changeset 8544:399ff208e0a8

8050374: More Signature tests Reviewed-by: valeriep
author asmotrak
date Wed, 22 Nov 2017 18:18:48 +0000
parents ad1110cfba4a
children 7b3d199dbe40
files test/java/security/Signature/Offsets.java test/java/security/SignedObject/Chain.java test/java/security/SignedObject/Copy.java test/lib/testlibrary/jdk/testlibrary/RandomFactory.java test/sun/security/ec/SignatureOffsets.java test/sun/security/ec/SignedObjectChain.java test/sun/security/mscapi/SignatureOffsets.java test/sun/security/mscapi/SignedObjectChain.java test/sun/security/rsa/SignatureOffsets.java test/sun/security/rsa/SignedObjectChain.java test/sun/security/ssl/rsa/SignatureOffsets.java test/sun/security/ssl/rsa/SignedObjectChain.java
diffstat 12 files changed, 1119 insertions(+), 0 deletions(-) [+]
line wrap: on
line diff
--- /dev/null	Thu Jan 01 00:00:00 1970 +0000
+++ b/test/java/security/Signature/Offsets.java	Wed Nov 22 18:18:48 2017 +0000
@@ -0,0 +1,251 @@
+/*
+ * Copyright (c) 2015, Oracle and/or its affiliates. All rights reserved.
+ * DO NOT ALTER OR REMOVE COPYRIGHT NOTICES OR THIS FILE HEADER.
+ *
+ * This code is free software; you can redistribute it and/or modify it
+ * under the terms of the GNU General Public License version 2 only, as
+ * published by the Free Software Foundation.
+ *
+ * This code is distributed in the hope that it will be useful, but WITHOUT
+ * ANY WARRANTY; without even the implied warranty of MERCHANTABILITY or
+ * FITNESS FOR A PARTICULAR PURPOSE.  See the GNU General Public License
+ * version 2 for more details (a copy is included in the LICENSE file that
+ * accompanied this code).
+ *
+ * You should have received a copy of the GNU General Public License version
+ * 2 along with this work; if not, write to the Free Software Foundation,
+ * Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA.
+ *
+ * Please contact Oracle, 500 Oracle Parkway, Redwood Shores, CA 94065 USA
+ * or visit www.oracle.com if you need additional information or have any
+ * questions.
+ */
+
+import java.security.InvalidKeyException;
+import java.security.KeyPair;
+import java.security.KeyPairGenerator;
+import java.security.NoSuchAlgorithmException;
+import java.security.NoSuchProviderException;
+import java.security.PrivateKey;
+import java.security.PublicKey;
+import java.security.Signature;
+import java.security.SignatureException;
+import jdk.testlibrary.RandomFactory;
+
+/*
+ * @test
+ * @bug 8050374
+ * @key randomness
+ * @summary This test validates signature verification
+ *          Signature.verify(byte[], int, int). The test uses RandomFactory to
+ *          get random set of clear text data to sign. After the signature
+ *          generation, the test tries to verify signature with the above API
+ *          and passing in different signature offset (0, 33, 66, 99).
+ * @library /lib/testlibrary
+ * @run main Offsets SUN NONEwithDSA
+ * @run main Offsets SUN SHA1withDSA
+ * @run main Offsets SUN SHA224withDSA
+ * @run main Offsets SUN SHA256withDSA
+ */
+public class Offsets {
+
+    private final int size;
+    private final byte[] cleartext;
+    private final PublicKey pubkey;
+    private final Signature signature;
+    private final byte[] signed;
+
+    private Offsets(Signature signature, PublicKey pubkey, PrivateKey privkey,
+            int size, byte[] cleartext) throws InvalidKeyException,
+                SignatureException {
+        this.pubkey = pubkey;
+        this.signature = signature;
+        this.size = size;
+        this.cleartext = cleartext;
+
+        signature.initSign(privkey);
+        signature.update(cleartext, 0, size);
+        signed = signature.sign();
+    }
+
+    int getDataSize() {
+        return size;
+    }
+
+    int getSignatureLength() {
+        return signed.length;
+    }
+
+    byte[] shiftSignData(int offset) {
+        byte[] testSignData = new byte[offset + signed.length];
+        System.arraycopy(signed, 0, testSignData, offset,
+                signed.length);
+        return testSignData;
+    }
+
+    boolean verifySignature(byte[] sigData, int sigOffset, int sigLength,
+            int updateOffset, int updateLength)
+                throws InvalidKeyException, SignatureException {
+        signature.initVerify(pubkey);
+        signature.update(cleartext, updateOffset, updateLength);
+        return signature.verify(sigData, sigOffset, sigLength);
+    }
+
+    static Offsets init(String provider, String algorithm)
+            throws NoSuchAlgorithmException, NoSuchProviderException,
+            InvalidKeyException, SignatureException {
+        // fill the cleartext data with random bytes
+        byte[] cleartext = new byte[100];
+        RandomFactory.getRandom().nextBytes(cleartext);
+
+        // NONEwith requires input to be of 20 bytes
+        int size = algorithm.contains("NONEwith") ? 20 : 100;
+
+        // create signature instance
+        Signature signature = Signature.getInstance(algorithm, provider);
+
+        String keyAlgo;
+        if (algorithm.contains("RSA")) {
+            keyAlgo = "RSA";
+        } else if (algorithm.contains("ECDSA")) {
+            keyAlgo = "EC";
+        } else if (algorithm.contains("DSA")) {
+            keyAlgo = "DSA";
+        } else {
+            throw new RuntimeException("Test doesn't support this signature "
+                    + "algorithm: " + algorithm);
+        }
+
+        KeyPairGenerator kpg = KeyPairGenerator.getInstance(keyAlgo, provider);
+        KeyPair kp = kpg.generateKeyPair();
+        PublicKey pubkey = kp.getPublic();
+        PrivateKey privkey = kp.getPrivate();
+
+        return new Offsets(signature, pubkey, privkey, size, cleartext);
+    }
+
+    public static void main(String[] args) throws NoSuchAlgorithmException,
+            InvalidKeyException, SignatureException {
+        if (args.length < 2) {
+            throw new RuntimeException("Wrong parameters");
+        }
+
+        boolean result = true;
+        try {
+            Offsets test = init(args[0], args[1]);
+
+            // We are trying 3 different offsets, data size has nothing to do
+            // with signature length
+            for (int chunk = 3; chunk > 0; chunk--) {
+                int signOffset = test.getDataSize() / chunk;
+
+                System.out.println("Running test with offset " + signOffset);
+                byte[] signData = test.shiftSignData(signOffset);
+
+                boolean success = test.verifySignature(signData, signOffset,
+                        test.getSignatureLength(), 0, test.getDataSize());
+
+                if (success) {
+                    System.out.println("Successfully verified with offset "
+                            + signOffset);
+                } else {
+                    System.out.println("Verification failed with offset "
+                            + signOffset);
+                    result = false;
+                }
+            }
+
+            // save signature to offset 0
+            byte[] signData = test.shiftSignData(0);
+
+            // Negative tests
+
+            // Test signature offset 0.
+            // Wrong test data will be passed to update,
+            // so signature verification should fail.
+            for (int chunk = 3; chunk > 0; chunk--) {
+                int dataOffset = (test.getDataSize() - 1) / chunk;
+                boolean success;
+                try {
+                    success = test.verifySignature(signData, 0,
+                            test.getSignatureLength(), dataOffset,
+                            (test.getDataSize() - dataOffset));
+                } catch (SignatureException e) {
+                    // Since we are trying different data size, it can throw
+                    // SignatureException
+                    success = false;
+                }
+
+                if (!success) {
+                    System.out.println("Signature verification failed "
+                            + "as expected, with data offset " + dataOffset
+                            + " and length "
+                            + (test.getDataSize() - dataOffset));
+                } else {
+                    System.out.println("Signature verification "
+                            + "should not succeed, with data offset "
+                            + dataOffset + " and length "
+                            + (test.getDataSize() - dataOffset));
+                    result = false;
+                }
+            }
+
+            // Tests with manipulating offset and length
+            result &= Offsets.checkFailure(test, signData, -1,
+                    test.getSignatureLength());
+
+            result &= Offsets.checkFailure(test, signData, 0,
+                    test.getSignatureLength() - 1);
+
+            result &= Offsets.checkFailure(test, signData,
+                    test.getSignatureLength() + 1, test.getSignatureLength());
+
+            result &= Offsets.checkFailure(test, signData, 0,
+                    test.getSignatureLength() + 1);
+
+            result &= Offsets.checkFailure(test, signData, 0, 0);
+
+            result &= Offsets.checkFailure(test, signData, 0, -1);
+
+            result &= Offsets.checkFailure(test, signData,
+                    2147483646, test.getSignatureLength());
+
+            result &= Offsets.checkFailure(test, null, 0,
+                    test.getSignatureLength());
+        } catch (NoSuchProviderException nspe) {
+            System.out.println("No such provider: " + nspe);
+        }
+
+        if (!result) {
+            throw new RuntimeException("Some test cases failed");
+        }
+    }
+
+    static boolean checkFailure(Offsets test, byte[] signData, int offset,
+            int length) {
+        boolean success;
+        try {
+            success = test.verifySignature(signData, offset, length, 0,
+                    test.getDataSize());
+        } catch (IllegalArgumentException | SignatureException e) {
+            System.out.println("Expected exception: " + e);
+            success = false;
+        } catch (InvalidKeyException e) {
+            System.out.println("Unexpected exception: " + e);
+            return false;
+        }
+
+        if (!success) {
+            System.out.println("Signature verification failed as expected, "
+                    + "with signature offset " + offset + " and length "
+                    + length);
+            return true;
+        } else {
+            System.out.println("Signature verification should not succeed, "
+                    + "with signature offset " + offset + " and length "
+                    + length);
+            return false;
+        }
+    }
+
+}
--- /dev/null	Thu Jan 01 00:00:00 1970 +0000
+++ b/test/java/security/SignedObject/Chain.java	Wed Nov 22 18:18:48 2017 +0000
@@ -0,0 +1,224 @@
+/*
+ * Copyright (c) 2015, Oracle and/or its affiliates. All rights reserved.
+ * DO NOT ALTER OR REMOVE COPYRIGHT NOTICES OR THIS FILE HEADER.
+ *
+ * This code is free software; you can redistribute it and/or modify it
+ * under the terms of the GNU General Public License version 2 only, as
+ * published by the Free Software Foundation.
+ *
+ * This code is distributed in the hope that it will be useful, but WITHOUT
+ * ANY WARRANTY; without even the implied warranty of MERCHANTABILITY or
+ * FITNESS FOR A PARTICULAR PURPOSE.  See the GNU General Public License
+ * version 2 for more details (a copy is included in the LICENSE file that
+ * accompanied this code).
+ *
+ * You should have received a copy of the GNU General Public License version
+ * 2 along with this work; if not, write to the Free Software Foundation,
+ * Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA.
+ *
+ * Please contact Oracle, 500 Oracle Parkway, Redwood Shores, CA 94065 USA
+ * or visit www.oracle.com if you need additional information or have any
+ * questions.
+ */
+
+import java.security.Signature;
+import java.security.SignedObject;
+import java.security.KeyPairGenerator;
+import java.security.KeyPair;
+import java.security.NoSuchProviderException;
+import java.security.PrivateKey;
+import java.security.PublicKey;
+import java.util.Arrays;
+
+/*
+ * @test
+ * @bug 8050374
+ * @summary Verify a chain of signed objects
+ */
+public class Chain {
+
+    static enum KeyAlg {
+        RSA("RSA"),
+        DSA("DSA"),
+        EC("EC");
+
+        final String name;
+
+        KeyAlg(String alg) {
+            this.name = alg;
+        }
+    }
+
+    static enum Provider {
+        Default("default"),
+        SunRsaSign("SunRsaSign"),
+        Sun("SUN"),
+        SunEC("SunEC"),
+        SunJSSE("SunJSSE"),
+        SunMSCAPI("SunMSCAPI");
+
+        final String name;
+
+        Provider(String name) {
+            this.name = name;
+        }
+    }
+
+    static enum SigAlg {
+        MD2withRSA("MD2withRSA"),
+        MD5withRSA("md5withRSA"),
+
+        SHA1withDSA("SHA1withDSA"),
+        SHA224withDSA("SHA224withDSA"),
+        SHA256withDSA("SHA256withDSA"),
+
+        SHA1withRSA("Sha1withrSA"),
+        SHA224withRSA("SHA224withRSA"),
+        SHA256withRSA("SHA256withRSA"),
+        SHA384withRSA("SHA384withRSA"),
+        SHA512withRSA("SHA512withRSA"),
+
+        SHA1withECDSA("SHA1withECDSA"),
+        SHA256withECDSA("SHA256withECDSA"),
+        SHA224withECDSA("SHA224withECDSA"),
+        SHA384withECDSA("SHA384withECDSA"),
+        SHA512withECDSA("SHA512withECDSA"),
+
+        MD5andSHA1withRSA("MD5andSHA1withRSA");
+
+        final String name;
+
+        SigAlg(String name) {
+            this.name = name;
+        }
+    }
+
+    static class Test {
+        final Provider provider;
+        final KeyAlg keyAlg;
+        final SigAlg sigAlg;
+
+        Test(SigAlg sigAlg, KeyAlg keyAlg, Provider privider) {
+            this.provider = privider;
+            this.keyAlg = keyAlg;
+            this.sigAlg = sigAlg;
+        }
+    }
+
+    private static final Test[] tests = {
+        new Test(SigAlg.SHA1withDSA, KeyAlg.DSA, Provider.Default),
+        new Test(SigAlg.MD2withRSA, KeyAlg.RSA, Provider.Default),
+        new Test(SigAlg.MD5withRSA, KeyAlg.RSA, Provider.Default),
+        new Test(SigAlg.SHA1withRSA, KeyAlg.RSA, Provider.Default),
+        new Test(SigAlg.SHA1withDSA, KeyAlg.DSA, Provider.Sun),
+        new Test(SigAlg.SHA224withDSA, KeyAlg.DSA, Provider.Sun),
+        new Test(SigAlg.SHA256withDSA, KeyAlg.DSA, Provider.Sun),
+    };
+
+    private static final String str = "to-be-signed";
+    private static final int N = 3;
+
+    public static void main(String argv[]) {
+        boolean result = allMatch(tests);
+        if(result) {
+            System.out.println("All tests passed");
+        } else {
+            throw new RuntimeException("Some tests failed");
+        }
+    }
+
+    static boolean allMatch(Test[] testsToCheck) {
+        for (Test test : testsToCheck) {
+            if (!runTest(test)) {
+                return false;
+            }
+        }
+        return true;
+    }
+
+    static boolean runTest(Test test) {
+        System.out.format("Test: provider = %s, signature algorithm = %s, "
+                + "key algorithm = %s\n",
+                test.provider, test.sigAlg, test.keyAlg);
+        try {
+            // Generate all private/public key pairs
+            PrivateKey[] privKeys = new PrivateKey[N];
+            PublicKey[] pubKeys = new PublicKey[N];
+            PublicKey[] anotherPubKeys = new PublicKey[N];
+            KeyPairGenerator kpg = KeyPairGenerator.getInstance(
+                    test.keyAlg.name);
+            for (int j=0; j < N; j++) {
+                KeyPair kp = kpg.genKeyPair();
+                KeyPair anotherKp = kpg.genKeyPair();
+                privKeys[j] = kp.getPrivate();
+                pubKeys[j] = kp.getPublic();
+                anotherPubKeys[j] = anotherKp.getPublic();
+
+                if (Arrays.equals(pubKeys[j].getEncoded(),
+                        anotherPubKeys[j].getEncoded())) {
+                    System.out.println("Failed: it should not get "
+                            + "the same pair of public key");
+                    return false;
+                }
+            }
+
+            Signature signature;
+            if (test.provider != Provider.Default) {
+                signature = Signature.getInstance(test.sigAlg.name,
+                        test.provider.name);
+            } else {
+                signature = Signature.getInstance(test.sigAlg.name);
+            }
+
+            // Create a chain of signed objects
+            SignedObject[] objects = new SignedObject[N];
+            objects[0] = new SignedObject(str, privKeys[0], signature);
+            for (int j = 1; j < N; j++) {
+                objects[j] = new SignedObject(objects[j - 1], privKeys[j],
+                        signature);
+            }
+
+            // Verify the chain
+            int n = objects.length - 1;
+            SignedObject object = objects[n];
+            do {
+                if (!object.verify(pubKeys[n], signature)) {
+                    System.out.println("Failed: verification failed, n = " + n);
+                    return false;
+                }
+
+                if (object.verify(anotherPubKeys[n], signature)) {
+                    System.out.println("Failed: verification should not "
+                            + "succeed with wrong public key, n = " + n);
+                    return false;
+                }
+
+                object = (SignedObject) object.getObject();
+                n--;
+            } while (n > 0);
+
+            System.out.println("signed data: " + object.getObject());
+            if (!str.equals(object.getObject())) {
+                System.out.println("Failed: signed data is not equal to "
+                        + "original one");
+                return false;
+            }
+
+            System.out.println("Test passed");
+            return true;
+        } catch (NoSuchProviderException nspe) {
+            if (test.provider == Provider.SunMSCAPI
+                    && !System.getProperty("os.name").startsWith("Windows")) {
+                System.out.println("SunMSCAPI is available only on Windows: "
+                        + nspe);
+                return true;
+            }
+            System.out.println("Unexpected exception: " + nspe);
+            return false;
+        } catch (Exception e) {
+            System.out.println("Unexpected exception: " + e);
+            e.printStackTrace(System.out);
+            return false;
+        }
+    }
+}
--- /dev/null	Thu Jan 01 00:00:00 1970 +0000
+++ b/test/java/security/SignedObject/Copy.java	Wed Nov 22 18:18:48 2017 +0000
@@ -0,0 +1,121 @@
+/*
+ * Copyright (c) 2015, Oracle and/or its affiliates. All rights reserved.
+ * DO NOT ALTER OR REMOVE COPYRIGHT NOTICES OR THIS FILE HEADER.
+ *
+ * This code is free software; you can redistribute it and/or modify it
+ * under the terms of the GNU General Public License version 2 only, as
+ * published by the Free Software Foundation.
+ *
+ * This code is distributed in the hope that it will be useful, but WITHOUT
+ * ANY WARRANTY; without even the implied warranty of MERCHANTABILITY or
+ * FITNESS FOR A PARTICULAR PURPOSE.  See the GNU General Public License
+ * version 2 for more details (a copy is included in the LICENSE file that
+ * accompanied this code).
+ *
+ * You should have received a copy of the GNU General Public License version
+ * 2 along with this work; if not, write to the Free Software Foundation,
+ * Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA.
+ *
+ * Please contact Oracle, 500 Oracle Parkway, Redwood Shores, CA 94065 USA
+ * or visit www.oracle.com if you need additional information or have any
+ * questions.
+ */
+
+import java.io.Serializable;
+import java.security.KeyPair;
+import java.security.KeyPairGenerator;
+import java.security.Signature;
+import java.security.SignedObject;
+
+/*
+ * @test
+ * @bug 8050374
+ * @summary Checks if a signed object is a copy of an original object
+ */
+public class Copy {
+
+    private static final String DSA = "DSA";
+    private static final int KEY_SIZE = 512;
+    private static final int MAGIC = 123;
+
+    public static void main(String args[]) throws Exception {
+        KeyPairGenerator kg = KeyPairGenerator.getInstance(DSA);
+        kg.initialize(KEY_SIZE);
+        KeyPair kp = kg.genKeyPair();
+
+        Signature signature = Signature.getInstance(DSA);
+        Test original = new Test();
+        SignedObject so = new SignedObject(original, kp.getPrivate(),
+                signature);
+        System.out.println("Signature algorithm: " + so.getAlgorithm());
+
+        signature = Signature.getInstance(DSA, "SUN");
+        if (!so.verify(kp.getPublic(), signature)) {
+            throw new RuntimeException("Verification failed");
+        }
+
+        kg = KeyPairGenerator.getInstance(DSA);
+        kg.initialize(KEY_SIZE);
+        kp = kg.genKeyPair();
+
+        if (so.verify(kp.getPublic(), signature)) {
+            throw new RuntimeException("Unexpected success");
+        }
+
+        Object copy = so.getObject();
+        if (!original.equals(copy)) {
+            throw new RuntimeException("Signed object is not equal "
+                    + "to original one: " + copy);
+        }
+
+        /*
+         * The signed object is a copy of an original one.
+         * Once the copy is made, further manipulation
+         * of the original object shouldn't has any effect on the copy.
+         */
+        original.set(MAGIC - 1);
+        copy = so.getObject();
+        if (original.equals(copy)) {
+            throw new RuntimeException("Signed object is not a copy "
+                    + "of original one: " + copy);
+        }
+
+        System.out.println("Test passed");
+    }
+
+    private static class Test implements Serializable {
+        private int number = MAGIC;
+
+        public int get() {
+            return number;
+        }
+
+        public void set(int magic) {
+            this.number = magic;
+        }
+
+        @Override
+        public int hashCode() {
+            return number;
+        }
+
+        @Override
+        public boolean equals(Object obj) {
+            if (obj == null) {
+                return false;
+            }
+
+            if (!(obj instanceof Test)) {
+                return false;
+            }
+
+            Test other = (Test) obj;
+            return number == other.number;
+        }
+
+        @Override
+        public String toString() {
+            return "" + number;
+        }
+    }
+}
--- /dev/null	Thu Jan 01 00:00:00 1970 +0000
+++ b/test/lib/testlibrary/jdk/testlibrary/RandomFactory.java	Wed Nov 22 18:18:48 2017 +0000
@@ -0,0 +1,90 @@
+/*
+ * Copyright (c) 2015, Oracle and/or its affiliates. All rights reserved.
+ * DO NOT ALTER OR REMOVE COPYRIGHT NOTICES OR THIS FILE HEADER.
+ *
+ * This code is free software; you can redistribute it and/or modify it
+ * under the terms of the GNU General Public License version 2 only, as
+ * published by the Free Software Foundation.
+ *
+ * This code is distributed in the hope that it will be useful, but WITHOUT
+ * ANY WARRANTY; without even the implied warranty of MERCHANTABILITY or
+ * FITNESS FOR A PARTICULAR PURPOSE.  See the GNU General Public License
+ * version 2 for more details (a copy is included in the LICENSE file that
+ * accompanied this code).
+ *
+ * You should have received a copy of the GNU General Public License version
+ * 2 along with this work; if not, write to the Free Software Foundation,
+ * Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA.
+ *
+ * Please contact Oracle, 500 Oracle Parkway, Redwood Shores, CA 94065 USA
+ * or visit www.oracle.com if you need additional information or have any
+ * questions.
+ */
+
+package jdk.testlibrary;
+
+import java.util.Random;
+
+/**
+ * Factory class which generates and prints to STDOUT a long-valued seed
+ * for use in initializing a PRNG.  An instance of {@code Random} or
+ * {@code SplittableRandom} may likewise be obtained.
+ */
+public class RandomFactory {
+    /**
+     * Attempt to obtain the seed from the value of the "seed" property.
+     * @return The seed or {@code null} if the "seed" property was not set or
+     *         could not be parsed.
+     */
+    private static Long getSystemSeed() {
+        Long seed = null;
+        try {
+            // note that Long.valueOf(null) also throws a
+            // NumberFormatException so if the property is undefined this
+            // will still work correctly
+            seed = Long.valueOf(System.getProperty("seed"));
+        } catch (NumberFormatException e) {
+            // do nothing: seed is still null
+        }
+
+        return seed;
+    }
+
+    /**
+     * Obtain a seed from an independent PRNG.
+     *
+     * @return A random seed.
+     */
+    private static long getRandomSeed() {
+        return new Random().nextLong();
+    }
+
+    /**
+     * Obtain and print to STDOUT a seed appropriate for initializing a PRNG.
+     * If the system property "seed" is set and has value which may be correctly
+     * parsed it is used, otherwise a seed is generated using an independent
+     * PRNG.
+     *
+     * @return The seed.
+     */
+    public static long getSeed() {
+        Long seed = getSystemSeed();
+        if (seed == null) {
+            seed = getRandomSeed();
+        }
+        System.out.println("Seed from RandomFactory = "+seed+"L");
+        return seed;
+    }
+
+    /**
+     * Obtain and print to STDOUT a seed and use it to initialize a new
+     * {@code Random} instance which is returned. If the system
+     * property "seed" is set and has value which may be correctly parsed it
+     * is used, otherwise a seed is generated using an independent PRNG.
+     *
+     * @return The {@code Random} instance.
+     */
+    public static Random getRandom() {
+        return new Random(getSeed());
+    }
+}
--- /dev/null	Thu Jan 01 00:00:00 1970 +0000
+++ b/test/sun/security/ec/SignatureOffsets.java	Wed Nov 22 18:18:48 2017 +0000
@@ -0,0 +1,52 @@
+/*
+ * Copyright (c) 2015, Oracle and/or its affiliates. All rights reserved.
+ * DO NOT ALTER OR REMOVE COPYRIGHT NOTICES OR THIS FILE HEADER.
+ *
+ * This code is free software; you can redistribute it and/or modify it
+ * under the terms of the GNU General Public License version 2 only, as
+ * published by the Free Software Foundation.
+ *
+ * This code is distributed in the hope that it will be useful, but WITHOUT
+ * ANY WARRANTY; without even the implied warranty of MERCHANTABILITY or
+ * FITNESS FOR A PARTICULAR PURPOSE.  See the GNU General Public License
+ * version 2 for more details (a copy is included in the LICENSE file that
+ * accompanied this code).
+ *
+ * You should have received a copy of the GNU General Public License version
+ * 2 along with this work; if not, write to the Free Software Foundation,
+ * Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA.
+ *
+ * Please contact Oracle, 500 Oracle Parkway, Redwood Shores, CA 94065 USA
+ * or visit www.oracle.com if you need additional information or have any
+ * questions.
+ */
+
+import java.security.InvalidKeyException;
+import java.security.NoSuchAlgorithmException;
+import java.security.SignatureException;
+
+/*
+ * @test
+ * @bug 8050374
+ * @key randomness
+ * @summary This test validates signature verification
+ *          Signature.verify(byte[], int, int). The test uses RandomFactory to
+ *          get random set of clear text data to sign. After the signature
+ *          generation, the test tries to verify signature with the above API
+ *          and passing in different signature offset (0, 33, 66, 99).
+ * @library /lib/testlibrary
+ * @compile ../../../java/security/Signature/Offsets.java
+ * @run main SignatureOffsets SunEC NONEwithECDSA
+ * @run main SignatureOffsets SunEC SHA1withECDSA
+ * @run main SignatureOffsets SunEC SHA256withECDSA
+ * @run main SignatureOffsets SunEC SHA224withECDSA
+ * @run main SignatureOffsets SunEC SHA384withECDSA
+ * @run main SignatureOffsets SunEC SHA512withECDSA
+ */
+public class SignatureOffsets {
+
+    public static void main(String[] args) throws NoSuchAlgorithmException,
+            InvalidKeyException, SignatureException {
+        Offsets.main(args);
+    }
+}
--- /dev/null	Thu Jan 01 00:00:00 1970 +0000
+++ b/test/sun/security/ec/SignedObjectChain.java	Wed Nov 22 18:18:48 2017 +0000
@@ -0,0 +1,56 @@
+/*
+ * Copyright (c) 2015, Oracle and/or its affiliates. All rights reserved.
+ * DO NOT ALTER OR REMOVE COPYRIGHT NOTICES OR THIS FILE HEADER.
+ *
+ * This code is free software; you can redistribute it and/or modify it
+ * under the terms of the GNU General Public License version 2 only, as
+ * published by the Free Software Foundation.
+ *
+ * This code is distributed in the hope that it will be useful, but WITHOUT
+ * ANY WARRANTY; without even the implied warranty of MERCHANTABILITY or
+ * FITNESS FOR A PARTICULAR PURPOSE.  See the GNU General Public License
+ * version 2 for more details (a copy is included in the LICENSE file that
+ * accompanied this code).
+ *
+ * You should have received a copy of the GNU General Public License version
+ * 2 along with this work; if not, write to the Free Software Foundation,
+ * Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA.
+ *
+ * Please contact Oracle, 500 Oracle Parkway, Redwood Shores, CA 94065 USA
+ * or visit www.oracle.com if you need additional information or have any
+ * questions.
+ */
+
+/*
+ * @test
+ * @bug 8050374
+ * @compile ../../../java/security/SignedObject/Chain.java
+ * @summary Verify a chain of signed objects
+ */
+public class SignedObjectChain {
+
+    private static class Test extends Chain.Test {
+
+        public Test(Chain.SigAlg sigAlg) {
+            super(sigAlg, Chain.KeyAlg.EC, Chain.Provider.SunEC);
+        }
+    }
+
+    private static final Test[] tests = {
+        new Test(Chain.SigAlg.SHA1withECDSA),
+        new Test(Chain.SigAlg.SHA256withECDSA),
+        new Test(Chain.SigAlg.SHA224withECDSA),
+        new Test(Chain.SigAlg.SHA384withECDSA),
+        new Test(Chain.SigAlg.SHA512withECDSA),
+    };
+
+    public static void main(String argv[]) {
+        boolean result = Chain.allMatch(tests);
+
+        if(result) {
+            System.out.println("All tests passed");
+        } else {
+            throw new RuntimeException("Some tests failed");
+        }
+    }
+}
--- /dev/null	Thu Jan 01 00:00:00 1970 +0000
+++ b/test/sun/security/mscapi/SignatureOffsets.java	Wed Nov 22 18:18:48 2017 +0000
@@ -0,0 +1,53 @@
+/*
+ * Copyright (c) 2015, Oracle and/or its affiliates. All rights reserved.
+ * DO NOT ALTER OR REMOVE COPYRIGHT NOTICES OR THIS FILE HEADER.
+ *
+ * This code is free software; you can redistribute it and/or modify it
+ * under the terms of the GNU General Public License version 2 only, as
+ * published by the Free Software Foundation.
+ *
+ * This code is distributed in the hope that it will be useful, but WITHOUT
+ * ANY WARRANTY; without even the implied warranty of MERCHANTABILITY or
+ * FITNESS FOR A PARTICULAR PURPOSE.  See the GNU General Public License
+ * version 2 for more details (a copy is included in the LICENSE file that
+ * accompanied this code).
+ *
+ * You should have received a copy of the GNU General Public License version
+ * 2 along with this work; if not, write to the Free Software Foundation,
+ * Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA.
+ *
+ * Please contact Oracle, 500 Oracle Parkway, Redwood Shores, CA 94065 USA
+ * or visit www.oracle.com if you need additional information or have any
+ * questions.
+ */
+
+import java.security.InvalidKeyException;
+import java.security.NoSuchAlgorithmException;
+import java.security.SignatureException;
+
+/*
+ * @test
+ * @bug 8050374
+ * @key randomness
+ * @summary This test validates signature verification
+ *          Signature.verify(byte[], int, int). The test uses RandomFactory to
+ *          get random set of clear text data to sign. After the signature
+ *          generation, the test tries to verify signature with the above API
+ *          and passing in different signature offset (0, 33, 66, 99).
+ * @library /lib/testlibrary
+ * @compile ../../../java/security/Signature/Offsets.java
+ * @run main SignatureOffsets SunMSCAPI NONEwithRSA
+ * @run main SignatureOffsets SunMSCAPI MD2withRSA
+ * @run main SignatureOffsets SunMSCAPI MD5withRSA
+ * @run main SignatureOffsets SunMSCAPI SHA1withRSA
+ * @run main SignatureOffsets SunMSCAPI SHA256withRSA
+ * @run main SignatureOffsets SunMSCAPI SHA384withRSA
+ * @run main SignatureOffsets SunMSCAPI SHA512withRSA
+ */
+public class SignatureOffsets {
+
+    public static void main(String[] args) throws NoSuchAlgorithmException,
+            InvalidKeyException, SignatureException {
+        Offsets.main(args);
+    }
+}
--- /dev/null	Thu Jan 01 00:00:00 1970 +0000
+++ b/test/sun/security/mscapi/SignedObjectChain.java	Wed Nov 22 18:18:48 2017 +0000
@@ -0,0 +1,57 @@
+/*
+ * Copyright (c) 2015, Oracle and/or its affiliates. All rights reserved.
+ * DO NOT ALTER OR REMOVE COPYRIGHT NOTICES OR THIS FILE HEADER.
+ *
+ * This code is free software; you can redistribute it and/or modify it
+ * under the terms of the GNU General Public License version 2 only, as
+ * published by the Free Software Foundation.
+ *
+ * This code is distributed in the hope that it will be useful, but WITHOUT
+ * ANY WARRANTY; without even the implied warranty of MERCHANTABILITY or
+ * FITNESS FOR A PARTICULAR PURPOSE.  See the GNU General Public License
+ * version 2 for more details (a copy is included in the LICENSE file that
+ * accompanied this code).
+ *
+ * You should have received a copy of the GNU General Public License version
+ * 2 along with this work; if not, write to the Free Software Foundation,
+ * Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA.
+ *
+ * Please contact Oracle, 500 Oracle Parkway, Redwood Shores, CA 94065 USA
+ * or visit www.oracle.com if you need additional information or have any
+ * questions.
+ */
+
+/*
+ * @test
+ * @bug 8050374
+ * @compile ../../../java/security/SignedObject/Chain.java
+ * @summary Verify a chain of signed objects
+ */
+public class SignedObjectChain {
+
+    private static class Test extends Chain.Test {
+
+        public Test(Chain.SigAlg sigAlg) {
+            super(sigAlg, Chain.KeyAlg.RSA, Chain.Provider.SunMSCAPI);
+        }
+    }
+
+    private static final Test[] tests = {
+        new Test(Chain.SigAlg.MD2withRSA),
+        new Test(Chain.SigAlg.MD5withRSA),
+        new Test(Chain.SigAlg.SHA1withRSA),
+        new Test(Chain.SigAlg.SHA256withRSA),
+        new Test(Chain.SigAlg.SHA384withRSA),
+        new Test(Chain.SigAlg.SHA512withRSA),
+    };
+
+    public static void main(String argv[]) {
+        boolean result = Chain.allMatch(tests);
+
+        if(result) {
+            System.out.println("All tests passed");
+        } else {
+            throw new RuntimeException("Some tests failed");
+        }
+    }
+}
--- /dev/null	Thu Jan 01 00:00:00 1970 +0000
+++ b/test/sun/security/rsa/SignatureOffsets.java	Wed Nov 22 18:18:48 2017 +0000
@@ -0,0 +1,53 @@
+/*
+ * Copyright (c) 2015, Oracle and/or its affiliates. All rights reserved.
+ * DO NOT ALTER OR REMOVE COPYRIGHT NOTICES OR THIS FILE HEADER.
+ *
+ * This code is free software; you can redistribute it and/or modify it
+ * under the terms of the GNU General Public License version 2 only, as
+ * published by the Free Software Foundation.
+ *
+ * This code is distributed in the hope that it will be useful, but WITHOUT
+ * ANY WARRANTY; without even the implied warranty of MERCHANTABILITY or
+ * FITNESS FOR A PARTICULAR PURPOSE.  See the GNU General Public License
+ * version 2 for more details (a copy is included in the LICENSE file that
+ * accompanied this code).
+ *
+ * You should have received a copy of the GNU General Public License version
+ * 2 along with this work; if not, write to the Free Software Foundation,
+ * Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA.
+ *
+ * Please contact Oracle, 500 Oracle Parkway, Redwood Shores, CA 94065 USA
+ * or visit www.oracle.com if you need additional information or have any
+ * questions.
+ */
+
+import java.security.InvalidKeyException;
+import java.security.NoSuchAlgorithmException;
+import java.security.SignatureException;
+
+/*
+ * @test
+ * @bug 8050374
+ * @key randomness
+ * @summary This test validates signature verification
+ *          Signature.verify(byte[], int, int). The test uses RandomFactory to
+ *          get random set of clear text data to sign. After the signature
+ *          generation, the test tries to verify signature with the above API
+ *          and passing in different signature offset (0, 33, 66, 99).
+ * @library /lib/testlibrary
+ * @compile ../../../java/security/Signature/Offsets.java
+ * @run main SignatureOffsets SunRsaSign MD2withRSA
+ * @run main SignatureOffsets SunRsaSign MD5withRSA
+ * @run main SignatureOffsets SunRsaSign SHA1withRSA
+ * @run main SignatureOffsets SunRsaSign SHA224withRSA
+ * @run main SignatureOffsets SunRsaSign SHA256withRSA
+ * @run main SignatureOffsets SunRsaSign SHA384withRSA
+ * @run main SignatureOffsets SunRsaSign SHA512withRSA
+ */
+public class SignatureOffsets {
+
+    public static void main(String[] args) throws NoSuchAlgorithmException,
+            InvalidKeyException, SignatureException {
+        Offsets.main(args);
+    }
+}
--- /dev/null	Thu Jan 01 00:00:00 1970 +0000
+++ b/test/sun/security/rsa/SignedObjectChain.java	Wed Nov 22 18:18:48 2017 +0000
@@ -0,0 +1,58 @@
+/*
+ * Copyright (c) 2015, Oracle and/or its affiliates. All rights reserved.
+ * DO NOT ALTER OR REMOVE COPYRIGHT NOTICES OR THIS FILE HEADER.
+ *
+ * This code is free software; you can redistribute it and/or modify it
+ * under the terms of the GNU General Public License version 2 only, as
+ * published by the Free Software Foundation.
+ *
+ * This code is distributed in the hope that it will be useful, but WITHOUT
+ * ANY WARRANTY; without even the implied warranty of MERCHANTABILITY or
+ * FITNESS FOR A PARTICULAR PURPOSE.  See the GNU General Public License
+ * version 2 for more details (a copy is included in the LICENSE file that
+ * accompanied this code).
+ *
+ * You should have received a copy of the GNU General Public License version
+ * 2 along with this work; if not, write to the Free Software Foundation,
+ * Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA.
+ *
+ * Please contact Oracle, 500 Oracle Parkway, Redwood Shores, CA 94065 USA
+ * or visit www.oracle.com if you need additional information or have any
+ * questions.
+ */
+
+/*
+ * @test
+ * @bug 8050374
+ * @compile ../../../java/security/SignedObject/Chain.java
+ * @summary Verify a chain of signed objects
+ */
+public class SignedObjectChain {
+
+    private static class Test extends Chain.Test {
+
+        public Test(Chain.SigAlg sigAlg) {
+            super(sigAlg, Chain.KeyAlg.RSA, Chain.Provider.SunRsaSign);
+        }
+    }
+
+    private static final Test[] tests = {
+        new Test(Chain.SigAlg.MD2withRSA),
+        new Test(Chain.SigAlg.MD5withRSA),
+        new Test(Chain.SigAlg.SHA1withRSA),
+        new Test(Chain.SigAlg.SHA224withRSA),
+        new Test(Chain.SigAlg.SHA256withRSA),
+        new Test(Chain.SigAlg.SHA384withRSA),
+        new Test(Chain.SigAlg.SHA512withRSA),
+    };
+
+    public static void main(String argv[]) {
+        boolean result = Chain.allMatch(tests);
+
+        if(result) {
+            System.out.println("All tests passed");
+        } else {
+            throw new RuntimeException("Some tests failed");
+        }
+    }
+}
--- /dev/null	Thu Jan 01 00:00:00 1970 +0000
+++ b/test/sun/security/ssl/rsa/SignatureOffsets.java	Wed Nov 22 18:18:48 2017 +0000
@@ -0,0 +1,50 @@
+/*
+ * Copyright (c) 2015, Oracle and/or its affiliates. All rights reserved.
+ * DO NOT ALTER OR REMOVE COPYRIGHT NOTICES OR THIS FILE HEADER.
+ *
+ * This code is free software; you can redistribute it and/or modify it
+ * under the terms of the GNU General Public License version 2 only, as
+ * published by the Free Software Foundation.
+ *
+ * This code is distributed in the hope that it will be useful, but WITHOUT
+ * ANY WARRANTY; without even the implied warranty of MERCHANTABILITY or
+ * FITNESS FOR A PARTICULAR PURPOSE.  See the GNU General Public License
+ * version 2 for more details (a copy is included in the LICENSE file that
+ * accompanied this code).
+ *
+ * You should have received a copy of the GNU General Public License version
+ * 2 along with this work; if not, write to the Free Software Foundation,
+ * Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA.
+ *
+ * Please contact Oracle, 500 Oracle Parkway, Redwood Shores, CA 94065 USA
+ * or visit www.oracle.com if you need additional information or have any
+ * questions.
+ */
+
+import java.security.InvalidKeyException;
+import java.security.NoSuchAlgorithmException;
+import java.security.SignatureException;
+
+/*
+ * @test
+ * @bug 8050374
+ * @key randomness
+ * @summary This test validates signature verification
+ *          Signature.verify(byte[], int, int). The test uses RandomFactory to
+ *          get random set of clear text data to sign. After the signature
+ *          generation, the test tries to verify signature with the above API
+ *          and passing in different signature offset (0, 33, 66, 99).
+ * @library /lib/testlibrary
+ * @compile ../../../../java/security/Signature/Offsets.java
+ * @run main SignatureOffsets SunJSSE MD2withRSA
+ * @run main SignatureOffsets SunJSSE MD5withRSA
+ * @run main SignatureOffsets SunJSSE SHA1withRSA
+ * @run main SignatureOffsets SunJSSE MD5andSHA1withRSA
+ */
+public class SignatureOffsets {
+
+    public static void main(String[] args) throws NoSuchAlgorithmException,
+            InvalidKeyException, SignatureException {
+        Offsets.main(args);
+    }
+}
--- /dev/null	Thu Jan 01 00:00:00 1970 +0000
+++ b/test/sun/security/ssl/rsa/SignedObjectChain.java	Wed Nov 22 18:18:48 2017 +0000
@@ -0,0 +1,54 @@
+/*
+ * Copyright (c) 2015, Oracle and/or its affiliates. All rights reserved.
+ * DO NOT ALTER OR REMOVE COPYRIGHT NOTICES OR THIS FILE HEADER.
+ *
+ * This code is free software; you can redistribute it and/or modify it
+ * under the terms of the GNU General Public License version 2 only, as
+ * published by the Free Software Foundation.
+ *
+ * This code is distributed in the hope that it will be useful, but WITHOUT
+ * ANY WARRANTY; without even the implied warranty of MERCHANTABILITY or
+ * FITNESS FOR A PARTICULAR PURPOSE.  See the GNU General Public License
+ * version 2 for more details (a copy is included in the LICENSE file that
+ * accompanied this code).
+ *
+ * You should have received a copy of the GNU General Public License version
+ * 2 along with this work; if not, write to the Free Software Foundation,
+ * Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA.
+ *
+ * Please contact Oracle, 500 Oracle Parkway, Redwood Shores, CA 94065 USA
+ * or visit www.oracle.com if you need additional information or have any
+ * questions.
+ */
+
+/*
+ * @test
+ * @bug 8050374
+ * @compile ../../../../java/security/SignedObject/Chain.java
+ * @summary Verify a chain of signed objects
+ */
+public class SignedObjectChain {
+
+    private static class Test extends Chain.Test {
+
+        public Test(Chain.SigAlg sigAlg) {
+            super(sigAlg, Chain.KeyAlg.RSA, Chain.Provider.SunJSSE);
+        }
+    }
+
+    private static final Test[] tests = {
+        new Test(Chain.SigAlg.MD2withRSA),
+        new Test(Chain.SigAlg.MD5withRSA),
+        new Test(Chain.SigAlg.SHA1withRSA),
+        new Test(Chain.SigAlg.MD5andSHA1withRSA),
+    };
+
+    public static void main(String argv[]) {
+        boolean result = Chain.allMatch(tests);
+        if(result) {
+            System.out.println("All tests passed");
+        } else {
+            throw new RuntimeException("Some tests failed");
+        }
+    }
+}