test/jdk/sun/security/pkcs11/KeyAgreement/SupportedDHKeys.java - platform/libcore - Gitiles

 /*
  * Copyright (c) 2016, 2017, Oracle and/or its affiliates. All rights reserved.
  * DO NOT ALTER OR REMOVE COPYRIGHT NOTICES OR THIS FILE HEADER.
  *
  * This code is free software; you can redistribute it and/or modify it
  * under the terms of the GNU General Public License version 2 only, as
  * published by the Free Software Foundation.
  *
  * This code is distributed in the hope that it will be useful, but WITHOUT
  * ANY WARRANTY; without even the implied warranty of MERCHANTABILITY or
  * FITNESS FOR A PARTICULAR PURPOSE.  See the GNU General Public License
  * version 2 for more details (a copy is included in the LICENSE file that
  * accompanied this code).
  *
  * You should have received a copy of the GNU General Public License version
  * 2 along with this work; if not, write to the Free Software Foundation,
  * Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA.
  *
  * Please contact Oracle, 500 Oracle Parkway, Redwood Shores, CA 94065 USA
  * or visit www.oracle.com if you need additional information or have any
  * questions.
  */

 /*
  * @test
  * @bug 8072452
  * @summary Support DHE sizes up to 8192-bits and DSA sizes up to 3072-bits
  * @library ..
  * @modules jdk.crypto.cryptoki
  * @run main/othervm SupportedDHKeys
  * @run main/othervm SupportedDHKeys sm
  */

 import java.math.BigInteger;
 import java.security.KeyPair;
 import java.security.KeyPairGenerator;
 import java.security.Provider;
 import javax.crypto.interfaces.DHPrivateKey;
 import javax.crypto.interfaces.DHPublicKey;
 import javax.crypto.spec.DHParameterSpec;

 public class SupportedDHKeys extends PKCS11Test {

     /*
      * Sizes and values for various lengths.
      */
     private enum SupportedKeySize {
         dhp512(512),   dhp768(768),    dhp832(832),
         dhp1024(1024), dhp1536(1536),  dhp2048(2048);

         // the underlying pkcs11 may not support the following sizes yet
         //
         // dhp3072(3072), dhp4096(4096),  dhp6144(6144),
         // dhp8192(8192);

         final int primeSize;

         SupportedKeySize(int primeSize) {
             this.primeSize = primeSize;
         }
     }

     @Override
     public void main(Provider provider) throws Exception {
         if (provider.getService("KeyPairGenerator", "DiffieHellman") == null) {
             System.out.println("No support of DH KeyPairGenerator, skipping");
             return;
         }

         for (SupportedKeySize keySize : SupportedKeySize.values()) {
             System.out.println("Checking " + keySize.primeSize + " ...");
             KeyPairGenerator kpg =
                     KeyPairGenerator.getInstance("DiffieHellman", provider);
             kpg.initialize(keySize.primeSize);
             KeyPair kp = kpg.generateKeyPair();
             checkKeyPair(kp, keySize.primeSize, provider);

             DHPublicKey publicKey = (DHPublicKey)kp.getPublic();
             BigInteger p = publicKey.getParams().getP();
             BigInteger g = publicKey.getParams().getG();
             kpg.initialize(new DHParameterSpec(p, g));
             kp = kpg.generateKeyPair();
             checkKeyPair(kp, keySize.primeSize, provider);
         }
     }

     private static void checkKeyPair(KeyPair kp, int pSize,
                 Provider provider) throws Exception {

         DHPrivateKey privateKey = (DHPrivateKey)kp.getPrivate();
         BigInteger p = privateKey.getParams().getP();
         if (p.bitLength() != pSize) {
             throw new Exception(
                 "Invalid modulus size: " + p.bitLength() + "/" + pSize);
         }

         // System.out.println("P(" + pSize + "): " + p.toString());
         if (!p.isProbablePrime(128)) {
             throw new Exception("Good luck, the modulus is composite!");
         }

         DHPublicKey publicKey = (DHPublicKey)kp.getPublic();
         p = publicKey.getParams().getP();
         if (p.bitLength() != pSize) {
             throw new Exception(
                 "Invalid modulus size: " + p.bitLength() + "/" + pSize);
         }

         BigInteger leftOpen = BigInteger.ONE;
         BigInteger rightOpen = p.subtract(BigInteger.ONE);

         // ignore the private key range checking on Solaris at present
         if (!provider.getName().equals("SunPKCS11-Solaris")) {
             BigInteger x = privateKey.getX();
             if ((x.compareTo(leftOpen) <= 0) ||
                     (x.compareTo(rightOpen) >= 0)) {
                 throw new Exception(
                     "X outside range [2, p - 2]:  x: " + x + " p: " + p);
             }
         }

         BigInteger y = publicKey.getY();
         if ((y.compareTo(leftOpen) <= 0) ||
                 (y.compareTo(rightOpen) >= 0)) {
             throw new Exception(
                 "Y outside range [2, p - 2]:  y: " + y + " p: " + p);
         }
     }

     public static void main(String[] args) throws Exception {
         main(new SupportedDHKeys(), args);
     }
 }
	/*
	* Copyright (c) 2016, 2017, Oracle and/or its affiliates. All rights reserved.
	* DO NOT ALTER OR REMOVE COPYRIGHT NOTICES OR THIS FILE HEADER.
	*
	* This code is free software; you can redistribute it and/or modify it
	* under the terms of the GNU General Public License version 2 only, as
	* published by the Free Software Foundation.
	*
	* This code is distributed in the hope that it will be useful, but WITHOUT
	* ANY WARRANTY; without even the implied warranty of MERCHANTABILITY or
	* FITNESS FOR A PARTICULAR PURPOSE. See the GNU General Public License
	* version 2 for more details (a copy is included in the LICENSE file that
	* accompanied this code).
	*
	* You should have received a copy of the GNU General Public License version
	* 2 along with this work; if not, write to the Free Software Foundation,
	* Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA.
	*
	* Please contact Oracle, 500 Oracle Parkway, Redwood Shores, CA 94065 USA
	* or visit www.oracle.com if you need additional information or have any
	* questions.
	*/

	/*
	* @test
	* @bug 8072452
	* @summary Support DHE sizes up to 8192-bits and DSA sizes up to 3072-bits
	* @library ..
	* @modules jdk.crypto.cryptoki
	* @run main/othervm SupportedDHKeys
	* @run main/othervm SupportedDHKeys sm
	*/

	import java.math.BigInteger;
	import java.security.KeyPair;
	import java.security.KeyPairGenerator;
	import java.security.Provider;
	import javax.crypto.interfaces.DHPrivateKey;
	import javax.crypto.interfaces.DHPublicKey;
	import javax.crypto.spec.DHParameterSpec;

	public class SupportedDHKeys extends PKCS11Test {

	/*
	* Sizes and values for various lengths.
	*/
	private enum SupportedKeySize {
	dhp512(512), dhp768(768), dhp832(832),
	dhp1024(1024), dhp1536(1536), dhp2048(2048);

	// the underlying pkcs11 may not support the following sizes yet
	//
	// dhp3072(3072), dhp4096(4096), dhp6144(6144),
	// dhp8192(8192);

	final int primeSize;

	SupportedKeySize(int primeSize) {
	this.primeSize = primeSize;
	}
	}

	@Override
	public void main(Provider provider) throws Exception {
	if (provider.getService("KeyPairGenerator", "DiffieHellman") == null) {
	System.out.println("No support of DH KeyPairGenerator, skipping");
	return;
	}

	for (SupportedKeySize keySize : SupportedKeySize.values()) {
	System.out.println("Checking " + keySize.primeSize + " ...");
	KeyPairGenerator kpg =
	KeyPairGenerator.getInstance("DiffieHellman", provider);
	kpg.initialize(keySize.primeSize);
	KeyPair kp = kpg.generateKeyPair();
	checkKeyPair(kp, keySize.primeSize, provider);

	DHPublicKey publicKey = (DHPublicKey)kp.getPublic();
	BigInteger p = publicKey.getParams().getP();
	BigInteger g = publicKey.getParams().getG();
	kpg.initialize(new DHParameterSpec(p, g));
	kp = kpg.generateKeyPair();
	checkKeyPair(kp, keySize.primeSize, provider);
	}
	}

	private static void checkKeyPair(KeyPair kp, int pSize,
	Provider provider) throws Exception {

	DHPrivateKey privateKey = (DHPrivateKey)kp.getPrivate();
	BigInteger p = privateKey.getParams().getP();
	if (p.bitLength() != pSize) {
	throw new Exception(
	"Invalid modulus size: " + p.bitLength() + "/" + pSize);
	}

	// System.out.println("P(" + pSize + "): " + p.toString());
	if (!p.isProbablePrime(128)) {
	throw new Exception("Good luck, the modulus is composite!");
	}

	DHPublicKey publicKey = (DHPublicKey)kp.getPublic();
	p = publicKey.getParams().getP();
	if (p.bitLength() != pSize) {
	throw new Exception(
	"Invalid modulus size: " + p.bitLength() + "/" + pSize);
	}

	BigInteger leftOpen = BigInteger.ONE;
	BigInteger rightOpen = p.subtract(BigInteger.ONE);

	// ignore the private key range checking on Solaris at present
	if (!provider.getName().equals("SunPKCS11-Solaris")) {
	BigInteger x = privateKey.getX();
	if ((x.compareTo(leftOpen) <= 0) \|\|
	(x.compareTo(rightOpen) >= 0)) {
	throw new Exception(
	"X outside range [2, p - 2]: x: " + x + " p: " + p);
	}
	}

	BigInteger y = publicKey.getY();
	if ((y.compareTo(leftOpen) <= 0) \|\|
	(y.compareTo(rightOpen) >= 0)) {
	throw new Exception(
	"Y outside range [2, p - 2]: y: " + y + " p: " + p);
	}
	}

	public static void main(String[] args) throws Exception {
	main(new SupportedDHKeys(), args);
	}
	}