Skip to content
Permalink
Browse files
8265500: Some impls of javax.crypto.Cipher.init() do not throw Unsupp…
…ortedOperationExc for unsupported modes

Reviewed-by: xuelei
  • Loading branch information
Valerie Peng committed Jun 17, 2021
1 parent 9130b8a commit 80dc262e8132204d70b184b32978e6c456460fb0
Showing 8 changed files with 303 additions and 54 deletions.
@@ -179,14 +179,16 @@ protected void engineInit(int opmode, Key key,
init(opmode, key);
}

// init method. Check opmode and key, then call init(byte[]).
// init method. Check key, then call init(byte[]).
private void init(int opmode, Key key) throws InvalidKeyException {

// Cipher.init() already checks opmode to be:
// ENCRYPT_MODE/DECRYPT_MODE/WRAP_MODE/UNWRAP_MODE

if (lastKey != null) {
Arrays.fill(lastKey, (byte)0);
}
if ((opmode < Cipher.ENCRYPT_MODE) || (opmode > Cipher.UNWRAP_MODE)) {
throw new InvalidKeyException("Unknown opmode: " + opmode);
}

lastKey = getEncodedKey(key);
init(lastKey);
}
@@ -535,12 +535,11 @@ private static byte[] createRandomNonce(SecureRandom random) {
*/
private void init(int opmode, Key key, byte[] newNonce)
throws InvalidKeyException {
// Cipher.init() already checks opmode to be:
// ENCRYPT_MODE/DECRYPT_MODE/WRAP_MODE/UNWRAP_MODE
if ((opmode == Cipher.WRAP_MODE) || (opmode == Cipher.UNWRAP_MODE)) {
throw new UnsupportedOperationException(
"WRAP_MODE and UNWRAP_MODE are not currently supported");
} else if ((opmode != Cipher.ENCRYPT_MODE) &&
(opmode != Cipher.DECRYPT_MODE)) {
throw new InvalidKeyException("Unknown opmode: " + opmode);
}

// Make sure that the provided key and nonce are unique before
@@ -1,5 +1,5 @@
/*
* Copyright (c) 2003, 2020, Oracle and/or its affiliates. All rights reserved.
* Copyright (c) 2003, 2021, Oracle and/or its affiliates. All rights reserved.
* DO NOT ALTER OR REMOVE COPYRIGHT NOTICES OR THIS FILE HEADER.
*
* This code is free software; you can redistribute it and/or modify it
@@ -261,7 +261,8 @@ private void init(int opmode, Key key, SecureRandom random,
encrypt = false;
break;
default:
throw new InvalidKeyException("Unknown mode: " + opmode);
// should never happen; checked by Cipher.init()
throw new AssertionError("Unknown mode: " + opmode);
}
RSAKey rsaKey = RSAKeyFactory.toRSAKey(key);
if (rsaKey instanceof RSAPublicKey) {
@@ -356,9 +356,13 @@ private void implInit(int opmode, Key key, byte[] iv, int tagLen,
encrypt = false;
requireReinit = false;
break;
default:
throw new InvalidAlgorithmParameterException
case Cipher.WRAP_MODE:
case Cipher.UNWRAP_MODE:
throw new UnsupportedOperationException
("Unsupported mode: " + opmode);
default:
// should never happen; checked by Cipher.init()
throw new AssertionError("Unknown mode: " + opmode);
}

// decryption without parameters is checked in all engineInit() calls
@@ -370,9 +370,13 @@ private void implInit(int opmode, Key key, byte[] iv,
case Cipher.DECRYPT_MODE:
encrypt = false;
break;
default:
throw new InvalidAlgorithmParameterException
case Cipher.WRAP_MODE:
case Cipher.UNWRAP_MODE:
throw new UnsupportedOperationException
("Unsupported mode: " + opmode);
default:
// should never happen; checked by Cipher.init()
throw new AssertionError("Unknown mode: " + opmode);
}
if (blockMode == MODE_ECB) { // ECB or stream cipher
if (iv != null) {
@@ -1,5 +1,5 @@
/*
* Copyright (c) 2005, 2018, Oracle and/or its affiliates. All rights reserved.
* Copyright (c) 2005, 2021, Oracle and/or its affiliates. All rights reserved.
* DO NOT ALTER OR REMOVE COPYRIGHT NOTICES OR THIS FILE HEADER.
*
* This code is free software; you can redistribute it and/or modify it
@@ -204,7 +204,8 @@ private void init(int opmode, Key key) throws InvalidKeyException {
encrypt = false;
break;
default:
throw new InvalidKeyException("Unknown mode: " + opmode);
// should never happen; checked by Cipher.init()
throw new AssertionError("Unknown mode: " + opmode);
}

if (!(key instanceof CKey)) {
@@ -33,89 +33,151 @@

import java.security.*;
import java.security.spec.*;
import java.util.Arrays;

import javax.crypto.*;
import javax.crypto.spec.SecretKeySpec;

public class TestCipherMode {

private static final String[] TRANSFORMATIONS = {
"DES/ECB/PKCS5Padding",
"AES/KW/NoPadding",
"AES/KW/PKCS5Padding",
"AES/KWP/NoPadding",
"DES/ECB/PKCS5Padding", // CipherCore
"AES/GCM/NoPadding", // GaloisCounterMode
"AES/KW/NoPadding", // KeyWrapCipher
"AES/KW/PKCS5Padding", // KeyWrapCipher
"AES/KWP/NoPadding", // KeyWrapCipher
"RSA/ECB/NoPadding", // RSACipher
"DESedeWrap/CBC/NoPadding", // DESedeWrapCipher
"ChaCha20-Poly1305", // ChaCha20Cipher
};

private static final byte[] BYTES32 =
Arrays.copyOf(TRANSFORMATIONS[0].getBytes(), 32);
private static final SecretKey DES_KEY =
new SecretKeySpec(new byte[8], "DES");
new SecretKeySpec(BYTES32, 0, 8, "DES");
private static final SecretKey AES_KEY =
new SecretKeySpec(new byte[16], "AES");
new SecretKeySpec(BYTES32, 0, 16, "AES");

public static void main(String[] argv) throws Exception {
for (String t : TRANSFORMATIONS) {
System.out.println("Testing SunJCE provider, Cipher " + t );

TestCipherMode test = new TestCipherMode(t);
System.out.println("Testing ENCRYPT_MODE...");
test.checkMode(Cipher.ENCRYPT_MODE, "encryption");
System.out.println("Testing DECRYPT_MODE...");
test.checkMode(Cipher.DECRYPT_MODE, "decryption");
System.out.println("Testing WRAP_MODE...");
test.checkMode(Cipher.WRAP_MODE, "key wrapping");
System.out.println("Testing UNWRAP_MODE...");
test.checkMode(Cipher.UNWRAP_MODE, "key unwrapping");
private static enum CipherMode {
ENCRYPT(Cipher.ENCRYPT_MODE),
DECRYPT(Cipher.DECRYPT_MODE),
WRAP(Cipher.WRAP_MODE),
UNWRAP(Cipher.UNWRAP_MODE),
NONEXISTENT(100);

int value;

CipherMode(int value) {
this.value = value;
}
}

private static Key getKey(String t, CipherMode m)
throws NoSuchAlgorithmException, NoSuchProviderException {
Key key;
String algo = t.split("/")[0];
switch (algo) {
case "AES":
key = AES_KEY;
break;
case "RSA":
KeyPairGenerator kpg = KeyPairGenerator.getInstance(algo);
KeyPair kp = kpg.generateKeyPair();
key = ((m == CipherMode.ENCRYPT || m == CipherMode.UNWRAP)?
kp.getPrivate() : kp.getPublic());
break;
case "ChaCha20-Poly1305":
key = new SecretKeySpec(BYTES32, 0, 32, "ChaCha20");
break;
case "DES":
key = new SecretKeySpec(BYTES32, 0, 8, algo);
break;
case "DESedeWrap":
key = new SecretKeySpec(BYTES32, 0, 24, "DESede");
break;
default:
throw new RuntimeException("Unknown transformation: " + t);
}
return key;
}

public static void main(String[] argv) throws Exception {

TestCipherMode test = new TestCipherMode("SunJCE", TRANSFORMATIONS);
System.out.println("All Tests Passed");
}

private Cipher c = null;
private SecretKey key = null;

private TestCipherMode(String transformation)
throws NoSuchAlgorithmException, NoSuchProviderException,
NoSuchPaddingException {
c = Cipher.getInstance(transformation, "SunJCE");
this.key = switch (transformation.split("/")[0]) {
case "DES" -> DES_KEY;
case "AES" -> AES_KEY;
default -> throw new RuntimeException
("Error: Unsupported key algorithm");
};
private TestCipherMode(String provName, String... transformations)
throws Exception {

System.out.println("Testing " + provName);

for (String t : transformations) {
for (CipherMode m : CipherMode.values()) {
checkMode(t, m, provName);
}
}
}

private void checkMode(int mode, String opString) throws Exception {
c.init(mode, key);
private void checkMode(String t, CipherMode mode, String provName)
throws Exception {
Cipher c = Cipher.getInstance(t, provName);
Key key = getKey(t, mode);

System.out.println(c.getAlgorithm() + " with " + mode.name());
try {
c.init(mode.value, key, c.getParameters());
if (mode == CipherMode.NONEXISTENT) {
throw new Exception("ERROR: should throw IPE for init()");
}
} catch (UnsupportedOperationException uoe) {
// some may not support wrap/unwrap or enc/dec
if (mode != CipherMode.NONEXISTENT) {
System.out.println("Expected UOE thrown with init()");
return;
}
throw uoe;
} catch (InvalidParameterException ipe) {
if (mode == CipherMode.NONEXISTENT) {
System.out.println("=> expected IPE thrown for init()");
return;
}
throw ipe;
}

switch (mode) {
case Cipher.ENCRYPT_MODE:
case Cipher.DECRYPT_MODE:
case ENCRYPT:
case DECRYPT:
// call wrap()/unwrap() and see if ISE is thrown.
try {
c.wrap(key);
throw new Exception("ERROR: should throw ISE for wrap()");
} catch (IllegalStateException ise) {
System.out.println("expected ISE is thrown for wrap()");
System.out.println("=> expected ISE thrown for wrap()");
}
try {
c.unwrap(new byte[16], key.getAlgorithm(), Cipher.SECRET_KEY);
throw new Exception("ERROR: should throw ISE for unwrap()");
} catch (IllegalStateException ise) {
System.out.println("expected ISE is thrown for unwrap()");
System.out.println("=> expected ISE thrown for unwrap()");
}
break;
case Cipher.WRAP_MODE:
case Cipher.UNWRAP_MODE:
case WRAP:
case UNWRAP:
try {
c.update(new byte[16]);
throw new Exception("ERROR: should throw ISE for update()");
} catch (IllegalStateException ise) {
System.out.println("expected ISE is thrown for update()");
System.out.println("=> expected ISE thrown for update()");
}
try {
c.doFinal();
throw new Exception("ERROR: should throw ISE for doFinal()");
} catch (IllegalStateException ise) {
System.out.println("expected ISE is thrown for doFinal()");
System.out.println("=> expected ISE thrown for doFinal()");
}
break;
}

0 comments on commit 80dc262

Please sign in to comment.