Uploaded image for project: 'JDK'
  1. JDK
  2. JDK-4513830

Cipher.getOutputSize method unnecessarily add output size in DECRYPT mode

    XMLWordPrintable

    Details

    • Subcomponent:
    • Resolved In Build:
      beagle
    • CPU:
      sparc
    • OS:
      solaris_8
    • Verification:
      Verified

      Description

      Cipher.getOutputSize method unnecessarily add output size in DECRYPT mode. recovered text size is less than or equal to the size of cipher text. AES cipher can not distiguish the ENCRYPT mode and DECRYPT mode, getOutputSize method always add some length upto 16 more even in decryption case. The following program demonstrates this.

      //test the length of recovered text

      import java.io.PrintStream;
      import java.security.*;
      import java.security.spec.*;
      import java.util.Random;

      import javax.crypto.*;
      import javax.crypto.spec.*;
      import java.security.Provider;
      import com.sun.advcrypto.provider.SunAES;

      public class test {

           public static void main( String argv[] ) {
          
           String algorithm = "AES";
           String mode = "ECB";
          byte[] iv = null;
          String padding = "PKCS5Padding";
           int keyStrength=128;
           AlgorithmParameterSpec aps = null;
          
           try{
          
           // Initialization
      Random rdm = new Random();
      byte[] plainText=new byte[125];
      rdm.nextBytes(plainText);
      System.out.println("plain text length is "+plainText.length);
              
        Cipher ci = Cipher.getInstance( algorithm + "/" + mode + "/" + padding);
       
           KeyGenerator kg = KeyGenerator.getInstance( algorithm);
           kg.init(keyStrength);
           SecretKey key = kg.generateKey();

                      // encrypt
           ci.init( Cipher.ENCRYPT_MODE, key, aps);
           byte[] cipherText = new byte[ci.getOutputSize(plainText.length)];
      System.out.println("cipherText length is "+cipherText.length);
           int offset = ci.update(plainText, 0, plainText.length, cipherText, 0);
           ci.doFinal( cipherText, offset );

      //Decrypt
      ci.init( Cipher.DECRYPT_MODE, key, aps);
        byte[] recoveredText = new byte[ci.getOutputSize(cipherText.length)];
      System.out.println("Recovertext length is "+recoveredText.length);
           int len = ci.doFinal( cipherText, 0, cipherText.length, recoveredText );
      System.out.println("The length actually needed is "+len);

           }catch(Exception ex){
           System.out.println("FAILED");
           ex.printStackTrace();
          
           }
           }
      }

      lwang:/home/lw129730/AES/testcode/test( 117 )%java test
      plain text length is 125
      cipherText length is 128
      Recovertext length is 144
      The length actually needed is 125

        Attachments

          Activity

            People

            Assignee:
            valeriep Valerie Peng
            Reporter:
            duke J. Duke (Inactive)
            Votes:
            0 Vote for this issue
            Watchers:
            0 Start watching this issue

              Dates

              Created:
              Updated:
              Resolved:
              Imported:
              Indexed: