1 files changed, 146 insertions, 0 deletions

diff --git a/core/src/test/java/org/spongycastle/crypto/test/AESWrapPadTest.java b/core/src/test/java/org/spongycastle/crypto/test/AESWrapPadTest.java
new file mode 100644
index 00000000..992c4468
--- /dev/null
+++ b/core/src/test/java/org/spongycastle/crypto/test/AESWrapPadTest.java
@@ -0,0 +1,146 @@
+package org.spongycastle.crypto.test;
+
+import java.security.SecureRandom;
+
+import org.spongycastle.crypto.Wrapper;
+import org.spongycastle.crypto.engines.AESWrapPadEngine;
+import org.spongycastle.crypto.params.KeyParameter;
+import org.spongycastle.util.Arrays;
+import org.spongycastle.util.encoders.Hex;
+import org.spongycastle.util.test.SimpleTest;
+
+/**
+ * This is a test harness I use because I cannot modify the BC test harness without
+ * invalidating the signature on their signed provider library. The code here is not
+ * high quality but it does test the RFC vectors as well as randomly generated values.
+ * The RFC test vectors are tested by making sure both the ciphertext and decrypted
+ * values match the expected values whereas the random values are just checked to make
+ * sure that:
+ * <p>unwrap(wrap(random_value, random_kek), random_kek) == random_value.</p>
+ */
+
+public class AESWrapPadTest
+    extends SimpleTest
+{
+
+    private final int numOfRandomIterations = 100;
+
+    public AESWrapPadTest()
+    {
+
+    }
+
+    private void wrapAndUnwrap(byte[] kek, byte[] key, byte[] expected)
+        throws Exception
+    {
+        Wrapper wrapper = new AESWrapPadEngine();
+
+        wrapper.init(true, new KeyParameter(kek));
+
+        byte[] cipherText = wrapper.wrap(key, 0, key.length);
+        if (!areEqual(cipherText, expected))
+        {
+            fail("Wrapped value does not match expected.");
+        }
+        wrapper.init(false, new KeyParameter(kek));
+        byte[] plainText = wrapper.unwrap(cipherText, 0, cipherText.length);
+
+        if (!areEqual(key, plainText))
+        {
+            fail("Unwrapped value does not match original.");
+        }
+    }
+
+    private void wrapAndUnwrap(byte[] kek, byte[] key)
+        throws Exception
+    {
+        Wrapper wrapper = new AESWrapPadEngine();
+
+        wrapper.init(true, new KeyParameter(kek));
+
+        byte[] cipherText = wrapper.wrap(key, 0, key.length);
+
+        wrapper.init(false, new KeyParameter(kek));
+        byte[] plainText = wrapper.unwrap(cipherText, 0, cipherText.length);
+
+        if (!areEqual(key, plainText))
+        {
+            fail("Unwrapped value does not match original.");
+        }
+    }
+
+    public String getName()
+    {
+        return "AESWrapPad";
+    }
+
+    public void performTest()
+        throws Exception
+    {
+        // test RFC 5649 test vectors
+        byte[] kek = Hex.decode("5840df6e29b02af1ab493b705bf16ea1ae8338f4dcc176a8");
+        byte[] key = Hex.decode("c37b7e6492584340bed12207808941155068f738");
+        byte[] wrap = Hex.decode("138bdeaa9b8fa7fc61f97742e72248ee5ae6ae5360d1ae6a5f54f373fa543b6a");
+
+        wrapAndUnwrap(kek, key, wrap);
+
+        wrap = Hex.decode("afbeb0f07dfbf5419200f2ccb50bb24f");
+        key = Hex.decode("466f7250617369");
+        wrapAndUnwrap(kek, key, wrap);
+
+
+        //
+        // offset test
+        //
+        Wrapper wrapper = new AESWrapPadEngine();
+
+        byte[] pText = new byte[5 + key.length];
+        byte[]  cText;
+
+        System.arraycopy(key, 0, pText, 5, key.length);
+
+        wrapper.init(true, new KeyParameter(kek));
+
+        cText = wrapper.wrap(pText, 5, key.length);
+        if (!Arrays.areEqual(cText, wrap))
+        {
+            fail("failed offset wrap test expected " + new String(Hex.encode(wrap)) + " got " + new String(Hex.encode(cText)));
+        }
+
+        wrapper.init(false, new KeyParameter(kek));
+
+        cText = new byte[6 + wrap.length];
+        System.arraycopy(wrap, 0, cText, 6, wrap.length);
+
+        pText = wrapper.unwrap(cText, 6, wrap.length);
+        if (!Arrays.areEqual(pText, key))
+        {
+            fail("failed offset unwrap test expected " + new String(Hex.encode(key)) + " got " + new String(Hex.encode(pText)));
+        }
+
+        // test random values
+        SecureRandom rnd = new SecureRandom();
+        for (int i = 0; i < numOfRandomIterations; i++)
+        {
+            int kekLength = 128;
+            boolean shouldIncrease = (rnd.nextInt() & 0x01) != 0;
+            if (shouldIncrease)
+            {
+                kekLength = 256;
+            }
+            kek = new byte[kekLength / 8];
+            rnd.nextBytes(kek);
+            int keyToWrapSize = rnd.nextInt(256 / 8 - 8) + 8;
+            byte[] keyToWrap = new byte[keyToWrapSize];
+            rnd.nextBytes(keyToWrap);
+            wrapAndUnwrap(kek, keyToWrap);
+        }
+    }
+
+    public static void main(
+        String[]    args)
+    {
+        runTest(new AESWrapPadTest());
+    }
+}
+