1 /* 2 * Copyright (c) 2004, 2007, Oracle and/or its affiliates. All rights reserved. 3 * DO NOT ALTER OR REMOVE COPYRIGHT NOTICES OR THIS FILE HEADER. 4 * 5 * This code is free software; you can redistribute it and/or modify it 6 * under the terms of the GNU General Public License version 2 only, as 7 * published by the Free Software Foundation. 8 * 9 * This code is distributed in the hope that it will be useful, but WITHOUT 10 * ANY WARRANTY; without even the implied warranty of MERCHANTABILITY or 11 * FITNESS FOR A PARTICULAR PURPOSE. See the GNU General Public License 12 * version 2 for more details (a copy is included in the LICENSE file that 13 * accompanied this code). 14 * 15 * You should have received a copy of the GNU General Public License version 16 * 2 along with this work; if not, write to the Free Software Foundation, 17 * Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA. 18 * 19 * Please contact Oracle, 500 Oracle Parkway, Redwood Shores, CA 94065 USA 20 * or visit www.oracle.com if you need additional information or have any 21 * questions. 22 */ 23 24 /* 25 * @test 26 * @bug 5008159 5008156 27 * @summary Verify that the two key wrap ciphers, i.e. "DESedeWrap" 28 * and "AESWrap", work as expected. 29 * @run main XMLEncKAT 30 * @author Valerie Peng 31 */ 32 import java.util.Base64; 33 import java.security.Key; 34 import java.security.AlgorithmParameters; 35 import javax.crypto.*; 36 import javax.crypto.spec.*; 37 import java.io.UnsupportedEncodingException; 38 import java.io.IOException; 39 40 public class XMLEncKAT { 41 42 private static byte[] desEdeKey_1; 43 private static byte[] aes128Key_1; 44 private static byte[] aes192Key_1; 45 private static byte[] aes256Key_1; 46 private static byte[] desEdeKey_2; 47 private static byte[] aes128Key_2; 48 private static byte[] aes192Key_2; 49 private static byte[] aes256Key_2; 50 51 private static Base64.Decoder base64D = Base64.getDecoder(); 52 private static Base64.Encoder base64E = Base64.getEncoder(); 53 54 static { 55 try { 56 desEdeKey_1 = "abcdefghijklmnopqrstuvwx".getBytes("ASCII"); 57 aes128Key_1 = "abcdefghijklmnop".getBytes("ASCII"); 58 aes192Key_1 = "abcdefghijklmnopqrstuvwx".getBytes("ASCII"); 59 aes256Key_1 = "abcdefghijklmnopqrstuvwxyz012345".getBytes("ASCII"); 60 } catch (UnsupportedEncodingException uee) { 61 // should never happen 62 } 63 64 desEdeKey_2 = base64D.decode 65 ("yI+J1f3puYAERjIcT6vfg6RitmKX8nD0"); 66 aes128Key_2 = base64D.decode 67 ("01+yuQ2huPS1+Qv0LH+zaQ=="); 68 aes192Key_2 = base64D.decode 69 ("IlfuS40LvStVU0Mj8ePrrGHVhAb48y++"); 70 aes256Key_2 = base64D.decode 71 ("ZhZ4v3RlwTlCEOpIrHfLKVyJOBDtEJOOQDat/4xR1bA="); 72 73 } 74 private static String[] desEdeWrappedKey_1 = { 75 "ZyJbVsjRM4MEsswwwHz57aUz1eMqZHuEIoEPGS47CcmLvhuCtlzWZ9S/WcVJZIpz", 76 "gHMpx5iF7+KXtNHLasZrkcLHn8Ti4rxUjCIRK+IcgbQir6FUsQ/uxQ3o8enEMWq1" 77 }; 78 private static String[] desEdeWrappedKey_2 = { 79 "/PZvvn42E9dmMUZ8KCY6B5XtLaaIaG4X5YNDwgV5Vlo=", 80 "HgVuHoXxBQWD9fvi0gt9TanywZ5lJokM/12fcMG6gRoMjsCPulH+4A==" 81 }; 82 private static String[] aes128WrappedKey_1 = { 83 "dV45TUpJbidb9iKa34xj1WVtTZ036cnqvym2TBJWR5c=", 84 "rPnY/XoSGCbuwy7vpslf29rs9dbvSCmGFOjEs3LT6g/qyZjfDA+2fQ==" 85 }; 86 private static String[] aes128WrappedKey_2 = { 87 "GPl6bneL1jKl0/lGnf9gejlYHRI6XxFz" 88 }; 89 private static String[] aes192WrappedKey_1 = { 90 "IbjZH7Mq564oMybpvCHWYM/5ER3eFsAV", 91 "19D633XVohP6UJvaVRAhJek+ahtM3gOiVs6nZyAasDEb+WCUQOcWZw==" 92 }; 93 private static String[] aes192WrappedKey_2 = { 94 "5+GpVUQNTAT3uY8pPedEg/PpftiX+fJsTCun+fgmIz0=", 95 "iuZvvGBWScikHld9TtNIOz0Sm7Srg5AcxOBMA8qIvQY=", 96 "PeDwjnCsg6xWzs3SmzUtc2nyUz28nGu7" 97 }; 98 private static String[] aes256WrappedKey_1 = { 99 "4AAgyi3M7xNdBimbQZKdGJLn3/cS4Yv8QKuA01+gUnY=", 100 "tPCC89jQShB+WDINCdRfKgf8wTlAx8xRXD73RmEHPBfix8zS1N82KQ==", 101 "bsL63D0hPN6EOyzdgfEmKsAAvoJiGM+Wp9a9KZM92IKdl7s3YSntRg==" 102 }; 103 private static String[] aes256WrappedKey_2 = { 104 "IbnoS1cvuIFIGB46jj1V1FGftc92irrCwcC7BoBvxwQ=", 105 "ic+Om6/3ZKcThVN3iv9lUEankNkDv3Et", 106 "jOvQe4SxDqEMvAHcmb3Z+/Uedj23pvL6BRQsl2sjJlQ=", 107 "IMwdsyg89IZ4Txf1SYYZNKUOKuYdDoIi/zEKXCjj4j9PM6BdkZligA==" 108 }; 109 110 public static void testKeyWrap(String cAlg, byte[] cKeyVal, 111 String cKeyAlg, String[] base64Wrapped) throws Exception { 112 System.out.println("Testing " + cAlg + " Cipher with " + 113 8*cKeyVal.length + "-bit key"); 114 Cipher c = Cipher.getInstance(cAlg, "SunJCE"); 115 SecretKey cKey = new SecretKeySpec(cKeyVal, cKeyAlg); 116 c.init(Cipher.UNWRAP_MODE, cKey); 117 Key[] key = new SecretKey[base64Wrapped.length]; 118 IvParameterSpec[] params = 119 new IvParameterSpec[base64Wrapped.length]; 120 // first test UNWRAP with known values 121 for (int i = 0; i < base64Wrapped.length; i++) { 122 byte[] wrappedKey = base64D.decode(base64Wrapped[i]); 123 key[i] = c.unwrap(wrappedKey, "AES", Cipher.SECRET_KEY); 124 if (c.getIV() != null) { 125 params[i] = new IvParameterSpec(c.getIV()); 126 } 127 } 128 // then test WRAP and compare with the known values 129 for (int i = 0; i < key.length; i++) { 130 c.init(Cipher.WRAP_MODE, cKey, params[i]); 131 byte[] wrapped2 = c.wrap(key[i]); 132 String out = base64E.encodeToString(wrapped2); 133 if (!out.equalsIgnoreCase(base64Wrapped[i])) { 134 throw new Exception("Wrap failed; got " + out + ", expect " + 135 base64Wrapped[i]); 136 } 137 } 138 } 139 140 public static void main(String[] argv) throws Exception { 141 String wrapAlg = "DESedeWrap"; 142 String keyAlg = "DESede"; 143 testKeyWrap(wrapAlg, desEdeKey_1, keyAlg, desEdeWrappedKey_1); 144 testKeyWrap(wrapAlg, desEdeKey_2, keyAlg, desEdeWrappedKey_2); 145 146 wrapAlg = "AESWrap"; 147 keyAlg = "AES"; 148 testKeyWrap(wrapAlg, aes128Key_1, keyAlg, aes128WrappedKey_1); 149 testKeyWrap(wrapAlg, aes128Key_2, keyAlg, aes128WrappedKey_2); 150 // only run the tests on longer key lengths if unlimited version 151 // of JCE jurisdiction policy files are installed 152 if (Cipher.getMaxAllowedKeyLength(keyAlg) == Integer.MAX_VALUE) { 153 testKeyWrap(wrapAlg, aes192Key_1, keyAlg, aes192WrappedKey_1); 154 testKeyWrap(wrapAlg, aes192Key_2, keyAlg, aes192WrappedKey_2); 155 testKeyWrap(wrapAlg, aes256Key_1, keyAlg, aes256WrappedKey_1); 156 testKeyWrap(wrapAlg, aes256Key_2, keyAlg, aes256WrappedKey_2); 157 } 158 System.out.println("All Tests Passed"); 159 } 160 } --- EOF ---