Book a Demo!
CoCalc Logo Icon
StoreFeaturesDocsShareSupportNewsAboutPoliciesSign UpSign In
PojavLauncherTeam
GitHub Repository: PojavLauncherTeam/mobile
 Path: blob/master/test/jdk/sun/security/pkcs11/Cipher/TestChaChaPoly.java
41152 views
1
/*

2
 * Copyright (c) 2021, Oracle and/or its affiliates. All rights reserved.

3
 * DO NOT ALTER OR REMOVE COPYRIGHT NOTICES OR THIS FILE HEADER.

4
 *

5
 * This code is free software; you can redistribute it and/or modify it

6
 * under the terms of the GNU General Public License version 2 only, as

7
 * published by the Free Software Foundation.

8
 *

9
 * This code is distributed in the hope that it will be useful, but WITHOUT

10
 * ANY WARRANTY; without even the implied warranty of MERCHANTABILITY or

11
 * FITNESS FOR A PARTICULAR PURPOSE.  See the GNU General Public License

12
 * version 2 for more details (a copy is included in the LICENSE file that

13
 * accompanied this code).

14
 *

15
 * You should have received a copy of the GNU General Public License version

16
 * 2 along with this work; if not, write to the Free Software Foundation,

17
 * Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA.

18
 *

19
 * Please contact Oracle, 500 Oracle Parkway, Redwood Shores, CA 94065 USA

20
 * or visit www.oracle.com if you need additional information or have any

21
 * questions.

22
 */

23


24
/*

25
 * @test

26
 * @bug 8255410

27
 * @library /test/lib ..

28
 * @modules jdk.crypto.cryptoki

29
 * @run main/othervm TestChaChaPoly

30
 * @summary test for PKCS#11 ChaCha20-Poly1305 Cipher.

31
 */

32


33
import java.nio.ByteBuffer;

34
import java.security.AlgorithmParameters;

35
import java.security.InvalidAlgorithmParameterException;

36
import java.security.NoSuchAlgorithmException;

37
import java.security.GeneralSecurityException;

38
import java.security.Provider;

39
import java.security.SecureRandom;

40
import java.security.spec.InvalidParameterSpecException;

41
import java.util.Arrays;

42
import java.util.HexFormat;

43


44
import javax.crypto.Cipher;

45
import javax.crypto.spec.ChaCha20ParameterSpec;

46
import javax.crypto.spec.IvParameterSpec;

47
import javax.crypto.spec.SecretKeySpec;

48
import javax.crypto.NoSuchPaddingException;

49


50
import jdk.test.lib.Utils;

51


52
public class TestChaChaPoly extends PKCS11Test {

53


54
    private static final byte[] NONCE

55
            = HexFormat.of().parseHex("012345670123456701234567");

56
    private static final SecretKeySpec KEY = new SecretKeySpec(

57
            HexFormat.of().parseHex("0123456701234567012345670123456701234567012345670123456701234567"),

58
            "ChaCha20");

59
    private static final ChaCha20ParameterSpec CHACHA20_PARAM_SPEC

60
            = new ChaCha20ParameterSpec(NONCE, 0);

61
    private static final IvParameterSpec IV_PARAM_SPEC

62
            = new IvParameterSpec(NONCE);

63
    private static final String ALGO = "ChaCha20-Poly1305";

64
    private static final SecureRandom RAND = new SecureRandom();

65
    private static Provider p;

66


67
    @Override

68
    public void main(Provider p) throws Exception {

69
        System.out.println("Testing " + p.getName());

70
        try {

71
            Cipher.getInstance(ALGO, p);

72
        } catch (NoSuchAlgorithmException nsae) {

73
            System.out.println("Skip; no support for " + ALGO);

74
            return;

75
        }

76
        this.p = p;

77
        testTransformations();

78
        testInit();

79
        testAEAD();

80
        testGetBlockSize();

81
        testGetIV();

82
        testInterop("SunJCE");

83
    }

84


85
    private static void testTransformations() throws Exception {

86
        System.out.println("== transformations ==");

87


88
        checkTransformation(p, ALGO, true);

89
        checkTransformation(p, ALGO + "/None/NoPadding", true);

90
        checkTransformation(p, ALGO + "/ECB/NoPadding", false);

91
        checkTransformation(p, ALGO + "/None/PKCS5Padding", false);

92
    }

93


94
    private static void checkTransformation(Provider p, String t,

95
            boolean expected) throws Exception {

96
        try {

97
            Cipher.getInstance(t, p);

98
            if (!expected) {

99
                throw new RuntimeException( "Should reject transformation: " +

100
                        t);

101
            } else {

102
                System.out.println("Accepted transformation: " + t);

103
            }

104
        } catch (NoSuchAlgorithmException | NoSuchPaddingException e) {

105
            if (!expected) {

106
                System.out.println("Rejected transformation: " + t);

107
            } else {

108
                throw new RuntimeException("Should accept transformation: " +

109
                        t, e);

110
            }

111
        }

112
    }

113


114
    private static void testInit() throws Exception {

115
        testInitOnCrypt(Cipher.ENCRYPT_MODE);

116
        testInitOnCrypt(Cipher.DECRYPT_MODE);

117
    }

118


119
    private static void testInitOnCrypt(int opMode) throws Exception {

120
        System.out.println("== init (" + getOpModeName(opMode) + ") ==");

121


122
        // Need to acquire new Cipher object as ChaCha20-Poly1305 cipher

123
        // disallow reusing the same key and iv pair

124
        Cipher.getInstance(ALGO, p).init(opMode, KEY, IV_PARAM_SPEC);

125
        Cipher c = Cipher.getInstance(ALGO, p);

126
        c.init(opMode, KEY, IV_PARAM_SPEC, RAND);

127
        AlgorithmParameters params = c.getParameters();

128
        Cipher.getInstance(ALGO, p).init(opMode, KEY, params, RAND);

129


130
        try {

131
            // try with invalid param

132
            Cipher.getInstance(ALGO, p).init(opMode, KEY, CHACHA20_PARAM_SPEC);

133
            throw new RuntimeException("Should reject non-IvparameterSpec");

134
        } catch (InvalidAlgorithmParameterException e) {

135
            System.out.println("Expected IAPE - " + e);

136
        }

137
    }

138


139
    private static void testAEAD() throws Exception {

140
        byte[] expectedPt = HexFormat.of().parseHex("01234567");

141
        byte[] ct = testUpdateAAD(Cipher.ENCRYPT_MODE, expectedPt);

142
        byte[] pt = testUpdateAAD(Cipher.DECRYPT_MODE, ct);

143
        if (pt != null && !Arrays.equals(pt, expectedPt)) {

144
            System.out.println("ciphertext: " + Arrays.toString(ct));

145
            System.out.println("plaintext: " + Arrays.toString(pt));

146
            throw new RuntimeException("AEAD failed");

147
        }

148
    }

149


150
    private static byte[] testUpdateAAD(int opMode, byte[] input)

151
            throws Exception {

152
        String opModeName = getOpModeName(opMode);

153
        System.out.println("== updateAAD (" + opModeName + ") ==");

154


155
        byte[] aad = HexFormat.of().parseHex("0000");

156
        ByteBuffer aadBuf = ByteBuffer.wrap(aad);

157


158
        Cipher ccp = Cipher.getInstance(ALGO, p);

159
        try {

160
            ccp.updateAAD(aadBuf);

161
            throw new RuntimeException(

162
                    "Should throw ISE for setting AAD on uninit'ed Cipher");

163
        } catch (IllegalStateException e) {

164
            System.out.println("Expected ISE - " + e);

165
        }

166


167
        ccp.init(opMode, KEY, IV_PARAM_SPEC);

168
        ccp.update(input);

169
        try {

170
            ccp.updateAAD(aad);

171
            throw new RuntimeException(

172
                    "Should throw ISE for setting AAD after update");

173
        } catch (IllegalStateException e) {

174
            System.out.println("Expected ISE - " + e);

175
        }

176


177
        ccp.init(opMode, KEY, IV_PARAM_SPEC);

178
        ccp.updateAAD(aadBuf);

179
        return ccp.doFinal(input);

180
    }

181


182
    private static void testGetBlockSize() throws Exception {

183
        testGetBlockSize(Cipher.ENCRYPT_MODE);

184
        testGetBlockSize(Cipher.DECRYPT_MODE);

185
    }

186


187
    private static void testGetBlockSize(int opMode) throws Exception {

188
        System.out.println("== getBlockSize (" + getOpModeName(opMode) + ") ==");

189
        Cipher c = Cipher.getInstance(ALGO, p);

190
        if (c.getBlockSize() != 0) {

191
            throw new RuntimeException("Block size must be 0");

192
        }

193
    }

194


195
    private static void testGetIV() throws Exception {

196
        testGetIV(Cipher.ENCRYPT_MODE);

197
        testGetIV(Cipher.DECRYPT_MODE);

198
    }

199


200
    private static void testGetIV(int opMode) throws Exception {

201
        System.out.println("== getIv (" + getOpModeName(opMode) + ") ==");

202


203
        try {

204
            Cipher.getInstance(ALGO, p).getIV();

205
            Cipher.getInstance(ALGO, p).getParameters();

206
        } catch (Exception e) {

207
            throw new RuntimeException("Should not throw ex", e);

208
        }

209
        // first init w/ key only

210
        AlgorithmParameters params = null;

211
        for (int i = 0; i < 6; i++) {

212
            System.out.println("IV test# " + i);

213
            Cipher c = Cipher.getInstance(ALGO, p);

214
            byte[] expectedIV = NONCE;

215
            try {

216
                switch (i) {

217
                case 0 -> {

218
                    c.init(opMode, KEY);

219
                    expectedIV = null; // randomly-generated

220
                }

221
                case 1 -> {

222
                    c.init(opMode, KEY, RAND);

223
                    expectedIV = null; // randomly-generated

224
                }

225
                case 2 -> {

226
                    c.init(opMode, KEY, IV_PARAM_SPEC);

227
                    params = c.getParameters();

228
                    if (params == null) {

229
                        throw new RuntimeException("Params should not be null");

230
                    }

231
                }

232
                case 3 -> c.init(opMode, KEY, IV_PARAM_SPEC, RAND);

233
                case 4 -> c.init(opMode, KEY, params);

234
                case 5 -> c.init(opMode, KEY, params, RAND);

235
                }

236
                checkIV(c, expectedIV);

237
                System.out.println("=> Passed");

238
            } catch (GeneralSecurityException e) {

239
                if (opMode == Cipher.DECRYPT_MODE && i < 2) {

240
                    System.out.println("=> Passed: Expected Ex thrown");

241
                } else {

242
                    throw new RuntimeException("Should not throw ex", e);

243
                }

244
            }

245
        }

246
    }

247


248
    private static void checkIV(Cipher c, byte[] expectedIv) {

249
        // the specified cipher has been initialized; the returned IV and

250
        // AlgorithmParameters object should be non-null

251
        byte[] iv = c.getIV();

252
        AlgorithmParameters params = c.getParameters();

253
        // fail if either is null

254
        if (iv == null || params == null) {

255
            throw new RuntimeException("getIV()/getParameters() should " +

256
                    "not return null");

257
        }

258


259
        // check iv matches if not null

260
        if (expectedIv != null && !Arrays.equals(expectedIv, iv)) {

261
            throw new RuntimeException("IV should match expected value");

262
        }

263


264
        try {

265
            byte[] iv2 = params.getParameterSpec(IvParameterSpec.class).getIV();

266
            if (!Arrays.equals(iv, iv2)) {

267
                throw new RuntimeException("IV values should be consistent");

268
            }

269
        } catch (InvalidParameterSpecException ipe) {

270
            // should never happen

271
            throw new AssertionError();

272
        }

273
    }

274


275
    private static void testInterop(String interopProv) throws Exception {

276
        testInterop(Cipher.getInstance(ALGO, p),

277
                Cipher.getInstance(ALGO, interopProv));

278
        testInterop(Cipher.getInstance(ALGO, interopProv),

279
                Cipher.getInstance(ALGO, p));

280
    }

281


282
    private static void testInterop(Cipher encCipher, Cipher decCipher)

283
            throws Exception {

284
        System.out.println("Interop: " + encCipher.getProvider().getName() +

285
                " -> " + encCipher.getProvider().getName());

286
        byte[] pt = HexFormat.of().parseHex("012345678901234567890123456789");

287
        encCipher.init(Cipher.ENCRYPT_MODE, KEY);

288
        byte[] ct = encCipher.doFinal(pt);

289
        decCipher.init(Cipher.DECRYPT_MODE, KEY, encCipher.getParameters());

290
        byte[] pt2 = decCipher.doFinal(ct);

291
        if (!Arrays.equals(pt, pt2)) {

292
            System.out.println("HexDump/pt: " + HexFormat.of().formatHex(pt));

293
            System.out.println("HexDump/pt2: " + HexFormat.of().formatHex(pt2));

294
            throw new RuntimeException("Recovered data should match");

295
        }

296
        System.out.println("=> Passed");

297
    }

298


299
    private static String getOpModeName(int opMode) {

300
        switch (opMode) {

301
        case Cipher.ENCRYPT_MODE:

302
            return "ENCRYPT";

303


304
        case Cipher.DECRYPT_MODE:

305
            return "DECRYPT";

306


307
        case Cipher.WRAP_MODE:

308
            return "WRAP";

309


310
        case Cipher.UNWRAP_MODE:

311
            return "UNWRAP";

312


313
        default:

314
            return "";

315
        }

316
    }

317


318
    public static void main(String[] args) throws Exception {

319
        main(new TestChaChaPoly(), args);

320
    }

321
}

322


323