Cipher/RSA/TestOAEP.java

0N/A/*
2362N/A * Copyright (c) 2003, 2007, Oracle and/or its affiliates. All rights reserved.
0N/A * DO NOT ALTER OR REMOVE COPYRIGHT NOTICES OR THIS FILE HEADER.
0N/A *
0N/A * This code is free software; you can redistribute it and/or modify it
0N/A * under the terms of the GNU General Public License version 2 only, as
0N/A * published by the Free Software Foundation.
0N/A *
0N/A * This code is distributed in the hope that it will be useful, but WITHOUT
0N/A * ANY WARRANTY; without even the implied warranty of MERCHANTABILITY or
0N/A * FITNESS FOR A PARTICULAR PURPOSE.  See the GNU General Public License
0N/A * version 2 for more details (a copy is included in the LICENSE file that
0N/A * accompanied this code).
0N/A *
0N/A * You should have received a copy of the GNU General Public License version
0N/A * 2 along with this work; if not, write to the Free Software Foundation,
0N/A * Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA.
0N/A *
2362N/A * Please contact Oracle, 500 Oracle Parkway, Redwood Shores, CA 94065 USA
2362N/A * or visit www.oracle.com if you need additional information or have any
2362N/A * questions.
0N/A */
0N/A
0N/A/*
0N/A * @test
0N/A * @bug 4894151
0N/A * @summary encryption/decryption test for OAEP
0N/A * @author Andreas Sterbenz
0N/A */
0N/A
0N/Aimport java.util.*;
0N/A
0N/Aimport java.security.*;
0N/A
0N/Aimport javax.crypto.*;
0N/A
0N/Apublic class TestOAEP {
0N/A
0N/A    private static Provider cp;
0N/A
0N/A    private static PrivateKey privateKey;
0N/A
0N/A    private static PublicKey publicKey;
0N/A
0N/A    private static Random random = new Random();
0N/A
0N/A    public static void main(String[] args) throws Exception {
0N/A        long start = System.currentTimeMillis();
0N/A        cp = Security.getProvider("SunJCE");
0N/A        System.out.println("Testing provider " + cp.getName() + "...");
0N/A        Provider kfp = Security.getProvider("SunRsaSign");
0N/A        KeyPairGenerator kpg = KeyPairGenerator.getInstance("RSA", kfp);
0N/A        kpg.initialize(768);
0N/A        KeyPair kp = kpg.generateKeyPair();
0N/A        privateKey = kp.getPrivate();
0N/A        publicKey = kp.getPublic();
0N/A
0N/A        Cipher.getInstance("RSA/ECB/OAEPwithMD5andMGF1Padding");
0N/A        Cipher.getInstance("RSA/ECB/OAEPwithSHA1andMGF1Padding");
0N/A        Cipher.getInstance("RSA/ECB/OAEPwithSHA-1andMGF1Padding");
0N/A        Cipher.getInstance("RSA/ECB/OAEPwithSHA-256andMGF1Padding");
0N/A        Cipher.getInstance("RSA/ECB/OAEPwithSHA-384andMGF1Padding");
0N/A        Cipher.getInstance("RSA/ECB/OAEPwithSHA-512andMGF1Padding");
0N/A
0N/A        // basic test using MD5
0N/A        testEncryptDecrypt("MD5", 0);
0N/A        testEncryptDecrypt("MD5", 16);
0N/A        testEncryptDecrypt("MD5", 62);
0N/A        try {
0N/A            testEncryptDecrypt("MD5", 63);
0N/A            throw new Exception("Unexpectedly completed call");
0N/A        } catch (IllegalBlockSizeException e) {
0N/A            // ok
0N/A            System.out.println(e);
0N/A        }
0N/A
0N/A        // basic test using SHA-1
0N/A        testEncryptDecrypt("SHA1", 0);
0N/A        testEncryptDecrypt("SHA1", 16);
0N/A        testEncryptDecrypt("SHA1", 54);
0N/A        try {
0N/A            testEncryptDecrypt("SHA1", 55);
0N/A            throw new Exception("Unexpectedly completed call");
0N/A        } catch (IllegalBlockSizeException e) {
0N/A            // ok
0N/A            System.out.println(e);
0N/A        }
0N/A        // tests alias works
0N/A        testEncryptDecrypt("SHA-1", 16);
0N/A
0N/A        // basic test using SHA-256
0N/A        testEncryptDecrypt("SHA-256", 0);
0N/A        testEncryptDecrypt("SHA-256", 16);
0N/A        testEncryptDecrypt("SHA-256", 30);
0N/A        try {
0N/A            testEncryptDecrypt("SHA-256", 31);
0N/A            throw new Exception("Unexpectedly completed call");
0N/A        } catch (IllegalBlockSizeException e) {
0N/A            // ok
0N/A            System.out.println(e);
0N/A        }
0N/A
0N/A        // 768 bit key too short for OAEP with 64 byte digest
0N/A        try {
0N/A            testEncryptDecrypt("SHA-512", 1);
0N/A            throw new Exception("Unexpectedly completed call");
0N/A        } catch (InvalidKeyException e) {
0N/A            // ok
0N/A            System.out.println(e);
0N/A        }
0N/A
0N/A        Cipher c;
0N/A        byte[] enc;
0N/A        byte[] data = new byte[16];
0N/A        random.nextBytes(data);
0N/A
0N/A        try {
0N/A            c = Cipher.getInstance("RSA/ECB/OAEPwithFOOandMGF1Padding", cp);
0N/A            throw new Exception("Unexpectedly completed call");
0N/A        } catch (NoSuchPaddingException e) {
0N/A            // ok
0N/A            System.out.println(e);
0N/A        }
0N/A
0N/A        c = Cipher.getInstance("RSA/ECB/OAEPwithMD5andMGF1Padding", cp);
0N/A        // cannot "sign" using OAEP
0N/A        try {
0N/A            c.init(Cipher.ENCRYPT_MODE, privateKey);
0N/A            throw new Exception("Unexpectedly completed call");
0N/A        } catch (InvalidKeyException e) {
0N/A            // ok
0N/A            System.out.println(e);
0N/A        }
0N/A
0N/A        // cannot "verify" using OAEP
0N/A        try {
0N/A            c.init(Cipher.DECRYPT_MODE, publicKey);
0N/A            throw new Exception("Unexpectedly completed call");
0N/A        } catch (InvalidKeyException e) {
0N/A            // ok
0N/A            System.out.println(e);
0N/A        }
0N/A
0N/A        // decryption failure
0N/A        c.init(Cipher.DECRYPT_MODE, privateKey);
0N/A        try {
0N/A            c.doFinal(data);
0N/A            throw new Exception("Unexpectedly completed call");
0N/A        } catch (BadPaddingException e) {
0N/A            // ok
0N/A            System.out.println(e);
0N/A        }
0N/A
0N/A        // wrong hash length
0N/A        c.init(Cipher.ENCRYPT_MODE, publicKey);
0N/A        enc = c.doFinal(data);
0N/A        c = Cipher.getInstance("RSA/ECB/OAEPwithSHA1andMGF1Padding", cp);
0N/A        c.init(Cipher.DECRYPT_MODE, privateKey);
0N/A        try {
0N/A            c.doFinal(enc);
0N/A            throw new Exception("Unexpectedly completed call");
0N/A        } catch (BadPaddingException e) {
0N/A            // ok
0N/A            System.out.println(e);
0N/A        }
0N/A
0N/A/* MD2 not supported with OAEP
0N/A        // wrong hash value
0N/A        c = Cipher.getInstance("RSA/ECB/OAEPwithMD2andMGF1Padding", cp);
0N/A        c.init(Cipher.DECRYPT_MODE, privateKey);
0N/A        try {
0N/A            c.doFinal(enc);
0N/A            throw new Exception("Unexpectedly completed call");
0N/A        } catch (BadPaddingException e) {
0N/A            // ok
0N/A            System.out.println(e);
0N/A        }
0N/A*/
0N/A
0N/A        // wrong padding type
0N/A        c = Cipher.getInstance("RSA/ECB/PKCS1Padding", cp);
0N/A        c.init(Cipher.ENCRYPT_MODE, publicKey);
0N/A        enc = c.doFinal(data);
0N/A        c = Cipher.getInstance("RSA/ECB/OAEPwithSHA1andMGF1Padding", cp);
0N/A        c.init(Cipher.DECRYPT_MODE, privateKey);
0N/A        try {
0N/A            c.doFinal(enc);
0N/A            throw new Exception("Unexpectedly completed call");
0N/A        } catch (BadPaddingException e) {
0N/A            // ok
0N/A            System.out.println(e);
0N/A        }
0N/A
0N/A        long stop = System.currentTimeMillis();
0N/A        System.out.println("Done (" + (stop - start) + " ms).");
0N/A    }
0N/A
0N/A    private static void testEncryptDecrypt(String hashAlg, int dataLength) throws Exception {
0N/A        System.out.println("Testing OAEP with hash " + hashAlg + ", " + dataLength + " bytes");
0N/A        Cipher c = Cipher.getInstance("RSA/ECB/OAEPwith" + hashAlg + "andMGF1Padding", cp);
0N/A        c.init(Cipher.ENCRYPT_MODE, publicKey);
0N/A        byte[] data = new byte[dataLength];
0N/A        byte[] enc = c.doFinal(data);
0N/A        c.init(Cipher.DECRYPT_MODE, privateKey);
0N/A        byte[] dec = c.doFinal(enc);
0N/A        if (Arrays.equals(data, dec) == false) {
0N/A            throw new Exception("Data does not match");
0N/A        }
0N/A    }
0N/A}