1berry/openjdk
1
0
Fork 0
Code Issues Packages Projects Releases Wiki Activity

8013069: javax.crypto tests fail with new PBE algorithm names

Browse Source 
Shouldn't auto-generate default parameters for MAC objects.

Reviewed-by: vinnie
This commit is contained in:
Valerie Peng 2013-05-29 20:54:43 -07:00
parent ddc0a1e51f
commit 3ecc12a044
5 changed files with 48 additions and 37 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

11
jdk/src/share/classes/com/sun/crypto/provider/HmacPKCS12PBESHA1.java
View File

@ -86,12 +86,13 @@ public final class HmacPKCS12PBESHA1 extends HmacCore {
throw new InvalidKeyException("SecretKey of PBE type required"); throw new InvalidKeyException("SecretKey of PBE type required");
} }
if (params == null) { if (params == null) {
// generate default for salt and iteration count if necessary // should not auto-generate default values since current
if (salt == null) { // javax.crypto.Mac api does not have any method for caller to
salt = new byte[20]; // retrieve the generated defaults.
SunJCE.getRandom().nextBytes(salt); if ((salt == null) || (iCount == 0)) {
throw new InvalidAlgorithmParameterException
("PBEParameterSpec required for salt and iteration count");
} }
if (iCount == 0) iCount = 100;
} else if (!(params instanceof PBEParameterSpec)) { } else if (!(params instanceof PBEParameterSpec)) {
throw new InvalidAlgorithmParameterException throw new InvalidAlgorithmParameterException
("PBEParameterSpec type required"); ("PBEParameterSpec type required");

30
jdk/src/share/classes/com/sun/crypto/provider/PBMAC1Core.java
View File

@ -42,12 +42,10 @@ import java.security.spec.*;
*/ */
abstract class PBMAC1Core extends HmacCore { abstract class PBMAC1Core extends HmacCore {
private static final int DEFAULT_SALT_LENGTH = 20; // NOTE: this class inherits the Cloneable interface from HmacCore
private static final int DEFAULT_COUNT = 4096; // Need to override clone() if mutable fields are added.
private final String kdfAlgo; private final String kdfAlgo;
private final String hashAlgo; private final String hashAlgo;
private final PBKDF2Core kdf;
private final int blockLength; // in octets private final int blockLength; // in octets
/** /**
@ -56,13 +54,15 @@ abstract class PBMAC1Core extends HmacCore {
*/ */
PBMAC1Core(String kdfAlgo, String hashAlgo, int blockLength) PBMAC1Core(String kdfAlgo, String hashAlgo, int blockLength)
throws NoSuchAlgorithmException { throws NoSuchAlgorithmException {
super(hashAlgo, blockLength); super(hashAlgo, blockLength);
this.kdfAlgo = kdfAlgo; this.kdfAlgo = kdfAlgo;
this.hashAlgo = hashAlgo; this.hashAlgo = hashAlgo;
this.blockLength = blockLength; this.blockLength = blockLength;
}
switch(kdfAlgo) { private static PBKDF2Core getKDFImpl(String algo) {
PBKDF2Core kdf = null;
switch(algo) {
case "HmacSHA1": case "HmacSHA1":
kdf = new PBKDF2Core.HmacSHA1(); kdf = new PBKDF2Core.HmacSHA1();
break; break;
@ -79,9 +79,10 @@ abstract class PBMAC1Core extends HmacCore {
kdf = new PBKDF2Core.HmacSHA512(); kdf = new PBKDF2Core.HmacSHA512();
break; break;
default: default:
throw new NoSuchAlgorithmException( throw new ProviderException(
"No MAC implementation for " + kdfAlgo); "No MAC implementation for " + algo);
} }
return kdf;
} }
/** /**
@ -120,12 +121,13 @@ abstract class PBMAC1Core extends HmacCore {
throw new InvalidKeyException("SecretKey of PBE type required"); throw new InvalidKeyException("SecretKey of PBE type required");
} }
if (params == null) { if (params == null) {
// generate default for salt and iteration count if necessary // should not auto-generate default values since current
if (salt == null) { // javax.crypto.Mac api does not have any method for caller to
salt = new byte[DEFAULT_SALT_LENGTH]; // retrieve the generated defaults.
SunJCE.getRandom().nextBytes(salt); if ((salt == null) || (iCount == 0)) {
throw new InvalidAlgorithmParameterException
("PBEParameterSpec required for salt and iteration count");
} }
if (iCount == 0) iCount = DEFAULT_COUNT;
} else if (!(params instanceof PBEParameterSpec)) { } else if (!(params instanceof PBEParameterSpec)) {
throw new InvalidAlgorithmParameterException throw new InvalidAlgorithmParameterException
("PBEParameterSpec type required"); ("PBEParameterSpec type required");
@ -168,7 +170,7 @@ abstract class PBMAC1Core extends HmacCore {
java.util.Arrays.fill(passwdChars, ' '); java.util.Arrays.fill(passwdChars, ' ');
SecretKey s = null; SecretKey s = null;
PBKDF2Core kdf = getKDFImpl(kdfAlgo);
try { try {
s = kdf.engineGenerateSecret(pbeSpec); s = kdf.engineGenerateSecret(pbeSpec);

9
jdk/src/share/classes/com/sun/crypto/provider/SunJCE.java
View File

@ -731,10 +731,11 @@ public final class SunJCE extends Provider {
put("Mac.HmacSHA384 SupportedKeyFormats", "RAW"); put("Mac.HmacSHA384 SupportedKeyFormats", "RAW");
put("Mac.HmacSHA512 SupportedKeyFormats", "RAW"); put("Mac.HmacSHA512 SupportedKeyFormats", "RAW");
put("Mac.HmacPBESHA1 SupportedKeyFormats", "RAW"); put("Mac.HmacPBESHA1 SupportedKeyFormats", "RAW");
put("Mac.HmacPBESHA224 SupportedKeyFormats", "RAW"); put("Mac.PBEWithHmacSHA1 SupportedKeyFormatS", "RAW");
put("Mac.HmacPBESHA256 SupportedKeyFormats", "RAW"); put("Mac.PBEWithHmacSHA224 SupportedKeyFormats", "RAW");
put("Mac.HmacPBESHA384 SupportedKeyFormats", "RAW"); put("Mac.PBEWithHmacSHA256 SupportedKeyFormats", "RAW");
put("Mac.HmacPBESHA512 SupportedKeyFormats", "RAW"); put("Mac.PBEWithHmacSHA384 SupportedKeyFormats", "RAW");
put("Mac.PBEWithHmacSHA512 SupportedKeyFormats", "RAW");
put("Mac.SslMacMD5 SupportedKeyFormats", "RAW"); put("Mac.SslMacMD5 SupportedKeyFormats", "RAW");
put("Mac.SslMacSHA1 SupportedKeyFormats", "RAW"); put("Mac.SslMacSHA1 SupportedKeyFormats", "RAW");

11
jdk/test/com/sun/crypto/provider/Mac/HmacPBESHA1.java
View File

@ -1,5 +1,5 @@
/* /*
* Copyright (c) 2003, 2012, Oracle and/or its affiliates. All rights reserved. * Copyright (c) 2003, 2013, Oracle and/or its affiliates. All rights reserved.
* DO NOT ALTER OR REMOVE COPYRIGHT NOTICES OR THIS FILE HEADER. * DO NOT ALTER OR REMOVE COPYRIGHT NOTICES OR THIS FILE HEADER.
* *
* This code is free software; you can redistribute it and/or modify it * This code is free software; you can redistribute it and/or modify it
@ -23,8 +23,8 @@
/** /**
* @test * @test
* @bug 4893959 * @bug 4893959 8013069
* @summary basic test for HmacPBESHA1 * @summary basic test for PBE MAC algorithms.
* @author Valerie Peng * @author Valerie Peng
*/ */
import java.io.PrintStream; import java.io.PrintStream;
@ -68,8 +68,9 @@ public class HmacPBESHA1 {
} }
Mac mac = Mac.getInstance(algo, PROVIDER); Mac mac = Mac.getInstance(algo, PROVIDER);
byte[] plainText = new byte[30]; byte[] plainText = new byte[30];
PBEParameterSpec spec =
mac.init(key); new PBEParameterSpec("saltValue".getBytes(), 250);
mac.init(key, spec);
mac.update(plainText); mac.update(plainText);
byte[] value1 = mac.doFinal(); byte[] value1 = mac.doFinal();
if (value1.length != length) { if (value1.length != length) {

24
jdk/test/com/sun/crypto/provider/Mac/MacClone.java
View File

@ -1,5 +1,5 @@
/* /*
* Copyright (c) 1998, 2012, Oracle and/or its affiliates. All rights reserved. * Copyright (c) 1998, 2013, Oracle and/or its affiliates. All rights reserved.
* DO NOT ALTER OR REMOVE COPYRIGHT NOTICES OR THIS FILE HEADER. * DO NOT ALTER OR REMOVE COPYRIGHT NOTICES OR THIS FILE HEADER.
* *
* This code is free software; you can redistribute it and/or modify it * This code is free software; you can redistribute it and/or modify it
@ -23,12 +23,13 @@
/* /*
* @test * @test
* @bug 7087021 * @bug 7087021 8013069
* @summary MacClone * @summary Clone tests for all MAC algorithms.
* @author Jan Luehe * @author Jan Luehe
*/ */
import java.security.spec.AlgorithmParameterSpec;
import javax.crypto.*; import javax.crypto.*;
import javax.crypto.spec.SecretKeySpec; import javax.crypto.spec.*;
public class MacClone { public class MacClone {
@ -39,18 +40,23 @@ public class MacClone {
KeyGenerator kgen = KeyGenerator.getInstance("DES"); KeyGenerator kgen = KeyGenerator.getInstance("DES");
SecretKey skey = kgen.generateKey(); SecretKey skey = kgen.generateKey();
for (String algo : algos) { for (String algo : algos) {
doTest(algo, skey); doTest(algo, skey, null);
} }
String[] algos2 = { "HmacPBESHA1" }; String[] algos2 = { "HmacPBESHA1", "PBEWithHmacSHA1",
"PBEWithHmacSHA224", "PBEWithHmacSHA256",
"PBEWithHmacSHA384", "PBEWithHmacSHA512" };
skey = new SecretKeySpec("whatever".getBytes(), "PBE"); skey = new SecretKeySpec("whatever".getBytes(), "PBE");
PBEParameterSpec params =
new PBEParameterSpec("1234567890".getBytes(), 500);
for (String algo : algos2) { for (String algo : algos2) {
doTest(algo, skey); doTest(algo, skey, params);
} }
System.out.println("Test Passed"); System.out.println("Test Passed");
} }
private static void doTest(String algo, SecretKey skey) throws Exception { private static void doTest(String algo, SecretKey skey,
AlgorithmParameterSpec params) throws Exception {
// //
// Clone an uninitialized Mac object // Clone an uninitialized Mac object
// //
@ -72,7 +78,7 @@ public class MacClone {
// Clone an initialized Mac object // Clone an initialized Mac object
// //
mac = Mac.getInstance(algo, "SunJCE"); mac = Mac.getInstance(algo, "SunJCE");
mac.init(skey); mac.init(skey, params);
macClone = (Mac)mac.clone(); macClone = (Mac)mac.clone();
System.out.println(macClone.getProvider().toString()); System.out.println(macClone.getProvider().toString());
System.out.println(macClone.getAlgorithm()); System.out.println(macClone.getAlgorithm());