8342181: Update tests to use stronger Key and Salt size

Reviewed-by: rhalade, ascarpino

Author: fguallini

test/jdk/com/sun/crypto/provider/Cipher/DES/KeyWrapping.java

@@ -24,11 +24,13 @@
 /*
  * @test
  * @bug 0000000
+ * @library /test/lib
  * @summary KeyWrapping
  * @author Jan Luehe
  */
 import javax.crypto.*;
 import java.security.*;
+import jdk.test.lib.security.SecurityUtils;
 
 public class KeyWrapping {
 
@@ -71,8 +73,9 @@ public static void main(String[] args) throws Exception {
         if (!msg.equals(new String(clearText)))
             throw new Exception("The unwrapped session key is corrupted.");
 
-        KeyPairGenerator kpairGen = KeyPairGenerator.getInstance("DSA");
-        kpairGen.initialize(1024);
+        String kpgAlgorithm = "DSA";
+        KeyPairGenerator kpairGen = KeyPairGenerator.getInstance(kpgAlgorithm);
+        kpairGen.initialize(SecurityUtils.getTestKeySize(kpgAlgorithm));
 
         KeyPair kpair = kpairGen.genKeyPair();
 

test/jdk/com/sun/crypto/provider/Cipher/DES/Sealtest.java

@@ -1,5 +1,5 @@
 /*
- * Copyright (c) 1998, 2015, Oracle and/or its affiliates. All rights reserved.
+ * Copyright (c) 1998, 2024, Oracle and/or its affiliates. All rights reserved.
  * DO NOT ALTER OR REMOVE COPYRIGHT NOTICES OR THIS FILE HEADER.
  *
  * This code is free software; you can redistribute it and/or modify it
@@ -24,20 +24,23 @@
 /*
  * @test
  * @bug 0000000 7055362
+ * @library /test/lib
  * @summary Sealtest
  * @author Jan Luehe
  */
 import java.io.*;
 import java.security.*;
 import javax.crypto.*;
+import jdk.test.lib.security.SecurityUtils;
 
 public class Sealtest {
 
     public static void main(String[] args) throws Exception {
 
         // create DSA keypair
-        KeyPairGenerator kpgen = KeyPairGenerator.getInstance("DSA");
-        kpgen.initialize(512);
+        String kpgAlgorithm = "DSA";
+        KeyPairGenerator kpgen = KeyPairGenerator.getInstance(kpgAlgorithm);
+        kpgen.initialize(SecurityUtils.getTestKeySize(kpgAlgorithm));
         KeyPair kp = kpgen.generateKeyPair();
 
         // create DES key

test/jdk/com/sun/crypto/provider/Cipher/KeyWrap/TestCipherKeyWrapperTest.java

@@ -50,10 +50,12 @@
 import javax.crypto.SecretKeyFactory;
 import javax.crypto.spec.PBEKeySpec;
 import javax.crypto.spec.PBEParameterSpec;
+import jdk.test.lib.security.SecurityUtils;
 
 /*
  * @test
  * @bug 8048599 8248268 8288050
+ * @library /test/lib
  * @summary  Tests for key wrap and unwrap operations
  */
 
@@ -270,7 +272,7 @@ private void wrapperPublicPriviteKeyTest(Provider p, String[] algorithms)
             System.out.println("Generate key pair (algorithm: " + algo
                     + ", provider: " + p.getName() + ")");
             KeyPairGenerator kpg = KeyPairGenerator.getInstance(algo);
-            kpg.initialize(512);
+            kpg.initialize(SecurityUtils.getTestKeySize(algo));
             KeyPair kp = kpg.genKeyPair();
             // key generated
             String algoWrap = "DES";

test/jdk/com/sun/crypto/provider/Cipher/PBE/PBEKeyCleanupTest.java

@@ -23,6 +23,7 @@
 
 /*
  * @test
+ * @library /test/lib
  * @modules java.base/com.sun.crypto.provider:+open
  * @run main/othervm PBEKeyCleanupTest
  * @summary Verify that key storage is cleared
@@ -38,6 +39,7 @@
 import javax.crypto.SecretKey;
 import javax.crypto.SecretKeyFactory;
 import javax.crypto.spec.PBEKeySpec;
+import jdk.test.lib.security.SecurityUtils;
 
 /**
  * Test that the array holding the key bytes is cleared when it is
@@ -67,7 +69,7 @@ private static void testPBESecret(String algorithm) throws Exception {
     }
 
     private static void testPBKSecret(String algorithm) throws Exception {
-        byte[] salt = new byte[8];
+        byte[] salt = new byte[SecurityUtils.getTestSaltSize()];
         new Random().nextBytes(salt);
         char[] password = new char[] {'f', 'o', 'o'};
         PBEKeySpec pbeKeySpec = new PBEKeySpec(PASS_PHRASE.toCharArray(), salt,

test/jdk/com/sun/crypto/provider/Cipher/RSA/TestOAEPPadding.java

@@ -24,6 +24,7 @@
 /*
  * @test
  * @bug 8020081 8022669
+ * @library /test/lib
  * @summary encryption/decryption test for using OAEPPadding with
  * OAEPParameterSpec specified and not specified during a Cipher.init().
  * @author Anthony Scarpino
@@ -43,7 +44,7 @@
 import javax.crypto.spec.OAEPParameterSpec;
 import javax.crypto.IllegalBlockSizeException;
 import javax.crypto.spec.PSource;
-
+import jdk.test.lib.security.SecurityUtils;
 
 public class TestOAEPPadding {
     private static RSAPrivateKey privateKey;
@@ -57,8 +58,9 @@ public static void main(String args[]) throws Exception {
         System.out.println("Testing provider " + cp.getName() + "...");
         Provider kfp = Security.getProvider(
                         System.getProperty("test.providername", "SunRsaSign"));
-        KeyPairGenerator kpg = KeyPairGenerator.getInstance("RSA", kfp);
-        kpg.initialize(2048);
+        String kpgAlgorithm = "RSA";
+        KeyPairGenerator kpg = KeyPairGenerator.getInstance(kpgAlgorithm, kfp);
+        kpg.initialize(SecurityUtils.getTestKeySize(kpgAlgorithm));
         KeyPair kp = kpg.generateKeyPair();
         privateKey = (RSAPrivateKey)kp.getPrivate();
         publicKey = (RSAPublicKey)kp.getPublic();

test/jdk/com/sun/crypto/provider/Cipher/RSA/TestOAEPWithParams.java

@@ -24,6 +24,7 @@
 /*
  * @test
  * @bug 4923484 8146293
+ * @library /test/lib
  * @summary encryption/decryption test for using OAEPParameterSpec.
  * @author Valerie Peng
  */
@@ -35,6 +36,7 @@
 import javax.crypto.*;
 import javax.crypto.spec.PSource;
 import javax.crypto.spec.OAEPParameterSpec;
+import jdk.test.lib.security.SecurityUtils;
 
 public class TestOAEPWithParams {
 
@@ -59,8 +61,9 @@ public static void main(String[] args) throws Exception {
         System.out.println("Testing provider " + cp.getName() + "...");
         Provider kfp = Security.getProvider(
                 System.getProperty("test.provider.name", "SunRsaSign"));
-        KeyPairGenerator kpg = KeyPairGenerator.getInstance("RSA", kfp);
-        kpg.initialize(768);
+        String kpgAlgorithm = "RSA";
+        KeyPairGenerator kpg = KeyPairGenerator.getInstance(kpgAlgorithm, kfp);
+        kpg.initialize(SecurityUtils.getTestKeySize(kpgAlgorithm));
         KeyPair kp = kpg.generateKeyPair();
         privateKey = kp.getPrivate();
         publicKey = kp.getPublic();

test/jdk/com/sun/crypto/provider/KeyAgreement/DHKeyAgreementPadding.java

@@ -1,5 +1,5 @@
 /*
- * Copyright (c) 2022, Oracle and/or its affiliates. All rights reserved.
+ * Copyright (c) 2022, 2024, Oracle and/or its affiliates. All rights reserved.
  * DO NOT ALTER OR REMOVE COPYRIGHT NOTICES OR THIS FILE HEADER.
  *
  * This code is free software; you can redistribute it and/or modify it
@@ -34,21 +34,22 @@
 import java.security.KeyPairGenerator;
 import java.util.Arrays;
 import java.util.HexFormat;
+import jdk.test.lib.security.SecurityUtils;
 
 public class DHKeyAgreementPadding {
 
     public static void main(String[] args) throws Exception {
-
-        byte[] aliceSecret = new byte[80];
-        byte[] bobSecret = new byte[80];
-
-        KeyAgreement alice = KeyAgreement.getInstance("DiffieHellman");
-        KeyAgreement bob = KeyAgreement.getInstance("DiffieHellman");
+        String kpgAlgorithm = "DiffieHellman";
+        KeyAgreement alice = KeyAgreement.getInstance(kpgAlgorithm);
+        KeyAgreement bob = KeyAgreement.getInstance(kpgAlgorithm);
+        int keySizeBits = SecurityUtils.getTestKeySize(kpgAlgorithm);
+        byte[] aliceSecret = new byte[keySizeBits / 8];
+        byte[] bobSecret = new byte[keySizeBits / 8];
 
         // The probability of an error is 0.2% or 1/500. Try more times.
         for (int i = 0; i < 5000; i++) {
-            KeyPairGenerator keyPairGen = KeyPairGenerator.getInstance("DiffieHellman");
-            keyPairGen.initialize(512);
+            KeyPairGenerator keyPairGen = KeyPairGenerator.getInstance(kpgAlgorithm);
+            keyPairGen.initialize(keySizeBits);
             KeyPair aliceKeyPair = keyPairGen.generateKeyPair();
             KeyPair bobKeyPair = keyPairGen.generateKeyPair();
 

test/jdk/com/sun/crypto/provider/KeyFactory/TestProviderLeak.java

@@ -24,6 +24,7 @@
 /*
  * @test
  * @bug 6578538 8027624
+ * @library /test/lib
  * @summary com.sun.crypto.provider.SunJCE instance leak using KRB5 and
  *     LoginContext
  * @author Brad Wetmore
@@ -45,6 +46,7 @@
 
 import java.util.*;
 import java.util.concurrent.*;
+import jdk.test.lib.security.SecurityUtils;
 
 public class TestProviderLeak {
     private static final int MB = 1024 * 1024;
@@ -109,7 +111,7 @@ public static void main(String [] args) throws Exception {
             SecretKeyFactory.getInstance("PBKDF2WithHmacSHA1",
                     System.getProperty("test.provider.name", "SunJCE"));
         final PBEKeySpec pbeKS = new PBEKeySpec(
-            "passPhrase".toCharArray(), new byte [] { 0 }, 5, 512);
+            "passPhrase".toCharArray(), new byte [SecurityUtils.getTestSaltSize()], 1000, 512);
 
         ExecutorService executor = Executors.newSingleThreadExecutor();
         Callable<SecretKey> task = new Callable<SecretKey>() {

test/jdk/com/sun/org/apache/xml/internal/security/SignatureKeyInfo.java

@@ -1,5 +1,5 @@
 /*
- * Copyright (c) 2021, Oracle and/or its affiliates. All rights reserved.
+ * Copyright (c) 2021, 2024, Oracle and/or its affiliates. All rights reserved.
  * DO NOT ALTER OR REMOVE COPYRIGHT NOTICES OR THIS FILE HEADER.
  *
  * This code is free software; you can redistribute it and/or modify it
@@ -62,6 +62,7 @@
 import java.io.File;
 import java.math.BigInteger;
 import java.security.*;
+import jdk.test.lib.security.SecurityUtils;
 
 import static jdk.test.lib.Asserts.assertEquals;
 
@@ -160,7 +161,7 @@ private static void addKeyInfoData(KeyInfo keyInfo, String algorithm) throws Exc
 
     private static KeyPair getKeyPair(String algorithm) throws NoSuchAlgorithmException {
         KeyPairGenerator keyGen = KeyPairGenerator.getInstance(algorithm);
-        keyGen.initialize(2048);
+        keyGen.initialize(SecurityUtils.getTestKeySize(algorithm));
 
         return keyGen.genKeyPair();
     }

test/jdk/java/security/KeyAgreement/KeySpecTest.java

@@ -24,6 +24,7 @@
  /*
  * @test
  * @bug 8184359
+ * @library /test/lib
  * @summary Standard tests on KeySpec, KeyFactory, KeyPairs and Keys.
  *  Arguments order <KeyExchangeAlgorithm> <Provider> <KeyGenAlgorithm> <Curve*>
  * @run main KeySpecTest DiffieHellman SunJCE DiffieHellman
@@ -55,6 +56,7 @@
 import javax.crypto.KeyAgreement;
 import javax.crypto.spec.DHPrivateKeySpec;
 import javax.crypto.spec.DHPublicKeySpec;
+import jdk.test.lib.security.SecurityUtils;
 
 public class KeySpecTest {
 
@@ -78,7 +80,7 @@ private static KeyPair genKeyPair(String provider, String kpgAlgo,
         KeyPairGenerator kpg = KeyPairGenerator.getInstance(kpgAlgo, provider);
         switch (kpgInit) {
             case "DiffieHellman":
-                kpg.initialize(512);
+                kpg.initialize(SecurityUtils.getTestKeySize(kpgInit));
                 break;
             case "EC":
                 kpg.initialize(256);