/* * Copyright (c) 1997, 2010, Oracle and/or its affiliates. All rights reserved. * DO NOT ALTER OR REMOVE COPYRIGHT NOTICES OR THIS FILE HEADER. * * This code is free software; you can redistribute it and/or modify it * under the terms of the GNU General Public License version 2 only, as * published by the Free Software Foundation. Oracle designates this * particular file as subject to the "Classpath" exception as provided * by Oracle in the LICENSE file that accompanied this code. * * This code is distributed in the hope that it will be useful, but WITHOUT * ANY WARRANTY; without even the implied warranty of MERCHANTABILITY or * FITNESS FOR A PARTICULAR PURPOSE. See the GNU General Public License * version 2 for more details (a copy is included in the LICENSE file that * accompanied this code). * * You should have received a copy of the GNU General Public License version * 2 along with this work; if not, write to the Free Software Foundation, * Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA. * * Please contact Oracle, 500 Oracle Parkway, Redwood Shores, CA 94065 USA * or visit www.oracle.com if you need additional information or have any * questions. */ package com.sun.crypto.provider; import java.security.*; import java.security.spec.*; import javax.crypto.*; import javax.crypto.spec.*; /** * This class implements the DESede algorithm (DES-EDE, tripleDES) in * its various modes (ECB, CFB, OFB, * CBC, PCBC) and padding schemes * (PKCS5Padding, NoPadding, * ISO10126Padding). * * @author Gigi Ankeny * * * @see DESCipher */ public final class DESedeCipher extends CipherSpi { /* * internal CipherCore object which does the real work. */ private CipherCore core = null; /** * Creates an instance of DESede cipher with default ECB mode and * PKCS5Padding. */ public DESedeCipher() { core = new CipherCore(new DESedeCrypt(), DESConstants.DES_BLOCK_SIZE); } /** * Sets the mode of this cipher. * * @param mode the cipher mode * * @exception NoSuchAlgorithmException if the requested cipher mode does * not exist */ protected void engineSetMode(String mode) throws NoSuchAlgorithmException { core.setMode(mode); } /** * Sets the padding mechanism of this cipher. * * @param padding the padding mechanism * * @exception NoSuchPaddingException if the requested padding mechanism * does not exist */ protected void engineSetPadding(String paddingScheme) throws NoSuchPaddingException { core.setPadding(paddingScheme); } /** * Returns the block size (in bytes). * * @return the block size (in bytes), or 0 if the underlying algorithm is * not a block cipher */ protected int engineGetBlockSize() { return DESConstants.DES_BLOCK_SIZE; } /** * Returns the length in bytes that an output buffer would need to be in * order to hold the result of the next update or * doFinal operation, given the input length * inputLen (in bytes). * *

This call takes into account any unprocessed (buffered) data from a * previous update call, and padding. * *

The actual output length of the next update or * doFinal call may be smaller than the length returned by * this method. * * @param inputLen the input length (in bytes) * * @return the required output buffer size (in bytes) */ protected int engineGetOutputSize(int inputLen) { return core.getOutputSize(inputLen); } /** * Returns the initialization vector (IV) in a new buffer. * *

This is useful in the case where a random IV has been created * (see init), * or in the context of password-based encryption or * decryption, where the IV is derived from a user-provided password. * * @return the initialization vector in a new buffer, or null if the * underlying algorithm does not use an IV, or if the IV has not yet * been set. */ protected byte[] engineGetIV() { return core.getIV(); } /** * Initializes this cipher with a key and a source of randomness. * *

The cipher is initialized for one of the following four operations: * encryption, decryption, key wrapping or key unwrapping, depending on * the value of opmode. * *

If this cipher requires an initialization vector (IV), it will get * it from random. * This behaviour should only be used in encryption or key wrapping * mode, however. * When initializing a cipher that requires an IV for decryption or * key unwrapping, the IV * (same IV that was used for encryption or key wrapping) must be provided * explicitly as a * parameter, in order to get the correct result. * *

This method also cleans existing buffer and other related state * information. * * @param opmode the operation mode of this cipher (this is one of * the following: * ENCRYPT_MODE, DECRYPT_MODE, * WRAP_MODE or UNWRAP_MODE) * @param key the secret key * @param random the source of randomness * * @exception InvalidKeyException if the given key is inappropriate for * initializing this cipher */ protected void engineInit(int opmode, Key key, SecureRandom random) throws InvalidKeyException { core.init(opmode, key, random); } /** * Initializes this cipher with a key, a set of * algorithm parameters, and a source of randomness. * *

The cipher is initialized for one of the following four operations: * encryption, decryption, key wrapping or key unwrapping, depending on * the value of opmode. * *

If this cipher (including its underlying feedback or padding scheme) * requires any random bytes, it will get them from random. * * @param opmode the operation mode of this cipher (this is one of * the following: * ENCRYPT_MODE, DECRYPT_MODE, * WRAP_MODE or UNWRAP_MODE) * @param key the encryption key * @param params the algorithm parameters * @param random the source of randomness * * @exception InvalidKeyException if the given key is inappropriate for * initializing this cipher * @exception InvalidAlgorithmParameterException if the given algorithm * parameters are inappropriate for this cipher */ protected void engineInit(int opmode, Key key, AlgorithmParameterSpec params, SecureRandom random) throws InvalidKeyException, InvalidAlgorithmParameterException { core.init(opmode, key, params, random); } protected void engineInit(int opmode, Key key, AlgorithmParameters params, SecureRandom random) throws InvalidKeyException, InvalidAlgorithmParameterException { core.init(opmode, key, params, random); } /** * Continues a multiple-part encryption or decryption operation * (depending on how this cipher was initialized), processing another data * part. * *

The first inputLen bytes in the input * buffer, starting at inputOffset, are processed, and the * result is stored in a new buffer. * * @param input the input buffer * @param inputOffset the offset in input where the input * starts * @param inputLen the input length * * @return the new buffer with the result * * @exception IllegalStateException if this cipher is in a wrong state * (e.g., has not been initialized) */ protected byte[] engineUpdate(byte[] input, int inputOffset, int inputLen) { return core.update(input, inputOffset, inputLen); } /** * Continues a multiple-part encryption or decryption operation * (depending on how this cipher was initialized), processing another data * part. * *

The first inputLen bytes in the input * buffer, starting at inputOffset, are processed, and the * result is stored in the output buffer, starting at * outputOffset. * * @param input the input buffer * @param inputOffset the offset in input where the input * starts * @param inputLen the input length * @param output the buffer for the result * @param outputOffset the offset in output where the result * is stored * * @return the number of bytes stored in output * * @exception ShortBufferException if the given output buffer is too small * to hold the result */ protected int engineUpdate(byte[] input, int inputOffset, int inputLen, byte[] output, int outputOffset) throws ShortBufferException { return core.update(input, inputOffset, inputLen, output, outputOffset); } /** * Encrypts or decrypts data in a single-part operation, * or finishes a multiple-part operation. * The data is encrypted or decrypted, depending on how this cipher was * initialized. * *

The first inputLen bytes in the input * buffer, starting at inputOffset, and any input bytes that * may have been buffered during a previous update operation, * are processed, with padding (if requested) being applied. * The result is stored in a new buffer. * *

The cipher is reset to its initial state (uninitialized) after this * call. * * @param input the input buffer * @param inputOffset the offset in input where the input * starts * @param inputLen the input length * * @return the new buffer with the result * * @exception IllegalBlockSizeException if this cipher is a block cipher, * no padding has been requested (only in encryption mode), and the total * input length of the data processed by this cipher is not a multiple of * block size * @exception BadPaddingException if this cipher is in decryption mode, * and (un)padding has been requested, but the decrypted data is not * bounded by the appropriate padding bytes */ protected byte[] engineDoFinal(byte[] input, int inputOffset, int inputLen) throws IllegalBlockSizeException, BadPaddingException { return core.doFinal(input, inputOffset, inputLen); } /** * Encrypts or decrypts data in a single-part operation, * or finishes a multiple-part operation. * The data is encrypted or decrypted, depending on how this cipher was * initialized. * *

The first inputLen bytes in the input * buffer, starting at inputOffset, and any input bytes that * may have been buffered during a previous update operation, * are processed, with padding (if requested) being applied. * The result is stored in the output buffer, starting at * outputOffset. * *

The cipher is reset to its initial state (uninitialized) after this * call. * * @param input the input buffer * @param inputOffset the offset in input where the input * starts * @param inputLen the input length * @param output the buffer for the result * @param outputOffset the offset in output where the result * is stored * * @return the number of bytes stored in output * * @exception IllegalBlockSizeException if this cipher is a block cipher, * no padding has been requested (only in encryption mode), and the total * input length of the data processed by this cipher is not a multiple of * block size * @exception ShortBufferException if the given output buffer is too small * to hold the result * @exception BadPaddingException if this cipher is in decryption mode, * and (un)padding has been requested, but the decrypted data is not * bounded by the appropriate padding bytes */ protected int engineDoFinal(byte[] input, int inputOffset, int inputLen, byte[] output, int outputOffset) throws IllegalBlockSizeException, ShortBufferException, BadPaddingException { return core.doFinal(input, inputOffset, inputLen, output, outputOffset); } /** * Returns the parameters used with this cipher. * *

The returned parameters may be the same that were used to initialize * this cipher, or may contain the default set of parameters or a set of * randomly generated parameters used by the underlying cipher * implementation (provided that the underlying cipher implementation * uses a default set of parameters or creates new parameters if it needs * parameters but was not initialized with any). * * @return the parameters used with this cipher, or null if this cipher * does not use any parameters. */ protected AlgorithmParameters engineGetParameters() { return core.getParameters("DESede"); } /** * Returns the key size of the given key object. * * @param key the key object. * * @return the "effective" key size of the given key object. * * @exception InvalidKeyException if key is invalid. */ protected int engineGetKeySize(Key key) throws InvalidKeyException { byte[] encoded = key.getEncoded(); if (encoded.length != 24) { throw new InvalidKeyException("Invalid key length: " + encoded.length + " bytes"); } // Return the effective key length return 112; } /** * Wrap a key. * * @param key the key to be wrapped. * * @return the wrapped key. * * @exception IllegalBlockSizeException if this cipher is a block * cipher, no padding has been requested, and the length of the * encoding of the key to be wrapped is not a * multiple of the block size. * * @exception InvalidKeyException if it is impossible or unsafe to * wrap the key with this cipher (e.g., a hardware protected key is * being passed to a software only cipher). */ protected byte[] engineWrap(Key key) throws IllegalBlockSizeException, InvalidKeyException { return core.wrap(key); } /** * Unwrap a previously wrapped key. * * @param wrappedKey the key to be unwrapped. * * @param wrappedKeyAlgorithm the algorithm the wrapped key is for. * * @param wrappedKeyType the type of the wrapped key. * This is one of Cipher.SECRET_KEY, * Cipher.PRIVATE_KEY, or Cipher.PUBLIC_KEY. * * @return the unwrapped key. * * @exception NoSuchAlgorithmException if no installed providers * can create keys of type wrappedKeyType for the * wrappedKeyAlgorithm. * * @exception InvalidKeyException if wrappedKey does not * represent a wrapped key of type wrappedKeyType for * the wrappedKeyAlgorithm. */ protected Key engineUnwrap(byte[] wrappedKey, String wrappedKeyAlgorithm, int wrappedKeyType) throws InvalidKeyException, NoSuchAlgorithmException { return core.unwrap(wrappedKey, wrappedKeyAlgorithm, wrappedKeyType); } }