Home Explore Help
Sign In
nnesse
/
minwin-gcc-5-2
Watch 1
Star 0
Fork 0
Files Issues 0 Pull Requests 0 Wiki
Tree: f5de7b477e
Branches Tags
minwin-gcc-5-2
/
libjava
/
classpath
/
gnu
/
javax
/
crypto
/
mode
/
ICM.java

ICM.java 6.5 KB
History Raw

123456789101112131415161718192021222324252627282930313233343536373839404142434445464748495051525354555657585960616263646566676869707172737475767778798081828384858687888990919293949596979899100101102103104105106107108109110111112113114115116117118119120121122123124125126127128129130131132133134135136137138139140141142143144145146147148149150151152153154155156157158159160161162163164165166167168169170171172173174175176177178179180181182 
  1. /* ICM.java --
    2. 

  2.    Copyright (C) 2001, 2002, 2003, 2006 Free Software Foundation, Inc.
    3. 

  3. 

  4. This file is a part of GNU Classpath.
    5. 

  5. 

  6. GNU Classpath is free software; you can redistribute it and/or modify
    7. 

  7. it under the terms of the GNU General Public License as published by
    8. 

  8. the Free Software Foundation; either version 2 of the License, or (at
    9. 

  9. your option) any later version.
    10. 

  10. 

  11. GNU Classpath is distributed in the hope that it will be useful, but
    12. 

  12. WITHOUT ANY WARRANTY; without even the implied warranty of
    13. 

  13. MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE.  See the GNU
    14. 

  14. General Public License for more details.
    15. 

  15. 

  16. You should have received a copy of the GNU General Public License
    17. 

  17. along with GNU Classpath; if not, write to the Free Software
    18. 

  18. Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301
    19. 

  19. USA
    20. 

  20. 

  21. Linking this library statically or dynamically with other modules is
    22. 

  22. making a combined work based on this library.  Thus, the terms and
    23. 

  23. conditions of the GNU General Public License cover the whole
    24. 

  24. combination.
    25. 

  25. 

  26. As a special exception, the copyright holders of this library give you
    27. 

  27. permission to link this library with independent modules to produce an
    28. 

  28. executable, regardless of the license terms of these independent
    29. 

  29. modules, and to copy and distribute the resulting executable under
    30. 

  30. terms of your choice, provided that you also meet, for each linked
    31. 

  31. independent module, the terms and conditions of the license of that
    32. 

  32. module.  An independent module is a module which is not derived from
    33. 

  33. or based on this library.  If you modify this library, you may extend
    34. 

  34. this exception to your version of the library, but you are not
    35. 

  35. obligated to do so.  If you do not wish to do so, delete this
    36. 

  36. exception statement from your version.  */
    37. 

  37. 

  38. 

  39. package gnu.javax.crypto.mode;
    40. 

  40. 

  41. import gnu.java.security.Registry;
    42. 

  42. import gnu.javax.crypto.cipher.IBlockCipher;
    43. 

  43. 

  44. import java.math.BigInteger;
    45. 

  45. 

  46. /**
    47. 

  47.  * An implementation of <i>David McGrew</i> Integer Counter Mode (ICM) as an
    48. 

  48.  * {@link IMode}.
    49. 

  49.  * <p>
    50. 

  50.  * ICM is a way to define a pseudorandom keystream generator using a block
    51. 

  51.  * cipher. The keystream can be used for additive encryption, key derivation, or
    52. 

  52.  * any other application requiring pseudorandom data. In the case of this class,
    53. 

  53.  * it is used as additive encryption, XOR-ing the keystream with the input text
    54. 

  54.  * --for both encryption and decryption.
    55. 

  55.  * <p>
    56. 

  56.  * In ICM, the keystream is logically broken into segments. Each segment is
    57. 

  57.  * identified with a segment index, and the segments have equal lengths. This
    58. 

  58.  * segmentation makes ICM especially appropriate for securing packet-based
    59. 

  59.  * protocols. ICM also allows a variety of configurations based, among other
    60. 

  60.  * things, on two parameters: the <i>block index length</i> and the <i>segment
    61. 

  61.  * index length</i>. A constraint on those two values exists: The sum of
    62. 

  62.  * <i>segment index length</i> and <i>block index length</i> <b>must not</b>
    63. 

  63.  * half the <i>block size</i> of the underlying cipher. This requirement
    64. 

  64.  * protects the ICM keystream generator from potentially failing to be
    65. 

  65.  * pseudorandom.
    66. 

  66.  * <p>
    67. 

  67.  * For simplicity, this implementation, fixes these two values to the following:
    68. 

  68.  * <ul>
    69. 

  69.  * <li>block index length: is half the underlying cipher block size, and</li>
    70. 

  70.  * <li>segment index length: is zero.</li>
    71. 

  71.  * </ul>
    72. 

  72.  * <p>
    73. 

  73.  * For a 128-bit block cipher, the above values imply a maximum keystream length
    74. 

  74.  * of 295,147,905,179,352,825,856 octets, since in ICM, each segment must not
    75. 

  75.  * exceed the value
    76. 

  76.  * <code>(256 ^ <i>block index length</i>) * <i>block length</i></code>
    77. 

  77.  * octets.
    78. 

  78.  * <p>
    79. 

  79.  * Finally, for this implementation of the ICM, the IV placeholder will be used
    80. 

  80.  * to pass the value of the <i>Offset</i> in the keystream segment.
    81. 

  81.  * <p>
    82. 

  82.  * References:
    83. 

  83.  * <ol>
    84. 

  84.  * <li><a
    85. 

  85.  * href="http://www.ietf.org/internet-drafts/draft-mcgrew-saag-icm-00.txt">
    86. 

  86.  * Integer Counter Mode</a>, David A. McGrew.</li>
    87. 

  87.  * </ol>
    88. 

  88.  */
    89. 

  89. public class ICM
    90. 

  90.     extends BaseMode
    91. 

  91.     implements Cloneable
    92. 

  92. {
    93. 

  93.   /** The integer value 256 as a BigInteger. */
    94. 

  94.   private static final BigInteger TWO_FIFTY_SIX = new BigInteger("256");
    95. 

  95.   /** Maximum number of blocks per segment. */
    96. 

  96.   private BigInteger maxBlocksPerSegment;
    97. 

  97.   /** A work constant. */
    98. 

  98.   private BigInteger counterRange;
    99. 

  99.   /** The initial counter for a given keystream segment. */
    100. 

  100.   private BigInteger C0;
    101. 

  101.   /** The index of the next block for a given keystream segment. */
    102. 

  102.   private BigInteger blockNdx;
    103. 

  103. 

  104.   /**
    105. 

  105.    * Trivial package-private constructor for use by the Factory class.
    106. 

  106.    *
    107. 

  107.    * @param underlyingCipher the underlying cipher implementation.
    108. 

  108.    * @param cipherBlockSize the underlying cipher block size to use.
    109. 

  109.    */
    110. 

  110.   ICM(IBlockCipher underlyingCipher, int cipherBlockSize)
    111. 

  111.   {
    112. 

  112.     super(Registry.ICM_MODE, underlyingCipher, cipherBlockSize);
    113. 

  113.   }
    114. 

  114. 

  115.   /**
    116. 

  116.    * Private constructor for cloning purposes.
    117. 

  117.    *
    118. 

  118.    * @param that the instance to clone.
    119. 

  119.    */
    120. 

  120.   private ICM(ICM that)
    121. 

  121.   {
    122. 

  122.     this((IBlockCipher) that.cipher.clone(), that.cipherBlockSize);
    123. 

  123.   }
    124. 

  124. 

  125.   public Object clone()
    126. 

  126.   {
    127. 

  127.     return new ICM(this);
    128. 

  128.   }
    129. 

  129. 

  130.   public void setup()
    131. 

  131.   {
    132. 

  132.     if (modeBlockSize != cipherBlockSize)
    133. 

  133.       throw new IllegalArgumentException();
    134. 

  134.     counterRange = TWO_FIFTY_SIX.pow(cipherBlockSize);
    135. 

  135.     maxBlocksPerSegment = TWO_FIFTY_SIX.pow(cipherBlockSize / 2);
    136. 

  136.     BigInteger r = new BigInteger(1, iv);
    137. 

  137.     C0 = maxBlocksPerSegment.add(r).modPow(BigInteger.ONE, counterRange);
    138. 

  138.     blockNdx = BigInteger.ZERO;
    139. 

  139.   }
    140. 

  140. 

  141.   public void teardown()
    142. 

  142.   {
    143. 

  143.     counterRange = null;
    144. 

  144.     maxBlocksPerSegment = null;
    145. 

  145.     C0 = null;
    146. 

  146.     blockNdx = null;
    147. 

  147.   }
    148. 

  148. 

  149.   public void encryptBlock(byte[] in, int i, byte[] out, int o)
    150. 

  150.   {
    151. 

  151.     icm(in, i, out, o);
    152. 

  152.   }
    153. 

  153. 

  154.   public void decryptBlock(byte[] in, int i, byte[] out, int o)
    155. 

  155.   {
    156. 

  156.     icm(in, i, out, o);
    157. 

  157.   }
    158. 

  158. 

  159.   private void icm(byte[] in, int inOffset, byte[] out, int outOffset)
    160. 

  160.   {
    161. 

  161.     if (blockNdx.compareTo(maxBlocksPerSegment) >= 0)
    162. 

  162.       throw new RuntimeException("Maximum blocks for segment reached");
    163. 

  163.     BigInteger Ci = C0.add(blockNdx).modPow(BigInteger.ONE, counterRange);
    164. 

  164.     byte[] result = Ci.toByteArray();
    165. 

  165.     int limit = result.length;
    166. 

  166.     int ndx = 0;
    167. 

  167.     if (limit < cipherBlockSize)
    168. 

  168.       {
    169. 

  169.         byte[] data = new byte[cipherBlockSize];
    170. 

  170.         System.arraycopy(result, 0, data, cipherBlockSize - limit, limit);
    171. 

  171.         result = data;
    172. 

  172.       }
    173. 

  173.     else if (limit > cipherBlockSize)
    174. 

  174.       ndx = limit - cipherBlockSize;
    175. 

  175. 

  176.     cipher.encryptBlock(result, ndx, result, ndx);
    177. 

  177.     blockNdx = blockNdx.add(BigInteger.ONE); // increment blockNdx
    178. 

  178.     for (int i = 0; i < modeBlockSize; i++) // xor result with input block
    179. 

  179.       out[outOffset++] = (byte)(in[inOffset++] ^ result[ndx++]);
    180. 

  180.   }
    181. 

  181. }
    182. 

  182.