1 /* 2 * Copyright (c) 2013, 2016, Oracle and/or its affiliates. All rights reserved. 3 * DO NOT ALTER OR REMOVE COPYRIGHT NOTICES OR THIS FILE HEADER. 4 * 5 * This code is free software; you can redistribute it and/or modify it 6 * under the terms of the GNU General Public License version 2 only, as 7 * published by the Free Software Foundation. 8 * 9 * This code is distributed in the hope that it will be useful, but WITHOUT 10 * ANY WARRANTY; without even the implied warranty of MERCHANTABILITY or 11 * FITNESS FOR A PARTICULAR PURPOSE. See the GNU General Public License 12 * version 2 for more details (a copy is included in the LICENSE file that 13 * accompanied this code). 14 * 15 * You should have received a copy of the GNU General Public License version 16 * 2 along with this work; if not, write to the Free Software Foundation, 17 * Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA. 18 * 19 * Please contact Oracle, 500 Oracle Parkway, Redwood Shores, CA 94065 USA 20 * or visit www.oracle.com if you need additional information or have any 21 * questions. 22 */ 23 24 /** 25 * @test 26 * @bug 7196382 8072452 27 * @summary Ensure that DH key pairs can be generated for 512 - 4096 bits 28 * @author Valerie Peng 29 * @library .. 30 * @run main/othervm TestDH2048 31 * @run main/othervm TestDH2048 sm 32 */ 33 34 import java.security.InvalidParameterException; 35 import java.security.KeyPair; 36 import java.security.KeyPairGenerator; 37 import java.security.Provider; 38 39 public class TestDH2048 extends PKCS11Test { 40 41 private static void checkUnsupportedKeySize(KeyPairGenerator kpg, int ks) 42 throws Exception { 43 try { 44 kpg.initialize(ks); 45 throw new Exception("Expected IPE not thrown for " + ks); 46 } catch (InvalidParameterException ipe) { 47 } 48 } 49 50 @Override 51 public void main(Provider p) throws Exception { 52 if (p.getService("KeyPairGenerator", "DH") == null) { 53 System.out.println("KPG for DH not supported, skipping"); 54 return; 55 } 56 KeyPairGenerator kpg = KeyPairGenerator.getInstance("DH", p); 57 kpg.initialize(512); 58 KeyPair kp1 = kpg.generateKeyPair(); 59 60 kpg.initialize(1024); 61 kp1 = kpg.generateKeyPair(); 62 63 kpg.initialize(1536); 64 kp1 = kpg.generateKeyPair(); 65 66 kpg.initialize(2048); 67 kp1 = kpg.generateKeyPair(); 68 69 try { 70 kpg.initialize(3072); 71 kp1 = kpg.generateKeyPair(); 72 73 kpg.initialize(4096); 74 kp1 = kpg.generateKeyPair(); 75 76 kpg.initialize(6144); 77 kp1 = kpg.generateKeyPair(); 78 79 kpg.initialize(8192); 80 kp1 = kpg.generateKeyPair(); 81 } catch (InvalidParameterException ipe) { 82 // NSS has a hard coded maximum limit of 2236 bits for DHE keys 83 System.out.println("4096-bit DH key pair generation: " + ipe); 84 if (!p.getName().equals("SunPKCS11-NSS")) { 85 throw ipe; 86 } 87 } 88 89 // key size must be multiples of 64 though 90 checkUnsupportedKeySize(kpg, 2048 + 63); 91 checkUnsupportedKeySize(kpg, 3072 + 32); 92 } 93 94 public static void main(String[] args) throws Exception { 95 main(new TestDH2048(), args); 96 } 97 }