Path: blob/aarch64-shenandoah-jdk8u272-b10/jdk/test/com/sun/crypto/provider/NSASuiteB/TestAESWrapOids.java
38867 views
/*1* Copyright (c) 2015, Oracle and/or its affiliates. All rights reserved.2* DO NOT ALTER OR REMOVE COPYRIGHT NOTICES OR THIS FILE HEADER.3*4* This code is free software; you can redistribute it and/or modify it5* under the terms of the GNU General Public License version 2 only, as6* published by the Free Software Foundation.7*8* This code is distributed in the hope that it will be useful, but WITHOUT9* ANY WARRANTY; without even the implied warranty of MERCHANTABILITY or10* FITNESS FOR A PARTICULAR PURPOSE. See the GNU General Public License11* version 2 for more details (a copy is included in the LICENSE file that12* accompanied this code).13*14* You should have received a copy of the GNU General Public License version15* 2 along with this work; if not, write to the Free Software Foundation,16* Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA.17*18* Please contact Oracle, 500 Oracle Parkway, Redwood Shores, CA 94065 USA19* or visit www.oracle.com if you need additional information or have any20* questions.21*/2223import static javax.crypto.Cipher.getMaxAllowedKeyLength;2425import java.security.InvalidKeyException;26import java.security.Key;27import java.security.NoSuchAlgorithmException;28import java.security.NoSuchProviderException;29import java.util.Arrays;30import java.util.List;3132import javax.crypto.Cipher;33import javax.crypto.IllegalBlockSizeException;34import javax.crypto.KeyGenerator;35import javax.crypto.NoSuchPaddingException;36import javax.crypto.SecretKey;3738/*39* @test40* @bug 807528641* @summary Test the AESWrap algorithm OIDs in JDK.42* OID and Algorithm transformation string should match.43* Both could be able to be used to generate the algorithm instance.44* @run main TestAESWrapOids45*/46public class TestAESWrapOids {4748private static final String PROVIDER_NAME = "SunJCE";4950private static final List<DataTuple> DATA = Arrays.asList(51new DataTuple("2.16.840.1.101.3.4.1.5", "AESWrap_128", 128),52new DataTuple("2.16.840.1.101.3.4.1.25", "AESWrap_192", 192),53new DataTuple("2.16.840.1.101.3.4.1.45", "AESWrap_256", 256));5455public static void main(String[] args) throws Exception {56for (DataTuple dataTuple : DATA) {57int maxAllowedKeyLength = getMaxAllowedKeyLength(58dataTuple.algorithm);59boolean supportedKeyLength =60maxAllowedKeyLength >= dataTuple.keyLength;6162try {63runTest(dataTuple, supportedKeyLength);64System.out.println("passed");65} catch (InvalidKeyException ike) {66if (supportedKeyLength) {67throw new RuntimeException(String.format(68"The key length %d is supported, but test failed.",69dataTuple.keyLength), ike);70} else {71System.out.printf(72"Catch expected InvalidKeyException "73+ "due to the key length %d is greater "74+ "than max supported key length %d%n",75dataTuple.keyLength, maxAllowedKeyLength);76}77}78}79}8081private static void runTest(DataTuple dataTuple, boolean supportedKeyLength)82throws NoSuchAlgorithmException, NoSuchProviderException,83NoSuchPaddingException, InvalidKeyException,84IllegalBlockSizeException {85Cipher algorithmCipher = Cipher.getInstance(86dataTuple.algorithm, PROVIDER_NAME);87Cipher oidCipher = Cipher.getInstance(dataTuple.oid, PROVIDER_NAME);8889if (algorithmCipher == null) {90throw new RuntimeException(String.format(91"Test failed: algorithm string %s getInstance failed.%n",92dataTuple.algorithm));93}9495if (oidCipher == null) {96throw new RuntimeException(97String.format("Test failed: OID %s getInstance failed.%n",98dataTuple.oid));99}100101if (!algorithmCipher.getAlgorithm().equals(102dataTuple.algorithm)) {103throw new RuntimeException(String.format(104"Test failed: algorithm string %s getInstance "105+ "doesn't generate expected algorithm.%n",106dataTuple.oid));107}108109KeyGenerator kg = KeyGenerator.getInstance("AES");110kg.init(dataTuple.keyLength);111SecretKey key = kg.generateKey();112113// Wrap the key114algorithmCipher.init(Cipher.WRAP_MODE, key);115if (!supportedKeyLength) {116throw new RuntimeException(String.format(117"The key length %d is not supported, so the initialization"118+ " of algorithmCipher should fail.%n",119dataTuple.keyLength));120}121122// Unwrap the key123oidCipher.init(Cipher.UNWRAP_MODE, key);124if (!supportedKeyLength) {125throw new RuntimeException(String.format(126"The key length %d is not supported, so the initialization"127+ " of oidCipher should fail.%n",128dataTuple.keyLength));129}130131byte[] keyWrapper = algorithmCipher.wrap(key);132Key unwrappedKey = oidCipher.unwrap(keyWrapper, "AES",133Cipher.SECRET_KEY);134135// Comparison136if (!Arrays.equals(key.getEncoded(), unwrappedKey.getEncoded())) {137throw new RuntimeException("Key comparison failed");138}139}140141private static class DataTuple {142143private final String oid;144private final String algorithm;145private final int keyLength;146147private DataTuple(String oid, String algorithm, int keyLength) {148this.oid = oid;149this.algorithm = algorithm;150this.keyLength = keyLength;151}152}153}154155156