Overview Package Class Use Source Tree Index Deprecated About
Frames | No Frames

Source for gnu.javax.crypto.jce.prng.ICMRandomSpi

   1: /* ICMRandomSpi.java --
   2:    Copyright (C) 2001, 2002, 2006, 2010  Free Software Foundation, Inc.
   3: 
   4: This file is a part of GNU Classpath.
   5: 
   6: GNU Classpath is free software; you can redistribute it and/or modify
   7: it under the terms of the GNU General Public License as published by
   8: the Free Software Foundation; either version 2 of the License, or (at
   9: your option) any later version.
  10: 
  11: GNU Classpath is distributed in the hope that it will be useful, but
  12: WITHOUT ANY WARRANTY; without even the implied warranty of
  13: MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE.  See the GNU
  14: General Public License for more details.
  15: 
  16: You should have received a copy of the GNU General Public License
  17: along with GNU Classpath; if not, write to the Free Software
  18: Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301
  19: USA
  20: 
  21: Linking this library statically or dynamically with other modules is
  22: making a combined work based on this library.  Thus, the terms and
  23: conditions of the GNU General Public License cover the whole
  24: combination.
  25: 
  26: As a special exception, the copyright holders of this library give you
  27: permission to link this library with independent modules to produce an
  28: executable, regardless of the license terms of these independent
  29: modules, and to copy and distribute the resulting executable under
  30: terms of your choice, provided that you also meet, for each linked
  31: independent module, the terms and conditions of the license of that
  32: module.  An independent module is a module which is not derived from
  33: or based on this library.  If you modify this library, you may extend
  34: this exception to your version of the library, but you are not
  35: obligated to do so.  If you do not wish to do so, delete this
  36: exception statement from your version.  */
  37: 
  38: 
  39: package gnu.javax.crypto.jce.prng;
  40: 
  41: import gnu.java.security.Configuration;
  42: import gnu.java.security.Registry;
  43: import gnu.java.security.jce.prng.SecureRandomAdapter;
  44: import gnu.java.security.prng.LimitReachedException;
  45: import gnu.javax.crypto.cipher.IBlockCipher;
  46: import gnu.javax.crypto.prng.ICMGenerator;
  47: 
  48: import java.math.BigInteger;
  49: import java.security.SecureRandomSpi;
  50: import java.util.HashMap;
  51: import java.util.Random;
  52: import java.util.logging.Logger;
  53: 
  54: /**
  55:  * An <em>Adapter</em> class around {@link ICMGenerator} to allow using this
  56:  * algorithm as a JCE {@link java.security.SecureRandom}.
  57:  */
  58: public class ICMRandomSpi
  59:     extends SecureRandomSpi
  60: {
  61:   private static final Logger log = Configuration.DEBUG ?
  62:                 Logger.getLogger(ICMRandomSpi.class.getName()) : null;
  63:   /** Class-wide prng to generate random material for the underlying prng. */
  64:   private static final ICMGenerator prng; // blank final
  65:   static
  66:     {
  67:       prng = new ICMGenerator();
  68:       resetLocalPRNG();
  69:     }
  70: 
  71:   // error messages
  72:   private static final String MSG = "Exception while setting up an "
  73:                                     + Registry.ICM_PRNG + " SPI: ";
  74:   private static final String RETRY = "Retry...";
  75:   private static final String LIMIT_REACHED_MSG = "Limit reached: ";
  76:   private static final String RESEED = "Re-seed...";
  77:   /** Our underlying prng instance. */
  78:   private ICMGenerator adaptee = new ICMGenerator();
  79: 
  80:   // default 0-arguments constructor
  81: 
  82:   private static void resetLocalPRNG()
  83:   {
  84:     if (Configuration.DEBUG)
  85:       log.entering(ICMRandomSpi.class.getName(), "resetLocalPRNG");
  86:     HashMap attributes = new HashMap();
  87:     attributes.put(ICMGenerator.CIPHER, Registry.AES_CIPHER);
  88:     byte[] key = new byte[128 / 8]; // AES default key size
  89:     Random rand = new Random(System.currentTimeMillis());
  90:     rand.nextBytes(key);
  91:     attributes.put(IBlockCipher.KEY_MATERIAL, key);
  92:     int aesBlockSize = 128 / 8; // AES block size in bytes
  93:     byte[] offset = new byte[aesBlockSize];
  94:     rand.nextBytes(offset);
  95:     attributes.put(ICMGenerator.OFFSET, offset);
  96:     int ndxLen = 0; // the segment length
  97:     // choose a random value between 1 and aesBlockSize / 2
  98:     int limit = aesBlockSize / 2;
  99:     while (ndxLen < 1 || ndxLen > limit)
 100:       ndxLen = rand.nextInt(limit + 1);
 101:     attributes.put(ICMGenerator.SEGMENT_INDEX_LENGTH, Integer.valueOf(ndxLen));
 102:     byte[] index = new byte[ndxLen];
 103:     rand.nextBytes(index);
 104:     attributes.put(ICMGenerator.SEGMENT_INDEX, new BigInteger(1, index));
 105:     prng.setup(attributes);
 106:     if (Configuration.DEBUG)
 107:       log.exiting(ICMRandomSpi.class.getName(), "resetLocalPRNG");
 108:   }
 109: 
 110:   public byte[] engineGenerateSeed(int numBytes)
 111:   {
 112:     return SecureRandomAdapter.getSeed(numBytes);
 113:   }
 114: 
 115:   public void engineNextBytes(byte[] bytes)
 116:   {
 117:     if (Configuration.DEBUG)
 118:       log.entering(this.getClass().getName(), "engineNextBytes");
 119:     if (! adaptee.isInitialised())
 120:       this.engineSetSeed(engineGenerateSeed(32));
 121:     while (true)
 122:       {
 123:         try
 124:           {
 125:             adaptee.nextBytes(bytes, 0, bytes.length);
 126:             break;
 127:           }
 128:         catch (LimitReachedException x)
 129:           { // reseed the generator
 130:             if (Configuration.DEBUG)
 131:               {
 132:                 log.fine(LIMIT_REACHED_MSG + String.valueOf(x));
 133:                 log.fine(RESEED);
 134:               }
 135:             resetLocalPRNG();
 136:           }
 137:       }
 138:     if (Configuration.DEBUG)
 139:       log.exiting(this.getClass().getName(), "engineNextBytes");
 140:   }
 141: 
 142:   public void engineSetSeed(byte[] seed)
 143:   {
 144:     if (Configuration.DEBUG)
 145:       log.entering(this.getClass().getName(), "engineSetSeed");
 146:     // compute the total number of random bytes required to setup adaptee
 147:     int materialLength = 0;
 148:     materialLength += 16; // key material size
 149:     materialLength += 16; // offset size
 150:     materialLength += 8; // index size == half of an AES block
 151:     byte[] material = new byte[materialLength];
 152:     // use as much as possible bytes from the seed
 153:     int materialOffset = 0;
 154:     int materialLeft = material.length;
 155:     if (seed.length > 0)
 156:       { // copy some bytes into key and update indices
 157:         int lenToCopy = Math.min(materialLength, seed.length);
 158:         System.arraycopy(seed, 0, material, 0, lenToCopy);
 159:         materialOffset += lenToCopy;
 160:         materialLeft -= lenToCopy;
 161:       }
 162:     if (materialOffset > 0) // generate the rest
 163:       {
 164:         while (true)
 165:           {
 166:             try
 167:               {
 168:                 prng.nextBytes(material, materialOffset, materialLeft);
 169:                 break;
 170:               }
 171:             catch (IllegalStateException x)
 172:               { // should not happen
 173:                 throw new InternalError(MSG + String.valueOf(x));
 174:               }
 175:             catch (LimitReachedException x)
 176:               {
 177:                 if (Configuration.DEBUG)
 178:                   {
 179:                     log.fine(MSG + String.valueOf(x));
 180:                     log.fine(RETRY);
 181:                   }
 182:               }
 183:           }
 184:       }
 185:     // setup the underlying adaptee instance
 186:     HashMap attributes = new HashMap();
 187:     // use AES cipher with 128-bit block size
 188:     attributes.put(ICMGenerator.CIPHER, Registry.AES_CIPHER);
 189:     // use an index the size of quarter of an AES block
 190:     attributes.put(ICMGenerator.SEGMENT_INDEX_LENGTH, Integer.valueOf(4));
 191:     // specify the key
 192:     byte[] key = new byte[16];
 193:     System.arraycopy(material, 0, key, 0, 16);
 194:     attributes.put(IBlockCipher.KEY_MATERIAL, key);
 195:     // specify the offset
 196:     byte[] offset = new byte[16];
 197:     System.arraycopy(material, 16, offset, 0, 16);
 198:     attributes.put(ICMGenerator.OFFSET, offset);
 199:     // specify the index
 200:     byte[] index = new byte[4];
 201:     System.arraycopy(material, 32, index, 0, 4);
 202:     attributes.put(ICMGenerator.SEGMENT_INDEX, new BigInteger(1, index));
 203:     adaptee.init(attributes);
 204:     if (Configuration.DEBUG)
 205:       log.exiting(this.getClass().getName(), "engineSetSeed");
 206:   }
 207: }

Overview Package Class Use Source Tree Index Deprecated About