1 /* |
1 /* |
2 * Copyright (c) 2018, Oracle and/or its affiliates. All rights reserved. |
2 * Copyright (c) 2018, 2019, Oracle and/or its affiliates. All rights reserved. |
3 * DO NOT ALTER OR REMOVE COPYRIGHT NOTICES OR THIS FILE HEADER. |
3 * DO NOT ALTER OR REMOVE COPYRIGHT NOTICES OR THIS FILE HEADER. |
4 * |
4 * |
5 * This code is free software; you can redistribute it and/or modify it |
5 * This code is free software; you can redistribute it and/or modify it |
6 * under the terms of the GNU General Public License version 2 only, as |
6 * under the terms of the GNU General Public License version 2 only, as |
7 * published by the Free Software Foundation. |
7 * published by the Free Software Foundation. |
79 } catch (GeneralSecurityException e) { |
79 } catch (GeneralSecurityException e) { |
80 System.out.println("Skip testing " + p.getName() + |
80 System.out.println("Skip testing " + p.getName() + |
81 ", no support for " + mode); |
81 ", no support for " + mode); |
82 return; |
82 return; |
83 } |
83 } |
|
84 System.out.println("Testing against " + p.getName()); |
84 SecretKey key = new SecretKeySpec(new byte[16], "AES"); |
85 SecretKey key = new SecretKeySpec(new byte[16], "AES"); |
85 // First try parameter-less init. |
86 // First try parameter-less init. |
86 c.init(Cipher.ENCRYPT_MODE, key); |
87 c.init(Cipher.ENCRYPT_MODE, key); |
87 c.updateAAD(AAD); |
88 c.updateAAD(AAD); |
88 byte[] ctPlusTag = c.doFinal(PT); |
89 byte[] ctPlusTag = c.doFinal(PT); |
109 } |
110 } |
110 if (!Arrays.equals(iv, c.getIV())) { |
111 if (!Arrays.equals(iv, c.getIV())) { |
111 throw new Exception("Parameters contains incorrect IV value"); |
112 throw new Exception("Parameters contains incorrect IV value"); |
112 } |
113 } |
113 |
114 |
114 // Should be ok to use the same key+iv for decryption |
|
115 c.init(Cipher.DECRYPT_MODE, key, params); |
115 c.init(Cipher.DECRYPT_MODE, key, params); |
116 c.updateAAD(AAD); |
116 c.updateAAD(AAD); |
117 byte[] recovered = c.doFinal(ctPlusTag); |
117 byte[] recovered = c.doFinal(ctPlusTag); |
118 if (!Arrays.equals(recovered, PT)) { |
118 if (!Arrays.equals(recovered, PT)) { |
119 throw new Exception("decryption result mismatch"); |
119 throw new Exception("Decryption result mismatch"); |
120 } |
120 } |
121 |
121 |
122 // Now try to encrypt again using the same key+iv; should fail also |
122 // Now try to encrypt again using the same key+iv; should fail also |
123 try { |
123 try { |
124 c.init(Cipher.ENCRYPT_MODE, key, params); |
124 c.init(Cipher.ENCRYPT_MODE, key, params); |
125 throw new Exception("Should throw exception when same key+iv is used"); |
125 throw new Exception("Should throw exception when same key+iv is used"); |
126 } catch (InvalidAlgorithmParameterException iape) { |
126 } catch (InvalidAlgorithmParameterException iape) { |
127 // expected |
127 // expected |
|
128 System.out.println("Expected IAPE thrown"); |
128 } |
129 } |
129 |
130 |
130 // Now try to encrypt again using parameter-less init; should work |
131 // Now try to encrypt again using parameter-less init; should work |
131 c.init(Cipher.ENCRYPT_MODE, key); |
132 c.init(Cipher.ENCRYPT_MODE, key); |
132 c.doFinal(PT); |
133 c.doFinal(PT); |
136 if (Arrays.equals(iv, ivNew)) { |
137 if (Arrays.equals(iv, ivNew)) { |
137 throw new Exception("IV should be different now"); |
138 throw new Exception("IV should be different now"); |
138 } |
139 } |
139 |
140 |
140 // Now try to encrypt again using a different parameter; should work |
141 // Now try to encrypt again using a different parameter; should work |
141 AlgorithmParameterSpec spec2 = new GCMParameterSpec(128, new byte[30]); |
142 AlgorithmParameterSpec spec2 = new GCMParameterSpec(128, |
|
143 "Solaris PKCS11 lib does not allow all-zero IV".getBytes()); |
142 c.init(Cipher.ENCRYPT_MODE, key, spec2); |
144 c.init(Cipher.ENCRYPT_MODE, key, spec2); |
143 c.updateAAD(AAD); |
145 c.updateAAD(AAD); |
144 c.doFinal(PT); |
146 c.doFinal(PT); |
145 // subsequent encryption should fail unless re-init w/ different key+iv |
147 // subsequent encryption should fail unless re-init w/ different key+iv |
146 checkISE(c); |
148 checkISE(c); |
152 recovered = c.doFinal(ctPlusTag); |
154 recovered = c.doFinal(ctPlusTag); |
153 |
155 |
154 c.updateAAD(AAD); |
156 c.updateAAD(AAD); |
155 recovered = c.doFinal(ctPlusTag); |
157 recovered = c.doFinal(ctPlusTag); |
156 if (!Arrays.equals(recovered, PT)) { |
158 if (!Arrays.equals(recovered, PT)) { |
157 throw new Exception("decryption result mismatch"); |
159 throw new Exception("Decryption result mismatch"); |
158 } |
160 } |
159 |
161 |
160 // Now try decryption again and re-init using the same parameters |
162 // Now try decryption again and re-init using the same parameters |
161 c.init(Cipher.DECRYPT_MODE, key, params); |
163 c.init(Cipher.DECRYPT_MODE, key, params); |
162 c.updateAAD(AAD); |
164 c.updateAAD(AAD); |