-
Notifications
You must be signed in to change notification settings - Fork 2
Commit
This commit does not belong to any branch on this repository, and may belong to a fork outside of the repository.
Add a GitHub action to test the content snap
- Loading branch information
Showing
4 changed files
with
527 additions
and
0 deletions.
There are no files selected for viewing
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| Original file line number | Diff line number | Diff line change |
|---|---|---|
| @@ -0,0 +1,32 @@ | ||
| name: Java CI with Maven | ||
|
|
||
| on: | ||
| push: | ||
| branches: [ "main" ] | ||
| pull_request: | ||
| branches: [ "**" ] | ||
|
|
||
| jobs: | ||
| build: | ||
| runs-on: ubuntu-22.04 | ||
| steps: | ||
| - uses: actions/checkout@v4 | ||
| - name: Install snapcraft | ||
| run: sudo snap install snapcraft | ||
| - name: Build openssl-fips-java snap | ||
| run: sudo snapcraft | ||
| - name: Install openssl-fips-java snap | ||
| run: sudo snap install --dangerous ./openssl-fips-java_0.0.1_amd64.snap | ||
| - name: Build sample consumer snap | ||
| run: | | ||
| cd ${{ github.workspace }}/src/test/consumer-snap | ||
| sudo snapcraft | ||
| sudo snap install --dangerous ./kem-test_1.0_amd64.snap | ||
| cd ${{ github.workspace }} | ||
| - name: Connect snaps | ||
| run: sudo snap connect kem-test:openssl-fips-provider-jar openssl-fips-java:openssl-fips-provider-jar | ||
| - name: Run kem-test | ||
| run: kem-test | ||
|
|
||
|
|
||
|
|
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| Original file line number | Diff line number | Diff line change |
|---|---|---|
| @@ -0,0 +1,43 @@ | ||
| import java.security.KeyPair; | ||
| import java.security.PublicKey; | ||
| import java.security.PrivateKey; | ||
| import java.util.Arrays; | ||
| import java.security.KeyPairGenerator; | ||
| import javax.crypto.KEM; | ||
| import javax.crypto.KEM.Encapsulated; | ||
| import javax.crypto.KEM.Encapsulator; | ||
| import javax.crypto.KEM.Decapsulator; | ||
| import javax.crypto.SecretKey; | ||
| import java.security.Security; | ||
|
|
||
|
|
||
| public class KEMTest { | ||
| public static void main(String[] args) throws Exception { | ||
| String cname = "com.canonical.openssl.provider.OpenSSLFIPSProvider"; | ||
| Security.addProvider((java.security.Provider) Class.forName(cname).newInstance()); | ||
|
|
||
| KeyPairGenerator kpg = KeyPairGenerator.getInstance("RSA"); | ||
| kpg.initialize(4096); | ||
|
|
||
| // Alice creates a key pair and shares the public key with Bob | ||
| KeyPair aliceKeys = kpg.generateKeyPair(); | ||
| PublicKey alicePublicKey = aliceKeys.getPublic(); | ||
| PrivateKey alicePrivateKey = aliceKeys.getPrivate(); | ||
|
|
||
| // Bob generates a shared secret and wraps it using Alice's public key | ||
| KEM bobKem = KEM.getInstance("RSA", "OpenSSLFIPSProvider"); | ||
| Encapsulator encapsulator = bobKem.newEncapsulator(alicePublicKey, null, null); | ||
| int secretSize = encapsulator.secretSize(); | ||
| KEM.Encapsulated encapsulated = encapsulator.encapsulate(0, secretSize, "AES"); | ||
| SecretKey bobSecret = encapsulated.key(); | ||
|
|
||
| // Bob sends the encapsulated secret to Alice | ||
| // Alice uses her RSA private key to unwrap the shared secret | ||
| KEM aliceKem = KEM.getInstance("RSA", "OpenSSLFIPSProvider"); | ||
| Decapsulator decapsulator = aliceKem.newDecapsulator(alicePrivateKey, null); | ||
| byte[] encapsulationBytes = encapsulated.encapsulation(); | ||
| SecretKey aliceSecret = decapsulator.decapsulate(encapsulationBytes, 0, encapsulationBytes.length, "AES"); | ||
|
|
||
| System.out.println(aliceSecret.equals(bobSecret)); | ||
| } | ||
| } |
Oops, something went wrong.