fact = KeyFactory.getInstance("RSA", "BC");
PrivateKey privKey = fact.generatePrivate(privKeySpec);
PublicKey pubKey = fact.generatePublic(pubKeySpec);
PrivateKey priv2048Key = fact.generatePrivate(priv2048KeySpec);
PublicKey pub2048Key = fact.generatePublic(pub2048KeySpec);
//
// No Padding
//
Cipher c = Cipher.getInstance("RSA", "BC");
c.init(Cipher.ENCRYPT_MODE, pubKey, rand);
byte[] out = c.doFinal(input);
if (!areEqual(out, output[0]))
{
fail("NoPadding test failed on encrypt expected " + new String(Hex.encode(output[0])) + " got " + new String(Hex.encode(out)));
}
c.init(Cipher.DECRYPT_MODE, privKey);
out = c.doFinal(out);
if (!areEqual(out, input))
{
fail("NoPadding test failed on decrypt expected " + new String(Hex.encode(input)) + " got " + new String(Hex.encode(out)));
}
//
// No Padding - incremental
//
c = Cipher.getInstance("RSA", "BC");
c.init(Cipher.ENCRYPT_MODE, pubKey, rand);
c.update(input);
out = c.doFinal();
if (!areEqual(out, output[0]))
{
fail("NoPadding test failed on encrypt expected " + new String(Hex.encode(output[0])) + " got " + new String(Hex.encode(out)));
}
c.init(Cipher.DECRYPT_MODE, privKey);
out = c.doFinal(out);
if (!areEqual(out, input))
{
fail("NoPadding test failed on decrypt expected " + new String(Hex.encode(input)) + " got " + new String(Hex.encode(out)));
}
//
// No Padding - incremental - explicit use of NONE in mode.
//
c = Cipher.getInstance("RSA/NONE/NoPadding", "BC");
c.init(Cipher.ENCRYPT_MODE, pubKey, rand);
c.update(input);
out = c.doFinal();
if (!areEqual(out, output[0]))
{
fail("NoPadding test failed on encrypt expected " + new String(Hex.encode(output[0])) + " got " + new String(Hex.encode(out)));
}
c.init(Cipher.DECRYPT_MODE, privKey);
out = c.doFinal(out);
if (!areEqual(out, input))
{
fail("NoPadding test failed on decrypt expected " + new String(Hex.encode(input)) + " got " + new String(Hex.encode(out)));
}
//
// No Padding - maximum length
//
c = Cipher.getInstance("RSA", "BC");
byte[] modBytes = ((RSAPublicKey)pubKey).getModulus().toByteArray();
byte[] maxInput = new byte[modBytes.length - 1];
maxInput[0] |= 0x7f;
c.init(Cipher.ENCRYPT_MODE, pubKey, rand);
out = c.doFinal(maxInput);
c.init(Cipher.DECRYPT_MODE, privKey);
out = c.doFinal(out);
if (!areEqual(out, maxInput))
{
fail("NoPadding test failed on decrypt expected " + new String(Hex.encode(maxInput)) + " got " + new String(Hex.encode(out)));
}
//
// PKCS1 V 1.5
//
c = Cipher.getInstance("RSA/ECB/PKCS1Padding", "BC");
c.init(Cipher.ENCRYPT_MODE, pubKey, rand);
out = c.doFinal(input);
if (!areEqual(out, output[1]))
{
fail("PKCS1 test failed on encrypt expected " + new String(Hex.encode(output[1])) + " got " + new String(Hex.encode(out)));
}
c.init(Cipher.DECRYPT_MODE, privKey);
out = c.doFinal(out);
if (!areEqual(out, input))
{
fail("PKCS1 test failed on decrypt expected " + new String(Hex.encode(input)) + " got " + new String(Hex.encode(out)));
}
//
// PKCS1 V 1.5 - NONE
//
c = Cipher.getInstance("RSA/NONE/PKCS1Padding", "BC");
c.init(Cipher.ENCRYPT_MODE, pubKey, rand);
out = c.doFinal(input);
if (!areEqual(out, output[1]))
{
fail("PKCS1 test failed on encrypt expected " + new String(Hex.encode(output[1])) + " got " + new String(Hex.encode(out)));
}
c.init(Cipher.DECRYPT_MODE, privKey);
out = c.doFinal(out);
if (!areEqual(out, input))
{
fail("PKCS1 test failed on decrypt expected " + new String(Hex.encode(input)) + " got " + new String(Hex.encode(out)));
}
//
// OAEP - SHA1
//
c = Cipher.getInstance("RSA/NONE/OAEPPadding", "BC");
c.init(Cipher.ENCRYPT_MODE, pubKey, rand);
out = c.doFinal(input);
if (!areEqual(out, output[2]))
{
fail("OAEP test failed on encrypt expected " + new String(Hex.encode(output[2])) + " got " + new String(Hex.encode(out)));
}
c = Cipher.getInstance("RSA/NONE/OAEPWithSHA1AndMGF1Padding", "BC");
c.init(Cipher.DECRYPT_MODE, privKey);
out = c.doFinal(out);
if (!areEqual(out, input))
{
fail("OAEP test failed on decrypt expected " + new String(Hex.encode(input)) + " got " + new String(Hex.encode(out)));
}
AlgorithmParameters oaepP = c.getParameters();
if (!areEqual(oaepP.getEncoded(),
new RSAESOAEPparams(
new AlgorithmIdentifier(OIWObjectIdentifiers.idSHA1, DERNull.INSTANCE),
new AlgorithmIdentifier(PKCSObjectIdentifiers.id_mgf1, new AlgorithmIdentifier(OIWObjectIdentifiers.idSHA1, DERNull.INSTANCE)),
new AlgorithmIdentifier(PKCSObjectIdentifiers.id_pSpecified, new DEROctetString(new byte[0]))).getEncoded()))
{
fail("OAEP test failed default sha-1 parameters");
}
//
// OAEP - SHA224
//
c = Cipher.getInstance("RSA/NONE/OAEPWithSHA224AndMGF1Padding", "BC");
c.init(Cipher.ENCRYPT_MODE, pub2048Key, rand);
out = c.doFinal(input);
if (!areEqual(out, output[3]))
{
fail("OAEP SHA-224 test failed on encrypt expected " + new String(Hex.encode(output[2])) + " got " + new String(Hex.encode(out)));
}
c.init(Cipher.DECRYPT_MODE, priv2048Key);
out = c.doFinal(out);
if (!areEqual(out, input))
{
fail("OAEP SHA-224 test failed on decrypt expected " + new String(Hex.encode(input)) + " got " + new String(Hex.encode(out)));
}
oaepP = c.getParameters();
if (!areEqual(oaepP.getEncoded(),
new RSAESOAEPparams(
new AlgorithmIdentifier(NISTObjectIdentifiers.id_sha224, DERNull.INSTANCE),
new AlgorithmIdentifier(PKCSObjectIdentifiers.id_mgf1, new AlgorithmIdentifier(NISTObjectIdentifiers.id_sha224, DERNull.INSTANCE)),
new AlgorithmIdentifier(PKCSObjectIdentifiers.id_pSpecified, new DEROctetString(new byte[0]))).getEncoded()))
{
fail("OAEP test failed default sha-224 parameters");
}
//
// OAEP - SHA 256
//
c = Cipher.getInstance("RSA/NONE/OAEPWithSHA256AndMGF1Padding", "BC");
c.init(Cipher.ENCRYPT_MODE, pub2048Key, rand);
out = c.doFinal(input);
if (!areEqual(out, output[4]))
{
fail("OAEP SHA-256 test failed on encrypt expected " + new String(Hex.encode(output[2])) + " got " + new String(Hex.encode(out)));
}
c.init(Cipher.DECRYPT_MODE, priv2048Key);
out = c.doFinal(out);
if (!areEqual(out, input))
{
fail("OAEP SHA-256 test failed on decrypt expected " + new String(Hex.encode(input)) + " got " + new String(Hex.encode(out)));
}
oaepP = c.getParameters();
if (!areEqual(oaepP.getEncoded(),
new RSAESOAEPparams(
new AlgorithmIdentifier(NISTObjectIdentifiers.id_sha256, DERNull.INSTANCE),
new AlgorithmIdentifier(PKCSObjectIdentifiers.id_mgf1, new AlgorithmIdentifier(NISTObjectIdentifiers.id_sha256, DERNull.INSTANCE)),
new AlgorithmIdentifier(PKCSObjectIdentifiers.id_pSpecified, new DEROctetString(new byte[0]))).getEncoded()))
{
fail("OAEP test failed default sha-256 parameters");
}
//
// OAEP - SHA 384
//
c = Cipher.getInstance("RSA/NONE/OAEPWithSHA384AndMGF1Padding", "BC");
c.init(Cipher.ENCRYPT_MODE, pub2048Key, rand);
out = c.doFinal(input);
if (!areEqual(out, output[5]))
{
fail("OAEP SHA-384 test failed on encrypt expected " + new String(Hex.encode(output[2])) + " got " + new String(Hex.encode(out)));
}
c.init(Cipher.DECRYPT_MODE, priv2048Key);
out = c.doFinal(out);
if (!areEqual(out, input))
{
fail("OAEP SHA-384 test failed on decrypt expected " + new String(Hex.encode(input)) + " got " + new String(Hex.encode(out)));
}
oaepP = c.getParameters();
if (!areEqual(oaepP.getEncoded(),
new RSAESOAEPparams(
new AlgorithmIdentifier(NISTObjectIdentifiers.id_sha384, DERNull.INSTANCE),
new AlgorithmIdentifier(PKCSObjectIdentifiers.id_mgf1, new AlgorithmIdentifier(NISTObjectIdentifiers.id_sha384, DERNull.INSTANCE)),
new AlgorithmIdentifier(PKCSObjectIdentifiers.id_pSpecified, new DEROctetString(new byte[0]))).getEncoded()))
{
fail("OAEP test failed default sha-384 parameters");
}
//
// OAEP - MD5
//
c = Cipher.getInstance("RSA/NONE/OAEPWithMD5AndMGF1Padding", "BC");
c.init(Cipher.ENCRYPT_MODE, pubKey, rand);
out = c.doFinal(input);
if (!areEqual(out, output[6]))
{
fail("OAEP MD5 test failed on encrypt expected " + new String(Hex.encode(output[2])) + " got " + new String(Hex.encode(out)));
}
c.init(Cipher.DECRYPT_MODE, privKey);
out = c.doFinal(out);
if (!areEqual(out, input))
{
fail("OAEP MD5 test failed on decrypt expected " + new String(Hex.encode(input)) + " got " + new String(Hex.encode(out)));
}
oaepP = c.getParameters();
if (!areEqual(oaepP.getEncoded(),
new RSAESOAEPparams(
new AlgorithmIdentifier(PKCSObjectIdentifiers.md5, DERNull.INSTANCE),
new AlgorithmIdentifier(PKCSObjectIdentifiers.id_mgf1, new AlgorithmIdentifier(PKCSObjectIdentifiers.md5, DERNull.INSTANCE)),
new AlgorithmIdentifier(PKCSObjectIdentifiers.id_pSpecified, new DEROctetString(new byte[0]))).getEncoded()))
{
fail("OAEP test failed default md5 parameters");
}
//
// OAEP - SHA1 with default parameters
//
c = Cipher.getInstance("RSA/NONE/OAEPPadding", "BC");
c.init(Cipher.ENCRYPT_MODE, pubKey, OAEPParameterSpec.DEFAULT, rand);
out = c.doFinal(input);
if (!areEqual(out, output[2]))
{
fail("OAEP test failed on encrypt expected " + new String(Hex.encode(output[2])) + " got " + new String(Hex.encode(out)));
}
c = Cipher.getInstance("RSA/NONE/OAEPWithSHA1AndMGF1Padding", "BC");
c.init(Cipher.DECRYPT_MODE, privKey);
out = c.doFinal(out);
if (!areEqual(out, input))
{
fail("OAEP test failed on decrypt expected " + new String(Hex.encode(input)) + " got " + new String(Hex.encode(out)));
}
oaepP = c.getParameters();
if (!areEqual(oaepP.getEncoded(), new byte[] { 0x30, 0x00 }))
{
fail("OAEP test failed default parameters");
}
//
// OAEP - SHA1 with specified string
//
c = Cipher.getInstance("RSA/NONE/OAEPPadding", "BC");
c.init(Cipher.ENCRYPT_MODE, pubKey, new OAEPParameterSpec("SHA1", "MGF1", new MGF1ParameterSpec("SHA1"), new PSource.PSpecified(new byte[] { 1, 2, 3, 4, 5 })), rand);
out = c.doFinal(input);
oaepP = c.getParameters();
if (!areEqual(oaepP.getEncoded(),
new RSAESOAEPparams(
new AlgorithmIdentifier(OIWObjectIdentifiers.idSHA1, DERNull.INSTANCE),
new AlgorithmIdentifier(PKCSObjectIdentifiers.id_mgf1, new AlgorithmIdentifier(OIWObjectIdentifiers.idSHA1, DERNull.INSTANCE)),
new AlgorithmIdentifier(PKCSObjectIdentifiers.id_pSpecified, new DEROctetString(new byte[] { 1, 2, 3, 4, 5 }))).getEncoded()))
{
fail("OAEP test failed changed sha-1 parameters");
}
if (!areEqual(out, output[7]))
{
fail("OAEP test failed on encrypt expected " + new String(Hex.encode(output[2])) + " got " + new String(Hex.encode(out)));
}
c = Cipher.getInstance("RSA/NONE/OAEPWithSHA1AndMGF1Padding", "BC");
c.init(Cipher.DECRYPT_MODE, privKey, oaepP);
out = c.doFinal(out);
if (!areEqual(out, input))
{
fail("OAEP test failed on decrypt expected " + new String(Hex.encode(input)) + " got " + new String(Hex.encode(out)));
}
//
// ISO9796-1
//
byte[] isoInput = Hex.decode("fedcba9876543210fedcba9876543210fedcba9876543210fedcba9876543210");
PrivateKey isoPrivKey = fact.generatePrivate(isoPrivKeySpec);
PublicKey isoPubKey = fact.generatePublic(isoPubKeySpec);
c = Cipher.getInstance("RSA/NONE/ISO9796-1Padding", "BC");
c.init(Cipher.ENCRYPT_MODE, isoPrivKey);