1 /*
   2  * Copyright (c) 2003, 2007, Oracle and/or its affiliates. All rights reserved.
   3  * DO NOT ALTER OR REMOVE COPYRIGHT NOTICES OR THIS FILE HEADER.
   4  *
   5  * This code is free software; you can redistribute it and/or modify it
   6  * under the terms of the GNU General Public License version 2 only, as
   7  * published by the Free Software Foundation.
   8  *
   9  * This code is distributed in the hope that it will be useful, but WITHOUT
  10  * ANY WARRANTY; without even the implied warranty of MERCHANTABILITY or
  11  * FITNESS FOR A PARTICULAR PURPOSE.  See the GNU General Public License
  12  * version 2 for more details (a copy is included in the LICENSE file that
  13  * accompanied this code).
  14  *
  15  * You should have received a copy of the GNU General Public License version
  16  * 2 along with this work; if not, write to the Free Software Foundation,
  17  * Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA.
  18  *
  19  * Please contact Oracle, 500 Oracle Parkway, Redwood Shores, CA 94065 USA
  20  * or visit www.oracle.com if you need additional information or have any
  21  * questions.
  22  */
  23 
  24 /**
  25  * @test
  26  * @bug 4892365
  27  * @summary Ensure the crypto permission check on cipher algorithms
  28  * with restricted parameter values are correctly enforced.
  29  * @author Valerie Peng
  30  * @key randomness
  31  */
  32 
  33 import java.io.*;
  34 import java.util.*;
  35 
  36 import java.security.*;
  37 import java.security.spec.*;
  38 
  39 import javax.crypto.*;
  40 import javax.crypto.spec.*;
  41 
  42 public class RC2PermCheck {
  43 
  44     public static void main(String[] args) throws Exception {
  45         Provider p = Security.getProvider("SunJCE");
  46         System.out.println("Testing provider " + p.getName() + "...");
  47         if (Cipher.getMaxAllowedKeyLength("DES") == Integer.MAX_VALUE) {
  48             // skip this test for unlimited jurisdiction policy files
  49             System.out.println("Skip this test due to unlimited version");
  50             return;
  51         }
  52         // Currently, RC2 is the only algorithm whose parameter values
  53         // are restricted
  54         String algo = "RC2";
  55         Cipher c = Cipher.getInstance(algo + "/CBC/PKCS5Padding", p);
  56         SecretKeySpec key = new SecretKeySpec(new byte[16], "RC2");
  57         SecureRandom srand = new SecureRandom();
  58         int numOfTests = 6;
  59         boolean result = true;
  60         // test set#1: init with no parameter supplied
  61         for (int i = 0; i < numOfTests; i++) {
  62             try {
  63                 switch (i) {
  64                 case 0:
  65                     c.init(Cipher.ENCRYPT_MODE, key);
  66                     break;
  67                 case 1:
  68                     c.init(Cipher.ENCRYPT_MODE, key, srand);
  69                     break;
  70                 case 2:
  71                     c.init(Cipher.ENCRYPT_MODE, key,
  72                            (AlgorithmParameters) null);
  73                     break;
  74                 case 3:
  75                     c.init(Cipher.ENCRYPT_MODE, key,
  76                            (AlgorithmParameters) null, srand);
  77                     break;
  78                 case 4:
  79                     c.init(Cipher.ENCRYPT_MODE, key,
  80                            (AlgorithmParameterSpec) null);
  81                     break;
  82                 case 5:
  83                     c.init(Cipher.ENCRYPT_MODE, key,
  84                            (AlgorithmParameterSpec) null, srand);
  85                     break;
  86                 }
  87             } catch (Exception ex) {
  88                 result = false;
  89                 System.out.println("Test#1." + i + " failed!");
  90                 ex.printStackTrace();
  91                 continue;
  92             }
  93         }
  94         // test set#2: init with parameter within limit
  95         RC2ParameterSpec paramSpec = new RC2ParameterSpec(128, new byte[8]);
  96         AlgorithmParameters param = AlgorithmParameters.getInstance(algo, p);
  97         param.init(paramSpec);
  98         numOfTests = 4;
  99         for (int i = 0; i < numOfTests; i++) {
 100             try {
 101                 switch (i) {
 102                 case 0:
 103                     c.init(Cipher.ENCRYPT_MODE, key, paramSpec);
 104                     break;
 105                 case 1:
 106                     c.init(Cipher.ENCRYPT_MODE, key, paramSpec, srand);
 107                     break;
 108                 case 2:
 109                     c.init(Cipher.ENCRYPT_MODE, key, param);
 110                     break;
 111                 case 3:
 112                     c.init(Cipher.ENCRYPT_MODE, key, param, srand);
 113                     break;
 114                 }
 115             } catch (Exception ex) {
 116                 result = false;
 117                 System.out.println("Test#2." + i + " failed!");
 118                 ex.printStackTrace();
 119             }
 120         }
 121         // test set#3: init with parameter over limit
 122         paramSpec = new RC2ParameterSpec(256, new byte[8]);
 123         param = AlgorithmParameters.getInstance(algo);
 124         param.init(paramSpec);
 125 
 126         for (int i = 0; i < numOfTests; i++) {
 127             try {
 128                 switch (i) {
 129                 case 0:
 130                     c.init(Cipher.ENCRYPT_MODE, key, paramSpec);
 131                     result = false;
 132                     System.out.println("Test#3." + i + " failed!");
 133                     break;
 134                 case 1:
 135                     c.init(Cipher.ENCRYPT_MODE, key, paramSpec, srand);
 136                     result = false;
 137                     System.out.println("Test#3." + i + " failed!");
 138                     break;
 139                 case 2:
 140                     c.init(Cipher.ENCRYPT_MODE, key, param);
 141                     result = false;
 142                     System.out.println("Test#3." + i + " failed!");
 143                     break;
 144                 case 3:
 145                     c.init(Cipher.ENCRYPT_MODE, key, param, srand);
 146                     result = false;
 147                     System.out.println("Test#3." + i + " failed!");
 148                     break;
 149                 }
 150             } catch (InvalidAlgorithmParameterException iape) {
 151                 // expected exception thrown; proceed to next test
 152                 continue;
 153             }
 154         }
 155         if (result) {
 156             System.out.println("All tests passed!");
 157         } else {
 158             throw new Exception("One or more test failed!");
 159         }
 160     }
 161 }