Skip to content

Commit 1a5a2b6

Browse files
author
Valerie Peng
committed
8271745: Correct block size for KW,KWP mode and use fixed IV for KWP mode for SunJCE
Reviewed-by: xuelei, mullan
1 parent 2f01a6f commit 1a5a2b6

File tree

3 files changed

+213
-150
lines changed

3 files changed

+213
-150
lines changed

src/java.base/share/classes/com/sun/crypto/provider/AESKeyWrapPadded.java

Lines changed: 7 additions & 4 deletions
Original file line numberDiff line numberDiff line change
@@ -26,6 +26,7 @@
2626
package com.sun.crypto.provider;
2727

2828
import java.util.Arrays;
29+
import java.util.HexFormat;
2930
import java.security.*;
3031
import java.security.spec.*;
3132
import javax.crypto.*;
@@ -132,12 +133,14 @@ void init(boolean decrypting, String algorithm, byte[] key, byte[] iv)
132133
if (key == null) {
133134
throw new InvalidKeyException("Invalid null key");
134135
}
135-
if (iv != null && iv.length != ICV2.length) {
136-
throw new InvalidAlgorithmParameterException("Invalid IV length");
136+
// allow setting an iv but if non-null, must equal to ICV2
137+
if (iv != null && !Arrays.equals(iv, ICV2)) {
138+
HexFormat hf = HexFormat.of().withUpperCase();
139+
throw new InvalidAlgorithmParameterException("Invalid IV, got 0x" +
140+
hf.formatHex(iv) + " instead of 0x" + hf.formatHex(ICV2));
137141
}
138142
embeddedCipher.init(decrypting, algorithm, key);
139-
// iv is retrieved from IvParameterSpec.getIV() which is already cloned
140-
this.iv = (iv == null? ICV2 : iv);
143+
this.iv = ICV2;
141144
}
142145

143146
/**

src/java.base/share/classes/com/sun/crypto/provider/KeyWrapCipher.java

Lines changed: 6 additions & 8 deletions
Original file line numberDiff line numberDiff line change
@@ -70,28 +70,28 @@ public AES256_KW_NoPadding() {
7070
// for AES/KW/NoPadding
7171
public static final class AES_KW_PKCS5Padding extends KeyWrapCipher {
7272
public AES_KW_PKCS5Padding() {
73-
super(new AESKeyWrap(), new PKCS5Padding(16), -1);
73+
super(new AESKeyWrap(), new PKCS5Padding(8), -1);
7474
}
7575
}
7676

7777
// for AES_128/KW/NoPadding
7878
public static final class AES128_KW_PKCS5Padding extends KeyWrapCipher {
7979
public AES128_KW_PKCS5Padding() {
80-
super(new AESKeyWrap(), new PKCS5Padding(16), 16);
80+
super(new AESKeyWrap(), new PKCS5Padding(8), 16);
8181
}
8282
}
8383

8484
// for AES_192/KW/NoPadding
8585
public static final class AES192_KW_PKCS5Padding extends KeyWrapCipher {
8686
public AES192_KW_PKCS5Padding() {
87-
super(new AESKeyWrap(), new PKCS5Padding(16), 24);
87+
super(new AESKeyWrap(), new PKCS5Padding(8), 24);
8888
}
8989
}
9090

9191
// for AES_256/KW/NoPadding
9292
public static final class AES256_KW_PKCS5Padding extends KeyWrapCipher {
9393
public AES256_KW_PKCS5Padding() {
94-
super(new AESKeyWrap(), new PKCS5Padding(16), 32);
94+
super(new AESKeyWrap(), new PKCS5Padding(8), 32);
9595
}
9696
}
9797

@@ -230,13 +230,11 @@ protected void engineSetPadding(String padding)
230230
}
231231

232232
/**
233-
* Returns the block size (in bytes). i.e. 16 bytes.
234-
*
235-
* @return the block size (in bytes), i.e. 16 bytes.
233+
* @return the block size (in bytes)
236234
*/
237235
@Override
238236
protected int engineGetBlockSize() {
239-
return cipher.getBlockSize();
237+
return 8;
240238
}
241239

242240
/**

0 commit comments

Comments
 (0)