4136N/A/*
4136N/A * Copyright (c) 2011, Oracle and/or its affiliates. All rights reserved.
4136N/A * DO NOT ALTER OR REMOVE COPYRIGHT NOTICES OR THIS FILE HEADER.
4136N/A *
4136N/A * This code is free software; you can redistribute it and/or modify it
4136N/A * under the terms of the GNU General Public License version 2 only, as
4136N/A * published by the Free Software Foundation.
4136N/A *
4136N/A * This code is distributed in the hope that it will be useful, but WITHOUT
4136N/A * ANY WARRANTY; without even the implied warranty of MERCHANTABILITY or
4136N/A * FITNESS FOR A PARTICULAR PURPOSE. See the GNU General Public License
4136N/A * version 2 for more details (a copy is included in the LICENSE file that
4136N/A * accompanied this code).
4136N/A *
4136N/A * You should have received a copy of the GNU General Public License version
4136N/A * 2 along with this work; if not, write to the Free Software Foundation,
4136N/A * Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA.
4136N/A *
4136N/A * Please contact Oracle, 500 Oracle Parkway, Redwood Shores, CA 94065 USA
4136N/A * or visit www.oracle.com if you need additional information or have any
4136N/A * questions.
4136N/A */
4136N/A
4136N/A/**
4136N/A * @see SignUsingNONEwithRSA.sh
4136N/A */
4136N/A
4136N/Aimport java.security.*;
4136N/Aimport java.util.*;
4136N/A
4136N/Apublic class SignUsingNONEwithRSA {
4136N/A
4136N/A private static final List<byte[]> precomputedHashes = Arrays.asList(
4136N/A // A MD5 hash
4136N/A new byte[] {
4136N/A 0x01, 0x02, 0x03, 0x04, 0x05, 0x06, 0x07, 0x08, 0x09, 0x10,
4136N/A 0x11, 0x12, 0x13, 0x14, 0x15, 0x16
4136N/A },
4136N/A // A SHA-1 hash
4136N/A new byte[] {
4136N/A 0x01, 0x02, 0x03, 0x04, 0x05, 0x06, 0x07, 0x08, 0x09, 0x10,
4136N/A 0x11, 0x12, 0x13, 0x14, 0x15, 0x16, 0x17, 0x18, 0x19, 0x20
4136N/A },
4136N/A // A concatenation of SHA-1 and MD5 hashes (used during SSL handshake)
4136N/A new byte[] {
4136N/A 0x01, 0x02, 0x03, 0x04, 0x05, 0x06, 0x07, 0x08, 0x09, 0x10,
4136N/A 0x11, 0x12, 0x13, 0x14, 0x15, 0x16, 0x17, 0x18, 0x19, 0x20,
4136N/A 0x21, 0x22, 0x23, 0x24, 0x25, 0x26, 0x27, 0x28, 0x29, 0x30,
4136N/A 0x31, 0x32, 0x33, 0x34, 0x35, 0x36
4136N/A },
4136N/A // A SHA-256 hash
4136N/A new byte[] {
4136N/A 0x01, 0x02, 0x03, 0x04, 0x05, 0x06, 0x07, 0x08, 0x09, 0x10,
4136N/A 0x11, 0x12, 0x13, 0x14, 0x15, 0x16, 0x17, 0x18, 0x19, 0x20,
4136N/A 0x21, 0x22, 0x23, 0x24, 0x25, 0x26, 0x27, 0x28, 0x29, 0x30,
4136N/A 0x31, 0x32
4136N/A },
4136N/A // A SHA-384 hash
4136N/A new byte[] {
4136N/A 0x01, 0x02, 0x03, 0x04, 0x05, 0x06, 0x07, 0x08, 0x09, 0x10,
4136N/A 0x11, 0x12, 0x13, 0x14, 0x15, 0x16, 0x17, 0x18, 0x19, 0x20,
4136N/A 0x21, 0x22, 0x23, 0x24, 0x25, 0x26, 0x27, 0x28, 0x29, 0x30,
4136N/A 0x31, 0x32, 0x33, 0x34, 0x35, 0x36, 0x37, 0x38, 0x39, 0x40,
4136N/A 0x41, 0x42, 0x43, 0x44, 0x45, 0x46, 0x47, 0x48
4136N/A },
4136N/A // A SHA-512 hash
4136N/A new byte[] {
4136N/A 0x01, 0x02, 0x03, 0x04, 0x05, 0x06, 0x07, 0x08, 0x09, 0x10,
4136N/A 0x11, 0x12, 0x13, 0x14, 0x15, 0x16, 0x17, 0x18, 0x19, 0x20,
4136N/A 0x21, 0x22, 0x23, 0x24, 0x25, 0x26, 0x27, 0x28, 0x29, 0x30,
4136N/A 0x31, 0x32, 0x33, 0x34, 0x35, 0x36, 0x37, 0x38, 0x39, 0x40,
4136N/A 0x41, 0x42, 0x43, 0x44, 0x45, 0x46, 0x47, 0x48, 0x49, 0x50,
4136N/A 0x51, 0x52, 0x53, 0x54, 0x55, 0x56, 0x57, 0x58, 0x59, 0x60,
4136N/A 0x61, 0x62, 0x63, 0x64
4136N/A });
4136N/A
4136N/A private static List<byte[]> generatedSignatures = new ArrayList<>();
4136N/A
4136N/A public static void main(String[] args) throws Exception {
4136N/A
4136N/A Provider[] providers = Security.getProviders("Signature.NONEwithRSA");
4136N/A if (providers == null) {
4136N/A System.out.println("No JCE providers support the " +
4136N/A "'Signature.NONEwithRSA' algorithm");
4136N/A System.out.println("Skipping this test...");
4136N/A return;
4136N/A
4136N/A } else {
4136N/A System.out.println("The following JCE providers support the " +
4136N/A "'Signature.NONEwithRSA' algorithm: ");
4136N/A for (Provider provider : providers) {
4136N/A System.out.println(" " + provider.getName());
4136N/A }
4136N/A }
4136N/A System.out.println("-------------------------------------------------");
4136N/A
4136N/A KeyPair keys = getKeysFromKeyStore();
4136N/A signAllUsing("SunMSCAPI", keys.getPrivate());
4136N/A System.out.println("-------------------------------------------------");
4136N/A
4136N/A verifyAllUsing("SunMSCAPI", keys.getPublic());
4136N/A System.out.println("-------------------------------------------------");
4136N/A
4136N/A verifyAllUsing("SunJCE", keys.getPublic());
4136N/A System.out.println("-------------------------------------------------");
4136N/A
4136N/A keys = generateKeys();
4136N/A signAllUsing("SunJCE", keys.getPrivate());
4136N/A System.out.println("-------------------------------------------------");
4136N/A
4136N/A verifyAllUsing("SunMSCAPI", keys.getPublic());
4136N/A System.out.println("-------------------------------------------------");
4136N/A
4136N/A }
4136N/A
4136N/A private static KeyPair getKeysFromKeyStore() throws Exception {
4136N/A KeyStore ks = KeyStore.getInstance("Windows-MY", "SunMSCAPI");
4136N/A ks.load(null, null);
4136N/A System.out.println("Loaded keystore: Windows-MY");
4136N/A
4136N/A Enumeration e = ks.aliases();
4136N/A PrivateKey privateKey = null;
4136N/A PublicKey publicKey = null;
4136N/A
4136N/A while (e.hasMoreElements()) {
4136N/A String alias = (String) e.nextElement();
4136N/A if (alias.equals("6578658")) {
4136N/A System.out.println("Loaded entry: " + alias);
4136N/A privateKey = (PrivateKey) ks.getKey(alias, null);
4136N/A publicKey = (PublicKey) ks.getCertificate(alias).getPublicKey();
4136N/A }
4136N/A }
4136N/A if (privateKey == null || publicKey == null) {
4136N/A throw new Exception("Cannot load the keys need to run this test");
4136N/A }
4136N/A
4136N/A return new KeyPair(publicKey, privateKey);
4136N/A }
4136N/A
4136N/A
4136N/A private static KeyPair generateKeys() throws Exception {
4136N/A KeyPairGenerator keyGen = KeyPairGenerator.getInstance("RSA");
4136N/A keyGen.initialize(1024, null);
4136N/A KeyPair pair = keyGen.generateKeyPair();
4136N/A PrivateKey privateKey = pair.getPrivate();
4136N/A PublicKey publicKey = pair.getPublic();
4136N/A
4136N/A if (privateKey == null || publicKey == null) {
4136N/A throw new Exception("Cannot load the keys need to run this test");
4136N/A }
4136N/A
4136N/A return new KeyPair(publicKey, privateKey);
4136N/A }
4136N/A
4136N/A private static void signAllUsing(String providerName, PrivateKey privateKey)
4136N/A throws Exception {
4136N/A Signature sig1 = Signature.getInstance("NONEwithRSA", providerName);
4136N/A if (sig1 == null) {
4136N/A throw new Exception("'NONEwithRSA' is not supported");
4136N/A }
4136N/A if (sig1.getProvider() != null) {
4136N/A System.out.println("Using NONEwithRSA signer from the " +
4136N/A sig1.getProvider().getName() + " JCE provider");
4136N/A } else {
4136N/A System.out.println(
4136N/A "Using NONEwithRSA signer from the internal JCE provider");
4136N/A }
4136N/A
4136N/A System.out.println("Using key: " + privateKey);
4136N/A generatedSignatures.clear();
4136N/A for (byte[] hash : precomputedHashes) {
4136N/A sig1.initSign(privateKey);
4136N/A sig1.update(hash);
4136N/A
4136N/A try {
4136N/A
4136N/A byte [] sigBytes = sig1.sign();
4136N/A System.out.println("\nGenerated RSA signature over a " +
4136N/A hash.length + "-byte hash (signature length: " +
4136N/A sigBytes.length * 8 + " bits)");
4136N/A System.out.println(String.format("0x%0" +
4136N/A (sigBytes.length * 2) + "x",
4136N/A new java.math.BigInteger(1, sigBytes)));
4136N/A generatedSignatures.add(sigBytes);
4136N/A
4136N/A } catch (SignatureException se) {
4136N/A System.out.println("Error generating RSA signature: " + se);
4136N/A }
4136N/A }
4136N/A }
4136N/A
4136N/A private static void verifyAllUsing(String providerName, PublicKey publicKey)
4136N/A throws Exception {
4136N/A Signature sig1 = Signature.getInstance("NONEwithRSA", providerName);
4136N/A if (sig1.getProvider() != null) {
4136N/A System.out.println("\nUsing NONEwithRSA verifier from the " +
4136N/A sig1.getProvider().getName() + " JCE provider");
4136N/A } else {
4136N/A System.out.println(
4136N/A "\nUsing NONEwithRSA verifier from the internal JCE provider");
4136N/A }
4136N/A
4136N/A System.out.println("Using key: " + publicKey);
4136N/A
4136N/A int i = 0;
4136N/A for (byte[] hash : precomputedHashes) {
4136N/A
4136N/A byte[] sigBytes = generatedSignatures.get(i++);
4136N/A System.out.println("\nVerifying RSA Signature over a " +
4136N/A hash.length + "-byte hash (signature length: " +
4136N/A sigBytes.length * 8 + " bits)");
4136N/A System.out.println(String.format("0x%0" +
4136N/A (sigBytes.length * 2) + "x",
4136N/A new java.math.BigInteger(1, sigBytes)));
4136N/A
4136N/A sig1.initVerify(publicKey);
4136N/A sig1.update(hash);
4136N/A if (sig1.verify(sigBytes)) {
4136N/A System.out.println("Verify PASSED");
4136N/A } else {
4136N/A throw new Exception("Verify FAILED");
4136N/A }
4136N/A }
4136N/A }
4136N/A}