J. Duke | 319a3b9 | 2007-12-01 00:00:00 +0000 | [diff] [blame^] | 1 | /* |
| 2 | * Copyright 2003-2007 Sun Microsystems, Inc. All Rights Reserved. |
| 3 | * DO NOT ALTER OR REMOVE COPYRIGHT NOTICES OR THIS FILE HEADER. |
| 4 | * |
| 5 | * This code is free software; you can redistribute it and/or modify it |
| 6 | * under the terms of the GNU General Public License version 2 only, as |
| 7 | * published by the Free Software Foundation. |
| 8 | * |
| 9 | * This code is distributed in the hope that it will be useful, but WITHOUT |
| 10 | * ANY WARRANTY; without even the implied warranty of MERCHANTABILITY or |
| 11 | * FITNESS FOR A PARTICULAR PURPOSE. See the GNU General Public License |
| 12 | * version 2 for more details (a copy is included in the LICENSE file that |
| 13 | * accompanied this code). |
| 14 | * |
| 15 | * You should have received a copy of the GNU General Public License version |
| 16 | * 2 along with this work; if not, write to the Free Software Foundation, |
| 17 | * Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA. |
| 18 | * |
| 19 | * Please contact Sun Microsystems, Inc., 4150 Network Circle, Santa Clara, |
| 20 | * CA 95054 USA or visit www.sun.com if you need additional information or |
| 21 | * have any questions. |
| 22 | */ |
| 23 | |
| 24 | /** |
| 25 | * @test |
| 26 | * @bug 4921804 6324825 |
| 27 | * @summary Verify that DH works properly |
| 28 | * @author Andreas Sterbenz |
| 29 | * @library .. |
| 30 | */ |
| 31 | |
| 32 | import java.io.*; |
| 33 | import java.util.*; |
| 34 | |
| 35 | import java.security.*; |
| 36 | |
| 37 | import javax.crypto.*; |
| 38 | |
| 39 | public class TestDH extends PKCS11Test { |
| 40 | |
| 41 | public void main(Provider p) throws Exception { |
| 42 | if (p.getService("KeyAgreement", "DH") == null) { |
| 43 | System.out.println("DH not supported, skipping"); |
| 44 | return; |
| 45 | } |
| 46 | KeyPairGenerator kpg = KeyPairGenerator.getInstance("DH", p); |
| 47 | kpg.initialize(512); |
| 48 | KeyPair kp1 = kpg.generateKeyPair(); |
| 49 | KeyPair kp2 = kpg.generateKeyPair(); |
| 50 | |
| 51 | KeyAgreement ka1, ka2; |
| 52 | ka1 = KeyAgreement.getInstance("DH", p); |
| 53 | ka1.init(kp1.getPrivate()); |
| 54 | ka1.doPhase(kp2.getPublic(), true); |
| 55 | System.out.println("Derive 1..."); |
| 56 | byte[] secret1 = ka1.generateSecret(); |
| 57 | |
| 58 | ka1.init(kp2.getPrivate()); |
| 59 | ka1.doPhase(kp1.getPublic(), true); |
| 60 | System.out.println("Derive 2..."); |
| 61 | byte[] secret2 = ka1.generateSecret(); |
| 62 | |
| 63 | if (Arrays.equals(secret1, secret2) == false) { |
| 64 | throw new Exception("Secrets (1,2) do not match"); |
| 65 | } |
| 66 | |
| 67 | ka2 = KeyAgreement.getInstance("DH", "SunJCE"); |
| 68 | ka2.init(kp1.getPrivate()); |
| 69 | ka2.doPhase(kp2.getPublic(), true); |
| 70 | System.out.println("Derive 3..."); |
| 71 | byte[] secret3 = ka2.generateSecret(); |
| 72 | |
| 73 | if (Arrays.equals(secret1, secret3) == false) { |
| 74 | throw new Exception("Secrets (1,3) do not match"); |
| 75 | } |
| 76 | |
| 77 | ka2.init(kp2.getPrivate()); |
| 78 | ka2.doPhase(kp1.getPublic(), true); |
| 79 | System.out.println("Derive 4..."); |
| 80 | byte[] secret4 = ka2.generateSecret(); |
| 81 | |
| 82 | if (Arrays.equals(secret1, secret4) == false) { |
| 83 | throw new Exception("Secrets (1,4) do not match"); |
| 84 | } |
| 85 | |
| 86 | testAlgorithm(ka2, kp2, ka1, kp1, "DES"); |
| 87 | testAlgorithm(ka2, kp2, ka1, kp1, "DESede"); |
| 88 | // testAlgorithm(ka2, kp2, ka1, kp1, "AES"); |
| 89 | // testAlgorithm(ka2, kp2, ka1, kp1, "RC4"); |
| 90 | testAlgorithm(ka2, kp2, ka1, kp1, "Blowfish"); |
| 91 | testAlgorithm(ka2, kp2, ka1, kp1, "TlsPremasterSecret"); |
| 92 | } |
| 93 | |
| 94 | private static void testAlgorithm(KeyAgreement ka1, KeyPair kp1, KeyAgreement ka2, KeyPair kp2, String algorithm) throws Exception { |
| 95 | SecretKey key1 = null; |
| 96 | |
| 97 | ka1.init(kp1.getPrivate()); |
| 98 | ka1.doPhase(kp2.getPublic(), true); |
| 99 | System.out.println("Derive " + algorithm + " using SunJCE..."); |
| 100 | key1 = ka1.generateSecret(algorithm); |
| 101 | |
| 102 | ka2.init(kp1.getPrivate()); |
| 103 | ka2.doPhase(kp2.getPublic(), true); |
| 104 | System.out.println("Derive " + algorithm + " using PKCS#11..."); |
| 105 | SecretKey key2 = ka2.generateSecret(algorithm); |
| 106 | |
| 107 | byte[] b1 = key1.getEncoded(); |
| 108 | byte[] b2 = key2.getEncoded(); |
| 109 | |
| 110 | if (Arrays.equals(b1, b2) == false) { |
| 111 | System.out.println(b1.length + " bytes: " + toString(b1)); |
| 112 | System.out.println(b2.length + " bytes: " + toString(b2)); |
| 113 | throw new Exception(algorithm + " secret mismatch"); |
| 114 | } |
| 115 | } |
| 116 | |
| 117 | public static void main(String[] args) throws Exception { |
| 118 | main(new TestDH()); |
| 119 | } |
| 120 | |
| 121 | } |