Path: blob/master/test/jdk/com/sun/crypto/provider/NSASuiteB/TestAESWrapOids.java
41155 views
/*1* Copyright (c) 2015, 2021, Oracle and/or its affiliates. All rights reserved.2* DO NOT ALTER OR REMOVE COPYRIGHT NOTICES OR THIS FILE HEADER.3*4* This code is free software; you can redistribute it and/or modify it5* under the terms of the GNU General Public License version 2 only, as6* published by the Free Software Foundation.7*8* This code is distributed in the hope that it will be useful, but WITHOUT9* ANY WARRANTY; without even the implied warranty of MERCHANTABILITY or10* FITNESS FOR A PARTICULAR PURPOSE. See the GNU General Public License11* version 2 for more details (a copy is included in the LICENSE file that12* accompanied this code).13*14* You should have received a copy of the GNU General Public License version15* 2 along with this work; if not, write to the Free Software Foundation,16* Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA.17*18* Please contact Oracle, 500 Oracle Parkway, Redwood Shores, CA 94065 USA19* or visit www.oracle.com if you need additional information or have any20* questions.21*/2223import static javax.crypto.Cipher.getMaxAllowedKeyLength;2425import java.security.InvalidKeyException;26import java.security.Key;27import java.security.NoSuchAlgorithmException;28import java.security.NoSuchProviderException;29import java.util.Arrays;30import java.util.List;3132import javax.crypto.Cipher;33import javax.crypto.IllegalBlockSizeException;34import javax.crypto.KeyGenerator;35import javax.crypto.NoSuchPaddingException;36import javax.crypto.SecretKey;3738/*39* @test40* @bug 8075286 824826841* @summary Test the AES-Key-Wrap and AES-Key-Wrap-Pad algorithm OIDs in JDK.42* OID and Algorithm transformation string should match.43* Both could be able to be used to generate the algorithm instance.44* @run main TestAESWrapOids45*/46public class TestAESWrapOids {4748private static final String PROVIDER_NAME = "SunJCE";4950private static final List<DataTuple> DATA = Arrays.asList(51new DataTuple("2.16.840.1.101.3.4.1.5", "AESWrap_128"),52new DataTuple("2.16.840.1.101.3.4.1.25", "AESWrap_192"),53new DataTuple("2.16.840.1.101.3.4.1.45", "AESWrap_256"),54new DataTuple("2.16.840.1.101.3.4.1.5", "AES_128/KW/NoPadding"),55new DataTuple("2.16.840.1.101.3.4.1.25", "AES_192/KW/NoPadding"),56new DataTuple("2.16.840.1.101.3.4.1.45", "AES_256/KW/NoPadding"),57new DataTuple("2.16.840.1.101.3.4.1.8", "AES_128/KWP/NoPadding"),58new DataTuple("2.16.840.1.101.3.4.1.28", "AES_192/KWP/NoPadding"),59new DataTuple("2.16.840.1.101.3.4.1.48", "AES_256/KWP/NoPadding"));6061public static void main(String[] args) throws Exception {62for (DataTuple dataTuple : DATA) {63int maxAllowedKeyLength = getMaxAllowedKeyLength(64dataTuple.algorithm);65boolean supportedKeyLength =66maxAllowedKeyLength >= dataTuple.keyLength;6768try {69runTest(dataTuple, supportedKeyLength);70System.out.println("passed");71} catch (InvalidKeyException ike) {72if (supportedKeyLength) {73throw new RuntimeException(String.format(74"The key length %d is supported, but test failed.",75dataTuple.keyLength), ike);76} else {77System.out.printf(78"Catch expected InvalidKeyException "79+ "due to the key length %d is greater "80+ "than max supported key length %d%n",81dataTuple.keyLength, maxAllowedKeyLength);82}83}84}85}8687private static void runTest(DataTuple dataTuple, boolean supportedKeyLength)88throws NoSuchAlgorithmException, NoSuchProviderException,89NoSuchPaddingException, InvalidKeyException,90IllegalBlockSizeException {91Cipher algorithmCipher = Cipher.getInstance(92dataTuple.algorithm, PROVIDER_NAME);93Cipher oidCipher = Cipher.getInstance(dataTuple.oid, PROVIDER_NAME);9495if (algorithmCipher == null) {96throw new RuntimeException(String.format(97"Test failed: algorithm string %s getInstance failed.%n",98dataTuple.algorithm));99}100101if (oidCipher == null) {102throw new RuntimeException(103String.format("Test failed: OID %s getInstance failed.%n",104dataTuple.oid));105}106107if (!algorithmCipher.getAlgorithm().equals(108dataTuple.algorithm)) {109throw new RuntimeException(String.format(110"Test failed: algorithm string %s getInstance "111+ "doesn't generate expected algorithm.%n",112dataTuple.oid));113}114115KeyGenerator kg = KeyGenerator.getInstance("AES");116kg.init(dataTuple.keyLength);117SecretKey key = kg.generateKey();118119// Wrap the key120algorithmCipher.init(Cipher.WRAP_MODE, key);121if (!supportedKeyLength) {122throw new RuntimeException(String.format(123"The key length %d is not supported, so the initialization"124+ " of algorithmCipher should fail.%n",125dataTuple.keyLength));126}127128// Unwrap the key129oidCipher.init(Cipher.UNWRAP_MODE, key);130if (!supportedKeyLength) {131throw new RuntimeException(String.format(132"The key length %d is not supported, so the initialization"133+ " of oidCipher should fail.%n",134dataTuple.keyLength));135}136137byte[] keyWrapper = algorithmCipher.wrap(key);138Key unwrappedKey = oidCipher.unwrap(keyWrapper, "AES",139Cipher.SECRET_KEY);140141// Comparison142if (!Arrays.equals(key.getEncoded(), unwrappedKey.getEncoded())) {143throw new RuntimeException("Key comparison failed");144}145}146147private static class DataTuple {148149private final String oid;150private final String algorithm;151private final int keyLength;152153private DataTuple(String oid, String algorithm) {154this.oid = oid;155this.algorithm = algorithm;156this.keyLength = switch (oid) {157case "2.16.840.1.101.3.4.1.5", "2.16.840.1.101.3.4.1.8"->128;158case "2.16.840.1.101.3.4.1.25", "2.16.840.1.101.3.4.1.28"->192;159case "2.16.840.1.101.3.4.1.45", "2.16.840.1.101.3.4.1.48"->256;160default->throw new RuntimeException("Unrecognized oid: " + oid);161};162}163}164}165166167