Throw InvalidKeyException if javax.crypto.Mac.init is invoked (#43)

Author: 05nelsonm

library/mac/src/commonTest/kotlin/org/kotlincrypto/core/MacUnitTest.kt

@@ -22,55 +22,6 @@ import kotlin.test.fail
 
 class MacUnitTest {
 
-    @Suppress("UnnecessaryOptInAnnotation")
-    @OptIn(InternalKotlinCryptoApi::class)
-    private class TestMac : Mac {
-
-        constructor(
-            key: ByteArray,
-            algorithm: String,
-            reset: () -> Unit = {},
-            doFinal: () -> ByteArray = { ByteArray(0) },
-        ): super(algorithm, TestEngine(key, reset, doFinal))
-
-        private constructor(algorithm: String, engine: TestEngine): super(algorithm, engine)
-
-        override fun copy(engineCopy: Engine): Mac = TestMac(algorithm(), engineCopy as TestEngine)
-
-        private class TestEngine: Engine {
-
-            private val reset: () -> Unit
-            private val doFinal: () -> ByteArray
-
-            constructor(
-                key: ByteArray,
-                reset: () -> Unit,
-                doFinal: () -> ByteArray,
-            ): super(key) {
-                this.reset = reset
-                this.doFinal = doFinal
-            }
-
-            private constructor(state: State, engine: TestEngine): super(state) {
-                this.reset = engine.reset
-                this.doFinal = engine.doFinal
-            }
-
-            // To ensure that Java implementation initializes javax.crypto.Mac
-            // on instantiation so that it does not throw IllegalStateException
-            // whenever updating.
-            override fun update(input: Byte) { throw ConcurrentModificationException() }
-
-            override fun reset() { reset.invoke() }
-            override fun update(input: ByteArray) {}
-            override fun update(input: ByteArray, offset: Int, len: Int) {}
-            override fun macLength(): Int = 0
-            override fun doFinal(): ByteArray = doFinal.invoke()
-
-            override fun copy(): Engine = TestEngine(object : State() {}, this)
-        }
-    }
-
     @Test
     fun givenMac_whenEmptyKey_thenThrowsException() {
         try {

library/mac/src/commonTest/kotlin/org/kotlincrypto/core/TestMac.kt

@@ -0,0 +1,65 @@
+/*
+ * Copyright (c) 2023 Matthew Nelson
+ *
+ * Licensed under the Apache License, Version 2.0 (the "License");
+ * you may not use this file except in compliance with the License.
+ * You may obtain a copy of the License at
+ *
+ *     https://www.apache.org/licenses/LICENSE-2.0
+ *
+ * Unless required by applicable law or agreed to in writing, software
+ * distributed under the License is distributed on an "AS IS" BASIS,
+ * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+ * See the License for the specific language governing permissions and
+ * limitations under the License.
+ **/
+package org.kotlincrypto.core
+
+@Suppress("UnnecessaryOptInAnnotation")
+@OptIn(InternalKotlinCryptoApi::class)
+class TestMac : Mac {
+
+    constructor(
+        key: ByteArray,
+        algorithm: String,
+        reset: () -> Unit = {},
+        doFinal: () -> ByteArray = { ByteArray(0) },
+    ): super(algorithm, TestEngine(key, reset, doFinal))
+
+    private constructor(algorithm: String, engine: TestEngine): super(algorithm, engine)
+
+    override fun copy(engineCopy: Engine): Mac = TestMac(algorithm(), engineCopy as TestEngine)
+
+    private class TestEngine: Engine {
+
+        private val reset: () -> Unit
+        private val doFinal: () -> ByteArray
+
+        constructor(
+            key: ByteArray,
+            reset: () -> Unit,
+            doFinal: () -> ByteArray,
+        ): super(key) {
+            this.reset = reset
+            this.doFinal = doFinal
+        }
+
+        private constructor(state: State, engine: TestEngine): super(state) {
+            this.reset = engine.reset
+            this.doFinal = engine.doFinal
+        }
+
+        // To ensure that Java implementation initializes javax.crypto.Mac
+        // on instantiation so that it does not throw IllegalStateException
+        // whenever updating.
+        override fun update(input: Byte) { throw ConcurrentModificationException() }
+
+        override fun reset() { reset.invoke() }
+        override fun update(input: ByteArray) {}
+        override fun update(input: ByteArray, offset: Int, len: Int) {}
+        override fun macLength(): Int = 0
+        override fun doFinal(): ByteArray = doFinal.invoke()
+
+        override fun copy(): Engine = TestEngine(object : State() {}, this)
+    }
+}

library/mac/src/jvmMain/kotlin/org/kotlincrypto/core/Mac.kt

@@ -18,6 +18,7 @@ package org.kotlincrypto.core
 import org.kotlincrypto.core.internal.commonInit
 import org.kotlincrypto.core.internal.commonToString
 import java.nio.ByteBuffer
+import java.security.InvalidKeyException
 import java.security.Key
 import java.security.spec.AlgorithmParameterSpec
 import javax.crypto.MacSpi
@@ -83,6 +84,7 @@ protected actual constructor(
     protected actual abstract class Engine: MacSpi, Cloneable, Copyable<Engine>, Resettable, Updatable {
 
         private val hashCode: Int = Any().hashCode()
+        private var isInitialized = false
 
         /**
          * Initializes a new [Engine] with the provided [key].
@@ -115,7 +117,25 @@ protected actual constructor(
         }
         protected final override fun engineReset() { reset() }
         protected final override fun engineGetMacLength(): Int = macLength()
-        protected final override fun engineInit(p0: Key?, p1: AlgorithmParameterSpec?) { /* no-op */ }
+
+        // Is called immediately from Mac init block with a blanked key (required in order to set
+        // javax.crypto.Mac.initialized to true.
+        protected final override fun engineInit(p0: Key?, p1: AlgorithmParameterSpec?) {
+            if (isInitialized) {
+
+                // Throw an exception b/c if caller is trying to re-init the javax.crypto.Mac with a new key,
+                // the normal behavior is to blank the Spi state. If they do not know this is an issue,
+                // any output would not be correct b/c implementations do not re-init. KotlinCrypto users
+                // already know it's initialized because the API is designed to require the key upon instantiation
+                // so init is never needed to be called.
+                throw InvalidKeyException(
+                    "org.kotlincrypto.Mac does not support re-initialization " +
+                    "(it's already initialized). A new instance is required to be created."
+                )
+            }
+
+            isInitialized = true
+        }
         protected final override fun engineDoFinal(): ByteArray = doFinal()
 
         public final override fun clone(): Any = copy()

library/mac/src/jvmTest/kotlin/org/kotlincrypto/core/JvmMacUnitTest.kt

@@ -0,0 +1,46 @@
+/*
+ * Copyright (c) 2023 Matthew Nelson
+ *
+ * Licensed under the Apache License, Version 2.0 (the "License");
+ * you may not use this file except in compliance with the License.
+ * You may obtain a copy of the License at
+ *
+ *     https://www.apache.org/licenses/LICENSE-2.0
+ *
+ * Unless required by applicable law or agreed to in writing, software
+ * distributed under the License is distributed on an "AS IS" BASIS,
+ * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+ * See the License for the specific language governing permissions and
+ * limitations under the License.
+ **/
+package org.kotlincrypto.core
+
+import java.security.InvalidKeyException
+import javax.crypto.spec.SecretKeySpec
+import kotlin.test.Test
+import kotlin.test.fail
+
+class JvmMacUnitTest {
+
+    private val key = ByteArray(20) { it.toByte() }
+
+    @Test
+    fun givenJvm_whenJavaxCryptoMacInitInvoked_thenThrowsException() {
+        val mac = TestMac(key, "My Algorithm")
+        val keySpec = SecretKeySpec(key, mac.algorithm())
+
+        try {
+            mac.init(keySpec)
+            fail()
+        } catch (_: InvalidKeyException) {
+            // pass
+        }
+
+        try {
+            mac.copy().init(keySpec)
+            fail()
+        } catch (_: InvalidKeyException) {
+            // pass
+        }
+    }
+}