New test/com/oracle/security/ucrypto/TestGCMKeyWrap.java

   1 /*
   2  * Copyright (c) 2014, Oracle and/or its affiliates. All rights reserved.
   3  * DO NOT ALTER OR REMOVE COPYRIGHT NOTICES OR THIS FILE HEADER.
   4  *
   5  * This code is free software; you can redistribute it and/or modify it
   6  * under the terms of the GNU General Public License version 2 only, as
   7  * published by the Free Software Foundation.
   8  *
   9  * This code is distributed in the hope that it will be useful, but WITHOUT
  10  * ANY WARRANTY; without even the implied warranty of MERCHANTABILITY or
  11  * FITNESS FOR A PARTICULAR PURPOSE.  See the GNU General Public License
  12  * version 2 for more details (a copy is included in the LICENSE file that
  13  * accompanied this code).
  14  *
  15  * You should have received a copy of the GNU General Public License version
  16  * 2 along with this work; if not, write to the Free Software Foundation,
  17  * Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA.
  18  *
  19  * Please contact Oracle, 500 Oracle Parkway, Redwood Shores, CA 94065 USA
  20  * or visit www.oracle.com if you need additional information or have any
  21  * questions.
  22  */
  23 
  24 /*
  25  * @test
  26  * @bug 8014374
  27  * @summary Ensure key wrap/unwrap works using AES/GCM/NoPadding
  28  */
  29 
  30 import java.io.*;
  31 import java.security.*;
  32 import java.security.spec.*;
  33 import java.util.*;
  34 import javax.crypto.*;
  35 import javax.crypto.spec.*;
  36 
  37 public class TestGCMKeyWrap extends UcryptoTest {
  38 
  39     public static void main(String[] args) throws Exception {
  40         main(new TestGCMKeyWrap(), null);
  41     }
  42 
  43     public void doTest(Provider p) throws Exception {
  44         // check if GCM support exists
  45         try {
  46             Cipher.getInstance("AES/GCM/NoPadding", p);
  47         } catch (NoSuchAlgorithmException nsae) {
  48             System.out.println("Skipping Test due to no GCM support");
  49             return;
  50         }
  51 
  52         Random rdm = new Random();
  53 
  54         //init Secret Key
  55         byte[] keyValue = new byte[16];
  56         rdm.nextBytes(keyValue);
  57         SecretKey key = new SecretKeySpec(keyValue, "AES");
  58 
  59         Cipher cipher = Cipher.getInstance("AES/GCM/NoPadding", p);
  60         cipher.init(Cipher.WRAP_MODE, key);
  61 
  62         byte[] wrappedKey = cipher.wrap(key);
  63 
  64         try { // make sure ISE is thrown if re-using the same key/IV
  65             wrappedKey = cipher.wrap(key);
  66             throw new Exception("FAIL: expected ISE not thrown");
  67         } catch(IllegalStateException ise){
  68             System.out.println("Expected ISE thrown for re-wrapping");
  69         }
  70 
  71         //unwrap the key
  72         AlgorithmParameters params = cipher.getParameters();
  73         cipher.init(Cipher.UNWRAP_MODE, key, params);
  74         Key unwrappedKey = cipher.unwrap(wrappedKey, "AES", Cipher.SECRET_KEY);
  75 
  76         //check if we can unwrap second time
  77         unwrappedKey = cipher.unwrap(wrappedKey, "AES", Cipher.SECRET_KEY);
  78 
  79         // Comparison
  80         if (!Arrays.equals(key.getEncoded(), unwrappedKey.getEncoded())) {
  81             throw new Exception("FAIL: keys are not equal");
  82         } else {
  83             System.out.println("Passed key equality check");
  84         }
  85     }
  86 }