security/mscapi/SignUsingSHA2withRSA.java

4127N/A/*
4127N/A * Copyright (c) 2011, Oracle and/or its affiliates. All rights reserved.
4127N/A * DO NOT ALTER OR REMOVE COPYRIGHT NOTICES OR THIS FILE HEADER.
4127N/A *
4127N/A * This code is free software; you can redistribute it and/or modify it
4127N/A * under the terms of the GNU General Public License version 2 only, as
4127N/A * published by the Free Software Foundation.
4127N/A *
4127N/A * This code is distributed in the hope that it will be useful, but WITHOUT
4127N/A * ANY WARRANTY; without even the implied warranty of MERCHANTABILITY or
4127N/A * FITNESS FOR A PARTICULAR PURPOSE.  See the GNU General Public License
4127N/A * version 2 for more details (a copy is included in the LICENSE file that
4127N/A * accompanied this code).
4127N/A *
4127N/A * You should have received a copy of the GNU General Public License version
4127N/A * 2 along with this work; if not, write to the Free Software Foundation,
4127N/A * Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA.
4127N/A *
4127N/A * Please contact Oracle, 500 Oracle Parkway, Redwood Shores, CA 94065 USA
4127N/A * or visit www.oracle.com if you need additional information or have any
4127N/A * questions.
4127N/A */
4127N/A
4127N/A/**
4127N/A * @see SignUsingSHA2withRSA.sh
4127N/A */
4127N/A
4127N/Aimport java.security.*;
4127N/Aimport java.util.*;
4127N/A
4127N/Apublic class SignUsingSHA2withRSA {
4127N/A
4127N/A    private static final byte[] toBeSigned = new byte[] {
4127N/A        0x01, 0x02, 0x03, 0x04, 0x05, 0x06, 0x07, 0x08, 0x09, 0x10
4127N/A    };
4127N/A
4127N/A    private static List<byte[]> generatedSignatures = new ArrayList<>();
4127N/A
4127N/A    public static void main(String[] args) throws Exception {
4127N/A
4127N/A        Provider[] providers = Security.getProviders("Signature.SHA256withRSA");
4127N/A        if (providers == null) {
4127N/A            System.out.println("No JCE providers support the " +
4127N/A                "'Signature.SHA256withRSA' algorithm");
4127N/A            System.out.println("Skipping this test...");
4127N/A            return;
4127N/A
4127N/A        } else {
4127N/A            System.out.println("The following JCE providers support the " +
4127N/A                "'Signature.SHA256withRSA' algorithm: ");
4127N/A            for (Provider provider : providers) {
4127N/A                System.out.println("    " + provider.getName());
4127N/A            }
4127N/A        }
4127N/A        System.out.println("-------------------------------------------------");
4127N/A
4127N/A        KeyStore ks = KeyStore.getInstance("Windows-MY", "SunMSCAPI");
4127N/A        ks.load(null, null);
4127N/A        System.out.println("Loaded keystore: Windows-MY");
4127N/A
4127N/A        Enumeration e = ks.aliases();
4127N/A        PrivateKey privateKey = null;
4127N/A        PublicKey publicKey = null;
4127N/A
4127N/A        while (e.hasMoreElements()) {
4127N/A            String alias = (String) e.nextElement();
4127N/A            if (alias.equals("6753664")) {
4127N/A                System.out.println("Loaded entry: " + alias);
4127N/A                privateKey = (PrivateKey) ks.getKey(alias, null);
4127N/A                publicKey = (PublicKey) ks.getCertificate(alias).getPublicKey();
4127N/A            }
4127N/A        }
4127N/A        if (privateKey == null || publicKey == null) {
4127N/A            throw new Exception("Cannot load the keys need to run this test");
4127N/A        }
4127N/A        System.out.println("-------------------------------------------------");
4127N/A
4127N/A        generatedSignatures.add(signUsing("SHA256withRSA", privateKey));
4127N/A        generatedSignatures.add(signUsing("SHA384withRSA", privateKey));
4127N/A        generatedSignatures.add(signUsing("SHA512withRSA", privateKey));
4127N/A
4127N/A        System.out.println("-------------------------------------------------");
4127N/A
4127N/A        verifyUsing("SHA256withRSA", publicKey, generatedSignatures.get(0));
4127N/A        verifyUsing("SHA384withRSA", publicKey, generatedSignatures.get(1));
4127N/A        verifyUsing("SHA512withRSA", publicKey, generatedSignatures.get(2));
4127N/A
4127N/A        System.out.println("-------------------------------------------------");
4127N/A    }
4127N/A
4127N/A    private static byte[] signUsing(String signAlgorithm,
4127N/A        PrivateKey privateKey) throws Exception {
4127N/A
4127N/A        // Must explicitly specify the SunMSCAPI JCE provider
4127N/A        // (otherwise SunJCE is chosen because it appears earlier in the list)
4127N/A        Signature sig1 = Signature.getInstance(signAlgorithm, "SunMSCAPI");
4127N/A        if (sig1 == null) {
4127N/A            throw new Exception("'" + signAlgorithm + "' is not supported");
4127N/A        }
4127N/A        System.out.println("Using " + signAlgorithm + " signer from the " +
4127N/A            sig1.getProvider().getName() + " JCE provider");
4127N/A
4127N/A        System.out.println("Using key: " + privateKey);
4127N/A        sig1.initSign(privateKey);
4127N/A        sig1.update(toBeSigned);
4127N/A        byte [] sigBytes = null;
4127N/A
4127N/A        try {
4127N/A            sigBytes = sig1.sign();
4127N/A            System.out.println("Generated RSA signature over a " +
4127N/A                toBeSigned.length + "-byte data (signature length: " +
4127N/A                sigBytes.length * 8 + " bits)");
4127N/A            System.out.println(String.format("0x%0" +
4127N/A                (sigBytes.length * 2) + "x",
4127N/A                new java.math.BigInteger(1, sigBytes)));
4127N/A
4127N/A        } catch (SignatureException se) {
4127N/A                System.out.println("Error generating RSA signature: " + se);
4127N/A        }
4127N/A
4127N/A        return sigBytes;
4127N/A    }
4127N/A
4127N/A    private static void verifyUsing(String signAlgorithm, PublicKey publicKey,
4127N/A        byte[] signature) throws Exception {
4127N/A
4127N/A        // Must explicitly specify the SunMSCAPI JCE provider
4127N/A        // (otherwise SunJCE is chosen because it appears earlier in the list)
4127N/A        Signature sig1 = Signature.getInstance(signAlgorithm, "SunMSCAPI");
4127N/A        if (sig1 == null) {
4127N/A            throw new Exception("'" + signAlgorithm + "' is not supported");
4127N/A        }
4127N/A        System.out.println("Using " + signAlgorithm + " verifier from the "
4127N/A            + sig1.getProvider().getName() + " JCE provider");
4127N/A
4127N/A        System.out.println("Using key: " + publicKey);
4127N/A
4127N/A        System.out.println("\nVerifying RSA Signature over a " +
4127N/A            toBeSigned.length + "-byte data (signature length: " +
4127N/A            signature.length * 8 + " bits)");
4127N/A        System.out.println(String.format("0x%0" + (signature.length * 2) +
4127N/A            "x", new java.math.BigInteger(1, signature)));
4127N/A
4127N/A        sig1.initVerify(publicKey);
4127N/A        sig1.update(toBeSigned);
4127N/A
4127N/A        if (sig1.verify(signature)) {
4127N/A            System.out.println("Verify PASSED\n");
4127N/A        } else {
4127N/A            throw new Exception("Verify FAILED");
4127N/A        }
4127N/A    }
4127N/A}