summaryrefslogtreecommitdiffstats
diff options
context:
space:
mode:
authorSergio Giro <sgiro@google.com>2016-02-23 18:53:33 +0000
committerThe Android Automerger <android-build@google.com>2016-02-26 16:56:17 -0800
commit4e6f59996fae4f9a2de077b113be46cd461e4b4d (patch)
tree717a3e7abe15516bfe1be11046b533ff7497b8f3
parent6de5831683acc64e2ca5efa61fae6834314d0eb2 (diff)
downloadlibcore-4e6f59996fae4f9a2de077b113be46cd461e4b4d.zip
libcore-4e6f59996fae4f9a2de077b113be46cd461e4b4d.tar.gz
libcore-4e6f59996fae4f9a2de077b113be46cd461e4b4d.tar.bz2
GCMParameters: check that the default tag size is secure (16 bits)
Note: port of cr/110497945 Bug: 26231099 Bug: 26234568 Change-Id: I3eef233b15ded9553c3cdfd1c51ffef306276f7d
-rw-r--r--luni/src/test/java/libcore/javax/crypto/CipherTest.java22
1 files changed, 22 insertions, 0 deletions
diff --git a/luni/src/test/java/libcore/javax/crypto/CipherTest.java b/luni/src/test/java/libcore/javax/crypto/CipherTest.java
index dd7d6e7..38d6d8d 100644
--- a/luni/src/test/java/libcore/javax/crypto/CipherTest.java
+++ b/luni/src/test/java/libcore/javax/crypto/CipherTest.java
@@ -3203,6 +3203,28 @@ public final class CipherTest extends TestCase {
}
}
+ public void test_DefaultGCMTagSizeAlgorithmParameterSpec() throws Exception {
+ final String AES = "AES";
+ final String AES_GCM = "AES/GCM/NoPadding";
+ byte[] input = new byte[16];
+ byte[] key = new byte[16];
+ Cipher cipher = Cipher.getInstance(AES_GCM, "BC");
+ AlgorithmParameters param = AlgorithmParameters.getInstance("GCM");
+ param.init(new byte[] {
+ (byte) 48, // DER encoding : tag_Sequence
+ (byte) 14, // DER encoding : total length
+ (byte) 4, // DER encoding : tag_OctetString
+ (byte) 12, // DER encoding : counter length
+ // Note that IV's size 12 bytes is recommended, but authentication tag size should be 16
+ // bytes.
+ (byte) 0, (byte) 0, (byte) 0, (byte) 0, (byte) 0, (byte) 0,
+ (byte) 0, (byte) 0, (byte) 0, (byte) 0, (byte) 0, (byte) 0 });
+ cipher.init(Cipher.ENCRYPT_MODE, new SecretKeySpec(key, AES), param);
+ byte[] ciphertext = cipher.update(input);
+ byte[] tag = cipher.doFinal();
+ assertEquals(16, tag.length);
+ }
+
public void testAES_ECB_PKCS5Padding_ShortBuffer_Failure() throws Exception {
for (String provider : AES_PROVIDERS) {
testAES_ECB_PKCS5Padding_ShortBuffer_Failure(provider);