1 /* |
1 /* |
2 * Copyright (c) 2012, 2014, Oracle and/or its affiliates. All rights reserved. |
2 * Copyright (c) 2012, 2016, Oracle and/or its affiliates. All rights reserved. |
3 * DO NOT ALTER OR REMOVE COPYRIGHT NOTICES OR THIS FILE HEADER. |
3 * DO NOT ALTER OR REMOVE COPYRIGHT NOTICES OR THIS FILE HEADER. |
4 * |
4 * |
5 * This code is free software; you can redistribute it and/or modify it |
5 * This code is free software; you can redistribute it and/or modify it |
6 * under the terms of the GNU General Public License version 2 only, as |
6 * under the terms of the GNU General Public License version 2 only, as |
7 * published by the Free Software Foundation. |
7 * published by the Free Software Foundation. |
118 |
118 |
119 String baseAlgo |
119 String baseAlgo |
120 = new StringTokenizer(algo, "/").nextToken().toUpperCase(); |
120 = new StringTokenizer(algo, "/").nextToken().toUpperCase(); |
121 boolean isAES = baseAlgo.contains("AES"); |
121 boolean isAES = baseAlgo.contains("AES"); |
122 |
122 |
|
123 boolean isUnlimited = |
|
124 (Cipher.getMaxAllowedKeyLength(algo) == Integer.MAX_VALUE); |
|
125 |
123 try { |
126 try { |
124 // Initialization |
127 // Initialization |
125 new Random().nextBytes(salt); |
128 new Random().nextBytes(salt); |
126 AlgorithmParameterSpec aps = new PBEParameterSpec(salt, |
129 AlgorithmParameterSpec aps = new PBEParameterSpec(salt, |
127 ITERATION_COUNT); |
130 ITERATION_COUNT); |
128 SecretKeyFactory skf = SecretKeyFactory.getInstance(baseAlgo, p); |
131 SecretKeyFactory skf = SecretKeyFactory.getInstance(baseAlgo, p); |
129 SecretKey key = skf.generateSecret(new PBEKeySpec( |
132 SecretKey key = skf.generateSecret(new PBEKeySpec( |
130 "Secret Key".toCharArray())); |
133 "Secret Key".toCharArray())); |
131 Cipher ci = Cipher.getInstance(algo); |
134 Cipher ci = Cipher.getInstance(algo); |
132 |
|
133 if (isAES) { |
135 if (isAES) { |
134 ci.init(Cipher.WRAP_MODE, key); |
136 ci.init(Cipher.WRAP_MODE, key); |
135 pbeParams = ci.getParameters(); |
137 pbeParams = ci.getParameters(); |
136 } else { |
138 } else { |
137 ci.init(Cipher.WRAP_MODE, key, aps); |
139 ci.init(Cipher.WRAP_MODE, key, aps); |
144 ci.init(Cipher.UNWRAP_MODE, key, aps); |
146 ci.init(Cipher.UNWRAP_MODE, key, aps); |
145 } |
147 } |
146 |
148 |
147 Key unwrappedKey = ci.unwrap(keyWrapper, algo, Cipher.SECRET_KEY); |
149 Key unwrappedKey = ci.unwrap(keyWrapper, algo, Cipher.SECRET_KEY); |
148 |
150 |
149 if (baseAlgo.endsWith("TRIPLEDES") |
151 if ((baseAlgo.endsWith("TRIPLEDES") |
150 || baseAlgo.endsWith("AES_256")) { |
152 || baseAlgo.endsWith("AES_256")) && !isUnlimited) { |
151 out.print( |
153 out.print( |
152 "InvalidKeyException not thrown when keyStrength > 128"); |
154 "Expected InvalidKeyException not thrown"); |
153 return false; |
155 return false; |
154 } |
156 } |
155 |
157 |
156 return (Arrays.equals(key.getEncoded(), unwrappedKey.getEncoded())); |
158 return (Arrays.equals(key.getEncoded(), unwrappedKey.getEncoded())); |
157 |
159 |
158 } catch (InvalidKeyException ex) { |
160 } catch (InvalidKeyException ex) { |
159 |
161 |
160 if ((baseAlgo.endsWith("TRIPLEDES") |
162 if ((baseAlgo.endsWith("TRIPLEDES") |
161 || baseAlgo.endsWith("AES_256"))) { |
163 || baseAlgo.endsWith("AES_256")) && !isUnlimited) { |
162 out.println("Expected InvalidKeyException, keyStrength > 128"); |
164 out.print( |
|
165 "Expected InvalidKeyException thrown"); |
163 return true; |
166 return true; |
164 } else { |
167 } else { |
165 throw ex; |
168 throw ex; |
166 } |
169 } |
167 } |
170 } |