initial cut of lightweight RFC5649 wrapping, added AES provider tests for other wrapping algorithms

4 files changed, 77 insertions, 16 deletions

diff --git a/prov/src/main/java/org/bouncycastle/jcajce/provider/symmetric/AES.java b/prov/src/main/java/org/bouncycastle/jcajce/provider/symmetric/AES.java
index 305df672..244342b1 100644
--- a/prov/src/main/java/org/bouncycastle/jcajce/provider/symmetric/AES.java
+++ b/prov/src/main/java/org/bouncycastle/jcajce/provider/symmetric/AES.java
@@ -20,6 +20,7 @@ import org.bouncycastle.crypto.CipherKeyGenerator;
 import org.bouncycastle.crypto.engines.AESFastEngine;
 import org.bouncycastle.crypto.engines.AESWrapEngine;
 import org.bouncycastle.crypto.engines.RFC3211WrapEngine;
+import org.bouncycastle.crypto.engines.RFC5649WrapEngine;
 import org.bouncycastle.crypto.generators.Poly1305KeyGenerator;
 import org.bouncycastle.crypto.macs.CMac;
 import org.bouncycastle.crypto.macs.GMac;
@@ -153,7 +154,15 @@ public final class AES
         }
     }
 
-    
+    public static class RFC5649Wrap
+        extends BaseWrapCipher
+    {
+        public RFC5649Wrap()
+        {
+            super(new RFC5649WrapEngine(new AESFastEngine()));
+        }
+    }
+
     /**
      * PBEWithAES-CBC
      */
@@ -512,7 +521,9 @@ public final class AES
             provider.addAlgorithm("Alg.Alias.Cipher." + NISTObjectIdentifiers.id_aes128_wrap, "AESWRAP");
             provider.addAlgorithm("Alg.Alias.Cipher." + NISTObjectIdentifiers.id_aes192_wrap, "AESWRAP");
             provider.addAlgorithm("Alg.Alias.Cipher." + NISTObjectIdentifiers.id_aes256_wrap, "AESWRAP");
+
             provider.addAlgorithm("Cipher.AESRFC3211WRAP", PREFIX + "$RFC3211Wrap");
+            provider.addAlgorithm("Cipher.AESRFC5649WRAP", PREFIX + "$RFC5649Wrap");
 
             provider.addAlgorithm("Cipher.GCM", PREFIX + "$GCM");
             provider.addAlgorithm("Alg.Alias.Cipher." + NISTObjectIdentifiers.id_aes128_GCM, "GCM");
diff --git a/prov/src/main/java/org/bouncycastle/jcajce/provider/symmetric/util/BaseWrapCipher.java b/prov/src/main/java/org/bouncycastle/jcajce/provider/symmetric/util/BaseWrapCipher.java
index 4492a7bd..42ab6217 100644
--- a/prov/src/main/java/org/bouncycastle/jcajce/provider/symmetric/util/BaseWrapCipher.java
+++ b/prov/src/main/java/org/bouncycastle/jcajce/provider/symmetric/util/BaseWrapCipher.java
@@ -32,6 +32,7 @@ import org.bouncycastle.crypto.InvalidCipherTextException;
 import org.bouncycastle.crypto.Wrapper;
 import org.bouncycastle.crypto.params.KeyParameter;
 import org.bouncycastle.crypto.params.ParametersWithIV;
+import org.bouncycastle.crypto.params.ParametersWithRandom;
 import org.bouncycastle.jce.provider.BouncyCastleProvider;
 
 public abstract class BaseWrapCipher
@@ -164,6 +165,11 @@ public abstract class BaseWrapCipher
             param = new ParametersWithIV(param, iv);
         }
 
+        if (random != null)
+        {
+            param = new ParametersWithRandom(param, random);
+        }
+
         switch (opmode)
         {
         case Cipher.WRAP_MODE:
diff --git a/prov/src/test/java/org/bouncycastle/jce/provider/test/AESTest.java b/prov/src/test/java/org/bouncycastle/jce/provider/test/AESTest.java
index b9ea1335..72a8a347 100644
--- a/prov/src/test/java/org/bouncycastle/jce/provider/test/AESTest.java
+++ b/prov/src/test/java/org/bouncycastle/jce/provider/test/AESTest.java
@@ -1,8 +1,11 @@
 package org.bouncycastle.jce.provider.test;
 
-import org.bouncycastle.asn1.nist.NISTObjectIdentifiers;
-import org.bouncycastle.jce.provider.BouncyCastleProvider;
-import org.bouncycastle.util.encoders.Hex;
+import java.io.ByteArrayInputStream;
+import java.io.ByteArrayOutputStream;
+import java.io.DataInputStream;
+import java.io.IOException;
+import java.security.Key;
+import java.security.Security;
 
 import javax.crypto.Cipher;
 import javax.crypto.CipherInputStream;
@@ -10,12 +13,11 @@ import javax.crypto.CipherOutputStream;
 import javax.crypto.NoSuchPaddingException;
 import javax.crypto.spec.IvParameterSpec;
 import javax.crypto.spec.SecretKeySpec;
-import java.io.ByteArrayInputStream;
-import java.io.ByteArrayOutputStream;
-import java.io.DataInputStream;
-import java.io.IOException;
-import java.security.Key;
-import java.security.Security;
+
+import org.bouncycastle.asn1.nist.NISTObjectIdentifiers;
+import org.bouncycastle.crypto.prng.FixedSecureRandom;
+import org.bouncycastle.jce.provider.BouncyCastleProvider;
+import org.bouncycastle.util.encoders.Hex;
 
 /**
  * basic test class for the AES cipher vectors from FIPS-197
@@ -351,6 +353,19 @@ public class AESTest
         
         wrapTest(1, "AESWrap", kek1, in1, out1);
 
+        byte[]  kek2 = Hex.decode("000102030405060708090a0b0c0d0e0f");
+        byte[]  in2 = Hex.decode("00112233445566778899aabbccddeeff");
+        byte[]  out2 = Hex.decode("7c8798dfc802553b3f00bb4315e3a087322725c92398b9c112c74d0925c63b61");
+        String  rndData = "68d38e9635962288d4daa1df203e3e2a15adb2f1da8998b72ac24ab1c78cceac";
+
+        wrapTest(2, "AESRFC3211WRAP", kek2,  kek2, new FixedSecureRandom(Hex.decode(rndData + rndData)), in2, out2);
+
+        byte[] kek3 = Hex.decode("5840df6e29b02af1ab493b705bf16ea1ae8338f4dcc176a8");
+        byte[] in3 = Hex.decode("c37b7e6492584340bed12207808941155068f738");
+        byte[] out3 = Hex.decode("138bdeaa9b8fa7fc61f97742e72248ee5ae6ae5360d1ae6a5f54f373fa543b6a");
+
+        wrapTest(3, "AESRFC5649WRAP", kek3, in3, out3);
+
         String[] oids = {
                 NISTObjectIdentifiers.id_aes128_ECB.getId(),
                 NISTObjectIdentifiers.id_aes128_CBC.getId(),
diff --git a/prov/src/test/java/org/bouncycastle/jce/provider/test/BaseBlockCipherTest.java b/prov/src/test/java/org/bouncycastle/jce/provider/test/BaseBlockCipherTest.java
index ebc56002..379bd44f 100644
--- a/prov/src/test/java/org/bouncycastle/jce/provider/test/BaseBlockCipherTest.java
+++ b/prov/src/test/java/org/bouncycastle/jce/provider/test/BaseBlockCipherTest.java
@@ -1,15 +1,17 @@
 package org.bouncycastle.jce.provider.test;
 
-import org.bouncycastle.util.encoders.Hex;
-import org.bouncycastle.util.test.SimpleTest;
-import org.bouncycastle.util.test.TestFailedException;
+import java.security.Key;
+import java.security.SecureRandom;
 
 import javax.crypto.Cipher;
 import javax.crypto.KeyGenerator;
 import javax.crypto.SecretKey;
 import javax.crypto.spec.IvParameterSpec;
 import javax.crypto.spec.SecretKeySpec;
-import java.security.Key;
+
+import org.bouncycastle.util.encoders.Hex;
+import org.bouncycastle.util.test.SimpleTest;
+import org.bouncycastle.util.test.TestFailedException;
 
 public abstract class BaseBlockCipherTest
     extends SimpleTest
@@ -104,9 +106,29 @@ public abstract class BaseBlockCipherTest
         byte[]  out)
         throws Exception
     {
+        wrapTest(id, wrappingAlgorithm, kek, null, null, in, out);
+    }
+
+    protected void wrapTest(
+        int     id,
+        String  wrappingAlgorithm,
+        byte[]  kek,
+        byte[] iv,
+        SecureRandom rand,
+        byte[]  in,
+        byte[]  out)
+        throws Exception
+    {
         Cipher wrapper = Cipher.getInstance(wrappingAlgorithm, "BC");
 
-        wrapper.init(Cipher.WRAP_MODE, new SecretKeySpec(kek, algorithm));
+        if (iv != null)
+        {
+            wrapper.init(Cipher.WRAP_MODE, new SecretKeySpec(kek, algorithm), new IvParameterSpec(iv), rand);
+        }
+        else
+        {
+            wrapper.init(Cipher.WRAP_MODE, new SecretKeySpec(kek, algorithm), rand);
+        }
 
         try
         {
@@ -125,7 +147,14 @@ public abstract class BaseBlockCipherTest
             fail("failed wrap test exception " + e.toString(), e);
         }
 
-        wrapper.init(Cipher.UNWRAP_MODE, new SecretKeySpec(kek, algorithm));
+        if (iv != null)
+        {
+            wrapper.init(Cipher.UNWRAP_MODE, new SecretKeySpec(kek, algorithm), new IvParameterSpec(iv));
+        }
+        else
+        {
+            wrapper.init(Cipher.UNWRAP_MODE, new SecretKeySpec(kek, algorithm));
+        }
 
         try
         {