| /* |
| * Copyright (c) 2015, Oracle and/or its affiliates. All rights reserved. |
| * DO NOT ALTER OR REMOVE COPYRIGHT NOTICES OR THIS FILE HEADER. |
| * |
| * This code is free software; you can redistribute it and/or modify it |
| * under the terms of the GNU General Public License version 2 only, as |
| * published by the Free Software Foundation. |
| * |
| * This code is distributed in the hope that it will be useful, but WITHOUT |
| * ANY WARRANTY; without even the implied warranty of MERCHANTABILITY or |
| * FITNESS FOR A PARTICULAR PURPOSE. See the GNU General Public License |
| * version 2 for more details (a copy is included in the LICENSE file that |
| * accompanied this code). |
| * |
| * You should have received a copy of the GNU General Public License version |
| * 2 along with this work; if not, write to the Free Software Foundation, |
| * Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA. |
| * |
| * Please contact Oracle, 500 Oracle Parkway, Redwood Shores, CA 94065 USA |
| * or visit www.oracle.com if you need additional information or have any |
| * questions. |
| */ |
| |
| import static javax.crypto.Cipher.ENCRYPT_MODE; |
| import static javax.crypto.Cipher.getMaxAllowedKeyLength; |
| |
| import java.security.InvalidAlgorithmParameterException; |
| import java.security.InvalidKeyException; |
| import java.security.NoSuchAlgorithmException; |
| import java.security.NoSuchProviderException; |
| import java.security.spec.AlgorithmParameterSpec; |
| import java.util.Arrays; |
| import java.util.List; |
| |
| import javax.crypto.BadPaddingException; |
| import javax.crypto.Cipher; |
| import javax.crypto.IllegalBlockSizeException; |
| import javax.crypto.KeyGenerator; |
| import javax.crypto.NoSuchPaddingException; |
| import javax.crypto.SecretKey; |
| import javax.crypto.ShortBufferException; |
| import javax.crypto.spec.IvParameterSpec; |
| |
| /* |
| * @test |
| * @bug 8075286 |
| * @summary Test the AES algorithm OIDs in JDK. |
| * OID and Algorithm transformation string should match. |
| * Both could be able to be used to generate the algorithm instance. |
| * @run main TestAESOids |
| */ |
| public class TestAESOids { |
| |
| private static final String PROVIDER_NAME = "SunJCE"; |
| private static final byte[] INPUT = "1234567890123456".getBytes(); |
| |
| private static final List<DataTuple> DATA = Arrays.asList( |
| new DataTuple("2.16.840.1.101.3.4.1.1", "AES_128/ECB/NoPadding", |
| 128, "ECB"), |
| new DataTuple("2.16.840.1.101.3.4.1.2", "AES_128/CBC/NoPadding", |
| 128, "CBC"), |
| new DataTuple("2.16.840.1.101.3.4.1.3", "AES_128/OFB/NoPadding", |
| 128, "OFB"), |
| new DataTuple("2.16.840.1.101.3.4.1.4", "AES_128/CFB/NoPadding", |
| 128, "CFB"), |
| new DataTuple("2.16.840.1.101.3.4.1.21", "AES_192/ECB/NoPadding", |
| 192, "ECB"), |
| new DataTuple("2.16.840.1.101.3.4.1.22", "AES_192/CBC/NoPadding", |
| 192, "CBC"), |
| new DataTuple("2.16.840.1.101.3.4.1.23", "AES_192/OFB/NoPadding", |
| 192, "OFB"), |
| new DataTuple("2.16.840.1.101.3.4.1.24", "AES_192/CFB/NoPadding", |
| 192, "CFB"), |
| new DataTuple("2.16.840.1.101.3.4.1.41", "AES_256/ECB/NoPadding", |
| 256, "ECB"), |
| new DataTuple("2.16.840.1.101.3.4.1.42", "AES_256/CBC/NoPadding", |
| 256, "CBC"), |
| new DataTuple("2.16.840.1.101.3.4.1.43", "AES_256/OFB/NoPadding", |
| 256, "OFB"), |
| new DataTuple("2.16.840.1.101.3.4.1.44", "AES_256/CFB/NoPadding", |
| 256, "CFB")); |
| |
| public static void main(String[] args) throws Exception { |
| for (DataTuple dataTuple : DATA) { |
| int maxAllowedKeyLength = |
| getMaxAllowedKeyLength(dataTuple.algorithm); |
| boolean supportedKeyLength = |
| maxAllowedKeyLength >= dataTuple.keyLength; |
| |
| try { |
| runTest(dataTuple, supportedKeyLength); |
| System.out.println("passed"); |
| } catch (InvalidKeyException ike) { |
| if (supportedKeyLength) { |
| throw new RuntimeException(String.format( |
| "The key length %d is supported, but test failed.", |
| dataTuple.keyLength), ike); |
| } else { |
| System.out.printf( |
| "Catch expected InvalidKeyException due " |
| + "to the key length %d is greater than " |
| + "max supported key length %d%n", |
| dataTuple.keyLength, maxAllowedKeyLength); |
| } |
| } |
| } |
| } |
| |
| private static void runTest(DataTuple dataTuple, |
| boolean supportedKeyLength) throws NoSuchAlgorithmException, |
| NoSuchProviderException, NoSuchPaddingException, |
| InvalidKeyException, ShortBufferException, |
| IllegalBlockSizeException, BadPaddingException, |
| InvalidAlgorithmParameterException { |
| Cipher algorithmCipher = Cipher.getInstance(dataTuple.algorithm, |
| PROVIDER_NAME); |
| Cipher oidCipher = Cipher.getInstance(dataTuple.oid, PROVIDER_NAME); |
| |
| if (algorithmCipher == null) { |
| throw new RuntimeException( |
| String.format("Test failed: algorithm string %s getInstance" |
| + " failed.%n", dataTuple.algorithm)); |
| } |
| |
| if (oidCipher == null) { |
| throw new RuntimeException( |
| String.format("Test failed: OID %s getInstance failed.%n", |
| dataTuple.oid)); |
| } |
| |
| if (!algorithmCipher.getAlgorithm().equals(dataTuple.algorithm)) { |
| throw new RuntimeException(String.format( |
| "Test failed: algorithm string %s getInstance " |
| + "doesn't generate expected algorithm.%n", |
| dataTuple.algorithm)); |
| } |
| |
| KeyGenerator kg = KeyGenerator.getInstance("AES"); |
| kg.init(dataTuple.keyLength); |
| SecretKey key = kg.generateKey(); |
| |
| // encrypt |
| algorithmCipher.init(ENCRYPT_MODE, key); |
| if (!supportedKeyLength) { |
| throw new RuntimeException(String.format( |
| "The key length %d is not supported, so the initialization " |
| + "of algorithmCipher should fail.%n", |
| dataTuple.keyLength)); |
| } |
| |
| byte[] cipherText = new byte[algorithmCipher.getOutputSize(INPUT.length)]; |
| int offset = algorithmCipher.update(INPUT, 0, INPUT.length, |
| cipherText, 0); |
| algorithmCipher.doFinal(cipherText, offset); |
| |
| AlgorithmParameterSpec aps = null; |
| if (!dataTuple.mode.equalsIgnoreCase("ECB")) { |
| aps = new IvParameterSpec(algorithmCipher.getIV()); |
| } |
| |
| oidCipher.init(Cipher.DECRYPT_MODE, key, aps); |
| if (!supportedKeyLength) { |
| throw new RuntimeException(String.format( |
| "The key length %d is not supported, so the " |
| + "initialization of oidCipher should fail.%n", |
| dataTuple.keyLength)); |
| } |
| |
| byte[] recoveredText = new byte[oidCipher.getOutputSize(cipherText.length)]; |
| oidCipher.doFinal(cipherText, 0, cipherText.length, recoveredText); |
| |
| // Comparison |
| if (!Arrays.equals(INPUT, recoveredText)) { |
| throw new RuntimeException( |
| "Decrypted data is not the same as the original text"); |
| } |
| } |
| |
| private static class DataTuple { |
| |
| private final String oid; |
| private final String algorithm; |
| private final int keyLength; |
| private final String mode; |
| |
| private DataTuple(String oid, String algorithm, int keyLength, |
| String mode) { |
| this.oid = oid; |
| this.algorithm = algorithm; |
| this.keyLength = keyLength; |
| this.mode = mode; |
| } |
| } |
| } |