changeset 13322:adfa8e49e606

8129567: CRYPTO_MECHANISM_PARAM_INVALID occurs if GCM mode parameter which is used as an IV is set to all zeros Reviewed-by: mullan Contributed-by: bhanu.prakash.gopularam@oracle.com
author asmotrak
date Wed, 16 Dec 2015 08:38:10 -0800
parents fde541585d1c
children bf45d4fe77c3
files test/com/oracle/security/ucrypto/TestCICOWithGCMAndAAD.java test/com/oracle/security/ucrypto/TestGCMKeyAndIvCheck.java
diffstat 2 files changed, 9 insertions(+), 2 deletions(-) [+]
line wrap: on
line diff
--- a/test/com/oracle/security/ucrypto/TestCICOWithGCMAndAAD.java	Wed Dec 16 12:17:03 2015 +0000
+++ b/test/com/oracle/security/ucrypto/TestCICOWithGCMAndAAD.java	Wed Dec 16 08:38:10 2015 -0800
@@ -65,7 +65,10 @@
         byte[] aad2 = aad.clone();
         aad2[50]++;
 
-        GCMParameterSpec spec = new GCMParameterSpec(128, new byte[16]);
+        byte[] iv = new byte[16];
+        rdm.nextBytes(iv);
+
+        GCMParameterSpec spec = new GCMParameterSpec(128, iv);
         Cipher encCipher = Cipher.getInstance("AES/GCM/NoPadding", p);
         encCipher.init(Cipher.ENCRYPT_MODE, key, spec);
         encCipher.updateAAD(aad);
--- a/test/com/oracle/security/ucrypto/TestGCMKeyAndIvCheck.java	Wed Dec 16 12:17:03 2015 +0000
+++ b/test/com/oracle/security/ucrypto/TestGCMKeyAndIvCheck.java	Wed Dec 16 08:38:10 2015 -0800
@@ -126,7 +126,11 @@
         }
 
         // Now try to encrypt again using a different parameter; should work
-        c.init(Cipher.ENCRYPT_MODE, key, new GCMParameterSpec(128, new byte[30]));
+        byte[] rdm_iv = new byte[30];
+        Random rdm = new Random();
+        rdm.nextBytes(rdm_iv);
+
+        c.init(Cipher.ENCRYPT_MODE, key, new GCMParameterSpec(128, rdm_iv));
         c.updateAAD(AAD);
         c.doFinal(PT);
         // subsequent encryption should fail unless re-init w/ different key+iv