1 /* 2 * Copyright (c) 2014, Oracle and/or its affiliates. All rights reserved. 3 * DO NOT ALTER OR REMOVE COPYRIGHT NOTICES OR THIS FILE HEADER. 4 * 5 * This code is free software; you can redistribute it and/or modify it 6 * under the terms of the GNU General Public License version 2 only, as 7 * published by the Free Software Foundation. 8 * 9 * This code is distributed in the hope that it will be useful, but WITHOUT 10 * ANY WARRANTY; without even the implied warranty of MERCHANTABILITY or 11 * FITNESS FOR A PARTICULAR PURPOSE. See the GNU General Public License 12 * version 2 for more details (a copy is included in the LICENSE file that 13 * accompanied this code). 14 * 15 * You should have received a copy of the GNU General Public License version 16 * 2 along with this work; if not, write to the Free Software Foundation, 17 * Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA. 18 * 19 * Please contact Oracle, 500 Oracle Parkway, Redwood Shores, CA 94065 USA 20 * or visit www.oracle.com if you need additional information or have any 21 * questions. 22 */ 23 24 /* 25 * @test 26 * @bug 7088989 8014374 27 * @summary Ensure the AES ciphers of OracleUcrypto provider works correctly 28 * @key randomness 29 */ 30 31 import java.io.*; 32 import java.security.*; 33 import java.security.spec.*; 34 import java.util.*; 35 import javax.crypto.*; 36 import javax.crypto.spec.*; 37 38 public class TestAES extends UcryptoTest { 39 40 private static final String[] PADDEDCIPHER_ALGOS = { 41 "AES/ECB/PKCS5Padding", 42 "AES/CBC/PKCS5Padding", 43 "AES/CFB128/PKCS5Padding" 44 }; 45 46 private static final String[] CIPHER_ALGOS = { 47 "AES/ECB/NoPadding", 48 "AES/CBC/NoPadding", 49 "AES/CFB128/NoPadding", 50 "AES/CTR/NoPadding", 51 }; 52 53 private static final SecretKey CIPHER_KEY = 54 new SecretKeySpec(new byte[16], "AES"); 55 56 public static void main(String[] args) throws Exception { 57 main(new TestAES(), null); 58 } 59 60 public void doTest(Provider prov) throws Exception { 61 // Provider for testing Interoperability 62 Provider sunJCEProv = Security.getProvider("SunJCE"); 63 64 testCipherInterop(CIPHER_ALGOS, CIPHER_KEY, prov, sunJCEProv); 65 testCipherInterop(PADDEDCIPHER_ALGOS, CIPHER_KEY, prov, sunJCEProv); 66 67 testCipherOffset(CIPHER_ALGOS, CIPHER_KEY, prov); 68 testCipherOffset(PADDEDCIPHER_ALGOS, CIPHER_KEY, prov); 69 70 testCipherKeyWrapping(PADDEDCIPHER_ALGOS, CIPHER_KEY, prov, sunJCEProv); 71 testCipherGCM(CIPHER_KEY, prov); 72 } 73 74 private static void testCipherInterop(String[] algos, SecretKey key, 75 Provider p, 76 Provider interopP) { 77 boolean testPassed = true; 78 byte[] in = new byte[32]; 79 (new SecureRandom()).nextBytes(in); 80 81 for (String algo : algos) { 82 try { 83 // check ENC 84 Cipher c; 85 try { 86 c = Cipher.getInstance(algo, p); 87 } catch (NoSuchAlgorithmException nsae) { 88 System.out.println("Skipping Unsupported CIP algo: " + algo); 89 continue; 90 } 91 c.init(Cipher.ENCRYPT_MODE, key, (AlgorithmParameters)null, null); 92 byte[] eout = c.doFinal(in, 0, in.length); 93 94 AlgorithmParameters params = c.getParameters(); 95 Cipher c2 = Cipher.getInstance(algo, interopP); 96 c2.init(Cipher.ENCRYPT_MODE, key, params, null); 97 byte[] eout2 = c2.doFinal(in, 0, in.length); 98 99 if (!Arrays.equals(eout, eout2)) { 100 System.out.println(algo + ": DIFF FAILED"); 101 testPassed = false; 102 } else { 103 System.out.println(algo + ": ENC Passed"); 104 } 105 106 // check DEC 107 c.init(Cipher.DECRYPT_MODE, key, params, null); 108 byte[] dout = c.doFinal(eout); 109 c2.init(Cipher.DECRYPT_MODE, key, params, null); 110 byte[] dout2 = c2.doFinal(eout2); 111 112 if (!Arrays.equals(dout, dout2)) { 113 System.out.println(algo + ": DIFF FAILED"); 114 testPassed = false; 115 } else { 116 System.out.println(algo + ": DEC Passed"); 117 } 118 } catch(Exception ex) { 119 System.out.println("Unexpected Exception: " + algo); 120 ex.printStackTrace(); 121 testPassed = false; 122 } 123 } 124 125 if (!testPassed) { 126 throw new RuntimeException("One or more CIPHER test failed!"); 127 } else { 128 System.out.println("CIPHER Interop Tests Passed"); 129 } 130 } 131 132 private static void testCipherOffset(String[] algos, SecretKey key, 133 Provider p) { 134 boolean testPassed = true; 135 byte[] in = new byte[16]; 136 (new SecureRandom()).nextBytes(in); 137 int blockSize = 16; 138 139 for (int j = 1; j < (in.length - 1); j++) { 140 System.out.println("Input offset size: " + j); 141 for (int i = 0; i < algos.length; i++) { 142 try { 143 // check ENC 144 Cipher c; 145 try { 146 c = Cipher.getInstance(algos[i], p); 147 } catch (NoSuchAlgorithmException nsae) { 148 System.out.println("Skip Unsupported CIP algo: " + algos[i]); 149 continue; 150 } 151 c.init(Cipher.ENCRYPT_MODE, key, (AlgorithmParameters)null, null); 152 byte[] eout = new byte[c.getOutputSize(in.length)]; 153 int firstPartLen = in.length - j - 1; 154 //System.out.print("1st UPDATE: " + firstPartLen); 155 int k = c.update(in, 0, firstPartLen, eout, 0); 156 k += c.update(in, firstPartLen, 1, eout, k); 157 k += c.doFinal(in, firstPartLen+1, j, eout, k); 158 159 AlgorithmParameters params = c.getParameters(); 160 161 Cipher c2 = Cipher.getInstance(algos[i], p); 162 c2.init(Cipher.ENCRYPT_MODE, key, params, null); 163 byte[] eout2 = new byte[c2.getOutputSize(in.length)]; 164 int k2 = c2.update(in, 0, j, eout2, 0); 165 k2 += c2.update(in, j, 1, eout2, k2); 166 k2 += c2.doFinal(in, j+1, firstPartLen, eout2, k2); 167 168 if (!checkArrays(eout, k, eout2, k2)) testPassed = false; 169 170 // check DEC 171 c.init(Cipher.DECRYPT_MODE, key, params, null); 172 byte[] dout = new byte[c.getOutputSize(eout.length)]; 173 k = c.update(eout, 0, firstPartLen, dout, 0); 174 k += c.update(eout, firstPartLen, 1, dout, k); 175 k += c.doFinal(eout, firstPartLen+1, eout.length - firstPartLen - 1, dout, k); 176 if (!checkArrays(in, in.length, dout, k)) testPassed = false; 177 } catch(Exception ex) { 178 System.out.println("Unexpected Exception: " + algos[i]); 179 ex.printStackTrace(); 180 testPassed = false; 181 } 182 } 183 } 184 if (!testPassed) { 185 throw new RuntimeException("One or more CIPHER test failed!"); 186 } else { 187 System.out.println("CIPHER Offset Tests Passed"); 188 } 189 } 190 191 private static void testCipherKeyWrapping(String[] algos, SecretKey key, 192 Provider p, Provider interopP) 193 throws NoSuchAlgorithmException { 194 boolean testPassed = true; 195 196 // Test SecretKey, PrivateKey and PublicKey 197 Key[] tbwKeys = new Key[3]; 198 int[] tbwKeyTypes = { Cipher.SECRET_KEY, Cipher.PRIVATE_KEY, Cipher.PUBLIC_KEY }; 199 tbwKeys[0] = new SecretKeySpec(new byte[20], "Blowfish"); 200 KeyPairGenerator kpg = KeyPairGenerator.getInstance("RSA"); 201 kpg.initialize(1024); 202 KeyPair kp = kpg.generateKeyPair(); 203 tbwKeys[1] = kp.getPrivate(); 204 tbwKeys[2] = kp.getPublic(); 205 206 for (int i = 0; i < algos.length; i++) { 207 try { 208 System.out.println(algos[i] + " - Native WRAP/Java UNWRAP"); 209 210 Cipher c1; 211 try { 212 c1 = Cipher.getInstance(algos[i], p); 213 } catch (NoSuchAlgorithmException nsae) { 214 System.out.println("Skipping Unsupported CIP algo: " + algos[i]); 215 continue; 216 } 217 c1.init(Cipher.WRAP_MODE, key, (AlgorithmParameters)null, null); 218 AlgorithmParameters params = c1.getParameters(); 219 Cipher c2 = Cipher.getInstance(algos[i], interopP); 220 c2.init(Cipher.UNWRAP_MODE, key, params, null); 221 222 for (int j = 0; j < tbwKeys.length ; j++) { 223 byte[] wrappedKey = c1.wrap(tbwKeys[j]); 224 Key recovered = c2.unwrap(wrappedKey, 225 tbwKeys[j].getAlgorithm(), tbwKeyTypes[j]); 226 if (!checkKeys(tbwKeys[j], recovered)) testPassed = false; 227 } 228 229 System.out.println(algos[i] + " - Java WRAP/Native UNWRAP"); 230 c1 = Cipher.getInstance(algos[i], interopP); 231 c1.init(Cipher.WRAP_MODE, key, (AlgorithmParameters)null, null); 232 params = c1.getParameters(); 233 c2 = Cipher.getInstance(algos[i], p); 234 c2.init(Cipher.UNWRAP_MODE, key, params, null); 235 236 for (int j = 0; j < tbwKeys.length ; j++) { 237 byte[] wrappedKey = c1.wrap(tbwKeys[j]); 238 Key recovered = c2.unwrap(wrappedKey, 239 tbwKeys[j].getAlgorithm(), tbwKeyTypes[j]); 240 if (!checkKeys(tbwKeys[j], recovered)) testPassed = false; 241 } 242 243 } catch(Exception ex) { 244 System.out.println("Unexpected Exception: " + algos[i]); 245 ex.printStackTrace(); 246 testPassed = false; 247 } 248 } 249 if (!testPassed) { 250 throw new RuntimeException("One or more CIPHER test failed!"); 251 } else { 252 System.out.println("CIPHER KeyWrapping Tests Passed"); 253 } 254 } 255 256 257 private static void testCipherGCM(SecretKey key, 258 Provider p) { 259 boolean testPassed = true; 260 byte[] in = new byte[16]; 261 (new SecureRandom()).nextBytes(in); 262 263 byte[] iv = new byte[16]; 264 (new SecureRandom()).nextBytes(iv); 265 266 267 String algo = "AES/GCM/NoPadding"; 268 int tagLen[] = { 128, 120, 112, 104, 96, 64, 32 }; 269 270 try { 271 Cipher c; 272 try { 273 c = Cipher.getInstance(algo, p); 274 } catch (NoSuchAlgorithmException nsae) { 275 System.out.println("Skipping Unsupported CIP algo: " + algo); 276 return; 277 } 278 for (int i = 0; i < tagLen.length; i++) { 279 // change iv value to pass the key+iv uniqueness cehck for 280 // GCM encryption 281 iv[0] += 1; 282 AlgorithmParameterSpec paramSpec = new GCMParameterSpec(tagLen[i], iv); 283 // check ENC 284 c.init(Cipher.ENCRYPT_MODE, key, paramSpec, null); 285 c.updateAAD(iv); 286 byte[] eout = c.doFinal(in, 0, in.length); 287 288 AlgorithmParameters param = c.getParameters(); 289 // check DEC 290 c.init(Cipher.DECRYPT_MODE, key, param, null); 291 c.updateAAD(iv); 292 byte[] dout = c.doFinal(eout, 0, eout.length); 293 294 if (!Arrays.equals(dout, in)) { 295 System.out.println(algo + ": PT and RT DIFF FAILED"); 296 testPassed = false; 297 } else { 298 System.out.println(algo + ": tagLen " + tagLen[i] + " done"); 299 } 300 } 301 } catch(Exception ex) { 302 System.out.println("Unexpected Exception: " + algo); 303 ex.printStackTrace(); 304 testPassed = false; 305 } 306 if (!testPassed) { 307 throw new RuntimeException("One or more CIPHER test failed!"); 308 } else { 309 System.out.println("CIPHER GCM Tests Passed"); 310 } 311 } 312 313 private static boolean checkArrays(byte[] a1, int a1Len, byte[] a2, int a2Len) { 314 boolean equal = true; 315 if (a1Len != a2Len) { 316 System.out.println("DIFFERENT OUT LENGTH"); 317 equal = false; 318 } else { 319 for (int p = 0; p < a1Len; p++) { 320 if (a1[p] != a2[p]) { 321 System.out.println("DIFF FAILED"); 322 equal = false; 323 break; 324 } 325 } 326 } 327 return equal; 328 } 329 330 private static boolean checkKeys(Key k1, Key k2) { 331 boolean equal = true; 332 if (!k1.getAlgorithm().equalsIgnoreCase(k2.getAlgorithm())) { 333 System.out.println("DIFFERENT Key Algorithm"); 334 equal = false; 335 } else if (!k1.getFormat().equalsIgnoreCase(k2.getFormat())) { 336 System.out.println("DIFFERENT Key Format"); 337 equal = false; 338 } else if (!Arrays.equals(k1.getEncoded(), k2.getEncoded())) { 339 System.out.println("DIFFERENT Key Encoding"); 340 equal = false; 341 } 342 return equal; 343 } 344 }