summaryrefslogtreecommitdiffstats
path: root/libjava/classpath/gnu/javax/crypto/cipher/Khazad.java
diff options
context:
space:
mode:
authormark <mark@138bc75d-0d04-0410-961f-82ee72b054a4>2006-03-10 21:46:48 +0000
committermark <mark@138bc75d-0d04-0410-961f-82ee72b054a4>2006-03-10 21:46:48 +0000
commitce57ab760f69de6db452def7ffbf5b114a2d8694 (patch)
treeea38c56431c5d4528fb54254c3f8e50f517bede3 /libjava/classpath/gnu/javax/crypto/cipher/Khazad.java
parent50996fe55769882de3f410896032c887f0ff0d04 (diff)
downloadppe42-gcc-ce57ab760f69de6db452def7ffbf5b114a2d8694.tar.gz
ppe42-gcc-ce57ab760f69de6db452def7ffbf5b114a2d8694.zip
Imported GNU Classpath 0.90
* scripts/makemake.tcl: Set gnu/java/awt/peer/swing to ignore. * gnu/classpath/jdwp/VMFrame.java (SIZE): New constant. * java/lang/VMCompiler.java: Use gnu.java.security.hash.MD5. * java/lang/Math.java: New override file. * java/lang/Character.java: Merged from Classpath. (start, end): Now 'int's. (canonicalName): New field. (CANONICAL_NAME, NO_SPACES_NAME, CONSTANT_NAME): New constants. (UnicodeBlock): Added argument. (of): New overload. (forName): New method. Updated unicode blocks. (sets): Updated. * sources.am: Regenerated. * Makefile.in: Likewise. git-svn-id: svn+ssh://gcc.gnu.org/svn/gcc/trunk@111942 138bc75d-0d04-0410-961f-82ee72b054a4
Diffstat (limited to 'libjava/classpath/gnu/javax/crypto/cipher/Khazad.java')
-rw-r--r--libjava/classpath/gnu/javax/crypto/cipher/Khazad.java521
1 files changed, 521 insertions, 0 deletions
diff --git a/libjava/classpath/gnu/javax/crypto/cipher/Khazad.java b/libjava/classpath/gnu/javax/crypto/cipher/Khazad.java
new file mode 100644
index 00000000000..b6c27833eb8
--- /dev/null
+++ b/libjava/classpath/gnu/javax/crypto/cipher/Khazad.java
@@ -0,0 +1,521 @@
+/* Khazad.java --
+ Copyright (C) 2001, 2002, 2003, 2006 Free Software Foundation, Inc.
+
+This file is a part of GNU Classpath.
+
+GNU Classpath is free software; you can redistribute it and/or modify
+it under the terms of the GNU General Public License as published by
+the Free Software Foundation; either version 2 of the License, or (at
+your option) any later version.
+
+GNU Classpath is distributed in the hope that it will be useful, but
+WITHOUT ANY WARRANTY; without even the implied warranty of
+MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the GNU
+General Public License for more details.
+
+You should have received a copy of the GNU General Public License
+along with GNU Classpath; if not, write to the Free Software
+Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301
+USA
+
+Linking this library statically or dynamically with other modules is
+making a combined work based on this library. Thus, the terms and
+conditions of the GNU General Public License cover the whole
+combination.
+
+As a special exception, the copyright holders of this library give you
+permission to link this library with independent modules to produce an
+executable, regardless of the license terms of these independent
+modules, and to copy and distribute the resulting executable under
+terms of your choice, provided that you also meet, for each linked
+independent module, the terms and conditions of the license of that
+module. An independent module is a module which is not derived from
+or based on this library. If you modify this library, you may extend
+this exception to your version of the library, but you are not
+obligated to do so. If you do not wish to do so, delete this
+exception statement from your version. */
+
+
+package gnu.javax.crypto.cipher;
+
+import gnu.java.security.Registry;
+import gnu.java.security.util.Util;
+
+//import java.io.PrintWriter;
+import java.security.InvalidKeyException;
+import java.util.ArrayList;
+import java.util.Collections;
+import java.util.Iterator;
+
+/**
+ * <p>Khazad is a 64-bit (legacy-level) block cipher that accepts a 128-bit key.
+ * The cipher is a uniform substitution-permutation network whose inverse only
+ * differs from the forward operation in the key schedule. The overall cipher
+ * design follows the Wide Trail strategy, favours component reuse, and permits
+ * a wide variety of implementation trade-offs.</p>
+ *
+ * <p>References:</p>
+ *
+ * <ol>
+ * <li><a href="http://planeta.terra.com.br/informatica/paulobarreto/KhazadPage.html">The
+ * Khazad Block Cipher</a>.<br>
+ * <a href="mailto:paulo.barreto@terra.com.br">Paulo S.L.M. Barreto</a> and
+ * <a href="mailto:vincent.rijmen@esat.kuleuven.ac.be">Vincent Rijmen</a>.</li>
+ * </ol>
+ */
+public final class Khazad extends BaseCipher
+{
+
+ // Debugging methods and variables
+ // -------------------------------------------------------------------------
+
+ // private static final String NAME = "khazad";
+ private static final boolean DEBUG = false;
+
+ private static final int debuglevel = 9;
+
+ // private static final PrintWriter err = new PrintWriter(System.out, true);
+ // private static void debug(String s) {
+ // err.println(">>> "+NAME+": "+s);
+ // }
+
+ // Constants and variables
+ // -------------------------------------------------------------------------
+
+ private static final int DEFAULT_BLOCK_SIZE = 8; // in bytes
+
+ private static final int DEFAULT_KEY_SIZE = 16; // in bytes
+
+ private static final int R = 8; // standard number of rounds; para. 3.7
+
+ private static final String Sd = // p. 20 [KHAZAD]
+ "\uBA54\u2F74\u53D3\uD24D\u50AC\u8DBF\u7052\u9A4C"
+ + "\uEAD5\u97D1\u3351\u5BA6\uDE48\uA899\uDB32\uB7FC"
+ + "\uE39E\u919B\uE2BB\u416E\uA5CB\u6B95\uA1F3\uB102"
+ + "\uCCC4\u1D14\uC363\uDA5D\u5FDC\u7DCD\u7F5A\u6C5C"
+ + "\uF726\uFFED\uE89D\u6F8E\u19A0\uF089\u0F07\uAFFB"
+ + "\u0815\u0D04\u0164\uDF76\u79DD\u3D16\u3F37\u6D38"
+ + "\uB973\uE935\u5571\u7B8C\u7288\uF62A\u3E5E\u2746"
+ + "\u0C65\u6861\u03C1\u57D6\uD958\uD866\uD73A\uC83C"
+ + "\uFA96\uA798\uECB8\uC7AE\u694B\uABA9\u670A\u47F2"
+ + "\uB522\uE5EE\uBE2B\u8112\u831B\u0E23\uF545\u21CE"
+ + "\u492C\uF9E6\uB628\u1782\u1A8B\uFE8A\u09C9\u874E"
+ + "\uE12E\uE4E0\uEB90\uA41E\u8560\u0025\uF4F1\u940B"
+ + "\uE775\uEF34\u31D4\uD086\u7EAD\uFD29\u303B\u9FF8"
+ + "\uC613\u0605\uC511\u777C\u7A78\u361C\u3959\u1856"
+ + "\uB3B0\u2420\uB292\uA3C0\u4462\u10B4\u8443\u93C2"
+ + "\u4ABD\u8F2D\uBC9C\u6A40\uCFA2\u804F\u1FCA\uAA42";
+
+ private static final byte[] S = new byte[256];
+
+ private static final int[] T0 = new int[256];
+
+ private static final int[] T1 = new int[256];
+
+ private static final int[] T2 = new int[256];
+
+ private static final int[] T3 = new int[256];
+
+ private static final int[] T4 = new int[256];
+
+ private static final int[] T5 = new int[256];
+
+ private static final int[] T6 = new int[256];
+
+ private static final int[] T7 = new int[256];
+
+ private static final int[][] rc = new int[R + 1][2]; // round constants
+
+ /**
+ * KAT vector (from ecb_vk):
+ * I=120
+ * KEY=00000000000000000000000000000100
+ * CT=A0C86A1BBE2CBF4C
+ */
+ private static final byte[] KAT_KEY = Util.toBytesFromString("00000000000000000000000000000100");
+
+ private static final byte[] KAT_CT = Util.toBytesFromString("A0C86A1BBE2CBF4C");
+
+ /** caches the result of the correctness test, once executed. */
+ private static Boolean valid;
+
+ // Static code - to intialise lookup tables --------------------------------
+
+ static
+ {
+ long time = System.currentTimeMillis();
+
+ long ROOT = 0x11d; // para. 2.1 [KHAZAD]
+ int i, j;
+ int s, s2, s3, s4, s5, s6, s7, s8, sb;
+ char c;
+ for (i = 0; i < 256; i++)
+ {
+ c = Sd.charAt(i >>> 1);
+ s = ((i & 1) == 0 ? c >>> 8 : c) & 0xFF;
+ S[i] = (byte) s;
+
+ s2 = s << 1;
+ if (s2 > 0xFF)
+ s2 ^= ROOT;
+
+ s3 = s2 ^ s;
+ s4 = s2 << 1;
+ if (s4 > 0xFF)
+ s4 ^= ROOT;
+
+ s5 = s4 ^ s;
+ s6 = s4 ^ s2;
+ s7 = s6 ^ s;
+ s8 = s4 << 1;
+ if (s8 > 0xFF)
+ s8 ^= ROOT;
+
+ sb = s8 ^ s2 ^ s;
+
+ T0[i] = s << 24 | s3 << 16 | s4 << 8 | s5;
+ T1[i] = s3 << 24 | s << 16 | s5 << 8 | s4;
+ T2[i] = s4 << 24 | s5 << 16 | s << 8 | s3;
+ T3[i] = s5 << 24 | s4 << 16 | s3 << 8 | s;
+ T4[i] = s6 << 24 | s8 << 16 | sb << 8 | s7;
+ T5[i] = s8 << 24 | s6 << 16 | s7 << 8 | sb;
+ T6[i] = sb << 24 | s7 << 16 | s6 << 8 | s8;
+ T7[i] = s7 << 24 | sb << 16 | s8 << 8 | s6;
+ }
+
+ for (i = 0, j = 0; i < R + 1; i++)
+ {
+ // compute round constant
+ rc[i][0] = S[j++] << 24 | (S[j++] & 0xFF) << 16
+ | (S[j++] & 0xFF) << 8 | (S[j++] & 0xFF);
+ rc[i][1] = S[j++] << 24 | (S[j++] & 0xFF) << 16
+ | (S[j++] & 0xFF) << 8 | (S[j++] & 0xFF);
+ }
+
+ time = System.currentTimeMillis() - time;
+
+ if (DEBUG && debuglevel > 8)
+ {
+ System.out.println("==========");
+ System.out.println();
+ System.out.println("Static data");
+ System.out.println();
+
+ System.out.println();
+ System.out.println("T0[]:");
+ for (i = 0; i < 64; i++)
+ {
+ for (j = 0; j < 4; j++)
+ System.out.print("0x" + Util.toString(T0[i * 4 + j]) + ", ");
+ System.out.println();
+ }
+ System.out.println();
+ System.out.println("T1[]:");
+ for (i = 0; i < 64; i++)
+ {
+ for (j = 0; j < 4; j++)
+ System.out.print("0x" + Util.toString(T1[i * 4 + j]) + ", ");
+ System.out.println();
+ }
+ System.out.println();
+ System.out.println("T2[]:");
+ for (i = 0; i < 64; i++)
+ {
+ for (j = 0; j < 4; j++)
+ System.out.print("0x" + Util.toString(T2[i * 4 + j]) + ", ");
+ System.out.println();
+ }
+ System.out.println();
+ System.out.println("T3[]:");
+ for (i = 0; i < 64; i++)
+ {
+ for (j = 0; j < 4; j++)
+ System.out.print("0x" + Util.toString(T3[i * 4 + j]) + ", ");
+ System.out.println();
+ }
+ System.out.println();
+ System.out.println("T4[]:");
+ for (i = 0; i < 64; i++)
+ {
+ for (j = 0; j < 4; j++)
+ System.out.print("0x" + Util.toString(T4[i * 4 + j]) + ", ");
+ System.out.println();
+ }
+ System.out.println();
+ System.out.println("T5[]:");
+ for (i = 0; i < 64; i++)
+ {
+ for (j = 0; j < 4; j++)
+ System.out.print("0x" + Util.toString(T5[i * 4 + j]) + ", ");
+ System.out.println();
+ }
+ System.out.println();
+ System.out.println("T6[]:");
+ for (i = 0; i < 64; i++)
+ {
+ for (j = 0; j < 4; j++)
+ System.out.print("0x" + Util.toString(T6[i * 4 + j]) + ", ");
+ System.out.println();
+ }
+ System.out.println();
+ System.out.println("T7[]:");
+ for (i = 0; i < 64; i++)
+ {
+ for (j = 0; j < 4; j++)
+ System.out.print("0x" + Util.toString(T7[i * 4 + j]) + ", ");
+ System.out.println();
+ }
+ System.out.println();
+ System.out.println("rc[]:");
+ for (i = 0; i < R + 1; i++)
+ System.out.print("0x" + Util.toString(rc[i][0])
+ + Util.toString(rc[i][1]));
+ System.out.println();
+
+ System.out.println("Total initialization time: " + time + " ms.");
+ System.out.println();
+ }
+ }
+
+ // Constructor(s)
+ // -------------------------------------------------------------------------
+
+ /** Trivial 0-arguments constructor. */
+ public Khazad()
+ {
+ super(Registry.KHAZAD_CIPHER, DEFAULT_BLOCK_SIZE, DEFAULT_KEY_SIZE);
+ }
+
+ // Class methods
+ // -------------------------------------------------------------------------
+
+ private static void khazad(byte[] in, int i, byte[] out, int j, int[][] K)
+ {
+ // sigma(K[0])
+ int k0 = K[0][0];
+ int k1 = K[0][1];
+ int a0 = (in[i++] << 24 | (in[i++] & 0xFF) << 16 | (in[i++] & 0xFF) << 8 | (in[i++] & 0xFF))
+ ^ k0;
+ int a1 = (in[i++] << 24 | (in[i++] & 0xFF) << 16 | (in[i++] & 0xFF) << 8 | (in[i] & 0xFF))
+ ^ k1;
+
+ int b0, b1;
+ // round function
+ for (int r = 1; r < R; r++)
+ {
+ k0 = K[r][0];
+ k1 = K[r][1];
+ b0 = T0[a0 >>> 24] ^ T1[(a0 >>> 16) & 0xFF] ^ T2[(a0 >>> 8) & 0xFF]
+ ^ T3[a0 & 0xFF] ^ T4[a1 >>> 24] ^ T5[(a1 >>> 16) & 0xFF]
+ ^ T6[(a1 >>> 8) & 0xFF] ^ T7[a1 & 0xFF] ^ k0;
+ b1 = T0[a1 >>> 24] ^ T1[(a1 >>> 16) & 0xFF] ^ T2[(a1 >>> 8) & 0xFF]
+ ^ T3[a1 & 0xFF] ^ T4[a0 >>> 24] ^ T5[(a0 >>> 16) & 0xFF]
+ ^ T6[(a0 >>> 8) & 0xFF] ^ T7[a0 & 0xFF] ^ k1;
+ a0 = b0;
+ a1 = b1;
+
+ if (DEBUG && debuglevel > 6)
+ {
+ System.out.println("T" + r + "=" + Util.toString(a0)
+ + Util.toString(a1));
+ }
+ }
+
+ // sigma(K[R]) o gamma applied to previous output
+ k0 = K[R][0];
+ k1 = K[R][1];
+
+ out[j++] = (byte) (S[a0 >>> 24] ^ (k0 >>> 24));
+ out[j++] = (byte) (S[(a0 >>> 16) & 0xFF] ^ (k0 >>> 16));
+ out[j++] = (byte) (S[(a0 >>> 8) & 0xFF] ^ (k0 >>> 8));
+ out[j++] = (byte) (S[a0 & 0xFF] ^ k0);
+ out[j++] = (byte) (S[a1 >>> 24] ^ (k1 >>> 24));
+ out[j++] = (byte) (S[(a1 >>> 16) & 0xFF] ^ (k1 >>> 16));
+ out[j++] = (byte) (S[(a1 >>> 8) & 0xFF] ^ (k1 >>> 8));
+ out[j] = (byte) (S[a1 & 0xFF] ^ k1);
+
+ if (DEBUG && debuglevel > 6)
+ {
+ System.out.println("T=" + Util.toString(out, j - 7, 8));
+ System.out.println();
+ }
+ }
+
+ // Instance methods
+ // -------------------------------------------------------------------------
+
+ // java.lang.Cloneable interface implementation ----------------------------
+
+ public Object clone()
+ {
+ Khazad result = new Khazad();
+ result.currentBlockSize = this.currentBlockSize;
+
+ return result;
+ }
+
+ // IBlockCipherSpi interface implementation --------------------------------
+
+ public Iterator blockSizes()
+ {
+ ArrayList al = new ArrayList();
+ al.add(new Integer(DEFAULT_BLOCK_SIZE));
+
+ return Collections.unmodifiableList(al).iterator();
+ }
+
+ public Iterator keySizes()
+ {
+ ArrayList al = new ArrayList();
+ al.add(new Integer(DEFAULT_KEY_SIZE));
+
+ return Collections.unmodifiableList(al).iterator();
+ }
+
+ /**
+ * <p>Expands a user-supplied key material into a session key for a
+ * designated <i>block size</i>.</p>
+ *
+ * @param uk the 128-bit user-supplied key material.
+ * @param bs the desired block size in bytes.
+ * @return an Object encapsulating the session key.
+ * @exception IllegalArgumentException if the block size is not 16 (128-bit).
+ * @exception InvalidKeyException if the key data is invalid.
+ */
+ public Object makeKey(byte[] uk, int bs) throws InvalidKeyException
+ {
+ if (bs != DEFAULT_BLOCK_SIZE)
+ {
+ throw new IllegalArgumentException();
+ }
+ if (uk == null)
+ {
+ throw new InvalidKeyException("Empty key");
+ }
+ if (uk.length != 16)
+ {
+ throw new InvalidKeyException("Key is not 128-bit.");
+ }
+ int[][] Ke = new int[R + 1][2]; // encryption round keys
+ int[][] Kd = new int[R + 1][2]; // decryption round keys
+
+ int r, i;
+ int k20, k21, k10, k11, rc0, rc1, kr0, kr1;
+
+ i = 0;
+ k20 = uk[i++] << 24 | (uk[i++] & 0xFF) << 16 | (uk[i++] & 0xFF) << 8
+ | (uk[i++] & 0xFF);
+ k21 = uk[i++] << 24 | (uk[i++] & 0xFF) << 16 | (uk[i++] & 0xFF) << 8
+ | (uk[i++] & 0xFF);
+ k10 = uk[i++] << 24 | (uk[i++] & 0xFF) << 16 | (uk[i++] & 0xFF) << 8
+ | (uk[i++] & 0xFF);
+ k11 = uk[i++] << 24 | (uk[i++] & 0xFF) << 16 | (uk[i++] & 0xFF) << 8
+ | (uk[i++] & 0xFF);
+
+ for (r = 0, i = 0; r <= R; r++)
+ {
+ rc0 = rc[r][0];
+ rc1 = rc[r][1];
+
+ kr0 = T0[k10 >>> 24] ^ T1[(k10 >>> 16) & 0xFF] ^ T2[(k10 >>> 8) & 0xFF]
+ ^ T3[k10 & 0xFF] ^ T4[(k11 >>> 24) & 0xFF]
+ ^ T5[(k11 >>> 16) & 0xFF] ^ T6[(k11 >>> 8) & 0xFF]
+ ^ T7[k11 & 0xFF] ^ rc0 ^ k20;
+ kr1 = T0[k11 >>> 24] ^ T1[(k11 >>> 16) & 0xFF] ^ T2[(k11 >>> 8) & 0xFF]
+ ^ T3[k11 & 0xFF] ^ T4[(k10 >>> 24) & 0xFF]
+ ^ T5[(k10 >>> 16) & 0xFF] ^ T6[(k10 >>> 8) & 0xFF]
+ ^ T7[k10 & 0xFF] ^ rc1 ^ k21;
+
+ Ke[r][0] = kr0;
+ Ke[r][1] = kr1;
+ k20 = k10;
+ k21 = k11;
+ k10 = kr0;
+ k11 = kr1;
+
+ if (r == 0 || r == R)
+ {
+ Kd[R - r][0] = kr0;
+ Kd[R - r][1] = kr1;
+ }
+ else
+ {
+ Kd[R - r][0] = T0[S[kr0 >>> 24] & 0xFF]
+ ^ T1[S[(kr0 >>> 16) & 0xFF] & 0xFF]
+ ^ T2[S[(kr0 >>> 8) & 0xFF] & 0xFF]
+ ^ T3[S[kr0 & 0xFF] & 0xFF]
+ ^ T4[S[kr1 >>> 24] & 0xFF]
+ ^ T5[S[(kr1 >>> 16) & 0xFF] & 0xFF]
+ ^ T6[S[(kr1 >>> 8) & 0xFF] & 0xFF]
+ ^ T7[S[kr1 & 0xFF] & 0xFF];
+ Kd[R - r][1] = T0[S[kr1 >>> 24] & 0xFF]
+ ^ T1[S[(kr1 >>> 16) & 0xFF] & 0xFF]
+ ^ T2[S[(kr1 >>> 8) & 0xFF] & 0xFF]
+ ^ T3[S[kr1 & 0xFF] & 0xFF]
+ ^ T4[S[kr0 >>> 24] & 0xFF]
+ ^ T5[S[(kr0 >>> 16) & 0xFF] & 0xFF]
+ ^ T6[S[(kr0 >>> 8) & 0xFF] & 0xFF]
+ ^ T7[S[kr0 & 0xFF] & 0xFF];
+ }
+ }
+
+ if (DEBUG && debuglevel > 8)
+ {
+ System.out.println();
+ System.out.println("Key schedule");
+ System.out.println();
+ System.out.println("Ke[]:");
+ for (r = 0; r < R + 1; r++)
+ {
+ System.out.println("#" + r + ": 0x" + Util.toString(Ke[r][0])
+ + Util.toString(Ke[r][1]));
+ }
+ System.out.println();
+ System.out.println("Kd[]:");
+ for (r = 0; r < R + 1; r++)
+ {
+ System.out.println("#" + r + ": 0x" + Util.toString(Kd[r][0])
+ + Util.toString(Kd[r][1]));
+ }
+ System.out.println();
+ }
+
+ return new Object[] { Ke, Kd };
+ }
+
+ public void encrypt(byte[] in, int i, byte[] out, int j, Object k, int bs)
+ {
+ if (bs != DEFAULT_BLOCK_SIZE)
+ {
+ throw new IllegalArgumentException();
+ }
+
+ int[][] K = (int[][]) ((Object[]) k)[0];
+ khazad(in, i, out, j, K);
+ }
+
+ public void decrypt(byte[] in, int i, byte[] out, int j, Object k, int bs)
+ {
+ if (bs != DEFAULT_BLOCK_SIZE)
+ {
+ throw new IllegalArgumentException();
+ }
+
+ int[][] K = (int[][]) ((Object[]) k)[1];
+ khazad(in, i, out, j, K);
+ }
+
+ public boolean selfTest()
+ {
+ if (valid == null)
+ {
+ boolean result = super.selfTest(); // do symmetry tests
+ if (result)
+ {
+ result = testKat(KAT_KEY, KAT_CT);
+ }
+ valid = new Boolean(result);
+ }
+ return valid.booleanValue();
+ }
+} \ No newline at end of file
OpenPOWER on IntegriCloud