2362N/A * Copyright (c) 2004, 2009, Oracle and/or its affiliates. All rights reserved. 0N/A * DO NOT ALTER OR REMOVE COPYRIGHT NOTICES OR THIS FILE HEADER. 0N/A * This code is free software; you can redistribute it and/or modify it 0N/A * under the terms of the GNU General Public License version 2 only, as 2362N/A * published by the Free Software Foundation. Oracle designates this 0N/A * particular file as subject to the "Classpath" exception as provided 2362N/A * by Oracle in the LICENSE file that accompanied this code. 0N/A * This code is distributed in the hope that it will be useful, but WITHOUT 0N/A * ANY WARRANTY; without even the implied warranty of MERCHANTABILITY or 0N/A * FITNESS FOR A PARTICULAR PURPOSE. See the GNU General Public License 0N/A * version 2 for more details (a copy is included in the LICENSE file that 0N/A * accompanied this code). 0N/A * You should have received a copy of the GNU General Public License version 0N/A * 2 along with this work; if not, write to the Free Software Foundation, 0N/A * Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA. 2362N/A * Please contact Oracle, 500 Oracle Parkway, Redwood Shores, CA 94065 USA 2362N/A * or visit www.oracle.com if you need additional information or have any 0N/A * This class implements the CMS DESede KeyWrap algorithm as defined 0N/A * "XML Encryption Syntax and Processing" section 5.6.2 0N/A * "CMS Triple DES Key Wrap". 0N/A * Note: only <code>CBC</code> mode and <code>NoPadding</code> padding 0N/A * scheme can be used for this algorithm. 0N/A * @author Valerie Peng 0N/A private static final byte[]
IV2 = {
0N/A (
byte)
0x4a, (
byte)
0xdd, (
byte)
0xa2, (
byte)
0x2c,
0N/A (
byte)
0x79, (
byte)
0xe8, (
byte)
0x21, (
byte)
0x05 0N/A * internal cipher object which does the real work. 0N/A * iv for (re-)initializing the internal cipher object. 0N/A * key for re-initializing the internal cipher object. 0N/A * are we encrypting or decrypting? 0N/A * Creates an instance of CMS DESede KeyWrap cipher with default 0N/A * mode, i.e. "CBC" and padding scheme, i.e. "NoPadding". 0N/A * Sets the mode of this cipher. Only "CBC" mode is accepted for this 0N/A * @param mode the cipher mode. 0N/A * @exception NoSuchAlgorithmException if the requested cipher mode 0N/A * Sets the padding mechanism of this cipher. Only "NoPadding" schmem 0N/A * is accepted for this cipher. 0N/A * @param padding the padding mechanism. 0N/A * @exception NoSuchPaddingException if the requested padding mechanism 0N/A * is not "NoPadding". 0N/A * Returns the block size (in bytes), i.e. 8 bytes. 0N/A * @return the block size (in bytes), i.e. 8 bytes. 0N/A * Returns the length in bytes that an output buffer would need to be 0N/A * given the input length <code>inputLen</code> (in bytes). 0N/A * <p>The actual output length of the next <code>update</code> or 0N/A * <code>doFinal</code> call may be smaller than the length returned 0N/A * @param inputLen the input length (in bytes). 0N/A * @return the required output buffer size (in bytes). 0N/A // can only return an upper-limit if not initialized yet. 0N/A * Returns the initialization vector (IV) in a new buffer. 0N/A * @return the initialization vector, or null if the underlying 0N/A * algorithm does not use an IV, or if the IV has not yet 0N/A * Initializes this cipher with a key and a source of randomness. 0N/A * <p>The cipher only supports the following two operation modes:<b> 0N/A * Cipher.WRAP_MODE, and <b> 0N/A * Cipher.UNWRAP_MODE. 0N/A * <p>For modes other than the above two, UnsupportedOperationException 0N/A * <p>If this cipher requires an initialization vector (IV), it will get 0N/A * it from <code>random</code>. 0N/A * @param opmode the operation mode of this cipher. Only 0N/A * <code>WRAP_MODE</code> or <code>UNWRAP_MODE</code>) are accepted. 0N/A * @param key the secret key. 0N/A * @param random the source of randomness. 0N/A * @exception InvalidKeyException if the given key is inappropriate 0N/A * or if parameters are required but not supplied. 0N/A // should never happen 0N/A * Initializes this cipher with a key, a set of algorithm parameters, 0N/A * and a source of randomness. 0N/A * <p>The cipher only supports the following two operation modes:<b> 0N/A * Cipher.WRAP_MODE, and <b> 0N/A * Cipher.UNWRAP_MODE. 0N/A * <p>For modes other than the above two, UnsupportedOperationException 0N/A * <p>If this cipher requires an initialization vector (IV), it will get 0N/A * it from <code>random</code>. 0N/A * @param opmode the operation mode of this cipher. Only 0N/A * <code>WRAP_MODE</code> or <code>UNWRAP_MODE</code>) are accepted. 0N/A * @param key the secret key. 0N/A * @param params the algorithm parameters. 0N/A * @param random the source of randomness. 0N/A * @exception InvalidKeyException if the given key is inappropriate. 0N/A * @exception InvalidAlgorithmParameterException if the given algorithm 0N/A * parameters are inappropriate for this cipher. 0N/A (
"Wrong parameter type: IV expected");
0N/A (
"No parameter accepted for unwrapping keys");
0N/A "only be used for key wrapping and unwrapping");
0N/A * Initializes this cipher with a key, a set of algorithm parameters, 0N/A * and a source of randomness. 0N/A * <p>The cipher only supports the following two operation modes:<b> 0N/A * Cipher.WRAP_MODE, and <b> 0N/A * Cipher.UNWRAP_MODE. 0N/A * <p>For modes other than the above two, UnsupportedOperationException 0N/A * <p>If this cipher requires an initialization vector (IV), it will get 0N/A * it from <code>random</code>. 0N/A * @param opmode the operation mode of this cipher. Only 0N/A * <code>WRAP_MODE</code> or <code>UNWRAP_MODE</code>) are accepted. 0N/A * @param key the secret key. 0N/A * @param params the algorithm parameters. 0N/A * @param random the source of randomness. 0N/A * @exception InvalidKeyException if the given key is inappropriate. 0N/A * @exception InvalidAlgorithmParameterException if the given algorithm 0N/A * parameters are inappropriate for this cipher. 0N/A (
"Wrong parameter type: IV expected");
0N/A * This operation is not supported by this cipher. 0N/A * Since it's impossible to initialize this cipher given the 0N/A * current Cipher.engineInit(...) implementation, 0N/A * IllegalStateException will always be thrown upon invocation. 0N/A * @param in the input buffer. 0N/A * @param inOffset the offset in <code>in</code> where the input 0N/A * @param inLen the input length. 0N/A * @exception IllegalStateException upon invocation of this method. 0N/A * This operation is not supported by this cipher. 0N/A * Since it's impossible to initialize this cipher given the 0N/A * current Cipher.engineInit(...) implementation, 0N/A * IllegalStateException will always be thrown upon invocation. 0N/A * @param in the input buffer. 0N/A * @param inOffset the offset in <code>in</code> where the input 0N/A * @param inLen the input length. 0N/A * @param out the buffer for the result. 0N/A * @param outOffset the offset in <code>out</code> where the result 0N/A * @exception IllegalStateException upon invocation of this method. 0N/A * This operation is not supported by this cipher. 0N/A * Since it's impossible to initialize this cipher given the 0N/A * current Cipher.engineInit(...) implementation, 0N/A * IllegalStateException will always be thrown upon invocation. 0N/A * @param in the input buffer. 0N/A * @param inOffset the offset in <code>in</code> where the input 0N/A * @param inLen the input length. 0N/A * @return the new buffer with the result. 0N/A * @exception IllegalStateException upon invocation of this method. 0N/A * This operation is not supported by this cipher. 0N/A * Since it's impossible to initialize this cipher given the 0N/A * current Cipher.engineInit(...) implementation, 0N/A * IllegalStateException will always be thrown upon invocation. 0N/A * @param in the input buffer. 0N/A * @param inOffset the offset in <code>in</code> where the input 0N/A * @param inLen the input length. 0N/A * @param out the buffer for the result. 0N/A * @param outOffset the ofset in <code>out</code> where the result 0N/A * @return the number of bytes stored in <code>out</code>. 0N/A * @exception IllegalStateException upon invocation of this method. 0N/A * Returns the parameters used with this cipher. 0N/A * Note that null maybe returned if this cipher does not use any 0N/A * parameters or when it has not be set, e.g. initialized with 0N/A * UNWRAP_MODE but wrapped key data has not been given. 0N/A * @return the parameters used with this cipher; can be null. 0N/A // should never happen 0N/A " AlgorithmParameters implementation in SunJCE provider");
0N/A // should never happen 0N/A // should never happen 0N/A * Returns the key size of the given key object in number of bits. 0N/A * This cipher always return the same key size as the DESede ciphers. 0N/A * @param key the key object. 0N/A * @return the "effective" key size of the given key object. 0N/A * @exception InvalidKeyException if <code>key</code> is invalid. 0N/A // Return the effective key length 0N/A * @param key the key to be wrapped. 0N/A * @return the wrapped key. 0N/A * @exception IllegalBlockSizeException if this cipher is a block 0N/A * cipher, no padding has been requested, and the length of the 0N/A * encoding of the key to be wrapped is not a 0N/A * multiple of the block size. 0N/A * @exception InvalidKeyException if it is impossible or unsafe to 0N/A * wrap the key with this cipher (e.g., a hardware protected key is 0N/A * being passed to a software only cipher). 0N/A "the key to be wrapped");
0N/A // reverse the array content 0N/A // should never happen 0N/A // restore cipher state to prior to this call 0N/A // should never happen 0N/A * Unwrap a previously wrapped key. 0N/A * @param wrappedKey the key to be unwrapped. 0N/A * @param wrappedKeyAlgorithm the algorithm the wrapped key is for. 0N/A * @param wrappedKeyType the type of the wrapped key. 0N/A * This is one of <code>Cipher.SECRET_KEY</code>, 0N/A * <code>Cipher.PRIVATE_KEY</code>, or <code>Cipher.PUBLIC_KEY</code>. 0N/A * @return the unwrapped key. 0N/A * @exception NoSuchAlgorithmException if no installed providers 0N/A * can create keys of type <code>wrappedKeyType</code> for the 0N/A * <code>wrappedKeyAlgorithm</code>. 0N/A * @exception InvalidKeyException if <code>wrappedKey</code> does not 0N/A * represent a wrapped key of type <code>wrappedKeyType</code> for 0N/A * the <code>wrappedKeyAlgorithm</code>. 0N/A // reverse array content 0N/A // restore cipher state to prior to this call