Skip to content
体验新版
项目
组织
正在加载...
登录
切换导航
打开侧边栏
openanolis
dragonwell8_jdk
提交
d584397f
D
dragonwell8_jdk
项目概览
openanolis
/
dragonwell8_jdk
通知
4
Star
2
Fork
0
代码
文件
提交
分支
Tags
贡献者
分支图
Diff
Issue
0
列表
看板
标记
里程碑
合并请求
0
Wiki
0
Wiki
分析
仓库
DevOps
项目成员
Pages
D
dragonwell8_jdk
项目概览
项目概览
详情
发布
仓库
仓库
文件
提交
分支
标签
贡献者
分支图
比较
Issue
0
Issue
0
列表
看板
标记
里程碑
合并请求
0
合并请求
0
Pages
分析
分析
仓库分析
DevOps
Wiki
0
Wiki
成员
成员
收起侧边栏
关闭侧边栏
动态
分支图
创建新Issue
提交
Issue看板
提交
d584397f
编写于
4月 11, 2018
作者:
I
igerasim
浏览文件
操作
浏览文件
下载
电子邮件补丁
差异文件
8178370: [TEST_BUG] java/security/Signature/SignatureLength.java fails
Reviewed-by: mullan
上级
6e80b33e
变更
1
隐藏空白更改
内联
并排
Showing
1 changed file
with
68 addition
and
27 deletion
+68
-27
test/java/security/Signature/SignatureLength.java
test/java/security/Signature/SignatureLength.java
+68
-27
未找到文件。
test/java/security/Signature/SignatureLength.java
浏览文件 @
d584397f
/*
* Copyright (c) 2016, Oracle and/or its affiliates. All rights reserved.
* Copyright (c) 2016,
2018,
Oracle and/or its affiliates. All rights reserved.
* DO NOT ALTER OR REMOVE COPYRIGHT NOTICES OR THIS FILE HEADER.
*
* This code is free software; you can redistribute it and/or modify it
...
...
@@ -21,48 +21,82 @@
* questions.
*/
import
java.security.*
;
/*
* @test
* @bug 8161571
* @bug 8161571
8178370
* @summary Reject signatures presented for verification that contain extra
* bytes.
* @modules jdk.crypto.ec
* @run main SignatureLength
*/
import
java.security.KeyPair
;
import
java.security.KeyPairGenerator
;
import
java.security.NoSuchAlgorithmException
;
import
java.security.Provider
;
import
java.security.Security
;
import
java.security.Signature
;
import
java.security.SignatureException
;
public
class
SignatureLength
{
public
static
void
main
(
String
[]
args
)
throws
Exception
{
main0
(
"EC"
,
256
,
"SHA256withECDSA"
,
"SunEC"
);
main0
(
"RSA"
,
2048
,
"SHA256withRSA"
,
"SunRsaSign"
);
main0
(
"DSA"
,
2048
,
"SHA256withDSA"
,
"SUN"
);
for
(
Provider
p0
:
Security
.
getProviders
())
{
for
(
Provider
p1
:
Security
.
getProviders
())
{
for
(
Provider
p2
:
Security
.
getProviders
())
{
// SunMSCAPI signer can only be initialized with
// a key generated with SunMSCAPI
if
(!
p0
.
getName
().
equals
(
"SunMSCAPI"
)
&&
p1
.
getName
().
equals
(
"SunMSCAPI"
))
continue
;
// SunMSCAPI generated key can only be signed
// with SunMSCAPI signer
if
(
p0
.
getName
().
equals
(
"SunMSCAPI"
)
&&
!
p1
.
getName
().
equals
(
"SunMSCAPI"
))
continue
;
// SunMSCAPI and SunPKCS11 verifiers may return false
// instead of throwing SignatureException
boolean
mayNotThrow
=
p2
.
getName
().
equals
(
"SunMSCAPI"
)
||
p2
.
getName
().
startsWith
(
"SunPKCS11"
);
if
(
System
.
getProperty
(
"os.name"
).
equals
(
"SunOS"
))
{
main0
(
"EC"
,
256
,
"SHA256withECDSA"
,
null
);
main0
(
"RSA"
,
2048
,
"SHA256withRSA"
,
null
);
main0
(
"EC"
,
256
,
"SHA256withECDSA"
,
p0
,
p1
,
p2
,
mayNotThrow
);
main0
(
"RSA"
,
2048
,
"SHA256withRSA"
,
p0
,
p1
,
p2
,
mayNotThrow
);
main0
(
"DSA"
,
2048
,
"SHA256withDSA"
,
p0
,
p1
,
p2
,
mayNotThrow
);
}
}
}
}
private
static
void
main0
(
String
keyAlgorithm
,
int
keysize
,
String
signatureAlgorithm
,
String
provider
)
throws
Exception
{
String
signatureAlgorithm
,
Provider
generatorProvider
,
Provider
signerProvider
,
Provider
verifierProvider
,
boolean
mayNotThrow
)
throws
Exception
{
KeyPairGenerator
generator
;
Signature
signer
;
Signature
verifier
;
try
{
generator
=
KeyPairGenerator
.
getInstance
(
keyAlgorithm
,
generatorProvider
);
signer
=
Signature
.
getInstance
(
signatureAlgorithm
,
signerProvider
);
verifier
=
Signature
.
getInstance
(
signatureAlgorithm
,
verifierProvider
);
}
catch
(
NoSuchAlgorithmException
nsae
)
{
// ignore this set of providers
return
;
}
byte
[]
plaintext
=
"aaa"
.
getBytes
(
"UTF-8"
);
// Generate
KeyPairGenerator
generator
=
provider
==
null
?
(
KeyPairGenerator
)
KeyPairGenerator
.
getInstance
(
keyAlgorithm
)
:
(
KeyPairGenerator
)
KeyPairGenerator
.
getInstance
(
keyAlgorithm
,
provider
);
generator
.
initialize
(
keysize
);
System
.
out
.
println
(
"Generating "
+
keyAlgorithm
+
" keypair using "
+
generator
.
getProvider
().
getName
()
+
" JCE provider"
);
KeyPair
keypair
=
generator
.
generateKeyPair
();
// Sign
Signature
signer
=
provider
==
null
?
Signature
.
getInstance
(
signatureAlgorithm
)
:
Signature
.
getInstance
(
signatureAlgorithm
,
provider
);
signer
.
initSign
(
keypair
.
getPrivate
());
signer
.
update
(
plaintext
);
System
.
out
.
println
(
"Signing using "
+
signer
.
getProvider
().
getName
()
+
...
...
@@ -80,19 +114,26 @@ public class SignatureLength {
badSignature
[
signature
.
length
+
4
]
=
0x01
;
// Verify
Signature
verifier
=
provider
==
null
?
Signature
.
getInstance
(
signatureAlgorithm
)
:
Signature
.
getInstance
(
signatureAlgorithm
,
provider
);
verifier
.
initVerify
(
keypair
.
getPublic
());
verifier
.
update
(
plaintext
);
System
.
out
.
println
(
"Verifying using "
+
verifier
.
getProvider
().
getName
()
+
" JCE provider"
);
try
{
System
.
out
.
println
(
"Valid? "
+
verifier
.
verify
(
badSignature
));
throw
new
Exception
(
"ERROR: expected a SignatureException but none was thrown"
);
boolean
valid
=
verifier
.
verify
(
badSignature
);
System
.
out
.
println
(
"Valid? "
+
valid
);
if
(
mayNotThrow
)
{
if
(
valid
)
{
throw
new
Exception
(
"ERROR: expected a SignatureException but none was thrown"
+
" and invalid signature was verified"
);
}
else
{
System
.
out
.
println
(
"OK: verification failed as expected"
);
}
}
else
{
throw
new
Exception
(
"ERROR: expected a SignatureException but none was thrown"
);
}
}
catch
(
SignatureException
e
)
{
System
.
out
.
println
(
"OK: caught expected exception: "
+
e
);
}
...
...
编辑
预览
Markdown
is supported
0%
请重试
或
添加新附件
.
添加附件
取消
You are about to add
0
people
to the discussion. Proceed with caution.
先完成此消息的编辑!
取消
想要评论请
注册
或
登录