1 /*
   2  * Copyright (c) 2003, 2005, Oracle and/or its affiliates. All rights reserved.
   3  * DO NOT ALTER OR REMOVE COPYRIGHT NOTICES OR THIS FILE HEADER.
   4  *
   5  * This code is free software; you can redistribute it and/or modify it
   6  * under the terms of the GNU General Public License version 2 only, as
   7  * published by the Free Software Foundation.
   8  *
   9  * This code is distributed in the hope that it will be useful, but WITHOUT
  10  * ANY WARRANTY; without even the implied warranty of MERCHANTABILITY or
  11  * FITNESS FOR A PARTICULAR PURPOSE.  See the GNU General Public License
  12  * version 2 for more details (a copy is included in the LICENSE file that
  13  * accompanied this code).
  14  *
  15  * You should have received a copy of the GNU General Public License version
  16  * 2 along with this work; if not, write to the Free Software Foundation,
  17  * Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA.
  18  *
  19  * Please contact Oracle, 500 Oracle Parkway, Redwood Shores, CA 94065 USA
  20  * or visit www.oracle.com if you need additional information or have any
  21  * questions.
  22  */
  23 
  24 /**
  25  * @test
  26  * @bug 4856966
  27  * @summary basic test of SHA1withDSA and RawDSA signing/verifying
  28  * @author Andreas Sterbenz
  29  * @library ..
  30  * @key randomness
  31  */
  32 
  33 import java.io.*;
  34 import java.util.*;
  35 import java.math.BigInteger;
  36 
  37 import java.security.*;
  38 import java.security.spec.*;
  39 
  40 public class TestDSA extends PKCS11Test {
  41 
  42     // values of the keys we use for the tests
  43 
  44     private final static String ps =
  45         "fd7f53811d75122952df4a9c2eece4e7f611b7523cef4400c31e3f80b6512669" +
  46         "455d402251fb593d8d58fabfc5f5ba30f6cb9b556cd7813b801d346ff26660b7" +
  47         "6b9950a5a49f9fe8047b1022c24fbba9d7feb7c61bf83b57e7c6a8a6150f04fb" +
  48         "83f6d3c51ec3023554135a169132f675f3ae2b61d72aeff22203199dd14801c7";
  49 
  50     private final static String qs =
  51         "9760508f15230bccb292b982a2eb840bf0581cf5";
  52 
  53     private final static String gs =
  54         "f7e1a085d69b3ddecbbcab5c36b857b97994afbbfa3aea82f9574c0b3d078267" +
  55         "5159578ebad4594fe67107108180b449167123e84c281613b7cf09328cc8a6e1" +
  56         "3c167a8b547c8d28e0a3ae1e2bb3a675916ea37f0bfa213562f1fb627a01243b" +
  57         "cca4f1bea8519089a883dfe15ae59f06928b665e807b552564014c3bfecf492a";
  58 
  59     private final static String xs =
  60         "2952afd9aef9527f9b40d23c8916f7d046028f9d";
  61 
  62     private final static String ys =
  63         "b16ddb0f9394c328c983ecf23b20014ace368a1af5728dffbf1162de9ed8ebf6" +
  64         "384f323930e091503035caa797e3674221fc16136240b5474799ede2b7b11313" +
  65         "7574a9c26bcf900940027b4bcd511ef1d1daf2e69c416aebaf3bdf39f02473b9" +
  66         "d963f99414c09d97bb0830d9fbdcf7bb9dad8a2179fcdf296838c4cfab8f4d8f";
  67 
  68     private final static BigInteger p = new BigInteger(ps, 16);
  69     private final static BigInteger q = new BigInteger(qs, 16);
  70     private final static BigInteger g = new BigInteger(gs, 16);
  71     private final static BigInteger x = new BigInteger(xs, 16);
  72     private final static BigInteger y = new BigInteger(ys, 16);
  73 
  74     // data for test 1, original and SHA-1 hashed
  75     private final static byte[] data1Raw = b("0102030405060708090a0b0c0d0e0f10111213");
  76     private final static byte[] data1SHA = b("00:e2:5f:c9:1c:8f:d6:8c:6a:dc:c6:bd:f0:46:60:5e:a2:cd:8d:ad");
  77 
  78     // valid signatures of data1. sig1b uses incorrect ASN.1 encoding,
  79     // which we want to accept anyway for compatibility
  80     private final static byte[] sig1a = b("30:2d:02:14:53:06:3f:7d:ec:48:3c:99:17:9a:2c:a9:4d:e8:00:da:70:fb:35:d7:02:15:00:92:6a:39:6b:15:63:2f:e7:32:90:35:bf:af:47:55:e7:ff:33:a5:13");
  81     private final static byte[] sig1b = b("30:2c:02:14:53:06:3f:7d:ec:48:3c:99:17:9a:2c:a9:4d:e8:00:da:70:fb:35:d7:02:14:92:6a:39:6b:15:63:2f:e7:32:90:35:bf:af:47:55:e7:ff:33:a5:13");
  82 
  83     // data for test 2 (invalid signatures)
  84     private final static byte[] data2Raw = {};
  85     private final static byte[] data2SHA = b("da:39:a3:ee:5e:6b:4b:0d:32:55:bf:ef:95:60:18:90:af:d8:07:09");
  86 
  87     private static void verify(Provider provider, String alg, PublicKey key, byte[] data, byte[] sig, boolean result) throws Exception {
  88         Signature s = Signature.getInstance(alg, provider);
  89         s.initVerify(key);
  90         boolean r;
  91         s.update(data);
  92         r = s.verify(sig);
  93         if (r != result) {
  94             throw new Exception("Result mismatch, actual: " + r);
  95         }
  96         s.update(data);
  97         r = s.verify(sig);
  98         if (r != result) {
  99             throw new Exception("Result mismatch, actual: " + r);
 100         }
 101         System.out.println("Passed");
 102     }
 103 
 104     public static void main(String[] args) throws Exception {
 105         main(new TestDSA());
 106     }
 107 
 108     public void main(Provider provider) throws Exception {
 109         long start = System.currentTimeMillis();
 110 
 111         System.out.println("Testing provider " + provider + "...");
 112 
 113         if (provider.getService("Signature", "SHA1withDSA") == null) {
 114             System.out.println("DSA not supported, skipping");
 115             return;
 116         }
 117 
 118         KeyFactory kf = KeyFactory.getInstance("DSA", provider);
 119         DSAPrivateKeySpec privSpec = new DSAPrivateKeySpec(x, p, q, g);
 120         DSAPublicKeySpec pubSpec = new DSAPublicKeySpec(y, p, q, g);
 121         PrivateKey privateKey = kf.generatePrivate(privSpec);
 122         PublicKey publicKey = kf.generatePublic(pubSpec);
 123 
 124         // verify known-good and known-bad signatures using SHA1withDSA and RawDSA
 125         verify(provider, "SHA1withDSA", publicKey, data1Raw, sig1a, true);
 126         verify(provider, "SHA1withDSA", publicKey, data1Raw, sig1b, true);
 127         verify(provider, "SHA1withDSA", publicKey, data2Raw, sig1a, false);
 128         verify(provider, "SHA1withDSA", publicKey, data2Raw, sig1b, false);
 129 
 130         verify(provider, "RawDSA", publicKey, data1SHA, sig1a, true);
 131         verify(provider, "RawDSA", publicKey, data1SHA, sig1b, true);
 132         verify(provider, "RawDSA", publicKey, data2SHA, sig1a, false);
 133         verify(provider, "RawDSA", publicKey, data2SHA, sig1b, false);
 134 
 135         testSigning(provider, privateKey, publicKey);
 136 
 137         long stop = System.currentTimeMillis();
 138         System.out.println("All tests passed (" + (stop - start) + " ms).");
 139     }
 140 
 141     private void testSigning(Provider provider, PrivateKey privateKey,
 142             PublicKey publicKey) throws Exception {
 143         byte[] data = new byte[2048];
 144         new Random().nextBytes(data);
 145 
 146         // sign random data using SHA1withDSA and verify using
 147         // SHA1withDSA and RawDSA
 148         Signature s = Signature.getInstance("SHA1withDSA", provider);
 149         s.initSign(privateKey);
 150         s.update(data);
 151         byte[] s1 = s.sign();
 152 
 153         s.initVerify(publicKey);
 154         s.update(data);
 155         if (!s.verify(s1)) {
 156             throw new Exception("Sign/verify 1 failed");
 157         }
 158 
 159         s = Signature.getInstance("RawDSA", provider);
 160         MessageDigest md = MessageDigest.getInstance("SHA-1");
 161         byte[] digest = md.digest(data);
 162         s.initVerify(publicKey);
 163         s.update(digest);
 164         if (!s.verify(s1)) {
 165             throw new Exception("Sign/verify 2 failed");
 166         }
 167 
 168         // sign random data using RawDSA and verify using
 169         // SHA1withDSA and RawDSA
 170         s.initSign(privateKey);
 171         s.update(digest);
 172         byte[] s2 = s.sign();
 173 
 174         s.initVerify(publicKey);
 175         s.update(digest);
 176         if (!s.verify(s2)) {
 177             throw new Exception("Sign/verify 3 failed");
 178         }
 179 
 180         s = Signature.getInstance("SHA1withDSA", provider);
 181         s.initVerify(publicKey);
 182         s.update(data);
 183         if (!s.verify(s2)) {
 184             throw new Exception("Sign/verify 4 failed");
 185         }
 186 
 187         // test behavior if data of incorrect length is passed
 188         s = Signature.getInstance("RawDSA", provider);
 189         s.initSign(privateKey);
 190         s.update(new byte[8]);
 191         s.update(new byte[64]);
 192         try {
 193             s.sign();
 194             throw new Exception("No error RawDSA signing long data");
 195         } catch (SignatureException e) {
 196             // expected
 197         }
 198     }
 199 
 200     private final static char[] hexDigits = "0123456789abcdef".toCharArray();
 201 
 202     public static String toString(byte[] b) {
 203         StringBuffer sb = new StringBuffer(b.length * 3);
 204         for (int i = 0; i < b.length; i++) {
 205             int k = b[i] & 0xff;
 206             if (i != 0) {
 207                 sb.append(':');
 208             }
 209             sb.append(hexDigits[k >>> 4]);
 210             sb.append(hexDigits[k & 0xf]);
 211         }
 212         return sb.toString();
 213     }
 214 
 215     public static byte[] parse(String s) {
 216         try {
 217             int n = s.length();
 218             ByteArrayOutputStream out = new ByteArrayOutputStream(n / 3);
 219             StringReader r = new StringReader(s);
 220             while (true) {
 221                 int b1 = nextNibble(r);
 222                 if (b1 < 0) {
 223                     break;
 224                 }
 225                 int b2 = nextNibble(r);
 226                 if (b2 < 0) {
 227                     throw new RuntimeException("Invalid string " + s);
 228                 }
 229                 int b = (b1 << 4) | b2;
 230                 out.write(b);
 231             }
 232             return out.toByteArray();
 233         } catch (IOException e) {
 234             throw new RuntimeException(e);
 235         }
 236     }
 237 
 238     public static byte[] b(String s) {
 239         return parse(s);
 240     }
 241 
 242     private static int nextNibble(StringReader r) throws IOException {
 243         while (true) {
 244             int ch = r.read();
 245             if (ch == -1) {
 246                 return -1;
 247             } else if ((ch >= '0') && (ch <= '9')) {
 248                 return ch - '0';
 249             } else if ((ch >= 'a') && (ch <= 'f')) {
 250                 return ch - 'a' + 10;
 251             } else if ((ch >= 'A') && (ch <= 'F')) {
 252                 return ch - 'A' + 10;
 253             }
 254         }
 255     }
 256 
 257 }
--- EOF ---