8129567: CRYPTO_MECHANISM_PARAM_INVALID occurs if GCM mode parameter which is used as an IV is set to all zeros
Reviewed-by: mullan
Contributed-by: bhanu.prakash.gopularam@oracle.com
--- a/jdk/test/com/oracle/security/ucrypto/TestCICOWithGCMAndAAD.java Wed Dec 16 12:17:03 2015 +0000
+++ b/jdk/test/com/oracle/security/ucrypto/TestCICOWithGCMAndAAD.java Wed Dec 16 08:38:10 2015 -0800
@@ -65,7 +65,10 @@
byte[] aad2 = aad.clone();
aad2[50]++;
- GCMParameterSpec spec = new GCMParameterSpec(128, new byte[16]);
+ byte[] iv = new byte[16];
+ rdm.nextBytes(iv);
+
+ GCMParameterSpec spec = new GCMParameterSpec(128, iv);
Cipher encCipher = Cipher.getInstance("AES/GCM/NoPadding", p);
encCipher.init(Cipher.ENCRYPT_MODE, key, spec);
encCipher.updateAAD(aad);
--- a/jdk/test/com/oracle/security/ucrypto/TestGCMKeyAndIvCheck.java Wed Dec 16 12:17:03 2015 +0000
+++ b/jdk/test/com/oracle/security/ucrypto/TestGCMKeyAndIvCheck.java Wed Dec 16 08:38:10 2015 -0800
@@ -126,7 +126,11 @@
}
// Now try to encrypt again using a different parameter; should work
- c.init(Cipher.ENCRYPT_MODE, key, new GCMParameterSpec(128, new byte[30]));
+ byte[] rdm_iv = new byte[30];
+ Random rdm = new Random();
+ rdm.nextBytes(rdm_iv);
+
+ c.init(Cipher.ENCRYPT_MODE, key, new GCMParameterSpec(128, rdm_iv));
c.updateAAD(AAD);
c.doFinal(PT);
// subsequent encryption should fail unless re-init w/ different key+iv