1 /* |
|
2 * Copyright (c) 2012, Oracle and/or its affiliates. All rights reserved. |
|
3 * DO NOT ALTER OR REMOVE COPYRIGHT NOTICES OR THIS FILE HEADER. |
|
4 * |
|
5 * This code is free software; you can redistribute it and/or modify it |
|
6 * under the terms of the GNU General Public License version 2 only, as |
|
7 * published by the Free Software Foundation. |
|
8 * |
|
9 * This code is distributed in the hope that it will be useful, but WITHOUT |
|
10 * ANY WARRANTY; without even the implied warranty of MERCHANTABILITY or |
|
11 * FITNESS FOR A PARTICULAR PURPOSE. See the GNU General Public License |
|
12 * version 2 for more details (a copy is included in the LICENSE file that |
|
13 * accompanied this code). |
|
14 * |
|
15 * You should have received a copy of the GNU General Public License version |
|
16 * 2 along with this work; if not, write to the Free Software Foundation, |
|
17 * Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA. |
|
18 * |
|
19 * Please contact Oracle, 500 Oracle Parkway, Redwood Shores, CA 94065 USA |
|
20 * or visit www.oracle.com if you need additional information or have any |
|
21 * questions. |
|
22 */ |
|
23 |
|
24 /* |
|
25 * @test |
|
26 * @bug 7088989 |
|
27 * @summary Ensure the AES ciphers of OracleUcrypto provider works correctly |
|
28 */ |
|
29 import java.io.*; |
|
30 import java.security.*; |
|
31 import java.security.spec.*; |
|
32 import java.util.*; |
|
33 import javax.crypto.*; |
|
34 import javax.crypto.spec.*; |
|
35 |
|
36 public class TestAES extends UcryptoTest { |
|
37 |
|
38 private static final String[] PADDEDCIPHER_ALGOS = { |
|
39 "AES/ECB/PKCS5Padding", |
|
40 "AES/CBC/PKCS5Padding", |
|
41 "AES/CFB128/PKCS5Padding" |
|
42 }; |
|
43 |
|
44 private static final String[] CIPHER_ALGOS = { |
|
45 "AES/ECB/NoPadding", |
|
46 "AES/CBC/NoPadding", |
|
47 "AES/CFB128/NoPadding", |
|
48 "AES/CTR/NoPadding", |
|
49 }; |
|
50 |
|
51 private static final SecretKey CIPHER_KEY = |
|
52 new SecretKeySpec(new byte[16], "AES"); |
|
53 |
|
54 public static void main(String[] args) throws Exception { |
|
55 main(new TestAES(), null); |
|
56 } |
|
57 |
|
58 public void doTest(Provider prov) throws Exception { |
|
59 // Provider for testing Interoperability |
|
60 Provider sunJCEProv = Security.getProvider("SunJCE"); |
|
61 |
|
62 testCipherInterop(CIPHER_ALGOS, CIPHER_KEY, prov, sunJCEProv); |
|
63 testCipherInterop(PADDEDCIPHER_ALGOS, CIPHER_KEY, prov, sunJCEProv); |
|
64 |
|
65 testCipherOffset(CIPHER_ALGOS, CIPHER_KEY, prov); |
|
66 testCipherOffset(PADDEDCIPHER_ALGOS, CIPHER_KEY, prov); |
|
67 |
|
68 testCipherKeyWrapping(PADDEDCIPHER_ALGOS, CIPHER_KEY, prov, sunJCEProv); |
|
69 testCipherGCM(CIPHER_KEY, prov); |
|
70 } |
|
71 |
|
72 private static void testCipherInterop(String[] algos, SecretKey key, |
|
73 Provider p, |
|
74 Provider interopP) { |
|
75 boolean testPassed = true; |
|
76 byte[] in = new byte[32]; |
|
77 (new SecureRandom()).nextBytes(in); |
|
78 |
|
79 for (String algo : algos) { |
|
80 try { |
|
81 // check ENC |
|
82 Cipher c; |
|
83 try { |
|
84 c = Cipher.getInstance(algo, p); |
|
85 } catch (NoSuchAlgorithmException nsae) { |
|
86 System.out.println("Skipping Unsupported CIP algo: " + algo); |
|
87 continue; |
|
88 } |
|
89 c.init(Cipher.ENCRYPT_MODE, key, (AlgorithmParameters)null, null); |
|
90 byte[] eout = c.doFinal(in, 0, in.length); |
|
91 |
|
92 AlgorithmParameters params = c.getParameters(); |
|
93 Cipher c2 = Cipher.getInstance(algo, interopP); |
|
94 c2.init(Cipher.ENCRYPT_MODE, key, params, null); |
|
95 byte[] eout2 = c2.doFinal(in, 0, in.length); |
|
96 |
|
97 if (!Arrays.equals(eout, eout2)) { |
|
98 System.out.println(algo + ": DIFF FAILED"); |
|
99 testPassed = false; |
|
100 } else { |
|
101 System.out.println(algo + ": ENC Passed"); |
|
102 } |
|
103 |
|
104 // check DEC |
|
105 c.init(Cipher.DECRYPT_MODE, key, params, null); |
|
106 byte[] dout = c.doFinal(eout); |
|
107 c2.init(Cipher.DECRYPT_MODE, key, params, null); |
|
108 byte[] dout2 = c2.doFinal(eout2); |
|
109 |
|
110 if (!Arrays.equals(dout, dout2)) { |
|
111 System.out.println(algo + ": DIFF FAILED"); |
|
112 testPassed = false; |
|
113 } else { |
|
114 System.out.println(algo + ": DEC Passed"); |
|
115 } |
|
116 } catch(Exception ex) { |
|
117 System.out.println("Unexpected Exception: " + algo); |
|
118 ex.printStackTrace(); |
|
119 testPassed = false; |
|
120 } |
|
121 } |
|
122 |
|
123 if (!testPassed) { |
|
124 throw new RuntimeException("One or more CIPHER test failed!"); |
|
125 } else { |
|
126 System.out.println("CIPHER Interop Tests Passed"); |
|
127 } |
|
128 } |
|
129 |
|
130 private static void testCipherOffset(String[] algos, SecretKey key, |
|
131 Provider p) { |
|
132 boolean testPassed = true; |
|
133 byte[] in = new byte[16]; |
|
134 (new SecureRandom()).nextBytes(in); |
|
135 int blockSize = 16; |
|
136 |
|
137 for (int j = 1; j < (in.length - 1); j++) { |
|
138 System.out.println("Input offset size: " + j); |
|
139 for (int i = 0; i < algos.length; i++) { |
|
140 try { |
|
141 // check ENC |
|
142 Cipher c; |
|
143 try { |
|
144 c = Cipher.getInstance(algos[i], p); |
|
145 } catch (NoSuchAlgorithmException nsae) { |
|
146 System.out.println("Skip Unsupported CIP algo: " + algos[i]); |
|
147 continue; |
|
148 } |
|
149 c.init(Cipher.ENCRYPT_MODE, key, (AlgorithmParameters)null, null); |
|
150 byte[] eout = new byte[c.getOutputSize(in.length)]; |
|
151 int firstPartLen = in.length - j - 1; |
|
152 //System.out.print("1st UPDATE: " + firstPartLen); |
|
153 int k = c.update(in, 0, firstPartLen, eout, 0); |
|
154 k += c.update(in, firstPartLen, 1, eout, k); |
|
155 k += c.doFinal(in, firstPartLen+1, j, eout, k); |
|
156 |
|
157 AlgorithmParameters params = c.getParameters(); |
|
158 |
|
159 Cipher c2 = Cipher.getInstance(algos[i], p); |
|
160 c2.init(Cipher.ENCRYPT_MODE, key, params, null); |
|
161 byte[] eout2 = new byte[c2.getOutputSize(in.length)]; |
|
162 int k2 = c2.update(in, 0, j, eout2, 0); |
|
163 k2 += c2.update(in, j, 1, eout2, k2); |
|
164 k2 += c2.doFinal(in, j+1, firstPartLen, eout2, k2); |
|
165 |
|
166 if (!checkArrays(eout, k, eout2, k2)) testPassed = false; |
|
167 |
|
168 // check DEC |
|
169 c.init(Cipher.DECRYPT_MODE, key, params, null); |
|
170 byte[] dout = new byte[c.getOutputSize(eout.length)]; |
|
171 k = c.update(eout, 0, firstPartLen, dout, 0); |
|
172 k += c.update(eout, firstPartLen, 1, dout, k); |
|
173 k += c.doFinal(eout, firstPartLen+1, eout.length - firstPartLen - 1, dout, k); |
|
174 if (!checkArrays(in, in.length, dout, k)) testPassed = false; |
|
175 } catch(Exception ex) { |
|
176 System.out.println("Unexpected Exception: " + algos[i]); |
|
177 ex.printStackTrace(); |
|
178 testPassed = false; |
|
179 } |
|
180 } |
|
181 } |
|
182 if (!testPassed) { |
|
183 throw new RuntimeException("One or more CIPHER test failed!"); |
|
184 } else { |
|
185 System.out.println("CIPHER Offset Tests Passed"); |
|
186 } |
|
187 } |
|
188 |
|
189 private static void testCipherKeyWrapping(String[] algos, SecretKey key, |
|
190 Provider p, Provider interopP) |
|
191 throws NoSuchAlgorithmException { |
|
192 boolean testPassed = true; |
|
193 |
|
194 // Test SecretKey, PrivateKey and PublicKey |
|
195 Key[] tbwKeys = new Key[3]; |
|
196 int[] tbwKeyTypes = { Cipher.SECRET_KEY, Cipher.PRIVATE_KEY, Cipher.PUBLIC_KEY }; |
|
197 tbwKeys[0] = new SecretKeySpec(new byte[20], "Blowfish"); |
|
198 KeyPairGenerator kpg = KeyPairGenerator.getInstance("RSA"); |
|
199 kpg.initialize(1024); |
|
200 KeyPair kp = kpg.generateKeyPair(); |
|
201 tbwKeys[1] = kp.getPrivate(); |
|
202 tbwKeys[2] = kp.getPublic(); |
|
203 |
|
204 for (int i = 0; i < algos.length; i++) { |
|
205 try { |
|
206 System.out.println(algos[i] + " - Native WRAP/Java UNWRAP"); |
|
207 |
|
208 Cipher c1; |
|
209 try { |
|
210 c1 = Cipher.getInstance(algos[i], p); |
|
211 } catch (NoSuchAlgorithmException nsae) { |
|
212 System.out.println("Skipping Unsupported CIP algo: " + algos[i]); |
|
213 continue; |
|
214 } |
|
215 c1.init(Cipher.WRAP_MODE, key, (AlgorithmParameters)null, null); |
|
216 AlgorithmParameters params = c1.getParameters(); |
|
217 Cipher c2 = Cipher.getInstance(algos[i], interopP); |
|
218 c2.init(Cipher.UNWRAP_MODE, key, params, null); |
|
219 |
|
220 for (int j = 0; j < tbwKeys.length ; j++) { |
|
221 byte[] wrappedKey = c1.wrap(tbwKeys[j]); |
|
222 Key recovered = c2.unwrap(wrappedKey, |
|
223 tbwKeys[j].getAlgorithm(), tbwKeyTypes[j]); |
|
224 if (!checkKeys(tbwKeys[j], recovered)) testPassed = false; |
|
225 } |
|
226 |
|
227 System.out.println(algos[i] + " - Java WRAP/Native UNWRAP"); |
|
228 c1 = Cipher.getInstance(algos[i], interopP); |
|
229 c1.init(Cipher.WRAP_MODE, key, (AlgorithmParameters)null, null); |
|
230 params = c1.getParameters(); |
|
231 c2 = Cipher.getInstance(algos[i], p); |
|
232 c2.init(Cipher.UNWRAP_MODE, key, params, null); |
|
233 |
|
234 for (int j = 0; j < tbwKeys.length ; j++) { |
|
235 byte[] wrappedKey = c1.wrap(tbwKeys[j]); |
|
236 Key recovered = c2.unwrap(wrappedKey, |
|
237 tbwKeys[j].getAlgorithm(), tbwKeyTypes[j]); |
|
238 if (!checkKeys(tbwKeys[j], recovered)) testPassed = false; |
|
239 } |
|
240 |
|
241 } catch(Exception ex) { |
|
242 System.out.println("Unexpected Exception: " + algos[i]); |
|
243 ex.printStackTrace(); |
|
244 testPassed = false; |
|
245 } |
|
246 } |
|
247 if (!testPassed) { |
|
248 throw new RuntimeException("One or more CIPHER test failed!"); |
|
249 } else { |
|
250 System.out.println("CIPHER KeyWrapping Tests Passed"); |
|
251 } |
|
252 } |
|
253 |
|
254 |
|
255 private static void testCipherGCM(SecretKey key, |
|
256 Provider p) { |
|
257 boolean testPassed = true; |
|
258 byte[] in = new byte[16]; |
|
259 (new SecureRandom()).nextBytes(in); |
|
260 |
|
261 byte[] iv = new byte[16]; |
|
262 (new SecureRandom()).nextBytes(iv); |
|
263 |
|
264 |
|
265 String algo = "AES/GCM/NoPadding"; |
|
266 int tagLen[] = { 128, 120, 112, 104, 96, 64, 32 }; |
|
267 |
|
268 try { |
|
269 Cipher c; |
|
270 try { |
|
271 c = Cipher.getInstance(algo, p); |
|
272 } catch (NoSuchAlgorithmException nsae) { |
|
273 System.out.println("Skipping Unsupported CIP algo: " + algo); |
|
274 return; |
|
275 } |
|
276 for (int i = 0; i < tagLen.length; i++) { |
|
277 AlgorithmParameterSpec paramSpec = new GCMParameterSpec(tagLen[i], iv); |
|
278 // check ENC |
|
279 c.init(Cipher.ENCRYPT_MODE, key, paramSpec, null); |
|
280 c.updateAAD(iv); |
|
281 byte[] eout = c.doFinal(in, 0, in.length); |
|
282 |
|
283 AlgorithmParameters param = c.getParameters(); |
|
284 // check DEC |
|
285 c.init(Cipher.DECRYPT_MODE, key, param, null); |
|
286 c.updateAAD(iv); |
|
287 byte[] dout = c.doFinal(eout, 0, eout.length); |
|
288 |
|
289 if (!Arrays.equals(dout, in)) { |
|
290 System.out.println(algo + ": PT and RT DIFF FAILED"); |
|
291 testPassed = false; |
|
292 } else { |
|
293 System.out.println(algo + ": tagLen " + tagLen[i] + " done"); |
|
294 } |
|
295 } |
|
296 } catch(Exception ex) { |
|
297 System.out.println("Unexpected Exception: " + algo); |
|
298 ex.printStackTrace(); |
|
299 testPassed = false; |
|
300 } |
|
301 if (!testPassed) { |
|
302 throw new RuntimeException("One or more CIPHER test failed!"); |
|
303 } else { |
|
304 System.out.println("CIPHER GCM Tests Passed"); |
|
305 } |
|
306 } |
|
307 |
|
308 private static boolean checkArrays(byte[] a1, int a1Len, byte[] a2, int a2Len) { |
|
309 boolean equal = true; |
|
310 if (a1Len != a2Len) { |
|
311 System.out.println("DIFFERENT OUT LENGTH"); |
|
312 equal = false; |
|
313 } else { |
|
314 for (int p = 0; p < a1Len; p++) { |
|
315 if (a1[p] != a2[p]) { |
|
316 System.out.println("DIFF FAILED"); |
|
317 equal = false; |
|
318 break; |
|
319 } |
|
320 } |
|
321 } |
|
322 return equal; |
|
323 } |
|
324 |
|
325 private static boolean checkKeys(Key k1, Key k2) { |
|
326 boolean equal = true; |
|
327 if (!k1.getAlgorithm().equalsIgnoreCase(k2.getAlgorithm())) { |
|
328 System.out.println("DIFFERENT Key Algorithm"); |
|
329 equal = false; |
|
330 } else if (!k1.getFormat().equalsIgnoreCase(k2.getFormat())) { |
|
331 System.out.println("DIFFERENT Key Format"); |
|
332 equal = false; |
|
333 } else if (!Arrays.equals(k1.getEncoded(), k2.getEncoded())) { |
|
334 System.out.println("DIFFERENT Key Encoding"); |
|
335 equal = false; |
|
336 } |
|
337 return equal; |
|
338 } |
|
339 } |
|