New test/sun/security/pkcs11/KeyPairGenerator/TestDH2048.java

   1 /*
   2  * Copyright (c) 2013, 2016, Oracle and/or its affiliates. All rights reserved.
   3  * DO NOT ALTER OR REMOVE COPYRIGHT NOTICES OR THIS FILE HEADER.
   4  *
   5  * This code is free software; you can redistribute it and/or modify it
   6  * under the terms of the GNU General Public License version 2 only, as
   7  * published by the Free Software Foundation.
   8  *
   9  * This code is distributed in the hope that it will be useful, but WITHOUT
  10  * ANY WARRANTY; without even the implied warranty of MERCHANTABILITY or
  11  * FITNESS FOR A PARTICULAR PURPOSE.  See the GNU General Public License
  12  * version 2 for more details (a copy is included in the LICENSE file that
  13  * accompanied this code).
  14  *
  15  * You should have received a copy of the GNU General Public License version
  16  * 2 along with this work; if not, write to the Free Software Foundation,
  17  * Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA.
  18  *
  19  * Please contact Oracle, 500 Oracle Parkway, Redwood Shores, CA 94065 USA
  20  * or visit www.oracle.com if you need additional information or have any
  21  * questions.
  22  */
  23 
  24 /**
  25  * @test
  26  * @bug 7196382 8072452
  27  * @summary Ensure that DH key pairs can be generated for 512 - 4096 bits
  28  * @author Valerie Peng
  29  * @library ..
  30  * @run main/othervm TestDH2048
  31  * @run main/othervm TestDH2048 sm
  32  */
  33 
  34 import java.security.InvalidParameterException;
  35 import java.security.KeyPair;
  36 import java.security.KeyPairGenerator;
  37 import java.security.Provider;
  38 
  39 public class TestDH2048 extends PKCS11Test {
  40 
  41     private static void checkUnsupportedKeySize(KeyPairGenerator kpg, int ks)
  42         throws Exception {
  43         try {
  44             kpg.initialize(ks);
  45             throw new Exception("Expected IPE not thrown for " + ks);
  46         } catch (InvalidParameterException ipe) {
  47         }
  48     }
  49 
  50     @Override
  51     public void main(Provider p) throws Exception {
  52         if (p.getService("KeyPairGenerator", "DH") == null) {
  53             System.out.println("KPG for DH not supported, skipping");
  54             return;
  55         }
  56         KeyPairGenerator kpg = KeyPairGenerator.getInstance("DH", p);
  57         kpg.initialize(512);
  58         KeyPair kp1 = kpg.generateKeyPair();
  59 
  60         kpg.initialize(1024);
  61         kp1 = kpg.generateKeyPair();
  62 
  63         kpg.initialize(1536);
  64         kp1 = kpg.generateKeyPair();
  65 
  66         kpg.initialize(2048);
  67         kp1 = kpg.generateKeyPair();
  68 
  69         try {
  70             kpg.initialize(3072);
  71             kp1 = kpg.generateKeyPair();
  72 
  73             kpg.initialize(4096);
  74             kp1 = kpg.generateKeyPair();
  75 
  76             kpg.initialize(6144);
  77             kp1 = kpg.generateKeyPair();
  78 
  79             kpg.initialize(8192);
  80             kp1 = kpg.generateKeyPair();
  81         } catch (InvalidParameterException ipe) {
  82             // NSS has a hard coded maximum limit of 2236 bits for DHE keys
  83             System.out.println("4096-bit DH key pair generation: " + ipe);
  84             if (!p.getName().equals("SunPKCS11-NSS")) {
  85                 throw ipe;
  86             }
  87         }
  88 
  89         // key size must be multiples of 64 though
  90         checkUnsupportedKeySize(kpg, 2048 + 63);
  91         checkUnsupportedKeySize(kpg, 3072 + 32);
  92     }
  93 
  94     public static void main(String[] args) throws Exception {
  95         main(new TestDH2048(), args);
  96     }
  97 }