diff options
Diffstat (limited to 'libjava/classpath/gnu/javax/crypto/mode')
| -rw-r--r-- | libjava/classpath/gnu/javax/crypto/mode/BaseMode.java | 153 | ||||
| -rw-r--r-- | libjava/classpath/gnu/javax/crypto/mode/CBC.java | 62 | ||||
| -rw-r--r-- | libjava/classpath/gnu/javax/crypto/mode/CFB.java | 116 | ||||
| -rw-r--r-- | libjava/classpath/gnu/javax/crypto/mode/CTR.java | 127 | ||||
| -rw-r--r-- | libjava/classpath/gnu/javax/crypto/mode/EAX.java | 127 | ||||
| -rw-r--r-- | libjava/classpath/gnu/javax/crypto/mode/ECB.java | 74 | ||||
| -rw-r--r-- | libjava/classpath/gnu/javax/crypto/mode/IAuthenticatedMode.java | 18 | ||||
| -rw-r--r-- | libjava/classpath/gnu/javax/crypto/mode/ICM.java | 139 | ||||
| -rw-r--r-- | libjava/classpath/gnu/javax/crypto/mode/IMode.java | 114 | ||||
| -rw-r--r-- | libjava/classpath/gnu/javax/crypto/mode/ModeFactory.java | 95 | ||||
| -rw-r--r-- | libjava/classpath/gnu/javax/crypto/mode/OFB.java | 128 |
11 files changed, 395 insertions, 758 deletions
diff --git a/libjava/classpath/gnu/javax/crypto/mode/BaseMode.java b/libjava/classpath/gnu/javax/crypto/mode/BaseMode.java index 0a9ab2dab1c..6d9418ccafa 100644 --- a/libjava/classpath/gnu/javax/crypto/mode/BaseMode.java +++ b/libjava/classpath/gnu/javax/crypto/mode/BaseMode.java @@ -49,46 +49,34 @@ import java.util.Iterator; import java.util.Map; /** - * <p>A basic abstract class to facilitate implementing block cipher modes of - * operations.</p> + * A basic abstract class to facilitate implementing block cipher modes of + * operations. */ -public abstract class BaseMode implements IMode +public abstract class BaseMode + implements IMode { - - // Constants and variables - // ------------------------------------------------------------------------- - /** The canonical name prefix of this mode. */ protected String name; - /** The state indicator of this instance. */ protected int state; - /** The underlying block cipher implementation. */ protected IBlockCipher cipher; - /** The block size, in bytes, to operate the underlying block cipher in. */ protected int cipherBlockSize; - /** The block size, in bytes, in which to operate the mode instance. */ protected int modeBlockSize; - /** The initialisation vector value. */ protected byte[] iv; - /** The instance lock. */ protected Object lock = new Object(); - // Constructor(s) - // ------------------------------------------------------------------------- - /** - * <p>Trivial constructor for use by concrete subclasses.</p> - * + * Trivial constructor for use by concrete subclasses. + * * @param name the canonical name prefix of this mode. * @param underlyingCipher the implementation of the underlying cipher. * @param cipherBlockSize the block size, in bytes, in which to operate the - * underlying cipher. + * underlying cipher. */ protected BaseMode(String name, IBlockCipher underlyingCipher, int cipherBlockSize) @@ -101,14 +89,6 @@ public abstract class BaseMode implements IMode state = -1; } - // Class methods - // ------------------------------------------------------------------------- - - // Instance methods - // ------------------------------------------------------------------------- - - // IMode interface implementation ------------------------------------------ - public void update(byte[] in, int inOffset, byte[] out, int outOffset) throws IllegalStateException { @@ -128,25 +108,23 @@ public abstract class BaseMode implements IMode } } - // IBlockCipher interface implementation ----------------------------------- - public String name() { - return new StringBuffer().append(name).append('(').append(cipher.name()).append( - ')').toString(); + return new StringBuffer(name).append('(').append(cipher.name()).append(')') + .toString(); } /** - * <p>Returns the default value, in bytes, of the mode's block size. This - * value is part of the construction arguments passed to the Factory methods - * in {@link ModeFactory}. Unless changed by an invocation of any of the + * Returns the default value, in bytes, of the mode's block size. This value + * is part of the construction arguments passed to the Factory methods in + * {@link ModeFactory}. Unless changed by an invocation of any of the * <code>init()</code> methods, a <i>Mode</i> instance would operate with * the same block size as its underlying block cipher. As mentioned earlier, - * the block size of the underlying block cipher itself is specified in one - * of the method(s) available in the factory class.</p> - * + * the block size of the underlying block cipher itself is specified in one of + * the method(s) available in the factory class. + * * @return the default value, in bytes, of the mode's block size. - * @see gnu.crypto.mode.ModeFactory + * @see ModeFactory */ public int defaultBlockSize() { @@ -154,9 +132,9 @@ public abstract class BaseMode implements IMode } /** - * <p>Returns the default value, in bytes, of the underlying block cipher - * key size.</p> - * + * Returns the default value, in bytes, of the underlying block cipher key + * size. + * * @return the default value, in bytes, of the underlying cipher's key size. */ public int defaultKeySize() @@ -165,29 +143,28 @@ public abstract class BaseMode implements IMode } /** - * <p>Returns an {@link Iterator} over the supported block sizes. Each - * element returned by this object is an {@link Integer}.</p> - * - * <p>The default behaviour is to return an iterator with just one value, - * which is that currently configured for the underlying block cipher. - * Concrete implementations may override this behaviour to signal their - * ability to support other values.</p> - * + * Returns an {@link Iterator} over the supported block sizes. Each element + * returned by this object is an {@link Integer}. + * <p> + * The default behaviour is to return an iterator with just one value, which + * is that currently configured for the underlying block cipher. Concrete + * implementations may override this behaviour to signal their ability to + * support other values. + * * @return an {@link Iterator} over the supported block sizes. */ public Iterator blockSizes() { ArrayList al = new ArrayList(); - al.add(new Integer(cipherBlockSize)); - + al.add(Integer.valueOf(cipherBlockSize)); return Collections.unmodifiableList(al).iterator(); } /** - * <p>Returns an {@link Iterator} over the supported underlying block cipher - * key sizes. Each element returned by this object is an instance of - * {@link Integer}.</p> - * + * Returns an {@link Iterator} over the supported underlying block cipher key + * sizes. Each element returned by this object is an instance of + * {@link Integer}. + * * @return an {@link Iterator} over the supported key sizes. */ public Iterator keySizes() @@ -201,10 +178,7 @@ public abstract class BaseMode implements IMode synchronized (lock) { if (state != -1) - { - throw new IllegalStateException(); - } - + throw new IllegalStateException(); Integer want = (Integer) attributes.get(STATE); if (want != null) { @@ -220,20 +194,13 @@ public abstract class BaseMode implements IMode throw new IllegalArgumentException(); } } - Integer bs = (Integer) attributes.get(MODE_BLOCK_SIZE); modeBlockSize = (bs == null ? cipherBlockSize : bs.intValue()); - byte[] iv = (byte[]) attributes.get(IV); if (iv != null) - { - this.iv = (byte[]) iv.clone(); - } + this.iv = (byte[]) iv.clone(); else - { - this.iv = new byte[modeBlockSize]; - } - + this.iv = new byte[modeBlockSize]; cipher.init(attributes); setup(); } @@ -242,9 +209,7 @@ public abstract class BaseMode implements IMode public int currentBlockSize() { if (state == -1) - { - throw new IllegalStateException(); - } + throw new IllegalStateException(); return modeBlockSize; } @@ -255,7 +220,6 @@ public abstract class BaseMode implements IMode state = -1; iv = null; cipher.reset(); - teardown(); } } @@ -268,19 +232,12 @@ public abstract class BaseMode implements IMode { ks = ((Integer) kit.next()).intValue(); for (bit = blockSizes(); bit.hasNext();) - { - if (!testSymmetry(ks, ((Integer) bit.next()).intValue())) - { - return false; - } - } + if (! testSymmetry(ks, ((Integer) bit.next()).intValue())) + return false; } - return true; } - // methods to be implemented by concrete subclasses ------------------------ - public abstract Object clone(); /** The initialisation phase of the concrete mode implementation. */ @@ -293,8 +250,6 @@ public abstract class BaseMode implements IMode public abstract void decryptBlock(byte[] in, int i, byte[] out, int o); - // own methods ------------------------------------------------------------- - private boolean testSymmetry(int ks, int bs) { try @@ -304,44 +259,30 @@ public abstract class BaseMode implements IMode byte[] k = new byte[ks]; int i; for (i = 0; i < ks; i++) - { - k[i] = (byte) i; - } - + k[i] = (byte) i; int blockCount = 5; int limit = blockCount * bs; byte[] pt = new byte[limit]; for (i = 0; i < limit; i++) - { - pt[i] = (byte) i; - } + pt[i] = (byte) i; byte[] ct = new byte[limit]; byte[] cpt = new byte[limit]; - Map map = new HashMap(); map.put(KEY_MATERIAL, k); - map.put(CIPHER_BLOCK_SIZE, new Integer(cipherBlockSize)); - map.put(STATE, new Integer(ENCRYPTION)); + map.put(CIPHER_BLOCK_SIZE, Integer.valueOf(cipherBlockSize)); + map.put(STATE, Integer.valueOf(ENCRYPTION)); map.put(IV, iv); - map.put(MODE_BLOCK_SIZE, new Integer(bs)); - + map.put(MODE_BLOCK_SIZE, Integer.valueOf(bs)); mode.reset(); mode.init(map); for (i = 0; i < blockCount; i++) - { - mode.update(pt, i * bs, ct, i * bs); - } - + mode.update(pt, i * bs, ct, i * bs); mode.reset(); - map.put(STATE, new Integer(DECRYPTION)); + map.put(STATE, Integer.valueOf(DECRYPTION)); mode.init(map); for (i = 0; i < blockCount; i++) - { - mode.update(ct, i * bs, cpt, i * bs); - } - + mode.update(ct, i * bs, cpt, i * bs); return Arrays.equals(pt, cpt); - } catch (Exception x) { @@ -349,4 +290,4 @@ public abstract class BaseMode implements IMode return false; } } -}
\ No newline at end of file +} diff --git a/libjava/classpath/gnu/javax/crypto/mode/CBC.java b/libjava/classpath/gnu/javax/crypto/mode/CBC.java index 10578a6ef50..f3b3fb3312f 100644 --- a/libjava/classpath/gnu/javax/crypto/mode/CBC.java +++ b/libjava/classpath/gnu/javax/crypto/mode/CBC.java @@ -42,36 +42,31 @@ import gnu.java.security.Registry; import gnu.javax.crypto.cipher.IBlockCipher; /** - * The Cipher Block Chaining mode. This mode introduces feedback into - * the cipher by XORing the previous ciphertext block with the plaintext - * block before encipherment. That is, encrypting looks like this:</p> - * - * <blockquote><p>C<sub>i</sub> = E<sub>K</sub>(P<sub>i</sub> ^ - * C<sub>i-1</sub></p></blockquote> - * - * <p>Similarly, decrypting is:</p> - * - * <blockquote><p>P<sub>i</sub> = C<sub>i-1</sub> ^ - * D<sub>K</sub>(C<sub>i</sub>)</p></blockquote> + * The Cipher Block Chaining mode. This mode introduces feedback into the cipher + * by XORing the previous ciphertext block with the plaintext block before + * encipherment. That is, encrypting looks like this: + * + * <pre> + * C<sub>i</sub> = E<sub>K</sub>(P<sub>i</sub>ˆ C<sub>i-1</sub>) + * </pre> + * <p> + * Similarly, decrypting is: + * <pre> + * P<sub>i</sub> = C<sub>i-1</sub> ˆ D<sub>K</sub>(C<sub>i</sub>) + * </pre> */ -public class CBC extends BaseMode implements Cloneable +public class CBC + extends BaseMode + implements Cloneable { - - // Constants and Variables - //------------------------------------------------------------------ - /** The last (de|en)crypted block */ private byte[] lastBlock; - /** An intermediate buffer. */ private byte[] scratch; - // Constructors - // ----------------------------------------------------------------- - /** * Package-private constructor for the factory class. - * + * * @param underlyingCipher The cipher implementation. * @param cipherBlockSize The cipher's block size. */ @@ -86,31 +81,20 @@ public class CBC extends BaseMode implements Cloneable this((IBlockCipher) that.cipher.clone(), that.cipherBlockSize); } - // Cloneable interface implementation - // ----------------------------------------------------------------- - public Object clone() { return new CBC(this); } - // Implementation of abstract methods in BaseMode - // ----------------------------------------------------------------- - public void setup() { if (modeBlockSize != cipherBlockSize) - { - throw new IllegalArgumentException(); - } + throw new IllegalArgumentException(); scratch = new byte[cipherBlockSize]; lastBlock = new byte[cipherBlockSize]; - // lastBlock gets initialized to the initialization vector. for (int i = 0; i < lastBlock.length && i < iv.length; i++) - { - lastBlock[i] = iv[i]; - } + lastBlock[i] = iv[i]; } public void teardown() @@ -122,9 +106,7 @@ public class CBC extends BaseMode implements Cloneable public void encryptBlock(byte[] in, int i, byte[] out, int o) { for (int k = 0; k < scratch.length; k++) - { - scratch[k] = (byte) (lastBlock[k] ^ in[k + i]); - } + scratch[k] = (byte)(lastBlock[k] ^ in[k + i]); cipher.encryptBlock(scratch, 0, out, o); System.arraycopy(out, o, lastBlock, 0, cipherBlockSize); } @@ -135,9 +117,7 @@ public class CBC extends BaseMode implements Cloneable System.arraycopy(in, i, buf, 0, cipherBlockSize); cipher.decryptBlock(in, i, scratch, 0); for (int k = 0; k < scratch.length; k++) - { - out[o + k] = (byte) (lastBlock[k] ^ scratch[k]); - } + out[o + k] = (byte)(lastBlock[k] ^ scratch[k]); System.arraycopy(buf, 0, lastBlock, 0, cipherBlockSize); } -}
\ No newline at end of file +} diff --git a/libjava/classpath/gnu/javax/crypto/mode/CFB.java b/libjava/classpath/gnu/javax/crypto/mode/CFB.java index fef2b634cf2..6fc00637323 100644 --- a/libjava/classpath/gnu/javax/crypto/mode/CFB.java +++ b/libjava/classpath/gnu/javax/crypto/mode/CFB.java @@ -42,58 +42,48 @@ import gnu.java.security.Registry; import gnu.javax.crypto.cipher.IBlockCipher; /** - * The cipher feedback mode. CFB mode is a stream mode that operates on - * <i>s</i> bit blocks, where 1 <= <i>s</i> <= <i>b</i>, if - * <i>b</i> is the underlying cipher's block size. Encryption is: - * - <pre> - I[1] = IV - I[j] = LSB(b-s, I[j-1]) | C[j-1] for j = 2...n - O[j] = CIPH(K, I[j]) for j = 1,2...n - C[j] = P[j] ^ MSB(s, O[j]) for j = 1,2...n - </pre> - * - * <p>And decryption is:</p> - * - <pre> - I[1] = IV - I[j] = LSB(b-s, I[j-1]) | C[j-1] for j = 2...n - O[j] = CIPH(K, I[j]) for j = 1,2...n - P[j] = C[j] ^ MSB(s, O[j]) for j = 1,2...n - </pre> - * - * <p>CFB mode requires an initialization vector, which need not be kept - * secret.</p> - * - * <p>References:</p> + * The cipher feedback mode. CFB mode is a stream mode that operates on <i>s</i> + * bit blocks, where 1 <= <i>s</i> <= <i>b</i>, if <i>b</i> is the + * underlying cipher's block size. Encryption is: + * <pre> + * I[1] = IV + * I[j] = LSB(b-s, I[j-1]) | C[j-1] for j = 2...n + * O[j] = CIPH(K, I[j]) for j = 1,2...n + * C[j] = P[j] ˆ MSB(s, O[j]) for j = 1,2...n + * </pre> + * <p> + * And decryption is: + * <pre> + * I[1] = IV + * I[j] = LSB(b-s, I[j-1]) | C[j-1] for j = 2...n + * O[j] = CIPH(K, I[j]) for j = 1,2...n + * P[j] = C[j] ˆ MSB(s, O[j]) for j = 1,2...n + * </pre> + * <p> + * CFB mode requires an initialization vector, which need not be kept secret. + * <p> + * References: * <ol> - * <li>Bruce Schneier, <i>Applied Cryptography: Protocols, Algorithms, - * and Source Code in C, Second Edition</i>. (1996 John Wiley and Sons) - * ISBN 0-471-11709-9.</li> - * - * <li><a href="http://csrc.nist.gov/encryption/modes/Recommendation/Modes01.pdf"> + * <li>Bruce Schneier, <i>Applied Cryptography: Protocols, Algorithms, and + * Source Code in C, Second Edition</i>. (1996 John Wiley and Sons) ISBN + * 0-471-11709-9.</li> + * <li><a + * href="http://csrc.nist.gov/encryption/modes/Recommendation/Modes01.pdf"> * Recommendation for Block Cipher Modes of Operation Methods and Techniques</a>, * Morris Dworkin.</li> * </ol> */ -public class CFB extends BaseMode +public class CFB + extends BaseMode { - - // Constants and variables. - // ----------------------------------------------------------------------- - /** The shift register, the input block to the block cipher. */ private byte[] shiftRegister; - /** The output block from the block cipher. */ private byte[] scratch; - // Constructors. - // ----------------------------------------------------------------------- - /** * Package-private constructor for the factory class. - * + * * @param underlyingCipher The cipher implementation. * @param cipherBlockSize The cipher's block size. */ @@ -104,7 +94,7 @@ public class CFB extends BaseMode /** * Cloneing constructor. - * + * * @param that The instance being cloned. */ private CFB(CFB that) @@ -112,9 +102,6 @@ public class CFB extends BaseMode this((IBlockCipher) that.cipher.clone(), that.cipherBlockSize); } - // Instance methods implementing BaseMode. - // ----------------------------------------------------------------------- - public Object clone() { return new CFB(this); @@ -123,25 +110,20 @@ public class CFB extends BaseMode public void setup() { if (modeBlockSize > cipherBlockSize) - { - throw new IllegalArgumentException( - "CFB block size cannot be larger than the cipher block size"); - } + throw new IllegalArgumentException( + "CFB block size cannot be larger than the cipher block size"); shiftRegister = new byte[cipherBlockSize]; scratch = new byte[cipherBlockSize]; - System.arraycopy(iv, 0, shiftRegister, 0, Math.min(iv.length, - cipherBlockSize)); + System.arraycopy(iv, 0, + shiftRegister, 0, + Math.min(iv.length, cipherBlockSize)); } public void teardown() { if (shiftRegister != null) - { - for (int i = 0; i < shiftRegister.length; i++) - { - shiftRegister[i] = 0; - } - } + for (int i = 0; i < shiftRegister.length; i++) + shiftRegister[i] = 0; shiftRegister = null; } @@ -149,13 +131,12 @@ public class CFB extends BaseMode { cipher.encryptBlock(shiftRegister, 0, scratch, 0); for (int i = 0; i < modeBlockSize; i++) - { - out[outOffset + i] = (byte) (in[inOffset + i] ^ scratch[i]); - } - System.arraycopy(shiftRegister, modeBlockSize, shiftRegister, 0, + out[outOffset + i] = (byte)(in[inOffset + i] ^ scratch[i]); + System.arraycopy(shiftRegister, modeBlockSize, + shiftRegister, 0, cipherBlockSize - modeBlockSize); - System.arraycopy(out, outOffset, shiftRegister, cipherBlockSize - - modeBlockSize, + System.arraycopy(out, outOffset, + shiftRegister, cipherBlockSize - modeBlockSize, modeBlockSize); } @@ -163,13 +144,12 @@ public class CFB extends BaseMode { cipher.encryptBlock(shiftRegister, 0, scratch, 0); for (int i = 0; i < modeBlockSize; i++) - { - out[outOffset + i] = (byte) (in[inOffset + i] ^ scratch[i]); - } - System.arraycopy(shiftRegister, modeBlockSize, shiftRegister, 0, + out[outOffset + i] = (byte)(in[inOffset + i] ^ scratch[i]); + System.arraycopy(shiftRegister, modeBlockSize, + shiftRegister, 0, cipherBlockSize - modeBlockSize); - System.arraycopy(in, inOffset, shiftRegister, cipherBlockSize - - modeBlockSize, + System.arraycopy(in, inOffset, + shiftRegister, cipherBlockSize - modeBlockSize, modeBlockSize); } -}
\ No newline at end of file +} diff --git a/libjava/classpath/gnu/javax/crypto/mode/CTR.java b/libjava/classpath/gnu/javax/crypto/mode/CTR.java index 49f4b9f3c2a..0c856b483ee 100644 --- a/libjava/classpath/gnu/javax/crypto/mode/CTR.java +++ b/libjava/classpath/gnu/javax/crypto/mode/CTR.java @@ -40,59 +40,50 @@ package gnu.javax.crypto.mode; import gnu.java.security.Registry; import gnu.java.security.util.Sequence; - import gnu.javax.crypto.cipher.IBlockCipher; -import java.math.BigInteger; import java.util.Arrays; import java.util.Iterator; /** - * <p>The implementation of the Counter Mode.</p> - * - * <p>The algorithm steps are formally described as follows:</p> - * + * The implementation of the Counter Mode. + * <p> + * The algorithm steps are formally described as follows: + * * <pre> - * CTR Encryption: O[j] = E(K)(T[j]); for j = 1, 2...n; - * C[j] = P[j] ^ O[j]; for j = 1, 2...n. - * CTR Decryption: O[j] = E(K)(T[j]); for j = 1, 2...n; - * P[j] = C[j] ^ O[j]; for j = 1, 2...n. + * CTR Encryption: O[j] = E(K)(T[j]); for j = 1, 2...n; + * C[j] = P[j] ˆ O[j]; for j = 1, 2...n. + * CTR Decryption: O[j] = E(K)(T[j]); for j = 1, 2...n; + * P[j] = C[j] ˆ O[j]; for j = 1, 2...n. * </pre> - * - * <p>where <code>P</code> is the plaintext, <code>C</code> is the ciphertext, + * + * <p> + * where <code>P</code> is the plaintext, <code>C</code> is the ciphertext, * <code>E(K)</code> is the underlying block cipher encryption function - * parametrised with the session key <code>K</code>, and <code>T</code> is the - * <i>Counter</i>.</p> - * - * <p>This implementation, uses a standard incrementing function with a step of - * 1, and an initial value similar to that described in the NIST document.</p> - * - * <p>References:</p> - * + * parametrised with the session key <code>K</code>, and <code>T</code> is + * the <i>Counter</i>. + * <p> + * This implementation, uses a standard incrementing function with a step of 1, + * and an initial value similar to that described in the NIST document. + * <p> + * References: * <ol> - * <li><a href="http://csrc.nist.gov/encryption/modes/Recommendation/Modes01.pdf"> - * Recommendation for Block Cipher Modes of Operation Methods and Techniques</a>, - * Morris Dworkin.</li> + * <li><a + * href="http://csrc.nist.gov/encryption/modes/Recommendation/Modes01.pdf"> + * Recommendation for Block Cipher Modes of Operation Methods and Techniques</a>, + * Morris Dworkin.</li> * </ol> */ -public class CTR extends BaseMode implements Cloneable +public class CTR + extends BaseMode + implements Cloneable { - - // Constants and variables - // ------------------------------------------------------------------------- - - /** The current counter. */ - // private BigInteger T; private int off; - private byte[] counter, enc; - // Constructor(s) - // ------------------------------------------------------------------------- - /** - * <p>Trivial package-private constructor for use by the Factory class.</p> - * + * Trivial package-private constructor for use by the Factory class. + * * @param underlyingCipher the underlying cipher implementation. * @param cipherBlockSize the underlying cipher block size to use. */ @@ -102,8 +93,8 @@ public class CTR extends BaseMode implements Cloneable } /** - * <p>Private constructor for cloning purposes.</p> - * + * Private constructor for cloning purposes. + * * @param that the instance to clone. */ private CTR(CTR that) @@ -111,61 +102,31 @@ public class CTR extends BaseMode implements Cloneable this((IBlockCipher) that.cipher.clone(), that.cipherBlockSize); } - // Class methods - // ------------------------------------------------------------------------- - - // Cloneable interface implementation - // ------------------------------------------------------------------------- - public Object clone() { return new CTR(this); } - // Implementation of abstract methods in BaseMode - // ------------------------------------------------------------------------- - public void setup() { if (modeBlockSize > cipherBlockSize) - { - throw new IllegalArgumentException( - "mode size exceeds cipher block size"); - } + throw new IllegalArgumentException("mode size exceeds cipher block size"); off = 0; counter = new byte[cipherBlockSize]; int i = cipherBlockSize - 1; int j = iv.length - 1; while (i >= 0 && j >= 0) - { - counter[i--] = iv[j--]; - } + counter[i--] = iv[j--]; enc = new byte[cipherBlockSize]; cipher.encryptBlock(counter, 0, enc, 0); - // if (modeBlockSize != cipherBlockSize) { - // throw new IllegalArgumentException(); - // } - - // byte[] tBytes = new byte[modeBlockSize+1]; - // tBytes[0] = (byte) 0x80; - // for (int i = 0; i < modeBlockSize; i++) { - // tBytes[i+1] = (byte)(256 - modeBlockSize + i); - // } - - // T = new BigInteger(1, tBytes); } public void teardown() { if (counter != null) - { - Arrays.fill(counter, (byte) 0); - } + Arrays.fill(counter, (byte) 0); if (enc != null) - { - Arrays.fill(enc, (byte) 0); - } - // T = null; + Arrays.fill(enc, (byte) 0); } public void encryptBlock(byte[] in, int i, byte[] out, int o) @@ -183,21 +144,11 @@ public class CTR extends BaseMode implements Cloneable return new Sequence(1, cipherBlockSize).iterator(); } - // own methods - // ------------------------------------------------------------------------- - private void ctr(byte[] in, int inOffset, byte[] out, int outOffset) { - // T = T.add(BigInteger.ONE); - // byte[] O = T.toByteArray(); - // int ndx = O.length - modeBlockSize; - // cipher.encryptBlock(O, ndx, O, ndx); - // for (int i = 0; i < modeBlockSize; i++) { - // out[outOffset++] = (byte)(in[inOffset++] ^ O[ndx++]); - // } for (int i = 0; i < modeBlockSize; i++) { - out[outOffset++] = (byte) (in[inOffset++] ^ enc[off++]); + out[outOffset++] = (byte)(in[inOffset++] ^ enc[off++]); if (off == cipherBlockSize) { int j; @@ -205,17 +156,13 @@ public class CTR extends BaseMode implements Cloneable { counter[j]++; if ((counter[j] & 0xFF) != 0) - { - break; - } + break; } if (j == 0) - { - counter[cipherBlockSize - 1]++; - } + counter[cipherBlockSize - 1]++; off = 0; cipher.encryptBlock(counter, 0, enc, 0); } } } -}
\ No newline at end of file +} diff --git a/libjava/classpath/gnu/javax/crypto/mode/EAX.java b/libjava/classpath/gnu/javax/crypto/mode/EAX.java index bf260989825..401616b9f1f 100644 --- a/libjava/classpath/gnu/javax/crypto/mode/EAX.java +++ b/libjava/classpath/gnu/javax/crypto/mode/EAX.java @@ -39,13 +39,11 @@ exception statement from your version. */ package gnu.javax.crypto.mode; import gnu.java.security.Registry; - import gnu.javax.crypto.cipher.IBlockCipher; import gnu.javax.crypto.mac.IMac; import gnu.javax.crypto.mac.MacFactory; import java.security.InvalidKeyException; - import java.util.Arrays; import java.util.Collections; import java.util.HashMap; @@ -53,64 +51,48 @@ import java.util.Iterator; import java.util.Map; /** - * <p>A conventional two-pass authenticated-encrypted mode, EAX. EAX is a + * A conventional two-pass authenticated-encrypted mode, EAX. EAX is a * <i>Authenticated Encryption with Additional Data</i> (<b>AEAD</b>) scheme, * which provides protection and authentication for the message, and provides * authentication of an (optional) header. EAX is composed of the counter mode * (CTR) and the one-key CBC MAC (OMAC). - * - * <p>This class makes full use of the {@link IAuthenticatedMode} interface, - * that is, all methods of both {@link IMode} and {@link IMac} can be used - * as specified in the {@link IAuthenticatedMode} interface. - * - * <p>References:</p> + * <p> + * This class makes full use of the {@link IAuthenticatedMode} interface, that + * is, all methods of both {@link IMode} and {@link IMac} can be used as + * specified in the {@link IAuthenticatedMode} interface. + * <p> + * References: * <ol> * <li>M. Bellare, P. Rogaway, and D. Wagner; <a * href="http://www.cs.berkeley.edu/~daw/papers/eprint-short-ae.pdf">A * Conventional Authenticated-Encryption Mode</a>.</li> * </ol> */ -public class EAX implements IAuthenticatedMode +public class EAX + implements IAuthenticatedMode { - - // Constants and fields. - // ------------------------------------------------------------------------ - /** The tag size, in bytes. */ private int tagSize; - /** The nonce OMAC instance. */ private IMac nonceOmac; - /** The header OMAC instance. */ private IMac headerOmac; - /** The message OMAC instance. */ private IMac msgOmac; - /** The CTR instance. */ private IMode ctr; - /** The direction state (encrypting or decrypting). */ private int state; - /** Whether we're initialized or not. */ private boolean init; - /** The cipher block size. */ private int cipherBlockSize; - /** The cipher. */ private IBlockCipher cipher; - /** The [t]_n array. */ private byte[] t_n; - private static boolean valid = false; - // Constructor. - // ------------------------------------------------------------------------ - public EAX(IBlockCipher cipher, int cipherBlockSize) { this.cipher = cipher; @@ -118,9 +100,7 @@ public class EAX implements IAuthenticatedMode String name = cipher.name(); int i = name.indexOf('-'); if (i >= 0) - { - name = name.substring(0, i); - } + name = name.substring(0, i); String omacname = Registry.OMAC_PREFIX + name; nonceOmac = MacFactory.getInstance(omacname); headerOmac = MacFactory.getInstance(omacname); @@ -130,9 +110,6 @@ public class EAX implements IAuthenticatedMode init = false; } - // IMode instance methods. - // ------------------------------------------------------------------------ - public Object clone() { return new EAX((IBlockCipher) cipher.clone(), cipherBlockSize); @@ -167,17 +144,12 @@ public class EAX implements IAuthenticatedMode { byte[] nonce = (byte[]) attrib.get(IV); if (nonce == null) - { - throw new IllegalArgumentException("no nonce provided"); - } + throw new IllegalArgumentException("no nonce provided"); byte[] key = (byte[]) attrib.get(KEY_MATERIAL); if (key == null) - { - throw new IllegalArgumentException("no key provided"); - } + throw new IllegalArgumentException("no key provided"); Arrays.fill(t_n, (byte) 0); - nonceOmac.reset(); nonceOmac.init(Collections.singletonMap(MAC_KEY_MATERIAL, key)); nonceOmac.update(t_n, 0, t_n.length); @@ -186,57 +158,41 @@ public class EAX implements IAuthenticatedMode nonceOmac.reset(); nonceOmac.update(t_n, 0, t_n.length); nonceOmac.update(nonce, 0, nonce.length); - t_n[t_n.length - 1] = 1; headerOmac.reset(); headerOmac.init(Collections.singletonMap(MAC_KEY_MATERIAL, key)); headerOmac.update(t_n, 0, t_n.length); - t_n[t_n.length - 1] = 2; msgOmac.reset(); msgOmac.init(Collections.singletonMap(MAC_KEY_MATERIAL, key)); msgOmac.update(t_n, 0, t_n.length); - Integer modeSize = (Integer) attrib.get(MODE_BLOCK_SIZE); if (modeSize == null) - { - modeSize = new Integer(cipherBlockSize); - } + modeSize = Integer.valueOf(cipherBlockSize); HashMap ctrAttr = new HashMap(); ctrAttr.put(KEY_MATERIAL, key); ctrAttr.put(IV, N); - ctrAttr.put(STATE, new Integer(ENCRYPTION)); + ctrAttr.put(STATE, Integer.valueOf(ENCRYPTION)); ctrAttr.put(MODE_BLOCK_SIZE, modeSize); ctr.reset(); ctr.init(ctrAttr); - Integer st = (Integer) attrib.get(STATE); if (st != null) { state = st.intValue(); if (state != ENCRYPTION && state != DECRYPTION) - { - throw new IllegalArgumentException("invalid state"); - } + throw new IllegalArgumentException("invalid state"); } else - { - state = ENCRYPTION; - } + state = ENCRYPTION; Integer ts = (Integer) attrib.get(TRUNCATED_SIZE); if (ts != null) - { - tagSize = ts.intValue(); - } + tagSize = ts.intValue(); else - { - tagSize = cipherBlockSize; - } + tagSize = cipherBlockSize; if (tagSize < 0 || tagSize > cipherBlockSize) - { - throw new IllegalArgumentException("tag size out of range"); - } + throw new IllegalArgumentException("tag size out of range"); init = true; } @@ -247,28 +203,20 @@ public class EAX implements IAuthenticatedMode public void encryptBlock(byte[] in, int inOff, byte[] out, int outOff) { - if (!init) - { - throw new IllegalStateException("not initialized"); - } + if (! init) + throw new IllegalStateException("not initialized"); if (state != ENCRYPTION) - { - throw new IllegalStateException("not encrypting"); - } + throw new IllegalStateException("not encrypting"); ctr.update(in, inOff, out, outOff); msgOmac.update(out, outOff, ctr.currentBlockSize()); } public void decryptBlock(byte[] in, int inOff, byte[] out, int outOff) { - if (!init) - { - throw new IllegalStateException("not initialized"); - } + if (! init) + throw new IllegalStateException("not initialized"); if (state != DECRYPTION) - { - throw new IllegalStateException("not decrypting"); - } + throw new IllegalStateException("not decrypting"); msgOmac.update(in, inOff, ctr.currentBlockSize()); ctr.update(in, inOff, out, outOff); } @@ -301,9 +249,6 @@ public class EAX implements IAuthenticatedMode return true; // XXX } - // IMac instance methods. - // ------------------------------------------------------------------------ - public int macSize() { return tagSize; @@ -319,34 +264,26 @@ public class EAX implements IAuthenticatedMode public void digest(byte[] out, int outOffset) { if (outOffset < 0 || outOffset + tagSize > out.length) - { - throw new IndexOutOfBoundsException(); - } + throw new IndexOutOfBoundsException(); byte[] N = nonceOmac.digest(); byte[] H = headerOmac.digest(); byte[] M = msgOmac.digest(); for (int i = 0; i < tagSize; i++) - { - out[outOffset + i] = (byte) (N[i] ^ H[i] ^ M[i]); - } + out[outOffset + i] = (byte)(N[i] ^ H[i] ^ M[i]); reset(); } public void update(byte b) { - if (!init) - { - throw new IllegalStateException("not initialized"); - } + if (! init) + throw new IllegalStateException("not initialized"); headerOmac.update(b); } public void update(byte[] buf, int off, int len) { - if (!init) - { - throw new IllegalStateException("not initialized"); - } + if (! init) + throw new IllegalStateException("not initialized"); headerOmac.update(buf, off, len); } -}
\ No newline at end of file +} diff --git a/libjava/classpath/gnu/javax/crypto/mode/ECB.java b/libjava/classpath/gnu/javax/crypto/mode/ECB.java index 3b33a1848fe..665e526ca11 100644 --- a/libjava/classpath/gnu/javax/crypto/mode/ECB.java +++ b/libjava/classpath/gnu/javax/crypto/mode/ECB.java @@ -42,44 +42,40 @@ import gnu.java.security.Registry; import gnu.javax.crypto.cipher.IBlockCipher; /** - * <p>The implementation of the Electronic Codebook mode.</p> - * - * <p>The Electronic Codebook (ECB) mode is a confidentiality mode that is - * defined as follows:</p> - * + * The implementation of the Electronic Codebook mode. + * <p> + * The Electronic Codebook (ECB) mode is a confidentiality mode that is defined + * as follows: * <ul> - * <li>ECB Encryption: C<sub>j</sub> = CIPH<sub>K</sub>(P<sub>j</sub>) for j = 1...n</li> - * <li>ECB Decryption: P<sub>j</sub> = CIPH<sup>-1</sup><sub>K</sub>(C<sub>j</sub>) for j = 1...n</li> + * <li>ECB Encryption: C<sub>j</sub> = CIPH<sub>K</sub>(P<sub>j</sub>) + * for j = 1...n</li> + * <li>ECB Decryption: P<sub>j</sub> = CIPH<sup>-1</sup><sub>K</sub>(C<sub>j</sub>) + * for j = 1...n</li> * </ul> - * - * <p>In ECB encryption, the forward cipher function is applied directly, and + * <p> + * In ECB encryption, the forward cipher function is applied directly, and * independently, to each block of the plaintext. The resulting sequence of - * output blocks is the ciphertext.</p> - * - * <p>In ECB decryption, the inverse cipher function is applied directly, and + * output blocks is the ciphertext. + * <p> + * In ECB decryption, the inverse cipher function is applied directly, and * independently, to each block of the ciphertext. The resulting sequence of - * output blocks is the plaintext.</p> - * - * <p>References:</p> - * + * output blocks is the plaintext. + * <p> + * References: * <ol> - * <li><a href="http://csrc.nist.gov/encryption/modes/Recommendation/Modes01.pdf"> - * Recommendation for Block Cipher Modes of Operation Methods and Techniques</a>, - * Morris Dworkin.</li> + * <li><a + * href="http://csrc.nist.gov/encryption/modes/Recommendation/Modes01.pdf"> + * Recommendation for Block Cipher Modes of Operation Methods and Techniques</a>, + * Morris Dworkin.</li> * </ol> */ -public class ECB extends BaseMode implements Cloneable +public class ECB + extends BaseMode + implements Cloneable { - - // Constants and variables - // ------------------------------------------------------------------------- - - // Constructor(s) - // ------------------------------------------------------------------------- - /** - * <p>Trivial package-private constructor for use by the Factory class.</p> - * + * Trivial package-private constructor for use by the Factory class. + * * @param underlyingCipher the underlying cipher implementation. * @param cipherBlockSize the underlying cipher block size to use. */ @@ -89,8 +85,8 @@ public class ECB extends BaseMode implements Cloneable } /** - * <p>Private constructor for cloning purposes.</p> - * + * Private constructor for cloning purposes. + * * @param that the mode to clone. */ private ECB(ECB that) @@ -98,27 +94,15 @@ public class ECB extends BaseMode implements Cloneable this((IBlockCipher) that.cipher.clone(), that.cipherBlockSize); } - // Class methods - // ------------------------------------------------------------------------- - - // Instance methods - // ------------------------------------------------------------------------- - - // java.lang.Cloneable interface implementation ---------------------------- - public Object clone() { return new ECB(this); } - // Implementation of abstract methods in BaseMode -------------------------- - public void setup() { if (modeBlockSize != cipherBlockSize) - { - throw new IllegalArgumentException(IMode.MODE_BLOCK_SIZE); - } + throw new IllegalArgumentException(IMode.MODE_BLOCK_SIZE); } public void teardown() @@ -134,4 +118,4 @@ public class ECB extends BaseMode implements Cloneable { cipher.decryptBlock(in, i, out, o); } -}
\ No newline at end of file +} diff --git a/libjava/classpath/gnu/javax/crypto/mode/IAuthenticatedMode.java b/libjava/classpath/gnu/javax/crypto/mode/IAuthenticatedMode.java index 989e3edbcd0..703679dc0a6 100644 --- a/libjava/classpath/gnu/javax/crypto/mode/IAuthenticatedMode.java +++ b/libjava/classpath/gnu/javax/crypto/mode/IAuthenticatedMode.java @@ -43,16 +43,14 @@ import gnu.javax.crypto.mac.IMac; /** * The interface for encryption modes that also produce a message authentication * tag. - * - * <p>This interface is merely the conjuction of the {@link IMode} and - * {@link IMac} interfaces. Encryption and decryption is done via the - * {@link IMode#update(byte[],int,byte[],int)} method, tag generation - * is done via the {@link IMac#digest()} method, and header updating - * (if supported by the mode) is done via the {@link - * IMac#update(byte[],int,int)} method. + * <p> + * This interface is merely the conjuction of the {@link IMode} and {@link IMac} + * interfaces. Encryption and decryption is done via the + * {@link IMode#update(byte[],int,byte[],int)} method, tag generation is done + * via the {@link IMac#digest()} method, and header updating (if supported by + * the mode) is done via the {@link IMac#update(byte[],int,int)} method. */ -public interface IAuthenticatedMode extends IMode, IMac +public interface IAuthenticatedMode + extends IMode, IMac { - - // Trivial conjunction of IMode and IMac. } diff --git a/libjava/classpath/gnu/javax/crypto/mode/ICM.java b/libjava/classpath/gnu/javax/crypto/mode/ICM.java index d37908b5dfd..833ddb18f7f 100644 --- a/libjava/classpath/gnu/javax/crypto/mode/ICM.java +++ b/libjava/classpath/gnu/javax/crypto/mode/ICM.java @@ -44,75 +44,66 @@ import gnu.javax.crypto.cipher.IBlockCipher; import java.math.BigInteger; /** - * <p>An implementation of <i>David McGrew</i> Integer Counter Mode (ICM) as an - * {@link IMode}.</p> - * - * <p>ICM is a way to define a pseudorandom keystream generator using a block - * cipher. The keystream can be used for additive encryption, key derivation, - * or any other application requiring pseudorandom data. In the case of this - * class, it is used as additive encryption, XOR-ing the keystream with the - * input text --for both encryption and decryption.</p> - * - * <p>In ICM, the keystream is logically broken into segments. Each segment is + * An implementation of <i>David McGrew</i> Integer Counter Mode (ICM) as an + * {@link IMode}. + * <p> + * ICM is a way to define a pseudorandom keystream generator using a block + * cipher. The keystream can be used for additive encryption, key derivation, or + * any other application requiring pseudorandom data. In the case of this class, + * it is used as additive encryption, XOR-ing the keystream with the input text + * --for both encryption and decryption. + * <p> + * In ICM, the keystream is logically broken into segments. Each segment is * identified with a segment index, and the segments have equal lengths. This * segmentation makes ICM especially appropriate for securing packet-based * protocols. ICM also allows a variety of configurations based, among other - * things, on two parameters: the <i>block index length</i> and the - * <i>segment index length</i>. A constraint on those two values exists: The sum - * of <i>segment index length</i> and <i>block index length</i> <b>must not</b> - * half the <i>block size</i> of the underlying cipher. This requirement protects - * the ICM keystream generator from potentially failing to be pseudorandom.</p> - * - * <p>For simplicity, this implementation, fixes these two values to the - * following:</p> - * + * things, on two parameters: the <i>block index length</i> and the <i>segment + * index length</i>. A constraint on those two values exists: The sum of + * <i>segment index length</i> and <i>block index length</i> <b>must not</b> + * half the <i>block size</i> of the underlying cipher. This requirement + * protects the ICM keystream generator from potentially failing to be + * pseudorandom. + * <p> + * For simplicity, this implementation, fixes these two values to the following: * <ul> - * <li>block index length: is half the underlying cipher block size, and</li> - * <li>segment index length: is zero.</li> + * <li>block index length: is half the underlying cipher block size, and</li> + * <li>segment index length: is zero.</li> * </ul> - * - * <p>For a 128-bit block cipher, the above values imply a maximum keystream - * length of 295,147,905,179,352,825,856 octets, since in ICM, each segment must - * not exceed the value <code>(256 ^ <i>block index length</i>) * <i>block length</i></code> - * octets.</p> - * - * <p>Finally, for this implementation of the ICM, the IV placeholder will be - * used to pass the value of the <i>Offset</i> in the keystream segment.</p> - * - * <p>References:</p> - * + * <p> + * For a 128-bit block cipher, the above values imply a maximum keystream length + * of 295,147,905,179,352,825,856 octets, since in ICM, each segment must not + * exceed the value + * <code>(256 ^ <i>block index length</i>) * <i>block length</i></code> + * octets. + * <p> + * Finally, for this implementation of the ICM, the IV placeholder will be used + * to pass the value of the <i>Offset</i> in the keystream segment. + * <p> + * References: * <ol> - * <li><a href="http://www.ietf.org/internet-drafts/draft-mcgrew-saag-icm-00.txt"> - * Integer Counter Mode</a>, David A. McGrew.</li> + * <li><a + * href="http://www.ietf.org/internet-drafts/draft-mcgrew-saag-icm-00.txt"> + * Integer Counter Mode</a>, David A. McGrew.</li> * </ol> */ -public class ICM extends BaseMode implements Cloneable +public class ICM + extends BaseMode + implements Cloneable { - - // Constants and variables - // ------------------------------------------------------------------------- - /** The integer value 256 as a BigInteger. */ private static final BigInteger TWO_FIFTY_SIX = new BigInteger("256"); - /** Maximum number of blocks per segment. */ private BigInteger maxBlocksPerSegment; - /** A work constant. */ private BigInteger counterRange; - /** The initial counter for a given keystream segment. */ private BigInteger C0; - /** The index of the next block for a given keystream segment. */ private BigInteger blockNdx; - // Constructor(s) - // ------------------------------------------------------------------------- - /** - * <p>Trivial package-private constructor for use by the Factory class.</p> - * + * Trivial package-private constructor for use by the Factory class. + * * @param underlyingCipher the underlying cipher implementation. * @param cipherBlockSize the underlying cipher block size to use. */ @@ -122,8 +113,8 @@ public class ICM extends BaseMode implements Cloneable } /** - * <p>Private constructor for cloning purposes.<p> - * + * Private constructor for cloning purposes. + * * @param that the instance to clone. */ private ICM(ICM that) @@ -131,27 +122,15 @@ public class ICM extends BaseMode implements Cloneable this((IBlockCipher) that.cipher.clone(), that.cipherBlockSize); } - // Class methods - // ------------------------------------------------------------------------- - - // Cloneable interface implementation - // ------------------------------------------------------------------------- - public Object clone() { return new ICM(this); } - // Implementation of abstract methods in BaseMode - // ------------------------------------------------------------------------- - public void setup() { if (modeBlockSize != cipherBlockSize) - { - throw new IllegalArgumentException(); - } - + throw new IllegalArgumentException(); counterRange = TWO_FIFTY_SIX.pow(cipherBlockSize); maxBlocksPerSegment = TWO_FIFTY_SIX.pow(cipherBlockSize / 2); BigInteger r = new BigInteger(1, iv); @@ -177,35 +156,13 @@ public class ICM extends BaseMode implements Cloneable icm(in, i, out, o); } - // Instance methods - // ------------------------------------------------------------------------- - private void icm(byte[] in, int inOffset, byte[] out, int outOffset) { if (blockNdx.compareTo(maxBlocksPerSegment) >= 0) throw new RuntimeException("Maximum blocks for segment reached"); - - // encrypt the counter for the current blockNdx - // C[i] = (C[0] + i) modulo (256^BLOCK_LENGTH). - BigInteger Ci = C0.add(blockNdx).modPow(BigInteger.ONE, counterRange); byte[] result = Ci.toByteArray(); int limit = result.length; - // if (limit < cipherBlockSize) { - // byte[] data = new byte[cipherBlockSize]; - // System.arraycopy(result, 0, data, cipherBlockSize-limit, limit); - // result = data; - // } else if (limit > cipherBlockSize) { - // byte[] data = new byte[cipherBlockSize]; - // System.arraycopy(result, limit-cipherBlockSize, data, 0, cipherBlockSize); - // result = data; - // } - // - // cipher.encryptBlock(result, 0, result, 0); - // blockNdx = blockNdx.add(BigInteger.ONE); // increment blockNdx - // for (int i = 0; i < modeBlockSize; ) { // xor result with input block - // out[outOffset++] = (byte)(in[inOffset++] ^ result[i++]); - // } int ndx = 0; if (limit < cipherBlockSize) { @@ -214,15 +171,11 @@ public class ICM extends BaseMode implements Cloneable result = data; } else if (limit > cipherBlockSize) - { - ndx = limit - cipherBlockSize; - } + ndx = limit - cipherBlockSize; cipher.encryptBlock(result, ndx, result, ndx); blockNdx = blockNdx.add(BigInteger.ONE); // increment blockNdx - for (int i = 0; i < modeBlockSize; i++) - { // xor result with input block - out[outOffset++] = (byte) (in[inOffset++] ^ result[ndx++]); - } + for (int i = 0; i < modeBlockSize; i++) // xor result with input block + out[outOffset++] = (byte)(in[inOffset++] ^ result[ndx++]); } -}
\ No newline at end of file +} diff --git a/libjava/classpath/gnu/javax/crypto/mode/IMode.java b/libjava/classpath/gnu/javax/crypto/mode/IMode.java index 4cb6ca64bd9..30485117d45 100644 --- a/libjava/classpath/gnu/javax/crypto/mode/IMode.java +++ b/libjava/classpath/gnu/javax/crypto/mode/IMode.java @@ -41,105 +41,83 @@ package gnu.javax.crypto.mode; import gnu.javax.crypto.cipher.IBlockCipher; /** - * <p>The basic visible methods of any block cipher mode.</p> - * - * <p>Block ciphers encrypt plaintext in fixed size n-bit blocks. For messages + * The basic visible methods of any block cipher mode. + * <p> + * Block ciphers encrypt plaintext in fixed size n-bit blocks. For messages * larger than n bits, the simplest approach is to segment the message into * n-bit blocks and process (encrypt and/or decrypt) each one separately * (Electronic Codebook or ECB mode). But this approach has disadvantages in * most applications. The block cipher modes of operations are one way of - * working around those disadvantages.</p> - * - * <p>A <i>Mode</i> always employs an underlying block cipher for processing its + * working around those disadvantages. + * <p> + * A <i>Mode</i> always employs an underlying block cipher for processing its * input. For all intents and purposes, a <i>Mode</i> appears to behave as any - * other block cipher with the following differences:</p> - * + * other block cipher with the following differences: * <ul> - * <li>Depending on the specifications of the mode, the block size may be - * different that that of the underlying cipher.</li> - * - * <li>While some modes of operations allow operations on block sizes that - * can be 1-bit long, this library will only deal with sizes that are - * multiple of 8 bits. This is because the <tt>byte</tt> is the smallest, - * easy to handle, primitive type in Java.</li> - * - * <li>Some modes need an <i>Initialisation Vector</i> (IV) to be properly - * initialised.</li> + * <li>Depending on the specifications of the mode, the block size may be + * different that that of the underlying cipher.</li> + * <li>While some modes of operations allow operations on block sizes that can + * be 1-bit long, this library will only deal with sizes that are multiple of 8 + * bits. This is because the <tt>byte</tt> is the smallest, easy to handle, + * primitive type in Java.</li> + * <li>Some modes need an <i>Initialisation Vector</i> (IV) to be properly + * initialised.</li> * </ul> - * - * <p>Possible additional initialisation values for an instance of that type - * are:</p> - * + * <p> + * Possible additional initialisation values for an instance of that type are: * <ul> - * <li>The block size in which to operate this mode instance. This - * value is <b>optional</b>, if unspecified, the underlying block cipher's - * configured block size shall be used.</li> - * - * <li>Whether this mode will be used for encryption or decryption. This - * value is <b>mandatory</b> and should be included in the initialisation - * parameters. If it isn't, a {@link java.lang.IllegalStateException} will - * be thrown if any method, other than <code>reset()</code> is invoked on the - * instance.</li> - * - * <li>The byte array containing the <i>initialisation vector</i>, if - * required by this type of mode.</li> + * <li>The block size in which to operate this mode instance. This value is + * <b>optional</b>, if unspecified, the underlying block cipher's configured + * block size shall be used.</li> + * <li>Whether this mode will be used for encryption or decryption. This value + * is <b>mandatory</b> and should be included in the initialisation parameters. + * If it isn't, a {@link java.lang.IllegalStateException} will be thrown if any + * method, other than <code>reset()</code> is invoked on the instance.</li> + * <li>The byte array containing the <i>initialisation vector</i>, if required + * by this type of mode.</li> * </ul> */ -public interface IMode extends IBlockCipher +public interface IMode + extends IBlockCipher { - - // Constants - // ------------------------------------------------------------------------- - /** - * <p>Property name of the state in which to operate this mode. The value + * Property name of the state in which to operate this mode. The value * associated to this property name is taken to be an {@link Integer} which - * value is either <code>ENCRYPTION</code> or <code>DECRYPTION</code>.</p> + * value is either <code>ENCRYPTION</code> or <code>DECRYPTION</code>. */ String STATE = "gnu.crypto.mode.state"; - /** - * <p>Property name of the block size in which to operate this mode. The - * value associated with this property name is taken to be an {@link Integer}. - * If it is not specified, the value of the block size of the underlying - * block cipher, used to construct the mode instance, shall be used.</p> + * Property name of the block size in which to operate this mode. The value + * associated with this property name is taken to be an {@link Integer}. If + * it is not specified, the value of the block size of the underlying block + * cipher, used to construct the mode instance, shall be used. */ String MODE_BLOCK_SIZE = "gnu.crypto.mode.block.size"; - /** - * <p>Property name of the initialisation vector to use, if required, with - * this instance. The value associated with this property name is taken to - * be a byte array. If the concrete instance needs such a parameter, and it - * has not been specified as part of the initialissation parameters, an - * all-zero byte array of the appropriate size shall be used.</p> + * Property name of the initialisation vector to use, if required, with this + * instance. The value associated with this property name is taken to be a + * byte array. If the concrete instance needs such a parameter, and it has not + * been specified as part of the initialissation parameters, an all-zero byte + * array of the appropriate size shall be used. */ String IV = "gnu.crypto.mode.iv"; - - /** - * <p>Constant indicating the instance is being used for <i>encryption</i>.</p> - */ + /** Constant indicating the instance is being used for <i>encryption</i>. */ int ENCRYPTION = 1; - - /** - * <p>Constant indicating the instance is being used for <i>decryption</i>.</p> - */ + /** Constant indicating the instance is being used for <i>decryption</i>. */ int DECRYPTION = 2; - // Methods - // ------------------------------------------------------------------------- - /** - * <p>A convenience method. Effectively invokes the <code>encryptBlock()</code> + * A convenience method. Effectively invokes the <code>encryptBlock()</code> * or <code>decryptBlock()</code> method depending on the operational state - * of the instance.</p> - * + * of the instance. + * * @param in the plaintext. * @param inOffset index of <code>in</code> from which to start considering - * data. + * data. * @param out the ciphertext. * @param outOffset index of <code>out</code> from which to store result. * @exception IllegalStateException if the instance is not initialised. */ void update(byte[] in, int inOffset, byte[] out, int outOffset) throws IllegalStateException; -}
\ No newline at end of file +} diff --git a/libjava/classpath/gnu/javax/crypto/mode/ModeFactory.java b/libjava/classpath/gnu/javax/crypto/mode/ModeFactory.java index 0e949ed9e96..d1acdf4e599 100644 --- a/libjava/classpath/gnu/javax/crypto/mode/ModeFactory.java +++ b/libjava/classpath/gnu/javax/crypto/mode/ModeFactory.java @@ -49,16 +49,12 @@ import java.util.Iterator; import java.util.Set; /** - * <p>A <i>Factory</i> to instantiate block cipher modes of operations.</p> + * A <i>Factory</i> to instantiate block cipher modes of operations. */ -public class ModeFactory implements Registry +public class ModeFactory + implements Registry { - - // Constants and variables - // ------------------------------------------------------------------------- - - // Constructor(s) - // ------------------------------------------------------------------------- + private static Set names; /** Trivial constructor to enforce Singleton pattern. */ private ModeFactory() @@ -66,37 +62,29 @@ public class ModeFactory implements Registry super(); } - // Class methods - // ------------------------------------------------------------------------- - /** - * <p>Returns an instance of a block cipher mode of operations given its name - * and characteristics of the underlying block cipher.</p> - * + * Returns an instance of a block cipher mode of operations given its name and + * characteristics of the underlying block cipher. + * * @param mode the case-insensitive name of the mode of operations. * @param cipher the case-insensitive name of the block cipher. * @param cipherBlockSize the block size, in bytes, of the underlying cipher. * @return an instance of the block cipher algorithm, operating in a given - * mode of operations, or <code>null</code> if none found. + * mode of operations, or <code>null</code> if none found. * @exception InternalError if either the mode or the underlying block cipher - * implementation does not pass its self-test. + * implementation does not pass its self-test. */ public static IMode getInstance(String mode, String cipher, int cipherBlockSize) { if (mode == null || cipher == null) - { - return null; - } + return null; mode = mode.trim(); cipher = cipher.trim(); - IBlockCipher cipherImpl = CipherFactory.getInstance(cipher); if (cipherImpl == null) - { - return null; - } + return null; return getInstance(mode, cipherImpl, cipherBlockSize); } @@ -110,59 +98,36 @@ public class ModeFactory implements Registry { ok = (cipherBlockSize == ((Integer) it.next()).intValue()); if (ok) - { - break; - } - } - - if (!ok) - { - throw new IllegalArgumentException("cipherBlockSize"); + break; } - + if (! ok) + throw new IllegalArgumentException("cipherBlockSize"); IMode result = null; if (mode.equalsIgnoreCase(ECB_MODE)) - { - result = new ECB(cipher, cipherBlockSize); - } + result = new ECB(cipher, cipherBlockSize); else if (mode.equalsIgnoreCase(CTR_MODE)) - { - result = new CTR(cipher, cipherBlockSize); - } + result = new CTR(cipher, cipherBlockSize); else if (mode.equalsIgnoreCase(ICM_MODE)) - { - result = new ICM(cipher, cipherBlockSize); - } + result = new ICM(cipher, cipherBlockSize); else if (mode.equalsIgnoreCase(OFB_MODE)) - { - result = new OFB(cipher, cipherBlockSize); - } + result = new OFB(cipher, cipherBlockSize); else if (mode.equalsIgnoreCase(CBC_MODE)) - { - result = new CBC(cipher, cipherBlockSize); - } + result = new CBC(cipher, cipherBlockSize); else if (mode.equalsIgnoreCase(CFB_MODE)) - { - result = new CFB(cipher, cipherBlockSize); - } + result = new CFB(cipher, cipherBlockSize); else if (mode.equalsIgnoreCase(EAX_MODE)) - { - result = new EAX(cipher, cipherBlockSize); - } + result = new EAX(cipher, cipherBlockSize); - if (result != null && !result.selfTest()) - { - throw new InternalError(result.name()); - } + if (result != null && ! result.selfTest()) + throw new InternalError(result.name()); return result; } /** - * <p>Returns a {@link java.util.Set} of names of mode supported by this - * <i>Factory</i>.</p> - * - * @return a {@link java.util.Set} of mode names (Strings). + * Returns a {@link Set} of names of mode supported by this <i>Factory</i>. + * + * @return a {@link Set} of mode names (Strings). */ public static final Set getNames() { @@ -178,15 +143,9 @@ public class ModeFactory implements Registry hs.add(CBC_MODE); hs.add(CFB_MODE); hs.add(EAX_MODE); - names = Collections.unmodifiableSet(hs); } } return names; } - - private static Set names; - - // Instance methods - // ------------------------------------------------------------------------- -}
\ No newline at end of file +} diff --git a/libjava/classpath/gnu/javax/crypto/mode/OFB.java b/libjava/classpath/gnu/javax/crypto/mode/OFB.java index 68065d10b9c..c8b6d7e97e7 100644 --- a/libjava/classpath/gnu/javax/crypto/mode/OFB.java +++ b/libjava/classpath/gnu/javax/crypto/mode/OFB.java @@ -39,33 +39,33 @@ exception statement from your version. */ package gnu.javax.crypto.mode; import gnu.java.security.Registry; - import gnu.javax.crypto.cipher.IBlockCipher; /** - * <p>The Output Feedback (OFB) mode is a confidentiality mode that requires a + * The Output Feedback (OFB) mode is a confidentiality mode that requires a * unique <code>IV</code> for every message that is ever encrypted under the - * given key. The OFB mode is defined as follows:</p> - * + * given key. The OFB mode is defined as follows: + * <ul> + * <li>OFB Encryption: * <ul> - * <li>OFB Encryption: - * <ul> - * <li>I<sub>1</sub> = IV;</li> - * <li>I<sub>j</sub> = O<sub>j -1</sub> for j = 2...n;</li> - * <li>O<sub>j</sub> = CIPH<sub>K</sub>(I<sub>j</sub>) for j = 1, 2...n;</li> - * <li>C<sub>j</sub> = P<sub>j</sub> XOR O<sub>j</sub> for j = 1, 2...n.</li> - * </ul></li> + * <li>I<sub>1</sub> = IV;</li> + * <li>I<sub>j</sub> = O<sub>j -1</sub> for j = 2...n;</li> + * <li>O<sub>j</sub> = CIPH<sub>K</sub>(I<sub>j</sub>) for j = 1, 2...n;</li> + * <li>C<sub>j</sub> = P<sub>j</sub> XOR O<sub>j</sub> for j = 1, 2...n.</li> + * </ul> + * </li> * <li>OFB Decryption: - * <ul> - * <li>I<sub>1</sub> = IV;</li> - * <li>I<sub>j</sub> = O<sub>j -1</sub> for j = 2...n;</li> - * <li>O<sub>j</sub> = CIPH<sub>K</sub>(I<sub>j</sub>) for j = 1, 2...n;</li> - * <li>P<sub>j</sub> = C<sub>j</sub> XOR O<sub>j</sub> for j = 1, 2...n.</li> - * </ul></li> + * <ul> + * <li>I<sub>1</sub> = IV;</li> + * <li>I<sub>j</sub> = O<sub>j -1</sub> for j = 2...n;</li> + * <li>O<sub>j</sub> = CIPH<sub>K</sub>(I<sub>j</sub>) for j = 1, 2...n;</li> + * <li>P<sub>j</sub> = C<sub>j</sub> XOR O<sub>j</sub> for j = 1, 2...n.</li> * </ul> - * - * <p>In OFB encryption, the <code>IV</code> is transformed by the forward - * cipher function to produce the first output block. The first output block is + * </li> + * </ul> + * <p> + * In OFB encryption, the <code>IV</code> is transformed by the forward cipher + * function to produce the first output block. The first output block is * exclusive-ORed with the first plaintext block to produce the first ciphertext * block. The first output block is then transformed by the forward cipher * function to produce the second output block. The second output block is @@ -74,9 +74,9 @@ import gnu.javax.crypto.cipher.IBlockCipher; * cipher function to produce the third output block. Thus, the successive * output blocks are produced from enciphering the previous output blocks, and * the output blocks are exclusive-ORed with the corresponding plaintext blocks - * to produce the ciphertext blocks.</p> - * - * <p>In OFB decryption, the <code>IV</code> is transformed by the forward cipher + * to produce the ciphertext blocks. + * <p> + * In OFB decryption, the <code>IV</code> is transformed by the forward cipher * function to produce the first output block. The first output block is * exclusive-ORed with the first ciphertext block to recover the first plaintext * block. The first output block is then transformed by the forward cipher @@ -86,51 +86,46 @@ import gnu.javax.crypto.cipher.IBlockCipher; * forward cipher function to produce the third output block. Thus, the * successive output blocks are produced from enciphering the previous output * blocks, and the output blocks are exclusive-ORed with the corresponding - * ciphertext blocks to recover the plaintext blocks.</p> - * - * <p>In both OFB encryption and OFB decryption, each forward cipher function + * ciphertext blocks to recover the plaintext blocks. + * <p> + * In both OFB encryption and OFB decryption, each forward cipher function * (except the first) depends on the results of the previous forward cipher - * function; therefore, multiple forward cipher functions cannot be performed - * in parallel. However, if the <code>IV</code> is known, the output blocks can - * be generated prior to the availability of the plaintext or ciphertext data.</p> - * - * <p>The OFB mode requires a unique <code>IV</code> for every message that is + * function; therefore, multiple forward cipher functions cannot be performed in + * parallel. However, if the <code>IV</code> is known, the output blocks can + * be generated prior to the availability of the plaintext or ciphertext data. + * <p> + * The OFB mode requires a unique <code>IV</code> for every message that is * ever encrypted under the given key. If, contrary to this requirement, the * same <code>IV</code> is used for the encryption of more than one message, * then the confidentiality of those messages may be compromised. In particular, * if a plaintext block of any of these messages is known, say, the j<sup>th</sup> * plaintext block, then the j<sup>th</sup> output of the forward cipher - * function can be determined easily from the j<sup>th</sup> ciphertext block of - * the message. This information allows the j<sup>th</sup> plaintext block of - * any other message that is encrypted using the same <code>IV</code> to be - * easily recovered from the jth ciphertext block of that message.</p> - * - * <p>Confidentiality may similarly be compromised if any of the input blocks to + * function can be determined easily from the j<sup>th</sup> ciphertext block + * of the message. This information allows the j<sup>th</sup> plaintext block + * of any other message that is encrypted using the same <code>IV</code> to be + * easily recovered from the jth ciphertext block of that message. + * <p> + * Confidentiality may similarly be compromised if any of the input blocks to * the forward cipher function for the encryption of a message is used as the - * <code>IV</code> for the encryption of another message under the given key.</p> - * - * <p>References:</p> - * + * <code>IV</code> for the encryption of another message under the given key. + * <p> + * References: * <ol> - * <li><a href="http://csrc.nist.gov/encryption/modes/Recommendation/Modes01.pdf"> - * Recommendation for Block Cipher Modes of Operation Methods and Techniques</a>, - * Morris Dworkin.</li> + * <li><a + * href="http://csrc.nist.gov/encryption/modes/Recommendation/Modes01.pdf"> + * Recommendation for Block Cipher Modes of Operation Methods and Techniques</a>, + * Morris Dworkin.</li> * </ol> */ -public class OFB extends BaseMode implements Cloneable +public class OFB + extends BaseMode + implements Cloneable { - - // Constants and variables - // ------------------------------------------------------------------------- - private byte[] outputBlock; - // Constructor(s) - // ------------------------------------------------------------------------- - /** - * <p>Trivial package-private constructor for use by the Factory class.</p> - * + * Trivial package-private constructor for use by the Factory class. + * * @param underlyingCipher the underlying cipher implementation. * @param cipherBlockSize the underlying cipher block size to use. */ @@ -140,8 +135,8 @@ public class OFB extends BaseMode implements Cloneable } /** - * <p>Private constructor for cloning purposes.</p> - * + * Private constructor for cloning purposes. + * * @param that the mode to clone. */ private OFB(OFB that) @@ -149,28 +144,15 @@ public class OFB extends BaseMode implements Cloneable this((IBlockCipher) that.cipher.clone(), that.cipherBlockSize); } - // Class methods - // ------------------------------------------------------------------------- - - // Instance methods - // ------------------------------------------------------------------------- - - // java.lang.Cloneable interface implementation ---------------------------- - public Object clone() { return new OFB(this); } - // Implementation of abstract methods in BaseMode -------------------------- - public void setup() { if (modeBlockSize != cipherBlockSize) - { - throw new IllegalArgumentException(IMode.MODE_BLOCK_SIZE); - } - + throw new IllegalArgumentException(IMode.MODE_BLOCK_SIZE); outputBlock = (byte[]) iv.clone(); } @@ -182,13 +164,11 @@ public class OFB extends BaseMode implements Cloneable { cipher.encryptBlock(outputBlock, 0, outputBlock, 0); for (int j = 0; j < cipherBlockSize;) - { - out[o++] = (byte) (in[i++] ^ outputBlock[j++]); - } + out[o++] = (byte)(in[i++] ^ outputBlock[j++]); } public void decryptBlock(byte[] in, int i, byte[] out, int o) { this.encryptBlock(in, i, out, o); } -}
\ No newline at end of file +} |
