diff options
author | bleichen <bleichen@google.com> | 2022-12-21 08:35:30 -0800 |
---|---|---|
committer | Charles Lee <ckl@google.com> | 2023-02-27 16:44:36 -0800 |
commit | 8b7cce89210b080d7ea2a4a48d614e4c34d79474 (patch) | |
tree | e37a02deebe3e624a9d1b35a24d5f200f821ed59 | |
parent | d604bdef26088ab7d166f5b30ff3431acec97ae6 (diff) | |
download | wycheproof-8b7cce89210b080d7ea2a4a48d614e4c34d79474.tar.gz |
Skipping the tests if the Ciphers are not supported.
So far it was necessary to remove test classes from the test suite.
The goal is to remove provider dependent test suites.
NOKEYCHECK=True
PiperOrigin-RevId: 496929464
-rw-r--r-- | java/com/google/security/wycheproof/testcases/AesEaxTest.java | 16 | ||||
-rw-r--r-- | java/com/google/security/wycheproof/testcases/AesGcmTest.java | 72 |
2 files changed, 55 insertions, 33 deletions
diff --git a/java/com/google/security/wycheproof/testcases/AesEaxTest.java b/java/com/google/security/wycheproof/testcases/AesEaxTest.java index 248715b..4bc479d 100644 --- a/java/com/google/security/wycheproof/testcases/AesEaxTest.java +++ b/java/com/google/security/wycheproof/testcases/AesEaxTest.java @@ -22,7 +22,9 @@ package com.google.security.wycheproof; import static org.junit.Assert.assertEquals; +import java.security.NoSuchAlgorithmException; import javax.crypto.Cipher; +import javax.crypto.NoSuchPaddingException; import javax.crypto.spec.GCMParameterSpec; import javax.crypto.spec.SecretKeySpec; import org.junit.Test; @@ -257,10 +259,20 @@ public class AesEaxTest { + "e632946e4999be20159977431bef0454"), }; + /** Returns a Cipher instance for AES-EAX. */ + private Cipher getAesEaxInstance() { + try { + return Cipher.getInstance("AES/EAX/NoPadding"); + } catch (NoSuchAlgorithmException | NoSuchPaddingException ex) { + TestUtil.skipTest("AES-EAX not supported"); + return null; + } + } + @Test public void testEax() throws Exception { + Cipher cipher = getAesEaxInstance(); for (EaxTestVector test : EAX_TEST_VECTOR) { - Cipher cipher = Cipher.getInstance("AES/EAX/NoPadding"); cipher.init(Cipher.ENCRYPT_MODE, test.key, test.parameters); cipher.updateAAD(test.aad); byte[] ct = cipher.doFinal(test.pt); @@ -270,8 +282,8 @@ public class AesEaxTest { @Test public void testLateUpdateAAD() throws Exception { + Cipher cipher = getAesEaxInstance(); for (EaxTestVector test : EAX_TEST_VECTOR) { - Cipher cipher = Cipher.getInstance("AES/EAX/NoPadding"); cipher.init(Cipher.ENCRYPT_MODE, test.key, test.parameters); byte[] c0 = cipher.update(test.pt); try { diff --git a/java/com/google/security/wycheproof/testcases/AesGcmTest.java b/java/com/google/security/wycheproof/testcases/AesGcmTest.java index 45c781a..45a5ccc 100644 --- a/java/com/google/security/wycheproof/testcases/AesGcmTest.java +++ b/java/com/google/security/wycheproof/testcases/AesGcmTest.java @@ -33,6 +33,7 @@ import java.security.SecureRandom; import java.util.ArrayList; import java.util.Arrays; import javax.crypto.Cipher; +import javax.crypto.NoSuchPaddingException; import javax.crypto.ShortBufferException; import javax.crypto.spec.GCMParameterSpec; import javax.crypto.spec.IvParameterSpec; @@ -41,12 +42,11 @@ import org.junit.Test; import org.junit.runner.RunWith; import org.junit.runners.JUnit4; -// TODO(bleichen): -// - For EAX I was able to derive some special cases by inverting OMAC. -// Not sure if that is possible here. /** * Testing AES-GCM * + * <p>This class tests different uses of the JCE interfaces. + * * <p>Other tests using AES-GCM are: CipherInputStreamTest.java CipherOuputStreamTest.java */ @RunWith(JUnit4.class) @@ -156,6 +156,16 @@ public class AesGcmTest { "f145c2dcaf339eede427be934357eac0"), }; + /** Returns a Cipher instance for AES-GCM. */ + private Cipher getAesGcmInstance() { + try { + return Cipher.getInstance("AES/GCM/NoPadding"); + } catch (NoSuchAlgorithmException | NoSuchPaddingException ex) { + TestUtil.skipTest("AES-GCM not supported"); + return null; + } + } + /** * Returns the GCM test vectors supported by the current provider. This is necessary since not * every provider supports all parameters sizes. For example SUNJCE does not support 8 byte tags @@ -169,11 +179,11 @@ public class AesGcmTest { private Iterable<GcmTestVector> getTestVectors() throws Exception { ArrayList<GcmTestVector> supported = new ArrayList<GcmTestVector>(); for (GcmTestVector test : GCM_TEST_VECTORS) { + Cipher cipher = getAesGcmInstance(); if (test.nonceLengthInBits != 96 || test.tagLengthInBits != 128) { try { // Checks whether the parameter size is supported. // It would be nice if there was a way to check this without trying to encrypt. - Cipher cipher = Cipher.getInstance("AES/GCM/NoPadding"); cipher.init(Cipher.ENCRYPT_MODE, test.key, test.parameters); } catch (InvalidKeyException | InvalidAlgorithmParameterException ex) { // Not supported @@ -185,10 +195,11 @@ public class AesGcmTest { return supported; } + @Test public void testVectors() throws Exception { for (GcmTestVector test : getTestVectors()) { - Cipher cipher = Cipher.getInstance("AES/GCM/NoPadding"); + Cipher cipher = getAesGcmInstance(); cipher.init(Cipher.ENCRYPT_MODE, test.key, test.parameters); cipher.updateAAD(test.aad); byte[] ct = cipher.doFinal(test.pt); @@ -200,9 +211,9 @@ public class AesGcmTest { @Test public void testEncryptWithEmptyArrays() throws Exception { for (GcmTestVector test : getTestVectors()) { + Cipher cipher = getAesGcmInstance(); // Encryption byte[] empty = new byte[0]; - Cipher cipher = Cipher.getInstance("AES/GCM/NoPadding"); cipher.init(Cipher.ENCRYPT_MODE, test.key, test.parameters); int outputSize = cipher.getOutputSize(test.pt.length); ByteBuffer ctBuffer = ByteBuffer.allocate(outputSize); @@ -227,8 +238,8 @@ public class AesGcmTest { @Test public void testDecryptWithEmptyArrays() throws Exception { for (GcmTestVector test : getTestVectors()) { + Cipher cipher = getAesGcmInstance(); byte[] empty = new byte[0]; - Cipher cipher = Cipher.getInstance("AES/GCM/NoPadding"); cipher.init(Cipher.DECRYPT_MODE, test.key, test.parameters); int outputSize = cipher.getOutputSize(test.ct.length); ByteBuffer ptBuffer = ByteBuffer.allocate(outputSize); @@ -285,7 +296,7 @@ public class AesGcmTest { @Test public void testLateUpdateAAD() throws Exception { for (GcmTestVector test : getTestVectors()) { - Cipher cipher = Cipher.getInstance("AES/GCM/NoPadding"); + Cipher cipher = getAesGcmInstance(); cipher.init(Cipher.ENCRYPT_MODE, test.key, test.parameters); byte[] c0 = cipher.update(test.pt); try { @@ -318,7 +329,7 @@ public class AesGcmTest { @Test public void testIvReuse() throws Exception { for (GcmTestVector test : getTestVectors()) { - Cipher cipher = Cipher.getInstance("AES/GCM/NoPadding"); + Cipher cipher = getAesGcmInstance(); cipher.init(Cipher.ENCRYPT_MODE, test.key, test.parameters); cipher.updateAAD(test.aad); byte[] ct1 = cipher.doFinal(test.pt); @@ -343,8 +354,8 @@ public class AesGcmTest { */ @Test public void testByteBufferSize() throws Exception { + Cipher cipher = getAesGcmInstance(); for (GcmTestVector test : getTestVectors()) { - Cipher cipher = Cipher.getInstance("AES/GCM/NoPadding"); // Encryption cipher.init(Cipher.ENCRYPT_MODE, test.key, test.parameters); int outputSize = cipher.getOutputSize(test.pt.length); @@ -360,8 +371,8 @@ public class AesGcmTest { @Test public void testByteBuffer() throws Exception { for (GcmTestVector test : getTestVectors()) { + Cipher cipher = getAesGcmInstance(); // Encryption - Cipher cipher = Cipher.getInstance("AES/GCM/NoPadding"); ByteBuffer ptBuffer = ByteBuffer.wrap(test.pt); cipher.init(Cipher.ENCRYPT_MODE, test.key, test.parameters); int outputSize = cipher.getOutputSize(test.pt.length); @@ -385,8 +396,8 @@ public class AesGcmTest { @Test public void testByteBufferAlias() throws Exception { for (GcmTestVector test : getTestVectors()) { + Cipher cipher = getAesGcmInstance(); // Encryption - Cipher cipher = Cipher.getInstance("AES/GCM/NoPadding"); cipher.init(Cipher.ENCRYPT_MODE, test.key, test.parameters); int outputSize = cipher.getOutputSize(test.pt.length); byte[] backingArray = new byte[outputSize]; @@ -423,7 +434,7 @@ public class AesGcmTest { for (int useUpdate = 0; useUpdate <= 1; useUpdate++) { SecretKeySpec key = new SecretKeySpec(new byte[16], "AES"); GCMParameterSpec parameters = new GCMParameterSpec(128, new byte[12]); - Cipher cipher = Cipher.getInstance("AES/GCM/NoPadding"); + Cipher cipher = getAesGcmInstance(); cipher.init(Cipher.ENCRYPT_MODE, key, parameters); // these offsets are relative to the start of the buffer @@ -451,7 +462,7 @@ public class AesGcmTest { System.arraycopy(outBuf, outputOffsetInBuffer, inBuf, inputOffsetInBuffer, ctLength); - cipher = Cipher.getInstance("AES/GCM/NoPadding"); + cipher = getAesGcmInstance(); cipher.init(Cipher.DECRYPT_MODE, key, parameters); int resultPtLength = 0; @@ -500,9 +511,9 @@ public class AesGcmTest { // outputOffset = offset relative to start of input. for (int outputOffset = -1; outputOffset <= 1; outputOffset++) { + Cipher cipher = getAesGcmInstance(); SecretKeySpec key = new SecretKeySpec(new byte[16], "AES"); GCMParameterSpec parameters = new GCMParameterSpec(128, new byte[12]); - Cipher cipher = Cipher.getInstance("AES/GCM/NoPadding"); cipher.init(Cipher.ENCRYPT_MODE, key, parameters); ByteBuffer output, input, inputRO; @@ -602,8 +613,8 @@ public class AesGcmTest { @Test public void testReadOnlyByteBuffer() throws Exception { for (GcmTestVector test : getTestVectors()) { + Cipher cipher = getAesGcmInstance(); // Encryption - Cipher cipher = Cipher.getInstance("AES/GCM/NoPadding"); ByteBuffer ptBuffer = ByteBuffer.wrap(test.pt).asReadOnlyBuffer(); cipher.init(Cipher.ENCRYPT_MODE, test.key, test.parameters); int outputSize = cipher.getOutputSize(test.pt.length); @@ -632,8 +643,8 @@ public class AesGcmTest { @Test public void testByteBufferWithOffset() throws Exception { for (GcmTestVector test : getTestVectors()) { + Cipher cipher = getAesGcmInstance(); // Encryption - Cipher cipher = Cipher.getInstance("AES/GCM/NoPadding"); ByteBuffer ptBuffer = ByteBuffer.wrap(new byte[test.pt.length + 50]); ptBuffer.position(5); ptBuffer = ptBuffer.slice(); @@ -663,15 +674,15 @@ public class AesGcmTest { @Test public void testByteBufferTooShort() throws Exception { for (GcmTestVector test : getTestVectors()) { + Cipher cipher = getAesGcmInstance(); // Encryption - Cipher cipher = Cipher.getInstance("AES/GCM/NoPadding"); ByteBuffer ptBuffer = ByteBuffer.wrap(test.pt); ByteBuffer ctBuffer = ByteBuffer.allocate(test.ct.length - 1); cipher.init(Cipher.ENCRYPT_MODE, test.key, test.parameters); cipher.updateAAD(test.aad); try { cipher.doFinal(ptBuffer, ctBuffer); - fail("This should not work"); + fail("doFinal with a ByteBuffer that is too short should not work"); } catch (ShortBufferException ex) { // expected } @@ -683,7 +694,7 @@ public class AesGcmTest { cipher.updateAAD(test.aad); try { cipher.doFinal(ctBuffer, decrypted); - fail("This should not work"); + fail("doFinal with a ByteBuffer that is too short should not work"); } catch (ShortBufferException ex) { // expected } @@ -698,7 +709,7 @@ public class AesGcmTest { public void testEncryptWithEmptyByteBuffer() throws Exception { for (GcmTestVector test : getTestVectors()) { // Encryption - Cipher cipher = Cipher.getInstance("AES/GCM/NoPadding"); + Cipher cipher = getAesGcmInstance(); ByteBuffer empty = ByteBuffer.allocate(0); ByteBuffer ptBuffer = ByteBuffer.wrap(test.pt); cipher.init(Cipher.ENCRYPT_MODE, test.key, test.parameters); @@ -716,7 +727,7 @@ public class AesGcmTest { @Test public void testDecryptWithEmptyBuffer() throws Exception { for (GcmTestVector test : getTestVectors()) { - Cipher cipher = Cipher.getInstance("AES/GCM/NoPadding"); + Cipher cipher = getAesGcmInstance(); ByteBuffer empty = ByteBuffer.allocate(0); ByteBuffer ctBuffer = ByteBuffer.wrap(test.ct); cipher.init(Cipher.DECRYPT_MODE, test.key, test.parameters); @@ -763,12 +774,12 @@ public class AesGcmTest { byte[] counter = new byte[12]; byte[] input = new byte[16]; byte[] key = new byte[16]; - Cipher cipher = Cipher.getInstance("AES/GCM/NoPadding"); + Cipher cipher = getAesGcmInstance(); try { cipher.init(Cipher.ENCRYPT_MODE, new SecretKeySpec(key, "AES"), new IvParameterSpec(counter)); } catch (InvalidAlgorithmParameterException ex) { // OpenJDK8 does not support IvParameterSpec for GCM. - System.out.println("testDefaultTagSizeIvParameterSpec:" + ex.toString()); + TestUtil.skipTest("IvParameterSpec for AES-GCM is not supported"); return; } byte[] output = cipher.doFinal(input); @@ -790,12 +801,12 @@ public class AesGcmTest { public void testDefaultTagSizeAlgorithmParameterGenerator() throws Exception { byte[] input = new byte[10]; byte[] key = new byte[16]; - Cipher cipher = Cipher.getInstance("AES/GCM/NoPadding"); + Cipher cipher = getAesGcmInstance(); try { AlgorithmParameterGenerator.getInstance("GCM"); } catch (NoSuchAlgorithmException ex) { // Conscrypt does not support AlgorithmParameterGenerator for GCM. - System.out.println("testDefaultTagSizeAlgorithmParameterGenerator:" + ex.toString()); + TestUtil.skipTest("Algorithm parameters for GCM are not supported"); return; } AlgorithmParameters param = AlgorithmParameterGenerator.getInstance("GCM").generateParameters(); @@ -847,7 +858,7 @@ public class AesGcmTest { byte[] input = new byte[16]; byte[] key = new byte[16]; (new SecureRandom()).nextBytes(key); - Cipher cipher = Cipher.getInstance("AES/GCM/NoPadding"); + Cipher cipher = getAesGcmInstance(); cipher.init( Cipher.ENCRYPT_MODE, new SecretKeySpec(key, "AES"), new GCMParameterSpec(16 * 8, iv)); byte[] output = cipher.update(input); @@ -880,7 +891,7 @@ public class AesGcmTest { byte[] input = new byte[0]; byte[] key = TestUtil.hexToBytes("56aae7bd5cbefc71d31c4338e6ddd6c5"); SecretKeySpec keySpec = new SecretKeySpec(key, "AES"); - Cipher cipher = Cipher.getInstance("AES/GCM/NoPadding"); + Cipher cipher = getAesGcmInstance(); Cipher block = Cipher.getInstance("AES/ECB/NoPadding"); block.init(Cipher.ENCRYPT_MODE, keySpec); byte[] hashkey = block.doFinal(new byte[16]); @@ -894,7 +905,6 @@ public class AesGcmTest { System.out.println("Hash subkey :" + TestUtil.bytesToHex(hashkey)); fail("Encrypting with an empty IV leaks the hash subkey."); } catch (GeneralSecurityException expected) { - System.out.println("testEncryptWithEmptyIv:" + expected.toString()); // expected behavior } } @@ -904,7 +914,7 @@ public class AesGcmTest { byte[] emptyIv = new byte[0]; byte[] key = TestUtil.hexToBytes("56aae7bd5cbefc71d31c4338e6ddd6c5"); SecretKeySpec keySpec = new SecretKeySpec(key, "AES"); - Cipher cipher = Cipher.getInstance("AES/GCM/NoPadding"); + Cipher cipher = getAesGcmInstance(); try { cipher.init(Cipher.DECRYPT_MODE, keySpec, new GCMParameterSpec(16 * 8, emptyIv)); String ciphertext = "2b65876c00d77facf8f3d0e5be792b129bab10b25bcb739b92d6e2eab241245ff449"; @@ -918,7 +928,7 @@ public class AesGcmTest { System.out.println("pt2:" + TestUtil.bytesToHex(pt2)); fail("AES-GCM must not accept an IV of size 0."); } catch (GeneralSecurityException expected) { - System.out.println("testDecryptWithEmptyIv:" + expected.toString()); + // expected behavior } } } |