summaryrefslogtreecommitdiffstats
path: root/libjava/classpath/gnu/javax/crypto/mode/EAX.java
diff options
context:
space:
mode:
Diffstat (limited to 'libjava/classpath/gnu/javax/crypto/mode/EAX.java')
-rw-r--r--libjava/classpath/gnu/javax/crypto/mode/EAX.java127
1 files changed, 32 insertions, 95 deletions
diff --git a/libjava/classpath/gnu/javax/crypto/mode/EAX.java b/libjava/classpath/gnu/javax/crypto/mode/EAX.java
index bf260989825..401616b9f1f 100644
--- a/libjava/classpath/gnu/javax/crypto/mode/EAX.java
+++ b/libjava/classpath/gnu/javax/crypto/mode/EAX.java
@@ -39,13 +39,11 @@ exception statement from your version. */
package gnu.javax.crypto.mode;
import gnu.java.security.Registry;
-
import gnu.javax.crypto.cipher.IBlockCipher;
import gnu.javax.crypto.mac.IMac;
import gnu.javax.crypto.mac.MacFactory;
import java.security.InvalidKeyException;
-
import java.util.Arrays;
import java.util.Collections;
import java.util.HashMap;
@@ -53,64 +51,48 @@ import java.util.Iterator;
import java.util.Map;
/**
- * <p>A conventional two-pass authenticated-encrypted mode, EAX. EAX is a
+ * A conventional two-pass authenticated-encrypted mode, EAX. EAX is a
* <i>Authenticated Encryption with Additional Data</i> (<b>AEAD</b>) scheme,
* which provides protection and authentication for the message, and provides
* authentication of an (optional) header. EAX is composed of the counter mode
* (CTR) and the one-key CBC MAC (OMAC).
- *
- * <p>This class makes full use of the {@link IAuthenticatedMode} interface,
- * that is, all methods of both {@link IMode} and {@link IMac} can be used
- * as specified in the {@link IAuthenticatedMode} interface.
- *
- * <p>References:</p>
+ * <p>
+ * This class makes full use of the {@link IAuthenticatedMode} interface, that
+ * is, all methods of both {@link IMode} and {@link IMac} can be used as
+ * specified in the {@link IAuthenticatedMode} interface.
+ * <p>
+ * References:
* <ol>
* <li>M. Bellare, P. Rogaway, and D. Wagner; <a
* href="http://www.cs.berkeley.edu/~daw/papers/eprint-short-ae.pdf">A
* Conventional Authenticated-Encryption Mode</a>.</li>
* </ol>
*/
-public class EAX implements IAuthenticatedMode
+public class EAX
+ implements IAuthenticatedMode
{
-
- // Constants and fields.
- // ------------------------------------------------------------------------
-
/** The tag size, in bytes. */
private int tagSize;
-
/** The nonce OMAC instance. */
private IMac nonceOmac;
-
/** The header OMAC instance. */
private IMac headerOmac;
-
/** The message OMAC instance. */
private IMac msgOmac;
-
/** The CTR instance. */
private IMode ctr;
-
/** The direction state (encrypting or decrypting). */
private int state;
-
/** Whether we're initialized or not. */
private boolean init;
-
/** The cipher block size. */
private int cipherBlockSize;
-
/** The cipher. */
private IBlockCipher cipher;
-
/** The [t]_n array. */
private byte[] t_n;
-
private static boolean valid = false;
- // Constructor.
- // ------------------------------------------------------------------------
-
public EAX(IBlockCipher cipher, int cipherBlockSize)
{
this.cipher = cipher;
@@ -118,9 +100,7 @@ public class EAX implements IAuthenticatedMode
String name = cipher.name();
int i = name.indexOf('-');
if (i >= 0)
- {
- name = name.substring(0, i);
- }
+ name = name.substring(0, i);
String omacname = Registry.OMAC_PREFIX + name;
nonceOmac = MacFactory.getInstance(omacname);
headerOmac = MacFactory.getInstance(omacname);
@@ -130,9 +110,6 @@ public class EAX implements IAuthenticatedMode
init = false;
}
- // IMode instance methods.
- // ------------------------------------------------------------------------
-
public Object clone()
{
return new EAX((IBlockCipher) cipher.clone(), cipherBlockSize);
@@ -167,17 +144,12 @@ public class EAX implements IAuthenticatedMode
{
byte[] nonce = (byte[]) attrib.get(IV);
if (nonce == null)
- {
- throw new IllegalArgumentException("no nonce provided");
- }
+ throw new IllegalArgumentException("no nonce provided");
byte[] key = (byte[]) attrib.get(KEY_MATERIAL);
if (key == null)
- {
- throw new IllegalArgumentException("no key provided");
- }
+ throw new IllegalArgumentException("no key provided");
Arrays.fill(t_n, (byte) 0);
-
nonceOmac.reset();
nonceOmac.init(Collections.singletonMap(MAC_KEY_MATERIAL, key));
nonceOmac.update(t_n, 0, t_n.length);
@@ -186,57 +158,41 @@ public class EAX implements IAuthenticatedMode
nonceOmac.reset();
nonceOmac.update(t_n, 0, t_n.length);
nonceOmac.update(nonce, 0, nonce.length);
-
t_n[t_n.length - 1] = 1;
headerOmac.reset();
headerOmac.init(Collections.singletonMap(MAC_KEY_MATERIAL, key));
headerOmac.update(t_n, 0, t_n.length);
-
t_n[t_n.length - 1] = 2;
msgOmac.reset();
msgOmac.init(Collections.singletonMap(MAC_KEY_MATERIAL, key));
msgOmac.update(t_n, 0, t_n.length);
-
Integer modeSize = (Integer) attrib.get(MODE_BLOCK_SIZE);
if (modeSize == null)
- {
- modeSize = new Integer(cipherBlockSize);
- }
+ modeSize = Integer.valueOf(cipherBlockSize);
HashMap ctrAttr = new HashMap();
ctrAttr.put(KEY_MATERIAL, key);
ctrAttr.put(IV, N);
- ctrAttr.put(STATE, new Integer(ENCRYPTION));
+ ctrAttr.put(STATE, Integer.valueOf(ENCRYPTION));
ctrAttr.put(MODE_BLOCK_SIZE, modeSize);
ctr.reset();
ctr.init(ctrAttr);
-
Integer st = (Integer) attrib.get(STATE);
if (st != null)
{
state = st.intValue();
if (state != ENCRYPTION && state != DECRYPTION)
- {
- throw new IllegalArgumentException("invalid state");
- }
+ throw new IllegalArgumentException("invalid state");
}
else
- {
- state = ENCRYPTION;
- }
+ state = ENCRYPTION;
Integer ts = (Integer) attrib.get(TRUNCATED_SIZE);
if (ts != null)
- {
- tagSize = ts.intValue();
- }
+ tagSize = ts.intValue();
else
- {
- tagSize = cipherBlockSize;
- }
+ tagSize = cipherBlockSize;
if (tagSize < 0 || tagSize > cipherBlockSize)
- {
- throw new IllegalArgumentException("tag size out of range");
- }
+ throw new IllegalArgumentException("tag size out of range");
init = true;
}
@@ -247,28 +203,20 @@ public class EAX implements IAuthenticatedMode
public void encryptBlock(byte[] in, int inOff, byte[] out, int outOff)
{
- if (!init)
- {
- throw new IllegalStateException("not initialized");
- }
+ if (! init)
+ throw new IllegalStateException("not initialized");
if (state != ENCRYPTION)
- {
- throw new IllegalStateException("not encrypting");
- }
+ throw new IllegalStateException("not encrypting");
ctr.update(in, inOff, out, outOff);
msgOmac.update(out, outOff, ctr.currentBlockSize());
}
public void decryptBlock(byte[] in, int inOff, byte[] out, int outOff)
{
- if (!init)
- {
- throw new IllegalStateException("not initialized");
- }
+ if (! init)
+ throw new IllegalStateException("not initialized");
if (state != DECRYPTION)
- {
- throw new IllegalStateException("not decrypting");
- }
+ throw new IllegalStateException("not decrypting");
msgOmac.update(in, inOff, ctr.currentBlockSize());
ctr.update(in, inOff, out, outOff);
}
@@ -301,9 +249,6 @@ public class EAX implements IAuthenticatedMode
return true; // XXX
}
- // IMac instance methods.
- // ------------------------------------------------------------------------
-
public int macSize()
{
return tagSize;
@@ -319,34 +264,26 @@ public class EAX implements IAuthenticatedMode
public void digest(byte[] out, int outOffset)
{
if (outOffset < 0 || outOffset + tagSize > out.length)
- {
- throw new IndexOutOfBoundsException();
- }
+ throw new IndexOutOfBoundsException();
byte[] N = nonceOmac.digest();
byte[] H = headerOmac.digest();
byte[] M = msgOmac.digest();
for (int i = 0; i < tagSize; i++)
- {
- out[outOffset + i] = (byte) (N[i] ^ H[i] ^ M[i]);
- }
+ out[outOffset + i] = (byte)(N[i] ^ H[i] ^ M[i]);
reset();
}
public void update(byte b)
{
- if (!init)
- {
- throw new IllegalStateException("not initialized");
- }
+ if (! init)
+ throw new IllegalStateException("not initialized");
headerOmac.update(b);
}
public void update(byte[] buf, int off, int len)
{
- if (!init)
- {
- throw new IllegalStateException("not initialized");
- }
+ if (! init)
+ throw new IllegalStateException("not initialized");
headerOmac.update(buf, off, len);
}
-} \ No newline at end of file
+}
OpenPOWER on IntegriCloud