diff options
| author | Kenny Root <kroot@google.com> | 2013-09-26 11:52:07 -0700 |
|---|---|---|
| committer | Kenny Root <kroot@google.com> | 2013-09-26 15:08:14 -0700 |
| commit | 9d72aaddcedda0eb4519f84805d2212fcc25ebaf (patch) | |
| tree | fe3feab20ecb9744b7f750d396c253eee1309ca5 | |
| parent | 325e5492a9d294f9d5a9752103f5ce96df2c4095 (diff) | |
| download | libcore-9d72aaddcedda0eb4519f84805d2212fcc25ebaf.zip libcore-9d72aaddcedda0eb4519f84805d2212fcc25ebaf.tar.gz libcore-9d72aaddcedda0eb4519f84805d2212fcc25ebaf.tar.bz2 | |
Conscrypt: add SHA-224 with tests
SHA-224 has made a comeback in the latest StandardNames documentation.
This change adds tests for SHA-224 and also Conscrypt providers for
things we have code paths to support.
Change-Id: I8c200082ff76ee4ae38b6efaa16e6741b33b7f5b
8 files changed, 231 insertions, 7 deletions
diff --git a/crypto/src/main/java/org/conscrypt/OpenSSLMac.java b/crypto/src/main/java/org/conscrypt/OpenSSLMac.java index ed9ea52..ed163ec 100644 --- a/crypto/src/main/java/org/conscrypt/OpenSSLMac.java +++ b/crypto/src/main/java/org/conscrypt/OpenSSLMac.java @@ -142,6 +142,15 @@ public abstract class OpenSSLMac extends MacSpi { } } + public static class HmacSHA224 extends OpenSSLMac { + private static final long EVP_MD = NativeCrypto.EVP_get_digestbyname("sha224"); + private static final int SIZE = NativeCrypto.EVP_MD_size(EVP_MD); + + public HmacSHA224() throws NoSuchAlgorithmException { + super(EVP_MD, SIZE, NativeCrypto.EVP_PKEY_HMAC); + } + } + public static class HmacSHA256 extends OpenSSLMac { private static final long EVP_MD = NativeCrypto.EVP_get_digestbyname("sha256"); private static final int SIZE = NativeCrypto.EVP_MD_size(EVP_MD); diff --git a/crypto/src/main/java/org/conscrypt/OpenSSLMessageDigestJDK.java b/crypto/src/main/java/org/conscrypt/OpenSSLMessageDigestJDK.java index 763ff65..801a721 100644 --- a/crypto/src/main/java/org/conscrypt/OpenSSLMessageDigestJDK.java +++ b/crypto/src/main/java/org/conscrypt/OpenSSLMessageDigestJDK.java @@ -128,6 +128,14 @@ public class OpenSSLMessageDigestJDK extends MessageDigest implements Cloneable } } + public static class SHA224 extends OpenSSLMessageDigestJDK { + private static final long EVP_MD = NativeCrypto.EVP_get_digestbyname("sha224"); + private static final int SIZE = NativeCrypto.EVP_MD_size(EVP_MD); + public SHA224() throws NoSuchAlgorithmException { + super("SHA-224", EVP_MD, SIZE); + } + } + public static class SHA256 extends OpenSSLMessageDigestJDK { private static final long EVP_MD = NativeCrypto.EVP_get_digestbyname("sha256"); private static final int SIZE = NativeCrypto.EVP_MD_size(EVP_MD); diff --git a/crypto/src/main/java/org/conscrypt/OpenSSLProvider.java b/crypto/src/main/java/org/conscrypt/OpenSSLProvider.java index 4055e50..371da1f 100644 --- a/crypto/src/main/java/org/conscrypt/OpenSSLProvider.java +++ b/crypto/src/main/java/org/conscrypt/OpenSSLProvider.java @@ -57,6 +57,10 @@ public final class OpenSSLProvider extends Provider { put("Alg.Alias.MessageDigest.SHA", "SHA-1"); put("Alg.Alias.MessageDigest.1.3.14.3.2.26", "SHA-1"); + put("MessageDigest.SHA-224", prefix + "OpenSSLMessageDigestJDK$SHA224"); + put("Alg.Alias.MessageDigest.SHA224", "SHA-224"); + put("Alg.Alias.MessageDigest.2.16.840.1.101.3.4.2.4", "SHA-224"); + put("MessageDigest.SHA-256", prefix + "OpenSSLMessageDigestJDK$SHA256"); put("Alg.Alias.MessageDigest.SHA256", "SHA-256"); put("Alg.Alias.MessageDigest.2.16.840.1.101.3.4.2.1", "SHA-256"); @@ -108,6 +112,14 @@ public final class OpenSSLProvider extends Provider { put("Alg.Alias.Signature.1.3.14.3.2.26with1.2.840.113549.1.1.5", "SHA1WithRSA"); put("Alg.Alias.Signature.1.3.14.3.2.29", "SHA1WithRSA"); + put("Signature.SHA224WithRSA", prefix + "OpenSSLSignature$SHA224RSA"); + put("Alg.Alias.Signature.SHA224WithRSAEncryption", "SHA224WithRSA"); + put("Alg.Alias.Signature.1.2.840.113549.1.1.11", "SHA224WithRSA"); + put("Alg.Alias.Signature.2.16.840.1.101.3.4.2.4with1.2.840.113549.1.1.1", + "SHA224WithRSA"); + put("Alg.Alias.Signature.2.16.840.1.101.3.4.2.4with1.2.840.113549.1.1.11", + "SHA224WithRSA"); + put("Signature.SHA256WithRSA", prefix + "OpenSSLSignature$SHA256RSA"); put("Alg.Alias.Signature.SHA256WithRSAEncryption", "SHA256WithRSA"); put("Alg.Alias.Signature.1.2.840.113549.1.1.11", "SHA256WithRSA"); @@ -146,6 +158,12 @@ public final class OpenSSLProvider extends Provider { put("Alg.Alias.Signature.1.3.14.3.2.26with1.2.840.10045.2.1", "ECDSA"); // iso(1) member-body(2) us(840) ansi-x962(10045) signatures(4) ecdsa-with-SHA2(3) + put("Signature.SHA224withECDSA", prefix + "OpenSSLSignature$SHA224ECDSA"); + // ecdsa-with-SHA224(1) + put("Alg.Alias.Signature.1.2.840.10045.4.3.1", "SHA224withECDSA"); + put("Alg.Alias.Signature.2.16.840.1.101.3.4.2.4with1.2.840.10045.2.1", "SHA224withECDSA"); + + // iso(1) member-body(2) us(840) ansi-x962(10045) signatures(4) ecdsa-with-SHA2(3) put("Signature.SHA256withECDSA", prefix + "OpenSSLSignature$SHA256ECDSA"); // ecdsa-with-SHA256(2) put("Alg.Alias.Signature.1.2.840.10045.4.3.2", "SHA256withECDSA"); @@ -215,6 +233,12 @@ public final class OpenSSLProvider extends Provider { put("Alg.Alias.Mac.HMAC-SHA1", "HmacSHA1"); put("Alg.Alias.Mac.HMAC/SHA1", "HmacSHA1"); + // id-hmacWithSHA224 (8) + put("Mac.HmacSHA224", prefix + "OpenSSLMac$HmacSHA224"); + put("Alg.Alias.Mac.1.2.840.113549.2.9", "HmacSHA224"); + put("Alg.Alias.Mac.HMAC-SHA224", "HmacSHA224"); + put("Alg.Alias.Mac.HMAC/SHA224", "HmacSHA224"); + // id-hmacWithSHA256 (9) put("Mac.HmacSHA256", prefix + "OpenSSLMac$HmacSHA256"); put("Alg.Alias.Mac.1.2.840.113549.2.9", "HmacSHA256"); diff --git a/crypto/src/main/java/org/conscrypt/OpenSSLSignature.java b/crypto/src/main/java/org/conscrypt/OpenSSLSignature.java index 8576010..53b0df0 100644 --- a/crypto/src/main/java/org/conscrypt/OpenSSLSignature.java +++ b/crypto/src/main/java/org/conscrypt/OpenSSLSignature.java @@ -299,6 +299,11 @@ public class OpenSSLSignature extends Signature { super("RSA-SHA1", EngineType.RSA); } } + public static final class SHA224RSA extends OpenSSLSignature { + public SHA224RSA() throws NoSuchAlgorithmException { + super("RSA-SHA224", EngineType.RSA); + } + } public static final class SHA256RSA extends OpenSSLSignature { public SHA256RSA() throws NoSuchAlgorithmException { super("RSA-SHA256", EngineType.RSA); @@ -324,6 +329,11 @@ public class OpenSSLSignature extends Signature { super("SHA1", EngineType.EC); } } + public static final class SHA224ECDSA extends OpenSSLSignature { + public SHA224ECDSA() throws NoSuchAlgorithmException { + super("SHA224", EngineType.EC); + } + } public static final class SHA256ECDSA extends OpenSSLSignature { public SHA256ECDSA() throws NoSuchAlgorithmException { super("SHA256", EngineType.EC); diff --git a/luni/src/test/java/libcore/java/security/MessageDigestTest.java b/luni/src/test/java/libcore/java/security/MessageDigestTest.java index 3646a7a..1370287 100644 --- a/luni/src/test/java/libcore/java/security/MessageDigestTest.java +++ b/luni/src/test/java/libcore/java/security/MessageDigestTest.java @@ -116,6 +116,12 @@ public final class MessageDigestTest extends TestCase { new byte[] { -38, 57, -93, -18, 94, 107, 75, 13, 50, 85, -65, -17, -107, 96, 24, -112, -81, -40, 7, 9}); + putExpectation("SHA-224", + INPUT_EMPTY, + new byte[] { -47, 74, 2, -116, 42, 58, 43, -55, 71, + 97, 2, -69, 40, -126, 52, -60, 21, + -94, -80, 31, -126, -114, -90, 42, + -59, -77, -28, 47}); putExpectation("SHA-256", INPUT_EMPTY, new byte[] { -29, -80, -60, 66, -104, -4, 28, 20, @@ -163,6 +169,12 @@ public final class MessageDigestTest extends TestCase { new byte[] { 123, -111, -37, -36, 86, -59, 120, 30, -33, 108, -120, 71, -76, -86, 105, 101, 86, 108, 92, 117 }); + putExpectation("SHA-224", + INPUT_256MB, + new byte[] { -78, 82, 5, -71, 57, 119, 77, -32, + -62, -74, -40, 64, -57, 79, 40, 116, + -18, 48, -69, 45, 18, -94, 111, 114, + -45, -93, 43, -11 }); putExpectation("SHA-256", INPUT_256MB, new byte[] { -90, -41, 42, -57, 105, 15, 83, -66, diff --git a/luni/src/test/java/libcore/java/security/SignatureTest.java b/luni/src/test/java/libcore/java/security/SignatureTest.java index 7f8b4f4..1027dd4 100644 --- a/luni/src/test/java/libcore/java/security/SignatureTest.java +++ b/luni/src/test/java/libcore/java/security/SignatureTest.java @@ -425,6 +425,44 @@ public class SignatureTest extends TestCase { (byte) 0xc0, (byte) 0x09, (byte) 0x15, (byte) 0x7d, (byte) 0x8a, (byte) 0x21, (byte) 0xbc, (byte) 0xa3, }; + /* + * echo 'Android.' | openssl dgst -sha224 -binary -sign privkey.pem | recode ../x1 | sed 's/0x/(byte) 0x/g' + */ + private static final byte[] SHA224withRSA_Vector2Signature = new byte[] { + (byte) 0xBD, (byte) 0x3F, (byte) 0xD4, (byte) 0x20, (byte) 0x5B, (byte) 0xC0, (byte) 0x89, (byte) 0x4F, + (byte) 0x99, (byte) 0x6C, (byte) 0xF4, (byte) 0xA4, (byte) 0x70, (byte) 0xE3, (byte) 0x5B, (byte) 0x33, + (byte) 0xB3, (byte) 0xCA, (byte) 0xFE, (byte) 0x1F, (byte) 0xB9, (byte) 0x3A, (byte) 0xD6, (byte) 0x9B, + (byte) 0x1E, (byte) 0xDA, (byte) 0x65, (byte) 0x06, (byte) 0xBD, (byte) 0xC3, (byte) 0x2B, (byte) 0xF8, + (byte) 0x0E, (byte) 0xA0, (byte) 0xB5, (byte) 0x33, (byte) 0x7F, (byte) 0x15, (byte) 0xDC, (byte) 0xBB, + (byte) 0xDC, (byte) 0x98, (byte) 0x96, (byte) 0xF5, (byte) 0xF8, (byte) 0xE5, (byte) 0x55, (byte) 0x7D, + (byte) 0x48, (byte) 0x51, (byte) 0xC5, (byte) 0xAE, (byte) 0x12, (byte) 0xA2, (byte) 0x61, (byte) 0xC7, + (byte) 0xA2, (byte) 0x00, (byte) 0x0F, (byte) 0x35, (byte) 0x54, (byte) 0x3C, (byte) 0x7E, (byte) 0x97, + (byte) 0x19, (byte) 0x2D, (byte) 0x8F, (byte) 0xFD, (byte) 0x51, (byte) 0x04, (byte) 0x72, (byte) 0x23, + (byte) 0x65, (byte) 0x16, (byte) 0x41, (byte) 0x12, (byte) 0x46, (byte) 0xD6, (byte) 0x20, (byte) 0xB6, + (byte) 0x4E, (byte) 0xD6, (byte) 0xE8, (byte) 0x60, (byte) 0x91, (byte) 0x05, (byte) 0xCA, (byte) 0x57, + (byte) 0x6F, (byte) 0x53, (byte) 0xA4, (byte) 0x05, (byte) 0x2A, (byte) 0x37, (byte) 0xDD, (byte) 0x2E, + (byte) 0xA4, (byte) 0xC7, (byte) 0xBF, (byte) 0x9E, (byte) 0xF6, (byte) 0xD5, (byte) 0xD4, (byte) 0x34, + (byte) 0xB8, (byte) 0xB3, (byte) 0x8B, (byte) 0x66, (byte) 0x2C, (byte) 0xB6, (byte) 0x5F, (byte) 0xA4, + (byte) 0xB7, (byte) 0x77, (byte) 0xF8, (byte) 0x9A, (byte) 0x9C, (byte) 0x44, (byte) 0x9F, (byte) 0xF0, + (byte) 0xCA, (byte) 0x53, (byte) 0x56, (byte) 0x2F, (byte) 0x99, (byte) 0x2E, (byte) 0x4B, (byte) 0xA2, + (byte) 0x26, (byte) 0x50, (byte) 0x30, (byte) 0x97, (byte) 0x2B, (byte) 0x4B, (byte) 0x0C, (byte) 0x3E, + (byte) 0x28, (byte) 0x0B, (byte) 0x88, (byte) 0x87, (byte) 0x9E, (byte) 0xCE, (byte) 0xCB, (byte) 0x57, + (byte) 0x72, (byte) 0x6B, (byte) 0xF6, (byte) 0xD6, (byte) 0xAA, (byte) 0x4D, (byte) 0x5F, (byte) 0x19, + (byte) 0x7A, (byte) 0xAD, (byte) 0x44, (byte) 0x09, (byte) 0x33, (byte) 0x62, (byte) 0xC8, (byte) 0x56, + (byte) 0x82, (byte) 0x84, (byte) 0xBF, (byte) 0x52, (byte) 0xC6, (byte) 0xA2, (byte) 0x2B, (byte) 0xE3, + (byte) 0xC2, (byte) 0x7F, (byte) 0xE3, (byte) 0x06, (byte) 0xC3, (byte) 0x30, (byte) 0xB8, (byte) 0xD4, + (byte) 0x01, (byte) 0xE6, (byte) 0x3D, (byte) 0xDB, (byte) 0xCA, (byte) 0xE4, (byte) 0xFB, (byte) 0xA8, + (byte) 0x7B, (byte) 0x2D, (byte) 0x8F, (byte) 0x39, (byte) 0x7A, (byte) 0x63, (byte) 0x9F, (byte) 0x02, + (byte) 0xE8, (byte) 0x91, (byte) 0xD1, (byte) 0xEE, (byte) 0x60, (byte) 0xEE, (byte) 0xCA, (byte) 0xF2, + (byte) 0x33, (byte) 0x7D, (byte) 0xF2, (byte) 0x41, (byte) 0x52, (byte) 0x0B, (byte) 0x9B, (byte) 0x1B, + (byte) 0x2D, (byte) 0x89, (byte) 0x38, (byte) 0xEC, (byte) 0x24, (byte) 0x60, (byte) 0x40, (byte) 0x40, + (byte) 0x6F, (byte) 0xB6, (byte) 0x6F, (byte) 0x86, (byte) 0xB5, (byte) 0x0A, (byte) 0x3D, (byte) 0x98, + (byte) 0x77, (byte) 0x3F, (byte) 0x59, (byte) 0x41, (byte) 0x3E, (byte) 0x4D, (byte) 0xE4, (byte) 0x4E, + (byte) 0x91, (byte) 0xCD, (byte) 0x8E, (byte) 0x33, (byte) 0x60, (byte) 0x16, (byte) 0x8D, (byte) 0xAB, + (byte) 0x04, (byte) 0x14, (byte) 0xE8, (byte) 0x76, (byte) 0xF1, (byte) 0x06, (byte) 0xCD, (byte) 0x4A, + (byte) 0x88, (byte) 0xC7, (byte) 0x69, (byte) 0x6B, (byte) 0xC6, (byte) 0xDA, (byte) 0x9E, (byte) 0x09 + }; + private static final byte[] SHA256withRSA_Vector2Signature = new byte[] { (byte) 0x18, (byte) 0x6e, (byte) 0x31, (byte) 0x1f, (byte) 0x1d, (byte) 0x44, (byte) 0x09, (byte) 0x3e, (byte) 0xa0, (byte) 0xc4, (byte) 0x3d, (byte) 0xb4, (byte) 0x1b, (byte) 0xf2, (byte) 0xd8, (byte) 0xa4, @@ -871,6 +909,30 @@ public class SignatureTest extends TestCase { assertTrue("Signature must verify correctly", sig.verify(signature)); } + public void testSign_SHA224withRSA_Key_Success() throws Exception { + KeyFactory kf = KeyFactory.getInstance("RSA"); + RSAPrivateKeySpec keySpec = new RSAPrivateKeySpec(RSA_2048_modulus, + RSA_2048_privateExponent); + + final PrivateKey privKey = kf.generatePrivate(keySpec); + + Signature sig = Signature.getInstance("SHA224withRSA"); + sig.initSign(privKey); + sig.update(Vector2Data); + + byte[] signature = sig.sign(); + assertNotNull("Signature must not be null", signature); + assertTrue("Signature should match expected", + Arrays.equals(signature, SHA224withRSA_Vector2Signature)); + + RSAPublicKeySpec pubKeySpec = new RSAPublicKeySpec(RSA_2048_modulus, + RSA_2048_publicExponent); + PublicKey pubKey = kf.generatePublic(pubKeySpec); + sig.initVerify(pubKey); + sig.update(Vector2Data); + assertTrue("Signature must verify correctly", sig.verify(signature)); + } + public void testSign_SHA256withRSA_Key_Success() throws Exception { KeyFactory kf = KeyFactory.getInstance("RSA"); RSAPrivateKeySpec keySpec = new RSAPrivateKeySpec(RSA_2048_modulus, @@ -1225,6 +1287,34 @@ public class SignatureTest extends TestCase { (byte) 0xdc, (byte) 0x73, (byte) 0x3d, (byte) 0xf3, (byte) 0x51, (byte) 0xc0, (byte) 0x57, }; + /** + * A possible signature using SHA224withDSA of Vector2Data. Note that DSS is + * randomized, so this won't be the exact signature you'll get out of + * another signing operation unless you use a fixed RNG. + */ + public static final byte[] SHA224withDSA_Vector2Signature = new byte[] { + (byte) 0x30, (byte) 0x2D, (byte) 0x02, (byte) 0x15, (byte) 0x00, (byte) 0xAD, (byte) 0xE5, (byte) 0x6D, + (byte) 0xF5, (byte) 0x11, (byte) 0x8D, (byte) 0x2E, (byte) 0x62, (byte) 0x5D, (byte) 0x98, (byte) 0x8A, + (byte) 0xC4, (byte) 0x88, (byte) 0x7E, (byte) 0xE6, (byte) 0xA3, (byte) 0x44, (byte) 0x99, (byte) 0xEF, + (byte) 0x49, (byte) 0x02, (byte) 0x14, (byte) 0x15, (byte) 0x3E, (byte) 0x32, (byte) 0xD6, (byte) 0xF9, + (byte) 0x79, (byte) 0x2C, (byte) 0x60, (byte) 0x6E, (byte) 0xF9, (byte) 0xA9, (byte) 0x78, (byte) 0xE7, + (byte) 0x4B, (byte) 0x87, (byte) 0x08, (byte) 0x96, (byte) 0x60, (byte) 0xDE, (byte) 0xB5 + }; + + /** + * A possible signature using SHA256withDSA of Vector2Data. Note that DSS is + * randomized, so this won't be the exact signature you'll get out of + * another signing operation unless you use a fixed RNG. + */ + public static final byte[] SHA256withDSA_Vector2Signature = new byte[] { + (byte) 0x30, (byte) 0x2D, (byte) 0x02, (byte) 0x14, (byte) 0x0A, (byte) 0xB1, (byte) 0x74, (byte) 0x45, + (byte) 0xE1, (byte) 0x63, (byte) 0x43, (byte) 0x68, (byte) 0x65, (byte) 0xBC, (byte) 0xCA, (byte) 0x45, + (byte) 0x27, (byte) 0x11, (byte) 0x4D, (byte) 0x52, (byte) 0xFB, (byte) 0x22, (byte) 0x93, (byte) 0xDD, + (byte) 0x02, (byte) 0x15, (byte) 0x00, (byte) 0x98, (byte) 0x32, (byte) 0x1A, (byte) 0x16, (byte) 0x77, + (byte) 0x49, (byte) 0xA7, (byte) 0x78, (byte) 0xFD, (byte) 0xE0, (byte) 0xF7, (byte) 0x71, (byte) 0xD4, + (byte) 0x80, (byte) 0x50, (byte) 0xA7, (byte) 0xDD, (byte) 0x94, (byte) 0xD1, (byte) 0x6C + }; + public void testSign_SHA1withDSA_Key_Success() throws Exception { KeyFactory kf = KeyFactory.getInstance("DSA"); DSAPrivateKeySpec keySpec = new DSAPrivateKeySpec(DSA_priv, DSA_P, DSA_Q, DSA_G); @@ -1255,10 +1345,73 @@ public class SignatureTest extends TestCase { assertTrue("Signature must verify correctly", sig.verify(SHA1withDSA_Vector2Signature)); } + public void testSign_SHA224withDSA_Key_Success() throws Exception { + KeyFactory kf = KeyFactory.getInstance("DSA"); + DSAPrivateKeySpec keySpec = new DSAPrivateKeySpec(DSA_priv, DSA_P, DSA_Q, DSA_G); + PrivateKey privKey = kf.generatePrivate(keySpec); + + Signature sig = Signature.getInstance("SHA224withDSA"); + sig.initSign(privKey); + sig.update(Vector2Data); + + byte[] signature = sig.sign(); + assertNotNull("Signature must not be null", signature); + + DSAPublicKeySpec pubKeySpec = new DSAPublicKeySpec(DSA_pub, DSA_P, DSA_Q, DSA_G); + PublicKey pubKey = kf.generatePublic(pubKeySpec); + sig.initVerify(pubKey); + sig.update(Vector2Data); + assertTrue("Signature must verify correctly", sig.verify(signature)); + } + + public void testVerify_SHA224withDSA_Key_Success() throws Exception { + KeyFactory kf = KeyFactory.getInstance("DSA"); + DSAPublicKeySpec pubKeySpec = new DSAPublicKeySpec(DSA_pub, DSA_P, DSA_Q, DSA_G); + PublicKey pubKey = kf.generatePublic(pubKeySpec); + + Signature sig = Signature.getInstance("SHA224withDSA"); + sig.initVerify(pubKey); + sig.update(Vector2Data); + assertTrue("Signature must verify correctly", sig.verify(SHA224withDSA_Vector2Signature)); + } + + public void testSign_SHA256withDSA_Key_Success() throws Exception { + KeyFactory kf = KeyFactory.getInstance("DSA"); + DSAPrivateKeySpec keySpec = new DSAPrivateKeySpec(DSA_priv, DSA_P, DSA_Q, DSA_G); + PrivateKey privKey = kf.generatePrivate(keySpec); + + Signature sig = Signature.getInstance("SHA256withDSA"); + sig.initSign(privKey); + sig.update(Vector2Data); + + byte[] signature = sig.sign(); + assertNotNull("Signature must not be null", signature); + + DSAPublicKeySpec pubKeySpec = new DSAPublicKeySpec(DSA_pub, DSA_P, DSA_Q, DSA_G); + PublicKey pubKey = kf.generatePublic(pubKeySpec); + sig.initVerify(pubKey); + sig.update(Vector2Data); + assertTrue("Signature must verify correctly", sig.verify(signature)); + } + + public void testVerify_SHA256withDSA_Key_Success() throws Exception { + KeyFactory kf = KeyFactory.getInstance("DSA"); + DSAPublicKeySpec pubKeySpec = new DSAPublicKeySpec(DSA_pub, DSA_P, DSA_Q, DSA_G); + PublicKey pubKey = kf.generatePublic(pubKeySpec); + + Signature sig = Signature.getInstance("SHA256withDSA"); + sig.initVerify(pubKey); + sig.update(Vector2Data); + assertTrue("Signature must verify correctly", sig.verify(SHA256withDSA_Vector2Signature)); + } + // NetscapeCertRequest looks up Signature algorithms by OID from // BC but BC version 1.47 had registration bugs and MD5withRSA was // overlooked. http://b/7453821 public void testGetInstanceFromOID() throws Exception { + if (StandardNames.IS_RI) { + return; + } assertBouncyCastleSignatureFromOID("1.2.840.113549.1.1.4"); // MD5withRSA assertBouncyCastleSignatureFromOID("1.2.840.113549.1.1.5"); // SHA1withRSA assertBouncyCastleSignatureFromOID("1.3.14.3.2.29"); // SHA1withRSA diff --git a/luni/src/test/java/org/apache/harmony/crypto/tests/javax/crypto/MacTest.java b/luni/src/test/java/org/apache/harmony/crypto/tests/javax/crypto/MacTest.java index 954a34e..aaf2a15 100644 --- a/luni/src/test/java/org/apache/harmony/crypto/tests/javax/crypto/MacTest.java +++ b/luni/src/test/java/org/apache/harmony/crypto/tests/javax/crypto/MacTest.java @@ -72,7 +72,7 @@ public class MacTest extends TestCase { private static String[] validValues = new String[3]; public static final String validAlgorithmsMac [] = - {"HmacSHA1", "HmacMD5", "HmacSHA256", "HmacSHA384", "HmacSHA512"}; + {"HmacSHA1", "HmacMD5", "HmacSHA224", "HmacSHA256", "HmacSHA384", "HmacSHA512"}; static { @@ -441,15 +441,15 @@ public class MacTest extends TestCase { byte[] res1 = macs[i].doFinal(); byte[] res2 = macs[i].doFinal(); assertEquals("Results are not the same", - IntegralToString.bytesToHexString(res1, false), - IntegralToString.bytesToHexString(res2, false)); + Arrays.toString(res1), + Arrays.toString(res2)); res2 = macs[i].doFinal(upd); macs[i].update(upd); res1 = macs[i].doFinal(); assertEquals("Results are not the same", - IntegralToString.bytesToHexString(res1, false), - IntegralToString.bytesToHexString(res2, false)); + Arrays.toString(res1), + Arrays.toString(res2)); } } diff --git a/support/src/test/java/libcore/java/security/StandardNames.java b/support/src/test/java/libcore/java/security/StandardNames.java index bb9aeda..6004171 100644 --- a/support/src/test/java/libcore/java/security/StandardNames.java +++ b/support/src/test/java/libcore/java/security/StandardNames.java @@ -49,12 +49,12 @@ import junit.framework.Assert; * </a>. * * Updated based on the - * <a href="http://download.oracle.com/javase/7/docs/technotes/guides/security/SunProviders.html"> + * <a href="http://download.java.net/jdk8/docs/technotes/guides/security/SunProviders.html"> * Java ™ Cryptography Architecture Oracle Providers Documentation * for Java ™ Platform Standard Edition 7 * </a>. * See also the - * <a href="http://download.oracle.com/javase/7/docs/technotes/guides/security/StandardNames.html"> + * <a href="http://download.java.net/jdk8/docs/technotes/guides/security/StandardNames.html"> * Java ™ Cryptography Architecture Standard Algorithm Name Documentation * </a>. * @@ -178,6 +178,7 @@ public final class StandardNames extends Assert { provide("KeyGenerator", "DESede"); provide("KeyGenerator", "HmacMD5"); provide("KeyGenerator", "HmacSHA1"); + provide("KeyGenerator", "HmacSHA224"); provide("KeyGenerator", "HmacSHA256"); provide("KeyGenerator", "HmacSHA384"); provide("KeyGenerator", "HmacSHA512"); @@ -192,12 +193,14 @@ public final class StandardNames extends Assert { provide("KeyStore", "PKCS12"); provide("Mac", "HmacMD5"); provide("Mac", "HmacSHA1"); + provide("Mac", "HmacSHA224"); provide("Mac", "HmacSHA256"); provide("Mac", "HmacSHA384"); provide("Mac", "HmacSHA512"); // If adding a new MessageDigest, consider adding it to JarVerifier provide("MessageDigest", "MD2"); provide("MessageDigest", "MD5"); + provide("MessageDigest", "SHA-224"); provide("MessageDigest", "SHA-256"); provide("MessageDigest", "SHA-384"); provide("MessageDigest", "SHA-512"); @@ -219,7 +222,10 @@ public final class StandardNames extends Assert { provide("Signature", "MD5withRSA"); provide("Signature", "NONEwithDSA"); provide("Signature", "SHA1withDSA"); + provide("Signature", "SHA224withDSA"); + provide("Signature", "SHA256withDSA"); provide("Signature", "SHA1withRSA"); + provide("Signature", "SHA224withRSA"); provide("Signature", "SHA256withRSA"); provide("Signature", "SHA384withRSA"); provide("Signature", "SHA512withRSA"); @@ -301,6 +307,7 @@ public final class StandardNames extends Assert { provide("Signature", "NONEWITHECDSA"); provide("Signature", "RAWDSA"); provide("Signature", "SHA1WITHECDSA"); + provide("Signature", "SHA224WITHECDSA"); provide("Signature", "SHA256WITHECDSA"); provide("Signature", "SHA384WITHECDSA"); provide("Signature", "SHA512WITHECDSA"); @@ -485,6 +492,7 @@ public final class StandardNames extends Assert { provide("KeyPairGenerator", "EC"); provide("Signature", "NONEWITHECDSA"); provide("Signature", "ECDSA"); // as opposed to SHA1WITHECDSA + provide("Signature", "SHA224WITHECDSA"); provide("Signature", "SHA256WITHECDSA"); provide("Signature", "SHA384WITHECDSA"); provide("Signature", "SHA512WITHECDSA"); |