From 6bead185670e4177948ce9fef2deb0fa863079b6 Mon Sep 17 00:00:00 2001 From: Alex Chew Date: Fri, 12 Mar 2021 16:56:49 -0800 Subject: [PATCH] Validate that AesGcmSpi#engineInit gets non-null key (#146) * Validate that AesGcmSpi#engineInit gets non-null key * Update CHANGELOG * Only run AesTest#test_initNullKey for appropriate versions Co-authored-by: SalusaSecondus * make `key` final * Fix indent * bump to re-run CI checks Co-authored-by: SalusaSecondus --- CHANGELOG.md | 1 + .../corretto/crypto/provider/AesGcmSpi.java | 4 ++++ .../crypto/provider/test/AesTest.java | 21 +++++++++++++++++++ 3 files changed, 26 insertions(+) diff --git a/CHANGELOG.md b/CHANGELOG.md index 731e3162..7dca93d9 100644 --- a/CHANGELOG.md +++ b/CHANGELOG.md @@ -19,6 +19,7 @@ method. ### Patches * Add version gating to some tests introduced in 1.5.0 [PR #128](https://github.com/corretto/amazon-corretto-crypto-provider/pull/128) * More accurate output size estimates from `Cipher.getOutputSize()` [PR #138](https://github.com/corretto/amazon-corretto-crypto-provider/pull/138) +* Validate that `AesGcmSpi` receives a non-null key on init to prevent unncessarily late NPE [PR #146](https://github.com/corretto/amazon-corretto-crypto-provider/pull/146) ## 1.5.0 ### Breaking Change Warning diff --git a/src/com/amazon/corretto/crypto/provider/AesGcmSpi.java b/src/com/amazon/corretto/crypto/provider/AesGcmSpi.java index 023df3c1..90a9bef4 100644 --- a/src/com/amazon/corretto/crypto/provider/AesGcmSpi.java +++ b/src/com/amazon/corretto/crypto/provider/AesGcmSpi.java @@ -294,6 +294,10 @@ protected synchronized void engineInit(int opMode, Key key, SecureRandom secureR protected synchronized void engineInit( int jceOpMode, Key key, AlgorithmParameterSpec algorithmParameterSpec, SecureRandom secureRandom ) throws InvalidKeyException, InvalidAlgorithmParameterException { + if (key == null) { + throw new InvalidKeyException("Key can't be null"); + } + final GCMParameterSpec spec; if (algorithmParameterSpec instanceof GCMParameterSpec) { spec = (GCMParameterSpec) algorithmParameterSpec; diff --git a/tst/com/amazon/corretto/crypto/provider/test/AesTest.java b/tst/com/amazon/corretto/crypto/provider/test/AesTest.java index 0dbe5c9a..610c0568 100644 --- a/tst/com/amazon/corretto/crypto/provider/test/AesTest.java +++ b/tst/com/amazon/corretto/crypto/provider/test/AesTest.java @@ -23,9 +23,11 @@ import java.security.GeneralSecurityException; import java.security.InvalidAlgorithmParameterException; import java.security.InvalidKeyException; +import java.security.Key; import java.security.NoSuchAlgorithmException; import java.security.SecureRandom; import java.security.Security; +import java.security.spec.AlgorithmParameterSpec; import java.util.ArrayList; import java.util.Arrays; import java.util.List; @@ -579,6 +581,25 @@ public void test_initParameters() throws Throwable { assertArrayEquals(PLAINTEXT, decrypted); } + @SuppressWarnings("ConstantConditions") + @Test + public void test_initNullKey() throws Throwable { + assumeMinimumVersion("1.6.0", AmazonCorrettoCryptoProvider.INSTANCE); + jceC.init(Cipher.ENCRYPT_MODE, key); + + final Key key = null; + AlgorithmParameters params = jceC.getParameters(); + AlgorithmParameterSpec spec = params.getParameterSpec(GCMParameterSpec.class); + SecureRandom random = TestUtil.MISC_SECURE_RANDOM.get(); + + assertThrows(InvalidKeyException.class, () -> amznC.init(Cipher.ENCRYPT_MODE, key)); + assertThrows(InvalidKeyException.class, () -> amznC.init(Cipher.ENCRYPT_MODE, key, params)); + assertThrows(InvalidKeyException.class, () -> amznC.init(Cipher.ENCRYPT_MODE, key, params, random)); + assertThrows(InvalidKeyException.class, () -> amznC.init(Cipher.ENCRYPT_MODE, key, random)); + assertThrows(InvalidKeyException.class, () -> amznC.init(Cipher.ENCRYPT_MODE, key, spec)); + assertThrows(InvalidKeyException.class, () -> amznC.init(Cipher.ENCRYPT_MODE, key, spec, random)); + } + @Test public void test_bufferOverflows() throws Throwable { final SecureRandom rnd = TestUtil.MISC_SECURE_RANDOM.get();