1 /*
   2  * Copyright (c) 2005, 2017, Oracle and/or its affiliates. All rights reserved.
   3  * DO NOT ALTER OR REMOVE COPYRIGHT NOTICES OR THIS FILE HEADER.
   4  *
   5  * This code is free software; you can redistribute it and/or modify it
   6  * under the terms of the GNU General Public License version 2 only, as
   7  * published by the Free Software Foundation.
   8  *
   9  * This code is distributed in the hope that it will be useful, but WITHOUT
  10  * ANY WARRANTY; without even the implied warranty of MERCHANTABILITY or
  11  * FITNESS FOR A PARTICULAR PURPOSE.  See the GNU General Public License
  12  * version 2 for more details (a copy is included in the LICENSE file that
  13  * accompanied this code).
  14  *
  15  * You should have received a copy of the GNU General Public License version
  16  * 2 along with this work; if not, write to the Free Software Foundation,
  17  * Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA.
  18  *
  19  * Please contact Oracle, 500 Oracle Parkway, Redwood Shores, CA 94065 USA
  20  * or visit www.oracle.com if you need additional information or have any
  21  * questions.
  22  */
  23 
  24 /*
  25  * @test
  26  * @bug 6231216
  27  * @summary Verify key wrapping (of extractable keys) works for RSA/PKCS1
  28  * @author Andreas Sterbenz
  29  * @library ..
  30  * @key randomness
  31  * @modules jdk.crypto.cryptoki
  32  * @run main/othervm KeyWrap
  33  * @run main/othervm KeyWrap sm
  34  */
  35 
  36 import java.security.GeneralSecurityException;
  37 import java.security.InvalidKeyException;
  38 import java.security.Key;
  39 import java.security.KeyFactory;
  40 import java.security.KeyPair;
  41 import java.security.KeyPairGenerator;
  42 import java.security.NoSuchAlgorithmException;
  43 import java.security.PrivateKey;
  44 import java.security.Provider;
  45 import java.security.PublicKey;
  46 import java.util.Random;
  47 import javax.crypto.Cipher;
  48 import javax.crypto.SecretKey;
  49 import javax.crypto.spec.SecretKeySpec;
  50 
  51 public class KeyWrap extends PKCS11Test {
  52 
  53     @Override
  54     public void main(Provider p) throws Exception {
  55         try {
  56             Cipher.getInstance("RSA/ECB/PKCS1Padding", p);
  57         } catch (GeneralSecurityException e) {
  58             System.out.println("Not supported by provider, skipping");
  59             return;
  60         }
  61         KeyPair kp;
  62         try {
  63             KeyPairGenerator kpg = KeyPairGenerator.getInstance("RSA", p);
  64             kpg.initialize(512);
  65             kp = kpg.generateKeyPair();
  66         } catch (Exception e) {
  67             try {
  68                 System.out.println("Could not generate KeyPair on provider " + p + ", trying migration");
  69                 KeyPairGenerator kpg = KeyPairGenerator.getInstance("RSA");
  70                 kpg.initialize(512);
  71                 kp = kpg.generateKeyPair();
  72                 KeyFactory kf = KeyFactory.getInstance("RSA", p);
  73                 PublicKey pub = (PublicKey)kf.translateKey(kp.getPublic());
  74                 PrivateKey priv = (PrivateKey)kf.translateKey(kp.getPrivate());
  75                 kp = new KeyPair(pub, priv);
  76             } catch (NoSuchAlgorithmException | InvalidKeyException ee) {
  77                 ee.printStackTrace();
  78                 System.out.println("Provider does not support RSA, skipping");
  79                 return;
  80             }
  81         }
  82         System.out.println(kp);
  83         Random r = new Random();
  84         byte[] b = new byte[16];
  85         r.nextBytes(b);
  86         String alg = "AES";
  87         SecretKey key = new SecretKeySpec(b, alg);
  88 
  89         Cipher c = Cipher.getInstance("RSA/ECB/PKCS1Padding", p);
  90 //      Cipher c = Cipher.getInstance("RSA/ECB/PKCS1Padding");
  91         c.init(Cipher.WRAP_MODE, kp.getPublic());
  92         byte[] wrapped = c.wrap(key);
  93         System.out.println("wrapped: " + wrapped.length);
  94 
  95         c.init(Cipher.UNWRAP_MODE, kp.getPrivate());
  96         Key unwrapped = c.unwrap(wrapped, alg, Cipher.SECRET_KEY);
  97         System.out.println("unwrapped: " + unwrapped);
  98 
  99         boolean eq = key.equals(unwrapped);
 100         System.out.println(eq);
 101         if (eq == false) {
 102             throw new Exception("Unwrapped key does not match original key");
 103         }
 104     }
 105 
 106     public static void main(String[] args) throws Exception {
 107         main(new KeyWrap(), args);
 108     }
 109 
 110 }
--- EOF ---