113 lines
3.8 KiB
Java
113 lines
3.8 KiB
Java
/*
|
|
* Copyright (c) 2014, Oracle and/or its affiliates. All rights reserved.
|
|
* DO NOT ALTER OR REMOVE COPYRIGHT NOTICES OR THIS FILE HEADER.
|
|
*
|
|
* This code is free software; you can redistribute it and/or modify it
|
|
* under the terms of the GNU General Public License version 2 only, as
|
|
* published by the Free Software Foundation.
|
|
*
|
|
* This code is distributed in the hope that it will be useful, but WITHOUT
|
|
* ANY WARRANTY; without even the implied warranty of MERCHANTABILITY or
|
|
* FITNESS FOR A PARTICULAR PURPOSE. See the GNU General Public License
|
|
* version 2 for more details (a copy is included in the LICENSE file that
|
|
* accompanied this code).
|
|
*
|
|
* You should have received a copy of the GNU General Public License version
|
|
* 2 along with this work; if not, write to the Free Software Foundation,
|
|
* Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA.
|
|
*
|
|
* Please contact Oracle, 500 Oracle Parkway, Redwood Shores, CA 94065 USA
|
|
* or visit www.oracle.com if you need additional information or have any
|
|
* questions.
|
|
*/
|
|
|
|
/*
|
|
* @test
|
|
* @bug 8036970
|
|
* @summary Ensure that Cipher object is still usable after SBE.
|
|
* @author Valerie Peng
|
|
*/
|
|
|
|
import java.security.*;
|
|
import javax.crypto.*;
|
|
import javax.crypto.spec.*;
|
|
import java.math.*;
|
|
|
|
import java.util.*;
|
|
|
|
public class TestGCMWithSBE extends UcryptoTest {
|
|
|
|
private static final byte[] PT = new byte[32];
|
|
private static final byte[] ONE_BYTE = new byte[1];
|
|
|
|
public static void main(String[] args) throws Exception {
|
|
main(new TestGCMWithSBE(), null);
|
|
}
|
|
|
|
public void doTest(Provider p) throws Exception {
|
|
Cipher c;
|
|
try {
|
|
c = Cipher.getInstance("AES/GCM/NoPadding", p);
|
|
} catch (NoSuchAlgorithmException nsae) {
|
|
System.out.println("Skipping Test due to No GCM support");
|
|
return;
|
|
}
|
|
|
|
SecretKey key = new SecretKeySpec(new byte[16], "AES");
|
|
c.init(Cipher.ENCRYPT_MODE, key);
|
|
|
|
// test SBE with update calls
|
|
byte[] ct1 = null;
|
|
try {
|
|
c.update(PT, 0, PT.length, ONE_BYTE);
|
|
} catch (ShortBufferException sbe) {
|
|
// retry should work
|
|
ct1 = c.update(PT, 0, PT.length);
|
|
}
|
|
|
|
byte[] ct2PlusTag = null;
|
|
// test SBE with doFinal calls
|
|
try {
|
|
c.doFinal(ONE_BYTE, 0);
|
|
} catch (ShortBufferException sbe) {
|
|
// retry should work
|
|
ct2PlusTag = c.doFinal();
|
|
}
|
|
|
|
// Validate the retrieved parameters against the IV and tag length.
|
|
AlgorithmParameters params = c.getParameters();
|
|
if (params == null) {
|
|
throw new Exception("getParameters() should not return null");
|
|
}
|
|
GCMParameterSpec spec = params.getParameterSpec(GCMParameterSpec.class);
|
|
if (spec.getTLen() != (ct1.length + ct2PlusTag.length - PT.length)*8) {
|
|
throw new Exception("Parameters contains incorrect TLen value");
|
|
}
|
|
if (!Arrays.equals(spec.getIV(), c.getIV())) {
|
|
throw new Exception("Parameters contains incorrect IV value");
|
|
}
|
|
|
|
// Should be ok to use the same key+iv for decryption
|
|
c.init(Cipher.DECRYPT_MODE, key, params);
|
|
byte[] pt1 = c.update(ct1);
|
|
if (pt1 != null && pt1.length != 0) {
|
|
throw new Exception("Recovered text should not be returned "
|
|
+ "to caller before tag verification");
|
|
}
|
|
|
|
byte[] pt2 = null;
|
|
try {
|
|
c.doFinal(ct2PlusTag, 0, ct2PlusTag.length, ONE_BYTE);
|
|
} catch (ShortBufferException sbe) {
|
|
// retry should work
|
|
pt2 = c.doFinal(ct2PlusTag);
|
|
}
|
|
if (!Arrays.equals(pt2, PT)) {
|
|
throw new Exception("decryption result mismatch");
|
|
}
|
|
|
|
System.out.println("Test Passed!");
|
|
}
|
|
}
|
|
|