1 /* 2 * Copyright (c) 2003, 2007, Oracle and/or its affiliates. All rights reserved. 3 * DO NOT ALTER OR REMOVE COPYRIGHT NOTICES OR THIS FILE HEADER. 4 * 5 * This code is free software; you can redistribute it and/or modify it 6 * under the terms of the GNU General Public License version 2 only, as 7 * published by the Free Software Foundation. 8 * 9 * This code is distributed in the hope that it will be useful, but WITHOUT 10 * ANY WARRANTY; without even the implied warranty of MERCHANTABILITY or 11 * FITNESS FOR A PARTICULAR PURPOSE. See the GNU General Public License 12 * version 2 for more details (a copy is included in the LICENSE file that 13 * accompanied this code). 14 * 15 * You should have received a copy of the GNU General Public License version 16 * 2 along with this work; if not, write to the Free Software Foundation, 17 * Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA. 18 * 19 * Please contact Oracle, 500 Oracle Parkway, Redwood Shores, CA 94065 USA 20 * or visit www.oracle.com if you need additional information or have any 21 * questions. 22 */ 23 24 /** 25 * @test 26 * @bug 4892365 27 * @summary Ensure the crypto permission check on cipher algorithms 28 * with restricted parameter values are correctly enforced. 29 * @author Valerie Peng 30 * @key randomness 31 */ 32 33 import java.io.*; 34 import java.util.*; 35 36 import java.security.*; 37 import java.security.spec.*; 38 39 import javax.crypto.*; 40 import javax.crypto.spec.*; 41 42 public class RC2PermCheck { 43 44 public static void main(String[] args) throws Exception { 45 Provider p = Security.getProvider("SunJCE"); 46 System.out.println("Testing provider " + p.getName() + "..."); 47 if (Cipher.getMaxAllowedKeyLength("DES") == Integer.MAX_VALUE) { 48 // skip this test for unlimited jurisdiction policy files 49 System.out.println("Skip this test due to unlimited version"); 50 return; 51 } 52 // Currently, RC2 is the only algorithm whose parameter values 53 // are restricted 54 String algo = "RC2"; 55 Cipher c = Cipher.getInstance(algo + "/CBC/PKCS5Padding", p); 56 SecretKeySpec key = new SecretKeySpec(new byte[16], "RC2"); 57 SecureRandom srand = new SecureRandom(); 58 int numOfTests = 6; 59 boolean result = true; 60 // test set#1: init with no parameter supplied 61 for (int i = 0; i < numOfTests; i++) { 62 try { 63 switch (i) { 64 case 0: 65 c.init(Cipher.ENCRYPT_MODE, key); 66 break; 67 case 1: 68 c.init(Cipher.ENCRYPT_MODE, key, srand); 69 break; 70 case 2: 71 c.init(Cipher.ENCRYPT_MODE, key, 72 (AlgorithmParameters) null); 73 break; 74 case 3: 75 c.init(Cipher.ENCRYPT_MODE, key, 76 (AlgorithmParameters) null, srand); 77 break; 78 case 4: 79 c.init(Cipher.ENCRYPT_MODE, key, 80 (AlgorithmParameterSpec) null); 81 break; 82 case 5: 83 c.init(Cipher.ENCRYPT_MODE, key, 84 (AlgorithmParameterSpec) null, srand); 85 break; 86 } 87 } catch (Exception ex) { 88 result = false; 89 System.out.println("Test#1." + i + " failed!"); 90 ex.printStackTrace(); 91 continue; 92 } 93 } 94 // test set#2: init with parameter within limit 95 RC2ParameterSpec paramSpec = new RC2ParameterSpec(128, new byte[8]); 96 AlgorithmParameters param = AlgorithmParameters.getInstance(algo, p); 97 param.init(paramSpec); 98 numOfTests = 4; 99 for (int i = 0; i < numOfTests; i++) { 100 try { 101 switch (i) { 102 case 0: 103 c.init(Cipher.ENCRYPT_MODE, key, paramSpec); 104 break; 105 case 1: 106 c.init(Cipher.ENCRYPT_MODE, key, paramSpec, srand); 107 break; 108 case 2: 109 c.init(Cipher.ENCRYPT_MODE, key, param); 110 break; 111 case 3: 112 c.init(Cipher.ENCRYPT_MODE, key, param, srand); 113 break; 114 } 115 } catch (Exception ex) { 116 result = false; 117 System.out.println("Test#2." + i + " failed!"); 118 ex.printStackTrace(); 119 } 120 } 121 // test set#3: init with parameter over limit 122 paramSpec = new RC2ParameterSpec(256, new byte[8]); 123 param = AlgorithmParameters.getInstance(algo); 124 param.init(paramSpec); 125 126 for (int i = 0; i < numOfTests; i++) { 127 try { 128 switch (i) { 129 case 0: 130 c.init(Cipher.ENCRYPT_MODE, key, paramSpec); 131 result = false; 132 System.out.println("Test#3." + i + " failed!"); 133 break; 134 case 1: 135 c.init(Cipher.ENCRYPT_MODE, key, paramSpec, srand); 136 result = false; 137 System.out.println("Test#3." + i + " failed!"); 138 break; 139 case 2: 140 c.init(Cipher.ENCRYPT_MODE, key, param); 141 result = false; 142 System.out.println("Test#3." + i + " failed!"); 143 break; 144 case 3: 145 c.init(Cipher.ENCRYPT_MODE, key, param, srand); 146 result = false; 147 System.out.println("Test#3." + i + " failed!"); 148 break; 149 } 150 } catch (InvalidAlgorithmParameterException iape) { 151 // expected exception thrown; proceed to next test 152 continue; 153 } 154 } 155 if (result) { 156 System.out.println("All tests passed!"); 157 } else { 158 throw new Exception("One or more test failed!"); 159 } 160 } 161 }