Cipher/KeyWrap/NISTWrapKAT.java

0N/A/*
2362N/A * Copyright (c) 2004, 2007, Oracle and/or its affiliates. All rights reserved.
0N/A * DO NOT ALTER OR REMOVE COPYRIGHT NOTICES OR THIS FILE HEADER.
0N/A *
0N/A * This code is free software; you can redistribute it and/or modify it
0N/A * under the terms of the GNU General Public License version 2 only, as
0N/A * published by the Free Software Foundation.
0N/A *
0N/A * This code is distributed in the hope that it will be useful, but WITHOUT
0N/A * ANY WARRANTY; without even the implied warranty of MERCHANTABILITY or
0N/A * FITNESS FOR A PARTICULAR PURPOSE.  See the GNU General Public License
0N/A * version 2 for more details (a copy is included in the LICENSE file that
0N/A * accompanied this code).
0N/A *
0N/A * You should have received a copy of the GNU General Public License version
0N/A * 2 along with this work; if not, write to the Free Software Foundation,
0N/A * Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA.
0N/A *
2362N/A * Please contact Oracle, 500 Oracle Parkway, Redwood Shores, CA 94065 USA
2362N/A * or visit www.oracle.com if you need additional information or have any
2362N/A * questions.
0N/A */
0N/A
0N/A/*
0N/A * @test
0N/A * @bug 5008156
0N/A * @run main NISTWrapKAT
0N/A * @summary Verify that the "AESWrap" key wrap cipher work as
0N/A * expected using NIST test vectors.
0N/A * @author Valerie Peng
0N/A */
0N/Aimport java.security.Key;
0N/Aimport java.security.AlgorithmParameters;
0N/Aimport javax.crypto.*;
0N/Aimport javax.crypto.spec.*;
0N/Aimport java.util.Arrays;
0N/Aimport java.math.BigInteger;
0N/A
0N/Apublic class NISTWrapKAT {
0N/A
0N/A    private static final String KEK =
0N/A        "000102030405060708090a0b0c0d0e0f101112131415161718191a1b1c1d1e1f";
0N/A    private static final String DATA =
0N/A        "00112233445566778899aabbccddeeff000102030405060708090a0b0c0d0e0f";
0N/A
0N/A    private static String AES128_128 =
0N/A        "1fa68b0a8112b447aef34bd8fb5a7b829d3e862371d2cfe5";
0N/A    private static String AES192_128 =
0N/A        "96778b25ae6ca435f92b5b97c050aed2468ab8a17ad84e5d";
0N/A    private static String AES192_192 =
0N/A        "031d33264e15d33268f24ec260743edce1c6c7ddee725a936ba814915c6762d2";
0N/A    private static String AES256_128 =
0N/A        "64e8c3f9ce0f5ba263e9777905818a2a93c8191e7d6e8ae7";
0N/A    private static String AES256_192 =
0N/A        "a8f9bc1612c68b3ff6e6f4fbe30e71e4769c8b80a32cb8958cd5d17d6b254da1";
0N/A    private static String AES256_256 =
0N/A        "28c9f404c4b810f4cbccb35cfb87f8263f5786e2d80ed326cbc7f0e71a99f43bfb988b9b7a02dd21";
0N/A
0N/A    public static void testKeyWrap(int keyLen, int dataLen,
0N/A                                   String expected) throws Exception {
0N/A        System.out.println("Testing AESWrap Cipher with " +
0N/A            dataLen + "-byte data with " + 8*keyLen + "-bit key");
0N/A        Cipher c = Cipher.getInstance("AESWrap", "SunJCE");
0N/A        byte[] keyVal = new byte[keyLen];
0N/A        byte[] dataVal = new byte[dataLen];
0N/A
0N/A        // setup the key encryption key and the to-be-wrapped key
0N/A        BigInteger temp = new BigInteger(KEK.substring(0, keyLen*2), 16);
0N/A        byte[] val = temp.toByteArray();
0N/A        System.arraycopy(val, 0, keyVal, keyVal.length-val.length,
0N/A                         val.length);
0N/A        temp = new BigInteger(DATA.substring(0, dataLen*2), 16);
0N/A        val = temp.toByteArray();
0N/A        System.arraycopy(val, 0, dataVal, dataVal.length-val.length,
0N/A                         val.length);
0N/A
0N/A        SecretKey cipherKey = new SecretKeySpec(keyVal, "AES");
0N/A        c.init(Cipher.WRAP_MODE, cipherKey);
0N/A        SecretKey toBeWrappedKey = new SecretKeySpec(dataVal, "AES");
0N/A
0N/A        // first test WRAP with known values
0N/A        byte[] wrapped = c.wrap(toBeWrappedKey);
0N/A        byte[] expectedVal = new BigInteger(expected, 16).toByteArray();
0N/A        // need to add offset since BigInteger may pad "0x00" in the beginning
0N/A        int offset = expectedVal.length - wrapped.length;
0N/A        for (int i=0; i<wrapped.length; i++) {
0N/A            if (wrapped[i] != expectedVal[offset + i]) {
0N/A                throw new Exception("Wrap failed; got different result");
0N/A            }
0N/A        }
0N/A
0N/A        // then test UNWRAP and compare with the initial values
0N/A        c.init(Cipher.UNWRAP_MODE, cipherKey);
0N/A        Key unwrapped = c.unwrap(wrapped, "AES", Cipher.SECRET_KEY);
0N/A        if (!Arrays.equals(unwrapped.getEncoded(), dataVal)) {
0N/A            throw new Exception("Unwrap failed; got different result");
0N/A        }
0N/A    }
0N/A
0N/A    public static void main(String[] argv) throws Exception {
0N/A        testKeyWrap(16, 16, AES128_128);
0N/A        // only run the tests on longer key lengths if unlimited version
0N/A        // of JCE jurisdiction policy files are installed
0N/A        int allowed = Cipher.getMaxAllowedKeyLength("AES");
0N/A        if (allowed >= 24*8) {
0N/A            testKeyWrap(24, 16, AES192_128);
0N/A            testKeyWrap(24, 24, AES192_192);
0N/A        }
0N/A        if (allowed >= 32*8) {
0N/A            testKeyWrap(32, 16, AES256_128);
0N/A            testKeyWrap(32, 24, AES256_192);
0N/A            testKeyWrap(32, 32, AES256_256);
0N/A        }
0N/A        System.out.println("All Tests Passed");
0N/A    }
0N/A}