changeset 11526:2ecffdf30af0

Merge
author dsamersoff
date Mon, 11 Apr 2016 18:21:28 +0000
parents fc52c90e812f bf71f2eb4322
children 7d49df0ab4f6
files
diffstat 15 files changed, 1594 insertions(+), 0 deletions(-) [+]
line wrap: on
line diff
--- /dev/null	Thu Jan 01 00:00:00 1970 +0000
+++ b/test/java/security/Signature/Offsets.java	Mon Apr 11 18:21:28 2016 +0000
@@ -0,0 +1,251 @@
+/*
+ * Copyright (c) 2015, Oracle and/or its affiliates. All rights reserved.
+ * DO NOT ALTER OR REMOVE COPYRIGHT NOTICES OR THIS FILE HEADER.
+ *
+ * This code is free software; you can redistribute it and/or modify it
+ * under the terms of the GNU General Public License version 2 only, as
+ * published by the Free Software Foundation.
+ *
+ * This code is distributed in the hope that it will be useful, but WITHOUT
+ * ANY WARRANTY; without even the implied warranty of MERCHANTABILITY or
+ * FITNESS FOR A PARTICULAR PURPOSE.  See the GNU General Public License
+ * version 2 for more details (a copy is included in the LICENSE file that
+ * accompanied this code).
+ *
+ * You should have received a copy of the GNU General Public License version
+ * 2 along with this work; if not, write to the Free Software Foundation,
+ * Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA.
+ *
+ * Please contact Oracle, 500 Oracle Parkway, Redwood Shores, CA 94065 USA
+ * or visit www.oracle.com if you need additional information or have any
+ * questions.
+ */
+
+import java.security.InvalidKeyException;
+import java.security.KeyPair;
+import java.security.KeyPairGenerator;
+import java.security.NoSuchAlgorithmException;
+import java.security.NoSuchProviderException;
+import java.security.PrivateKey;
+import java.security.PublicKey;
+import java.security.Signature;
+import java.security.SignatureException;
+import jdk.testlibrary.RandomFactory;
+
+/*
+ * @test
+ * @bug 8050374
+ * @key randomness
+ * @summary This test validates signature verification
+ *          Signature.verify(byte[], int, int). The test uses RandomFactory to
+ *          get random set of clear text data to sign. After the signature
+ *          generation, the test tries to verify signature with the above API
+ *          and passing in different signature offset (0, 33, 66, 99).
+ * @library /lib/testlibrary
+ * @run main Offsets SUN NONEwithDSA
+ * @run main Offsets SUN SHA1withDSA
+ * @run main Offsets SUN SHA224withDSA
+ * @run main Offsets SUN SHA256withDSA
+ */
+public class Offsets {
+
+    private final int size;
+    private final byte[] cleartext;
+    private final PublicKey pubkey;
+    private final Signature signature;
+    private final byte[] signed;
+
+    private Offsets(Signature signature, PublicKey pubkey, PrivateKey privkey,
+            int size, byte[] cleartext) throws InvalidKeyException,
+                SignatureException {
+        this.pubkey = pubkey;
+        this.signature = signature;
+        this.size = size;
+        this.cleartext = cleartext;
+
+        signature.initSign(privkey);
+        signature.update(cleartext, 0, size);
+        signed = signature.sign();
+    }
+
+    int getDataSize() {
+        return size;
+    }
+
+    int getSignatureLength() {
+        return signed.length;
+    }
+
+    byte[] shiftSignData(int offset) {
+        byte[] testSignData = new byte[offset + signed.length];
+        System.arraycopy(signed, 0, testSignData, offset,
+                signed.length);
+        return testSignData;
+    }
+
+    boolean verifySignature(byte[] sigData, int sigOffset, int sigLength,
+            int updateOffset, int updateLength)
+                throws InvalidKeyException, SignatureException {
+        signature.initVerify(pubkey);
+        signature.update(cleartext, updateOffset, updateLength);
+        return signature.verify(sigData, sigOffset, sigLength);
+    }
+
+    static Offsets init(String provider, String algorithm)
+            throws NoSuchAlgorithmException, NoSuchProviderException,
+            InvalidKeyException, SignatureException {
+        // fill the cleartext data with random bytes
+        byte[] cleartext = new byte[100];
+        RandomFactory.getRandom().nextBytes(cleartext);
+
+        // NONEwith requires input to be of 20 bytes
+        int size = algorithm.contains("NONEwith") ? 20 : 100;
+
+        // create signature instance
+        Signature signature = Signature.getInstance(algorithm, provider);
+
+        String keyAlgo;
+        if (algorithm.contains("RSA")) {
+            keyAlgo = "RSA";
+        } else if (algorithm.contains("ECDSA")) {
+            keyAlgo = "EC";
+        } else if (algorithm.contains("DSA")) {
+            keyAlgo = "DSA";
+        } else {
+            throw new RuntimeException("Test doesn't support this signature "
+                    + "algorithm: " + algorithm);
+        }
+
+        KeyPairGenerator kpg = KeyPairGenerator.getInstance(keyAlgo, provider);
+        KeyPair kp = kpg.generateKeyPair();
+        PublicKey pubkey = kp.getPublic();
+        PrivateKey privkey = kp.getPrivate();
+
+        return new Offsets(signature, pubkey, privkey, size, cleartext);
+    }
+
+    public static void main(String[] args) throws NoSuchAlgorithmException,
+            InvalidKeyException, SignatureException {
+        if (args.length < 2) {
+            throw new RuntimeException("Wrong parameters");
+        }
+
+        boolean result = true;
+        try {
+            Offsets test = init(args[0], args[1]);
+
+            // We are trying 3 different offsets, data size has nothing to do
+            // with signature length
+            for (int chunk = 3; chunk > 0; chunk--) {
+                int signOffset = test.getDataSize() / chunk;
+
+                System.out.println("Running test with offset " + signOffset);
+                byte[] signData = test.shiftSignData(signOffset);
+
+                boolean success = test.verifySignature(signData, signOffset,
+                        test.getSignatureLength(), 0, test.getDataSize());
+
+                if (success) {
+                    System.out.println("Successfully verified with offset "
+                            + signOffset);
+                } else {
+                    System.out.println("Verification failed with offset "
+                            + signOffset);
+                    result = false;
+                }
+            }
+
+            // save signature to offset 0
+            byte[] signData = test.shiftSignData(0);
+
+            // Negative tests
+
+            // Test signature offset 0.
+            // Wrong test data will be passed to update,
+            // so signature verification should fail.
+            for (int chunk = 3; chunk > 0; chunk--) {
+                int dataOffset = (test.getDataSize() - 1) / chunk;
+                boolean success;
+                try {
+                    success = test.verifySignature(signData, 0,
+                            test.getSignatureLength(), dataOffset,
+                            (test.getDataSize() - dataOffset));
+                } catch (SignatureException e) {
+                    // Since we are trying different data size, it can throw
+                    // SignatureException
+                    success = false;
+                }
+
+                if (!success) {
+                    System.out.println("Signature verification failed "
+                            + "as expected, with data offset " + dataOffset
+                            + " and length "
+                            + (test.getDataSize() - dataOffset));
+                } else {
+                    System.out.println("Signature verification "
+                            + "should not succeed, with data offset "
+                            + dataOffset + " and length "
+                            + (test.getDataSize() - dataOffset));
+                    result = false;
+                }
+            }
+
+            // Tests with manipulating offset and length
+            result &= Offsets.checkFailure(test, signData, -1,
+                    test.getSignatureLength());
+
+            result &= Offsets.checkFailure(test, signData, 0,
+                    test.getSignatureLength() - 1);
+
+            result &= Offsets.checkFailure(test, signData,
+                    test.getSignatureLength() + 1, test.getSignatureLength());
+
+            result &= Offsets.checkFailure(test, signData, 0,
+                    test.getSignatureLength() + 1);
+
+            result &= Offsets.checkFailure(test, signData, 0, 0);
+
+            result &= Offsets.checkFailure(test, signData, 0, -1);
+
+            result &= Offsets.checkFailure(test, signData,
+                    2147483646, test.getSignatureLength());
+
+            result &= Offsets.checkFailure(test, null, 0,
+                    test.getSignatureLength());
+        } catch (NoSuchProviderException nspe) {
+            System.out.println("No such provider: " + nspe);
+        }
+
+        if (!result) {
+            throw new RuntimeException("Some test cases failed");
+        }
+    }
+
+    static boolean checkFailure(Offsets test, byte[] signData, int offset,
+            int length) {
+        boolean success;
+        try {
+            success = test.verifySignature(signData, offset, length, 0,
+                    test.getDataSize());
+        } catch (IllegalArgumentException | SignatureException e) {
+            System.out.println("Expected exception: " + e);
+            success = false;
+        } catch (InvalidKeyException e) {
+            System.out.println("Unexpected exception: " + e);
+            return false;
+        }
+
+        if (!success) {
+            System.out.println("Signature verification failed as expected, "
+                    + "with signature offset " + offset + " and length "
+                    + length);
+            return true;
+        } else {
+            System.out.println("Signature verification should not succeed, "
+                    + "with signature offset " + offset + " and length "
+                    + length);
+            return false;
+        }
+    }
+
+}
--- /dev/null	Thu Jan 01 00:00:00 1970 +0000
+++ b/test/java/security/SignedObject/Chain.java	Mon Apr 11 18:21:28 2016 +0000
@@ -0,0 +1,216 @@
+/*
+ * Copyright (c) 2015, Oracle and/or its affiliates. All rights reserved.
+ * DO NOT ALTER OR REMOVE COPYRIGHT NOTICES OR THIS FILE HEADER.
+ *
+ * This code is free software; you can redistribute it and/or modify it
+ * under the terms of the GNU General Public License version 2 only, as
+ * published by the Free Software Foundation.
+ *
+ * This code is distributed in the hope that it will be useful, but WITHOUT
+ * ANY WARRANTY; without even the implied warranty of MERCHANTABILITY or
+ * FITNESS FOR A PARTICULAR PURPOSE.  See the GNU General Public License
+ * version 2 for more details (a copy is included in the LICENSE file that
+ * accompanied this code).
+ *
+ * You should have received a copy of the GNU General Public License version
+ * 2 along with this work; if not, write to the Free Software Foundation,
+ * Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA.
+ *
+ * Please contact Oracle, 500 Oracle Parkway, Redwood Shores, CA 94065 USA
+ * or visit www.oracle.com if you need additional information or have any
+ * questions.
+ */
+
+import java.security.Signature;
+import java.security.SignedObject;
+import java.security.KeyPairGenerator;
+import java.security.KeyPair;
+import java.security.NoSuchProviderException;
+import java.security.PrivateKey;
+import java.security.PublicKey;
+import java.util.Arrays;
+
+/*
+ * @test
+ * @bug 8050374
+ * @summary Verify a chain of signed objects
+ */
+public class Chain {
+
+    static enum KeyAlg {
+        RSA("RSA"),
+        DSA("DSA"),
+        EC("EC");
+
+        final String name;
+
+        KeyAlg(String alg) {
+            this.name = alg;
+        }
+    }
+
+    static enum Provider {
+        Default("default"),
+        SunRsaSign("SunRsaSign"),
+        Sun("SUN"),
+        SunEC("SunEC"),
+        SunJSSE("SunJSSE"),
+        SunMSCAPI("SunMSCAPI");
+
+        final String name;
+
+        Provider(String name) {
+            this.name = name;
+        }
+    }
+
+    static enum SigAlg {
+        MD2withRSA("MD2withRSA"),
+        MD5withRSA("md5withRSA"),
+
+        SHA1withDSA("SHA1withDSA"),
+        SHA224withDSA("SHA224withDSA"),
+        SHA256withDSA("SHA256withDSA"),
+
+        SHA1withRSA("Sha1withrSA"),
+        SHA224withRSA("SHA224withRSA"),
+        SHA256withRSA("SHA256withRSA"),
+        SHA384withRSA("SHA384withRSA"),
+        SHA512withRSA("SHA512withRSA"),
+
+        SHA1withECDSA("SHA1withECDSA"),
+        SHA256withECDSA("SHA256withECDSA"),
+        SHA224withECDSA("SHA224withECDSA"),
+        SHA384withECDSA("SHA384withECDSA"),
+        SHA512withECDSA("SHA512withECDSA"),
+
+        MD5andSHA1withRSA("MD5andSHA1withRSA");
+
+        final String name;
+
+        SigAlg(String name) {
+            this.name = name;
+        }
+    }
+
+    static class Test {
+        final Provider provider;
+        final KeyAlg keyAlg;
+        final SigAlg sigAlg;
+
+        Test(SigAlg sigAlg, KeyAlg keyAlg, Provider privider) {
+            this.provider = privider;
+            this.keyAlg = keyAlg;
+            this.sigAlg = sigAlg;
+        }
+    }
+
+    private static final Test[] tests = {
+        new Test(SigAlg.SHA1withDSA, KeyAlg.DSA, Provider.Default),
+        new Test(SigAlg.MD2withRSA, KeyAlg.RSA, Provider.Default),
+        new Test(SigAlg.MD5withRSA, KeyAlg.RSA, Provider.Default),
+        new Test(SigAlg.SHA1withRSA, KeyAlg.RSA, Provider.Default),
+        new Test(SigAlg.SHA1withDSA, KeyAlg.DSA, Provider.Sun),
+        new Test(SigAlg.SHA224withDSA, KeyAlg.DSA, Provider.Sun),
+        new Test(SigAlg.SHA256withDSA, KeyAlg.DSA, Provider.Sun),
+    };
+
+    private static final String str = "to-be-signed";
+    private static final int N = 3;
+
+    public static void main(String argv[]) {
+        boolean result = Arrays.stream(tests).allMatch((test) -> runTest(test));
+        if(result) {
+            System.out.println("All tests passed");
+        } else {
+            throw new RuntimeException("Some tests failed");
+        }
+    }
+
+    static boolean runTest(Test test) {
+        System.out.format("Test: provider = %s, signature algorithm = %s, "
+                + "key algorithm = %s\n",
+                test.provider, test.sigAlg, test.keyAlg);
+        try {
+            // Generate all private/public key pairs
+            PrivateKey[] privKeys = new PrivateKey[N];
+            PublicKey[] pubKeys = new PublicKey[N];
+            PublicKey[] anotherPubKeys = new PublicKey[N];
+            KeyPairGenerator kpg = KeyPairGenerator.getInstance(
+                    test.keyAlg.name);
+            for (int j=0; j < N; j++) {
+                KeyPair kp = kpg.genKeyPair();
+                KeyPair anotherKp = kpg.genKeyPair();
+                privKeys[j] = kp.getPrivate();
+                pubKeys[j] = kp.getPublic();
+                anotherPubKeys[j] = anotherKp.getPublic();
+
+                if (Arrays.equals(pubKeys[j].getEncoded(),
+                        anotherPubKeys[j].getEncoded())) {
+                    System.out.println("Failed: it should not get "
+                            + "the same pair of public key");
+                    return false;
+                }
+            }
+
+            Signature signature;
+            if (test.provider != Provider.Default) {
+                signature = Signature.getInstance(test.sigAlg.name,
+                        test.provider.name);
+            } else {
+                signature = Signature.getInstance(test.sigAlg.name);
+            }
+
+            // Create a chain of signed objects
+            SignedObject[] objects = new SignedObject[N];
+            objects[0] = new SignedObject(str, privKeys[0], signature);
+            for (int j = 1; j < N; j++) {
+                objects[j] = new SignedObject(objects[j - 1], privKeys[j],
+                        signature);
+            }
+
+            // Verify the chain
+            int n = objects.length - 1;
+            SignedObject object = objects[n];
+            do {
+                if (!object.verify(pubKeys[n], signature)) {
+                    System.out.println("Failed: verification failed, n = " + n);
+                    return false;
+                }
+
+                if (object.verify(anotherPubKeys[n], signature)) {
+                    System.out.println("Failed: verification should not "
+                            + "succeed with wrong public key, n = " + n);
+                    return false;
+                }
+
+                object = (SignedObject) object.getObject();
+                n--;
+            } while (n > 0);
+
+            System.out.println("signed data: " + object.getObject());
+            if (!str.equals(object.getObject())) {
+                System.out.println("Failed: signed data is not equal to "
+                        + "original one");
+                return false;
+            }
+
+            System.out.println("Test passed");
+            return true;
+        } catch (NoSuchProviderException nspe) {
+            if (test.provider == Provider.SunMSCAPI
+                    && !System.getProperty("os.name").startsWith("Windows")) {
+                System.out.println("SunMSCAPI is available only on Windows: "
+                        + nspe);
+                return true;
+            }
+            System.out.println("Unexpected exception: " + nspe);
+            return false;
+        } catch (Exception e) {
+            System.out.println("Unexpected exception: " + e);
+            e.printStackTrace(System.out);
+            return false;
+        }
+    }
+}
+
--- /dev/null	Thu Jan 01 00:00:00 1970 +0000
+++ b/test/java/security/SignedObject/Copy.java	Mon Apr 11 18:21:28 2016 +0000
@@ -0,0 +1,123 @@
+/*
+ * Copyright (c) 2015, Oracle and/or its affiliates. All rights reserved.
+ * DO NOT ALTER OR REMOVE COPYRIGHT NOTICES OR THIS FILE HEADER.
+ *
+ * This code is free software; you can redistribute it and/or modify it
+ * under the terms of the GNU General Public License version 2 only, as
+ * published by the Free Software Foundation.
+ *
+ * This code is distributed in the hope that it will be useful, but WITHOUT
+ * ANY WARRANTY; without even the implied warranty of MERCHANTABILITY or
+ * FITNESS FOR A PARTICULAR PURPOSE.  See the GNU General Public License
+ * version 2 for more details (a copy is included in the LICENSE file that
+ * accompanied this code).
+ *
+ * You should have received a copy of the GNU General Public License version
+ * 2 along with this work; if not, write to the Free Software Foundation,
+ * Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA.
+ *
+ * Please contact Oracle, 500 Oracle Parkway, Redwood Shores, CA 94065 USA
+ * or visit www.oracle.com if you need additional information or have any
+ * questions.
+ */
+
+import java.io.Serializable;
+import java.security.KeyPair;
+import java.security.KeyPairGenerator;
+import java.security.Signature;
+import java.security.SignedObject;
+
+/*
+ * @test
+ * @bug 8050374
+ * @summary Checks if a signed object is a copy of an original object
+ */
+public class Copy {
+
+    private static final String DSA = "DSA";
+    private static final int KEY_SIZE = 512;
+    private static final int MAGIC = 123;
+
+    public static void main(String args[]) throws Exception {
+        KeyPairGenerator kg = KeyPairGenerator.getInstance(DSA);
+        kg.initialize(KEY_SIZE);
+        KeyPair kp = kg.genKeyPair();
+
+        Signature signature = Signature.getInstance(DSA);
+        Test original = new Test();
+        SignedObject so = new SignedObject(original, kp.getPrivate(),
+                signature);
+        System.out.println("Signature algorithm: " + so.getAlgorithm());
+
+        signature = Signature.getInstance(DSA, "SUN");
+        if (!so.verify(kp.getPublic(), signature)) {
+            throw new RuntimeException("Verification failed");
+        }
+
+        kg = KeyPairGenerator.getInstance(DSA);
+        kg.initialize(KEY_SIZE);
+        kp = kg.genKeyPair();
+
+        if (so.verify(kp.getPublic(), signature)) {
+            throw new RuntimeException("Unexpected success");
+        }
+
+        Object copy = so.getObject();
+        if (!original.equals(copy)) {
+            throw new RuntimeException("Signed object is not equal "
+                    + "to original one: " + copy);
+        }
+
+        /*
+         * The signed object is a copy of an original one.
+         * Once the copy is made, further manipulation
+         * of the original object shouldn't has any effect on the copy.
+         */
+        original.set(MAGIC - 1);
+        copy = so.getObject();
+        if (original.equals(copy)) {
+            throw new RuntimeException("Signed object is not a copy "
+                    + "of original one: " + copy);
+        }
+
+        System.out.println("Test passed");
+    }
+
+    private static class Test implements Serializable {
+        private int number = MAGIC;
+
+        public int get() {
+            return number;
+        }
+
+        public void set(int magic) {
+            this.number = magic;
+        }
+
+        @Override
+        public int hashCode() {
+            return number;
+        }
+
+        @Override
+        public boolean equals(Object obj) {
+            if (obj == null) {
+                return false;
+            }
+
+            if (!(obj instanceof Test)) {
+                return false;
+            }
+
+            Test other = (Test) obj;
+            return number == other.number;
+        }
+
+        @Override
+        public String toString() {
+            return "" + number;
+        }
+    }
+}
+
+
--- /dev/null	Thu Jan 01 00:00:00 1970 +0000
+++ b/test/sun/security/ec/SignatureOffsets.java	Mon Apr 11 18:21:28 2016 +0000
@@ -0,0 +1,52 @@
+/*
+ * Copyright (c) 2015, Oracle and/or its affiliates. All rights reserved.
+ * DO NOT ALTER OR REMOVE COPYRIGHT NOTICES OR THIS FILE HEADER.
+ *
+ * This code is free software; you can redistribute it and/or modify it
+ * under the terms of the GNU General Public License version 2 only, as
+ * published by the Free Software Foundation.
+ *
+ * This code is distributed in the hope that it will be useful, but WITHOUT
+ * ANY WARRANTY; without even the implied warranty of MERCHANTABILITY or
+ * FITNESS FOR A PARTICULAR PURPOSE.  See the GNU General Public License
+ * version 2 for more details (a copy is included in the LICENSE file that
+ * accompanied this code).
+ *
+ * You should have received a copy of the GNU General Public License version
+ * 2 along with this work; if not, write to the Free Software Foundation,
+ * Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA.
+ *
+ * Please contact Oracle, 500 Oracle Parkway, Redwood Shores, CA 94065 USA
+ * or visit www.oracle.com if you need additional information or have any
+ * questions.
+ */
+
+import java.security.InvalidKeyException;
+import java.security.NoSuchAlgorithmException;
+import java.security.SignatureException;
+
+/*
+ * @test
+ * @bug 8050374
+ * @key randomness
+ * @summary This test validates signature verification
+ *          Signature.verify(byte[], int, int). The test uses RandomFactory to
+ *          get random set of clear text data to sign. After the signature
+ *          generation, the test tries to verify signature with the above API
+ *          and passing in different signature offset (0, 33, 66, 99).
+ * @library /lib/testlibrary
+ * @compile ../../../java/security/Signature/Offsets.java
+ * @run main SignatureOffsets SunEC NONEwithECDSA
+ * @run main SignatureOffsets SunEC SHA1withECDSA
+ * @run main SignatureOffsets SunEC SHA256withECDSA
+ * @run main SignatureOffsets SunEC SHA224withECDSA
+ * @run main SignatureOffsets SunEC SHA384withECDSA
+ * @run main SignatureOffsets SunEC SHA512withECDSA
+ */
+public class SignatureOffsets {
+
+    public static void main(String[] args) throws NoSuchAlgorithmException,
+            InvalidKeyException, SignatureException {
+        Offsets.main(args);
+    }
+}
\ No newline at end of file
--- /dev/null	Thu Jan 01 00:00:00 1970 +0000
+++ b/test/sun/security/ec/SignedObjectChain.java	Mon Apr 11 18:21:28 2016 +0000
@@ -0,0 +1,57 @@
+/*
+ * Copyright (c) 2015, Oracle and/or its affiliates. All rights reserved.
+ * DO NOT ALTER OR REMOVE COPYRIGHT NOTICES OR THIS FILE HEADER.
+ *
+ * This code is free software; you can redistribute it and/or modify it
+ * under the terms of the GNU General Public License version 2 only, as
+ * published by the Free Software Foundation.
+ *
+ * This code is distributed in the hope that it will be useful, but WITHOUT
+ * ANY WARRANTY; without even the implied warranty of MERCHANTABILITY or
+ * FITNESS FOR A PARTICULAR PURPOSE.  See the GNU General Public License
+ * version 2 for more details (a copy is included in the LICENSE file that
+ * accompanied this code).
+ *
+ * You should have received a copy of the GNU General Public License version
+ * 2 along with this work; if not, write to the Free Software Foundation,
+ * Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA.
+ *
+ * Please contact Oracle, 500 Oracle Parkway, Redwood Shores, CA 94065 USA
+ * or visit www.oracle.com if you need additional information or have any
+ * questions.
+ */
+
+/*
+ * @test
+ * @bug 8050374
+ * @compile ../../../java/security/SignedObject/Chain.java
+ * @summary Verify a chain of signed objects
+ */
+public class SignedObjectChain {
+
+    private static class Test extends Chain.Test {
+
+        public Test(Chain.SigAlg sigAlg) {
+            super(sigAlg, Chain.KeyAlg.EC, Chain.Provider.SunEC);
+        }
+    }
+
+    private static final Test[] tests = {
+        new Test(Chain.SigAlg.SHA1withECDSA),
+        new Test(Chain.SigAlg.SHA256withECDSA),
+        new Test(Chain.SigAlg.SHA224withECDSA),
+        new Test(Chain.SigAlg.SHA384withECDSA),
+        new Test(Chain.SigAlg.SHA512withECDSA),
+    };
+
+    public static void main(String argv[]) {
+        boolean resutl = java.util.Arrays.stream(tests).allMatch(
+                (test) -> Chain.runTest(test));
+
+        if(resutl) {
+            System.out.println("All tests passed");
+        } else {
+            throw new RuntimeException("Some tests failed");
+        }
+    }
+}
--- /dev/null	Thu Jan 01 00:00:00 1970 +0000
+++ b/test/sun/security/mscapi/SignatureOffsets.java	Mon Apr 11 18:21:28 2016 +0000
@@ -0,0 +1,53 @@
+/*
+ * Copyright (c) 2015, Oracle and/or its affiliates. All rights reserved.
+ * DO NOT ALTER OR REMOVE COPYRIGHT NOTICES OR THIS FILE HEADER.
+ *
+ * This code is free software; you can redistribute it and/or modify it
+ * under the terms of the GNU General Public License version 2 only, as
+ * published by the Free Software Foundation.
+ *
+ * This code is distributed in the hope that it will be useful, but WITHOUT
+ * ANY WARRANTY; without even the implied warranty of MERCHANTABILITY or
+ * FITNESS FOR A PARTICULAR PURPOSE.  See the GNU General Public License
+ * version 2 for more details (a copy is included in the LICENSE file that
+ * accompanied this code).
+ *
+ * You should have received a copy of the GNU General Public License version
+ * 2 along with this work; if not, write to the Free Software Foundation,
+ * Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA.
+ *
+ * Please contact Oracle, 500 Oracle Parkway, Redwood Shores, CA 94065 USA
+ * or visit www.oracle.com if you need additional information or have any
+ * questions.
+ */
+
+import java.security.InvalidKeyException;
+import java.security.NoSuchAlgorithmException;
+import java.security.SignatureException;
+
+/*
+ * @test
+ * @bug 8050374
+ * @key randomness
+ * @summary This test validates signature verification
+ *          Signature.verify(byte[], int, int). The test uses RandomFactory to
+ *          get random set of clear text data to sign. After the signature
+ *          generation, the test tries to verify signature with the above API
+ *          and passing in different signature offset (0, 33, 66, 99).
+ * @library /lib/testlibrary
+ * @compile ../../../java/security/Signature/Offsets.java
+ * @run main SignatureOffsets SunMSCAPI NONEwithRSA
+ * @run main SignatureOffsets SunMSCAPI MD2withRSA
+ * @run main SignatureOffsets SunMSCAPI MD5withRSA
+ * @run main SignatureOffsets SunMSCAPI SHA1withRSA
+ * @run main SignatureOffsets SunMSCAPI SHA256withRSA
+ * @run main SignatureOffsets SunMSCAPI SHA384withRSA
+ * @run main SignatureOffsets SunMSCAPI SHA512withRSA
+ */
+public class SignatureOffsets {
+
+    public static void main(String[] args) throws NoSuchAlgorithmException,
+            InvalidKeyException, SignatureException {
+        Offsets.main(args);
+    }
+}
\ No newline at end of file
--- /dev/null	Thu Jan 01 00:00:00 1970 +0000
+++ b/test/sun/security/mscapi/SignedObjectChain.java	Mon Apr 11 18:21:28 2016 +0000
@@ -0,0 +1,58 @@
+/*
+ * Copyright (c) 2015, Oracle and/or its affiliates. All rights reserved.
+ * DO NOT ALTER OR REMOVE COPYRIGHT NOTICES OR THIS FILE HEADER.
+ *
+ * This code is free software; you can redistribute it and/or modify it
+ * under the terms of the GNU General Public License version 2 only, as
+ * published by the Free Software Foundation.
+ *
+ * This code is distributed in the hope that it will be useful, but WITHOUT
+ * ANY WARRANTY; without even the implied warranty of MERCHANTABILITY or
+ * FITNESS FOR A PARTICULAR PURPOSE.  See the GNU General Public License
+ * version 2 for more details (a copy is included in the LICENSE file that
+ * accompanied this code).
+ *
+ * You should have received a copy of the GNU General Public License version
+ * 2 along with this work; if not, write to the Free Software Foundation,
+ * Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA.
+ *
+ * Please contact Oracle, 500 Oracle Parkway, Redwood Shores, CA 94065 USA
+ * or visit www.oracle.com if you need additional information or have any
+ * questions.
+ */
+
+/*
+ * @test
+ * @bug 8050374
+ * @compile ../../../java/security/SignedObject/Chain.java
+ * @summary Verify a chain of signed objects
+ */
+public class SignedObjectChain {
+
+    private static class Test extends Chain.Test {
+
+        public Test(Chain.SigAlg sigAlg) {
+            super(sigAlg, Chain.KeyAlg.RSA, Chain.Provider.SunMSCAPI);
+        }
+    }
+
+    private static final Test[] tests = {
+        new Test(Chain.SigAlg.MD2withRSA),
+        new Test(Chain.SigAlg.MD5withRSA),
+        new Test(Chain.SigAlg.SHA1withRSA),
+        new Test(Chain.SigAlg.SHA256withRSA),
+        new Test(Chain.SigAlg.SHA384withRSA),
+        new Test(Chain.SigAlg.SHA512withRSA),
+    };
+
+    public static void main(String argv[]) {
+        boolean resutl = java.util.Arrays.stream(tests).allMatch(
+                (test) -> Chain.runTest(test));
+
+        if(resutl) {
+            System.out.println("All tests passed");
+        } else {
+            throw new RuntimeException("Some tests failed");
+        }
+    }
+}
--- /dev/null	Thu Jan 01 00:00:00 1970 +0000
+++ b/test/sun/security/rsa/KeySizeTest.java	Mon Apr 11 18:21:28 2016 +0000
@@ -0,0 +1,130 @@
+/*
+ * Copyright (c) 2015, Oracle and/or its affiliates. All rights reserved.
+ * DO NOT ALTER OR REMOVE COPYRIGHT NOTICES OR THIS FILE HEADER.
+ *
+ * This code is free software; you can redistribute it and/or modify it
+ * under the terms of the GNU General Public License version 2 only, as
+ * published by the Free Software Foundation.
+ *
+ * This code is distributed in the hope that it will be useful, but WITHOUT
+ * ANY WARRANTY; without even the implied warranty of MERCHANTABILITY or
+ * FITNESS FOR A PARTICULAR PURPOSE.  See the GNU General Public License
+ * version 2 for more details (a copy is included in the LICENSE file that
+ * accompanied this code).
+ *
+ * You should have received a copy of the GNU General Public License version
+ * 2 along with this work; if not, write to the Free Software Foundation,
+ * Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA.
+ *
+ * Please contact Oracle, 500 Oracle Parkway, Redwood Shores, CA 94065 USA
+ * or visit www.oracle.com if you need additional information or have any
+ * questions.
+ */
+
+import java.security.KeyFactory;
+import java.security.KeyPair;
+import java.security.KeyPairGenerator;
+import java.security.PrivateKey;
+import java.security.PublicKey;
+import java.security.interfaces.RSAKey;
+import java.security.interfaces.RSAPrivateKey;
+import java.security.interfaces.RSAPublicKey;
+import java.security.spec.RSAPrivateKeySpec;
+import java.security.spec.RSAPublicKeySpec;
+
+/**
+ * @test
+ * @bug 8044199
+ * @summary test if the private and public key size are the same as what is set
+ * through KeyPairGenerator.
+ * @run main KeySizeTest 512 10
+ * @run main KeySizeTest 768 10
+ * @run main KeySizeTest 1024 10
+ * @run main KeySizeTest 2048 5
+ * @run main KeySizeTest 4096 1
+ */
+public class KeySizeTest {
+
+    /**
+     * ALGORITHM name, fixed as RSA.
+     */
+    private static final String KEYALG = "RSA";
+
+    /**
+     * JDK default RSA Provider.
+     */
+    private static final String PROVIDER_NAME = "SunRsaSign";
+
+    public static void main(String[] args) throws Exception {
+        int iKeyPairSize = Integer.parseInt(args[0]);
+        int maxLoopCnt = Integer.parseInt(args[1]);
+
+        int failCount = 0;
+        KeyPairGenerator keyPairGen
+                = KeyPairGenerator.getInstance(KEYALG, PROVIDER_NAME);
+        keyPairGen.initialize(iKeyPairSize);
+        // Generate RSA keypair
+        KeyPair keyPair = keyPairGen.generateKeyPair();
+
+        // Get priavte and public keys
+        PrivateKey privateKey = keyPair.getPrivate();
+        PublicKey publicKey = keyPair.getPublic();
+        try {
+            if (!sizeTest(keyPair)) {
+                failCount++;
+            }
+        } catch (Exception ex) {
+            ex.printStackTrace(System.err);
+            failCount++;
+        }
+
+        for (int iCnt = 0; iCnt < maxLoopCnt; iCnt++) {
+
+            // Get keysize (modulus) of keys
+            KeyFactory keyFact = KeyFactory.getInstance(KEYALG, PROVIDER_NAME);
+
+            // Comparing binary length.
+            RSAPrivateKeySpec privateKeySpec
+                    = (RSAPrivateKeySpec) keyFact.getKeySpec(privateKey,
+                            RSAPrivateKeySpec.class);
+            int iPrivateKeySize = privateKeySpec.getModulus().bitLength();
+
+            RSAPublicKeySpec publicKeySpec
+                    = (RSAPublicKeySpec) keyFact.getKeySpec(publicKey,
+                            RSAPublicKeySpec.class);
+            int iPublicKeySize = publicKeySpec.getModulus().bitLength();
+
+            if ((iKeyPairSize != iPublicKeySize) || (iKeyPairSize != iPrivateKeySize)) {
+                System.err.println("iKeyPairSize : " + iKeyPairSize);
+                System.err.println("Generated a " + iPrivateKeySize
+                        + " bit RSA private key");
+                System.err.println("Generated a " + iPublicKeySize
+                        + " bit RSA public key");
+                failCount++;
+            }
+        }
+
+        if (failCount > 0) {
+            throw new RuntimeException("There are " + failCount + " tests failed.");
+        }
+    }
+
+    /**
+     * @param kpair test key pair.
+     * @return true if test passed. false if test failed.
+     */
+    private static boolean sizeTest(KeyPair kpair) {
+        RSAPrivateKey priv = (RSAPrivateKey) kpair.getPrivate();
+        RSAPublicKey pub = (RSAPublicKey) kpair.getPublic();
+
+        // test the getModulus method
+        if ((priv instanceof RSAKey) && (pub instanceof RSAKey)) {
+            if (!priv.getModulus().equals(pub.getModulus())) {
+                System.err.println("priv.getModulus() = " + priv.getModulus());
+                System.err.println("pub.getModulus() = " + pub.getModulus());
+                return false;
+            }
+        }
+        return true;
+    }
+}
--- /dev/null	Thu Jan 01 00:00:00 1970 +0000
+++ b/test/sun/security/rsa/PrivateKeyEqualityTest.java	Mon Apr 11 18:21:28 2016 +0000
@@ -0,0 +1,108 @@
+/*
+ * Copyright (c) 2015, Oracle and/or its affiliates. All rights reserved.
+ * DO NOT ALTER OR REMOVE COPYRIGHT NOTICES OR THIS FILE HEADER.
+ *
+ * This code is free software; you can redistribute it and/or modify it
+ * under the terms of the GNU General Public License version 2 only, as
+ * published by the Free Software Foundation.
+ *
+ * This code is distributed in the hope that it will be useful, but WITHOUT
+ * ANY WARRANTY; without even the implied warranty of MERCHANTABILITY or
+ * FITNESS FOR A PARTICULAR PURPOSE.  See the GNU General Public License
+ * version 2 for more details (a copy is included in the LICENSE file that
+ * accompanied this code).
+ *
+ * You should have received a copy of the GNU General Public License version
+ * 2 along with this work; if not, write to the Free Software Foundation,
+ * Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA.
+ *
+ * Please contact Oracle, 500 Oracle Parkway, Redwood Shores, CA 94065 USA
+ * or visit www.oracle.com if you need additional information or have any
+ * questions.
+ */
+import java.security.KeyFactory;
+import java.security.KeyPairGenerator;
+import java.security.KeyPair;
+import java.security.NoSuchAlgorithmException;
+import java.security.NoSuchProviderException;
+import java.security.interfaces.RSAPrivateCrtKey;
+import java.security.interfaces.RSAPrivateKey;
+import java.security.spec.InvalidKeySpecException;
+import java.security.spec.RSAPrivateKeySpec;
+import java.security.spec.PKCS8EncodedKeySpec;
+import java.security.spec.RSAPrivateCrtKeySpec;
+
+/**
+ * @test
+ * @bug 8044199 4666485
+ * @summary Equality checking for RSAPrivateKey by SunRsaSign provider.
+ */
+public class PrivateKeyEqualityTest {
+    /**
+     * ALGORITHM name, fixed as RSA.
+     */
+    private static final String KEYALG = "RSA";
+
+    /**
+     * JDK default RSA Provider.
+     */
+    private static final String PROVIDER_NAME = "SunRsaSign";
+
+    public static void main(String[] args) throws NoSuchAlgorithmException,
+            NoSuchProviderException, InvalidKeySpecException {
+        // Generate the first key.
+        KeyPairGenerator generator
+                = KeyPairGenerator.getInstance(KEYALG, PROVIDER_NAME);
+        KeyPair keyPair = generator.generateKeyPair();
+        RSAPrivateKey rsaPrivateKey = (RSAPrivateKey) keyPair.getPrivate();
+        if (!(rsaPrivateKey instanceof RSAPrivateCrtKey)) {
+            System.err.println("rsaPrivateKey class : " + rsaPrivateKey.getClass().getName());
+            throw new RuntimeException("rsaPrivateKey is not a RSAPrivateCrtKey instance");
+        }
+
+        // Generate the second key.
+        KeyFactory factory = KeyFactory.getInstance(KEYALG, PROVIDER_NAME);
+        RSAPrivateKeySpec rsaPrivateKeySpec = new RSAPrivateKeySpec(
+                rsaPrivateKey.getModulus(), rsaPrivateKey.getPrivateExponent());
+        RSAPrivateKey rsaPrivateKey2 = (RSAPrivateKey) factory.generatePrivate(
+                rsaPrivateKeySpec);
+
+        // Generate the third key.
+        PKCS8EncodedKeySpec encodedKeySpec = new PKCS8EncodedKeySpec(
+                rsaPrivateKey.getEncoded());
+        RSAPrivateKey rsaPrivateKey3 = (RSAPrivateKey) factory.generatePrivate(
+                encodedKeySpec);
+
+        // Check for equality.
+        if (rsaPrivateKey.equals(rsaPrivateKey2)) {
+            throw new RuntimeException("rsaPrivateKey should not equal to rsaPrivateKey2");
+        }
+        if (!rsaPrivateKey3.equals(rsaPrivateKey)) {
+            throw new RuntimeException("rsaPrivateKey3 should equal to rsaPrivateKey");
+        }
+        if (rsaPrivateKey3.equals(rsaPrivateKey2)) {
+            throw new RuntimeException("rsaPrivateKey3 should not equal to rsaPrivateKey2");
+        }
+        if (rsaPrivateKey2.equals(rsaPrivateKey3)) {
+            throw new RuntimeException("rsaPrivateKey2 should not equal to rsaPrivateKey3");
+        }
+
+        // Generate the fourth key.
+        RSAPrivateCrtKey rsaPrivateCrtKey =  (RSAPrivateCrtKey)rsaPrivateKey;
+        RSAPrivateCrtKeySpec rsaPrivateCrtKeySpec = new RSAPrivateCrtKeySpec(
+                rsaPrivateCrtKey.getModulus(),
+                rsaPrivateCrtKey.getPublicExponent(),
+                rsaPrivateCrtKey.getPrivateExponent(),
+                rsaPrivateCrtKey.getPrimeP(),
+                rsaPrivateCrtKey.getPrimeQ(),
+                rsaPrivateCrtKey.getPrimeExponentP(),
+                rsaPrivateCrtKey.getPrimeExponentQ(),
+                rsaPrivateCrtKey.getCrtCoefficient()
+            );
+        RSAPrivateCrtKey rsaPrivateKey4 = (RSAPrivateCrtKey) factory.generatePrivate(
+                rsaPrivateCrtKeySpec);
+        if (!rsaPrivateKey.equals(rsaPrivateKey4)) {
+            throw new RuntimeException("rsaPrivateKey should equal to rsaPrivateKey4");
+        }
+    }
+}
--- /dev/null	Thu Jan 01 00:00:00 1970 +0000
+++ b/test/sun/security/rsa/SignatureOffsets.java	Mon Apr 11 18:21:28 2016 +0000
@@ -0,0 +1,53 @@
+/*
+ * Copyright (c) 2015, Oracle and/or its affiliates. All rights reserved.
+ * DO NOT ALTER OR REMOVE COPYRIGHT NOTICES OR THIS FILE HEADER.
+ *
+ * This code is free software; you can redistribute it and/or modify it
+ * under the terms of the GNU General Public License version 2 only, as
+ * published by the Free Software Foundation.
+ *
+ * This code is distributed in the hope that it will be useful, but WITHOUT
+ * ANY WARRANTY; without even the implied warranty of MERCHANTABILITY or
+ * FITNESS FOR A PARTICULAR PURPOSE.  See the GNU General Public License
+ * version 2 for more details (a copy is included in the LICENSE file that
+ * accompanied this code).
+ *
+ * You should have received a copy of the GNU General Public License version
+ * 2 along with this work; if not, write to the Free Software Foundation,
+ * Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA.
+ *
+ * Please contact Oracle, 500 Oracle Parkway, Redwood Shores, CA 94065 USA
+ * or visit www.oracle.com if you need additional information or have any
+ * questions.
+ */
+
+import java.security.InvalidKeyException;
+import java.security.NoSuchAlgorithmException;
+import java.security.SignatureException;
+
+/*
+ * @test
+ * @bug 8050374
+ * @key randomness
+ * @summary This test validates signature verification
+ *          Signature.verify(byte[], int, int). The test uses RandomFactory to
+ *          get random set of clear text data to sign. After the signature
+ *          generation, the test tries to verify signature with the above API
+ *          and passing in different signature offset (0, 33, 66, 99).
+ * @library /lib/testlibrary
+ * @compile ../../../java/security/Signature/Offsets.java
+ * @run main SignatureOffsets SunRsaSign MD2withRSA
+ * @run main SignatureOffsets SunRsaSign MD5withRSA
+ * @run main SignatureOffsets SunRsaSign SHA1withRSA
+ * @run main SignatureOffsets SunRsaSign SHA224withRSA
+ * @run main SignatureOffsets SunRsaSign SHA256withRSA
+ * @run main SignatureOffsets SunRsaSign SHA384withRSA
+ * @run main SignatureOffsets SunRsaSign SHA512withRSA
+ */
+public class SignatureOffsets {
+
+    public static void main(String[] args) throws NoSuchAlgorithmException,
+            InvalidKeyException, SignatureException {
+        Offsets.main(args);
+    }
+}
\ No newline at end of file
--- /dev/null	Thu Jan 01 00:00:00 1970 +0000
+++ b/test/sun/security/rsa/SignatureTest.java	Mon Apr 11 18:21:28 2016 +0000
@@ -0,0 +1,209 @@
+/*
+ * Copyright (c) 2015, Oracle and/or its affiliates. All rights reserved.
+ * DO NOT ALTER OR REMOVE COPYRIGHT NOTICES OR THIS FILE HEADER.
+ *
+ * This code is free software; you can redistribute it and/or modify it
+ * under the terms of the GNU General Public License version 2 only, as
+ * published by the Free Software Foundation.
+ *
+ * This code is distributed in the hope that it will be useful, but WITHOUT
+ * ANY WARRANTY; without even the implied warranty of MERCHANTABILITY or
+ * FITNESS FOR A PARTICULAR PURPOSE.  See the GNU General Public License
+ * version 2 for more details (a copy is included in the LICENSE file that
+ * accompanied this code).
+ *
+ * You should have received a copy of the GNU General Public License version
+ * 2 along with this work; if not, write to the Free Software Foundation,
+ * Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA.
+ *
+ * Please contact Oracle, 500 Oracle Parkway, Redwood Shores, CA 94065 USA
+ * or visit www.oracle.com if you need additional information or have any
+ * questions.
+ */
+import java.security.InvalidKeyException;
+import java.security.Key;
+import java.security.KeyFactory;
+import java.security.KeyPair;
+import java.security.KeyPairGenerator;
+import java.security.NoSuchAlgorithmException;
+import java.security.NoSuchProviderException;
+import java.security.PrivateKey;
+import java.security.PublicKey;
+import java.security.Signature;
+import java.security.SignatureException;
+import java.security.interfaces.RSAPrivateKey;
+import java.security.interfaces.RSAPublicKey;
+import java.security.spec.InvalidKeySpecException;
+import java.security.spec.PKCS8EncodedKeySpec;
+import java.security.spec.RSAPrivateKeySpec;
+import java.security.spec.RSAPublicKeySpec;
+import java.security.spec.X509EncodedKeySpec;
+import java.util.Arrays;
+import static javax.crypto.Cipher.PRIVATE_KEY;
+import static javax.crypto.Cipher.PUBLIC_KEY;
+import jdk.testlibrary.RandomFactory;
+
+/**
+ * @test
+ * @bug 8044199
+ * @summary Create a signature for RSA and get its signed data. re-initiate
+ *          the signature with the public key. The signature can be verified
+ *          by acquired signed data.
+ * @key randomness
+ * @library ../../../lib/testlibrary
+ * @run main SignatureTest MD2withRSA 512
+ * @run main SignatureTest MD5withRSA 512
+ * @run main SignatureTest SHA1withRSA 512
+ * @run main SignatureTest SHA256withRSA 512
+ * @run main SignatureTest MD2withRSA 768
+ * @run main SignatureTest MD5withRSA 768
+ * @run main SignatureTest SHA1withRSA 768
+ * @run main SignatureTest SHA256withRSA 768
+ * @run main SignatureTest MD2withRSA 1024
+ * @run main SignatureTest MD5withRSA 1024
+ * @run main SignatureTest SHA1withRSA 1024
+ * @run main SignatureTest SHA256withRSA 1024
+ * @run main SignatureTest MD2withRSA 2048
+ * @run main SignatureTest MD5withRSA 2048
+ * @run main SignatureTest SHA1withRSA 2048
+ * @run main SignatureTest SHA256withRSA 2048
+ * @run main/timeout=240 SignatureTest MD2withRSA 4096
+ * @run main/timeout=240 SignatureTest MD5withRSA 4096
+ * @run main/timeout=240 SignatureTest SHA1withRSA 4096
+ * @run main/timeout=240 SignatureTest SHA256withRSA 4096
+ * @run main/timeout=240 SignatureTest MD2withRSA 5120
+ * @run main/timeout=240 SignatureTest MD5withRSA 5120
+ * @run main/timeout=240 SignatureTest SHA1withRSA 5120
+ * @run main/timeout=240 SignatureTest SHA256withRSA 5120
+ * @run main/timeout=240 SignatureTest MD2withRSA 6144
+ * @run main/timeout=240 SignatureTest MD5withRSA 6144
+ * @run main/timeout=240 SignatureTest SHA1withRSA 6144
+ * @run main/timeout=240 SignatureTest SHA256withRSA 6144
+ */
+public class SignatureTest {
+    /**
+     * ALGORITHM name, fixed as RSA.
+     */
+    private static final String KEYALG = "RSA";
+
+    /**
+     * JDK default RSA Provider.
+     */
+    private static final String PROVIDER = "SunRsaSign";
+
+    /**
+     * How much times signature updated.
+     */
+    private static final int UPDATE_TIMES_FIFTY = 50;
+
+    /**
+     * How much times signature initial updated.
+     */
+    private static final int UPDATE_TIMES_HUNDRED = 100;
+
+    public static void main(String[] args) throws Exception {
+        String testAlg = args[0];
+        int testSize = Integer.parseInt(args[1]);
+
+        byte[] data = new byte[100];
+        RandomFactory.getRandom().nextBytes(data);
+
+        // create a key pair
+        KeyPair kpair = generateKeys(KEYALG, testSize);
+        Key[] privs = manipulateKey(PRIVATE_KEY, kpair.getPrivate());
+        Key[] pubs = manipulateKey(PUBLIC_KEY, kpair.getPublic());
+        // For signature algorithm, create and verify a signature
+
+        Arrays.stream(privs).forEach(priv
+                -> Arrays.stream(pubs).forEach(pub -> {
+                    try {
+                        checkSignature(data, (PublicKey) pub, (PrivateKey) priv,
+                                testAlg);
+                    } catch (NoSuchAlgorithmException | InvalidKeyException
+                            | SignatureException | NoSuchProviderException ex) {
+                        throw new RuntimeException(ex);
+                    }
+                }
+                ));
+
+    }
+
+    private static KeyPair generateKeys(String keyalg, int size)
+            throws NoSuchAlgorithmException {
+        KeyPairGenerator kpg = KeyPairGenerator.getInstance(keyalg);
+        kpg.initialize(size);
+        return kpg.generateKeyPair();
+    }
+
+    private static Key[] manipulateKey(int type, Key key)
+            throws NoSuchAlgorithmException, InvalidKeySpecException, NoSuchProviderException {
+        KeyFactory kf = KeyFactory.getInstance(KEYALG, PROVIDER);
+
+        switch (type) {
+            case PUBLIC_KEY:
+                try {
+                    kf.getKeySpec(key, RSAPrivateKeySpec.class);
+                    throw new RuntimeException("Expected InvalidKeySpecException "
+                            + "not thrown");
+                } catch (InvalidKeySpecException expected) {
+                }
+
+                return new Key[]{
+                    kf.generatePublic(kf.getKeySpec(key, RSAPublicKeySpec.class)),
+                    kf.generatePublic(new X509EncodedKeySpec(key.getEncoded())),
+                    kf.generatePublic(new RSAPublicKeySpec(
+                    ((RSAPublicKey) key).getModulus(),
+                    ((RSAPublicKey) key).getPublicExponent()))
+                };
+            case PRIVATE_KEY:
+                try {
+                    kf.getKeySpec(key, RSAPublicKeySpec.class);
+                    throw new RuntimeException("Expected InvalidKeySpecException"
+                            + " not thrown");
+                } catch (InvalidKeySpecException expected) {
+                }
+                return new Key[]{
+                    kf.generatePrivate(kf.getKeySpec(key,
+                    RSAPrivateKeySpec.class)),
+                    kf.generatePrivate(new PKCS8EncodedKeySpec(
+                    key.getEncoded())),
+                    kf.generatePrivate(new RSAPrivateKeySpec(((RSAPrivateKey) key).getModulus(),
+                    ((RSAPrivateKey) key).getPrivateExponent()))
+                };
+        }
+        throw new RuntimeException("We shouldn't reach here");
+    }
+
+    private static void checkSignature(byte[] data, PublicKey pub,
+            PrivateKey priv, String sigalg) throws NoSuchAlgorithmException,
+            InvalidKeyException, SignatureException, NoSuchProviderException {
+        Signature sig = Signature.getInstance(sigalg, PROVIDER);
+        sig.initSign(priv);
+        for (int i = 0; i < UPDATE_TIMES_HUNDRED; i++) {
+            sig.update(data);
+        }
+        byte[] signedData = sig.sign();
+
+        // Make sure signature verifies with original data
+        sig.initVerify(pub);
+        for (int i = 0; i < UPDATE_TIMES_HUNDRED; i++) {
+            sig.update(data);
+        }
+        if (!sig.verify(signedData)) {
+            throw new RuntimeException("Failed to verify " + sigalg
+                    + " signature");
+        }
+
+        // Make sure signature does NOT verify when the original data
+        // has changed
+        sig.initVerify(pub);
+        for (int i = 0; i < UPDATE_TIMES_FIFTY; i++) {
+            sig.update(data);
+        }
+
+        if (sig.verify(signedData)) {
+            throw new RuntimeException("Failed to detect bad " + sigalg
+                    + " signature");
+        }
+    }
+}
--- /dev/null	Thu Jan 01 00:00:00 1970 +0000
+++ b/test/sun/security/rsa/SignedObjectChain.java	Mon Apr 11 18:21:28 2016 +0000
@@ -0,0 +1,59 @@
+/*
+ * Copyright (c) 2015, Oracle and/or its affiliates. All rights reserved.
+ * DO NOT ALTER OR REMOVE COPYRIGHT NOTICES OR THIS FILE HEADER.
+ *
+ * This code is free software; you can redistribute it and/or modify it
+ * under the terms of the GNU General Public License version 2 only, as
+ * published by the Free Software Foundation.
+ *
+ * This code is distributed in the hope that it will be useful, but WITHOUT
+ * ANY WARRANTY; without even the implied warranty of MERCHANTABILITY or
+ * FITNESS FOR A PARTICULAR PURPOSE.  See the GNU General Public License
+ * version 2 for more details (a copy is included in the LICENSE file that
+ * accompanied this code).
+ *
+ * You should have received a copy of the GNU General Public License version
+ * 2 along with this work; if not, write to the Free Software Foundation,
+ * Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA.
+ *
+ * Please contact Oracle, 500 Oracle Parkway, Redwood Shores, CA 94065 USA
+ * or visit www.oracle.com if you need additional information or have any
+ * questions.
+ */
+
+/*
+ * @test
+ * @bug 8050374
+ * @compile ../../../java/security/SignedObject/Chain.java
+ * @summary Verify a chain of signed objects
+ */
+public class SignedObjectChain {
+
+    private static class Test extends Chain.Test {
+
+        public Test(Chain.SigAlg sigAlg) {
+            super(sigAlg, Chain.KeyAlg.RSA, Chain.Provider.SunRsaSign);
+        }
+    }
+
+    private static final Test[] tests = {
+        new Test(Chain.SigAlg.MD2withRSA),
+        new Test(Chain.SigAlg.MD5withRSA),
+        new Test(Chain.SigAlg.SHA1withRSA),
+        new Test(Chain.SigAlg.SHA224withRSA),
+        new Test(Chain.SigAlg.SHA256withRSA),
+        new Test(Chain.SigAlg.SHA384withRSA),
+        new Test(Chain.SigAlg.SHA512withRSA),
+    };
+
+    public static void main(String argv[]) {
+        boolean resutl = java.util.Arrays.stream(tests).allMatch(
+                (test) -> Chain.runTest(test));
+
+        if(resutl) {
+            System.out.println("All tests passed");
+        } else {
+            throw new RuntimeException("Some tests failed");
+        }
+    }
+}
--- /dev/null	Thu Jan 01 00:00:00 1970 +0000
+++ b/test/sun/security/rsa/SpecTest.java	Mon Apr 11 18:21:28 2016 +0000
@@ -0,0 +1,119 @@
+/*
+ * Copyright (c) 2015, Oracle and/or its affiliates. All rights reserved.
+ * DO NOT ALTER OR REMOVE COPYRIGHT NOTICES OR THIS FILE HEADER.
+ *
+ * This code is free software; you can redistribute it and/or modify it
+ * under the terms of the GNU General Public License version 2 only, as
+ * published by the Free Software Foundation.
+ *
+ * This code is distributed in the hope that it will be useful, but WITHOUT
+ * ANY WARRANTY; without even the implied warranty of MERCHANTABILITY or
+ * FITNESS FOR A PARTICULAR PURPOSE.  See the GNU General Public License
+ * version 2 for more details (a copy is included in the LICENSE file that
+ * accompanied this code).
+ *
+ * You should have received a copy of the GNU General Public License version
+ * 2 along with this work; if not, write to the Free Software Foundation,
+ * Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA.
+ *
+ * Please contact Oracle, 500 Oracle Parkway, Redwood Shores, CA 94065 USA
+ * or visit www.oracle.com if you need additional information or have any
+ * questions.
+ */
+import java.math.BigInteger;
+import java.security.InvalidAlgorithmParameterException;
+import java.security.KeyPair;
+import java.security.KeyPairGenerator;
+import java.security.NoSuchAlgorithmException;
+import java.security.NoSuchProviderException;
+import java.security.interfaces.RSAKey;
+import java.security.interfaces.RSAPrivateKey;
+import java.security.interfaces.RSAPublicKey;
+import java.security.spec.RSAKeyGenParameterSpec;
+
+/**
+ * @test
+ * @bug 8044199
+ * @summary Check same KeyPair's private key and public key have same modulus.
+ *  also check public key's public exponent equals to given spec's public
+ *  exponent.
+ * @run main SpecTest 512
+ * @run main SpecTest 768
+ * @run main SpecTest 1024
+ * @run main SpecTest 2048
+ * @run main/timeout=240 SpecTest 4096
+ * @run main/timeout=240 SpecTest 5120
+ */
+public class SpecTest {
+    /**
+     * ALGORITHM name, fixed as RSA.
+     */
+    private static final String KEYALG = "RSA";
+
+    /**
+     * JDK default RSA Provider.
+     */
+    private static final String PROVIDER = "SunRsaSign";
+
+    /**
+     *
+     * @param kpair test key pair
+     * @param pubExponent expected public exponent.
+     * @return true if test passed. false if test failed.
+     */
+    private static boolean specTest(KeyPair kpair, BigInteger pubExponent) {
+        boolean passed = true;
+        RSAPrivateKey priv = (RSAPrivateKey) kpair.getPrivate();
+        RSAPublicKey pub = (RSAPublicKey) kpair.getPublic();
+
+        // test the getModulus method
+        if ((priv instanceof RSAKey) && (pub instanceof RSAKey)) {
+            if (!priv.getModulus().equals(pub.getModulus())) {
+                System.err.println("priv.getModulus() = " + priv.getModulus());
+                System.err.println("pub.getModulus() = " + pub.getModulus());
+                passed = false;
+            }
+
+            if (!pubExponent.equals(pub.getPublicExponent())) {
+                System.err.println("pubExponent = " + pubExponent);
+                System.err.println("pub.getPublicExponent() = "
+                        + pub.getPublicExponent());
+                passed = false;
+            }
+        }
+        return passed;
+    }
+
+    public static void main(String[] args) {
+        int failCount = 0;
+
+        // Test key size.
+        int size = Integer.parseInt(args[0]);
+
+        try {
+            KeyPairGenerator kpg1 = KeyPairGenerator.getInstance(KEYALG, PROVIDER);
+            kpg1.initialize(new RSAKeyGenParameterSpec(size,
+                    RSAKeyGenParameterSpec.F4));
+            if (!specTest(kpg1.generateKeyPair(),
+                    RSAKeyGenParameterSpec.F4)) {
+                failCount++;
+            }
+
+            KeyPairGenerator kpg2 = KeyPairGenerator.getInstance(KEYALG, PROVIDER);
+            kpg2.initialize(new RSAKeyGenParameterSpec(size,
+                    RSAKeyGenParameterSpec.F0));
+            if (!specTest(kpg2.generateKeyPair(), RSAKeyGenParameterSpec.F0)) {
+                failCount++;
+            }
+        } catch (NoSuchAlgorithmException | NoSuchProviderException
+                | InvalidAlgorithmParameterException ex) {
+            ex.printStackTrace(System.err);
+            failCount++;
+        }
+
+        if (failCount != 0) {
+            throw new RuntimeException("There are " + failCount
+                    + " tests failed.");
+        }
+    }
+}
--- /dev/null	Thu Jan 01 00:00:00 1970 +0000
+++ b/test/sun/security/ssl/rsa/SignatureOffsets.java	Mon Apr 11 18:21:28 2016 +0000
@@ -0,0 +1,50 @@
+/*
+ * Copyright (c) 2015, Oracle and/or its affiliates. All rights reserved.
+ * DO NOT ALTER OR REMOVE COPYRIGHT NOTICES OR THIS FILE HEADER.
+ *
+ * This code is free software; you can redistribute it and/or modify it
+ * under the terms of the GNU General Public License version 2 only, as
+ * published by the Free Software Foundation.
+ *
+ * This code is distributed in the hope that it will be useful, but WITHOUT
+ * ANY WARRANTY; without even the implied warranty of MERCHANTABILITY or
+ * FITNESS FOR A PARTICULAR PURPOSE.  See the GNU General Public License
+ * version 2 for more details (a copy is included in the LICENSE file that
+ * accompanied this code).
+ *
+ * You should have received a copy of the GNU General Public License version
+ * 2 along with this work; if not, write to the Free Software Foundation,
+ * Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA.
+ *
+ * Please contact Oracle, 500 Oracle Parkway, Redwood Shores, CA 94065 USA
+ * or visit www.oracle.com if you need additional information or have any
+ * questions.
+ */
+
+import java.security.InvalidKeyException;
+import java.security.NoSuchAlgorithmException;
+import java.security.SignatureException;
+
+/*
+ * @test
+ * @bug 8050374
+ * @key randomness
+ * @summary This test validates signature verification
+ *          Signature.verify(byte[], int, int). The test uses RandomFactory to
+ *          get random set of clear text data to sign. After the signature
+ *          generation, the test tries to verify signature with the above API
+ *          and passing in different signature offset (0, 33, 66, 99).
+ * @library /lib/testlibrary
+ * @compile ../../../../java/security/Signature/Offsets.java
+ * @run main SignatureOffsets SunJSSE MD2withRSA
+ * @run main SignatureOffsets SunJSSE MD5withRSA
+ * @run main SignatureOffsets SunJSSE SHA1withRSA
+ * @run main SignatureOffsets SunJSSE MD5andSHA1withRSA
+ */
+public class SignatureOffsets {
+
+    public static void main(String[] args) throws NoSuchAlgorithmException,
+            InvalidKeyException, SignatureException {
+        Offsets.main(args);
+    }
+}
\ No newline at end of file
--- /dev/null	Thu Jan 01 00:00:00 1970 +0000
+++ b/test/sun/security/ssl/rsa/SignedObjectChain.java	Mon Apr 11 18:21:28 2016 +0000
@@ -0,0 +1,56 @@
+/*
+ * Copyright (c) 2015, Oracle and/or its affiliates. All rights reserved.
+ * DO NOT ALTER OR REMOVE COPYRIGHT NOTICES OR THIS FILE HEADER.
+ *
+ * This code is free software; you can redistribute it and/or modify it
+ * under the terms of the GNU General Public License version 2 only, as
+ * published by the Free Software Foundation.
+ *
+ * This code is distributed in the hope that it will be useful, but WITHOUT
+ * ANY WARRANTY; without even the implied warranty of MERCHANTABILITY or
+ * FITNESS FOR A PARTICULAR PURPOSE.  See the GNU General Public License
+ * version 2 for more details (a copy is included in the LICENSE file that
+ * accompanied this code).
+ *
+ * You should have received a copy of the GNU General Public License version
+ * 2 along with this work; if not, write to the Free Software Foundation,
+ * Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA.
+ *
+ * Please contact Oracle, 500 Oracle Parkway, Redwood Shores, CA 94065 USA
+ * or visit www.oracle.com if you need additional information or have any
+ * questions.
+ */
+
+/*
+ * @test
+ * @bug 8050374
+ * @compile ../../../../java/security/SignedObject/Chain.java
+ * @summary Verify a chain of signed objects
+ */
+public class SignedObjectChain {
+
+    private static class Test extends Chain.Test {
+
+        public Test(Chain.SigAlg sigAlg) {
+            super(sigAlg, Chain.KeyAlg.RSA, Chain.Provider.SunJSSE);
+        }
+    }
+
+    private static final Test[] tests = {
+        new Test(Chain.SigAlg.MD2withRSA),
+        new Test(Chain.SigAlg.MD5withRSA),
+        new Test(Chain.SigAlg.SHA1withRSA),
+        new Test(Chain.SigAlg.MD5andSHA1withRSA),
+    };
+
+    public static void main(String argv[]) {
+        boolean resutl = java.util.Arrays.stream(tests).allMatch(
+                (test) -> Chain.runTest(test));
+
+        if(resutl) {
+            System.out.println("All tests passed");
+        } else {
+            throw new RuntimeException("Some tests failed");
+        }
+    }
+}