diff options
| author | Treehugger Robot <treehugger-gerrit@google.com> | 2016-09-23 08:49:48 +0000 |
|---|---|---|
| committer | Gerrit Code Review <noreply-gerritcodereview@google.com> | 2016-09-23 08:49:48 +0000 |
| commit | 90a3bb3315d94cfbd77d70f918119c44bb41e180 (patch) | |
| tree | eb807a1423f23867c80ae6747ca0dfdbef0fade0 | |
| parent | a90dfabdef334de9a695a6c0a8d75105435f178e (diff) | |
| parent | 02fa18e3caefb812a3611bffbc32f8589c717d42 (diff) | |
Merge "GCM ciphers should not allow key and nonce re-use"
| -rw-r--r-- | luni/src/test/java/libcore/javax/crypto/CipherTest.java | 27 |
1 files changed, 17 insertions, 10 deletions
diff --git a/luni/src/test/java/libcore/javax/crypto/CipherTest.java b/luni/src/test/java/libcore/javax/crypto/CipherTest.java index 7299c00933..8dad349c02 100644 --- a/luni/src/test/java/libcore/javax/crypto/CipherTest.java +++ b/luni/src/test/java/libcore/javax/crypto/CipherTest.java @@ -1506,10 +1506,7 @@ public final class CipherTest extends TestCase { c.updateAAD(new byte[24]); } byte[] cipherText = c.doFinal(getActualPlainText(algorithm)); - if (!isRandomizedEncryption(algorithm)) { - if (isAEAD(algorithm)) { - c.updateAAD(new byte[24]); - } + if (!isRandomizedEncryption(algorithm) && !isAEAD(algorithm)) { byte[] cipherText2 = c.doFinal(getActualPlainText(algorithm)); assertEquals(cipherID, Arrays.toString(cipherText), Arrays.toString(cipherText2)); } @@ -4139,17 +4136,27 @@ public final class CipherTest extends TestCase { assertEquals(Arrays.toString(c1.doFinal()), Arrays.toString(c2.doFinal())); - // .doFinal should also reset the state, so check that as well. + // .doFinal should also not allow reuse without re-initialization byte[] aad2 = new byte[] { 0x77, 0x66, 0x55, 0x44, 0x33, 0x22, 0x11, }; + try { + c1.updateAAD(aad2); + fail("Should not allow updateAAD without re-initialization"); + } catch (IllegalStateException expected) { + } - Cipher c3 = Cipher.getInstance("AES/GCM/NoPadding"); - c3.init(Cipher.ENCRYPT_MODE, key, spec); + try { + c1.update(new byte[8]); + fail("Should not allow update without re-initialization"); + } catch (IllegalStateException expected) { + } - c1.updateAAD(aad2); - c3.updateAAD(aad2); - assertEquals(Arrays.toString(c1.doFinal()), Arrays.toString(c3.doFinal())); + try { + c1.doFinal(); + fail("Should not allow doFinal without re-initialization"); + } catch (IllegalStateException expected) { + } } /** |