summaryrefslogtreecommitdiffstats
diff options
context:
space:
mode:
authorSergio Giro <sgiro@google.com>2016-02-23 18:53:33 +0000
committerThe Android Automerger <android-build@google.com>2016-03-01 15:26:49 -0800
commitb307d3520ae526e437fa1ede12ff6f113fe9e8f9 (patch)
tree7b6410a0b15d7d2dbf21258e28eb2e626249a8c2
parente7bdc26218b2f0fa323778de1ff1449f4c5f5a52 (diff)
downloadlibcore-b307d3520ae526e437fa1ede12ff6f113fe9e8f9.zip
libcore-b307d3520ae526e437fa1ede12ff6f113fe9e8f9.tar.gz
libcore-b307d3520ae526e437fa1ede12ff6f113fe9e8f9.tar.bz2
GCMParameters: check that the default tag size is secure (16 bits)
Note: port of cr/110497945 Bug: 26231099 Bug: 26234568 Change-Id: I3eef233b15ded9553c3cdfd1c51ffef306276f7d
-rw-r--r--luni/src/test/java/libcore/javax/crypto/CipherTest.java22
1 files changed, 22 insertions, 0 deletions
diff --git a/luni/src/test/java/libcore/javax/crypto/CipherTest.java b/luni/src/test/java/libcore/javax/crypto/CipherTest.java
index dd7d6e7..38d6d8d 100644
--- a/luni/src/test/java/libcore/javax/crypto/CipherTest.java
+++ b/luni/src/test/java/libcore/javax/crypto/CipherTest.java
@@ -3203,6 +3203,28 @@ public final class CipherTest extends TestCase {
}
}
+ public void test_DefaultGCMTagSizeAlgorithmParameterSpec() throws Exception {
+ final String AES = "AES";
+ final String AES_GCM = "AES/GCM/NoPadding";
+ byte[] input = new byte[16];
+ byte[] key = new byte[16];
+ Cipher cipher = Cipher.getInstance(AES_GCM, "BC");
+ AlgorithmParameters param = AlgorithmParameters.getInstance("GCM");
+ param.init(new byte[] {
+ (byte) 48, // DER encoding : tag_Sequence
+ (byte) 14, // DER encoding : total length
+ (byte) 4, // DER encoding : tag_OctetString
+ (byte) 12, // DER encoding : counter length
+ // Note that IV's size 12 bytes is recommended, but authentication tag size should be 16
+ // bytes.
+ (byte) 0, (byte) 0, (byte) 0, (byte) 0, (byte) 0, (byte) 0,
+ (byte) 0, (byte) 0, (byte) 0, (byte) 0, (byte) 0, (byte) 0 });
+ cipher.init(Cipher.ENCRYPT_MODE, new SecretKeySpec(key, AES), param);
+ byte[] ciphertext = cipher.update(input);
+ byte[] tag = cipher.doFinal();
+ assertEquals(16, tag.length);
+ }
+
public void testAES_ECB_PKCS5Padding_ShortBuffer_Failure() throws Exception {
for (String provider : AES_PROVIDERS) {
testAES_ECB_PKCS5Padding_ShortBuffer_Failure(provider);