TestCipherKeyWrapperPBEKey.java revision 16201:9f111abca7aa
1/* 2 * Copyright (c) 2012, 2016, Oracle and/or its affiliates. All rights reserved. 3 * DO NOT ALTER OR REMOVE COPYRIGHT NOTICES OR THIS FILE HEADER. 4 * 5 * This code is free software; you can redistribute it and/or modify it 6 * under the terms of the GNU General Public License version 2 only, as 7 * published by the Free Software Foundation. 8 * 9 * This code is distributed in the hope that it will be useful, but WITHOUT 10 * ANY WARRANTY; without even the implied warranty of MERCHANTABILITY or 11 * FITNESS FOR A PARTICULAR PURPOSE. See the GNU General Public License 12 * version 2 for more details (a copy is included in the LICENSE file that 13 * accompanied this code). 14 * 15 * You should have received a copy of the GNU General Public License version 16 * 2 along with this work; if not, write to the Free Software Foundation, 17 * Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA. 18 * 19 * Please contact Oracle, 500 Oracle Parkway, Redwood Shores, CA 94065 USA 20 * or visit www.oracle.com if you need additional information or have any 21 * questions. 22 */ 23 24import java.io.PrintStream; 25import java.security.AlgorithmParameters; 26import java.security.InvalidKeyException; 27import java.security.Key; 28import java.security.Provider; 29import java.security.Security; 30import java.security.spec.AlgorithmParameterSpec; 31import java.util.Arrays; 32import java.util.Random; 33import java.util.StringTokenizer; 34import javax.crypto.Cipher; 35import javax.crypto.SecretKey; 36import javax.crypto.SecretKeyFactory; 37import javax.crypto.spec.PBEKeySpec; 38import javax.crypto.spec.PBEParameterSpec; 39 40/** 41 * @test 42 * @bug 8041781 43 * @summary Test to see if key wrapper works correctly with PBEKey 44 * @author Yu-Ching (Valerie) PENG 45 * @author Bill Situ 46 * @author Yun Ke 47 * @run main TestCipherKeyWrapperPBEKey 48 * @key randomness 49 */ 50public class TestCipherKeyWrapperPBEKey { 51 52 private static final String[] PBEAlgorithms = { 53 "pbeWithMD5ANDdes", 54 "PBEWithMD5AndDES/CBC/PKCS5Padding", 55 "PBEWithMD5AndTripleDES", 56 "PBEWithMD5AndTripleDES/CBC/PKCS5Padding", 57 "PBEwithSHA1AndDESede", 58 "PBEwithSHA1AndDESede/CBC/PKCS5Padding", 59 "PBEwithSHA1AndRC2_40", 60 "PBEwithSHA1Andrc2_40/CBC/PKCS5Padding", 61 "PBEWithSHA1AndRC2_128", 62 "PBEWithSHA1andRC2_128/CBC/PKCS5Padding", 63 "PBEWithSHA1AndRC4_40", 64 "PBEWithsha1AndRC4_40/ECB/NoPadding", 65 "PBEWithSHA1AndRC4_128", 66 "pbeWithSHA1AndRC4_128/ECB/NoPadding", 67 "PBEWithHmacSHA1AndAES_128", 68 "PBEWithHmacSHA224AndAES_128", 69 "PBEWithHmacSHA256AndAES_128", 70 "PBEWithHmacSHA384AndAES_128", 71 "PBEWithHmacSHA512AndAES_128", 72 "PBEWithHmacSHA1AndAES_256", 73 "PBEWithHmacSHA224AndAES_256", 74 "PBEWithHmacSHA256AndAES_256", 75 "PBEWithHmacSHA384AndAES_256", 76 "PBEWithHmacSHA512AndAES_256" 77 }; 78 79 public static void main(String[] args) { 80 81 TestCipherKeyWrapperPBEKey test = new TestCipherKeyWrapperPBEKey(); 82 Provider sunjce = Security.getProvider("SunJCE"); 83 84 if (!test.runAll(sunjce, System.out)) { 85 throw new RuntimeException("One or more tests have failed...."); 86 } 87 } 88 89 public boolean runAll(Provider p, PrintStream out) { 90 boolean finalResult = true; 91 92 for (String algorithm : PBEAlgorithms) { 93 out.println("Running test with " + algorithm + ":"); 94 try { 95 if (!runTest(p, algorithm, out)) { 96 finalResult = false; 97 out.println("STATUS: Failed"); 98 } else { 99 out.println("STATUS: Passed"); 100 } 101 } catch (Exception ex) { 102 finalResult = false; 103 ex.printStackTrace(out); 104 out.println("STATUS:Failed"); 105 } 106 } 107 108 return finalResult; 109 } 110 111 // Have a generic throws Exception as it can throw many different exceptions 112 public boolean runTest(Provider p, String algo, PrintStream out) 113 throws Exception { 114 115 byte[] salt = new byte[8]; 116 int ITERATION_COUNT = 1000; 117 AlgorithmParameters pbeParams = null; 118 119 String baseAlgo 120 = new StringTokenizer(algo, "/").nextToken().toUpperCase(); 121 boolean isAES = baseAlgo.contains("AES"); 122 123 boolean isUnlimited = 124 (Cipher.getMaxAllowedKeyLength(algo) == Integer.MAX_VALUE); 125 126 try { 127 // Initialization 128 new Random().nextBytes(salt); 129 AlgorithmParameterSpec aps = new PBEParameterSpec(salt, 130 ITERATION_COUNT); 131 SecretKeyFactory skf = SecretKeyFactory.getInstance(baseAlgo, p); 132 SecretKey key = skf.generateSecret(new PBEKeySpec( 133 "Secret Key".toCharArray())); 134 Cipher ci = Cipher.getInstance(algo); 135 if (isAES) { 136 ci.init(Cipher.WRAP_MODE, key); 137 pbeParams = ci.getParameters(); 138 } else { 139 ci.init(Cipher.WRAP_MODE, key, aps); 140 } 141 142 byte[] keyWrapper = ci.wrap(key); 143 if (isAES) { 144 ci.init(Cipher.UNWRAP_MODE, key, pbeParams); 145 } else { 146 ci.init(Cipher.UNWRAP_MODE, key, aps); 147 } 148 149 Key unwrappedKey = ci.unwrap(keyWrapper, algo, Cipher.SECRET_KEY); 150 151 if ((baseAlgo.endsWith("TRIPLEDES") 152 || baseAlgo.endsWith("AES_256")) && !isUnlimited) { 153 out.print( 154 "Expected InvalidKeyException not thrown"); 155 return false; 156 } 157 158 return (Arrays.equals(key.getEncoded(), unwrappedKey.getEncoded())); 159 160 } catch (InvalidKeyException ex) { 161 162 if ((baseAlgo.endsWith("TRIPLEDES") 163 || baseAlgo.endsWith("AES_256")) && !isUnlimited) { 164 out.print( 165 "Expected InvalidKeyException thrown"); 166 return true; 167 } else { 168 throw ex; 169 } 170 } 171 } 172} 173