1 // Copyright 2024 Google 2 // 3 // Licensed under the Apache License, Version 2.0 (the "License"); 4 // you may not use this file except in compliance with the License. 5 // You may obtain a copy of the License at 6 // 7 // http://www.apache.org/licenses/LICENSE-2.0 8 // 9 // Unless required by applicable law or agreed to in writing, software 10 // distributed under the License is distributed on an "AS IS" BASIS, 11 // WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. 12 // See the License for the specific language governing permissions and 13 // limitations under the License. 14 // 15 //////////////////////////////////////////////////////////////////////////////// 16 17 package com.google.crypto.tink.subtle; 18 19 import static com.google.common.truth.Truth.assertThat; 20 import static org.junit.Assert.assertThrows; 21 22 import com.google.crypto.tink.config.TinkFips; 23 import com.google.crypto.tink.config.internal.TinkFipsUtil; 24 import com.google.crypto.tink.signature.RsaSsaPkcs1Parameters; 25 import com.google.crypto.tink.signature.RsaSsaPkcs1PublicKey; 26 import com.google.crypto.tink.signature.internal.RsaSsaPkcs1ProtoSerialization; 27 import com.google.crypto.tink.subtle.Enums.HashType; 28 import java.math.BigInteger; 29 import java.security.GeneralSecurityException; 30 import java.security.KeyFactory; 31 import java.security.Security; 32 import java.security.interfaces.RSAPublicKey; 33 import java.security.spec.RSAPublicKeySpec; 34 import org.conscrypt.Conscrypt; 35 import org.junit.Assume; 36 import org.junit.Before; 37 import org.junit.Test; 38 import org.junit.runner.RunWith; 39 import org.junit.runners.JUnit4; 40 41 @RunWith(JUnit4.class) 42 public final class RsaSsaPkcs1VerifyJceFipsTest { 43 44 @Before useConscrypt()45 public void useConscrypt() throws Exception { 46 Assume.assumeTrue(TinkFips.useOnlyFips()); 47 Conscrypt.checkAvailability(); 48 Security.addProvider(Conscrypt.newProvider()); 49 } 50 51 // Test vector from https://www.rfc-editor.org/rfc/rfc7517#appendix-C.1 52 private static final BigInteger EXPONENT = new BigInteger(1, Base64.urlSafeDecode("AQAB")); 53 static final BigInteger MODULUS_2048 = 54 new BigInteger( 55 1, 56 Base64.urlSafeDecode( 57 "t6Q8PWSi1dkJj9hTP8hNYFlvadM7DflW9mWepOJhJ66w7nyoK1gPNqFMSQRy" 58 + "O125Gp-TEkodhWr0iujjHVx7BcV0llS4w5ACGgPrcAd6ZcSR0-Iqom-QFcNP" 59 + "8Sjg086MwoqQU_LYywlAGZ21WSdS_PERyGFiNnj3QQlO8Yns5jCtLCRwLHL0" 60 + "Pb1fEv45AuRIuUfVcPySBWYnDyGxvjYGDSM-AqWS9zIQ2ZilgT-GqUmipg0X" 61 + "OC0Cc20rgLe2ymLHjpHciCKVAbY5-L32-lSeZO-Os6U15_aXrk9Gw8cPUaX1" 62 + "_I8sLGuSiVdt3C_Fn2PZ3Z8i744FPFGGcG1qs2Wz-Q")); 63 64 // Test vector from Wycheproof's testvectors_v1/rsa_pkcs1_4096_test.json. 65 static final BigInteger MODULUS_4096 = 66 new BigInteger( 67 1, 68 Base64.urlSafeDecode( 69 "9gG-DczQSqQLEvPxka4XwfnIwLaOenfhS-JcPHkHyx0zpu9BjvQYUvMsmDkr" 70 + "xcmu2RwaFQHFA-q4mz7m9PjrLg_PxBvQNgnPao6zqm8PviMYezPbTTS2bRKK" 71 + "iroKKr9Au50T2OJVRWmlerHYxhuMrS3IhZmuDaU0bhXazhuse_aXN8IvCDvp" 72 + "tGu4seq1lXstp0AnXpbIcZW5b-EUUhWdr8_ZFs7l10mne8OQWl69OHrkRej-" 73 + "cPFumghmOXec7_v9QVV72Zrqajcaa0sWBhWhoSvGlY00vODIWty9g5L6EM7K" 74 + "UiCdVhlro9JzziKPHxERkqqS3ioDl5ihe87LTcYQDm-K6MJkPyrnaLIlXwgs" 75 + "l46VylUVVfEGCCMc-AA7v4B5af_x5RkUuajJuPRWRkW55dcF_60pZj9drj12" 76 + "ZStCLkPxPmwUkQkIBcLRJop0olEXdCfjOpqRF1w2cLkXRgCLzh_SMebk8q1w" 77 + "y0OspfB2AKbTHdApFSQ9_dlDoCFl2jZ6a35Nrh3S6Lg2kDCAeV0lhQdswcFd" 78 + "2ejS5eBHUmVpsb_TldlX65_eMl00LRRCbnHv3BiHUV5TzepYNJIfkoYp50ju" 79 + "0JesQCTivyVdcEEfhzc5SM-Oiqfv-isKtH1RZgkeGu3sYFaLFVvZwnvFXz7O" 80 + "Nfg9Y2281av0hToFHblNUEU")); 81 82 @Test create_accepts2048ModulusIfFipsModuleIsAvailable()83 public void create_accepts2048ModulusIfFipsModuleIsAvailable() throws Exception { 84 RsaSsaPkcs1ProtoSerialization.register(); 85 RsaSsaPkcs1Parameters parameters = 86 RsaSsaPkcs1Parameters.builder() 87 .setModulusSizeBits(2048) 88 .setPublicExponent(EXPONENT) 89 .setHashType(RsaSsaPkcs1Parameters.HashType.SHA256) 90 .setVariant(RsaSsaPkcs1Parameters.Variant.NO_PREFIX) 91 .build(); 92 RsaSsaPkcs1PublicKey publicKey = 93 RsaSsaPkcs1PublicKey.builder().setParameters(parameters).setModulus(MODULUS_2048).build(); 94 95 if (TinkFipsUtil.fipsModuleAvailable()) { 96 assertThat(RsaSsaPkcs1VerifyJce.create(publicKey)).isNotNull(); 97 } else { 98 assertThrows(GeneralSecurityException.class, () -> RsaSsaPkcs1VerifyJce.create(publicKey)); 99 } 100 } 101 102 @Test constructor_accepts2048ModulusIfFipsModuleIsAvailable()103 public void constructor_accepts2048ModulusIfFipsModuleIsAvailable() throws Exception { 104 KeyFactory keyFactory = EngineFactory.KEY_FACTORY.getInstance("RSA"); 105 RSAPublicKey publicKey = 106 (RSAPublicKey) keyFactory.generatePublic(new RSAPublicKeySpec(MODULUS_2048, EXPONENT)); 107 108 if (TinkFipsUtil.fipsModuleAvailable()) { 109 assertThat(new RsaSsaPkcs1VerifyJce(publicKey, HashType.SHA256)).isNotNull(); 110 } else { 111 assertThrows( 112 GeneralSecurityException.class, 113 () -> new RsaSsaPkcs1VerifyJce(publicKey, HashType.SHA256)); 114 } 115 } 116 117 @Test create_refusesNon2048Non3072Modulus()118 public void create_refusesNon2048Non3072Modulus() throws Exception { 119 RsaSsaPkcs1ProtoSerialization.register(); 120 RsaSsaPkcs1Parameters parameters = 121 RsaSsaPkcs1Parameters.builder() 122 .setModulusSizeBits(4096) 123 .setPublicExponent(EXPONENT) 124 .setHashType(RsaSsaPkcs1Parameters.HashType.SHA256) 125 .setVariant(RsaSsaPkcs1Parameters.Variant.NO_PREFIX) 126 .build(); 127 RsaSsaPkcs1PublicKey publicKey = 128 RsaSsaPkcs1PublicKey.builder().setParameters(parameters).setModulus(MODULUS_4096).build(); 129 130 assertThrows(GeneralSecurityException.class, () -> RsaSsaPkcs1VerifyJce.create(publicKey)); 131 } 132 133 @Test constructor_refusesNon2048Non3072Modulus()134 public void constructor_refusesNon2048Non3072Modulus() throws Exception { 135 KeyFactory keyFactory = EngineFactory.KEY_FACTORY.getInstance("RSA"); 136 RSAPublicKey publicKey = 137 (RSAPublicKey) keyFactory.generatePublic(new RSAPublicKeySpec(MODULUS_4096, EXPONENT)); 138 139 assertThrows( 140 GeneralSecurityException.class, () -> new RsaSsaPkcs1VerifyJce(publicKey, HashType.SHA256)); 141 } 142 } 143