1/* 2 * Copyright (c) 2012, 2015, Oracle and/or its affiliates. All rights reserved. 3 * DO NOT ALTER OR REMOVE COPYRIGHT NOTICES OR THIS FILE HEADER. 4 * 5 * This code is free software; you can redistribute it and/or modify it 6 * under the terms of the GNU General Public License version 2 only, as 7 * published by the Free Software Foundation. 8 * 9 * This code is distributed in the hope that it will be useful, but WITHOUT 10 * ANY WARRANTY; without even the implied warranty of MERCHANTABILITY or 11 * FITNESS FOR A PARTICULAR PURPOSE. See the GNU General Public License 12 * version 2 for more details (a copy is included in the LICENSE file that 13 * accompanied this code). 14 * 15 * You should have received a copy of the GNU General Public License version 16 * 2 along with this work; if not, write to the Free Software Foundation, 17 * Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA. 18 * 19 * Please contact Oracle, 500 Oracle Parkway, Redwood Shores, CA 94065 USA 20 * or visit www.oracle.com if you need additional information or have any 21 * questions. 22 */ 23 24package compiler.codegen.aes; 25 26import jdk.test.lib.Utils; 27 28import javax.crypto.Cipher; 29import javax.crypto.SecretKey; 30import javax.crypto.spec.GCMParameterSpec; 31import javax.crypto.spec.IvParameterSpec; 32import javax.crypto.spec.SecretKeySpec; 33import java.security.AlgorithmParameters; 34import java.util.Random; 35 36/** 37 * @author Tom Deneau 38 */ 39public abstract class TestAESBase { 40 int msgSize = Integer.getInteger("msgSize", 646); 41 boolean checkOutput = Boolean.getBoolean("checkOutput"); 42 boolean noReinit = Boolean.getBoolean("noReinit"); 43 boolean testingMisalignment; 44 private static final int ALIGN = 8; 45 int encInputOffset = Integer.getInteger("encInputOffset", 0) % ALIGN; 46 int encOutputOffset = Integer.getInteger("encOutputOffset", 0) % ALIGN; 47 int decOutputOffset = Integer.getInteger("decOutputOffset", 0) % ALIGN; 48 int lastChunkSize = Integer.getInteger("lastChunkSize", 32); 49 int keySize = Integer.getInteger("keySize", 128); 50 int inputLength; 51 int encodeLength; 52 int decodeLength; 53 int decodeMsgSize; 54 String algorithm = System.getProperty("algorithm", "AES"); 55 String mode = System.getProperty("mode", "CBC"); 56 String paddingStr = System.getProperty("paddingStr", "PKCS5Padding"); 57 byte[] input; 58 byte[] encode; 59 byte[] expectedEncode; 60 byte[] decode; 61 byte[] expectedDecode; 62 final Random random = Utils.getRandomInstance(); 63 Cipher cipher; 64 Cipher dCipher; 65 AlgorithmParameters algParams = null; 66 SecretKey key; 67 GCMParameterSpec gcm_spec; 68 byte[] aad = {0x11, 0x22, 0x33, 0x44, 0x55}; 69 int tlen = 12; 70 byte[] iv = new byte[16]; 71 72 static int numThreads = 0; 73 int threadId; 74 75 static synchronized int getThreadId() { 76 int id = numThreads; 77 numThreads++; 78 return id; 79 } 80 81 abstract public void run(); 82 83 public void prepare() { 84 try { 85 System.out.println("\nalgorithm=" + algorithm + ", mode=" + mode + ", paddingStr=" + paddingStr + 86 ", msgSize=" + msgSize + ", keySize=" + keySize + ", noReinit=" + noReinit + 87 ", checkOutput=" + checkOutput + ", encInputOffset=" + encInputOffset + ", encOutputOffset=" + 88 encOutputOffset + ", decOutputOffset=" + decOutputOffset + ", lastChunkSize=" + lastChunkSize); 89 90 if (encInputOffset % ALIGN != 0 || encOutputOffset % ALIGN != 0 || decOutputOffset % ALIGN != 0) 91 testingMisalignment = true; 92 93 int keyLenBytes = (keySize == 0 ? 16 : keySize / 8); 94 byte keyBytes[] = new byte[keyLenBytes]; 95 if (keySize == 128) 96 keyBytes = new byte[]{-8, -7, -6, -5, -4, -3, -2, -1, 0, 1, 2, 3, 4, 5, 6, 7}; 97 else 98 random.nextBytes(keyBytes); 99 100 key = new SecretKeySpec(keyBytes, algorithm); 101 if (threadId == 0) { 102 System.out.println("Algorithm: " + key.getAlgorithm() + "(" 103 + key.getEncoded().length * 8 + "bit)"); 104 } 105 106 cipher = Cipher.getInstance(algorithm + "/" + mode + "/" + paddingStr, "SunJCE"); 107 dCipher = Cipher.getInstance(algorithm + "/" + mode + "/" + paddingStr, "SunJCE"); 108 109 // CBC or CTR init 110 if (mode.equals("CBC") || mode.equals("CTR")) { 111 IvParameterSpec initVector = new IvParameterSpec(iv); 112 cipher.init(Cipher.ENCRYPT_MODE, key, initVector); 113 algParams = cipher.getParameters(); 114 dCipher.init(Cipher.DECRYPT_MODE, key, initVector); 115 116 // GCM init 117 } else if (mode.equals("GCM")) { 118 gcm_init(true); 119 gcm_init(false); 120 121 // ECB init 122 } else { 123 cipher.init(Cipher.ENCRYPT_MODE, key, algParams); 124 dCipher.init(Cipher.DECRYPT_MODE, key, algParams); 125 } 126 127 if (threadId == 0) { 128 childShowCipher(); 129 } 130 131 inputLength = msgSize + encInputOffset; 132 if (testingMisalignment) { 133 encodeLength = cipher.getOutputSize(msgSize - lastChunkSize) + encOutputOffset; 134 encodeLength += cipher.getOutputSize(lastChunkSize); 135 decodeLength = dCipher.getOutputSize(encodeLength - lastChunkSize) + decOutputOffset; 136 decodeLength += dCipher.getOutputSize(lastChunkSize); 137 } else { 138 encodeLength = cipher.getOutputSize(msgSize) + encOutputOffset; 139 decodeLength = dCipher.getOutputSize(encodeLength) + decOutputOffset; 140 } 141 142 input = new byte[inputLength]; 143 for (int i = encInputOffset, j = 0; i < inputLength; i++, j++) { 144 input[i] = (byte) (j & 0xff); 145 } 146 147 // do one encode and decode in preparation 148 encode = new byte[encodeLength]; 149 decode = new byte[decodeLength]; 150 if (testingMisalignment) { 151 decodeMsgSize = cipher.update(input, encInputOffset, (msgSize - lastChunkSize), encode, encOutputOffset); 152 decodeMsgSize += cipher.doFinal(input, (encInputOffset + msgSize - lastChunkSize), lastChunkSize, encode, (encOutputOffset + decodeMsgSize)); 153 154 int tempSize = dCipher.update(encode, encOutputOffset, (decodeMsgSize - lastChunkSize), decode, decOutputOffset); 155 dCipher.doFinal(encode, (encOutputOffset + decodeMsgSize - lastChunkSize), lastChunkSize, decode, (decOutputOffset + tempSize)); 156 } else { 157 decodeMsgSize = cipher.doFinal(input, encInputOffset, msgSize, encode, encOutputOffset); 158 dCipher.doFinal(encode, encOutputOffset, decodeMsgSize, decode, decOutputOffset); 159 } 160 if (checkOutput) { 161 expectedEncode = (byte[]) encode.clone(); 162 expectedDecode = (byte[]) decode.clone(); 163 showArray(key.getEncoded(), "key: "); 164 showArray(input, "input: "); 165 showArray(encode, "encode: "); 166 showArray(decode, "decode: "); 167 } 168 } catch (Exception e) { 169 e.printStackTrace(); 170 System.exit(1); 171 } 172 } 173 174 void showArray(byte b[], String name) { 175 System.out.format("%s [%d]: ", name, b.length); 176 for (int i = 0; i < Math.min(b.length, 32); i++) { 177 System.out.format("%02x ", b[i] & 0xff); 178 } 179 System.out.println(); 180 } 181 182 void compareArrays(byte b[], byte exp[]) { 183 if (b.length != exp.length) { 184 System.out.format("different lengths for actual and expected output arrays\n"); 185 showArray(b, "test: "); 186 showArray(exp, "exp : "); 187 System.exit(1); 188 } 189 for (int i = 0; i < exp.length; i++) { 190 if (b[i] != exp[i]) { 191 System.out.format("output error at index %d: got %02x, expected %02x\n", i, b[i] & 0xff, exp[i] & 0xff); 192 showArray(b, "test: "); 193 showArray(exp, "exp : "); 194 System.exit(1); 195 } 196 } 197 } 198 199 void showCipher(Cipher c, String kind) { 200 System.out.println(kind + " cipher provider: " + cipher.getProvider()); 201 System.out.println(kind + " cipher algorithm: " + cipher.getAlgorithm()); 202 } 203 204 abstract void childShowCipher(); 205 206 void gcm_init(boolean encrypt) throws Exception { 207 gcm_spec = new GCMParameterSpec(tlen * 8, iv); 208 if (encrypt) { 209 // Get a new instance everytime because of reuse IV restrictions 210 cipher = Cipher.getInstance(algorithm + "/" + mode + "/" + paddingStr, "SunJCE"); 211 cipher.init(Cipher.ENCRYPT_MODE, key, gcm_spec); 212 cipher.updateAAD(aad); 213 } else { 214 dCipher.init(Cipher.DECRYPT_MODE, key, gcm_spec); 215 dCipher.updateAAD(aad); 216 217 218 } 219 } 220} 221