summaryrefslogtreecommitdiffstats
path: root/libjava/classpath/gnu/javax/crypto/mode/ICM.java
diff options
context:
space:
mode:
Diffstat (limited to 'libjava/classpath/gnu/javax/crypto/mode/ICM.java')
-rw-r--r--libjava/classpath/gnu/javax/crypto/mode/ICM.java139
1 files changed, 46 insertions, 93 deletions
diff --git a/libjava/classpath/gnu/javax/crypto/mode/ICM.java b/libjava/classpath/gnu/javax/crypto/mode/ICM.java
index d37908b5dfd..833ddb18f7f 100644
--- a/libjava/classpath/gnu/javax/crypto/mode/ICM.java
+++ b/libjava/classpath/gnu/javax/crypto/mode/ICM.java
@@ -44,75 +44,66 @@ import gnu.javax.crypto.cipher.IBlockCipher;
import java.math.BigInteger;
/**
- * <p>An implementation of <i>David McGrew</i> Integer Counter Mode (ICM) as an
- * {@link IMode}.</p>
- *
- * <p>ICM is a way to define a pseudorandom keystream generator using a block
- * cipher. The keystream can be used for additive encryption, key derivation,
- * or any other application requiring pseudorandom data. In the case of this
- * class, it is used as additive encryption, XOR-ing the keystream with the
- * input text --for both encryption and decryption.</p>
- *
- * <p>In ICM, the keystream is logically broken into segments. Each segment is
+ * An implementation of <i>David McGrew</i> Integer Counter Mode (ICM) as an
+ * {@link IMode}.
+ * <p>
+ * ICM is a way to define a pseudorandom keystream generator using a block
+ * cipher. The keystream can be used for additive encryption, key derivation, or
+ * any other application requiring pseudorandom data. In the case of this class,
+ * it is used as additive encryption, XOR-ing the keystream with the input text
+ * --for both encryption and decryption.
+ * <p>
+ * In ICM, the keystream is logically broken into segments. Each segment is
* identified with a segment index, and the segments have equal lengths. This
* segmentation makes ICM especially appropriate for securing packet-based
* protocols. ICM also allows a variety of configurations based, among other
- * things, on two parameters: the <i>block index length</i> and the
- * <i>segment index length</i>. A constraint on those two values exists: The sum
- * of <i>segment index length</i> and <i>block index length</i> <b>must not</b>
- * half the <i>block size</i> of the underlying cipher. This requirement protects
- * the ICM keystream generator from potentially failing to be pseudorandom.</p>
- *
- * <p>For simplicity, this implementation, fixes these two values to the
- * following:</p>
- *
+ * things, on two parameters: the <i>block index length</i> and the <i>segment
+ * index length</i>. A constraint on those two values exists: The sum of
+ * <i>segment index length</i> and <i>block index length</i> <b>must not</b>
+ * half the <i>block size</i> of the underlying cipher. This requirement
+ * protects the ICM keystream generator from potentially failing to be
+ * pseudorandom.
+ * <p>
+ * For simplicity, this implementation, fixes these two values to the following:
* <ul>
- * <li>block index length: is half the underlying cipher block size, and</li>
- * <li>segment index length: is zero.</li>
+ * <li>block index length: is half the underlying cipher block size, and</li>
+ * <li>segment index length: is zero.</li>
* </ul>
- *
- * <p>For a 128-bit block cipher, the above values imply a maximum keystream
- * length of 295,147,905,179,352,825,856 octets, since in ICM, each segment must
- * not exceed the value <code>(256 ^ <i>block index length</i>) * <i>block length</i></code>
- * octets.</p>
- *
- * <p>Finally, for this implementation of the ICM, the IV placeholder will be
- * used to pass the value of the <i>Offset</i> in the keystream segment.</p>
- *
- * <p>References:</p>
- *
+ * <p>
+ * For a 128-bit block cipher, the above values imply a maximum keystream length
+ * of 295,147,905,179,352,825,856 octets, since in ICM, each segment must not
+ * exceed the value
+ * <code>(256 ^ <i>block index length</i>) * <i>block length</i></code>
+ * octets.
+ * <p>
+ * Finally, for this implementation of the ICM, the IV placeholder will be used
+ * to pass the value of the <i>Offset</i> in the keystream segment.
+ * <p>
+ * References:
* <ol>
- * <li><a href="http://www.ietf.org/internet-drafts/draft-mcgrew-saag-icm-00.txt">
- * Integer Counter Mode</a>, David A. McGrew.</li>
+ * <li><a
+ * href="http://www.ietf.org/internet-drafts/draft-mcgrew-saag-icm-00.txt">
+ * Integer Counter Mode</a>, David A. McGrew.</li>
* </ol>
*/
-public class ICM extends BaseMode implements Cloneable
+public class ICM
+ extends BaseMode
+ implements Cloneable
{
-
- // Constants and variables
- // -------------------------------------------------------------------------
-
/** The integer value 256 as a BigInteger. */
private static final BigInteger TWO_FIFTY_SIX = new BigInteger("256");
-
/** Maximum number of blocks per segment. */
private BigInteger maxBlocksPerSegment;
-
/** A work constant. */
private BigInteger counterRange;
-
/** The initial counter for a given keystream segment. */
private BigInteger C0;
-
/** The index of the next block for a given keystream segment. */
private BigInteger blockNdx;
- // Constructor(s)
- // -------------------------------------------------------------------------
-
/**
- * <p>Trivial package-private constructor for use by the Factory class.</p>
- *
+ * Trivial package-private constructor for use by the Factory class.
+ *
* @param underlyingCipher the underlying cipher implementation.
* @param cipherBlockSize the underlying cipher block size to use.
*/
@@ -122,8 +113,8 @@ public class ICM extends BaseMode implements Cloneable
}
/**
- * <p>Private constructor for cloning purposes.<p>
- *
+ * Private constructor for cloning purposes.
+ *
* @param that the instance to clone.
*/
private ICM(ICM that)
@@ -131,27 +122,15 @@ public class ICM extends BaseMode implements Cloneable
this((IBlockCipher) that.cipher.clone(), that.cipherBlockSize);
}
- // Class methods
- // -------------------------------------------------------------------------
-
- // Cloneable interface implementation
- // -------------------------------------------------------------------------
-
public Object clone()
{
return new ICM(this);
}
- // Implementation of abstract methods in BaseMode
- // -------------------------------------------------------------------------
-
public void setup()
{
if (modeBlockSize != cipherBlockSize)
- {
- throw new IllegalArgumentException();
- }
-
+ throw new IllegalArgumentException();
counterRange = TWO_FIFTY_SIX.pow(cipherBlockSize);
maxBlocksPerSegment = TWO_FIFTY_SIX.pow(cipherBlockSize / 2);
BigInteger r = new BigInteger(1, iv);
@@ -177,35 +156,13 @@ public class ICM extends BaseMode implements Cloneable
icm(in, i, out, o);
}
- // Instance methods
- // -------------------------------------------------------------------------
-
private void icm(byte[] in, int inOffset, byte[] out, int outOffset)
{
if (blockNdx.compareTo(maxBlocksPerSegment) >= 0)
throw new RuntimeException("Maximum blocks for segment reached");
-
- // encrypt the counter for the current blockNdx
- // C[i] = (C[0] + i) modulo (256^BLOCK_LENGTH).
-
BigInteger Ci = C0.add(blockNdx).modPow(BigInteger.ONE, counterRange);
byte[] result = Ci.toByteArray();
int limit = result.length;
- // if (limit < cipherBlockSize) {
- // byte[] data = new byte[cipherBlockSize];
- // System.arraycopy(result, 0, data, cipherBlockSize-limit, limit);
- // result = data;
- // } else if (limit > cipherBlockSize) {
- // byte[] data = new byte[cipherBlockSize];
- // System.arraycopy(result, limit-cipherBlockSize, data, 0, cipherBlockSize);
- // result = data;
- // }
- //
- // cipher.encryptBlock(result, 0, result, 0);
- // blockNdx = blockNdx.add(BigInteger.ONE); // increment blockNdx
- // for (int i = 0; i < modeBlockSize; ) { // xor result with input block
- // out[outOffset++] = (byte)(in[inOffset++] ^ result[i++]);
- // }
int ndx = 0;
if (limit < cipherBlockSize)
{
@@ -214,15 +171,11 @@ public class ICM extends BaseMode implements Cloneable
result = data;
}
else if (limit > cipherBlockSize)
- {
- ndx = limit - cipherBlockSize;
- }
+ ndx = limit - cipherBlockSize;
cipher.encryptBlock(result, ndx, result, ndx);
blockNdx = blockNdx.add(BigInteger.ONE); // increment blockNdx
- for (int i = 0; i < modeBlockSize; i++)
- { // xor result with input block
- out[outOffset++] = (byte) (in[inOffset++] ^ result[ndx++]);
- }
+ for (int i = 0; i < modeBlockSize; i++) // xor result with input block
+ out[outOffset++] = (byte)(in[inOffset++] ^ result[ndx++]);
}
-} \ No newline at end of file
+}
OpenPOWER on IntegriCloud