1 /* |
1 /* |
2 * Copyright (c) 2015, Oracle and/or its affiliates. All rights reserved. |
2 * Copyright (c) 2015, 2019, Oracle and/or its affiliates. All rights reserved. |
3 * DO NOT ALTER OR REMOVE COPYRIGHT NOTICES OR THIS FILE HEADER. |
3 * DO NOT ALTER OR REMOVE COPYRIGHT NOTICES OR THIS FILE HEADER. |
4 * |
4 * |
5 * This code is free software; you can redistribute it and/or modify it |
5 * This code is free software; you can redistribute it and/or modify it |
6 * under the terms of the GNU General Public License version 2 only, as |
6 * under the terms of the GNU General Public License version 2 only, as |
7 * published by the Free Software Foundation. |
7 * published by the Free Software Foundation. |
53 static IvParameterSpec iv = new IvParameterSpec(new byte[16]); |
53 static IvParameterSpec iv = new IvParameterSpec(new byte[16]); |
54 static boolean failure = false; |
54 static boolean failure = false; |
55 |
55 |
56 /* Full read stream, check that getMoreData() is throwing an exception |
56 /* Full read stream, check that getMoreData() is throwing an exception |
57 * This test |
57 * This test |
58 * 1) Encrypt 100 bytes with AES/GCM/PKCS5Padding |
58 * 1) Encrypt 100 bytes with AES/GCM/NoPadding |
59 * 2) Changes the last byte to invalidate the authetication tag. |
59 * 2) Changes the last byte to invalidate the authetication tag. |
60 * 3) Fully reads CipherInputStream to decrypt the message and closes |
60 * 3) Fully reads CipherInputStream to decrypt the message and closes |
61 */ |
61 */ |
62 |
62 |
63 static void gcm_AEADBadTag() throws Exception { |
63 static void gcm_AEADBadTag() throws Exception { |
64 Cipher c; |
64 Cipher c; |
65 byte[] read = new byte[200]; |
65 byte[] read = new byte[200]; |
66 |
66 |
67 System.out.println("Running gcm_AEADBadTag"); |
67 System.out.println("Running gcm_AEADBadTag"); |
68 |
68 |
69 // Encrypt 100 bytes with AES/GCM/PKCS5Padding |
69 // Encrypt 100 bytes with AES/GCM/NoPadding |
70 byte[] ct = encryptedText("GCM", 100); |
70 byte[] ct = encryptedText("GCM", 100); |
71 // Corrupt the encrypted message |
71 // Corrupt the encrypted message |
72 ct = corruptGCM(ct); |
72 ct = corruptGCM(ct); |
73 // Create stream for decryption |
73 // Create stream for decryption |
74 CipherInputStream in = getStream("GCM", ct); |
74 CipherInputStream in = getStream("GCM", ct); |
104 |
104 |
105 System.out.println("Running gcm_shortReadAEAD"); |
105 System.out.println("Running gcm_shortReadAEAD"); |
106 |
106 |
107 byte[] pt = new byte[600]; |
107 byte[] pt = new byte[600]; |
108 pt[0] = 1; |
108 pt[0] = 1; |
109 // Encrypt provided 600 bytes with AES/GCM/PKCS5Padding |
109 // Encrypt provided 600 bytes with AES/GCM/NoPadding |
110 byte[] ct = encryptedText("GCM", pt); |
110 byte[] ct = encryptedText("GCM", pt); |
111 // Create stream for decryption |
111 // Create stream for decryption |
112 CipherInputStream in = getStream("GCM", ct); |
112 CipherInputStream in = getStream("GCM", ct); |
113 |
113 |
114 int size = 0; |
114 int size = 0; |
132 |
132 |
133 /* |
133 /* |
134 * Verify doFinal() exception is suppressed when input stream is not |
134 * Verify doFinal() exception is suppressed when input stream is not |
135 * read before it is closed. |
135 * read before it is closed. |
136 * This test: |
136 * This test: |
137 * 1) Encrypt 100 bytes with AES/GCM/PKCS5Padding |
137 * 1) Encrypt 100 bytes with AES/GCM/NoPadding |
138 * 2) Changes the last byte to invalidate the authetication tag. |
138 * 2) Changes the last byte to invalidate the authetication tag. |
139 * 3) Opens a CipherInputStream and the closes it. Never reads from it. |
139 * 3) Opens a CipherInputStream and the closes it. Never reads from it. |
140 * |
140 * |
141 * There should be no exception thrown. |
141 * There should be no exception thrown. |
142 */ |
142 */ |
144 Cipher c; |
144 Cipher c; |
145 byte[] read = new byte[200]; |
145 byte[] read = new byte[200]; |
146 |
146 |
147 System.out.println("Running supressUnreadCorrupt test"); |
147 System.out.println("Running supressUnreadCorrupt test"); |
148 |
148 |
149 // Encrypt 100 bytes with AES/GCM/PKCS5Padding |
149 // Encrypt 100 bytes with AES/GCM/NoPadding |
150 byte[] ct = encryptedText("GCM", 100); |
150 byte[] ct = encryptedText("GCM", 100); |
151 // Corrupt the encrypted message |
151 // Corrupt the encrypted message |
152 ct = corruptGCM(ct); |
152 ct = corruptGCM(ct); |
153 // Create stream for decryption |
153 // Create stream for decryption |
154 CipherInputStream in = getStream("GCM", ct); |
154 CipherInputStream in = getStream("GCM", ct); |
164 |
164 |
165 /* |
165 /* |
166 * Verify noexception thrown when 1 byte is read from a GCM stream |
166 * Verify noexception thrown when 1 byte is read from a GCM stream |
167 * and then closed |
167 * and then closed |
168 * This test: |
168 * This test: |
169 * 1) Encrypt 100 bytes with AES/GCM/PKCS5Padding |
169 * 1) Encrypt 100 bytes with AES/GCM/NoPadding |
170 * 2) Read one byte from the stream, expect no exception thrown. |
170 * 2) Read one byte from the stream, expect no exception thrown. |
171 * 4) Close stream,expect no exception thrown. |
171 * 4) Close stream,expect no exception thrown. |
172 */ |
172 */ |
173 static void gcm_oneReadByte() throws Exception { |
173 static void gcm_oneReadByte() throws Exception { |
174 |
174 |
175 System.out.println("Running gcm_oneReadByte test"); |
175 System.out.println("Running gcm_oneReadByte test"); |
176 |
176 |
177 // Encrypt 100 bytes with AES/GCM/PKCS5Padding |
177 // Encrypt 100 bytes with AES/GCM/NoPadding |
178 byte[] ct = encryptedText("GCM", 100); |
178 byte[] ct = encryptedText("GCM", 100); |
179 // Create stream for decryption |
179 // Create stream for decryption |
180 CipherInputStream in = getStream("GCM", ct); |
180 CipherInputStream in = getStream("GCM", ct); |
181 |
181 |
182 try { |
182 try { |
190 |
190 |
191 /* |
191 /* |
192 * Verify exception thrown when 1 byte is read from a corrupted GCM stream |
192 * Verify exception thrown when 1 byte is read from a corrupted GCM stream |
193 * and then closed |
193 * and then closed |
194 * This test: |
194 * This test: |
195 * 1) Encrypt 100 bytes with AES/GCM/PKCS5Padding |
195 * 1) Encrypt 100 bytes with AES/GCM/NoPadding |
196 * 2) Changes the last byte to invalidate the authetication tag. |
196 * 2) Changes the last byte to invalidate the authetication tag. |
197 * 3) Read one byte from the stream, expect exception thrown. |
197 * 3) Read one byte from the stream, expect exception thrown. |
198 * 4) Close stream,expect no exception thrown. |
198 * 4) Close stream,expect no exception thrown. |
199 */ |
199 */ |
200 static void gcm_oneReadByteCorrupt() throws Exception { |
200 static void gcm_oneReadByteCorrupt() throws Exception { |
201 |
201 |
202 System.out.println("Running gcm_oneReadByteCorrupt test"); |
202 System.out.println("Running gcm_oneReadByteCorrupt test"); |
203 |
203 |
204 // Encrypt 100 bytes with AES/GCM/PKCS5Padding |
204 // Encrypt 100 bytes with AES/GCM/NoPadding |
205 byte[] ct = encryptedText("GCM", 100); |
205 byte[] ct = encryptedText("GCM", 100); |
206 // Corrupt the encrypted message |
206 // Corrupt the encrypted message |
207 ct = corruptGCM(ct); |
207 ct = corruptGCM(ct); |
208 // Create stream for decryption |
208 // Create stream for decryption |
209 CipherInputStream in = getStream("GCM", ct); |
209 CipherInputStream in = getStream("GCM", ct); |
355 |
355 |
356 /* Generic method to create encrypted text */ |
356 /* Generic method to create encrypted text */ |
357 static byte[] encryptedText(String mode, byte[] pt) throws Exception{ |
357 static byte[] encryptedText(String mode, byte[] pt) throws Exception{ |
358 Cipher c; |
358 Cipher c; |
359 if (mode.compareTo("GCM") == 0) { |
359 if (mode.compareTo("GCM") == 0) { |
360 c = Cipher.getInstance("AES/GCM/PKCS5Padding", "SunJCE"); |
360 c = Cipher.getInstance("AES/GCM/NoPadding", "SunJCE"); |
361 c.init(Cipher.ENCRYPT_MODE, key, gcmspec); |
361 c.init(Cipher.ENCRYPT_MODE, key, gcmspec); |
362 } else if (mode.compareTo("CBC") == 0) { |
362 } else if (mode.compareTo("CBC") == 0) { |
363 c = Cipher.getInstance("AES/CBC/PKCS5Padding", "SunJCE"); |
363 c = Cipher.getInstance("AES/CBC/PKCS5Padding", "SunJCE"); |
364 c.init(Cipher.ENCRYPT_MODE, key, iv); |
364 c.init(Cipher.ENCRYPT_MODE, key, iv); |
365 } else { |
365 } else { |
378 static CipherInputStream getStream(String mode, byte[] ct, int length) |
378 static CipherInputStream getStream(String mode, byte[] ct, int length) |
379 throws Exception { |
379 throws Exception { |
380 Cipher c; |
380 Cipher c; |
381 |
381 |
382 if (mode.compareTo("GCM") == 0) { |
382 if (mode.compareTo("GCM") == 0) { |
383 c = Cipher.getInstance("AES/GCM/PKCS5Padding", "SunJCE"); |
383 c = Cipher.getInstance("AES/GCM/NoPadding", "SunJCE"); |
384 c.init(Cipher.DECRYPT_MODE, key, gcmspec); |
384 c.init(Cipher.DECRYPT_MODE, key, gcmspec); |
385 } else if (mode.compareTo("CBC") == 0) { |
385 } else if (mode.compareTo("CBC") == 0) { |
386 c = Cipher.getInstance("AES/CBC/PKCS5Padding", "SunJCE"); |
386 c = Cipher.getInstance("AES/CBC/PKCS5Padding", "SunJCE"); |
387 c.init(Cipher.DECRYPT_MODE, key, iv); |
387 c.init(Cipher.DECRYPT_MODE, key, iv); |
388 } else { |
388 } else { |