Path: blob/master/test/jdk/javax/crypto/Cipher/CipherInputStreamExceptions.java
41149 views
/*1* Copyright (c) 2015, 2019, Oracle and/or its affiliates. All rights reserved.2* DO NOT ALTER OR REMOVE COPYRIGHT NOTICES OR THIS FILE HEADER.3*4* This code is free software; you can redistribute it and/or modify it5* under the terms of the GNU General Public License version 2 only, as6* published by the Free Software Foundation.7*8* This code is distributed in the hope that it will be useful, but WITHOUT9* ANY WARRANTY; without even the implied warranty of MERCHANTABILITY or10* FITNESS FOR A PARTICULAR PURPOSE. See the GNU General Public License11* version 2 for more details (a copy is included in the LICENSE file that12* accompanied this code).13*14* You should have received a copy of the GNU General Public License version15* 2 along with this work; if not, write to the Free Software Foundation,16* Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA.17*18* Please contact Oracle, 500 Oracle Parkway, Redwood Shores, CA 94065 USA19* or visit www.oracle.com if you need additional information or have any20* questions.21*/2223/*24* @test25* @bug 806454626* @summary Throw exceptions during reading but not closing of a27* CipherInputStream:28* - Make sure authenticated algorithms continue to throwing exceptions29* when the authentication tag fails verification.30* - Make sure other algorithms do not throw exceptions when the stream31* calls close() and only throw when read() errors.32*/3334import java.io.ByteArrayInputStream;35import java.io.IOException;36import java.lang.Exception;37import java.lang.RuntimeException;38import java.lang.Throwable;39import java.security.AlgorithmParameters;40import javax.crypto.AEADBadTagException;41import javax.crypto.Cipher;42import javax.crypto.CipherInputStream;43import javax.crypto.IllegalBlockSizeException;44import javax.crypto.spec.IvParameterSpec;45import javax.crypto.spec.SecretKeySpec;46import javax.crypto.spec.GCMParameterSpec;4748public class CipherInputStreamExceptions {4950static SecretKeySpec key = new SecretKeySpec(new byte[16], "AES");51static GCMParameterSpec gcmspec = new GCMParameterSpec(128, new byte[16]);52static IvParameterSpec iv = new IvParameterSpec(new byte[16]);53static boolean failure = false;5455/* Full read stream, check that getMoreData() is throwing an exception56* This test57* 1) Encrypt 100 bytes with AES/GCM/NoPadding58* 2) Changes the last byte to invalidate the authetication tag.59* 3) Fully reads CipherInputStream to decrypt the message and closes60*/6162static void gcm_AEADBadTag() throws Exception {63Cipher c;64byte[] read = new byte[200];6566System.out.println("Running gcm_AEADBadTag");6768// Encrypt 100 bytes with AES/GCM/NoPadding69byte[] ct = encryptedText("GCM", 100);70// Corrupt the encrypted message71ct = corruptGCM(ct);72// Create stream for decryption73CipherInputStream in = getStream("GCM", ct);7475try {76int size = in.read(read);77throw new RuntimeException("Fail: CipherInputStream.read() " +78"returned " + size + " and didn't throw an exception.");79} catch (IOException e) {80Throwable ec = e.getCause();81if (ec instanceof AEADBadTagException) {82System.out.println(" Pass.");83} else {84System.out.println(" Fail: " + ec.getMessage());85throw new RuntimeException(ec);86}87} finally {88in.close();89}90}9192/* Short read stream,93* This test94* 1) Encrypt 100 bytes with AES/GCM/NoPadding95* 2) Reads 100 bytes from stream to decrypt the message and closes96* 3) Make sure no value is returned by read()97* 4) Make sure no exception is thrown98*/99100static void gcm_shortReadAEAD() throws Exception {101Cipher c;102byte[] read = new byte[100];103104System.out.println("Running gcm_shortReadAEAD");105106byte[] pt = new byte[600];107pt[0] = 1;108// Encrypt provided 600 bytes with AES/GCM/NoPadding109byte[] ct = encryptedText("GCM", pt);110// Create stream for decryption111CipherInputStream in = getStream("GCM", ct);112113int size = 0;114try {115size = in.read(read);116in.close();117if (read.length != 100) {118throw new RuntimeException("Fail: read size = " + read.length +119"should be 100.");120}121if (read[0] != 1) {122throw new RuntimeException("Fail: The decrypted text does " +123"not match the plaintext: '" + read[0] +"'");124}125} catch (IOException e) {126System.out.println(" Fail: " + e.getMessage());127throw new RuntimeException(e.getCause());128}129System.out.println(" Pass.");130}131132/*133* Verify doFinal() exception is suppressed when input stream is not134* read before it is closed.135* This test:136* 1) Encrypt 100 bytes with AES/GCM/NoPadding137* 2) Changes the last byte to invalidate the authetication tag.138* 3) Opens a CipherInputStream and the closes it. Never reads from it.139*140* There should be no exception thrown.141*/142static void gcm_suppressUnreadCorrupt() throws Exception {143Cipher c;144byte[] read = new byte[200];145146System.out.println("Running supressUnreadCorrupt test");147148// Encrypt 100 bytes with AES/GCM/NoPadding149byte[] ct = encryptedText("GCM", 100);150// Corrupt the encrypted message151ct = corruptGCM(ct);152// Create stream for decryption153CipherInputStream in = getStream("GCM", ct);154155try {156in.close();157System.out.println(" Pass.");158} catch (IOException e) {159System.out.println(" Fail: " + e.getMessage());160throw new RuntimeException(e.getCause());161}162}163164/*165* Verify noexception thrown when 1 byte is read from a GCM stream166* and then closed167* This test:168* 1) Encrypt 100 bytes with AES/GCM/NoPadding169* 2) Read one byte from the stream, expect no exception thrown.170* 4) Close stream,expect no exception thrown.171*/172static void gcm_oneReadByte() throws Exception {173174System.out.println("Running gcm_oneReadByte test");175176// Encrypt 100 bytes with AES/GCM/NoPadding177byte[] ct = encryptedText("GCM", 100);178// Create stream for decryption179CipherInputStream in = getStream("GCM", ct);180181try {182in.read();183System.out.println(" Pass.");184} catch (Exception e) {185System.out.println(" Fail: " + e.getMessage());186throw new RuntimeException(e.getCause());187}188}189190/*191* Verify exception thrown when 1 byte is read from a corrupted GCM stream192* and then closed193* This test:194* 1) Encrypt 100 bytes with AES/GCM/NoPadding195* 2) Changes the last byte to invalidate the authetication tag.196* 3) Read one byte from the stream, expect exception thrown.197* 4) Close stream,expect no exception thrown.198*/199static void gcm_oneReadByteCorrupt() throws Exception {200201System.out.println("Running gcm_oneReadByteCorrupt test");202203// Encrypt 100 bytes with AES/GCM/NoPadding204byte[] ct = encryptedText("GCM", 100);205// Corrupt the encrypted message206ct = corruptGCM(ct);207// Create stream for decryption208CipherInputStream in = getStream("GCM", ct);209210try {211in.read();212System.out.println(" Fail. No exception thrown.");213} catch (IOException e) {214Throwable ec = e.getCause();215if (ec instanceof AEADBadTagException) {216System.out.println(" Pass.");217} else {218System.out.println(" Fail: " + ec.getMessage());219throw new RuntimeException(ec);220}221}222}223224/* Check that close() does not throw an exception with full message in225* CipherInputStream's ibuffer.226* This test:227* 1) Encrypts a 97 byte message with AES/CBC/PKCS5Padding228* 2) Create a stream that sends 96 bytes.229* 3) Read stream once,230* 4) Close and expect no exception231*/232233static void cbc_shortStream() throws Exception {234Cipher c;235AlgorithmParameters params;236byte[] read = new byte[200];237238System.out.println("Running cbc_shortStream");239240// Encrypt 97 byte with AES/CBC/PKCS5Padding241byte[] ct = encryptedText("CBC", 97);242// Create stream with only 96 bytes of encrypted data243CipherInputStream in = getStream("CBC", ct, 96);244245try {246int size = in.read(read);247in.close();248if (size != 80) {249throw new RuntimeException("Fail: CipherInputStream.read() " +250"returned " + size + ". Should have been 80");251}252System.out.println(" Pass.");253} catch (IOException e) {254System.out.println(" Fail: " + e.getMessage());255throw new RuntimeException(e.getCause());256}257}258259/* Check that close() does not throw an exception when the whole message is260* inside the internal buffer (ibuffer) in CipherInputStream and we read261* one byte and close the stream.262* This test:263* 1) Encrypts a 400 byte message with AES/CBC/PKCS5Padding264* 2) Read one byte from the stream265* 3) Close and expect no exception266*/267268static void cbc_shortRead400() throws Exception {269System.out.println("Running cbc_shortRead400");270271// Encrypt 400 byte with AES/CBC/PKCS5Padding272byte[] ct = encryptedText("CBC", 400);273// Create stream with encrypted data274CipherInputStream in = getStream("CBC", ct);275276try {277in.read();278in.close();279System.out.println(" Pass.");280} catch (IOException e) {281System.out.println(" Fail: " + e.getMessage());282throw new RuntimeException(e.getCause());283}284}285286/* Check that close() does not throw an exception when the inside the287* internal buffer (ibuffer) in CipherInputStream does not contain the288* whole message.289* This test:290* 1) Encrypts a 600 byte message with AES/CBC/PKCS5Padding291* 2) Read one byte from the stream292* 3) Close and expect no exception293*/294295static void cbc_shortRead600() throws Exception {296System.out.println("Running cbc_shortRead600");297298// Encrypt 600 byte with AES/CBC/PKCS5Padding299byte[] ct = encryptedText("CBC", 600);300// Create stream with encrypted data301CipherInputStream in = getStream("CBC", ct);302303try {304in.read();305in.close();306System.out.println(" Pass.");307} catch (IOException e) {308System.out.println(" Fail: " + e.getMessage());309throw new RuntimeException(e.getCause());310}311}312313/* Check that exception is thrown when message is fully read314* This test:315* 1) Encrypts a 96 byte message with AES/CBC/PKCS5Padding316* 2) Create a stream that sends 95 bytes.317* 3) Read stream to the end318* 4) Expect IllegalBlockSizeException thrown319*/320321static void cbc_readAllIllegalBlockSize() throws Exception {322byte[] read = new byte[200];323324System.out.println("Running cbc_readAllIllegalBlockSize test");325326// Encrypt 96 byte with AES/CBC/PKCS5Padding327byte[] ct = encryptedText("CBC", 96);328// Create a stream with only 95 bytes of encrypted data329CipherInputStream in = getStream("CBC", ct, 95);330331try {332int s, size = 0;333while ((s = in.read(read)) != -1) {334size += s;335}336throw new RuntimeException("Fail: No IllegalBlockSizeException. " +337"CipherInputStream.read() returned " + size);338339} catch (IOException e) {340Throwable ec = e.getCause();341if (ec instanceof IllegalBlockSizeException) {342System.out.println(" Pass.");343} else {344System.out.println(" Fail: " + ec.getMessage());345throw new RuntimeException(ec);346}347}348}349350/* Generic method to create encrypted text */351static byte[] encryptedText(String mode, int length) throws Exception{352return encryptedText(mode, new byte[length]);353}354355/* Generic method to create encrypted text */356static byte[] encryptedText(String mode, byte[] pt) throws Exception{357Cipher c;358if (mode.compareTo("GCM") == 0) {359c = Cipher.getInstance("AES/GCM/NoPadding", "SunJCE");360c.init(Cipher.ENCRYPT_MODE, key, gcmspec);361} else if (mode.compareTo("CBC") == 0) {362c = Cipher.getInstance("AES/CBC/PKCS5Padding", "SunJCE");363c.init(Cipher.ENCRYPT_MODE, key, iv);364} else {365return null;366}367368return c.doFinal(pt);369}370371/* Generic method to get a properly setup CipherInputStream */372static CipherInputStream getStream(String mode, byte[] ct) throws Exception {373return getStream(mode, ct, ct.length);374}375376/* Generic method to get a properly setup CipherInputStream */377static CipherInputStream getStream(String mode, byte[] ct, int length)378throws Exception {379Cipher c;380381if (mode.compareTo("GCM") == 0) {382c = Cipher.getInstance("AES/GCM/NoPadding", "SunJCE");383c.init(Cipher.DECRYPT_MODE, key, gcmspec);384} else if (mode.compareTo("CBC") == 0) {385c = Cipher.getInstance("AES/CBC/PKCS5Padding", "SunJCE");386c.init(Cipher.DECRYPT_MODE, key, iv);387} else {388return null;389}390391return new CipherInputStream(new ByteArrayInputStream(ct, 0, length), c);392393}394395/* Generic method for corrupting a GCM message. Change the last396* byte on of the authentication tag397*/398static byte[] corruptGCM(byte[] ct) {399ct[ct.length - 1] = (byte) (ct[ct.length - 1] + 1);400return ct;401}402403public static void main(String[] args) throws Exception {404gcm_AEADBadTag();405gcm_shortReadAEAD();406gcm_suppressUnreadCorrupt();407gcm_oneReadByte();408gcm_oneReadByteCorrupt();409cbc_shortStream();410cbc_shortRead400();411cbc_shortRead600();412cbc_readAllIllegalBlockSize();413}414}415416417