8271745: Correct block size for KW,KWP mode and use fixed IV for KWP mode for SunJCE

Valerie Peng · Valerie Peng · commit 1a5a2b6b15e2 · 2021-09-01T22:17:49.000Z
Reviewed-by: xuelei, mullan
diff --git a/src/java.base/share/classes/com/sun/crypto/provider/AESKeyWrapPadded.java b/src/java.base/share/classes/com/sun/crypto/provider/AESKeyWrapPadded.java
@@ -26,6 +26,7 @@
 package com.sun.crypto.provider;
 
 import java.util.Arrays;
+import java.util.HexFormat;
 import java.security.*;
 import java.security.spec.*;
 import javax.crypto.*;
@@ -132,12 +133,14 @@ void init(boolean decrypting, String algorithm, byte[] key, byte[] iv)
         if (key == null) {
             throw new InvalidKeyException("Invalid null key");
         }
-        if (iv != null && iv.length != ICV2.length) {
-            throw new InvalidAlgorithmParameterException("Invalid IV length");
+        // allow setting an iv but if non-null, must equal to ICV2
+        if (iv != null && !Arrays.equals(iv, ICV2)) {
+            HexFormat hf = HexFormat.of().withUpperCase();
+            throw new InvalidAlgorithmParameterException("Invalid IV, got 0x" +
+                    hf.formatHex(iv) + " instead of 0x" + hf.formatHex(ICV2));
         }
         embeddedCipher.init(decrypting, algorithm, key);
-        // iv is retrieved from IvParameterSpec.getIV() which is already cloned
-        this.iv = (iv == null? ICV2 : iv);
+        this.iv = ICV2;
     }
 
     /**
diff --git a/src/java.base/share/classes/com/sun/crypto/provider/KeyWrapCipher.java b/src/java.base/share/classes/com/sun/crypto/provider/KeyWrapCipher.java
@@ -70,28 +70,28 @@ public AES256_KW_NoPadding() {
     // for AES/KW/NoPadding
     public static final class AES_KW_PKCS5Padding extends KeyWrapCipher {
         public AES_KW_PKCS5Padding() {
-            super(new AESKeyWrap(), new PKCS5Padding(16), -1);
+            super(new AESKeyWrap(), new PKCS5Padding(8), -1);
         }
     }
 
     // for AES_128/KW/NoPadding
     public static final class AES128_KW_PKCS5Padding extends KeyWrapCipher {
         public AES128_KW_PKCS5Padding() {
-            super(new AESKeyWrap(), new PKCS5Padding(16), 16);
+            super(new AESKeyWrap(), new PKCS5Padding(8), 16);
         }
     }
 
     // for AES_192/KW/NoPadding
     public static final class AES192_KW_PKCS5Padding extends KeyWrapCipher {
         public AES192_KW_PKCS5Padding() {
-            super(new AESKeyWrap(), new PKCS5Padding(16), 24);
+            super(new AESKeyWrap(), new PKCS5Padding(8), 24);
         }
     }
 
     // for AES_256/KW/NoPadding
     public static final class AES256_KW_PKCS5Padding extends KeyWrapCipher {
         public AES256_KW_PKCS5Padding() {
-            super(new AESKeyWrap(), new PKCS5Padding(16), 32);
+            super(new AESKeyWrap(), new PKCS5Padding(8), 32);
         }
     }
 
@@ -230,13 +230,11 @@ protected void engineSetPadding(String padding)
     }
 
     /**
-     * Returns the block size (in bytes). i.e. 16 bytes.
-     *
-     * @return the block size (in bytes), i.e. 16 bytes.
+     * @return the block size (in bytes)
      */
     @Override
     protected int engineGetBlockSize() {
-        return cipher.getBlockSize();
+        return 8;
     }
 
     /**
diff --git a/test/jdk/com/sun/crypto/provider/Cipher/KeyWrap/TestGeneral.java b/test/jdk/com/sun/crypto/provider/Cipher/KeyWrap/TestGeneral.java

Original file line number	Diff line number	Diff line change
`@@ -70,28 +70,28 @@ public AES256_KW_NoPadding() {`
`70`	`70`	`// for AES/KW/NoPadding`
`71`	`71`	`public static final class AES_KW_PKCS5Padding extends KeyWrapCipher {`
`72`	`72`	`public AES_KW_PKCS5Padding() {`
`73`		`- super(new AESKeyWrap(), new PKCS5Padding(16), -1);`
	`73`	`+ super(new AESKeyWrap(), new PKCS5Padding(8), -1);`
`74`	`74`	`}`
`75`	`75`	`}`
`76`	`76`
`77`	`77`	`// for AES_128/KW/NoPadding`
`78`	`78`	`public static final class AES128_KW_PKCS5Padding extends KeyWrapCipher {`
`79`	`79`	`public AES128_KW_PKCS5Padding() {`
`80`		`- super(new AESKeyWrap(), new PKCS5Padding(16), 16);`
	`80`	`+ super(new AESKeyWrap(), new PKCS5Padding(8), 16);`
`81`	`81`	`}`
`82`	`82`	`}`
`83`	`83`
`84`	`84`	`// for AES_192/KW/NoPadding`
`85`	`85`	`public static final class AES192_KW_PKCS5Padding extends KeyWrapCipher {`
`86`	`86`	`public AES192_KW_PKCS5Padding() {`
`87`		`- super(new AESKeyWrap(), new PKCS5Padding(16), 24);`
	`87`	`+ super(new AESKeyWrap(), new PKCS5Padding(8), 24);`
`88`	`88`	`}`
`89`	`89`	`}`
`90`	`90`
`91`	`91`	`// for AES_256/KW/NoPadding`
`92`	`92`	`public static final class AES256_KW_PKCS5Padding extends KeyWrapCipher {`
`93`	`93`	`public AES256_KW_PKCS5Padding() {`
`94`		`- super(new AESKeyWrap(), new PKCS5Padding(16), 32);`
	`94`	`+ super(new AESKeyWrap(), new PKCS5Padding(8), 32);`
`95`	`95`	`}`
`96`	`96`	`}`
`97`	`97`
`@@ -230,13 +230,11 @@ protected void engineSetPadding(String padding)`
`230`	`230`	`}`
`231`	`231`
`232`	`232`	`/**`
`233`		`- * Returns the block size (in bytes). i.e. 16 bytes.`
`234`		`- *`
`235`		`- * @return the block size (in bytes), i.e. 16 bytes.`
	`233`	`+ * @return the block size (in bytes)`
`236`	`234`	`*/`
`237`	`235`	`@Override`
`238`	`236`	`protected int engineGetBlockSize() {`
`239`		`- return cipher.getBlockSize();`
	`237`	`+ return 8;`
`240`	`238`	`}`
`241`	`239`
`242`	`240`	`/**`