Martin Balao 4a75fd462c 8301553: Support Password-Based Cryptography in SunPKCS11
Co-authored-by: Francisco Ferrari Bihurriet <fferrari@redhat.com>
Co-authored-by: Martin Balao <mbalao@openjdk.org>
Reviewed-by: valeriep
2023-06-06 19:39:34 +00:00

260 lines
11 KiB
Java

/*
* Copyright (c) 2023, Red Hat, Inc.
*
* DO NOT ALTER OR REMOVE COPYRIGHT NOTICES OR THIS FILE HEADER.
*
* This code is free software; you can redistribute it and/or modify it
* under the terms of the GNU General Public License version 2 only, as
* published by the Free Software Foundation.
*
* This code is distributed in the hope that it will be useful, but WITHOUT
* ANY WARRANTY; without even the implied warranty of MERCHANTABILITY or
* FITNESS FOR A PARTICULAR PURPOSE. See the GNU General Public License
* version 2 for more details (a copy is included in the LICENSE file that
* accompanied this code).
*
* You should have received a copy of the GNU General Public License version
* 2 along with this work; if not, write to the Free Software Foundation,
* Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA.
*
* Please contact Oracle, 500 Oracle Parkway, Redwood Shores, CA 94065 USA
* or visit www.oracle.com if you need additional information or have any
* questions.
*/
import java.math.BigInteger;
import java.nio.charset.StandardCharsets;
import java.security.AlgorithmParameters;
import java.security.GeneralSecurityException;
import java.security.Provider;
import java.security.SecureRandom;
import java.security.Security;
import javax.crypto.Cipher;
import javax.crypto.SecretKey;
import javax.crypto.SecretKeyFactory;
import javax.crypto.interfaces.PBEKey;
import javax.crypto.spec.IvParameterSpec;
import javax.crypto.spec.PBEKeySpec;
import javax.crypto.spec.PBEParameterSpec;
/*
* @test
* @bug 8301553
* @summary test password based encryption on SunPKCS11's Cipher service
* @library /test/lib ..
* @run main/othervm/timeout=30 PBECipher
*/
public final class PBECipher extends PKCS11Test {
private static final char[] password = "123456".toCharArray();
private static final byte[] salt = "abcdefgh".getBytes(
StandardCharsets.UTF_8);
private static final int iterations = 1000;
private static final int AES_BLOCK_SIZE = 16;
private static final PBEParameterSpec pbeSpec = new PBEParameterSpec(salt,
iterations, new IvParameterSpec(new byte[AES_BLOCK_SIZE]));
private static final String plainText = "This is a known plain text!";
private static final String sep = "======================================" +
"===================================";
private enum Configuration {
// Pass salt and iterations to a Cipher through a PBEParameterSpec.
PBEParameterSpec,
// Derive a key using SunPKCS11's SecretKeyFactory (wrapping password,
// salt and iterations in a PBEKeySpec), and pass it to a Cipher.
SecretKeyFactoryDerivedKey,
// Pass salt and iterations to a Cipher through an AlgorithmParameters.
AlgorithmParameters,
// Pass password, salt and iterations and iterations to
// a Cipher through an anonymous class implementing the
// javax.crypto.interfaces.PBEKey interface.
AnonymousPBEKey,
}
private static Provider sunJCE = Security.getProvider("SunJCE");
private record AssertionData(String pbeCipherAlgo, String cipherAlgo,
BigInteger expectedCiphertext) {}
private static AssertionData cipherAssertionData(String pbeCipherAlgo,
String cipherAlgo, String staticExpectedCiphertextString) {
BigInteger staticExpectedCiphertext =
new BigInteger(staticExpectedCiphertextString, 16);
BigInteger expectedCiphertext = null;
if (sunJCE != null) {
try {
expectedCiphertext = computeCipherText(sunJCE, pbeCipherAlgo,
pbeCipherAlgo, Configuration.PBEParameterSpec);
checkAssertionValues(expectedCiphertext,
staticExpectedCiphertext);
} catch (GeneralSecurityException e) {
// Move to staticExpectedCiphertext as it's unlikely
// that any of the algorithms are available.
sunJCE = null;
}
}
if (expectedCiphertext == null) {
expectedCiphertext = staticExpectedCiphertext;
}
return new AssertionData(pbeCipherAlgo, cipherAlgo, expectedCiphertext);
}
private static void checkAssertionValues(BigInteger expectedValue,
BigInteger staticExpectedValue) {
if (!expectedValue.equals(staticExpectedValue)) {
printHex("SunJCE value", expectedValue);
printHex("Static value", staticExpectedValue);
throw new Error("Static and SunJCE values do not match.");
}
}
// Generated with SunJCE.
private static final AssertionData[] assertionData = new AssertionData[]{
cipherAssertionData("PBEWithHmacSHA1AndAES_128",
"AES/CBC/PKCS5Padding", "ba1c9614d550912925d99e0bc8969032" +
"7ac6258b72117dcf750c19ee6ca73dd4"),
cipherAssertionData("PBEWithHmacSHA224AndAES_128",
"AES/CBC/PKCS5Padding", "41960c43ca99cf2184511aaf2f0508a9" +
"7da3762ee6c2b7e2027c8076811f2e52"),
cipherAssertionData("PBEWithHmacSHA256AndAES_128",
"AES/CBC/PKCS5Padding", "6bb6a3dc3834e81e5ca6b5e70073ff46" +
"903b188940a269ed26db2ffe622b8e16"),
cipherAssertionData("PBEWithHmacSHA384AndAES_128",
"AES/CBC/PKCS5Padding", "22aabf7a6a059415dc4ca7d985f3de06" +
"8f8300ca48d8de585d802670f4c1d9bd"),
cipherAssertionData("PBEWithHmacSHA512AndAES_128",
"AES/CBC/PKCS5Padding", "b523e7c462a0b7fd74e492b3a6550464" +
"ceebe81f08649ae163673afc242ad8a2"),
cipherAssertionData("PBEWithHmacSHA1AndAES_256",
"AES/CBC/PKCS5Padding", "1e7c25e166afae069cec68ef9affca61" +
"aea02ab1c3dc7471cb767ed7d6e37af0"),
cipherAssertionData("PBEWithHmacSHA224AndAES_256",
"AES/CBC/PKCS5Padding", "6701f1cc75b6494ec4bd27158aa2c15d" +
"7d10bc2f1fbb7d92d8277c7edfd1dd57"),
cipherAssertionData("PBEWithHmacSHA256AndAES_256",
"AES/CBC/PKCS5Padding", "f82eb2fc016505baeb23ecdf85163933" +
"5e8d6d48b48631185641febb75898a1d"),
cipherAssertionData("PBEWithHmacSHA384AndAES_256",
"AES/CBC/PKCS5Padding", "ee9528022e58cdd9be80cd88443e03b3" +
"de13376cf97c53d946d5c5dfc88097be"),
cipherAssertionData("PBEWithHmacSHA512AndAES_256",
"AES/CBC/PKCS5Padding", "18f472912ffaa31824e20a5486324e14" +
"0225e20cb158762e8647b1216fe0ab7e"),
};
private static final class NoRandom extends SecureRandom {
@Override
public void nextBytes(byte[] bytes) {}
}
public void main(Provider sunPKCS11) throws Exception {
System.out.println("SunPKCS11: " + sunPKCS11.getName());
for (Configuration conf : Configuration.values()) {
for (AssertionData data : assertionData) {
testWith(sunPKCS11, data, true, conf);
if (conf != Configuration.PBEParameterSpec &&
conf != Configuration.AlgorithmParameters) {
testWith(sunPKCS11, data, false, conf);
}
}
}
System.out.println("TEST PASS - OK");
}
private static void testWith(Provider sunPKCS11, AssertionData data,
boolean testPBEService, Configuration conf) throws Exception {
String svcAlgo = testPBEService ? data.pbeCipherAlgo : data.cipherAlgo;
System.out.println(sep + System.lineSeparator() + svcAlgo
+ " (with " + conf.name() + ")");
BigInteger cipherText = computeCipherText(sunPKCS11, svcAlgo,
data.pbeCipherAlgo, conf);
printHex("Cipher Text", cipherText);
if (!cipherText.equals(data.expectedCiphertext)) {
printHex("Expected Cipher Text", data.expectedCiphertext);
throw new Exception("Expected Cipher Text did not match");
}
}
private static BigInteger computeCipherText(Provider p, String svcAlgo,
String keyAlgo, Configuration conf)
throws GeneralSecurityException {
Cipher cipher = Cipher.getInstance(svcAlgo, p);
switch (conf) {
case PBEParameterSpec, AlgorithmParameters -> {
SecretKey key = getPasswordOnlyPBEKey();
switch (conf) {
case PBEParameterSpec -> {
cipher.init(Cipher.ENCRYPT_MODE, key, pbeSpec);
}
case AlgorithmParameters -> {
AlgorithmParameters algoParams =
AlgorithmParameters.getInstance("PBES2");
algoParams.init(pbeSpec);
cipher.init(Cipher.ENCRYPT_MODE, key, algoParams);
}
}
}
case SecretKeyFactoryDerivedKey -> {
SecretKey key = getDerivedSecretKey(p, keyAlgo);
cipher.init(Cipher.ENCRYPT_MODE, key,
pbeSpec.getParameterSpec());
}
case AnonymousPBEKey -> {
SecretKey key = getAnonymousPBEKey(keyAlgo,
svcAlgo.equals(keyAlgo));
cipher.init(Cipher.ENCRYPT_MODE, key, new NoRandom());
}
}
return new BigInteger(1, cipher.doFinal(
plainText.getBytes(StandardCharsets.UTF_8)));
}
private static SecretKey getPasswordOnlyPBEKey()
throws GeneralSecurityException {
return SecretKeyFactory.getInstance("PBE")
.generateSecret(new PBEKeySpec(password));
}
private static SecretKey getDerivedSecretKey(Provider sunPKCS11,
String algorithm) throws GeneralSecurityException {
return SecretKeyFactory.getInstance(algorithm, sunPKCS11)
.generateSecret(new PBEKeySpec(password, salt, iterations));
}
private static SecretKey getAnonymousPBEKey(String algorithm,
boolean isPbeCipherSvc) {
return new PBEKey() {
public byte[] getSalt() { return salt.clone(); }
public int getIterationCount() { return iterations; }
public String getAlgorithm() { return algorithm; }
public String getFormat() { return "RAW"; }
public char[] getPassword() { return password.clone(); }
public byte[] getEncoded() {
byte[] encodedKey = null;
if (isPbeCipherSvc) {
encodedKey = new byte[password.length];
for (int i = 0; i < password.length; i++) {
encodedKey[i] = (byte) (password[i] & 0x7f);
}
}
return encodedKey;
}
};
}
private static void printHex(String title, BigInteger b) {
String repr = (b == null) ? "buffer is null" : b.toString(16);
System.out.println(title + ": " + repr + System.lineSeparator());
}
public static void main(String[] args) throws Exception {
main(new PBECipher());
}
}