pkcs11/rsa/KeyWrap.java

0N/A/*
2362N/A * Copyright (c) 2005, 2007, Oracle and/or its affiliates. All rights reserved.
0N/A * DO NOT ALTER OR REMOVE COPYRIGHT NOTICES OR THIS FILE HEADER.
0N/A *
0N/A * This code is free software; you can redistribute it and/or modify it
0N/A * under the terms of the GNU General Public License version 2 only, as
0N/A * published by the Free Software Foundation.
0N/A *
0N/A * This code is distributed in the hope that it will be useful, but WITHOUT
0N/A * ANY WARRANTY; without even the implied warranty of MERCHANTABILITY or
0N/A * FITNESS FOR A PARTICULAR PURPOSE.  See the GNU General Public License
0N/A * version 2 for more details (a copy is included in the LICENSE file that
0N/A * accompanied this code).
0N/A *
0N/A * You should have received a copy of the GNU General Public License version
0N/A * 2 along with this work; if not, write to the Free Software Foundation,
0N/A * Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA.
0N/A *
2362N/A * Please contact Oracle, 500 Oracle Parkway, Redwood Shores, CA 94065 USA
2362N/A * or visit www.oracle.com if you need additional information or have any
2362N/A * questions.
0N/A */
0N/A
0N/A/**
0N/A * @test
0N/A * @bug 6231216
0N/A * @summary Verify key wrapping (of extractable keys) works for RSA/PKCS1
0N/A * @author Andreas Sterbenz
0N/A * @library ..
0N/A */
0N/A
0N/Aimport java.io.*;
0N/Aimport java.util.*;
0N/A
0N/Aimport java.security.*;
0N/A
0N/Aimport javax.crypto.*;
0N/Aimport javax.crypto.spec.*;
0N/A
0N/Apublic class KeyWrap extends PKCS11Test {
0N/A
0N/A    public void main(Provider p) throws Exception {
0N/A        try {
0N/A            Cipher.getInstance("RSA/ECB/PKCS1Padding", p);
0N/A        } catch (GeneralSecurityException e) {
0N/A            System.out.println("Not supported by provider, skipping");
0N/A            return;
0N/A        }
0N/A        KeyPair kp;
0N/A        try {
0N/A            KeyPairGenerator kpg = KeyPairGenerator.getInstance("RSA", p);
0N/A            kpg.initialize(512);
0N/A            kp = kpg.generateKeyPair();
0N/A        } catch (Exception e) {
0N/A            try {
0N/A                System.out.println("Could not generate KeyPair on provider " + p + ", trying migration");
0N/A                KeyPairGenerator kpg = KeyPairGenerator.getInstance("RSA");
0N/A                kpg.initialize(512);
0N/A                kp = kpg.generateKeyPair();
0N/A                KeyFactory kf = KeyFactory.getInstance("RSA", p);
0N/A                PublicKey pub = (PublicKey)kf.translateKey(kp.getPublic());
0N/A                PrivateKey priv = (PrivateKey)kf.translateKey(kp.getPrivate());
0N/A                kp = new KeyPair(pub, priv);
0N/A            } catch (Exception ee) {
0N/A                ee.printStackTrace();
0N/A                System.out.println("Provider does not support RSA, skipping");
0N/A                return;
0N/A            }
0N/A        }
0N/A        System.out.println(kp);
0N/A        Random r = new Random();
0N/A        byte[] b = new byte[16];
0N/A        r.nextBytes(b);
0N/A        String alg = "AES";
0N/A        SecretKey key = new SecretKeySpec(b, alg);
0N/A
0N/A        Cipher c = Cipher.getInstance("RSA/ECB/PKCS1Padding", p);
0N/A//      Cipher c = Cipher.getInstance("RSA/ECB/PKCS1Padding");
0N/A        c.init(Cipher.WRAP_MODE, kp.getPublic());
0N/A        byte[] wrapped = c.wrap(key);
0N/A        System.out.println("wrapped: " + wrapped.length);
0N/A
0N/A        c.init(Cipher.UNWRAP_MODE, kp.getPrivate());
0N/A        Key unwrapped = c.unwrap(wrapped, alg, Cipher.SECRET_KEY);
0N/A        System.out.println("unwrapped: " + unwrapped);
0N/A
0N/A        boolean eq = key.equals(unwrapped);
0N/A        System.out.println(eq);
0N/A        if (eq == false) {
0N/A            throw new Exception("Unwrapped key does not match original key");
0N/A        }
0N/A    }
0N/A
0N/A    public static void main(String[] args) throws Exception {
0N/A        main(new KeyWrap());
0N/A    }
0N/A
0N/A}