/*
* Copyright (c) 2015, Oracle and/or its affiliates. All rights reserved.
* DO NOT ALTER OR REMOVE COPYRIGHT NOTICES OR THIS FILE HEADER.
*
* This code is free software; you can redistribute it and/or modify it
* under the terms of the GNU General Public License version 2 only, as
* published by the Free Software Foundation.
*
* This code is distributed in the hope that it will be useful, but WITHOUT
* ANY WARRANTY; without even the implied warranty of MERCHANTABILITY or
* FITNESS FOR A PARTICULAR PURPOSE. See the GNU General Public License
* version 2 for more details (a copy is included in the LICENSE file that
* accompanied this code).
*
* You should have received a copy of the GNU General Public License version
* 2 along with this work; if not, write to the Free Software Foundation,
* Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA.
*
* Please contact Oracle, 500 Oracle Parkway, Redwood Shores, CA 94065 USA
* or visit www.oracle.com if you need additional information or have any
* questions.
*/
import static javax.crypto.Cipher.ENCRYPT_MODE;
import static javax.crypto.Cipher.getMaxAllowedKeyLength;
import java.security.InvalidAlgorithmParameterException;
import java.security.InvalidKeyException;
import java.security.NoSuchAlgorithmException;
import java.security.NoSuchProviderException;
import java.security.spec.AlgorithmParameterSpec;
import java.util.Arrays;
import java.util.List;
import javax.crypto.BadPaddingException;
import javax.crypto.Cipher;
import javax.crypto.IllegalBlockSizeException;
import javax.crypto.KeyGenerator;
import javax.crypto.NoSuchPaddingException;
import javax.crypto.SecretKey;
import javax.crypto.ShortBufferException;
import javax.crypto.spec.IvParameterSpec;
/*
* @test
* @bug 8075286
* @summary Test the AES algorithm OIDs in JDK.
* OID and Algorithm transformation string should match.
* Both could be able to be used to generate the algorithm instance.
* @run main TestAESOids
*/
public class TestAESOids {
private static final String PROVIDER_NAME = "SunJCE";
private static final byte[] INPUT = "1234567890123456".getBytes();
private static final List<DataTuple> DATA = Arrays.asList(
new DataTuple("2.16.840.1.101.3.4.1.1", "AES_128/ECB/NoPadding",
128, "ECB"),
new DataTuple("2.16.840.1.101.3.4.1.2", "AES_128/CBC/NoPadding",
128, "CBC"),
new DataTuple("2.16.840.1.101.3.4.1.3", "AES_128/OFB/NoPadding",
128, "OFB"),
new DataTuple("2.16.840.1.101.3.4.1.4", "AES_128/CFB/NoPadding",
128, "CFB"),
new DataTuple("2.16.840.1.101.3.4.1.21", "AES_192/ECB/NoPadding",
192, "ECB"),
new DataTuple("2.16.840.1.101.3.4.1.22", "AES_192/CBC/NoPadding",
192, "CBC"),
new DataTuple("2.16.840.1.101.3.4.1.23", "AES_192/OFB/NoPadding",
192, "OFB"),
new DataTuple("2.16.840.1.101.3.4.1.24", "AES_192/CFB/NoPadding",
192, "CFB"),
new DataTuple("2.16.840.1.101.3.4.1.41", "AES_256/ECB/NoPadding",
256, "ECB"),
new DataTuple("2.16.840.1.101.3.4.1.42", "AES_256/CBC/NoPadding",
256, "CBC"),
new DataTuple("2.16.840.1.101.3.4.1.43", "AES_256/OFB/NoPadding",
256, "OFB"),
new DataTuple("2.16.840.1.101.3.4.1.44", "AES_256/CFB/NoPadding",
256, "CFB"));
public static void main(String[] args) throws Exception {
for (DataTuple dataTuple : DATA) {
int maxAllowedKeyLength =
getMaxAllowedKeyLength(dataTuple.algorithm);
boolean supportedKeyLength =
maxAllowedKeyLength >= dataTuple.keyLength;
try {
runTest(dataTuple, supportedKeyLength);
System.out.println("passed");
} catch (InvalidKeyException ike) {
if (supportedKeyLength) {
throw new RuntimeException(String.format(
"The key length %d is supported, but test failed.",
dataTuple.keyLength), ike);
} else {
System.out.printf(
"Catch expected InvalidKeyException due "
+ "to the key length %d is greater than "
+ "max supported key length %d%n",
dataTuple.keyLength, maxAllowedKeyLength);
}
}
}
}
private static void runTest(DataTuple dataTuple,
boolean supportedKeyLength) throws NoSuchAlgorithmException,
NoSuchProviderException, NoSuchPaddingException,
InvalidKeyException, ShortBufferException,
IllegalBlockSizeException, BadPaddingException,
InvalidAlgorithmParameterException {
Cipher algorithmCipher = Cipher.getInstance(dataTuple.algorithm,
PROVIDER_NAME);
Cipher oidCipher = Cipher.getInstance(dataTuple.oid, PROVIDER_NAME);
if (algorithmCipher == null) {
throw new RuntimeException(
String.format("Test failed: algorithm string %s getInstance"
+ " failed.%n", dataTuple.algorithm));
}
if (oidCipher == null) {
throw new RuntimeException(
String.format("Test failed: OID %s getInstance failed.%n",
dataTuple.oid));
}
if (!algorithmCipher.getAlgorithm().equals(dataTuple.algorithm)) {
throw new RuntimeException(String.format(
"Test failed: algorithm string %s getInstance "
+ "doesn't generate expected algorithm.%n",
dataTuple.algorithm));
}
KeyGenerator kg = KeyGenerator.getInstance("AES");
kg.init(dataTuple.keyLength);
SecretKey key = kg.generateKey();
// encrypt
algorithmCipher.init(ENCRYPT_MODE, key);
if (!supportedKeyLength) {
throw new RuntimeException(String.format(
"The key length %d is not supported, so the initialization "
+ "of algorithmCipher should fail.%n",
dataTuple.keyLength));
}
byte[] cipherText = new byte[algorithmCipher.getOutputSize(INPUT.length)];
int offset = algorithmCipher.update(INPUT, 0, INPUT.length,
cipherText, 0);
algorithmCipher.doFinal(cipherText, offset);
AlgorithmParameterSpec aps = null;
if (!dataTuple.mode.equalsIgnoreCase("ECB")) {
aps = new IvParameterSpec(algorithmCipher.getIV());
}
oidCipher.init(Cipher.DECRYPT_MODE, key, aps);
if (!supportedKeyLength) {
throw new RuntimeException(String.format(
"The key length %d is not supported, so the "
+ "initialization of oidCipher should fail.%n",
dataTuple.keyLength));
}
byte[] recoveredText = new byte[oidCipher.getOutputSize(cipherText.length)];
oidCipher.doFinal(cipherText, 0, cipherText.length, recoveredText);
// Comparison
if (!Arrays.equals(INPUT, recoveredText)) {
throw new RuntimeException(
"Decrypted data is not the same as the original text");
}
}
private static class DataTuple {
private final String oid;
private final String algorithm;
private final int keyLength;
private final String mode;
private DataTuple(String oid, String algorithm, int keyLength,
String mode) {
this.oid = oid;
this.algorithm = algorithm;
this.keyLength = keyLength;
this.mode = mode;
}
}
}