| J. Duke | 319a3b9 | 2007-12-01 00:00:00 +0000 | [diff] [blame^] | 1 | /* |
| 2 | * Copyright 2004-2007 Sun Microsystems, Inc. All Rights Reserved. |
| 3 | * DO NOT ALTER OR REMOVE COPYRIGHT NOTICES OR THIS FILE HEADER. |
| 4 | * |
| 5 | * This code is free software; you can redistribute it and/or modify it |
| 6 | * under the terms of the GNU General Public License version 2 only, as |
| 7 | * published by the Free Software Foundation. |
| 8 | * |
| 9 | * This code is distributed in the hope that it will be useful, but WITHOUT |
| 10 | * ANY WARRANTY; without even the implied warranty of MERCHANTABILITY or |
| 11 | * FITNESS FOR A PARTICULAR PURPOSE. See the GNU General Public License |
| 12 | * version 2 for more details (a copy is included in the LICENSE file that |
| 13 | * accompanied this code). |
| 14 | * |
| 15 | * You should have received a copy of the GNU General Public License version |
| 16 | * 2 along with this work; if not, write to the Free Software Foundation, |
| 17 | * Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA. |
| 18 | * |
| 19 | * Please contact Sun Microsystems, Inc., 4150 Network Circle, Santa Clara, |
| 20 | * CA 95054 USA or visit www.sun.com if you need additional information or |
| 21 | * have any questions. |
| 22 | */ |
| 23 | |
| 24 | /* |
| 25 | * @test |
| 26 | * @bug 5008159 5008156 |
| 27 | * @run main XMLEncKAT |
| 28 | * @summary Verify that the two key wrap ciphers, i.e. "DESedeWrap" |
| 29 | * and "AESWrap", work as expected. |
| 30 | * @author Valerie Peng |
| 31 | */ |
| 32 | import java.security.Key; |
| 33 | import java.security.AlgorithmParameters; |
| 34 | import javax.crypto.*; |
| 35 | import javax.crypto.spec.*; |
| 36 | import sun.misc.BASE64Decoder; |
| 37 | import sun.misc.BASE64Encoder; |
| 38 | import java.io.UnsupportedEncodingException; |
| 39 | import java.io.IOException; |
| 40 | |
| 41 | public class XMLEncKAT { |
| 42 | |
| 43 | private static byte[] desEdeKey_1; |
| 44 | private static byte[] aes128Key_1; |
| 45 | private static byte[] aes192Key_1; |
| 46 | private static byte[] aes256Key_1; |
| 47 | private static byte[] desEdeKey_2; |
| 48 | private static byte[] aes128Key_2; |
| 49 | private static byte[] aes192Key_2; |
| 50 | private static byte[] aes256Key_2; |
| 51 | |
| 52 | private static BASE64Decoder base64D = new BASE64Decoder(); |
| 53 | private static BASE64Encoder base64E = new BASE64Encoder(); |
| 54 | |
| 55 | static { |
| 56 | try { |
| 57 | desEdeKey_1 = "abcdefghijklmnopqrstuvwx".getBytes("ASCII"); |
| 58 | aes128Key_1 = "abcdefghijklmnop".getBytes("ASCII"); |
| 59 | aes192Key_1 = "abcdefghijklmnopqrstuvwx".getBytes("ASCII"); |
| 60 | aes256Key_1 = "abcdefghijklmnopqrstuvwxyz012345".getBytes("ASCII"); |
| 61 | } catch (UnsupportedEncodingException uee) { |
| 62 | // should never happen |
| 63 | } |
| 64 | try { |
| 65 | desEdeKey_2 = base64D.decodeBuffer |
| 66 | ("yI+J1f3puYAERjIcT6vfg6RitmKX8nD0"); |
| 67 | aes128Key_2 = base64D.decodeBuffer |
| 68 | ("01+yuQ2huPS1+Qv0LH+zaQ=="); |
| 69 | aes192Key_2 = base64D.decodeBuffer |
| 70 | ("IlfuS40LvStVU0Mj8ePrrGHVhAb48y++"); |
| 71 | aes256Key_2 = base64D.decodeBuffer |
| 72 | ("ZhZ4v3RlwTlCEOpIrHfLKVyJOBDtEJOOQDat/4xR1bA="); |
| 73 | } catch (IOException ioe) { |
| 74 | // should never happen |
| 75 | } |
| 76 | } |
| 77 | private static String[] desEdeWrappedKey_1 = { |
| 78 | "ZyJbVsjRM4MEsswwwHz57aUz1eMqZHuEIoEPGS47CcmLvhuCtlzWZ9S/WcVJZIpz", |
| 79 | "gHMpx5iF7+KXtNHLasZrkcLHn8Ti4rxUjCIRK+IcgbQir6FUsQ/uxQ3o8enEMWq1" |
| 80 | }; |
| 81 | private static String[] desEdeWrappedKey_2 = { |
| 82 | "/PZvvn42E9dmMUZ8KCY6B5XtLaaIaG4X5YNDwgV5Vlo=", |
| 83 | "HgVuHoXxBQWD9fvi0gt9TanywZ5lJokM/12fcMG6gRoMjsCPulH+4A==" |
| 84 | }; |
| 85 | private static String[] aes128WrappedKey_1 = { |
| 86 | "dV45TUpJbidb9iKa34xj1WVtTZ036cnqvym2TBJWR5c=", |
| 87 | "rPnY/XoSGCbuwy7vpslf29rs9dbvSCmGFOjEs3LT6g/qyZjfDA+2fQ==" |
| 88 | }; |
| 89 | private static String[] aes128WrappedKey_2 = { |
| 90 | "GPl6bneL1jKl0/lGnf9gejlYHRI6XxFz" |
| 91 | }; |
| 92 | private static String[] aes192WrappedKey_1 = { |
| 93 | "IbjZH7Mq564oMybpvCHWYM/5ER3eFsAV", |
| 94 | "19D633XVohP6UJvaVRAhJek+ahtM3gOiVs6nZyAasDEb+WCUQOcWZw==" |
| 95 | }; |
| 96 | private static String[] aes192WrappedKey_2 = { |
| 97 | "5+GpVUQNTAT3uY8pPedEg/PpftiX+fJsTCun+fgmIz0=", |
| 98 | "iuZvvGBWScikHld9TtNIOz0Sm7Srg5AcxOBMA8qIvQY=", |
| 99 | "PeDwjnCsg6xWzs3SmzUtc2nyUz28nGu7" |
| 100 | }; |
| 101 | private static String[] aes256WrappedKey_1 = { |
| 102 | "4AAgyi3M7xNdBimbQZKdGJLn3/cS4Yv8QKuA01+gUnY=", |
| 103 | "tPCC89jQShB+WDINCdRfKgf8wTlAx8xRXD73RmEHPBfix8zS1N82KQ==", |
| 104 | "bsL63D0hPN6EOyzdgfEmKsAAvoJiGM+Wp9a9KZM92IKdl7s3YSntRg==" |
| 105 | }; |
| 106 | private static String[] aes256WrappedKey_2 = { |
| 107 | "IbnoS1cvuIFIGB46jj1V1FGftc92irrCwcC7BoBvxwQ=", |
| 108 | "ic+Om6/3ZKcThVN3iv9lUEankNkDv3Et", |
| 109 | "jOvQe4SxDqEMvAHcmb3Z+/Uedj23pvL6BRQsl2sjJlQ=", |
| 110 | "IMwdsyg89IZ4Txf1SYYZNKUOKuYdDoIi/zEKXCjj4j9PM6BdkZligA==" |
| 111 | }; |
| 112 | |
| 113 | public static void testKeyWrap(String cAlg, byte[] cKeyVal, |
| 114 | String cKeyAlg, String[] base64Wrapped) throws Exception { |
| 115 | System.out.println("Testing " + cAlg + " Cipher with " + |
| 116 | 8*cKeyVal.length + "-bit key"); |
| 117 | Cipher c = Cipher.getInstance(cAlg, "SunJCE"); |
| 118 | SecretKey cKey = new SecretKeySpec(cKeyVal, cKeyAlg); |
| 119 | c.init(Cipher.UNWRAP_MODE, cKey); |
| 120 | Key[] key = new SecretKey[base64Wrapped.length]; |
| 121 | IvParameterSpec[] params = |
| 122 | new IvParameterSpec[base64Wrapped.length]; |
| 123 | // first test UNWRAP with known values |
| 124 | for (int i = 0; i < base64Wrapped.length; i++) { |
| 125 | byte[] wrappedKey = base64D.decodeBuffer(base64Wrapped[i]); |
| 126 | key[i] = c.unwrap(wrappedKey, "AES", Cipher.SECRET_KEY); |
| 127 | if (c.getIV() != null) { |
| 128 | params[i] = new IvParameterSpec(c.getIV()); |
| 129 | } |
| 130 | } |
| 131 | // then test WRAP and compare with the known values |
| 132 | for (int i = 0; i < key.length; i++) { |
| 133 | c.init(Cipher.WRAP_MODE, cKey, params[i]); |
| 134 | byte[] wrapped2 = c.wrap(key[i]); |
| 135 | String out = base64E.encode(wrapped2); |
| 136 | if (!out.equalsIgnoreCase(base64Wrapped[i])) { |
| 137 | throw new Exception("Wrap failed; got " + out + ", expect " + |
| 138 | base64Wrapped[i]); |
| 139 | } |
| 140 | } |
| 141 | } |
| 142 | |
| 143 | public static void main(String[] argv) throws Exception { |
| 144 | String wrapAlg = "DESedeWrap"; |
| 145 | String keyAlg = "DESede"; |
| 146 | testKeyWrap(wrapAlg, desEdeKey_1, keyAlg, desEdeWrappedKey_1); |
| 147 | testKeyWrap(wrapAlg, desEdeKey_2, keyAlg, desEdeWrappedKey_2); |
| 148 | |
| 149 | wrapAlg = "AESWrap"; |
| 150 | keyAlg = "AES"; |
| 151 | testKeyWrap(wrapAlg, aes128Key_1, keyAlg, aes128WrappedKey_1); |
| 152 | testKeyWrap(wrapAlg, aes128Key_2, keyAlg, aes128WrappedKey_2); |
| 153 | // only run the tests on longer key lengths if unlimited version |
| 154 | // of JCE jurisdiction policy files are installed |
| 155 | if (Cipher.getMaxAllowedKeyLength(keyAlg) == Integer.MAX_VALUE) { |
| 156 | testKeyWrap(wrapAlg, aes192Key_1, keyAlg, aes192WrappedKey_1); |
| 157 | testKeyWrap(wrapAlg, aes192Key_2, keyAlg, aes192WrappedKey_2); |
| 158 | testKeyWrap(wrapAlg, aes256Key_1, keyAlg, aes256WrappedKey_1); |
| 159 | testKeyWrap(wrapAlg, aes256Key_2, keyAlg, aes256WrappedKey_2); |
| 160 | } |
| 161 | System.out.println("All Tests Passed"); |
| 162 | } |
| 163 | } |