8001596: Incorrect condition check in PBKDF2KeyImpl.JAVA

Reviewed-by: wetmore
2013-04-11 18:00:23 +01:00 · 2013-04-11 18:00:23 +01:00 · dbfbe6ca61
commit dbfbe6ca61
parent 080470408b
2 changed files with 67 additions and 1 deletions
--- a/jdk/src/share/classes/com/sun/crypto/provider/PBKDF2KeyImpl.java
+++ b/jdk/src/share/classes/com/sun/crypto/provider/PBKDF2KeyImpl.java
@ -101,7 +101,7 @@ final class PBKDF2KeyImpl implements javax.crypto.interfaces.PBEKey {
        int keyLength = keySpec.getKeyLength();
        if (keyLength == 0) {
            throw new InvalidKeySpecException("Key length not found");
-        } else if (keyLength == 0) {
+        } else if (keyLength < 0) {
            throw new InvalidKeySpecException("Key length is negative");
        }
        try {
--- a/jdk/test/com/sun/crypto/provider/Cipher/PBE/NegativeLength.java
+++ b/jdk/test/com/sun/crypto/provider/Cipher/PBE/NegativeLength.java
@ -0,0 +1,66 @@
+/*
+ * Copyright (c) 2013, Oracle and/or its affiliates. All rights reserved.
+ * DO NOT ALTER OR REMOVE COPYRIGHT NOTICES OR THIS FILE HEADER.
+ *
+ * This code is free software; you can redistribute it and/or modify it
+ * under the terms of the GNU General Public License version 2 only, as
+ * published by the Free Software Foundation.
+ *
+ * This code is distributed in the hope that it will be useful, but WITHOUT
+ * ANY WARRANTY; without even the implied warranty of MERCHANTABILITY or
+ * FITNESS FOR A PARTICULAR PURPOSE.  See the GNU General Public License
+ * version 2 for more details (a copy is included in the LICENSE file that
+ * accompanied this code).
+ *
+ * You should have received a copy of the GNU General Public License version
+ * 2 along with this work; if not, write to the Free Software Foundation,
+ * Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA.
+ *
+ * Please contact Oracle, 500 Oracle Parkway, Redwood Shores, CA 94065 USA
+ * or visit www.oracle.com if you need additional information or have any
+ * questions.
+ */
+
+/*
+ * @test
+ * @bug 8001596
+ * @summary Incorrect condition check in PBKDF2KeyImpl.java
+ */
+
+import java.security.*;
+import java.security.spec.*;
+import javax.crypto.*;
+import javax.crypto.spec.*;
+import java.lang.reflect.*;
+
+public class NegativeLength {
+
+    public static void main(String[] args) throws Exception {
+        SecretKeyFactory skf = SecretKeyFactory.getInstance(
+            "PBKDF2WithHmacSHA1", "SunJCE");
+
+        // Create a valid PBEKeySpec
+        PBEKeySpec pbeks = new PBEKeySpec(
+            new char['p'], new byte[1], 1024, 8);
+
+        // Use reflection to set it negative.
+        Class c = pbeks.getClass();
+        Field f = c.getDeclaredField("keyLength");
+        f.setAccessible(true);
+        f.setInt(pbeks, -8);
+
+        System.out.println("pbeks.getKeyLength(): " + pbeks.getKeyLength());
+
+        try {
+
+            // A negative length is clearly wrong, we should get a
+            // InvalidKeySpecException.  Anything else is wrong.
+            skf.generateSecret(pbeks);
+            throw new Exception("We shouldn't get here.");
+        } catch (InvalidKeySpecException ike) {
+            // swallow, this is the exception we want.
+            System.out.println("Test Passed.");
+        }
+    }
+}
+