Skip to content

D
dragonwell8_jdk

openanolis / dragonwell8_jdk

通知 4
Star 2
Fork 0
D
dragonwell8_jdk
提交 f80edefe 编写于 作者: R robm
浏览文件
操作

Merge

上级 1833fddc 7158fd0c
展开全部 隐藏空白更改
内联 并排
Showing with 16855 addition and 97 deletion
src/share/classes/com/sun/media/sound/SoftSynthesizer.java
浏览文件 @ f80edefe
......@@ -666,6 +666,40 @@ public final class SoftSynthesizer implements AudioSynthesizer,
}
});
actions.add(new PrivilegedAction<InputStream>() {
public InputStream run() {
if (System.getProperties().getProperty("os.name")
.startsWith("Linux")) {
File[] systemSoundFontsDir = new File[] {
/* Arch, Fedora, Mageia */
new File("/usr/share/soundfonts/"),
new File("/usr/local/share/soundfonts/"),
/* Debian, Gentoo, OpenSUSE, Ubuntu */
new File("/usr/share/sounds/sf2/"),
new File("/usr/local/share/sounds/sf2/"),
};
/*
* Look for a default.sf2
*/
for (File systemSoundFontDir : systemSoundFontsDir) {
if (systemSoundFontDir.exists()) {
File defaultSoundFont = new File(systemSoundFontDir, "default.sf2");
if (defaultSoundFont.exists()) {
try {
return new FileInputStream(defaultSoundFont);
} catch (IOException e) {
// continue with lookup
}
}
}
}
}
return null;
}
});
actions.add(new PrivilegedAction<InputStream>() {
public InputStream run() {
if (System.getProperties().getProperty("os.name")
......
src/share/classes/com/sun/tools/jdi/ArrayTypeImpl.java
浏览文件 @ f80edefe
......@@ -200,4 +200,9 @@ public class ArrayTypeImpl extends ReferenceTypeImpl
* Defined always to be true for arrays
*/
public boolean isFinal() { return true; }
/*
* Defined always to be false for arrays
*/
public boolean isStatic() { return false; }
}
src/share/classes/sun/security/provider/certpath/AdaptableX509CertSelector.java
浏览文件 @ f80edefe
......@@ -36,9 +36,7 @@ import java.util.Date;
import sun.security.util.Debug;
import sun.security.util.DerInputStream;
import sun.security.util.DerOutputStream;
import sun.security.x509.SerialNumber;
import sun.security.x509.KeyIdentifier;
import sun.security.x509.AuthorityKeyIdentifierExtension;
/**
......@@ -131,13 +129,7 @@ class AdaptableX509CertSelector extends X509CertSelector {
serial = null;
if (ext != null) {
KeyIdentifier akid = (KeyIdentifier)ext.get(
AuthorityKeyIdentifierExtension.KEY_ID);
if (akid != null) {
DerOutputStream derout = new DerOutputStream();
derout.putOctetString(akid.getIdentifier());
ski = derout.toByteArray();
}
ski = ext.getEncodedKeyIdentifier();
SerialNumber asn = (SerialNumber)ext.get(
AuthorityKeyIdentifierExtension.SERIAL_NUMBER);
if (asn != null) {
......
src/share/classes/sun/security/provider/certpath/DistributionPointFetcher.java
浏览文件 @ f80edefe
......@@ -33,7 +33,6 @@ import javax.security.auth.x500.X500Principal;
import java.util.*;
import sun.security.util.Debug;
import sun.security.util.DerOutputStream;
import static sun.security.x509.PKIXExtensions.*;
import sun.security.x509.*;
......@@ -608,12 +607,9 @@ public class DistributionPointFetcher {
AuthorityKeyIdentifierExtension akidext =
crlImpl.getAuthKeyIdExtension();
if (akidext != null) {
KeyIdentifier akid = (KeyIdentifier)akidext.get(
AuthorityKeyIdentifierExtension.KEY_ID);
if (akid != null) {
DerOutputStream derout = new DerOutputStream();
derout.putOctetString(akid.getIdentifier());
certSel.setSubjectKeyIdentifier(derout.toByteArray());
byte[] kid = akidext.getEncodedKeyIdentifier();
if (kid != null) {
certSel.setSubjectKeyIdentifier(kid);
}
SerialNumber asn = (SerialNumber)akidext.get(
......
src/share/classes/sun/security/provider/certpath/ForwardBuilder.java
浏览文件 @ f80edefe
......@@ -46,9 +46,10 @@ import sun.security.provider.certpath.PKIX.BuilderParams;
import sun.security.util.Debug;
import sun.security.x509.AccessDescription;
import sun.security.x509.AuthorityInfoAccessExtension;
import sun.security.x509.AuthorityKeyIdentifierExtension;
import static sun.security.x509.PKIXExtensions.*;
import sun.security.x509.X500Name;
import sun.security.x509.AuthorityKeyIdentifierExtension;
import sun.security.x509.X509CertImpl;
/**
* This class represents a forward builder, which is able to retrieve
......@@ -69,7 +70,6 @@ class ForwardBuilder extends Builder {
private AdaptableX509CertSelector caSelector;
private X509CertSelector caTargetSelector;
TrustAnchor trustAnchor;
private Comparator<X509Certificate> comparator;
private boolean searchAllCertStores = true;
/**
......@@ -93,7 +93,6 @@ class ForwardBuilder extends Builder {
trustedSubjectDNs.add(anchor.getCA());
}
}
comparator = new PKIXCertComparator(trustedSubjectDNs);
this.searchAllCertStores = searchAllCertStores;
}
......@@ -122,6 +121,8 @@ class ForwardBuilder extends Builder {
* As each cert is added, it is sorted based on the PKIXCertComparator
* algorithm.
*/
Comparator<X509Certificate> comparator =
new PKIXCertComparator(trustedSubjectDNs, currState.cert);
Set<X509Certificate> certs = new TreeSet<>(comparator);
/*
......@@ -264,14 +265,6 @@ class ForwardBuilder extends Builder {
CertPathHelper.setPathToNames
(caSelector, currentState.subjectNamesTraversed);
/*
* Facilitate certification path construction with authority
* key identifier and subject key identifier.
*/
AuthorityKeyIdentifierExtension akidext =
currentState.cert.getAuthorityKeyIdentifierExtension();
caSelector.setSkiAndSerialNumber(akidext);
/*
* check the validity period
*/
......@@ -404,41 +397,68 @@ class ForwardBuilder extends Builder {
*
* Preference order for current cert:
*
* 1) Issuer matches a trusted subject
* 1) The key identifier of an AKID extension (if present) in the
* previous certificate matches the key identifier in the SKID extension
*
* 2) Issuer matches a trusted subject
* Issuer: ou=D,ou=C,o=B,c=A
*
* 2) Issuer is a descendant of a trusted subject (in order of
* 3) Issuer is a descendant of a trusted subject (in order of
* number of links to the trusted subject)
* a) Issuer: ou=E,ou=D,ou=C,o=B,c=A [links=1]
* b) Issuer: ou=F,ou=E,ou=D,ou=C,ou=B,c=A [links=2]
*
* 3) Issuer is an ancestor of a trusted subject (in order of number of
* 4) Issuer is an ancestor of a trusted subject (in order of number of
* links to the trusted subject)
* a) Issuer: ou=C,o=B,c=A [links=1]
* b) Issuer: o=B,c=A [links=2]
*
* 4) Issuer is in the same namespace as a trusted subject (in order of
* 5) Issuer is in the same namespace as a trusted subject (in order of
* number of links to the trusted subject)
* a) Issuer: ou=G,ou=C,o=B,c=A [links=2]
* b) Issuer: ou=H,o=B,c=A [links=3]
*
* 5) Issuer is an ancestor of certificate subject (in order of number
* 6) Issuer is an ancestor of certificate subject (in order of number
* of links to the certificate subject)
* a) Issuer: ou=K,o=J,c=A
* Subject: ou=L,ou=K,o=J,c=A
* b) Issuer: o=J,c=A
* Subject: ou=L,ou=K,0=J,c=A
*
* 6) Any other certificates
* 7) Any other certificates
*/
static class PKIXCertComparator implements Comparator<X509Certificate> {
final static String METHOD_NME = "PKIXCertComparator.compare()";
static final String METHOD_NME = "PKIXCertComparator.compare()";
private final Set<X500Principal> trustedSubjectDNs;
private final X509CertSelector certSkidSelector;
PKIXCertComparator(Set<X500Principal> trustedSubjectDNs) {
PKIXCertComparator(Set<X500Principal> trustedSubjectDNs,
X509CertImpl previousCert) throws IOException {
this.trustedSubjectDNs = trustedSubjectDNs;
this.certSkidSelector = getSelector(previousCert);
}
/**
* Returns an X509CertSelector for matching on the authority key
* identifier, or null if not applicable.
*/
private X509CertSelector getSelector(X509CertImpl previousCert)
throws IOException {
if (previousCert != null) {
AuthorityKeyIdentifierExtension akidExt =
previousCert.getAuthorityKeyIdentifierExtension();
if (akidExt != null) {
byte[] skid = akidExt.getEncodedKeyIdentifier();
if (skid != null) {
X509CertSelector selector = new X509CertSelector();
selector.setSubjectKeyIdentifier(skid);
return selector;
}
}
}
return null;
}
/**
......@@ -462,6 +482,16 @@ class ForwardBuilder extends Builder {
// if certs are the same, return 0
if (oCert1.equals(oCert2)) return 0;
// If akid/skid match then it is preferable
if (certSkidSelector != null) {
if (certSkidSelector.match(oCert1)) {
return -1;
}
if (certSkidSelector.match(oCert2)) {
return 1;
}
}
X500Principal cIssuer1 = oCert1.getIssuerX500Principal();
X500Principal cIssuer2 = oCert2.getIssuerX500Principal();
X500Name cIssuer1Name = X500Name.asX500Name(cIssuer1);
......
src/share/classes/sun/security/x509/AuthorityKeyIdentifierExtension.java
浏览文件 @ f80edefe
......@@ -307,4 +307,16 @@ implements CertAttrSet<String> {
public String getName() {
return (NAME);
}
/**
* Return the encoded key identifier, or null if not specified.
*/
public byte[] getEncodedKeyIdentifier() throws IOException {
if (id != null) {
DerOutputStream derOut = new DerOutputStream();
id.encode(derOut);
return derOut.toByteArray();
}
return null;
}
}
src/windows/classes/com/sun/java/accessibility/AccessBridge.java
浏览文件 @ f80edefe
/*
* Copyright (c) 2005, 2015, Oracle and/or its affiliates. All rights reserved.
* Copyright (c) 2005, 2016, Oracle and/or its affiliates. All rights reserved.
* DO NOT ALTER OR REMOVE COPYRIGHT NOTICES OR THIS FILE HEADER.
*
* This code is free software; you can redistribute it and/or modify it
......@@ -1501,7 +1501,9 @@ final public class AccessBridge extends AccessBridgeLoader {
s.indexOf(AccessibleState.MANAGES_DESCENDANTS.toDisplayString(Locale.US)) == -1) {
// Indicate whether this component manages its own
// children
AccessibleRole role = ac.getAccessibleRole();
AccessibleRole role = InvocationUtils.invokeAndWait(() -> {
return ac.getAccessibleRole();
}, ac);
if (role == AccessibleRole.LIST ||
role == AccessibleRole.TABLE ||
role == AccessibleRole.TREE) {
......@@ -1759,7 +1761,9 @@ final public class AccessBridge extends AccessBridgeLoader {
*/
private AccessibleComponent getAccessibleComponentFromContext(AccessibleContext ac) {
if (ac != null) {
AccessibleComponent acmp = ac.getAccessibleComponent();
AccessibleComponent acmp = InvocationUtils.invokeAndWait(() -> {
return ac.getAccessibleComponent();
}, ac);
if (acmp != null) {
debugString("Returning AccessibleComponent Context");
return acmp;
......
src/windows/native/java/net/NetworkInterface_winXP.c
浏览文件 @ f80edefe
/*
* Copyright (c) 2003, 2013, Oracle and/or its affiliates. All rights reserved.
* Copyright (c) 2003, 2015, Oracle and/or its affiliates. All rights reserved.
* DO NOT ALTER OR REMOVE COPYRIGHT NOTICES OR THIS FILE HEADER.
*
* This code is free software; you can redistribute it and/or modify it
......@@ -28,6 +28,7 @@
#include <winsock2.h> /* needed for htonl */
#include <iprtrmib.h>
#include <assert.h>
#include <limits.h>
#include "java_net_NetworkInterface.h"
#include "jni_util.h"
......@@ -70,7 +71,7 @@ void printnifs (netif *netifPP, char *str) {
#endif
static int bufsize = 1024;
static int bufsize = 4096;
/*
* return an array of IP_ADAPTER_ADDRESSES containing one element
......@@ -94,7 +95,12 @@ static int getAdapters (JNIEnv *env, IP_ADAPTER_ADDRESSES **adapters) {
ret = GetAdaptersAddresses(AF_UNSPEC, flags, NULL, adapterInfo, &len);
if (ret == ERROR_BUFFER_OVERFLOW) {
IP_ADAPTER_ADDRESSES * newAdapterInfo = (IP_ADAPTER_ADDRESSES *) realloc (adapterInfo, len);
IP_ADAPTER_ADDRESSES * newAdapterInfo = NULL;
if (len < (ULONG_MAX - bufsize)) {
len = len + bufsize;
}
newAdapterInfo =
(IP_ADAPTER_ADDRESSES *) realloc (adapterInfo, len);
if (newAdapterInfo == NULL) {
free(adapterInfo);
JNU_ThrowByName(env, "java/lang/OutOfMemoryError", "Native heap allocation failure");
......@@ -103,7 +109,6 @@ static int getAdapters (JNIEnv *env, IP_ADAPTER_ADDRESSES **adapters) {
adapterInfo = newAdapterInfo;
bufsize = len;
ret = GetAdaptersAddresses(AF_UNSPEC, flags, NULL, adapterInfo, &len);
}
......@@ -137,7 +142,12 @@ IP_ADAPTER_ADDRESSES *getAdapter (JNIEnv *env, jint index) {
flags |= GAA_FLAG_INCLUDE_PREFIX;
val = GetAdaptersAddresses(AF_UNSPEC, flags, NULL, adapterInfo, &len);
if (val == ERROR_BUFFER_OVERFLOW) {
IP_ADAPTER_ADDRESSES * newAdapterInfo = (IP_ADAPTER_ADDRESSES *) realloc (adapterInfo, len);
IP_ADAPTER_ADDRESSES * newAdapterInfo = NULL;
if (len < (ULONG_MAX - bufsize)) {
len = len + bufsize;
}
newAdapterInfo =
(IP_ADAPTER_ADDRESSES *) realloc (adapterInfo, len);
if (newAdapterInfo == NULL) {
free(adapterInfo);
JNU_ThrowByName(env, "java/lang/OutOfMemoryError", "Native heap allocation failure");
......@@ -146,7 +156,6 @@ IP_ADAPTER_ADDRESSES *getAdapter (JNIEnv *env, jint index) {
adapterInfo = newAdapterInfo;
bufsize = len;
val = GetAdaptersAddresses(AF_UNSPEC, flags, NULL, adapterInfo, &len);
}
......
test/TEST.groups
浏览文件 @ f80edefe
......@@ -352,7 +352,8 @@ needs_jdk = \
javax/xml/bind/jxc \
javax/xml/ws/8033113 \
javax/xml/ws/clientjar/TestWsImport.java \
javax/xml/ws/ebcdic
javax/xml/ws/ebcdic \
javax/xml/bind/xjc/8145039/JaxbMarshallTest.java
# JRE adds further tests to compact3
#
......
test/com/sun/crypto/provider/CICO/CICOChainingTest.java 0 → 100644
浏览文件 @ f80edefe
/*
* Copyright (c) 2007, 2015, Oracle and/or its affiliates. All rights reserved.
* DO NOT ALTER OR REMOVE COPYRIGHT NOTICES OR THIS FILE HEADER.
*
* This code is free software; you can redistribute it and/or modify it
* under the terms of the GNU General Public License version 2 only, as
* published by the Free Software Foundation.
*
* This code is distributed in the hope that it will be useful, but WITHOUT
* ANY WARRANTY; without even the implied warranty of MERCHANTABILITY or
* FITNESS FOR A PARTICULAR PURPOSE. See the GNU General Public License
* version 2 for more details (a copy is included in the LICENSE file that
* accompanied this code).
*
* You should have received a copy of the GNU General Public License version
* 2 along with this work; if not, write to the Free Software Foundation,
* Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA.
*
* Please contact Oracle, 500 Oracle Parkway, Redwood Shores, CA 94065 USA
* or visit www.oracle.com if you need additional information or have any
* questions.
*/
import java.io.ByteArrayInputStream;
import java.io.IOException;
import java.io.InputStream;
import java.io.OutputStream;
import java.io.PipedInputStream;
import java.io.PipedOutputStream;
import java.util.Arrays;
import javax.crypto.CipherInputStream;
import javax.crypto.CipherOutputStream;
/*
* @test
* @bug 8048604
* @summary This test verifies the assertion "The chaining feature of
* Filter streams should be supported." for feature "CipherInputStream &
* CipherOutputStream"
* @run main CICOChainingTest
*/
public class CICOChainingTest {
/**
* Plain text length.
*/
private static final int PLAIN_TEXT_LENGTH = 200;
public static void main(String argv[]) throws Exception {
CICOChainingTest test = new CICOChainingTest();
test.chainTest(true);
test.chainTest(false);
}
/**
* Chain CipherInputStream/CipherOutputStream with other stream, encrypt
* the text and decrypt it, recovered text is supposed to be same as
* original text.
* @param useInt true if read byte by byte false if read with buffer.
* @throws IOException any I/O operation failed.
*/
public void chainTest(boolean useInt) throws IOException {
byte[] plainText = TestUtilities.generateBytes(PLAIN_TEXT_LENGTH);
byte[] recoveredText = new byte[plainText.length];
// Do initialization
try (MyNullCipherInputStream ciInput1 = new MyNullCipherInputStream(
new ByteArrayInputStream(plainText));
PipedOutputStream piOut = new PipedOutputStream();
MyNullCipherInputStream ciInput2 = new MyNullCipherInputStream(
new PipedInputStream(piOut));
MyNullCipherOutputStream ciOut = new MyNullCipherOutputStream(
piOut);) {
if (useInt) {
int buffer = ciInput1.read();
while (buffer != -1) {
piOut.write(buffer);
buffer = ciInput1.read();
}
} else {
byte[] buffer = new byte[20];
int len = ciInput1.read(buffer);
while (len != -1) {
ciOut.write(buffer, 0, len);
len = ciInput1.read(buffer);
}
}
ciOut.flush();
piOut.flush();
// Get the output
ciInput2.read(recoveredText);
if (ciInput2.available() > 0) {
throw new RuntimeException("Expected no data from ciInput2, but"
+ " ciInput2.available() = " + ciInput2.available());
}
}
// Verify output is same to input.
if (!Arrays.equals(plainText, recoveredText)) {
throw new RuntimeException("plainText:" + new String(plainText)
+ " recoveredText:" + new String(recoveredText)
+ " Test failed due to result compare fail");
}
}
}
class MyNullCipherInputStream extends CipherInputStream {
public MyNullCipherInputStream(InputStream is) {
super(is);
}
}
class MyNullCipherOutputStream extends CipherOutputStream {
public MyNullCipherOutputStream(OutputStream os) {
super(os);
}
}
test/com/sun/crypto/provider/CICO/CICODESFuncTest.java 0 → 100644
浏览文件 @ f80edefe
/*
* Copyright (c) 2007, 2015, Oracle and/or its affiliates. All rights reserved.
* DO NOT ALTER OR REMOVE COPYRIGHT NOTICES OR THIS FILE HEADER.
*
* This code is free software; you can redistribute it and/or modify it
* under the terms of the GNU General Public License version 2 only, as
* published by the Free Software Foundation.
*
* This code is distributed in the hope that it will be useful, but WITHOUT
* ANY WARRANTY; without even the implied warranty of MERCHANTABILITY or
* FITNESS FOR A PARTICULAR PURPOSE. See the GNU General Public License
* version 2 for more details (a copy is included in the LICENSE file that
* accompanied this code).
*
* You should have received a copy of the GNU General Public License version
* 2 along with this work; if not, write to the Free Software Foundation,
* Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA.
*
* Please contact Oracle, 500 Oracle Parkway, Redwood Shores, CA 94065 USA
* or visit www.oracle.com if you need additional information or have any
* questions.
*/
import static java.lang.System.out;
import java.io.ByteArrayInputStream;
import java.io.ByteArrayOutputStream;
import java.io.IOException;
import java.security.GeneralSecurityException;
import java.security.NoSuchAlgorithmException;
import java.security.Provider;
import java.security.Security;
import java.security.spec.AlgorithmParameterSpec;
import java.util.Arrays;
import javax.crypto.CipherInputStream;
import javax.crypto.CipherOutputStream;
import javax.crypto.SecretKey;
import javax.crypto.Cipher;
import javax.crypto.KeyGenerator;
import javax.crypto.spec.IvParameterSpec;
/*
* @test
* @bug 8048604
* @summary to verify cipherInputStream and cipherInputStream cipher function
* @run main CICODESFuncTest
*/
public class CICODESFuncTest {
/**
* Algorithms name.
*/
private static final String[] ALGORITHMS = { "DES", "DESede", "Blowfish" };
private static final String[] MODES = { "ECB", "CBC", "CFB", "CFB24",
"CFB32", "CFB40", "CFB72", "OFB", "OFB20", "OFB48", "OFB56",
"OFB64", "PCBC" };
/**
* Padding mode.
*/
private static final String[] PADDINGS = { "noPadding", "pkcs5padding" };
/**
* Plain text length.
*/
private static final int TEXT_LENGTH = 80;
/**
* Initialization vector length.
*/
private static final int IV_LENGTH = 8;
public static void main(String[] args) throws Exception {
Provider provider = Security.getProvider("SunJCE");
if (provider == null) {
throw new RuntimeException("SunJCE provider does not exist.");
}
for (String algorithm : ALGORITHMS) {
for (String mode : MODES) {
// We only test noPadding and pkcs5padding for CFB72, OFB20, ECB
// PCBC and CBC. Otherwise test noPadding only.
int padKinds = 1;
if (mode.equalsIgnoreCase("CFB72")
|| mode.equalsIgnoreCase("OFB20")
|| mode.equalsIgnoreCase("ECB")
|| mode.equalsIgnoreCase("PCBC")
|| mode.equalsIgnoreCase("CBC")) {
padKinds = PADDINGS.length;
}
// PKCS5padding is meaningful only for ECB, CBC, PCBC
for (int k = 0; k < padKinds; k++) {
for (ReadModel readMode : ReadModel.values()) {
runTest(provider, algorithm, mode, PADDINGS[k], readMode);
}
}
}
}
}
private static void runTest(Provider p, String algo, String mo, String pad,
ReadModel whichRead) throws GeneralSecurityException, IOException {
// Do initialization
byte[] plainText = TestUtilities.generateBytes(TEXT_LENGTH);
byte[] iv = TestUtilities.generateBytes(IV_LENGTH);
AlgorithmParameterSpec aps = new IvParameterSpec(iv);
try {
KeyGenerator kg = KeyGenerator.getInstance(algo, p);
out.println(algo + "/" + mo + "/" + pad + "/" + whichRead);
SecretKey key = kg.generateKey();
Cipher ci1 = Cipher.getInstance(algo + "/" + mo + "/" + pad, p);
if ("CFB72".equalsIgnoreCase(mo) || "OFB20".equalsIgnoreCase(mo)) {
throw new RuntimeException(
"NoSuchAlgorithmException not throw when mode"
+ " is CFB72 or OFB20");
}
Cipher ci2 = Cipher.getInstance(algo + "/" + mo + "/" + pad, p);
if ("ECB".equalsIgnoreCase(mo)) {
ci1.init(Cipher.ENCRYPT_MODE, key);
ci2.init(Cipher.DECRYPT_MODE, key);
} else {
ci1.init(Cipher.ENCRYPT_MODE, key, aps);
ci2.init(Cipher.DECRYPT_MODE, key, aps);
}
ByteArrayOutputStream baOutput = new ByteArrayOutputStream();
try (CipherInputStream cInput
= new CipherInputStream(
new ByteArrayInputStream(plainText), ci1);
CipherOutputStream ciOutput
= new CipherOutputStream(baOutput, ci2);) {
// Read from the input and write to the output using 2 types
// of buffering : byte[] and int
whichRead.read(cInput, ciOutput, ci1, plainText.length);
}
// Verify input and output are same.
if (!Arrays.equals(plainText, baOutput.toByteArray())) {
throw new RuntimeException("Test failed due to compare fail ");
}
} catch (NoSuchAlgorithmException nsaEx) {
if ("CFB72".equalsIgnoreCase(mo) || "OFB20".equalsIgnoreCase(mo)) {
out.println("NoSuchAlgorithmException is expected for CFB72 and OFB20");
} else {
throw new RuntimeException("Unexpected exception testing: "
+ algo + "/" + mo + "/" + pad + "/" + whichRead, nsaEx);
}
}
}
}
test/com/sun/crypto/provider/CICO/CICOSkipTest.java 0 → 100644
浏览文件 @ f80edefe
/*
* Copyright (c) 2007, 2015, Oracle and/or its affiliates. All rights reserved.
* DO NOT ALTER OR REMOVE COPYRIGHT NOTICES OR THIS FILE HEADER.
*
* This code is free software; you can redistribute it and/or modify it
* under the terms of the GNU General Public License version 2 only, as
* published by the Free Software Foundation.
*
* This code is distributed in the hope that it will be useful, but WITHOUT
* ANY WARRANTY; without even the implied warranty of MERCHANTABILITY or
* FITNESS FOR A PARTICULAR PURPOSE. See the GNU General Public License
* version 2 for more details (a copy is included in the LICENSE file that
* accompanied this code).
*
* You should have received a copy of the GNU General Public License version
* 2 along with this work; if not, write to the Free Software Foundation,
* Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA.
*
* Please contact Oracle, 500 Oracle Parkway, Redwood Shores, CA 94065 USA
* or visit www.oracle.com if you need additional information or have any
* questions.
*/
import static java.lang.System.out;
import java.io.ByteArrayInputStream;
import java.io.IOException;
import java.security.InvalidAlgorithmParameterException;
import java.security.InvalidKeyException;
import java.security.NoSuchAlgorithmException;
import java.security.Provider;
import java.security.Security;
import java.security.spec.AlgorithmParameterSpec;
import java.security.spec.InvalidKeySpecException;
import javax.crypto.Cipher;
import javax.crypto.CipherInputStream;
import javax.crypto.KeyGenerator;
import javax.crypto.NoSuchPaddingException;
import javax.crypto.SecretKey;
import javax.crypto.SecretKeyFactory;
import javax.crypto.spec.IvParameterSpec;
import javax.crypto.spec.PBEKeySpec;
import javax.crypto.spec.PBEParameterSpec;
/*
* @test
* @bug 8048604
* @summary This test verifies the assertion "The skip feature of Filter
* streams should be supported." for feature
* CipherInputStream and CipherOutputStream
*/
public class CICOSkipTest {
/**
* Block length.
*/
private static final int BLOCK = 50;
/**
* Saving bytes length.
*/
private static final int SAVE = 45;
/**
* Plain text length.
*/
private static final int PLAIN_TEXT_LENGTH = 800;
/**
* Skip reading byte size. This should be same to BLOCK - SAVE
*/
private static final int DISCARD = BLOCK - SAVE;
private static final String[] ALGOS = {"DES", "DESede", "Blowfish"};
private static final String[] MODES = {"ECB", "CBC", "CFB", "CFB32",
"OFB", "OFB64", "PCBC"};
private static final String[] PADDINGS = {"NoPadding", "Pkcs5Padding"};
private static final String[] PBE_ALGOS = {"PBEWithMD5AndDES",
"PBEWithMD5AndDES/CBC/PKCS5Padding"};
public static void main(String[] args) throws Exception {
// how many kinds of padding mode such as PKCS5padding and NoPadding
for (String algo : ALGOS) {
for (String mode : MODES) {
int padKinds = 1;
if (mode.equalsIgnoreCase("ECB")
|| mode.equalsIgnoreCase("PCBC")
|| mode.equalsIgnoreCase("CBC")) {
padKinds = PADDINGS.length;
}
// PKCS5padding is meaningful only for ECB, CBC, PCBC
for (int k = 0; k < padKinds; k++) {
String info = algo + "/" + mode + "/" + PADDINGS[k];
try {
CipherGenerator cg = new CipherGenerator(algo, mode,
PADDINGS[k]);
for (ReadMethod model : ReadMethod.values()) {
runTest(cg.getPair(), info, model);
}
} catch (LengthLimitException exp) {
// skip this if this key length is larger than what's
// configured in the jce jurisdiction policy files
out.println(exp.getMessage() + " is expected.");
}
}
}
}
for (String pbeAlgo : PBE_ALGOS) {
for (ReadMethod model : ReadMethod.values()) {
System.out.println("Testing Algorithm : " + pbeAlgo
+ " ReadMethod : " + model);
runTest(new CipherGenerator(pbeAlgo).getPair(), pbeAlgo, model);
}
}
}
private static void runTest(Cipher[] pair, String info, ReadMethod whichRead)
throws IOException {
byte[] plainText = TestUtilities.generateBytes(PLAIN_TEXT_LENGTH);
out.println("Testing: " + info + "/" + whichRead);
try (ByteArrayInputStream baInput = new ByteArrayInputStream(plainText);
CipherInputStream ciInput1 = new CipherInputStream(baInput,
pair[0]);
CipherInputStream ciInput2 = new CipherInputStream(ciInput1,
pair[1]);) {
// Skip 5 bytes after read 45 bytes and repeat until finish
// (Read from the input and write to the output using 2 types
// of buffering : byte[] and int)
// So output has size:
// (OVERALL/BLOCK)* SAVE = (800 / 50) * 45 = 720 bytes
int numOfBlocks = plainText.length / BLOCK;
// Output buffer.
byte[] outputText = new byte[numOfBlocks * SAVE];
int index = 0;
for (int i = 0; i < numOfBlocks; i++) {
index = whichRead.readByte(ciInput2, outputText, SAVE, index);
// If available is more than expected discard byte size. Skip
// discard bytes, otherwise try to read discard bytes by read.
if (ciInput2.available() >= DISCARD) {
ciInput2.skip(DISCARD);
} else {
for (int k = 0; k < DISCARD; k++) {
ciInput2.read();
}
}
}
// Verify output is same as input
if (!TestUtilities
.equalsBlockPartial(plainText, outputText, BLOCK, SAVE)) {
throw new RuntimeException("Test failed with compare fail");
}
}
}
}
class CipherGenerator {
/**
* Initialization vector length.
*/
private static final int IV_LENGTH = 8;
private static final String PASSWD = "Sesame!(@#$%^&*)";
private final Cipher[] pair = new Cipher[2];
// For DES/DESede ciphers
CipherGenerator(String algo, String mo, String pad)
throws NoSuchAlgorithmException,
InvalidAlgorithmParameterException, InvalidKeyException,
NoSuchPaddingException, SecurityException, LengthLimitException {
// Do initialization
KeyGenerator kg = KeyGenerator.getInstance(algo);
SecretKey key = kg.generateKey();
if (key.getEncoded().length * 8 > Cipher.getMaxAllowedKeyLength(algo)) {
// skip this if this key length is larger than what's
// configured in the jce jurisdiction policy files
throw new LengthLimitException(
"Skip this test if key length is larger than what's"
+ "configured in the jce jurisdiction policy files");
}
AlgorithmParameterSpec aps = null;
if (!mo.equalsIgnoreCase("ECB")) {
byte[] iv = TestUtilities.generateBytes(IV_LENGTH);
aps = new IvParameterSpec(iv);
}
initCiphers(algo + "/" + mo + "/" + pad, key, aps);
}
// For PBE ciphers
CipherGenerator(String algo) throws NoSuchAlgorithmException,
InvalidAlgorithmParameterException, InvalidKeyException,
NoSuchPaddingException, InvalidKeySpecException {
// Do initialization
byte[] salt = TestUtilities.generateBytes(IV_LENGTH);
int iterCnt = 6;
SecretKeyFactory skf = SecretKeyFactory.getInstance(algo.split("/")[0]);
SecretKey key = skf
.generateSecret(new PBEKeySpec(PASSWD.toCharArray()));
AlgorithmParameterSpec aps = new PBEParameterSpec(salt, iterCnt);
initCiphers(algo, key, aps);
}
private void initCiphers(String algo, SecretKey key,
AlgorithmParameterSpec aps) throws NoSuchAlgorithmException,
NoSuchPaddingException, InvalidKeyException,
InvalidAlgorithmParameterException {
Provider provider = Security.getProvider("SunJCE");
if (provider == null) {
throw new RuntimeException("SunJCE provider does not exist.");
}
Cipher ci1 = Cipher.getInstance(algo, provider);
ci1.init(Cipher.ENCRYPT_MODE, key, aps);
pair[0] = ci1;
Cipher ci2 = Cipher.getInstance(algo, provider);
ci2.init(Cipher.DECRYPT_MODE, key, aps);
pair[1] = ci2;
}
Cipher[] getPair() {
return pair;
}
}
enum ReadMethod {
// read one byte at a time for save times
READ_ONE_BYTE {
@Override
int readByte(CipherInputStream ciIn2, byte[] outputText, int save,
int index) throws IOException {
for (int j = 0; j < save; j++, index++) {
int buffer0 = ciIn2.read();
if (buffer0 != -1) {
outputText[index] = (byte) buffer0;
} else {
break;
}
}
return index;
}
},
// read a chunk of save bytes if possible
READ_BLOCK {
@Override
int readByte(CipherInputStream ciIn2, byte[] outputText, int save,
int index) throws IOException {
int len1 = ciIn2.read(outputText, index, save);
out.println("Init: index=" + index + ",len=" + len1);
// read more until save bytes
index += len1;
int len2 = 0;
while (len1 != save && len2 != -1) {
len2 = ciIn2.read(outputText, index, save - len1);
out.println("Cont: index=" + index + ",len=" + len2);
len1 += len2;
index += len2;
}
return index;
}
};
abstract int readByte(CipherInputStream ciIn2, byte[] outputText, int save,
int index) throws IOException;
};
class LengthLimitException extends Exception {
public LengthLimitException(String string) {
super(string);
}
}
test/com/sun/crypto/provider/CICO/PBEFunc/AESPBEWrapper.java 0 → 100644
浏览文件 @ f80edefe
/*
* Copyright (c) 2007, 2015, Oracle and/or its affiliates. All rights reserved.
* DO NOT ALTER OR REMOVE COPYRIGHT NOTICES OR THIS FILE HEADER.
*
* This code is free software; you can redistribute it and/or modify it
* under the terms of the GNU General Public License version 2 only, as
* published by the Free Software Foundation.
*
* This code is distributed in the hope that it will be useful, but WITHOUT
* ANY WARRANTY; without even the implied warranty of MERCHANTABILITY or
* FITNESS FOR A PARTICULAR PURPOSE. See the GNU General Public License
* version 2 for more details (a copy is included in the LICENSE file that
* accompanied this code).
*
* You should have received a copy of the GNU General Public License version
* 2 along with this work; if not, write to the Free Software Foundation,
* Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA.
*
* Please contact Oracle, 500 Oracle Parkway, Redwood Shores, CA 94065 USA
* or visit www.oracle.com if you need additional information or have any
* questions.
*/
import java.security.AlgorithmParameters;
import java.security.GeneralSecurityException;
import java.security.Provider;
import java.security.Security;
import javax.crypto.SecretKey;
import javax.crypto.Cipher;
import javax.crypto.SecretKeyFactory;
import javax.crypto.spec.PBEKeySpec;
/**
* Wrapper class to test a given AES-based PBE algorithm.
*/
public class AESPBEWrapper extends AbstractPBEWrapper {
/**
* the algorithm parameters.
*/
private AlgorithmParameters pbeParams;
/**
* the encryption key.
*/
private final SecretKey key;
/**
* The Wrapper constructor. Instantiate Cipher using the given AES-based PBE
* algorithm.
*
* @param algo AES-based PBE algorithm.
* @param passwd password phrase.
* @throws GeneralSecurityException all security exceptions are thrown.
*/
public AESPBEWrapper(PBEAlgorithm algo, String passwd)
throws GeneralSecurityException {
// salt and iteration count will be generated during encryption
super(algo, passwd, 0);
// Generate secret key. We expect no mode and padding specified.
SecretKeyFactory skf = SecretKeyFactory.getInstance(algo.baseAlgo);
key = skf.generateSecret(new PBEKeySpec(passwd.toCharArray()));
}
/**
* Initiate the Cipher object using given "mode".
* @return a cipher object.
* @throws GeneralSecurityException all security exceptions are thrown.
*/
@Override
protected Cipher initCipher(int mode) throws GeneralSecurityException {
Provider provider = Security.getProvider("SunJCE");
if (provider == null) {
throw new RuntimeException("SunJCE provider does not exist.");
}
// get Cipher instance
Cipher ci = Cipher.getInstance(transformation, provider);
if (Cipher.ENCRYPT_MODE == mode) {
ci.init(Cipher.ENCRYPT_MODE, key);
pbeParams = ci.getParameters();
} else {
ci.init(Cipher.DECRYPT_MODE, key, pbeParams);
}
return ci;
}
}
test/com/sun/crypto/provider/CICO/PBEFunc/AbstractPBEWrapper.java 0 → 100644
浏览文件 @ f80edefe
/*
* Copyright (c) 2007, 2015, Oracle and/or its affiliates. All rights reserved.
* DO NOT ALTER OR REMOVE COPYRIGHT NOTICES OR THIS FILE HEADER.
*
* This code is free software; you can redistribute it and/or modify it
* under the terms of the GNU General Public License version 2 only, as
* published by the Free Software Foundation.
*
* This code is distributed in the hope that it will be useful, but WITHOUT
* ANY WARRANTY; without even the implied warranty of MERCHANTABILITY or
* FITNESS FOR A PARTICULAR PURPOSE. See the GNU General Public License
* version 2 for more details (a copy is included in the LICENSE file that
* accompanied this code).
*
* You should have received a copy of the GNU General Public License version
* 2 along with this work; if not, write to the Free Software Foundation,
* Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA.
*
* Please contact Oracle, 500 Oracle Parkway, Redwood Shores, CA 94065 USA
* or visit www.oracle.com if you need additional information or have any
* questions.
*/
import java.security.GeneralSecurityException;
import javax.crypto.Cipher;
/**
* PBEWrapper is an abstract class for all concrete PBE Cipher wrappers.
*/
public abstract class AbstractPBEWrapper {
/**
* Iteration count.
*/
public static final int DEFAULT_ITERATION = 1000;
public static final String PBKDF2 = "PBKDF2";
public static final String AES = "AES";
public static final String DEFAULT = "default";
/**
* transformation the name of the transformation, e.g.,
* DES/CBC/PKCS5Padding
*/
protected final String transformation;
/**
* the standard name of the requested secret-key algorithm.
*/
protected final String baseAlgo;
/**
* The contents of salt are copied to protect against subsequent
* modification.
*/
protected final byte[] salt;
/**
* Password.
*/
protected final String password;
/**
* PBEWrapper creator.
*
* @param algo PBE algorithm to test
* @param passwd a password phrase
* @return PBEWrapper in accordance to requested algo.
* @throws GeneralSecurityException all exceptions are thrown.
*/
public static AbstractPBEWrapper createWrapper(PBEAlgorithm algo, String passwd)
throws GeneralSecurityException {
switch (algo.type) {
case PBKDF2:
return new PBKDF2Wrapper(algo, passwd);
case AES:
return new AESPBEWrapper(algo, passwd);
default:
return new DefaultPBEWrapper(algo, passwd);
}
}
/**
* PBEWrapper constructor.
*
* @param algo algorithm to wrap
* @param password password phrase
* @param saltSize salt size (defined in subclasses)
*/
protected AbstractPBEWrapper(PBEAlgorithm algo, String password, int saltSize) {
this.transformation = algo.getTransformation();
this.baseAlgo = algo.baseAlgo;
this.salt = TestUtilities.generateBytes(saltSize);
this.password = password;
}
/**
* Initialize Cipher object for the operation requested in the mode parameter.
*
* @param mode encryption or decryption
* @return a cipher initialize by mode.
* @throws GeneralSecurityException all security exceptions are thrown.
*/
protected abstract Cipher initCipher(int mode) throws GeneralSecurityException;
}
test/com/sun/crypto/provider/CICO/PBEFunc/CICOPBEFuncTest.java 0 → 100644
浏览文件 @ f80edefe
/*
* Copyright (c) 2007, 2015, Oracle and/or its affiliates. All rights reserved.
* DO NOT ALTER OR REMOVE COPYRIGHT NOTICES OR THIS FILE HEADER.
*
* This code is free software; you can redistribute it and/or modify it
* under the terms of the GNU General Public License version 2 only, as
* published by the Free Software Foundation.
*
* This code is distributed in the hope that it will be useful, but WITHOUT
* ANY WARRANTY; without even the implied warranty of MERCHANTABILITY or
* FITNESS FOR A PARTICULAR PURPOSE. See the GNU General Public License
* version 2 for more details (a copy is included in the LICENSE file that
* accompanied this code).
*
* You should have received a copy of the GNU General Public License version
* 2 along with this work; if not, write to the Free Software Foundation,
* Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA.
*
* Please contact Oracle, 500 Oracle Parkway, Redwood Shores, CA 94065 USA
* or visit www.oracle.com if you need additional information or have any
* questions.
*/
/*
* @test
* @bug 8048604
* @summary This test verifies the assertion "The encrypt/decrypt
* mechanism of cipher should perform correctly." for feature
* "CipherInputStream & CipherOutputStream".
* @library ../
* @run main CICOPBEFuncTest
*/
import java.util.Arrays;
import javax.crypto.Cipher;
public class CICOPBEFuncTest {
public static void main(String[] args) throws Exception {
for (PBEAlgorithm algorithm : PBEAlgorithm.values()) {
// int buffertin test
String algo = algorithm.baseAlgo.toUpperCase();
if (!algo.contains("TRIPLEDES") && !algo.contains("AES_256")
|| Cipher.getMaxAllowedKeyLength(algo) > 128) {
// skip this if this key length is larger than what's
// configured in the jce jurisdiction policy files
System.out.println("Testing " + algorithm.getTransformation());
for (String type : Arrays.asList(CICO_PBE_Test.INT_BYTE_BUFFER,
CICO_PBE_Test.BYTE_ARR_BUFFER)) {
new CICO_PBE_RW_Test(algorithm)
.proceedTest(type);
new CICO_PBE_SKIP_Test(algorithm)
.proceedTest(type);
}
}
}
}
}
test/com/sun/crypto/provider/CICO/PBEFunc/CICO_PBE_RW_Test.java 0 → 100644
浏览文件 @ f80edefe
/*
* Copyright (c) 2007, 2015, Oracle and/or its affiliates. All rights reserved.
* DO NOT ALTER OR REMOVE COPYRIGHT NOTICES OR THIS FILE HEADER.
*
* This code is free software; you can redistribute it and/or modify it
* under the terms of the GNU General Public License version 2 only, as
* published by the Free Software Foundation.
*
* This code is distributed in the hope that it will be useful, but WITHOUT
* ANY WARRANTY; without even the implied warranty of MERCHANTABILITY or
* FITNESS FOR A PARTICULAR PURPOSE. See the GNU General Public License
* version 2 for more details (a copy is included in the LICENSE file that
* accompanied this code).
*
* You should have received a copy of the GNU General Public License version
* 2 along with this work; if not, write to the Free Software Foundation,
* Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA.
*
* Please contact Oracle, 500 Oracle Parkway, Redwood Shores, CA 94065 USA
* or visit www.oracle.com if you need additional information or have any
* questions.
*/
import java.io.ByteArrayOutputStream;
import java.io.IOException;
import java.security.GeneralSecurityException;
import javax.crypto.CipherOutputStream;
/**
* CICO PBE Read/Write functional test.
*
* Verifies for the given PBE algorithm if the encrypt/decrypt mechanism is
* performed correctly for CipherInputStream and CipherOutputStream.
*
* Test scenario:
* 1. initializes plain text with random generated data.
* 2. for the given PBE algorithm instantiates encrypt and decrypt Ciphers.
* 3. instantiates CipherInputStream with the encrypt Cipher.
* 4. instantiates CipherOutputStream with the decrypt Cipher.
* 5. performs reading from the CipherInputStream (encryption data) and writing
* to the CipherOutputStream (decryption). As a result the output of the
* CipherOutputStream should be the same as an original plain text.
* 6. compares if the original plain text is the same as the output of the
* CipherOutputStream.
*
* The test implements 2 test cases in accordance with buffering type:
* 1. byte array buffering
* 2. int buffering
*/
public class CICO_PBE_RW_Test extends CICO_PBE_Test {
public CICO_PBE_RW_Test(PBEAlgorithm pbeAlgo)
throws GeneralSecurityException {
super(pbeAlgo);
}
/**
* The CICO PBE RW test specific part of the super.doTest(). Implements the
* scenario in accordance to the class description.
* @param type byteArrayBuffering or intByteBuffering
* @throws IOException any I/O operation failed.
* @throws GeneralSecurityException any security error.
*/
@Override
public void proceedTest(String type) throws IOException,
GeneralSecurityException {
ByteArrayOutputStream baOutput = new ByteArrayOutputStream();
try (CipherOutputStream ciOutput = new CipherOutputStream(baOutput,
getDecryptCipher())) {
if (type.equals(CICO_PBE_Test.BYTE_ARR_BUFFER)) {
proceedTestUsingByteArrayBuffer(ciOutput);
} else {
proceedTestUsingIntBuffer(ciOutput);
}
ciOutput.flush();
}
// Compare input and output
if (!TestUtilities.equalsBlock(plainText, baOutput.toByteArray(), TEXT_SIZE)) {
throw new RuntimeException("outputText not same with expectedText"
+ " when test " + type);
}
}
/**
* Implements byte array buffering type test case of the CICO PBE RW test.
* @param ciOutput output stream for data written.
* @throws java.io.IOException any I/O operation failed.
*/
public void proceedTestUsingByteArrayBuffer(
CipherOutputStream ciOutput) throws IOException {
byte[] buffer = new byte[TEXT_SIZE];
int len = getCiInput().read(buffer);
while (len != -1) {
ciOutput.write(buffer, 0, len);
len = getCiInput().read(buffer);
}
}
/**
* Implements int buffering type test case.
* @param ciOutput output stream for data written.
* @throws java.io.IOException any I/O operation failed.
*/
public void proceedTestUsingIntBuffer(CipherOutputStream ciOutput)
throws IOException {
int buffer = getCiInput().read();
while (buffer != -1) {
ciOutput.write(buffer);
buffer = getCiInput().read();
}
}
}
test/com/sun/crypto/provider/CICO/PBEFunc/CICO_PBE_SKIP_Test.java 0 → 100644
浏览文件 @ f80edefe
/*
* Copyright (c) 2007, 2015, Oracle and/or its affiliates. All rights reserved.
* DO NOT ALTER OR REMOVE COPYRIGHT NOTICES OR THIS FILE HEADER.
*
* This code is free software; you can redistribute it and/or modify it
* under the terms of the GNU General Public License version 2 only, as
* published by the Free Software Foundation.
*
* This code is distributed in the hope that it will be useful, but WITHOUT
* ANY WARRANTY; without even the implied warranty of MERCHANTABILITY or
* FITNESS FOR A PARTICULAR PURPOSE. See the GNU General Public License
* version 2 for more details (a copy is included in the LICENSE file that
* accompanied this code).
*
* You should have received a copy of the GNU General Public License version
* 2 along with this work; if not, write to the Free Software Foundation,
* Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA.
*
* Please contact Oracle, 500 Oracle Parkway, Redwood Shores, CA 94065 USA
* or visit www.oracle.com if you need additional information or have any
* questions.
*/
import java.io.IOException;
import java.security.GeneralSecurityException;
import javax.crypto.CipherInputStream;
/**
* CICO PBE SKIP functional test.
*
* Verifies for the given PBE algorithm if the encrypt/decrypt mechanism is
* performed correctly for CipherInputStream when skip() method is used.
*
* Test scenario:
* 1. initializes plain text with random generated data with length TEXT_SIZE.
* 2. for the given PBE algorithm instantiates encrypt and decrypt Ciphers.
* 3. instantiates CipherInputStream 1 with the encrypt Cipher.
* 4. instantiates CipherInputStream 2 with the CipherInputStream 1 and decrypt
* Cipher.
* 5. the plain text is divided on TEXT_SIZE/BLOCK blocks. Reading from
* CipherInputStream 2 one block at time. The last BLOCK - SAVE bytes are
* skipping for each block. Therefor the plain text data go through
* CipherInputStream 1 (encrypting) and CipherInputStream 2 (decrypting).
* As a result the output should equal to the original text except DISCARD
* byte for each block are skipped.
* 6. get the standard output.
* 7. compares the expected standard output with the output of the
* CipherInputStream 2. If it is the same the test passed. Otherwise it
* failed. Any uncaught exceptions should be considered as an error.
* The test implements 2 test cases in accordance with a buffering type:
* 1. byte array buffering
* 2. int buffering
*/
public class CICO_PBE_SKIP_Test extends CICO_PBE_Test {
/**
* Block size.
*/
private static final int BLOCK = 50;
/**
* Valid reading byte size.
*/
private static final int SAVE = 45;
/**
* Skip reading byte size. This should be same to BLOCK - SAVE
*/
private static final int DISCARD = BLOCK - SAVE;
/**
* Number of blocks.
*/
private static final int NUMBER_OF_BLOCKS = TEXT_SIZE / BLOCK;
private final byte[] outputText;
/**
* CICO PBE Skip test constructor
*
* @param pbeAlgo the PBE algorithm to test.
* @throws java.security.GeneralSecurityException
*/
public CICO_PBE_SKIP_Test(PBEAlgorithm pbeAlgo)
throws GeneralSecurityException {
super(pbeAlgo);
outputText = new byte[NUMBER_OF_BLOCKS * SAVE];
}
/**
* Implements byte array buffering type test case of the CICO SKIP test.
*
* @param blockNum block number to read.
*/
private void proceedSkipTestUsingByteArrayBufferingType(
CipherInputStream ciIn2, int blockNum) throws IOException {
int index = blockNum * SAVE;
int len1 = ciIn2.read(outputText, index, SAVE);
// read more until SAVE bytes
index += len1;
int len2 = 0;
int totalRead = len1;
while (len1 != SAVE && len2 != -1) {
len2 = ciIn2.read(outputText, index, SAVE - len1);
len1 += len2;
index += len2;
totalRead += len2;
}
if (totalRead != SAVE) {
throw new RuntimeException("Read bytes number " + totalRead
+ " does not equal to given number " + SAVE);
}
}
/**
* Implements int buffering type test case of the CICO SKIP test.
*
* @param blockNum block number to read.
*/
private void proceedSkipTestUsingIntBufferingType(CipherInputStream ciIn2,
int blockNum) throws IOException {
int index = blockNum * SAVE;
int totalRead = 0;
for (int j = 0; j < SAVE; j++, index++) {
int buffer0 = ciIn2.read();
if (buffer0 != -1) {
outputText[index] = (byte) buffer0;
totalRead++;
} else {
break;
}
}
if (totalRead != SAVE) {
throw new RuntimeException("Read bytes number " + totalRead
+ " does not equal to given number " + SAVE);
}
}
/**
* The CICO PBE SKIP test specific part of the super.doTest(). Implements
* the scenario in accordance to the class description.
* @throws java.io.IOException any I/O failed.
*/
@Override
public void proceedTest(String type) throws IOException {
System.out.println("Test type: " + type);
// init second input stream with decrypt Cipher
try (CipherInputStream ciIn2 = new CipherInputStream(getCiInput(),
getDecryptCipher())) {
for (int i = 0; i < NUMBER_OF_BLOCKS; i++) {
if (type.equals(CICO_PBE_Test.BYTE_ARR_BUFFER)) {
proceedSkipTestUsingByteArrayBufferingType(ciIn2, i);
} else {
proceedSkipTestUsingIntBufferingType(ciIn2, i);
}
if (ciIn2.available() >= DISCARD) {
ciIn2.skip(DISCARD);
} else {
for (int k = 0; k < DISCARD; k++) {
ciIn2.read();
}
}
}
}
if (!TestUtilities.equalsBlockPartial(plainText, outputText, BLOCK, SAVE)) {
throw new RuntimeException("outputText not same with expectedText"
+ " when test " + type);
}
}
}
test/com/sun/crypto/provider/CICO/PBEFunc/CICO_PBE_Test.java 0 → 100644
浏览文件 @ f80edefe
/*
* Copyright (c) 2007, 2015, Oracle and/or its affiliates. All rights reserved.
* DO NOT ALTER OR REMOVE COPYRIGHT NOTICES OR THIS FILE HEADER.
*
* This code is free software; you can redistribute it and/or modify it
* under the terms of the GNU General Public License version 2 only, as
* published by the Free Software Foundation.
*
* This code is distributed in the hope that it will be useful, but WITHOUT
* ANY WARRANTY; without even the implied warranty of MERCHANTABILITY or
* FITNESS FOR A PARTICULAR PURPOSE. See the GNU General Public License
* version 2 for more details (a copy is included in the LICENSE file that
* accompanied this code).
*
* You should have received a copy of the GNU General Public License version
* 2 along with this work; if not, write to the Free Software Foundation,
* Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA.
*
* Please contact Oracle, 500 Oracle Parkway, Redwood Shores, CA 94065 USA
* or visit www.oracle.com if you need additional information or have any
* questions.
*/
import java.io.ByteArrayInputStream;
import java.io.IOException;
import java.security.GeneralSecurityException;
import javax.crypto.Cipher;
import javax.crypto.CipherInputStream;
/**
* This is an abstract class for CipherInputStream/CipherOutputStream PBE
* functional tests.
*/
public abstract class CICO_PBE_Test {
/**
* Sample string for byte buffer.
*/
public static final String BYTE_ARR_BUFFER = "byteArrayBuffering";
/**
* Sample string for int buffer.
*/
public static final String INT_BYTE_BUFFER = "intByteBuffering";
public static final String PASS_PHRASE = "Some password phrase!";
/**
* Text string size.
*/
public static final int TEXT_SIZE = 800;
protected final byte[] plainText;
private final Cipher encryptCipher, decryptCipher;
/**
* An CipherInputStream for reading cipher and plain text.
*/
private final CipherInputStream ciInput;
/**
* Constructor by algorithm.
* @param pbeAlgo PBE algorithm to test.
* @throws GeneralSecurityException if any security error.
*/
public CICO_PBE_Test(PBEAlgorithm pbeAlgo) throws GeneralSecurityException {
// Do initialization of the plainText
plainText = TestUtilities.generateBytes(TEXT_SIZE);
// Do initialization of the ciphers
AbstractPBEWrapper pbeWrap = AbstractPBEWrapper.createWrapper(pbeAlgo, PASS_PHRASE);
encryptCipher = pbeWrap.initCipher(Cipher.ENCRYPT_MODE);
decryptCipher = pbeWrap.initCipher(Cipher.DECRYPT_MODE);
// init cipher input stream
ciInput = new CipherInputStream(new ByteArrayInputStream(plainText),
encryptCipher);
}
protected byte[] getPlainText() {
return plainText;
}
/**
* The body of the test. Should be defined in subclasses.
* @param type byteArrayBuffering or intByteBuffering
* @throws IOException I/O operation failed.
* @throws GeneralSecurityException all exceptions thrown.
*/
protected abstract void proceedTest(String type)
throws IOException, GeneralSecurityException;
protected Cipher getEncryptCipher() {
return encryptCipher;
}
public CipherInputStream getCiInput() {
return ciInput;
}
public Cipher getDecryptCipher() {
return decryptCipher;
}
}
test/com/sun/crypto/provider/CICO/PBEFunc/CipherNCFuncTest.java 0 → 100644
浏览文件 @ f80edefe
/*
* Copyright (c) 2001, 2015, Oracle and/or its affiliates. All rights reserved.
* DO NOT ALTER OR REMOVE COPYRIGHT NOTICES OR THIS FILE HEADER.
*
* This code is free software; you can redistribute it and/or modify it
* under the terms of the GNU General Public License version 2 only, as
* published by the Free Software Foundation.
*
* This code is distributed in the hope that it will be useful, but WITHOUT
* ANY WARRANTY; without even the implied warranty of MERCHANTABILITY or
* FITNESS FOR A PARTICULAR PURPOSE. See the GNU General Public License
* version 2 for more details (a copy is included in the LICENSE file that
* accompanied this code).
*
* You should have received a copy of the GNU General Public License version
* 2 along with this work; if not, write to the Free Software Foundation,
* Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA.
*
* Please contact Oracle, 500 Oracle Parkway, Redwood Shores, CA 94065 USA
* or visit www.oracle.com if you need additional information or have any
* questions.
*/
/*
* @test
* @bug 8048604
* @library ../ /lib/testlibrary
* @summary This test verifies the assertion "There should be no transformation
* on the plaintext/ciphertext in encryption/decryption mechanism" for
* feature "NullCipher".
*/
import javax.crypto.BadPaddingException;
import javax.crypto.Cipher;
import javax.crypto.IllegalBlockSizeException;
import javax.crypto.NullCipher;
import javax.crypto.ShortBufferException;
import jdk.testlibrary.RandomFactory;
public class CipherNCFuncTest {
public static void main(String[] args) throws ShortBufferException,
IllegalBlockSizeException, BadPaddingException {
byte[] plainText = new byte[801];
// Initialization
RandomFactory.getRandom().nextBytes(plainText);
Cipher ci = new NullCipher();
// Encryption
byte[] cipherText = new byte[ci.getOutputSize(plainText.length)];
int offset = ci.update(plainText, 0, plainText.length, cipherText, 0);
ci.doFinal(cipherText, offset);
// Decryption
byte[] recoveredText = new byte[ci.getOutputSize(cipherText.length)];
int len = ci.doFinal(cipherText, 0, cipherText.length, recoveredText);
// Comparison
if (len != plainText.length ||
!TestUtilities.equalsBlock(plainText, cipherText, len) ||
!TestUtilities.equalsBlock(plainText, recoveredText, len)) {
throw new RuntimeException(
"Test failed because plainText not equal to cipherText and revoveredText");
}
}
}
test/com/sun/crypto/provider/CICO/PBEFunc/DefaultPBEWrapper.java 0 → 100644
浏览文件 @ f80edefe
/*
* Copyright (c) 2007, 2015, Oracle and/or its affiliates. All rights reserved.
* DO NOT ALTER OR REMOVE COPYRIGHT NOTICES OR THIS FILE HEADER.
*
* This code is free software; you can redistribute it and/or modify it
* under the terms of the GNU General Public License version 2 only, as
* published by the Free Software Foundation.
*
* This code is distributed in the hope that it will be useful, but WITHOUT
* ANY WARRANTY; without even the implied warranty of MERCHANTABILITY or
* FITNESS FOR A PARTICULAR PURPOSE. See the GNU General Public License
* version 2 for more details (a copy is included in the LICENSE file that
* accompanied this code).
*
* You should have received a copy of the GNU General Public License version
* 2 along with this work; if not, write to the Free Software Foundation,
* Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA.
*
* Please contact Oracle, 500 Oracle Parkway, Redwood Shores, CA 94065 USA
* or visit www.oracle.com if you need additional information or have any
* questions.
*/
import java.security.GeneralSecurityException;
import java.security.Provider;
import java.security.Security;
import javax.crypto.SecretKey;
import javax.crypto.Cipher;
import javax.crypto.SecretKeyFactory;
import javax.crypto.spec.PBEKeySpec;
import javax.crypto.spec.PBEParameterSpec;
/**
* Default wrapper for a password based encryption Cipher.
*/
public class DefaultPBEWrapper extends AbstractPBEWrapper {
/**
* Define default SALT size as 8.
*/
private static final int PBE_SALT_SIZE = 8;
/**
* Default PBE wrapper constructor.
*
* @param algo PGE algorithm to wrap.
* @param passwd password phrase
*/
public DefaultPBEWrapper(PBEAlgorithm algo, String passwd) {
super(algo, passwd, PBE_SALT_SIZE);
}
/**
* Instantiate Cipher for the PBE algorithm.
*
* @param mode Cipher mode: encrypt or decrypt.
* @return Cipher in accordance to the PBE algorithm
* @throws java.security.GeneralSecurityException
*/
@Override
protected Cipher initCipher(int mode) throws GeneralSecurityException {
Provider provider = Security.getProvider("SunJCE");
if (provider == null) {
throw new RuntimeException("SunJCE provider does not exist.");
}
SecretKey key = SecretKeyFactory.getInstance(baseAlgo)
.generateSecret(new PBEKeySpec(password.toCharArray()));
Cipher ci = Cipher.getInstance(transformation, provider);
ci.init(mode, key, new PBEParameterSpec(salt, DEFAULT_ITERATION));
return ci;
}
}
test/com/sun/crypto/provider/CICO/PBEFunc/PBEAlgorithm.java 0 → 100644
浏览文件 @ f80edefe
/*
* Copyright (c) 2007, 2015, Oracle and/or its affiliates. All rights reserved.
* DO NOT ALTER OR REMOVE COPYRIGHT NOTICES OR THIS FILE HEADER.
*
* This code is free software; you can redistribute it and/or modify it
* under the terms of the GNU General Public License version 2 only, as
* published by the Free Software Foundation.
*
* This code is distributed in the hope that it will be useful, but WITHOUT
* ANY WARRANTY; without even the implied warranty of MERCHANTABILITY or
* FITNESS FOR A PARTICULAR PURPOSE. See the GNU General Public License
* version 2 for more details (a copy is included in the LICENSE file that
* accompanied this code).
*
* You should have received a copy of the GNU General Public License version
* 2 along with this work; if not, write to the Free Software Foundation,
* Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA.
*
* Please contact Oracle, 500 Oracle Parkway, Redwood Shores, CA 94065 USA
* or visit www.oracle.com if you need additional information or have any
* questions.
*/
import java.util.StringJoiner;
public enum PBEAlgorithm {
MD5_DES("PBEWithMD5ANDdes", "", "", AbstractPBEWrapper.DEFAULT),
MD5_DES_CBC_PKCS5("PBEWithMD5AndDES", "CBC", "PKCS5Padding",
AbstractPBEWrapper.DEFAULT),
MD5_TRIPLEDES("PBEWithMD5ANDtripledes", "", "", AbstractPBEWrapper.DEFAULT),
MD5_TRIPLEDES_CBC_PKCS5("PBEWithMD5AndTRIPLEDES", "CBC", "PKCS5Padding",
AbstractPBEWrapper.DEFAULT),
SHA1_DESEDE("PBEwithSHA1AndDESede", "", "", AbstractPBEWrapper.DEFAULT),
SHA1_DESEDE_CBC_PKCS5("PBEwithSHA1AndDESede", "CBC", "PKCS5Padding",
AbstractPBEWrapper.DEFAULT),
SHA1_RC2_40("PBEwithSHA1AndRC2_40", "", "", AbstractPBEWrapper.DEFAULT),
SHA1_RC2_40_PKCS5("PBEwithSHA1Andrc2_40", "CBC", "PKCS5Padding",
AbstractPBEWrapper.DEFAULT),
SHA1_RC2_128("PBEWithSHA1AndRC2_128", "", "", AbstractPBEWrapper.DEFAULT),
SHA1_RC2_128_PKCS5("PBEWithSHA1andRC2_128", "CBC", "PKCS5Padding",
AbstractPBEWrapper.DEFAULT),
SHA1_RC4_40("PBEWithSHA1AndRC4_40", "", "", AbstractPBEWrapper.DEFAULT),
SHA1_RC4_40_ECB_NOPADDING("PBEWithsha1AndRC4_40", "ECB", "NoPadding",
AbstractPBEWrapper.DEFAULT),
SHA1_RC4_128("PBEWithSHA1AndRC4_128", "", "", AbstractPBEWrapper.DEFAULT),
SHA1_RC4_128_ECB_NOPADDING("pbeWithSHA1AndRC4_128", "ECB", "NoPadding",
AbstractPBEWrapper.DEFAULT),
HMAC_SHA1_AES_128("PBEWithHmacSHA1AndAES_128", "", "", AbstractPBEWrapper.AES),
HMAC_SHA224_AES_128("PBEWithHmacSHA224AndAES_128", "", "", AbstractPBEWrapper.AES),
HMAC_SHA256_AES_128("PBEWithHmacSHA256AndAES_128", "", "", AbstractPBEWrapper.AES),
HMAC_SHA384_AES_128("PBEWithHmacSHA384AndAES_128", "", "", AbstractPBEWrapper.AES),
HMAC_SHA512_AES_128("PBEWithHmacSHA512AndAES_128", "", "", AbstractPBEWrapper.AES),
HMAC_SHA1_AES_256("PBEWithHmacSHA1AndAES_256", "", "", AbstractPBEWrapper.AES),
HMAC_SHA224_AES_256("PBEWithHmacSHA224AndAES_256", "", "", AbstractPBEWrapper.AES),
HMAC_SHA256_AES_256("PBEWithHmacSHA256AndAES_256", "", "", AbstractPBEWrapper.AES),
HMAC_SHA384_AES_256("PBEWithHmacSHA384AndAES_256", "", "", AbstractPBEWrapper.AES),
HMAC_SHA512_AES_256("PBEWithHmacSHA512AndAES_256", "", "", AbstractPBEWrapper.AES),
PBKDF_HMAC_SHA1("PBKDF2WithHmacSHA1", "", "", AbstractPBEWrapper.PBKDF2),
PBKDF_HMAC_SHA224("PBKDF2WithHmacSHA224", "", "", AbstractPBEWrapper.PBKDF2),
PBKDF_HMAC_SHA256("PBKDF2WithHmacSHA256", "", "", AbstractPBEWrapper.PBKDF2),
PBKDF_HMAC_SHA384("PBKDF2WithHmacSHA384", "", "", AbstractPBEWrapper.PBKDF2),
PBKDF_HMAC_SHA512("PBKDF2WithHmacSHA512", "", "", AbstractPBEWrapper.PBKDF2);
final String baseAlgo;
final String mode;
final String padding;
final String type;
PBEAlgorithm(String alg, String mode, String padding, String type) {
this.baseAlgo = alg;
this.mode = mode;
this.padding = padding;
this.type = type;
}
public String getTransformation() {
StringJoiner sj = new StringJoiner("/");
sj.add(baseAlgo);
if (!mode.equals("")) {
sj.add(this.mode);
}
if (!padding.equals("")) {
sj.add(this.padding);
}
return sj.toString();
}
}
test/com/sun/crypto/provider/CICO/PBEFunc/PBKDF2Wrapper.java 0 → 100644
浏览文件 @ f80edefe
/*
* Copyright (c) 2007, 2015, Oracle and/or its affiliates. All rights reserved.
* DO NOT ALTER OR REMOVE COPYRIGHT NOTICES OR THIS FILE HEADER.
*
* This code is free software; you can redistribute it and/or modify it
* under the terms of the GNU General Public License version 2 only, as
* published by the Free Software Foundation.
*
* This code is distributed in the hope that it will be useful, but WITHOUT
* ANY WARRANTY; without even the implied warranty of MERCHANTABILITY or
* FITNESS FOR A PARTICULAR PURPOSE. See the GNU General Public License
* version 2 for more details (a copy is included in the LICENSE file that
* accompanied this code).
*
* You should have received a copy of the GNU General Public License version
* 2 along with this work; if not, write to the Free Software Foundation,
* Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA.
*
* Please contact Oracle, 500 Oracle Parkway, Redwood Shores, CA 94065 USA
* or visit www.oracle.com if you need additional information or have any
* questions.
*/
import java.security.GeneralSecurityException;
import java.security.Provider;
import java.security.Security;
import javax.crypto.Cipher;
import javax.crypto.SecretKey;
import javax.crypto.SecretKeyFactory;
import javax.crypto.spec.IvParameterSpec;
import javax.crypto.spec.PBEKeySpec;
import javax.crypto.spec.SecretKeySpec;
/**
* Wrapper class to test a given SecretKeyFactory.PBKDF2 algorithm.
*/
public class PBKDF2Wrapper extends AbstractPBEWrapper {
/**
* Default salt size.
*/
public static final int PBKDF2_SALT_SIZE = 64;
/**
* Default key length.
*/
public static final int PKDF2_DEFAULT_KEY_LEN = 128;
/**
* Default transformation.
*/
public static final String CIPHER_TRANSFORMATION = "AES/CBC/PKCS5Padding";
/**
* Algorithm name.
*/
public static final String KEY_ALGORITHM = "AES";
/**
* Initialization vector length.
*/
private static final int IV_LENGTH = 16;
/**
* The buffer with the IV.
*/
private final byte[] iv;
/**
* PBKDF2Wrapper constructor. Instantiate Cipher using
* "AES/CBC/PKCS5Padding" transformation. Generate a secret key using PKDF2
* algorithms given in the "algo" parameter.
*
* @param algo AES-based PBE algorithm.
* @param passwd password phrase.
* @throws GeneralSecurityException all security exceptions are thrown.
*/
public PBKDF2Wrapper(PBEAlgorithm algo, String passwd)
throws GeneralSecurityException {
super(algo, passwd, PBKDF2_SALT_SIZE);
iv = TestUtilities.generateBytes(IV_LENGTH);
}
/**
* Initiate the Cipher object for PBKDF2 algorithm using given "mode".
*
* @param mode Cipher mode: encrypt or decrypt
* @return Cipher object for PBKDF2 algorithm
* @throws GeneralSecurityException all security exceptions are thrown.
*/
@Override
protected Cipher initCipher(int mode) throws GeneralSecurityException {
Provider provider = Security.getProvider("SunJCE");
if (provider == null) {
throw new RuntimeException("SunJCE provider does not exist.");
}
// Generate secret key
PBEKeySpec pbeKeySpec = new PBEKeySpec(password.toCharArray(),
salt, DEFAULT_ITERATION, PKDF2_DEFAULT_KEY_LEN);
SecretKeyFactory keyFactory = SecretKeyFactory.getInstance(baseAlgo);
SecretKey key = keyFactory.generateSecret(pbeKeySpec);
// get Cipher instance
Cipher cipher = Cipher.getInstance(CIPHER_TRANSFORMATION, provider);
cipher.init(mode,
new SecretKeySpec(key.getEncoded(),KEY_ALGORITHM),
new IvParameterSpec(iv));
return cipher;
}
}
test/com/sun/crypto/provider/CICO/ReadModel.java 0 → 100644
浏览文件 @ f80edefe
/*
* Copyright (c) 2007, 2015, Oracle and/or its affiliates. All rights reserved.
* DO NOT ALTER OR REMOVE COPYRIGHT NOTICES OR THIS FILE HEADER.
*
* This code is free software; you can redistribute it and/or modify it
* under the terms of the GNU General Public License version 2 only, as
* published by the Free Software Foundation.
*
* This code is distributed in the hope that it will be useful, but WITHOUT
* ANY WARRANTY; without even the implied warranty of MERCHANTABILITY or
* FITNESS FOR A PARTICULAR PURPOSE. See the GNU General Public License
* version 2 for more details (a copy is included in the LICENSE file that
* accompanied this code).
*
* You should have received a copy of the GNU General Public License version
* 2 along with this work; if not, write to the Free Software Foundation,
* Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA.
*
* Please contact Oracle, 500 Oracle Parkway, Redwood Shores, CA 94065 USA
* or visit www.oracle.com if you need additional information or have any
* questions.
*/
import java.io.IOException;
import javax.crypto.Cipher;
import javax.crypto.CipherInputStream;
import javax.crypto.CipherOutputStream;
/**
* ReadModel provides different way to test
* CipherInputStream.read()/read(byte[])/read(byte[], int, int) and
* CipherOutputStream.write(int)/write(byte[], int, int)/read(byte[]) API
*/
enum ReadModel {
READ_BYTE {
@Override
public void read(CipherInputStream cInput, CipherOutputStream ciOutput,
Cipher ciIn, int inputLen) throws IOException {
int buffer0 = cInput.read();
while (buffer0 != -1) {
ciOutput.write(buffer0);
buffer0 = cInput.read();
}
}
},
READ_BUFFER {
@Override
public void read(CipherInputStream cInput, CipherOutputStream ciOutput,
Cipher ciIn, int inputLen) throws IOException {
byte[] buffer1 = new byte[20];
int len1;
while ((len1 = cInput.read(buffer1)) != -1) {
ciOutput.write(buffer1, 0, len1);
}
}
},
READ_BUFFER_OFFSET {
@Override
public void read(CipherInputStream cInput, CipherOutputStream ciOutput,
Cipher ciIn, int inputLen) throws IOException {
byte[] buffer2 = new byte[ciIn.getOutputSize(inputLen)];
int offset2 = 0;
int len2 = 0;
while (len2 != -1) {
len2 = cInput.read(buffer2, offset2, buffer2.length - offset2);
offset2 += len2;
}
ciOutput.write(buffer2);
}
};
abstract public void read(CipherInputStream cInput,
CipherOutputStream ciOutput, Cipher ciIn, int inputLen)
throws IOException;
}
test/com/sun/crypto/provider/CICO/TestUtilities.java 0 → 100644
浏览文件 @ f80edefe
/*
* Copyright (c) 2007, 2015, Oracle and/or its affiliates. All rights reserved.
* DO NOT ALTER OR REMOVE COPYRIGHT NOTICES OR THIS FILE HEADER.
*
* This code is free software; you can redistribute it and/or modify it
* under the terms of the GNU General Public License version 2 only, as
* published by the Free Software Foundation.
*
* This code is distributed in the hope that it will be useful, but WITHOUT
* ANY WARRANTY; without even the implied warranty of MERCHANTABILITY or
* FITNESS FOR A PARTICULAR PURPOSE. See the GNU General Public License
* version 2 for more details (a copy is included in the LICENSE file that
* accompanied this code).
*
* You should have received a copy of the GNU General Public License version
* 2 along with this work; if not, write to the Free Software Foundation,
* Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA.
*
* Please contact Oracle, 500 Oracle Parkway, Redwood Shores, CA 94065 USA
* or visit www.oracle.com if you need additional information or have any
* questions.
*/
/*
* utility class
*/
public class TestUtilities {
public static boolean equalsBlock(byte[] b1, byte[] b2, int len) {
for (int i = 0; i < len; i++) {
if (b1[i] != b2[i]) {
System.err.println("b1[" + i + "] : " + b1[i]
+ " b2[" + i + "] : " + b2[i]);
return false;
}
}
return true;
}
public static boolean equals(byte[] b1, byte[] b2) {
if (b2.length != b1.length) {
System.err.println("b1.length = " + b1.length
+ " b2.length = " + b2.length );
return false;
}
return equalsBlock(b1, b2, b1.length);
}
/**
* Verify b1's partial part is same as b2. compares b1 and b2 by chopping up
* b1 into blocks of b1BKSize and b2 into blocks of b2BKSize, and then
* compare the first b2BKSize bytes of each block, return true if they equal
* , otherwise return false.
* @param b1 byte array to be compared.
* @param b2 saved byte array.
* @param b1BKSize b1's block size.
* @param b2BKSize b2's block size.
* @return true is same. false otherwise.
*/
public static boolean equalsBlockPartial(byte[] b1, byte[] b2, int b1BKSize,
int b2BKSize) {
int numOfBlock = b1.length / b1BKSize;
for (int b = 0; b < numOfBlock; b++) {
for (int i = 0; i < b2BKSize; i++) {
int j1 = b * b1BKSize + i;
int j2 = b * b2BKSize + i;
if (b1[j1] != b2[j2]) {
System.err.println("Compare failed at b1[" + j1 + "]:" +
b1[j1] + " b2[" + j2 + "]:" + b2[j2]);
return false;
}
}
}
return true;
}
/**
* Generate a byte block by given length. The content of byte block
* is determined by the index.
* @param length length of byte array
* @return a byte array
*/
public static byte[] generateBytes(int length) {
byte[] bytes = new byte[length];
for (int i = 0; i < length; i++) {
bytes[i] = (byte) (i & 0xff);
}
return bytes;
}
}
test/com/sun/crypto/provider/Cipher/AEAD/Encrypt.java 0 → 100644
浏览文件 @ f80edefe
此差异已折叠。
test/com/sun/crypto/provider/Cipher/AEAD/GCMParameterSpecTest.java 0 → 100644
浏览文件 @ f80edefe
/*
* Copyright (c) 2007, 2015, Oracle and/or its affiliates. All rights reserved.
* DO NOT ALTER OR REMOVE COPYRIGHT NOTICES OR THIS FILE HEADER.
*
* This code is free software; you can redistribute it and/or modify it
* under the terms of the GNU General Public License version 2 only, as
* published by the Free Software Foundation.
*
* This code is distributed in the hope that it will be useful, but WITHOUT
* ANY WARRANTY; without even the implied warranty of MERCHANTABILITY or
* FITNESS FOR A PARTICULAR PURPOSE. See the GNU General Public License
* version 2 for more details (a copy is included in the LICENSE file that
* accompanied this code).
*
* You should have received a copy of the GNU General Public License version
* 2 along with this work; if not, write to the Free Software Foundation,
* Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA.
*
* Please contact Oracle, 500 Oracle Parkway, Redwood Shores, CA 94065 USA
* or visit www.oracle.com if you need additional information or have any
* questions.
*/
import java.security.NoSuchAlgorithmException;
import java.security.NoSuchProviderException;
import java.util.Arrays;
import javax.crypto.SecretKey;
import javax.crypto.Cipher;
import javax.crypto.KeyGenerator;
import javax.crypto.spec.GCMParameterSpec;
/*
* @test
* @bug 8048596
* @summary Check if GCMParameterSpec works as expected
*/
public class GCMParameterSpecTest {
private static final int[] IV_LENGTHS = { 96, 8, 1024 };
private static final int[] KEY_LENGTHS = { 128, 192, 256 };
private static final int[] DATA_LENGTHS = { 0, 128, 1024 };
private static final int[] AAD_LENGTHS = { 0, 128, 1024 };
private static final int[] TAG_LENGTHS = { 128, 120, 112, 104, 96 };
private static final int[] OFFSETS = { 0, 2, 5, 99 };
private static final String TRANSFORMATION = "AES/GCM/NoPadding";
private static final String TEMPLATE = "Test:\n tag = %d\n"
+ " IV length = %d\n data length = %d\n"
+ " AAD length = %d\n offset = %d\n keylength = %d\n";
private final byte[] IV;
private final byte[] IVO;
private final byte[] data;
private final byte[] AAD;
private final SecretKey key;
private final int tagLength;
private final int IVlength;
private final int offset;
/**
* Initialize IV, IV with offset, plain text, AAD and SecretKey
*
* @param keyLength length of a secret key
* @param tagLength tag length
* @param IVlength IV length
* @param offset offset in a buffer for IV
* @param textLength plain text length
* @param AADLength AAD length
*/
public GCMParameterSpecTest(int keyLength, int tagLength, int IVlength,
int offset, int textLength, int AADLength)
throws NoSuchAlgorithmException, NoSuchProviderException {
this.tagLength = tagLength; // save tag length
this.IVlength = IVlength; // save IV length
this.offset = offset; // save IV offset
// prepare IV
IV = Helper.generateBytes(IVlength);
// prepare IV with offset
IVO = new byte[this.IVlength + this.offset];
System.arraycopy(IV, 0, IVO, offset, this.IVlength);
// prepare data
data = Helper.generateBytes(textLength);
// prepare AAD
AAD = Helper.generateBytes(AADLength);
// init a secret key
KeyGenerator kg = KeyGenerator.getInstance("AES", "SunJCE");
kg.init(keyLength);
key = kg.generateKey();
}
/*
* Run the test for each key length, tag length, IV length, plain text
* length, AAD length and offset.
*/
public static void main(String[] args) throws Exception {
boolean success = true;
for (int k : KEY_LENGTHS) {
if (k > Cipher.getMaxAllowedKeyLength(TRANSFORMATION)) {
// skip this if this key length is larger than what's
// allowed in the jce jurisdiction policy files
continue;
}
for (int t : TAG_LENGTHS) {
for (int n : IV_LENGTHS) {
for (int p : DATA_LENGTHS) {
for (int a : AAD_LENGTHS) {
for (int o : OFFSETS) {
System.out.printf(TEMPLATE, t, n, p, a, o, k);
success &= new GCMParameterSpecTest(
k, t, n, o, p, a).doTest();
}
}
}
}
}
}
if (!success) {
throw new RuntimeException("At least one test case failed");
}
}
/*
* Run the test:
* - check if result of encryption of plain text is the same
* when parameters constructed with different GCMParameterSpec
* constructors are used
* - check if GCMParameterSpec.getTLen() is equal to actual tag length
* - check if ciphertext has the same length as plaintext
*/
private boolean doTest() throws Exception {
GCMParameterSpec spec1 = new GCMParameterSpec(tagLength, IV);
GCMParameterSpec spec2 = new GCMParameterSpec(tagLength, IVO, offset,
IVlength);
byte[] cipherText1 = getCipherTextBySpec(spec1);
if (cipherText1 == null) {
return false;
}
byte[] cipherText2 = getCipherTextBySpec(spec2);
if (cipherText2 == null) {
return false;
}
if (!Arrays.equals(cipherText1, cipherText2)) {
System.out.println("Cipher texts are different");
return false;
}
if (spec1.getTLen() != spec2.getTLen()) {
System.out.println("Tag lengths are not equal");
return false;
}
byte[] recoveredText1 = recoverCipherText(cipherText1, spec2);
if (recoveredText1 == null) {
return false;
}
byte[] recoveredText2 = recoverCipherText(cipherText2, spec1);
if (recoveredText2 == null) {
return false;
}
if (!Arrays.equals(recoveredText1, recoveredText2)) {
System.out.println("Recovered texts are different");
return false;
}
if (!Arrays.equals(recoveredText1, data)) {
System.out.println("Recovered and original texts are not equal");
return false;
}
return true;
}
/*
* Encrypt a plain text, and check if GCMParameterSpec.getIV()
* is equal to Cipher.getIV()
*/
private byte[] getCipherTextBySpec(GCMParameterSpec spec) throws Exception {
// init a cipher
Cipher cipher = createCipher(Cipher.ENCRYPT_MODE, spec);
cipher.updateAAD(AAD);
byte[] cipherText = cipher.doFinal(data);
// check IVs
if (!Arrays.equals(cipher.getIV(), spec.getIV())) {
System.out.println("IV in parameters is incorrect");
return null;
}
if (spec.getTLen() != (cipherText.length - data.length) * 8) {
System.out.println("Tag length is incorrect");
return null;
}
return cipherText;
}
private byte[] recoverCipherText(byte[] cipherText, GCMParameterSpec spec)
throws Exception {
// init a cipher
Cipher cipher = createCipher(Cipher.DECRYPT_MODE, spec);
// check IVs
if (!Arrays.equals(cipher.getIV(), spec.getIV())) {
System.out.println("IV in parameters is incorrect");
return null;
}
cipher.updateAAD(AAD);
return cipher.doFinal(cipherText);
}
private Cipher createCipher(int mode, GCMParameterSpec spec)
throws Exception {
Cipher cipher = Cipher.getInstance(TRANSFORMATION, "SunJCE");
cipher.init(mode, key, spec);
return cipher;
}
}
test/com/sun/crypto/provider/Cipher/AEAD/Helper.java 0 → 100644
浏览文件 @ f80edefe
/*
* Copyright (c) 2015, Oracle and/or its affiliates. All rights reserved.
* DO NOT ALTER OR REMOVE COPYRIGHT NOTICES OR THIS FILE HEADER.
*
* This code is free software; you can redistribute it and/or modify it
* under the terms of the GNU General Public License version 2 only, as
* published by the Free Software Foundation.
*
* This code is distributed in the hope that it will be useful, but WITHOUT
* ANY WARRANTY; without even the implied warranty of MERCHANTABILITY or
* FITNESS FOR A PARTICULAR PURPOSE. See the GNU General Public License
* version 2 for more details (a copy is included in the LICENSE file that
* accompanied this code).
*
* You should have received a copy of the GNU General Public License version
* 2 along with this work; if not, write to the Free Software Foundation,
* Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA.
*
* Please contact Oracle, 500 Oracle Parkway, Redwood Shores, CA 94065 USA
* or visit www.oracle.com if you need additional information or have any
* questions.
*/
public class Helper {
public static byte[] generateBytes(int length) {
byte[] bytes = new byte[length];
for (int i = 0; i < length; i++) {
bytes[i] = (byte) (i % 256);
}
return bytes;
}
}
test/com/sun/crypto/provider/Cipher/AEAD/KeyWrapper.java 0 → 100644
浏览文件 @ f80edefe
/*
* Copyright (c) 2007, 2015, Oracle and/or its affiliates. All rights reserved.
* DO NOT ALTER OR REMOVE COPYRIGHT NOTICES OR THIS FILE HEADER.
*
* This code is free software; you can redistribute it and/or modify it
* under the terms of the GNU General Public License version 2 only, as
* published by the Free Software Foundation.
*
* This code is distributed in the hope that it will be useful, but WITHOUT
* ANY WARRANTY; without even the implied warranty of MERCHANTABILITY or
* FITNESS FOR A PARTICULAR PURPOSE. See the GNU General Public License
* version 2 for more details (a copy is included in the LICENSE file that
* accompanied this code).
*
* You should have received a copy of the GNU General Public License version
* 2 along with this work; if not, write to the Free Software Foundation,
* Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA.
*
* Please contact Oracle, 500 Oracle Parkway, Redwood Shores, CA 94065 USA
* or visit www.oracle.com if you need additional information or have any
* questions.
*/
import java.security.AlgorithmParameters;
import java.security.Key;
import java.util.Arrays;
import javax.crypto.SecretKey;
import javax.crypto.Cipher;
import javax.crypto.KeyGenerator;
/*
* @test
* @bug 8048596
* @summary Check if a key wrapper works properly with GCM mode
*/
public class KeyWrapper {
static final String AES = "AES";
static final String TRANSFORMATION = "AES/GCM/NoPadding";
static final String PROVIDER = "SunJCE";
static final int KEY_LENGTH = 128;
public static void main(String argv[]) throws Exception {
doTest(PROVIDER, TRANSFORMATION);
}
private static void doTest(String provider, String algo) throws Exception {
SecretKey key;
SecretKey keyToWrap;
// init a secret Key
KeyGenerator kg = KeyGenerator.getInstance(AES, PROVIDER);
kg.init(KEY_LENGTH);
key = kg.generateKey();
keyToWrap = kg.generateKey();
// initialization
Cipher cipher = Cipher.getInstance(algo, provider);
cipher.init(Cipher.WRAP_MODE, key);
AlgorithmParameters params = cipher.getParameters();
// wrap the key
byte[] keyWrapper = cipher.wrap(keyToWrap);
try {
// check if we can't wrap it again with the same key/IV
keyWrapper = cipher.wrap(keyToWrap);
throw new RuntimeException(
"FAILED: expected IllegalStateException hasn't "
+ "been thrown ");
} catch (IllegalStateException ise) {
System.out.println(ise.getMessage());
System.out.println("Expected exception");
}
// unwrap the key
cipher.init(Cipher.UNWRAP_MODE, key, params);
cipher.unwrap(keyWrapper, algo, Cipher.SECRET_KEY);
// check if we can unwrap second time
Key unwrapKey = cipher.unwrap(keyWrapper, algo, Cipher.SECRET_KEY);
if (!Arrays.equals(keyToWrap.getEncoded(), unwrapKey.getEncoded())) {
throw new RuntimeException(
"FAILED: original and unwrapped keys are not equal");
}
}
}
test/com/sun/crypto/provider/Cipher/AEAD/ReadWriteSkip.java 0 → 100644
浏览文件 @ f80edefe
/*
* Copyright (c) 2007, 2015, Oracle and/or its affiliates. All rights reserved.
* DO NOT ALTER OR REMOVE COPYRIGHT NOTICES OR THIS FILE HEADER.
*
* This code is free software; you can redistribute it and/or modify it
* under the terms of the GNU General Public License version 2 only, as
* published by the Free Software Foundation.
*
* This code is distributed in the hope that it will be useful, but WITHOUT
* ANY WARRANTY; without even the implied warranty of MERCHANTABILITY or
* FITNESS FOR A PARTICULAR PURPOSE. See the GNU General Public License
* version 2 for more details (a copy is included in the LICENSE file that
* accompanied this code).
*
* You should have received a copy of the GNU General Public License version
* 2 along with this work; if not, write to the Free Software Foundation,
* Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA.
*
* Please contact Oracle, 500 Oracle Parkway, Redwood Shores, CA 94065 USA
* or visit www.oracle.com if you need additional information or have any
* questions.
*/
import java.io.ByteArrayInputStream;
import java.io.ByteArrayOutputStream;
import java.io.IOException;
import java.security.GeneralSecurityException;
import java.security.NoSuchAlgorithmException;
import java.util.Arrays;
import javax.crypto.Cipher;
import javax.crypto.CipherInputStream;
import javax.crypto.CipherOutputStream;
import javax.crypto.KeyGenerator;
import javax.crypto.SecretKey;
/*
* @test
* @bug 8048596
* @summary Test CICO AEAD read/write/skip operations
*/
public class ReadWriteSkip {
static enum BufferType {
BYTE_ARRAY_BUFFERING, INT_BYTE_BUFFERING
}
static final int KEY_LENGTHS[] = {128, 192, 256};
static final int TXT_LENGTHS[] = {800, 0};
static final int AAD_LENGTHS[] = {0, 100};
static final int BLOCK = 50;
static final int SAVE = 45;
static final int DISCARD = BLOCK - SAVE;
static final String PROVIDER = "SunJCE";
static final String AES = "AES";
static final String GCM = "GCM";
static final String PADDING = "NoPadding";
static final String TRANSFORM = AES + "/" + GCM + "/" + PADDING;
final SecretKey key;
final byte[] plaintext;
final byte[] AAD;
final int textLength;;
final int keyLength;
Cipher encryptCipher;
Cipher decryptCipher;
CipherInputStream ciInput;
public static void main(String[] args) throws Exception {
boolean success = true;
for (int keyLength : KEY_LENGTHS) {
if (keyLength > Cipher.getMaxAllowedKeyLength(TRANSFORM)) {
// skip this if this key length is larger than what's
// configured in the jce jurisdiction policy files
continue;
}
for (int textLength : TXT_LENGTHS) {
for (int AADLength : AAD_LENGTHS) {
System.out.println("Key length = " + keyLength
+ ", text length = " + textLength
+ ", AAD length = " + AADLength);
try {
run(keyLength, textLength, AADLength);
System.out.println("Test case passed");
} catch (Exception e) {
System.out.println("Test case failed: " + e);
success = false;
}
}
}
}
if (!success) {
throw new RuntimeException("At least one test case failed");
}
System.out.println("Test passed");
}
ReadWriteSkip(int keyLength, int textLength, int AADLength)
throws Exception {
this.keyLength = keyLength;
this.textLength = textLength;
// init AAD
this.AAD = Helper.generateBytes(AADLength);
// init a secret Key
KeyGenerator kg = KeyGenerator.getInstance(AES, PROVIDER);
kg.init(this.keyLength);
this.key = kg.generateKey();
this.plaintext = Helper.generateBytes(textLength);
}
final void doTest(BufferType type) throws Exception {
// init ciphers
encryptCipher = createCipher(Cipher.ENCRYPT_MODE);
decryptCipher = createCipher(Cipher.DECRYPT_MODE);
// init cipher input stream
ciInput = new CipherInputStream(new ByteArrayInputStream(plaintext),
encryptCipher);
runTest(type);
}
void runTest(BufferType type) throws Exception {}
private Cipher createCipher(int mode) throws GeneralSecurityException {
Cipher cipher = Cipher.getInstance(TRANSFORM, PROVIDER);
if (mode == Cipher.ENCRYPT_MODE) {
cipher.init(Cipher.ENCRYPT_MODE, key);
} else {
if (encryptCipher != null) {
cipher.init(Cipher.DECRYPT_MODE, key,
encryptCipher.getParameters());
} else {
throw new RuntimeException("Can't create a cipher");
}
}
cipher.updateAAD(AAD);
return cipher;
}
/*
* Run test cases
*/
static void run(int keyLength, int textLength, int AADLength)
throws Exception {
new ReadWriteTest(keyLength, textLength, AADLength)
.doTest(BufferType.BYTE_ARRAY_BUFFERING);
new ReadWriteTest(keyLength, textLength, AADLength)
.doTest(BufferType.INT_BYTE_BUFFERING);
new SkipTest(keyLength, textLength, AADLength)
.doTest(BufferType.BYTE_ARRAY_BUFFERING);
new SkipTest(keyLength, textLength, AADLength)
.doTest(BufferType.INT_BYTE_BUFFERING);
}
static void check(byte[] first, byte[] second) {
if (!Arrays.equals(first, second)) {
throw new RuntimeException("Arrays are not equal");
}
}
/*
* CICO AEAD read/write functional test.
*
* Check if encrypt/decrypt operations work correctly.
*
* Test scenario:
* - initializes plain text
* - for given AEAD algorithm instantiates encrypt and decrypt Ciphers
* - instantiates CipherInputStream with the encrypt Cipher
* - instantiates CipherOutputStream with the decrypt Cipher
* - performs reading from the CipherInputStream (encryption data)
* and writing to the CipherOutputStream (decryption). As a result,
* output of the CipherOutputStream should be equal
* with original plain text
* - check if the original plain text is equal to output
* of the CipherOutputStream
* - if it is equal the test passes, otherwise it fails
*/
static class ReadWriteTest extends ReadWriteSkip {
public ReadWriteTest(int keyLength, int textLength, int AADLength)
throws Exception {
super(keyLength, textLength, AADLength);
}
@Override
public void runTest(BufferType bufType) throws IOException,
GeneralSecurityException {
ByteArrayOutputStream baOutput = new ByteArrayOutputStream();
try (CipherOutputStream ciOutput = new CipherOutputStream(baOutput,
decryptCipher)) {
if (bufType == BufferType.BYTE_ARRAY_BUFFERING) {
doByteTest(ciOutput);
} else {
doIntTest(ciOutput);
}
}
check(plaintext, baOutput.toByteArray());
}
/*
* Implements byte array buffering type test case
*/
public void doByteTest(CipherOutputStream out) throws IOException {
byte[] buffer = Helper.generateBytes(textLength + 1);
int len = ciInput.read(buffer);
while (len != -1) {
out.write(buffer, 0, len);
len = ciInput.read(buffer);
}
}
/*
* Implements integer buffering type test case
*/
public void doIntTest(CipherOutputStream out) throws IOException {
int buffer = ciInput.read();
while (buffer != -1) {
out.write(buffer);
buffer = ciInput.read();
}
}
}
/*
* CICO AEAD SKIP functional test.
*
* Checks if the encrypt/decrypt operations work correctly
* when skip() method is used.
*
* Test scenario:
* - initializes a plain text
* - initializes ciphers
* - initializes cipher streams
* - split plain text to TEXT_SIZE/BLOCK blocks
* - read from CipherInputStream2 one block at time
* - the last DISCARD = BLOCK - SAVE bytes are skipping for each block
* - therefore, plain text data go through CipherInputStream1 (encrypting)
* and CipherInputStream2 (decrypting)
* - as a result, output should equal to the original text
* except DISCART byte for each block
* - check result buffers
*/
static class SkipTest extends ReadWriteSkip {
private final int numberOfBlocks;
private final byte[] outputText;
public SkipTest(int keyLength, int textLength, int AADLength)
throws Exception {
super(keyLength, textLength, AADLength);
numberOfBlocks = this.textLength / BLOCK;
outputText = new byte[numberOfBlocks * SAVE];
}
private void doByteTest(int blockNum, CipherInputStream cis)
throws IOException {
int index = blockNum * SAVE;
int len = cis.read(outputText, index, SAVE);
index += len;
int read = 0;
while (len != SAVE && read != -1) {
read = cis.read(outputText, index, SAVE - len);
len += read;
index += read;
}
}
private void doIntTest(int blockNum, CipherInputStream cis)
throws IOException {
int i = blockNum * SAVE;
for (int j = 0; j < SAVE && i < outputText.length; j++, i++) {
int b = cis.read();
if (b != -1) {
outputText[i] = (byte) b;
}
}
}
@Override
public void runTest(BufferType type) throws IOException,
NoSuchAlgorithmException {
try (CipherInputStream cis = new CipherInputStream(ciInput,
decryptCipher)) {
for (int i = 0; i < numberOfBlocks; i++) {
if (type == BufferType.BYTE_ARRAY_BUFFERING) {
doByteTest(i, cis);
} else {
doIntTest(i, cis);
}
if (cis.available() >= DISCARD) {
cis.skip(DISCARD);
} else {
for (int k = 0; k < DISCARD; k++) {
cis.read();
}
}
}
}
byte[] expectedText = new byte[numberOfBlocks * SAVE];
for (int m = 0; m < numberOfBlocks; m++) {
for (int n = 0; n < SAVE; n++) {
expectedText[m * SAVE + n] = plaintext[m * BLOCK + n];
}
}
check(expectedText, outputText);
}
}
}
test/com/sun/crypto/provider/Cipher/AEAD/SameBuffer.java 0 → 100644
浏览文件 @ f80edefe
/*
* Copyright (c) 2007, 2015, Oracle and/or its affiliates. All rights reserved.
* DO NOT ALTER OR REMOVE COPYRIGHT NOTICES OR THIS FILE HEADER.
*
* This code is free software; you can redistribute it and/or modify it
* under the terms of the GNU General Public License version 2 only, as
* published by the Free Software Foundation.
*
* This code is distributed in the hope that it will be useful, but WITHOUT
* ANY WARRANTY; without even the implied warranty of MERCHANTABILITY or
* FITNESS FOR A PARTICULAR PURPOSE. See the GNU General Public License
* version 2 for more details (a copy is included in the LICENSE file that
* accompanied this code).
*
* You should have received a copy of the GNU General Public License version
* 2 along with this work; if not, write to the Free Software Foundation,
* Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA.
*
* Please contact Oracle, 500 Oracle Parkway, Redwood Shores, CA 94065 USA
* or visit www.oracle.com if you need additional information or have any
* questions.
*/
import java.nio.ByteBuffer;
import java.security.AlgorithmParameters;
import java.security.Provider;
import java.security.Security;
import javax.crypto.SecretKey;
import javax.crypto.Cipher;
import javax.crypto.KeyGenerator;
import javax.crypto.spec.GCMParameterSpec;
/*
* @test
* @bug 8048596
* @summary Check if AEAD operations work correctly when buffers used
* for storing plain text and cipher text are overlapped or the same
*/
public class SameBuffer {
private static final String PROVIDER = "SunJCE";
private static final String AES = "AES";
private static final String GCM = "GCM";
private static final String PADDING = "NoPadding";
private static final int OFFSET = 2;
private static final int OFFSETS = 4;
private static final int KEY_LENGTHS[] = { 128, 192, 256 };
private static final int TEXT_LENGTHS[] = { 0, 1024 };
private static final int AAD_LENGTHS[] = { 0, 1024 };
private final Provider provider;
private final SecretKey key;
private final String transformation;
private final int textLength;
private final int AADLength;
/**
* Constructor of the test
*
* @param provider security provider
* @param keyStrength key length
* @param textLength length of data
* @param AADLength AAD length
*/
public SameBuffer(Provider provider, String algorithm, String mode,
String padding, int keyStrength, int textLength, int AADLength)
throws Exception {
// init a secret key
KeyGenerator kg = KeyGenerator.getInstance(algorithm, provider);
kg.init(keyStrength);
key = kg.generateKey();
this.transformation = algorithm + "/" + mode + "/" + padding;
this.provider = provider;
this.textLength = textLength;
this.AADLength = AADLength;
}
public static void main(String[] args) throws Exception {
Provider p = Security.getProvider(PROVIDER);
for (int keyLength : KEY_LENGTHS) {
for (int textLength : TEXT_LENGTHS) {
for (int AADLength : AAD_LENGTHS) {
for (int i = 0; i < OFFSETS; i++) {
// try different offsets
int offset = i * OFFSET;
runTest(p, AES, GCM, PADDING, keyLength, textLength,
AADLength, offset);
}
}
}
}
}
/*
* Run single test case with given parameters
*/
static void runTest(Provider p, String algo, String mode,
String padding, int keyLength, int textLength, int AADLength,
int offset) throws Exception {
System.out.println("Testing " + keyLength + " key length; "
+ textLength + " text lenght; " + AADLength + " AAD length; "
+ offset + " offset");
if (keyLength > Cipher.getMaxAllowedKeyLength(algo)) {
// skip this if this key length is larger than what's
// configured in the jce jurisdiction policy files
return;
}
SameBuffer test = new SameBuffer(p, algo, mode,
padding, keyLength, textLength, AADLength);
/*
* There are four test cases:
* 1. AAD and text are placed in separated byte arrays
* 2. AAD and text are placed in the same byte array
* 3. AAD and text are placed in separated byte buffers
* 4. AAD and text are placed in the same byte buffer
*/
Cipher ci = test.createCipher(Cipher.ENCRYPT_MODE, null);
AlgorithmParameters params = ci.getParameters();
test.doTestWithSeparateArrays(offset, params);
test.doTestWithSameArrays(offset, params);
test.doTestWithSeparatedBuffer(offset, params);
test.doTestWithSameBuffer(offset, params);
}
/*
* Run the test in case when AAD and text are placed in separated byte
* arrays.
*/
private void doTestWithSeparateArrays(int offset,
AlgorithmParameters params) throws Exception {
// prepare buffers to test
Cipher c = createCipher(Cipher.ENCRYPT_MODE, params);
int outputLength = c.getOutputSize(textLength);
int outputBufSize = outputLength + offset * 2;
byte[] inputText = Helper.generateBytes(outputBufSize);
byte[] AAD = Helper.generateBytes(AADLength);
// do the test
runGCMWithSeparateArray(Cipher.ENCRYPT_MODE, AAD, inputText, offset * 2,
textLength, offset, params);
int tagLength = c.getParameters()
.getParameterSpec(GCMParameterSpec.class).getTLen() / 8;
runGCMWithSeparateArray(Cipher.DECRYPT_MODE, AAD, inputText, offset,
textLength + tagLength, offset, params);
}
/**
* Run the test in case when AAD and text are placed in the same byte
* array.
*/
private void doTestWithSameArrays(int offset, AlgorithmParameters params)
throws Exception {
// prepare buffers to test
Cipher c = createCipher(Cipher.ENCRYPT_MODE, params);
int outputLength = c.getOutputSize(textLength);
int outputBufSize = AADLength + outputLength + offset * 2;
byte[] AAD_and_text = Helper.generateBytes(outputBufSize);
// do the test
runGCMWithSameArray(Cipher.ENCRYPT_MODE, AAD_and_text, AADLength + offset,
textLength, params);
int tagLength = c.getParameters()
.getParameterSpec(GCMParameterSpec.class).getTLen() / 8;
runGCMWithSameArray(Cipher.DECRYPT_MODE, AAD_and_text, AADLength + offset,
textLength + tagLength, params);
}
/*
* Run the test in case when AAD and text are placed in separated ByteBuffer
*/
private void doTestWithSeparatedBuffer(int offset,
AlgorithmParameters params) throws Exception {
// prepare AAD byte buffers to test
byte[] AAD = Helper.generateBytes(AADLength);
ByteBuffer AAD_Buf = ByteBuffer.allocate(AADLength);
AAD_Buf.put(AAD, 0, AAD.length);
AAD_Buf.flip();
// prepare text byte buffer to encrypt/decrypt
Cipher c = createCipher(Cipher.ENCRYPT_MODE, params);
int outputLength = c.getOutputSize(textLength);
int outputBufSize = outputLength + offset;
byte[] inputText = Helper.generateBytes(outputBufSize);
ByteBuffer plainTextBB = ByteBuffer.allocateDirect(inputText.length);
plainTextBB.put(inputText);
plainTextBB.position(offset);
plainTextBB.limit(offset + textLength);
// do test
runGCMWithSeparateBuffers(Cipher.ENCRYPT_MODE, AAD_Buf, plainTextBB, offset,
textLength, params);
int tagLength = c.getParameters()
.getParameterSpec(GCMParameterSpec.class).getTLen() / 8;
plainTextBB.position(offset);
plainTextBB.limit(offset + textLength + tagLength);
runGCMWithSeparateBuffers(Cipher.DECRYPT_MODE, AAD_Buf, plainTextBB, offset,
textLength + tagLength, params);
}
/*
* Run the test in case when AAD and text are placed in the same ByteBuffer
*/
private void doTestWithSameBuffer(int offset, AlgorithmParameters params)
throws Exception {
// calculate output length
Cipher c = createCipher(Cipher.ENCRYPT_MODE, params);
int outputLength = c.getOutputSize(textLength);
// prepare byte buffer contained AAD and plain text
int bufSize = AADLength + offset + outputLength;
byte[] AAD_and_Text = Helper.generateBytes(bufSize);
ByteBuffer AAD_and_Text_Buf = ByteBuffer.allocate(bufSize);
AAD_and_Text_Buf.put(AAD_and_Text, 0, AAD_and_Text.length);
// do test
runGCMWithSameBuffer(Cipher.ENCRYPT_MODE, AAD_and_Text_Buf, offset,
textLength, params);
int tagLength = c.getParameters()
.getParameterSpec(GCMParameterSpec.class).getTLen() / 8;
AAD_and_Text_Buf.limit(AADLength + offset + textLength + tagLength);
runGCMWithSameBuffer(Cipher.DECRYPT_MODE, AAD_and_Text_Buf, offset,
textLength + tagLength, params);
}
/*
* Execute GCM encryption/decryption of a text placed in a byte array.
* AAD is placed in the separated byte array.
* Data are processed twice:
* - in a separately allocated buffer
* - in the text buffer
* Check if two results are equal
*/
private void runGCMWithSeparateArray(int mode, byte[] AAD, byte[] text,
int txtOffset, int lenght, int offset, AlgorithmParameters params)
throws Exception {
// first, generate the cipher text at an allocated buffer
Cipher cipher = createCipher(mode, params);
cipher.updateAAD(AAD);
byte[] outputText = cipher.doFinal(text, txtOffset, lenght);
// new cipher for encrypt operation
Cipher anotherCipher = createCipher(mode, params);
anotherCipher.updateAAD(AAD);
// next, generate cipher text again at the same buffer of plain text
int myoff = offset;
int off = anotherCipher.update(text, txtOffset, lenght, text, myoff);
anotherCipher.doFinal(text, myoff + off);
// check if two resutls are equal
if (!isEqual(text, myoff, outputText, 0, outputText.length)) {
throw new RuntimeException("Two results not equal, mode:" + mode);
}
}
/*
* Execute GCM encrption/decryption of a text. The AAD and text to process
* are placed in the same byte array. Data are processed twice:
* - in a separetly allocated buffer
* - in a buffer that shares content of the AAD_and_Text_BA
* Check if two results are equal
*/
private void runGCMWithSameArray(int mode, byte[] array, int txtOffset,
int length, AlgorithmParameters params) throws Exception {
// first, generate cipher text at an allocated buffer
Cipher cipher = createCipher(mode, params);
cipher.updateAAD(array, 0, AADLength);
byte[] outputText = cipher.doFinal(array, txtOffset, length);
// new cipher for encrypt operation
Cipher anotherCipher = createCipher(mode, params);
anotherCipher.updateAAD(array, 0, AADLength);
// next, generate cipher text again at the same buffer of plain text
int off = anotherCipher.update(array, txtOffset, length,
array, txtOffset);
anotherCipher.doFinal(array, txtOffset + off);
// check if two results are equal or not
if (!isEqual(array, txtOffset, outputText, 0,
outputText.length)) {
throw new RuntimeException(
"Two results are not equal, mode:" + mode);
}
}
/*
* Execute GCM encryption/decryption of textBB. AAD and text to process are
* placed in different byte buffers. Data are processed twice:
* - in a separately allocated buffer
* - in a buffer that shares content of the textBB
* Check if results are equal
*/
private void runGCMWithSeparateBuffers(int mode, ByteBuffer buffer,
ByteBuffer textBB, int txtOffset, int dataLength,
AlgorithmParameters params) throws Exception {
// take offset into account
textBB.position(txtOffset);
textBB.mark();
// first, generate the cipher text at an allocated buffer
Cipher cipher = createCipher(mode, params);
cipher.updateAAD(buffer);
buffer.flip();
ByteBuffer outBB = ByteBuffer.allocateDirect(
cipher.getOutputSize(dataLength));
cipher.doFinal(textBB, outBB);// get cipher text in outBB
outBB.flip();
// restore positions
textBB.reset();
// next, generate cipher text again in a buffer that shares content
Cipher anotherCipher = createCipher(mode, params);
anotherCipher.updateAAD(buffer);
buffer.flip();
ByteBuffer buf2 = textBB.duplicate(); // buf2 shares textBuf context
buf2.limit(txtOffset + anotherCipher.getOutputSize(dataLength));
int dataProcessed2 = anotherCipher.doFinal(textBB, buf2);
buf2.position(txtOffset);
buf2.limit(txtOffset + dataProcessed2);
if (!buf2.equals(outBB)) {
throw new RuntimeException(
"Two results are not equal, mode:" + mode);
}
}
/*
* Execute GCM encryption/decryption of text. AAD and a text to process are
* placed in the same buffer. Data is processed twice:
* - in a separately allocated buffer
* - in a buffer that shares content of the AAD_and_Text_BB
*/
private void runGCMWithSameBuffer(int mode, ByteBuffer buffer,
int txtOffset, int length, AlgorithmParameters params)
throws Exception {
// allocate a separate buffer
Cipher cipher = createCipher(mode, params);
ByteBuffer outBB = ByteBuffer.allocateDirect(
cipher.getOutputSize(length));
// first, generate the cipher text at an allocated buffer
buffer.flip();
buffer.limit(AADLength);
cipher.updateAAD(buffer);
buffer.limit(AADLength + txtOffset + length);
buffer.position(AADLength + txtOffset);
cipher.doFinal(buffer, outBB);
outBB.flip(); // cipher text in outBB
// next, generate cipherText again in the same buffer
Cipher anotherCipher = createCipher(mode, params);
buffer.flip();
buffer.limit(AADLength);
anotherCipher.updateAAD(buffer);
buffer.limit(AADLength + txtOffset + length);
buffer.position(AADLength + txtOffset);
// share textBuf context
ByteBuffer buf2 = buffer.duplicate();
buf2.limit(AADLength + txtOffset + anotherCipher.getOutputSize(length));
int dataProcessed2 = anotherCipher.doFinal(buffer, buf2);
buf2.position(AADLength + txtOffset);
buf2.limit(AADLength + txtOffset + dataProcessed2);
if (!buf2.equals(outBB)) {
throw new RuntimeException(
"Two results are not equal, mode:" + mode);
}
}
private boolean isEqual(byte[] A, int offsetA, byte[] B, int offsetB,
int bytesToCompare) {
System.out.println("offsetA: " + offsetA + " offsetB: " + offsetA
+ " bytesToCompare: " + bytesToCompare);
for (int i = 0; i < bytesToCompare; i++) {
int setA = i + offsetA;
int setB = i + offsetB;
if (setA > A.length - 1 || setB > B.length - 1
|| A[setA] != B[setB]) {
return false;
}
}
return true;
}
/*
* Creates a Cipher object for testing: for encryption it creates new Cipher
* based on previously saved parameters (it is prohibited to use the same
* Cipher twice for encription during GCM mode), or returns initiated
* existing Cipher.
*/
private Cipher createCipher(int mode, AlgorithmParameters params)
throws Exception {
Cipher cipher = Cipher.getInstance(transformation, provider);
if (Cipher.ENCRYPT_MODE == mode) {
// initiate it with the saved parameters
if (params != null) {
cipher.init(Cipher.ENCRYPT_MODE, key, params);
} else {
// intiate the cipher and save parameters
cipher.init(Cipher.ENCRYPT_MODE, key);
}
} else if (cipher != null) {
cipher.init(Cipher.DECRYPT_MODE, key, params);
} else {
throw new RuntimeException("Can't create cipher");
}
return cipher;
}
}
test/com/sun/crypto/provider/Cipher/AEAD/SealedObjectTest.java 0 → 100644
浏览文件 @ f80edefe
/*
* Copyright (c) 2007, 2015, Oracle and/or its affiliates. All rights reserved.
* DO NOT ALTER OR REMOVE COPYRIGHT NOTICES OR THIS FILE HEADER.
*
* This code is free software; you can redistribute it and/or modify it
* under the terms of the GNU General Public License version 2 only, as
* published by the Free Software Foundation.
*
* This code is distributed in the hope that it will be useful, but WITHOUT
* ANY WARRANTY; without even the implied warranty of MERCHANTABILITY or
* FITNESS FOR A PARTICULAR PURPOSE. See the GNU General Public License
* version 2 for more details (a copy is included in the LICENSE file that
* accompanied this code).
*
* You should have received a copy of the GNU General Public License version
* 2 along with this work; if not, write to the Free Software Foundation,
* Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA.
*
* Please contact Oracle, 500 Oracle Parkway, Redwood Shores, CA 94065 USA
* or visit www.oracle.com if you need additional information or have any
* questions.
*/
import java.security.AlgorithmParameters;
import java.util.Arrays;
import javax.crypto.SecretKey;
import javax.crypto.Cipher;
import javax.crypto.KeyGenerator;
import javax.crypto.SealedObject;
/*
* @test
* @bug 8048596
* @summary Check if the seal/unseal feature works properly in AEAD/GCM mode.
*/
public class SealedObjectTest {
private static final String AES = "AES";
private static final String TRANSFORMATION = "AES/GCM/NoPadding";
private static final String PROVIDER = "SunJCE";
private static final int KEY_LENGTH = 128;
public static void main(String[] args) throws Exception {
doTest();
}
/*
* Run the test:
* - init a cipher with AES/GCM/NoPadding transformation
* - seal an object
* - check if we can't seal it again with the same key/IV
* - unseal the object using different methods of SealedObject class
* - check if the original and sealed objects are equal
*/
static void doTest() throws Exception {
// init a secret Key
KeyGenerator kg = KeyGenerator.getInstance(AES, PROVIDER);
kg.init(KEY_LENGTH);
SecretKey key = kg.generateKey();
// initialization
Cipher cipher = Cipher.getInstance(TRANSFORMATION, PROVIDER);
cipher.init(Cipher.ENCRYPT_MODE, key);
AlgorithmParameters params = cipher.getParameters();
// seal an object
SealedObject so = new SealedObject(key, cipher);
try {
// check if we can't seal it again with the same key/IV
so = new SealedObject(key, cipher);
throw new RuntimeException(
"FAILED: expected IllegalStateException hasn't "
+ "been thrown");
} catch (IllegalStateException ise) {
System.out.println("Expected exception when seal it again with"
+ " the same key/IV: " + ise);
}
// unseal the object using getObject(Cipher) and compare
cipher.init(Cipher.DECRYPT_MODE, key, params);
SecretKey unsealedKey = (SecretKey) so.getObject(cipher);
assertKeysSame(unsealedKey, key, "SealedObject.getObject(Cipher)");
// unseal the object using getObject(Key) and compare
unsealedKey = (SecretKey) so.getObject(key);
assertKeysSame(unsealedKey, key, "SealedObject.getObject(Key)");
// unseal the object using getObject(Key, String) and compare
unsealedKey = (SecretKey) so.getObject(key, PROVIDER);
assertKeysSame(unsealedKey, key,
"SealedObject.getObject(Key, String)");
}
/**
* Compare two SecretKey objects.
*
* @param key1 first key
* @param key2 second key
* @param meth method that was used for unsealing the SecretKey object
* @return true if key1 and key2 are the same, false otherwise.
*/
static void assertKeysSame(SecretKey key1, SecretKey key2, String meth) {
if (!Arrays.equals(key1.getEncoded(), key2.getEncoded())) {
throw new RuntimeException(
"FAILED: original and unsealed objects aren't the same for "
+ meth);
}
}
}
test/com/sun/crypto/provider/Cipher/AEAD/WrongAAD.java 0 → 100644
浏览文件 @ f80edefe
/*
* Copyright (c) 2007, 2015, Oracle and/or its affiliates. All rights reserved.
* DO NOT ALTER OR REMOVE COPYRIGHT NOTICES OR THIS FILE HEADER.
*
* This code is free software; you can redistribute it and/or modify it
* under the terms of the GNU General Public License version 2 only, as
* published by the Free Software Foundation.
*
* This code is distributed in the hope that it will be useful, but WITHOUT
* ANY WARRANTY; without even the implied warranty of MERCHANTABILITY or
* FITNESS FOR A PARTICULAR PURPOSE. See the GNU General Public License
* version 2 for more details (a copy is included in the LICENSE file that
* accompanied this code).
*
* You should have received a copy of the GNU General Public License version
* 2 along with this work; if not, write to the Free Software Foundation,
* Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA.
*
* Please contact Oracle, 500 Oracle Parkway, Redwood Shores, CA 94065 USA
* or visit www.oracle.com if you need additional information or have any
* questions.
*/
import java.io.ByteArrayInputStream;
import java.io.ByteArrayOutputStream;
import java.io.IOException;
import java.security.AlgorithmParameters;
import java.security.InvalidAlgorithmParameterException;
import java.security.InvalidKeyException;
import java.security.NoSuchAlgorithmException;
import java.security.NoSuchProviderException;
import java.util.Arrays;
import javax.crypto.CipherInputStream;
import javax.crypto.CipherOutputStream;
import javax.crypto.NoSuchPaddingException;
import javax.crypto.SecretKey;
import javax.crypto.Cipher;
import javax.crypto.KeyGenerator;
/*
* @test
* @bug 8048596
* @summary Check if wrong or empty AAD is rejected
*/
public class WrongAAD {
private static final String PROVIDER = "SunJCE";
private static final String TRANSFORMATION = "AES/GCM/NoPadding";
private static final int TEXT_SIZE = 800;
private static final int KEY_SIZE = 128;
private static final int AAD_SIZE = 128;
private final SecretKey key;
private final byte[] plainText;
private final Cipher encryptCipher;
public WrongAAD() throws Exception {
// init a secret key
KeyGenerator kg = KeyGenerator.getInstance("AES", PROVIDER);
kg.init(KEY_SIZE);
key = kg.generateKey();
// generate a plain text
plainText = Helper.generateBytes(TEXT_SIZE);
// init AADs
byte[] AAD = Helper.generateBytes(AAD_SIZE);
// init a cipher
encryptCipher = createCipher(Cipher.ENCRYPT_MODE, null);
encryptCipher.updateAAD(AAD);
}
public static void main(String[] args) throws Exception {
WrongAAD test = new WrongAAD();
test.decryptWithEmptyAAD();
test.decryptWithWrongAAD();
}
/*
* Attempt to decrypt a cipher text using Cipher object
* initialized without AAD used for encryption.
*/
private void decryptWithEmptyAAD() throws Exception {
System.out.println("decryptWithEmptyAAD() started");
// initialize it with empty AAD to get exception during decryption
Cipher decryptCipher = createCipher(Cipher.DECRYPT_MODE,
encryptCipher.getParameters());
try (ByteArrayOutputStream baOutput = new ByteArrayOutputStream();
CipherOutputStream ciOutput = new CipherOutputStream(baOutput,
decryptCipher)) {
if (decrypt(ciOutput, baOutput)) {
throw new RuntimeException(
"Decryption has been perfomed successfully in"
+ " spite of the decrypt Cipher has NOT been"
+ " initialized with AAD");
}
}
System.out.println("decryptWithEmptyAAD() passed");
}
/*
* Attempt to decrypt the cipher text using Cipher object
* initialized with some fake AAD.
*/
private void decryptWithWrongAAD() throws Exception {
System.out.println("decrypt with wrong AAD");
// initialize it with wrong AAD to get an exception during decryption
Cipher decryptCipher = createCipher(Cipher.DECRYPT_MODE,
encryptCipher.getParameters());
byte[] someAAD = Helper.generateBytes(AAD_SIZE + 1);
decryptCipher.updateAAD(someAAD);
// init output stream
try (ByteArrayOutputStream baOutput = new ByteArrayOutputStream();
CipherOutputStream ciOutput = new CipherOutputStream(baOutput,
decryptCipher);) {
if (decrypt(ciOutput, baOutput)) {
throw new RuntimeException(
"A decryption has been perfomed successfully in"
+ " spite of the decrypt Cipher has been"
+ " initialized with fake AAD");
}
}
System.out.println("Passed");
}
private boolean decrypt(CipherOutputStream ciOutput,
ByteArrayOutputStream baOutput) throws IOException {
try (ByteArrayInputStream baInput = new ByteArrayInputStream(plainText);
CipherInputStream ciInput = new CipherInputStream(baInput,
encryptCipher)) {
byte[] buffer = new byte[TEXT_SIZE];
int len = ciInput.read(buffer);
while (len != -1) {
ciOutput.write(buffer, 0, len);
len = ciInput.read(buffer);
}
ciOutput.flush();
byte[] recoveredText = baOutput.toByteArray();
System.out.println("recoveredText: " + new String(recoveredText));
/*
* See bug 8012900, AEADBadTagException is swalloed by CI/CO streams
* If recovered text is empty, than decryption failed
*/
if (recoveredText.length == 0) {
return false;
}
return Arrays.equals(plainText, recoveredText);
} catch (IllegalStateException e) {
System.out.println("Expected IllegalStateException: "
+ e.getMessage());
e.printStackTrace(System.out);
return false;
}
}
private Cipher createCipher(int mode, AlgorithmParameters params)
throws NoSuchAlgorithmException, NoSuchProviderException,
NoSuchPaddingException, InvalidKeyException,
InvalidAlgorithmParameterException {
Cipher cipher = Cipher.getInstance(TRANSFORMATION, PROVIDER);
if (params != null) {
cipher.init(mode, key, params);
} else {
cipher.init(mode, key);
}
return cipher;
}
}
test/com/sun/crypto/provider/Cipher/DES/TextPKCS5PaddingTest.java 0 → 100644
浏览文件 @ f80edefe
/*
* Copyright (c) 2001, 2015, Oracle and/or its affiliates. All rights reserved.
* DO NOT ALTER OR REMOVE COPYRIGHT NOTICES OR THIS FILE HEADER.
*
* This code is free software; you can redistribute it and/or modify it
* under the terms of the GNU General Public License version 2 only, as
* published by the Free Software Foundation.
*
* This code is distributed in the hope that it will be useful, but WITHOUT
* ANY WARRANTY; without even the implied warranty of MERCHANTABILITY or
* FITNESS FOR A PARTICULAR PURPOSE. See the GNU General Public License
* version 2 for more details (a copy is included in the LICENSE file that
* accompanied this code).
*
* You should have received a copy of the GNU General Public License version
* 2 along with this work; if not, write to the Free Software Foundation,
* Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA.
*
* Please contact Oracle, 500 Oracle Parkway, Redwood Shores, CA 94065 USA
* or visit www.oracle.com if you need additional information or have any
* questions.
*/
/*
* @test
* @bug 8048604
* @summary This test checks boundary conditions for testing
* ShortBufferException.
*/
import static java.lang.System.out;
import java.security.AlgorithmParameters;
import java.security.Provider;
import java.security.Security;
import javax.crypto.BadPaddingException;
import javax.crypto.Cipher;
import javax.crypto.KeyGenerator;
import javax.crypto.SecretKey;
public class TextPKCS5PaddingTest {
/**
* Test plain text.
*/
private static final byte[] PLAIN_TEXT = {
0b10001, 0b10001, 0b10001, 0b10001,
0b10001, 0b10001, 0b11, 0b11
};
public static void main(String[] args) throws Exception {
Provider provider = Security.getProvider("SunJCE");
if (provider == null) {
throw new RuntimeException("SunJCE provider not exist");
}
// generate no-padding cipher with secret key
Cipher c = Cipher.getInstance("DES/CBC/NoPadding", provider);
KeyGenerator kgen = KeyGenerator.getInstance("DES", provider);
SecretKey skey = kgen.generateKey();
// this is the improperly padded plaintext
c.init(Cipher.ENCRYPT_MODE, skey);
// encrypt plaintext
byte[] cipher = c.doFinal(PLAIN_TEXT);
AlgorithmParameters params = c.getParameters();
// generate cipher that enforces PKCS5 padding
c = Cipher.getInstance("DES/CBC/PKCS5Padding", provider);
c.init(Cipher.DECRYPT_MODE, skey, params);
try {
c.doFinal(cipher);
throw new RuntimeException(
"ERROR: Expected BadPaddingException not thrown");
} catch (BadPaddingException expected) {
out.println("Expected BadPaddingException thrown");
}
}
}
test/com/sun/crypto/provider/Cipher/JCE/Bugs/4686632/Empty.java 0 → 100644
浏览文件 @ f80edefe
/*
* Copyright (c) 2007, 2015, Oracle and/or its affiliates. All rights reserved.
* DO NOT ALTER OR REMOVE COPYRIGHT NOTICES OR THIS FILE HEADER.
*
* This code is free software; you can redistribute it and/or modify it
* under the terms of the GNU General Public License version 2 only, as
* published by the Free Software Foundation.
*
* This code is distributed in the hope that it will be useful, but WITHOUT
* ANY WARRANTY; without even the implied warranty of MERCHANTABILITY or
* FITNESS FOR A PARTICULAR PURPOSE. See the GNU General Public License
* version 2 for more details (a copy is included in the LICENSE file that
* accompanied this code).
*
* You should have received a copy of the GNU General Public License version
* 2 along with this work; if not, write to the Free Software Foundation,
* Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA.
*
* Please contact Oracle, 500 Oracle Parkway, Redwood Shores, CA 94065 USA
* or visit www.oracle.com if you need additional information or have any
* questions.
*/
import java.lang.String;
import javax.crypto.SecretKey;
import javax.crypto.Cipher;
import javax.crypto.spec.SecretKeySpec;
import static java.lang.System.out;
/*
* @test
* @bug 4686632 8048610
* @summary To verify Cipher.init will throw InvalidKeyException with
* Non-empty message when create SecretKeySpec with invalid DES key
* @author Kevin Liu
*/
public class Empty {
public static void main(String[] args) throws Exception {
try {
byte master[] = {
0, 1, 2, 3, 4
};
SecretKey key = new SecretKeySpec(master, "DES");
Cipher cipher = Cipher.getInstance("DES/ECB/PKCS5Padding");
cipher.init(Cipher.ENCRYPT_MODE, key);
throw new RuntimeException("InvalidKeyException not thrown");
} catch (java.security.InvalidKeyException ike) {
ike.printStackTrace();
if (ike.getMessage() != null) {
out.println("Status -- Passed");
} else {
throw new RuntimeException("Error message is not expected when"
+ " InvalidKeyException is thrown");
}
}
}
}
test/com/sun/crypto/provider/KeyAgreement/SameDHKeyStressTest.java 0 → 100644
浏览文件 @ f80edefe
/*
* Copyright (c) 1999, 2014, Oracle and/or its affiliates. All rights reserved.
* DO NOT ALTER OR REMOVE COPYRIGHT NOTICES OR THIS FILE HEADER.
*
* This code is free software; you can redistribute it and/or modify it
* under the terms of the GNU General Public License version 2 only, as
* published by the Free Software Foundation.
*
* This code is distributed in the hope that it will be useful, but WITHOUT
* ANY WARRANTY; without even the implied warranty of MERCHANTABILITY or
* FITNESS FOR A PARTICULAR PURPOSE. See the GNU General Public License
* version 2 for more details (a copy is included in the LICENSE file that
* accompanied this code).
*
* You should have received a copy of the GNU General Public License version
* 2 along with this work; if not, write to the Free Software Foundation,
* Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA.
*
* Please contact Oracle, 500 Oracle Parkway, Redwood Shores, CA 94065 USA
* or visit www.oracle.com if you need additional information or have any
* questions.
*/
/*
* @test
* @bug 8048819
* @summary This test stressful verifies the assertion of "The secret keys generated
* by all involved parties should be the same." for javax.crypto.KeyAgreement
* @run main SameDHKeyStressTest
*/
import java.security.AlgorithmParameterGenerator;
import java.security.InvalidAlgorithmParameterException;
import java.security.InvalidKeyException;
import java.security.Key;
import java.security.KeyPair;
import java.security.KeyPairGenerator;
import java.security.NoSuchAlgorithmException;
import java.security.NoSuchProviderException;
import java.security.spec.AlgorithmParameterSpec;
import java.util.Arrays;
import javax.crypto.KeyAgreement;
import javax.crypto.SecretKey;
import javax.crypto.spec.DHGenParameterSpec;
import javax.crypto.spec.DHParameterSpec;
public class SameDHKeyStressTest {
static final String[] ALGORITHMS = {"DH", "DiffieHellman", "dh", "diffieHELLMAN"};
static final String[] SECRET_ALOGRITHMS = {"DES", "DESede", "blowfish"};
static final int[] NUMBER_OF_PARTIES = {2, 3, 4};
static final String[] PA_NAMES = {"Alice", "Bob", "Carol", "David"};
public static void main(String args[]) {
int failedCnt = 0;
StringBuilder failedList = new StringBuilder("Failed List:");
for (String algorithm : ALGORITHMS) {
for (int numOfParties : NUMBER_OF_PARTIES) {
for (String secretAlgorithm : SECRET_ALOGRITHMS) {
if (!runTest(algorithm, numOfParties, secretAlgorithm)) {
failedCnt++;
failedList.append("\n Altorightm = ").append(algorithm).
append(" Number of Parties = ").append(numOfParties).
append(" Secret Algorithm = ").append(secretAlgorithm);
}
}
}
} //end of for loop
if (failedCnt > 0) {
System.out.println(failedList);
throw new RuntimeException("SameDHKeyStressTest Failed");
}
}
public static boolean runTest(String algo, int numParties, String secretAlgo) {
KAParticipant[] parties = new KAParticipant[numParties];
Key[] keyArchives = new Key[numParties];
try {
// generate AlogirhtmParameterSpec
AlgorithmParameterGenerator apg = AlgorithmParameterGenerator.getInstance("DH","SunJCE");
AlgorithmParameterSpec aps = new DHGenParameterSpec(512, 64);
apg.init(aps);
DHParameterSpec spec = apg.generateParameters().
getParameterSpec(DHParameterSpec.class);
//initilize all KeyAgreement participants
for (int i = 0; i < numParties; i++) {
parties[i] = new KAParticipant(PA_NAMES[i], algo);
parties[i].initialize(spec);
keyArchives[i] = parties[i].getPublicKey();
}
// Do all phases in the KeyAgreement for all participants
Key[] keyBuffer = new Key[numParties];
boolean lastPhase = false;
for (int j = 0; j < numParties - 1; j++) {
if (j == numParties - 2) {
lastPhase = true;
}
for (int k = 0; k < numParties; k++) {
if (k == numParties - 1) {
keyBuffer[k] = parties[k].doPhase(keyArchives[0], lastPhase);
} else {
keyBuffer[k] = parties[k].doPhase(keyArchives[k + 1], lastPhase);
}
}
System.arraycopy(keyBuffer, 0, keyArchives, 0, numParties);
}
//Comparison: The secret keys generated by all involved parties should be the same
SecretKey[] sKeys = new SecretKey[numParties];
for (int n = 0; n < numParties; n++) {
sKeys[n] = parties[n].generateSecret(secretAlgo);
}
for (int q = 0; q < numParties - 1; q++) {
if (!Arrays.equals(sKeys[q].getEncoded(), sKeys[q + 1].getEncoded())) {
return false;
}
}
return true;
} catch (Exception ex) {
ex.printStackTrace();
return false;
}
}
}
class KAParticipant {
private String name = null;
private String algorithm = null;
private KeyPairGenerator keyGen = null;
private KeyPair keys = null;
private KeyAgreement ka = null;
public KAParticipant(String pName, String algo) throws NoSuchAlgorithmException, NoSuchProviderException {
name = pName;
algorithm = algo;
keyGen = KeyPairGenerator.getInstance(algo,"SunJCE");
ka = KeyAgreement.getInstance(algo,"SunJCE");
}
public void initialize(AlgorithmParameterSpec spec) throws InvalidAlgorithmParameterException, InvalidKeyException {
keyGen.initialize(spec);
keys = keyGen.generateKeyPair();
ka.init(keys.getPrivate());
}
public Key doPhase(Key key, boolean lastPhase) throws InvalidKeyException {
return ka.doPhase(key, lastPhase);
}
public Key getPublicKey() {
return keys.getPublic();
}
public byte[] generateSecret() {
return ka.generateSecret();
}
public SecretKey generateSecret(String algo) throws java.lang.IllegalStateException,
java.security.NoSuchAlgorithmException,
java.security.InvalidKeyException {
return ka.generateSecret(algo);
}
}
test/com/sun/crypto/provider/NSASuiteB/TestAESOids.java 0 → 100644
浏览文件 @ f80edefe
/*
* Copyright (c) 2015, Oracle and/or its affiliates. All rights reserved.
* DO NOT ALTER OR REMOVE COPYRIGHT NOTICES OR THIS FILE HEADER.
*
* This code is free software; you can redistribute it and/or modify it
* under the terms of the GNU General Public License version 2 only, as
* published by the Free Software Foundation.
*
* This code is distributed in the hope that it will be useful, but WITHOUT
* ANY WARRANTY; without even the implied warranty of MERCHANTABILITY or
* FITNESS FOR A PARTICULAR PURPOSE. See the GNU General Public License
* version 2 for more details (a copy is included in the LICENSE file that
* accompanied this code).
*
* You should have received a copy of the GNU General Public License version
* 2 along with this work; if not, write to the Free Software Foundation,
* Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA.
*
* Please contact Oracle, 500 Oracle Parkway, Redwood Shores, CA 94065 USA
* or visit www.oracle.com if you need additional information or have any
* questions.
*/
import static javax.crypto.Cipher.ENCRYPT_MODE;
import static javax.crypto.Cipher.getMaxAllowedKeyLength;
import java.security.InvalidAlgorithmParameterException;
import java.security.InvalidKeyException;
import java.security.NoSuchAlgorithmException;
import java.security.NoSuchProviderException;
import java.security.spec.AlgorithmParameterSpec;
import java.util.Arrays;
import java.util.List;
import javax.crypto.BadPaddingException;
import javax.crypto.Cipher;
import javax.crypto.IllegalBlockSizeException;
import javax.crypto.KeyGenerator;
import javax.crypto.NoSuchPaddingException;
import javax.crypto.SecretKey;
import javax.crypto.ShortBufferException;
import javax.crypto.spec.IvParameterSpec;
/*
* @test
* @bug 8075286
* @summary Test the AES algorithm OIDs in JDK.
* OID and Algorithm transformation string should match.
* Both could be able to be used to generate the algorithm instance.
* @run main TestAESOids
*/
public class TestAESOids {
private static final String PROVIDER_NAME = "SunJCE";
private static final byte[] INPUT = "1234567890123456".getBytes();
private static final List<DataTuple> DATA = Arrays.asList(
new DataTuple("2.16.840.1.101.3.4.1.1", "AES_128/ECB/NoPadding",
128, "ECB"),
new DataTuple("2.16.840.1.101.3.4.1.2", "AES_128/CBC/NoPadding",
128, "CBC"),
new DataTuple("2.16.840.1.101.3.4.1.3", "AES_128/OFB/NoPadding",
128, "OFB"),
new DataTuple("2.16.840.1.101.3.4.1.4", "AES_128/CFB/NoPadding",
128, "CFB"),
new DataTuple("2.16.840.1.101.3.4.1.21", "AES_192/ECB/NoPadding",
192, "ECB"),
new DataTuple("2.16.840.1.101.3.4.1.22", "AES_192/CBC/NoPadding",
192, "CBC"),
new DataTuple("2.16.840.1.101.3.4.1.23", "AES_192/OFB/NoPadding",
192, "OFB"),
new DataTuple("2.16.840.1.101.3.4.1.24", "AES_192/CFB/NoPadding",
192, "CFB"),
new DataTuple("2.16.840.1.101.3.4.1.41", "AES_256/ECB/NoPadding",
256, "ECB"),
new DataTuple("2.16.840.1.101.3.4.1.42", "AES_256/CBC/NoPadding",
256, "CBC"),
new DataTuple("2.16.840.1.101.3.4.1.43", "AES_256/OFB/NoPadding",
256, "OFB"),
new DataTuple("2.16.840.1.101.3.4.1.44", "AES_256/CFB/NoPadding",
256, "CFB"));
public static void main(String[] args) throws Exception {
for (DataTuple dataTuple : DATA) {
int maxAllowedKeyLength =
getMaxAllowedKeyLength(dataTuple.algorithm);
boolean supportedKeyLength =
maxAllowedKeyLength >= dataTuple.keyLength;
try {
runTest(dataTuple, supportedKeyLength);
System.out.println("passed");
} catch (InvalidKeyException ike) {
if (supportedKeyLength) {
throw new RuntimeException(String.format(
"The key length %d is supported, but test failed.",
dataTuple.keyLength), ike);
} else {
System.out.printf(
"Catch expected InvalidKeyException due "
+ "to the key length %d is greater than "
+ "max supported key length %d%n",
dataTuple.keyLength, maxAllowedKeyLength);
}
}
}
}
private static void runTest(DataTuple dataTuple,
boolean supportedKeyLength) throws NoSuchAlgorithmException,
NoSuchProviderException, NoSuchPaddingException,
InvalidKeyException, ShortBufferException,
IllegalBlockSizeException, BadPaddingException,
InvalidAlgorithmParameterException {
Cipher algorithmCipher = Cipher.getInstance(dataTuple.algorithm,
PROVIDER_NAME);
Cipher oidCipher = Cipher.getInstance(dataTuple.oid, PROVIDER_NAME);
if (algorithmCipher == null) {
throw new RuntimeException(
String.format("Test failed: algorithm string %s getInstance"
+ " failed.%n", dataTuple.algorithm));
}
if (oidCipher == null) {
throw new RuntimeException(
String.format("Test failed: OID %s getInstance failed.%n",
dataTuple.oid));
}
if (!algorithmCipher.getAlgorithm().equals(dataTuple.algorithm)) {
throw new RuntimeException(String.format(
"Test failed: algorithm string %s getInstance "
+ "doesn't generate expected algorithm.%n",
dataTuple.algorithm));
}
KeyGenerator kg = KeyGenerator.getInstance("AES");
kg.init(dataTuple.keyLength);
SecretKey key = kg.generateKey();
// encrypt
algorithmCipher.init(ENCRYPT_MODE, key);
if (!supportedKeyLength) {
throw new RuntimeException(String.format(
"The key length %d is not supported, so the initialization "
+ "of algorithmCipher should fail.%n",
dataTuple.keyLength));
}
byte[] cipherText = new byte[algorithmCipher.getOutputSize(INPUT.length)];
int offset = algorithmCipher.update(INPUT, 0, INPUT.length,
cipherText, 0);
algorithmCipher.doFinal(cipherText, offset);
AlgorithmParameterSpec aps = null;
if (!dataTuple.mode.equalsIgnoreCase("ECB")) {
aps = new IvParameterSpec(algorithmCipher.getIV());
}
oidCipher.init(Cipher.DECRYPT_MODE, key, aps);
if (!supportedKeyLength) {
throw new RuntimeException(String.format(
"The key length %d is not supported, so the "
+ "initialization of oidCipher should fail.%n",
dataTuple.keyLength));
}
byte[] recoveredText = new byte[oidCipher.getOutputSize(cipherText.length)];
oidCipher.doFinal(cipherText, 0, cipherText.length, recoveredText);
// Comparison
if (!Arrays.equals(INPUT, recoveredText)) {
throw new RuntimeException(
"Decrypted data is not the same as the original text");
}
}
private static class DataTuple {
private final String oid;
private final String algorithm;
private final int keyLength;
private final String mode;
private DataTuple(String oid, String algorithm, int keyLength,
String mode) {
this.oid = oid;
this.algorithm = algorithm;
this.keyLength = keyLength;
this.mode = mode;
}
}
}
test/com/sun/crypto/provider/NSASuiteB/TestAESWrapOids.java 0 → 100644
浏览文件 @ f80edefe
/*
* Copyright (c) 2015, Oracle and/or its affiliates. All rights reserved.
* DO NOT ALTER OR REMOVE COPYRIGHT NOTICES OR THIS FILE HEADER.
*
* This code is free software; you can redistribute it and/or modify it
* under the terms of the GNU General Public License version 2 only, as
* published by the Free Software Foundation.
*
* This code is distributed in the hope that it will be useful, but WITHOUT
* ANY WARRANTY; without even the implied warranty of MERCHANTABILITY or
* FITNESS FOR A PARTICULAR PURPOSE. See the GNU General Public License
* version 2 for more details (a copy is included in the LICENSE file that
* accompanied this code).
*
* You should have received a copy of the GNU General Public License version
* 2 along with this work; if not, write to the Free Software Foundation,
* Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA.
*
* Please contact Oracle, 500 Oracle Parkway, Redwood Shores, CA 94065 USA
* or visit www.oracle.com if you need additional information or have any
* questions.
*/
import static javax.crypto.Cipher.getMaxAllowedKeyLength;
import java.security.InvalidKeyException;
import java.security.Key;
import java.security.NoSuchAlgorithmException;
import java.security.NoSuchProviderException;
import java.util.Arrays;
import java.util.List;
import javax.crypto.Cipher;
import javax.crypto.IllegalBlockSizeException;
import javax.crypto.KeyGenerator;
import javax.crypto.NoSuchPaddingException;
import javax.crypto.SecretKey;
/*
* @test
* @bug 8075286
* @summary Test the AESWrap algorithm OIDs in JDK.
* OID and Algorithm transformation string should match.
* Both could be able to be used to generate the algorithm instance.
* @run main TestAESWrapOids
*/
public class TestAESWrapOids {
private static final String PROVIDER_NAME = "SunJCE";
private static final List<DataTuple> DATA = Arrays.asList(
new DataTuple("2.16.840.1.101.3.4.1.5", "AESWrap_128", 128),
new DataTuple("2.16.840.1.101.3.4.1.25", "AESWrap_192", 192),
new DataTuple("2.16.840.1.101.3.4.1.45", "AESWrap_256", 256));
public static void main(String[] args) throws Exception {
for (DataTuple dataTuple : DATA) {
int maxAllowedKeyLength = getMaxAllowedKeyLength(
dataTuple.algorithm);
boolean supportedKeyLength =
maxAllowedKeyLength >= dataTuple.keyLength;
try {
runTest(dataTuple, supportedKeyLength);
System.out.println("passed");
} catch (InvalidKeyException ike) {
if (supportedKeyLength) {
throw new RuntimeException(String.format(
"The key length %d is supported, but test failed.",
dataTuple.keyLength), ike);
} else {
System.out.printf(
"Catch expected InvalidKeyException "
+ "due to the key length %d is greater "
+ "than max supported key length %d%n",
dataTuple.keyLength, maxAllowedKeyLength);
}
}
}
}
private static void runTest(DataTuple dataTuple, boolean supportedKeyLength)
throws NoSuchAlgorithmException, NoSuchProviderException,
NoSuchPaddingException, InvalidKeyException,
IllegalBlockSizeException {
Cipher algorithmCipher = Cipher.getInstance(
dataTuple.algorithm, PROVIDER_NAME);
Cipher oidCipher = Cipher.getInstance(dataTuple.oid, PROVIDER_NAME);
if (algorithmCipher == null) {
throw new RuntimeException(String.format(
"Test failed: algorithm string %s getInstance failed.%n",
dataTuple.algorithm));
}
if (oidCipher == null) {
throw new RuntimeException(
String.format("Test failed: OID %s getInstance failed.%n",
dataTuple.oid));
}
if (!algorithmCipher.getAlgorithm().equals(
dataTuple.algorithm)) {
throw new RuntimeException(String.format(
"Test failed: algorithm string %s getInstance "
+ "doesn't generate expected algorithm.%n",
dataTuple.oid));
}
KeyGenerator kg = KeyGenerator.getInstance("AES");
kg.init(dataTuple.keyLength);
SecretKey key = kg.generateKey();
// Wrap the key
algorithmCipher.init(Cipher.WRAP_MODE, key);
if (!supportedKeyLength) {
throw new RuntimeException(String.format(
"The key length %d is not supported, so the initialization"
+ " of algorithmCipher should fail.%n",
dataTuple.keyLength));
}
// Unwrap the key
oidCipher.init(Cipher.UNWRAP_MODE, key);
if (!supportedKeyLength) {
throw new RuntimeException(String.format(
"The key length %d is not supported, so the initialization"
+ " of oidCipher should fail.%n",
dataTuple.keyLength));
}
byte[] keyWrapper = algorithmCipher.wrap(key);
Key unwrappedKey = oidCipher.unwrap(keyWrapper, "AES",
Cipher.SECRET_KEY);
// Comparison
if (!Arrays.equals(key.getEncoded(), unwrappedKey.getEncoded())) {
throw new RuntimeException("Key comparison failed");
}
}
private static class DataTuple {
private final String oid;
private final String algorithm;
private final int keyLength;
private DataTuple(String oid, String algorithm, int keyLength) {
this.oid = oid;
this.algorithm = algorithm;
this.keyLength = keyLength;
}
}
}
test/com/sun/crypto/provider/NSASuiteB/TestHmacSHAOids.java 0 → 100644
浏览文件 @ f80edefe
/*
* Copyright (c) 2015, Oracle and/or its affiliates. All rights reserved.
* DO NOT ALTER OR REMOVE COPYRIGHT NOTICES OR THIS FILE HEADER.
*
* This code is free software; you can redistribute it and/or modify it
* under the terms of the GNU General Public License version 2 only, as
* published by the Free Software Foundation.
*
* This code is distributed in the hope that it will be useful, but WITHOUT
* ANY WARRANTY; without even the implied warranty of MERCHANTABILITY or
* FITNESS FOR A PARTICULAR PURPOSE. See the GNU General Public License
* version 2 for more details (a copy is included in the LICENSE file that
* accompanied this code).
*
* You should have received a copy of the GNU General Public License version
* 2 along with this work; if not, write to the Free Software Foundation,
* Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA.
*
* Please contact Oracle, 500 Oracle Parkway, Redwood Shores, CA 94065 USA
* or visit www.oracle.com if you need additional information or have any
* questions.
*/
import java.security.InvalidKeyException;
import java.security.NoSuchAlgorithmException;
import java.security.NoSuchProviderException;
import java.util.Arrays;
import java.util.List;
import javax.crypto.KeyGenerator;
import javax.crypto.Mac;
import javax.crypto.SecretKey;
/*
* @test
* @bug 8075286
* @summary Test the HmacSHA algorithm OIDs in JDK.
* OID and Algorithm transformation string should match.
* Both could be able to be used to generate the algorithm instance.
* @run main TestHmacSHAOids
*/
public class TestHmacSHAOids {
private static final String PROVIDER_NAME = "SunJCE";
private static final byte[] INPUT = "1234567890".getBytes();
private static final List<DataTuple> DATA = Arrays.asList(
new DataTuple("1.2.840.113549.2.7", "HmacSHA1"),
new DataTuple("1.2.840.113549.2.8", "HmacSHA224"),
new DataTuple("1.2.840.113549.2.9", "HmacSHA256"),
new DataTuple("1.2.840.113549.2.10", "HmacSHA384"),
new DataTuple("1.2.840.113549.2.11", "HmacSHA512"));
public static void main(String[] args) throws Exception {
for (DataTuple dataTuple : DATA) {
runTest(dataTuple);
System.out.println("passed");
}
System.out.println("All tests passed");
}
private static void runTest(DataTuple dataTuple)
throws NoSuchAlgorithmException, NoSuchProviderException,
InvalidKeyException {
Mac mcAlgorithm = Mac.getInstance(dataTuple.algorithm,
PROVIDER_NAME);
Mac mcOid = Mac.getInstance(dataTuple.oid, PROVIDER_NAME);
if (mcAlgorithm == null) {
throw new RuntimeException(String.format(
"Test failed: Mac using algorithm "
+ "string %s getInstance failed.%n",
dataTuple.algorithm));
}
if (mcOid == null) {
throw new RuntimeException(String.format(
"Test failed: Mac using OID %s getInstance failed.%n",
dataTuple.oid));
}
if (!mcAlgorithm.getAlgorithm().equals(dataTuple.algorithm)) {
throw new RuntimeException(String.format(
"Test failed: Mac using algorithm string %s getInstance "
+ "doesn't generate expected algorithm.%n",
dataTuple.algorithm));
}
KeyGenerator kg = KeyGenerator.getInstance(dataTuple.algorithm,
PROVIDER_NAME);
SecretKey key = kg.generateKey();
mcAlgorithm.init(key);
mcAlgorithm.update(INPUT);
mcOid.init(key);
mcOid.update(INPUT);
// Comparison
if (!Arrays.equals(mcAlgorithm.doFinal(), mcOid.doFinal())) {
throw new RuntimeException("Digest comparison failed: "
+ "the two MACs are not the same");
}
}
private static class DataTuple {
private final String oid;
private final String algorithm;
private DataTuple(String oid, String algorithm) {
this.oid = oid;
this.algorithm = algorithm;
}
}
}
test/java/lang/invoke/AccessControlTest.java
浏览文件 @ f80edefe
......@@ -23,9 +23,7 @@
/* @test
* @summary test access checking by java.lang.invoke.MethodHandles.Lookup
* @library ../../../..
* @build test.java.lang.invoke.AccessControlTest
* @build test.java.lang.invoke.AccessControlTest_subpkg.Acquaintance_remote
* @compile AccessControlTest.java AccessControlTest_subpkg/Acquaintance_remote.java
* @run testng/othervm test.java.lang.invoke.AccessControlTest
*/
......
test/java/net/SetFactoryPermission/SetFactoryPermission.java 0 → 100644
浏览文件 @ f80edefe
/*
* Copyright (c) 2014, Oracle and/or its affiliates. All rights reserved.
* DO NOT ALTER OR REMOVE COPYRIGHT NOTICES OR THIS FILE HEADER.
*
* This code is free software; you can redistribute it and/or modify it
* under the terms of the GNU General Public License version 2 only, as
* published by the Free Software Foundation.
*
* This code is distributed in the hope that it will be useful, but WITHOUT
* ANY WARRANTY; without even the implied warranty of MERCHANTABILITY or
* FITNESS FOR A PARTICULAR PURPOSE. See the GNU General Public License
* version 2 for more details (a copy is included in the LICENSE file that
* accompanied this code).
*
* You should have received a copy of the GNU General Public License version
* 2 along with this work; if not, write to the Free Software Foundation,
* Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA.
*
* Please contact Oracle, 500 Oracle Parkway, Redwood Shores, CA 94065 USA
* or visit www.oracle.com if you need additional information or have any
* questions.
*/
/*
* @test
* @bug 8048052
* @summary Test a series of methods which requires "setFactory" runtime permission
* @run main SetFactoryPermission success
* @run main/othervm/policy=policy.fail SetFactoryPermission fail
* @run main/othervm/policy=policy.success SetFactoryPermission success
*/
import java.net.ServerSocket;
import java.net.Socket;
import java.net.URL;
import java.net.URLConnection;
import java.rmi.server.RMISocketFactory;
import java.security.AccessControlException;
public class SetFactoryPermission {
static boolean success = false;
interface Runner {
public void run() throws Exception;
}
public static void main (String[] args) throws Exception {
if (args.length > 0) {
success = System.getSecurityManager() == null || args[0].equals("success");
}
doTest(()->{
System.out.println("Verify URLConnection.setContentHandlerFactor()");
URLConnection.setContentHandlerFactory(null);
});
doTest(()->{
System.out.println("Verify URL.setURLStreamHandlerFactory()");
URL.setURLStreamHandlerFactory(null);
});
doTest(()->{
System.out.println("Verify ServerSocket.setSocketFactory()");
ServerSocket.setSocketFactory(null);
});
doTest(()->{
System.out.println("Verify Socket.setSocketImplFactory()");
Socket.setSocketImplFactory(null);
});
doTest(()->{
System.out.println("Verify RMISocketFactory.setSocketFactory()");
RMISocketFactory.setSocketFactory(null);
});
}
static void doTest(Runner func) throws Exception {
try {
func.run();
if (!success) {
throw new RuntimeException("AccessControlException is not thrown. Test failed");
}
} catch (SecurityException e) {
if (success) {
e.printStackTrace();
throw new RuntimeException("AccessControlException is thrown unexpectedly. Test failed");
}
}
}
}
test/java/net/SetFactoryPermission/policy.success 0 → 100644
浏览文件 @ f80edefe
grant {
permission java.lang.RuntimePermission "setFactory";
};
test/java/security/KeyStore/PKCS12/CheckDefaults.java 0 → 100644
浏览文件 @ f80edefe
此差异已折叠。
test/java/security/KeyStore/PKCS12/ConvertP12Test.java 0 → 100644
浏览文件 @ f80edefe
此差异已折叠。
test/java/security/KeyStore/PKCS12/ReadP12Test.java 0 → 100644
浏览文件 @ f80edefe
此差异已折叠。
test/java/security/KeyStore/PKCS12/Utils.java 0 → 100644
浏览文件 @ f80edefe
此差异已折叠。
test/java/security/KeyStore/PKCS12/WriteP12Test.java 0 → 100644
浏览文件 @ f80edefe
此差异已折叠。
test/java/security/KeyStore/PKCS12/api_cert_chain.p12_expected.data 0 → 100644
浏览文件 @ f80edefe
SHA1: 09:F1:08:B1:B3:28:22:23:22:F7:5F:6D:4A:8D:0E:0A:5E:6D:56:FB
SHA256: AD:57:47:67:20:96:49:86:53:E4:10:EF:BD:4D:D2:B0:81:C0:B0:BB:62:AE:BE:47:80:DC:00:F8:E3:E7:66:B5
SHA1: 2B:CE:0C:E1:35:B9:9D:FE:5A:6E:25:88:01:F7:E9:E5:7B:89:17:42
SHA256: 65:F3:0A:64:F2:52:B2:4E:F8:76:C5:D0:6D:53:7C:E8:00:AE:F4:95:3C:CC:CB:01:6B:22:AF:46:36:50:CF:FF
SHA1: 7D:48:4D:1C:F8:55:E8:79:6A:B0:19:E1:26:4F:AC:FD:57:6B:38:A0
SHA256: 0A:14:3F:88:8D:C2:D6:97:3E:02:0F:5F:17:E3:D9:FE:CF:93:10:2C:3C:8D:81:AC:06:2F:32:39:4D:0E:CB:6A
Alias name: servercert
test/java/security/KeyStore/PKCS12/api_private_key.p12_expected.data 0 → 100644
浏览文件 @ f80edefe
SHA1: 48:22:E2:C2:47:9F:75:E3:52:56:9C:20:37:DF:03:7F:CD:9F:87:38
SHA256: 9B:DF:B9:EC:DB:3E:EF:BD:61:8F:C3:62:BD:3E:95:FE:E5:B6:A3:F9:94:3D:8D:C1:AE:E9:44:86:25:FA:C1:1B
Alias name: pkcs12testenduser1
test/java/security/KeyStore/PKCS12/api_private_key_not_match.p12_expected.data 0 → 100644
浏览文件 @ f80edefe
SHA1: 2B:CE:0C:E1:35:B9:9D:FE:5A:6E:25:88:01:F7:E9:E5:7B:89:17:42
SHA256: 65:F3:0A:64:F2:52:B2:4E:F8:76:C5:D0:6D:53:7C:E8:00:AE:F4:95:3C:CC:CB:01:6B:22:AF:46:36:50:CF:FF
Alias name: pkcs12testenduser1
test/java/security/KeyStore/PKCS12/api_two_pass.p12_expected.data 0 → 100644
浏览文件 @ f80edefe
SHA1: 77:90:EC:65:C5:0C:FD:F2:1E:B0:3A:BD:43:21:1A:C6:FD:18:8C:AB
SHA256: 8E:C8:49:82:B8:4B:89:8E:61:2D:CD:F6:D6:34:96:04:91:6F:1B:08:F5:CD:BD:23:ED:94:22:5A:B4:7A:39:DD
Alias name: pkcs12testenduser1
test/java/security/KeyStore/PKCS12/ie_chain.pfx.data 0 → 100644
浏览文件 @ f80edefe
此差异已折叠。
test/java/security/KeyStore/PKCS12/ie_chain.pfx.pem 0 → 100644
浏览文件 @ f80edefe
此差异已折叠。
test/java/security/KeyStore/PKCS12/ie_self.pfx.data 0 → 100644
浏览文件 @ f80edefe
此差异已折叠。
test/java/security/KeyStore/PKCS12/ie_self.pfx.pem 0 → 100644
浏览文件 @ f80edefe
此差异已折叠。
test/java/security/KeyStore/PKCS12/mozilla_self.p12.pem 0 → 100644
浏览文件 @ f80edefe
此差异已折叠。
test/java/security/KeyStore/PKCS12/openssl.p12.data 0 → 100644
浏览文件 @ f80edefe
此差异已折叠。
test/java/security/KeyStore/PKCS12/openssl.p12.pem 0 → 100644
浏览文件 @ f80edefe
此差异已折叠。
test/java/security/Policy/SignedJar/SignedJarTest.java 0 → 100644
浏览文件 @ f80edefe
此差异已折叠。
test/javax/security/sasl/Sasl/ClientServerTest.java 0 → 100644
浏览文件 @ f80edefe
此差异已折叠。
test/javax/xml/bind/jxc/8073872/Foo.java 0 → 100644
浏览文件 @ f80edefe
此差异已折叠。
test/javax/xml/bind/xjc/8145039/JaxbMarshallTest.java 0 → 100644
浏览文件 @ f80edefe
此差异已折叠。
test/javax/xml/bind/xjc/8145039/testSchema.xsd 0 → 100644
浏览文件 @ f80edefe
此差异已折叠。
test/javax/xml/jaxp/transform/8150704/Bug8150704-1.ref 0 → 100644
浏览文件 @ f80edefe
此差异已折叠。
test/javax/xml/jaxp/transform/8150704/Bug8150704-1.xml 0 → 100644
浏览文件 @ f80edefe
此差异已折叠。
test/javax/xml/jaxp/transform/8150704/Bug8150704-1.xsl 0 → 100644
浏览文件 @ f80edefe
此差异已折叠。
test/javax/xml/jaxp/transform/8150704/Bug8150704-2.ref 0 → 100644
浏览文件 @ f80edefe
此差异已折叠。
test/javax/xml/jaxp/transform/8150704/Bug8150704-2.xml 0 → 100644
浏览文件 @ f80edefe
此差异已折叠。
test/javax/xml/jaxp/transform/8150704/Bug8150704-2.xsl 0 → 100644
浏览文件 @ f80edefe
此差异已折叠。
test/sample/TEST.properties 0 → 100644
浏览文件 @ f80edefe
此差异已折叠。
test/sun/security/TestSignatureOidHelper.java 0 → 100644
浏览文件 @ f80edefe
此差异已折叠。
test/sun/security/provider/NSASuiteB/TestSHAOids.java 0 → 100644
浏览文件 @ f80edefe
此差异已折叠。
Markdown is supported
0% .
You are about to add 0 people to the discussion. Proceed with caution.
先完成此消息的编辑!
想要评论请 注册