] bytes) throws IOException {
 284         out.println(nm + " length: " + bytes.length);
 285         hexDump.encodeBuffer(bytes, out);
 286     }
 287 }