diff options
Diffstat (limited to 'libjava/classpath/gnu/javax/crypto/mac/TMMH16.java')
-rw-r--r-- | libjava/classpath/gnu/javax/crypto/mac/TMMH16.java | 195 |
1 files changed, 66 insertions, 129 deletions
diff --git a/libjava/classpath/gnu/javax/crypto/mac/TMMH16.java b/libjava/classpath/gnu/javax/crypto/mac/TMMH16.java index af6e78fcf87..0a7b4a6caeb 100644 --- a/libjava/classpath/gnu/javax/crypto/mac/TMMH16.java +++ b/libjava/classpath/gnu/javax/crypto/mac/TMMH16.java @@ -46,91 +46,63 @@ import java.security.InvalidKeyException; import java.util.Map; /** - * <p><i>TMMH</i> is a <i>universal</i> hash function suitable for message + * <i>TMMH</i> is a <i>universal</i> hash function suitable for message * authentication in the Wegman-Carter paradigm, as in the Stream Cipher * Security Transform. It is simple, quick, and especially appropriate for * Digital Signal Processors and other processors with a fast multiply * operation, though a straightforward implementation requires storage equal in - * length to the largest message to be hashed.</p> - * - * <p><i>TMMH</i> is a simple hash function which maps a key and a message to a + * length to the largest message to be hashed. + * <p> + * <i>TMMH</i> is a simple hash function which maps a key and a message to a * hash value. There are two versions of TMMH: TMMH/16 and TMMH/32. <i>TMMH</i> * can be used as a message authentication code, as described in Section 5 (see - * References).</p> - * - * <p>The key, message, and hash value are all octet strings, and the lengths of + * References). + * <p> + * The key, message, and hash value are all octet strings, and the lengths of * these quantities are denoted as <code>KEY_LENGTH</code>, - * <code>MESSAGE_LENGTH</code>, and <code>TAG_LENGTH</code>, respectively. The - * values of <code>KEY_LENGTH</code> and <code>TAG_LENGTH</code> + * <code>MESSAGE_LENGTH</code>, and <code>TAG_LENGTH</code>, respectively. + * The values of <code>KEY_LENGTH</code> and <code>TAG_LENGTH</code> * <bold>MUST</bold> be fixed for any particular fixed value of the key, and - * must obey the alignment restrictions described below.</p> - * - * <p>The parameter <code>MAX_HASH_LENGTH</code>, which denotes the maximum + * must obey the alignment restrictions described below. + * <p> + * The parameter <code>MAX_HASH_LENGTH</code>, which denotes the maximum * value which <code>MESSAGE_LENGTH</code> may take, is equal to - * <code>KEY_LENGTH - TAG_LENGTH</code>.</p> - * - * <p>References:</p> - * + * <code>KEY_LENGTH - TAG_LENGTH</code>. + * <p> + * References: * <ol> - * <li><a - href="http://www.ietf.org/internet-drafts/draft-mcgrew-saag-tmmh-01.txt"> - * The Truncated Multi-Modular Hash Function (TMMH)</a>, David A. McGrew.</li> + * <li><a + * href="http://www.ietf.org/internet-drafts/draft-mcgrew-saag-tmmh-01.txt"> The + * Truncated Multi-Modular Hash Function (TMMH)</a>, David A. McGrew.</li> * </ol> */ -public class TMMH16 extends BaseMac implements Cloneable +public class TMMH16 + extends BaseMac + implements Cloneable { - - // Constants and variables - // ------------------------------------------------------------------------- - public static final String TAG_LENGTH = "gnu.crypto.mac.tmmh.tag.length"; - public static final String KEYSTREAM = "gnu.crypto.mac.tmmh.keystream"; - public static final String PREFIX = "gnu.crypto.mac.tmmh.prefix"; - private static final int P = (1 << 16) + 1; // the TMMH/16 prime - /** caches the result of the correctness test, once executed. */ private static Boolean valid; - private int tagWords = 0; // the tagLength expressed in words - private IRandom keystream = null; // the keystream generator - private byte[] prefix; // mask to use when operating as an authentication f. - private long keyWords; // key words counter - private long msgLength; // in bytes - private long msgWords; // should be = msgLength * WORD_LENGTH - private int[] context; // the tmmh running context; length == TAG_WORDS - private int[] K0; // the first TAG_WORDS words of the keystream - private int[] Ki; // the sliding TAG_WORDS words of the keystream - private int Mi; // current message word being constructed - // Constructor(s) - // ------------------------------------------------------------------------- - /** Trivial 0-arguments constructor. */ public TMMH16() { super(Registry.TMMH16); } - // Class methods - // ------------------------------------------------------------------------- - - // Instance methods - // ------------------------------------------------------------------------- - - // gnu.crypto.mac.IMac interface implementation ---------------------------- - public int macSize() { return tagWords * 2; @@ -143,22 +115,17 @@ public class TMMH16 extends BaseMac implements Cloneable Integer tagLength = (Integer) attributes.get(TAG_LENGTH); // get tag length if (tagLength == null) { - if (tagWords == 0) - { // was never set - throw new IllegalArgumentException(TAG_LENGTH); - } // else re-use + if (tagWords == 0) // was never set + throw new IllegalArgumentException(TAG_LENGTH); + // else re-use } - else - { // check if positive and is divisible by WORD_LENGTH + else // check if positive and is divisible by WORD_LENGTH + { wantTagLength = tagLength.intValue(); if (wantTagLength < 2 || (wantTagLength % 2 != 0)) - { - throw new IllegalArgumentException(TAG_LENGTH); - } - else if (wantTagLength > (512 / 8)) - { // 512-bits is our maximum - throw new IllegalArgumentException(TAG_LENGTH); - } + throw new IllegalArgumentException(TAG_LENGTH); + else if (wantTagLength > (512 / 8)) // 512-bits is our maximum + throw new IllegalArgumentException(TAG_LENGTH); tagWords = wantTagLength / 2; // init local vars K0 = new int[tagWords]; @@ -167,36 +134,27 @@ public class TMMH16 extends BaseMac implements Cloneable } prefix = (byte[]) attributes.get(PREFIX); - if (prefix == null) - { // default to all-zeroes - prefix = new byte[tagWords * 2]; - } - else - { // ensure it's as long as it should + if (prefix == null) // default to all-zeroes + prefix = new byte[tagWords * 2]; + else // ensure it's as long as it should + { if (prefix.length != tagWords * 2) - { - throw new IllegalArgumentException(PREFIX); - } + throw new IllegalArgumentException(PREFIX); } IRandom prng = (IRandom) attributes.get(KEYSTREAM); // get keystream if (prng == null) { if (keystream == null) - { - throw new IllegalArgumentException(KEYSTREAM); - } // else reuse + throw new IllegalArgumentException(KEYSTREAM); + // else reuse } else - { - keystream = prng; - } + keystream = prng; reset(); // reset context variables - for (int i = 0; i < tagWords; i++) - { // init starting key words - Ki[i] = K0[i] = getNextKeyWord(keystream); - } + for (int i = 0; i < tagWords; i++) // init starting key words + Ki[i] = K0[i] = getNextKeyWord(keystream); } // The words of the key are denoted as K[1], K[2], ..., K[KEY_WORDS], and the @@ -206,12 +164,12 @@ public class TMMH16 extends BaseMac implements Cloneable // // If MESSAGE_LENGTH is greater than MAX_HASH_LENGTH, then the value of // TMMH/16 is undefined. Implementations MUST indicate an error if asked to - // hash a message with such a length. Otherwise, the hash value is defined + // hash a message with such a length. Otherwise, the hash value is defined // to be the length TAG_WORDS sequence of words in which the j-th word in the // sequence is defined as // // [ [ K[j] * MESSAGE_LENGTH +32 K[j+1] * M[1] +32 K[j+2] * M[2] - // +32 ... K[j+MSG_WORDS] * M[MSG_WORDS] ] modulo p ] modulo 2^16 + // +32 ... K[j+MSG_WORDS] * M[MSG_WORDS] ] modulo p ] modulo 2^16 // // where j ranges from 1 to TAG_WORDS. public void update(byte b) @@ -222,23 +180,21 @@ public class TMMH16 extends BaseMac implements Cloneable public void update(byte[] b, int offset, int len) { for (int i = 0; i < len; i++) - { - this.update(b[offset + i], keystream); - } + this.update(b[offset + i], keystream); } // For TMMH/16, KEY_LENGTH and TAG_LENGTH MUST be a multiple of two. The key, // message, and hash value are treated as a sequence of unsigned sixteen bit - // integers in network byte order. (In this section, we call such an integer - // a word.) If MESSAGE_LENGTH is odd, then a zero byte is appended to the + // integers in network byte order. (In this section, we call such an integer + // a word.) If MESSAGE_LENGTH is odd, then a zero byte is appended to the // message to align it on a word boundary, though this process does not // change the value of MESSAGE_LENGTH. // - // ... Otherwise, the hash value is defined to be the length TAG_WORDS + // ... Otherwise, the hash value is defined to be the length TAG_WORDS // sequence of words in which the j-th word in the sequence is defined as // // [ [ K[j] * MESSAGE_LENGTH +32 K[j+1] * M[1] +32 K[j+2] * M[2] - // +32 ... K[j+MSG_WORDS] * M[MSG_WORDS] ] modulo p ] modulo 2^16 + // +32 ... K[j+MSG_WORDS] * M[MSG_WORDS] ] modulo p ] modulo 2^16 // // where j ranges from 1 to TAG_WORDS. // @@ -255,9 +211,7 @@ public class TMMH16 extends BaseMac implements Cloneable msgLength = msgWords = keyWords = 0L; Mi = 0; for (int i = 0; i < tagWords; i++) - { - context[i] = 0; - } + context[i] = 0; } public boolean selfTest() @@ -265,42 +219,31 @@ public class TMMH16 extends BaseMac implements Cloneable if (valid == null) { // TODO: compute and test equality with one known vector - valid = Boolean.TRUE; } return valid.booleanValue(); } - // Cloneable interface implementation --------------------------------------- - public Object clone() throws CloneNotSupportedException { TMMH16 result = (TMMH16) super.clone(); - if (this.keystream != null) result.keystream = (IRandom) this.keystream.clone(); - if (this.prefix != null) result.prefix = (byte[]) this.prefix.clone(); - if (this.context != null) result.context = (int[]) this.context.clone(); - if (this.K0 != null) result.K0 = (int[]) this.K0.clone(); - if (this.Ki != null) result.Ki = (int[]) this.Ki.clone(); - return result; } - // own methods ------------------------------------------------------------- - /** - * <p>Similar to the same method with one argument, but uses the designated - * random number generator to compute needed keying material.</p> - * + * Similar to the same method with one argument, but uses the designated + * random number generator to compute needed keying material. + * * @param b the byte to process. * @param prng the source of randomness to use. */ @@ -309,14 +252,14 @@ public class TMMH16 extends BaseMac implements Cloneable Mi <<= 8; // update message buffer Mi |= b & 0xFF; msgLength++; // update message length (bytes) - if (msgLength % 2 == 0) - { // got a full word + if (msgLength % 2 == 0) // got a full word + { msgWords++; // update message words counter System.arraycopy(Ki, 1, Ki, 0, tagWords - 1); // 1. shift Ki up by 1 Ki[tagWords - 1] = getNextKeyWord(prng); // 2. fill last box of Ki long t; // temp var to allow working in modulo 2^32 - for (int i = 0; i < tagWords; i++) - { // 3. update context + for (int i = 0; i < tagWords; i++) // 3. update context + { t = context[i] & 0xFFFFFFFFL; t += Ki[i] * Mi; context[i] = (int) t; @@ -326,28 +269,26 @@ public class TMMH16 extends BaseMac implements Cloneable } /** - * <p>Similar to the same method with three arguments, but uses the - * designated random number generator to compute needed keying material.</p> - * + * Similar to the same method with three arguments, but uses the designated + * random number generator to compute needed keying material. + * * @param b the byte array to process. * @param offset the starting offset in <code>b</code> to start considering - * the bytes to process. + * the bytes to process. * @param len the number of bytes in <code>b</code> starting from - * <code>offset</code> to process. + * <code>offset</code> to process. * @param prng the source of randomness to use. */ public void update(byte[] b, int offset, int len, IRandom prng) { for (int i = 0; i < len; i++) - { - this.update(b[offset + i], prng); - } + this.update(b[offset + i], prng); } /** - * <p>Similar to the same method with no arguments, but uses the designated - * random number generator to compute needed keying material.</p> - * + * Similar to the same method with no arguments, but uses the designated + * random number generator to compute needed keying material. + * * @param prng the source of randomness to use. * @return the final result of the algorithm. */ @@ -357,12 +298,11 @@ public class TMMH16 extends BaseMac implements Cloneable byte[] result = new byte[tagWords * 2]; for (int i = 0, j = 0; i < tagWords; i++) { - result[j] = (byte) ((context[i] >>> 8) ^ prefix[j]); + result[j] = (byte)((context[i] >>> 8) ^ prefix[j]); j++; - result[j] = (byte) (context[i] ^ prefix[j]); + result[j] = (byte)(context[i] ^ prefix[j]); j++; } - reset(); return result; } @@ -378,7 +318,6 @@ public class TMMH16 extends BaseMac implements Cloneable { throw new RuntimeException(String.valueOf(x)); } - keyWords++; // update key words counter return result; } @@ -387,9 +326,7 @@ public class TMMH16 extends BaseMac implements Cloneable { long limit = msgLength; // formula works on real message length while (msgLength % 2 != 0) - { - update((byte) 0x00, prng); - } + update((byte) 0x00, prng); long t; for (int i = 0; i < tagWords; i++) { |