Welcome to mirror list, hosted at ThFree Co, Russian Federation.

AESWrapPadTest.java « test « crypto « bouncycastle « org « java « test « src « core - gitlab.com/quite/humla-spongycastle.git - Unnamed repository; edit this file 'description' to name the repository.
summaryrefslogtreecommitdiff
path: root/core/src/test/java/org/bouncycastle/crypto/test/AESWrapPadTest.java
blob: fcf5979f8633e3b609be37a7a827dcafdd95b8e2 (plain) 
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
76
77
78
79
80
81
82
83
84
85
86
87
88
89
90
91
92
93
94
95
96
97
98
99
100
101
102
103
104
105
106
107
108
109
110
111
112
113
114
115
116
117
118
119
120
121
122
123
124
125
126
127
128
129
130
131
132
133
134
135
136
137
138
139
140
141
142
143
144
145
146

package org.bouncycastle.crypto.test;

import java.security.SecureRandom;

import org.bouncycastle.crypto.Wrapper;
import org.bouncycastle.crypto.engines.AESWrapPadEngine;
import org.bouncycastle.crypto.params.KeyParameter;
import org.bouncycastle.util.Arrays;
import org.bouncycastle.util.encoders.Hex;
import org.bouncycastle.util.test.SimpleTest;

/**
 * This is a test harness I use because I cannot modify the BC test harness without
 * invalidating the signature on their signed provider library. The code here is not
 * high quality but it does test the RFC vectors as well as randomly generated values.
 * The RFC test vectors are tested by making sure both the ciphertext and decrypted
 * values match the expected values whereas the random values are just checked to make
 * sure that:
 * <p>unwrap(wrap(random_value, random_kek), random_kek) == random_value.</p>
 */

public class AESWrapPadTest
    extends SimpleTest
{

    private final int numOfRandomIterations = 100;

    public AESWrapPadTest()
    {

    }

    private void wrapAndUnwrap(byte[] kek, byte[] key, byte[] expected)
        throws Exception
    {
        Wrapper wrapper = new AESWrapPadEngine();

        wrapper.init(true, new KeyParameter(kek));

        byte[] cipherText = wrapper.wrap(key, 0, key.length);
        if (!areEqual(cipherText, expected))
        {
            fail("Wrapped value does not match expected.");
        }
        wrapper.init(false, new KeyParameter(kek));
        byte[] plainText = wrapper.unwrap(cipherText, 0, cipherText.length);

        if (!areEqual(key, plainText))
        {
            fail("Unwrapped value does not match original.");
        }
    }

    private void wrapAndUnwrap(byte[] kek, byte[] key)
        throws Exception
    {
        Wrapper wrapper = new AESWrapPadEngine();

        wrapper.init(true, new KeyParameter(kek));

        byte[] cipherText = wrapper.wrap(key, 0, key.length);

        wrapper.init(false, new KeyParameter(kek));
        byte[] plainText = wrapper.unwrap(cipherText, 0, cipherText.length);

        if (!areEqual(key, plainText))
        {
            fail("Unwrapped value does not match original.");
        }
    }

    public String getName()
    {
        return "AESWrapPad";
    }

    public void performTest()
        throws Exception
    {
        // test RFC 5649 test vectors
        byte[] kek = Hex.decode("5840df6e29b02af1ab493b705bf16ea1ae8338f4dcc176a8");
        byte[] key = Hex.decode("c37b7e6492584340bed12207808941155068f738");
        byte[] wrap = Hex.decode("138bdeaa9b8fa7fc61f97742e72248ee5ae6ae5360d1ae6a5f54f373fa543b6a");

        wrapAndUnwrap(kek, key, wrap);

        wrap = Hex.decode("afbeb0f07dfbf5419200f2ccb50bb24f");
        key = Hex.decode("466f7250617369");
        wrapAndUnwrap(kek, key, wrap);


        //
        // offset test
        //
        Wrapper wrapper = new AESWrapPadEngine();

        byte[] pText = new byte[5 + key.length];
        byte[]  cText;

        System.arraycopy(key, 0, pText, 5, key.length);

        wrapper.init(true, new KeyParameter(kek));

        cText = wrapper.wrap(pText, 5, key.length);
        if (!Arrays.areEqual(cText, wrap))
        {
            fail("failed offset wrap test expected " + new String(Hex.encode(wrap)) + " got " + new String(Hex.encode(cText)));
        }

        wrapper.init(false, new KeyParameter(kek));

        cText = new byte[6 + wrap.length];
        System.arraycopy(wrap, 0, cText, 6, wrap.length);

        pText = wrapper.unwrap(cText, 6, wrap.length);
        if (!Arrays.areEqual(pText, key))
        {
            fail("failed offset unwrap test expected " + new String(Hex.encode(key)) + " got " + new String(Hex.encode(pText)));
        }

        // test random values
        SecureRandom rnd = new SecureRandom();
        for (int i = 0; i < numOfRandomIterations; i++)
        {
            int kekLength = 128;
            boolean shouldIncrease = (rnd.nextInt() & 0x01) != 0;
            if (shouldIncrease)
            {
                kekLength = 256;
            }
            kek = new byte[kekLength / 8];
            rnd.nextBytes(kek);
            int keyToWrapSize = rnd.nextInt(256 / 8 - 8) + 8;
            byte[] keyToWrap = new byte[keyToWrapSize];
            rnd.nextBytes(keyToWrap);
            wrapAndUnwrap(kek, keyToWrap);
        }
    }

    public static void main(
        String[]    args)
    {
        runTest(new AESWrapPadTest());
    }
}
generated by cgit v1.2.3 (git 2.25.1) at 2024-06-03 23:01:57 +0300