# HG changeset patch # User valeriep # Date 1369886083 25200 # Node ID 37620367ceb780b71a6c531b998e36f519261a8c # Parent 9bd1b39cdbcf1787d22e0553d37a0653a69fb5ae 8013069: javax.crypto tests fail with new PBE algorithm names Summary: Shouldn't auto-generate default parameters for MAC objects. Reviewed-by: vinnie diff -r 9bd1b39cdbcf -r 37620367ceb7 jdk/src/share/classes/com/sun/crypto/provider/HmacPKCS12PBESHA1.java --- a/jdk/src/share/classes/com/sun/crypto/provider/HmacPKCS12PBESHA1.java Thu May 30 22:19:28 2013 -0700 +++ b/jdk/src/share/classes/com/sun/crypto/provider/HmacPKCS12PBESHA1.java Wed May 29 20:54:43 2013 -0700 @@ -86,12 +86,13 @@ throw new InvalidKeyException("SecretKey of PBE type required"); } if (params == null) { - // generate default for salt and iteration count if necessary - if (salt == null) { - salt = new byte[20]; - SunJCE.getRandom().nextBytes(salt); + // should not auto-generate default values since current + // javax.crypto.Mac api does not have any method for caller to + // retrieve the generated defaults. + if ((salt == null) || (iCount == 0)) { + throw new InvalidAlgorithmParameterException + ("PBEParameterSpec required for salt and iteration count"); } - if (iCount == 0) iCount = 100; } else if (!(params instanceof PBEParameterSpec)) { throw new InvalidAlgorithmParameterException ("PBEParameterSpec type required"); diff -r 9bd1b39cdbcf -r 37620367ceb7 jdk/src/share/classes/com/sun/crypto/provider/PBMAC1Core.java --- a/jdk/src/share/classes/com/sun/crypto/provider/PBMAC1Core.java Thu May 30 22:19:28 2013 -0700 +++ b/jdk/src/share/classes/com/sun/crypto/provider/PBMAC1Core.java Wed May 29 20:54:43 2013 -0700 @@ -42,12 +42,10 @@ */ abstract class PBMAC1Core extends HmacCore { - private static final int DEFAULT_SALT_LENGTH = 20; - private static final int DEFAULT_COUNT = 4096; - + // NOTE: this class inherits the Cloneable interface from HmacCore + // Need to override clone() if mutable fields are added. private final String kdfAlgo; private final String hashAlgo; - private final PBKDF2Core kdf; private final int blockLength; // in octets /** @@ -56,13 +54,15 @@ */ PBMAC1Core(String kdfAlgo, String hashAlgo, int blockLength) throws NoSuchAlgorithmException { - super(hashAlgo, blockLength); this.kdfAlgo = kdfAlgo; this.hashAlgo = hashAlgo; this.blockLength = blockLength; + } - switch(kdfAlgo) { + private static PBKDF2Core getKDFImpl(String algo) { + PBKDF2Core kdf = null; + switch(algo) { case "HmacSHA1": kdf = new PBKDF2Core.HmacSHA1(); break; @@ -79,9 +79,10 @@ kdf = new PBKDF2Core.HmacSHA512(); break; default: - throw new NoSuchAlgorithmException( - "No MAC implementation for " + kdfAlgo); + throw new ProviderException( + "No MAC implementation for " + algo); } + return kdf; } /** @@ -120,12 +121,13 @@ throw new InvalidKeyException("SecretKey of PBE type required"); } if (params == null) { - // generate default for salt and iteration count if necessary - if (salt == null) { - salt = new byte[DEFAULT_SALT_LENGTH]; - SunJCE.getRandom().nextBytes(salt); + // should not auto-generate default values since current + // javax.crypto.Mac api does not have any method for caller to + // retrieve the generated defaults. + if ((salt == null) || (iCount == 0)) { + throw new InvalidAlgorithmParameterException + ("PBEParameterSpec required for salt and iteration count"); } - if (iCount == 0) iCount = DEFAULT_COUNT; } else if (!(params instanceof PBEParameterSpec)) { throw new InvalidAlgorithmParameterException ("PBEParameterSpec type required"); @@ -168,7 +170,7 @@ java.util.Arrays.fill(passwdChars, ' '); SecretKey s = null; - + PBKDF2Core kdf = getKDFImpl(kdfAlgo); try { s = kdf.engineGenerateSecret(pbeSpec); diff -r 9bd1b39cdbcf -r 37620367ceb7 jdk/src/share/classes/com/sun/crypto/provider/SunJCE.java --- a/jdk/src/share/classes/com/sun/crypto/provider/SunJCE.java Thu May 30 22:19:28 2013 -0700 +++ b/jdk/src/share/classes/com/sun/crypto/provider/SunJCE.java Wed May 29 20:54:43 2013 -0700 @@ -731,10 +731,11 @@ put("Mac.HmacSHA384 SupportedKeyFormats", "RAW"); put("Mac.HmacSHA512 SupportedKeyFormats", "RAW"); put("Mac.HmacPBESHA1 SupportedKeyFormats", "RAW"); - put("Mac.HmacPBESHA224 SupportedKeyFormats", "RAW"); - put("Mac.HmacPBESHA256 SupportedKeyFormats", "RAW"); - put("Mac.HmacPBESHA384 SupportedKeyFormats", "RAW"); - put("Mac.HmacPBESHA512 SupportedKeyFormats", "RAW"); + put("Mac.PBEWithHmacSHA1 SupportedKeyFormatS", "RAW"); + put("Mac.PBEWithHmacSHA224 SupportedKeyFormats", "RAW"); + put("Mac.PBEWithHmacSHA256 SupportedKeyFormats", "RAW"); + put("Mac.PBEWithHmacSHA384 SupportedKeyFormats", "RAW"); + put("Mac.PBEWithHmacSHA512 SupportedKeyFormats", "RAW"); put("Mac.SslMacMD5 SupportedKeyFormats", "RAW"); put("Mac.SslMacSHA1 SupportedKeyFormats", "RAW"); diff -r 9bd1b39cdbcf -r 37620367ceb7 jdk/test/com/sun/crypto/provider/Mac/HmacPBESHA1.java --- a/jdk/test/com/sun/crypto/provider/Mac/HmacPBESHA1.java Thu May 30 22:19:28 2013 -0700 +++ b/jdk/test/com/sun/crypto/provider/Mac/HmacPBESHA1.java Wed May 29 20:54:43 2013 -0700 @@ -1,5 +1,5 @@ /* - * Copyright (c) 2003, 2012, Oracle and/or its affiliates. All rights reserved. + * Copyright (c) 2003, 2013, Oracle and/or its affiliates. All rights reserved. * DO NOT ALTER OR REMOVE COPYRIGHT NOTICES OR THIS FILE HEADER. * * This code is free software; you can redistribute it and/or modify it @@ -23,8 +23,8 @@ /** * @test - * @bug 4893959 - * @summary basic test for HmacPBESHA1 + * @bug 4893959 8013069 + * @summary basic test for PBE MAC algorithms. * @author Valerie Peng */ import java.io.PrintStream; @@ -68,8 +68,9 @@ } Mac mac = Mac.getInstance(algo, PROVIDER); byte[] plainText = new byte[30]; - - mac.init(key); + PBEParameterSpec spec = + new PBEParameterSpec("saltValue".getBytes(), 250); + mac.init(key, spec); mac.update(plainText); byte[] value1 = mac.doFinal(); if (value1.length != length) { diff -r 9bd1b39cdbcf -r 37620367ceb7 jdk/test/com/sun/crypto/provider/Mac/MacClone.java --- a/jdk/test/com/sun/crypto/provider/Mac/MacClone.java Thu May 30 22:19:28 2013 -0700 +++ b/jdk/test/com/sun/crypto/provider/Mac/MacClone.java Wed May 29 20:54:43 2013 -0700 @@ -1,5 +1,5 @@ /* - * Copyright (c) 1998, 2012, Oracle and/or its affiliates. All rights reserved. + * Copyright (c) 1998, 2013, Oracle and/or its affiliates. All rights reserved. * DO NOT ALTER OR REMOVE COPYRIGHT NOTICES OR THIS FILE HEADER. * * This code is free software; you can redistribute it and/or modify it @@ -23,12 +23,13 @@ /* * @test - * @bug 7087021 - * @summary MacClone + * @bug 7087021 8013069 + * @summary Clone tests for all MAC algorithms. * @author Jan Luehe */ +import java.security.spec.AlgorithmParameterSpec; import javax.crypto.*; -import javax.crypto.spec.SecretKeySpec; +import javax.crypto.spec.*; public class MacClone { @@ -39,18 +40,23 @@ KeyGenerator kgen = KeyGenerator.getInstance("DES"); SecretKey skey = kgen.generateKey(); for (String algo : algos) { - doTest(algo, skey); + doTest(algo, skey, null); } - String[] algos2 = { "HmacPBESHA1" }; + String[] algos2 = { "HmacPBESHA1", "PBEWithHmacSHA1", + "PBEWithHmacSHA224", "PBEWithHmacSHA256", + "PBEWithHmacSHA384", "PBEWithHmacSHA512" }; skey = new SecretKeySpec("whatever".getBytes(), "PBE"); + PBEParameterSpec params = + new PBEParameterSpec("1234567890".getBytes(), 500); for (String algo : algos2) { - doTest(algo, skey); + doTest(algo, skey, params); } System.out.println("Test Passed"); } - private static void doTest(String algo, SecretKey skey) throws Exception { + private static void doTest(String algo, SecretKey skey, + AlgorithmParameterSpec params) throws Exception { // // Clone an uninitialized Mac object // @@ -72,7 +78,7 @@ // Clone an initialized Mac object // mac = Mac.getInstance(algo, "SunJCE"); - mac.init(skey); + mac.init(skey, params); macClone = (Mac)mac.clone(); System.out.println(macClone.getProvider().toString()); System.out.println(macClone.getAlgorithm());