1/*
2 * Copyright (c) 2007, 2015, Oracle and/or its affiliates. All rights reserved.
3 * DO NOT ALTER OR REMOVE COPYRIGHT NOTICES OR THIS FILE HEADER.
4 *
5 * This code is free software; you can redistribute it and/or modify it
6 * under the terms of the GNU General Public License version 2 only, as
7 * published by the Free Software Foundation.
8 *
9 * This code is distributed in the hope that it will be useful, but WITHOUT
10 * ANY WARRANTY; without even the implied warranty of MERCHANTABILITY or
11 * FITNESS FOR A PARTICULAR PURPOSE.  See the GNU General Public License
12 * version 2 for more details (a copy is included in the LICENSE file that
13 * accompanied this code).
14 *
15 * You should have received a copy of the GNU General Public License version
16 * 2 along with this work; if not, write to the Free Software Foundation,
17 * Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA.
18 *
19 * Please contact Oracle, 500 Oracle Parkway, Redwood Shores, CA 94065 USA
20 * or visit www.oracle.com if you need additional information or have any
21 * questions.
22 */
23
24import java.security.AlgorithmParameters;
25import java.security.Key;
26import java.util.Arrays;
27import javax.crypto.SecretKey;
28import javax.crypto.Cipher;
29import javax.crypto.KeyGenerator;
30
31/*
32 * @test
33 * @bug 8048596
34 * @summary Check if a key wrapper works properly with GCM mode
35 */
36public class KeyWrapper {
37
38    static final String AES = "AES";
39    static final String TRANSFORMATION = "AES/GCM/NoPadding";
40    static final String PROVIDER = "SunJCE";
41    static final int KEY_LENGTH = 128;
42
43    public static void main(String argv[]) throws Exception {
44        doTest(PROVIDER, TRANSFORMATION);
45    }
46
47    private static void doTest(String provider, String algo) throws Exception {
48        SecretKey key;
49        SecretKey keyToWrap;
50
51        // init a secret Key
52        KeyGenerator kg = KeyGenerator.getInstance(AES, PROVIDER);
53        kg.init(KEY_LENGTH);
54        key = kg.generateKey();
55        keyToWrap = kg.generateKey();
56
57        // initialization
58        Cipher cipher = Cipher.getInstance(algo, provider);
59        cipher.init(Cipher.WRAP_MODE, key);
60        AlgorithmParameters params = cipher.getParameters();
61
62        // wrap the key
63        byte[] keyWrapper = cipher.wrap(keyToWrap);
64        try {
65            // check if we can't wrap it again with the same key/IV
66            keyWrapper = cipher.wrap(keyToWrap);
67            throw new RuntimeException(
68                    "FAILED: expected IllegalStateException hasn't "
69                            + "been thrown ");
70        } catch (IllegalStateException ise) {
71            System.out.println(ise.getMessage());
72            System.out.println("Expected exception");
73        }
74
75        // unwrap the key
76        cipher.init(Cipher.UNWRAP_MODE, key, params);
77        cipher.unwrap(keyWrapper, algo, Cipher.SECRET_KEY);
78
79        // check if we can unwrap second time
80        Key unwrapKey = cipher.unwrap(keyWrapper, algo, Cipher.SECRET_KEY);
81
82        if (!Arrays.equals(keyToWrap.getEncoded(), unwrapKey.getEncoded())) {
83            throw new RuntimeException(
84                    "FAILED: original and unwrapped keys are not equal");
85        }
86    }
87}
88