1 /* 2 * Copyright (c) 2004, 2007, Oracle and/or its affiliates. All rights reserved. 3 * DO NOT ALTER OR REMOVE COPYRIGHT NOTICES OR THIS FILE HEADER. 4 * 5 * This code is free software; you can redistribute it and/or modify it 6 * under the terms of the GNU General Public License version 2 only, as 7 * published by the Free Software Foundation. 8 * 9 * This code is distributed in the hope that it will be useful, but WITHOUT 10 * ANY WARRANTY; without even the implied warranty of MERCHANTABILITY or 11 * FITNESS FOR A PARTICULAR PURPOSE. See the GNU General Public License 12 * version 2 for more details (a copy is included in the LICENSE file that 13 * accompanied this code). 14 * 15 * You should have received a copy of the GNU General Public License version 16 * 2 along with this work; if not, write to the Free Software Foundation, 17 * Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA. 18 * 19 * Please contact Oracle, 500 Oracle Parkway, Redwood Shores, CA 94065 USA 20 * or visit www.oracle.com if you need additional information or have any 21 * questions. 22 */ 23 24 /* 25 * @test 26 * @bug 5008159 5008156 27 * @run main XMLEncKAT 28 * @summary Verify that the two key wrap ciphers, i.e. "DESedeWrap" 29 * and "AESWrap", work as expected. 30 * @author Valerie Peng 31 */ 32 import java.security.Key; 33 import java.security.AlgorithmParameters; 34 import javax.crypto.*; 35 import javax.crypto.spec.*; 36 import sun.misc.BASE64Decoder; 37 import sun.misc.BASE64Encoder; 38 import java.io.UnsupportedEncodingException; 39 import java.io.IOException; 40 41 public class XMLEncKAT { 42 43 private static byte[] desEdeKey_1; 44 private static byte[] aes128Key_1; 45 private static byte[] aes192Key_1; 46 private static byte[] aes256Key_1; 47 private static byte[] desEdeKey_2; 48 private static byte[] aes128Key_2; 49 private static byte[] aes192Key_2; 50 private static byte[] aes256Key_2; 51 52 private static BASE64Decoder base64D = new BASE64Decoder(); 53 private static BASE64Encoder base64E = new BASE64Encoder(); 54 55 static { 56 try { 57 desEdeKey_1 = "abcdefghijklmnopqrstuvwx".getBytes("ASCII"); 58 aes128Key_1 = "abcdefghijklmnop".getBytes("ASCII"); 59 aes192Key_1 = "abcdefghijklmnopqrstuvwx".getBytes("ASCII"); 60 aes256Key_1 = "abcdefghijklmnopqrstuvwxyz012345".getBytes("ASCII"); 61 } catch (UnsupportedEncodingException uee) { 62 // should never happen 63 } 64 try { 65 desEdeKey_2 = base64D.decodeBuffer 66 ("yI+J1f3puYAERjIcT6vfg6RitmKX8nD0"); 67 aes128Key_2 = base64D.decodeBuffer 68 ("01+yuQ2huPS1+Qv0LH+zaQ=="); 69 aes192Key_2 = base64D.decodeBuffer 70 ("IlfuS40LvStVU0Mj8ePrrGHVhAb48y++"); 71 aes256Key_2 = base64D.decodeBuffer 72 ("ZhZ4v3RlwTlCEOpIrHfLKVyJOBDtEJOOQDat/4xR1bA="); 73 } catch (IOException ioe) { 74 // should never happen 75 } 76 } 77 private static String[] desEdeWrappedKey_1 = { 78 "ZyJbVsjRM4MEsswwwHz57aUz1eMqZHuEIoEPGS47CcmLvhuCtlzWZ9S/WcVJZIpz", 79 "gHMpx5iF7+KXtNHLasZrkcLHn8Ti4rxUjCIRK+IcgbQir6FUsQ/uxQ3o8enEMWq1" 80 }; 81 private static String[] desEdeWrappedKey_2 = { 82 "/PZvvn42E9dmMUZ8KCY6B5XtLaaIaG4X5YNDwgV5Vlo=", 83 "HgVuHoXxBQWD9fvi0gt9TanywZ5lJokM/12fcMG6gRoMjsCPulH+4A==" 84 }; 85 private static String[] aes128WrappedKey_1 = { 86 "dV45TUpJbidb9iKa34xj1WVtTZ036cnqvym2TBJWR5c=", 87 "rPnY/XoSGCbuwy7vpslf29rs9dbvSCmGFOjEs3LT6g/qyZjfDA+2fQ==" 88 }; 89 private static String[] aes128WrappedKey_2 = { 90 "GPl6bneL1jKl0/lGnf9gejlYHRI6XxFz" 91 }; 92 private static String[] aes192WrappedKey_1 = { 93 "IbjZH7Mq564oMybpvCHWYM/5ER3eFsAV", 94 "19D633XVohP6UJvaVRAhJek+ahtM3gOiVs6nZyAasDEb+WCUQOcWZw==" 95 }; 96 private static String[] aes192WrappedKey_2 = { 97 "5+GpVUQNTAT3uY8pPedEg/PpftiX+fJsTCun+fgmIz0=", 98 "iuZvvGBWScikHld9TtNIOz0Sm7Srg5AcxOBMA8qIvQY=", 99 "PeDwjnCsg6xWzs3SmzUtc2nyUz28nGu7" 100 }; 101 private static String[] aes256WrappedKey_1 = { 102 "4AAgyi3M7xNdBimbQZKdGJLn3/cS4Yv8QKuA01+gUnY=", 103 "tPCC89jQShB+WDINCdRfKgf8wTlAx8xRXD73RmEHPBfix8zS1N82KQ==", 104 "bsL63D0hPN6EOyzdgfEmKsAAvoJiGM+Wp9a9KZM92IKdl7s3YSntRg==" 105 }; 106 private static String[] aes256WrappedKey_2 = { 107 "IbnoS1cvuIFIGB46jj1V1FGftc92irrCwcC7BoBvxwQ=", 108 "ic+Om6/3ZKcThVN3iv9lUEankNkDv3Et", 109 "jOvQe4SxDqEMvAHcmb3Z+/Uedj23pvL6BRQsl2sjJlQ=", 110 "IMwdsyg89IZ4Txf1SYYZNKUOKuYdDoIi/zEKXCjj4j9PM6BdkZligA==" 111 }; 112 113 public static void testKeyWrap(String cAlg, byte[] cKeyVal, 114 String cKeyAlg, String[] base64Wrapped) throws Exception { 115 System.out.println("Testing " + cAlg + " Cipher with " + 116 8*cKeyVal.length + "-bit key"); 117 Cipher c = Cipher.getInstance(cAlg, "SunJCE"); 118 SecretKey cKey = new SecretKeySpec(cKeyVal, cKeyAlg); 119 c.init(Cipher.UNWRAP_MODE, cKey); 120 Key[] key = new SecretKey[base64Wrapped.length]; 121 IvParameterSpec[] params = 122 new IvParameterSpec[base64Wrapped.length]; 123 // first test UNWRAP with known values 124 for (int i = 0; i < base64Wrapped.length; i++) { 125 byte[] wrappedKey = base64D.decodeBuffer(base64Wrapped[i]); 126 key[i] = c.unwrap(wrappedKey, "AES", Cipher.SECRET_KEY); 127 if (c.getIV() != null) { 128 params[i] = new IvParameterSpec(c.getIV()); 129 } 130 } 131 // then test WRAP and compare with the known values 132 for (int i = 0; i < key.length; i++) { 133 c.init(Cipher.WRAP_MODE, cKey, params[i]); 134 byte[] wrapped2 = c.wrap(key[i]); 135 String out = base64E.encode(wrapped2); 136 if (!out.equalsIgnoreCase(base64Wrapped[i])) { 137 throw new Exception("Wrap failed; got " + out + ", expect " + 138 base64Wrapped[i]); 139 } 140 } 141 } 142 143 public static void main(String[] argv) throws Exception { 144 String wrapAlg = "DESedeWrap"; 145 String keyAlg = "DESede"; 146 testKeyWrap(wrapAlg, desEdeKey_1, keyAlg, desEdeWrappedKey_1); 147 testKeyWrap(wrapAlg, desEdeKey_2, keyAlg, desEdeWrappedKey_2); 148 149 wrapAlg = "AESWrap"; 150 keyAlg = "AES"; 151 testKeyWrap(wrapAlg, aes128Key_1, keyAlg, aes128WrappedKey_1); 152 testKeyWrap(wrapAlg, aes128Key_2, keyAlg, aes128WrappedKey_2); 153 // only run the tests on longer key lengths if unlimited version 154 // of JCE jurisdiction policy files are installed 155 if (Cipher.getMaxAllowedKeyLength(keyAlg) == Integer.MAX_VALUE) { 156 testKeyWrap(wrapAlg, aes192Key_1, keyAlg, aes192WrappedKey_1); 157 testKeyWrap(wrapAlg, aes192Key_2, keyAlg, aes192WrappedKey_2); 158 testKeyWrap(wrapAlg, aes256Key_1, keyAlg, aes256WrappedKey_1); 159 testKeyWrap(wrapAlg, aes256Key_2, keyAlg, aes256WrappedKey_2); 160 } 161 System.out.println("All Tests Passed"); 162 } 163 }