/*
* DO NOT ALTER OR REMOVE COPYRIGHT NOTICES OR THIS FILE HEADER.
*
* under the terms of the GNU General Public License version 2 only, as
* published by the Free Software Foundation. Oracle designates this
* particular file as subject to the "Classpath" exception as provided
* by Oracle in the LICENSE file that accompanied this code.
*
* This code is distributed in the hope that it will be useful, but WITHOUT
* ANY WARRANTY; without even the implied warranty of MERCHANTABILITY or
* FITNESS FOR A PARTICULAR PURPOSE. See the GNU General Public License
* version 2 for more details (a copy is included in the LICENSE file that
* accompanied this code).
*
* You should have received a copy of the GNU General Public License version
* 2 along with this work; if not, write to the Free Software Foundation,
* Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA.
*
* Please contact Oracle, 500 Oracle Parkway, Redwood Shores, CA 94065 USA
* or visit www.oracle.com if you need additional information or have any
* questions.
*/
/**
* Utility class for DIGEST-MD5 mechanism. Provides utility methods
* and contains two inner classes which implement the SecurityCtx
* interface. The inner classes provide the funtionality to allow
* for quality-of-protection (QOP) with integrity checking and
* privacy.
*
* @author Jonathan Bruce
* @author Rosanna Lee
*/
/* ------------------------- Constants ------------------------ */
// Used for logging
/* Constants - defined in RFC2831 */
/* Supported ciphers for 'auth-conf' */
"rc4",
"des",
"rc4-56",
"rc4-40" };
"RC4",
};
/*
* If QOP is set to 'auth-conf', a DIGEST-MD5 mechanism must have
* support for the DES and Triple DES cipher algorithms (optionally,
* support for RC4 [128/56/40 bit keys] ciphers) to provide for
* confidentiality. See RFC 2831 for details. This implementation
* provides support for DES, Triple DES and RC4 ciphers.
*
* The value of strength effects the strength of cipher used. The mappings
* of 'high', 'medium', and 'low' give the following behaviour.
*
* HIGH_STRENGTH - Triple DES
* - RC4 (128bit)
* MEDIUM_STRENGTH - DES
* - RC4 (56bit)
* LOW_SRENGTH - RC4 (40bit)
*/
":00000000000000000000000000000000";
/* ------------------- Variable Fields ----------------------- */
/* Used to track progress of authentication; step numbers from RFC 2831 */
protected int step;
/* Used to obtain authorization, pw info, canonicalized authzid for server */
protected boolean useUTF8 = false;
/**
* Constucts an instance of DigestMD5Base. Calls super constructor
* to parse properties for mechanism.
*
* @param className name of class to use for logging
* @param firstStep number of first step in authentication state machine
* @param digestUri digestUri used in authentication
* @param cbh callback handler used to get info required for auth
*
* @throws SaslException If invalid value found in props.
*/
}
/**
* Retrieves the SASL mechanism IANA name.
*
* @return The String "DIGEST-MD5"
*/
return "DIGEST-MD5";
}
/**
* Unwrap the incoming message using the wrap method of the secCtx object
* instance.
*
* @param incoming The byte array containing the incoming bytes.
* @param start The offset from which to read the byte array.
* @param len The number of bytes to read from the offset.
* @return The unwrapped message according to either the integrity or
* privacy quality-of-protection specifications.
* @throws SaslException if an error occurs when unwrapping the incoming
* message
*/
if (!completed) {
throw new IllegalStateException(
"DIGEST-MD5 authentication not completed");
}
throw new IllegalStateException(
"Neither integrity nor privacy was negotiated");
}
}
/**
* Wrap outgoing bytes using the wrap method of the secCtx object
* instance.
*
* @param outgoing The byte array containing the outgoing bytes.
* @param start The offset from which to read the byte array.
* @param len The number of bytes to read from the offset.
* @return The wrapped message according to either the integrity or
* privacy quality-of-protection specifications.
* @throws SaslException if an error occurs when wrapping the outgoing
* message
*/
if (!completed) {
throw new IllegalStateException(
"DIGEST-MD5 authentication not completed");
}
throw new IllegalStateException(
"Neither integrity nor privacy was negotiated");
}
}
}
}
if (completed) {
return negotiatedStrength;
} else {
return super.getNegotiatedProperty(propName);
}
} else {
throw new IllegalStateException(
"DIGEST-MD5 authentication not completed");
}
}
/* ----------------- Digest-MD5 utilities ---------------- */
/**
* Generate random-string used for digest-response.
* This method uses Random to get random bytes and then
* base64 encodes the bytes. Could also use binaryToHex() but this
* is slightly faster and a more compact representation of the same info.
* @return A non-null byte array containing the nonce value for the
* digest challenge or response.
* Could use SecureRandom to be more secure but it is very slow.
*/
/** This array maps the characters to their 6 bit values */
private final static char pem_array[] = {
// 0 1 2 3 4 5 6 7
'A','B','C','D','E','F','G','H', // 0
'I','J','K','L','M','N','O','P', // 1
'Q','R','S','T','U','V','W','X', // 2
'Y','Z','a','b','c','d','e','f', // 3
'g','h','i','j','k','l','m','n', // 4
'o','p','q','r','s','t','u','v', // 5
'w','x','y','z','0','1','2','3', // 6
'4','5','6','7','8','9','+','/' // 7
};
// Make sure that this is a multiple of 3
// Base 64 encoding turns each 3 bytes into 4
protected static final byte[] generateNonce() {
// SecureRandom random = new SecureRandom();
byte[] randomData = new byte[RAW_NONCE_SIZE];
byte[] nonce = new byte[ENCODED_NONCE_SIZE];
// Base64-encode bytes
byte a, b, c;
int j = 0;
a = randomData[i];
b = randomData[i+1];
c = randomData[i+2];
}
return nonce;
// %%% For testing using RFC 2831 example, uncomment the following 2 lines
// System.out.println("!!!Using RFC 2831's cnonce for testing!!!");
// return "OA6MHXh6VqTrRk".getBytes();
}
/**
* Checks if a byte[] contains characters that must be quoted
* and write the resulting, possibly escaped, characters to out.
*/
byte[] buf) {
byte ch;
for (int i = 0; i < len; i++) {
if (needEscape((char)ch)) {
}
}
}
// See Section 7.2 of RFC 2831; double-quote character is not allowed
// unless escaped; also escape the escape character and CTL chars except LWS
for (int i = 0; i < len; i++) {
return true;
}
}
return false;
}
// Determines whether a character needs to be escaped in a quoted string
// 0 <= ch <= 31 except CR, HT and LF
}
if (needEscape(str)) {
int j = 0;
char ch;
for (int i = 0; i < len; i++) {
if (needEscape(ch)) {
buf[j++] = '\\';
}
}
} else {
return str;
}
}
/**
* Convert a byte array to hexadecimal string.
*
* @param a non-null byte array
* @return a non-null String contain the HEX value
*/
} else {
}
}
}
/**
* Used to convert username-value, passwd or realm to 8859_1 encoding
* if all chars in string are within the 8859_1 (Latin 1) encoding range.
*
* @param a non-null String
* @return a non-nuill byte array containing the correct character encoding
* for username, paswd or realm.
*/
try {
if (useUTF8) {
if( buffer[i] > '\u00FF' ) {
}
}
}
} catch (UnsupportedEncodingException e) {
throw new SaslException(
"cannot encode string in UTF8 or 8859-1 (Latin-1)", e);
}
}
protected static byte[] getPlatformCiphers() {
try {
// Checking whether the transformation is available from the
// current installed providers.
ciphers[i] |= CIPHER_MASKS[i];
} catch (NoSuchAlgorithmException e) {
// no implementation found for requested algorithm.
} catch (NoSuchPaddingException e) {
// no implementation found for requested algorithm.
}
}
}
return ciphers;
}
/**
* Assembles response-value for digest-response.
*
* @param authMethod "AUTHENTICATE" for client-generated response;
* "" for server-generated response
* @return A non-null byte array containing the repsonse-value.
* @throws NoSuchAlgorithmException if the platform does not have MD5
* digest support.
* @throws UnsupportedEncodingException if a an error occurs
* encoding a string into either Latin-1 or UTF-8.
* @throws IOException if an error occurs writing to the output
* byte array buffer.
*/
protected byte[] generateResponseValue(
char[] passwdValue,
byte[] nonceValue,
byte[] cNonceValue,
int nonceCount,
byte[] authzidValue
) throws NoSuchAlgorithmException,
// A2
// --
// A2 = { "AUTHENTICATE:", digest-uri-value,
// [:00000000000000000000000000000000] } // if auth-int or auth-conf
//
A2 = new ByteArrayOutputStream();
}
}
}
// A1
// --
// H(user-name : realm-value : passwd)
//
beginA1 = new ByteArrayOutputStream();
// if no realm, realm will be an empty string
}
// A1
// --
// A1 = { H ( {user-name : realm-value : passwd } ),
// : nonce-value, : cnonce-value : authzid-value
//
A1 = new ByteArrayOutputStream();
if (authzidValue != null) {
}
}
//
// H(k, : , s);
//
KD = new ByteArrayOutputStream();
}
}
return (answer);
}
/**
* Takes 'nonceCount' value and returns HEX value of the value.
*
* @return A non-null String representing the current NONCE-COUNT
*/
}
}
}
/**
* Parses digest-challenge string, extracting each token
* and value(s)
*
* @param buf A non-null digest-challenge string.
* @param multipleAllowed true if multiple qop or realm or QOP directives
* are allowed.
* @throws SaslException if the buf cannot be parsed according to RFC 2831
*/
boolean gettingKey = true;
boolean gettingQuotedValue = false;
boolean expectSeparator = false;
byte bch;
if (gettingKey) {
if (bch == ',') {
throw new SaslException("Directive key contains a ',':" +
key);
}
// Empty element, skip separator and lws
} else if (bch == '=') {
throw new SaslException("Empty directive key");
}
gettingKey = false; // Termination of key
// Check whether value is quoted
if (buf[i] == '"') {
gettingQuotedValue = true;
++i; // Skip quote
}
} else {
throw new SaslException(
}
// LWS that occurs after key
// Expecting '='
if (buf[i] != '=') {
throw new SaslException("'=' expected after key: " +
}
} else {
throw new SaslException(
}
} else {
++i; // Advance
}
} else if (gettingQuotedValue) {
// Getting a quoted value
if (bch == '\\') {
// quoted-pair = "\" CHAR ==> CHAR
++i; // Skip escape
++i; // Advance
} else {
// Trailing escape in a quoted value
throw new SaslException(
"Unmatched quote found for directive: "
}
} else if (bch == '"') {
// closing quote
++i; // Skip closing quote
gettingQuotedValue = false;
expectSeparator = true;
} else {
++i; // Advance
}
// Value terminated
gettingKey = true;
gettingQuotedValue = expectSeparator = false;
} else if (expectSeparator) {
throw new SaslException(
"Expecting comma or linear whitespace after quoted string: \""
} else {
++i; // Advance
}
}
if (gettingQuotedValue) {
throw new SaslException(
}
// Get last pair
}
return valueTable;
}
// Is character a linear white space?
// LWS = [CRLF] 1*( SP | HT )
// %%% Note that we're checking individual bytes instead of CRLF
private static boolean isLws(byte b) {
switch (b) {
case 13: // US-ASCII CR, carriage return
case 10: // US-ASCII LF, linefeed
case 32: // US-ASCII SP, space
case 9: // US-ASCII HT, horizontal-tab
return true;
}
return false;
}
// Skip all linear white spaces
int i;
return i;
}
}
return i;
}
/**
* fill out the challengeVal array.
*
* @param key A non-null String challenge token name.
* @param value A non-null String token value.
* @throws SaslException if a either the key or the value is null
*/
if (valueTable[i] == null) {
valueTable[i] = value;
new Object[]{
keyTable[i],
new String(valueTable[i])});
}
// > 1 realm specified
}
} else {
throw new SaslException(
"DIGEST-MD5: peer sent more than one " +
}
break; // end search
}
}
}
/**
* Implementation of the SecurityCtx interface allowing for messages
* between the client and server to be integrity checked. After a
* successful DIGEST-MD5 authentication, integtrity checking is invoked
* if the SASL QOP (quality-of-protection) is set to 'auth-int'.
* <p>
* Further details on the integrity-protection mechanism can be found
* at section 2.3 - Integrity protection in the
* <a href="http://www.ietf.org/rfc/rfc2831.txt">RFC2831</a> definition.
*
* @author Jonathan Bruce
*/
/* Used for generating integrity keys - specified in RFC 2831*/
"client-to-server signing key magic constant";
"server-to-client signing key magic constant";
/* Key pairs for integrity checking */
// outgoing messageType and sequenceNum
/**
* Initializes DigestIntegrity implementation of SecurityCtx to
* enable DIGEST-MD5 integrity checking.
*
* @throws SaslException if an error is encountered generating the
* key-pairs for integrity checking.
*/
/* Initialize magic strings */
try {
} catch (UnsupportedEncodingException e) {
throw new SaslException(
"DIGEST-MD5: Error encoding strings into UTF-8", e);
} catch (IOException e) {
throw new SaslException("DIGEST-MD5: Error accessing buffers " +
"required to create integrity key pairs", e);
} catch (NoSuchAlgorithmException e) {
throw new SaslException("DIGEST-MD5: Unsupported digest " +
"algorithm used to create integrity key pairs", e);
}
/* Message type is a fixed value */
}
/**
* Generate client-server, server-client key pairs for DIGEST-MD5
* integrity checking.
*
* @throws UnsupportedEncodingException if the UTF-8 encoding is not
* supported on the platform.
* @throws IOException if an error occurs when writing to or from the
* byte array output buffers.
* @throws NoSuchAlgorithmException if the MD5 message digest algorithm
* cannot loaded.
*/
throws UnsupportedEncodingException, IOException,
// Both client-magic-keys and server-magic-keys are the same length
// Kic: Key for protecting msgs from client to server.
// Kis: Key for protecting msgs from server to client
// No need to recopy H_A1
"DIGEST12:Kic: ", Kic);
"DIGEST13:Kis: ", Kis);
}
if (clientMode) {
} else {
}
}
/**
* Append MAC onto outgoing message.
*
* @param outgoing A non-null byte array containing the outgoing message.
* @param start The offset from which to read the byte array.
* @param len The non-zero number of bytes for be read from the offset.
* @return The message including the integrity MAC
* @throws SaslException if an error is encountered converting a string
* into a UTF-8 byte encoding, or if the MD5 message digest algorithm
* cannot be found or if there is an error writing to the byte array
* output buffers.
*/
throws SaslException {
if (len == 0) {
return EMPTY_BYTE_ARRAY;
}
/* wrapped = message, MAC, message type, sequence number */
/* Start with message itself */
/* Calculate MAC */
}
/* Add MAC[0..9] to message */
/* Add message type [0..1] */
/* Add sequence number [0..3] */
}
return wrapped;
}
/**
* Return verified message without MAC - only if the received MAC
* and re-generated MAC are the same.
*
* @param incoming A non-null byte array containing the incoming
* message.
* @param start The offset from which to read the byte array.
* @param len The non-zero number of bytes to read from the offset
* position.
* @return The verified message or null if integrity checking fails.
* @throws SaslException if an error is encountered converting a string
* into a UTF-8 byte encoding, or if the MD5 message digest algorithm
* cannot be found or if there is an error writing to the byte array
* output buffers
*/
throws SaslException {
if (len == 0) {
return EMPTY_BYTE_ARRAY;
}
// shave off last 16 bytes of message
byte[] mac = new byte[10];
byte[] msgType = new byte[2];
byte[] seqNum = new byte[4];
/* Get Msg, MAC, msgType, sequenceNum */
/* Calculate MAC to ensure integrity */
msg);
mac);
msgType);
seqNum);
}
/* First, compare MAC's before updating any of our state */
// Discard message and do not increment sequence number
return EMPTY_BYTE_ARRAY;
}
/* Ensure server-sequence numbers are correct */
throw new SaslException("DIGEST-MD5: Out of order " +
"sequencing of messages from server. Got: " +
" Expected: " + peerSeqNum);
}
throw new SaslException("DIGEST-MD5: invalid message type: " +
}
// Increment sequence number and return message
peerSeqNum++;
return msg;
}
/**
* Generates MAC to be appended onto out-going messages.
*
* @param Ki A non-null byte array containing the key for the digest
* @param SeqNum A non-null byte array contain the sequence number
* @param msg The message to be digested
* @param start The offset from which to read the msg byte array
* @param len The non-zero number of bytes to be read from the offset
* @return The MAC of a message.
*
* @throws SaslException if an error occurs when generating MAC.
*/
try {
/* First 10 bytes of HMAC_MD5 digest */
byte macBuffer[] = new byte[10];
return macBuffer;
} catch (InvalidKeyException e) {
throw new SaslException("DIGEST-MD5: Invalid bytes used for " +
"key of HMAC-MD5 hash.", e);
} catch (NoSuchAlgorithmException e) {
throw new SaslException("DIGEST-MD5: Error creating " +
"instance of MD5 digest algorithm", e);
}
}
/**
* Increment own sequence number and set answer in NBO sequenceNum field.
*/
protected void incrementSeqNum() {
}
}
/**
* Implementation of the SecurityCtx interface allowing for messages
* between the client and server to be integrity checked and encrypted.
* After a successful DIGEST-MD5 authentication, privacy is invoked if the
* SASL QOP (quality-of-protection) is set to 'auth-conf'.
* <p>
* Further details on the integrity-protection mechanism can be found
* at section 2.4 - Confidentiality protection in
* <a href="http://www.ietf.org/rfc/rfc2831.txt">RFC2831</a> definition.
*
* @author Jonathan Bruce
*/
/* Used for generating privacy keys - specified in RFC 2831 */
"Digest H(A1) to client-to-server sealing key magic constant";
"Digest H(A1) to server-to-client sealing key magic constant";
/**
* Initializes the cipher object instances for encryption and decryption.
*
* @throws SaslException if an error occurs with the Key
* initialization, or a string cannot be encoded into a byte array
* using the UTF-8 encoding, or an error occurs when writing to a
* byte array output buffers or the mechanism cannot load the MD5
* message digest algorithm or invalid initialization parameters are
* passed to the cipher object instances.
*/
super(clientMode); // generate Kic, Kis keys for integrity-checking.
try {
} catch (SaslException e) {
throw e;
} catch (UnsupportedEncodingException e) {
throw new SaslException(
"DIGEST-MD5: Error encoding string value into UTF-8", e);
} catch (IOException e) {
throw new SaslException("DIGEST-MD5: Error accessing " +
"buffers required to generate cipher keys", e);
} catch (NoSuchAlgorithmException e) {
throw new SaslException("DIGEST-MD5: Error creating " +
"instance of required cipher or digest", e);
}
}
/**
* Generates client-server and server-client keys to encrypt and
* decrypt messages. Also generates IVs for DES ciphers.
*
* @throws IOException if an error occurs when writing to or from the
* byte array output buffers.
* @throws NoSuchAlgorithmException if the MD5 message digest algorithm
* cannot loaded.
* @throws UnsupportedEncodingException if an UTF-8 encoding is not
* supported on the platform.
* @throw SaslException if an error occurs initializing the keys and
* IVs for the chosen cipher.
*/
throws IOException, UnsupportedEncodingException,
/* Kcc = MD5{H(A1)[0..n], "Digest ... client-to-server"} */
int n;
n = 5; /* H(A1)[0..5] */
n = 7; /* H(A1)[0..7] */
} else { // des and 3des and rc4
n = 16; /* H(A1)[0..16] */
}
/* {H(A1)[0..n], "Digest ... client-to-server..."} */
// Both client-magic-keys and server-magic-keys are the same length
/* Kcc: Key for encrypting messages from client->server */
/* Kcs: Key for decrypting messages from server->client */
// No need to copy H_A1 again since it hasn't changed
"DIGEST24:Kcc: ", Kcc);
"DIGEST25:Kcs: ", Kcs);
}
byte[] myKc;
byte[] peerKc;
if (clientMode) {
} else {
}
try {
/* Initialize cipher objects */
// DES or 3DES
// Use "NoPadding" when specifying cipher names
// RFC 2831 already defines padding rules for producing
// 8-byte aligned blocks
cipherFullname = "DES/CBC/NoPadding";
cipherShortname = "des";
} else {
/* 3DES */
cipherFullname = "DESede/CBC/NoPadding";
cipherShortname = "desede";
}
// Initialize cipher objects
encKey.getEncoded());
decKey.getEncoded());
}
}
} catch (InvalidKeySpecException e) {
throw new SaslException("DIGEST-MD5: Unsupported key " +
"specification used.", e);
} catch (InvalidAlgorithmParameterException e) {
throw new SaslException("DIGEST-MD5: Invalid cipher " +
"algorithem parameter used to create cipher instance", e);
} catch (NoSuchPaddingException e) {
throw new SaslException("DIGEST-MD5: Unsupported " +
"padding used for chosen cipher", e);
} catch (InvalidKeyException e) {
throw new SaslException("DIGEST-MD5: Invalid data " +
"used to initialize keys", e);
}
}
// -------------------------------------------------------------------
/**
* Encrypt out-going message.
*
* @param outgoing A non-null byte array containing the outgoing message.
* @param start The offset from which to read the byte array.
* @param len The non-zero number of bytes to be read from the offset.
* @return The encrypted message.
*
* @throws SaslException if an error occurs when writing to or from the
* byte array output buffers or if the MD5 message digest algorithm
* cannot loaded or if an UTF-8 encoding is not supported on the
* platform.
*/
throws SaslException {
if (len == 0) {
return EMPTY_BYTE_ARRAY;
}
/* HMAC(Ki, {SeqNum, msg})[0..9] */
}
// Calculate padding
byte[] padding;
if (bs > 1 ) {
for (int i=0; i < pad; i++) {
}
} else {
}
/* {msg, pad, HMAC(Ki, {SeqNum, msg}[0..9])} */
"DIGEST31:{msg, pad, KicMAC}: ", toBeEncrypted);
}
/* CIPHER(Kc, {msg, pad, HMAC(Ki, {SeqNum, msg}[0..9])}) */
byte[] cipherBlock;
try {
// Do CBC (chaining) across packets
if (cipherBlock == null) {
// update() can return null
}
} catch (IllegalBlockSizeException e) {
throw new SaslException(
"DIGEST-MD5: Invalid block size for cipher", e);
}
}
return wrapped;
}
/*
* Decrypt incoming messages and verify their integrity.
*
* @param incoming A non-null byte array containing the incoming
* encrypted message.
* @param start The offset from which to read the byte array.
* @param len The non-zero number of bytes to read from the offset
* position.
* @return The decrypted, verified message or null if integrity
* checking
* fails.
* @throws SaslException if there are the SASL buffer is empty or if
* if an error occurs reading the SASL buffer.
*/
throws SaslException {
if (len == 0) {
return EMPTY_BYTE_ARRAY;
}
byte[] msgType = new byte[2];
byte[] seqNum = new byte[4];
/* Get cipherMsg; msgType; sequenceNum */
"DIGEST33:Expecting sequence num: {0}",
new Integer(peerSeqNum));
}
// Decrypt message
/* CIPHER(Kc, {msg, pad, HMAC(Ki, {SeqNum, msg}[0..9])}) */
byte[] decryptedMsg;
try {
// Do CBC (chaining) across packets
if (decryptedMsg == null) {
// update() can return null
}
} catch (IllegalBlockSizeException e) {
throw new SaslException("DIGEST-MD5: Illegal block " +
"sizes used with chosen cipher", e);
}
byte[] mac = new byte[10];
"DIGEST35:Unwrapped (w/padding): ", msgWithPadding);
msgType);
seqNum);
}
if (blockSize > 1) {
// get value of last octet of the byte array
if (msgLength < 0) {
// Discard message and do not increment sequence number
"DIGEST39:Incorrect padding: {0}",
}
return EMPTY_BYTE_ARRAY;
}
}
/* Re-calculate MAC to ensure integrity */
0, msgLength);
}
// First, compare MACs before updating state
// Discard message and do not increment sequence number
return EMPTY_BYTE_ARRAY;
}
/* Ensure sequence number is correct */
throw new SaslException("DIGEST-MD5: Out of order " +
"sequencing of messages from server. Got: " +
}
/* Check message type */
throw new SaslException("DIGEST-MD5: invalid message type: " +
}
// Increment sequence number and return message
peerSeqNum++;
return msgWithPadding; // no padding
} else {
// Get a copy of the message without padding
return clearMsg;
}
}
}
// ---------------- DES and 3 DES key manipulation routines
/**
* Sets the parity bit (0th bit) in each byte so that each byte
* contains an odd number of 1's.
*/
int b = key[i] & 0xfe;
key[i] = (byte) b;
}
}
/**
* Expands a 7-byte array into an 8-byte array that contains parity bits
* The binary format of a cryptographic key is:
* (B1,B2,...,B7,P1,B8,...B14,P2,B15,...,B49,P7,B50,...,B56,P8)
* where (B1,B2,...,B56) are the independent bits of a DES key and
* (PI,P2,...,P8) are reserved for parity bits computed on the preceding
* seven independent bits and set so that the parity of the octet is odd,
* i.e., there is an odd number of "1" bits in the octet.
*/
if (len != 7)
throw new IllegalArgumentException(
"Invalid length of DES Key Value:" + len);
byte[] raw = new byte[7];
byte[] result = new byte[8];
// Shift 7 bits each time into a byte
}
return result;
}
/**
* Create parity-adjusted keys suitable for DES / DESede encryption.
*
* @param input A non-null byte array containing key material for
* DES / DESede.
* @param desStrength A string specifying eithe a DES or a DESede key.
* @return SecretKey An instance of either DESKeySpec or DESedeKeySpec.
*
* @throws NoSuchAlgorithmException if the either the DES or DESede
* algorithms cannote be lodaed by JCE.
* @throws InvalidKeyException if an invalid array of bytes is used
* as a key for DES or DESede.
* @throws InvalidKeySpecException in an invalid parameter is passed
* to either te DESKeySpec of the DESedeKeySpec constructors.
*/
// Generate first subkey using first 7 bytes
"DIGEST42:DES key input: ", input);
"DIGEST43:DES key parity-adjusted: ", subkey1);
}
// Generate second subkey using second 7 bytes
// Construct 24-byte encryption-decryption-encryption sequence
"DIGEST46:3DES key input: ", input);
"DIGEST47:3DES key ede: ", ede);
"DIGEST48:3DES key material: ",
}
} else {
throw new IllegalArgumentException("Invalid DES strength:" +
}
}
}